From patchwork Mon Feb 20 18:37:52 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59598 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1461711wrn; Mon, 20 Feb 2023 10:55:46 -0800 (PST) X-Google-Smtp-Source: AK7set91Or3odmTSLazyq0hyJTA4ohD6j2qvXRm8N+xrpnZbKtgi1QseieynVxPTD17P0zWZiewN X-Received: by 2002:a05:6402:2c9:b0:4ad:bb59:bc8b with SMTP id b9-20020a05640202c900b004adbb59bc8bmr2754839edx.32.1676919346184; Mon, 20 Feb 2023 10:55:46 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919346; cv=pass; d=google.com; s=arc-20160816; b=pk6b2IfhtmEcCTlsP7JgClPY2zMVsYdVwl22nCXd6c/8Aq4tM/Rt5zmLFY+lyj5z30 4SoF0rxGDgSqvkg+xHwIP1b3rdbHF6tZTEcmngZDSXlw8yj1E8CVw+KhyyIjplV0MBaC KysQkVkFP32m1+9+kp4NiigEFVP9egOT0lAs+9yVL+aTqCO0SK89IPEMMG6zhCbDEP3H GvAaPY2HBn4CFOZiQ405ag1mO/iJpGPNwt3kIYI0UdfSBstgZ+REoRc9aieKAawvTXhr qx0AJQxcMif3MLWPYoWCiDO1rZby6I026Idxr6xJZcsQBuJe3IuxPhUa/kTybBWXaSOA 6p8g== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=rrQnaVQh2mcS503DV65lMv6uDTUoE4QTksfruqEgVic=; b=gDj7wRZhW+grIrLChs2ybOHACvfJJZsUwffgcLKj32lT2DJh373AX2dPwUEQWFuWhN JaDxUOjTZSZ4DG49BhJxy7EN3CuuozpA9nNohIKPng07I/IAMQ+4G4YTNxA9rULAwtI+ wMZFv0jKkwHBd8bg/1EORrVjbUjDnUNaXPX65OlyWs046SoojO8rqaK9v6tQG4fZL2GG tjypOpRSml6K5XuLPbl7mE+gl3Js++4Zi9TJYLTeCCN758YaS49gNezLoIGkE3f++k8o 5YjLZPc2zLSgKTSgSOnuzB2vJM5Gdd/J33Woj2C3F8De9YRreLU23oCt1AWttEQ3co2k GhRg== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=o8OBNomi; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id f11-20020a056402160b00b004acc26544besi15409291edv.21.2023.02.20.10.55.22; Mon, 20 Feb 2023 10:55:46 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=o8OBNomi; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231969AbjBTStA (ORCPT + 99 others); Mon, 20 Feb 2023 13:49:00 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58664 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232636AbjBTSsp (ORCPT ); Mon, 20 Feb 2023 13:48:45 -0500 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on20611.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e88::611]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2D7621E1E0; Mon, 20 Feb 2023 10:48:04 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VMX2wOGkJlySpYru0yrtc8ipW4M9U7j+pjwE6eN/rBBf7XxyU7S73TZPZmNjrsxMDhrfiembiR6ENAzdQXh7OdTxR5HyQ4f72hcN7k7J84EJl/xNLW3sm5og8wN+DRJGXWjC0wp2CBtbswJ2AO650a+6KivuwdRm+Yh627mfwpIIYjunykMD0ixftOyGOYEqQOVl9n7AZmWKcDmo17Z7SpgI5fDqJheN8t5DgO4TiNpLcaWmyXfF0WWbSs5jeoGeeJPdqktj0WB1PD/cNeOc0rv0v+e7GCW2l9Vin2h4MAPwmoM1XQIv1VaAiNBk2Asn04MaBRa6K8BvzaJsfwcoww== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=rrQnaVQh2mcS503DV65lMv6uDTUoE4QTksfruqEgVic=; b=PCoRF+bGEfwx+c9JYKmCWUZOZKsN3Nx1nn479TbMXSYoT7E/J0tlE2UNqlxai+u7CXYYp0AoQE81yhKNZlk+p33nhZQQXRqTCIhjfxJURPVixt/G7bVA//KIKNSNzhDP09f7CHgPmG3l6F+dwucaUgYk10rlQzEXaL27xBW7UvUzYhQ1HRdfYEcPvbXm2zV107Nu6/B/aY54WxCW8LsaXb7RHrqysW7SiOZV6MlJkmavVSDukrQpj3/tjXBLASkRWNys6m98UrKsFqy8wbdqxvMk1MGocfCjyhM+lTbn1AXno3T4f/Ci97IyJloYklFZT0s2ZWkbRyf31vVVga+2pw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=rrQnaVQh2mcS503DV65lMv6uDTUoE4QTksfruqEgVic=; b=o8OBNomizSWbxJ9cYw29Pe3QA2JSH1JVHiLDYBPK1XGHnsAbPHglnKY2+jTwJbWc835BIpYqSSJ3TAffDjwH7QkUs5g6+/uR4pt3EYXIugwpkxZGXzrFwg1XQLisPP5vBLOKw+Ecj/knJsD1b3Axw4r31cN/Q4pU4RPClVLaOII= Received: from CY5PR15CA0044.namprd15.prod.outlook.com (2603:10b6:930:1b::27) by MW3PR12MB4361.namprd12.prod.outlook.com (2603:10b6:303:5a::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20; Mon, 20 Feb 2023 18:47:44 +0000 Received: from CY4PEPF0000C966.namprd02.prod.outlook.com (2603:10b6:930:1b:cafe::fc) by CY5PR15CA0044.outlook.office365.com (2603:10b6:930:1b::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19 via Frontend Transport; Mon, 20 Feb 2023 18:47:44 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000C966.mail.protection.outlook.com (10.167.241.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6134.14 via Frontend Transport; Mon, 20 Feb 2023 18:47:44 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:47:43 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH RFC v8 01/56] KVM: x86: Add 'fault_is_private' x86 op Date: Mon, 20 Feb 2023 12:37:52 -0600 Message-ID: <20230220183847.59159-2-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000C966:EE_|MW3PR12MB4361:EE_ X-MS-Office365-Filtering-Correlation-Id: bb36044f-08b9-4aa1-a24d-08db1372f426 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: uYMAuGPQWb5w8UiI1X/BvhHTugnqZR7o/1jUDsOuXiX2wANlUfgr/UgE9wpIh4TJR1hewWn9bZo39BmfP3BAZVmBUmIaoRguyx+rQyda6D2xGzdFcPLvCq7Q6C7OTk8ZCbw0ZsdvjinM+R4SzRHfAXjsfesv1q++w7S5BSa6IrsRxMn3jngvH78xUWX4VU4/0ju+GpAEjhDPchN+uBpOU8rSqfborH9d3z0zSugLZatBns8V6T0JSmWCDehM/9cTF90EH831AbFz26OZOhBXV13ZTacIfS5kQNB7f9NK0i94Y86BEtQT5UNsXyS9dSJ8N21tmAYWzUTMjpzYXwddnDIGixi8KUA2AwlDBTzdzSEb6Nz95wOpg7GvDAiW8G5phUb7kmS85NMYMKaUdjpQMRPjvaftqrKJLop2VwuQtmmxpHjNAdoKLHPS0U+jVWoMRQ43Z5JWFop6Z5v8U8lJzXMjRkzYiNBKIVFZ8EghY79NzRWv4XH2jWdTBZN1f1YQneojfq6pi8B7iYU4zS7AgdgyQgshPlNZ9m9Uj7fx47lyuUJklkdeHjw2rjgwHw/BqIvPb/9PxIEHY4dmNTNw+y27EDpLhx16PsEmviSrk4EE9oGRyMmH8yEMHujnFbaBZmx+urJmasLkavCuT4CNW4S8cSdiU8Ee4XqeROmpLF7/6MTK9qB/6bKwpdmkm1FNDzEvLoUbx9Ua9ZiklQtRUrfxOjlc29Q4xP2W18aiSYg= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(396003)(376002)(346002)(136003)(39860400002)(451199018)(46966006)(36840700001)(40470700004)(5660300002)(8936002)(426003)(47076005)(36860700001)(83380400001)(40480700001)(40460700003)(86362001)(82740400003)(186003)(356005)(81166007)(336012)(316002)(82310400005)(54906003)(478600001)(4326008)(8676002)(41300700001)(70586007)(6916009)(2616005)(16526019)(1076003)(36756003)(6666004)(26005)(70206006)(2906002)(7416002)(7406005)(44832011)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:47:44.5335 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: bb36044f-08b9-4aa1-a24d-08db1372f426 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000C966.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW3PR12MB4361 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,SPF_HELO_PASS, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377379962263903?= X-GMAIL-MSGID: =?utf-8?q?1758377379962263903?= This callback is used by the KVM MMU to check whether a #NPF was for a private GPA or not. In some cases the full 64-bit error code for the #NPF will be needed to make this determination, so also update kvm_mmu_do_page_fault() to accept the full 64-bit value so it can be plumbed through to the callback. Signed-off-by: Michael Roth Signed-off-by: Isaku Yamahata Signed-off-by: Isaku Yamahata --- arch/x86/include/asm/kvm-x86-ops.h | 1 + arch/x86/include/asm/kvm_host.h | 1 + arch/x86/kvm/mmu/mmu.c | 3 +-- arch/x86/kvm/mmu/mmu_internal.h | 37 +++++++++++++++++++++++++++--- 4 files changed, 37 insertions(+), 5 deletions(-) diff --git a/arch/x86/include/asm/kvm-x86-ops.h b/arch/x86/include/asm/kvm-x86-ops.h index 8dc345cc6318..72183da010b8 100644 --- a/arch/x86/include/asm/kvm-x86-ops.h +++ b/arch/x86/include/asm/kvm-x86-ops.h @@ -131,6 +131,7 @@ KVM_X86_OP(msr_filter_changed) KVM_X86_OP(complete_emulated_msr) KVM_X86_OP(vcpu_deliver_sipi_vector) KVM_X86_OP_OPTIONAL_RET0(vcpu_get_apicv_inhibit_reasons); +KVM_X86_OP_OPTIONAL_RET0(fault_is_private); #undef KVM_X86_OP #undef KVM_X86_OP_OPTIONAL diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index e552374f2357..f856d689dda0 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1643,6 +1643,7 @@ struct kvm_x86_ops { void (*load_mmu_pgd)(struct kvm_vcpu *vcpu, hpa_t root_hpa, int root_level); + bool (*fault_is_private)(struct kvm *kvm, gpa_t gpa, u64 error_code, bool *private_fault); bool (*has_wbinvd_exit)(void); diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index eda615f3951c..fb3f34b7391c 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -5724,8 +5724,7 @@ int noinline kvm_mmu_page_fault(struct kvm_vcpu *vcpu, gpa_t cr2_or_gpa, u64 err } if (r == RET_PF_INVALID) { - r = kvm_mmu_do_page_fault(vcpu, cr2_or_gpa, - lower_32_bits(error_code), false); + r = kvm_mmu_do_page_fault(vcpu, cr2_or_gpa, error_code, false); if (KVM_BUG_ON(r == RET_PF_INVALID, vcpu->kvm)) return -EIO; } diff --git a/arch/x86/kvm/mmu/mmu_internal.h b/arch/x86/kvm/mmu/mmu_internal.h index e642d431df4b..557a001210df 100644 --- a/arch/x86/kvm/mmu/mmu_internal.h +++ b/arch/x86/kvm/mmu/mmu_internal.h @@ -231,6 +231,37 @@ struct kvm_page_fault { int kvm_tdp_page_fault(struct kvm_vcpu *vcpu, struct kvm_page_fault *fault); +static bool kvm_mmu_fault_is_private(struct kvm *kvm, gpa_t gpa, u64 err) +{ + struct kvm_memory_slot *slot; + bool private_fault = false; + gfn_t gfn = gpa_to_gfn(gpa); + + slot = gfn_to_memslot(kvm, gfn); + if (!slot) { + pr_debug("%s: no slot, GFN: 0x%llx\n", __func__, gfn); + goto out; + } + + if (!kvm_slot_can_be_private(slot)) { + pr_debug("%s: slot is not private, GFN: 0x%llx\n", __func__, gfn); + goto out; + } + + if (static_call(kvm_x86_fault_is_private)(kvm, gpa, err, &private_fault)) + goto out; + + /* + * Handling below is for UPM self-tests and guests that treat userspace + * as the authority on whether a fault should be private or not. + */ + private_fault = kvm_mem_is_private(kvm, gpa >> PAGE_SHIFT); + +out: + pr_debug("%s: GFN: 0x%llx, private: %d\n", __func__, gfn, private_fault); + return private_fault; +} + /* * Return values of handle_mmio_page_fault(), mmu.page_fault(), fast_page_fault(), * and of course kvm_mmu_do_page_fault(). @@ -262,11 +293,11 @@ enum { }; static inline int kvm_mmu_do_page_fault(struct kvm_vcpu *vcpu, gpa_t cr2_or_gpa, - u32 err, bool prefetch) + u64 err, bool prefetch) { struct kvm_page_fault fault = { .addr = cr2_or_gpa, - .error_code = err, + .error_code = lower_32_bits(err), .exec = err & PFERR_FETCH_MASK, .write = err & PFERR_WRITE_MASK, .present = err & PFERR_PRESENT_MASK, @@ -280,7 +311,7 @@ static inline int kvm_mmu_do_page_fault(struct kvm_vcpu *vcpu, gpa_t cr2_or_gpa, .max_level = KVM_MAX_HUGEPAGE_LEVEL, .req_level = PG_LEVEL_4K, .goal_level = PG_LEVEL_4K, - .is_private = kvm_mem_is_private(vcpu->kvm, cr2_or_gpa >> PAGE_SHIFT), + .is_private = kvm_mmu_fault_is_private(vcpu->kvm, cr2_or_gpa, err), }; int r; From patchwork Mon Feb 20 18:37:53 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59611 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1463010wrn; Mon, 20 Feb 2023 10:59:15 -0800 (PST) X-Google-Smtp-Source: AK7set82lurG4aq8R3dcmGChPSdr36LE1MhkJE+eX38kzfBm6VCBJC+Xb74cIFoBtrvRpa3kCHiO X-Received: by 2002:a17:906:9bec:b0:8b2:fb3d:9f22 with SMTP id de44-20020a1709069bec00b008b2fb3d9f22mr12628653ejc.33.1676919554891; Mon, 20 Feb 2023 10:59:14 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919554; cv=pass; d=google.com; s=arc-20160816; b=fhg+ZmVT9H3UyhiGso3sLaIzIDR3SnZeoRjiyLPXKDK4EWt0dpNOnqhteMdMSTl5A7 IyenzPYO4XrAXDMpSR/k0aRljf+ENX+HLaK6yTvNOqIjqxYlqf25c0c6jjImIc7ux88a 0qHjn/4um84S7pxpmwcFnWT7nijTG7TQLxGSWGjTC3EkTtJpZIL8IDtp2uMpWMaIEwvB QGHqd0T4ZsvLdYA+947Nk7Okb6YbpSxqOqaudqRpOJgQIE/bXuVGaoBIGKXLyVHKvc6T gqP9SwDMw43x2If9nNn4dCZP62w8N5gwtll49JLfFiHnqR/lNWtUZnmJ4fxkobYyH6QK iJtQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=3nl9ReAu52r8NoHSvqQtO/vhnozQrmzY3lpXAFSgGIA=; b=Nt7m8Xrv82VB96EYK9l4hSifFKysggu7oxsku32XLo32ugBnxO1g34YrZRlLe+JnxF UFPxWcqM0tf4Z9zlfTvjF6jB3jsUgWI/t2J9bV65EhdO6JCsk1Blp/bB8Z7nr3Zr4g4I T63bH67ulAMGTw6dosVYrZBA4KqC6Ahwe7pstXKUk+nVf1/ljsCfztdANEKdPhy4LZnR bimXr55P3gmaxUX2C/aeUExN+6O9CZeG82JG8ybfqb0QGEl7dHd79+mwkHyK5Nc/cCtc 1rBAkdNmyOUHR0ysz3ixSWjFkkv3yp5s/djl0H9mS47Gt58iaTQ/PUI1cwV6JB+yRSU1 d49Q== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b="aTeGgX/2"; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id gc15-20020a1709072b0f00b008cf5cc8f9aasi4556413ejc.580.2023.02.20.10.58.51; Mon, 20 Feb 2023 10:59:14 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b="aTeGgX/2"; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232736AbjBTSxW (ORCPT + 99 others); Mon, 20 Feb 2023 13:53:22 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36204 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232732AbjBTSxK (ORCPT ); Mon, 20 Feb 2023 13:53:10 -0500 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2046.outbound.protection.outlook.com [40.107.92.46]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2FD059039; Mon, 20 Feb 2023 10:52:41 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=SBaFVvxGVzAxIuGvMR7RPhwVAi4M+8L+o6DsaKo5Wt+2sBwUUOeLOsfwm/uXVpCYcJiWOirpfm/F+X343772CAPMdpmG6jYR/EEOld423YP4znDXQ6J7HWlSpjfQSZVVa4BBiERkJ2iM/N/gKLCntCmWHbNMNVBrIgT945PWxWht3DppBLjSbuB2YFg+UYyOi/fy5F9IWQ0kvY2buFuJP1Pg7CmSo7nbU3jyoB38aAYgryTRKoAtNUOLy9villAo10EJpTRLM/2NITfh1FKBYiDD6VufeIS18DQB2y+CHj6Hr1VGJnzd0/r3Hg6q+uH/MJJ5WBqKFWyn0eqQxKZWXw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=3nl9ReAu52r8NoHSvqQtO/vhnozQrmzY3lpXAFSgGIA=; b=A4ICQ2Egw4E9h1FsFNSL85Xt2SOf0jSeUaWmzWMti0BhKtbbwi9SVtGBTpcVSs/8wgfLJItow86W2S+F3tIdNe7i/iEPGcjr3D7/CgvPtidItjacY7fYGYH7vgTyYhehgLG/idsII4RsM/mOixSUflL1TlNOt4k6JALkSb4hwJ/0LrP8DaMAsINh7tjcKZGUbdpSqoHlqcsXjMnLWHuSC831SVwUtLtZ5eSJMclHxBDYJ78o5upnLDe7hMNk0mf9r9Fnnja1FU/By/5ixUYQ1aG7XzAgDKuPKs+jxoKRTN5tbc5ML7rcRdjlAR2ioTqWcOlEoKUsDLC01zbYfx/rsw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3nl9ReAu52r8NoHSvqQtO/vhnozQrmzY3lpXAFSgGIA=; b=aTeGgX/2/DFuWExk1bptM3xwtYiFj6A73o1BzlLo0jFSHja/si0L/kBUQQZJjzEp1p3F8m6Qj0YzTjpvXO7+hQVs8Lr+fO+T0jTGUYYcCVYrsK+zaHkq9W1htYSpylyxbtrJbfPd9dbplahT+xPTf2gP69ouFV8wzsyY79iuCYQ= Received: from DM5PR07CA0064.namprd07.prod.outlook.com (2603:10b6:4:ad::29) by BL1PR12MB5190.namprd12.prod.outlook.com (2603:10b6:208:31c::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6043.38; Mon, 20 Feb 2023 18:51:35 +0000 Received: from DM6NAM11FT014.eop-nam11.prod.protection.outlook.com (2603:10b6:4:ad:cafe::db) by DM5PR07CA0064.outlook.office365.com (2603:10b6:4:ad::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:51:35 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT014.mail.protection.outlook.com (10.13.173.132) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.19 via Frontend Transport; Mon, 20 Feb 2023 18:51:35 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:51:34 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH RFC v8 02/56] KVM: x86: Add 'update_mem_attr' x86 op Date: Mon, 20 Feb 2023 12:37:53 -0600 Message-ID: <20230220183847.59159-3-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT014:EE_|BL1PR12MB5190:EE_ X-MS-Office365-Filtering-Correlation-Id: 829f19a8-d636-4e6a-cf32-08db13737db1 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 4sTWKOgJR4B/cQaq4zDslFBI0FW/VH/CBEeNBvUhe78h8cSEVm+KP+U2KnFQ0wURfOp5ivivfDU2eoAOdyY9hUCC4nlrJydjmxQwGAl0af36spOfJcawVmlki0V/IKU1K2N4ponknT7yJM4RXAv5jbPIASyDkJ6kNPk1ZND0zcLsMDirMqvh18V517BPGk9NhodxnxrTDo+Dk7/U5iBlH3deTRQ0l/O+OA9dJ5riRDiFb8WsbA82BFmJ9nkQLCOv9qaFQIqNXiVH+a4OGtIfvKJ/B+/UNT6kucfBx9gXXQFXPRxXd/pRGHhE7MVeMcy1+d/FmFJNjGxBGmnU92m3VbqZHLVq5EKaiGfD2Ih94m4Klbg42mBgwU4XTFQNFBbOZa9gVnUtMcUYHVn3m8LOlQc2g/9C+tB04Ej/ZwTUfrnsBijEg8AS+rpAvJrkpNwonyBMYV1pimtNAPU4s5coHsFUcZwA9d3Pn0nzxgjcLTi1wkgFV6GJhaZn4XQCvD3u0Zkfr4I7iQdNeX1bOamWuuOSjtBo3Z/1xUmASw+EBr0VKdzjRBsd0o9OXdpbgJyNH2Gs6Zol8h6lAhuci8nbPsh0jASMXms+AR10wFQUbeV5LbuR+ygjIGyT+y3G8/yhQA2B8CA/rQo1V+P7sPnUZ5tuUY9LjWKeyET/YtLC7TzDum2Di0hR08itnh0iTSO9WWruLy3MTcBYwqRnbQKksmCYpYZBCW0joQEhOJADLOc= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(376002)(39860400002)(396003)(136003)(346002)(451199018)(46966006)(40470700004)(36840700001)(8936002)(41300700001)(7406005)(70586007)(86362001)(5660300002)(36860700001)(7416002)(316002)(356005)(70206006)(8676002)(4326008)(36756003)(44832011)(6916009)(186003)(81166007)(336012)(82740400003)(40460700003)(2906002)(16526019)(2616005)(6666004)(26005)(40480700001)(426003)(82310400005)(47076005)(15650500001)(54906003)(1076003)(83380400001)(478600001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:51:35.3247 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 829f19a8-d636-4e6a-cf32-08db13737db1 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT014.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL1PR12MB5190 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377599118991779?= X-GMAIL-MSGID: =?utf-8?q?1758377599118991779?= This callback will do any platform-specific handling needed for converting pages between shared/private. Signed-off-by: Michael Roth Signed-off-by: Isaku Yamahata --- arch/x86/include/asm/kvm-x86-ops.h | 1 + arch/x86/include/asm/kvm_host.h | 2 ++ arch/x86/kvm/mmu/mmu.c | 13 +++++++++++++ include/linux/kvm_host.h | 4 ++++ virt/kvm/kvm_main.c | 29 +++++++++++++++++++++++++++++ 5 files changed, 49 insertions(+) diff --git a/arch/x86/include/asm/kvm-x86-ops.h b/arch/x86/include/asm/kvm-x86-ops.h index 72183da010b8..a8aaf532c2ab 100644 --- a/arch/x86/include/asm/kvm-x86-ops.h +++ b/arch/x86/include/asm/kvm-x86-ops.h @@ -132,6 +132,7 @@ KVM_X86_OP(complete_emulated_msr) KVM_X86_OP(vcpu_deliver_sipi_vector) KVM_X86_OP_OPTIONAL_RET0(vcpu_get_apicv_inhibit_reasons); KVM_X86_OP_OPTIONAL_RET0(fault_is_private); +KVM_X86_OP_OPTIONAL_RET0(update_mem_attr) #undef KVM_X86_OP #undef KVM_X86_OP_OPTIONAL diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index f856d689dda0..2da3fb2d5d1b 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1644,6 +1644,8 @@ struct kvm_x86_ops { void (*load_mmu_pgd)(struct kvm_vcpu *vcpu, hpa_t root_hpa, int root_level); bool (*fault_is_private)(struct kvm *kvm, gpa_t gpa, u64 error_code, bool *private_fault); + int (*update_mem_attr)(struct kvm_memory_slot *slot, unsigned int attr, + gfn_t start, gfn_t end); bool (*has_wbinvd_exit)(void); diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index fb3f34b7391c..053bd77bbf52 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -7251,4 +7251,17 @@ void kvm_arch_set_memory_attributes(struct kvm *kvm, linfo_update_mixed(gfn, slot, level, mixed); } } + +void kvm_arch_post_set_memory_attributes(struct kvm *kvm, + struct kvm_memory_slot *slot, + unsigned long attrs, + gfn_t start, gfn_t end) +{ + int ret; + + ret = static_call(kvm_x86_update_mem_attr)(slot, attrs, start, end); + if (ret) + pr_warn_ratelimited("Failed to update GFN range 0x%llx-0x%llx with attributes 0x%lx. Ret: %d\n", + start, end, attrs, ret); +} #endif diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h index fdc59479b3e2..d200b8f45583 100644 --- a/include/linux/kvm_host.h +++ b/include/linux/kvm_host.h @@ -2330,6 +2330,10 @@ void kvm_arch_set_memory_attributes(struct kvm *kvm, struct kvm_memory_slot *slot, unsigned long attrs, gfn_t start, gfn_t end); +void kvm_arch_post_set_memory_attributes(struct kvm *kvm, + struct kvm_memory_slot *slot, + unsigned long attrs, + gfn_t start, gfn_t end); static inline bool kvm_mem_is_private(struct kvm *kvm, gfn_t gfn) { diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index b68574ff6c30..8ec985f1c57d 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -2561,6 +2561,32 @@ static void kvm_mem_attrs_changed(struct kvm *kvm, unsigned long attrs, kvm_flush_remote_tlbs(kvm); } +static void kvm_post_mem_attrs_changed(struct kvm *kvm, unsigned long attrs, + gfn_t start_orig, gfn_t end_orig) +{ + struct kvm_memory_slot *slot; + struct kvm_memslots *slots; + struct kvm_memslot_iter iter; + int i; + + for (i = 0; i < kvm_arch_nr_memslot_as_ids(kvm); i++) { + slots = __kvm_memslots(kvm, i); + + kvm_for_each_memslot_in_gfn_range(&iter, slots, start_orig, end_orig) { + gfn_t start, end; + + slot = iter.slot; + start = max(start_orig, slot->base_gfn); + end = min(end_orig, slot->base_gfn + slot->npages); + + if (start >= end) + continue; + + kvm_arch_post_set_memory_attributes(kvm, slot, attrs, start, end); + } + } +} + static int kvm_vm_ioctl_set_mem_attributes(struct kvm *kvm, struct kvm_memory_attributes *attrs) { @@ -2602,6 +2628,9 @@ static int kvm_vm_ioctl_set_mem_attributes(struct kvm *kvm, kvm_mmu_invalidate_end(kvm); KVM_MMU_UNLOCK(kvm); + if (i > start) + kvm_post_mem_attrs_changed(kvm, attrs->attributes, start, i); + mutex_unlock(&kvm->slots_lock); attrs->address = i << PAGE_SHIFT; From patchwork Mon Feb 20 18:37:54 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59625 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1465553wrn; Mon, 20 Feb 2023 11:03:37 -0800 (PST) X-Google-Smtp-Source: AK7set/rxjPd+0EU1fibaUdvV+sT9mD+GqHGd/E7q3OyNXEawSZxtC2bSyShGQmNq4W4op+JDqQW X-Received: by 2002:a17:906:1911:b0:870:d9a:9ebb with SMTP id a17-20020a170906191100b008700d9a9ebbmr11187001eje.38.1676919817101; Mon, 20 Feb 2023 11:03:37 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919817; cv=pass; d=google.com; s=arc-20160816; b=Ng9gj87iTKdCyW7HNbsmSAI3tTtkg4/cKsnrENSWzzVHbtx/JVw7osMCWznp2ABP94 xNcKZtuY/Qk8mzYk0lLnoeE6vCGz6bO8+xQFvCAwbbWsJ55cjoc3K3RQs5UFvW3KTDdm 6vMo+89z8EbhnGKJrzeWoDkmSm74ZUxSjjAQXUQOY9YWOOi/aD7L17xxH0IGlmA+Gw/s wmLoqJHbteQCAaWd6DJa5yaxh9h1jytZhQdUvNXlG+Ua3RLqN2PPlYINXCm25rFZStXe Nzx4wHpeXT5YTJOwBJ1XhypUXYaqmdVA6bcqekMICWP/Tgkg7gqfnoN7aqwrEaE/luYr U1CA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=M9Ew5tn5x1C1/p9qsujs1TZPHeenne1rQSYJ332sceQ=; b=jn+gdvg7hT0cjVCH+jFQ7U7robvw9YeiHLX4Qzm1CEzCWYFqd/mT+3tKyayUZTJC9j Vaohoa6IQrSqWCGByO8JZWaUTcb5EukWJD0Rolc1HFL69/pQtVGu50V10tVM77cVZOJy 1XCx1AdfHVjtwm2EJ+EidZLpV+jYduAaOVFfLQabsY6KIFUVWPZN0+5lKr3fGtFBaBLd Th1dOFKr1GqW/95Egz0rhq3X5dm0Hh17R41Ql6enXCzkbI3jv+xz+6Zgy5s1FDenQM50 RQt217i0s2KeaYtYwnVxWlKFHvDLJ3XAaEQyj71Q0vHT6DfAqyOBKzIq6/fedOQeDJU8 3hpg== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=MMw+vPhe; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id fb24-20020a1709073a1800b008c33d2d5452si7035141ejc.527.2023.02.20.11.03.13; Mon, 20 Feb 2023 11:03:37 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=MMw+vPhe; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232882AbjBTS6v (ORCPT + 99 others); Mon, 20 Feb 2023 13:58:51 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44658 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232874AbjBTS6j (ORCPT ); Mon, 20 Feb 2023 13:58:39 -0500 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on20606.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe5b::606]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 419B31B8; Mon, 20 Feb 2023 10:58:22 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cdMyIrtokde7rFpD3655Z/LXYE+bJT2m8GWWXohR3NHQ+tEAstjZ2dyveoadZzLi+NtU0vH07s8T9HzdYSEjZJM6LXAxH8J9DYknGr3Gryc4hr5v0YzsVUou3ntXPHVeQes87fi/OfIq7FdtfcYiTbJnaIT4Zr15QiLrIm/HfI/bZx2NABd13SeArO3Q+iRORIHp+ly1L45tVy8xZBRsAl5V1JDtctED2Lqe6eckw1A2fyeNXVzpIiQNKNq/KEfu+4s2AVaB0CKA0PNNLnUZbO57eOEJRCCmOWxuXZHk1B6tdEO2cSmIOMHv8i8hTM92HF+oLqNpt6LFfBy7yp0Znw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=M9Ew5tn5x1C1/p9qsujs1TZPHeenne1rQSYJ332sceQ=; b=XnSq6lr/2aKcQ8N5SMIxgW9jf+PWoJ1ZzODYGAwt/GRpfOeA0mH1cpRniPgocPsFG3udsunoS7H8ymQUBmX6b4Y6ICJNJpVLqMYRnw97x8jOHaOFcB1Rlkrth9QxoHjrS9ViRXXgUKtu+hc/QwhjJ9NI0TigIKh62spJyOnsIc1DRDN3sfDdaNP2ogguvI2ffr9NRlGMXpME3ZkKJi8Da7vSQtkdbbd3BW+fm83PXQz8iv5PkYjKeUUllc82OeNjKq4/1P0TLCVaCwKT8LWHyqJcId6DOaXMDN65OouMFCh8dFZH7sTtvmEG6iOobaZoKGrtdJKKylxjZICgIruJpw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=M9Ew5tn5x1C1/p9qsujs1TZPHeenne1rQSYJ332sceQ=; b=MMw+vPhe2vPLkRpE+yqtkkDNGw7KTNF1gjQnEQn1Gu7ZnLgsbL3Yu04IPk9F54rKXW9HfmZ+/D/WdUGJa/wkLCjCKcu5Wpv7S+ikPbdiuAUoMCIYYPdopqjoZv/MMYWTxVdNP24PdMmB0h92gbP3unqCzsYM5UBnASZ8TxoPr8Q= Received: from MN2PR14CA0013.namprd14.prod.outlook.com (2603:10b6:208:23e::18) by CH0PR12MB5170.namprd12.prod.outlook.com (2603:10b6:610:b9::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20; Mon, 20 Feb 2023 18:55:26 +0000 Received: from BL02EPF000108EA.namprd05.prod.outlook.com (2603:10b6:208:23e:cafe::d1) by MN2PR14CA0013.outlook.office365.com (2603:10b6:208:23e::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19 via Frontend Transport; Mon, 20 Feb 2023 18:55:26 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF000108EA.mail.protection.outlook.com (10.167.241.203) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6134.14 via Frontend Transport; Mon, 20 Feb 2023 18:55:26 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:55:25 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH RFC v8 03/56] KVM: x86: Add platform hooks for private memory invalidations Date: Mon, 20 Feb 2023 12:37:54 -0600 Message-ID: <20230220183847.59159-4-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF000108EA:EE_|CH0PR12MB5170:EE_ X-MS-Office365-Filtering-Correlation-Id: 8fc5272c-1559-4dfb-7e7c-08db13740739 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 8Qw9KZVx53ga4s5Te7QdTZHnBA6xKPdCOp27MFFqX8P5SVkI24nIq2zsoFpZ5ouqQJ5uNLFncqaLMLWXOGCXdqZ+FsvKINC6T2G3/aCagX+ByKvta3xm1tVPMkmBpCD/3on/KbXzn4uW/sLPTOc/VC4gGBfwI0OO7ogHx9I5J2K9zdjrc5qSEsB5qvwP40I6EfSpWS2Xy/jlLkCfJVUDaH5HEMKy7cWfEGdlhaVmehEKoQNLvQ2KGQE3CXkVbf+dF2PCEbLqulo8qFBaAps/dAeLM5a/ZptDhoMYm3joh31hDP48Fbn+H0uCNmrSUZ27VOgp5GCjhIvOTgVAmyFRyDu7bOb5OOkmLph9N1kGwWjk6M7YzLKfkBfHOw6SsachueF17hqalsxFe9elU7FFUtRLKsPb31zsKchxS1MHnBxKNjwrc4pPG3I2HfNbc8Y7jO2LJiCcCwn3uVjnp/0YkUnFxJwOQtKO92cDpxleoG7ot+o9SSq/hlPgeZX33lXcQW+RpKa25gWjAr4ti+BZtmD53Nx8vUI4ENrpGi7V99TBLroNsdyn9Cl9PofGyA7CpMijIT74ZEb7ROFvvw9GfMWfmcGc92CmG/+/gTV7UClOanyH3R8gzXUTAmRCcr2i9DkFDvdGF6cnauD9moDQruu5fv6KKRaIDo9X/FC6962Em5lAXqC917il3EbbUinP/bM1DkIBUf78Hs4PjNvOapHdxvDANK0PwBull5gvd8A= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(346002)(376002)(136003)(396003)(39860400002)(451199018)(40470700004)(46966006)(36840700001)(81166007)(40480700001)(356005)(36860700001)(82740400003)(83380400001)(426003)(336012)(40460700003)(2616005)(86362001)(47076005)(316002)(54906003)(7406005)(4326008)(36756003)(8676002)(6916009)(5660300002)(82310400005)(8936002)(7416002)(478600001)(70586007)(44832011)(41300700001)(70206006)(26005)(16526019)(6666004)(2906002)(186003)(1076003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:55:26.0462 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 8fc5272c-1559-4dfb-7e7c-08db13740739 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF000108EA.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH0PR12MB5170 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,SPF_HELO_PASS, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377874079682109?= X-GMAIL-MSGID: =?utf-8?q?1758377874079682109?= In some cases, like with SEV-SNP, guest memory needs to be updated in a platform-specific manner before it can be safely freed back to the host. Add hooks to wire up handling of this sort to the invalidation notifiers for restricted memory. Also issue invalidations of all allocated pages during notifier/memslot unbinding so that the pages are not left in an unusable state when they eventually get freed back to the host upon FD release. Signed-off-by: Michael Roth --- arch/x86/include/asm/kvm-x86-ops.h | 1 + arch/x86/include/asm/kvm_host.h | 1 + arch/x86/kvm/mmu/mmu.c | 5 +++++ include/linux/kvm_host.h | 3 +++ mm/restrictedmem.c | 12 +++++++++++- virt/kvm/kvm_main.c | 12 +++++++++++- 6 files changed, 32 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/kvm-x86-ops.h b/arch/x86/include/asm/kvm-x86-ops.h index a8aaf532c2ab..6a885f024a00 100644 --- a/arch/x86/include/asm/kvm-x86-ops.h +++ b/arch/x86/include/asm/kvm-x86-ops.h @@ -133,6 +133,7 @@ KVM_X86_OP(vcpu_deliver_sipi_vector) KVM_X86_OP_OPTIONAL_RET0(vcpu_get_apicv_inhibit_reasons); KVM_X86_OP_OPTIONAL_RET0(fault_is_private); KVM_X86_OP_OPTIONAL_RET0(update_mem_attr) +KVM_X86_OP_OPTIONAL(invalidate_restricted_mem) #undef KVM_X86_OP #undef KVM_X86_OP_OPTIONAL diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index 2da3fb2d5d1b..37c92412035f 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1646,6 +1646,7 @@ struct kvm_x86_ops { bool (*fault_is_private)(struct kvm *kvm, gpa_t gpa, u64 error_code, bool *private_fault); int (*update_mem_attr)(struct kvm_memory_slot *slot, unsigned int attr, gfn_t start, gfn_t end); + void (*invalidate_restricted_mem)(struct kvm_memory_slot *slot, gfn_t start, gfn_t end); bool (*has_wbinvd_exit)(void); diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index 053bd77bbf52..360af0c9997e 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -7264,4 +7264,9 @@ void kvm_arch_post_set_memory_attributes(struct kvm *kvm, pr_warn_ratelimited("Failed to update GFN range 0x%llx-0x%llx with attributes 0x%lx. Ret: %d\n", start, end, attrs, ret); } + +void kvm_arch_invalidate_restricted_mem(struct kvm_memory_slot *slot, gfn_t start, gfn_t end) +{ + static_call_cond(kvm_x86_invalidate_restricted_mem)(slot, start, end); +} #endif diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h index d200b8f45583..4d542060cd93 100644 --- a/include/linux/kvm_host.h +++ b/include/linux/kvm_host.h @@ -2341,6 +2341,9 @@ static inline bool kvm_mem_is_private(struct kvm *kvm, gfn_t gfn) kvm_get_memory_attributes(kvm, gfn) & KVM_MEMORY_ATTRIBUTE_PRIVATE; } + +void kvm_arch_invalidate_restricted_mem(struct kvm_memory_slot *slot, gfn_t start, gfn_t end); + #else static inline bool kvm_mem_is_private(struct kvm *kvm, gfn_t gfn) { diff --git a/mm/restrictedmem.c b/mm/restrictedmem.c index fd6f3c66033f..c8353c592cfe 100644 --- a/mm/restrictedmem.c +++ b/mm/restrictedmem.c @@ -17,7 +17,7 @@ struct restrictedmem { static int restrictedmem_release(struct inode *inode, struct file *file) { - struct restrictedmem *rm = inode->i_mapping->private_data; + struct restrictedmem *rm = file->f_mapping->private_data; xa_destroy(&rm->bindings); fput(rm->memfd); @@ -305,10 +305,20 @@ void restrictedmem_unbind(struct file *file, pgoff_t start, pgoff_t end, struct restrictedmem_notifier *notifier) { struct restrictedmem *rm = file->f_mapping->private_data; + unsigned long index; + pr_debug("%s: unregistering notifier, invalidating page offsets 0x%lx-0x%lx\n", + __func__, start, end); down_write(&rm->lock); + + xa_for_each_range(&rm->bindings, index, notifier, start, end) + notifier->ops->invalidate_start(notifier, start, end); + xa_for_each_range(&rm->bindings, index, notifier, start, end) + notifier->ops->invalidate_end(notifier, start, end); + xa_store_range(&rm->bindings, start, end, NULL, GFP_KERNEL); synchronize_rcu(); + up_write(&rm->lock); } EXPORT_SYMBOL_GPL(restrictedmem_unbind); diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index 8ec985f1c57d..f7e00593cc5d 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -960,8 +960,15 @@ static void kvm_restrictedmem_invalidate_begin(struct restrictedmem_notifier *no struct kvm *kvm = slot->kvm; int idx; - if (restrictedmem_get_gfn_range(slot, start, end, &gfn_range)) + if (restrictedmem_get_gfn_range(slot, start, end, &gfn_range)) { + pr_debug("%s: Invalidation skipped, slot: %d, start: 0x%lx, end: 0x%lx, restrictedmem.index: 0x%lx\n", + __func__, slot->id, start, end, slot->restrictedmem.index); return; + } + + pr_debug("%s: slot: %d, start: 0x%lx, end: 0x%lx, restrictedmem.index: 0x%lx, gfn_start: 0x%llx, gfn_end: 0x%llx\n", + __func__, slot->id, start, end, slot->restrictedmem.index, gfn_range.start, + gfn_range.end); idx = srcu_read_lock(&kvm->srcu); KVM_MMU_LOCK(kvm); @@ -972,7 +979,10 @@ static void kvm_restrictedmem_invalidate_begin(struct restrictedmem_notifier *no kvm_flush_remote_tlbs(kvm); KVM_MMU_UNLOCK(kvm); + srcu_read_unlock(&kvm->srcu, idx); + + kvm_arch_invalidate_restricted_mem(slot, gfn_range.start, gfn_range.end); } static void kvm_restrictedmem_invalidate_end(struct restrictedmem_notifier *notifier, From patchwork Mon Feb 20 18:37:55 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59637 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1474777wrn; Mon, 20 Feb 2023 11:26:30 -0800 (PST) X-Google-Smtp-Source: AK7set8eqW9UwYU+88HJWW89TpCwc4zpeyxT48ImhFrIo88r1yi41x6ClzfRq5wTzmUkP4K7PtCt X-Received: by 2002:aa7:9599:0:b0:593:ebc7:a6d2 with SMTP id z25-20020aa79599000000b00593ebc7a6d2mr2812955pfj.21.1676921190397; Mon, 20 Feb 2023 11:26:30 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676921190; cv=pass; d=google.com; s=arc-20160816; b=oJ8FBHXhEVl59oAyYAx/uBZNLwg3XYxiMAZl/hePmsaycaiElHNc/4ZiffljHaPH8H jkXoimYirHi44AI817VtvpvGlmWQHLAwmtwk4Ydaj4TmLC+JtqosMT3CL8ZdN4rjNmFN A/E+pmxOB+it28nurQicXyE3HvcoMpZ8lv0wZyZSyqMcgGm8Tx4YZuyGK5zQ6wz5SFk4 n0y1wcdAtiQ1BZHM4qbs3npflxHwFhvYCVf33MHuIuY/oON6fcVlSJOytYAMTh+ZXeWE t9Kwa9M1/Z3gWvQCoSfQe1vkReKyv+AiKXnHjxUUiIQjP2SkWWSjAd42CMfZOe+wTZ2/ Hgqg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=6t/7MChFwUyyN5VUBnMXSkXPBAhKTwfDsPWfcTbxIpk=; b=vA7X2W75mquB1c3j7MCrMPqEx1HXVq9PLh/663V6oNSdmpl0jsz7//Ua4W1yJPW/Js ZNEqJjpgxg7OusX3SzjfOl2xtWe92ZpNCIPxYfgTfuuG8j98eLA5nQkrrhzYXN70dpZa ti9ZgcVsG65XwPaqVTyepY0c80WIwIMChzBHgw315N7jBNsBnsxOZ9yCE4Va5eoykCrz uEKw9hreAiXG1vVPl3eFiEfplzxCq6HH/zkSPXha3nMrYhiiOtYE7ch2Jf7zZzeyGUIf z+aSSs8mRtKeldK5e2BlL9UpZnx6nAdUn2EcFzdPNhcKHzJIdTvH5lYm65uKVLp1pNW/ SzXw== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b="E4/m7VpO"; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id f13-20020a056a001acd00b005a8c17a3c04si17071713pfv.283.2023.02.20.11.26.15; Mon, 20 Feb 2023 11:26:30 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b="E4/m7VpO"; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232970AbjBTTBY (ORCPT + 99 others); Mon, 20 Feb 2023 14:01:24 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48724 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233050AbjBTTBM (ORCPT ); Mon, 20 Feb 2023 14:01:12 -0500 Received: from NAM04-MW2-obe.outbound.protection.outlook.com (mail-mw2nam04on20608.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e8c::608]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 955A02203B; Mon, 20 Feb 2023 11:00:44 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YPitQX6gDSmqWlWvXdX2eJFfC+6cQ5XhdkL0cbdcgmS9tWyaWEFMGHICcnyFqhJ5GWUZqICPF58gIPFLQhtFaBJqryygL3H7myLsk2ZwtaaeMqs4+Q5YsNmKzN/OxNUwnbm5rBKp5CE8QtW1Rl27SUzxovUnOTWEuCqIRdkM8U7K22289tQfGIcIT+RF7ZwjZMGklhIu6CwHwZHrdGtcvZcC6s7b6CUGKitbcUq52gyhsIp3yRIS5PfMRfF4XCDTpoj0ButGgBS9YWd/TQW6WstY73KJ1FOsNZ8NeWHAtj4rwSrKL4fhmiXPzI2ynuCndPjTYPh9k53zpabX6Py3Xg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=6t/7MChFwUyyN5VUBnMXSkXPBAhKTwfDsPWfcTbxIpk=; b=oH85ROPDiZpiMMEQj1UjAroCMmHzxxcQ5PjE/CvArFQgqreMZTKjxYyn4AeAZuedzo2pZ+iG9nT9E0cRwprsw1gxTm7a6lIhdcm/qfO8mNKgwjKKuwW6c7u2fg7QFgXyWpf44ZGQAV0x3P7qlcufNLWt6UXb+7hfb84XjN+887KamBcZSXQs5efLunQZQJEI9tgyubwtsfKFpCluWAZuQv5lWhhNYdSJGXYT4JkivIwIQ7ST/YhBfTWwZ/32bed0N92f6H1fz8yRqy0ZnFKVf37YqpgkVRK9Gi0v/aGotUihGHnLRzM2RslK36Zq9VY0qAfc8qvCQ3oUcpwWh5kDuQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6t/7MChFwUyyN5VUBnMXSkXPBAhKTwfDsPWfcTbxIpk=; b=E4/m7VpOW/Y7wDCHcV89YgAv/D9G8DparRV5J+1NqjbiFxvjOeRnRavQFrwFe6d54kDjmKUoWzQrBnU/znqEC6y2Us+wRJpb/hL29mAwnc99TJ/dx9CMT/Pda0owReCzryZvVtwer0wjFiEmE4W5+2J6Rqgq4oEUA17br1dNN88= Received: from MW4PR03CA0277.namprd03.prod.outlook.com (2603:10b6:303:b5::12) by DM4PR12MB5376.namprd12.prod.outlook.com (2603:10b6:5:39f::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20; Mon, 20 Feb 2023 18:59:17 +0000 Received: from CO1NAM11FT080.eop-nam11.prod.protection.outlook.com (2603:10b6:303:b5:cafe::1e) by MW4PR03CA0277.outlook.office365.com (2603:10b6:303:b5::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:59:17 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1NAM11FT080.mail.protection.outlook.com (10.13.174.99) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.19 via Frontend Transport; Mon, 20 Feb 2023 18:59:17 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:59:16 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Vishal Annapurve Subject: [PATCH RFC v8 04/56] KVM: Add HVA range operator Date: Mon, 20 Feb 2023 12:37:55 -0600 Message-ID: <20230220183847.59159-5-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1NAM11FT080:EE_|DM4PR12MB5376:EE_ X-MS-Office365-Filtering-Correlation-Id: 7c479bb9-eb77-4ba0-f8c2-08db13749115 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: hETg4WBeDpvBCTOlLB3Sjxsx0OINKjiUCj/grgUiBMpB3ZSzcgCuSSXjU7gNJv3G36sA3gEWsqvZhKYbuaiO1tK/lsZQe2hmab9rsWR0MM2gCA/cTM5+dYrAbRCUTH+qRCkQJ5R8IIq7dLlMf3lKPzL/lZmfZIAQv6faQ0aYDMdOhjBds+4aIe7dQALDb5Ge8k9iypWjYBpfNNNFIsxTpfLCKpt5MkssniaoHFmf/FeD5ePuC2hw1AOwGnOLgonWfOf/op+HswbS4Rt7V1xfrr3I5eCH9BvPE0+oN5Y2F39O315MGWYU6ljKgSDKgEm7LUc/lNeRG4ZRiltPabOfz9pnNZSZq8h7qrFoSVktXKVCHvjdP2DBOmNuJXf56kNxpfdkT1NYlczGsD+ksO1K2V2/+cYrunxlzp3o4VmgQAtZOsGPNBz/Yb8AVa+QY7fhxOCblpGG2BGmXU5FR+Z03sxPcm3RbHa+ObdHi5uGGejCg946K0OFNlxiyEqiMzjgMexmJfgGKOsealqB0pR7+5xakXODUU2+jHKeOaNSLLnUxiIkBzlPgXBsYJk0TLWwMf5xmakuz8lQ4Cd37/MsYTGkuv1y9fBEjMCPLKNjO3kJ37ngH+7UtEwwos7T9YvS8AGIJ3WbsRuZSOiV40cuWN/M5d2KJunCjJgsrtE4qw7dClIUWD0P9K1CTD7Mq2TxFtKi7/YgQUd1WEp2RjQC2RyZ7EpdyZ+EdWRB87sLsFA= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(396003)(136003)(346002)(39860400002)(376002)(451199018)(40470700004)(46966006)(36840700001)(36860700001)(356005)(82740400003)(86362001)(36756003)(81166007)(7406005)(7416002)(5660300002)(6916009)(2906002)(4326008)(8936002)(8676002)(70586007)(70206006)(40480700001)(41300700001)(1076003)(82310400005)(2616005)(186003)(26005)(83380400001)(16526019)(336012)(47076005)(426003)(40460700003)(54906003)(316002)(44832011)(478600001)(6666004)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:59:17.2608 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 7c479bb9-eb77-4ba0-f8c2-08db13749115 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT080.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB5376 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,SPF_HELO_PASS, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758379314049352102?= X-GMAIL-MSGID: =?utf-8?q?1758379314049352102?= From: Vishal Annapurve Introduce HVA range operator so that other KVM subsystems can operate on HVA range. Signed-off-by: Vishal Annapurve [mdr: minor checkpatch alignment fixups] Signed-off-by: Michael Roth --- include/linux/kvm_host.h | 6 +++++ virt/kvm/kvm_main.c | 48 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 54 insertions(+) diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h index 4d542060cd93..c615650ed256 100644 --- a/include/linux/kvm_host.h +++ b/include/linux/kvm_host.h @@ -1402,6 +1402,12 @@ void kvm_mmu_invalidate_begin(struct kvm *kvm); void kvm_mmu_invalidate_range_add(struct kvm *kvm, gfn_t start, gfn_t end); void kvm_mmu_invalidate_end(struct kvm *kvm); +typedef int (*kvm_hva_range_op_t)(struct kvm *kvm, + struct kvm_gfn_range *range, void *data); + +int kvm_vm_do_hva_range_op(struct kvm *kvm, unsigned long hva_start, + unsigned long hva_end, kvm_hva_range_op_t handler, void *data); + long kvm_arch_dev_ioctl(struct file *filp, unsigned int ioctl, unsigned long arg); long kvm_arch_vcpu_ioctl(struct file *filp, diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index f7e00593cc5d..4ccd655dd5af 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -642,6 +642,54 @@ static __always_inline int __kvm_handle_hva_range(struct kvm *kvm, return (int)ret; } +int kvm_vm_do_hva_range_op(struct kvm *kvm, unsigned long hva_start, + unsigned long hva_end, kvm_hva_range_op_t handler, void *data) +{ + int ret = 0; + struct kvm_gfn_range gfn_range; + struct kvm_memory_slot *slot; + struct kvm_memslots *slots; + int i, idx; + + if (WARN_ON_ONCE(hva_end <= hva_start)) + return -EINVAL; + + idx = srcu_read_lock(&kvm->srcu); + + for (i = 0; i < kvm_arch_nr_memslot_as_ids(kvm); i++) { + struct interval_tree_node *node; + + slots = __kvm_memslots(kvm, i); + kvm_for_each_memslot_in_hva_range(node, slots, + hva_start, hva_end - 1) { + unsigned long start, end; + + slot = container_of(node, struct kvm_memory_slot, + hva_node[slots->node_idx]); + start = max(hva_start, slot->userspace_addr); + end = min(hva_end, slot->userspace_addr + + (slot->npages << PAGE_SHIFT)); + + /* + * {gfn(page) | page intersects with [hva_start, hva_end)} = + * {gfn_start, gfn_start+1, ..., gfn_end-1}. + */ + gfn_range.start = hva_to_gfn_memslot(start, slot); + gfn_range.end = hva_to_gfn_memslot(end + PAGE_SIZE - 1, slot); + gfn_range.slot = slot; + + ret = handler(kvm, &gfn_range, data); + if (ret) + goto e_ret; + } + } + +e_ret: + srcu_read_unlock(&kvm->srcu, idx); + + return ret; +} + static __always_inline int kvm_handle_hva_range(struct mmu_notifier *mn, unsigned long start, unsigned long end, From patchwork Mon Feb 20 18:37:56 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59632 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1470588wrn; Mon, 20 Feb 2023 11:15:30 -0800 (PST) X-Google-Smtp-Source: AK7set/asAW9UeDzxXjzSkFtCoYN+zGll/4vcJGHxXeCT1cP/6yNMSMWuVWnRXIBwGxZBKMyHJft X-Received: by 2002:a17:903:284f:b0:19c:33fe:e140 with SMTP id kq15-20020a170903284f00b0019c33fee140mr3580983plb.42.1676920529841; Mon, 20 Feb 2023 11:15:29 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676920529; cv=pass; d=google.com; s=arc-20160816; b=w9CeH8z0r3N8ZhyQzH/T4pApiv+gs5JuuLeYks6xxucF/dIlzp7cWHIxQNIE2CJFDo 86x22Z9eVlEbvBR53UeRhS4R46bKRQv8UVRxUBJmHATrhZh05sWlB9yOHiQ4VXma2T+L e8XeZnPdDrcDwhoPJqez1viwwe2qmBTC/5WTJiGrGZX1wgruwkDMIDWVGAUqMGEM1uEx g0phNQRK/t2keM8BdlBkoo7bQXxxd/VpmQ/lMhR0yYRIucGEOLvb7OjOpI3xWWk7DmAm RMjanmS/oDeICGfU6Xt6p2kG42V9SLPVGiMv8lTeilI1/PA3vaOJKvFJ5VQlucsUgH5R WNog== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=TUy6W8vUVLW4RDBTDQXfJAfbbqMreiqOl2cG+jRqR+Y=; b=rfWxWvk997da4I9+NsTL2J/1n6c2pfHZC+B+j/smkUn7sZ6BbT85ND+c8iVZXKgoBK bUG6+rbDWXrdargE5Gx2LUZclAFCGLdKaRvNpDmz+/JKZO5RTUciykxX+tBCf4oAivTx NM8FViqHN84JCb0fLlXSfutF/oQiGi/VVNFZD/Mbc+Yilu7pfx29Y6AHZZ2A8NQ23ywO M7aeRcIFZJC8WmNI/CP6oAa8yVIBsv4n+v8/wUlE7N/bE4iuW14gRtd0/VioDfauW3Yd vCuCQzlNH6ZI1T2IdAVaSp1RyL/r9tWfJWPfLSQl+SRqkFBGHzF1SwgWI9JLIs0NSg/c cMIw== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=Cb2UsjgQ; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id p17-20020a170902a41100b0019b9a1a130asi2604736plq.92.2023.02.20.11.15.16; Mon, 20 Feb 2023 11:15:29 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=Cb2UsjgQ; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233143AbjBTTKV (ORCPT + 99 others); Mon, 20 Feb 2023 14:10:21 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35068 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233116AbjBTTKR (ORCPT ); Mon, 20 Feb 2023 14:10:17 -0500 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on20623.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe59::623]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 02E071C59D; Mon, 20 Feb 2023 11:09:45 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=n3QeESdQSv0mkXhHnGxlbaCVMgRnDuNnPvZoRgi7DS9ufUcPAHgHRErXCeX1Zz5aHqQnPhv7t3aQUCcF4byUsdZtNHkbKpZjhXlJ6OZJgIpNcGzeLQ3e9cSFCtWRuNh3h+dZ12rxYNcy4AMzRy25aF1KVdkyCHjMIO8u49Jrag6YSe8AXa22UOS62NB4NKQmn6JG76F7G1lWyFYT7rwMYhovz/rZxCDIxJ1WekDnTsf0SpRjJ5CZ8XJZR8mDTaFc8b3dVZFWti2wwnM4PL8p9TaPK59HNamGd8/Y0i9T+I2sPYIEsZm1DZS4VoJHdzdu3lvvOyx36S70mZyMa8tbfA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=TUy6W8vUVLW4RDBTDQXfJAfbbqMreiqOl2cG+jRqR+Y=; b=mer7Kli3WQ5EXhGJ3Okgjt3cMExdqH79+fUYOmT9+lr7JRLCBnI2G1olqWnPX8Dkci3Q0wlRiNS3pfGSa5bQ/hfBpkQ1F9MPb1FE8sBFz361cyUx54hj4keMnrb6al/H6zFP2DKmWhMK5iN/lVQuX9zRZxSEFDjmmJ6Omot6eprdPTYmKmTOKiRmGl3l3Qk8NTQ8H3OwJZc8OwZyQNU1tzbhJkhpy6g7osn32c/1gdUy+SQBDfoJGDH0di8dQ3CPGZmPNj1WJByKrbtnQqyCQb58j64mDy/MFXH4MbkHhBJTZHa6EMTzFc9D58iQIwSoTMC9X+UzX5ME7fBFFVnixw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TUy6W8vUVLW4RDBTDQXfJAfbbqMreiqOl2cG+jRqR+Y=; b=Cb2UsjgQ/RBWvqQt5eI2XM4BxnS/AIHnHdkTDUBDAVDC7sRNKu4e2mFowcrzuleu7m0FqjywzJmYLP9VaYKa5OSnsXuiVhpC9Zyx6ulYIQBz+GzXe9yINMDO3+Dy5rsHfvHZ922LNLHKuS6BhgjeWw9ZfSb8au27UPSr3jatGn8= Received: from MW4PR04CA0330.namprd04.prod.outlook.com (2603:10b6:303:82::35) by DM4PR12MB5214.namprd12.prod.outlook.com (2603:10b6:5:395::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19; Mon, 20 Feb 2023 19:01:44 +0000 Received: from CO1NAM11FT027.eop-nam11.prod.protection.outlook.com (2603:10b6:303:82:cafe::3b) by MW4PR04CA0330.outlook.office365.com (2603:10b6:303:82::35) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19 via Frontend Transport; Mon, 20 Feb 2023 19:01:44 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1NAM11FT027.mail.protection.outlook.com (10.13.174.224) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 19:01:44 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 13:01:43 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH RFC v8 05/56] KVM: SEV: Require KVM_PROTECTED_VM when AMD_MEM_ENCRYPT is enabled Date: Mon, 20 Feb 2023 12:37:56 -0600 Message-ID: <20230220183847.59159-6-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1NAM11FT027:EE_|DM4PR12MB5214:EE_ X-MS-Office365-Filtering-Correlation-Id: 3eb1b2ac-50fa-4e08-c53d-08db1374e8ef X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: xojPAxrcNBewpydI4YiEKDyFbZhtWPhJ1J22Sh1ig6V+Y5PkLYDtldjbkMH4Xe9ML1HTqIP8gO9mkBRYFsAOpfFdld5jl6gDdIjcNhV+MtWbp8IKy5C0iCPMuoIj/2+Ii1jDHy/DHkza/pnyR0S00pKNj2/aExFEfBB5m4083ZXOI6mQPwyK8DEe/XTpW76wBwX7sHZhlHmmri12maIr2sJh/e1EjXqszbb9kUxZsRAjPprkCpnQF6ps40FpvBvgdUtLeVYAqlY1mhS42mbKKqaXmTnpOMZ/61NRnoroLY5x84O4qmBpOdUQ0fGMD+d7sc3Vc90V+9pYPGyANoqKdlCVGcZ2c15eZ3g8mTv2LFxVUoFEw+gA2I4E9zc77mgSl9iD7Xhig8hcJPavW+RMU5tPrSNyVwoeTnKWFy+Md3hHuxWM01+IgtsZTJ2D/OMz6SqYY3QW7LblahO7MP7WZerkKt4oaymju6yauG7Votk9/1w+EL4U49lwdXIhA3FzCU6oNtYlXA74vKL0keJZG3nfRvcMU4Qa9LmGzU1pmYZuaGlsTW5Vjyhpqhb72nQPKfjU6nmWnx7OpHiJHmGvYiNw0IgM1isd/YaK/ye9qCenATKgzYTIRlKuC9ByS/TR+IgJ72M3vXkagT3PJmIqFxKT2HIxYCUsp3UJqafokL68CkgNShJKR/ZCWOEeGw0MHUOyU0bCtXHjl5lkSgbQW+Hd710sYQuaUmu/D5silUw= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(396003)(376002)(136003)(346002)(39860400002)(451199018)(40470700004)(46966006)(36840700001)(36860700001)(5660300002)(44832011)(7416002)(4744005)(7406005)(82310400005)(86362001)(82740400003)(2906002)(336012)(81166007)(40480700001)(36756003)(478600001)(186003)(26005)(47076005)(16526019)(426003)(40460700003)(356005)(316002)(70586007)(54906003)(4326008)(41300700001)(1076003)(70206006)(6666004)(8676002)(6916009)(8936002)(2616005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 19:01:44.6812 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 3eb1b2ac-50fa-4e08-c53d-08db1374e8ef X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT027.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB5214 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758378621070861059?= X-GMAIL-MSGID: =?utf-8?q?1758378621070861059?= AMD_MEM_ENCRYPT implies SEV support, which now relies on support provided by the KVM_PROTECTED_VM config option. An argument can be made that SEV running in non-protected-VM-mode is still possible, and so this should be configurable, but AMD_MEM_ENCRYPT will also imply SEV-SNP, for which KVM_PROTECTED_VM is required in all cases. Signed-off-by: Michael Roth --- arch/x86/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 67745ceab0db..f0d8f6bbc1a7 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -1546,6 +1546,7 @@ config AMD_MEM_ENCRYPT select INSTRUCTION_DECODER select ARCH_HAS_CC_PLATFORM select X86_MEM_ENCRYPT + select KVM_PROTECTED_VM help Say yes to enable support for the encryption of system memory. This requires an AMD processor that supports Secure Memory From patchwork Mon Feb 20 18:37:57 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59643 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1479821wrn; Mon, 20 Feb 2023 11:40:17 -0800 (PST) X-Google-Smtp-Source: AK7set+ruDl4ZXiMp2mk20FdRpAu29t2r5TP9pXXkfd/FVR/VNLdcx4yNpwgbO5MY9+E85Dv9WdH X-Received: by 2002:a17:90a:1c8:b0:234:35bb:6190 with SMTP id 8-20020a17090a01c800b0023435bb6190mr1091481pjd.27.1676922017340; Mon, 20 Feb 2023 11:40:17 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676922017; cv=pass; d=google.com; s=arc-20160816; b=EKYlj8RJKj3Us/OGtMIyCZglCfs3rWKoYi21eVQ55LDtB9TJeQMQv0Ob+v+sYZ7nSa sYa6PHp8XykhaKlsRtggPiMN6sKH1uhHv3nuVfEPkyOahhlGlRb7MUMe4hJr4voxVbjU ZJyomAC9KetBIAWXN+28/F5898VoyymoUaC/apTZbcH1AiSIQaXqU4VWtsZyzmFIJaXZ 8CT+2HBK81xbpYt3EHBvXbDpvFqul599bNRfVAYEZURkoLRQQ8XOAY2ZzumQoD9Ahut1 XvlYYUWsLAtCRI/u0xIQSRJMQWvpt05RWnuVVIb/BEXn2hbNTT6a7Ax2O2IKZ1UzTt/n zd/Q== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=q3nf73drwaLvEnfy8UVO8myJaOVWglmANxn8btDUER8=; b=DQvmC8Qt8lH0iBNLMqePAoP6yTQE1K/Q7HJ64oG9gO4ayurGyCdBVAQJY37mdWazvt pafP0SBcdKuZLLocrcw0FnMpvVPMQijJUaMAY8xb1HFMqMvNcyPOe5bnL8wjalz7pCLP b5SZHNLqTjlu3ZYwlXLZALDERtIV23oiuZiUv/0/na7uyn/h/kRV87AellAtBB4U1aen RfGgFxx6QcCJK1lRspbmKOkDEYz2FuNtHU7smwXcLZTxVL0wm0HiyJI0s9fpNLlOIRdy 4dELT0bSHWBz00XxcezmDz6MRMTnsO4bbL/MR/QexcJQRCZVZmdLad7O+bXJ7ErN9btD X9MA== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=Ab2OZ72F; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id ds12-20020a17090b08cc00b0023667a7b5cfsi13553582pjb.165.2023.02.20.11.40.05; Mon, 20 Feb 2023 11:40:17 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=Ab2OZ72F; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232482AbjBTTMS (ORCPT + 99 others); Mon, 20 Feb 2023 14:12:18 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37872 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233149AbjBTTMO (ORCPT ); Mon, 20 Feb 2023 14:12:14 -0500 Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on20612.outbound.protection.outlook.com [IPv6:2a01:111:f400:7ea9::612]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8CD191A649; Mon, 20 Feb 2023 11:11:47 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=LesiwY9wpa7r9Ap9qkVzdAFkPEdizHTsmMxq3aK1eu828F2kXo0o3ewj1RJH0M9HLfXAvJaiGRk8hfWQj5YydvJNrxBgy5wf+KsNdIUpIQxyIfMTRj+amNiEeouSK7yD+KaYpjvfYQwbMXkXMbiGqD9vd1z031Ku0kqJSIuoP3n3u11bd4Di+4qWgZyDRf08mAu2CiCbefDzfMSTvzpZ4RdEwub06yvzr19yuWvXX81sil51ToiAmeMRSSE2WWVZ2QvnJr8I2P/1u6Iopau0ytUCB3CGvTVewDXxBHpMNLFGoVOT5RzExec5tsneFMm0serFOOsBomHB1m+rHa+cPg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=q3nf73drwaLvEnfy8UVO8myJaOVWglmANxn8btDUER8=; b=XVY9hpW8EB1ty4unAKiA0XxKpFtjQ3xaF8gyPTlvdvRXjpxti1baRE/eGk8wNZweg2K1O1SX7N0CxoVPBGnie8DlEohUw1WjIgtbh8IdMTNCIEZFlr5dxEH/77TN6y++2mWWAuyqfzhCfgaR+FIJfYSlNcHWcsOlI7wf4V89GbGEo6wakBxyJJzHZF97HejfWRYhMfl/cgIn0O36bFiwSJYLF7+d/Ad8jcwQkMYT6I2sfP19U6tmpV7mf+3AvSMSpLsdB78EUwI6ebDdrwAhlCRWrt3W6PlIkB0i9gk1OrAhrD2vSTiS2f0qouTBdqfAvN34pxuewco+kG/JqhZjSA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=q3nf73drwaLvEnfy8UVO8myJaOVWglmANxn8btDUER8=; b=Ab2OZ72FdQ/JPayIcGtzQZD2blDZZRubTdMYMjF3xGOtBrVszkTU2sQOguah3bwqANVU+4854QSSkR61WeL+U3ukbxtCiV0zb8qfCnS2UBpuUund0usm+DTecBSTf2jlQ7rfugFGDztSyQbHxb3u3g/ticBc6l6CXg5Lfy8e6Bs= Received: from MW4PR04CA0298.namprd04.prod.outlook.com (2603:10b6:303:89::33) by SJ2PR12MB8009.namprd12.prod.outlook.com (2603:10b6:a03:4c7::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.18; Mon, 20 Feb 2023 19:02:05 +0000 Received: from CO1NAM11FT080.eop-nam11.prod.protection.outlook.com (2603:10b6:303:89:cafe::8c) by MW4PR04CA0298.outlook.office365.com (2603:10b6:303:89::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 19:02:05 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1NAM11FT080.mail.protection.outlook.com (10.13.174.99) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.19 via Frontend Transport; Mon, 20 Feb 2023 19:02:05 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 13:02:04 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH RFC v8 06/56] KVM: Split out memory attribute xarray updates to helper function Date: Mon, 20 Feb 2023 12:37:57 -0600 Message-ID: <20230220183847.59159-7-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1NAM11FT080:EE_|SJ2PR12MB8009:EE_ X-MS-Office365-Filtering-Correlation-Id: 5eaa5440-d3bc-470f-2352-08db1374f541 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: ZFMXZt6POvfTIKz07tkXAkp6GtKZCxbDSIK5Alq+8AsCTBxdZyvAQIK7+btA9m+IDdZez5NdfUYpxAzE1+xKXQFYGlfnD3jdVyGmguJ/l3V0MkHWDCy1UTr6iRJj3lJ1oqZIxxsPCdqO+g24RqVPRiaosD91MTDb15UdKAwEwaKdlZmOrcyJ9c4e1RAax2CxGF/rPZl2mD7wU3ko5p0ufzPOmZSmBOmjmodIKtNoAS9pJ2gm6tgD38lFEgmUzcndZN5fxEaUntQ2bkg5/v1P1Llycrm5vlz+IJ6Byr9yZpnO51zrmyv0BFpT5JLojH/0FbQmjOgRKaqKmsUcSCzbO9jJHMIBHDF90XWfrrMvTN1kd1eKLt6BwkxxBsDeuV3WaaRs9353fly5rk6x1mqv+t0e7zB72dZxgnTjeGf0UiXiiYJCHnWatIY5aUCoMC4OnxiDIpYXJv8wydWWrLKHiGuVo8dVhMolFKJ+NpgA9OOedv5YvFH14G8Xg9kBx1OZvAcL6JOC2vgRf45r0jSXMOwg3BXSWtzJHsyzlXxFu9aAUrHjWzz1TK+TVdAqHbKyoiRMPZZPfw7il9Z433V+7W62bFtF+dMfO1QBoJFFQLvD1luPo9tP2QF9GPN5/GWLIJOau+VYci0jaDwgJN9AzAz45H6kbsrV24d6RcTFYFp5dzmvUBY3jKhu8MDZWHTZ+4zL51hyb6IN7roE4m+rz619qrPJciNC+208fz1RgbM= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(136003)(346002)(396003)(39860400002)(376002)(451199018)(36840700001)(46966006)(40470700004)(86362001)(54906003)(8936002)(7406005)(36860700001)(336012)(426003)(41300700001)(2616005)(316002)(7416002)(70586007)(2906002)(70206006)(5660300002)(44832011)(36756003)(81166007)(15650500001)(6916009)(8676002)(4326008)(356005)(478600001)(16526019)(6666004)(40480700001)(26005)(186003)(1076003)(40460700003)(47076005)(82310400005)(82740400003)(83380400001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 19:02:05.3471 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 5eaa5440-d3bc-470f-2352-08db1374f541 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT080.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ2PR12MB8009 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,SPF_HELO_PASS, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758380181362431998?= X-GMAIL-MSGID: =?utf-8?q?1758380181362431998?= This will be useful to other callers that need to update memory attributes for things like setting up the initial private memory payload for a guest. Signed-off-by: Michael Roth --- include/linux/kvm_host.h | 1 + virt/kvm/kvm_main.c | 26 ++++++++++++++++++-------- 2 files changed, 19 insertions(+), 8 deletions(-) diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h index c615650ed256..57d56cd09a61 100644 --- a/include/linux/kvm_host.h +++ b/include/linux/kvm_host.h @@ -993,6 +993,7 @@ int kvm_init(unsigned vcpu_size, unsigned vcpu_align, struct module *module); void kvm_exit(void); void kvm_get_kvm(struct kvm *kvm); +int kvm_vm_set_region_attr(struct kvm *kvm, gfn_t start, gfn_t end, u64 attributes); bool kvm_get_kvm_safe(struct kvm *kvm); void kvm_put_kvm(struct kvm *kvm); bool file_is_kvm(struct file *file); diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index 4ccd655dd5af..c740b56d6ba4 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -2645,12 +2645,28 @@ static void kvm_post_mem_attrs_changed(struct kvm *kvm, unsigned long attrs, } } +int kvm_vm_set_region_attr(struct kvm *kvm, gfn_t start, gfn_t end, + u64 attributes) +{ + gfn_t index; + void *entry; + + entry = attributes ? xa_mk_value(attributes) : NULL; + + for (index = start; index < end; index++) + if (xa_err(xa_store(&kvm->mem_attr_array, index, entry, + GFP_KERNEL_ACCOUNT))) + break; + + return index; +} +EXPORT_SYMBOL_GPL(kvm_vm_set_region_attr); + static int kvm_vm_ioctl_set_mem_attributes(struct kvm *kvm, struct kvm_memory_attributes *attrs) { gfn_t start, end; unsigned long i; - void *entry; /* flags is currently not used. */ if (attrs->flags) @@ -2665,8 +2681,6 @@ static int kvm_vm_ioctl_set_mem_attributes(struct kvm *kvm, start = attrs->address >> PAGE_SHIFT; end = (attrs->address + attrs->size - 1 + PAGE_SIZE) >> PAGE_SHIFT; - entry = attrs->attributes ? xa_mk_value(attrs->attributes) : NULL; - mutex_lock(&kvm->slots_lock); KVM_MMU_LOCK(kvm); @@ -2674,11 +2688,7 @@ static int kvm_vm_ioctl_set_mem_attributes(struct kvm *kvm, kvm_mmu_invalidate_range_add(kvm, start, end); KVM_MMU_UNLOCK(kvm); - for (i = start; i < end; i++) - if (xa_err(xa_store(&kvm->mem_attr_array, i, entry, - GFP_KERNEL_ACCOUNT))) - break; - + i = kvm_vm_set_region_attr(kvm, start, end, attrs->attributes); KVM_MMU_LOCK(kvm); if (i > start) From patchwork Mon Feb 20 18:37:58 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59644 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1479850wrn; Mon, 20 Feb 2023 11:40:23 -0800 (PST) X-Google-Smtp-Source: AK7set8Y21mDIP2seW+XsS//EyPhqJP1VgqBMXQHTYdRWm659z9Oh30/vQrFjpP8nzDQO7gLFoHi X-Received: by 2002:a05:6a20:1582:b0:c1:2038:c8cc with SMTP id h2-20020a056a20158200b000c12038c8ccmr1409735pzj.48.1676922022703; Mon, 20 Feb 2023 11:40:22 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676922022; cv=pass; d=google.com; s=arc-20160816; b=VmKylEfbKSfSFqGc5Ou4A0vhuW8pHuPa6sJWgThSARilUXA8EbQiEpYiWxy6rm5Iet CvbnKP0fNz6aVXVm15lR5TrTxJkow4WadZadu7DRhI6brOPMTS2VcgWGyjFhOLwWcUc9 6H2lqFnh04G+AvSfTxtDFxcpGuDL8wzsQEDMg40ZI5TciYhKPL0js2ZJUwcLMF+D0qAS jnYesly6g7Lg9RcKYHfTp5Q8AVnL8HJ+a0nXQng7aOndQeip6mGH6Dpj5nhfmczwDwbA ufr7lyg0aWY9RGFeZ7dDWxfwIRnPVOXSNPyw4kDo6uHDknCbTJzLDatTPj5BxnMOpGWs si9Q== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=21G95oFZzHWgiSnbQKm59oJ3QLRud3+Mni9EVFmud3w=; b=In9Yny5Ye2iC7+Lk3GsoXF1QdNulkGeWksW28YeOqVDaEOnwqw7N96YQxYdXWerFbR geGgU3Phd0hV9lueKCeFAMDOcNeWuV5Y8GASeFMwOon7H2oPBUp2gmOiuom92tfdqq10 C3EPvnavUX6b2V9r3cVy8N3WPWPAtPjGmwQM7dtBffyc0Q+CrouhPpxM+Fk2+A04n0GD NovYx5Bx+zXqLC9FBRnj5fTM9zNFGozDM3BWkvj2V+2BVqznyGJEQndSBtnLOTTqccXv E5X1aqwarjeK8MN6ODJwQuqxSH6SoHeXC/REldbpju+Snt4TLJQLxBx6svN7OqVRJoVQ ynpw== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=rplaPNrE; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id z11-20020a63d00b000000b004fb9d9614d1si4605831pgf.240.2023.02.20.11.40.10; Mon, 20 Feb 2023 11:40:22 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=rplaPNrE; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233127AbjBTTJn (ORCPT + 99 others); Mon, 20 Feb 2023 14:09:43 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34112 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233116AbjBTTJl (ORCPT ); Mon, 20 Feb 2023 14:09:41 -0500 Received: from NAM04-MW2-obe.outbound.protection.outlook.com (mail-mw2nam04on20608.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e8c::608]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D87F419F0D; Mon, 20 Feb 2023 11:09:06 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=HUETiSK42d5gUhv1x4apCytrxOfnTFmbPFjWCjBRcrROksGqyjBFh1OXwpQtCnHJXhbLWKRHe4q9VFyHVxKIBpOLucSYfMSLDtEZCnnPt0BGGj5RZm1i74nkKZlmhpKdxZX42brQj2dktfivKGEfKJJVE4BkLl7mDN13M0cXQAC3SrueU+oPYa6jGX27z0EWi2F3lGXI1MEq5H1wbMp+zPFqISLjhfTnsS50IY+FsVdjyIuTJhL/X/AjSkyJBRiM74bwZfh7ZGng4oZQpQjaWKxrnqjzx32HYq8FoCYHQLSuFUjS7pDClZzlP4m0WYMch/BTFP2hnwucMJ6wTD26IA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=21G95oFZzHWgiSnbQKm59oJ3QLRud3+Mni9EVFmud3w=; b=PUX54sXYzUagm42NfcR8f7cmELGg5ruCRSY1dSKL/UCNsgWgbF5D7b/bbSl55QFWUGXhEjDNZ4Ns//U1Crfwbp010ROBR1aenVaWLxIjRSWivp1Zq1Guw47QTPgWATPnu+fh1SUERGf/w2D51VQCFa0upJ2sa7UqhdeRFpqImnyCAypVGfM1HxnGbbJ0fY/68cLrmsZIrSFbzz/F3JL5X3aN37P80+F7wbEuTTfdIiPQHYCALAU1xQwdokcWBVL9ae9EVuTEtxbbO2f1eipGam4fzwYGlcFWid5pBNufMW+jvqY7+/yUpjSJ1ka8EgKiDL/SoWgH++7FYYIrqFgM1g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=21G95oFZzHWgiSnbQKm59oJ3QLRud3+Mni9EVFmud3w=; b=rplaPNrE2ZI6utZeW8e8B3qeLI7B/6ZKj5M7aN/vh3NjfJILvzyzynfeTKdqO1qzpQdR6sfPndhEJ0YWLpUxBzAqQLKlka5LEArBq6gguG3e8zVV3vMiIybm7Kqsfn5s7F/FtaWFNzI+KaCLooAU8YRniO4XaR/fFEGfYG32PFU= Received: from MW4PR03CA0035.namprd03.prod.outlook.com (2603:10b6:303:8e::10) by DS0PR12MB8561.namprd12.prod.outlook.com (2603:10b6:8:166::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20; Mon, 20 Feb 2023 19:02:26 +0000 Received: from CO1NAM11FT035.eop-nam11.prod.protection.outlook.com (2603:10b6:303:8e:cafe::ab) by MW4PR03CA0035.outlook.office365.com (2603:10b6:303:8e::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 19:02:26 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1NAM11FT035.mail.protection.outlook.com (10.13.175.36) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.21 via Frontend Transport; Mon, 20 Feb 2023 19:02:26 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 13:02:25 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Vishal Annapurve Subject: [PATCH RFC v8 07/56] KVM: SEV: Populate private memory fd during LAUNCH_UPDATE_DATA Date: Mon, 20 Feb 2023 12:37:58 -0600 Message-ID: <20230220183847.59159-8-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1NAM11FT035:EE_|DS0PR12MB8561:EE_ X-MS-Office365-Filtering-Correlation-Id: 607fe171-2f6f-4e08-2f07-08db137501ba X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: JWmjgonN+G9HW7svEnDa+LBz4VSTz+Ske3mLX5GhlexJf5QsJNP1+6oR6nWqAN9PTz1fPYocoD8X8mkfeUDcz51lN5xoFM2XUXQA5o4clVN6QbyNjlkx2Kibx/of6UYXpoiNFaRcizQ+LoHpJKP1ObH+RzqYG4DTMj1JBxFjamZ0J5d4fajXHOMKNOrokXq0+21Sy1UVgaj66VK5Mo0s7T/MqyOKH3xgwT6EvFBui/dLteroIu/LRMco1uFGcJrUz4xCxkCPW2mhatRzr64WeAkLLZYh7wzNTQ+m2rWpmxP1ZmN2tTx5T8xmypA+ZrsmN+RK3NvY/jGGMpsnFLelx97HxgUALE9J8a0IEGhtnbWhLZWhf9RRy1UXnp7GS2xIToXfrwmkJP3J61NlZ06KStdkNzDwP59dUpNMK4pq81/p8xuz/BfVW0HGHOxyLdowZ5jQlfXCSkOoQq3D3rhaGMTOAcpB4quKD8Beue9c8xKYNwxQ4AvnFJyIG/yW/1GHp6CNMxC6mO+/AXBf6toSjIrz+kcAk8Iw7fHSZzpXOcdvG8DWug9ijSGZyL55ZNj6umxtiKhs01UnvQ+64thTrc8PqKvt4wuTW+mxz2Y+JyvvXgypTzSWitcmVVtZT1na7PGI9kl9Ac/s8QrAfDPWbtkw1vMvSk8RpoDINqGaGAkkIoZUXMGxc+sDaip6eJrhT2R1ItyN2dsTZQOppRlll5HI6jZNT+J23OshgT4zCdE= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(346002)(396003)(39860400002)(136003)(376002)(451199018)(36840700001)(46966006)(40470700004)(356005)(36756003)(40480700001)(40460700003)(86362001)(82310400005)(47076005)(426003)(336012)(83380400001)(316002)(478600001)(54906003)(1076003)(6666004)(16526019)(26005)(186003)(2616005)(7416002)(44832011)(36860700001)(7406005)(5660300002)(82740400003)(81166007)(66899018)(4326008)(2906002)(8676002)(41300700001)(6916009)(8936002)(70586007)(70206006)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 19:02:26.2418 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 607fe171-2f6f-4e08-2f07-08db137501ba X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT035.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB8561 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,SPF_HELO_PASS, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758380186847916166?= X-GMAIL-MSGID: =?utf-8?q?1758380186847916166?= From: Vishal Annapurve This change adds handling of HVA ranges to copy contents to private memory while doing sev launch update data. mem_attr array is updated during LAUNCH_UPDATE_DATA to ensure that encrypted memory is marked as private. Signed-off-by: Vishal Annapurve [mdr: Use gfn_to_hva_memslot_prot() for shared GFN handler to deal with read-only slots for ROMs. Split kvm_vm_set_region_attr into separate patch.] Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 103 +++++++++++++++++++++++++++++++++++++---- virt/kvm/kvm_main.c | 2 + 2 files changed, 96 insertions(+), 9 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 273cba809328..fad7fb34ef9e 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -494,23 +494,26 @@ static unsigned long get_num_contig_pages(unsigned long idx, return pages; } -static int sev_launch_update_data(struct kvm *kvm, struct kvm_sev_cmd *argp) +static int sev_launch_update_shared_gfn_handler(struct kvm *kvm, + struct kvm_gfn_range *range, + struct kvm_sev_cmd *argp) { unsigned long vaddr, vaddr_end, next_vaddr, npages, pages, size, i; struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; - struct kvm_sev_launch_update_data params; struct sev_data_launch_update_data data; struct page **inpages; int ret; - if (!sev_guest(kvm)) - return -ENOTTY; - - if (copy_from_user(¶ms, (void __user *)(uintptr_t)argp->data, sizeof(params))) - return -EFAULT; + vaddr = gfn_to_hva_memslot_prot(range->slot, range->start, NULL); + pr_debug("%s: shared GFN: %llx, slot.id: %d, slot.base_gfn: %llx, slot.userspace_addr: %lx, slot.flags: %x, vaddr: %lx\n", + __func__, range->start, range->slot->id, range->slot->base_gfn, + range->slot->userspace_addr, range->slot->flags, vaddr); + if (kvm_is_error_hva(vaddr)) { + pr_err("vaddr is erroneous 0x%lx\n", vaddr); + return -EINVAL; + } - vaddr = params.uaddr; - size = params.len; + size = (range->end - range->start) << PAGE_SHIFT; vaddr_end = vaddr + size; /* Lock the user memory. */ @@ -562,6 +565,88 @@ static int sev_launch_update_data(struct kvm *kvm, struct kvm_sev_cmd *argp) return ret; } +static int sev_launch_update_priv_gfn_handler(struct kvm *kvm, + struct kvm_gfn_range *range, + struct kvm_sev_cmd *argp) +{ + struct sev_data_launch_update_data data; + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + gfn_t gfn; + kvm_pfn_t pfn; + struct kvm_memory_slot *memslot = range->slot; + int ret = 0; + + data.reserved = 0; + data.handle = sev->handle; + + for (gfn = range->start; gfn < range->end; gfn++) { + int order; + void *kvaddr; + + ret = kvm_restrictedmem_get_pfn(memslot, gfn, &pfn, &order); + if (ret) + goto e_ret; + + kvaddr = pfn_to_kaddr(pfn); + if (!virt_addr_valid(kvaddr)) { + pr_debug("%s: Invalid kvaddr 0x%llx\n", __func__, (uint64_t)kvaddr); + ret = -EINVAL; + goto e_ret; + } + + ret = kvm_read_guest_page(kvm, gfn, kvaddr, 0, PAGE_SIZE); + if (ret) { + pr_debug("%s: Guest read failed 0x%x\n", __func__, ret); + goto e_ret; + } + + if (!cpu_feature_enabled(X86_FEATURE_SME_COHERENT)) + clflush_cache_range(kvaddr, PAGE_SIZE); + + data.len = PAGE_SIZE; + data.address = __sme_set(pfn << PAGE_SHIFT); + ret = sev_issue_cmd(kvm, SEV_CMD_LAUNCH_UPDATE_DATA, &data, &argp->error); + if (ret) + goto e_ret; + kvm_release_pfn_clean(pfn); + } + + /* + * Memory attribute updates via KVM_SET_MEMORY_ATTRIBUTES are serialized + * via kvm->slots_lock, so use the same protocol for updating them here. + */ + mutex_lock(&kvm->slots_lock); + kvm_vm_set_region_attr(kvm, range->start, range->end, KVM_MEMORY_ATTRIBUTE_PRIVATE); + mutex_unlock(&kvm->slots_lock); +e_ret: + return ret; +} + +static int sev_launch_update_gfn_handler(struct kvm *kvm, struct kvm_gfn_range *range, + void *data) +{ + struct kvm_sev_cmd *argp = (struct kvm_sev_cmd *)data; + + if (kvm_slot_can_be_private(range->slot)) + return sev_launch_update_priv_gfn_handler(kvm, range, argp); + + return sev_launch_update_shared_gfn_handler(kvm, range, argp); +} + +static int sev_launch_update_data(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_launch_update_data params; + + if (!sev_guest(kvm)) + return -ENOTTY; + + if (copy_from_user(¶ms, (void __user *)(uintptr_t)argp->data, sizeof(params))) + return -EFAULT; + + return kvm_vm_do_hva_range_op(kvm, params.uaddr, params.uaddr + params.len, + sev_launch_update_gfn_handler, argp); +} + static int sev_es_sync_vmsa(struct vcpu_svm *svm) { struct sev_es_save_area *save = svm->sev_es.vmsa; diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index c740b56d6ba4..003cb199ba4b 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -689,6 +689,7 @@ int kvm_vm_do_hva_range_op(struct kvm *kvm, unsigned long hva_start, return ret; } +EXPORT_SYMBOL_GPL(kvm_vm_do_hva_range_op); static __always_inline int kvm_handle_hva_range(struct mmu_notifier *mn, unsigned long start, @@ -2850,6 +2851,7 @@ unsigned long gfn_to_hva_memslot_prot(struct kvm_memory_slot *slot, return hva; } +EXPORT_SYMBOL_GPL(gfn_to_hva_memslot_prot); unsigned long gfn_to_hva_prot(struct kvm *kvm, gfn_t gfn, bool *writable) { From patchwork Mon Feb 20 18:37:59 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59635 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1471023wrn; Mon, 20 Feb 2023 11:16:36 -0800 (PST) X-Google-Smtp-Source: AK7set/vGT4kRge5KPxLGBMV3h7JpmUCcykm3i+YEAAcLou+aOuFm6m9y9C//2UXYCCh0KLU3TcX X-Received: by 2002:a17:907:7ea8:b0:8b1:2823:cec6 with SMTP id qb40-20020a1709077ea800b008b12823cec6mr13886147ejc.43.1676920596233; Mon, 20 Feb 2023 11:16:36 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676920596; cv=pass; d=google.com; s=arc-20160816; b=ARBEnWikHNr75TtQ9cgkuiOMjEE+hq4QY74IHeE0ZZ8JkB/OQZ7kfvhzGq0EnwiHh+ PLzf3ZDWWB0Afh5XCxpoVLwVl2uXCi+49FLor5KeULl8XtTMnU2CK7dvTRuY347HsQId uWM6FOnXGHPnPZv6BR/jS+KO+kZzzt05aenBXSh2wTfH0z9OAm0hg1uxVPjD6ly0Fvuq lcPlirXneoaGEoCFaIzVD510JidNVDUP+1nwvzeU8LsPyyKEGxs/LBE++wrjFpMN20IM OBvhzEOyNPLhw0/1XzqSVFXVvmuXvwhouvtwMAArgdnta2X2bJYdn0QDrwyhNVZxQvNA GBDw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=zs2dlCK3kpBp+DHzyao4L2xJnXTs0oWXM++0nWxwyeo=; b=OyMdXDB5evA87nTJvpJiBBufr8C3dq8ozLTcyDrva3MXTPiXOO2549aQxbargrVNNq DKwdjWCWzOvXRe2sKY2XdrbHobRkcGs6LEq/AvixrjaiS1DhrlUWhQU9S0kdodSa+ICZ eHA9w1fo89rsYJ/6ByB+79+gXL96dT/YsdRbTeA/TKbdKc9KW/SlLbd2rQGLO1j9IiT4 i5Dq9OS227/K65WAp0gD16yiLaFPmnURx/XCSUuwZWaQUEUfZ4LoKe7nTSuJl8qHT3+g cBSLNc0B6mesqsEqGmz50H5I8cQS5PJaBFFejrMYdBZIXtcown+UhUmbQ9a/3skCcXrP Pm5Q== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=gcl8KJLB; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id r7-20020a170906958700b008c9d8aeb4adsi6424137ejx.200.2023.02.20.11.16.13; Mon, 20 Feb 2023 11:16:36 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=gcl8KJLB; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232741AbjBTTLa (ORCPT + 99 others); Mon, 20 Feb 2023 14:11:30 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36964 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232147AbjBTTL2 (ORCPT ); Mon, 20 Feb 2023 14:11:28 -0500 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2062d.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe59::62d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6746D2203F; Mon, 20 Feb 2023 11:10:56 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ksXqVaG6dcqy+bSUh2sWfOqFJmPxKJttm1ZQ8SF1v0vlBTBp58gfU8gPX61KFPljORHCPoWSXFYdjY8KVg1ERCdPj+0fbEKs5DssgLYRLsixzj+cMmtLa6oBYaM76bHU+bFK5JweU/qJ/WgzIaKvSftbiNe18J2aZGd0mXnjTn2ao3xSF93idSAZhFxr8bW7+gG6sr2O3j1X8VjjSlg3TLGdPJXBaa3NPqF61RQ+/pAlqybTrFmHCarXntqf2O+Qt4vfDOGp/h4SVXeMtD5n6TDkpjoz/ALW9BZXOAwYN2V95TxraQA/C3BV1USxlV+BiEVZeCQTnTcCx+ZMDl7Row== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=zs2dlCK3kpBp+DHzyao4L2xJnXTs0oWXM++0nWxwyeo=; b=DjkN/nvcQ6xFOa5js+kbLAMEAmUpq9e2Rl2JTdHDo887Ysh8Cg0O7qcdkvk860+qsJVgbBxj3vnLUrzm7i0cDv0QzuvdYj5cY+Im2lHOEVH42SUgrUlnniEJGZ4DnORg5x2QqvcMkxr/cQZUPlQpKVx1nUwHr/gxIXjRxmNMtaQhxvlxZ3kwm0uHNhxoPurdH8mlJiN6dTJqqRDt/+5ML6dGhRSCqjDG+N7iT9u/oUoNcIu6pTZhC0S8235gjH9NdFIVdLnEfFK5M8MmLEWQUrr5ChfLaXyvtGWI3D7AIAOziW9zN6svo8bNtB0sTw5bCF6UqgBhb07Vt0J3WOYBpg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=zs2dlCK3kpBp+DHzyao4L2xJnXTs0oWXM++0nWxwyeo=; b=gcl8KJLBnJifPUe/cgPkkyaC+XdvUxI9YdFiNUpIFRrYauEmdpZu9w3h0KJNbNHi1SSJgkzJl678RY50Dz/YwEz76BwcGgEN8nh/kTQwOoqv17+Hk+YWMw3daWNpkTVj35LXDvv3RjypvxFO+kcnrWjmGqDHQRqXYh8XD901BFk= Received: from MW4PR03CA0263.namprd03.prod.outlook.com (2603:10b6:303:b4::28) by SJ2PR12MB8181.namprd12.prod.outlook.com (2603:10b6:a03:4f6::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19; Mon, 20 Feb 2023 19:02:48 +0000 Received: from CO1NAM11FT071.eop-nam11.prod.protection.outlook.com (2603:10b6:303:b4:cafe::f9) by MW4PR03CA0263.outlook.office365.com (2603:10b6:303:b4::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 19:02:48 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1NAM11FT071.mail.protection.outlook.com (10.13.175.56) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 19:02:47 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 13:02:46 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Nikunj A Dadhania Subject: [PATCH RFC v8 08/56] KVM: SEV: Rename sev_{pin,unpin}_memory Date: Mon, 20 Feb 2023 12:37:59 -0600 Message-ID: <20230220183847.59159-9-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1NAM11FT071:EE_|SJ2PR12MB8181:EE_ X-MS-Office365-Filtering-Correlation-Id: 931c97d0-2a5a-4d25-f2b1-08db13750e93 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: LoIj0soWdNR/1b+30MySf9izMeGQlhDgtu4AgXT2YAz19Pyo8D9r4PHbnGA9VGxQhBRQWl1PGm9N6OoeyuFZUlL7fT+MC4GEq1G5NvGixjRbz8r1UajMmTAW3YulaHUZtThHuI08Cn4pmYklfoCZO46U4bf8Alxs9dBzAKEB3lZrTxw/xB51Y5kSa87//u5lwu6MwktIqLSFOZISv6nF9IcWUUaP45oQf42nHmUd4uUbw+DUlX3ZXcLjgO6vDlnv6YMd1H7ATbQDq0QVpwGlhXFmjA5bO+lGTIXoKqMO7fxMIEr+m7H6oxPPvu+0SvRK8hVmtjq46cy+VsK6IEVr+SGHPHmpn8G/zdyTN6Cns3UA5bnJzI3WKuh1jlb7EehfDQgPv9MZqiHwonTHpwJoKnbkdZwkwqvttf0BTm35lT2tG2h5Gwx/7PuZ77GqejWDlZcvuILcA+1dxf/TpO/SKwyiQjwYQqqZhvuMgQueezmdLLyL6RZoFa5ZsZlUSETnLQYq3MMoZGKPhzN6vZmMx0jxuwqg2KIuQxgOxfnx7XztW4+0EjEbSSQLg/NEy9IN+yCeU8t1oFEIYrXX5mxKXwLHyRZWYhkgWVT4ABrYJCwVi8r43PqsAjy2slspJSwjz/ZQS8eHITN+RfQ95e46Iv8/byIaXts34c8WbVKfjoe8nWqCjG89uKmXgSLn1hAZQ5jQKnXrgP3vVLX0eVLW/MevC0bXpVhFHIouONeCE6w= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(346002)(39860400002)(376002)(396003)(136003)(451199018)(40470700004)(36840700001)(46966006)(82740400003)(44832011)(81166007)(36860700001)(5660300002)(7406005)(86362001)(82310400005)(2906002)(7416002)(356005)(36756003)(478600001)(336012)(47076005)(186003)(16526019)(26005)(40480700001)(426003)(70586007)(316002)(54906003)(83380400001)(40460700003)(70206006)(8676002)(1076003)(2616005)(6916009)(6666004)(41300700001)(4326008)(8936002)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 19:02:47.7235 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 931c97d0-2a5a-4d25-f2b1-08db13750e93 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT071.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ2PR12MB8181 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,SPF_HELO_PASS, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758378691300935365?= X-GMAIL-MSGID: =?utf-8?q?1758378691300935365?= From: Nikunj A Dadhania Rename sev_{pin|unpin}_memory to sev_memory_{get|put}_pages. Apart from pinning the pages, sev_pin_memory also populates the pages array which is used by its callers. SEV guest using restricted memfd do not to pin the memory but will require the pages array to be populated. Rename the function appropriately. No functional change intended. Signed-off-by: Nikunj A Dadhania Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 62 ++++++++++++++++++++++-------------------- 1 file changed, 33 insertions(+), 29 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index fad7fb34ef9e..523c78bbff3f 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -383,9 +383,13 @@ static int sev_launch_start(struct kvm *kvm, struct kvm_sev_cmd *argp) return ret; } -static struct page **sev_pin_memory(struct kvm *kvm, unsigned long uaddr, - unsigned long ulen, unsigned long *n, - int write) +/* + * Legacy SEV guest pin the pages and return the array populated with pinned + * pages. + */ +static struct page **sev_memory_get_pages(struct kvm *kvm, unsigned long uaddr, + unsigned long ulen, unsigned long *n, + int write) { struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; unsigned long npages, size; @@ -446,8 +450,8 @@ static struct page **sev_pin_memory(struct kvm *kvm, unsigned long uaddr, return ERR_PTR(ret); } -static void sev_unpin_memory(struct kvm *kvm, struct page **pages, - unsigned long npages) +static void sev_memory_put_pages(struct kvm *kvm, struct page **pages, + unsigned long npages) { struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; @@ -517,7 +521,7 @@ static int sev_launch_update_shared_gfn_handler(struct kvm *kvm, vaddr_end = vaddr + size; /* Lock the user memory. */ - inpages = sev_pin_memory(kvm, vaddr, size, &npages, 1); + inpages = sev_memory_get_pages(kvm, vaddr, size, &npages, 1); if (IS_ERR(inpages)) return PTR_ERR(inpages); @@ -548,20 +552,20 @@ static int sev_launch_update_shared_gfn_handler(struct kvm *kvm, data.address = __sme_page_pa(inpages[i]) + offset; ret = sev_issue_cmd(kvm, SEV_CMD_LAUNCH_UPDATE_DATA, &data, &argp->error); if (ret) - goto e_unpin; + goto e_put_pages; size -= len; next_vaddr = vaddr + len; } -e_unpin: +e_put_pages: /* content of memory is updated, mark pages dirty */ for (i = 0; i < npages; i++) { set_page_dirty_lock(inpages[i]); mark_page_accessed(inpages[i]); } /* unlock the user pages */ - sev_unpin_memory(kvm, inpages, npages); + sev_memory_put_pages(kvm, inpages, npages); return ret; } @@ -1028,13 +1032,13 @@ static int sev_dbg_crypt(struct kvm *kvm, struct kvm_sev_cmd *argp, bool dec) int len, s_off, d_off; /* lock userspace source and destination page */ - src_p = sev_pin_memory(kvm, vaddr & PAGE_MASK, PAGE_SIZE, &n, 0); + src_p = sev_memory_get_pages(kvm, vaddr & PAGE_MASK, PAGE_SIZE, &n, 0); if (IS_ERR(src_p)) return PTR_ERR(src_p); - dst_p = sev_pin_memory(kvm, dst_vaddr & PAGE_MASK, PAGE_SIZE, &n, 1); + dst_p = sev_memory_get_pages(kvm, dst_vaddr & PAGE_MASK, PAGE_SIZE, &n, 1); if (IS_ERR(dst_p)) { - sev_unpin_memory(kvm, src_p, n); + sev_memory_put_pages(kvm, src_p, n); return PTR_ERR(dst_p); } @@ -1068,8 +1072,8 @@ static int sev_dbg_crypt(struct kvm *kvm, struct kvm_sev_cmd *argp, bool dec) (void __user *)dst_vaddr, len, &argp->error); - sev_unpin_memory(kvm, src_p, n); - sev_unpin_memory(kvm, dst_p, n); + sev_memory_put_pages(kvm, src_p, n); + sev_memory_put_pages(kvm, dst_p, n); if (ret) goto err; @@ -1098,7 +1102,7 @@ static int sev_launch_secret(struct kvm *kvm, struct kvm_sev_cmd *argp) if (copy_from_user(¶ms, (void __user *)(uintptr_t)argp->data, sizeof(params))) return -EFAULT; - pages = sev_pin_memory(kvm, params.guest_uaddr, params.guest_len, &n, 1); + pages = sev_memory_get_pages(kvm, params.guest_uaddr, params.guest_len, &n, 1); if (IS_ERR(pages)) return PTR_ERR(pages); @@ -1114,7 +1118,7 @@ static int sev_launch_secret(struct kvm *kvm, struct kvm_sev_cmd *argp) */ if (get_num_contig_pages(0, pages, n) != n) { ret = -EINVAL; - goto e_unpin_memory; + goto e_put_pages; } memset(&data, 0, sizeof(data)); @@ -1126,7 +1130,7 @@ static int sev_launch_secret(struct kvm *kvm, struct kvm_sev_cmd *argp) blob = psp_copy_user_blob(params.trans_uaddr, params.trans_len); if (IS_ERR(blob)) { ret = PTR_ERR(blob); - goto e_unpin_memory; + goto e_put_pages; } data.trans_address = __psp_pa(blob); @@ -1147,13 +1151,13 @@ static int sev_launch_secret(struct kvm *kvm, struct kvm_sev_cmd *argp) e_free_blob: kfree(blob); -e_unpin_memory: +e_put_pages: /* content of memory is updated, mark pages dirty */ for (i = 0; i < n; i++) { set_page_dirty_lock(pages[i]); mark_page_accessed(pages[i]); } - sev_unpin_memory(kvm, pages, n); + sev_memory_put_pages(kvm, pages, n); return ret; } @@ -1383,8 +1387,8 @@ static int sev_send_update_data(struct kvm *kvm, struct kvm_sev_cmd *argp) return -EINVAL; /* Pin guest memory */ - guest_page = sev_pin_memory(kvm, params.guest_uaddr & PAGE_MASK, - PAGE_SIZE, &n, 0); + guest_page = sev_memory_get_pages(kvm, params.guest_uaddr & PAGE_MASK, + PAGE_SIZE, &n, 0); if (IS_ERR(guest_page)) return PTR_ERR(guest_page); @@ -1392,7 +1396,7 @@ static int sev_send_update_data(struct kvm *kvm, struct kvm_sev_cmd *argp) ret = -ENOMEM; hdr = kzalloc(params.hdr_len, GFP_KERNEL_ACCOUNT); if (!hdr) - goto e_unpin; + goto e_put_pages; trans_data = kzalloc(params.trans_len, GFP_KERNEL_ACCOUNT); if (!trans_data) @@ -1431,8 +1435,8 @@ static int sev_send_update_data(struct kvm *kvm, struct kvm_sev_cmd *argp) kfree(trans_data); e_free_hdr: kfree(hdr); -e_unpin: - sev_unpin_memory(kvm, guest_page, n); +e_put_pages: + sev_memory_put_pages(kvm, guest_page, n); return ret; } @@ -1579,8 +1583,8 @@ static int sev_receive_update_data(struct kvm *kvm, struct kvm_sev_cmd *argp) data.trans_len = params.trans_len; /* Pin guest memory */ - guest_page = sev_pin_memory(kvm, params.guest_uaddr & PAGE_MASK, - PAGE_SIZE, &n, 1); + guest_page = sev_memory_get_pages(kvm, params.guest_uaddr & PAGE_MASK, + PAGE_SIZE, &n, 1); if (IS_ERR(guest_page)) { ret = PTR_ERR(guest_page); goto e_free_trans; @@ -1602,7 +1606,7 @@ static int sev_receive_update_data(struct kvm *kvm, struct kvm_sev_cmd *argp) ret = sev_issue_cmd(kvm, SEV_CMD_RECEIVE_UPDATE_DATA, &data, &argp->error); - sev_unpin_memory(kvm, guest_page, n); + sev_memory_put_pages(kvm, guest_page, n); e_free_trans: kfree(trans); @@ -2037,7 +2041,7 @@ int sev_mem_enc_register_region(struct kvm *kvm, return -ENOMEM; mutex_lock(&kvm->lock); - region->pages = sev_pin_memory(kvm, range->addr, range->size, ®ion->npages, 1); + region->pages = sev_memory_get_pages(kvm, range->addr, range->size, ®ion->npages, 1); if (IS_ERR(region->pages)) { ret = PTR_ERR(region->pages); mutex_unlock(&kvm->lock); @@ -2084,7 +2088,7 @@ find_enc_region(struct kvm *kvm, struct kvm_enc_region *range) static void __unregister_enc_region_locked(struct kvm *kvm, struct enc_region *region) { - sev_unpin_memory(kvm, region->pages, region->npages); + sev_memory_put_pages(kvm, region->pages, region->npages); list_del(®ion->list); kfree(region); } From patchwork Mon Feb 20 18:38:00 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59588 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1457732wrn; Mon, 20 Feb 2023 10:44:53 -0800 (PST) X-Google-Smtp-Source: AK7set+NlW4Wlo1+Kn2+iekSeosjvHtVA8/7lHQkugNsn5pYO9h6G5a5ALGTNd1swh9cbSXviEtP X-Received: by 2002:a17:903:2441:b0:199:a0c:1221 with SMTP id l1-20020a170903244100b001990a0c1221mr3078229pls.14.1676918693507; Mon, 20 Feb 2023 10:44:53 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676918693; cv=pass; d=google.com; s=arc-20160816; b=fHmdi262aiBYcSiBPG3aNLT7TA4Upu8WMAXSeGJ591x8NuRk+dDejn+Fhcnx9L4uN7 PhuNP6R63YX95xHwLk7YnN6iiNcs0DUo5X6feKB+UIFSzWFGU+rnpgRCLhmWlTmHMR+g EcBbOkVnS7FXq9rCV87x00RLn4sK21QtGem4FrnLWs+0pWfjY3YXB+MtG2yBco49xsF5 nV4Duj5G+pjrgK5khAhGy1q7svawiDY4iJlYZ1wwboZLfHSNSFRXwbdrPHLaS/J7Tizz KwgYlKc+4pSgpb/aCSBP3aZR/jPccNuqY3Qccmce105DFTWZyVX2rQZZcgdCTG9bekMu k4WQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=lbDYvgnjibN6bbVX25Ges497pkvaF/I6r86gcyyzOcs=; b=wljy73NaAMQHitzoDLGlkReLRga8TyraC29WYhy528Q7lK/E8YJFdzR2J2T3/AfYuu 7g+foSfSzBUCRK5wwEVwfM4Ii0MlOjGBgAUscQtn1Qrr4pEt++LUT/VLMiurIPMsnBID YaDsO6jw60dxYTITAxqrUrQ6BfREHF5YoO9zbWvVQFmZz93zCTM9kglAnLRTiHR6eDlG dtmtg/bLXhGfhBvs3YmjS902pjDwXIHdH9sXHtPqPvSd8fNokxGppUwPUfZ8Woa4ogdi GOhX0UiChqWPkupq14htLC6M3+4Mc0KWJehU8cCchA3fBXum/wQtjT1aaXTt3MMT8tcY v1eQ== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=zUJcm6Nk; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id x16-20020a170902ec9000b0019a5ba2d25esi11742572plg.321.2023.02.20.10.44.40; Mon, 20 Feb 2023 10:44:53 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=zUJcm6Nk; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232199AbjBTSj1 (ORCPT + 99 others); Mon, 20 Feb 2023 13:39:27 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47832 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231243AbjBTSjZ (ORCPT ); Mon, 20 Feb 2023 13:39:25 -0500 Received: from NAM04-BN8-obe.outbound.protection.outlook.com (mail-bn8nam04on2087.outbound.protection.outlook.com [40.107.100.87]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 319A31D93F; Mon, 20 Feb 2023 10:39:22 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=iElN+USAgO3JjSOrkjCCg/fCVBJtcrFDAmWOYxo03XXvv72go15Sp/0Xuh4aWuF/TXNLFldoMkYwmZEb07vMpzqKJvG8Q35YRzF8EIm+9JWdL91NLGq68CWe9mryTgd4EZlXd3EnKZE66/iDghF1yHbJUa75JmQcx2pDwa/JAQcX7YZjag2yy2jjgXQdmQBr7+4QIrKbuFKIyvj4VxwH57HND4zgQIqMkxZg3HC1kjBqJ9n5EaIpTYutT3Jg1q0uagfTdwgg2F65BnuUAfG8Xo1lxRxPKNDGbqx1SI8JC9WKUWeGI/UtKEsEDbw6MsupfxEZbdwyMR1sy6NgkdpWnQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=lbDYvgnjibN6bbVX25Ges497pkvaF/I6r86gcyyzOcs=; b=dLI9ZdHulMotsFmhYPTwRpqRmYfObhMlAc8b5e42b9jAOFhmsYXv3v23W+Nv3rHxoF8KJ+g/q5OmbvdExEc2mmR/6qsW2rqT6RONc2Kyi1JIN2lrTEuejmBLtEsvsu7tisGIkGJjObHw4uhHOmaQBvEamggZCC8J8ApqP9TXSSPraULqdXZjA7XUleL9U7N4OFkNxP+Zt3XB5AmpYedkP37I95253UrfrnaMmoGQqKF+dl3eBqYosTPbxShnLL9pXFolP+GEq6hSfSx0V726/VrJQbD2a7sziK501wNOtccIs7D0dTBxzoidRdSRc6kKFwQ9w1Rfpm3aHb//blintQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=lbDYvgnjibN6bbVX25Ges497pkvaF/I6r86gcyyzOcs=; b=zUJcm6NkCzRG5KKPRLozHXH0OJjKonvNo20u96nx96YDDChKBJMBX26iG9csuXrIARW3wKDnv34WSZBnzU8blZVXClvYEtbOXugcJQ4d/2+sDNQUx8i+facscmSuGQQ6loRAFMbCE6Y/bdfIIDX6ln7xvWIobbw5QBPjAx5Gwz8= Received: from DM6PR07CA0099.namprd07.prod.outlook.com (2603:10b6:5:337::32) by PH7PR12MB8040.namprd12.prod.outlook.com (2603:10b6:510:26b::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19; Mon, 20 Feb 2023 18:39:19 +0000 Received: from DM6NAM11FT048.eop-nam11.prod.protection.outlook.com (2603:10b6:5:337:cafe::49) by DM6PR07CA0099.outlook.office365.com (2603:10b6:5:337::32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:39:19 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT048.mail.protection.outlook.com (10.13.173.114) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.18 via Frontend Transport; Mon, 20 Feb 2023 18:39:19 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:39:18 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Nikunj A Dadhania Subject: [PATCH RFC v8 09/56] KVM: SEV: Handle memory backed by restricted memfd Date: Mon, 20 Feb 2023 12:38:00 -0600 Message-ID: <20230220183847.59159-10-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT048:EE_|PH7PR12MB8040:EE_ X-MS-Office365-Filtering-Correlation-Id: 64aba1fb-d7d5-4a20-7235-08db1371c71c X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: p1HFcRzjC8UsCHxJH/eHZjH9l7RPw1YuAzuH0HhTQp47HKk08alhnJsK3ViHtpDVuy+gA2AyYvfDF7cRzEfVuMRm5CCRv5H1JuqyIKi6DkkkVYlkzsdP/XhUkbj9AMv+uOwxc7603QkiokutWeTecEaPR8I3gc7LAKeucIQ77/TNKw9FrCHhJaRB83BBV5poUVMkHEDAFQwJ5rIg9kRzDgWyhGv4fV5wwKz5aXGTB30pQp6E5C8aLeISepvo+dcjs8Bt00zHl/M61Vl5pna3rg1IDkp98SQt0DKGvm17F1MNBjIbvo4QkfyIMNK6E2GmxJw5XRjPKo9hQ4YC9T8wmDuaqxI+854BaFplMD765EPDFw+jRPFvahL4ViHDMJaCks4dOk/MPNi4T44l/miAtVlLCogYFe/o49RYbnV69Xlp4/f30/eStCWfUjR4VuO/aZp6dh4Zx44DX8Fcao+JmlOjNhdt5j+ImNsotVaPnRTAxTpB89Q3Lqv6wwFQkvKhfrJFFGeV6zZqduuHbHFCOOcCOdsRTc+cAiQwbMBzBk/E7VJeye4R+dt2FGejhjDdmCklGKef7zVacxjOwlaHqAO6EQB+8UWX9EJ9pITBI6zGFC7QLXRs2wzemvOGCK56HKUogv9FTKwTbhnmf84C8W7ycdNAX/Iz3FV7m93lJ/jhKH8mOUthL2bany1/uh0Oqus5dPzvRIFhdbJ7lW6/h/eZqkJBFSzINXmia4s9Sm8= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(136003)(396003)(39860400002)(376002)(346002)(451199018)(46966006)(36840700001)(40470700004)(356005)(336012)(40460700003)(6916009)(83380400001)(54906003)(316002)(70586007)(70206006)(6666004)(8676002)(1076003)(2616005)(4326008)(41300700001)(8936002)(186003)(47076005)(26005)(16526019)(426003)(478600001)(36756003)(40480700001)(82310400005)(86362001)(82740400003)(2906002)(7416002)(7406005)(5660300002)(36860700001)(44832011)(81166007)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:39:19.5038 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 64aba1fb-d7d5-4a20-7235-08db1371c71c X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT048.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB8040 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758376695923230435?= X-GMAIL-MSGID: =?utf-8?q?1758376695923230435?= From: Nikunj A Dadhania Do not pin the guest memory backed by a restrictedmem backend, as pages in the restrictedmem are already pinned. Instead, populate the pages array for these guests using the already-pinned pages provided by restrictedmem backend. Signed-off-by: Nikunj A Dadhania Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 68 +++++++++++++++++++++++++++++++++++------- 1 file changed, 58 insertions(+), 10 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 523c78bbff3f..ad9b29ff4590 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -383,9 +383,46 @@ static int sev_launch_start(struct kvm *kvm, struct kvm_sev_cmd *argp) return ret; } +static int sev_private_mem_get_pages_handler(struct kvm *kvm, struct kvm_gfn_range *range, + void *data) +{ + struct kvm_memory_slot *memslot = range->slot; + struct page **pages = data; + int ret = 0, i = 0; + kvm_pfn_t pfn; + gfn_t gfn; + + for (gfn = range->start; gfn < range->end; gfn++) { + int order; + + ret = kvm_restrictedmem_get_pfn(memslot, gfn, &pfn, &order); + if (ret) + return ret; + + if (is_error_noslot_pfn(pfn)) + return -EFAULT; + + pages[i++] = pfn_to_page(pfn); + } + + return ret; +} + +static int sev_private_mem_get_pages(struct kvm *kvm, unsigned long addr, + unsigned long size, unsigned long npages, + struct page **pages) +{ + return kvm_vm_do_hva_range_op(kvm, addr, addr + size, + sev_private_mem_get_pages_handler, pages); +} + /* * Legacy SEV guest pin the pages and return the array populated with pinned * pages. + * + * SEV guests using restricted memfd backend, pages are already marked as + * unmovable and unevictable. Populate the pages array for these guests using + * restrictedmem get_pfn. */ static struct page **sev_memory_get_pages(struct kvm *kvm, unsigned long uaddr, unsigned long ulen, unsigned long *n, @@ -393,7 +430,7 @@ static struct page **sev_memory_get_pages(struct kvm *kvm, unsigned long uaddr, { struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; unsigned long npages, size; - int npinned; + int npinned = 0; unsigned long locked, lock_limit; struct page **pages; unsigned long first, last; @@ -429,16 +466,25 @@ static struct page **sev_memory_get_pages(struct kvm *kvm, unsigned long uaddr, if (!pages) return ERR_PTR(-ENOMEM); - /* Pin the user virtual address. */ - npinned = pin_user_pages_fast(uaddr, npages, write ? FOLL_WRITE : 0, pages); - if (npinned != npages) { - pr_err("SEV: Failure locking %lu pages.\n", npages); - ret = -ENOMEM; - goto err; + if (kvm_arch_has_private_mem(kvm)) { + /* Get the PFN from memfile */ + if (sev_private_mem_get_pages(kvm, uaddr, ulen, npages, pages)) { + pr_err("%s: ERROR: unable to find slot for uaddr %lx", __func__, uaddr); + ret = -ENOMEM; + goto err; + } + } else { + /* Pin the user virtual address. */ + npinned = pin_user_pages_fast(uaddr, npages, write ? FOLL_WRITE : 0, pages); + if (npinned != npages) { + pr_err("SEV: Failure locking %lu pages.\n", npages); + ret = -ENOMEM; + goto err; + } + sev->pages_locked = locked; } *n = npages; - sev->pages_locked = locked; return pages; @@ -455,9 +501,11 @@ static void sev_memory_put_pages(struct kvm *kvm, struct page **pages, { struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; - unpin_user_pages(pages, npages); + if (!kvm_arch_has_private_mem(kvm)) { + unpin_user_pages(pages, npages); + sev->pages_locked -= npages; + } kvfree(pages); - sev->pages_locked -= npages; } static void sev_clflush_pages(struct page *pages[], unsigned long npages) From patchwork Mon Feb 20 18:38:01 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59589 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1458560wrn; Mon, 20 Feb 2023 10:47:01 -0800 (PST) X-Google-Smtp-Source: AK7set/Xo7Ibesvgg0bsbbILmNpqMOR7LczHNfcjpVIMuMeku8/gzKOQk5woHu65OXysJ/Bacjo6 X-Received: by 2002:a05:6a20:1607:b0:bc:e785:5ad3 with SMTP id l7-20020a056a20160700b000bce7855ad3mr1237655pzj.29.1676918821162; Mon, 20 Feb 2023 10:47:01 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676918821; cv=pass; d=google.com; s=arc-20160816; b=Zrt6kLDyTZQeCcBhdMwwRV4G/XuQYOW4kDSslY9DIZ0tTezr/sVDdvJfXBTCqEx936 TF1fyQ95LHfKaRDygmqxMM76vCbCWR6LWm+zk6NoYpt7m+2kRZZoKX49o97LZlbaAQmk 9H6UvhJZ+dXEOkhsdmewGegfpaTdA6coMwkynEF5vT3nmENayw1iNOlZKKSAeWlSzVB7 oUpuLPjygpMdWITrHRSh1HRVa3tBPm262WH59SW9Gf1R65usNkMIDAClmKIcR/Xj79Ff aMN9iDfYFzEalT+wmsnTqbeNw4eApjtdaNCky1DeDS32HYFILMCT/CmfTjGKY0YP/G0y KR1w== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=ra8CnUkw+2suxZchTpOORUA7BAGVGNIxYd/fXKIHi3M=; b=KJ7tm1qGKeSIL+Qz0s5ITNXXbGJ2DjyRLofdZVXKxBvb95oNi9mTYuc1L6JZzUyoue yZLahcqOlyrTApruLe0OZRFLNfAck8JoDxBgxWFj6BDUX6Nkshluqp6UVqB7Xt27aoEz r4G0fayNTbQLaJvfbZKmPY0zA+bdO6OAJ61hwU+xiWg8oEhAyukIBCs1umlSia6RmXey PkOMMkG2SmtImN2ayHfCbnU8pb6bXJ5wOeGK2sVtkGaiWnaVOC3tMWYxTotuIjoP7do6 9PcQWghv0SLDa5DezYrqhFLx7F+jAptFd+qU3IfB4OcFgCnEgbvmiaFO6QqVorwQNrTe nWMQ== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=cWbCDjzM; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id q195-20020a632acc000000b004fbd48c1b8esi5277961pgq.153.2023.02.20.10.46.47; Mon, 20 Feb 2023 10:47:01 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=cWbCDjzM; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232444AbjBTSjz (ORCPT + 99 others); Mon, 20 Feb 2023 13:39:55 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48340 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232410AbjBTSjx (ORCPT ); Mon, 20 Feb 2023 13:39:53 -0500 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2072.outbound.protection.outlook.com [40.107.94.72]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 631321D93F; Mon, 20 Feb 2023 10:39:44 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=arEPh193fPXgsvYvBEQCLQgNx6y5jXTpTzjQ3xLLXWbGK385s851WtndRuXxGTpYylDtSUZAyUB7x7yjlfDuUOR3MXAjeXY7DdT96V7sLH7pywSGSuGcYJF/70uJWPLhMVG1w8jo6Djri0A7nxA8oANuoInYTURqvKLzkT9U9eKdaQMjFn/MRJPYYz/yDx2+mP7vKPg1+Ie96lyoW2jdb8w6Rull+va2PjiHmr/ZlhiZFv1/IlYKVcYe06tjQ74coxeJcFCXKfUuipwAJl1c9BLVSUqtpoHoNCiy4W0mvthwj/SVW6UdELpi95aBT2EWWFYQWOEJjLeaYCaRDoIcjA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ra8CnUkw+2suxZchTpOORUA7BAGVGNIxYd/fXKIHi3M=; b=E1V0m2GIURU1EofIgTVerTrM6ffangeTXlFKto94R1Ie8dLkGFOjH5pniN44uHb6S9Um+YdCAXaG8PvyVv9YBHj3XW7uJfOrafnRG56jI4kcACD5CgZdY+wv8L9E66sm88GvVYANHyULp5lH2U5K6ao0OQcwKPMxUwyzSkjkyKYCLlZWvBoADrllBQDVyYVz2V+O0IY+1W8YvvO1IJCUPS0GuBqvftZl0aKW9vnGN8lhyMO/Xx6zpAZxRMAJ052E4bmwWsZllneE5os3N13cp67E4fkgxsySpIzw2v+wIrg/M+awpbmX6A3h+aFFie+jWu86KSQzovbtxt0/aOHQJg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ra8CnUkw+2suxZchTpOORUA7BAGVGNIxYd/fXKIHi3M=; b=cWbCDjzMeSDN/M3kpbS0RSgePhAOFIc2NfhJWtfsxhLXvVmeLtSuihWsY9BlKi/ti5Xn+pKlu8kBFaWB1yZDhZGGPXQ1HYUnue85EnmH+MQPWwm343M5U2ujhAEB21f+MyN7UBK1yJZ8KgmiVTG9VWb7JwhTloVgO/VV/m2Uwp4= Received: from DM6PR06CA0022.namprd06.prod.outlook.com (2603:10b6:5:120::35) by PH7PR12MB5688.namprd12.prod.outlook.com (2603:10b6:510:130::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.18; Mon, 20 Feb 2023 18:39:41 +0000 Received: from DM6NAM11FT061.eop-nam11.prod.protection.outlook.com (2603:10b6:5:120:cafe::45) by DM6PR06CA0022.outlook.office365.com (2603:10b6:5:120::35) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:39:41 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT061.mail.protection.outlook.com (10.13.173.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:39:40 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:39:39 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh , "Jarkko Sakkinen" , Ashish Kalra Subject: [PATCH RFC v8 10/56] x86/cpufeatures: Add SEV-SNP CPU feature Date: Mon, 20 Feb 2023 12:38:01 -0600 Message-ID: <20230220183847.59159-11-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT061:EE_|PH7PR12MB5688:EE_ X-MS-Office365-Filtering-Correlation-Id: 8f594371-5424-413e-0ee1-08db1371d3a3 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: oF9pCQMVF1Lr0k7eEiVoJ6GePUsqeDRJfyU7UIQ5u5yVNUWKxc8z3O2KCYb9qAXpPorpqIqd/WsfgWKMX1B/TU4C367WmaO0XhPHmQpqmgxeu09P5p8uXUxNs6A/B/SaN5/J49BPKNKkeWhU+YJWO6E/cK+cOJCuxOpoUEqVV0jowDma0XRqQC3s4SlhLjvZ4okAYaYUq38JG6WC3YhDMIJAGTr2LN5kXxPSevALhW8UpzplWKE5sDSoNrpCEMMmgHlqD1G/qNkqhFbmP51M75g6MZ65EnPqfb0UpimyPLwfDxogS0YuebeIBxgns3j7DlJJJkN8mcY9VpO+Ix7sJaMheF6ZAWxwf7o5nLCZj2gR/BCo9Y779gSZpbDlTf8FvJAX/B+1Lt/xWuoAE6b8Hc1sINw8p3bMwMeKkE19+9tDYsEqNpoZ/KwuJ2vpD+nfGwW71wXIApx3EX4y7T4HhUmoWr3c7FI9M3OGDt4pXjWp2VNhS2jsSO/ks/YeuzJY/zT0yeIKg4Tfpx5bF/btktJsv5a1gB8sJ8bvmA7mqYk/tMFyZKtPZDd0hjS9BKJkWNPGKgVi0AKgvsjjhaQUmg4by4LdmyWb4wTLXkqXS5l/jvEbKzJwjUQ9HKdbnm4ca1U6IriMqglOE2XIskcg2nTXVult301WkXEJSXg++AwKoas5ZkfhqUyj1NxAbSUkUC9IDh0x6R5c5u8odSkGDZfvudY/NC8i2FeXujqNnZw= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(376002)(39860400002)(396003)(346002)(136003)(451199018)(46966006)(40470700004)(36840700001)(356005)(82310400005)(40480700001)(40460700003)(36756003)(86362001)(83380400001)(478600001)(47076005)(54906003)(316002)(426003)(26005)(6666004)(186003)(16526019)(2616005)(36860700001)(44832011)(5660300002)(7406005)(7416002)(1076003)(82740400003)(336012)(2906002)(70206006)(81166007)(8676002)(6916009)(41300700001)(4326008)(70586007)(8936002)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:39:40.5186 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 8f594371-5424-413e-0ee1-08db1371d3a3 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT061.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB5688 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758376829729653742?= X-GMAIL-MSGID: =?utf-8?q?1758376829729653742?= From: Brijesh Singh Add CPU feature detection for Secure Encrypted Virtualization with Secure Nested Paging. This feature adds a strong memory integrity protection to help prevent malicious hypervisor-based attacks like data replay, memory re-mapping, and more. Signed-off-by: Brijesh Singh Signed-off-by: Jarkko Sakkinen Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- arch/x86/include/asm/cpufeatures.h | 1 + arch/x86/kernel/cpu/amd.c | 5 +++-- tools/arch/x86/include/asm/cpufeatures.h | 1 + 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h index 1419c4e04d45..480b4eaef310 100644 --- a/arch/x86/include/asm/cpufeatures.h +++ b/arch/x86/include/asm/cpufeatures.h @@ -420,6 +420,7 @@ #define X86_FEATURE_SEV (19*32+ 1) /* AMD Secure Encrypted Virtualization */ #define X86_FEATURE_VM_PAGE_FLUSH (19*32+ 2) /* "" VM Page Flush MSR is supported */ #define X86_FEATURE_SEV_ES (19*32+ 3) /* AMD Secure Encrypted Virtualization - Encrypted State */ +#define X86_FEATURE_SEV_SNP (19*32+ 4) /* AMD Secure Encrypted Virtualization - Secure Nested Paging */ #define X86_FEATURE_V_TSC_AUX (19*32+ 9) /* "" Virtual TSC_AUX */ #define X86_FEATURE_SME_COHERENT (19*32+10) /* "" AMD hardware-enforced cache coherency */ diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c index 860b60273df3..c7884198ad5b 100644 --- a/arch/x86/kernel/cpu/amd.c +++ b/arch/x86/kernel/cpu/amd.c @@ -558,8 +558,8 @@ static void early_detect_mem_encrypt(struct cpuinfo_x86 *c) * SME feature (set in scattered.c). * If the kernel has not enabled SME via any means then * don't advertise the SME feature. - * For SEV: If BIOS has not enabled SEV then don't advertise the - * SEV and SEV_ES feature (set in scattered.c). + * For SEV: If BIOS has not enabled SEV then don't advertise SEV and + * any additional functionality based on it. * * In all cases, since support for SME and SEV requires long mode, * don't advertise the feature under CONFIG_X86_32. @@ -594,6 +594,7 @@ static void early_detect_mem_encrypt(struct cpuinfo_x86 *c) clear_sev: setup_clear_cpu_cap(X86_FEATURE_SEV); setup_clear_cpu_cap(X86_FEATURE_SEV_ES); + setup_clear_cpu_cap(X86_FEATURE_SEV_SNP); } } diff --git a/tools/arch/x86/include/asm/cpufeatures.h b/tools/arch/x86/include/asm/cpufeatures.h index b71f4f2ecdd5..e81606fcd2ab 100644 --- a/tools/arch/x86/include/asm/cpufeatures.h +++ b/tools/arch/x86/include/asm/cpufeatures.h @@ -417,6 +417,7 @@ #define X86_FEATURE_SEV (19*32+ 1) /* AMD Secure Encrypted Virtualization */ #define X86_FEATURE_VM_PAGE_FLUSH (19*32+ 2) /* "" VM Page Flush MSR is supported */ #define X86_FEATURE_SEV_ES (19*32+ 3) /* AMD Secure Encrypted Virtualization - Encrypted State */ +#define X86_FEATURE_SEV_SNP (19*32+ 4) /* AMD Secure Encrypted Virtualization - Secure Nested Paging */ #define X86_FEATURE_V_TSC_AUX (19*32+ 9) /* "" Virtual TSC_AUX */ #define X86_FEATURE_SME_COHERENT (19*32+10) /* "" AMD hardware-enforced cache coherency */ From patchwork Mon Feb 20 18:38:02 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59590 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1458920wrn; Mon, 20 Feb 2023 10:48:03 -0800 (PST) X-Google-Smtp-Source: AK7set/0xda83TkXI7/LMholSOriKpT2hHsIKPOJR8Qd0fZ0m4Ud1v9aS0+DAx/IAJwzvV2rOU+W X-Received: by 2002:a17:903:5c4:b0:19a:b9a8:3fbe with SMTP id kf4-20020a17090305c400b0019ab9a83fbemr1177884plb.48.1676918882861; Mon, 20 Feb 2023 10:48:02 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676918882; cv=pass; d=google.com; s=arc-20160816; b=Jjw+JGoJAINlRkf74vwSPO/ex+6npT3TPKzOpEOPmxYD8dyQ+Gpo+af2tQi62cz/Fo haWsj56ss8l1Neg+8wSezj5OZMnn7OWttJH1QdaL497gJ0MJJk7btw2KnboHOYBZ1u6s bCXQ2Z8ndWn0sSakgAIYrh6KIXZggG1ASFc49a7cnicUqTzxJg7ahaBnzUFrj0tx6xro zW9A2sQWFVIcvHXha7n2zBJubqg+fBXpVYEghpaslWiF3fr9I5u0I+7eO69FOVOytlJ2 FVBlz1STCFG7oORGrhvGZ+u10ov/RDnI5Z+k7BVRzthVPv+KwkyJosYDU/6jSoLAgPFm iuiQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=1VCT0diDUuBiNxbQj4irtCaHwl+/vl5tfhPxGNP0oDs=; b=0HGtcye//h3cfDYzIWjJ0g4UMaJEBT2TuUsWbwvBjrpzLMD6uKKTFEQTrqqcGwr0nh z88ftZnP/3jpcEmWnrP3UvcIgtVg6zWv/5NVqjFvmB6JL70C/RyMQeEudb6tBP+xc6Jl NtpAnkyqwsAqZJZ1buvX39vUT9f1qY8FQtHqHBxPuwD+neDDoMJlIfgDRmRGNdl2/58F 8XALsbx1JvByd4H0O2fqzrBHYNKvaSGjTlDX409/eFRhkZXTN73MeaK3Y/Zu9g+n5r6R FeUqB9c77zH/xqY0NcLBdvQQ34SZdR6MVbfmltme0npYXBO5JGsorsm+avHPZeLTVVDK eW0Q== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=rJy62BWV; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id j1-20020a170902da8100b00189b59ea8a4si12120967plx.358.2023.02.20.10.47.50; Mon, 20 Feb 2023 10:48:02 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=rJy62BWV; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232532AbjBTSks (ORCPT + 99 others); Mon, 20 Feb 2023 13:40:48 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49330 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232410AbjBTSkq (ORCPT ); Mon, 20 Feb 2023 13:40:46 -0500 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2054.outbound.protection.outlook.com [40.107.94.54]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2A309212AC; Mon, 20 Feb 2023 10:40:27 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=NlUNlkge1EIgxPPpvhKbOAmPUspaieyUmK0B0rDURF0FnRV5rywRzqVtLUEbdLVk6W5r7wTdPjwvvSWHeJGO1LYA31cXErz9vdIhOVr1aIvU8Fr/IY64GV9W3AuqNYhN32it3KcAg+9ATR5Jh6CjylUif3ZFCIhGYy2CE6dtsWl6paGojyMW6u6MRH0FkPAfugeFZW7CbgyA6QxFwE67Y+uk1yP+eAMXbYbski+sOFukBmEkZiSWmcOglBRMDYMPExvb9F5w5kji+qUJWDa3X5NvLFI4LknuXiy+EcMIRwA7sHvhA/hum14U9XsdD/qXeDsAvGPZZz0oV0pee6ABUg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=1VCT0diDUuBiNxbQj4irtCaHwl+/vl5tfhPxGNP0oDs=; b=WPxPjn5cCNTUJuH5Ybp1XuTSvNmmPf1CpCyN58t1dDVcZcM4sq5WZdkLVIMQEM7vXeSfZi912enpbul0k1INLTvglFybITjVs9S3xd6OHj/ebtVhzlZTeChNZNIxbhDCqmIRs1nuLtJMM4wFr5ebI+p/7Tkp9RwKZkeEhAOu106y/H1cQR/4hfpuc9EkTrqQDWFXRWk2+L4yWNXR5sOdHCYPjTXwKNyOv+qNceIv/nsOySfp/y/rpEIvB8sYTGiN0oAOC892W4m48f5RTIQLUtQEv4VKHiZ5pgRIOjCV+5S8TcZ8K5ENloBLzu1yX/I7D/vwrxvfzWSdlaioMP+0WQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1VCT0diDUuBiNxbQj4irtCaHwl+/vl5tfhPxGNP0oDs=; b=rJy62BWVS/4DNR4nMSvcxZEkS61bIBxgm0d7KgSJ5zrRXngl4Z6SzzZRvg/qN8lQyR28GR1DOW3zPq9w7V8zVSyLcyXxmkhxZKFugDyZd2/ywBgP2RIO9TdcUclXV4f/NfUs59hGrjVdpBaxESflOnCGptMFtlr/FXzWfhVYcLs= Received: from DM6PR03CA0087.namprd03.prod.outlook.com (2603:10b6:5:333::20) by PH8PR12MB7208.namprd12.prod.outlook.com (2603:10b6:510:224::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19; Mon, 20 Feb 2023 18:40:22 +0000 Received: from DM6NAM11FT016.eop-nam11.prod.protection.outlook.com (2603:10b6:5:333:cafe::64) by DM6PR03CA0087.outlook.office365.com (2603:10b6:5:333::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:40:22 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT016.mail.protection.outlook.com (10.13.173.139) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.19 via Frontend Transport; Mon, 20 Feb 2023 18:40:22 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:40:21 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH RFC v8 11/56] x86/sev: Add the host SEV-SNP initialization support Date: Mon, 20 Feb 2023 12:38:02 -0600 Message-ID: <20230220183847.59159-12-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT016:EE_|PH8PR12MB7208:EE_ X-MS-Office365-Filtering-Correlation-Id: e0a1d5b7-efbc-41a0-6f29-08db1371ecaa X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: AorAVHYxkAKOEYDG6S8s/Oq1bZm6MfoKO5Gabd51zyjIGK//ljU+ywaPeR3USqAwzSBqxEAcZWjXh9yaZ42+Lxj7UPAAl6L7DxG4Ix8+LAyYkV5vXsH7WbovSfPrBNYj17/Q8r99PuNx4CBzt/FbE1HbWya/o+CmZoNelmzU/m9g5lUIgnSJTQ5Q1SRhGfW78t1L5EZxVEWPe5VxBkGb1N0/vQGQaTae79khb5Fe+7NhU5PVAoI9+ULHnUl5HQwo4AOZYipvj7y4QJLeGfWmUoFOl2VgryUtCxb8rn9ABHnI568QgMKf66s/V8ZXO9bL3p0w5fGjXL0+hWLRp/ksqTkwqVMm/dSBcvCnAcnwtkL7xKY5rWct6+n6pYO1GiUXYX8DJhEuIlo1naLTOX03u3vrbTj7tybztPuaG+hYPaMdthvqnu8RrO+LDPFelXkl2IAOWYiGIVp7BrLEyzuzwlHlMzBvBRIOt7HgUr4AIQEm879pNhkXAn3A9D4n828FIrOxIyYFuEngNgsFs6R+RQ77dY84GzGV229U82eu7f02xVSSLVjEEKJK69D2jXu2XBGPrUO7styNw3Yq95a8/eL3nyqpFb9c1ygZ5IVAdxgtJJZmEzSnVilCNMvTcJRK6wx/QRzGVD0rB+JWW8E/ILDsoHkJmkHnGYBEIalDwvHqygTNCBZbBN3ETLXyftxGWeCBc8rrz0MWOmhIwmAA1iLrKBtA/IACDHJ8s6UJ0jc= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(396003)(39860400002)(136003)(346002)(376002)(451199018)(46966006)(36840700001)(40470700004)(40460700003)(47076005)(36756003)(6666004)(8676002)(1076003)(478600001)(2616005)(336012)(186003)(54906003)(26005)(316002)(41300700001)(70586007)(4326008)(44832011)(16526019)(70206006)(5660300002)(81166007)(7406005)(7416002)(82740400003)(36860700001)(8936002)(82310400005)(2906002)(356005)(40480700001)(86362001)(426003)(83380400001)(6916009)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:40:22.5100 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: e0a1d5b7-efbc-41a0-6f29-08db1371ecaa X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT016.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH8PR12MB7208 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758376894607866928?= X-GMAIL-MSGID: =?utf-8?q?1758376894607866928?= From: Brijesh Singh The memory integrity guarantees of SEV-SNP are enforced through a new structure called the Reverse Map Table (RMP). The RMP is a single data structure shared across the system that contains one entry for every 4K page of DRAM that may be used by SEV-SNP VMs. The goal of RMP is to track the owner of each page of memory. Pages of memory can be owned by the hypervisor, owned by a specific VM or owned by the AMD-SP. See APM2 section 15.36.3 for more detail on RMP. The RMP table is used to enforce access control to memory. The table itself is not directly writable by the software. New CPU instructions (RMPUPDATE, PVALIDATE, RMPADJUST) are used to manipulate the RMP entries. Based on the platform configuration, the BIOS reserves the memory used for the RMP table. The start and end address of the RMP table must be queried by reading the RMP_BASE and RMP_END MSRs. If the RMP_BASE and RMP_END are not set then disable the SEV-SNP feature. The SEV-SNP feature is enabled only after the RMP table is successfully initialized. Also set SYSCFG.MFMD when enabling SNP as SEV-SNP FW >= 1.51 requires that SYSCFG.MFMD must be se RMP table entry format is non-architectural and it can vary by processor and is defined by the PPR. Restrict SNP support on the known CPU model and family for which the RMP table entry format is currently defined for. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- arch/x86/include/asm/disabled-features.h | 8 +- arch/x86/include/asm/msr-index.h | 11 +- arch/x86/kernel/sev.c | 175 +++++++++++++++++++++++ 3 files changed, 192 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/disabled-features.h b/arch/x86/include/asm/disabled-features.h index 33d2cd04d254..9b5a2cc8064a 100644 --- a/arch/x86/include/asm/disabled-features.h +++ b/arch/x86/include/asm/disabled-features.h @@ -87,6 +87,12 @@ # define DISABLE_TDX_GUEST (1 << (X86_FEATURE_TDX_GUEST & 31)) #endif +#ifdef CONFIG_AMD_MEM_ENCRYPT +# define DISABLE_SEV_SNP 0 +#else +# define DISABLE_SEV_SNP (1 << (X86_FEATURE_SEV_SNP & 31)) +#endif + /* * Make sure to add features to the correct mask */ @@ -110,7 +116,7 @@ DISABLE_ENQCMD) #define DISABLED_MASK17 0 #define DISABLED_MASK18 0 -#define DISABLED_MASK19 0 +#define DISABLED_MASK19 (DISABLE_SEV_SNP) #define DISABLED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 20) #endif /* _ASM_X86_DISABLED_FEATURES_H */ diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-index.h index 10ac52705892..35100c630617 100644 --- a/arch/x86/include/asm/msr-index.h +++ b/arch/x86/include/asm/msr-index.h @@ -565,6 +565,8 @@ #define MSR_AMD64_SEV_ENABLED BIT_ULL(MSR_AMD64_SEV_ENABLED_BIT) #define MSR_AMD64_SEV_ES_ENABLED BIT_ULL(MSR_AMD64_SEV_ES_ENABLED_BIT) #define MSR_AMD64_SEV_SNP_ENABLED BIT_ULL(MSR_AMD64_SEV_SNP_ENABLED_BIT) +#define MSR_AMD64_RMP_BASE 0xc0010132 +#define MSR_AMD64_RMP_END 0xc0010133 #define MSR_AMD64_VIRT_SPEC_CTRL 0xc001011f @@ -649,7 +651,14 @@ #define MSR_K8_TOP_MEM2 0xc001001d #define MSR_AMD64_SYSCFG 0xc0010010 #define MSR_AMD64_SYSCFG_MEM_ENCRYPT_BIT 23 -#define MSR_AMD64_SYSCFG_MEM_ENCRYPT BIT_ULL(MSR_AMD64_SYSCFG_MEM_ENCRYPT_BIT) +#define MSR_AMD64_SYSCFG_MEM_ENCRYPT BIT_ULL(MSR_AMD64_SYSCFG_MEM_ENCRYPT_BIT) +#define MSR_AMD64_SYSCFG_SNP_EN_BIT 24 +#define MSR_AMD64_SYSCFG_SNP_EN BIT_ULL(MSR_AMD64_SYSCFG_SNP_EN_BIT) +#define MSR_AMD64_SYSCFG_SNP_VMPL_EN_BIT 25 +#define MSR_AMD64_SYSCFG_SNP_VMPL_EN BIT_ULL(MSR_AMD64_SYSCFG_SNP_VMPL_EN_BIT) +#define MSR_AMD64_SYSCFG_MFDM_BIT 19 +#define MSR_AMD64_SYSCFG_MFDM BIT_ULL(MSR_AMD64_SYSCFG_MFDM_BIT) + #define MSR_K8_INT_PENDING_MSG 0xc0010055 /* C1E active bits in int pending message */ #define K8_INTP_C1E_ACTIVE_MASK 0x18000000 diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index a428c62330d3..e54e412c9916 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -22,6 +22,9 @@ #include #include #include +#include +#include +#include #include #include @@ -38,6 +41,7 @@ #include #include #include +#include #define DR7_RESET_VALUE 0x400 @@ -57,6 +61,12 @@ #define AP_INIT_CR0_DEFAULT 0x60000010 #define AP_INIT_MXCSR_DEFAULT 0x1f80 +/* + * The first 16KB from the RMP_BASE is used by the processor for the + * bookkeeping, the range needs to be added during the RMP entry lookup. + */ +#define RMPTABLE_CPU_BOOKKEEPING_SZ 0x4000 + /* For early boot hypervisor communication in SEV-ES enabled guests */ static struct ghcb boot_ghcb_page __bss_decrypted __aligned(PAGE_SIZE); @@ -69,6 +79,9 @@ static struct ghcb *boot_ghcb __section(".data"); /* Bitmap of SEV features supported by the hypervisor */ static u64 sev_hv_features __ro_after_init; +static unsigned long rmptable_start __ro_after_init; +static unsigned long rmptable_end __ro_after_init; + /* #VC handler runtime per-CPU data */ struct sev_es_runtime_data { struct ghcb ghcb_page; @@ -2260,3 +2273,165 @@ static int __init snp_init_platform_device(void) return 0; } device_initcall(snp_init_platform_device); + +#undef pr_fmt +#define pr_fmt(fmt) "SEV-SNP: " fmt + +static int __mfd_enable(unsigned int cpu) +{ + u64 val; + + if (!cpu_feature_enabled(X86_FEATURE_SEV_SNP)) + return 0; + + rdmsrl(MSR_AMD64_SYSCFG, val); + + val |= MSR_AMD64_SYSCFG_MFDM; + + wrmsrl(MSR_AMD64_SYSCFG, val); + + return 0; +} + +static __init void mfd_enable(void *arg) +{ + __mfd_enable(smp_processor_id()); +} + +static int __snp_enable(unsigned int cpu) +{ + u64 val; + + if (!cpu_feature_enabled(X86_FEATURE_SEV_SNP)) + return 0; + + rdmsrl(MSR_AMD64_SYSCFG, val); + + val |= MSR_AMD64_SYSCFG_SNP_EN; + val |= MSR_AMD64_SYSCFG_SNP_VMPL_EN; + + wrmsrl(MSR_AMD64_SYSCFG, val); + + return 0; +} + +static __init void snp_enable(void *arg) +{ + __snp_enable(smp_processor_id()); +} + +static bool get_rmptable_info(u64 *start, u64 *len) +{ + u64 calc_rmp_sz, rmp_sz, rmp_base, rmp_end; + + rdmsrl(MSR_AMD64_RMP_BASE, rmp_base); + rdmsrl(MSR_AMD64_RMP_END, rmp_end); + + if (!rmp_base || !rmp_end) { + pr_err("Memory for the RMP table has not been reserved by BIOS\n"); + return false; + } + + rmp_sz = rmp_end - rmp_base + 1; + + /* + * Calculate the amount the memory that must be reserved by the BIOS to + * address the whole RAM. The reserved memory should also cover the + * RMP table itself. + */ + calc_rmp_sz = (((rmp_sz >> PAGE_SHIFT) + totalram_pages()) << 4) + + RMPTABLE_CPU_BOOKKEEPING_SZ; + + if (calc_rmp_sz > rmp_sz) { + pr_err("Memory reserved for the RMP table does not cover full system RAM (expected 0x%llx got 0x%llx)\n", + calc_rmp_sz, rmp_sz); + return false; + } + + *start = rmp_base; + *len = rmp_sz; + + pr_info("RMP table physical address [0x%016llx - 0x%016llx]\n", rmp_base, rmp_end); + + return true; +} + +static __init int snp_rmptable_init(void) +{ + u64 rmp_base, sz; + void *start; + u64 val; + + if (!get_rmptable_info(&rmp_base, &sz)) + return 1; + + start = memremap(rmp_base, sz, MEMREMAP_WB); + if (!start) { + pr_err("Failed to map RMP table addr 0x%llx size 0x%llx\n", rmp_base, sz); + return 1; + } + + /* + * Check if SEV-SNP is already enabled, this can happen in case of + * kexec boot. + */ + rdmsrl(MSR_AMD64_SYSCFG, val); + if (val & MSR_AMD64_SYSCFG_SNP_EN) + goto skip_enable; + + memset(start, 0, sz); + + /* Flush the caches to ensure that data is written before SNP is enabled. */ + wbinvd_on_all_cpus(); + + /* MFDM must be enabled on all the CPUs prior to enabling SNP. */ + on_each_cpu(mfd_enable, NULL, 1); + + /* Enable SNP on all CPUs. */ + on_each_cpu(snp_enable, NULL, 1); + +skip_enable: + rmptable_start = (unsigned long)start; + rmptable_end = rmptable_start + sz - 1; + + return 0; +} + +static int __init snp_host_init(void) +{ + if (!cpu_feature_enabled(X86_FEATURE_SEV_SNP)) + return 0; + + /* + * RMP table entry format is not architectural and it can vary by processor and + * is defined by the per-processor PPR. Restrict SNP support on the known CPU + * model and family for which the RMP table entry format is currently defined for. + */ + if (boot_cpu_data.x86 != 0x19 || boot_cpu_data.x86_model > 0xaf) + goto nosnp; + + if (amd_iommu_snp_enable()) + goto nosnp; + + if (snp_rmptable_init()) + goto nosnp; + + cpuhp_setup_state(CPUHP_AP_ONLINE_DYN, "x86/rmptable_init:online", __snp_enable, NULL); + + return 0; + +nosnp: + setup_clear_cpu_cap(X86_FEATURE_SEV_SNP); + return -ENODEV; +} + +/* + * This must be called after the PCI subsystem. This is because amd_iommu_snp_enable() + * is called to ensure the IOMMU supports the SEV-SNP feature, which can only be + * called after subsys_initcall(). + * + * NOTE: IOMMU is enforced by SNP to ensure that hypervisor cannot program DMA + * directly into guest private memory. In case of SNP, the IOMMU ensures that + * the page(s) used for DMA are hypervisor owned. + */ +fs_initcall(snp_host_init); From patchwork Mon Feb 20 18:38:03 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59591 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1459674wrn; Mon, 20 Feb 2023 10:50:18 -0800 (PST) X-Google-Smtp-Source: AK7set+xVMKW4TblZnYK84tMQ5LZbPQFAF/Dx8dSvWrArY9yaChHVI/Ysi3G/Us9iLIz2lkYaqUo X-Received: by 2002:a17:906:fcd5:b0:8b1:81eb:158f with SMTP id qx21-20020a170906fcd500b008b181eb158fmr13641335ejb.62.1676919018675; Mon, 20 Feb 2023 10:50:18 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919018; cv=pass; d=google.com; s=arc-20160816; b=qcI17I27B6c9eTaP5tkHwxEktUI12VxeASEExWEB9TY48hz9lkTWWFp4I9cx7e3lpX UiVfVc31qbawEenvoWBhNgTRNlKv4LxigQnofx2r0L9TkpyRi56gSDxjYnU5tMEmg6Ci D2/+PJXve6u9WYflLuw+1/rniOyjbhlK0BsgfeTho1UOvdEThKIEFu3c7T/qjgtEgzKx tQs07HBR3YVTbQpUgnzQbaNexs/7LnQ/HhP5cb7JoQiDCqO7TpGDvh/KiEgYc3uEr2Ua levyvfDZTNIBZkglGSPUysHDNorXTUzF5NZsh7hCfgbfmftJXAeW9FlCv8ZuOp9/QJ15 Ljpw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=PyENLFIa0rQ2Wtg5Iei7J7RXR143JffNAsYZ2SlRxIs=; b=SYcvNpp0X/rHCPbZ/9oL0MSbUVTE1yfbkyL6pOBslI8YAZdrGprgkVX22MqR8tCm8L 3HQrZ4Y9eFfvO1/yJev/AGFMCGVzZKO/BeyZY1z0DxB/Nj95t9bUW/k7GRJV18B098Ng upblfCPZ6l81OJ8Qwm34iBkKVyrQ9wJr4WE6KfZkA6eejpN1NmPBzWD+yGDePKOZSgoS ugrlDcrDX0TuqV2Ohvf5mPHI//smO0byuCVXUjqwiugCKLGhc4EtpiaPByP/13LjAENf XIKmlCyviZX8WjOY9kFMGyN43cQS9fQ/UsFcOlOC8L6oOcuWwhYCDT6lVSGCATqSmwUC yBlQ== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=lM6emfzz; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id s18-20020a170906221200b008b17e21e082si15693638ejs.295.2023.02.20.10.49.54; Mon, 20 Feb 2023 10:50:18 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=lM6emfzz; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232574AbjBTSop (ORCPT + 99 others); Mon, 20 Feb 2023 13:44:45 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52784 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230076AbjBTSom (ORCPT ); Mon, 20 Feb 2023 13:44:42 -0500 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2040.outbound.protection.outlook.com [40.107.236.40]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9C7911E2A5; Mon, 20 Feb 2023 10:44:40 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=eCbQyQqF6a+KBoc1ykyWOG211hV4H1ndN41W5pOqJhLBIJj6eRHSsR04flIYPylO/dH8yvVutktMGxE8cG/lpS0/RXW5ZLtrEPhIp56xbrVdvW6cjF6UHUZ0XD+ozhI+L05ep0h/AW+UIjEI8rDYeMNl+qRxc2dnGlKAh3JcsJClwUc1sXZu+/tpuV1UhXUC0xYBE7igXwUrPL3kifs6zNlDy9M+2/5hI/bm05g3Bp74vCKZwI/0/DMbkgm5mi1+IopHI2+BuBRERJjh4QfYJIBglpZIfogo7O0aYOEEpR0atZlx3tzXMf9sJG/ubkqq4vqhAlZQHTdXPXvQudbJVg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=PyENLFIa0rQ2Wtg5Iei7J7RXR143JffNAsYZ2SlRxIs=; b=OlSQvEO93n80019jyLJ6lYtZ0urD31oAprmPIT1xD+nJqwYoB+TblLlez4xh72+Zb99WzUhW75ZMx37hM204CINgwE8U/K5BKY7wvAocoHrzQ8mOv8+C4ibMQyON2cKsjjQatu8DpA9BRBUsHCFGGp/EbfAC+h47LG/ZwD/kNFPZE7sXAebaFJqZY2sLTDF3/eRAqMnsBpzo0LWnb6F1qLrDlsQagH4TJ7gKacL+AEhU6p+qt+RTPs7S0/e2Nd2jC3GpTC/1Gkvjz9EjFvwwRLlE64nC+f4VxOkSu/zboOEdRhmehTZ3UWALlv6a/tbNDE7SspREjiOnRi4OfqqUEg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=PyENLFIa0rQ2Wtg5Iei7J7RXR143JffNAsYZ2SlRxIs=; b=lM6emfzzp7OKNY/Jwv5svpD1nZMjgdkGKkRU8LndYmpk/iOnhCWj3YklsH6+c1wdN6avC/oggMd22ZNBFD96xtsyY3R6woDN4lMHsWagCmd3l1XEsErb5yVMCK/OEHvrn+WIzKjeE0J9Vu3Pmvfz4Bns9/z1v21KMY4q9c4msA0= Received: from DS7PR03CA0055.namprd03.prod.outlook.com (2603:10b6:5:3b5::30) by DM6PR12MB4140.namprd12.prod.outlook.com (2603:10b6:5:221::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19; Mon, 20 Feb 2023 18:44:35 +0000 Received: from DM6NAM11FT101.eop-nam11.prod.protection.outlook.com (2603:10b6:5:3b5:cafe::f8) by DS7PR03CA0055.outlook.office365.com (2603:10b6:5:3b5::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:44:35 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT101.mail.protection.outlook.com (10.13.172.208) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.21 via Frontend Transport; Mon, 20 Feb 2023 18:44:35 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:44:34 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH RFC v8 12/56] x86/sev: Add RMP entry lookup helpers Date: Mon, 20 Feb 2023 12:38:03 -0600 Message-ID: <20230220183847.59159-13-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT101:EE_|DM6PR12MB4140:EE_ X-MS-Office365-Filtering-Correlation-Id: 0f06a04f-cc09-473b-2865-08db1372838b X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: EFT2kjw0bm+eGlPQP6oylLpv4iMAnT9m2wHTjNcei05ZfJv7vE5JVZqFywn7rVQ7JsLC4eV/5dUpriH5H2K6B91tqgUL2ArSxHcIZczA1GmvGMYKDglmHUVJBqPGecusMHGN2LbTMKQAGiNla6joXWmMB3o8GGBWt67YBdND94cVBdNaisSTz2YdFfifvdbLKCbciEAwY8euRLm7KUwxfkNvM9jc0MtZSuVGP4ZDpR/4Jky/AUpqJq041PLApaW6GOftJBG2UjY6q14/06bwY68+YBaiGD78gDq2MZriuaNtF5WZpVW/hpi7RKjdZ0UN+IPU2NLlOURh6d06s7fpZAAARomx9e5UE1O9a/TjhyhWIuJQFIrQdw6a5bo2jDIRDM6kwfBQLiNG3hJC/QN/g/g2XNe529MXDND4ujrhE6ctVlo3QsrZavsvOpv7uXRFV/jpLCIFxhjyNw3aOdZbGcvLqPC+4QvEDizrDBXC4n43SGV/TZzpCLBEjAKIYfU8BrLM9aFTYkwxfMg4K3wVYnYfKORgVjlCAvv/0ONtfX1gUL/edbu1E6OIrV9kqlkWaFBLR8vyOWuKxigTHf9AzDyu3iCiHJ/xCXAgos+bIHoTnuPF2m5gTyQUCRpOmqrNXE0SKzdFU3yq5nDIpsHvlL1oMk0RREqkl7zqdnbMeTUHhAGy8cSSzVFZlKxPliuNrkJ83MjNB6sp+IEmqLpIBzcN0huK1L7nEF7GRLMNl89UDKOVF5Zyeh+8MM2rHkJX X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(136003)(346002)(376002)(396003)(39860400002)(451199018)(36840700001)(46966006)(40470700004)(70206006)(4326008)(70586007)(6916009)(8676002)(316002)(7416002)(54906003)(44832011)(966005)(8936002)(41300700001)(5660300002)(356005)(40460700003)(36756003)(86362001)(478600001)(26005)(16526019)(1076003)(186003)(6666004)(47076005)(426003)(2616005)(336012)(7406005)(2906002)(82310400005)(81166007)(82740400003)(40480700001)(36860700001)(83380400001)(36900700001)(309714004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:44:35.6410 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 0f06a04f-cc09-473b-2865-08db1372838b X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT101.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB4140 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377036844967563?= X-GMAIL-MSGID: =?utf-8?q?1758377036844967563?= From: Brijesh Singh The snp_lookup_page_in_rmptable() can be used by the host to read the RMP entry for a given page. The RMP entry format is documented in AMD PPR, see https://bugzilla.kernel.org/attachment.cgi?id=296015. Co-developed-by: Ashish Kalra Signed-off-by: Ashish Kalra Signed-off-by: Brijesh Singh Signed-off-by: Michael Roth --- arch/x86/include/asm/sev.h | 4 +- arch/x86/kernel/sev.c | 84 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 87 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index ebc271bb6d8e..8d3ce2ad27da 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -83,7 +83,7 @@ extern bool handle_vc_boot_ghcb(struct pt_regs *regs); /* RMP page size */ #define RMP_PG_SIZE_4K 0 - +#define RMP_TO_X86_PG_LEVEL(level) (((level) == RMP_PG_SIZE_4K) ? PG_LEVEL_4K : PG_LEVEL_2M) #define RMPADJUST_VMSA_PAGE_BIT BIT(16) /* SNP Guest message request */ @@ -197,6 +197,7 @@ void snp_set_wakeup_secondary_cpu(void); bool snp_init(struct boot_params *bp); void __init __noreturn snp_abort(void); int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, unsigned long *fw_err); +int snp_lookup_rmpentry(u64 pfn, int *level); #else static inline void sev_es_ist_enter(struct pt_regs *regs) { } static inline void sev_es_ist_exit(void) { } @@ -221,6 +222,7 @@ static inline int snp_issue_guest_request(u64 exit_code, struct snp_req_data *in { return -ENOTTY; } +static inline int snp_lookup_rmpentry(u64 pfn, int *level) { return 0; } #endif #endif diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index e54e412c9916..a063c1b98034 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -61,11 +61,36 @@ #define AP_INIT_CR0_DEFAULT 0x60000010 #define AP_INIT_MXCSR_DEFAULT 0x1f80 +/* + * The RMP entry format is not architectural. The format is defined in PPR + * Family 19h Model 01h, Rev B1 processor. + */ +struct rmpentry { + union { + struct { + u64 assigned : 1, + pagesize : 1, + immutable : 1, + rsvd1 : 9, + gpa : 39, + asid : 10, + vmsa : 1, + validated : 1, + rsvd2 : 1; + } info; + u64 low; + }; + u64 high; +} __packed; + /* * The first 16KB from the RMP_BASE is used by the processor for the * bookkeeping, the range needs to be added during the RMP entry lookup. */ #define RMPTABLE_CPU_BOOKKEEPING_SZ 0x4000 +#define RMPENTRY_SHIFT 8 +#define rmptable_page_offset(x) (RMPTABLE_CPU_BOOKKEEPING_SZ + \ + (((unsigned long)x) >> RMPENTRY_SHIFT)) /* For early boot hypervisor communication in SEV-ES enabled guests */ static struct ghcb boot_ghcb_page __bss_decrypted __aligned(PAGE_SIZE); @@ -2435,3 +2460,62 @@ static int __init snp_host_init(void) * the page(s) used for DMA are hypervisor owned. */ fs_initcall(snp_host_init); + +static inline unsigned int rmpentry_assigned(struct rmpentry *e) +{ + return e->info.assigned; +} + +static inline unsigned int rmpentry_pagesize(struct rmpentry *e) +{ + return e->info.pagesize; +} + +static struct rmpentry *rmptable_entry(unsigned long paddr) +{ + unsigned long vaddr; + + vaddr = rmptable_start + rmptable_page_offset(paddr); + if (unlikely(vaddr > rmptable_end)) + return ERR_PTR(-EFAULT); + + return (struct rmpentry *)vaddr; +} + +static struct rmpentry *__snp_lookup_rmpentry(u64 pfn, int *level) +{ + unsigned long paddr = pfn << PAGE_SHIFT; + struct rmpentry *entry, *large_entry; + + if (!cpu_feature_enabled(X86_FEATURE_SEV_SNP)) + return ERR_PTR(-ENXIO); + + if (!pfn_valid(pfn)) + return ERR_PTR(-EINVAL); + + entry = rmptable_entry(paddr); + if (IS_ERR(entry)) + return entry; + + /* Read a large RMP entry to get the correct page level used in RMP entry. */ + large_entry = rmptable_entry(paddr & PMD_MASK); + *level = RMP_TO_X86_PG_LEVEL(rmpentry_pagesize(large_entry)); + + return entry; +} + +/* + * Return 1 if the RMP entry is assigned, 0 if it exists but is not assigned, + * and -errno if there is no corresponding RMP entry. + */ +int snp_lookup_rmpentry(u64 pfn, int *level) +{ + struct rmpentry *e; + + e = __snp_lookup_rmpentry(pfn, level); + if (IS_ERR(e)) + return PTR_ERR(e); + + return !!rmpentry_assigned(e); +} +EXPORT_SYMBOL_GPL(snp_lookup_rmpentry); From patchwork Mon Feb 20 18:38:04 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59593 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1460540wrn; Mon, 20 Feb 2023 10:52:36 -0800 (PST) X-Google-Smtp-Source: AK7set/OFFh1eFpu0/OwUtkpJ+gHOFhAIc5c7JgfMHHBmc9BCY6KkcRbSOFCua96u+u746neAZTy X-Received: by 2002:aa7:cfd1:0:b0:4ab:2555:408a with SMTP id r17-20020aa7cfd1000000b004ab2555408amr2752595edy.22.1676919155856; Mon, 20 Feb 2023 10:52:35 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919155; cv=pass; d=google.com; s=arc-20160816; b=hE8aIFWbE4LjcsCQIiSeFfVTAo+DaflSwfH2lhzg/6s9cwolmsUn2FA+qSSbI78Dyz B8JWHjp+WJd7j5TRh9ifH9VX6kpc0f/UbZdiv+b1FLI3YUhzJLYMCOTi3yB6PbPMy6al 3hzz8S7k6W9FeVDA8h6YgY7nIehxo8tsJu5MNrMKOEVNYEO8OyTxd5JP3wdZ2SvTpDNh o3SgQHHCqRTIJGA/y2f9h34/DfLD+4WO4l6cLjVLRhOQ9xqeP58+KymLiExpGl6AxyF5 0PeVWC9CJrXcMMlsSopo9LZ4LA2EJYrUlNDIXSjiRdW2bKeM3RSZqHdyS2QrDCASnf64 xzow== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=F2kvs1P/l4ZozOxsEC0d23b+JIIcSAMRctM1la8Mn4o=; b=SV6Jendw4T+oaRAKikPq69n3Mt4HReVxSaX1UBfr9dU7RETgiKYi2NykePC6B/jIji dv6yZ83297gHid2JpyECuyIz02A/JacXfRw2KDl+4fs15TdzGury82eLksOPNRfo0jNC nxdL8nv316auMRBgzZJ3XbzVe5+4mPwpdsbBwjvWn/lqLXuVIzsGGlLe1Wx5bxzhXYEP cDlQwbgcw8HSBCxclgyq/w60K0erDc4SL+hulx/nltUmQlfVV329EjjRhSetTz838JyQ EUxwNwIVjnf92x9Zd4BdY+KNjfhDrYuSDUcpI/KwjaNmK2nP74Too0hwLMMXsujCe3To OGhw== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=UkpYSvrn; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id u11-20020aa7d98b000000b004ab4bb74439si16167071eds.411.2023.02.20.10.52.12; Mon, 20 Feb 2023 10:52:35 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=UkpYSvrn; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232564AbjBTSpN (ORCPT + 99 others); Mon, 20 Feb 2023 13:45:13 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53542 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229869AbjBTSpL (ORCPT ); Mon, 20 Feb 2023 13:45:11 -0500 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2066.outbound.protection.outlook.com [40.107.92.66]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id ED2CD1E5EE; Mon, 20 Feb 2023 10:44:58 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YbVjny7Alf9EebGhN9aVJxLbPByfm8J6u+JfSKOVDSSVidiIgfRPcEtrRQlOb3SqKBhgM81OlZ8xmdAh5DQ5G4yz20d8B3TtvJhxkTDrrPmmXvjWVplIANeRcDNHkSBQ60uwvEjSUd1Qfidp3KddBpMMi1oCb21tvX3DdF4w34OUxtLRcSaHEHNK7dAiSXmtsoWlhQBWoix88tCANzPAYKBfzJ7Py3VdLz0lHFMI7JBQZpHCi7Z/A/6vtAoTuSfcrkymSqhTRsVVbhNtsOxIiseDIzD8Z0J5H7Z9kdOojkks/KYOe76bnvYtJsAa5WB3JWc8OkhB4CtJxczxwfmrnA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=F2kvs1P/l4ZozOxsEC0d23b+JIIcSAMRctM1la8Mn4o=; b=IxGZ5YT2jwwxB6OvNDv6aNoytVhqjEpAukNGcF7Oj/wcRea1w1X4n5Kpeae+3g8C5RSlXQpWonoyEG8NkNeJhd/1rACLbgXpbi7yczHfRKJusd2/CH0yApOYem7/PwMpBACFHeNFkV69bXgztJ6CXdTSpF/Zu+oRV6LQ6XSONeEs0rw2pHkehoqMxfbYakgo8eRXrvKmKTrZrjTswiGTlum2A0ok1SI4Px7NqRXc+wAvlayfgHJrQUF4mKjTYaYFGmCEDJpKnJMWPDuZ71BYc/4SHkbfLsdrvP3y8RQ3YxTZQulPrH/O67K/TAVM6j4ukeq2WrWGhZF/fdi/asTuCQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=F2kvs1P/l4ZozOxsEC0d23b+JIIcSAMRctM1la8Mn4o=; b=UkpYSvrnwaSykb28m6Gtf6DYlINfGtBgD0VVYyKWZq4zJt5TIlpXaYZSPQm2+lqYs14ZzHnMaKJkf9P86uJZvzFURRxeKpAzNLacMGsX2QlKAonTlsurxzRfKeFSCLuwfUTro8PIsvzcmHMN/Zlwjmie927Ms0bsOPnLPbnz/rI= Received: from DM6PR07CA0062.namprd07.prod.outlook.com (2603:10b6:5:74::39) by CY8PR12MB7754.namprd12.prod.outlook.com (2603:10b6:930:86::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.13; Mon, 20 Feb 2023 18:44:57 +0000 Received: from DM6NAM11FT090.eop-nam11.prod.protection.outlook.com (2603:10b6:5:74:cafe::cb) by DM6PR07CA0062.outlook.office365.com (2603:10b6:5:74::39) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:44:57 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT090.mail.protection.outlook.com (10.13.172.184) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:44:56 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:44:55 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH RFC v8 13/56] x86/fault: Add helper for dumping RMP entries Date: Mon, 20 Feb 2023 12:38:04 -0600 Message-ID: <20230220183847.59159-14-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT090:EE_|CY8PR12MB7754:EE_ X-MS-Office365-Filtering-Correlation-Id: 26894fc4-1c33-4779-bf79-08db1372903a X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: k5MHBK56RFlQC5aKaQjyU5GLAIjushZvHab6ynl6l11i3+wRrEl2YX02kTaow3mM3+Lsd06bQyQVAok4+l1mp3vk1KWnLmvFOebF0IgKl8vQb9zGTG/MXrq6+MHQoObiLfc3m16tju6Uaih9xKzs6s22s0O0MBErbQETRzCUsm7OwJkPzrLaBMhaFnzGURjUt2diAoazru6g+U3NITYG9xpI8WU3yoDZhoi6otijm+u4QNBc1ypnBFzaqUgEpdg2/kn2Dug6iLiYhJbzyH/YghFy6AzIpIrslIZpGiUiEnpSTWwVvS9NdMIvV7Oksxhr9GbPt4vT793MY52qXcSEMYzb+9CTqxZRbUT9RAbAqMPWC4GxD7U04/PTWHvitr/IQTxIoGxeFctkFlyVve20UUGZS3w3rGFgXky8Boo+LnWpuPDUQVPAxJzu+ZDFUjp7qr3fGaOSahlDr/lhPjBDiGGve9L+ADITEspKfa0p3JP1Fx82BbColqjKSLz/yNyQmX5uXiT4t6qXWvDFkDJxOJqjWEFk23qzqRgy02nIbkK1sAuWh0gRTl7rO3Zw4fSZEHLom5TbsLpB+pJLdh1BiLznMr75RfewTvkHy5AJIipWnbsZ/OOsS+X0D1FHSdH/ad5s8OTzHGN0Cy9x7goApcuLG4zKnvAaJsRG3QY2opbeJd9x+r5KvJtZKK5vI2/DXoQ7z0Sn0WZBXhkhDzQ727g1M8FalQ+qKWMUrVxC6ZM= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(346002)(39860400002)(136003)(376002)(396003)(451199018)(36840700001)(46966006)(40470700004)(40460700003)(1076003)(40480700001)(83380400001)(47076005)(82740400003)(426003)(36860700001)(86362001)(81166007)(82310400005)(356005)(6666004)(16526019)(336012)(478600001)(36756003)(186003)(2616005)(26005)(5660300002)(7416002)(4326008)(70206006)(54906003)(70586007)(41300700001)(8936002)(6916009)(8676002)(2906002)(316002)(44832011)(7406005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:44:56.9088 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 26894fc4-1c33-4779-bf79-08db1372903a X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT090.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY8PR12MB7754 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377180643557490?= X-GMAIL-MSGID: =?utf-8?q?1758377180643557490?= This information will be useful for debugging things like page faults due to RMP access violations and RMPUPDATE failures. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra [mdr: move helper to standalone patch] Signed-off-by: Michael Roth --- arch/x86/include/asm/sev.h | 2 ++ arch/x86/kernel/sev.c | 48 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 50 insertions(+) diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 8d3ce2ad27da..edbb7fa488af 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -198,6 +198,7 @@ bool snp_init(struct boot_params *bp); void __init __noreturn snp_abort(void); int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, unsigned long *fw_err); int snp_lookup_rmpentry(u64 pfn, int *level); +void sev_dump_rmpentry(u64 pfn); #else static inline void sev_es_ist_enter(struct pt_regs *regs) { } static inline void sev_es_ist_exit(void) { } @@ -223,6 +224,7 @@ static inline int snp_issue_guest_request(u64 exit_code, struct snp_req_data *in return -ENOTTY; } static inline int snp_lookup_rmpentry(u64 pfn, int *level) { return 0; } +static inline void sev_dump_rmpentry(u64 pfn) {} #endif #endif diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index a063c1b98034..a01741c4a1b8 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -2504,6 +2504,54 @@ static struct rmpentry *__snp_lookup_rmpentry(u64 pfn, int *level) return entry; } +void sev_dump_rmpentry(u64 pfn) +{ + unsigned long pfn_end; + struct rmpentry *e; + int level; + + e = __snp_lookup_rmpentry(pfn, &level); + if (IS_ERR(e)) { + pr_info("Failed to read RMP entry for PFN 0x%llx\n", pfn); + return; + } + + if (rmpentry_assigned(e)) { + pr_info("RMPEntry paddr 0x%llx [assigned=%d immutable=%d pagesize=%d gpa=0x%lx asid=%d vmsa=%d validated=%d]\n", + pfn << PAGE_SHIFT, rmpentry_assigned(e), e->info.immutable, + rmpentry_pagesize(e), (unsigned long)e->info.gpa, e->info.asid, + e->info.vmsa, e->info.validated); + + /* Dump all the non-zero entries if debug enabled */ + if (!sev_cfg.debug) + return; + } + + /* + * If the RMP entry at the faulting pfn was not assigned, then not sure + * what caused the RMP violation. To get some useful debug information, + * iterate through the entire 2MB region, and dump the RMP entries if + * one of the bit in the RMP entry is set. + */ + pfn = pfn & ~(PTRS_PER_PMD - 1); + pfn_end = pfn + PTRS_PER_PMD; + + while (pfn < pfn_end) { + e = __snp_lookup_rmpentry(pfn, &level); + if (IS_ERR(e)) { + pr_info("Failed to read RMP entry for PFN 0x%llx\n", pfn); + pfn++; + continue; + } + + if (e->low || e->high) + pr_info("RMPEntry paddr 0x%llx: [high=0x%016llx low=0x%016llx]\n", + pfn << PAGE_SHIFT, e->high, e->low); + pfn++; + } +} +EXPORT_SYMBOL_GPL(sev_dump_rmpentry); + /* * Return 1 if the RMP entry is assigned, 0 if it exists but is not assigned, * and -errno if there is no corresponding RMP entry. From patchwork Mon Feb 20 18:38:05 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59597 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1461686wrn; Mon, 20 Feb 2023 10:55:39 -0800 (PST) X-Google-Smtp-Source: AK7set/ZUgv2IrMFY9WhnpxoY0oZT9urKXNxj5j5bTEMFOswnLa2eZxhZHTKUnj/OufeXMreLvH6 X-Received: by 2002:a17:906:c44c:b0:8b1:3002:bd6d with SMTP id ck12-20020a170906c44c00b008b13002bd6dmr8584642ejb.31.1676919339485; Mon, 20 Feb 2023 10:55:39 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919339; cv=pass; d=google.com; s=arc-20160816; b=LaAe6eMRDhI+lsK/tw+URqvOVoIVVpEnyyR5eW6OlKgLN9C7NoTjL9xM8KR/KBZ5La PpTLRyIKL4aYh+//jPsVC49nzFkqVRSjb2rXal8R/uQyS0VpqB/FY6pOKYuf+cB35Lg0 joM24F3d13HXaIeen8YUk/ImUX32YAbfkS+n5sp6287KTScAneQatqQrjfxi59LnQswJ lTTfOT3KO54DDh4EkdcdiThgSp8KN+CqHPNxPLhihZyN93yyIi5OCb400Jyx3OdYVYeK 1QISurwqTupRpKO0sBzVxiHAeAHyf3srFf790bKELDisf/aZwc7FqiPS1IkSQi2k6Gkt yGuQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=6j+nSgs/DGvg/kRPK1aMPVbYjA2l54XSMEcjve6IfB0=; b=KoAY2Pzj8LQd0J07cxVbNHMOy+heiHaOkU/AlHT0jTF6XdLrKBaxd82gAenfEfoWJn FW9r0WuG6BY4ctEBBjCBLyAPy//yQaWsomYj2x+AH/QU5CwxY2AyDxQ+HfGtKosQk7GV KywSMc9tRr+OPzL9Y/fFxjCX/hVof5guH93eqx7z0Q7T+C3Tt0ds3FjTtIxSiLqPTlBX WYsoAiJyUoTNN69YxJfDibC82ikK7by+7VfBtjxJqrqd6S5tdEhBok1GzLmAYgYYD2F5 DWKggH1diUjDoacoXT7o8GN+cBZw0/Fs9Ossy98l9R2kkWjQYrr7/6nnG/7A+acDiOPA eIPQ== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=S8f43poq; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id s18-20020a170906221200b008b17e21e082si15693638ejs.295.2023.02.20.10.55.15; Mon, 20 Feb 2023 10:55:39 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=S8f43poq; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231734AbjBTSpe (ORCPT + 99 others); Mon, 20 Feb 2023 13:45:34 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54042 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229869AbjBTSpc (ORCPT ); Mon, 20 Feb 2023 13:45:32 -0500 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2075.outbound.protection.outlook.com [40.107.94.75]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 927021E29E; Mon, 20 Feb 2023 10:45:21 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Q7HWQHHJW/IMSA6hEFRJzptrlKZhPrVs7NOyo4oVnw5kC0nxz0Vs519oN6Qj0p/cmGOB3DPHbDndak9CoHVHhyCWQGRaMt9Cczq/VsGlHAyj86ZApAJaY8w484grokDpfBO5n5kzEzV5f6dVQ0g5CsS6ahwp7G3v55Cqtj0Hthh9WZDz9xi/HE/hHthjPytXiQ20m5L5L25h+bwDeSqLuu8wK5z7uBkNOZvyNdaU/9fs3sugcHen865auZpVHhZZeXsk3CQvna4OMe98acj0ePX6wWYebJ5AoK2A0OjtE8nKxZAFFQSrMga5QaeSIXpmMWdvVoTG0daGtEzeRWQnqQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=6j+nSgs/DGvg/kRPK1aMPVbYjA2l54XSMEcjve6IfB0=; b=V6N4qiYCoAUXvq9vc7Lw2gKq0Pao0XA9ykOtxb3GFpSx6PzoqkAD+609O5AuDRD/E9JTxRJU6uYcU8ZIVAVuAtLiqQjboMMQ6qcoUvcL6bzipshGlsyCsJ/iSOwF4vIsUzAVbB8eg0NBmhAqhk0jeTEZ7sRpm8YbF8wtCRbPfw/fk7dJ0i3s/Y6pKrhIrjBS3w2xo+NZaYL4JQOC7aljNYl/+IB15kVNs/IquvqYisk8UHXV9kKRwRWUmj2TbChljaWvflE0KDi05MBykQefsmus19o7SXwgJ6d/xmf0QIQjz7n/n2OxC8NYetNYeRXVVxiMsl5DPUDi/VrxIVyzGA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6j+nSgs/DGvg/kRPK1aMPVbYjA2l54XSMEcjve6IfB0=; b=S8f43poqY6Nyp6QnkCEQYzf8yFPtylMKIqDNjT0+BY1i/EZGom4RVwMioH+Im+cOPwMD3i09QEGCIwZ9ezp2kGBQBOWb27C7z2/uYQ3QtGhlELX2GzSJkxTuBcTEvcPp1nZvNHx1O3oXrR4tcPVz+4kgC7GBLeRh6twPIGCojsI= Received: from CY8PR22CA0006.namprd22.prod.outlook.com (2603:10b6:930:45::10) by DM6PR12MB4548.namprd12.prod.outlook.com (2603:10b6:5:2a1::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19; Mon, 20 Feb 2023 18:45:17 +0000 Received: from CY4PEPF0000C968.namprd02.prod.outlook.com (2603:10b6:930:45:cafe::d8) by CY8PR22CA0006.outlook.office365.com (2603:10b6:930:45::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:45:17 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000C968.mail.protection.outlook.com (10.167.241.72) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6134.14 via Frontend Transport; Mon, 20 Feb 2023 18:45:17 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:45:16 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH RFC v8 14/56] x86/sev: Add helper functions for RMPUPDATE and PSMASH instruction Date: Mon, 20 Feb 2023 12:38:05 -0600 Message-ID: <20230220183847.59159-15-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000C968:EE_|DM6PR12MB4548:EE_ X-MS-Office365-Filtering-Correlation-Id: 4c7b35f8-8bbb-4c44-7e6d-08db13729ca6 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: fVXsoiXv4t1w41x5qa0C7Di15m7ZevA1abEVi1IH48Myl98XNk4RHw9YlY8o+yKPDuCPMTKeRK35yGzKZK8hvV+BOWzuCb3wlpI8LOaLFTtRIb5iRJc9kH9srYpPL2F5tmNGMyWw+s9IfoNuryac4kPI33Df3mbwTuErbIiJQrVGofmO7Ef+25VZhgekoQwgtVMuz2JnY72cyuLnHMGtX4wSDCxaz4LY04EM6v9LUj0Ag8G+zlAseKtK7BnCug9GHwfSNHtLBUy6pfN+8pgyMxx/ZBhMDzrOCVhLm5Za/uSvwaF1/moWst0Zk3R5eobQ2MtOem0rKrUXhyr34uX02KwePqvBP/cC8RWXgSz1JHIhASujdmDiZ1A0edqkLe/WKA+CT7o+msWXza9x4WFBOHY0RBAbHsfofTlRG3jVMA/ypNvClqSkeSqLByGBwgt8HKnu0DsqXMr84ineVxlUiTGkJAXb8o0COenPLr+xoAMSGi1DGGx47ThoHAAoEbYyEZTmy92YTbZip9n7BmjADB+Mp+wk585AzzXXMWz2PWr+SY3Ii4F8jk4NbijgguY1v4NdE7SSLvutRmpEVIBJ1SzjxzuHrBajQxXyiRcRr/PSFvSyeiX5vLOKRhNPHJ4K0D0d23PTu48d1iZhQpSMY2WWEcbdr/SElAkH+a9bl+JE+6pSDfK+9pyNepGl4gHvKFTYmj1RBjikbRgzXvtdMhFs09NcaotK9RowmzjnJk2Ad3KTbYb1ITvK/PZ9+wdFrGxzT7fcwpnFdsZZ3H006A== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(376002)(136003)(396003)(346002)(39860400002)(451199018)(40470700004)(46966006)(36840700001)(5660300002)(7406005)(7416002)(36860700001)(44832011)(82310400005)(82740400003)(86362001)(2906002)(81166007)(478600001)(356005)(336012)(16526019)(47076005)(426003)(186003)(26005)(36756003)(40480700001)(70586007)(54906003)(40460700003)(316002)(70206006)(2616005)(6666004)(6916009)(1076003)(83380400001)(4326008)(41300700001)(8936002)(8676002)(36900700001)(309714004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:45:17.7319 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 4c7b35f8-8bbb-4c44-7e6d-08db13729ca6 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000C968.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB4548 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377372969515848?= X-GMAIL-MSGID: =?utf-8?q?1758377372969515848?= From: Brijesh Singh The RMPUPDATE instruction writes a new RMP entry in the RMP Table. The hypervisor will use the instruction to add pages to the RMP table. See APM3 for details on the instruction operations. The PSMASH instruction expands a 2MB RMP entry into a corresponding set of contiguous 4KB-Page RMP entries. The hypervisor will use this instruction to adjust the RMP entry without invalidating the previous RMP entry. Add the following external interface API functions: psmash(): Used to smash a 2MB aligned page into 4K pages while preserving the Validated bit in the RMP. rmp_make_private(): Used to assign a page to guest using the RMPUPDATE instruction. rmp_make_shared(): Used to transition a page to hypervisor/shared state using the RMPUPDATE instruction. Signed-off-by: Ashish Kalra Signed-off-by: Brijesh Singh [mdr: add RMPUPDATE retry logic for transient FAIL_OVERLAP errors] Signed-off-by: Michael Roth --- arch/x86/include/asm/sev.h | 24 +++++++++ arch/x86/kernel/sev.c | 108 +++++++++++++++++++++++++++++++++++++ 2 files changed, 132 insertions(+) diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index edbb7fa488af..7d728b30319c 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -80,10 +80,15 @@ extern bool handle_vc_boot_ghcb(struct pt_regs *regs); /* Software defined (when rFlags.CF = 1) */ #define PVALIDATE_FAIL_NOUPDATE 255 +/* RMUPDATE detected 4K page and 2MB page overlap. */ +#define RMPUPDATE_FAIL_OVERLAP 7 /* RMP page size */ #define RMP_PG_SIZE_4K 0 +#define RMP_PG_SIZE_2M 1 #define RMP_TO_X86_PG_LEVEL(level) (((level) == RMP_PG_SIZE_4K) ? PG_LEVEL_4K : PG_LEVEL_2M) +#define X86_TO_RMP_PG_LEVEL(level) (((level) == PG_LEVEL_4K) ? RMP_PG_SIZE_4K : RMP_PG_SIZE_2M) + #define RMPADJUST_VMSA_PAGE_BIT BIT(16) /* SNP Guest message request */ @@ -133,6 +138,15 @@ struct snp_secrets_page_layout { u8 rsvd3[3840]; } __packed; +struct rmp_state { + u64 gpa; + u8 assigned; + u8 pagesize; + u8 immutable; + u8 rsvd; + u32 asid; +} __packed; + #ifdef CONFIG_AMD_MEM_ENCRYPT extern struct static_key_false sev_es_enable_key; extern void __sev_es_ist_enter(struct pt_regs *regs); @@ -199,6 +213,9 @@ void __init __noreturn snp_abort(void); int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, unsigned long *fw_err); int snp_lookup_rmpentry(u64 pfn, int *level); void sev_dump_rmpentry(u64 pfn); +int psmash(u64 pfn); +int rmp_make_private(u64 pfn, u64 gpa, enum pg_level level, int asid, bool immutable); +int rmp_make_shared(u64 pfn, enum pg_level level); #else static inline void sev_es_ist_enter(struct pt_regs *regs) { } static inline void sev_es_ist_exit(void) { } @@ -225,6 +242,13 @@ static inline int snp_issue_guest_request(u64 exit_code, struct snp_req_data *in } static inline int snp_lookup_rmpentry(u64 pfn, int *level) { return 0; } static inline void sev_dump_rmpentry(u64 pfn) {} +static inline int psmash(u64 pfn) { return -ENXIO; } +static inline int rmp_make_private(u64 pfn, u64 gpa, enum pg_level level, int asid, + bool immutable) +{ + return -ENODEV; +} +static inline int rmp_make_shared(u64 pfn, enum pg_level level) { return -ENODEV; } #endif #endif diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index a01741c4a1b8..a49f30c10dc1 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -2567,3 +2567,111 @@ int snp_lookup_rmpentry(u64 pfn, int *level) return !!rmpentry_assigned(e); } EXPORT_SYMBOL_GPL(snp_lookup_rmpentry); + +/* + * psmash is used to smash a 2MB aligned page into 4K + * pages while preserving the Validated bit in the RMP. + */ +int psmash(u64 pfn) +{ + unsigned long paddr = pfn << PAGE_SHIFT; + int ret; + + pr_debug("%s: PFN: 0x%llx\n", __func__, pfn); + + if (!pfn_valid(pfn)) + return -EINVAL; + + if (!cpu_feature_enabled(X86_FEATURE_SEV_SNP)) + return -ENXIO; + + /* Binutils version 2.36 supports the PSMASH mnemonic. */ + asm volatile(".byte 0xF3, 0x0F, 0x01, 0xFF" + : "=a"(ret) + : "a"(paddr) + : "memory", "cc"); + + return ret; +} +EXPORT_SYMBOL_GPL(psmash); + +static int rmpupdate(u64 pfn, struct rmp_state *val) +{ + int max_attempts = 4 * num_present_cpus(); + unsigned long paddr = pfn << PAGE_SHIFT; + int ret, level, npages; + int attempts = 0; + + if (!cpu_feature_enabled(X86_FEATURE_SEV_SNP)) + return -ENXIO; + + do { + /* Binutils version 2.36 supports the RMPUPDATE mnemonic. */ + asm volatile(".byte 0xF2, 0x0F, 0x01, 0xFE" + : "=a"(ret) + : "a"(paddr), "c"((unsigned long)val) + : "memory", "cc"); + + attempts++; + if (ret) + pr_debug("RMPUPDATE retry needed, ASID: %d, ret: %d, pfn: %llx, npages: %d, level: %d, assigned: %d, attempts: %d (max: %d)\n", + ret, val->asid, pfn, npages, level, val->assigned, + attempts, max_attempts); + } while (ret && attempts < max_attempts); + + if (ret) { + pr_err("RMPUPDATE failed after %d attempts, ret: %d, pfn: %llx, npages: %d, level: %d\n", + attempts, ret, pfn, npages, level); + sev_dump_rmpentry(pfn); + dump_stack(); + return -EFAULT; + } else if (attempts > 1) { + pr_debug("RMPUPDATE succeeded after %d attempts, ASID: %d, ret: %d, pfn: %llx, npages: %d", + attempts, val->asid, ret, pfn, npages); + } + + return 0; +} + +/* + * Assign a page to guest using the RMPUPDATE instruction. + */ +int rmp_make_private(u64 pfn, u64 gpa, enum pg_level level, int asid, bool immutable) +{ + struct rmp_state val; + + pr_debug("%s: GPA: 0x%llx, PFN: 0x%llx, level: %d, immutable: %d\n", + __func__, gpa, pfn, level, immutable); + + if (!pfn_valid(pfn)) + return -EINVAL; + + memset(&val, 0, sizeof(val)); + val.assigned = 1; + val.asid = asid; + val.immutable = immutable; + val.gpa = gpa; + val.pagesize = X86_TO_RMP_PG_LEVEL(level); + + return rmpupdate(pfn, &val); +} +EXPORT_SYMBOL_GPL(rmp_make_private); + +/* + * Transition a page to hypervisor/shared state using the RMPUPDATE instruction. + */ +int rmp_make_shared(u64 pfn, enum pg_level level) +{ + struct rmp_state val; + + pr_debug("%s: PFN: 0x%llx, level: %d\n", __func__, pfn, level); + + if (!pfn_valid(pfn)) + return -EINVAL; + + memset(&val, 0, sizeof(val)); + val.pagesize = X86_TO_RMP_PG_LEVEL(level); + + return rmpupdate(pfn, &val); +} +EXPORT_SYMBOL_GPL(rmp_make_shared); From patchwork Mon Feb 20 18:38:06 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59601 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1461844wrn; Mon, 20 Feb 2023 10:56:04 -0800 (PST) X-Google-Smtp-Source: AK7set9pVdFO1i6H5ubHAYW8OaLXrc7aD7WxWQ6vbHa3eEgEIu4bWhJ69RfY/LfJqVFDJvRc6vhK X-Received: by 2002:a17:906:b356:b0:886:7e24:82eb with SMTP id cd22-20020a170906b35600b008867e2482ebmr10769657ejb.21.1676919364298; Mon, 20 Feb 2023 10:56:04 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919364; cv=pass; d=google.com; s=arc-20160816; b=lb71K/Ro49Rq9CM8s2BwDmozd07f3r5V42YIi3SixgdfL8Y/lc/CDYh1biazHFtJKU bjR0u1Fw9Z6sl3g2/SqB8CcGg5pxuz+rZRCLIsHckjJ+p1JuYWCj/p9/fXA606yOib23 MZox6nBxRBOkFwLBBoXdrIYORhO7GLET+wt1d2QSHrcKYi9FYN0JpfNmYkwNy/HR8MUI 8e+yNJ+mtup58V3bIhd7Hf/NadcpChqozvdxki4LOpNo/S8Z+HqLtUT6jf0XTTf9qHJS IvMqD2JVeF+MOOxRet1G1jWDLmAdEXDYeoudw9nQNxeTfUI/f6Y1WmEIVh3q/1KFW7aw G+lQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=YbUe5MPV5IcipfQc+HmmLC3mcPpmVfsdPBM6AWSlV6s=; b=AI2WK8DvEDR8g6h7tA09qyYxIBx9/9G8N/dZyeIhogs/6YCa9ptYFq3IjAOzfgAEYh w4uL9o28HheMQSRSICXpwDDNUaeV3T9AhHgEbes5rkNiJGmM9Pltlh28QXn4TKWVQRzD qyZ1cwLbLcBUWn3M+dktlrBqBKIzeiEHkPwLtaCuIZgU15M3cVajrumLQgzOlDUtcYyn Up8LfmQRVe2CDA83mcvKkIecDZaEFkFMcRG17vNVVAsAfVT6ImfXSDgska5WgYqH/eUG J/gOet9QE4JqTSbWQjJrjKLR9Y+1UOr7a6NtXwZoneItd9WNqQPPJF/5laBI1SA5XrTb HtIQ== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=iTRJU2R8; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id p14-20020aa7d30e000000b004acb712d32csi16226085edq.233.2023.02.20.10.55.41; Mon, 20 Feb 2023 10:56:04 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=iTRJU2R8; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231290AbjBTSqC (ORCPT + 99 others); Mon, 20 Feb 2023 13:46:02 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54994 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231719AbjBTSp7 (ORCPT ); Mon, 20 Feb 2023 13:45:59 -0500 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2054.outbound.protection.outlook.com [40.107.92.54]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 76E6A212AC; Mon, 20 Feb 2023 10:45:41 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=M1L6SGKpp9ocXlZdXp0N3Us/tZIlA6KIrYrwWnF92htZIqOJZF4vtspXPSMe1EauxRmKP1BW0SUVDmZ0+WPd55iH4u7yiibHzTK1blVPioMqON0OdL6LXMVRwpuc4ATknu/tEg1Z+IRKzRtjboq3UzuX+hG4YQ8o44gb4uiPTkptzy4zSkvBz+gmOIbtw+gi6r50Xaf6N50CTruN30O5JHLHGstsfsA8dwpqVqdXLS4rbQDdobMPN0N0HCL+7m5kw18JeBPijm3rgcWyYlwt2iMMXXXYMv9d+jxrgBBoiS8jmTUrNET8xU4/XAae2YmTJ29KaFWPywVNjhc6y5saAw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=YbUe5MPV5IcipfQc+HmmLC3mcPpmVfsdPBM6AWSlV6s=; b=IRSDhQPsurvL+0oEmU1QqbLhgeyOe4GmR25ISNi4U/HrFYxBOwhepntf8MBTzKiHDjL4L+eBHcJlaefI578i+8Np4Lmq4re6I6v9HbevQEz6crOY6/2eM9S18SCsOmuQV3O/ootKrCV8qoG81cOUL0mZoKcPImkuLa3FN/8d3ZHGHh2fQypEnPDtaqkALf4KDiRbcZvAGVvYmKWvKBaOGCDdbT6fmE8Zxy5bqHoZYLNs8hZMGeXKgQWg30zzpEEzGtkDor+GU8sWBgpTsbSFP1x8v/qVcE0ZW+BlbY/eIZl9pZMG3EtAr2OOVVFXDUcSZ5O0vIWtfEhagyN+cbPV0Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=YbUe5MPV5IcipfQc+HmmLC3mcPpmVfsdPBM6AWSlV6s=; b=iTRJU2R8wg/ieKSHtq75FVVJyby9r3WrsNP2qRqVGZdCQ0ReWqFvt0KTdUUYA43EuQp5JdqTnHSRZsaxQE6MPW0TED4mfR1AgirJgPVodz4W/JLJuguMs7AawD9g/VodkUWU4inkI4v1cW88to9uDZMKYdd1TanGWKfyE0KoxVU= Received: from CY8PR19CA0002.namprd19.prod.outlook.com (2603:10b6:930:44::11) by IA0PR12MB8277.namprd12.prod.outlook.com (2603:10b6:208:3de::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20; Mon, 20 Feb 2023 18:45:39 +0000 Received: from CY4PEPF0000C96A.namprd02.prod.outlook.com (2603:10b6:930:44:cafe::43) by CY8PR19CA0002.outlook.office365.com (2603:10b6:930:44::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:45:38 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000C96A.mail.protection.outlook.com (10.167.241.74) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6134.14 via Frontend Transport; Mon, 20 Feb 2023 18:45:38 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:45:37 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH RFC v8 15/56] x86/sev: Invalidate pages from the direct map when adding them to the RMP table Date: Mon, 20 Feb 2023 12:38:06 -0600 Message-ID: <20230220183847.59159-16-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000C96A:EE_|IA0PR12MB8277:EE_ X-MS-Office365-Filtering-Correlation-Id: 4fb6eb3b-8dec-40c1-12d5-08db1372a920 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: jvQ48W5gzOiaKIfldMU6eOipFaHDQEN93lXnmKlUHh2g+hjw59RYzpTOl6yfxSpM658lv8Ak+1WPE1wxnjpLbn28GPc7vS5XhlrbbGWs7N2R13OXOVmMIpCSSE/myAqZHlLpRMYLDUFPumysJQN8JwMfyoyyE7yFd7OxdrOsQ0WZUz+jz2KFluvVSib8PyCmd8JdBmxK0VrOmQGCtF2xcxg++jcWuEKLOuZgNTCvqEvORV9HFc0ocAjmUjFn0I9ydZhW59kUf+khoIyv2+wWuo95cBcxSO6QVb1zveo/1jjWBLbIVfMCSPgJ8IZcH4WKzqZmYU8chcKbbcwbWG6DrpA+XDvUTxqR8VFjBILp14HveGQCa9JmcGJLkbY/NY7APZJzJphNZKTbqtixelV4MXK+EPb43mdnMuQCtWfPX5F0aqTx72hb0FxMmeVbNGwgy63bsPhabZIfMay0GJaeTzNLEjlpZ7LvHCGOR8HAqeYzZhrozdvbQ870MzEOLlO3eGP/yxbk/Ewxffw8ltg4BEInhXQkDtO+43nvNTmzkiz3STsMveutICFcfQ93gztjx7T6A0ImgeOLkHItdCKFx8sDMTtbSD+Y/ueg/leOBSsb5sEmoRswfsOyMwTMP5lxa20Z5j/+lV67QNzN//iJK9dh2uwg9eBAz20oD1lfptk5niZhE7+sxv9MffqDRwcYrzjic32iBdN7/qV0RCmRtzw97WUxUVvHfeFEatL2PqY= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(396003)(136003)(346002)(376002)(39860400002)(451199018)(40470700004)(46966006)(36840700001)(70206006)(40480700001)(40460700003)(6666004)(8936002)(83380400001)(7416002)(7406005)(5660300002)(41300700001)(47076005)(44832011)(426003)(86362001)(16526019)(26005)(186003)(1076003)(8676002)(2906002)(70586007)(6916009)(316002)(4326008)(336012)(54906003)(478600001)(2616005)(356005)(36860700001)(36756003)(82310400005)(81166007)(82740400003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:45:38.6770 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 4fb6eb3b-8dec-40c1-12d5-08db1372a920 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000C96A.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA0PR12MB8277 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377399339412172?= X-GMAIL-MSGID: =?utf-8?q?1758377399339412172?= From: Brijesh Singh The integrity guarantee of SEV-SNP is enforced through the RMP table. The RMP is used with standard x86 and IOMMU page tables to enforce memory restrictions and page access rights. The RMP check is enforced as soon as SEV-SNP is enabled globally in the system. When hardware encounters an RMP-check failure, it raises a page-fault exception. The rmp_make_private() and rmp_make_shared() helpers are used to add or remove the pages from the RMP table. Improve the rmp_make_private() to invalidate state so that pages cannot be used in the direct-map after they are added the RMP table, and restored to their default valid permission after the pages are removed from the RMP table. Co-developed-by: Ashish Kalra Signed-off-by: Ashish Kalra Signed-off-by: Brijesh Singh Signed-off-by: Michael Roth --- arch/x86/kernel/sev.c | 57 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 57 insertions(+) diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index a49f30c10dc1..3e5ff5934e83 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -2595,6 +2595,37 @@ int psmash(u64 pfn) } EXPORT_SYMBOL_GPL(psmash); +static int restore_direct_map(u64 pfn, int npages) +{ + int i, ret = 0; + + for (i = 0; i < npages; i++) { + ret = set_direct_map_default_noflush(pfn_to_page(pfn + i)); + if (ret) + goto cleanup; + } + +cleanup: + WARN(ret > 0, "Failed to restore direct map for pfn 0x%llx\n", pfn + i); + return ret; +} + +static int invalidate_direct_map(u64 pfn, int npages) +{ + int i, ret = 0; + + for (i = 0; i < npages; i++) { + ret = set_direct_map_invalid_noflush(pfn_to_page(pfn + i)); + if (ret) + goto cleanup; + } + +cleanup: + WARN(ret > 0, "Failed to invalidate direct map for pfn 0x%llx\n", pfn + i); + restore_direct_map(pfn, i); + return ret; +} + static int rmpupdate(u64 pfn, struct rmp_state *val) { int max_attempts = 4 * num_present_cpus(); @@ -2605,6 +2636,21 @@ static int rmpupdate(u64 pfn, struct rmp_state *val) if (!cpu_feature_enabled(X86_FEATURE_SEV_SNP)) return -ENXIO; + level = RMP_TO_X86_PG_LEVEL(val->pagesize); + npages = page_level_size(level) / PAGE_SIZE; + + /* + * If page is getting assigned in the RMP table then unmap it from the + * direct map. + */ + if (val->assigned) { + if (invalidate_direct_map(pfn, npages)) { + pr_err("Failed to unmap %d pages at pfn 0x%llx from the direct_map\n", + npages, pfn); + return -EFAULT; + } + } + do { /* Binutils version 2.36 supports the RMPUPDATE mnemonic. */ asm volatile(".byte 0xF2, 0x0F, 0x01, 0xFE" @@ -2630,6 +2676,17 @@ static int rmpupdate(u64 pfn, struct rmp_state *val) attempts, val->asid, ret, pfn, npages); } + /* + * Restore the direct map after the page is removed from the RMP table. + */ + if (!val->assigned) { + if (restore_direct_map(pfn, npages)) { + pr_err("Failed to map %d pages at pfn 0x%llx into the direct_map\n", + npages, pfn); + return -EFAULT; + } + } + return 0; } From patchwork Mon Feb 20 18:38:07 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59594 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1460920wrn; Mon, 20 Feb 2023 10:53:33 -0800 (PST) X-Google-Smtp-Source: AK7set8gM6qRMYd3QfO4fuAuD6d+Q9oBKReH1exeilL2uP74A0ULz/Te65Cs7cID1tAQ+WX1Ra48 X-Received: by 2002:a17:906:b05a:b0:8b1:300f:1bdc with SMTP id bj26-20020a170906b05a00b008b1300f1bdcmr11319316ejb.64.1676919213205; Mon, 20 Feb 2023 10:53:33 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919213; cv=pass; d=google.com; s=arc-20160816; b=zr61AP8Ku7WrJ7oZQTs9pywvGumUROHRpFNcRvZlv0RVPRLZHNSrFZCZFol3ZqAkhA kO6D6qYm/bm9Hhdc1SgJJwOgwr/0kGHYeEJvcc5zAvVOb6DGqfTuav45lgufo+JeF+Kd wDgDOOTqau0IayNnzCrZLLSXr4+0qIw15E7I/9Mnfdjjjztn6/gQpUnTfZTJ8Ss66Bhc IDG0ezodL0kPjJDwyAGuyNTmtALoQwKMw0JJRJRC+VA065417WiR0tu8XQ6AEP89vd0F L89gj9fzr3n45vd4LUxA2HWUYoLXvyQTTayl86ZUpjfrhbGMZrIMQbawNtWB40wi4yq1 zqtQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=LaE99ZyE9fPNXP1+sCNkKPB9OJSZnnK2iy4k/8TUgSg=; b=YP2MKGe0g7RvQ2FtuoRgDdXZdmNW7V5hr8gJLKvw3yVo65dyPt07cE7PEX+i2ONKNf n4MRr6Wz6gDBjMLeJCc5gb+5Rf2V/+qJKNTcinS12Zf50h5nhsRWuuZue1DLoiVVG4PN 6BsO/H5wkKkU1l3mil4RrUJyqCrg7aXeuGH020Sm43fLsFmMQxpTgBuay3RoAnrCIpEz bPnQ/klzfKsSisVxnXG2fNvVuDyR6QejRJwT3zD3rB4vkG2U5tjpILj5HG1wFFLVdfgn jUsjS5o8rw7HNdMYn+XqzJa0PKsbesXXu5LfxKjV9Mlq+Vd4b5U/8s4HUXFeyoU2B9Wt bRJg== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=5ScSu2nP; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id we10-20020a170907234a00b008b9940a22f4si8622350ejb.464.2023.02.20.10.53.09; Mon, 20 Feb 2023 10:53:33 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=5ScSu2nP; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232600AbjBTSqq (ORCPT + 99 others); Mon, 20 Feb 2023 13:46:46 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55924 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231708AbjBTSqp (ORCPT ); Mon, 20 Feb 2023 13:46:45 -0500 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on20601.outbound.protection.outlook.com [IPv6:2a01:111:f400:7eae::601]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 36410212B2; Mon, 20 Feb 2023 10:46:12 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Ib+QpV4dtiCPvitAowhXJoqt6AuFnZRb9Cc94pbBK9x7hTGF6yECS/qxVCdatV/8+GtnzkFdjiWXZWjZnZmYzg8WNfRVP/6w3MybTuufT2oAKTW1LNj7lgTtpILW61meN9CnpScb/O8ZjgbiaxQgiJZqvmv01eZ4Oleq4kCfpw1TeQ1oDZAUVhtlTSNsB+U3G4UwvGOlvTmtXaRmkjiaFh2aC3zrdsFJr8Wkq0lDA8hE7Z6KrP5GblzNOQOvOE0l5WkYZwbs7QFpG+loeQghwe9R4+VRe+nN4tefxps/AbEcKj0OdxIFJHgiGH4AKnJ3GoHK/jHLZTYZlwqdirbjkg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=LaE99ZyE9fPNXP1+sCNkKPB9OJSZnnK2iy4k/8TUgSg=; b=I6Xjea3pj2aKHKhdSkxjR6gikxurOur4IP+GjkVtmHO8SLiA8rmGq0TrBsNCS58TGEcnnJc9lAa8vSBi1jRJaUq5KycgJhaUNPOf3XfCoAlc5irq1GOhCprk++gei0UlpssKFSZyoQjfbAr9DpzqVfqmFkJlQW5fkwldFmhbWTyf0Ll6Kt3hTG+U9mccWcTsAYa7PpAMBg0C4UYhF0/rlavHlajIlZa3x/s3PsRceZEs79/ILZyyXQcraixFu6SYBjDcbubq1Vf4E3MEomVpftTSPIfQimk1i/XbvPq1nNRVWTZQpjicCP+grlaHkLkaKQZWWnrP489o8m2L9Df1xg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LaE99ZyE9fPNXP1+sCNkKPB9OJSZnnK2iy4k/8TUgSg=; b=5ScSu2nP8vwx48ps6wK9Q7/C+pleM5XY3oVqWseQHPXeeNBGgZ0Ai+qhFcAuWAn+0iuU0ONOadc7mj1JQq+U77QpbHWjaFCDcZFdJGOhfbRFPHXp5coXavZYRtFRnSnOs8UVELiuQRwGJD8nyhJTePhtlu2vZwk/XI5L3f2eDIc= Received: from CY8PR22CA0016.namprd22.prod.outlook.com (2603:10b6:930:45::27) by SJ0PR12MB7068.namprd12.prod.outlook.com (2603:10b6:a03:4ae::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20; Mon, 20 Feb 2023 18:45:59 +0000 Received: from CY4PEPF0000C968.namprd02.prod.outlook.com (2603:10b6:930:45:cafe::3a) by CY8PR22CA0016.outlook.office365.com (2603:10b6:930:45::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:45:59 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000C968.mail.protection.outlook.com (10.167.241.72) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6134.14 via Frontend Transport; Mon, 20 Feb 2023 18:45:59 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:45:58 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH RFC v8 16/56] x86/traps: Define RMP violation #PF error code Date: Mon, 20 Feb 2023 12:38:07 -0600 Message-ID: <20230220183847.59159-17-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000C968:EE_|SJ0PR12MB7068:EE_ X-MS-Office365-Filtering-Correlation-Id: 33661cb8-979b-4837-8754-08db1372b597 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: FAAeYIHurIps2K/JbO09YdHrBe1AjJsKNqb7GYwz2aBSj7eW6BanckDmdj6Cys2OwC7BKay+bs1YmbEM2zxGgq2yMEAEaOGnSbsUEDuv3mEwI252KjeRpRpVD+VayI3RHaEa1IpNJ5KMnN35J1yQeZuqln9KzGKGSEdIoJhVoLbqrS87itrEiGZA+/rj8Vu3Kqo6ngIQoc3Y7C7CWOU+Kxtt9Aq+4TU+vyqbtQboA/RvexFOnNJwktWT9fRvK5T76FQCnIWoKPvy1gsWZpcDFN8Q1FkQms7c+Kj6/Ij4idDw90JJC6YkatRVI7EznC1L1lac++F/Qc30pEdmuTfkxb8aReuI9cvqqSEeyner+ieaHMG4yIzpz144ZdgRSOVzB6CVLr3Sv7QkuyO7kOf/LiSEfb3JsBNFif3mSbtNM61UQz5Sd53vCcugP4SyQaggJNHYDuNADFwFQ6pEpehRCrPYzdnhswBw8CKmUKRfbNZG1n5q58G/cQJxPoDwXSmFLHPnw/XEz1QAnKuoh3DxUuzffgysoWnQ/LAtZdOPmvT6xHskWptFOw9Cv9UcylqKFR69CIpOgXM3y99z3QGq5q7vzGTe3/YB85Ze4OW3a5Vmtc2QUlhVbNxyAsMnDEEwgXl54MduP0w4tfOqshOk/cPQfBl2aSKsZ6mm2HlYJ5WuoWGuvyCfHo8K7xJP136skBVFXPwO95u1d1/KbXUj3ZBx1QKa7vIZnS8m2Zv2TlE= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(396003)(136003)(376002)(39860400002)(346002)(451199018)(36840700001)(40470700004)(46966006)(82740400003)(81166007)(82310400005)(36756003)(356005)(36860700001)(16526019)(40460700003)(40480700001)(6666004)(26005)(186003)(70586007)(1076003)(70206006)(4326008)(336012)(2616005)(478600001)(54906003)(316002)(2906002)(8676002)(6916009)(83380400001)(5660300002)(7406005)(8936002)(44832011)(86362001)(7416002)(41300700001)(426003)(47076005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:45:59.5769 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 33661cb8-979b-4837-8754-08db1372b597 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000C968.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR12MB7068 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,SPF_HELO_PASS, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377241280975750?= X-GMAIL-MSGID: =?utf-8?q?1758377241280975750?= From: Brijesh Singh Bit 31 in the page fault-error bit will be set when processor encounters an RMP violation. While at it, use the BIT_ULL() macro. Signed-off-by: Brijesh Singh Signed-off by: Ashish Kalra Signed-off-by: Michael Roth --- arch/x86/include/asm/trap_pf.h | 18 +++++++++++------- arch/x86/mm/fault.c | 1 + 2 files changed, 12 insertions(+), 7 deletions(-) diff --git a/arch/x86/include/asm/trap_pf.h b/arch/x86/include/asm/trap_pf.h index 10b1de500ab1..295be06f8db7 100644 --- a/arch/x86/include/asm/trap_pf.h +++ b/arch/x86/include/asm/trap_pf.h @@ -2,6 +2,8 @@ #ifndef _ASM_X86_TRAP_PF_H #define _ASM_X86_TRAP_PF_H +#include /* BIT() macro */ + /* * Page fault error code bits: * @@ -12,15 +14,17 @@ * bit 4 == 1: fault was an instruction fetch * bit 5 == 1: protection keys block access * bit 15 == 1: SGX MMU page-fault + * bit 31 == 1: fault was due to RMP violation */ enum x86_pf_error_code { - X86_PF_PROT = 1 << 0, - X86_PF_WRITE = 1 << 1, - X86_PF_USER = 1 << 2, - X86_PF_RSVD = 1 << 3, - X86_PF_INSTR = 1 << 4, - X86_PF_PK = 1 << 5, - X86_PF_SGX = 1 << 15, + X86_PF_PROT = BIT(0), + X86_PF_WRITE = BIT(1), + X86_PF_USER = BIT(2), + X86_PF_RSVD = BIT(3), + X86_PF_INSTR = BIT(4), + X86_PF_PK = BIT(5), + X86_PF_SGX = BIT(15), + X86_PF_RMP = BIT(31), }; #endif /* _ASM_X86_TRAP_PF_H */ diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c index 7b0d4ab894c8..f8193b99e9c8 100644 --- a/arch/x86/mm/fault.c +++ b/arch/x86/mm/fault.c @@ -567,6 +567,7 @@ show_fault_oops(struct pt_regs *regs, unsigned long error_code, unsigned long ad !(error_code & X86_PF_PROT) ? "not-present page" : (error_code & X86_PF_RSVD) ? "reserved bit violation" : (error_code & X86_PF_PK) ? "protection keys violation" : + (error_code & X86_PF_RMP) ? "RMP violation" : "permissions violation"); if (!(error_code & X86_PF_USER) && user_mode(regs)) { From patchwork Mon Feb 20 18:38:08 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59592 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1460230wrn; Mon, 20 Feb 2023 10:51:51 -0800 (PST) X-Google-Smtp-Source: AK7set9KxW7J+DASdQ86k2Hd1ZLKepUYYGynr24FtHYOnrPPZzA7Z6IbcgxB7m8u9bie0P+9V7p6 X-Received: by 2002:a17:907:8743:b0:8d6:ed70:991b with SMTP id qo3-20020a170907874300b008d6ed70991bmr2340304ejc.15.1676919111676; Mon, 20 Feb 2023 10:51:51 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919111; cv=pass; d=google.com; s=arc-20160816; b=wbDHbgmmZGoWLb5eRbKzCdRgYxWL7OQ9dxwhjYeGi/99LDDB9SwBRYwlUa4OGTK9x3 QMSBXKCXatoRJ9wKSnL93QQBR4mIGDrCWB3l1A5xWsmG+c7i4C1F6nN5k+CrN+84D7/B cZu6InLi8g01kIR69qAWpjF+AUnv1pN8H3EdkYGwxZsqpCPTKBZohzDoSo04u9dJ4SHX xKncf3yxZwVeeSEzRXCL5ra8ONDpyrnMin2OXdJ4ni5G/zVtJZgxvpTCHqmnwRxcPCCm KEWJ3imFLACmFjdki0eo3k/f3eL/CQ0c8M6ZXzHnROsZhW7T+GqywRurg2fdu3f0Tee9 l9Jg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=D0uOF+T4jZHmuqcz209Qddae1NNTWTRVV73luMTut3g=; b=VmYrqsWNXViKjYdoSAa4k8Y1wlpTK48Ju+K+aKDQrWAmvS1Z2J/8h17VQ4gXrR7q70 anGw9ubblhkRyXesqCHTiSFY/6+T5/D1xT3upgedvaROKl7tHW+gvk+ePxMrZuaRySUM DsbPvaK55ppuPbFhfGJh5wCXqW5UwEKf74k0m/s6BaWbwTvGk+hM+FvJLSSXr7vJ6w3q Rvpf09RXRhRUwJBzY0t0YQRSz/3tzpVdSnIHaoQ8W8mOLw1XABWK2rjobXER50b57c3u oQYgEb0OwfU6+InCHJ7Pt9hFBsTb1pvBzMRrvdA4QU7IpLZMFC7asb02is0t5QB2fuwz a53w== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=PaKvaCtb; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id vj23-20020a170907131700b008de42ddc5d8si9394ejb.977.2023.02.20.10.51.28; Mon, 20 Feb 2023 10:51:51 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=PaKvaCtb; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231809AbjBTSrR (ORCPT + 99 others); Mon, 20 Feb 2023 13:47:17 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56460 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232533AbjBTSrO (ORCPT ); Mon, 20 Feb 2023 13:47:14 -0500 Received: from NAM04-MW2-obe.outbound.protection.outlook.com (mail-mw2nam04on2065.outbound.protection.outlook.com [40.107.101.65]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 84DC721947; Mon, 20 Feb 2023 10:46:42 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ijAMP9dOwsm1No4MWGXlYrk1HbG7w41UFZyAfUrqQYzJcQawWoSQjhyiGiYxPMWE5Iyw6pRM0t3L20dyVzZzOKp2ZreBRXDoyCMXKPUgvD1wDjbLhJHDih9jW0pjzY6vu/EWP3JcAHF/4zf0DPDBHUuN6dxDvyKj1Y14JDT6acdM3U4Bl4bmz8C4q+5aIIPLURfZVQVAvOlXFcR1lVOp9VwoqaJAuJNXB7gNIMB2DAWI5NPer14aTop503DE9FBQpjIMZforu9icwAL6PILHbtjgKOSFOujTxy9S8kiZwvE/xmtiwwIt/WJz/OaGjBA7Toq6ifdVdYecfFOzIoLphw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=D0uOF+T4jZHmuqcz209Qddae1NNTWTRVV73luMTut3g=; b=lafWjtZybMxuXjgQouaJBdObEhfHM5xAcD9JQIiJ9Sv5ZSJUsY9VQRDKGUs4JrcMMvOhVLYyyX0kMbKtaHbAoL7NRWC/GTkb3RfGqjWMoGb/KliQC894dlvnVuY/E49FTpu1LKrT6+IbGcQ78Hc20mQixHyiVFGbVqGR/8VI3wT+aE1bvfxHBoZIVtSciRnMHTo/w4pznY8hKlshXP4yBUiPByO11D9RQA1w+C5gp2Tet17CjoyyhvL0rgftIRByRboXvwZL6bKJ2Eo2yl8Qt9n6FNAXi04bKlqqmY7TvRSFqLH9PlMz3E8GjF7Lb/LgXzcmFTLkW9XceQH278f4Gg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=D0uOF+T4jZHmuqcz209Qddae1NNTWTRVV73luMTut3g=; b=PaKvaCtb+mFMGg8TOMFnrW27/YAARnIbfllvEMZMGd+HC7UBk96gLgV0n5Gz9dD6n+QapLNUIP05kaLabC+riB/IiHEtIiAZPBS+PAnYgrsiVlfioWzh0jw7X2u9FBXNw23pUDqGmXhaHOC5bLuJQ/WCK2Jo+t0GN1jm422u9II= Received: from CY5PR15CA0046.namprd15.prod.outlook.com (2603:10b6:930:1b::7) by BL1PR12MB5254.namprd12.prod.outlook.com (2603:10b6:208:31e::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19; Mon, 20 Feb 2023 18:46:21 +0000 Received: from CY4PEPF0000C96B.namprd02.prod.outlook.com (2603:10b6:930:1b:cafe::1c) by CY5PR15CA0046.outlook.office365.com (2603:10b6:930:1b::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:46:20 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000C96B.mail.protection.outlook.com (10.167.241.75) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6134.14 via Frontend Transport; Mon, 20 Feb 2023 18:46:20 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:46:19 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh , "Jarkko Sakkinen" Subject: [PATCH RFC v8 17/56] x86/fault: Add support to handle the RMP fault for user address Date: Mon, 20 Feb 2023 12:38:08 -0600 Message-ID: <20230220183847.59159-18-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000C96B:EE_|BL1PR12MB5254:EE_ X-MS-Office365-Filtering-Correlation-Id: 9daee4c6-b661-4543-da8d-08db1372c21f X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: VyHcgg771pKNaQaZ66TOwQjJx+5a1DDEHtgpaRzGyoXjyiaE2CigwirpZLR9q+6QT8Ar/smJsi244WePfNfXuVgaXMeb9sD9VOSfAT2BoHMp2VTQc2uKJ19Q00W7v+QcinnBYWBwERT4GWkWDdys3BNGYjUEh8KyHx4lM/A1jcs5fVSWUyUKIibRIwnCeRvucm/Z/kYmbuF0lOyx0j4Jfil0gtcPE9OiEoWS+8Ob1v8DIBAMlBOeSJlO9ETwo61JpG7Fy/RaSj/bh4R0Q6FYGAkSf83agPNcOOSAZOFzV02oDZ0Xbc1mu88HquKV+wGhLuOJ6SfMdXeAGRh0XohaTTNWzPHBHRWgUbUWbUEg6LUJcV4USBRseylRU0m9xXTKMA+lBlAcgLD7R9Lu1oBdPERUjDa1Gvbwtt8IEwmnWin2UrMiKa91ZqitlCx8q0dKaPLnKfu/DZ1BWn+MdQCSQFyhZ/SMSofeVF+5VYdRiGEaTAf5gbFrJP1cQrciPVv3eLcVYZgZs2ECa6rVXO8RtKx8XYASGA4KUig1FdrgWjEnDI637lgWE7YeBVdARtnEC0RSqDNGvAslH28iQOB9MVhgJLcweAqXlcrVBQWXfPQehFfe/HlS/ErdneWP09nBfJCbPNKoELu3p5101E1Oun0LRXnP2T0A0pokdjUv9PikdmfIvqlrilPT00M1AziR6V7e5aRgIRZtWVrNkcF4ctpy7FlzpAQtVZyP25jLzeY= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(136003)(376002)(346002)(396003)(39860400002)(451199018)(40470700004)(46966006)(36840700001)(40460700003)(54906003)(316002)(8936002)(83380400001)(8676002)(70206006)(70586007)(4326008)(41300700001)(6666004)(1076003)(2616005)(6916009)(47076005)(16526019)(40480700001)(186003)(26005)(426003)(356005)(478600001)(336012)(36756003)(82310400005)(86362001)(2906002)(82740400003)(44832011)(7406005)(7416002)(36860700001)(5660300002)(81166007)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:46:20.6030 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 9daee4c6-b661-4543-da8d-08db1372c21f X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000C96B.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL1PR12MB5254 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377134098920603?= X-GMAIL-MSGID: =?utf-8?q?1758377134098920603?= From: Brijesh Singh When SEV-SNP is enabled globally, a write from the host goes through the RMP check. When the host writes to pages, hardware checks the following conditions at the end of page walk: 1. Assigned bit in the RMP table is zero (i.e page is shared). 2. If the page table entry that gives the sPA indicates that the target page size is a large page, then all RMP entries for the 4KB constituting pages of the target must have the assigned bit 0. 3. Immutable bit in the RMP table is not zero. The hardware will raise page fault if one of the above conditions is not met. Try resolving the fault instead of taking fault again and again. If the host attempts to write to the guest private memory then send the SIGBUS signal to kill the process. If the page level between the host and RMP entry does not match, then split the address to keep the RMP and host page levels in sync. Co-developed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen Co-developed-by: Ashish Kalra Signed-off-by: Ashish Kalra Signed-off-by: Brijesh Singh Signed-off-by: Michael Roth --- arch/x86/mm/fault.c | 104 ++++++++++++++++++++++++++++++++++++++- include/linux/mm.h | 3 +- include/linux/mm_types.h | 3 ++ mm/memory.c | 10 ++++ 4 files changed, 118 insertions(+), 2 deletions(-) diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c index f8193b99e9c8..afd4cde17001 100644 --- a/arch/x86/mm/fault.c +++ b/arch/x86/mm/fault.c @@ -33,6 +33,7 @@ #include /* kvm_handle_async_pf */ #include /* fixup_vdso_exception() */ #include +#include /* snp_lookup_rmpentry() */ #define CREATE_TRACE_POINTS #include @@ -414,6 +415,7 @@ static void dump_pagetable(unsigned long address) pr_cont("PTE %lx", pte_val(*pte)); out: pr_cont("\n"); + return; bad: pr_info("BAD\n"); @@ -527,6 +529,8 @@ static void show_ldttss(const struct desc_ptr *gdt, const char *name, u16 index) static void show_fault_oops(struct pt_regs *regs, unsigned long error_code, unsigned long address) { + unsigned long pfn; + if (!oops_may_print()) return; @@ -599,7 +603,10 @@ show_fault_oops(struct pt_regs *regs, unsigned long error_code, unsigned long ad show_ldttss(&gdt, "TR", tr); } - dump_pagetable(address); + pfn = dump_pagetable(address); + + if (error_code & X86_PF_RMP) + sev_dump_rmpentry(pfn); } static noinline void @@ -1240,6 +1247,90 @@ do_kern_addr_fault(struct pt_regs *regs, unsigned long hw_error_code, } NOKPROBE_SYMBOL(do_kern_addr_fault); +enum rmp_pf_ret { + RMP_PF_SPLIT = 0, + RMP_PF_RETRY = 1, + RMP_PF_UNMAP = 2, +}; + +/* + * The goal of RMP faulting routine is really to check whether the + * page that faulted should be accessible. That can be determined + * simply by looking at the RMP entry for the 4k address being accessed. + * If that entry has Assigned=1 then it's a bad address. It could be + * because the 2MB region was assigned as a large page, or it could be + * because the region is all 4k pages and that 4k was assigned. + * In either case, it's a bad access. + * There are basically two main possibilities: + * 1. The 2M entry has Assigned=1 and Page_Size=1. Then all 511 middle + * entries also have Assigned=1. This entire 2M region is a guest page. + * 2. The 2M entry has Assigned=0 and Page_Size=0. Then the 511 middle + * entries can be anything, this region consists of individual 4k assignments. + */ +static int handle_user_rmp_page_fault(struct pt_regs *regs, unsigned long error_code, + unsigned long address) +{ + int rmp_level, level; + pgd_t *pgd; + pte_t *pte; + u64 pfn; + + pgd = __va(read_cr3_pa()); + pgd += pgd_index(address); + + pte = lookup_address_in_pgd(pgd, address, &level); + + /* + * It can happen if there was a race between an unmap event and + * the RMP fault delivery. + */ + if (!pte || !pte_present(*pte)) + return RMP_PF_UNMAP; + + /* + * RMP page fault handler follows this algorithm: + * 1. Compute the pfn for the 4kb page being accessed + * 2. Read that RMP entry -- If it is assigned then kill the process + * 3. Otherwise, check the level from the host page table + * If level=PG_LEVEL_4K then the page is already smashed + * so just retry the instruction + * 4. If level=PG_LEVEL_2M/1G, then the host page needs to be split + */ + + pfn = pte_pfn(*pte); + + /* If its large page then calculte the fault pfn */ + if (level > PG_LEVEL_4K) + pfn = pfn | PFN_DOWN(address & (page_level_size(level) - 1)); + + /* + * If its a guest private page, then the fault cannot be resolved. + * Send a SIGBUS to terminate the process. + * + * As documented in APM vol3 pseudo-code for RMPUPDATE, when the 2M range + * is covered by a valid (Assigned=1) 2M entry, the middle 511 4k entries + * also have Assigned=1. This means that if there is an access to a page + * which happens to lie within an Assigned 2M entry, the 4k RMP entry + * will also have Assigned=1. Therefore, the kernel should see that + * the page is not a valid page and the fault cannot be resolved. + */ + if (snp_lookup_rmpentry(pfn, &rmp_level)) { + pr_info("Fatal RMP page fault, terminating process, entry assigned for pfn 0x%llx\n", + pfn); + do_sigbus(regs, error_code, address, VM_FAULT_SIGBUS); + return RMP_PF_RETRY; + } + + /* + * The backing page level is higher than the RMP page level, request + * to split the page. + */ + if (level > rmp_level) + return RMP_PF_SPLIT; + + return RMP_PF_RETRY; +} + /* * Handle faults in the user portion of the address space. Nothing in here * should check X86_PF_USER without a specific justification: for almost @@ -1337,6 +1428,17 @@ void do_user_addr_fault(struct pt_regs *regs, if (error_code & X86_PF_INSTR) flags |= FAULT_FLAG_INSTRUCTION; + /* + * If its an RMP violation, try resolving it. + */ + if (error_code & X86_PF_RMP) { + if (handle_user_rmp_page_fault(regs, error_code, address)) + return; + + /* Ask to split the page */ + flags |= FAULT_FLAG_PAGE_SPLIT; + } + #ifdef CONFIG_X86_64 /* * Faults in the vsyscall page might need emulation. The diff --git a/include/linux/mm.h b/include/linux/mm.h index 3c84f4e48cd7..2fd8e16d149c 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -466,7 +466,8 @@ static inline bool fault_flag_allow_retry_first(enum fault_flag flags) { FAULT_FLAG_USER, "USER" }, \ { FAULT_FLAG_REMOTE, "REMOTE" }, \ { FAULT_FLAG_INSTRUCTION, "INSTRUCTION" }, \ - { FAULT_FLAG_INTERRUPTIBLE, "INTERRUPTIBLE" } + { FAULT_FLAG_INTERRUPTIBLE, "INTERRUPTIBLE" }, \ + { FAULT_FLAG_PAGE_SPLIT, "PAGESPLIT" } /* * vm_fault is filled by the pagefault handler and passed to the vma's diff --git a/include/linux/mm_types.h b/include/linux/mm_types.h index 500e536796ca..06ba34d51638 100644 --- a/include/linux/mm_types.h +++ b/include/linux/mm_types.h @@ -962,6 +962,8 @@ typedef struct { * mapped R/O. * @FAULT_FLAG_ORIG_PTE_VALID: whether the fault has vmf->orig_pte cached. * We should only access orig_pte if this flag set. + * @FAULT_FLAG_PAGE_SPLIT: The fault was due page size mismatch, split the + * region to smaller page size and retry. * * About @FAULT_FLAG_ALLOW_RETRY and @FAULT_FLAG_TRIED: we can specify * whether we would allow page faults to retry by specifying these two @@ -999,6 +1001,7 @@ enum fault_flag { FAULT_FLAG_INTERRUPTIBLE = 1 << 9, FAULT_FLAG_UNSHARE = 1 << 10, FAULT_FLAG_ORIG_PTE_VALID = 1 << 11, + FAULT_FLAG_PAGE_SPLIT = 1 << 12, }; typedef unsigned int __bitwise zap_flags_t; diff --git a/mm/memory.c b/mm/memory.c index f88c351aecd4..e68da7e403c6 100644 --- a/mm/memory.c +++ b/mm/memory.c @@ -4996,6 +4996,12 @@ static vm_fault_t handle_pte_fault(struct vm_fault *vmf) return 0; } +static int handle_split_page_fault(struct vm_fault *vmf) +{ + __split_huge_pmd(vmf->vma, vmf->pmd, vmf->address, false, NULL); + return 0; +} + /* * By the time we get here, we already hold the mm semaphore * @@ -5078,6 +5084,10 @@ static vm_fault_t __handle_mm_fault(struct vm_area_struct *vma, pmd_migration_entry_wait(mm, vmf.pmd); return 0; } + + if (flags & FAULT_FLAG_PAGE_SPLIT) + return handle_split_page_fault(&vmf); + if (pmd_trans_huge(vmf.orig_pmd) || pmd_devmap(vmf.orig_pmd)) { if (pmd_protnone(vmf.orig_pmd) && vma_is_accessible(vma)) return do_huge_pmd_numa_page(&vmf); From patchwork Mon Feb 20 18:38:09 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59596 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1460922wrn; Mon, 20 Feb 2023 10:53:33 -0800 (PST) X-Google-Smtp-Source: AK7set95rggOAa0oKihYKrmAvwv4BgGFddub0jWrKR6HAYA04GxctY+MzrWQc3GSB9bZ/fIXHqAw X-Received: by 2002:a17:906:7848:b0:889:14ec:21ae with SMTP id p8-20020a170906784800b0088914ec21aemr10313217ejm.32.1676919213337; Mon, 20 Feb 2023 10:53:33 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919213; cv=pass; d=google.com; s=arc-20160816; b=clSVD4Gll+G4pkt1cjAKCUNAIqEGl2fRsE7sYT7jRWb0BgJJA+UNrpjTAy8oX9tMTd sA+c7oggRNcxGCRXkpt75mSrJk94xJykPBrPRwmE7GDbcTRdkKgRweyljBpAmS3F7k2M LeG+1XjNrs72AskO7IvpR/exxfd3WxiwhNIkHEy1JKGU58hRgQUTnpchUXnGM198UVTI DlbaFw/bGDb7SR39ixBeDRdo1ZYBnkH9Yt44L/3KLcXE+klL8lrChOlqNPBomVCt+s8Y XJl89xGsZ83xHk0Dp10y9Mx+ky2L3noUQcqNCzDmiCIBqu6L96kvUVjqb/mlV3M/ZR3G 0GIg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=bwGNNhr0BV8XU5gNur70iQYprV9zVRyFOKALIClyqYk=; b=wiXNuGoszQqcLt2tacf3StpC0KvTnDnXcER3HChayaASbIGjzOvXuXd5GGzvacaS8E chfd08FKKSkAKrAAN2ZzS8+nwBg7vEdnNkcTlMZD7PjzfmmuwI2PpX5blWZwdnrGFr82 zGguDTeo0JWcSpWLkiGQh4EXtqTkhy7sAaMzc583io8K/+5ZziZrZKa7Iqllt/5CTmne LW32aVkb32j9H0CYK+rMhtuhQ2FwsTSqS0L16BNMD28J9POIteVVn3W1LACJhko5TDdi Q+Rv3ZtEdqc6n9F0jIOoqoUtHAIf92KHh3oufzrYPaED0ldxUcC6IRjD8CIXQcwmEFaJ U7MQ== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=p3yYnq7N; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id s10-20020aa7c54a000000b004ad73062e73si5817260edr.271.2023.02.20.10.53.09; Mon, 20 Feb 2023 10:53:33 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=p3yYnq7N; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232591AbjBTSrs (ORCPT + 99 others); Mon, 20 Feb 2023 13:47:48 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57050 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232148AbjBTSrp (ORCPT ); Mon, 20 Feb 2023 13:47:45 -0500 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2041.outbound.protection.outlook.com [40.107.236.41]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 397F22194A; Mon, 20 Feb 2023 10:47:18 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MVRjs2k+sxXg5GY29MPMYn3AhV7TtUEMEc+Eov3Fq1flr4YlFQp4e71aQHJH7B354wDn6IJfvbNr5Vy54jHzITFRRQfL3AARhes5/NTgS1YFc2A73TMBuBlzK3w+bI2v2nsjIH1ViT552WjGGaFlietZE+4Agn5CwadX7UMtGZTGpCf2DiGASN/+ai3Cm0GtWqCnHRY9lMj9g8bCjIGYpNRgH70zhUIz9UpLi4UvrT/oZ/rUeVIkgdY9jowo2gsdAfMHEteGfZW0b5s7+QPTr26MIqUt9OL5g/PjpEhPWY4jAJu5filRKGBob3HHxvy29pqKgqDrpGw0gpklKBhk2g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=bwGNNhr0BV8XU5gNur70iQYprV9zVRyFOKALIClyqYk=; b=dZxBmpghRAzFGqYnF13dvp+FEhJJxgFbjYsmitOriqEXm6hIJD4AhJXMAU4h5UwHzFXabEJox3QjUtmPJS6ZIMp7sx/GUzX2cXgrUeNum9cw9yvaUs37QHOrycs0LpipBVOphY3SDWvU8LSzQKXvqydhwATuGSmNByo63H+JH2fuLXMIm7prbE2/uqWcTtSOKbP1KYCKgQOai3NNj4Q6WA+Ob6zZnXzEarzOTRZFt4wuLGbT0nSmX7gBC5Svu0TNsv8++RJodGBelqQ7lixW8wKtbZ5xTzaRzVM7TzjB50LL/00B183RpCM4IxMBnMtYkCiLJ7TMjaJGJf3Uf0E/ww== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=bwGNNhr0BV8XU5gNur70iQYprV9zVRyFOKALIClyqYk=; b=p3yYnq7NW2BQ6QCQ1WAVRrLCAI0g/VIjE0oTcmF5RJKXruLyMHR6k2O5zsqySzBpo5tqS6UQenn8JKcZ5QX9vCwEwUEr//BPsnpkqQzF2Z0h3jGMzHEqQRhuN5OBMuT6Y40iJQlN90gXCwgWEp89wHJy60RLHXK/Lv69yvMWUdU= Received: from CY5PR15CA0054.namprd15.prod.outlook.com (2603:10b6:930:1b::20) by DM4PR12MB5264.namprd12.prod.outlook.com (2603:10b6:5:39c::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20; Mon, 20 Feb 2023 18:46:41 +0000 Received: from CY4PEPF0000C966.namprd02.prod.outlook.com (2603:10b6:930:1b:cafe::19) by CY5PR15CA0054.outlook.office365.com (2603:10b6:930:1b::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:46:41 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000C966.mail.protection.outlook.com (10.167.241.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6134.14 via Frontend Transport; Mon, 20 Feb 2023 18:46:41 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:46:40 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Hugh Dickins Subject: [PATCH RFC v8 18/56] x86/fault: fix handle_split_page_fault() to work with memfd backed pages Date: Mon, 20 Feb 2023 12:38:09 -0600 Message-ID: <20230220183847.59159-19-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000C966:EE_|DM4PR12MB5264:EE_ X-MS-Office365-Filtering-Correlation-Id: ba5fa676-5082-4d16-0e82-08db1372ce65 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: B7d/72wrsRpK+69U11y8f7soos0SsuWP+xMyNq08E54psX1/nQ4WL0L6VC9MUTK3rXt7gXXHCJfXuW0Xjwa+Dt2Osio0EoWKZv8leNvtsXtmc4+lOgBHjxVqbTOxN7tDQMD1rSo48LfsTk7Ua/WCVihXVNnbHZoshykNRgvrfaotk4Is05Fl7Op91tB7DXutFOflbN73S+Cy0c1w6Wa8AthKSewebo2L9xXduCiBfkIHVMnPk5GvE8QkXcP0/GGWUdiwcR3VGtgYv6LM2hmRD4G+TtNFyHG8GY1AtPTa91Jn0Qki9ShzymXykJWBHWRzF1V+Np6Ua7FcsRNRMBkl/+TfTasQxD2Kz3xuDoKk9MUB/jB5XdaSC94BRM8LS2Oq9t+Xp4v695l5PdV5cy/5hSlmTecCs7C6t8gvVN4QYvUWyrl9gVqEXW9q1vxcJ49NqZf+XgapBmL8ysg4qEhExE459i9v2B81wBVPt2dVj06/9F3aakZbsPVaCdEljCyEgirNCW1qzMY3hm2F5HgH5XJwRQxjeeWHLaquRGpBcFfz7AT7xC7CJMP59jlhvIxC1XWGFB0bcFoahPy1RoH8JUxnBfjjX38J3rWr+kPEUU0MN3ReAt7YLvncj7fEInKSzywbCGuwSrmvec9Oa9dHziCzxbqS57LPHkaYh39uhmzrMPHlB5QfUxtzfV/QIxPefi5n7stR7z0TYtAqLWQ1Ca65SlNSFKc0EVthNn/FJUw= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(136003)(39860400002)(376002)(346002)(396003)(451199018)(36840700001)(40470700004)(46966006)(82740400003)(81166007)(82310400005)(36756003)(356005)(36860700001)(16526019)(40460700003)(40480700001)(6666004)(186003)(26005)(70206006)(1076003)(316002)(2906002)(2616005)(478600001)(54906003)(70586007)(336012)(8676002)(6916009)(4326008)(8936002)(5660300002)(83380400001)(86362001)(44832011)(7416002)(41300700001)(7406005)(426003)(47076005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:46:41.1892 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: ba5fa676-5082-4d16-0e82-08db1372ce65 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000C966.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB5264 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377241143718025?= X-GMAIL-MSGID: =?utf-8?q?1758377241143718025?= From: Hugh Dickins When the address is backed by a memfd, the code to split the page does nothing more than remove the PMD from the page tables. So immediately install a PTE to ensure that any other pages in that 2MB region are brought back as in 4K pages. Signed-off-by: Hugh Dickins Cc: Hugh Dickins Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- mm/memory.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/mm/memory.c b/mm/memory.c index e68da7e403c6..33c9020ba1f8 100644 --- a/mm/memory.c +++ b/mm/memory.c @@ -4999,6 +4999,11 @@ static vm_fault_t handle_pte_fault(struct vm_fault *vmf) static int handle_split_page_fault(struct vm_fault *vmf) { __split_huge_pmd(vmf->vma, vmf->pmd, vmf->address, false, NULL); + /* + * Install a PTE immediately to ensure that any other pages in + * this 2MB region are brought back in as 4K pages. + */ + __pte_alloc(vmf->vma->vm_mm, vmf->pmd); return 0; } From patchwork Mon Feb 20 18:38:10 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59595 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1460921wrn; Mon, 20 Feb 2023 10:53:33 -0800 (PST) X-Google-Smtp-Source: AK7set/qYLH9sau9byMbu41i3Zu69zee9rZuDMXYzMsPSAnPVIIcRwF+gMf6p7VfDcyZGjoOt7bW X-Received: by 2002:aa7:d4c1:0:b0:4ab:4bf9:a10f with SMTP id t1-20020aa7d4c1000000b004ab4bf9a10fmr743073edr.30.1676919213329; Mon, 20 Feb 2023 10:53:33 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919213; cv=pass; d=google.com; s=arc-20160816; b=ld5o1PRRpfn5wELnyA4aWAVafu1DkFUcqVtj4BmtHyLFmiGhlgAw1m1K8YDMDxUga2 YgHIz+aqfXCC3XplZYy3KM7WH9XdXRiPKeM0JDnysL2ZnrcqwOGxfdFwXe5EEUWwxAp6 50RpQbDshwywuoTT8Kj37teIMrSw+LVtXeiDgJJiBMXUigb45ZfM1pJvzy5avaJF54D2 DLJZupD58Ztez3QerF+XI989Q2ood8ZjQBt+DEYRxeoBfJqMbZVriimRDRFFfibagcvy SruOdp30KmCB4Hm/XFwp4Gf847NG1/KGPY9ylxtNDLE8Zi6GtRDoWDmwZ/K59G5q/Ny4 Pl7A== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=8hQgEt4zfuohLaU4xMAC3aVGdlY7+WMaFzYsllKiGIY=; b=MU9rwxzxwC7K46kwHJIpTn96H41LY+K3OHdvAiv9Pq6Xab388iVHUOX7yX5LwTbq0n B52T6FTQjfyFKaF57VIqxB8wFjAh5VN7Cr6FEeLLbPy6knaNM86NjBnMBuaCizHA/6Z9 utDiDdP6kONWiR/MMjELsF5sdzE42WJLOG3atjSX/mi2clg04gsFddEHVceD5TsaD0nu Hexadnni2oL/dP2Waq0Wr+mSHomtNqYrSJ/r1/C+5xb56dkTcPFNsTdO61JBMZ3EZ3fl AGNmaiXvKWCY05XUWQngD66mky242y9kqwtTvEke1t0bLuGCFqCcLGSkV/u1D4Bw4G6e tA+w== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=gp6doT3d; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id d17-20020a056402517100b004ac1ba30936si1950888ede.167.2023.02.20.10.53.09; Mon, 20 Feb 2023 10:53:33 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=gp6doT3d; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232601AbjBTSsZ (ORCPT + 99 others); Mon, 20 Feb 2023 13:48:25 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58232 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230384AbjBTSsX (ORCPT ); Mon, 20 Feb 2023 13:48:23 -0500 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2061a.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe5b::61a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C70AB212A6; Mon, 20 Feb 2023 10:47:46 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=T+JJla0olOxnhbHBPL9D0pNGBGWu1/JtPM5ULIJvnxosIgI+PsaY0sBfAECsQlOItmjckcQj/4J/RvLxcteje2yIRkm8ji51iCINmNDnvBrvTFstw5EmmthEhlF50z3LikmJj5fheDds56ktxFNfwffliO635E+EC6utPy7vvjOS4tnDOammBEdy3boVa0JKwXKqT99Lgr7EBnx2G3qbc0eXKlzfb3rI449bYrEdusa0hChjhbEGuI8PehWUyzLmK6XdLjpM9qLvoFnejypIKmOI2RtppazTBZgOY8b4bTq8qS7U+9hos4hqM3RvinOu4LMna/6uzVdRC1r798CJJw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=8hQgEt4zfuohLaU4xMAC3aVGdlY7+WMaFzYsllKiGIY=; b=iiILRzl3Ym+bS05JBKW/wnLSDUav0w5nogKzyyUdsbgvGyU8ZX48NOwBRBfo4PuUSPHjls6LkV3hdNr+tyTq7EnfyJp0AYSDut776EyfxymKyCfhMYsTdK2ARYZsBcF2X0IkYeDQ8haUNPa/sx4XbwzQx2pQhPiQxIS2/s7HS9e39L++l+6k/jFuclLgeqHm9P4MqwluH6r4HikaRppF8p/a8onSma48XSyHbWSXPEzLs1Pbnq7ZwMc0R8J8JBX1c7PcjwfaV1cg2BjNsQBu3nNyUBv4tyRrU0JXsxdSB12BlXJZAxu7CZzKB02xwcHBlKZJhtRfpeOhcuPYsHj4Iw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8hQgEt4zfuohLaU4xMAC3aVGdlY7+WMaFzYsllKiGIY=; b=gp6doT3dHJYY8E9gGKjumXpv5LdwdRcCoDckGMKReqljFOVTP3JiwfebMQX3jO2NMN5BiDt3al+TESvoYWnNjDsOIaAlp1Fd8HH7zSL/oq+ORf20SGMSOpQD8b2V0KCd7dzQToUWz5ablhXhuCxKaD6JGTUSARyoDAqkGInk/ho= Received: from CY5P221CA0113.NAMP221.PROD.OUTLOOK.COM (2603:10b6:930:1f::6) by MN6PR12MB8513.namprd12.prod.outlook.com (2603:10b6:208:472::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19; Mon, 20 Feb 2023 18:47:02 +0000 Received: from CY4PEPF0000C96A.namprd02.prod.outlook.com (2603:10b6:930:1f:cafe::20) by CY5P221CA0113.outlook.office365.com (2603:10b6:930:1f::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:47:02 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000C96A.mail.protection.outlook.com (10.167.241.74) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6134.14 via Frontend Transport; Mon, 20 Feb 2023 18:47:02 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:47:01 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH RFC v8 19/56] x86/fault: Return pfn from dump_pagetable() for SEV-specific fault handling. Date: Mon, 20 Feb 2023 12:38:10 -0600 Message-ID: <20230220183847.59159-20-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000C96A:EE_|MN6PR12MB8513:EE_ X-MS-Office365-Filtering-Correlation-Id: 9b2c1e85-2006-460b-f2d6-08db1372db01 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: sfiaFB4QrkAGuUpc9aYDo8hy7b2Tra5UUhwn+OhNIo53ij4AQLAHfrvoMTux2P8/TEa8mMsfxRPpaMAdDbhsmA2oY3zmSWPe7hoRDNc01R170JClPW8A9Vpueas1m5YaiIw4CLbIQ3TW8Gte5awLrk45nEoifCkvnB5kagH75Mufqoc282vTTg+B/co7YwTC1ndv/BYlMrqeH+ljhxR3/o1kvqfV4AiT3Ec+MDZleuIIEeACB7i/dN045+g3Y2FFkTNK89akTy17AiapDBaeh9D0e+6tcwe9B0MnDJQHM4ROMgBZt+nA5bNU/38u6mEd7uj6Jd/4LtdgSpE4LzwNUGQIQJsQ/W1S1o3m5wyxkfj6ddDT0eUyHjjK+TZ4S6pJ3xyP/7hoPmJwZjlYtFqLbl0fvylazK7KFMcY2cSHUES/9Zd3lu+Tq6lnKohZ3GNsekdMKH7Xzwl/7/Tr/FyLSp8IGD0lqfgOkHNp4NRlk5p5ZME/pn3eoTaKi5GZHWBO6oP/8tptiTd0Ai1c/Pe5ZCV/6ftdrUCPc7/QOwCWo3djpvf32B215zUnroMc3AV4Ym7e/0AZkUgf6fMeAryU3VGAiXQkbDIygQtQK1V9PPcS24nnXjwpyI9kfW++ZUlucZSFDzOevOrrB+bpa7+3iXkk5/Opds9GtI1cURI+V63FwX/YZdg7NXh1WlaSQahLWajjE1NSAOIlfH9dDh7KKC3JcoXYCsd6efT9Bd8c1LA= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(136003)(346002)(376002)(396003)(39860400002)(451199018)(40470700004)(36840700001)(46966006)(6666004)(47076005)(478600001)(426003)(4326008)(6916009)(83380400001)(2616005)(336012)(70206006)(1076003)(16526019)(70586007)(8676002)(41300700001)(7416002)(5660300002)(7406005)(8936002)(36860700001)(44832011)(2906002)(82740400003)(81166007)(40480700001)(356005)(26005)(54906003)(316002)(186003)(36756003)(82310400005)(86362001)(40460700003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:47:02.3500 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 9b2c1e85-2006-460b-f2d6-08db1372db01 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000C96A.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN6PR12MB8513 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,SPF_HELO_PASS, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377240882958364?= X-GMAIL-MSGID: =?utf-8?q?1758377240882958364?= From: Ashish Kalra Return pfn from dump_pagetable() to do SEV-specific fault handling. Used for handling SNP RMP page fault. Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- arch/x86/mm/fault.c | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c index afd4cde17001..f2b16dcfbd9a 100644 --- a/arch/x86/mm/fault.c +++ b/arch/x86/mm/fault.c @@ -311,7 +311,7 @@ static bool low_pfn(unsigned long pfn) return pfn < max_low_pfn; } -static void dump_pagetable(unsigned long address) +static unsigned long dump_pagetable(unsigned long address) { pgd_t *base = __va(read_cr3_pa()); pgd_t *pgd = &base[pgd_index(address)]; @@ -345,8 +345,10 @@ static void dump_pagetable(unsigned long address) pte = pte_offset_kernel(pmd, address); pr_cont("*pte = %0*Lx ", sizeof(*pte) * 2, (u64)pte_val(*pte)); + return 0; out: pr_cont("\n"); + return 0; } #else /* CONFIG_X86_64: */ @@ -367,10 +369,11 @@ static int bad_address(void *p) return get_kernel_nofault(dummy, (unsigned long *)p); } -static void dump_pagetable(unsigned long address) +static unsigned long dump_pagetable(unsigned long address) { pgd_t *base = __va(read_cr3_pa()); pgd_t *pgd = base + pgd_index(address); + unsigned long pfn; p4d_t *p4d; pud_t *pud; pmd_t *pmd; @@ -388,6 +391,7 @@ static void dump_pagetable(unsigned long address) if (bad_address(p4d)) goto bad; + pfn = p4d_pfn(*p4d); pr_cont("P4D %lx ", p4d_val(*p4d)); if (!p4d_present(*p4d) || p4d_large(*p4d)) goto out; @@ -396,6 +400,7 @@ static void dump_pagetable(unsigned long address) if (bad_address(pud)) goto bad; + pfn = pud_pfn(*pud); pr_cont("PUD %lx ", pud_val(*pud)); if (!pud_present(*pud) || pud_large(*pud)) goto out; @@ -404,6 +409,7 @@ static void dump_pagetable(unsigned long address) if (bad_address(pmd)) goto bad; + pfn = pmd_pfn(*pmd); pr_cont("PMD %lx ", pmd_val(*pmd)); if (!pmd_present(*pmd) || pmd_large(*pmd)) goto out; @@ -412,13 +418,14 @@ static void dump_pagetable(unsigned long address) if (bad_address(pte)) goto bad; + pfn = pte_pfn(*pte); pr_cont("PTE %lx", pte_val(*pte)); out: pr_cont("\n"); - - return; + return pfn; bad: pr_info("BAD\n"); + return -1; } #endif /* CONFIG_X86_64 */ From patchwork Mon Feb 20 18:38:11 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59599 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1461729wrn; Mon, 20 Feb 2023 10:55:49 -0800 (PST) X-Google-Smtp-Source: AK7set9C0EUWkDf22QwgHV622dGdSyvJfgWZHKCOQiZtKpli8x2uegT+dsSHLXKARlstbxYBgXtF X-Received: by 2002:a05:6402:115a:b0:4ad:5220:79f0 with SMTP id g26-20020a056402115a00b004ad522079f0mr1687599edw.5.1676919349013; Mon, 20 Feb 2023 10:55:49 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919349; cv=pass; d=google.com; s=arc-20160816; b=JS5m30F+dTEPaaC5ysgzVakMf4UI3+d4HY6Zk+gNuoROUI/SqXTvmjsC9YkDIw4ujP pVTqSi3W4Q0+55Oj/4DObk/RnY31dY4YmXxUl7QaON28SL2izW0qLHSMfnvNl9TYEzsD CpCe4bZAKSHYeX5swKZt9OOaRTBtfE3CAO3pRM16ZYLFHCsaxUD0KNkoPKE75KZmAULi oO57HPD4dvJGe7hrxRL0PH5ve+XKbqBRUa1Y5Tj+8vQy61mAkJ3HL8fjiPjzLeBSfzjv xjcxNLSzZoVXm0x32PQPGRoHHszbhMmy2CT94cgekwBTArYog0aQCvyepzYejINTkGnh UVFQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=ZlUFp+VwVtbLnwCRmDAMFBybG0+YXNebrHVCVCJfOus=; b=sRuxN7WTrjgFUuKU1siYKL3MKJxgUBMsuidNABCfUQiyGPNVpmz+iawP/hplH9cCd2 1FXiAljq0zFEHidXBSWAkWjSa137K0t0skkmJCOTEq9+/3dtdzB4Z3lVMsJbOKi6xFzh Xb5t1+x2GWhpTjI+oGubJ5pvgLv+rXj8WcJQF9a/8buV2eONv5Mo/ChNW7cRBuRAqWz9 mzTEveGmgwQdI4N9J+onHIp0eTQrmsNW4Bo0e/h/sitTgiHWQk/ftxsJ+Sip5KOG2r09 oEWVQkhGTUibxEpl9NU6zmlHAevcxhNb2MP8yWlPVsZ2qh0L4Vr9CZH+k4LeQ0KVKId/ 2+4w== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=ayiff+DE; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id d20-20020a50fb14000000b004acb81aae7dsi16088574edq.186.2023.02.20.10.55.24; Mon, 20 Feb 2023 10:55:48 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=ayiff+DE; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232662AbjBTStF (ORCPT + 99 others); Mon, 20 Feb 2023 13:49:05 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58926 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232646AbjBTSs4 (ORCPT ); Mon, 20 Feb 2023 13:48:56 -0500 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2086.outbound.protection.outlook.com [40.107.243.86]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5BFB11EBF9; Mon, 20 Feb 2023 10:48:18 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=g8boJHumb+DaZBzCNWppzHWo6meDqU0lCuaAo7dtvcs4xb7jzuNPTI+MSNILK9cRgn+um7BBSRagjBuGbrNgZEEayOwSJ12LGSZR2T3wt8EcnBVzY8CeNDH6a5Um9MQiqKUIpcv8C7K/1CFKKldE1SpjZ9XIKTyWwfzMsMlibOnmDnIOj23hjJmDHIf6yk8MbfOX/gr0ZDvcotB/RKdlfqPC0hRVvozInQ3x0DQ9106AbD9eUzFND6Am8FBxrWPHqB4mQ2w0wt9//8bRuB9Wd6+BJVwSGGe0W5yEgs1vWWQGq/En1I5nvlcGqTeWKVqEwwuziLDnUSqkqIgolEmH1Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ZlUFp+VwVtbLnwCRmDAMFBybG0+YXNebrHVCVCJfOus=; b=Z9c8t1YtJmDIw+HhRX7VriAh65WwxXxaOlJYJvt+/Fqryt66va1/j0LHgvRhBD0PSQPSKh7NTaGYE+NIHOB3q1IrQjAx1kY1lA2wWgiZVP91PJGxLR9QitmgqGXjDCQQLbeolZJ/o8UZxStQK8r9p2WmwhYYum3kSbY6LfLNEHVhrSNTBtjbSix56+E9wiNM3KBOYwOQHGdPyoeu9D3WfMiev430ZK/vWOU6afQ5BbH+/AME3LTJAMYXQaBsHcE8ZcgBxRlE5Nsh3ARMnsvud5XZMNThPSIN1ruJOXOktYF+qEG5wN0nDRRN+gk2i02Je92/Y2ZbyZQRdBN8D3xiAA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZlUFp+VwVtbLnwCRmDAMFBybG0+YXNebrHVCVCJfOus=; b=ayiff+DECJTY3D5fFe9Kbr9lSQmDitAsSzOKt0elqgIzUCeJ4kRCDIiVdSNSrR9NYcQmrNFS8wGs5DKPatXvwwQ4cZJQt6+o3ThLleGuk10DWJoA2/f2mOuJraBdJlG3tcOriDidpYksv+tQWGo1Wqnc8bHq6vvGGhn45EJyJaA= Received: from CY5P221CA0117.NAMP221.PROD.OUTLOOK.COM (2603:10b6:930:1f::11) by DM4PR12MB5311.namprd12.prod.outlook.com (2603:10b6:5:39f::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19; Mon, 20 Feb 2023 18:47:23 +0000 Received: from CY4PEPF0000C96A.namprd02.prod.outlook.com (2603:10b6:930:1f:cafe::ce) by CY5P221CA0117.outlook.office365.com (2603:10b6:930:1f::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:47:23 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000C96A.mail.protection.outlook.com (10.167.241.74) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6134.14 via Frontend Transport; Mon, 20 Feb 2023 18:47:23 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:47:22 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH RFC v8 20/56] crypto:ccp: Define the SEV-SNP commands Date: Mon, 20 Feb 2023 12:38:11 -0600 Message-ID: <20230220183847.59159-21-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000C96A:EE_|DM4PR12MB5311:EE_ X-MS-Office365-Filtering-Correlation-Id: af72fbc2-da5f-4b67-5585-08db1372e7a5 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: gihk1fF0d39RLCAJy12wf42b7YPcROlyDi8Qw6qMJcpjuVJdsAxWYlryEirs/qUhNI96YQFdK5UJ6fPuiOjaW82P3DWd0RlXanuHED/BnF0j466wcsvEitbo5eOnP3dAZzE55AWyoTyIBO42t48yHTeWvHGzMqzvVdV5LBmSJ6TltGhrZCo7ZAfvRJX5A7i9eXzI3FPk4tHna+Vp/eS9X6k/hWhGL4Gsy0VpNbJZtQCaeaVXfXiKSXP7wM42pgbHhgsDkcryzuLueJRiS8W/Dy1CeiIbD0t13sTRtgxVtOON5S4b7WdmPEYd1ms5HVHOXirgMsRxWdx9YVWwhcOl/HPnsDQVbab1E0vz1V7QKjp+DI0VRKXKFo12AZu1k7jgIuV3ypA1QPr8IZq5+b0avHkXM4pDEluhb5li4i+z/EE9taX5SIhrPuBXQ6pptLKloCLHSeK3Fnsn8uU61COqyrLcvdGmbasqSuQQU8RbGAhLtxuM5K842GuYztLDth/0yueQ81u/DqVS0Wefm1BFq597RbMSAC9uHNj6P22EQEC+Hc0FTzNHBmNC62IsHh4PfB/wynb9qirrgvRZauEyyGKf34Tu016V4JjL0nAryuOpFPPb1uYY57JROYp+hfIBeNZwB2/DxawoDCdR7X8x+iVvji/wVitTym419mB696qRjdT3wcdontp/yCriXt5ji0L0P+zTaeZhB6s+6DG860zkdRkAEqPYHQaMSE5fh8g= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(136003)(396003)(376002)(346002)(39860400002)(451199018)(40470700004)(46966006)(36840700001)(40460700003)(41300700001)(70586007)(70206006)(83380400001)(7406005)(5660300002)(7416002)(8676002)(54906003)(1076003)(2616005)(6916009)(6666004)(8936002)(316002)(4326008)(186003)(478600001)(426003)(26005)(47076005)(16526019)(356005)(82310400005)(36756003)(40480700001)(336012)(2906002)(82740400003)(86362001)(30864003)(36860700001)(44832011)(81166007)(84970400001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:47:23.5378 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: af72fbc2-da5f-4b67-5585-08db1372e7a5 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000C96A.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB5311 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377383219091179?= X-GMAIL-MSGID: =?utf-8?q?1758377383219091179?= From: Brijesh Singh AMD introduced the next generation of SEV called SEV-SNP (Secure Nested Paging). SEV-SNP builds upon existing SEV and SEV-ES functionality while adding new hardware security protection. Define the commands and structures used to communicate with the AMD-SP when creating and managing the SEV-SNP guests. The SEV-SNP firmware spec is available at developer.amd.com/sev. Co-developed-by: Ashish Kalra Signed-off-by: Ashish Kalra Signed-off-by: Brijesh Singh Signed-off-by: Michael Roth --- drivers/crypto/ccp/sev-dev.c | 16 +++ include/linux/psp-sev.h | 247 +++++++++++++++++++++++++++++++++++ include/uapi/linux/psp-sev.h | 44 +++++++ 3 files changed, 307 insertions(+) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 06fc7156c04f..9d84720a41d7 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -126,6 +126,8 @@ static int sev_cmd_buffer_len(int cmd) switch (cmd) { case SEV_CMD_INIT: return sizeof(struct sev_data_init); case SEV_CMD_INIT_EX: return sizeof(struct sev_data_init_ex); + case SEV_CMD_SNP_SHUTDOWN_EX: return sizeof(struct sev_data_snp_shutdown_ex); + case SEV_CMD_SNP_INIT_EX: return sizeof(struct sev_data_snp_init_ex); case SEV_CMD_PLATFORM_STATUS: return sizeof(struct sev_user_data_status); case SEV_CMD_PEK_CSR: return sizeof(struct sev_data_pek_csr); case SEV_CMD_PEK_CERT_IMPORT: return sizeof(struct sev_data_pek_cert_import); @@ -154,6 +156,20 @@ static int sev_cmd_buffer_len(int cmd) case SEV_CMD_GET_ID: return sizeof(struct sev_data_get_id); case SEV_CMD_ATTESTATION_REPORT: return sizeof(struct sev_data_attestation_report); case SEV_CMD_SEND_CANCEL: return sizeof(struct sev_data_send_cancel); + case SEV_CMD_SNP_GCTX_CREATE: return sizeof(struct sev_data_snp_addr); + case SEV_CMD_SNP_LAUNCH_START: return sizeof(struct sev_data_snp_launch_start); + case SEV_CMD_SNP_LAUNCH_UPDATE: return sizeof(struct sev_data_snp_launch_update); + case SEV_CMD_SNP_ACTIVATE: return sizeof(struct sev_data_snp_activate); + case SEV_CMD_SNP_DECOMMISSION: return sizeof(struct sev_data_snp_addr); + case SEV_CMD_SNP_PAGE_RECLAIM: return sizeof(struct sev_data_snp_page_reclaim); + case SEV_CMD_SNP_GUEST_STATUS: return sizeof(struct sev_data_snp_guest_status); + case SEV_CMD_SNP_LAUNCH_FINISH: return sizeof(struct sev_data_snp_launch_finish); + case SEV_CMD_SNP_DBG_DECRYPT: return sizeof(struct sev_data_snp_dbg); + case SEV_CMD_SNP_DBG_ENCRYPT: return sizeof(struct sev_data_snp_dbg); + case SEV_CMD_SNP_PAGE_UNSMASH: return sizeof(struct sev_data_snp_page_unsmash); + case SEV_CMD_SNP_PLATFORM_STATUS: return sizeof(struct sev_data_snp_addr); + case SEV_CMD_SNP_GUEST_REQUEST: return sizeof(struct sev_data_snp_guest_request); + case SEV_CMD_SNP_CONFIG: return sizeof(struct sev_user_data_snp_config); default: return 0; } diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index 1595088c428b..31b045e1926f 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -86,6 +86,35 @@ enum sev_cmd { SEV_CMD_DBG_DECRYPT = 0x060, SEV_CMD_DBG_ENCRYPT = 0x061, + /* SNP specific commands */ + SEV_CMD_SNP_INIT = 0x81, + SEV_CMD_SNP_SHUTDOWN = 0x82, + SEV_CMD_SNP_PLATFORM_STATUS = 0x83, + SEV_CMD_SNP_DF_FLUSH = 0x84, + SEV_CMD_SNP_INIT_EX = 0x85, + SEV_CMD_SNP_SHUTDOWN_EX = 0x86, + SEV_CMD_SNP_DECOMMISSION = 0x90, + SEV_CMD_SNP_ACTIVATE = 0x91, + SEV_CMD_SNP_GUEST_STATUS = 0x92, + SEV_CMD_SNP_GCTX_CREATE = 0x93, + SEV_CMD_SNP_GUEST_REQUEST = 0x94, + SEV_CMD_SNP_ACTIVATE_EX = 0x95, + SEV_CMD_SNP_LAUNCH_START = 0xA0, + SEV_CMD_SNP_LAUNCH_UPDATE = 0xA1, + SEV_CMD_SNP_LAUNCH_FINISH = 0xA2, + SEV_CMD_SNP_DBG_DECRYPT = 0xB0, + SEV_CMD_SNP_DBG_ENCRYPT = 0xB1, + SEV_CMD_SNP_PAGE_SWAP_OUT = 0xC0, + SEV_CMD_SNP_PAGE_SWAP_IN = 0xC1, + SEV_CMD_SNP_PAGE_MOVE = 0xC2, + SEV_CMD_SNP_PAGE_MD_INIT = 0xC3, + SEV_CMD_SNP_PAGE_MD_RECLAIM = 0xC4, + SEV_CMD_SNP_PAGE_RO_RECLAIM = 0xC5, + SEV_CMD_SNP_PAGE_RO_RESTORE = 0xC6, + SEV_CMD_SNP_PAGE_RECLAIM = 0xC7, + SEV_CMD_SNP_PAGE_UNSMASH = 0xC8, + SEV_CMD_SNP_CONFIG = 0xC9, + SEV_CMD_MAX, }; @@ -531,6 +560,224 @@ struct sev_data_attestation_report { u32 len; /* In/Out */ } __packed; +/** + * struct sev_data_snp_download_firmware - SNP_DOWNLOAD_FIRMWARE command params + * + * @address: physical address of firmware image + * @len: len of the firmware image + */ +struct sev_data_snp_download_firmware { + u64 address; /* In */ + u32 len; /* In */ +} __packed; + +/** + * struct sev_data_snp_activate - SNP_ACTIVATE command params + * + * @gctx_paddr: system physical address guest context page + * @asid: ASID to bind to the guest + */ +struct sev_data_snp_activate { + u64 gctx_paddr; /* In */ + u32 asid; /* In */ +} __packed; + +/** + * struct sev_data_snp_addr - generic SNP command params + * + * @address: system physical address guest context page + */ +struct sev_data_snp_addr { + u64 gctx_paddr; /* In */ +} __packed; + +/** + * struct sev_data_snp_launch_start - SNP_LAUNCH_START command params + * + * @gctx_addr: system physical address of guest context page + * @policy: guest policy + * @ma_gctx_addr: system physical address of migration agent + * @imi_en: launch flow is launching an IMI for the purpose of + * guest-assisted migration. + * @ma_en: the guest is associated with a migration agent + */ +struct sev_data_snp_launch_start { + u64 gctx_paddr; /* In */ + u64 policy; /* In */ + u64 ma_gctx_paddr; /* In */ + u32 ma_en:1; /* In */ + u32 imi_en:1; /* In */ + u32 rsvd:30; + u8 gosvw[16]; /* In */ +} __packed; + +/* SNP support page type */ +enum { + SNP_PAGE_TYPE_NORMAL = 0x1, + SNP_PAGE_TYPE_VMSA = 0x2, + SNP_PAGE_TYPE_ZERO = 0x3, + SNP_PAGE_TYPE_UNMEASURED = 0x4, + SNP_PAGE_TYPE_SECRET = 0x5, + SNP_PAGE_TYPE_CPUID = 0x6, + + SNP_PAGE_TYPE_MAX +}; + +/** + * struct sev_data_snp_launch_update - SNP_LAUNCH_UPDATE command params + * + * @gctx_addr: system physical address of guest context page + * @imi_page: indicates that this page is part of the IMI of the guest + * @page_type: encoded page type + * @page_size: page size 0 indicates 4K and 1 indicates 2MB page + * @address: system physical address of destination page to encrypt + * @vmpl1_perms: VMPL permission mask for VMPL1 + * @vmpl2_perms: VMPL permission mask for VMPL2 + * @vmpl3_perms: VMPL permission mask for VMPL3 + */ +struct sev_data_snp_launch_update { + u64 gctx_paddr; /* In */ + u32 page_size:1; /* In */ + u32 page_type:3; /* In */ + u32 imi_page:1; /* In */ + u32 rsvd:27; + u32 rsvd2; + u64 address; /* In */ + u32 rsvd3:8; + u32 vmpl1_perms:8; /* In */ + u32 vmpl2_perms:8; /* In */ + u32 vmpl3_perms:8; /* In */ + u32 rsvd4; +} __packed; + +/** + * struct sev_data_snp_launch_finish - SNP_LAUNCH_FINISH command params + * + * @gctx_addr: system physical address of guest context page + */ +struct sev_data_snp_launch_finish { + u64 gctx_paddr; + u64 id_block_paddr; + u64 id_auth_paddr; + u8 id_block_en:1; + u8 auth_key_en:1; + u64 rsvd:62; + u8 host_data[32]; +} __packed; + +/** + * struct sev_data_snp_guest_status - SNP_GUEST_STATUS command params + * + * @gctx_paddr: system physical address of guest context page + * @address: system physical address of guest status page + */ +struct sev_data_snp_guest_status { + u64 gctx_paddr; + u64 address; +} __packed; + +/** + * struct sev_data_snp_page_reclaim - SNP_PAGE_RECLAIM command params + * + * @paddr: system physical address of page to be claimed. The 0th bit + * in the address indicates the page size. 0h indicates 4 kB and + * 1h indicates 2 MB page. + */ +struct sev_data_snp_page_reclaim { + u64 paddr; +} __packed; + +/** + * struct sev_data_snp_page_unsmash - SNP_PAGE_UNSMASH command params + * + * @paddr: system physical address of page to be unsmashed. The 0th bit + * in the address indicates the page size. 0h indicates 4 kB and + * 1h indicates 2 MB page. + */ +struct sev_data_snp_page_unsmash { + u64 paddr; +} __packed; + +/** + * struct sev_data_dbg - DBG_ENCRYPT/DBG_DECRYPT command parameters + * + * @handle: handle of the VM to perform debug operation + * @src_addr: source address of data to operate on + * @dst_addr: destination address of data to operate on + * @len: len of data to operate on + */ +struct sev_data_snp_dbg { + u64 gctx_paddr; /* In */ + u64 src_addr; /* In */ + u64 dst_addr; /* In */ + u32 len; /* In */ +} __packed; + +/** + * struct sev_snp_guest_request - SNP_GUEST_REQUEST command params + * + * @gctx_paddr: system physical address of guest context page + * @req_paddr: system physical address of request page + * @res_paddr: system physical address of response page + */ +struct sev_data_snp_guest_request { + u64 gctx_paddr; /* In */ + u64 req_paddr; /* In */ + u64 res_paddr; /* In */ +} __packed; + +/** + * struct sev_data_snp_init - SNP_INIT_EX structure + * + * @init_rmp: indicate that the RMP should be initialized. + * @list_paddr_en: indicate that list_paddr is valid + * #list_paddr: system physical address of range list + */ +struct sev_data_snp_init_ex { + u32 init_rmp:1; + u32 list_paddr_en:1; + u32 rsvd:30; + u32 rsvd1; + u64 list_paddr; + u8 rsvd2[48]; +} __packed; + +/** + * struct sev_data_range - RANGE structure + * + * @base: system physical address of first byte of range + * @page_count: number of 4KB pages in this range + */ +struct sev_data_range { + u64 base; + u32 page_count; + u32 rsvd; +} __packed; + +/** + * struct sev_data_range_list - RANGE_LIST structure + * + * @num_elements: number of elements in RANGE_ARRAY + * @ranges: array of num_elements of type RANGE + */ +struct sev_data_range_list { + u32 num_elements; + u32 rsvd; + struct sev_data_range ranges[0]; +} __packed; + +/** + * struct sev_data_snp_shutdown_ex - SNP_SHUTDOWN_EX structure + * + * @length: len of the command buffer read by the PSP + * @iommu_snp_shutdown: Disable enforcement of SNP in the IOMMU + */ +struct sev_data_snp_shutdown_ex { + u32 length; + u32 iommu_snp_shutdown:1; + u32 rsvd1:31; +} __packed; + #ifdef CONFIG_CRYPTO_DEV_SP_PSP /** diff --git a/include/uapi/linux/psp-sev.h b/include/uapi/linux/psp-sev.h index 91b4c63d5cbf..c66f7c372645 100644 --- a/include/uapi/linux/psp-sev.h +++ b/include/uapi/linux/psp-sev.h @@ -61,6 +61,13 @@ typedef enum { SEV_RET_INVALID_PARAM, SEV_RET_RESOURCE_LIMIT, SEV_RET_SECURE_DATA_INVALID, + SEV_RET_INVALID_PAGE_SIZE, + SEV_RET_INVALID_PAGE_STATE, + SEV_RET_INVALID_MDATA_ENTRY, + SEV_RET_INVALID_PAGE_OWNER, + SEV_RET_INVALID_PAGE_AEAD_OFLOW, + SEV_RET_RMP_INIT_REQUIRED, + SEV_RET_MAX, } sev_ret_code; @@ -147,6 +154,43 @@ struct sev_user_data_get_id2 { __u32 length; /* In/Out */ } __packed; +/** + * struct sev_user_data_snp_status - SNP status + * + * @major: API major version + * @minor: API minor version + * @state: current platform state + * @build: firmware build id for the API version + * @guest_count: the number of guest currently managed by the firmware + * @tcb_version: current TCB version + */ +struct sev_user_data_snp_status { + __u8 api_major; /* Out */ + __u8 api_minor; /* Out */ + __u8 state; /* Out */ + __u8 rsvd; + __u32 build_id; /* Out */ + __u32 rsvd1; + __u32 guest_count; /* Out */ + __u64 tcb_version; /* Out */ + __u64 rsvd2; +} __packed; + +/* + * struct sev_user_data_snp_config - system wide configuration value for SNP. + * + * @reported_tcb: The TCB version to report in the guest attestation report. + * @mask_chip_id: Indicates that the CHID_ID field in the attestation report + * will always be zero. + */ +struct sev_user_data_snp_config { + __u64 reported_tcb ; /* In */ + __u32 mask_chip_id:1; /* In */ + __u32 mask_chip_key:1; /* In */ + __u32 rsvd:30; /* In */ + __u8 rsvd1[52]; +} __packed; + /** * struct sev_issue_cmd - SEV ioctl parameters * From patchwork Mon Feb 20 18:38:12 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59608 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1462582wrn; Mon, 20 Feb 2023 10:58:04 -0800 (PST) X-Google-Smtp-Source: AK7set9vbr8qcn6kG/jgJcW4R/qLQk2XuYRmUiUeU0XDulOMzTllp6h55WFZjNLMnzQQ7mX1dR6m X-Received: by 2002:a17:906:3e43:b0:88a:2e57:9813 with SMTP id t3-20020a1709063e4300b0088a2e579813mr9771861eji.33.1676919484649; Mon, 20 Feb 2023 10:58:04 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919484; cv=pass; d=google.com; s=arc-20160816; b=QGbrnQCM//88pe0/MYM8L7z5wnuVfVD/qdG5XGRD7Vaw5KmtvzUHSNdmZRITPFuYZL RrPvBqD/FxGys/WaRsCPqf2O7k6YTCPxE8JlvCZ/8K3uc2hm71BbLZ0YIYk7F9FU433Q VYKBe3TrWwU609yER700BsyroksbtEdMOthNVzgoNYoP7jYiM4poWS0WA4os0cD00J0s awQUP4WX4UFnlxc8Tsz4sjNUU4HKd6Nj4kLy3zhGDMaLFyJZzZ30lWmbHumYjkzFqe8Z QfTAJqXCF3s2TiuQeolMGmMlV/XuaAaLBFfnDmjDOQgJAXWamZbqvzGeP2rGOy/YuV58 lnxA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=RNuCOPLhGkj2ZKgj57cn7yE9zrZbhXJooEIkMA/0dAg=; b=Eqdd9zpva2krrQYNyxdfg8fvbnsW6Qa+fBOwWqD2ElwclZNIC1XiBbethQdX6ekJPs sqyP2+4Fo5nnXALg9iG+ELVUwe6ZytJBcdSoPplcICORdTQfHIKK6XPoR4duXid1i3fJ 8ndxo1Lb5WRIdFJ2DNGJWGil7uCLCsgunB98A5DjDGdc9OK8MnFY5NpyiFGaSx+S4aYL u1Asokz7slGgKzfrQ+56QLw558TjPKkF7Q/70Q1s4BOdTTsug3Lhaj+7sU97/pePSArH vXr5eHQNpyf4VpqbI2NnXRR0w4kfQPyxzD3jhE+z3Ic+b10Z3TfoYqKEIwFEJzT72ZW5 BNCw== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=stz3a7Ee; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id fd24-20020a1709072a1800b008d195617c11si3777152ejc.975.2023.02.20.10.57.41; Mon, 20 Feb 2023 10:58:04 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=stz3a7Ee; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232672AbjBTSt0 (ORCPT + 99 others); Mon, 20 Feb 2023 13:49:26 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58926 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232643AbjBTStE (ORCPT ); Mon, 20 Feb 2023 13:49:04 -0500 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on20626.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e89::626]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A2D2621944; Mon, 20 Feb 2023 10:48:27 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=bCgkGt85boMT7aHGqRRaG1j1g8PLMiR15H3Ft5raJJLZmdGJ/0Q/bxof3/cwvM6Kb5iZ8IS6JyW0LsWuWscXxBpqJ9tmOUv3/NGTXNmDe/gEdpBzR7KMH8MLjJgHkipbnEzxwz0aI9jBVGbWNIZxf9xHvJ9c8VhMe49CtAkbN9Go1B9EQY0qzuK14iTe0uUzBbf4+arQQayss7JHbbjvKDvk8dhyAmmyA2maeAptqKeWHAxNy9kNfMxHgiSGXwuomfUlZPGculf3r7ZLw8wkM7b4lOJAtuEIVievccfszyTXv9qXu04BYYaaHTHDIyf98edsQB4LeL5vYs+oZ5sVzA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=RNuCOPLhGkj2ZKgj57cn7yE9zrZbhXJooEIkMA/0dAg=; b=D/3JFmrKOha6yeax2HQo40aeGLvijcgYxk8TPm5Zs76Apdz15ZxQnzE7mACXsf5jfZ5fvHc4FLBI7r3WkrygC9zo23gal8EbNqm4nR1z2XNrxK6rbsCo83IPbxFtctih5opQF9B4MP6AaRhmDO/69gg1Pi5C7SV6Xsi5ToSF54sNfCqvUHWgWmBdMLBd9wkpmCee74tN+kCJH8TqtKjXUXnzxPHxXWLbUvGjK6e+vGIRfkjArKU3uGxI0Kq7yvxoQzUPZ9wONu3OvVWhRwwoj4IJwIlCF56OzmYb9XNoZpw4ARv6fV0OaDZMgmmRn3qbROt2QTaAG76SQCdMgLLPqw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=RNuCOPLhGkj2ZKgj57cn7yE9zrZbhXJooEIkMA/0dAg=; b=stz3a7EeDrJFKy4BmGS1X6ZzV4I06l2ySO0mD9FSSOfBGqPefAMX8h3zLrx9KtdR7md0bB5OtjEGCJnMjuwCH5K+veGAVIIYlJCa+YO0S3v6wQQrM1R+JrOECB8rzaIUqH4MlaEfFrAfSrvE0mUb6OiP3reQByhz7shYZNBTHv8= Received: from CY5PR15CA0042.namprd15.prod.outlook.com (2603:10b6:930:1b::26) by MW4PR12MB7481.namprd12.prod.outlook.com (2603:10b6:303:212::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20; Mon, 20 Feb 2023 18:48:05 +0000 Received: from CY4PEPF0000C966.namprd02.prod.outlook.com (2603:10b6:930:1b:cafe::8a) by CY5PR15CA0042.outlook.office365.com (2603:10b6:930:1b::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19 via Frontend Transport; Mon, 20 Feb 2023 18:48:05 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000C966.mail.protection.outlook.com (10.167.241.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6134.14 via Frontend Transport; Mon, 20 Feb 2023 18:48:05 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:48:04 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH RFC v8 21/56] crypto: ccp: Add support to initialize the AMD-SP for SEV-SNP Date: Mon, 20 Feb 2023 12:38:12 -0600 Message-ID: <20230220183847.59159-22-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000C966:EE_|MW4PR12MB7481:EE_ X-MS-Office365-Filtering-Correlation-Id: 3160cc51-63cb-460d-9fb3-08db137300a8 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: uYBdY8dJcrj1z9kWqdJYQMKD08Ij0lqrf3QFEoL+/9ijmeRT94pIchIXo1d+InQyP5cyS6N/KuvglvkhN924lUPZU18pJt6UXy+mTUaXP+W5CrdvnQ+9JKcOzeCHt95FTdf9ItzBplpsdiWqp9FdEdRHE57lPTa/pf1s6YW0oEDOy9tJ9SY2XhImOxdrdFiSRq3e12RYpbhsIjHN4OnXhF/PoZ+B8L7Csowq/mdi0eIpJ2ImVuhYz1EWZ3c5rj/rsbkRgzvSCm/gBQkiTNeNDouycm6YNO951V8e9DTIpqBdgWJnsgjdCoNCuD5bsopPEtiwud99ftXyjZe1oBfZSFmkLSTddyaY3JKSpBwYKa7Ir5TCMAViTPF8NKzVmVofktwQOlmNdNE8ExGTvHBSS80QJ9feAGum2eBC/KCrQANCIb854+g6BclqRu8VvlrBtzPBPJDPDsMA6BcOld3AxtSbjcumxBlypV7K+ZlAY7jqtT3gt3LeZ0CsFXIKM89qpS0/JqlD55yYE5Qm7K0RC/NKv4reOnek92hf32JvMSEZ+B+uIHuu27YbBDX2w6gorgDRRREwf72JJ1xqfougHtsZuWjKRKROii5QcUbIDsUmyqpNsYjTPIq0E3HirI2d0h5Yuz1zR5N56V9vIJ4/vkMrrG0J4AXZX1ZkKA/7Ti2L28bBvfqJRnEMwjeucgijikbODa03VN1vh9gzucTe9TpBARQhCN90SVKsStkwFn6mqLsAFKkPU45gBxqThTJ6jJ28e7rDaRKEv5I+vFvSSWBGa3Z3gsO80ZANkLmette112kGJVVszZTWCZKmgR3Z X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(39860400002)(136003)(396003)(346002)(376002)(451199018)(40470700004)(36840700001)(46966006)(478600001)(6666004)(16526019)(83380400001)(6916009)(36756003)(70206006)(70586007)(8676002)(8936002)(26005)(40480700001)(316002)(2616005)(41300700001)(1076003)(186003)(4326008)(336012)(40460700003)(426003)(47076005)(356005)(54906003)(86362001)(5660300002)(2906002)(36860700001)(81166007)(82310400005)(82740400003)(7416002)(44832011)(30864003)(7406005)(36900700001)(134885004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:48:05.5024 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 3160cc51-63cb-460d-9fb3-08db137300a8 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000C966.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW4PR12MB7481 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,SPF_HELO_PASS, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377525721179435?= X-GMAIL-MSGID: =?utf-8?q?1758377525721179435?= From: Brijesh Singh Before SNP VMs can be launched, the platform must be appropriately configured and initialized. Platform initialization is accomplished via the SNP_INIT command. Make sure to do a WBINVD and issue DF_FLUSH command to prepare for the first SNP guest launch after INIT. During the execution of SNP_INIT command, the firmware configures and enables SNP security policy enforcement in many system components. Some system components write to regions of memory reserved by early x86 firmware (e.g. UEFI). Other system components write to regions provided by the operation system, hypervisor, or x86 firmware. Such system components can only write to HV-fixed pages or Default pages. They will error when attempting to write to other page states after SNP_INIT enables their SNP enforcement. Starting in SNP firmware v1.52, the SNP_INIT_EX command takes a list of system physical address ranges to convert into the HV-fixed page states during the RMP initialization. If INIT_RMP is 1, hypervisors should provide all system physical address ranges that the hypervisor will never assign to a guest until the next RMP re-initialization. For instance, the memory that UEFI reserves should be included in the range list. This allows system components that occasionally write to memory (e.g. logging to UEFI reserved regions) to not fail due to RMP initialization and SNP enablement. Co-developed-by: Ashish Kalra Signed-off-by: Ashish Kalra Signed-off-by: Brijesh Singh Signed-off-by: Michael Roth --- drivers/crypto/ccp/sev-dev.c | 225 +++++++++++++++++++++++++++++++++++ drivers/crypto/ccp/sev-dev.h | 2 + include/linux/psp-sev.h | 17 +++ 3 files changed, 244 insertions(+) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 9d84720a41d7..af20420bd6c2 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -26,6 +26,7 @@ #include #include +#include #include "psp-dev.h" #include "sev-dev.h" @@ -34,6 +35,10 @@ #define SEV_FW_FILE "amd/sev.fw" #define SEV_FW_NAME_SIZE 64 +/* Minimum firmware version required for the SEV-SNP support */ +#define SNP_MIN_API_MAJOR 1 +#define SNP_MIN_API_MINOR 51 + static DEFINE_MUTEX(sev_cmd_mutex); static struct sev_misc_dev *misc_dev; @@ -76,6 +81,13 @@ static void *sev_es_tmr; #define NV_LENGTH (32 * 1024) static void *sev_init_ex_buffer; +/* + * SEV_DATA_RANGE_LIST: + * Array containing range of pages that firmware transitions to HV-fixed + * page state. + */ +struct sev_data_range_list *snp_range_list; + static inline bool sev_version_greater_or_equal(u8 maj, u8 min) { struct sev_device *sev = psp_master->sev_data; @@ -830,6 +842,186 @@ static int sev_update_firmware(struct device *dev) return ret; } +static void snp_set_hsave_pa(void *arg) +{ + wrmsrl(MSR_VM_HSAVE_PA, 0); +} + +static int snp_filter_reserved_mem_regions(struct resource *rs, void *arg) +{ + struct sev_data_range_list *range_list = arg; + struct sev_data_range *range = &range_list->ranges[range_list->num_elements]; + size_t size; + + if ((range_list->num_elements * sizeof(struct sev_data_range) + + sizeof(struct sev_data_range_list)) > PAGE_SIZE) + return -E2BIG; + + switch (rs->desc) { + case E820_TYPE_RESERVED: + case E820_TYPE_PMEM: + case E820_TYPE_ACPI: + range->base = rs->start & PAGE_MASK; + size = (rs->end + 1) - rs->start; + range->page_count = size >> PAGE_SHIFT; + range_list->num_elements++; + break; + default: + break; + } + + return 0; +} + +static int __sev_snp_init_locked(int *error) +{ + struct psp_device *psp = psp_master; + struct sev_data_snp_init_ex data; + struct sev_device *sev; + int rc = 0; + + if (!psp || !psp->sev_data) + return -ENODEV; + + sev = psp->sev_data; + + if (sev->snp_initialized) + return 0; + + /* + * The SNP_INIT requires the MSR_VM_HSAVE_PA must be set to 0h + * across all cores. + */ + on_each_cpu(snp_set_hsave_pa, NULL, 1); + + /* + * Starting in SNP firmware v1.52, the SNP_INIT_EX command takes a list of + * system physical address ranges to convert into the HV-fixed page states + * during the RMP initialization. For instance, the memory that UEFI + * reserves should be included in the range list. This allows system + * components that occasionally write to memory (e.g. logging to UEFI + * reserved regions) to not fail due to RMP initialization and SNP enablement. + */ + if (sev_version_greater_or_equal(SNP_MIN_API_MAJOR, 52)) { + /* + * Firmware checks that the pages containing the ranges enumerated + * in the RANGES structure are either in the Default page state or in the + * firmware page state. + */ + snp_range_list = sev_fw_alloc(PAGE_SIZE); + if (!snp_range_list) { + dev_err(sev->dev, + "SEV: SNP_INIT_EX range list memory allocation failed\n"); + return -ENOMEM; + } + + memset(snp_range_list, 0, PAGE_SIZE); + + /* + * Retrieve all reserved memory regions setup by UEFI from the e820 memory map + * to be setup as HV-fixed pages. + */ + + rc = walk_iomem_res_desc(IORES_DESC_NONE, IORESOURCE_MEM, 0, ~0, + snp_range_list, snp_filter_reserved_mem_regions); + if (rc) { + dev_err(sev->dev, + "SEV: SNP_INIT_EX walk_iomem_res_desc failed rc = %d\n", rc); + return rc; + } + + memset(&data, 0, sizeof(data)); + data.init_rmp = 1; + data.list_paddr_en = 1; + data.list_paddr = __pa(snp_range_list); + + rc = __sev_do_cmd_locked(SEV_CMD_SNP_INIT_EX, &data, error); + if (rc) + return rc; + } else { + rc = __sev_do_cmd_locked(SEV_CMD_SNP_INIT, NULL, error); + if (rc) + return rc; + } + + /* Prepare for first SNP guest launch after INIT */ + wbinvd_on_all_cpus(); + rc = __sev_do_cmd_locked(SEV_CMD_SNP_DF_FLUSH, NULL, error); + if (rc) + return rc; + + sev->snp_initialized = true; + dev_dbg(sev->dev, "SEV-SNP firmware initialized\n"); + + return rc; +} + +int sev_snp_init(int *error, bool init_on_probe) +{ + int rc; + + if (!cpu_feature_enabled(X86_FEATURE_SEV_SNP)) + return -ENODEV; + + if (init_on_probe && !psp_init_on_probe) + return 0; + + mutex_lock(&sev_cmd_mutex); + rc = __sev_snp_init_locked(error); + mutex_unlock(&sev_cmd_mutex); + + return rc; +} +EXPORT_SYMBOL_GPL(sev_snp_init); + +static int __sev_snp_shutdown_locked(int *error) +{ + struct sev_device *sev = psp_master->sev_data; + struct sev_data_snp_shutdown_ex data; + int ret; + + if (!sev->snp_initialized) + return 0; + + memset(&data, 0, sizeof(data)); + data.length = sizeof(data); + data.iommu_snp_shutdown = 1; + + wbinvd_on_all_cpus(); + +retry: + ret = __sev_do_cmd_locked(SEV_CMD_SNP_SHUTDOWN_EX, &data, error); + /* SHUTDOWN may require DF_FLUSH */ + if (*error == SEV_RET_DFFLUSH_REQUIRED) { + ret = __sev_do_cmd_locked(SEV_CMD_SNP_DF_FLUSH, NULL, NULL); + if (ret) { + dev_err(sev->dev, "SEV-SNP DF_FLUSH failed\n"); + return ret; + } + goto retry; + } + if (ret) { + dev_err(sev->dev, "SEV-SNP firmware shutdown failed\n"); + return ret; + } + + sev->snp_initialized = false; + dev_dbg(sev->dev, "SEV-SNP firmware shutdown\n"); + + return ret; +} + +static int sev_snp_shutdown(int *error) +{ + int rc; + + mutex_lock(&sev_cmd_mutex); + rc = __sev_snp_shutdown_locked(error); + mutex_unlock(&sev_cmd_mutex); + + return rc; +} + static int sev_ioctl_do_pek_import(struct sev_issue_cmd *argp, bool writable) { struct sev_device *sev = psp_master->sev_data; @@ -1270,6 +1462,8 @@ int sev_dev_init(struct psp_device *psp) static void sev_firmware_shutdown(struct sev_device *sev) { + int error; + sev_platform_shutdown(NULL); if (sev_es_tmr) { @@ -1286,6 +1480,14 @@ static void sev_firmware_shutdown(struct sev_device *sev) get_order(NV_LENGTH)); sev_init_ex_buffer = NULL; } + + if (snp_range_list) { + free_pages((unsigned long)snp_range_list, + get_order(PAGE_SIZE)); + snp_range_list = NULL; + } + + sev_snp_shutdown(&error); } void sev_dev_destroy(struct psp_device *psp) @@ -1341,6 +1543,26 @@ void sev_pci_init(void) } } + /* + * If boot CPU supports SNP, then first attempt to initialize + * the SNP firmware. + */ + if (cpu_feature_enabled(X86_FEATURE_SEV_SNP)) { + if (!sev_version_greater_or_equal(SNP_MIN_API_MAJOR, SNP_MIN_API_MINOR)) { + dev_err(sev->dev, "SEV-SNP support requires firmware version >= %d:%d\n", + SNP_MIN_API_MAJOR, SNP_MIN_API_MINOR); + } else { + rc = sev_snp_init(&error, true); + if (rc) { + /* + * Don't abort the probe if SNP INIT failed, + * continue to initialize the legacy SEV firmware. + */ + dev_err(sev->dev, "SEV-SNP: failed to INIT error %#x\n", error); + } + } + } + /* Obtain the TMR memory area for SEV-ES use */ sev_es_tmr = sev_fw_alloc(SEV_ES_TMR_SIZE); if (!sev_es_tmr) @@ -1356,6 +1578,9 @@ void sev_pci_init(void) dev_err(sev->dev, "SEV: failed to INIT error %#x, rc %d\n", error, rc); + dev_info(sev->dev, "SEV%s API:%d.%d build:%d\n", sev->snp_initialized ? + "-SNP" : "", sev->api_major, sev->api_minor, sev->build); + return; err: diff --git a/drivers/crypto/ccp/sev-dev.h b/drivers/crypto/ccp/sev-dev.h index 666c21eb81ab..34767657beb5 100644 --- a/drivers/crypto/ccp/sev-dev.h +++ b/drivers/crypto/ccp/sev-dev.h @@ -52,6 +52,8 @@ struct sev_device { u8 build; void *cmd_buf; + + bool snp_initialized; }; int sev_dev_init(struct psp_device *psp); diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index 31b045e1926f..8cfe92e82743 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -794,6 +794,21 @@ struct sev_data_snp_shutdown_ex { */ int sev_platform_init(int *error); +/** + * sev_snp_init - perform SEV SNP_INIT command + * + * @error: SEV command return code + * @init_on_probe: indicates if called during module probe/init + * + * Returns: + * 0 if the SEV successfully processed the command + * -%ENODEV if the SEV device is not available + * -%ENOTSUPP if the SEV does not support SEV + * -%ETIMEDOUT if the SEV command timed out + * -%EIO if the SEV returned a non-zero return code + */ +int sev_snp_init(int *error, bool init_on_probe); + /** * sev_platform_status - perform SEV PLATFORM_STATUS command * @@ -901,6 +916,8 @@ sev_platform_status(struct sev_user_data_status *status, int *error) { return -E static inline int sev_platform_init(int *error) { return -ENODEV; } +static inline int sev_snp_init(int *error, bool init_on_probe) { return -ENODEV; } + static inline int sev_guest_deactivate(struct sev_data_deactivate *data, int *error) { return -ENODEV; } From patchwork Mon Feb 20 18:38:13 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59602 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1462032wrn; Mon, 20 Feb 2023 10:56:32 -0800 (PST) X-Google-Smtp-Source: AK7set+xpqi6kRCtYZ7SwIANAUSJtBcQ3xAmzj+9RrbIdM3JtGz8EIga/fisAvqDcx3PB+vz6Zkv X-Received: by 2002:a05:6402:164c:b0:4ad:7c30:25a3 with SMTP id s12-20020a056402164c00b004ad7c3025a3mr3088931edx.1.1676919392272; Mon, 20 Feb 2023 10:56:32 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919392; cv=pass; d=google.com; s=arc-20160816; b=F76xrdGi3x0ORwBl1XttYHsucy3tzjYWq4fyTbg+nhdrIvBCkPESAuaK9VhcjEVYW6 yA5Bj+e29/IVxyEWrBt1NW0lhvFAS5Bt7qdd1RWjmfhKhL3oSSgHaTZm9RQ6D1SkMgrD lyNasy/jUGHfSnI0SfJEeXFrYXRUP6Fxq5woXLd+aToqxbN8lUHfcU3faWvVCG3dsuhF orG8uYgAGliFx5GLcbkxTEqEt1QQs/6Kyg9Vt/8e8JMIJcxiATBuTmFs7g5Luc0Cq9mj FEa5SoCMPU+HkuAmcmceX2FBzE/TjGqVs/ujtcIF2CZBHD8e7OlLQFur2vofxBuFKKw4 op+g== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=rRY9S+poCqn/XGHRQP5gYUrdAtRxMsAtv6+gdzhKppY=; b=EWnVAHrNaWN/K1eBUWxbigo+n9zymYtfVZoNb/GZK5x+gIIqk8P8CIAZn7bAo1Pmht 5Ec+qZpJ6K/vhigN/hwwKEhMRrG94eYI6RkHelr+nxHFymzWUq+IPDkwgPsmBNk72WFW r9kWwGL0WFMI0kEIGz6WtXp7supRtcXO+8xrTO78v2ABnJuJ0GxP4NTdaXrxE7Kocj82 0390m8wsmcmY33L0ZSnkXdM3DuIBARoKXULZ4zMFlxS+5rwRgIJ6OlF3lRxwr2ajkJs5 31SOH1c4qDEey7Mkcud3fzlOMzQLeBPnUT7UIaxY19ZKc1R6sb1g00xjw4WcDhTsSxD6 9RVA== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=aqKl34TR; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id m5-20020aa7c2c5000000b004a981a53b39si16130135edp.326.2023.02.20.10.56.09; Mon, 20 Feb 2023 10:56:32 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=aqKl34TR; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232726AbjBTStq (ORCPT + 99 others); Mon, 20 Feb 2023 13:49:46 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58540 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232644AbjBTStZ (ORCPT ); Mon, 20 Feb 2023 13:49:25 -0500 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on20607.outbound.protection.outlook.com [IPv6:2a01:111:f400:7eaa::607]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 897C61E2A8; Mon, 20 Feb 2023 10:48:58 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=e4WRyFoqpowrNCmAvcBEOaTwVqCkS5Ypqsn4gb38RX8P0f6PzeLVf5NI6XeuXVMK2AHlpy5AZ1DNU1/AbA0oVrEk4PHPBD8auQIIwfdOL6UXhGwCrnUq2s+2VUSF01d+LKNLCnkMYGs3Ox3MRm6Z9jurkLvOzyEYsi8iTjS6PjoLR5bKSXmVZD2MRQlNIfmZZqy77u8Y9rfpAV0zdcOXLS9lW/VfDv65QnyWeW+wsqwoO4Q+VxSsJSWGHakPSL8HrQMvUgO1FpDwS4VRGDKZI2hls1Vq2klXptmCxWsB0qYTA11VaYe45cCUYFFAIjgA+uh3id1HAEvQf4yuH5aGqA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=rRY9S+poCqn/XGHRQP5gYUrdAtRxMsAtv6+gdzhKppY=; b=S639+u09irAeLBT3E7PmVG6QyYmWQnpPOiIz3k9Gg7PM/jv95TzoUDUJ9Hr5Q7W/lGiZDXdrCdiJEXcE/kPq9d1NZp57qMQLrEHJV4YBi/a8UeicNoVkkwYa7TI/DBpsKJOS4ECMEtlpye2UM/UF+PC/5HuDkijb8PGh7l8x8grGbu6IzLgHK4uWZ2bi9pUYTH6ArPyWyBphdOJFpoK0IvLcWEGbSnBTkpuoeoN8KrCZyqho1+cea1gT966q4QOGlXoBh/hl+AEhYib9aBU+2siRXyhk/Tsnv+AqHHh4iKo+wbdLRMyLyjICWp+zZ2OmYLZSohlMV6VM/f/6IbS+vg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=rRY9S+poCqn/XGHRQP5gYUrdAtRxMsAtv6+gdzhKppY=; b=aqKl34TRfitl6kPjGIpLHPd3bbZlcFzAolP8XprAUROMje9WJZMx+hSG1LZqCloBHLsaLFzXWlB6SNg7v/t/SEqaR0u4NcbQxNY1oRh3A18MZwJXkiNFyYfLgrPnoXSux+Ce+NalmdCGFU7mchHwrgi6qjiZ3S4qB0WBF+24J50= Received: from CY5PR15CA0022.namprd15.prod.outlook.com (2603:10b6:930:14::30) by BL3PR12MB6428.namprd12.prod.outlook.com (2603:10b6:208:3b7::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6086.24; Mon, 20 Feb 2023 18:48:27 +0000 Received: from CY4PEPF0000C96B.namprd02.prod.outlook.com (2603:10b6:930:14:cafe::7c) by CY5PR15CA0022.outlook.office365.com (2603:10b6:930:14::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:48:26 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000C96B.mail.protection.outlook.com (10.167.241.75) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6134.14 via Frontend Transport; Mon, 20 Feb 2023 18:48:26 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:48:25 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH RFC v8 22/56] crypto:ccp: Provide API to issue SEV and SNP commands Date: Mon, 20 Feb 2023 12:38:13 -0600 Message-ID: <20230220183847.59159-23-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000C96B:EE_|BL3PR12MB6428:EE_ X-MS-Office365-Filtering-Correlation-Id: 7c5e00d7-69eb-427f-5169-08db13730d22 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: ROLlBfG8ETRc2hPOlTR95vXUNCQojg43+RtuuS0+z+uh/NaBTz8V4XOAVNuBzYhjc4SzJCCUCJhZOhBsfMKIxr/mCRp583BgCE0CuFKKixmFTDrj30ntX6ZB5CGVukcmeZI514egIC8CYuxw7azfByKM+uhDPeMTc+fG6bqMvCxGaXj5w6J9KhodP0EQUFGPTYuNHpmK9J5ociVT4Ok1KTDccznH6pH5Tc+6lbtHxUQb1SnV1scBgucQtreuJpq4hRVCw0b37/YPZDGpNJiJzh29mqSMKej3A550RZtmPZ3RPv37jfYX2JiLr3/scu2QLVa92rJ8ciKyjj1Q3K6C9rxyvYX0nPg1jZhq2LSrg+gQGT/c/LF9S/IEnBudAhLRYu0O6EFdGepb+XndXKCzlIREulZpfHkNOf52FD99gtlcFeeYC4esODCkBzMawg8PzgT3gDa/2G/C6PfxFLIpcIOgpH15qlL4ETkCr+Jwgy0veepbhDEWohNxlOM5qbsMCT6rYj1J5eu3UU6NlEdxKB9asgVYBypQ6YMui4b+sNFibR1BUNIhJn4UPiOk1TiW1cB9U2L0ca18/hRYmzu0Ki+BPNKKvzkwp/vVKStosM2FGgeooHmLS75XSVgjJiMNi684ikwCk+Z4zB718h05B4F4xj76UdOcIrxxqkVb7XIAJwT62XtnCcQo8+WCbWLDjoSkPr86+J3ClBJywiczhQ6lr1TjW1WJZQ3Nl7o+Ubklg5/WAxiMUWZ1DNBFBTwIH1QVEmbyxsNuEUEteqPU1w== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(136003)(376002)(346002)(39860400002)(396003)(451199018)(36840700001)(40470700004)(46966006)(86362001)(6916009)(8676002)(7406005)(47076005)(41300700001)(54906003)(44832011)(70206006)(40460700003)(8936002)(36756003)(356005)(70586007)(316002)(1076003)(2906002)(2616005)(16526019)(186003)(5660300002)(26005)(478600001)(81166007)(6666004)(4326008)(7416002)(36860700001)(336012)(426003)(82310400005)(82740400003)(83380400001)(40480700001)(36900700001)(134885004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:48:26.4483 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 7c5e00d7-69eb-427f-5169-08db13730d22 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000C96B.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL3PR12MB6428 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,SPF_HELO_PASS, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377429087381038?= X-GMAIL-MSGID: =?utf-8?q?1758377429087381038?= From: Brijesh Singh Make sev_do_cmd() a generic API interface for the hypervisor to issue commands to manage an SEV and SNP guest. The commands for SEV and SNP are defined in the SEV and SEV-SNP firmware specifications. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- drivers/crypto/ccp/sev-dev.c | 3 ++- include/linux/psp-sev.h | 17 +++++++++++++++++ 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index af20420bd6c2..35f605936f1b 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -415,7 +415,7 @@ static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret) return ret; } -static int sev_do_cmd(int cmd, void *data, int *psp_ret) +int sev_do_cmd(int cmd, void *data, int *psp_ret) { int rc; @@ -425,6 +425,7 @@ static int sev_do_cmd(int cmd, void *data, int *psp_ret) return rc; } +EXPORT_SYMBOL_GPL(sev_do_cmd); static int __sev_init_locked(int *error) { diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index 8cfe92e82743..46f61e3ae33b 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -907,6 +907,20 @@ int sev_guest_df_flush(int *error); */ int sev_guest_decommission(struct sev_data_decommission *data, int *error); +/** + * sev_do_cmd - perform SEV command + * + * @error: SEV command return code + * + * Returns: + * 0 if the SEV successfully processed the command + * -%ENODEV if the SEV device is not available + * -%ENOTSUPP if the SEV does not support SEV + * -%ETIMEDOUT if the SEV command timed out + * -%EIO if the SEV returned a non-zero return code + */ +int sev_do_cmd(int cmd, void *data, int *psp_ret); + void *psp_copy_user_blob(u64 uaddr, u32 len); #else /* !CONFIG_CRYPTO_DEV_SP_PSP */ @@ -924,6 +938,9 @@ sev_guest_deactivate(struct sev_data_deactivate *data, int *error) { return -ENO static inline int sev_guest_decommission(struct sev_data_decommission *data, int *error) { return -ENODEV; } +static inline int +sev_do_cmd(int cmd, void *data, int *psp_ret) { return -ENODEV; } + static inline int sev_guest_activate(struct sev_data_activate *data, int *error) { return -ENODEV; } From patchwork Mon Feb 20 18:38:14 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59604 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1462219wrn; Mon, 20 Feb 2023 10:57:00 -0800 (PST) X-Google-Smtp-Source: AK7set+l8KIpUY3qYfqxJF63ikgGlvGVBAUNTDFWx+IGFDr38aA/biBmogb8+3hMbDz7Dkb5JNXg X-Received: by 2002:aa7:d957:0:b0:4ac:c3c0:24d7 with SMTP id l23-20020aa7d957000000b004acc3c024d7mr2384535eds.42.1676919420150; Mon, 20 Feb 2023 10:57:00 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919420; cv=pass; d=google.com; s=arc-20160816; b=mKzKZtm3TdgaU7bD59wyqrsXOKTV2jBmoSCBpOlgoalYqAG4BZpET5K1tzwKGoqVER EreLdosuikGzUFSj4d+HHDuaKVy2y5GGLUXkRaCyA0lXl7NKMYSOhnjfAiTnKSQMKp1r fkmnNiPKdarzmQfC/jydxTfiDah8kzxDJuwXHyI1Dj0aSVPdqNz1EMJKhyaR8G/w4U60 TY0UorRBBc1P8i+61635voHIFcqHHMJB8sZotWs0R3KjyAUmVBdGagH0CHAMJFwqwDaS M7FjgwFzVZOYgwp5vZUBcRLwvYHWAqMovGORSxuJtWwrRgZXAsAnYTWiFfDnZrsDdkOE ro0A== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=seEEnfJ+CbxvtpbqyiuTUKriJBTOcgWKYjy5NAOfINI=; b=kMMyIMezCqubKYHBhoJyYwvQKmhEXNNZPOQYNH2EqCVaCN6x9sWi9TmdnvO6J5/6qC UvFNqTagNve59yhILbk1RdZyPK3niwcHj8/gA6EPDgyVscGotBwjSxCjOMT1N2qEyURd xzEYrMD8zMBch1wngAPwL4NKSrneLbKrV/dcXCA4quIkKGYKH27cvme3yws3IjrkzHfy 2J9E0ISU3n593DJX6m7bj5HNR/U3VGWE8JKtf8BLkFvwuZI2nsdAZ1yCSOSh5Lu8LaDf Go8V/VznXh2YnsQtCvjsCEKcDsxmx+Wze0rREI6liqqp2e6ewCCqOCn+VYJOT92qqPtR KP9g== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=n1NEJiIu; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id f20-20020aa7d854000000b004acc84ce543si16485340eds.432.2023.02.20.10.56.36; Mon, 20 Feb 2023 10:57:00 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=n1NEJiIu; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232693AbjBTSui (ORCPT + 99 others); Mon, 20 Feb 2023 13:50:38 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60838 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232783AbjBTSuW (ORCPT ); Mon, 20 Feb 2023 13:50:22 -0500 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2071.outbound.protection.outlook.com [40.107.94.71]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4C81F1F4A4; Mon, 20 Feb 2023 10:49:56 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Ole9GU0zWR3/b+S4gYdeyVkdUo/cMFnNZaILpCDDxbXPNgzNFTjB7CQ72t3pTDmRi+eclw+PLdx2/WOkLfArgjyPjCvXSO9lX2YTTDyVVTdhAC4922aE/Ar68Ypj9eI5Aaqp/S+Zq7DlyyoJzqTzN6y+xAWcJqJmu6kY3hxhscXz2/g2FFCi0xcV60hDBNgt4ArcGhwNlG2w96Ci69LHrOpxsEEXUloEft5HBvxNyrP+4clmXarIrSTbSKk3EPGBggYWqivvu4sNP6TrqA+CfmVCBsx79aZJLLSEe0tq69U4Qp7bXm/3MjeGj7GmkQCb3vNwOjbYM1hh4yVa/6PcrA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=seEEnfJ+CbxvtpbqyiuTUKriJBTOcgWKYjy5NAOfINI=; b=akJ9eaS11qk3imPQFZ3n2DRgLgrq4BAws1+6NFqSjqhWwzpHl/tw1SLwFFAeQfEWRqdGmGQUPqZEbSyGrwF9arTybMSSpNceKKxWIU7ofZI9vTS/QO2XRseXl9HHgAZDtJQj81rkqxYbukiVxQt9Pb8+wBmbzW06h5f1oQsxIVnGikwiPz7wUpU8BjtU7YZfKg5OshHw2DZSn/iJROtXSGut4HVQ0lTDnvcfXwtKBQxLf98omToj8MX6GBo/vchrH+bJt+o0EGISlgAMSgXkf2FfY04WSuU/ZXwjftn3eHjCVG5tSFj/vca6jzkePcvcLaRlUTZrrll36bohDJ7vIg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=seEEnfJ+CbxvtpbqyiuTUKriJBTOcgWKYjy5NAOfINI=; b=n1NEJiIu9sy4pdj/cbLikX+AtOBHwb345q8eu0MtzHxLrKnr1ct/3hyV0sYKgqhOEshMyLyOmHkw01EEWxvXujTsrbWRkXOql/AnQT8CYaP34xWJm2abcGFDWu33jEWpeRkaR7bwzO9ZWxKLjlU00lw0noaAy7Fl+Q4bqX0035g= Received: from CY5PR15CA0025.namprd15.prod.outlook.com (2603:10b6:930:14::34) by BL1PR12MB5972.namprd12.prod.outlook.com (2603:10b6:208:39b::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.18; Mon, 20 Feb 2023 18:48:47 +0000 Received: from CY4PEPF0000C96B.namprd02.prod.outlook.com (2603:10b6:930:14:cafe::4) by CY5PR15CA0025.outlook.office365.com (2603:10b6:930:14::34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:48:47 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000C96B.mail.protection.outlook.com (10.167.241.75) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6134.14 via Frontend Transport; Mon, 20 Feb 2023 18:48:47 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:48:46 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH RFC v8 23/56] crypto: ccp: Introduce snp leaked pages list Date: Mon, 20 Feb 2023 12:38:14 -0600 Message-ID: <20230220183847.59159-24-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000C96B:EE_|BL1PR12MB5972:EE_ X-MS-Office365-Filtering-Correlation-Id: f230206c-2aeb-446a-2a31-08db1373199d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: by2b9i7Dx5H1HZZbyroDY7gIQGOuRUiDqZfbmUXkXW4Ohr8JRFbGci/RAF3GQ1mLv0z6IFV6RytZd3Zpm6l2iEZVKMK8Mapx1duFmSa7jAfijfAuTrFk4iNgmYmWjuCPjmey3H+yfXSbVx0s/WnBoS5qjFS1/qLC1b5SbY+hv3qODW6XQkVuhBBO8TNAHrtuWnciTlR7VgLpYJDeOdVyGIu+WC/JNSN0y2AwK5OwoqP3DBXr3vv6T/B2nyfTnehJmcAXfcjlFa8jZUjEmLJwfunS1hjw9cMdACDGqRRLozCC9VfYJt2UJ32sjc6upCrBRbgu1t4cZx3zp2VHFANuKUMJ4Fqxsut648NuCRaAlIzpE0e2kgzzBDEakbdxZDHKIfTtzlGJJWz7by2kb/SE2ZzZVGB7OevVlxgIiOzdtO6K7Ps20UX7KxeAZCuNciv6m7w1OJIDudtUmoB/1SUYhQsY97A45hqDqQlkt5/IZrUBhRVvFkN77al8igmU1XIdXKpJbL7ZrxKpIyeG4IN3mzQe0eFnZ1aen4M2756m4f7cjI/5T9AwmJbsu8biP9SlTaAx7IOVp28gSJ5/FTaEwdPMAWsTAellO/g8jR/Z0hGYyoWuGEckEqixosR9huzNo5DnxuTkqhb8LHCsw3tc5npAxgWHhH8QbyR6poNggYR4Msn7SMJ5Q8osOVb4I0Sk3MS+qkZBoOXBhD5WcFyVd+CmO7VyjbhCgbA2r1BRoqg= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(376002)(346002)(396003)(39860400002)(136003)(451199018)(46966006)(36840700001)(40470700004)(54906003)(316002)(82740400003)(40460700003)(41300700001)(16526019)(478600001)(8676002)(70206006)(186003)(26005)(1076003)(4326008)(356005)(70586007)(82310400005)(6916009)(8936002)(6666004)(81166007)(44832011)(7416002)(7406005)(5660300002)(47076005)(2906002)(336012)(86362001)(36756003)(2616005)(40480700001)(426003)(83380400001)(36860700001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:48:47.4016 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f230206c-2aeb-446a-2a31-08db1373199d X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000C96B.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL1PR12MB5972 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377457647517402?= X-GMAIL-MSGID: =?utf-8?q?1758377457647517402?= From: Ashish Kalra Pages are unsafe to be released back to the page-allocator, if they have been transitioned to firmware/guest state and can't be reclaimed or transitioned back to hypervisor/shared state. In this case add them to an internal leaked pages list to ensure that they are not freed or touched/accessed to cause fatal page faults. Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- drivers/crypto/ccp/sev-dev.c | 28 ++++++++++++++++++++++++++++ include/linux/psp-sev.h | 8 ++++++++ 2 files changed, 36 insertions(+) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 35f605936f1b..eca4e59b0f44 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -42,6 +42,12 @@ static DEFINE_MUTEX(sev_cmd_mutex); static struct sev_misc_dev *misc_dev; +/* list of pages which are leaked and cannot be reclaimed */ +static LIST_HEAD(snp_leaked_pages_list); +static DEFINE_SPINLOCK(snp_leaked_pages_list_lock); + +static atomic_long_t snp_nr_leaked_pages = ATOMIC_LONG_INIT(0); + static int psp_cmd_timeout = 100; module_param(psp_cmd_timeout, int, 0644); MODULE_PARM_DESC(psp_cmd_timeout, " default timeout value, in seconds, for PSP commands"); @@ -188,6 +194,28 @@ static int sev_cmd_buffer_len(int cmd) return 0; } +void snp_mark_pages_offline(unsigned long pfn, unsigned int npages) +{ + struct page *page = pfn_to_page(pfn); + + WARN(1, "psc failed, pfn 0x%lx pages %d (marked offline)\n", pfn, npages); + + spin_lock(&snp_leaked_pages_list_lock); + while (npages--) { + /* + * Reuse the page's buddy list for chaining into the leaked + * pages list. This page should not be on a free list currently + * and is also unsafe to be added to a free list. + */ + list_add_tail(&page->buddy_list, &snp_leaked_pages_list); + sev_dump_rmpentry(pfn); + pfn++; + } + spin_unlock(&snp_leaked_pages_list_lock); + atomic_long_inc(&snp_nr_leaked_pages); +} +EXPORT_SYMBOL_GPL(snp_mark_pages_offline); + static void *sev_fw_alloc(unsigned long len) { struct page *page; diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index 46f61e3ae33b..8edf5c548fbf 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -923,6 +923,12 @@ int sev_do_cmd(int cmd, void *data, int *psp_ret); void *psp_copy_user_blob(u64 uaddr, u32 len); +/** + * sev_mark_pages_offline - insert non-reclaimed firmware/guest pages + * into a leaked pages list. + */ +void snp_mark_pages_offline(unsigned long pfn, unsigned int npages); + #else /* !CONFIG_CRYPTO_DEV_SP_PSP */ static inline int @@ -951,6 +957,8 @@ sev_issue_cmd_external_user(struct file *filep, unsigned int id, void *data, int static inline void *psp_copy_user_blob(u64 __user uaddr, u32 len) { return ERR_PTR(-EINVAL); } +void snp_mark_pages_offline(unsigned long pfn, unsigned int npages) {} + #endif /* CONFIG_CRYPTO_DEV_SP_PSP */ #endif /* __PSP_SEV_H__ */ From patchwork Mon Feb 20 18:38:15 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59603 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1462126wrn; Mon, 20 Feb 2023 10:56:47 -0800 (PST) X-Google-Smtp-Source: AK7set+Li4dnV73MvSYi/PAbwp/9BoShpMF31XIkB9TLsc9JHyJERMLTqV3i2h3gcerlpSDk46Es X-Received: by 2002:a17:907:6743:b0:87b:d402:95ac with SMTP id qm3-20020a170907674300b0087bd40295acmr15422063ejc.27.1676919407093; Mon, 20 Feb 2023 10:56:47 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919407; cv=pass; d=google.com; s=arc-20160816; b=O2VKVA8rS0K2VmEh3w63wjfgkpcAkOeB9cNyNRrfws7iL4P/d28RxWod9Fh3v9nHAZ g+JfwnINepk63Ev7CJ75TjJvtp/6HZezVLpBMz8hP3I5NuIkzICgRwiU8l4RTXC5lbNY uesuOEHWaazamlX1RFuiwMcJChwmjTnbLL7Pn92WFoTHOS/4xnBu+L5EM5T+16LjMkTA /wsey4nR6Zk2zqTHkUe+Z9xKXmVcybMLsJSl53l9l5bbjUgCM5qSSw9M9cRM4mxI9u76 XQjrvaX9Ryr0Z6MVyKQLUceP4ubzxzCUaHtprGnedqsM9of4ow7iJ32ITlrEpS/L5IpR dpZw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=cqs+ScbwS9SaGm6GdjYtLpsrVAyQkW77Y2/rbuGN220=; b=WoHEUviecqAUXwHSlhRGgsgwDlNv0Q/TO4XKg4Abq93cU+7JWCXDOYV0j9q0y41eUC 8zo40nT3lYrTuxRxlbRfjlMD/1m4iF2BXwk1A6meWCq5nATQmPkR71emNiMvxRp3Wgyk uQeikJzqIxcEgy5nfbKFpcI4o8otYhAL7At8GKzyoiIl6te9tzKsjFsGMlhu2h0EKf4l meLudJWP6cpK0HhjXrD0VMIo9Zfuv2fxbzltbhkOMT1U8JOqH3uC4onRQLqu10SEaYCs rI1y0YhpgibXaII5FR8gmLUalSpHo6xMeAg4He3CRPUwKHglzQPkiB97d9rGbQMdjzbd 7tEw== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=TjAb+zXa; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id m24-20020a170906599800b008bdd66bbcb4si8527103ejs.912.2023.02.20.10.56.24; Mon, 20 Feb 2023 10:56:47 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=TjAb+zXa; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232623AbjBTSuR (ORCPT + 99 others); Mon, 20 Feb 2023 13:50:17 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58788 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232433AbjBTSt5 (ORCPT ); Mon, 20 Feb 2023 13:49:57 -0500 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on20626.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe59::626]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C1BB521291; Mon, 20 Feb 2023 10:49:27 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Ba2sPBd6+TvO80X9LCAwVcJUYUC/iSF0XjskWsZfRdXx8/1vFHnoAUGqFmelJU06IHEVrcQZ+o9mBpYaeyre/Q1zk/mXJZwOL6v+NxA48DuyHpkkPXU1TTTu+clcKolKcngQyqFqKIfBBXLxr9w5wgur/P8IOTeh7aZTv12XebpN7yffqszZLaOiW/nel10/pnRrOZYF4ciUSt2C2V4DRejp8AE0BEC7/8eqvnKxkUXRfEhWupvGfFwnTnYj/dFu+DZ5QNZsbfQlYLqXnpwOuzTQhk1eUi5Uh7t20/y1cPdGOs+Db+w0CDw8URZ/uE5sIb7PsHgFPF+7+9YNBGY1Ww== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=cqs+ScbwS9SaGm6GdjYtLpsrVAyQkW77Y2/rbuGN220=; b=I9qTrKGkNzQgKmMWp6z5KOd3uOJCL0eopg+/vuTR9J0XMwnH4TOV04vLvCDMXCMw0vtKh6UQWd0bOqaFFjr5d61B9HPv9BA9J5a3PV0jYVGcYyJ0DMLd9PFtPF7ZSeRPUTQ5/Yrqdi0OO4vIm4dDqnF4McWS/Yy1vTZBxJLQOGQO9qWpg7l8KIYMYJJVImN+EV3KF99j1k1Lqy2bNwAmlG8IPwIFr7CQu1tTpF8j/X22rqhtyRDOqU8HbwGcBZbEyqKagfOHpnUatnWlIKjdoy3ofav9KXqJMlNGb6wVN2FP+N7ScPNF3IEun7xK0VhLULnGkwzeSkNcKR8RCEbPpA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=cqs+ScbwS9SaGm6GdjYtLpsrVAyQkW77Y2/rbuGN220=; b=TjAb+zXalch/7DwFUedEqazxoO10/TnxHgh/exabkwtw4gOPqrbRfUaWKqvxjHHYnALQq8s54xpn2iXEkaSQmXmJMIdT8gdOrn7nVxClTz7L7qZ5Bq2c4sz9SqvzdCRIJnyRlWZ3s1wj0jUVpzGuuYcSYEl/Bs9jZaQ1z9MVUdw= Received: from CY5PR10CA0024.namprd10.prod.outlook.com (2603:10b6:930:1c::24) by DM6PR12MB5518.namprd12.prod.outlook.com (2603:10b6:5:1b9::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20; Mon, 20 Feb 2023 18:49:08 +0000 Received: from CY4PEPF0000C966.namprd02.prod.outlook.com (2603:10b6:930:1c:cafe::39) by CY5PR10CA0024.outlook.office365.com (2603:10b6:930:1c::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:49:08 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000C966.mail.protection.outlook.com (10.167.241.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6134.14 via Frontend Transport; Mon, 20 Feb 2023 18:49:08 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:49:07 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH RFC v8 24/56] crypto: ccp: Handle the legacy TMR allocation when SNP is enabled Date: Mon, 20 Feb 2023 12:38:15 -0600 Message-ID: <20230220183847.59159-25-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000C966:EE_|DM6PR12MB5518:EE_ X-MS-Office365-Filtering-Correlation-Id: 31847463-33b7-4e3a-bf70-08db13732635 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: nlLV6aJFHDivvWcwmq+ZfAt4q2dSS0zhQ4RzQ6y40tb1Uleli7t7lm5Or670bkWby4tSSGHH6GaKdgtcDFZ5cRUgWmf7b0icuUcHrgbTnOs3cJKTRDmEcqrB9g37JoIlBmKJIAR3jV2HdOpNGcHt9yNpFn23A0+aAZsoWFSBGs8pZAdip6wHyskf59D6XKxHfmFxLPbvjUozFfkgnMjVLyhFb/mCa4AhIFxL5T0JLE5ai8yDc/+Wdo8tBVclWlarb4RclFz21K1qEazXlX6nQbIScUXoTF+OoBmPNhglTCCvqiyi/938YMEZ9jVP+5JZZDRkDCUt+1xJzt/HzzqWTDppkiRq1B7sprzx/33U6s9FRUCAgBgj2Hu6/iOoHxdzevRZpz4e/nsHwl/5WXWxclBHc6U3SsWyB5CKC9HDRoHRWLZdAX4SpUhraDFyPEWssSRt4d49MVwULI+6Baypw1ZenEV+Cjo8yKo5DWWa1WsoExbj9mUtUeJIkzm8T/lP6iFCwklqmmI1ppAEwgAEIDYlFPgJrBvLtU1VV7K2S4HFDj98MtOhYArZoIpDlqjqYbcs2WCvN9ettBYP7KMMB9JWzoDEfP6JXnkKz9SlSi8h2qJXWwq6TGr7Z8GGDCO3ekczPK+GODVlaYx9j+VBIYsfgb/Sdj9+PWNEnrKt6Dvy1SKFpdq/77QghxecTF7yZihdVofNqG+2dvKOkT2pg+tdlZMKHOYVj9Zzz4vliy8= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(396003)(136003)(376002)(39860400002)(346002)(451199018)(36840700001)(40470700004)(46966006)(82740400003)(81166007)(82310400005)(36756003)(356005)(36860700001)(16526019)(40460700003)(40480700001)(6666004)(26005)(186003)(70586007)(1076003)(70206006)(4326008)(336012)(2616005)(478600001)(54906003)(316002)(2906002)(8676002)(6916009)(83380400001)(5660300002)(7406005)(8936002)(44832011)(86362001)(7416002)(41300700001)(426003)(47076005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:49:08.5186 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 31847463-33b7-4e3a-bf70-08db13732635 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000C966.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB5518 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,SPF_HELO_PASS, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377444167234201?= X-GMAIL-MSGID: =?utf-8?q?1758377444167234201?= From: Brijesh Singh The behavior and requirement for the SEV-legacy command is altered when the SNP firmware is in the INIT state. See SEV-SNP firmware specification for more details. Allocate the Trusted Memory Region (TMR) as a 2mb sized/aligned region when SNP is enabled to satisfy new requirements for the SNP. Continue allocating a 1mb region for !SNP configuration. While at it, provide API that can be used by others to allocate a page that can be used by the firmware. The immediate user for this API will be the KVM driver. The KVM driver to need to allocate a firmware context page during the guest creation. The context page need to be updated by the firmware. See the SEV-SNP specification for further details. Co-developed-by: Ashish Kalra Signed-off-by: Ashish Kalra Signed-off-by: Brijesh Singh Signed-off-by: Michael Roth --- drivers/crypto/ccp/sev-dev.c | 148 +++++++++++++++++++++++++++++++++-- include/linux/psp-sev.h | 9 +++ 2 files changed, 149 insertions(+), 8 deletions(-) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index eca4e59b0f44..4c12e98a1219 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -94,6 +94,13 @@ static void *sev_init_ex_buffer; */ struct sev_data_range_list *snp_range_list; +/* When SEV-SNP is enabled the TMR needs to be 2MB aligned and 2MB size. */ +#define SEV_SNP_ES_TMR_SIZE (2 * 1024 * 1024) + +static size_t sev_es_tmr_size = SEV_ES_TMR_SIZE; + +static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret); + static inline bool sev_version_greater_or_equal(u8 maj, u8 min) { struct sev_device *sev = psp_master->sev_data; @@ -216,11 +223,134 @@ void snp_mark_pages_offline(unsigned long pfn, unsigned int npages) } EXPORT_SYMBOL_GPL(snp_mark_pages_offline); +static int snp_reclaim_pages(unsigned long paddr, unsigned int npages, bool locked) +{ + /* Cbit maybe set in the paddr */ + unsigned long pfn = __sme_clr(paddr) >> PAGE_SHIFT; + int ret, err, i, n = 0; + + if (!pfn_valid(pfn)) { + pr_err("%s: Invalid PFN %lx\n", __func__, pfn); + return 0; + } + + for (i = 0; i < npages; i++, pfn++, n++) { + paddr = pfn << PAGE_SHIFT; + + if (locked) + ret = __sev_do_cmd_locked(SEV_CMD_SNP_PAGE_RECLAIM, &paddr, &err); + else + ret = sev_do_cmd(SEV_CMD_SNP_PAGE_RECLAIM, &paddr, &err); + + if (ret) + goto cleanup; + + ret = rmp_make_shared(pfn, PG_LEVEL_4K); + if (ret) + goto cleanup; + } + + return 0; + +cleanup: + /* + * If failed to reclaim the page then page is no longer safe to + * be release back to the system, leak it. + */ + snp_mark_pages_offline(pfn, npages - n); + return ret; +} + +static int rmp_mark_pages_firmware(unsigned long paddr, unsigned int npages, bool locked) +{ + /* Cbit maybe set in the paddr */ + unsigned long pfn = __sme_clr(paddr) >> PAGE_SHIFT; + int rc, n = 0, i; + + for (i = 0; i < npages; i++, n++, pfn++) { + rc = rmp_make_private(pfn, 0, PG_LEVEL_4K, 0, true); + if (rc) + goto cleanup; + } + + return 0; + +cleanup: + /* + * Try unrolling the firmware state changes by + * reclaiming the pages which were already changed to the + * firmware state. + */ + snp_reclaim_pages(paddr, n, locked); + + return rc; +} + +static struct page *__snp_alloc_firmware_pages(gfp_t gfp_mask, int order, bool locked) +{ + unsigned long npages = 1ul << order, paddr; + struct sev_device *sev; + struct page *page; + + if (!psp_master || !psp_master->sev_data) + return NULL; + + page = alloc_pages(gfp_mask, order); + if (!page) + return NULL; + + /* If SEV-SNP is initialized then add the page in RMP table. */ + sev = psp_master->sev_data; + if (!sev->snp_initialized) + return page; + + paddr = __pa((unsigned long)page_address(page)); + if (rmp_mark_pages_firmware(paddr, npages, locked)) + return NULL; + + return page; +} + +void *snp_alloc_firmware_page(gfp_t gfp_mask) +{ + struct page *page; + + page = __snp_alloc_firmware_pages(gfp_mask, 0, false); + + return page ? page_address(page) : NULL; +} +EXPORT_SYMBOL_GPL(snp_alloc_firmware_page); + +static void __snp_free_firmware_pages(struct page *page, int order, bool locked) +{ + struct sev_device *sev = psp_master->sev_data; + unsigned long paddr, npages = 1ul << order; + + if (!page) + return; + + paddr = __pa((unsigned long)page_address(page)); + if (sev->snp_initialized && + snp_reclaim_pages(paddr, npages, locked)) + return; + + __free_pages(page, order); +} + +void snp_free_firmware_page(void *addr) +{ + if (!addr) + return; + + __snp_free_firmware_pages(virt_to_page(addr), 0, false); +} +EXPORT_SYMBOL_GPL(snp_free_firmware_page); + static void *sev_fw_alloc(unsigned long len) { struct page *page; - page = alloc_pages(GFP_KERNEL, get_order(len)); + page = __snp_alloc_firmware_pages(GFP_KERNEL, get_order(len), false); if (!page) return NULL; @@ -468,7 +598,7 @@ static int __sev_init_locked(int *error) data.tmr_address = __pa(sev_es_tmr); data.flags |= SEV_INIT_FLAGS_SEV_ES; - data.tmr_len = SEV_ES_TMR_SIZE; + data.tmr_len = sev_es_tmr_size; } return __sev_do_cmd_locked(SEV_CMD_INIT, &data, error); @@ -491,7 +621,7 @@ static int __sev_init_ex_locked(int *error) data.tmr_address = __pa(sev_es_tmr); data.flags |= SEV_INIT_FLAGS_SEV_ES; - data.tmr_len = SEV_ES_TMR_SIZE; + data.tmr_len = sev_es_tmr_size; } return __sev_do_cmd_locked(SEV_CMD_INIT_EX, &data, error); @@ -982,6 +1112,8 @@ static int __sev_snp_init_locked(int *error) sev->snp_initialized = true; dev_dbg(sev->dev, "SEV-SNP firmware initialized\n"); + sev_es_tmr_size = SEV_SNP_ES_TMR_SIZE; + return rc; } @@ -1499,8 +1631,9 @@ static void sev_firmware_shutdown(struct sev_device *sev) /* The TMR area was encrypted, flush it from the cache */ wbinvd_on_all_cpus(); - free_pages((unsigned long)sev_es_tmr, - get_order(SEV_ES_TMR_SIZE)); + __snp_free_firmware_pages(virt_to_page(sev_es_tmr), + get_order(sev_es_tmr_size), + false); sev_es_tmr = NULL; } @@ -1511,8 +1644,7 @@ static void sev_firmware_shutdown(struct sev_device *sev) } if (snp_range_list) { - free_pages((unsigned long)snp_range_list, - get_order(PAGE_SIZE)); + snp_free_firmware_page(snp_range_list); snp_range_list = NULL; } @@ -1593,7 +1725,7 @@ void sev_pci_init(void) } /* Obtain the TMR memory area for SEV-ES use */ - sev_es_tmr = sev_fw_alloc(SEV_ES_TMR_SIZE); + sev_es_tmr = sev_fw_alloc(sev_es_tmr_size); if (!sev_es_tmr) dev_warn(sev->dev, "SEV: TMR allocation failed, SEV-ES support unavailable\n"); diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index 8edf5c548fbf..d19744807471 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -922,6 +922,8 @@ int sev_guest_decommission(struct sev_data_decommission *data, int *error); int sev_do_cmd(int cmd, void *data, int *psp_ret); void *psp_copy_user_blob(u64 uaddr, u32 len); +void *snp_alloc_firmware_page(gfp_t mask); +void snp_free_firmware_page(void *addr); /** * sev_mark_pages_offline - insert non-reclaimed firmware/guest pages @@ -959,6 +961,13 @@ static inline void *psp_copy_user_blob(u64 __user uaddr, u32 len) { return ERR_P void snp_mark_pages_offline(unsigned long pfn, unsigned int npages) {} +static inline void *snp_alloc_firmware_page(gfp_t mask) +{ + return NULL; +} + +static inline void snp_free_firmware_page(void *addr) { } + #endif /* CONFIG_CRYPTO_DEV_SP_PSP */ #endif /* __PSP_SEV_H__ */ From patchwork Mon Feb 20 18:38:16 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59605 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1462324wrn; Mon, 20 Feb 2023 10:57:14 -0800 (PST) X-Google-Smtp-Source: AK7set9AqZ3gdj34LJD6+AuJQiS1gygxWLxmyHuSjWYPCXHoPVqaTbZQ1RMWfKgsm/HSNk9vxSDN X-Received: by 2002:a17:906:a45a:b0:8b1:7fea:7459 with SMTP id cb26-20020a170906a45a00b008b17fea7459mr10783273ejb.11.1676919433998; Mon, 20 Feb 2023 10:57:13 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919433; cv=pass; d=google.com; s=arc-20160816; b=G0d2MSoGTyAiQ7b0mDegOhse8l+dNzY38kqM+SM/3+QbYOMha6P/7NeXACAcCWNoz4 EsEjfNg6Ugio3JzihYliCED05lZDIHJbzqY4H5M2oM7/E2qBNYCE7E9FMUJvblZETT28 heNGnObcXjqO2bPITBzgrks4y/a2St01/nmuzCizC+SAKXSHdhfn58heXpwn3YwmfKo8 xJTvsO0BeFX9IO1RfZLPTmxCb/4zuWP3G5pwuw1d3kRi+tBMyF8YP9HiWF2pzE9zS5wf WfJiGcR2OHRXd3EwuxO28KUnxVxway0dOuMc/BwwgPat7LEX0GEn9Ha4i3RNnfDZolO3 8UGQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=oyEis+QxgkD0rrC2Cj501D7OqFc3o6stBa7O9h/r2NU=; b=Y0eZtFuvgqVzYQQ1pMakbTHpsVMPEcfz7hl78jsvzzuJEgcY4kdEKNYhQfJTvw0AON m2ed+SNn3e9KzD99Hyk7SY1XDAfXzLqg1ceirCYKQEqjwUDxAvvWfWfbM7GkFOt0X0uz 4KsXtY+B95Mx7z00JBF0OQ7kbLQB3ignRLoQyEyhaf99paYBx3Oxo8FZmbGZjmK+I1/z 1GLU4+P+/4tpX+l7AIZ4RNtMztmFU7k8mPYeEhCbNhXU7BTfOUs+kxoYKguh43M9MLea Qh4216RwTl4W8AP4u5/0GG1seBp/LFLU1RV9CBY2qflnkJvseLa6JsT5IDl/EvAiqCw4 pgYA== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=mhJK6duo; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id h17-20020a17090791d100b008d3be841ccdsi3796901ejz.326.2023.02.20.10.56.50; Mon, 20 Feb 2023 10:57:13 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=mhJK6duo; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231817AbjBTSuv (ORCPT + 99 others); Mon, 20 Feb 2023 13:50:51 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:32888 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232653AbjBTSun (ORCPT ); Mon, 20 Feb 2023 13:50:43 -0500 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2060a.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe5a::60a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 67C6B21A3C; Mon, 20 Feb 2023 10:50:06 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=iDnfICBIXlN9ASRP8VHbRS3vXeOj94vCzIW0rncMT6q0sfA4PuC7HRQcWM5JlMIQ5+ST8pjijjK0x7DAVACL7hU7nbJFPca2v6vgirR/nbuJ3h6QBKhkxFGNKhVGMm1fQjUhjRCJYQj+pY6XL2knSiRuN0KIAQExej1U9rkg/0rEO1fBwBnDaOsUKAztY2ugcEQxJVHtVytdEtms/HExOpan1IfbCKu47Na9XNkdtTystKI8z5q8EewJnUaYye4odjdQG8rdbBSWdVzwj3OpvQR+aarCH7LukT5Z8O88xnaeAPzDK51lea1FJTCT1CiXbx144zFaftQnCGylMns7mg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=oyEis+QxgkD0rrC2Cj501D7OqFc3o6stBa7O9h/r2NU=; b=SFtV3u2ApcJL2dg4632BXmoleleF4gY3X0ym7qWWLbiS9MB5NLuai8v4ONISkaL2tVcLMVDXrGkVzt1CbYIVi8PIMrtLTb59ISPqecSdqjxzxwIPI99UlmqHaEZwLpgfHAMxASz3Jd53rq0ds1QuwiyEqKcpUzkwDd+uzlKHIyzSt1ukldOoDvVUZPXjF9pW/SKewd7O6IjeCuhizaKyNwiQEHj6ga3C0t9I9KnNzZDIZVtRoPvFZE9rjZdfH3yPTZzJT69Z1uxzYG3BFmrqzWsUSdZ9WFlTOLQSpL897J0NdUumP3ua2kbMeX7CZgSJ99vx6E0QwYpSzl1pDWppYA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=oyEis+QxgkD0rrC2Cj501D7OqFc3o6stBa7O9h/r2NU=; b=mhJK6duoTRQBrkXjkLPhq1B3yJT4Mm0YS1deKvJ3ClgJbRwadxhbzc1oGHpoGin1M577QTnXGQ/BrdmlzHgHoo84jUjy5eIrRA3Y7bll5+MQulqHk+MBQy6LuUPtbWpTiWwo6PbivxVpKSg98nr4cY1f/x50Xq1g45zwmy+lZnE= Received: from CY5PR15CA0030.namprd15.prod.outlook.com (2603:10b6:930:14::28) by SA1PR12MB6776.namprd12.prod.outlook.com (2603:10b6:806:25b::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19; Mon, 20 Feb 2023 18:49:30 +0000 Received: from CY4PEPF0000C96B.namprd02.prod.outlook.com (2603:10b6:930:14:cafe::e0) by CY5PR15CA0030.outlook.office365.com (2603:10b6:930:14::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:49:29 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000C96B.mail.protection.outlook.com (10.167.241.75) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6134.14 via Frontend Transport; Mon, 20 Feb 2023 18:49:29 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:49:28 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH RFC v8 25/56] crypto: ccp: Handle the legacy SEV command when SNP is enabled Date: Mon, 20 Feb 2023 12:38:16 -0600 Message-ID: <20230220183847.59159-26-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000C96B:EE_|SA1PR12MB6776:EE_ X-MS-Office365-Filtering-Correlation-Id: d6700ea7-600d-4a8e-0275-08db137332d8 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: qFLieTtn3sAVoNA5ru6EEJqN9GTWFaazxkf7QMR+9lyLhNG/hDoWk7TkQDpNpQP0WiIbEBS/SHVOLNIMkfhpra7RAGIuKmeUarbqLj4mQkrB7SKqPUWfsuuv9NCGHzknBi7VGCyy5RPdtXHjOO0ybARNZsXPE4zXtSF8vbyhAJ5CNPOFIpST2T+Knn85zGeSrWbAxurqXq3uDh5pIWIMsVkOZCMp7eMdDxkXThCQCGD1v0MqKiw3qHhbk+n1bqVPfkPRUitoOhVLhR2gRKpuK6hPA9gzmZpt56So6voXYyO2hNk7doWZHOPXB2xtfAt3tooOkt2j06grS9fyMk4PBvaLdKY2A5uJtrnEboltvuKKoBlCQbp/jO0Uk/508aDYEfs9YpkUl304mYNALdZ9QUAG8wDAPP9/qwyvYrHO11TT6dFrI/JEXDLlbfOEJtRnQWTpzi9MkkU3byCBQAH41zopf3c/pMJruwChqXn030nF4ARerpB3VsRke06fMtYqzzJNrcfITH9BTwom4KSM29Xou+DgdArmuBXM7qi8ATu10gZsTgOETfzSwRl2Q0xMMlkm7cyZnMPmiv4MCb9hZ//gP6EWwpH06QqqUN3aclyvrLTKXQUy7dkOwYSyYOPg1Zqd08MIufkjXaqdqQ9SkSrikyTM2Zkjqxm9yYr6dw4goCziNsnPol446H/c4rYSm8U3kgYamo+oDwyNAmUBkTA1YeusEPUygvhepp0C+n0= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(346002)(39860400002)(376002)(396003)(136003)(451199018)(36840700001)(40470700004)(46966006)(82740400003)(44832011)(81166007)(36860700001)(5660300002)(7406005)(30864003)(86362001)(82310400005)(2906002)(7416002)(356005)(36756003)(478600001)(336012)(47076005)(186003)(16526019)(26005)(40480700001)(426003)(70586007)(316002)(54906003)(83380400001)(40460700003)(70206006)(8676002)(1076003)(2616005)(6916009)(6666004)(41300700001)(4326008)(8936002)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:49:29.7146 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: d6700ea7-600d-4a8e-0275-08db137332d8 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000C96B.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR12MB6776 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,SPF_HELO_PASS, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377472573319378?= X-GMAIL-MSGID: =?utf-8?q?1758377472573319378?= From: Brijesh Singh The behavior of the SEV-legacy commands is altered when the SNP firmware is in the INIT state. When SNP is in INIT state, all the SEV-legacy commands that cause the firmware to write to memory must be in the firmware state before issuing the command.. A command buffer may contains a system physical address that the firmware may write to. There are two cases that need to be handled: 1) system physical address points to a guest memory 2) system physical address points to a host memory To handle the case #1, change the page state to the firmware in the RMP table before issuing the command and restore the state to shared after the command completes. For the case #2, use a bounce buffer to complete the request. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- drivers/crypto/ccp/sev-dev.c | 371 ++++++++++++++++++++++++++++++++++- drivers/crypto/ccp/sev-dev.h | 12 ++ 2 files changed, 373 insertions(+), 10 deletions(-) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 4c12e98a1219..fd8893af6ed7 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -27,6 +27,7 @@ #include #include +#include #include "psp-dev.h" #include "sev-dev.h" @@ -286,6 +287,30 @@ static int rmp_mark_pages_firmware(unsigned long paddr, unsigned int npages, boo return rc; } +static int rmp_mark_pages_shared(unsigned long paddr, unsigned int npages) +{ + /* Cbit maybe set in the paddr */ + unsigned long pfn = __sme_clr(paddr) >> PAGE_SHIFT; + int rc, n = 0, i; + + for (i = 0; i < npages; i++, pfn++, n++) { + rc = rmp_make_shared(pfn, PG_LEVEL_4K); + if (rc) + goto cleanup; + } + + return 0; + +cleanup: + /* + * If failed to change the page state to shared, then its not safe + * to release the page back to the system, leak it. + */ + snp_mark_pages_offline(pfn, npages - n); + + return rc; +} + static struct page *__snp_alloc_firmware_pages(gfp_t gfp_mask, int order, bool locked) { unsigned long npages = 1ul << order, paddr; @@ -487,12 +512,295 @@ static int sev_write_init_ex_file_if_required(int cmd_id) return sev_write_init_ex_file(); } +static int alloc_snp_host_map(struct sev_device *sev) +{ + struct page *page; + int i; + + for (i = 0; i < MAX_SNP_HOST_MAP_BUFS; i++) { + struct snp_host_map *map = &sev->snp_host_map[i]; + + memset(map, 0, sizeof(*map)); + + page = alloc_pages(GFP_KERNEL_ACCOUNT, get_order(SEV_FW_BLOB_MAX_SIZE)); + if (!page) + return -ENOMEM; + + map->host = page_address(page); + } + + return 0; +} + +static void free_snp_host_map(struct sev_device *sev) +{ + int i; + + for (i = 0; i < MAX_SNP_HOST_MAP_BUFS; i++) { + struct snp_host_map *map = &sev->snp_host_map[i]; + + if (map->host) { + __free_pages(virt_to_page(map->host), get_order(SEV_FW_BLOB_MAX_SIZE)); + memset(map, 0, sizeof(*map)); + } + } +} + +static int map_firmware_writeable(u64 *paddr, u32 len, bool guest, struct snp_host_map *map) +{ + unsigned int npages = PAGE_ALIGN(len) >> PAGE_SHIFT; + + map->active = false; + + if (!paddr || !len) + return 0; + + map->paddr = *paddr; + map->len = len; + + /* If paddr points to a guest memory then change the page state to firmwware. */ + if (guest) { + if (rmp_mark_pages_firmware(*paddr, npages, true)) + return -EFAULT; + + goto done; + } + + if (!map->host) + return -ENOMEM; + + /* Check if the pre-allocated buffer can be used to fullfil the request. */ + if (len > SEV_FW_BLOB_MAX_SIZE) + return -EINVAL; + + /* Transition the pre-allocated buffer to the firmware state. */ + if (rmp_mark_pages_firmware(__pa(map->host), npages, true)) + return -EFAULT; + + /* Set the paddr to use pre-allocated firmware buffer */ + *paddr = __psp_pa(map->host); + +done: + map->active = true; + return 0; +} + +static int unmap_firmware_writeable(u64 *paddr, u32 len, bool guest, struct snp_host_map *map) +{ + unsigned int npages = PAGE_ALIGN(len) >> PAGE_SHIFT; + + if (!map->active) + return 0; + + /* If paddr points to a guest memory then restore the page state to hypervisor. */ + if (guest) { + if (snp_reclaim_pages(*paddr, npages, true)) + return -EFAULT; + + goto done; + } + + /* + * Transition the pre-allocated buffer to hypervisor state before the access. + * + * This is because while changing the page state to firmware, the kernel unmaps + * the pages from the direct map, and to restore the direct map the pages must + * be transitioned back to the shared state. + */ + if (snp_reclaim_pages(__pa(map->host), npages, true)) + return -EFAULT; + + /* Copy the response data firmware buffer to the callers buffer. */ + memcpy(__va(__sme_clr(map->paddr)), map->host, min_t(size_t, len, map->len)); + *paddr = map->paddr; + +done: + map->active = false; + return 0; +} + +static bool sev_legacy_cmd_buf_writable(int cmd) +{ + switch (cmd) { + case SEV_CMD_PLATFORM_STATUS: + case SEV_CMD_GUEST_STATUS: + case SEV_CMD_LAUNCH_START: + case SEV_CMD_RECEIVE_START: + case SEV_CMD_LAUNCH_MEASURE: + case SEV_CMD_SEND_START: + case SEV_CMD_SEND_UPDATE_DATA: + case SEV_CMD_SEND_UPDATE_VMSA: + case SEV_CMD_PEK_CSR: + case SEV_CMD_PDH_CERT_EXPORT: + case SEV_CMD_GET_ID: + case SEV_CMD_ATTESTATION_REPORT: + return true; + default: + return false; + } +} + +#define prep_buffer(name, addr, len, guest, map) \ + func(&((typeof(name *))cmd_buf)->addr, ((typeof(name *))cmd_buf)->len, guest, map) + +static int __snp_cmd_buf_copy(int cmd, void *cmd_buf, bool to_fw, int fw_err) +{ + int (*func)(u64 *paddr, u32 len, bool guest, struct snp_host_map *map); + struct sev_device *sev = psp_master->sev_data; + bool from_fw = !to_fw; + + /* + * After the command is completed, change the command buffer memory to + * hypervisor state. + * + * The immutable bit is automatically cleared by the firmware, so + * no not need to reclaim the page. + */ + if (from_fw && sev_legacy_cmd_buf_writable(cmd)) { + if (rmp_mark_pages_shared(__pa(cmd_buf), 1)) + return -EFAULT; + + /* No need to go further if firmware failed to execute command. */ + if (fw_err) + return 0; + } + + if (to_fw) + func = map_firmware_writeable; + else + func = unmap_firmware_writeable; + + /* + * A command buffer may contains a system physical address. If the address + * points to a host memory then use an intermediate firmware page otherwise + * change the page state in the RMP table. + */ + switch (cmd) { + case SEV_CMD_PDH_CERT_EXPORT: + if (prep_buffer(struct sev_data_pdh_cert_export, pdh_cert_address, + pdh_cert_len, false, &sev->snp_host_map[0])) + goto err; + if (prep_buffer(struct sev_data_pdh_cert_export, cert_chain_address, + cert_chain_len, false, &sev->snp_host_map[1])) + goto err; + break; + case SEV_CMD_GET_ID: + if (prep_buffer(struct sev_data_get_id, address, len, + false, &sev->snp_host_map[0])) + goto err; + break; + case SEV_CMD_PEK_CSR: + if (prep_buffer(struct sev_data_pek_csr, address, len, + false, &sev->snp_host_map[0])) + goto err; + break; + case SEV_CMD_LAUNCH_UPDATE_DATA: + if (prep_buffer(struct sev_data_launch_update_data, address, len, + true, &sev->snp_host_map[0])) + goto err; + break; + case SEV_CMD_LAUNCH_UPDATE_VMSA: + if (prep_buffer(struct sev_data_launch_update_vmsa, address, len, + true, &sev->snp_host_map[0])) + goto err; + break; + case SEV_CMD_LAUNCH_MEASURE: + if (prep_buffer(struct sev_data_launch_measure, address, len, + false, &sev->snp_host_map[0])) + goto err; + break; + case SEV_CMD_LAUNCH_UPDATE_SECRET: + if (prep_buffer(struct sev_data_launch_secret, guest_address, guest_len, + true, &sev->snp_host_map[0])) + goto err; + break; + case SEV_CMD_DBG_DECRYPT: + if (prep_buffer(struct sev_data_dbg, dst_addr, len, false, + &sev->snp_host_map[0])) + goto err; + break; + case SEV_CMD_DBG_ENCRYPT: + if (prep_buffer(struct sev_data_dbg, dst_addr, len, true, + &sev->snp_host_map[0])) + goto err; + break; + case SEV_CMD_ATTESTATION_REPORT: + if (prep_buffer(struct sev_data_attestation_report, address, len, + false, &sev->snp_host_map[0])) + goto err; + break; + case SEV_CMD_SEND_START: + if (prep_buffer(struct sev_data_send_start, session_address, + session_len, false, &sev->snp_host_map[0])) + goto err; + break; + case SEV_CMD_SEND_UPDATE_DATA: + if (prep_buffer(struct sev_data_send_update_data, hdr_address, hdr_len, + false, &sev->snp_host_map[0])) + goto err; + if (prep_buffer(struct sev_data_send_update_data, trans_address, + trans_len, false, &sev->snp_host_map[1])) + goto err; + break; + case SEV_CMD_SEND_UPDATE_VMSA: + if (prep_buffer(struct sev_data_send_update_vmsa, hdr_address, hdr_len, + false, &sev->snp_host_map[0])) + goto err; + if (prep_buffer(struct sev_data_send_update_vmsa, trans_address, + trans_len, false, &sev->snp_host_map[1])) + goto err; + break; + case SEV_CMD_RECEIVE_UPDATE_DATA: + if (prep_buffer(struct sev_data_receive_update_data, guest_address, + guest_len, true, &sev->snp_host_map[0])) + goto err; + break; + case SEV_CMD_RECEIVE_UPDATE_VMSA: + if (prep_buffer(struct sev_data_receive_update_vmsa, guest_address, + guest_len, true, &sev->snp_host_map[0])) + goto err; + break; + default: + break; + } + + /* The command buffer need to be in the firmware state. */ + if (to_fw && sev_legacy_cmd_buf_writable(cmd)) { + if (rmp_mark_pages_firmware(__pa(cmd_buf), 1, true)) + return -EFAULT; + } + + return 0; + +err: + return -EINVAL; +} + +static inline bool need_firmware_copy(int cmd) +{ + struct sev_device *sev = psp_master->sev_data; + + /* After SNP is INIT'ed, the behavior of legacy SEV command is changed. */ + return ((cmd < SEV_CMD_SNP_INIT) && sev->snp_initialized) ? true : false; +} + +static int snp_aware_copy_to_firmware(int cmd, void *data) +{ + return __snp_cmd_buf_copy(cmd, data, true, 0); +} + +static int snp_aware_copy_from_firmware(int cmd, void *data, int fw_err) +{ + return __snp_cmd_buf_copy(cmd, data, false, fw_err); +} + static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret) { struct psp_device *psp = psp_master; struct sev_device *sev; unsigned int phys_lsb, phys_msb; unsigned int reg, ret = 0; + void *cmd_buf; int buf_len; if (!psp || !psp->sev_data) @@ -512,12 +820,28 @@ static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret) * work for some memory, e.g. vmalloc'd addresses, and @data may not be * physically contiguous. */ - if (data) - memcpy(sev->cmd_buf, data, buf_len); + if (data) { + if (sev->cmd_buf_active > 2) + return -EBUSY; + + cmd_buf = sev->cmd_buf_active ? sev->cmd_buf_backup : sev->cmd_buf; + + memcpy(cmd_buf, data, buf_len); + sev->cmd_buf_active++; + + /* + * The behavior of the SEV-legacy commands is altered when the + * SNP firmware is in the INIT state. + */ + if (need_firmware_copy(cmd) && snp_aware_copy_to_firmware(cmd, cmd_buf)) + return -EFAULT; + } else { + cmd_buf = sev->cmd_buf; + } /* Get the physical address of the command buffer */ - phys_lsb = data ? lower_32_bits(__psp_pa(sev->cmd_buf)) : 0; - phys_msb = data ? upper_32_bits(__psp_pa(sev->cmd_buf)) : 0; + phys_lsb = data ? lower_32_bits(__psp_pa(cmd_buf)) : 0; + phys_msb = data ? upper_32_bits(__psp_pa(cmd_buf)) : 0; dev_dbg(sev->dev, "sev command id %#x buffer 0x%08x%08x timeout %us\n", cmd, phys_msb, phys_lsb, psp_timeout); @@ -560,15 +884,24 @@ static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret) ret = sev_write_init_ex_file_if_required(cmd); } - print_hex_dump_debug("(out): ", DUMP_PREFIX_OFFSET, 16, 2, data, - buf_len, false); - /* * Copy potential output from the PSP back to data. Do this even on * failure in case the caller wants to glean something from the error. */ - if (data) - memcpy(data, sev->cmd_buf, buf_len); + if (data) { + /* + * Restore the page state after the command completes. + */ + if (need_firmware_copy(cmd) && + snp_aware_copy_from_firmware(cmd, cmd_buf, ret)) + return -EFAULT; + + memcpy(data, cmd_buf, buf_len); + sev->cmd_buf_active--; + } + + print_hex_dump_debug("(out): ", DUMP_PREFIX_OFFSET, 16, 2, data, + buf_len, false); return ret; } @@ -1579,10 +1912,12 @@ int sev_dev_init(struct psp_device *psp) if (!sev) goto e_err; - sev->cmd_buf = (void *)devm_get_free_pages(dev, GFP_KERNEL, 0); + sev->cmd_buf = (void *)devm_get_free_pages(dev, GFP_KERNEL, 1); if (!sev->cmd_buf) goto e_sev; + sev->cmd_buf_backup = (uint8_t *)sev->cmd_buf + PAGE_SIZE; + psp->sev_data = sev; sev->dev = dev; @@ -1648,6 +1983,12 @@ static void sev_firmware_shutdown(struct sev_device *sev) snp_range_list = NULL; } + /* + * The host map need to clear the immutable bit so it must be free'd before the + * SNP firmware shutdown. + */ + free_snp_host_map(sev); + sev_snp_shutdown(&error); } @@ -1722,6 +2063,14 @@ void sev_pci_init(void) dev_err(sev->dev, "SEV-SNP: failed to INIT error %#x\n", error); } } + + /* + * Allocate the intermediate buffers used for the legacy command handling. + */ + if (alloc_snp_host_map(sev)) { + dev_notice(sev->dev, "Failed to alloc host map (disabling legacy SEV)\n"); + goto skip_legacy; + } } /* Obtain the TMR memory area for SEV-ES use */ @@ -1739,12 +2088,14 @@ void sev_pci_init(void) dev_err(sev->dev, "SEV: failed to INIT error %#x, rc %d\n", error, rc); +skip_legacy: dev_info(sev->dev, "SEV%s API:%d.%d build:%d\n", sev->snp_initialized ? "-SNP" : "", sev->api_major, sev->api_minor, sev->build); return; err: + free_snp_host_map(sev); psp_master->sev_data = NULL; } diff --git a/drivers/crypto/ccp/sev-dev.h b/drivers/crypto/ccp/sev-dev.h index 34767657beb5..19d79f9d4212 100644 --- a/drivers/crypto/ccp/sev-dev.h +++ b/drivers/crypto/ccp/sev-dev.h @@ -29,11 +29,20 @@ #define SEV_CMDRESP_CMD_SHIFT 16 #define SEV_CMDRESP_IOC BIT(0) +#define MAX_SNP_HOST_MAP_BUFS 2 + struct sev_misc_dev { struct kref refcount; struct miscdevice misc; }; +struct snp_host_map { + u64 paddr; + u32 len; + void *host; + bool active; +}; + struct sev_device { struct device *dev; struct psp_device *psp; @@ -52,8 +61,11 @@ struct sev_device { u8 build; void *cmd_buf; + void *cmd_buf_backup; + int cmd_buf_active; bool snp_initialized; + struct snp_host_map snp_host_map[MAX_SNP_HOST_MAP_BUFS]; }; int sev_dev_init(struct psp_device *psp); From patchwork Mon Feb 20 18:38:17 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59607 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1462500wrn; Mon, 20 Feb 2023 10:57:47 -0800 (PST) X-Google-Smtp-Source: AK7set/CpXtU7IiO0mDC5fryMQe9KhXSo4UL8cOH3lEGwuvNe/Z+2zvd0v5vF6MoGvMviRve589h X-Received: by 2002:a17:906:174b:b0:88e:e6ee:feab with SMTP id d11-20020a170906174b00b0088ee6eefeabmr11053797eje.62.1676919467521; Mon, 20 Feb 2023 10:57:47 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919467; cv=pass; d=google.com; s=arc-20160816; b=lKHpPO0VP9470IEvR8GT6QLACPxUMdVR36b9CuZm1ykNSgFjHy5PcMQ/BDiX0CnIFO smSowRWffr8486npLVOWsFVKyMP66ZbgPBXn622tb1/S8R4tPh78/9EtP+9dK/47OAOc GWJ7+/fUZ73XcHAtSV5VpTozkFnK6fHc+89b+NYtGgT1Yp3RzwKGZhwIxMOEdb35es0h 7FKj8kN/X65P6ak/oQszUG+OyqhSnolmdCZ50LLIYnIL74cSzGltBEs1DTM8mSckfi1I 2x25k1DhrpbzliTFVqsvJ8L8h0RBCCkxdJ/yBNm7+PEP4/ArbNuKL9Duwrprmj7lHYvf CRVg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=x6nUTrm8qRU265S2b9i11RIXRilPZluYGpyCcCYUbZI=; b=zjGiNxP3QxPzYf0OyZGZshSujWX6w3JQC6QRsyXNN5Np/ekq/ABuprODMYsZR0e3Fa rkqmwSrtrNXit7uqYVaJalG8nCOeoL1y0cN0EnIVUBaPjtcfukrfYkLPweXq2CBH5lEJ AM9kyZ+17Bk0mIMoA+WgOEP7+myjbdV3ESGxgRPlG8K2L82oNgna3PQFzmkZhEzeArm6 YlgZcEICmQXXaYEHZB5tC7XA2LLhUFwGn6amuK3EbSz5qagJD1RuXrENcPC47bOnLWB8 0w5qjIsPzJLK/9PgXmQL9O1fDUxMV7GAHoH9faVzI4Qt8JPvvL8RKyxlP4zxZhgRvcb3 F08Q== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=myXUbkaG; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id 9-20020a170906224900b008b3b05ca5ebsi13592798ejr.40.2023.02.20.10.56.54; Mon, 20 Feb 2023 10:57:47 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=myXUbkaG; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232604AbjBTSv0 (ORCPT + 99 others); Mon, 20 Feb 2023 13:51:26 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33702 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231939AbjBTSvX (ORCPT ); Mon, 20 Feb 2023 13:51:23 -0500 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2059.outbound.protection.outlook.com [40.107.92.59]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EBF362195D; Mon, 20 Feb 2023 10:50:49 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=H7rUmFhUGWCoS0j2blag4pWFWPnTKKALKdu31EBSwXwhfL43Gwq7EbvG7z+qY5YbtUC5aqe/fcCQ3id3UjLwW4f7gq2KZkf2TlwYNibGZw3t+t5edpXJ3EJFM8lOIeIub+AQVQiENnh6i/PiDAgBfc1GKflSijpt6tWnCe1ui2dxTPfAGeMIImCiwUaBtjNlkwi39vZceD7YOcX3IXY/WRZUuFB5WOqTvXlkfUlpLb0nNhWNgDs/Ex71Jkww/z2zYZd93Tis4fZq+d5VTDlXHLVyDYYLqqOKYX5ZDmG9/6wCvRrRjbVswonfspq98N/h079C+gJGX2zxbSwIgM1i4Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=x6nUTrm8qRU265S2b9i11RIXRilPZluYGpyCcCYUbZI=; b=DT55adSncfuYZAvNtwtsCK21oPfuqDUYbCh3hF3/OOibDkvA9YQdG5+Yv69tXNPj1JDKf/j8oRDucqcgTCugeHkaELAH/lxXtO5wJPQwsRLAVoFLf1JdhfKMZ/bvlpLuKJseT0kJLRamkIoOTqplT6uU7eu/wdpwFG0KKTRJP0KJGLdcufhelgweite5k46EtwB15omzTHQPGyuY0hTynyzZGNN6DTmlnkmq48ikSmamba7SIN1ixkyAOzEF4qTrJDPF4Wq5TqSjI691uC74yQTDBsA8RH1Po0C7b1/6C9ydJvUSjosZvxIE7LBxcv03hvpeAZcum34N4CKvSapjbQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=x6nUTrm8qRU265S2b9i11RIXRilPZluYGpyCcCYUbZI=; b=myXUbkaGLcZZEp+GqoboL3oEnzYReDwkCGQfcwHZd0VSjOYIDIRGwUxyEJ4n49+qwTiwVl0ZrqgY1C+gMfjjlrPi7WG+SIVDSNLh0XgUMW+rMSEBtVnf/E+4eEo/mv9hNrDSpo/CQLjW9OD20cC+ehWQaU5ldsA1h5XgOp+0n3Q= Received: from CY5PR16CA0020.namprd16.prod.outlook.com (2603:10b6:930:10::16) by CY8PR12MB8339.namprd12.prod.outlook.com (2603:10b6:930:7e::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20; Mon, 20 Feb 2023 18:49:50 +0000 Received: from CY4PEPF0000C968.namprd02.prod.outlook.com (2603:10b6:930:10:cafe::bc) by CY5PR16CA0020.outlook.office365.com (2603:10b6:930:10::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:49:50 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000C968.mail.protection.outlook.com (10.167.241.72) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6134.14 via Frontend Transport; Mon, 20 Feb 2023 18:49:50 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:49:49 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH RFC v8 26/56] crypto: ccp: Add the SNP_PLATFORM_STATUS command Date: Mon, 20 Feb 2023 12:38:17 -0600 Message-ID: <20230220183847.59159-27-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000C968:EE_|CY8PR12MB8339:EE_ X-MS-Office365-Filtering-Correlation-Id: 572a6838-83f4-445f-5a8f-08db13733f35 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: m4Pwn1EA8k8uQpJy4IQguQMuRi3vhQrKhjXkxXiY/voFmKskqwK5J2EA/gpYQEdd5CGnnh8ZRx9+iZ5IB8n8Sdapo4Z6RogYno4GSchyHn5SLhPPWqloAHA3ZAHUbY3Pe2dN4fblHhF9Nsm+zQla3FK+D5D4YtWYwcCmIuVOfrjQk4AhdEscXRKyMnQ1MrQ/fe9rFt2EAoPrLfbL4nDp5GBjvnBCKLgNalRLdvr84shbJ+lhncK54lCnDM9kZj6nuLiAOqkOsvpW+X1zXSqam1H+Glg2/updeSfPfHTfnaATQ69s2S0BwVN7hHcJNKK+1+GsPjhjZfISm2IeVmZkNNQ8BzIiwdaC4leprQH1dQLGiyBO7VJdJvTitWgA0UjEaob5a9Faxe+/ofU2gZrK8ti5JPVDTExerrqXZabCdqt7owLSjFhkDqvDf0ow7sZlIG+1L9H/FKXgb8sq0tffjjShmOTuykFJJNXCe2yYXBvohL6lULbHWTXnfLSxz7U0sEZTVCqgbfRCK5MuztqX825x9qDkKMSiIST69CLJeNvWW4dK0qFm/5kwWf2+20VMj9pSddFdFchQpgAl1uZamQPff/Tjyn0xO5HK3yAJYvxD+TY3SrNOnnHG3GQhZV4fLtyAqV1PrE96SEU8//yl+i0btj4nNY14QBryS1BadnIbp4NGdqW0cknd4uozOfGj+JvQKnnd++vK7dVqKeAxCJn1usAUcY57Ybi+8EFFiYA= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(39860400002)(346002)(136003)(376002)(396003)(451199018)(46966006)(36840700001)(40470700004)(2906002)(26005)(186003)(41300700001)(356005)(16526019)(82740400003)(1076003)(6666004)(44832011)(81166007)(2616005)(7406005)(5660300002)(7416002)(8936002)(36860700001)(40460700003)(316002)(86362001)(70586007)(70206006)(8676002)(4326008)(6916009)(336012)(82310400005)(478600001)(426003)(40480700001)(47076005)(83380400001)(54906003)(36756003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:49:50.4591 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 572a6838-83f4-445f-5a8f-08db13733f35 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000C968.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY8PR12MB8339 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377507179144112?= X-GMAIL-MSGID: =?utf-8?q?1758377507179144112?= From: Brijesh Singh The command can be used by the userspace to query the SNP platform status report. See the SEV-SNP spec for more details. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- Documentation/virt/coco/sev-guest.rst | 27 ++++++++++++++++ drivers/crypto/ccp/sev-dev.c | 45 +++++++++++++++++++++++++++ include/uapi/linux/psp-sev.h | 1 + 3 files changed, 73 insertions(+) diff --git a/Documentation/virt/coco/sev-guest.rst b/Documentation/virt/coco/sev-guest.rst index bf593e88cfd9..11ea67c944df 100644 --- a/Documentation/virt/coco/sev-guest.rst +++ b/Documentation/virt/coco/sev-guest.rst @@ -61,6 +61,22 @@ counter (e.g. counter overflow), then -EIO will be returned. __u64 fw_err; }; +The host ioctl should be called to /dev/sev device. The ioctl accepts command +id and command input structure. + +:: + struct sev_issue_cmd { + /* Command ID */ + __u32 cmd; + + /* Command request structure */ + __u64 data; + + /* firmware error code on failure (see psp-sev.h) */ + __u32 error; + }; + + 2.1 SNP_GET_REPORT ------------------ @@ -118,6 +134,17 @@ be updated with the expected value. See GHCB specification for further detail on how to parse the certificate blob. +2.4 SNP_PLATFORM_STATUS +----------------------- +:Technology: sev-snp +:Type: hypervisor ioctl cmd +:Parameters (in): struct sev_data_snp_platform_status +:Returns (out): 0 on success, -negative on error + +The SNP_PLATFORM_STATUS command is used to query the SNP platform status. The +status includes API major, minor version and more. See the SEV-SNP +specification for further details. + 3. SEV-SNP CPUID Enforcement ============================ diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index fd8893af6ed7..65e13a562f3b 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -1751,6 +1751,48 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) return ret; } +static int sev_ioctl_snp_platform_status(struct sev_issue_cmd *argp) +{ + struct sev_device *sev = psp_master->sev_data; + struct sev_data_snp_addr buf; + struct page *status_page; + void *data; + int ret; + + if (!sev->snp_initialized || !argp->data) + return -EINVAL; + + status_page = alloc_page(GFP_KERNEL_ACCOUNT); + if (!status_page) + return -ENOMEM; + + data = page_address(status_page); + if (rmp_mark_pages_firmware(__pa(data), 1, true)) { + __free_pages(status_page, 0); + return -EFAULT; + } + + buf.gctx_paddr = __psp_pa(data); + ret = __sev_do_cmd_locked(SEV_CMD_SNP_PLATFORM_STATUS, &buf, &argp->error); + + /* Change the page state before accessing it */ + if (snp_reclaim_pages(__pa(data), 1, true)) { + snp_mark_pages_offline(__pa(data) >> PAGE_SHIFT, 1); + return -EFAULT; + } + + if (ret) + goto cleanup; + + if (copy_to_user((void __user *)argp->data, data, + sizeof(struct sev_user_data_snp_status))) + ret = -EFAULT; + +cleanup: + __free_pages(status_page, 0); + return ret; +} + static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) { void __user *argp = (void __user *)arg; @@ -1802,6 +1844,9 @@ static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) case SEV_GET_ID2: ret = sev_ioctl_do_get_id2(&input); break; + case SNP_PLATFORM_STATUS: + ret = sev_ioctl_snp_platform_status(&input); + break; default: ret = -EINVAL; goto out; diff --git a/include/uapi/linux/psp-sev.h b/include/uapi/linux/psp-sev.h index c66f7c372645..5adfaea7df97 100644 --- a/include/uapi/linux/psp-sev.h +++ b/include/uapi/linux/psp-sev.h @@ -28,6 +28,7 @@ enum { SEV_PEK_CERT_IMPORT, SEV_GET_ID, /* This command is deprecated, use SEV_GET_ID2 */ SEV_GET_ID2, + SNP_PLATFORM_STATUS, SEV_MAX, }; From patchwork Mon Feb 20 18:38:18 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59606 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1462398wrn; Mon, 20 Feb 2023 10:57:27 -0800 (PST) X-Google-Smtp-Source: AK7set/oqDt6T9W975lJrEQtuxedff9iIA7IWKl9HoCy1do4ou2uQys4wokFmAWuh955pvAZKk6/ X-Received: by 2002:a17:907:3e0e:b0:8aa:b526:36b3 with SMTP id hp14-20020a1709073e0e00b008aab52636b3mr12534921ejc.14.1676919447600; Mon, 20 Feb 2023 10:57:27 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919447; cv=pass; d=google.com; s=arc-20160816; b=nba1Obj8lwvsWzoRiE0Wc/74LD05eXVGhwWGhzGbXDBY7dnLE25R8jDaf73jm0BhJl vIqpgMLk4UqoXf6zb29Tosz5FRhLrhV9FWOxNL4SpuCuykd5JyP+JLQw77o9eSNB750e qsFE6LbAUfs6bmRYDciWuIunMwA2rmm6XwKMkjVwpguVSgzOhVkdvuyEnl73NPJ19Kjt 9FiuDFAr0P+u3fzP59+OIzwmGI+y4ujMDn7+X7XCpVWhrk7RDqDGCbZ2Z+HrAIoV9P9e g9oSYg1IxXmpPu1ulaNcdWc1KJoRVeCCpBZbPb9fE0vfvFEmw0FQVD9TK2SlO4FPVPMN LIOw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=bu8MBPOdpq1dXgtI8ha3W3qrfw7vuEbfpB8WIhNoZrc=; b=bHQELwR1+eQNaKtWP+ev0nsBFMMrtPaurvSA8fCrGDiW64x5vfM1LtfsZ2v8p/RsSY H1kvPAXov56Dr7A/6jJaFSEZ57iC6hloADhsRoOxr2H54d99IQ5Jd8MggTcmrw/sdHe0 KK+MTWx/ltqVVfoO1+DD5GE9VNv7lH9fh14OYMPzi//CwCK2MYkrTYOfrh/Kd10dC7gu qTpn0o9MMXkyxOh6zXVoHgviDNrjoaQDRQCxmhzHTpJynVLxu4/cC5TOupxr94U5DP0h fbL01EdJRXJPHAN5TzrIiWgxwUYZi55adFgIdEzG2EmLj/tB4RG/1geo6JoPGp7D/Drv SYrg== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=Ui0Z0zav; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id j15-20020a50ed0f000000b004ab4c275c42si15257594eds.423.2023.02.20.10.57.04; Mon, 20 Feb 2023 10:57:27 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=Ui0Z0zav; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232399AbjBTSwL (ORCPT + 99 others); Mon, 20 Feb 2023 13:52:11 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34544 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231553AbjBTSwJ (ORCPT ); Mon, 20 Feb 2023 13:52:09 -0500 Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on2063.outbound.protection.outlook.com [40.107.96.63]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 189241EBD0; Mon, 20 Feb 2023 10:51:38 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VK2u2gU7jFnYi5+iOA26l2NtAnkVVXv4JC1jqsHo7JxW0MYzKeTiL/icOZFRz4wi7Kflu8CQ0QgtlcL/SMRB9YN8sE9rRvEVITCShTE8YOZAZqG/eDEjFf1z51+C1xC+PoGWGTlHc1tjCMl5JFDJaaQQxq8dWxXO4sfb6YEX9hjead2G/GLNuEeMLJBE1vD6P5oaYOh20feGjROmlTLwLg2DYwZeR2LzQ6e5BZwAXiB8PBb4kzjdqTBygLMdMgbbeyI0s5Gpk50uf/y5kkCihWTMyeYN18W+mlbLascbPoti3TfTza/n5X+PFaXTx0gXpJI+3p+8zXNtD95fFdoblg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=bu8MBPOdpq1dXgtI8ha3W3qrfw7vuEbfpB8WIhNoZrc=; b=mfSTPRX7ypF2MYo+5GnL8zViRwpF0WdN9WNGvnqQm4+B+dlP9ix3Apyf5D+GldBlJgl3M72U3pHCLudo5WITXDi5PS47UdnZhk8zyfJFSV3IZcgiJoIcdF3W5tuXR050PbCNG0qsZpXNFkvRs+50EmmE4kLzYcUwgnsip3on7GaexqppHX1TJzAZi2OVF1hje0eS/CuZOMHNQlQF2Or2Qc2PvKuXKHb/eYwOJoibJJN/DuwglPWTWN/pWM4xlm7aD5Ha6HBn2VXspz12rxrepea3u9ZFDWlA3b4UUAYnleXDEncmcHapyf3Wda5EzqWRhuGKkeJDxdmXQbZS9UqqDQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=bu8MBPOdpq1dXgtI8ha3W3qrfw7vuEbfpB8WIhNoZrc=; b=Ui0Z0zav+fkwyymdrqnt+bFZ4URC+FLH5kk85GEXB8YUmo9oc/n8y0vqCtcB3Nj3doVhVSDYLv/UiXbXUjXuDxvz9BK2YwWxSRkSFHbx1PlyUgY4eNpjBHxn7w0c/WGHwrl85rIOdrw2DLXPiaa415TC/BS6nwFthO3QsfB79D0= Received: from CY5PR10CA0004.namprd10.prod.outlook.com (2603:10b6:930:1c::19) by CH3PR12MB7617.namprd12.prod.outlook.com (2603:10b6:610:140::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.15; Mon, 20 Feb 2023 18:50:12 +0000 Received: from CY4PEPF0000C966.namprd02.prod.outlook.com (2603:10b6:930:1c:cafe::5d) by CY5PR10CA0004.outlook.office365.com (2603:10b6:930:1c::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:50:11 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000C966.mail.protection.outlook.com (10.167.241.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6134.14 via Frontend Transport; Mon, 20 Feb 2023 18:50:11 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:50:10 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH RFC v8 27/56] crypto: ccp: Add the SNP_{SET,GET}_EXT_CONFIG command Date: Mon, 20 Feb 2023 12:38:18 -0600 Message-ID: <20230220183847.59159-28-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000C966:EE_|CH3PR12MB7617:EE_ X-MS-Office365-Filtering-Correlation-Id: f64c5fe2-11b0-4e2e-8ffd-08db13734bd3 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: kRNlhby/dnP/ajLaG2sOvEZHNl5BhnzK85xYePjSU/Lzxob1uvS7JOxCAA1r4UFAxw4mCe5NUCwV9Ac+Au6dsWNl+Muf+KvOs7ghV/b7GIrrZrIU/e+lhcQ7XGmDhns3xz0K0dYc4HiA7i6FOeolWIww/Jod/F3FK6Rp2ddP9ZC7FVoMBjXa+ceUNoZD0RvR0l6oYgoAYHhgF0lzj1Ks0UMGrD1H1u84nVpRPI6862B9wDd89ce0vmADwxzDshsBgXqbDNQMxvQRFZGeI7MVf1rIvJYKyjgfcv/Pws/N8W9WJEMxNttkMn2qwR0WTT1ne5bTFKl+AwAprgO5fTUZYa4tX/3QX5KV2w13ksTneD31iTL4T3ITjj96exhacVZPMuXVnzGrs9GyZzpEWs5tIfy/V6BEB/jvo9wdDQ+rCw5NbcGQUUkz9ShbjyVk2PDihfDM6pF1D1bzFHglbRE8xwsqTjcFiA8H9Yv+MH+raXzLHd6j7lW1hRua1ZcE+D5k2Jj7s0CMKpiD/IodI+pU+aHIQv2zgtO1ePbo9xPGyIDCGO+sO9o09fFekW6NgLhu+ucD166/sMRFUXAdGeiVvHK3JOaLm4z/dgbIAyjV3tQJWS52hqsYlDQlL7iGhSa99xL+DjE6OjqddgO1AddtXG1zNRVWrtcJdW0U9EFEE01118UcwweuxoVHSyrTpWwXoq/4RvJYNQ9VUaIoD+xY8MGlOyzHMGaGuZCQ4o7i3Ok= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(346002)(396003)(136003)(39860400002)(376002)(451199018)(40470700004)(36840700001)(46966006)(86362001)(81166007)(44832011)(82740400003)(36860700001)(2906002)(336012)(16526019)(478600001)(186003)(26005)(54906003)(82310400005)(6916009)(36756003)(47076005)(356005)(40480700001)(426003)(8676002)(83380400001)(5660300002)(70206006)(70586007)(40460700003)(4326008)(2616005)(41300700001)(316002)(8936002)(1076003)(7406005)(7416002)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:50:11.6286 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f64c5fe2-11b0-4e2e-8ffd-08db13734bd3 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000C966.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH3PR12MB7617 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377486649083158?= X-GMAIL-MSGID: =?utf-8?q?1758377486649083158?= From: Brijesh Singh The SEV-SNP firmware provides the SNP_CONFIG command used to set the system-wide configuration value for SNP guests. The information includes the TCB version string to be reported in guest attestation reports. Version 2 of the GHCB specification adds an NAE (SNP extended guest request) that a guest can use to query the reports that include additional certificates. In both cases, userspace provided additional data is included in the attestation reports. The userspace will use the SNP_SET_EXT_CONFIG command to give the certificate blob and the reported TCB version string at once. Note that the specification defines certificate blob with a specific GUID format; the userspace is responsible for building the proper certificate blob. The ioctl treats it an opaque blob. While it is not defined in the spec, but let's add SNP_GET_EXT_CONFIG command that can be used to obtain the data programmed through the SNP_SET_EXT_CONFIG. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- Documentation/virt/coco/sev-guest.rst | 27 ++++++ drivers/crypto/ccp/sev-dev.c | 123 ++++++++++++++++++++++++++ drivers/crypto/ccp/sev-dev.h | 4 + include/uapi/linux/psp-sev.h | 17 ++++ 4 files changed, 171 insertions(+) diff --git a/Documentation/virt/coco/sev-guest.rst b/Documentation/virt/coco/sev-guest.rst index 11ea67c944df..6cad4226c348 100644 --- a/Documentation/virt/coco/sev-guest.rst +++ b/Documentation/virt/coco/sev-guest.rst @@ -145,6 +145,33 @@ The SNP_PLATFORM_STATUS command is used to query the SNP platform status. The status includes API major, minor version and more. See the SEV-SNP specification for further details. +2.5 SNP_SET_EXT_CONFIG +---------------------- +:Technology: sev-snp +:Type: hypervisor ioctl cmd +:Parameters (in): struct sev_data_snp_ext_config +:Returns (out): 0 on success, -negative on error + +The SNP_SET_EXT_CONFIG is used to set the system-wide configuration such as +reported TCB version in the attestation report. The command is similar to +SNP_CONFIG command defined in the SEV-SNP spec. The main difference is the +command also accepts an additional certificate blob defined in the GHCB +specification. + +If the certs_address is zero, then the previous certificate blob will deleted. +For more information on the certificate blob layout, see the GHCB spec +(extended guest request message). + +2.6 SNP_GET_EXT_CONFIG +---------------------- +:Technology: sev-snp +:Type: hypervisor ioctl cmd +:Parameters (in): struct sev_data_snp_ext_config +:Returns (out): 0 on success, -negative on error + +The SNP_GET_EXT_CONFIG is used to query the system-wide configuration set +through the SNP_SET_EXT_CONFIG. + 3. SEV-SNP CPUID Enforcement ============================ diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 65e13a562f3b..b56b00ca2cd4 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -1481,6 +1481,10 @@ static int __sev_snp_shutdown_locked(int *error) data.length = sizeof(data); data.iommu_snp_shutdown = 1; + /* Free the memory used for caching the certificate data */ + kfree(sev->snp_certs_data); + sev->snp_certs_data = NULL; + wbinvd_on_all_cpus(); retry: @@ -1793,6 +1797,118 @@ static int sev_ioctl_snp_platform_status(struct sev_issue_cmd *argp) return ret; } +static int sev_ioctl_snp_get_config(struct sev_issue_cmd *argp) +{ + struct sev_device *sev = psp_master->sev_data; + struct sev_user_data_ext_snp_config input; + int ret; + + if (!sev->snp_initialized || !argp->data) + return -EINVAL; + + memset(&input, 0, sizeof(input)); + + if (copy_from_user(&input, (void __user *)argp->data, sizeof(input))) + return -EFAULT; + + /* Copy the TCB version programmed through the SET_CONFIG to userspace */ + if (input.config_address) { + if (copy_to_user((void * __user)input.config_address, + &sev->snp_config, sizeof(struct sev_user_data_snp_config))) + return -EFAULT; + } + + /* Copy the extended certs programmed through the SNP_SET_CONFIG */ + if (input.certs_address && sev->snp_certs_data) { + if (input.certs_len < sev->snp_certs_len) { + /* Return the certs length to userspace */ + input.certs_len = sev->snp_certs_len; + + ret = -ENOSR; + goto e_done; + } + + if (copy_to_user((void * __user)input.certs_address, + sev->snp_certs_data, sev->snp_certs_len)) + return -EFAULT; + } + + ret = 0; + +e_done: + if (copy_to_user((void __user *)argp->data, &input, sizeof(input))) + ret = -EFAULT; + + return ret; +} + +static int sev_ioctl_snp_set_config(struct sev_issue_cmd *argp, bool writable) +{ + struct sev_device *sev = psp_master->sev_data; + struct sev_user_data_ext_snp_config input; + struct sev_user_data_snp_config config; + void *certs = NULL; + int ret = 0; + + if (!sev->snp_initialized || !argp->data) + return -EINVAL; + + if (!writable) + return -EPERM; + + memset(&input, 0, sizeof(input)); + + if (copy_from_user(&input, (void __user *)argp->data, sizeof(input))) + return -EFAULT; + + /* Copy the certs from userspace */ + if (input.certs_address) { + if (!input.certs_len || !IS_ALIGNED(input.certs_len, PAGE_SIZE)) + return -EINVAL; + + certs = psp_copy_user_blob(input.certs_address, input.certs_len); + if (IS_ERR(certs)) + return PTR_ERR(certs); + } + + /* Issue the PSP command to update the TCB version using the SNP_CONFIG. */ + if (input.config_address) { + memset(&config, 0, sizeof(config)); + if (copy_from_user(&config, + (void __user *)input.config_address, sizeof(config))) { + ret = -EFAULT; + goto e_free; + } + + ret = __sev_do_cmd_locked(SEV_CMD_SNP_CONFIG, &config, &argp->error); + if (ret) + goto e_free; + + memcpy(&sev->snp_config, &config, sizeof(config)); + } + + /* + * If the new certs are passed then cache it else free the old certs. + */ + mutex_lock(&sev->snp_certs_lock); + if (certs) { + kfree(sev->snp_certs_data); + sev->snp_certs_data = certs; + sev->snp_certs_len = input.certs_len; + } else { + kfree(sev->snp_certs_data); + sev->snp_certs_data = NULL; + sev->snp_certs_len = 0; + } + mutex_unlock(&sev->snp_certs_lock); + + return 0; + +e_free: + kfree(certs); + return ret; +} + static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) { void __user *argp = (void __user *)arg; @@ -1847,6 +1963,12 @@ static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) case SNP_PLATFORM_STATUS: ret = sev_ioctl_snp_platform_status(&input); break; + case SNP_SET_EXT_CONFIG: + ret = sev_ioctl_snp_set_config(&input, writable); + break; + case SNP_GET_EXT_CONFIG: + ret = sev_ioctl_snp_get_config(&input); + break; default: ret = -EINVAL; goto out; @@ -1962,6 +2084,7 @@ int sev_dev_init(struct psp_device *psp) goto e_sev; sev->cmd_buf_backup = (uint8_t *)sev->cmd_buf + PAGE_SIZE; + mutex_init(&sev->snp_certs_lock); psp->sev_data = sev; diff --git a/drivers/crypto/ccp/sev-dev.h b/drivers/crypto/ccp/sev-dev.h index 19d79f9d4212..41d5353d5bab 100644 --- a/drivers/crypto/ccp/sev-dev.h +++ b/drivers/crypto/ccp/sev-dev.h @@ -66,6 +66,10 @@ struct sev_device { bool snp_initialized; struct snp_host_map snp_host_map[MAX_SNP_HOST_MAP_BUFS]; + void *snp_certs_data; + u32 snp_certs_len; + struct mutex snp_certs_lock; + struct sev_user_data_snp_config snp_config; }; int sev_dev_init(struct psp_device *psp); diff --git a/include/uapi/linux/psp-sev.h b/include/uapi/linux/psp-sev.h index 5adfaea7df97..c20d37586d21 100644 --- a/include/uapi/linux/psp-sev.h +++ b/include/uapi/linux/psp-sev.h @@ -29,6 +29,8 @@ enum { SEV_GET_ID, /* This command is deprecated, use SEV_GET_ID2 */ SEV_GET_ID2, SNP_PLATFORM_STATUS, + SNP_SET_EXT_CONFIG, + SNP_GET_EXT_CONFIG, SEV_MAX, }; @@ -192,6 +194,21 @@ struct sev_user_data_snp_config { __u8 rsvd1[52]; } __packed; +/** + * struct sev_data_snp_ext_config - system wide configuration value for SNP. + * + * @config_address: address of the struct sev_user_data_snp_config or 0 when + * reported_tcb does not need to be updated. + * @certs_address: address of extended guest request certificate chain or + * 0 when previous certificate should be removed on SNP_SET_EXT_CONFIG. + * @certs_len: length of the certs + */ +struct sev_user_data_ext_snp_config { + __u64 config_address; /* In */ + __u64 certs_address; /* In */ + __u32 certs_len; /* In */ +}; + /** * struct sev_issue_cmd - SEV ioctl parameters * From patchwork Mon Feb 20 18:38:19 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59612 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1463044wrn; Mon, 20 Feb 2023 10:59:18 -0800 (PST) X-Google-Smtp-Source: AK7set/uPv+n+dy7FyTUTabqPIcps4+zAZ+OSH4UIez1zmOk+xE8Mx8sK3KTGPXjODIGx28GSpmx X-Received: by 2002:aa7:c959:0:b0:4ac:b687:f57e with SMTP id h25-20020aa7c959000000b004acb687f57emr897662edt.1.1676919558039; Mon, 20 Feb 2023 10:59:18 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919558; cv=pass; d=google.com; s=arc-20160816; b=i62vsXcf/mX2ENxOrL/uzmGlEcCuKbRs3fshgbQx5JTvxTaT46x4hfB5EyL61fMLPQ 83wNTIfvREa43F+hfM0B4a83suzE4u3CLPc/iCXBdarIvD0aF+oZnAjOpKW/eU+FiO2C phS+8C/aojbg6Vg81KZvtzVdOCVF4gsua0LWGOqRB5au/X5hMBMvVEMszPyOECRq0BjE b05ZTxu8bHelXslYs/DNvlR5ExtkmFQyYNIyU5NKXn6FhIv4vdFt8AmJcf9H4VR9aYhp sNbjaI25343VZ9ulTtCNn15JDZ7Jlh0zTu6lVtzrBWF1ZpKw52SQFytl3ZIlavM7Rw0+ FmsQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=VjpNkINyZyAw+Ocb5Ohq8zU+vpUdm3APUpg0cCkBwOo=; b=Lrd5gkR6PVG/nVhmHsed8/KxHxW0Dx8TKH3fFqz/Hhi4yxQRa37q5Z0cidWSXzqjb5 0hkDh3iUhJLvIVTWgEmecR66W6OhJg+mgZxV5/0gy/2p+zU51X/V+COdxVMzZt21Qo4h vEEmFTKhFJ6qnREC+ZSGpcHyuQlNvoKP7cJ3BnCborimq3q7fdfVJAVl6K+ueV3Jmwdh ezapnVIYT8hBQSrh/mmpfE4+OWymw+EUlWNWLQ+QfSESWMyffaI03LdRApa0riXvtGLi yES+k5o3uHIh+zLWdqY9YAuemw0AARMN+UKEH4YTaoUjfl8fHL/uxv9czQAG8P4k2LHT 68Nw== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=nToGGUcr; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id u26-20020aa7d99a000000b004acb7b6a25csi15764708eds.42.2023.02.20.10.58.54; Mon, 20 Feb 2023 10:59:18 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=nToGGUcr; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232692AbjBTSw0 (ORCPT + 99 others); Mon, 20 Feb 2023 13:52:26 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34692 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232640AbjBTSwW (ORCPT ); Mon, 20 Feb 2023 13:52:22 -0500 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2060f.outbound.protection.outlook.com [IPv6:2a01:111:f400:7eaa::60f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BF6FF1E9E4; Mon, 20 Feb 2023 10:51:51 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=IzfNFo0skAl9ryEW7VmRogVluaIfIX3HMt2YCg1/A+NiP11xkya6o4d0rT11Wf3l8inBnhoooMl1Kb8cxbvX6r0Iyn3VhkOnER6jGxXaGwkYp4Nf+JGvpjaB5faTuhPkHdbH687uTgOh3IwllKCcCnFMpO9PXLGWatnR6cUdm5Oyb4NStyxzfGSCXADCtJdBKfjC257tXGGVyoaqkx8Km9LCNKEHWAKM1Bm21pG2M9RpznggoWJrcL8X2CcOB1760lPuvtGk8GHzLft2kaeoz1AuNEXcu1Xdk5CguB2dOWpZsK/jCYjBm2yLEE0BKw4wAipirxesLJCm8KwO5BzkCA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=VjpNkINyZyAw+Ocb5Ohq8zU+vpUdm3APUpg0cCkBwOo=; b=GT6TLuRyYXmDWuzKsB/W/LgVm5U6c37sx6xZD4H9ZqhnoJmpAKjexICdf+G2axA7HX43auEa0TJSgrIlAZnR97p9t7/WibYobGyWFehRLISe+uwg5IpfZg5N5osiT1etnLL0dQm3zRiV/MGv4m4fvPmY/u0DZMMoyedZA1KtMxifbaBmvv5GCJJA3G5RVq9l4Nk2gIf1LruNfzX39qm5KoL5fUDEl2zBg9QJkqWBaGOZz5WLYez9D082vd37d9yThC1T3L1Y1fF2gDtXgP7TtSs1O9M75bQo0lNhJ0CcQfSFebjbTFRuYCWRYxsk3hY+mlaT13MsCrruhW7buRO7Ug== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=VjpNkINyZyAw+Ocb5Ohq8zU+vpUdm3APUpg0cCkBwOo=; b=nToGGUcrYxj4uc5JaTMuXWlwsnhb2vFuB1n7M7H8YrVdt2hguh4HkO0SQyK936Evd204wXOnUpgWBIG9q8ZESlFHntc6JLh8gI6Gn/MPxA7bKM97eGwXKNejN0cUYdNqXnNkNo6ply7zZFgN0rb1ANhNbMcoa+VqtVmfJ9n6oN4= Received: from DS7PR03CA0140.namprd03.prod.outlook.com (2603:10b6:5:3b4::25) by SJ1PR12MB6362.namprd12.prod.outlook.com (2603:10b6:a03:454::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19; Mon, 20 Feb 2023 18:50:32 +0000 Received: from DM6NAM11FT037.eop-nam11.prod.protection.outlook.com (2603:10b6:5:3b4:cafe::a6) by DS7PR03CA0140.outlook.office365.com (2603:10b6:5:3b4::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19 via Frontend Transport; Mon, 20 Feb 2023 18:50:32 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT037.mail.protection.outlook.com (10.13.172.122) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.19 via Frontend Transport; Mon, 20 Feb 2023 18:50:32 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:50:31 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH RFC v8 28/56] crypto: ccp: Provide APIs to query extended attestation report Date: Mon, 20 Feb 2023 12:38:19 -0600 Message-ID: <20230220183847.59159-29-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT037:EE_|SJ1PR12MB6362:EE_ X-MS-Office365-Filtering-Correlation-Id: f23e4168-cfca-4023-1009-08db1373583e X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: oPlKutr988IhZ/sgWNcgrSwNoZX1IDwAm8zzME/FIAexsxr8JqaTEgFeUrul11rn/Q88NVgwUnnLJ9Sjt+2AxJOY3rM/J1OHVBx8PMlA/wCeA3bAld63buhMKj2FDeyakQenN6eHsX3MqWNZX6EjeQXGFdv1qyasrpVXKh6iVBuiHpnSaL3On3gf/36iuoC470bVSbdStAP5PR7pAJq56+YloOCanEElybqTuggYOL+yva5CbASXTRJ1fYg78chL02c3rPqG2+hsZE1izg8pfHxkmTWOCs2gDx5Te8LMYpbipRPLdvDKSGaFElzjNkguslBq8gL4KdzYNlW/kBKL5YA/Q9ECBDF5loA+xLSL2SApwGKFbeNVEM7oyxeOQoSmRODc4UzEpjK8ismJWoiEVrYVfvGI8QSy5jgWWvCe5N9z6zzi7Z8N5WQIBwE+E20Xm53j1jCgi2eLzEn4wgsSzsr6QPBn3FgXNlifKz9AAQuBEBThaE2Ul7B1v47R/xy45vKvOAjO2mMVULlp7prrB37NW7mEDl7/gs5qJ9AluRW60Ef5GWvdJLg+NQ021StUYn43gZjusP5KGE6Qffq1k47jrdDEHdKrxfNDL5Y++3Qv94e/LJKGXyHNQHguKm6RfokflEbrBPaXVpIRtYZl4xBMc4jWYe2o0tJAA+E2VkYxU1KE9ZLU/+GtvTAeNTSSwB5WlV6vzhX3FCwUpLRuj56Tu4YemQTS+lDgNtDsDLHMYMQxdKkDbHfKCf3ngSDPf8UbDWoKJU9xcJ+aPoYwcA== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(376002)(346002)(136003)(39860400002)(396003)(451199018)(36840700001)(46966006)(40470700004)(6916009)(83380400001)(36756003)(40460700003)(86362001)(36860700001)(8936002)(5660300002)(7416002)(7406005)(81166007)(426003)(356005)(47076005)(82740400003)(82310400005)(40480700001)(2906002)(478600001)(336012)(2616005)(70586007)(26005)(1076003)(4326008)(6666004)(44832011)(8676002)(54906003)(16526019)(316002)(70206006)(186003)(41300700001)(36900700001)(134885004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:50:32.4905 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f23e4168-cfca-4023-1009-08db1373583e X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT037.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ1PR12MB6362 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,SPF_HELO_PASS, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377602370931101?= X-GMAIL-MSGID: =?utf-8?q?1758377602370931101?= From: Brijesh Singh Version 2 of the GHCB specification defines VMGEXIT that is used to get the extended attestation report. The extended attestation report includes the certificate blobs provided through the SNP_SET_EXT_CONFIG. The snp_guest_ext_guest_request() will be used by the hypervisor to get the extended attestation report. See the GHCB specification for more details. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- drivers/crypto/ccp/sev-dev.c | 47 ++++++++++++++++++++++++++++++++++++ include/linux/psp-sev.h | 33 +++++++++++++++++++++++++ 2 files changed, 80 insertions(+) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index b56b00ca2cd4..e65563bc8298 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -2017,6 +2017,53 @@ int sev_guest_df_flush(int *error) } EXPORT_SYMBOL_GPL(sev_guest_df_flush); +int snp_guest_ext_guest_request(struct sev_data_snp_guest_request *data, + unsigned long vaddr, unsigned long *npages, unsigned long *fw_err) +{ + unsigned long expected_npages; + struct sev_device *sev; + int rc; + + if (!psp_master || !psp_master->sev_data) + return -ENODEV; + + sev = psp_master->sev_data; + + if (!sev->snp_initialized) + return -EINVAL; + + mutex_lock(&sev->snp_certs_lock); + /* + * Check if there is enough space to copy the certificate chain. Otherwise + * return ERROR code defined in the GHCB specification. + */ + expected_npages = sev->snp_certs_len >> PAGE_SHIFT; + if (*npages < expected_npages) { + *npages = expected_npages; + *fw_err = SNP_GUEST_REQ_INVALID_LEN; + mutex_unlock(&sev->snp_certs_lock); + return -EINVAL; + } + + rc = sev_do_cmd(SEV_CMD_SNP_GUEST_REQUEST, data, (int *)fw_err); + if (rc) { + mutex_unlock(&sev->snp_certs_lock); + return rc; + } + + /* Copy the certificate blob */ + if (sev->snp_certs_data) { + *npages = expected_npages; + memcpy((void *)vaddr, sev->snp_certs_data, *npages << PAGE_SHIFT); + } else { + *npages = 0; + } + + mutex_unlock(&sev->snp_certs_lock); + return rc; +} +EXPORT_SYMBOL_GPL(snp_guest_ext_guest_request); + static void sev_exit(struct kref *ref) { misc_deregister(&misc_dev->misc); diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index d19744807471..81bafc049eca 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -931,6 +931,32 @@ void snp_free_firmware_page(void *addr); */ void snp_mark_pages_offline(unsigned long pfn, unsigned int npages); +/** + * snp_guest_ext_guest_request - perform the SNP extended guest request command + * defined in the GHCB specification. + * + * @data: the input guest request structure + * @vaddr: address where the certificate blob need to be copied. + * @npages: number of pages for the certificate blob. + * If the specified page count is less than the certificate blob size, then the + * required page count is returned with error code defined in the GHCB spec. + * If the specified page count is more than the certificate blob size, then + * page count is updated to reflect the amount of valid data copied in the + * vaddr. + * + * @sev_ret: sev command return code + * + * Returns: + * 0 if the sev successfully processed the command + * -%ENODEV if the sev device is not available + * -%ENOTSUPP if the sev does not support SEV + * -%ETIMEDOUT if the sev command timed out + * -%EIO if the sev returned a non-zero return code + */ +int snp_guest_ext_guest_request(struct sev_data_snp_guest_request *data, + unsigned long vaddr, unsigned long *npages, + unsigned long *error); + #else /* !CONFIG_CRYPTO_DEV_SP_PSP */ static inline int @@ -968,6 +994,13 @@ static inline void *snp_alloc_firmware_page(gfp_t mask) static inline void snp_free_firmware_page(void *addr) { } +static inline int snp_guest_ext_guest_request(struct sev_data_snp_guest_request *data, + unsigned long vaddr, unsigned long *n, + unsigned long *error) +{ + return -ENODEV; +} + #endif /* CONFIG_CRYPTO_DEV_SP_PSP */ #endif /* __PSP_SEV_H__ */ From patchwork Mon Feb 20 18:38:20 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59609 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1462779wrn; Mon, 20 Feb 2023 10:58:38 -0800 (PST) X-Google-Smtp-Source: AK7set/GNEfcO7keE/z7hdKWJY4j6KML5H325F44WlPsxt2/XmTHAjhTq+iJ+xHh9dv/x8dvmzXg X-Received: by 2002:a05:6402:1299:b0:4ad:c0c6:980d with SMTP id w25-20020a056402129900b004adc0c6980dmr3383556edv.11.1676919518193; Mon, 20 Feb 2023 10:58:38 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919518; cv=pass; d=google.com; s=arc-20160816; b=MPV0iROIZdu2plz9qmNwh/+X6v//ZLtS1qct1kL4Jj8lqwWFHa2YEiXv+qhPolyttv yn27fW270wKweP9QUqbXsld0+Z9aSjQ+s7YwGonS5p6VNJxkM6YUqThCE+iXjRlOMh+E uWR0SjVQ3iw8yPVyCQ0d+1KUg3zj1pqZGeAfEoN0Mx82pGHoZ1V5wc1N+K+kpXSGofVC 3uOlDRdojJ1DPM8K9pegF+Sm23PJV4dMsveXMgJaVLkaapynhMy1fh5sN3xkKbDf8su/ vNdPFar5zNqaH5MFGHaBt+oe09J1TPG0IKNpQVSasIm+Z0VEqApRe7VpJR1GaGSoAtw4 PAXA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=ReVNTA1h+/h2+VtpWRFQO8/nEpuoqiSemE+EZgXTIyA=; b=js+HsGrF6fbdGzYgP1o2vo66NTtqr/hN5B2iSEINdHyAqmcR5GhvWa+BO/7KZGZnaZ v4dNyCM6iVxWTzIqK6jElQ2+sv4QKJt84Kh+66gQ/pe1HFf9soQBbxy8rTL6dw9wrr4u 5xql3AZA8ICe/i5CjNy3V0lRSfDbOB27jyEUGWRkyp5uYf5ykRwEeqHAzhrXv2cWcCa+ KJg6vkAXRnPQqlZoKlisvVf/CaTDtxBi1ktXi9EnmfC3xyT/d5tAVxkcMpKGVc1nGaPP TWkolNqDD9fOtXfQsgQhkiipqRc1cHKcocNfnofG2NxsOuCgO3Ft4/s9nQ/B2sloQFrZ 6n7A== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=e7cc+4Yd; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id e16-20020a50ec90000000b004ab4183a9b7si7456167edr.396.2023.02.20.10.58.14; Mon, 20 Feb 2023 10:58:38 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=e7cc+4Yd; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232378AbjBTSwo (ORCPT + 99 others); Mon, 20 Feb 2023 13:52:44 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35042 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231553AbjBTSwn (ORCPT ); Mon, 20 Feb 2023 13:52:43 -0500 Received: from NAM02-BN1-obe.outbound.protection.outlook.com (mail-bn1nam02on2060b.outbound.protection.outlook.com [IPv6:2a01:111:f400:7eb2::60b]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EA10C21968; Mon, 20 Feb 2023 10:52:11 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RZetvvUwuas7ePHwiQYkhtxOhh84l2WHWaaSFTUGyC72IXmpmA8dSGGLF5kKgixkUXoXFtRbqd155hRLMYSECv+cFxvJCrqweRFHzjU9EKoYaMzdwLB8di2wvpx5PLL+AlZBNxJpCvfPYO2YNuEgF5AzDj5y0gdKTGMc2oXhXuEcocwMqP69Kglj7cMKWqx5WqOPCh4t94lId/eLfU4SZbzYHgworMe+DQ6ms1J53I8alrk0BbxI2GaYGGy5Qqk+lhzA2lamCVIUra6TpCb5NvYNaSL4oV3OJvrlTYjd8eAnCIRqS+rHcLFenKFhtcPN8zN5FcRLckCNvLDAFJFi7w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ReVNTA1h+/h2+VtpWRFQO8/nEpuoqiSemE+EZgXTIyA=; b=RWaDtWjhkSnwuzB+D6Gt5E1bbNq8TxIeiTwEp2BYf4QzQDstzgotltIwFVRdjasvwtug7TZWA7ExWTA1F1DeP8poDucHwSSbn4YdL5TQYnKylk6ceGWprWsom0mb9LdTR9DGbNprINPQ+ad5a3hhHaSaQnoD/zCMub5nxPuVY3FLdKqsu4GMOUKBFuGOov/L/h4Hq3WNKpbizjNpbZAo9hcszpukSXXj1KGVu63hU0J2IIJIvqAe3GU+S5Hopt83+cfmkdA2t5R+ujkh+3OFUzdDuWbNIcrT2oL2YEEitUtrCgVvLyJ71JPlIajt9OGoLUx+Ac0BVbxQYJ8w0HpveA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ReVNTA1h+/h2+VtpWRFQO8/nEpuoqiSemE+EZgXTIyA=; b=e7cc+4Yd3VXgNoNWqGWfQUwN1CmdH1zkRhV7QCe1Wszt1QjlrrtE/SfrGXYxclhF/OjNiAIU9N8UxEsICWRuYvmj3+5ot0JaOHjhtoD0zL0CigIQdS1pSbeN6V0M/e3KhHsiRorq5EeKq8VrJMgLA0BItRE4NNCihu4xaXped24= Received: from DM6PR02CA0153.namprd02.prod.outlook.com (2603:10b6:5:332::20) by SN7PR12MB8129.namprd12.prod.outlook.com (2603:10b6:806:323::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20; Mon, 20 Feb 2023 18:50:53 +0000 Received: from DM6NAM11FT041.eop-nam11.prod.protection.outlook.com (2603:10b6:5:332:cafe::29) by DM6PR02CA0153.outlook.office365.com (2603:10b6:5:332::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19 via Frontend Transport; Mon, 20 Feb 2023 18:50:53 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT041.mail.protection.outlook.com (10.13.172.98) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.17 via Frontend Transport; Mon, 20 Feb 2023 18:50:53 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:50:52 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH RFC v8 29/56] KVM: SVM: Add support to handle AP reset MSR protocol Date: Mon, 20 Feb 2023 12:38:20 -0600 Message-ID: <20230220183847.59159-30-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT041:EE_|SN7PR12MB8129:EE_ X-MS-Office365-Filtering-Correlation-Id: 0d92763a-4afd-4cd0-86c0-08db137364b4 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: XOTaE+RcD5LtAz0I2XsBsGXZq4KjZREXZM68OfE18lLEVbeD25tdzPslAVxZAE7v5L9CADSLpmJSdY8zuI2Dh55EIx7zxO1Xf0fxMbo1lvsvp6xA6tw1O9D6eOooTLWSmwu7g1k8RWwArtGinGhPbU2PoW9GL6aA5D93DmzUKSuDEih/gS5Oczw38EKFzdLcetJNGs3DBf5gnU+8EgD5fqwd246WYSuXRIfEhMV/6jMhAQtZEUQD+WD99aW3wIzQ9EyZsIzRlsnLaVqy8B8dgvKrS/WTigbEv7CYrkIIhnTMyD9Wu+ctrtjuuDbyhEyDWUYrsPsE7uaCTqbM6D7MqljR/KWGbFygcfFyl2CFduoyXPHNtny6Y0+olU9uPs4oGBh3//MXMQBgo3wbzXatIphd45/SVEnq1Vo4q0bBDDitbw2eiQTPrClNsIcT/xTRgb4GNCmHKTFPhqpReT18bEWLyOKUfCl95f0Yy5Z6WPVoqqTeMWMardGLvww3VwK4kIOE0zTKeOgYgQPp7OQdq0aBuInbcnOOzoC8O2p2tEi+P0APKG2Zd8kgiUt8jdl2LXePyj6ytETCFfyY5+WpfvtPCqUDpvhjasp88VsyJXyHnr9uvVV1I5+qNtAB1R4bi2TgbNjua4lYK9myMhgBTvjrOwxqYbOBRvs66ijXc5GaDJNuA8JqZ14CwllR3vL7Ym+DjojIZ3mr/csQeVhfte7xv5I1symGR8KgoSkpk3g= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(346002)(376002)(136003)(39860400002)(396003)(451199018)(36840700001)(40470700004)(46966006)(36860700001)(40480700001)(356005)(82740400003)(81166007)(83380400001)(426003)(336012)(40460700003)(2616005)(86362001)(47076005)(316002)(54906003)(7406005)(4326008)(36756003)(8676002)(6916009)(5660300002)(82310400005)(8936002)(7416002)(478600001)(70586007)(41300700001)(44832011)(70206006)(26005)(16526019)(6666004)(2906002)(186003)(1076003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:50:53.3995 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 0d92763a-4afd-4cd0-86c0-08db137364b4 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT041.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB8129 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,SPF_HELO_PASS, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377560249166085?= X-GMAIL-MSGID: =?utf-8?q?1758377560249166085?= From: Tom Lendacky Add support for AP Reset Hold being invoked using the GHCB MSR protocol, available in version 2 of the GHCB specification. Signed-off-by: Tom Lendacky Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- arch/x86/include/asm/sev-common.h | 2 ++ arch/x86/kvm/svm/sev.c | 56 ++++++++++++++++++++++++++----- arch/x86/kvm/svm/svm.h | 1 + 3 files changed, 51 insertions(+), 8 deletions(-) diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index b8357d6ecd47..e15548d88f2a 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -56,6 +56,8 @@ /* AP Reset Hold */ #define GHCB_MSR_AP_RESET_HOLD_REQ 0x006 #define GHCB_MSR_AP_RESET_HOLD_RESP 0x007 +#define GHCB_MSR_AP_RESET_HOLD_RESULT_POS 12 +#define GHCB_MSR_AP_RESET_HOLD_RESULT_MASK GENMASK_ULL(51, 0) /* GHCB GPA Register */ #define GHCB_MSR_REG_GPA_REQ 0x012 diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index ad9b29ff4590..05eda0940e22 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -58,6 +58,10 @@ module_param_named(sev_es, sev_es_enabled, bool, 0444); #define sev_es_enabled false #endif /* CONFIG_KVM_AMD_SEV */ +#define AP_RESET_HOLD_NONE 0 +#define AP_RESET_HOLD_NAE_EVENT 1 +#define AP_RESET_HOLD_MSR_PROTO 2 + static u8 sev_enc_bit; static DECLARE_RWSEM(sev_deactivate_lock); static DEFINE_MUTEX(sev_bitmap_lock); @@ -2706,6 +2710,9 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) void sev_es_unmap_ghcb(struct vcpu_svm *svm) { + /* Clear any indication that the vCPU is in a type of AP Reset Hold */ + svm->sev_es.ap_reset_hold_type = AP_RESET_HOLD_NONE; + if (!svm->sev_es.ghcb) return; @@ -2918,6 +2925,22 @@ static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) GHCB_MSR_INFO_POS); break; } + case GHCB_MSR_AP_RESET_HOLD_REQ: + svm->sev_es.ap_reset_hold_type = AP_RESET_HOLD_MSR_PROTO; + ret = kvm_emulate_ap_reset_hold(&svm->vcpu); + + /* + * Preset the result to a non-SIPI return and then only set + * the result to non-zero when delivering a SIPI. + */ + set_ghcb_msr_bits(svm, 0, + GHCB_MSR_AP_RESET_HOLD_RESULT_MASK, + GHCB_MSR_AP_RESET_HOLD_RESULT_POS); + + set_ghcb_msr_bits(svm, GHCB_MSR_AP_RESET_HOLD_RESP, + GHCB_MSR_INFO_MASK, + GHCB_MSR_INFO_POS); + break; case GHCB_MSR_TERM_REQ: { u64 reason_set, reason_code; @@ -3017,6 +3040,7 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) ret = svm_invoke_exit_handler(vcpu, SVM_EXIT_IRET); break; case SVM_VMGEXIT_AP_HLT_LOOP: + svm->sev_es.ap_reset_hold_type = AP_RESET_HOLD_NAE_EVENT; ret = kvm_emulate_ap_reset_hold(vcpu); break; case SVM_VMGEXIT_AP_JUMP_TABLE: { @@ -3177,13 +3201,29 @@ void sev_vcpu_deliver_sipi_vector(struct kvm_vcpu *vcpu, u8 vector) return; } - /* - * Subsequent SIPI: Return from an AP Reset Hold VMGEXIT, where - * the guest will set the CS and RIP. Set SW_EXIT_INFO_2 to a - * non-zero value. - */ - if (!svm->sev_es.ghcb) - return; + /* Subsequent SIPI */ + switch (svm->sev_es.ap_reset_hold_type) { + case AP_RESET_HOLD_NAE_EVENT: + /* + * Return from an AP Reset Hold VMGEXIT, where the guest will + * set the CS and RIP. Set SW_EXIT_INFO_2 to a non-zero value. + */ + ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, 1); + break; + case AP_RESET_HOLD_MSR_PROTO: + /* + * Return from an AP Reset Hold VMGEXIT, where the guest will + * set the CS and RIP. Set GHCB data field to a non-zero value. + */ + set_ghcb_msr_bits(svm, 1, + GHCB_MSR_AP_RESET_HOLD_RESULT_MASK, + GHCB_MSR_AP_RESET_HOLD_RESULT_POS); - ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, 1); + set_ghcb_msr_bits(svm, GHCB_MSR_AP_RESET_HOLD_RESP, + GHCB_MSR_INFO_MASK, + GHCB_MSR_INFO_POS); + break; + default: + break; + } } diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 56e306a1f0c7..f4848e6aba28 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -191,6 +191,7 @@ struct vcpu_sev_es_state { struct ghcb *ghcb; struct kvm_host_map ghcb_map; bool received_first_sipi; + unsigned int ap_reset_hold_type; /* SEV-ES scratch area support */ void *ghcb_sa; From patchwork Mon Feb 20 18:38:21 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59610 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1462961wrn; Mon, 20 Feb 2023 10:59:07 -0800 (PST) X-Google-Smtp-Source: AK7set+nV+wBavekVnz9eYNrYL1NpXuBvVBLqtfxxyAP2neWMX/Lr8rWniO6uXKGL0gKkLLYaEZN X-Received: by 2002:a17:906:e285:b0:8b1:15ab:f4cd with SMTP id gg5-20020a170906e28500b008b115abf4cdmr10378868ejb.53.1676919547072; Mon, 20 Feb 2023 10:59:07 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919547; cv=pass; d=google.com; s=arc-20160816; b=Bxl2JbcGmqfFeDe7rpZijOI2M2d1JufPdAZ7FLRJY7mkZAeElN6a+E2LxN5sWlzuwU BHS3ohvVztq2SpN9yaHaGzGIw1FBbh8Wrr1/Wgk8RDNL63Dnh7v4LfOOJ7qlL9PY6pIL apTF6k4+xcZPmG454BU8Ta+kcPtr7qcdwmuUKv+pH2D5fzqQLewpXi9Qb5MyFoVVhuml p98SfhlIVi4FE+z3WLYL8Vc7iwcPOyM/V91p8kj8vko7xia2ylbiNUj+prfBoH11iSFn Be5J7EPJJguM0pe1PxGvTwVaXONiic/gj8NICPYpDYhnR2wghb2RqXd+7Be36fHr26RU ji5w== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=pK6F+pvFORzmpnS48WkfqKT9Msdt2eLtlnHN8hpVCdw=; b=TkpBnbxFR05l0OyrSivgqWz+n6PdjUAKNanunGvAMWszVHsHldMw0illkPTN0/IitU gwjCza/IT+wIJiyPo1ba1nXm+LG+5zS9LMmK6xxkb1UD27Q+7H/MFGeoKSVD+Y7r5LPl weUbo8+sO3s9tYvB2+3+eVX96X/dd71BwcfUH5c+LR1exAZSU5JoxuCs4qWiqHbpAgbu dPrdPfle303OM7x5Soi+94WMIRUad26xuf2KUDlEsQiK0UWy71+nW7wP9QQiBW75i43i vWlI+xxQ3723lF9klwyp3AyK1oAABxk+B5Z0aYKDclqu5lqCfXBUqRraJL14yMvzMVd9 gFGA== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=sRnSYHgc; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id 29-20020a170906209d00b008c56b6c594csi10263527ejq.881.2023.02.20.10.58.43; Mon, 20 Feb 2023 10:59:07 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=sRnSYHgc; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232770AbjBTSxH (ORCPT + 99 others); Mon, 20 Feb 2023 13:53:07 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35826 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232746AbjBTSxB (ORCPT ); Mon, 20 Feb 2023 13:53:01 -0500 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on20612.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe59::612]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BE42D1F5D5; Mon, 20 Feb 2023 10:52:26 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ZdHW4U+TYdBoR1NKRGdLaZEiN/0pMr2upaJJxo09Ffl9PgpmZnoIof9T8sL30VNozDrQiso/Gvmghj2glvTERsW4b/WDAFWE9A6E3LNan0gDlAvPTGGwi665iOGVoPuV5kz0XlfAS02rcl/MBpuvxXmI7o+hXWtMxU6AbZB5ai9r9PWtgOaDGKHMdVQ+QnJkEcbPg4SQCf5lOCSITPNALHuoxIuJwUPfNVl4y2czB4WJ70XpEBPAKO20AAD9jjcwEQL8XRw4Gj1Id8vmnaNCvyp129dLOi8qyg8II9AgTLrOpwQ9cp9QLZI8nCnTc2MhbxBk/N+cFnrm2RLhhmMiFA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=pK6F+pvFORzmpnS48WkfqKT9Msdt2eLtlnHN8hpVCdw=; b=JqN2ucfZTa+5uqcPuJKe4eAFCCF0jS5a8n2r6ZnwkLufjL+iBMWoSJGP8aH+dIir3sh5bQf+ExxQy7QcRVH4FEXTzMBDaGcoIhnb/8kQwkP4gmNxjva6/dMTAqhGZRkiHNg3q5xGzfim5If7LasViu8XrLQBkC8aoSsh0x05PDsQDhUS+JdvQdaM4YUf6nLopmxvpBfrKf4aOjnqANJmdHWTizj8ia9rZS9wLZroPoSzS3okNWCyvzG3gfz7ccUbpRFPMRoVHAifPyyZkb1LOjhMrPQ599XYFrk4nNMwjvxrx4KEtjk45Ny6pnUGNjfmhcG/MjiZUBCSXLswiTPyVg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pK6F+pvFORzmpnS48WkfqKT9Msdt2eLtlnHN8hpVCdw=; b=sRnSYHgcMD9peg+NPPUlZOxLJ8Rasutg0+ECBG10haIfLQxCMevj/VLYBgbdcOZ+5LRhrKDgc7AIhIth5co2QKW1tVuUKZaizaA1eqdASOhOIEqKg5PFHFmcC8tM/DuMEPLhEHdJJEODhA37PP3AZLC6IDnoITWp6iywi+0Tu+M= Received: from DS7PR05CA0048.namprd05.prod.outlook.com (2603:10b6:8:2f::19) by CY8PR12MB7683.namprd12.prod.outlook.com (2603:10b6:930:86::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19; Mon, 20 Feb 2023 18:51:14 +0000 Received: from DM6NAM11FT098.eop-nam11.prod.protection.outlook.com (2603:10b6:8:2f:cafe::e9) by DS7PR05CA0048.outlook.office365.com (2603:10b6:8:2f::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.16 via Frontend Transport; Mon, 20 Feb 2023 18:51:14 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT098.mail.protection.outlook.com (10.13.173.61) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.21 via Frontend Transport; Mon, 20 Feb 2023 18:51:14 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:51:13 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH RFC v8 30/56] KVM: SVM: Provide the Hypervisor Feature support VMGEXIT Date: Mon, 20 Feb 2023 12:38:21 -0600 Message-ID: <20230220183847.59159-31-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT098:EE_|CY8PR12MB7683:EE_ X-MS-Office365-Filtering-Correlation-Id: 27061840-6531-409e-7a37-08db1373713b X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: ihBvJMNj23d4gRAJHW+CDN2Q9f0LLMQFvjksOcwdXg8Ilb5ts2oe7CHAsINweQkyjfS72GgTltG91q8tsyyJI93lMvNDNsHYkLrVwnMoDKsajR1AxR0eXtuJ6ObRvsbmtXQHYJEKmdjEWJLdv7DWFzpItvBxP+U1hSmBo5uZBr7t4Jjs6KXnwOOguk5CwodrZkcnMsaQ9eTGA9fBQbTy9w3qvFuGYABYiuyvTp1XYFTRy8sdnUpcjvTrBH79tGaes16F1uwV1fIKVPmNABA6kc0TJhVepIM/VkFm2ZXor8ju3NnLFjgmaJVUGjFHUI/A9+/ISz9N1gT05PnytX+zP2fVoWE6BABJ9Bkyd4mMDZpNh77tPQNhnpxF514QvXLMqt1WIr+YAFfaI4O86VkJH0OsLpA+qDs6XzUkJm7UxWvg7AWmdeyBoFSNJekot5lUtWbpSocFznAwzNTCoVS8yVrN6kiY5rT3GKzUVO3rshPK8B5brYxD8sP7LiGdYpKxMJN7V+IoD1YxrhbYYZBffx+GAv1CfnXJyzQNeFIBP4P2Yifsssbtw9PPtuvImji6fklK7RIsBjNPC/BgZU9ntzItiyyUksRDEDK4gPikpj+FqKeL/uQY6mG1zneb3CEsTR8QkAQNd0a1F41JtVVUECF8WZA1riq7+Kp1bWGVsG04Jl8wiAhGKvPpR83khrpFfxxEYccozmooCkxwLk3LEBX/VQQvjJGuLTjc9RIirLk= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(346002)(39860400002)(376002)(396003)(136003)(451199018)(36840700001)(46966006)(40470700004)(82740400003)(44832011)(81166007)(36860700001)(5660300002)(7406005)(86362001)(82310400005)(2906002)(7416002)(356005)(40460700003)(36756003)(478600001)(336012)(47076005)(186003)(16526019)(26005)(40480700001)(426003)(70586007)(316002)(54906003)(83380400001)(70206006)(8676002)(1076003)(2616005)(6916009)(6666004)(41300700001)(4326008)(8936002)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:51:14.3697 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 27061840-6531-409e-7a37-08db1373713b X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT098.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY8PR12MB7683 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,SPF_HELO_PASS, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377591083562795?= X-GMAIL-MSGID: =?utf-8?q?1758377591083562795?= From: Brijesh Singh Version 2 of the GHCB specification introduced advertisement of features that are supported by the Hypervisor. Now that KVM supports version 2 of the GHCB specification, bump the maximum supported protocol version. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- arch/x86/include/asm/sev-common.h | 2 ++ arch/x86/kvm/svm/sev.c | 14 ++++++++++++++ arch/x86/kvm/svm/svm.h | 3 ++- 3 files changed, 18 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index e15548d88f2a..539de6b93420 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -101,6 +101,8 @@ enum psc_op { /* GHCB Hypervisor Feature Request/Response */ #define GHCB_MSR_HV_FT_REQ 0x080 #define GHCB_MSR_HV_FT_RESP 0x081 +#define GHCB_MSR_HV_FT_POS 12 +#define GHCB_MSR_HV_FT_MASK GENMASK_ULL(51, 0) #define GHCB_MSR_HV_FT_RESP_VAL(v) \ /* GHCBData[63:12] */ \ (((u64)(v) & GENMASK_ULL(63, 12)) >> 12) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 05eda0940e22..c1f0d4898ce3 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -2675,6 +2675,7 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) case SVM_VMGEXIT_AP_HLT_LOOP: case SVM_VMGEXIT_AP_JUMP_TABLE: case SVM_VMGEXIT_UNSUPPORTED_EVENT: + case SVM_VMGEXIT_HV_FEATURES: break; default: reason = GHCB_ERR_INVALID_EVENT; @@ -2941,6 +2942,13 @@ static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) GHCB_MSR_INFO_MASK, GHCB_MSR_INFO_POS); break; + case GHCB_MSR_HV_FT_REQ: { + set_ghcb_msr_bits(svm, GHCB_HV_FT_SUPPORTED, + GHCB_MSR_HV_FT_MASK, GHCB_MSR_HV_FT_POS); + set_ghcb_msr_bits(svm, GHCB_MSR_HV_FT_RESP, + GHCB_MSR_INFO_MASK, GHCB_MSR_INFO_POS); + break; + } case GHCB_MSR_TERM_REQ: { u64 reason_set, reason_code; @@ -3065,6 +3073,12 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) ret = 1; break; } + case SVM_VMGEXIT_HV_FEATURES: { + ghcb_set_sw_exit_info_2(ghcb, GHCB_HV_FT_SUPPORTED); + + ret = 1; + break; + } case SVM_VMGEXIT_UNSUPPORTED_EVENT: vcpu_unimpl(vcpu, "vmgexit: unsupported event - exit_info_1=%#llx, exit_info_2=%#llx\n", diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index f4848e6aba28..c249c360fe36 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -662,9 +662,10 @@ void avic_refresh_virtual_apic_mode(struct kvm_vcpu *vcpu); /* sev.c */ -#define GHCB_VERSION_MAX 1ULL +#define GHCB_VERSION_MAX 2ULL #define GHCB_VERSION_MIN 1ULL +#define GHCB_HV_FT_SUPPORTED 0 extern unsigned int max_sev_asid; From patchwork Mon Feb 20 18:38:22 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59613 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1463047wrn; Mon, 20 Feb 2023 10:59:18 -0800 (PST) X-Google-Smtp-Source: AK7set8ChmJgIZjsDx+ykhOCbL9WaZ6r1LOiIp6Do+/KQ56C27LPLMOx/mvcQHXVLjAKZzPNU5gV X-Received: by 2002:a05:6402:211:b0:4ae:821:871f with SMTP id t17-20020a056402021100b004ae0821871fmr1042985edv.3.1676919558159; Mon, 20 Feb 2023 10:59:18 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919558; cv=pass; d=google.com; s=arc-20160816; b=UO8LFjTjfzCmtneM3fAGbwIrJCsOcQKtSZ5p/ZkHRrJ8cFXION9KofoMy9O4Msr5Wr QpsWTn1oI3Bpr4BsvbSnsCwcGq2pQKAlXOxh0NDfDXq2nsRh4o1HjZCApPqJdKtHl33U D7yMapmpixnrr0DUwZYHVu7vb9WiQMOFTo8QDo1UX1C153/u1YKUpJLrATNaqTIVwYbn smiyJYNndBaBIhJbBeiu6wIHJW8bx4AVV2zjDkhdxRIJVzTBp0PSORquqXunCnH6RaUt Ne6jOXoj5ePh0lX+vun2nscRjUKSZZr28XY/Jz8Vg8KCXhugUIWc0tBAWy4wfgbCGqLH P5xQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=EiNmv50v1k6xWo6LXu4CGQp8xzQCx8kEUJHMu+8q+GY=; b=lGhMbnGu27HzrDaxm/ITBmjfT6vN8bWrPWC0s19T61dMGHFPaMJToTuJFfxoqIcTWf c1ZA8L1hCBGh4Thx/tTYm2pJ70EANqpD5OjzKZ44IYrKnQjpSBYTtU6BprWs2aNIVaYp XnvE1aqRHrI+l6m9xIeeeiJoK0X1zNp/pHI8tBX7B7T9onSja1+n1WLeTXw0FmtWDl+e /fmtl56ksBYTKr8N55ebrY6iMi31r0O93a9xh8/jV4Lbt5RIckXV4SyMbAnltyBaoS4H w5/ZUQ98AGNLncjCPLJvCXEVexHdw49DWvmeDLc21Vw5e2stCRCiRzWJWxJaqQkTUCBB 0mgw== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=4fRC1AjR; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id u10-20020aa7d0ca000000b004ab250bcee2si16288715edo.644.2023.02.20.10.58.55; Mon, 20 Feb 2023 10:59:18 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=4fRC1AjR; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232704AbjBTSxi (ORCPT + 99 others); Mon, 20 Feb 2023 13:53:38 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36710 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232750AbjBTSxd (ORCPT ); Mon, 20 Feb 2023 13:53:33 -0500 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2045.outbound.protection.outlook.com [40.107.223.45]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 16CC53592; Mon, 20 Feb 2023 10:53:00 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=c1677IsrNIci7studV3s+nL61csVqTyy9ziqqc9SRUon2IoL/Hbn7vPekWxVjZxCbUBu81/gkKNQheNULdDB48c8GN1yykARFGZCqSzih3nbQO6n+eL5SEWQ0dWTKc0BYLr9Uw4vxnqtSglWwB3GNBMO89cRk1zlbTGb1u8kztjuiMa8HF4uSHTdU09YK6PUnUAg7tcpnrqtoXL2YgARmoJktZr+2kPtnJl0LQsSnS7qtj6m3PjDbUoaTulv+3qQU/KEUhpa2Kv/XWRSROyrZzP9vuFYbRpeZSYElM86EXxmyMFX3l32fniPrerRfncyFC5CbPnNf/+6vbFDKJdOvQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=EiNmv50v1k6xWo6LXu4CGQp8xzQCx8kEUJHMu+8q+GY=; b=T30EAm2En7rbUiiYkb16Lcvv9MfE+PnchOtLvMgPYmP3jnw3JKvolZIfPsA+mw5jzRWp1MusY1mcFGDt10oKDnDieiYRPSUcazYVpp66cxOkEfTdNUXzsPzbCtDLSrQTU+IE0qJZo36NdINlaMGcI4CPYHezSt5whkiaD+Im2IWqmBsI0Eg9LWlBdOZAaWIMlMVIE81hFcTxDr4fhQ25CP14KhTDUr2jpGEF+gpouGoEOw0B79UYq6L0MREIA1tdhZp/BplYIw4Ato7QMLpJQyhs765RZyTKD6D2UM6lFzo3GlcnXtFMCXGlCZnVen4wdfdYEt+rD10fPAj/J08cbg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=EiNmv50v1k6xWo6LXu4CGQp8xzQCx8kEUJHMu+8q+GY=; b=4fRC1AjRVQ09W/vbXRBYP/LcQf6DbyYtyTW4QiU22p0h2vjDcelylI0PosrHo9+COK/z5Ba6yEmGcGS+MPeEnpOhildkEgLIQul5WgoAF/6M6vBIWqvM/Ftz6PxM2VIEeZ+8fzYkTFhUQh9/8fQZ0NYi6lBk4sIQgBnSb9kZfdY= Received: from DM6PR04CA0007.namprd04.prod.outlook.com (2603:10b6:5:334::12) by MW4PR12MB7286.namprd12.prod.outlook.com (2603:10b6:303:22f::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20; Mon, 20 Feb 2023 18:51:56 +0000 Received: from DM6NAM11FT061.eop-nam11.prod.protection.outlook.com (2603:10b6:5:334:cafe::23) by DM6PR04CA0007.outlook.office365.com (2603:10b6:5:334::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:51:56 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT061.mail.protection.outlook.com (10.13.173.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:51:56 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:51:55 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH RFC v8 31/56] KVM: SVM: Make AVIC backing, VMSA and VMCB memory allocation SNP safe Date: Mon, 20 Feb 2023 12:38:22 -0600 Message-ID: <20230220183847.59159-32-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT061:EE_|MW4PR12MB7286:EE_ X-MS-Office365-Filtering-Correlation-Id: 79800487-d9db-43d0-644a-08db13738a3b X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: W8lZTb0pqpbErP1JqdvrCRvUYEXBlWNkL8TQZsJJXMkI07Tw9mwwPGSGOOMS1gy8/KwJf4azFcuv1TkC1f5nnDJsKo+x1WtM+Pw0507vEd0WPtajldbukCs+3S7VZxZdq7vrXxJomOYpQWRp6cqmR/4AgONXsIyGKCUBGbOYtauohe287kFNaj7d7dMV7i0qJjAtXDu0WZNCOKgOnOMxExWVhZPfVaHVX05xStlLBXBCwRAwalWNQZgyLTQ8z5CcyWnafOOHzBf2dfnfVjcqWpNbNobqx1CxNdsth9oAq/roTxpk7mLG3Val+6zvHqsVwH0/y7Wr8o/D4dtfa+pU+Qt/v0j4reTu0Gb57MX3XX45es4iMnG1H3QWyzPvEg9tY5zmvr0t6P6A/Qtyq28VUxd08N109+mZu9hmK764vE6C1/jEIOqbwOGYh2shaxbojX/YC76N2U1UGpPBBSukA17FFB4upGrCOu2Va72x0uLtW2d34Zo6wRsMvO46bwVnrIwutgDVkPbrVzIBhVk3ntCSA5eA2HssT1O4Z2jHv0aHVEZyXjZgE+iZ529Q6BAeFu6rWiv2tGaeR/jBaozrjwHZKc2/HMynbLRiAGnlNvPZWgazYFM8HtiDI7FE2WiubX74Qu8HTTSzbYBqpizpVndmiYn9N8hc9Q9cbLJvRY/q5WQW+610RDo2bWLCJgnY+OAw3EnTguIhVExn6D/ibb7759vcPvgSpD4J7Rjnoaw= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(396003)(376002)(136003)(39860400002)(346002)(451199018)(46966006)(36840700001)(40470700004)(82740400003)(81166007)(36756003)(82310400005)(356005)(36860700001)(16526019)(40460700003)(40480700001)(6666004)(26005)(186003)(1076003)(4326008)(54906003)(478600001)(2616005)(70206006)(70586007)(336012)(2906002)(6916009)(8676002)(316002)(7406005)(8936002)(83380400001)(5660300002)(7416002)(44832011)(86362001)(426003)(41300700001)(47076005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:51:56.3590 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 79800487-d9db-43d0-644a-08db13738a3b X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT061.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW4PR12MB7286 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377602191325790?= X-GMAIL-MSGID: =?utf-8?q?1758377602191325790?= From: Brijesh Singh Implement a workaround for an SNP erratum where the CPU will incorrectly signal an RMP violation #PF if a hugepage (2mb or 1gb) collides with the RMP entry of a VMCB, VMSA or AVIC backing page. When SEV-SNP is globally enabled, the CPU marks the VMCB, VMSA, and AVIC backing pages as "in-use" in the RMP after a successful VMRUN. This is done for _all_ VMs, not just SNP-Active VMs. If the hypervisor accesses an in-use page through a writable translation, the CPU will throw an RMP violation #PF. On early SNP hardware, if an in-use page is 2mb aligned and software accesses any part of the associated 2mb region with a hupage, the CPU will incorrectly treat the entire 2mb region as in-use and signal a spurious RMP violation #PF. The recommended is to not use the hugepage for the VMCB, VMSA or AVIC backing page. Add a generic allocator that will ensure that the page returns is not hugepage (2mb or 1gb) and is safe to be used when SEV-SNP is enabled. Co-developed-by: Marc Orr Signed-off-by: Marc Orr Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- arch/x86/include/asm/kvm-x86-ops.h | 1 + arch/x86/include/asm/kvm_host.h | 2 ++ arch/x86/kvm/lapic.c | 5 ++++- arch/x86/kvm/svm/sev.c | 33 ++++++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.c | 15 ++++++++++++-- arch/x86/kvm/svm/svm.h | 1 + 6 files changed, 54 insertions(+), 3 deletions(-) diff --git a/arch/x86/include/asm/kvm-x86-ops.h b/arch/x86/include/asm/kvm-x86-ops.h index 6a885f024a00..e116405cbb5f 100644 --- a/arch/x86/include/asm/kvm-x86-ops.h +++ b/arch/x86/include/asm/kvm-x86-ops.h @@ -131,6 +131,7 @@ KVM_X86_OP(msr_filter_changed) KVM_X86_OP(complete_emulated_msr) KVM_X86_OP(vcpu_deliver_sipi_vector) KVM_X86_OP_OPTIONAL_RET0(vcpu_get_apicv_inhibit_reasons); +KVM_X86_OP_OPTIONAL(alloc_apic_backing_page) KVM_X86_OP_OPTIONAL_RET0(fault_is_private); KVM_X86_OP_OPTIONAL_RET0(update_mem_attr) KVM_X86_OP_OPTIONAL(invalidate_restricted_mem) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index 37c92412035f..a9363a6f779d 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1729,6 +1729,8 @@ struct kvm_x86_ops { * Returns vCPU specific APICv inhibit reasons */ unsigned long (*vcpu_get_apicv_inhibit_reasons)(struct kvm_vcpu *vcpu); + + void *(*alloc_apic_backing_page)(struct kvm_vcpu *vcpu); }; struct kvm_x86_nested_ops { diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c index 80f92cbc4029..72e46d5b4201 100644 --- a/arch/x86/kvm/lapic.c +++ b/arch/x86/kvm/lapic.c @@ -2740,7 +2740,10 @@ int kvm_create_lapic(struct kvm_vcpu *vcpu, int timer_advance_ns) vcpu->arch.apic = apic; - apic->regs = (void *)get_zeroed_page(GFP_KERNEL_ACCOUNT); + if (kvm_x86_ops.alloc_apic_backing_page) + apic->regs = static_call(kvm_x86_alloc_apic_backing_page)(vcpu); + else + apic->regs = (void *)get_zeroed_page(GFP_KERNEL_ACCOUNT); if (!apic->regs) { printk(KERN_ERR "malloc apic regs error for vcpu %x\n", vcpu->vcpu_id); diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index c1f0d4898ce3..9e9efb42a766 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3241,3 +3241,36 @@ void sev_vcpu_deliver_sipi_vector(struct kvm_vcpu *vcpu, u8 vector) break; } } + +struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu) +{ + unsigned long pfn; + struct page *p; + + if (!cpu_feature_enabled(X86_FEATURE_SEV_SNP)) + return alloc_page(GFP_KERNEL_ACCOUNT | __GFP_ZERO); + + /* + * Allocate an SNP safe page to workaround the SNP erratum where + * the CPU will incorrectly signal an RMP violation #PF if a + * hugepage (2mb or 1gb) collides with the RMP entry of VMCB, VMSA + * or AVIC backing page. The recommeded workaround is to not use the + * hugepage. + * + * Allocate one extra page, use a page which is not 2mb aligned + * and free the other. + */ + p = alloc_pages(GFP_KERNEL_ACCOUNT | __GFP_ZERO, 1); + if (!p) + return NULL; + + split_page(p, 1); + + pfn = page_to_pfn(p); + if (IS_ALIGNED(pfn, PTRS_PER_PMD)) + __free_page(p++); + else + __free_page(p + 1); + + return p; +} diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 213593dbd7a1..1061aaf66f0a 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -1372,7 +1372,7 @@ static int svm_vcpu_create(struct kvm_vcpu *vcpu) svm = to_svm(vcpu); err = -ENOMEM; - vmcb01_page = alloc_page(GFP_KERNEL_ACCOUNT | __GFP_ZERO); + vmcb01_page = snp_safe_alloc_page(vcpu); if (!vmcb01_page) goto out; @@ -1381,7 +1381,7 @@ static int svm_vcpu_create(struct kvm_vcpu *vcpu) * SEV-ES guests require a separate VMSA page used to contain * the encrypted register state of the guest. */ - vmsa_page = alloc_page(GFP_KERNEL_ACCOUNT | __GFP_ZERO); + vmsa_page = snp_safe_alloc_page(vcpu); if (!vmsa_page) goto error_free_vmcb_page; @@ -4696,6 +4696,16 @@ static int svm_vm_init(struct kvm *kvm) return 0; } +static void *svm_alloc_apic_backing_page(struct kvm_vcpu *vcpu) +{ + struct page *page = snp_safe_alloc_page(vcpu); + + if (!page) + return NULL; + + return page_address(page); +} + static struct kvm_x86_ops svm_x86_ops __initdata = { .name = KBUILD_MODNAME, @@ -4824,6 +4834,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata = { .vcpu_deliver_sipi_vector = svm_vcpu_deliver_sipi_vector, .vcpu_get_apicv_inhibit_reasons = avic_vcpu_get_apicv_inhibit_reasons, + .alloc_apic_backing_page = svm_alloc_apic_backing_page, }; /* diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index c249c360fe36..5efcf036ccad 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -692,6 +692,7 @@ void sev_es_vcpu_reset(struct vcpu_svm *svm); void sev_vcpu_deliver_sipi_vector(struct kvm_vcpu *vcpu, u8 vector); void sev_es_prepare_switch_to_guest(struct sev_es_save_area *hostsa); void sev_es_unmap_ghcb(struct vcpu_svm *svm); +struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu); /* vmenter.S */ From patchwork Mon Feb 20 18:38:23 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59616 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1463612wrn; Mon, 20 Feb 2023 11:00:33 -0800 (PST) X-Google-Smtp-Source: AK7set/ML0hBszHR9dRZPeSTGeYL8laJgjR1/kefVecqwWae0Rxoip5jmufb8HXgct1e8JwyH0Fe X-Received: by 2002:a17:906:2b14:b0:878:72f7:bd87 with SMTP id a20-20020a1709062b1400b0087872f7bd87mr7891154ejg.6.1676919633289; Mon, 20 Feb 2023 11:00:33 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919633; cv=pass; d=google.com; s=arc-20160816; b=CNC0GsirnFYfYljWYmIkcnc5zgIC2802tfxdRaYg+yxGijed8WQHe97zO9UJEnI7wI YEv5fuk952t7ozJBDO2rwtg2F+YSqvdoQH8Ucpt9iK8tIhjBj9mwwQDdx/kMrCxXbCrG /MLw0WVGF80Jt9YGQQU3JbvP8ApxJVEzwWPFkqrbXvgnQvrJtcYfL4xTzsM1wqt+n/W4 Zc9kaEddLWKzWM6pLEovyCAH72xZW0xPzHo6yPHVunfGV3SSc3TcpU1j5jiJvQQ7jgf+ jV7i1Nt/e6bdieA3il6HWM0QYiMyR/QmTvleLNPjPKGR+SUtQ2CJh7+9DK/JZo1dAmMJ c4Vw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=6itsZa5HGOy70yEThEpdgNmkx82wXLkHdNDZZ+J4+sA=; b=K3qgDoyWGM/7Kh6XJGQlDwuC73Ah44rLsmLq8y1DYBZ4TD2CIN+YGI+uWqMHisoHa3 uyqr7ODzXQLGkw6bNB6dUxaUgmAVGTxoqNnQx9mh6jfwHNIgLplDKJ+bT4bTweKG+BcE Yq+PqudJaIBcUVnlb3MGV/zX1dgno7yuHTlVDSA7RB7Ymc0zoZILJy8xr3PeGSuI8+Bq fm60LEkJg989EXhk6KxZi5ibf0rpJ8b9kdxilhZHBR5DmyXtgXVFmv04WmxThgct8Mqx 0HKgtxiSTDLVUycCb7GlFhhdydtndf1km65rxJxCXTQaGzbwdZbdqJt8d9ko9K3FmgW6 P2Sg== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=mKXvigIB; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id kb17-20020a170907925100b008cdb0cd5e80si5242979ejb.107.2023.02.20.11.00.10; Mon, 20 Feb 2023 11:00:33 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=mKXvigIB; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232824AbjBTSzW (ORCPT + 99 others); Mon, 20 Feb 2023 13:55:22 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39970 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232776AbjBTSzR (ORCPT ); Mon, 20 Feb 2023 13:55:17 -0500 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2076.outbound.protection.outlook.com [40.107.220.76]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4B4BA30DE; Mon, 20 Feb 2023 10:54:47 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fmxO8VWWUPNlTQgO8OjLwCHU1yqFpJp4FN2Q79RvaLhuCU2N/zc9o2EmI1pyD5U0c18kyjoGhsQM1NVCrdHTljzzdvMlwAKUiFXMcvKk5nQCe74EmU6p+wQiyOydg0PvBQnHqdAbvug/tu+v7CHhaJRMKOziBCdvVp5Ns9uAGGMGpcNjAOGjcnuDuELplxqroeXDurvoKbKJx0r+QQhPJanbHh9MynU9BEGRJtba3pCLBd1IgLyaACgmES1H1OodRwzSZ4fZ+JxetNr350fp/3NKaH8fIzwzU+qcEkF8oXJYq6Dw+tl3GbCnu7bkd0T5NbTzN9213A9ld2V4fq/LxQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=6itsZa5HGOy70yEThEpdgNmkx82wXLkHdNDZZ+J4+sA=; b=CgDqk24oFRfnCmZrZ7kAn8GumK6vUmlll2RzGP2RAhSK5ZpjY+k/DDg2wYy0WxwSQMvF1ftcoel1t5Da87Tp0yk1LeeouwM/OVlZ9S00pokERSg4qq0mxArUwJTrtzGnb8VtiNPAXaZQ195DAHBzYSUgXHSBWt6f/NxPLR4F7q91kodqp3G5LGuwmG494QlnGBkQtsWnV1zsnQpS3GJpMzq4U1WdVnShIGxSNdP5PanSHc9Hld4DQiHZo/R+wGMaqszZfZhpK1PSjK2dyg5VpG9GuKBXG4JWR9RxS10YQLJf2so5QehL5NWSctnC8sSTzwEemI8kbFJ/89n8XnoWIQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6itsZa5HGOy70yEThEpdgNmkx82wXLkHdNDZZ+J4+sA=; b=mKXvigIBcNfNnFLV0wGn2Bb8hl4I5dTcGTPKxAhgIGj7JurTTwi9NNC4H3zU6+1bayo/jkWSopdgm5WOZdYNvUQNNECtgeZM8lGW2ewoJPh5SDkDFwWyJobq7Fl7DRY9h0Isp4e8ANuBrtWkAKWmXrd9RhTM9fui3R3EN3Adeho= Received: from DM6PR11CA0012.namprd11.prod.outlook.com (2603:10b6:5:190::25) by PH7PR12MB6441.namprd12.prod.outlook.com (2603:10b6:510:1fb::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20; Mon, 20 Feb 2023 18:52:17 +0000 Received: from DM6NAM11FT052.eop-nam11.prod.protection.outlook.com (2603:10b6:5:190:cafe::7b) by DM6PR11CA0012.outlook.office365.com (2603:10b6:5:190::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:52:17 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT052.mail.protection.outlook.com (10.13.172.111) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:52:17 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:52:16 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH RFC v8 32/56] KVM: SVM: Add initial SEV-SNP support Date: Mon, 20 Feb 2023 12:38:23 -0600 Message-ID: <20230220183847.59159-33-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT052:EE_|PH7PR12MB6441:EE_ X-MS-Office365-Filtering-Correlation-Id: ce23ba12-6e27-4f47-ddcc-08db137396ac X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: GFirWRmKKyLS3Uwa3xtqJnfO+uhdtR2CLFWIFmcZjMvMvL3qtfRinCMhRbfYfHMIakWEoZz4h0AGnTda+D34oIPooOSd3JG975yl0zUlG01r0dus5ClBwBm/GxKdnd1tLhT/ofyJZo7jX/E8598zoOqLtQxk6oOm1rK2B6hZi7sPBpGzptxn+PQpdthbe8+yDvHzSHXuZWFKwxaf5Mot1+p4PAPsMbfm87wCWJc4KdKchyq1dBUPcMq0YLv67dHgGUCPSxaMXSZEMtR0hdSgVivdC5MZC2ES2Ben0UyqS20yLc8M0GkNltCVlJ86Q0gfy7SDEf4l2A40tsfdOxWoq1Q48E5K/L4iFg9+4pPLaQJ3nBoaolbSuVw4Osm8NbiYYnSCRLdUv1Y5+wuulbw2mX758duUptBqB49qyz+pDmMrhuqN0Z26bahbScVtCCFwNXqHMDz5iWIwhpE3quWSF7EbpqdD99b8b/aM/Yd+lbgophtIxIGX6SSzgYkHrmNkeuqBbglFGi+7baqW0icxn8uVh6QfJ+hIs/gGwis58EU6wxV+iEYhb+wznmwZ9beau5DTSELxKRrEg9Veuz9eyBKv6N8QKI6TOpCEb6+3JQCOfLDqR+tTU3DIQpHAjJK+tYGuqwnAzt+f1kfSoE2BupsOVbSklfm3PXns0iMemMzoJW5gSCol8qUaEgUaeQVLhRp3tWLNA5i+mVr/FRaS795xvQhwa8ciCMPObUNNTZ4= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(346002)(396003)(136003)(39860400002)(376002)(451199018)(40470700004)(46966006)(36840700001)(2906002)(44832011)(7406005)(7416002)(5660300002)(47076005)(83380400001)(426003)(36860700001)(8936002)(6666004)(36756003)(16526019)(2616005)(1076003)(186003)(70206006)(26005)(81166007)(40480700001)(356005)(40460700003)(86362001)(6916009)(82740400003)(41300700001)(70586007)(478600001)(8676002)(4326008)(316002)(336012)(54906003)(82310400005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:52:17.2197 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: ce23ba12-6e27-4f47-ddcc-08db137396ac X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT052.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB6441 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377681268870672?= X-GMAIL-MSGID: =?utf-8?q?1758377681268870672?= From: Brijesh Singh The next generation of SEV is called SEV-SNP (Secure Nested Paging). SEV-SNP builds upon existing SEV and SEV-ES functionality while adding new hardware based security protection. SEV-SNP adds strong memory encryption integrity protection to help prevent malicious hypervisor-based attacks such as data replay, memory re-mapping, and more, to create an isolated execution environment. The SNP feature is added incrementally, the later patches adds a new module parameters that can be used to enabled SEV-SNP in the KVM. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 10 +++++++++- arch/x86/kvm/svm/svm.h | 8 ++++++++ 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 9e9efb42a766..51db01b282eb 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -58,6 +58,9 @@ module_param_named(sev_es, sev_es_enabled, bool, 0444); #define sev_es_enabled false #endif /* CONFIG_KVM_AMD_SEV */ +/* enable/disable SEV-SNP support */ +static bool sev_snp_enabled; + #define AP_RESET_HOLD_NONE 0 #define AP_RESET_HOLD_NAE_EVENT 1 #define AP_RESET_HOLD_MSR_PROTO 2 @@ -2306,6 +2309,7 @@ void __init sev_hardware_setup(void) { #ifdef CONFIG_KVM_AMD_SEV unsigned int eax, ebx, ecx, edx, sev_asid_count, sev_es_asid_count; + bool sev_snp_supported = false; bool sev_es_supported = false; bool sev_supported = false; @@ -2385,12 +2389,16 @@ void __init sev_hardware_setup(void) if (misc_cg_set_capacity(MISC_CG_RES_SEV_ES, sev_es_asid_count)) goto out; - pr_info("SEV-ES supported: %u ASIDs\n", sev_es_asid_count); sev_es_supported = true; + sev_snp_supported = sev_snp_enabled && cpu_feature_enabled(X86_FEATURE_SEV_SNP); + + pr_info("SEV-ES %ssupported: %u ASIDs\n", + sev_snp_supported ? "and SEV-SNP " : "", sev_es_asid_count); out: sev_enabled = sev_supported; sev_es_enabled = sev_es_supported; + sev_snp_enabled = sev_snp_supported; #endif } diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 5efcf036ccad..8eb1b51e92f5 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -76,6 +76,7 @@ enum { struct kvm_sev_info { bool active; /* SEV enabled guest */ bool es_active; /* SEV-ES enabled guest */ + bool snp_active; /* SEV-SNP enabled guest */ unsigned int asid; /* ASID used for this guest */ unsigned int handle; /* SEV firmware handle */ int fd; /* SEV device fd */ @@ -323,6 +324,13 @@ static __always_inline bool sev_es_guest(struct kvm *kvm) #endif } +static inline bool sev_snp_guest(struct kvm *kvm) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + + return sev_es_guest(kvm) && sev->snp_active; +} + static inline void vmcb_mark_all_dirty(struct vmcb *vmcb) { vmcb->control.clean = 0; From patchwork Mon Feb 20 18:38:24 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59614 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1463263wrn; Mon, 20 Feb 2023 10:59:54 -0800 (PST) X-Google-Smtp-Source: AK7set/y81WI7+a2sa2Wz+MouhSS2yawqZLrdh80mEgl2MWCp331xoWr+xSYXgChVAkFwVt8Mjr4 X-Received: by 2002:a05:6402:203b:b0:4ad:7b13:96a2 with SMTP id ay27-20020a056402203b00b004ad7b1396a2mr2841471edb.26.1676919593365; Mon, 20 Feb 2023 10:59:53 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919593; cv=pass; d=google.com; s=arc-20160816; b=mGHCDQVtpuUTuafknFhHurjKnMg1Nfu9SunYvWpjsPs0tvkOMZAV5FUQoz8Gi0NaSY u2RODZTOYjdBJw5q6uZemilJOcCvU5WhLA/iVgBBHBoBKbVgCeMH1LUbw3ywbCXS75bU 242cZQBZQHrsbQY+OHbm3GQdO5+aLBVIv/DR5kcpFf9unwN8IeylrUuIQWukEVeAB0IL mNUSwoVhklq5WMtkb+Jmd24QEPig+k1rT/j80rnUEYIBlEFnEvRw+4UNSjxUpZovTM5A 9WHSp/zbTtJll67MXg1GrVFcu3yS29itRSv3FiBPKJ5YdC9flZFxDYI4uFUff+meQqVU 4dXA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=lzZtYSsYtaJMwvMB8+nYvnXncTA2MsPdhi/xqq416ss=; b=d2P2G2+BaVXq5VenLJ01yFC43sGkM1wjOfMW5CVtz+SO/OOe95qjxJaEfwDIMCZbjx 9DlG5mD1H8f7roZvETGj4Rv/rLOCMRbwSkYccgem06jE1HdN08J9UzFYpbKqFrNzb/3B 7d2ve+tXnd5Z62LL+bD5LrQTxyp7vN4Z+ebOSABg7+BRWzXEL0XyjJTwcOgi83CT15cK MxgRt+UGg0Smv829szzBtfcS+l0fTgkUHPM6AAvoknqvhckB1sroFnQPUNzIySlznokO MCvjKT/dst7h/clgQJaeyUi6/V+48cxysHji0Hl0Su03XV9Q24Lh/eIL+zwm6iPCQTEQ M6Eg== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=BvDayb++; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id z6-20020aa7cf86000000b004ad0affbc61si15848394edx.135.2023.02.20.10.59.30; Mon, 20 Feb 2023 10:59:53 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=BvDayb++; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232629AbjBTSyT (ORCPT + 99 others); Mon, 20 Feb 2023 13:54:19 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38232 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230215AbjBTSyR (ORCPT ); Mon, 20 Feb 2023 13:54:17 -0500 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on20604.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe5b::604]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C1FB41D90B; Mon, 20 Feb 2023 10:53:51 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=aQ7BxpfBSKFJ+jskdVYkUFChbpmyB4dkd2ToJHlZ0FhigJwx2n+izYoU1ius1Zx/lnTW8eazA8k2cFV3tTP8MoGengY9qzRj3UDhhjzRUJefcjfb3nMtH7jkhd2WdmIOHNFQJxjygydycPr3ad7n9XXIC8j/kazVj/lJEDeEg4ysn7uhon/xm065ojxJJGRbnevs2gnH6aFJ+k9VdYlBnDnEu7rNbsUsl3HENfcJWSD/t1Aha7HXNbR4OLVh2lQJn6eMI4PG1wP2TYMFDVJhTB0avCdngvOZSindC2EG2DisiqKXXzHQ/KiWv/67bXnrGTuAiudd4DEN0Go5Kok+Ow== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=lzZtYSsYtaJMwvMB8+nYvnXncTA2MsPdhi/xqq416ss=; b=PmOuJDHwccDnftVUF2gG9bAVjZbDJtV4/O0Qm6wYdRIoxxbJNYi7/WW8rHx+HVeT0Y7aKziKNIvLOY4ZTMeEBYqTtBZcszV4s7DPVE4qko+J98+PkB2DJ9ZKW3eM8F97EPGNX1tfacS63aA2A1ThazcXqFnrZQSYAb2kVwbShuVpUYaiUsqlNHfauIbIsJk2MpL/t3pdErZoE2I/UN13FbvwIrHn4iXe6v57ONTVxbAFbczRXJg2Y9DL93WA/G7VanBx3h3ps++2pIg3mdwACzrsjeJM7NCmz58oeAChFOE6eQiteUhX4m0vz3fGSmpCFZuMlE5X+88wf7pZ5Pp1Og== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=lzZtYSsYtaJMwvMB8+nYvnXncTA2MsPdhi/xqq416ss=; b=BvDayb++Yyi1QP5M0y4E3Xnshfvq1yk6E6X6GoLQi2QHvIocRsjyOe7ujovmCQqfC/XiFaEqTipLpNtwDua3Xe7gSePS3I2S7TYInK18V9oXvjT2FHyKMDe8oYdZAcYFacE+fp9QaHz0nu4jvgqajF5yJfOHo2NIuSr3vOvhhrk= Received: from DS7PR03CA0299.namprd03.prod.outlook.com (2603:10b6:5:3ad::34) by SN7PR12MB6790.namprd12.prod.outlook.com (2603:10b6:806:269::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19; Mon, 20 Feb 2023 18:52:38 +0000 Received: from DM6NAM11FT102.eop-nam11.prod.protection.outlook.com (2603:10b6:5:3ad:cafe::97) by DS7PR03CA0299.outlook.office365.com (2603:10b6:5:3ad::34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19 via Frontend Transport; Mon, 20 Feb 2023 18:52:38 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT102.mail.protection.outlook.com (10.13.173.172) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.21 via Frontend Transport; Mon, 20 Feb 2023 18:52:38 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:52:37 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh , "Pavan Kumar Paluri" Subject: [PATCH RFC v8 33/56] KVM: SVM: Add KVM_SNP_INIT command Date: Mon, 20 Feb 2023 12:38:24 -0600 Message-ID: <20230220183847.59159-34-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT102:EE_|SN7PR12MB6790:EE_ X-MS-Office365-Filtering-Correlation-Id: a03bb785-94b5-4cd6-ddf6-08db1373a330 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: FQIHKNEX5pmo00zCrEUktzboyf+dX77Y2yI09CUgwGkOo9FN7YfTuUq6OTusI1IFsY5LXg6UNbixiOdLhX/qHgbhix88lV93pF5NJqz7uahHQHcxhjzooj4FbUoN9jNjiaxGHLmECbUhFFSoKuOQPgpuFRABiqZu7vBOxd5nAu9jKdE3JjJ9AxIIm45CSWHo1ow9FkAngi4+UrTeaMZUUGfr39KkuASjsAaLdW1z7WXSMA1ZLedGYsfAbtCzg9o50BWtQYfndKPGI/AIzLRIjbGYhyj+qP/HZIm/r1uZ5YUJBjzAVI+HbESaGOt0rsZJJkLkRnk17rZbUNUyYrgkCPmkq/TWFsPak8C882ovyLul+iMfw2hLzRROlA/2jP28zyOz/TLwEN9tNwnIVCl/p4vKKG239F94gxplmuh3mSW0Th5fiQ9iv+S/sAyBEwSNmzHPoGxE2jsNpMoQTKeDwVdcaGYC8VX4/yg1qtjNiCbzUgaj7YEcLzNBGrGa6AxkLr2ekN0I8lykAkcojr/ear1HA9e52gUbeXmrTjq8kSF0q6sGqC3XRrgD6o5h+4F1NYFmfuD/3f05X3jFJn2afukQbUxDM6c1FlPkRU8Xg5Dfjh6HeSClGvt/u38X7v9QNIVIpVEbl+tStvSN8oPDHD14Yf5Spc+5iQMHI9s0TUylIBngrzT7niJnQ0YGNJuG7Kg+2whzFmlgpL5GIEAssgUACyOjzvGf5fkjVkJd9K0= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(346002)(39860400002)(376002)(136003)(396003)(451199018)(46966006)(36840700001)(40470700004)(47076005)(40460700003)(478600001)(426003)(54906003)(336012)(81166007)(82310400005)(82740400003)(86362001)(44832011)(2906002)(36860700001)(356005)(316002)(41300700001)(5660300002)(7416002)(7406005)(83380400001)(70586007)(40480700001)(8676002)(6916009)(4326008)(70206006)(8936002)(36756003)(2616005)(186003)(16526019)(1076003)(6666004)(26005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:52:38.2331 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: a03bb785-94b5-4cd6-ddf6-08db1373a330 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT102.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB6790 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,SPF_HELO_PASS, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377639474449075?= X-GMAIL-MSGID: =?utf-8?q?1758377639474449075?= From: Brijesh Singh The KVM_SNP_INIT command is used by the hypervisor to initialize the SEV-SNP platform context. In a typical workflow, this command should be the first command issued. When creating SEV-SNP guest, the VMM must use this command instead of the KVM_SEV_INIT or KVM_SEV_ES_INIT. The flags value must be zero, it will be extended in future SNP support to communicate the optional features (such as restricted INT injection etc). Co-developed-by: Pavan Kumar Paluri Signed-off-by: Pavan Kumar Paluri Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- .../virt/kvm/x86/amd-memory-encryption.rst | 27 ++++++++++++ arch/x86/include/asm/svm.h | 1 + arch/x86/kvm/svm/sev.c | 44 ++++++++++++++++++- arch/x86/kvm/svm/svm.h | 4 ++ include/uapi/linux/kvm.h | 13 ++++++ 5 files changed, 87 insertions(+), 2 deletions(-) diff --git a/Documentation/virt/kvm/x86/amd-memory-encryption.rst b/Documentation/virt/kvm/x86/amd-memory-encryption.rst index 935aaeb97fe6..2432213bd0ea 100644 --- a/Documentation/virt/kvm/x86/amd-memory-encryption.rst +++ b/Documentation/virt/kvm/x86/amd-memory-encryption.rst @@ -434,6 +434,33 @@ issued by the hypervisor to make the guest ready for execution. Returns: 0 on success, -negative on error +18. KVM_SNP_INIT +---------------- + +The KVM_SNP_INIT command can be used by the hypervisor to initialize SEV-SNP +context. In a typical workflow, this command should be the first command issued. + +Parameters (in/out): struct kvm_snp_init + +Returns: 0 on success, -negative on error + +:: + + struct kvm_snp_init { + __u64 flags; + }; + +The flags bitmap is defined as:: + + /* enable the restricted injection */ + #define KVM_SEV_SNP_RESTRICTED_INJET (1<<0) + + /* enable the restricted injection timer */ + #define KVM_SEV_SNP_RESTRICTED_TIMER_INJET (1<<1) + +If the specified flags is not supported then return -EOPNOTSUPP, and the supported +flags are returned. + References ========== diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h index cb1ee53ad3b1..c18d78d5e505 100644 --- a/arch/x86/include/asm/svm.h +++ b/arch/x86/include/asm/svm.h @@ -278,6 +278,7 @@ enum avic_ipi_failure_cause { #define AVIC_HPA_MASK ~((0xFFFULL << 52) | 0xFFF) #define VMCB_AVIC_APIC_BAR_MASK 0xFFFFFFFFFF000ULL +#define SVM_SEV_FEAT_SNP_ACTIVE BIT(0) struct vmcb_seg { u16 selector; diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 51db01b282eb..a8efe1f6bf77 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -243,6 +243,25 @@ static void sev_unbind_asid(struct kvm *kvm, unsigned int handle) sev_decommission(handle); } +static int verify_snp_init_flags(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_snp_init params; + int ret = 0; + + if (copy_from_user(¶ms, (void __user *)(uintptr_t)argp->data, sizeof(params))) + return -EFAULT; + + if (params.flags & ~SEV_SNP_SUPPORTED_FLAGS) + ret = -EOPNOTSUPP; + + params.flags = SEV_SNP_SUPPORTED_FLAGS; + + if (copy_to_user((void __user *)(uintptr_t)argp->data, ¶ms, sizeof(params))) + ret = -EFAULT; + + return ret; +} + static int sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp) { struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; @@ -256,13 +275,23 @@ static int sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp) return ret; sev->active = true; - sev->es_active = argp->id == KVM_SEV_ES_INIT; + sev->es_active = (argp->id == KVM_SEV_ES_INIT || argp->id == KVM_SEV_SNP_INIT); + sev->snp_active = argp->id == KVM_SEV_SNP_INIT; asid = sev_asid_new(sev); if (asid < 0) goto e_no_asid; sev->asid = asid; - ret = sev_platform_init(&argp->error); + if (sev->snp_active) { + ret = verify_snp_init_flags(kvm, argp); + if (ret) + goto e_free; + + ret = sev_snp_init(&argp->error, false); + } else { + ret = sev_platform_init(&argp->error); + } + if (ret) goto e_free; @@ -277,6 +306,7 @@ static int sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp) sev_asid_free(sev); sev->asid = 0; e_no_asid: + sev->snp_active = false; sev->es_active = false; sev->active = false; return ret; @@ -749,6 +779,10 @@ static int sev_es_sync_vmsa(struct vcpu_svm *svm) save->xss = svm->vcpu.arch.ia32_xss; save->dr6 = svm->vcpu.arch.dr6; + /* Enable the SEV-SNP feature */ + if (sev_snp_guest(svm->vcpu.kvm)) + save->sev_features |= SVM_SEV_FEAT_SNP_ACTIVE; + pr_debug("Virtual Machine Save Area (VMSA):\n"); print_hex_dump_debug("", DUMP_PREFIX_NONE, 16, 1, save, sizeof(*save), false); @@ -2001,6 +2035,12 @@ int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) } switch (sev_cmd.id) { + case KVM_SEV_SNP_INIT: + if (!sev_snp_enabled) { + r = -ENOTTY; + goto out; + } + fallthrough; case KVM_SEV_ES_INIT: if (!sev_es_enabled) { r = -ENOTTY; diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 8eb1b51e92f5..56a5c96d8a36 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -73,6 +73,9 @@ enum { /* TPR and CR2 are always written before VMRUN */ #define VMCB_ALWAYS_DIRTY_MASK ((1U << VMCB_INTR) | (1U << VMCB_CR2)) +/* Supported init feature flags */ +#define SEV_SNP_SUPPORTED_FLAGS 0x0 + struct kvm_sev_info { bool active; /* SEV enabled guest */ bool es_active; /* SEV-ES enabled guest */ @@ -88,6 +91,7 @@ struct kvm_sev_info { struct list_head mirror_entry; /* Use as a list entry of mirrors */ struct misc_cg *misc_cg; /* For misc cgroup accounting */ atomic_t migration_in_progress; + u64 snp_init_flags; }; struct kvm_svm { diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 2fba29125ec2..499cc323f793 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -1917,6 +1917,9 @@ enum sev_cmd_id { /* Guest Migration Extension */ KVM_SEV_SEND_CANCEL, + /* SNP specific commands */ + KVM_SEV_SNP_INIT, + KVM_SEV_NR_MAX, }; @@ -2013,6 +2016,16 @@ struct kvm_sev_receive_update_data { __u32 trans_len; }; +/* enable the restricted injection */ +#define KVM_SEV_SNP_RESTRICTED_INJET (1 << 0) + +/* enable the restricted injection timer */ +#define KVM_SEV_SNP_RESTRICTED_TIMER_INJET (1 << 1) + +struct kvm_snp_init { + __u64 flags; +}; + #define KVM_DEV_ASSIGN_ENABLE_IOMMU (1 << 0) #define KVM_DEV_ASSIGN_PCI_2_3 (1 << 1) #define KVM_DEV_ASSIGN_MASK_INTX (1 << 2) From patchwork Mon Feb 20 18:38:25 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59615 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1463285wrn; Mon, 20 Feb 2023 10:59:57 -0800 (PST) X-Google-Smtp-Source: AK7set/tqShmqSps3zA6cSH382SrfLAaDXSxvTIqD+snN8kjb+FDJrYzWnxo3VrRl8Bwnh97BD9r X-Received: by 2002:a05:6402:b11:b0:4ac:beba:dc89 with SMTP id bm17-20020a0564020b1100b004acbebadc89mr3708740edb.38.1676919597570; Mon, 20 Feb 2023 10:59:57 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919597; cv=pass; d=google.com; s=arc-20160816; b=DUO/6zcge/vpPcj/JU4Q6pcBr9Yd6k+xFbcPCXXUoeSeBen8M+VB8GzeCoLNPKJWv5 Lum3Jc7M1mxlazLtIFFWapUUynGaF09lR2DOYTRtAyAx3mONtUsV2kPoIRjXc4C8ABAW 6rnkk0kq4DLgAVAJ9YDOuJM/afGzCaR1tiu1CuHo4fQUcraF5qUkh+WrpTNie070n/pB YiZr5GGh5or9BQM9SM4s7bX0gRtnVEWQCiCbzRFLjMjXshqIv1KLKfnhcN7Z0xOmRuPH OZQ0fh1RV3nkZZ9dLsSf7psp/4hVKEXcrXjOGDp2BPoequRFC3CYBt8GUG50QRaVe7UO zGtg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=FB2N6JkgN/Cjkvv6VZ4HEN31LDCqlLOev6/9qU2o1SI=; b=ircPimQsxC093otD3afP3ZCvCC3c+C1bg9y+5J1u0DRb+EELoYZ09harG6c6eaiTLV vwHlIYr9gvRNecamybEtgTTak5x7T/WACwigiWtd94i0H50kKyjyedoOBZcUQ7OoN2tP DwMK6/Gu3jMcmeb3AImwxG4E2goMphLVfoRGwyZdnyUA+c+dQM+9GWIYk4LYTYS5FhPa IVYU6Dldvh0LsApDIUlp5wT8jyQLS/41uu2xwYF7YLDYwb472554C12uMdToZP0vowt7 XMhNQCKyd69qhq92Tj5C7x0Fp3IbkP+A6VkrUm8n2HaTFEXgLoT5PDhb/deQ8r1UOkUa pMnw== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b="zY/3TP1P"; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id q16-20020a056402033000b004ab41ef87c3si5610016edw.442.2023.02.20.10.59.33; Mon, 20 Feb 2023 10:59:57 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b="zY/3TP1P"; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232769AbjBTSzI (ORCPT + 99 others); Mon, 20 Feb 2023 13:55:08 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39110 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232777AbjBTSyr (ORCPT ); Mon, 20 Feb 2023 13:54:47 -0500 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2060d.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e89::60d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0D76FA5E9; Mon, 20 Feb 2023 10:54:19 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Bn0I8tRk74veKXoi+NS7P+CkSafrwCA2XaRi11ywb+SnDNqix4eGk4F2ywZm6gtME4/FnvBThtn+lp7eOjXhgbhZCKhstynzu0Ycgg6aqLNGlYgd/wPx3rVdv6UD+2LXj3KGaunsL9n3Q6i3o5pYWMj385PPJ8on1hYl6dbmYPyQPZX/nhwuqoJjRkj37fzBEcVXPAWZsk0P33+XzyHQsFBXXwHdOFHV+gZ6tEzOZRMT2H62zfpDEilGiCCPya8uOlMWSXv/N1+rr+3tRkFZwArIVpmCGnXjDDn3V20fM218XzGMgx6tT70+1LZ1qrqFWmX5dKBi+pivDB0ywnZsRA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=FB2N6JkgN/Cjkvv6VZ4HEN31LDCqlLOev6/9qU2o1SI=; b=bWXUgKZRDbxjKngBSfRT4scBV0OnIPLu2tGSjiMHG5HYD6ONnvEXAgsBFXkwktVHiL6S1Iy61svQVpI7BpqD0MHmnthuOynHfnmkDu+P8zFa+Tfdb+SDlNQmrQXOcPKcMe2WRg6OeOmau9AmpHCmFx3E6TsnW5NF419glNeXF6RH7BcLtzP4qphR9IC5Dax89XcSyhkALU6H39ipEcvxUthz0mToGmJ5NJzmz35+68KGL1rqUrxe7HweSwqsv3j78YaoSYQcvmbxCK3Mc/W5OJlGGxeso1UfNzSj4L4OZWOPQDHYH9yX4t4u7E6CE/y8JcLPQo/inVeTXblaTS0PWA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=FB2N6JkgN/Cjkvv6VZ4HEN31LDCqlLOev6/9qU2o1SI=; b=zY/3TP1PUkR8zHnjqGaKe3E3sE8nj8Cm9Mmc5LASblRG4RDEtxPUFfAhS9z5an3P7F36lM5jZpgdFbfscQXNVqYomIa/TGaH3kXcmjVwFlNpvTdVGHt+9pOKYjt+xgH599RnZ4vQ1HwoqCfgLZXr8yvXVCOsm/aCO4h8HnTvLvA= Received: from DM6PR21CA0024.namprd21.prod.outlook.com (2603:10b6:5:174::34) by DS0PR12MB6557.namprd12.prod.outlook.com (2603:10b6:8:d3::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19; Mon, 20 Feb 2023 18:52:59 +0000 Received: from DM6NAM11FT027.eop-nam11.prod.protection.outlook.com (2603:10b6:5:174:cafe::72) by DM6PR21CA0024.outlook.office365.com (2603:10b6:5:174::34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.6 via Frontend Transport; Mon, 20 Feb 2023 18:52:59 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT027.mail.protection.outlook.com (10.13.172.205) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.21 via Frontend Transport; Mon, 20 Feb 2023 18:52:59 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:52:58 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH RFC v8 34/56] KVM: SVM: Add KVM_SEV_SNP_LAUNCH_START command Date: Mon, 20 Feb 2023 12:38:25 -0600 Message-ID: <20230220183847.59159-35-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT027:EE_|DS0PR12MB6557:EE_ X-MS-Office365-Filtering-Correlation-Id: b1cec592-d609-42e5-1671-08db1373afc0 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: ntnxtuGE2g1MvPHDtIVgh2XrCH4n4HCQS8ioegSPzAf3+gVG3OTAW1foIsXXcAA+4mRVrQZGQ3tDIY3v1nhaDuaKn9I2Lj5Bez5iBKgV4ad0nrYKXz/RMVdwRdFeEpRMD9P1TdP1T3bD1uhVnwHnGWpC505Am/6AkAcsgp1utPaLwskoXNks2HAdSvqaCyYpABoWT9ytOztASNaZI10efnik2Zvm6wJbo2HomysJkCN6PexNprGbfkNWDUh2geUuKDFZ9u+iWp2ejNt9N9tp9yenjMq4dEK9aDMKhtx1AM80ZkriL7DINghcI7kJvai/pbbfCGGCQbBqTAhg1BYmBwrgClGJQUn0n/orD/PzYqYMre//x3YO2p0INvFim9CKNu4RRJ/3d6EHc0vfZUYCceJqKSL7Fb0orLeBaezmXnjgAQSjUUHa4ZAEJIe8LtkGad8ffn9wG7Uj7+hnARn24udXZJeRrrPgBjeus3a3Tr7m/ry3Z5h3vC9tTlPYM7dUitfdH5BnJ+hnPbdjdmGTrIf9lUJJnM+207sAI0cwrX1hF+UChxSLtPoyMpjljRZWcR4tzXNLRPdR1RAyqlCdgqXNJBvJfZfswCzmpI6yqx3EDerN/pWpoHKXCuchUnpiblkwPuC3xnF+XnwO5ovZCGzJbKjV/tALySFAqGkGtarh1SGFKFreOq0JUHD2dqURhJwcWx4c+XHl4h49LZrzEcobplfZvXdykQ9h10g6Zu8= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(136003)(396003)(346002)(376002)(39860400002)(451199018)(36840700001)(46966006)(40470700004)(1076003)(41300700001)(4326008)(40480700001)(6916009)(8676002)(70586007)(70206006)(8936002)(5660300002)(7406005)(7416002)(83380400001)(2616005)(26005)(186003)(16526019)(6666004)(36756003)(54906003)(336012)(478600001)(47076005)(40460700003)(426003)(356005)(316002)(44832011)(86362001)(82740400003)(81166007)(82310400005)(36860700001)(2906002)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:52:59.2887 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: b1cec592-d609-42e5-1671-08db1373afc0 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT027.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB6557 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,SPF_HELO_PASS, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377643623990655?= X-GMAIL-MSGID: =?utf-8?q?1758377643623990655?= From: Brijesh Singh KVM_SEV_SNP_LAUNCH_START begins the launch process for an SEV-SNP guest. The command initializes a cryptographic digest context used to construct the measurement of the guest. If the guest is expected to be migrated, the command also binds a migration agent (MA) to the guest. For more information see the SEV-SNP specification. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- .../virt/kvm/x86/amd-memory-encryption.rst | 24 ++++ arch/x86/kvm/svm/sev.c | 121 +++++++++++++++++- arch/x86/kvm/svm/svm.h | 1 + include/uapi/linux/kvm.h | 10 ++ 4 files changed, 153 insertions(+), 3 deletions(-) diff --git a/Documentation/virt/kvm/x86/amd-memory-encryption.rst b/Documentation/virt/kvm/x86/amd-memory-encryption.rst index 2432213bd0ea..58971fc02a15 100644 --- a/Documentation/virt/kvm/x86/amd-memory-encryption.rst +++ b/Documentation/virt/kvm/x86/amd-memory-encryption.rst @@ -461,6 +461,30 @@ The flags bitmap is defined as:: If the specified flags is not supported then return -EOPNOTSUPP, and the supported flags are returned. +19. KVM_SNP_LAUNCH_START +------------------------ + +The KVM_SNP_LAUNCH_START command is used for creating the memory encryption +context for the SEV-SNP guest. To create the encryption context, user must +provide a guest policy, migration agent (if any) and guest OS visible +workarounds value as defined SEV-SNP specification. + +Parameters (in): struct kvm_snp_launch_start + +Returns: 0 on success, -negative on error + +:: + + struct kvm_sev_snp_launch_start { + __u64 policy; /* Guest policy to use. */ + __u64 ma_uaddr; /* userspace address of migration agent */ + __u8 ma_en; /* 1 if the migration agent is enabled */ + __u8 imi_en; /* set IMI to 1. */ + __u8 gosvw[16]; /* guest OS visible workarounds */ + }; + +See the SEV-SNP specification for further detail on the launch input. + References ========== diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index a8efe1f6bf77..097bb2138360 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -22,6 +22,7 @@ #include #include #include +#include #include "mmu.h" #include "x86.h" @@ -75,6 +76,8 @@ static unsigned int nr_asids; static unsigned long *sev_asid_bitmap; static unsigned long *sev_reclaim_asid_bitmap; +static int snp_decommission_context(struct kvm *kvm); + struct enc_region { struct list_head list; unsigned long npages; @@ -100,12 +103,17 @@ static int sev_flush_asids(int min_asid, int max_asid) down_write(&sev_deactivate_lock); wbinvd_on_all_cpus(); - ret = sev_guest_df_flush(&error); + + if (sev_snp_enabled) + ret = sev_do_cmd(SEV_CMD_SNP_DF_FLUSH, NULL, &error); + else + ret = sev_guest_df_flush(&error); up_write(&sev_deactivate_lock); if (ret) - pr_err("SEV: DF_FLUSH failed, ret=%d, error=%#x\n", ret, error); + pr_err("SEV%s: DF_FLUSH failed, ret=%d, error=%#x\n", + sev_snp_enabled ? "-SNP" : "", ret, error); return ret; } @@ -2011,6 +2019,80 @@ int sev_vm_move_enc_context_from(struct kvm *kvm, unsigned int source_fd) return ret; } +/* + * The guest context contains all the information, keys and metadata + * associated with the guest that the firmware tracks to implement SEV + * and SNP features. The firmware stores the guest context in hypervisor + * provide page via the SNP_GCTX_CREATE command. + */ +static void *snp_context_create(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct sev_data_snp_addr data = {}; + void *context; + int rc; + + /* Allocate memory for context page */ + context = snp_alloc_firmware_page(GFP_KERNEL_ACCOUNT); + if (!context) + return NULL; + + data.gctx_paddr = __psp_pa(context); + rc = __sev_issue_cmd(argp->sev_fd, SEV_CMD_SNP_GCTX_CREATE, &data, &argp->error); + if (rc) { + snp_free_firmware_page(context); + return NULL; + } + + return context; +} + +static int snp_bind_asid(struct kvm *kvm, int *error) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct sev_data_snp_activate data = {0}; + + data.gctx_paddr = __psp_pa(sev->snp_context); + data.asid = sev_get_asid(kvm); + return sev_issue_cmd(kvm, SEV_CMD_SNP_ACTIVATE, &data, error); +} + +static int snp_launch_start(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct sev_data_snp_launch_start start = {0}; + struct kvm_sev_snp_launch_start params; + int rc; + + if (!sev_snp_guest(kvm)) + return -ENOTTY; + + if (copy_from_user(¶ms, (void __user *)(uintptr_t)argp->data, sizeof(params))) + return -EFAULT; + + sev->snp_context = snp_context_create(kvm, argp); + if (!sev->snp_context) + return -ENOTTY; + + start.gctx_paddr = __psp_pa(sev->snp_context); + start.policy = params.policy; + memcpy(start.gosvw, params.gosvw, sizeof(params.gosvw)); + rc = __sev_issue_cmd(argp->sev_fd, SEV_CMD_SNP_LAUNCH_START, &start, &argp->error); + if (rc) + goto e_free_context; + + sev->fd = argp->sev_fd; + rc = snp_bind_asid(kvm, &argp->error); + if (rc) + goto e_free_context; + + return 0; + +e_free_context: + snp_decommission_context(kvm); + + return rc; +} + int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) { struct kvm_sev_cmd sev_cmd; @@ -2101,6 +2183,9 @@ int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) case KVM_SEV_RECEIVE_FINISH: r = sev_receive_finish(kvm, &sev_cmd); break; + case KVM_SEV_SNP_LAUNCH_START: + r = snp_launch_start(kvm, &sev_cmd); + break; default: r = -EINVAL; goto out; @@ -2292,6 +2377,28 @@ int sev_vm_copy_enc_context_from(struct kvm *kvm, unsigned int source_fd) return ret; } +static int snp_decommission_context(struct kvm *kvm) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct sev_data_snp_addr data = {}; + int ret; + + /* If context is not created then do nothing */ + if (!sev->snp_context) + return 0; + + data.gctx_paddr = __sme_pa(sev->snp_context); + ret = sev_do_cmd(SEV_CMD_SNP_DECOMMISSION, &data, NULL); + if (WARN_ONCE(ret, "failed to release guest context")) + return ret; + + /* free the context page now */ + snp_free_firmware_page(sev->snp_context); + sev->snp_context = NULL; + + return 0; +} + void sev_vm_destroy(struct kvm *kvm) { struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; @@ -2333,7 +2440,15 @@ void sev_vm_destroy(struct kvm *kvm) } } - sev_unbind_asid(kvm, sev->handle); + if (sev_snp_guest(kvm)) { + if (snp_decommission_context(kvm)) { + WARN_ONCE(1, "Failed to free SNP guest context, leaking asid!\n"); + return; + } + } else { + sev_unbind_asid(kvm, sev->handle); + } + sev_asid_free(sev); } diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 56a5c96d8a36..740969b57425 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -92,6 +92,7 @@ struct kvm_sev_info { struct misc_cg *misc_cg; /* For misc cgroup accounting */ atomic_t migration_in_progress; u64 snp_init_flags; + void *snp_context; /* SNP guest context page */ }; struct kvm_svm { diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 499cc323f793..cf19799ca5ce 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -1919,6 +1919,7 @@ enum sev_cmd_id { /* SNP specific commands */ KVM_SEV_SNP_INIT, + KVM_SEV_SNP_LAUNCH_START, KVM_SEV_NR_MAX, }; @@ -2026,6 +2027,15 @@ struct kvm_snp_init { __u64 flags; }; +struct kvm_sev_snp_launch_start { + __u64 policy; + __u64 ma_uaddr; + __u8 ma_en; + __u8 imi_en; + __u8 gosvw[16]; + __u8 pad[6]; +}; + #define KVM_DEV_ASSIGN_ENABLE_IOMMU (1 << 0) #define KVM_DEV_ASSIGN_PCI_2_3 (1 << 1) #define KVM_DEV_ASSIGN_MASK_INTX (1 << 2) From patchwork Mon Feb 20 18:38:26 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59622 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1465090wrn; Mon, 20 Feb 2023 11:02:46 -0800 (PST) X-Google-Smtp-Source: AK7set815LrRFjgFYIqBhtYTDiH+8ywzPAU42eRuQP25pbgJKaWiE4ylE4ER11zBS0Js3UMDyaER X-Received: by 2002:a17:906:2358:b0:88d:d700:fe15 with SMTP id m24-20020a170906235800b0088dd700fe15mr8646028eja.0.1676919766753; Mon, 20 Feb 2023 11:02:46 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919766; cv=pass; d=google.com; s=arc-20160816; b=yZm2Gdfz2c7g7xDnzQgRzoO921KJWhI/TbMk8li/qwUWT4Ei0b+bMj1J00jHTqtNLH h7vfbtYp4Z894+KEpmpb2vMSQKEDN+bO76dGH/XAmuA/CZqNTwrlSX0g/l151GKhd+H/ OXljD4FeIy7m+acP0RkBv5NJFYbMvj8BFdTZpvJDDmJ2dRA6mS8qOs4qYwvnGfW+5kmh bCOSpnz8NvvIBCGkFVzCHuq/tY2ltorRdws0Ff0W/7OHroZJcUvmpzaUtSP4/kf/UAtU GbLhLlw3KG7ey0P2cPmF2rAbZzyIiKDQLpGNqeggMMjUwOiBdmBtxQu9KC+wwSKsW1nq ynhw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=gMVr3aU9Xdh5TboWF18psQEDEvA2TIg/npTEcVgWI7E=; b=aquB6EeATzA4OmeYQJmoLyx9cjzXknvyF1lf+rDKHnbA1cydm40eMnrWab2W3skm83 UAzgT863QoPxu+Kt5Lgv92BDnlI+1H+MIaZQcKMKQM5u2dIhe0BX+UgO050XwxfcZW3S MNO4h0fUr90S9A8AZPnnjl65M3CbOESJosiM6HwAwFUfgUFtj54wf7iv/A/EDvPRTu+8 nqCROhxOBEryU6IxBjQfCC+wKXz2MgDYvN6ld4tDKz08SHNvtZhqR+KyKvN9+EOM+nnR RHjnK3Cd4ExH5kqFsNgkht1zzSa90QcXNdj3O9wMGKvrw9OFY+b30NUJ7haZjPDv0Hro 4nXw== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=kHHFPQ+i; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id z7-20020a17090674c700b008d2e6df3b6dsi5301993ejl.712.2023.02.20.11.02.15; Mon, 20 Feb 2023 11:02:46 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=kHHFPQ+i; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232856AbjBTS4x (ORCPT + 99 others); Mon, 20 Feb 2023 13:56:53 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41814 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232771AbjBTS4i (ORCPT ); Mon, 20 Feb 2023 13:56:38 -0500 Received: from NAM04-BN8-obe.outbound.protection.outlook.com (mail-bn8nam04on2062a.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e8d::62a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D08FF2202F; Mon, 20 Feb 2023 10:56:06 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=h/YL6USh9J39sKixLOvv0qQPkIrpUsXsOId/+75hrZh2fVtwcmMycieZ55P9BT3caojB+VUwq6wczOIxkXtKGnvmZeQCByfuLu+cHF1imjPQ3r4CXCYFj6TMbqZ54/pVDvXZiV89U2/7JqCXyrD74ox3HsXoNDmak0wz+FEwAqijgspAzEXM5JmO5Hn7ozSAvQ/90IrSaaDI8counXB0Ff7GTlGEuZ8HGgjUi+LwnVml17HPtPX3GukA25DathinkomP8E3BvOuLLiCTJNHz2v4iTT2p9yFqqqbykapwu9UbNVQPJ5TqxWPHsQQSsruwNgx5MI4WGi7TfgIGSs9rpA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=gMVr3aU9Xdh5TboWF18psQEDEvA2TIg/npTEcVgWI7E=; b=F+fD/6TZmwOCMN0H5YajHa8xTcM9Ayydt31usm+xRVUtLFHPAxJgrPO794NBRN1vMpF9CTn5stgFIP6C3bfst1ZTaJcGr5OE3rjPg0mgALDjdJUxp5F50Eg0lepbHX3zlwOlQkK4r/r0wqRwj6Gq6+PJ+P5BCtdYP5InOMhicSaBzCG9JSjoS0ACBONlRCKAP7mDe422N9RL7A3f+N/gV1QQ3QrzbjhFz2GrxdfpE+/t3+WFUyHXBhp/5Id4T2gcVFAjTCmpxf2U1BG9i5wvJgkF3jLwt4LVkCtFxaVMnOg7s53Eah9cd0eHpUVWGV/rAfrf9Thbr94QefZRruWb8A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gMVr3aU9Xdh5TboWF18psQEDEvA2TIg/npTEcVgWI7E=; b=kHHFPQ+iVISMOwb8ZyXG3tXGYhzuVMVOZJ01qwfYm20lyE3kYsK3DkjNzsVH1uhiBCMUZTxAz/SJxLVC1C68KprXbp5J14+nx9z6tVX+uXYsHCUvalpSfOGTDovb+8gSC9tHLh5o/axbuq0spy5bo+vuMAv+KQrwzUVySXII1Ws= Received: from DM6PR10CA0004.namprd10.prod.outlook.com (2603:10b6:5:60::17) by DS0PR12MB6583.namprd12.prod.outlook.com (2603:10b6:8:d1::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.18; Mon, 20 Feb 2023 18:53:20 +0000 Received: from DM6NAM11FT046.eop-nam11.prod.protection.outlook.com (2603:10b6:5:60:cafe::7b) by DM6PR10CA0004.outlook.office365.com (2603:10b6:5:60::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:53:20 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT046.mail.protection.outlook.com (10.13.172.121) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.18 via Frontend Transport; Mon, 20 Feb 2023 18:53:20 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:53:19 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH RFC v8 35/56] KVM: SVM: Add KVM_SEV_SNP_LAUNCH_UPDATE command Date: Mon, 20 Feb 2023 12:38:26 -0600 Message-ID: <20230220183847.59159-36-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT046:EE_|DS0PR12MB6583:EE_ X-MS-Office365-Filtering-Correlation-Id: f4e21b02-a376-44ea-cfc7-08db1373bc55 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: uX02knEIaCBltUtmvBE1z4/RIHkuAKEdLA6EdC8FgBY4o1xOnsQ4iQY/r+y23+E0FlhVNkUHd99vdz8HhSjQMy5ZVJ8N1JH2s2dXUEenVG4B0B3nKy56amODoChXWL0lgDZ5w6mUbxrpl63LhvOfL+aayyV/sg0KSDfenpL2zdXwSVzm/T1e5hPnOLW3uZvCcCy15NUiqegbh6PfQBtEdF0XWbcELz4NccFDLzIqTh7SSSej5BlxLnkRYL+szdRR9qrrlCciY1xQgM05SG6Ma65nyiTd/7wlbKn0g9/BicoSYYtjdo05kVjIfZrjvf6ucXMtdt6GtRq7hRoEr1ClrvHKvHT1Y+uSeLGTkZOtDPCSUQ5EsEKbjJFSw6GGQX5AN+v0wS3PduKJzEbzxJm9hg4zrwLKjd5pDYzpzjplalbI1VbZ/iBG0QwalbZ3I1cuR77/vwreWWMCLKEbe+SB0wR3DNLSe0KfIjdo7SMugFDeGApis2lS6SudcJBcRQR7C7WbbmQ7QbiUeUFpe63enw3DdMTbWtRgb5kY/F6RCnvxWQz403E1yScBjVpNrHZB6p/gA0L25RiF0QcTu7LybmtYCveXB3qoc2HrsQJ1T8dL9Q+W5RMJuFN8oEzPrCfI4o4kCsFhVeUAqVnG/ynovC88++IiUKprt6kFWrXZAezVMZspyg4H1Vu6/TYwTSqeVFxukQNEuFkonXIjMyDB3akIlWN3RzbBaS4WVJiFQsQ= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(346002)(376002)(136003)(39860400002)(396003)(451199018)(40470700004)(46966006)(36840700001)(7416002)(44832011)(5660300002)(8936002)(316002)(7406005)(2906002)(81166007)(54906003)(70586007)(82310400005)(4326008)(6916009)(8676002)(41300700001)(70206006)(86362001)(478600001)(82740400003)(16526019)(36756003)(26005)(36860700001)(186003)(1076003)(2616005)(47076005)(426003)(336012)(40480700001)(40460700003)(83380400001)(6666004)(356005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:53:20.4183 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f4e21b02-a376-44ea-cfc7-08db1373bc55 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT046.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB6583 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,SPF_HELO_PASS, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377821456599417?= X-GMAIL-MSGID: =?utf-8?q?1758377821456599417?= From: Brijesh Singh The KVM_SEV_SNP_LAUNCH_UPDATE command can be used to insert data into the guest's memory. The data is encrypted with the cryptographic context created with the KVM_SEV_SNP_LAUNCH_START. In addition to the inserting data, it can insert a two special pages into the guests memory: the secrets page and the CPUID page. While terminating the guest, reclaim the guest pages added in the RMP table. If the reclaim fails, then the page is no longer safe to be released back to the system and leak them. For more information see the SEV-SNP specification. Co-developed-by: Michael Roth Signed-off-by: Michael Roth Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra --- .../virt/kvm/x86/amd-memory-encryption.rst | 29 +++ arch/x86/kvm/svm/sev.c | 190 ++++++++++++++++++ include/uapi/linux/kvm.h | 19 ++ 3 files changed, 238 insertions(+) diff --git a/Documentation/virt/kvm/x86/amd-memory-encryption.rst b/Documentation/virt/kvm/x86/amd-memory-encryption.rst index 58971fc02a15..c94be8e6d657 100644 --- a/Documentation/virt/kvm/x86/amd-memory-encryption.rst +++ b/Documentation/virt/kvm/x86/amd-memory-encryption.rst @@ -485,6 +485,35 @@ Returns: 0 on success, -negative on error See the SEV-SNP specification for further detail on the launch input. +20. KVM_SNP_LAUNCH_UPDATE +------------------------- + +The KVM_SNP_LAUNCH_UPDATE is used for encrypting a memory region. It also +calculates a measurement of the memory contents. The measurement is a signature +of the memory contents that can be sent to the guest owner as an attestation +that the memory was encrypted correctly by the firmware. + +Parameters (in): struct kvm_snp_launch_update + +Returns: 0 on success, -negative on error + +:: + + struct kvm_sev_snp_launch_update { + __u64 start_gfn; /* Guest page number to start from. */ + __u64 uaddr; /* userspace address need to be encrypted */ + __u32 len; /* length of memory region */ + __u8 imi_page; /* 1 if memory is part of the IMI */ + __u8 page_type; /* page type */ + __u8 vmpl3_perms; /* VMPL3 permission mask */ + __u8 vmpl2_perms; /* VMPL2 permission mask */ + __u8 vmpl1_perms; /* VMPL1 permission mask */ + }; + +See the SEV-SNP spec for further details on how to build the VMPL permission +mask and page type. + + References ========== diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 097bb2138360..03dd227f6090 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -234,6 +234,37 @@ static void sev_decommission(unsigned int handle) sev_guest_decommission(&decommission, NULL); } +static int snp_page_reclaim(u64 pfn) +{ + struct sev_data_snp_page_reclaim data = {0}; + int err, rc; + + data.paddr = __sme_set(pfn << PAGE_SHIFT); + rc = sev_do_cmd(SEV_CMD_SNP_PAGE_RECLAIM, &data, &err); + if (rc) { + /* + * If the reclaim failed, then page is no longer safe + * to use. + */ + snp_mark_pages_offline(pfn, + page_level_size(PG_LEVEL_4K) >> PAGE_SHIFT); + } + + return rc; +} + +static int host_rmp_make_shared(u64 pfn, enum pg_level level, bool leak) +{ + int rc; + + rc = rmp_make_shared(pfn, level); + if (rc && leak) + snp_mark_pages_offline(pfn, + page_level_size(level) >> PAGE_SHIFT); + + return rc; +} + static void sev_unbind_asid(struct kvm *kvm, unsigned int handle) { struct sev_data_deactivate deactivate; @@ -2093,6 +2124,162 @@ static int snp_launch_start(struct kvm *kvm, struct kvm_sev_cmd *argp) return rc; } +static int snp_launch_update_gfn_handler(struct kvm *kvm, + struct kvm_gfn_range *range, + void *opaque) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct kvm_memory_slot *memslot = range->slot; + struct sev_data_snp_launch_update data = {0}; + struct kvm_sev_snp_launch_update params; + struct kvm_sev_cmd *argp = opaque; + int *error = &argp->error; + int i, n = 0, ret = 0; + unsigned long npages; + kvm_pfn_t *pfns; + gfn_t gfn; + + if (!kvm_slot_can_be_private(memslot)) { + pr_err("SEV-SNP requires restricted memory.\n"); + return -EINVAL; + } + + if (copy_from_user(¶ms, (void __user *)(uintptr_t)argp->data, sizeof(params))) { + pr_err("Failed to copy user parameters for SEV-SNP launch.\n"); + return -EFAULT; + } + + data.gctx_paddr = __psp_pa(sev->snp_context); + + npages = range->end - range->start; + pfns = kvmalloc_array(npages, sizeof(*pfns), GFP_KERNEL_ACCOUNT); + if (!pfns) + return -ENOMEM; + + pr_debug("%s: GFN range 0x%llx-0x%llx, type %d\n", __func__, + range->start, range->end, params.page_type); + + for (gfn = range->start, i = 0; gfn < range->end; gfn++, i++) { + int order, level; + void *kvaddr; + + ret = kvm_restrictedmem_get_pfn(memslot, gfn, &pfns[i], &order); + if (ret) + goto e_release; + + n++; + ret = snp_lookup_rmpentry((u64)pfns[i], &level); + if (ret) { + pr_err("Failed to ensure GFN 0x%llx is in initial shared state, ret: %d\n", + gfn, ret); + return -EFAULT; + } + + kvaddr = pfn_to_kaddr(pfns[i]); + if (!virt_addr_valid(kvaddr)) { + pr_err("Invalid HVA 0x%llx for GFN 0x%llx\n", (uint64_t)kvaddr, gfn); + ret = -EINVAL; + goto e_release; + } + + ret = kvm_read_guest_page(kvm, gfn, kvaddr, 0, PAGE_SIZE); + if (ret) { + pr_err("Guest read failed, ret: 0x%x\n", ret); + goto e_release; + } + + ret = rmp_make_private(pfns[i], gfn << PAGE_SHIFT, PG_LEVEL_4K, + sev_get_asid(kvm), true); + if (ret) { + ret = -EFAULT; + goto e_release; + } + + data.address = __sme_set(pfns[i] << PAGE_SHIFT); + data.page_size = X86_TO_RMP_PG_LEVEL(PG_LEVEL_4K); + data.page_type = params.page_type; + data.vmpl3_perms = params.vmpl3_perms; + data.vmpl2_perms = params.vmpl2_perms; + data.vmpl1_perms = params.vmpl1_perms; + ret = __sev_issue_cmd(argp->sev_fd, SEV_CMD_SNP_LAUNCH_UPDATE, + &data, error); + if (ret) { + pr_err("SEV-SNP launch update failed, ret: 0x%x, fw_error: 0x%x\n", + ret, *error); + snp_page_reclaim(pfns[i]); + + /* + * When invalid CPUID function entries are detected, the firmware + * corrects these entries for debugging purpose and leaves the + * page unencrypted so it can be provided users for debugging + * and error-reporting. + * + * Copy the corrected CPUID page back to shared memory so + * userpsace can retrieve this information. + */ + if (params.page_type == SNP_PAGE_TYPE_CPUID && + *error == SEV_RET_INVALID_PARAM) { + int ret; + + host_rmp_make_shared(pfns[i], PG_LEVEL_4K, true); + + ret = kvm_write_guest_page(kvm, gfn, kvaddr, 0, PAGE_SIZE); + if (ret) + pr_err("Failed to write CPUID page back to userspace, ret: 0x%x\n", + ret); + } + + + goto e_release; + } + } + + /* + * Memory attribute updates via KVM_SET_MEMORY_ATTRIBUTES are serialized + * via kvm->slots_lock, so use the same protocol for updating them here. + */ + mutex_lock(&kvm->slots_lock); + kvm_vm_set_region_attr(kvm, range->start, range->end, KVM_MEMORY_ATTRIBUTE_PRIVATE); + mutex_unlock(&kvm->slots_lock); + +e_release: + /* Content of memory is updated, mark pages dirty */ + for (i = 0; i < n; i++) { + set_page_dirty(pfn_to_page(pfns[i])); + mark_page_accessed(pfn_to_page(pfns[i])); + + /* + * If its an error, then update RMP entry to change page ownership + * to the hypervisor. + */ + if (ret) + host_rmp_make_shared(pfns[i], PG_LEVEL_4K, true); + + put_page(pfn_to_page(pfns[i])); + } + + kvfree(pfns); + return ret; +} + +static int snp_launch_update(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct kvm_sev_snp_launch_update params; + + if (!sev_snp_guest(kvm)) + return -ENOTTY; + + if (!sev->snp_context) + return -EINVAL; + + if (copy_from_user(¶ms, (void __user *)(uintptr_t)argp->data, sizeof(params))) + return -EFAULT; + + return kvm_vm_do_hva_range_op(kvm, params.uaddr, params.uaddr + params.len, + snp_launch_update_gfn_handler, argp); +} + int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) { struct kvm_sev_cmd sev_cmd; @@ -2186,6 +2373,9 @@ int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) case KVM_SEV_SNP_LAUNCH_START: r = snp_launch_start(kvm, &sev_cmd); break; + case KVM_SEV_SNP_LAUNCH_UPDATE: + r = snp_launch_update(kvm, &sev_cmd); + break; default: r = -EINVAL; goto out; diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index cf19799ca5ce..4098bba17aa4 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -1920,6 +1920,7 @@ enum sev_cmd_id { /* SNP specific commands */ KVM_SEV_SNP_INIT, KVM_SEV_SNP_LAUNCH_START, + KVM_SEV_SNP_LAUNCH_UPDATE, KVM_SEV_NR_MAX, }; @@ -2036,6 +2037,24 @@ struct kvm_sev_snp_launch_start { __u8 pad[6]; }; +#define KVM_SEV_SNP_PAGE_TYPE_NORMAL 0x1 +#define KVM_SEV_SNP_PAGE_TYPE_VMSA 0x2 +#define KVM_SEV_SNP_PAGE_TYPE_ZERO 0x3 +#define KVM_SEV_SNP_PAGE_TYPE_UNMEASURED 0x4 +#define KVM_SEV_SNP_PAGE_TYPE_SECRETS 0x5 +#define KVM_SEV_SNP_PAGE_TYPE_CPUID 0x6 + +struct kvm_sev_snp_launch_update { + __u64 start_gfn; + __u64 uaddr; + __u32 len; + __u8 imi_page; + __u8 page_type; + __u8 vmpl3_perms; + __u8 vmpl2_perms; + __u8 vmpl1_perms; +}; + #define KVM_DEV_ASSIGN_ENABLE_IOMMU (1 << 0) #define KVM_DEV_ASSIGN_PCI_2_3 (1 << 1) #define KVM_DEV_ASSIGN_MASK_INTX (1 << 2) From patchwork Mon Feb 20 18:38:27 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59617 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1463658wrn; Mon, 20 Feb 2023 11:00:38 -0800 (PST) X-Google-Smtp-Source: AK7set+GSHMUWFKZo1f486o6ydpmcdCJOssVz6zCe+o8hHl+0OJ7jCaQeNKrTWShulFWnkJvxZqC X-Received: by 2002:a17:906:8042:b0:8b1:788f:2198 with SMTP id x2-20020a170906804200b008b1788f2198mr14096933ejw.19.1676919638631; Mon, 20 Feb 2023 11:00:38 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919638; cv=pass; d=google.com; s=arc-20160816; b=BEbcqkc7Sl1olfweHGWePuCd6LyMOZqO9yTJU7pLUGwouzOgnvC0ZU4q/ebfy+2+C1 Ge7c+uUmZRSEMtjJNi2p6AD6Cg1FQ76qFYwkhvcv/EehwHAw+oI+qU8eEWxVPun8GbbE fSMoyi7H2PMHqCtuuYVOPhfsoRqSrwluZfrSyCFC4DkPon9C/euaaPmufehOEjNKCnrO JtrixpmE47EBAmIdsWEJ5w6thu/VKRP2516mcdAM4w1Gvh4JN1CTidNbuFWoy14VXOGP 1a84STSXIPZhOtWdEbDDFSqlVh33fwMSeJFEnetPiCqNtS+idBZ6bj21COtbqHD30Yum euQA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=fQ5XEYYKQSPDy3XEDppFDt/H106z3yOc84xd6pNrjdc=; b=hkVuJ0//v6+x5gyNoCxZjsTB+poEZ1qc5/TQO4iWWZt9r/ZxLMQzn8+xV/5JpirAPx 821eQs8v5bEGxkv+qabmcS/szi/H/nOHn0O4UO2lLnasC7D1ntVgAQ57DV7S3pMorcuz saWyC5KUDivuWWo/OZD3Zw/CPz7ThvMdt0VXO63CNOKwAlm1u02VrO3sdv0RpKhyBxd8 njifmIQC0er3mtbM7FmrRK08Q79eEWZIzizcDHrvx3wFZGgEzBowumGjlzQjgat1ziqg mW8Eo0CYmLoOrZj/wppMR2JWdL1UmDsdO5PQRNe8gJhkceOYbBMVtDR+rXL85povIijq sHoQ== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=S0Ap34RO; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id j23-20020a170906105700b008d2606e4158si5404782ejj.1001.2023.02.20.11.00.15; Mon, 20 Feb 2023 11:00:38 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=S0Ap34RO; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232837AbjBTSz1 (ORCPT + 99 others); Mon, 20 Feb 2023 13:55:27 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39762 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232781AbjBTSzS (ORCPT ); Mon, 20 Feb 2023 13:55:18 -0500 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2086.outbound.protection.outlook.com [40.107.94.86]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 150C21A958; Mon, 20 Feb 2023 10:54:53 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Gmt6ZUhs/YZgwYwcMlaO0KGTIL8lIymTI/4kjByjZhd4yLJpnHCa3NeRx3RH/IqMEui9z/5db75YPQsHg6wdhsWZ/Ro1Vq8rd5HSF5Sqma2AXEn2PZwHZUg0KUD2jlB7qoIDCgFwlei03vUMi1CALnjHmL5+D5yPZqeFNokjThie06mBU4k2QicIcPhmweEh5AjTDDHSLjLSCIbx/qGghl9J5QYVepDlv7dCISo7hk5cnJkvChP4hgbCFT2Pycpupkv9s1jPPobXrMH1cZWxlpHr52Zw4yge7a5xgvebX5JKwYQ3pVfFEsQNZ90ZhBv6OeErPcEwhdSOXYmJ7Sf19Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=fQ5XEYYKQSPDy3XEDppFDt/H106z3yOc84xd6pNrjdc=; b=NhEd+7XSPpuz850oMnk+BPUzgvkkRDSqUfAOSNVsJQNPiXpYVyt5hIoOVup7Mm/sX1m5n2zCMsFPKYeezrLathbLxaBPZVXoJq3xgYynuOWniXYmlrkLsvHJabjfyCGjgPL4bn9fbKYeXCsDTUVOrEmmbvTYQDBtO3Ww0V7dX6MMsgxTkyV66IChgLeefxMfvcFMldJy8a+q2/SLAH8dvXU2PJ4gzXkzyq7TqCWkaLkmBTRJlHEnna14N76YPOIJiCL3/lmRZ1/W+N4MupVTS4jfbCyaBrdBuNOseWnIa4bE1I+Qg16c1QcIEK4ON7QhxXxb7cdqT8TMHY1xCij4dA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=fQ5XEYYKQSPDy3XEDppFDt/H106z3yOc84xd6pNrjdc=; b=S0Ap34RODGLjJ53/WOs1ZLXWcni2RUMULQA5c3QIdgAlvs/xYOpF865IJipCGYonvDEqm/NAutazqhyhcgNfVXPfFKALViCW4xICsSXl+NnTpQ7NHlhtx/veXHA2yAueuq9orDXKDLHIF/1OCHKmSlOcU2uYPIDHkY1hmkPkcUg= Received: from DS7PR05CA0041.namprd05.prod.outlook.com (2603:10b6:8:2f::8) by MW4PR12MB7335.namprd12.prod.outlook.com (2603:10b6:303:22b::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19; Mon, 20 Feb 2023 18:53:41 +0000 Received: from DM6NAM11FT034.eop-nam11.prod.protection.outlook.com (2603:10b6:8:2f:cafe::2f) by DS7PR05CA0041.outlook.office365.com (2603:10b6:8:2f::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.16 via Frontend Transport; Mon, 20 Feb 2023 18:53:41 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT034.mail.protection.outlook.com (10.13.173.47) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.19 via Frontend Transport; Mon, 20 Feb 2023 18:53:41 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:53:40 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh , "Harald Hoyer" Subject: [PATCH RFC v8 36/56] KVM: SVM: Add KVM_SEV_SNP_LAUNCH_FINISH command Date: Mon, 20 Feb 2023 12:38:27 -0600 Message-ID: <20230220183847.59159-37-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT034:EE_|MW4PR12MB7335:EE_ X-MS-Office365-Filtering-Correlation-Id: 8871b370-24dd-47a4-576d-08db1373c8c6 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 8rjVIeCUfp5eh/IwrO15JOeXx514jGtlcyE8q7hCqKx+dyznbHXisi3Fea10k6N4lpyHjvkA04rrb2bffpG6BFuXs1MNU8228ppLvxybyFAQ5hdxy2T4eccgfGtq0BKM7AcqtsQz4IYpyiyC+gIz10mkWyzffAXqooVnmf/zLHiH4Gx5RcW7tC2bQZNqdD3zhmWKj+7z3T9KTjMhoOJtROpS8CEKBqEXFYRn9iCfjhGPOOwX5jR6pzJm8HB/dzqW2FyZ8vtSOhKr+cvDuTEWvagkM2DCeQpmF9cLDyg1UqJSK1hHnt5UIlfX6AnVBD5ENkFS+RMWpMVH9fEHZju095FPf9sgrECmqksIJY3M3UB7EcCTlMSxhgNy1GJNvUTjDU2JIF0PVNeu3mgWGd8IsvVUja3kUp6BP4pHc6erW730GPR9fgmtVtYDS/k4+IQ4GkWNZZBOat7Arb0ozdT7qHhrJEsWl7Sa9K42qd6mZPCTtxIpN9MQ8XT/gdY7XkLPVNk99fYErtNlTscOSCX7gSH83rQrzuvB0m8/kUqGF6QE4k1kq/08Zp6bE3yZpVJAvJunZZwRMJvblNQYHP9iZ9dPMcURJtzi04ATF4H0yy3jxqPeN+uA4On2SHJEZqTajFsUbeRq0zpR8j/9TP9ojbTgrxWthjlgHQpRAtsyRlCh9iXSawt0Cs+aT4/ZfWA/2e+TJRcdEHYehLM865I4w2cFCnC1/DQkof9Cd3mOEeQ= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(39860400002)(396003)(346002)(376002)(136003)(451199018)(40470700004)(46966006)(36840700001)(44832011)(36860700001)(2906002)(86362001)(82740400003)(81166007)(40460700003)(336012)(26005)(47076005)(16526019)(478600001)(186003)(426003)(82310400005)(36756003)(40480700001)(356005)(70586007)(83380400001)(70206006)(1076003)(8936002)(54906003)(2616005)(6916009)(4326008)(41300700001)(6666004)(8676002)(7416002)(5660300002)(316002)(7406005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:53:41.2884 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 8871b370-24dd-47a4-576d-08db1373c8c6 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT034.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW4PR12MB7335 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377687091273861?= X-GMAIL-MSGID: =?utf-8?q?1758377687091273861?= From: Brijesh Singh The KVM_SEV_SNP_LAUNCH_FINISH finalize the cryptographic digest and stores it as the measurement of the guest at launch. While finalizing the launch flow, it also issues the LAUNCH_UPDATE command to encrypt the VMSA pages. If its an SNP guest, then VMSA was added in the RMP entry as a guest owned page and also removed from the kernel direct map so flush it later after it is transitioned back to hypervisor state and restored in the direct map. Signed-off-by: Brijesh Singh Signed-off-by: Harald Hoyer Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- .../virt/kvm/x86/amd-memory-encryption.rst | 23 ++++ arch/x86/kvm/svm/sev.c | 122 ++++++++++++++++++ include/uapi/linux/kvm.h | 14 ++ 3 files changed, 159 insertions(+) diff --git a/Documentation/virt/kvm/x86/amd-memory-encryption.rst b/Documentation/virt/kvm/x86/amd-memory-encryption.rst index c94be8e6d657..dafb0c9984f1 100644 --- a/Documentation/virt/kvm/x86/amd-memory-encryption.rst +++ b/Documentation/virt/kvm/x86/amd-memory-encryption.rst @@ -513,6 +513,29 @@ Returns: 0 on success, -negative on error See the SEV-SNP spec for further details on how to build the VMPL permission mask and page type. +21. KVM_SNP_LAUNCH_FINISH +------------------------- + +After completion of the SNP guest launch flow, the KVM_SNP_LAUNCH_FINISH command can be +issued to make the guest ready for the execution. + +Parameters (in): struct kvm_sev_snp_launch_finish + +Returns: 0 on success, -negative on error + +:: + + struct kvm_sev_snp_launch_finish { + __u64 id_block_uaddr; + __u64 id_auth_uaddr; + __u8 id_block_en; + __u8 auth_key_en; + __u8 host_data[32]; + __u8 pad[6]; + }; + + +See SEV-SNP specification for further details on launch finish input parameters. References ========== diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 03dd227f6090..515e22d0dc30 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -2280,6 +2280,109 @@ static int snp_launch_update(struct kvm *kvm, struct kvm_sev_cmd *argp) snp_launch_update_gfn_handler, argp); } +static int snp_launch_update_vmsa(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct sev_data_snp_launch_update data = {}; + struct kvm_vcpu *vcpu; + unsigned long i; + int ret; + + data.gctx_paddr = __psp_pa(sev->snp_context); + data.page_type = SNP_PAGE_TYPE_VMSA; + + kvm_for_each_vcpu(i, vcpu, kvm) { + struct vcpu_svm *svm = to_svm(vcpu); + u64 pfn = __pa(svm->sev_es.vmsa) >> PAGE_SHIFT; + + /* Perform some pre-encryption checks against the VMSA */ + ret = sev_es_sync_vmsa(svm); + if (ret) + return ret; + + /* Transition the VMSA page to a firmware state. */ + ret = rmp_make_private(pfn, -1, PG_LEVEL_4K, sev->asid, true); + if (ret) + return ret; + + /* Issue the SNP command to encrypt the VMSA */ + data.address = __sme_pa(svm->sev_es.vmsa); + ret = __sev_issue_cmd(argp->sev_fd, SEV_CMD_SNP_LAUNCH_UPDATE, + &data, &argp->error); + if (ret) { + snp_page_reclaim(pfn); + return ret; + } + + svm->vcpu.arch.guest_state_protected = true; + } + + return 0; +} + +static int snp_launch_finish(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct kvm_sev_snp_launch_finish params; + struct sev_data_snp_launch_finish *data; + void *id_block = NULL, *id_auth = NULL; + int ret; + + if (!sev_snp_guest(kvm)) + return -ENOTTY; + + if (!sev->snp_context) + return -EINVAL; + + if (copy_from_user(¶ms, (void __user *)(uintptr_t)argp->data, sizeof(params))) + return -EFAULT; + + /* Measure all vCPUs using LAUNCH_UPDATE before finalizing the launch flow. */ + ret = snp_launch_update_vmsa(kvm, argp); + if (ret) + return ret; + + data = kzalloc(sizeof(*data), GFP_KERNEL_ACCOUNT); + if (!data) + return -ENOMEM; + + if (params.id_block_en) { + id_block = psp_copy_user_blob(params.id_block_uaddr, KVM_SEV_SNP_ID_BLOCK_SIZE); + if (IS_ERR(id_block)) { + ret = PTR_ERR(id_block); + goto e_free; + } + + data->id_block_en = 1; + data->id_block_paddr = __sme_pa(id_block); + + id_auth = psp_copy_user_blob(params.id_auth_uaddr, KVM_SEV_SNP_ID_AUTH_SIZE); + if (IS_ERR(id_auth)) { + ret = PTR_ERR(id_auth); + goto e_free_id_block; + } + + data->id_auth_paddr = __sme_pa(id_auth); + + if (params.auth_key_en) + data->auth_key_en = 1; + } + + memcpy(data->host_data, params.host_data, KVM_SEV_SNP_FINISH_DATA_SIZE); + data->gctx_paddr = __psp_pa(sev->snp_context); + ret = sev_issue_cmd(kvm, SEV_CMD_SNP_LAUNCH_FINISH, data, &argp->error); + + kfree(id_auth); + +e_free_id_block: + kfree(id_block); + +e_free: + kfree(data); + + return ret; +} + int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) { struct kvm_sev_cmd sev_cmd; @@ -2376,6 +2479,9 @@ int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) case KVM_SEV_SNP_LAUNCH_UPDATE: r = snp_launch_update(kvm, &sev_cmd); break; + case KVM_SEV_SNP_LAUNCH_FINISH: + r = snp_launch_finish(kvm, &sev_cmd); + break; default: r = -EINVAL; goto out; @@ -2831,11 +2937,27 @@ void sev_free_vcpu(struct kvm_vcpu *vcpu) svm = to_svm(vcpu); + /* + * If its an SNP guest, then VMSA was added in the RMP entry as + * a guest owned page. Transition the page to hypervisor state + * before releasing it back to the system. + * Also the page is removed from the kernel direct map, so flush it + * later after it is transitioned back to hypervisor state and + * restored in the direct map. + */ + if (sev_snp_guest(vcpu->kvm)) { + u64 pfn = __pa(svm->sev_es.vmsa) >> PAGE_SHIFT; + + if (host_rmp_make_shared(pfn, PG_LEVEL_4K, true)) + goto skip_vmsa_free; + } + if (vcpu->arch.guest_state_protected) sev_flush_encrypted_page(vcpu, svm->sev_es.vmsa); __free_page(virt_to_page(svm->sev_es.vmsa)); +skip_vmsa_free: if (svm->sev_es.ghcb_sa_free) kvfree(svm->sev_es.ghcb_sa); } diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 4098bba17aa4..2bab08a5b5d7 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -1921,6 +1921,7 @@ enum sev_cmd_id { KVM_SEV_SNP_INIT, KVM_SEV_SNP_LAUNCH_START, KVM_SEV_SNP_LAUNCH_UPDATE, + KVM_SEV_SNP_LAUNCH_FINISH, KVM_SEV_NR_MAX, }; @@ -2055,6 +2056,19 @@ struct kvm_sev_snp_launch_update { __u8 vmpl1_perms; }; +#define KVM_SEV_SNP_ID_BLOCK_SIZE 96 +#define KVM_SEV_SNP_ID_AUTH_SIZE 4096 +#define KVM_SEV_SNP_FINISH_DATA_SIZE 32 + +struct kvm_sev_snp_launch_finish { + __u64 id_block_uaddr; + __u64 id_auth_uaddr; + __u8 id_block_en; + __u8 auth_key_en; + __u8 host_data[KVM_SEV_SNP_FINISH_DATA_SIZE]; + __u8 pad[6]; +}; + #define KVM_DEV_ASSIGN_ENABLE_IOMMU (1 << 0) #define KVM_DEV_ASSIGN_PCI_2_3 (1 << 1) #define KVM_DEV_ASSIGN_MASK_INTX (1 << 2) From patchwork Mon Feb 20 18:38:28 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59618 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1463846wrn; Mon, 20 Feb 2023 11:00:55 -0800 (PST) X-Google-Smtp-Source: AK7set+nbSsDjSnEirPoNn94ANtQZJ8cEHPRjb62NeUvkXIdvDnsqqL88PATUUho1fVxkpD07R4q X-Received: by 2002:aa7:d74a:0:b0:4ad:7481:c2fe with SMTP id a10-20020aa7d74a000000b004ad7481c2femr770686eds.22.1676919655542; Mon, 20 Feb 2023 11:00:55 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919655; cv=pass; d=google.com; s=arc-20160816; b=boeNQO/NFVzGzLqXzYe5u9M+9CY7bcAvUkArLAwCCsOmJVYaXUpdGOvuAfanr5jxtL CHc4rNc0XaI2T8myLBv3QKVsIBW3XXd3VQ8BhpkJYeDHUjLT7A0FmuAyMYGtwTSmPQTn OSMdbrH4o8228MzBog3z6ZCjg4hCTVdAsleodqz30S9/En8L/gR4WmgbJveBKOIjlpBX 0fU/hbdYrGT+PA7bVXICh29qwBFDbnZNR2tA/laQo+fNijQfOrVHsbJgzncd4z4GIShU gFhVVnTdMS3gNuDbvCWnRjnE7mwfnYwuY7strClAzBKL6gmJx1/ITej0qEYIEde/Qon6 p9RA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=kokLMy8NhHv0IiJAtB8w/Wv0Gpgl+gURTTSI+M31Zk8=; b=gK28cf/BvIalTGmXJPCJjrY0AwyvRSICxRPSrHPNkcLkBzwMVCKcEvDEogEVnyL0v/ buGRwTVVPx+5Fhwbr/K9g8MD2jx8b5/W33evG93uaHIZq1FbgYhdlU5WA2csGAbQSQot xSuGPF5bxNeX/ujRQVWqDICBFX6Hbh0RlvAUD1ICBeM9GJH3Ym4fwIEVOvTXt3u6Tc8t 1tXgz5B/2ihgaH4O0zv1tD6v+OUZDzQ1zBi2F68uyBsL5zNmEYLQDDY2lhWaJB8mQQKr vXkX6YFU+pxpTMdJJJ3fpxTtTGz2PtkC28aD4PQk+KoaGygVxWWzN23xJpkiomNnVT3o T7HQ== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=ETy3Pzi0; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id m3-20020a50ef03000000b004acb6009aa3si16849330eds.617.2023.02.20.11.00.31; Mon, 20 Feb 2023 11:00:55 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=ETy3Pzi0; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229885AbjBTS4I (ORCPT + 99 others); Mon, 20 Feb 2023 13:56:08 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40074 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232798AbjBTSzs (ORCPT ); Mon, 20 Feb 2023 13:55:48 -0500 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on20617.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe5a::617]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F02361206C; Mon, 20 Feb 2023 10:55:21 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=bT0YmtVe0ahmPKj5F2BPGB+AeBwB2/Qd7XQStEuNCfEyx5tCi05qxQmZEvjhuASQwkYI48Jjlc3Tq6cvsL0sFF6u6weCogX7KSA1Lo2w3bECDpJTMrHVj2jzMWjE+McYnqbjwHK/VFo70FgBtPe1tGvrIjJPJ0NPJKMGdw10U4FR/JQtM+DCsjJvLCf765K89HgwXiUGNUODidIyQyIzP+DWyx3/Zri0PHQ+NdiK1RIh1ghmjL5v+3mT4qhGL6Xqkul+hUxdaoRTqqlcRQ3eguEBXh35BXVz3ppWD96nhe0JGVFTYkSajIrTYxK7XXdYaIw9DqgDeWJ1JOkQJLKZDw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=kokLMy8NhHv0IiJAtB8w/Wv0Gpgl+gURTTSI+M31Zk8=; b=dh/Px4JAOiHHHoo9dxGQG38OnAByH+qTXM9OUmAiErE3l0FGOm2odo79zpAoH4Ms4rSEA87uwkc+wOjfa9r3oinaGcR9kSvnw77qI1QilhQob9z/1nJlcIeW79t5l8wlNaPFs+IMFGNn3A8biBH5hFKO+4Xz7/RETXfbNmyAwGUl4H7o8qAvSN0rWyV+3628z3ow+u7a/0izl7Pf0f4Z2FyBu2NQaZxhZEprm/Hv250iji7yxtZsX2GTcJDBzZR2BQM7gLnglqQXH70DZGI4XT6SqnJaCejRs60H3y+CKlWgx0U4trUM+WsKzqyTfyKLjEj0XaLElnyMkGlcFN7z+g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kokLMy8NhHv0IiJAtB8w/Wv0Gpgl+gURTTSI+M31Zk8=; b=ETy3Pzi0XuQwsZguKeSHOwKBY6Is7l5+tzpSsnog26BuRPadZzmfDTBYwg6ZQ8oGZy/Cgep6X2q/YEKUH2YnYFLA/XNUoZXou7EXwzhl2S7HHxnKrmzJiKh6E2sm6DYsU5tpoZ/7NtyX9qYg6BHHE5tpoFv+/Y97QAsI+IN+T3Y= Received: from DM5PR07CA0117.namprd07.prod.outlook.com (2603:10b6:4:ae::46) by IA0PR12MB8748.namprd12.prod.outlook.com (2603:10b6:208:482::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19; Mon, 20 Feb 2023 18:54:02 +0000 Received: from DM6NAM11FT012.eop-nam11.prod.protection.outlook.com (2603:10b6:4:ae:cafe::d5) by DM5PR07CA0117.outlook.office365.com (2603:10b6:4:ae::46) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:54:02 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT012.mail.protection.outlook.com (10.13.173.109) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.19 via Frontend Transport; Mon, 20 Feb 2023 18:54:02 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:54:01 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh , "Jarkko Sakkinen" , Ashish Kalra Subject: [PATCH RFC v8 37/56] KVM: X86: Keep the NPT and RMP page level in sync Date: Mon, 20 Feb 2023 12:38:28 -0600 Message-ID: <20230220183847.59159-38-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT012:EE_|IA0PR12MB8748:EE_ X-MS-Office365-Filtering-Correlation-Id: 17e376b1-4bdf-44b5-9e12-08db1373d557 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 8KwLgoSvn+rq0RN8eAFGfO8DJrkAUHiQkSI9pezqXNlTVPl/BgcroD7KTdadz4J7Ouj2C7bw571dIg7a4oxFx0zbJnPuGThqQvL+k5sgyduuMwJEz5rn90o0aqHT/pIOrandIOfqud5o6V1m7O1cGm/hY7Pr8EYRs2SdvueW0UGzXruiWrXAlydKI8lllAlCF6TiBQxOmBlwbd3XdoWoZ71FB64FBVIgmpiPPxIaMb+fRa5DwTjLlPu1w1kDcJSI3pYiGjfELNie4aG5cWbw/G6M1u6hw43w/7oPUQmMWUEZ0yLeUeUHNuZXndU6MQbv6JgGbgkzR7WLf8a1ZGvx7ENOWTt/Xsmm5bkG3YtSqmxY4hkv1jxOwQUl4QZ3H/+fTRedSbQYRWPVif4s2u0EpKJ2ooHwb/IzPxPlGN2rEZ8g1SPXZtDajC3/CH3Lkvj79hjRCxZ7kFf3B+y7nxpBmPxPgn9UYqGUWg1rQVNlOZIMGWaJ9qn02rAfuVbPK2eE1vn1Jzut18EUdjZAuVoINegxVqh2kIXNBYGorR5KscSYa52gwKObTqanX4bdEXWdsxueXgNJbW0s/GmSKotrRaq3ZZ8r+lzkbFKkbnJUtM6xJCnqFEq/9ZBeU60te9xy7XvjJOPp9GOI1KoRYMauHxOeIV199ytL0xcStNJJ5q4VCZCj2kK+dBG5LL9iyjoRAXp+7FNEPe1C+7YuUFwvVcfFzz+OmcfA6G/aXRu/71Q= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(136003)(396003)(376002)(346002)(39860400002)(451199018)(46966006)(36840700001)(40470700004)(82740400003)(36860700001)(5660300002)(44832011)(7416002)(7406005)(86362001)(82310400005)(2906002)(81166007)(40480700001)(356005)(336012)(36756003)(478600001)(426003)(26005)(186003)(47076005)(16526019)(70206006)(70586007)(54906003)(83380400001)(40460700003)(316002)(6666004)(6916009)(2616005)(1076003)(8676002)(41300700001)(4326008)(8936002)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:54:02.3731 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 17e376b1-4bdf-44b5-9e12-08db1373d557 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT012.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA0PR12MB8748 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,SPF_HELO_PASS, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377705052633134?= X-GMAIL-MSGID: =?utf-8?q?1758377705052633134?= From: Brijesh Singh When running an SEV-SNP VM, the sPA used to index the RMP entry is obtained through the NPT translation (gva->gpa->spa). The NPT page level is checked against the page level programmed in the RMP entry. If the page level does not match, then it will cause a nested page fault with the RMP bit set to indicate the RMP violation. Co-developed-by: Michael Roth Signed-off-by: Michael Roth Signed-off-by: Brijesh Singh Signed-off-by: Jarkko Sakkinen Signed-off-by: Ashish Kalra --- arch/x86/include/asm/kvm-x86-ops.h | 1 + arch/x86/include/asm/kvm_host.h | 2 ++ arch/x86/kvm/mmu/mmu.c | 9 ++++++ arch/x86/kvm/svm/sev.c | 51 ++++++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.c | 2 ++ arch/x86/kvm/svm/svm.h | 1 + 6 files changed, 66 insertions(+) diff --git a/arch/x86/include/asm/kvm-x86-ops.h b/arch/x86/include/asm/kvm-x86-ops.h index e116405cbb5f..87a087ec3277 100644 --- a/arch/x86/include/asm/kvm-x86-ops.h +++ b/arch/x86/include/asm/kvm-x86-ops.h @@ -135,6 +135,7 @@ KVM_X86_OP_OPTIONAL(alloc_apic_backing_page) KVM_X86_OP_OPTIONAL_RET0(fault_is_private); KVM_X86_OP_OPTIONAL_RET0(update_mem_attr) KVM_X86_OP_OPTIONAL(invalidate_restricted_mem) +KVM_X86_OP_OPTIONAL(adjust_mapping_level) #undef KVM_X86_OP #undef KVM_X86_OP_OPTIONAL diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index a9363a6f779d..456b42cb167b 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1731,6 +1731,8 @@ struct kvm_x86_ops { unsigned long (*vcpu_get_apicv_inhibit_reasons)(struct kvm_vcpu *vcpu); void *(*alloc_apic_backing_page)(struct kvm_vcpu *vcpu); + + void (*adjust_mapping_level)(struct kvm *kvm, gfn_t gfn, kvm_pfn_t pfn, int *level); }; struct kvm_x86_nested_ops { diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index 360af0c9997e..d8e5254f314d 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -3081,6 +3081,7 @@ static int host_pfn_mapping_level(struct kvm *kvm, gfn_t gfn, out: local_irq_restore(flags); + return level; } @@ -3141,6 +3142,14 @@ void kvm_mmu_hugepage_adjust(struct kvm_vcpu *vcpu, struct kvm_page_fault *fault fault->req_level = __kvm_mmu_max_mapping_level(vcpu->kvm, slot, fault->gfn, fault->max_level, fault->is_private); + if (kvm_slot_can_be_private(slot)) { + int req_level = fault->req_level; + + static_call_cond(kvm_x86_adjust_mapping_level)(vcpu->kvm, fault->gfn, fault->pfn, + &req_level); + fault->req_level = req_level; + } + if (fault->req_level == PG_LEVEL_4K || fault->huge_page_disallowed) return; diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 515e22d0dc30..e8740c35be39 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3749,3 +3749,54 @@ struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu) return p; } + +static bool is_gfn_range_shared(struct kvm *kvm, gfn_t start, gfn_t end) +{ + while (start++ < end) + if (kvm_mem_is_private(kvm, start)) + return false; + + return true; +} + +void sev_adjust_mapping_level(struct kvm *kvm, gfn_t gfn, kvm_pfn_t pfn, int *level) +{ + int assigned; + int rmp_level = 1; + int level_orig = *level; + + if (!sev_snp_guest(kvm)) + return; + + /* If there's an error retrieving RMP entry, stick with 4K mappings */ + assigned = snp_lookup_rmpentry(pfn, &rmp_level); + if (unlikely(assigned < 0)) + goto out_adjust; + + if (!assigned) { + gfn_t huge_gfn; + + /* + * If all the pages are shared then no need to keep the RMP + * and NPT in sync. + */ + huge_gfn = gfn & ~(PTRS_PER_PMD - 1); + if (is_gfn_range_shared(kvm, huge_gfn, huge_gfn + PTRS_PER_PMD)) + goto out; + } + + /* + * The hardware installs 2MB TLB entries to access to 1GB pages, + * therefore allow NPT to use 1GB pages when pfn was added as 2MB + * in the RMP table. + */ + if (rmp_level == PG_LEVEL_2M && (*level == PG_LEVEL_1G)) + goto out; + +out_adjust: + /* Adjust the level to keep the NPT and RMP in sync */ + *level = min_t(size_t, *level, rmp_level); +out: + pr_debug("%s: GFN: 0x%llx, PFN: 0x%llx, level: %d, rmp_level: %d, level_orig: %d, assigned: %d\n", + __func__, gfn, pfn, *level, rmp_level, level_orig, assigned); +} diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 1061aaf66f0a..9eb750c8b04c 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -4835,6 +4835,8 @@ static struct kvm_x86_ops svm_x86_ops __initdata = { .vcpu_deliver_sipi_vector = svm_vcpu_deliver_sipi_vector, .vcpu_get_apicv_inhibit_reasons = avic_vcpu_get_apicv_inhibit_reasons, .alloc_apic_backing_page = svm_alloc_apic_backing_page, + + .adjust_mapping_level = sev_adjust_mapping_level, }; /* diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 740969b57425..cbd4594f1cca 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -706,6 +706,7 @@ void sev_vcpu_deliver_sipi_vector(struct kvm_vcpu *vcpu, u8 vector); void sev_es_prepare_switch_to_guest(struct sev_es_save_area *hostsa); void sev_es_unmap_ghcb(struct vcpu_svm *svm); struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu); +void sev_adjust_mapping_level(struct kvm *kvm, gfn_t gfn, kvm_pfn_t pfn, int *level); /* vmenter.S */ From patchwork Mon Feb 20 18:38:29 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59619 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1463974wrn; Mon, 20 Feb 2023 11:01:06 -0800 (PST) X-Google-Smtp-Source: AK7set81N7eNHcji5LhQXmRvD4RJXsX/L2Wpe3aIjoI5Ff2XE8E7O2vEa7SGXbtFrHGu+a+OG6p/ X-Received: by 2002:aa7:d8d9:0:b0:4ac:b2dc:8d55 with SMTP id k25-20020aa7d8d9000000b004acb2dc8d55mr3297903eds.14.1676919665890; Mon, 20 Feb 2023 11:01:05 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919665; cv=pass; d=google.com; s=arc-20160816; b=H9QDePl0WYq+dZVeLGQMVkNJZ9YCEFeKav8eh51Ln+G6POTBpI/Ei5tfG83NLm2KCN FeVj4enkxQ01TcbeQxHidaEH7SU+LEu6eqQjqHn5gqlTelbVXULhWa62s+ZY/V9tB8dJ 5VVfjl0dO66RXf2M3Nq2r2MMC4DCSKDwJSfVgDNBo9EpnA+0mv+9G5+He3yRnJLGNVjr 5KYpTPGT2Fi0dF6ljHf3pQy3gssf1l3M5GnGviKMNg4esBGjWWOm0a2uPU4b6dGrity6 CvsjDtJCrAxFDpozwnFdNgvzKyu+ukJJ4oNqnOe19cuBTKhczukDQC2thcBOPjdVllNE pRBQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Lm86L9ncTBUZoZWM3MdpTq8/bCwf/O3ttdk7LmSABfU=; b=LkgvreqpHrhz+8qz7zvMNJ8BF8WRRtnpTbyY9LF4TiLkyoHnVuPDBY+Bd4oqGtJ5ve g8CcZyVmyxcH8qGGKpVYSQWOBXlt10ImU21794VwMAluXvIlU5ksb4XW4ygAxwS8VEr1 3duH1FauRTY8WrnCGcT5qvzECEMF/1bi4mTsB265M6Cvs0G6v+WrLpSmyK5MT8MTxvWr HLQNlfnZqlFLKqS1wvRBcBZwqM49sKuALu4IMjFcgRmMpjKQF1w0/6lCES7NSFM6JckL /W070im0TqUS+fKu3yk1w6zFVau32Ho3bmJ4aZEQnRnKqtzhVr8hufcMudOKtaRCptqk zLtA== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b="HUL/97eO"; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id r17-20020aa7c151000000b004aab23dec62si16264233edp.37.2023.02.20.11.00.39; Mon, 20 Feb 2023 11:01:05 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b="HUL/97eO"; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232833AbjBTS4V (ORCPT + 99 others); Mon, 20 Feb 2023 13:56:21 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40688 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232848AbjBTSz7 (ORCPT ); Mon, 20 Feb 2023 13:55:59 -0500 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2082.outbound.protection.outlook.com [40.107.94.82]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8ECD21043A; Mon, 20 Feb 2023 10:55:31 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Ghx3ehWB0js2VmZn44l8QVK0yA9+j02fLt8jafMYm639tJyLQe7aWQkbFkU3XMbB8V34lP1uyatkS55MRhrhaQvrdr//dsTO8jTUjiKjBHbe4dVJjoF7ApILe7BZEs8+BG4T0SJyimuaw/8tVbN/rzRqhrAiJBrN4h7l0BLT+pH8cBKCQC1jkmhR21po7u/q5pr9Z4io9HtO9M4Qsj+8cy8tyEcjuBTz2CYV9E0UG39sDpqntkF+Ryb7RPIu9+wGBksKBeuVNhCUlCmmWHGz7QhrZm0MqTqPe0f2HI05n5liaR9bu30AsQTTLkUmmglzlhas9YAMldI5GvvJlgtMbw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Lm86L9ncTBUZoZWM3MdpTq8/bCwf/O3ttdk7LmSABfU=; b=C8frD0rVUfRPlVOo96bVIMrLQb7XZ4c7D44LbWFeWQ9aOFL6YsXGJspz0C6apMrlsN6ToJBOWHEOPJd2gaqbF2Em1LGIulYbxIcFgz9fkHm5iQaSHMwJnr5P7if5UreMYCY81XAO6/jGjnXSwStWcI4DtEt7G73A58JkDGg9UrdxHkjiskzDdlhsJucZ6vI+knzi+rLJ3hyvZFn1srf4LzIJYXSm/41B0m8p3oSAGUZaLPVJuNVVdrX/3l4CJ8qjaHnXn8L/m6hNV8Owm+rTOph3g75dpXahN+4Z8uXHEEWLlfeWEsAaHZ6dXYknbCVZpX9xRk1oVJnnjT4zVoPmGg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Lm86L9ncTBUZoZWM3MdpTq8/bCwf/O3ttdk7LmSABfU=; b=HUL/97eOJp6I02r5BGkZCQjDAeZilxQ1rv4WAdKboU8ixWcYMnOPmJsXzC8xchSt05UDJHIEa3DbjJFWdhMrmdrW1QmPZ5E7XbgHcmhbx42l1Id/hwPLgPZL36aTggFtZZxpcZ2XpTVKP/qIIjEKPvTp2VQ4wUETHM1ZOPcGpeM= Received: from DM6PR02CA0085.namprd02.prod.outlook.com (2603:10b6:5:1f4::26) by SA1PR12MB8697.namprd12.prod.outlook.com (2603:10b6:806:385::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20; Mon, 20 Feb 2023 18:54:23 +0000 Received: from DM6NAM11FT077.eop-nam11.prod.protection.outlook.com (2603:10b6:5:1f4:cafe::36) by DM6PR02CA0085.outlook.office365.com (2603:10b6:5:1f4::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:54:23 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT077.mail.protection.outlook.com (10.13.173.147) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.21 via Frontend Transport; Mon, 20 Feb 2023 18:54:23 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:54:22 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH RFC v8 38/56] KVM: x86: Define RMP page fault error bits for #NPF Date: Mon, 20 Feb 2023 12:38:29 -0600 Message-ID: <20230220183847.59159-39-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT077:EE_|SA1PR12MB8697:EE_ X-MS-Office365-Filtering-Correlation-Id: f66167d1-0096-492f-6c1b-08db1373e1c4 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: kM6mydxn8sLFOK4VAscqKWOkdc6mbPhyJKPAuwm+LYGkfwKB9AdYQlnC8ZbXCuc0GkK7RmTUvIJc66QZ6rGj728hO+sKauU0PTd2ruGIBtzhPubxkJ+5iWlhIImvBpw98uIMhrlXrgA7q82QoY/j8C6u7GWeMdR79ABRRwaTlyRezQIfaoZY37LT9l/7At1YFckcNAIFxidCtjLpCzmthbfnEavKDfuJkYfdaZtF99dsOm3HtlMBiOyorx0/GgEYDCGBisJG2gt+Uc/pKO/iZQvJ5HF87Ax1K1k14aLUfHgptSgXVftJ+1NDXDvBusoIBi+oBGb4LWijg/BYFbt9ork2XTo48lklcJgVBxXXym3cjRKfgny7WsUS83bcKzApyFw5VldupU12sc5Ty75d/IH2nuN70w0Us5hV91AfR50QFF0Vf6Umb506RTV8QGXqdCmWUBL/aIIYxIvBHgSwmD7f0rCVSp407vqz+TRGqEOR3Mukn7Ou61Kb6eM6kQhSUg4dr9vDtCTpGRIv2uE2V91vL2FEM7zXynW6Q1lovCuR87vcv9zCb8Psat42BhMl5ypBb1q86YwLVTx2sS/WC9C/gwMqlZGIRBS09dY47LmDTPeircLTKlNqMcA9nFkCExE3FLJonFdDzEfq40XZbOj3nKd5Lwzg1VFtZioKS7RfAy7AjoTMlvpPZL/I99WMqPiJikRhIFXGJJtoArUc8cDmvvrzdJLp8aX9i3X+4Zo= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(396003)(376002)(346002)(39860400002)(136003)(451199018)(46966006)(40470700004)(36840700001)(356005)(36860700001)(82740400003)(81166007)(8676002)(36756003)(86362001)(7416002)(5660300002)(7406005)(44832011)(70586007)(4326008)(2906002)(70206006)(8936002)(6916009)(40480700001)(1076003)(82310400005)(40460700003)(186003)(2616005)(26005)(83380400001)(16526019)(47076005)(426003)(336012)(54906003)(316002)(41300700001)(478600001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:54:23.1876 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f66167d1-0096-492f-6c1b-08db1373e1c4 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT077.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR12MB8697 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377715430651695?= X-GMAIL-MSGID: =?utf-8?q?1758377715430651695?= From: Brijesh Singh When SEV-SNP is enabled globally, the hardware places restrictions on all memory accesses based on the RMP entry, whether the hypervisor or a VM, performs the accesses. When hardware encounters an RMP access violation during a guest access, it will cause a #VMEXIT(NPF). See APM2 section 16.36.10 for more details. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- arch/x86/include/asm/kvm_host.h | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index 456b42cb167b..d2e1c109dde5 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -253,9 +253,13 @@ enum x86_intercept_stage; #define PFERR_FETCH_BIT 4 #define PFERR_PK_BIT 5 #define PFERR_SGX_BIT 15 +#define PFERR_GUEST_RMP_BIT 31 #define PFERR_GUEST_FINAL_BIT 32 #define PFERR_GUEST_PAGE_BIT 33 #define PFERR_IMPLICIT_ACCESS_BIT 48 +#define PFERR_GUEST_ENC_BIT 34 +#define PFERR_GUEST_SIZEM_BIT 35 +#define PFERR_GUEST_VMPL_BIT 36 #define PFERR_PRESENT_MASK BIT(PFERR_PRESENT_BIT) #define PFERR_WRITE_MASK BIT(PFERR_WRITE_BIT) @@ -267,6 +271,10 @@ enum x86_intercept_stage; #define PFERR_GUEST_FINAL_MASK BIT_ULL(PFERR_GUEST_FINAL_BIT) #define PFERR_GUEST_PAGE_MASK BIT_ULL(PFERR_GUEST_PAGE_BIT) #define PFERR_IMPLICIT_ACCESS BIT_ULL(PFERR_IMPLICIT_ACCESS_BIT) +#define PFERR_GUEST_RMP_MASK BIT_ULL(PFERR_GUEST_RMP_BIT) +#define PFERR_GUEST_ENC_MASK BIT_ULL(PFERR_GUEST_ENC_BIT) +#define PFERR_GUEST_SIZEM_MASK BIT_ULL(PFERR_GUEST_SIZEM_BIT) +#define PFERR_GUEST_VMPL_MASK BIT_ULL(PFERR_GUEST_VMPL_BIT) #define PFERR_NESTED_GUEST_PAGE (PFERR_GUEST_PAGE_MASK | \ PFERR_WRITE_MASK | \ From patchwork Mon Feb 20 18:38:30 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59620 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1464238wrn; Mon, 20 Feb 2023 11:01:27 -0800 (PST) X-Google-Smtp-Source: AK7set8rOpIhCLLe3NJYAwbYAmKCqbduio5gCcd1+SK2x0HnjBBH0Nq94TO5HGwWv0nSd+g4IFc3 X-Received: by 2002:a17:906:279b:b0:879:2a5:dc40 with SMTP id j27-20020a170906279b00b0087902a5dc40mr8807439ejc.76.1676919687477; Mon, 20 Feb 2023 11:01:27 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919687; cv=pass; d=google.com; s=arc-20160816; b=cO3KzLv0MsECi2y1CmYH9lcxd5MJ0F8oyjiPsvY7nZ5BOHmPXmVjwXb9Em6JfGaK1K f3yGYXT+C3NBSSCFHW2fJu3+BOgHas4BvEDMBGmhaXYtea0ifDI0wOur1uhFnEvw5UZe ze4RupjWI4YHSKE6q1yyQD5R9YSJkjFRWKeO93cWHNgHxhUyFdEBFnGh8DpCN1oOiov9 0W45yHq+uSeObEbigQOHSURGIlv3Tln4QHVLHMG+yXoBWn6wA2EQggB9QB4/SBI5btAK aVO6K1hyoMEMsZHJVUzKC3v+QEtrcjt8M8lVgeKeIB/Zwc5LwsSk+GpBngwWo3a0zZYR PEwg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=bfbbeYCbDjRFikAqVByP3v8vGvoyVHSwAy9gWugZHqw=; b=aXpSbbzskASivzb2tmpQ6qtaa7k3AzxGuqXqyL2hqbtki4BxetNKVIB1mxvpyf4nxx Fl1oCJrWptrth+pzCoLt27pzD5RIsSWt5tmeh6NZAYyYVuoAWEcI1nX5TAreL8nMxpfd WgkmWIp/XEYLtylUBw3oL8RQymD/QoUTGMAv7+sjWjYz8mXz8VcBrU8EU+LgJUkaqJBR 0MBtHmy5NHyvk8+2ZgNdz/ZlAJXvVXnTk4ibDncElPwb1UsXnIfce7MN83IDgv6zKVfh rkyoggpaAApSg7T9yjaMuck/flvztfDL0PysWwjdEaaaI+3IgvWD1/cHNNase6effq4M VK5Q== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=Qy73IVK5; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id ep11-20020a1709069b4b00b008c8cdeb62afsi5744521ejc.605.2023.02.20.11.01.02; Mon, 20 Feb 2023 11:01:27 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=Qy73IVK5; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232840AbjBTS4f (ORCPT + 99 others); Mon, 20 Feb 2023 13:56:35 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41228 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232816AbjBTS4U (ORCPT ); Mon, 20 Feb 2023 13:56:20 -0500 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on20613.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe5b::613]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D800C13DDE; Mon, 20 Feb 2023 10:55:48 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=BMjdDOy7d+TGYiSCPoRPo35y/JJ2qyZxQe0obeJnNphm+bHKC+9noC1dy+TNw/u7ZNPLMcrTrcqPvgnR7wJztZwkTOcYuqtuZYYvh9KuIHLEhITFHFwjORWc+8ZTto1vuxphZfDgsJwq/rB7m5EDy3uf4oVvlAfTRk10DZAuXSszI9O13r3BnZNNXC8lynH4DYCAHFooUOERu9KQa3VFE3sML9b+KRyJirjU+23ZBQBGRdHDlpzNsRRpW3lrgn+bAbWG8bIgUZRdqgxq/7If84WawhE2Sut4ukbeCVqakpTJs5dv0ZDy1U/0/6IjI16dp5Nai6cqCVtzQXjyhLJU/w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=bfbbeYCbDjRFikAqVByP3v8vGvoyVHSwAy9gWugZHqw=; b=mmYnq/OVDJkalwxZeYfAN3IjTsVqEHDhs5T9DD010YZMVelQ2WXK18Z57gJJESHAHcn7cuwEvpGBAgDGWq4H3UI4mMuBH+ZgVdsc0tLfpjLuuyjOvNXuogS2V1u1vdMA9EB8On1I/Rkfl/BO13ijigVWs+wJV+aTzvMBE4EUBY4ILfqiNkx+K3q6/aP/YzU0IjSmAmvos410dcBcjnqQSkjskywtc/J/eqawqKoQHmpyjfliI0qnnqbsqV7cByjgKIGh1IT6K2tXvHZ2b7Fm0RUUVtPpQNuH9MViwQq980GyT2cApoeim31FFbEgtQfTed+trZ3cpL3hRT8n4C4Gqw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=bfbbeYCbDjRFikAqVByP3v8vGvoyVHSwAy9gWugZHqw=; b=Qy73IVK5J+rW4qYNtPBVxqNDSFQxh6fHM/zyJYzPElvAMJhM63QkTCYQijBSY36UQZgVUdf75cRnQKrwQL275VSEY4U1VF1yBAdIwst+ttU/mh4zwh2CzuYh5+TZ6vkd7rRC890S1Epn0a7GFEhpnOGk4S6rwWhHs4JeBPiSoiY= Received: from DM6PR07CA0041.namprd07.prod.outlook.com (2603:10b6:5:74::18) by DS7PR12MB8252.namprd12.prod.outlook.com (2603:10b6:8:ee::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19; Mon, 20 Feb 2023 18:54:44 +0000 Received: from DM6NAM11FT072.eop-nam11.prod.protection.outlook.com (2603:10b6:5:74:cafe::84) by DM6PR07CA0041.outlook.office365.com (2603:10b6:5:74::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:54:44 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT072.mail.protection.outlook.com (10.13.173.181) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.19 via Frontend Transport; Mon, 20 Feb 2023 18:54:43 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:54:43 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH RFC v8 39/56] KVM: SVM: Add support to handle GHCB GPA register VMGEXIT Date: Mon, 20 Feb 2023 12:38:30 -0600 Message-ID: <20230220183847.59159-40-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT072:EE_|DS7PR12MB8252:EE_ X-MS-Office365-Filtering-Correlation-Id: 7221e5be-bcf1-4593-4950-08db1373ee1c X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: xpE3iW1to2rfFR02Hs7J3oU3JFQMw/vvjU8mpcQIwsY2g2HIU+zZrpJvzR9uLiqsQW/oIQkaosDhtXurnhZ4hYNnTW3ytPeQ1OdQFhjUzuO02X5vPp9sjITZKYe541rwy73t7vUX/PTeuAccj5UZVZy2DMCcj2CMdVBqbaZa/OMFoJvc5MkUE1kQ4DuanP06t2DRQyUSgQeNYWrRRddgGITg55zTmIcS3MFNGbwUiTHwItYmtQZP3GXSGkuerp6b6x9lSVbzBPgiG4iAxZrfSz1p4rnzketUmHp19ft/teFVs5VpyDo7/wzelCtkltwjbco1HsW0wTZrBbMI6Pwd/qq0Z3eUQdhzc2uSmBlhFVrfv6yvu8i1IWtL7xL70M0IcbhfKGYArYObpVtOv5pNwDLpXeRqhOkBCQBm244YS7WGlemSEeSKmsDzBRvPEx7WZBFQZck3623OwYTobVf2X17cZaO5wnE8VXIz+Cd6saVNiOd+t+ea/u/wSJ1FNswHOTHL7EXVCVUK+f6J/qHv8CDeFDuILgR0vUJrG88JcdPhc46MjYqgqZ3no0gFe+2d6R4faZxEwnb4MFVauAImZfrt2t4bbsD9ytwlrGUt7Fg3rvKdokCmq+E10ZQoe2yKXIXi7/8YDm/iN3T4BZE9hPYCqDMxUOubVa7MJfUPW4giKkzRGC5sqL1EYzSQeh3QVIS4yzbnGrUHlVmx3Yo0Ov9dOUyHPQurnponB5D6xdg= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(136003)(396003)(376002)(346002)(39860400002)(451199018)(40470700004)(46966006)(36840700001)(40460700003)(41300700001)(70586007)(70206006)(83380400001)(7406005)(5660300002)(7416002)(8676002)(54906003)(1076003)(2616005)(6916009)(6666004)(8936002)(316002)(4326008)(186003)(478600001)(426003)(26005)(47076005)(16526019)(356005)(82310400005)(36756003)(40480700001)(336012)(2906002)(82740400003)(86362001)(36860700001)(44832011)(81166007)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:54:43.9273 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 7221e5be-bcf1-4593-4950-08db1373ee1c X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT072.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS7PR12MB8252 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,SPF_HELO_PASS, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377737914466847?= X-GMAIL-MSGID: =?utf-8?q?1758377737914466847?= From: Brijesh Singh SEV-SNP guests are required to perform a GHCB GPA registration. Before using a GHCB GPA for a vCPU the first time, a guest must register the vCPU GHCB GPA. If hypervisor can work with the guest requested GPA then it must respond back with the same GPA otherwise return -1. On VMEXIT, Verify that GHCB GPA matches with the registered value. If a mismatch is detected then abort the guest. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- arch/x86/include/asm/sev-common.h | 8 ++++++++ arch/x86/kvm/svm/sev.c | 27 +++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.h | 7 +++++++ 3 files changed, 42 insertions(+) diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index 539de6b93420..0a9055cdfae2 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -59,6 +59,14 @@ #define GHCB_MSR_AP_RESET_HOLD_RESULT_POS 12 #define GHCB_MSR_AP_RESET_HOLD_RESULT_MASK GENMASK_ULL(51, 0) +/* Preferred GHCB GPA Request */ +#define GHCB_MSR_PREF_GPA_REQ 0x010 +#define GHCB_MSR_GPA_VALUE_POS 12 +#define GHCB_MSR_GPA_VALUE_MASK GENMASK_ULL(51, 0) + +#define GHCB_MSR_PREF_GPA_RESP 0x011 +#define GHCB_MSR_PREF_GPA_NONE 0xfffffffffffff + /* GHCB GPA Register */ #define GHCB_MSR_REG_GPA_REQ 0x012 #define GHCB_MSR_REG_GPA_REQ_VAL(v) \ diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index e8740c35be39..2613311f4fcc 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3424,6 +3424,27 @@ static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) GHCB_MSR_INFO_MASK, GHCB_MSR_INFO_POS); break; } + case GHCB_MSR_PREF_GPA_REQ: { + set_ghcb_msr_bits(svm, GHCB_MSR_PREF_GPA_NONE, GHCB_MSR_GPA_VALUE_MASK, + GHCB_MSR_GPA_VALUE_POS); + set_ghcb_msr_bits(svm, GHCB_MSR_PREF_GPA_RESP, GHCB_MSR_INFO_MASK, + GHCB_MSR_INFO_POS); + break; + } + case GHCB_MSR_REG_GPA_REQ: { + u64 gfn; + + gfn = get_ghcb_msr_bits(svm, GHCB_MSR_GPA_VALUE_MASK, + GHCB_MSR_GPA_VALUE_POS); + + svm->sev_es.ghcb_registered_gpa = gfn_to_gpa(gfn); + + set_ghcb_msr_bits(svm, gfn, GHCB_MSR_GPA_VALUE_MASK, + GHCB_MSR_GPA_VALUE_POS); + set_ghcb_msr_bits(svm, GHCB_MSR_REG_GPA_RESP, GHCB_MSR_INFO_MASK, + GHCB_MSR_INFO_POS); + break; + } case GHCB_MSR_TERM_REQ: { u64 reason_set, reason_code; @@ -3490,6 +3511,12 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) exit_code = ghcb_get_sw_exit_code(ghcb); + /* SEV-SNP guest requires that the GHCB GPA must be registered */ + if (sev_snp_guest(svm->vcpu.kvm) && !ghcb_gpa_is_registered(svm, ghcb_gpa)) { + vcpu_unimpl(&svm->vcpu, "vmgexit: GHCB GPA [%#llx] is not registered.\n", ghcb_gpa); + return -EINVAL; + } + ret = sev_es_validate_vmgexit(svm); if (ret) return ret; diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index cbd4594f1cca..0c655a4d32d5 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -204,6 +204,8 @@ struct vcpu_sev_es_state { u32 ghcb_sa_len; bool ghcb_sa_sync; bool ghcb_sa_free; + + u64 ghcb_registered_gpa; }; struct vcpu_svm { @@ -336,6 +338,11 @@ static inline bool sev_snp_guest(struct kvm *kvm) return sev_es_guest(kvm) && sev->snp_active; } +static inline bool ghcb_gpa_is_registered(struct vcpu_svm *svm, u64 val) +{ + return svm->sev_es.ghcb_registered_gpa == val; +} + static inline void vmcb_mark_all_dirty(struct vmcb *vmcb) { vmcb->control.clean = 0; From patchwork Mon Feb 20 18:38:31 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59621 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1464523wrn; Mon, 20 Feb 2023 11:01:51 -0800 (PST) X-Google-Smtp-Source: AK7set9/DxgYJUIbpeQBTJ5kn1PplbExOiQNdQQVZTgGoG6g1D6wT1HoX/ED+MRD2H1eIc/OjeDD X-Received: by 2002:a17:906:174b:b0:88e:e6ee:feab with SMTP id d11-20020a170906174b00b0088ee6eefeabmr11066674eje.62.1676919711518; Mon, 20 Feb 2023 11:01:51 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919711; cv=pass; d=google.com; s=arc-20160816; b=DlivVExL/2JZQtHieu0Zu33aqMxrNU/5zsVhsOjQbYrAZzleRjLDjYzo/6MkkL+JiL tpuGEmZA8TbrFVgfdw6Luz9XKqsC4CjwUos6xTz0Wo7rqpZgg0H+wsr9aAqD04C/QFtz JPt+mJsqkyhbeZ8kZCxuTZ71nizimKnve5yU2/Kook5QGW0RE2kbw8R1Nzzpo5NE458C AIoVVKKW41T200HykzeOzLtXWcz0OThNHbH/n+jsqKzg3B+kjyLBTnJfVRMErjnZFsS0 Y3EhE2QJTbzD6pWqU2ElaOqfXYS+E/oWiOlzynLBnOjL3I2paDfZzWGk4ABRaqeaj46U nInA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=UMuiftp5hLD4XlVZp8/8ZxOwpPrSyoxlNaZIJkx8b7M=; b=qPA3cO7I5R7CxKzKdCZYR3W8/yPc9EsxTbIYuWs22DMQWdQwSyyZBsePuKu2UWgmIe XoWvrhNoXBCl7A/Gvb5pD4/uC/lwlUUR9QQRK2EJ8moIN7Swa+L363a1JDhvB7iIBFHG BGkZJ7Jv60PyI+6mjWJdBhlh4I2ghQ9Tsmmg9AwjcZPJckDP4jopmX43d2UvfNFVSnCh sH4tB0wxGsAJpk2cZKNda9XbFd0yH+kApWLe1gXaD5qExu1V4W4RhWdw1EhDDNOBU3LF xU6zCGke8teyk0F+9LgynQN/YQ/NeZ+/YKifCOePH3/s2QVFam/2wO71tEpCrRSubTdM JusQ== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=hRjW2oR+; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id if19-20020a170906df5300b008bc4c766f92si8630996ejc.242.2023.02.20.11.01.25; Mon, 20 Feb 2023 11:01:51 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=hRjW2oR+; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232851AbjBTS4u (ORCPT + 99 others); Mon, 20 Feb 2023 13:56:50 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41228 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232868AbjBTS4e (ORCPT ); Mon, 20 Feb 2023 13:56:34 -0500 Received: from NAM04-BN8-obe.outbound.protection.outlook.com (mail-bn8nam04on2044.outbound.protection.outlook.com [40.107.100.44]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E86DF22019; Mon, 20 Feb 2023 10:56:02 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Vqw3cl05T87AbQHDyU17PUrnQ8gByS7Msj8yjTjLfmlnEwfwzYPpdk+hYyyfPANzCkitMYlL84Jwi98E651vJj8hYfubhhjvCpkwuFgz2nIf0O7bd4ucrh8uUvkZRspzZJsqusFRoT5HIKVmXK9FTMckcedU9SIrXS037NnB0/2SUlGyDQIXX+T0wPZuGrO6YsrEYNy+ujq70auXAvq9TDuQ76bZT1g1Sk0z3UsLOHMRynUFlugz2lkEpbZpGXmZmk8JLxhwBSX5JTI0zCn4aaj8MS/kYM3sSQJwN7Mn7RXSNSbQaQsjtLI36HlgyEtndY49Z0k1CICSGQ0I4OX47w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=UMuiftp5hLD4XlVZp8/8ZxOwpPrSyoxlNaZIJkx8b7M=; b=kTdcdVIHFG9oZhLcMVhkG39KVVpywKm655eGbJ+BqsNWtNwst0kz+xDf8wSfm4EyFLnNbYsOMNon+C/RWJ30QBHDdBO0XSTpne8Xb4SmAOnHn2jcFc2jWBTggd0rxG3TRUE3QQFgp0HaQ+2x8iRZcT07Xp4L6oxOGSvIFFGb1kpXBtsMoIiVx6DzQLaaUV/ELw94+VFXrX8EFEb9ER8VA32OmF9vTl6TGTiN62wr2PcbkqZcWbGdmcWvLtgnZ2+y5xO8nmBy7/g+vxsuNHIu4j8aXfJbdrYJKYKzLODwmc0eWWS6hG3CECdWyBYEVOfPct3R2dX9N4gTIZLe8a5J2w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=UMuiftp5hLD4XlVZp8/8ZxOwpPrSyoxlNaZIJkx8b7M=; b=hRjW2oR+acSQFeXz3mjy4950jU8Y0MeCTw47n5OMKVOtYV+FNfEB/c7QwYdTwDB5t7faQf8yyAWX6W2ZGG1fExkWyU+FISJQTPo1M4M+TcoT5pg9rbT6PrRDFpiZJQYHoszxzL1QqyMeK50VjugNJcEBxRf53u86u8baIUppeJw= Received: from DS7PR03CA0107.namprd03.prod.outlook.com (2603:10b6:5:3b7::22) by DM8PR12MB5448.namprd12.prod.outlook.com (2603:10b6:8:27::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20; Mon, 20 Feb 2023 18:55:05 +0000 Received: from DM6NAM11FT011.eop-nam11.prod.protection.outlook.com (2603:10b6:5:3b7:cafe::54) by DS7PR03CA0107.outlook.office365.com (2603:10b6:5:3b7::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:55:05 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT011.mail.protection.outlook.com (10.13.172.108) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.19 via Frontend Transport; Mon, 20 Feb 2023 18:55:05 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:55:04 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH RFC v8 40/56] KVM: SVM: Add KVM_EXIT_VMGEXIT Date: Mon, 20 Feb 2023 12:38:31 -0600 Message-ID: <20230220183847.59159-41-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT011:EE_|DM8PR12MB5448:EE_ X-MS-Office365-Filtering-Correlation-Id: 05a551da-a106-4f5f-910a-08db1373faea X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: VxR3T1TC5MHjMIrUsQ5/xuem8nkUHTZce9t568ha7mvcTv+iX+FmWSheWdcg6fDbcCYxQ5kVHvse5fMsCfryrgyYT28XZmLEgNIhxjFcei2NSke36zqeheCN5j6q5FAFDJUls5UuCeRtxTNfy2f1dFdA5ZoMEYTDVvSruVDWJQ8bdMKUQfRGCZPXEORIkHQF+KEmMhfu+9S5PxmsFHzGt2++T5N0SJw9uvp/+G34e7OUfijvBep/BSYmBDKQE8enJR1JxtF+yhBueEcv6LQgaMMy64mrXiK7Jgpnf8z0Vsv4u5DYV6Yh5KKKta1iAXRLlDxX7bjp4cAb7Gz560BZjzEb87iWEVw6UtJespzCrGy/rReL9sgCLBrU/P+j0mMiceQ7oug6+GhRrengZxx5IqUZe5abBbnc929AItSrTge7VkNKlSCLcZcqaxKmseXhSo0BGgt5acdN4eYb2u02vrbEbVsIdy1CVtwTsn+E4Q4vw2nYE/aagRNG7b/GQk6A5+uUbQea3zpc06mMUNc5BMSniBOcSY9iXdxpuVpSGXpLTZOImdNM7v29zjQ8Jr3F/l1H6eKyEZAQqoAfAFiuz1Dmy995KyGEnMj90L2XtbNonGuOTaGVONSgHXUSaHAxtOdPaLHzfpOOOdHWb/86DG2iVShLfXz+8Lw9c4DUnETaaVlY5eOn4oq4Y5s6tGkYvQ+rhCyMv/Ux6A5/kyTc6ICa5myBPPz2KTJB7kufoPA= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(346002)(39860400002)(136003)(376002)(396003)(451199018)(46966006)(36840700001)(40470700004)(7406005)(4744005)(2906002)(44832011)(7416002)(8936002)(36860700001)(5660300002)(47076005)(83380400001)(426003)(36756003)(6666004)(16526019)(1076003)(2616005)(70206006)(186003)(26005)(81166007)(356005)(86362001)(40480700001)(40460700003)(4326008)(82740400003)(6916009)(70586007)(8676002)(41300700001)(316002)(478600001)(336012)(54906003)(82310400005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:55:05.4119 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 05a551da-a106-4f5f-910a-08db1373faea X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT011.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM8PR12MB5448 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377763485011623?= X-GMAIL-MSGID: =?utf-8?q?1758377763485011623?= For private memslots, GHCB page state change requests will be forwarded to userspace for processing. Define a new KVM_EXIT_VMGEXIT for exits of this type. Signed-off-by: Michael Roth --- include/uapi/linux/kvm.h | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 2bab08a5b5d7..6e684bf5f723 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -279,6 +279,7 @@ struct kvm_xen_exit { #define KVM_EXIT_RISCV_CSR 36 #define KVM_EXIT_NOTIFY 37 #define KVM_EXIT_MEMORY_FAULT 38 +#define KVM_EXIT_VMGEXIT 50 /* For KVM_EXIT_INTERNAL_ERROR */ /* Emulate instruction failed. */ @@ -527,6 +528,11 @@ struct kvm_run { __u64 gpa; __u64 size; } memory; + /* KVM_EXIT_VMGEXIT */ + struct { + __u64 ghcb_msr; /* GHCB MSR contents */ + __u8 error; /* user -> kernel */ + } vmgexit; /* Fix the size of the union. */ char padding[256]; }; From patchwork Mon Feb 20 18:38:32 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59626 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1465794wrn; Mon, 20 Feb 2023 11:04:05 -0800 (PST) X-Google-Smtp-Source: AK7set994bi1C5M46Z2lwxDEltVz/Qx9kHC+lGM/i58ISoVIvZGnvT7RsoXWaVC6+++RH42OhQyh X-Received: by 2002:a17:906:468b:b0:8dd:76d5:a82 with SMTP id a11-20020a170906468b00b008dd76d50a82mr425654ejr.47.1676919845359; Mon, 20 Feb 2023 11:04:05 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919845; cv=pass; d=google.com; s=arc-20160816; b=TBKnXNbHN7pxtslbKgih0RxgIqV8q1Df3bqGuysuSO4Ebeugi1aYoAp9dLXy919BkC vADCLG+5QBdK3sC+SvGC/qjSjRXXtugLyYSmNso0ozK/z1cKO7lijkaV+BPE7xxMX6YC jQiksi3e2oAEjYJs67Hhjxhwkzti6iC0e5LWBA5pxP0VnaAhG10W8OTkDbt8GJAaDeKD 5rjoPj9tdw7exGHtaw/NpaPql0EqBiD99gGY5nGrfy/mSIQLfHZFmGiEPKfrdfFfWEKv d4Y6U18R9fb7twZxeL9GQEy90brszriANb/CoPryAcajPFVA2oPTBnEU/71pxzvMEyRp bfDA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=EwBov8mAFc4rrnqr1KAE9hELe45EaYrVBKIRrG+aCxU=; b=KGhJo6nwTJRj5rOPYG0+m0wn08o83ZdmHsXgCnirbHU8WWktLaIo1YB/PobC0K34Hu 9nXD0CwUTiiZvKhR7QtQKnHuM4xGJR1aDMVoFQUwFJFmdOc3mVmFE4m4eHTON52imxcY 60ct5HlWCP6SA+JAxC8VSILVVKfgFw9BLh/vYIvTrfk70y+17nKhND1Tk90kfYSm09dk KntkRaLS1duK4oSOR6WPredQtI+DRui0+UdteuEfP2AdLNXM2NzeqQKmRtqeszNlyR5M ZHrJwPRJaWtqaYGYsiH1EqlnR42fuwcsp3cpjSFEYtwG4jPUYKXiiRgBD/H367Yi9JAT MVqA== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=ljOVuFjz; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id vl23-20020a17090730d700b008cc93fd1626si4475225ejb.954.2023.02.20.11.03.42; Mon, 20 Feb 2023 11:04:05 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=ljOVuFjz; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232939AbjBTS6y (ORCPT + 99 others); Mon, 20 Feb 2023 13:58:54 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44620 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232892AbjBTS6n (ORCPT ); Mon, 20 Feb 2023 13:58:43 -0500 Received: from NAM02-DM3-obe.outbound.protection.outlook.com (mail-dm3nam02on2076.outbound.protection.outlook.com [40.107.95.76]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 68BC04C21; Mon, 20 Feb 2023 10:58:25 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Oty/0k97/2sXklFEt4E1qbfNT6u0BPJjIU+E7gs++s2hInTN7R0mkDVEp58EeZcyL0sVjifIGCAjji/GRbMxVlx+v+Bno80eQ4i4dZuMOIBHSdiILKeboweGpxNXltH9PVSAS/3jYSwNkN1wQWYNk+VNWsvT0fIaAPFYgrH/Gyi6vReqlPe//k6PyNDXE/chzFhyPK/PCz8DzZowW4yXkxmuBk56iLRd9riFghqSC3nxbFckXQFfRy1XO9ouMKWi5LIhNxqoCC3Wd13G4tO/bE6UkMcuvLpvh1VBirahG/LiWjVNBqnPWzf4TRYpLNh9lD9z1l0ldt1yVLDEJkj3rQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=EwBov8mAFc4rrnqr1KAE9hELe45EaYrVBKIRrG+aCxU=; b=f6d0XajbeCngJgkKn3r3FOQ/FiW1lNhJwt2YbdEdP4Be6EoPq3nw2KCcRh7yxpSwvlsXj45cjOEKb/56JZs2wSk4rHi6+VvlABH7sLgzNnt7YX1R3id8f36EjMUv9MxIcRwQHHd9kHN5Gr/EgHl3sDiK0iTI27DELU+hsKauE7tmIyj9WejquLgH4ZmhhjWjkr1rvVFGb3gHe9CxPhOmpNiWhi5HgnUvdSwAs6fR4b26tbERYRMGfihbvJYCavYgGPIfnfkVIAP8rBwV3S+qRp7wBOmoan1+WS9F383FJCIXQ8e3rBLxbmOFoveBODALOpVetO7+GKAsS7VtmxtsLQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=EwBov8mAFc4rrnqr1KAE9hELe45EaYrVBKIRrG+aCxU=; b=ljOVuFjzzYASCrCea6lweTMywjNu1/hFlgobFFsIvGZwqTLvjQ9ONJQUqFrdcuwykHLBsiCj1TCAMlsbGoga4wp54VUP5SSCXKtP13WpRE9O7FDu2CHvYqieTzdCCdaiItPH5xJR0tQ6vxPrj5850Rv1AoRaUfWb47G9TAna9B4= Received: from MN2PR14CA0024.namprd14.prod.outlook.com (2603:10b6:208:23e::29) by BL1PR12MB5063.namprd12.prod.outlook.com (2603:10b6:208:31a::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20; Mon, 20 Feb 2023 18:55:47 +0000 Received: from BL02EPF000108EA.namprd05.prod.outlook.com (2603:10b6:208:23e:cafe::98) by MN2PR14CA0024.outlook.office365.com (2603:10b6:208:23e::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:55:47 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF000108EA.mail.protection.outlook.com (10.167.241.203) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6134.14 via Frontend Transport; Mon, 20 Feb 2023 18:55:47 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:55:46 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH RFC v8 41/56] KVM: SVM: Add support to handle MSR based Page State Change VMGEXIT Date: Mon, 20 Feb 2023 12:38:32 -0600 Message-ID: <20230220183847.59159-42-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF000108EA:EE_|BL1PR12MB5063:EE_ X-MS-Office365-Filtering-Correlation-Id: fbf6540a-1c30-43b7-58a6-08db137413d3 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: c62kbVw9zE4fIBkaCtccrEtX1RIli5gtFwVktJlGxRK9FSy7BFui0tXfp3Zt//aetJlfvNzu0aSuWqnMlshiDgi5s00EuLkPvyKVQZFzZylNQE9oSVo23T8GZ07ehwn2e6PQDJzSyf8/qE5+m8NhI5YExSdUEyQs26JDVsnu7ETwL+Zmh1J82hZsgiI7AxFmXnFWqOLIfMsfpsxECob79aOsuUHcn1gnuRsLu7J8sl3A8hdhQHS7ybds+/tTLvkPNUxLFBYGlVgzDRXNot9c+YaCBQvSWSqG+x1/zbvLj6ubwXfXUhquoEmxWwn9kTH4n7kkn4NY1MZpY7RKA69cdUatKcXeTXWSI9O1crgeJxBbeQS5V5y/7e3jgwCE2DNJpYdbVpqrkbMRm+d8joZJP75htmtjqwCj2CCNSEbC4rcYIPlS5eJMWVKUrU4kA4ykhVv1metnhDjg4zOcuMlorhVqoV+rYwnbSub/Kz6f9mZV1QJH38NOc/6+WT+EuGSdjSnV/rQvl4syFV1VAEhy/TU9mOtAQdo3ufElFkp89HkryFygm7SPP6DT5sveTP4PH7suKxLFqgZM5INKaecNNjJDyY4puJWxN4EfzNu8COAxsOVh9zOh2pPey2vV2XKMivvRgVwEMaKOseo5EJb0CL46PH1jditgMABNvKJbP4PIf91wgJxHBVR8yTmYqh4cTVL9T76kiXUo238w8URqBcHDXo8VwA4HDq0M6w+Inuo= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(396003)(136003)(376002)(39860400002)(346002)(451199018)(36840700001)(40470700004)(46966006)(82740400003)(81166007)(82310400005)(36756003)(356005)(36860700001)(16526019)(40460700003)(40480700001)(6666004)(26005)(186003)(70586007)(1076003)(70206006)(4326008)(336012)(2616005)(478600001)(54906003)(316002)(2906002)(8676002)(6916009)(83380400001)(5660300002)(7406005)(8936002)(44832011)(86362001)(7416002)(41300700001)(426003)(47076005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:55:47.1715 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: fbf6540a-1c30-43b7-58a6-08db137413d3 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF000108EA.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL1PR12MB5063 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE, T_FILL_THIS_FORM_SHORT autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377903293548021?= X-GMAIL-MSGID: =?utf-8?q?1758377903293548021?= From: Brijesh Singh SEV-SNP VMs can ask the hypervisor to change the page state in the RMP table to be private or shared using the Page State Change MSR protocol as defined in the GHCB specification. Forward these requests to userspace via KVM_EXIT_VMGEXIT so the VMM can issue the KVM ioctls to update the page state accordingly. Co-developed-by: Michael Roth Signed-off-by: Michael Roth Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra --- arch/x86/include/asm/sev-common.h | 9 ++++++++ arch/x86/kvm/svm/sev.c | 25 +++++++++++++++++++++++ arch/x86/kvm/trace.h | 34 +++++++++++++++++++++++++++++++ arch/x86/kvm/x86.c | 1 + 4 files changed, 69 insertions(+) diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index 0a9055cdfae2..ee38f7408470 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -93,6 +93,10 @@ enum psc_op { }; #define GHCB_MSR_PSC_REQ 0x014 +#define GHCB_MSR_PSC_GFN_POS 12 +#define GHCB_MSR_PSC_GFN_MASK GENMASK_ULL(39, 0) +#define GHCB_MSR_PSC_OP_POS 52 +#define GHCB_MSR_PSC_OP_MASK 0xf #define GHCB_MSR_PSC_REQ_GFN(gfn, op) \ /* GHCBData[55:52] */ \ (((u64)((op) & 0xf) << 52) | \ @@ -102,6 +106,11 @@ enum psc_op { GHCB_MSR_PSC_REQ) #define GHCB_MSR_PSC_RESP 0x015 +#define GHCB_MSR_PSC_ERROR_POS 32 +#define GHCB_MSR_PSC_ERROR_MASK GENMASK_ULL(31, 0) +#define GHCB_MSR_PSC_ERROR GENMASK_ULL(31, 0) +#define GHCB_MSR_PSC_RSVD_POS 12 +#define GHCB_MSR_PSC_RSVD_MASK GENMASK_ULL(19, 0) #define GHCB_MSR_PSC_RESP_VAL(val) \ /* GHCBData[63:32] */ \ (((u64)(val) & GENMASK_ULL(63, 32)) >> 32) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 2613311f4fcc..a1a2686dde7b 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -30,6 +30,7 @@ #include "svm_ops.h" #include "cpuid.h" #include "trace.h" +#include "mmu.h" #ifndef CONFIG_KVM_AMD_SEV /* @@ -3345,6 +3346,23 @@ static void set_ghcb_msr(struct vcpu_svm *svm, u64 value) svm->vmcb->control.ghcb_gpa = value; } +/* + * TODO: need to get the value set by userspace in vcpu->run->vmgexit.ghcb_msr + * and process that here accordingly. + */ +static int snp_complete_psc_msr_protocol(struct kvm_vcpu *vcpu) +{ + struct vcpu_svm *svm = to_svm(vcpu); + + set_ghcb_msr_bits(svm, 0, + GHCB_MSR_PSC_ERROR_MASK, GHCB_MSR_PSC_ERROR_POS); + + set_ghcb_msr_bits(svm, 0, GHCB_MSR_PSC_RSVD_MASK, GHCB_MSR_PSC_RSVD_POS); + set_ghcb_msr_bits(svm, GHCB_MSR_PSC_RESP, GHCB_MSR_INFO_MASK, GHCB_MSR_INFO_POS); + + return 1; /* resume */ +} + static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) { struct vmcb_control_area *control = &svm->vmcb->control; @@ -3445,6 +3463,13 @@ static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) GHCB_MSR_INFO_POS); break; } + case GHCB_MSR_PSC_REQ: + vcpu->run->exit_reason = KVM_EXIT_VMGEXIT; + vcpu->run->vmgexit.ghcb_msr = control->ghcb_gpa; + vcpu->arch.complete_userspace_io = snp_complete_psc_msr_protocol; + + ret = -1; + break; case GHCB_MSR_TERM_REQ: { u64 reason_set, reason_code; diff --git a/arch/x86/kvm/trace.h b/arch/x86/kvm/trace.h index 83843379813e..65861d2d086c 100644 --- a/arch/x86/kvm/trace.h +++ b/arch/x86/kvm/trace.h @@ -7,6 +7,7 @@ #include #include #include +#include #undef TRACE_SYSTEM #define TRACE_SYSTEM kvm @@ -1831,6 +1832,39 @@ TRACE_EVENT(kvm_vmgexit_msr_protocol_exit, __entry->vcpu_id, __entry->ghcb_gpa, __entry->result) ); +/* + * Tracepoint for the SEV-SNP page state change processing + */ +#define psc_operation \ + {SNP_PAGE_STATE_PRIVATE, "private"}, \ + {SNP_PAGE_STATE_SHARED, "shared"} \ + +TRACE_EVENT(kvm_snp_psc, + TP_PROTO(unsigned int vcpu_id, u64 pfn, u64 gpa, u8 op, int level), + TP_ARGS(vcpu_id, pfn, gpa, op, level), + + TP_STRUCT__entry( + __field(int, vcpu_id) + __field(u64, pfn) + __field(u64, gpa) + __field(u8, op) + __field(int, level) + ), + + TP_fast_assign( + __entry->vcpu_id = vcpu_id; + __entry->pfn = pfn; + __entry->gpa = gpa; + __entry->op = op; + __entry->level = level; + ), + + TP_printk("vcpu %u, pfn %llx, gpa %llx, op %s, level %d", + __entry->vcpu_id, __entry->pfn, __entry->gpa, + __print_symbolic(__entry->op, psc_operation), + __entry->level) +); + #endif /* _TRACE_KVM_H */ #undef TRACE_INCLUDE_PATH diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 268c3d16894d..0154fc7a28c1 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -13515,6 +13515,7 @@ EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_vmgexit_enter); EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_vmgexit_exit); EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_vmgexit_msr_protocol_enter); EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_vmgexit_msr_protocol_exit); +EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_snp_psc); static int __init kvm_x86_init(void) { From patchwork Mon Feb 20 18:38:33 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59624 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1465421wrn; Mon, 20 Feb 2023 11:03:21 -0800 (PST) X-Google-Smtp-Source: AK7set/BgM9ea/T605+KlqIpjyPLZyFNE6wZPPq9ReNwfnk5+iLjklBnQAQ0tej2GJ4xGR9y+v9i X-Received: by 2002:a50:ec94:0:b0:4ab:2504:c7ff with SMTP id e20-20020a50ec94000000b004ab2504c7ffmr3358581edr.23.1676919801725; Mon, 20 Feb 2023 11:03:21 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919801; cv=pass; d=google.com; s=arc-20160816; b=JGK7IYlGDORkG4ASlJRE76gOj/9HBcwTZoWjTiHleY1N3POmrmFD3Fe/YS28gNeOuz iqJBnLWtq13CRpVZNXFjIbr+1ZCCqIqLaUzVP8muu30khqZDYa+jz4i3Y3BrF/kDzM/6 Kk6GdhLrrNx3tLX9UbLjBwIukfISIINqyv1xVDM1obQ9SF68S8cKluo3B5kr7WX9WHA6 FyQXhhEimb18tJXxDm7oeLaNhxvJXyZh+h5D9nfLgrRiun0UHWDMada66vAiRku7L7aq Qogmhn447BcKjqPQc2shunPFLGPTpDSXOSZ/RfY3fHmZGdOQWFIVLWfB3n9P1DqGUcEu jcHA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=/oTnKs+99hfYPNpv6B5e7Bf0gJ60+2+o6y89UaJhRi0=; b=WiFpYsfuJD+j1dx6WazVXAphEpzhi2ywXuVf1LP+g/jYzEQA9sG9bTDAOTZAST4MHu 94mllrWpWTCdYt/o4LqBPb2EMs+kCGlrOTDIc55SsoGz+d4Nnti8MAQjxgwQzVXq3qCx ZGCxHNdWXCC+3tvLy+LdjCsiLx9KvEoF7EnjTyT0Nz0awvmuV4bPiZS41YrfLhWw+ZFM 7zqGK38TbRtjx3LgGBoSJsD7RkUQGxWLwjlTK6FDN/ZzyTQyNI8Rt894GWmSYP6hpMql EpY6U+AWxEtmIyRp5adlyZQJjGUDGG+F6QOquxsWTDeDjn46S/tGlrr5XtJTTydc3KAC Kofw== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=SYA80Vcy; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id m25-20020aa7c499000000b004ad7203a2c6si14970774edq.230.2023.02.20.11.02.56; Mon, 20 Feb 2023 11:03:21 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=SYA80Vcy; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232795AbjBTS6N (ORCPT + 99 others); Mon, 20 Feb 2023 13:58:13 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44226 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232718AbjBTS6L (ORCPT ); Mon, 20 Feb 2023 13:58:11 -0500 Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on2061d.outbound.protection.outlook.com [IPv6:2a01:111:f400:7ea9::61d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 366ED2196A; Mon, 20 Feb 2023 10:57:44 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=N+tSWxncI5QjIemmHL8V6b1wiJ82mlW3qYQncKyTUIJmiaKoSfBruT1yYqJqqucPtGAPTlmBJMJPIEArZxGUAdktNpQgUm3fOwMCksjdjO89HE0g9A9k6EdY6LIDvPwkHJJGn5uxDsLDYX8ROrNJTxTsNlELhjf6f+gFI13IBb1oadVXRRJwagtBdL53Bp/KS4WBoCFF5x4H4JirVzaBDW4rAqq1GdZ1xwDz1Lc3lk8U1qL5I5KiNOrp4z6+s29lkFAphMLePxoaMza7U8pVuTkOb1XXQIoXZuAJCT+rKJIdLw/TQA8K6tQ1o+HKr62KVcjB5lHsTYZn3SJcoKhZkQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=/oTnKs+99hfYPNpv6B5e7Bf0gJ60+2+o6y89UaJhRi0=; b=T1000cryZUO7UVqURtpp8yHpMdqCd5iO7Rd16ubE9CppmJ9Q4PsiCK9yvwKmwVAN6KlxJQVoBMxNKQpEzD/hvmnGDQXmgA4K51m7FKzDY/jjNQCii0J9RieQrQQ0NFGz99L70LCteGhF6YjsVJ1biUGDcvV1oNCzZZd6oeI9yPbOtax9UkerBDHK8DtyH894BsBSIRw8pL9cSXNtLDe6UTS1JNVCZdhuagnsp434b1ETuEkk9fq+XvVEd7oHElJq/dv4NN9IwzolpwLeIzZTTfzU+r898XwBbv1H5ztcYlMDXMvjRmnRFPPm8LoAl3QUBc7acEkZq2qOXvfblX8Lsw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/oTnKs+99hfYPNpv6B5e7Bf0gJ60+2+o6y89UaJhRi0=; b=SYA80Vcy3OQ2J70pquhjzMmSoHrUuVAHKBOMqvOjOLU38xdQ540CsORrGYw+pA2dYKoYgQ8EGV08OjvZkj1exEWEkVdKHzdA7DalEOdnJiKw4qCZTox2eneUtFJl8CCHqdmdeTWaPyharScoc9XuOZSLroKy5MI7VNsTOoRMBoU= Received: from MN2PR14CA0009.namprd14.prod.outlook.com (2603:10b6:208:23e::14) by PH0PR12MB7960.namprd12.prod.outlook.com (2603:10b6:510:287::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19; Mon, 20 Feb 2023 18:56:13 +0000 Received: from BL02EPF000108EA.namprd05.prod.outlook.com (2603:10b6:208:23e:cafe::6b) by MN2PR14CA0009.outlook.office365.com (2603:10b6:208:23e::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:56:13 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF000108EA.mail.protection.outlook.com (10.167.241.203) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6134.14 via Frontend Transport; Mon, 20 Feb 2023 18:56:10 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:56:07 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH RFC v8 42/56] KVM: SVM: Add support to handle Page State Change VMGEXIT Date: Mon, 20 Feb 2023 12:38:33 -0600 Message-ID: <20230220183847.59159-43-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF000108EA:EE_|PH0PR12MB7960:EE_ X-MS-Office365-Filtering-Correlation-Id: c0a16c03-50c3-46aa-4f8b-08db13742331 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: zXiZRPF0W4XDM4q3RnB7OD7rElj42Oz11iFGYErcPpQP2JOqW2HPabKdDhDsgWFy1H+m4zhVfhdeTmfyQBNwlZldemr/KpdZr2ReUcyCC0n+Pk3zVpgKd1UBdkCtAsYKlXQO2Z+2ffbl2rcTxyJEWLanBXaN4+XFhEgdJc+2bGbw5EgTdn0qnAGQjZ20JSpU7AE+1v2kYAnnubMo2hOCLwybDky5/A3bHQwy0IjbSf5K5Jji48qiorQvx40NojUgG5aa7PxkCENF18ZZEkOHI/WqeuPmTGpfxPTRJmJd6cYL93KrQqXcKoOSnigEJsgprnfC+gnIyepOGfDJBEMFLoHrogYbMCNOVNaVqgDzAP9JeMdjYCy7ELhTTTs9zDxVK4gjpgU8ovYySN7DE+l3DuyEHQjpdO4p2NCIyqpuDCumDz+OyDRzivblOfel9A79o8b9lwdgj/Ov51DT84JFUADI6JySVlmnB/3N/UWjov/x7SUxAGE7bmBskwuAKXuSsJcmtebN5t7sNVbKB/mVgSfG0fD9t8kOpSeF91X+xc/f6o0VJmPzKAkM6G0b8aqx7BhanPUDxiaLgwjz0kxynU4icK7wqDd0Y9rVtnVWCdeTI09RzT/c1HKexd/3aI5D6E3m2wu8tsyYQDjj/SkdFp1rlDgB2ceNjNzDj+ARW336aBNmKBvIAfNZWPVPbeid9qrAQasinPi5F1goRoK4gw/J58oXj3DLpy/fbKt7Hzw= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(376002)(136003)(346002)(39860400002)(396003)(451199018)(40470700004)(46966006)(36840700001)(66899018)(26005)(186003)(8676002)(6916009)(4326008)(40480700001)(7416002)(36756003)(7406005)(8936002)(316002)(83380400001)(70586007)(2616005)(70206006)(16526019)(6666004)(1076003)(5660300002)(336012)(478600001)(47076005)(40460700003)(54906003)(426003)(356005)(41300700001)(44832011)(86362001)(82740400003)(82310400005)(81166007)(36860700001)(2906002)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:56:10.7187 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: c0a16c03-50c3-46aa-4f8b-08db13742331 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF000108EA.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR12MB7960 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,SPF_HELO_PASS, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377857913469734?= X-GMAIL-MSGID: =?utf-8?q?1758377857913469734?= From: Brijesh Singh SEV-SNP VMs can ask the hypervisor to change the page state in the RMP table to be private or shared using the Page State Change NAE event as defined in the GHCB specification version 2. Forward these requests to userspace as KVM_EXIT_VMGEXITs, similar to how it is done for requests that don't use a GHCB page. Co-developed-by: Michael Roth Signed-off-by: Michael Roth Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra --- arch/x86/include/asm/sev-common.h | 7 +++++++ arch/x86/kvm/svm/sev.c | 20 ++++++++++++++++++++ 2 files changed, 27 insertions(+) diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index ee38f7408470..1b111cde8c82 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -130,6 +130,13 @@ enum psc_op { /* SNP Page State Change NAE event */ #define VMGEXIT_PSC_MAX_ENTRY 253 +/* The page state change hdr structure in not valid */ +#define PSC_INVALID_HDR 1 +/* The hdr.cur_entry or hdr.end_entry is not valid */ +#define PSC_INVALID_ENTRY 2 +/* Page state change encountered undefined error */ +#define PSC_UNDEF_ERR 3 + struct psc_hdr { u16 cur_entry; u16 end_entry; diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index a1a2686dde7b..102966c43e28 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3152,6 +3152,7 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) case SVM_VMGEXIT_AP_JUMP_TABLE: case SVM_VMGEXIT_UNSUPPORTED_EVENT: case SVM_VMGEXIT_HV_FEATURES: + case SVM_VMGEXIT_PSC: break; default: reason = GHCB_ERR_INVALID_EVENT; @@ -3363,6 +3364,19 @@ static int snp_complete_psc_msr_protocol(struct kvm_vcpu *vcpu) return 1; /* resume */ } +/* + * TODO: need to process the GHCB contents and report the proper error code + * instead of assuming success. + */ +static int snp_complete_psc(struct kvm_vcpu *vcpu) +{ + struct vcpu_svm *svm = to_svm(vcpu); + + ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, 0); + + return 1; +} + static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) { struct vmcb_control_area *control = &svm->vmcb->control; @@ -3606,6 +3620,12 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) ret = 1; break; } + case SVM_VMGEXIT_PSC: + /* Let userspace handling allocating/deallocating backing pages. */ + vcpu->run->exit_reason = KVM_EXIT_VMGEXIT; + vcpu->run->vmgexit.ghcb_msr = ghcb_gpa; + vcpu->arch.complete_userspace_io = snp_complete_psc; + break; case SVM_VMGEXIT_UNSUPPORTED_EVENT: vcpu_unimpl(vcpu, "vmgexit: unsupported event - exit_info_1=%#llx, exit_info_2=%#llx\n", From patchwork Mon Feb 20 18:38:34 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59623 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1465182wrn; Mon, 20 Feb 2023 11:02:56 -0800 (PST) X-Google-Smtp-Source: AK7set/hcYI9pw89xlNIM8JCSLgh4q6/oIqeW9WKQxatukFsm8CG/+HTo41pmTm9BrbmpKKmInpT X-Received: by 2002:a17:906:d298:b0:8b1:3d4:6a9d with SMTP id ay24-20020a170906d29800b008b103d46a9dmr10403258ejb.19.1676919776345; Mon, 20 Feb 2023 11:02:56 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919776; cv=pass; d=google.com; s=arc-20160816; b=ZID7uFlom5oU3AoZM9VkOTQjjoqff7ANfuLFpMJ/cJXtN1r5uakUcisnp7MNSygc6H c2fQDh13xEgZssmCk5T+cC1Alfpq+dC7blm7/YcrhchfeUgnKTPF2O0xkMZz9dnVErOn A1Uxi4Di/ylERv5Xzn10+Km/DSLNc/Mmrl+Wr5Y8K6Ql9n82imiKqKuAEsbmcCkc1esG /cFgd9RL4yQCIBQmLGQ3TnELriBsO3L4LLTWBaeahYUVfz1DS29wu0o/J9ELEoXircFY ktznnaHIUebcbCZNDRbWKbTosv0L0rIeawPVria/xnXuYVzxOJrCH6Yx0VSwlyynaARl VO5w== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=ogrA7qde+AG0fiChCB4rPy03CBPWzzR4SjMBo/lrZOs=; b=Dm7bjIuXXTRioQ8/D8qFOuteuhe/sQYLdg1uzObqUbiIUUB8QALVBmoMOUL65+wFKN HKpcp57Df9l8ADZtalVuzX2QsDhvFPyY1XCGlbVDK/7YqC3hSxKBk2hcpbKdk8kp4jKq y8XNs5t6d600hFFeuYH5ysOJjHa/5NVjKKb5JcoLC/9IsWRW810qQAnMeFvNXGanQwKA E2mMlT9QI3oCzXmgpgKclnI16xCKDaOsD8jHJMEkRNKjHDxLk0Yz8chW8rjKoYJltKDI ut4uLdGQM9Sa/8DIuO6GY6JxP+Gq62hEtBw8DYGnmDjazmQWph7WD6oiPmjbWJLsCZ52 U/7g== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=B68GRleY; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id az15-20020a170907904f00b008d0dcf4dd09si4139502ejc.406.2023.02.20.11.02.30; Mon, 20 Feb 2023 11:02:56 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=B68GRleY; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232879AbjBTS61 (ORCPT + 99 others); Mon, 20 Feb 2023 13:58:27 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44350 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232858AbjBTS6W (ORCPT ); Mon, 20 Feb 2023 13:58:22 -0500 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2061f.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe59::61f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1AEBC4200; Mon, 20 Feb 2023 10:57:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PAgAjzV4VMeH0iOqWX5SBZs+tYoAFaVhM3kd/EuLG0Ps3qWfVeQh2nIXX/q3gia6tClovNmk+7bjGF8PdNfri+VVqwcowR1SOYOWpOkIdJlqJdBFXJbp/qsGaMjE/bDE8Tf4swNkk5yexq6hStMOt6ZMJYzEif4BhSpTg9sM7ANlFcbGUogHOTgSkCXm4fTgfi+YgrPc9uu2cepABT5TD4ND2bYMCQK9It1JPxm3uCJ9U7zhnJZqipWgyY74THa2GBdoeGiuKFsNZ8gSayJUQyNYo0+RsdshYmDqj2qYSKJ0ISXtUFtOEgBp8xp9D90sR6NzvsDZq1/C7xJ2rd/cYg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ogrA7qde+AG0fiChCB4rPy03CBPWzzR4SjMBo/lrZOs=; b=cTgsdCXqJ+Y+YwsEkQGm1CojIwQkH90aSL7ugi+yDMeKOUb24KKj9wG8b7uBqYN6hp88MkDIgigpJLmu7sBZ+bpdt93godtEee+gwbtjTq80RosJkj7BHAMZipN8BjP+DhEBuxJmiOkAt6WHIkrp0Y6s9+xtuNtZUmk8HCDRHpn1m8A/+/PeNFYD/WsALleVKrHd7zHdNjmqTcPVttPqt5AzyoxtzVOqC+gMfJhcsxatxjUGCKNWnkdaXmEBlTUwJ/z+0aECS1bszXl4lEaxjorzxeOZcGD4Hvq62b4nWDxS2qeVU+5gN4VF4mrmiH2PY199DibjE6wfAGwmG9mObQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ogrA7qde+AG0fiChCB4rPy03CBPWzzR4SjMBo/lrZOs=; b=B68GRleYMzew51RJPazcT6+NVSwt8DSDI8rMVbKjyxQ+30+U7mg8M98tqFYSwyUjDXza+YcpZa7Az/6eSSCsm7rO1DZ5QtJleu4LljWWwceOFwqQb+atOT0p1MMZ6itKDOKVDd+Oo6K2zhx93XGI4ak43PeXwd5jL0WnxnRRHRQ= Received: from BL0PR01CA0018.prod.exchangelabs.com (2603:10b6:208:71::31) by BL3PR12MB6428.namprd12.prod.outlook.com (2603:10b6:208:3b7::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6086.24; Mon, 20 Feb 2023 18:56:29 +0000 Received: from BL02EPF000108EA.namprd05.prod.outlook.com (2603:10b6:208:71:cafe::f2) by BL0PR01CA0018.outlook.office365.com (2603:10b6:208:71::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19 via Frontend Transport; Mon, 20 Feb 2023 18:56:29 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF000108EA.mail.protection.outlook.com (10.167.241.203) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6134.14 via Frontend Transport; Mon, 20 Feb 2023 18:56:29 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:56:28 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH RFC v8 43/56] KVM: x86: Export the kvm_zap_gfn_range() for the SNP use Date: Mon, 20 Feb 2023 12:38:34 -0600 Message-ID: <20230220183847.59159-44-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF000108EA:EE_|BL3PR12MB6428:EE_ X-MS-Office365-Filtering-Correlation-Id: 1887d59b-f590-47c6-5bf2-08db13742cf6 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: zhuUzXdSZdd6QrYrAPkyMFqRvj7kIvk1eIoqcvi69Rlg08ImjdJ7ksG4zlXNc3NWMUtremouWHuxkxyN7ljVnnMMN4jYIgni1FKQOAGntwTc+du+2wSTlhQakz/kT1sbLdhFjOplj/cpzCOosXRvXNAjQUwzN/yaZl2Ne9TvyBYIA7FTf1MdpDirqEmBmkjthgeDmpxa0YEpd+HSwh7RE6mvaHFyN65c69lYQn0BMnnfvj3wYCDrICOS6Zy9abpEU+UhkfbC6732UbOTjwrdvvf2y1NIa5lrbEwtChg3HPo9FAqZ82Mg4t6KiZaB6VRTI09NbHQqNq59zQWcc9m9/h0UdYii+0LNRfqcNDDYLwTRQUQ74CzYLXUhh2x4YLucr/1xH6OkigjXgkHeE3/0z3qEmWPjYhJQrpyPsom1Y0gmc/5bTxbjgLkirN1rdM6IdUSpU/Z2tueDTp6l4zttG6gM8XZfpH306BTrtqqYYp+iomfzzi0QR3jZOczjUhjAyQOyvuO/QeHljOPMezuH+lRhiVR0ROQYjmanvsB2rpnNwDIaIEp7cH0GSgaNQSNVcoLzWE0jb+zrA0KUTMkWpAxSGuhL7fnEiXnhWqlb+sxbXNvesy31zohRA1GHwRr3VYJSPHzMeHlbAUYs8YYV32M0VdLLVQqgIfZlD+Qpt/XYX9zTxMZ7JrckDWhQXjB6DhlFzGF636alC3fKOcMs6bAbLgeAikiwoAdI7Q+Lf00= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(136003)(376002)(346002)(39860400002)(396003)(451199018)(36840700001)(40470700004)(46966006)(86362001)(6916009)(8676002)(7406005)(47076005)(41300700001)(54906003)(44832011)(70206006)(40460700003)(8936002)(36756003)(356005)(70586007)(316002)(1076003)(2906002)(2616005)(16526019)(186003)(5660300002)(26005)(478600001)(81166007)(6666004)(4326008)(7416002)(36860700001)(336012)(426003)(82310400005)(82740400003)(83380400001)(40480700001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:56:29.3440 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 1887d59b-f590-47c6-5bf2-08db13742cf6 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF000108EA.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL3PR12MB6428 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,SPF_HELO_PASS, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377831643186640?= X-GMAIL-MSGID: =?utf-8?q?1758377831643186640?= From: Brijesh Singh While resolving the RMP page fault, there may be cases where the page level between the RMP entry and TDP does not match and the 2M RMP entry must be split into 4K RMP entries. Or a 2M TDP page need to be broken into multiple of 4K pages. To keep the RMP and TDP page level in sync, zap the gfn range after splitting the pages in the RMP entry. The zap should force the TDP to gets rebuilt with the new page level. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- arch/x86/include/asm/kvm_host.h | 2 ++ arch/x86/kvm/mmu.h | 2 -- arch/x86/kvm/mmu/mmu.c | 1 + 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index d2e1c109dde5..28b01cc7f64d 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1845,6 +1845,8 @@ void kvm_mmu_slot_leaf_clear_dirty(struct kvm *kvm, void kvm_mmu_zap_all(struct kvm *kvm); void kvm_mmu_invalidate_mmio_sptes(struct kvm *kvm, u64 gen); void kvm_mmu_change_mmu_pages(struct kvm *kvm, unsigned long kvm_nr_mmu_pages); +void kvm_zap_gfn_range(struct kvm *kvm, gfn_t gfn_start, gfn_t gfn_end); + int load_pdptrs(struct kvm_vcpu *vcpu, unsigned long cr3); diff --git a/arch/x86/kvm/mmu.h b/arch/x86/kvm/mmu.h index 168c46fd8dd1..0afaf8ff2bb8 100644 --- a/arch/x86/kvm/mmu.h +++ b/arch/x86/kvm/mmu.h @@ -211,8 +211,6 @@ static inline u8 permission_fault(struct kvm_vcpu *vcpu, struct kvm_mmu *mmu, return -(u32)fault & errcode; } -void kvm_zap_gfn_range(struct kvm *kvm, gfn_t gfn_start, gfn_t gfn_end); - int kvm_arch_write_log_dirty(struct kvm_vcpu *vcpu); int kvm_mmu_post_init_vm(struct kvm *kvm); diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index d8e5254f314d..d7847af3e177 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -6615,6 +6615,7 @@ static bool kvm_mmu_zap_collapsible_spte(struct kvm *kvm, return need_tlb_flush; } +EXPORT_SYMBOL_GPL(kvm_zap_gfn_range); static void kvm_rmap_zap_collapsible_sptes(struct kvm *kvm, const struct kvm_memory_slot *slot) From patchwork Mon Feb 20 18:38:35 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59638 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1478898wrn; Mon, 20 Feb 2023 11:37:50 -0800 (PST) X-Google-Smtp-Source: AK7set9hkCzvwZrhs4m5Lw/v7Z2XZ6JrCZ4N7JQT023TeBW97n7++w7Ld6TI0wUwAXTenOgBjftV X-Received: by 2002:a17:903:746:b0:19a:94e5:7777 with SMTP id kl6-20020a170903074600b0019a94e57777mr1318054plb.69.1676921869770; Mon, 20 Feb 2023 11:37:49 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676921869; cv=pass; d=google.com; s=arc-20160816; b=iwXHQMsbY7TKy3zq7I7xTz4RD5uUI31LFo8ilIFGo6gqX2klj2YUsZEtvq4VNzZhPR pUF4M37xoKGL55hfphMNnBmOXtPYnB7Sj4N2gRdYho45970qpUeWAj6gPKM8alEv26zG uxluBkPvMwD6lMIVOu8vBgpbSqR2bCYQDPml4nd/qL2klh8FS8uAzX6naihQp3Lo6SpZ c1abAHgYZBZw+u05Nrzie1cLrZhRzGePyCWD0CgF4GKeFnR+M8t5qy2Fo1NLOCACEgW/ SWliOOY4rnDg2fMPElxBMSjC1ravRBvAcc5qcrLDqJZGSQ0OFB0pFidH/4lk8bvViPLj SNow== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=vDe8g5CKLNfnRX5BP3OujC8LV1qgCmPw2a0wdR51M1w=; b=IrEXjd8xf9SzTM+5YQ3oVEc9y26XTbLHNXrqWieONhUggsx1XJk3spIuxtZ1j+UTx2 XWUoiIblQMOa5Mi4rEfEtDZjeqK8KHzQVIQoYgZEEVie8vOVEk74iAUJSsyFITfb/mnj h+K2j6Jdemu0OtgibpMGp5kYXwvrL2eAUlpMnn78XXH711bWstZ9TEQkEeuZRgMu/esB k2xrNpbffzlILYPcCNHF1hWZopZhDu4ROIx+oXEWNFHJAcxyhk4RXny4vOtRNYVlYiDz VeGUL9Q49gOXeBPF7zRRYLqWUeFSdc6vYWcrNGC8o3pMhN2CPuJLeIEjK6LH8QaLYRqn 2DKw== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b="ReJS4KP/"; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id k12-20020a170902c40c00b0019aa43ead4esi12739828plk.9.2023.02.20.11.37.33; Mon, 20 Feb 2023 11:37:49 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b="ReJS4KP/"; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232984AbjBTTBA (ORCPT + 99 others); Mon, 20 Feb 2023 14:01:00 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49160 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233003AbjBTTAx (ORCPT ); Mon, 20 Feb 2023 14:00:53 -0500 Received: from NAM04-DM6-obe.outbound.protection.outlook.com (mail-dm6nam04on2061a.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e8b::61a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E550B22026; Mon, 20 Feb 2023 11:00:19 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=DWR+H9k7NaEkDNDswlWqytzOyFuxgzHkRrnjdx6RVkdkBCItfCW4CB5YReE7thhQWyN87qwwuylCq2XkZ0p2dLqXphyFzcCDdU8paRFtrw5fLgg43hXASTjBv3aY1OPq2ti0AXYsKfUrbO9Uo62mYZSZa3Icx9zX9TJJ24kZMGHNPwbiomX9XBoW2QQ13qeJonFhFblBGdLtLcYpbPtxB8RLgt3DnrVGNlauCLF5CE5MFW1WgZOqOzdhiX9AnhELzQKs4coPc94FnMqHR0eS18oYzoWRbhrHmqOh7Yzg/9WeS1WQKx1N2chEf8VtnmhKgvEF35T7dOIRNc0ZfGFZNw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=vDe8g5CKLNfnRX5BP3OujC8LV1qgCmPw2a0wdR51M1w=; b=WqrKqVIgzAKh+WxIrBX6y5r8jZxD6CbyXGRjwKoFl+hHGqqvtmRQrcWE+Q6v+OzWcMo+FKj6JGY5aRm416aOSeS0hE6halefBEyXyAdQZ8FUFPIOY1of9IPKrn9dRM+CZThkOZb8E9Y3OtoLjm4v+LC8Bj+BHz3zH7Dx/R+4USCTUPsnBc1qUvJtgjENPa+xaZqUbM3VyC3FdZ73yE/gpg8UwX2BdR7LxJg+VvbeCmHaW9aiLA87iuaHKzIVi5KT+lHAZ0sLJ52era5PBsTFkoy76uNeUwdhPujhCGezK+e4lRZb/a1HoGVBqRPZyArF31bsZkTqJh6RVRlCz/bQnw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=vDe8g5CKLNfnRX5BP3OujC8LV1qgCmPw2a0wdR51M1w=; b=ReJS4KP/a2QGuPe/xbRYg/CD+J5NNNucqadI2yiehHDO5KtGGTz7w3eVvdVwivVNlOSl2ztm4HuXsRHTBj2mBQNkSKYzoD9dKCA+qpB/dEjSBN+pBv7kmYh0vIKx7FCZb+OWbuQNgWxceReOpyOPU1yck1Dic/glpDN3qlDg7HU= Received: from BL0PR01CA0030.prod.exchangelabs.com (2603:10b6:208:71::43) by SN7PR12MB8001.namprd12.prod.outlook.com (2603:10b6:806:340::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.18; Mon, 20 Feb 2023 18:56:50 +0000 Received: from BL02EPF000108EA.namprd05.prod.outlook.com (2603:10b6:208:71:cafe::d0) by BL0PR01CA0030.outlook.office365.com (2603:10b6:208:71::43) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:56:50 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF000108EA.mail.protection.outlook.com (10.167.241.203) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6134.14 via Frontend Transport; Mon, 20 Feb 2023 18:56:49 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:56:49 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH RFC v8 44/56] KVM: SVM: Add support to handle the RMP nested page fault Date: Mon, 20 Feb 2023 12:38:35 -0600 Message-ID: <20230220183847.59159-45-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF000108EA:EE_|SN7PR12MB8001:EE_ X-MS-Office365-Filtering-Correlation-Id: e6faf4d8-d37f-4176-87f3-08db13743941 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: hQZ9nMwnrwE0FZrlTBbgCPI8tzQqzUcYb1Adl0EuvzMdgKarcL8D89YkX8G9aaiX9GX3NZHzzHiER0WDmhcDL183KpfIm4bQkGfKqTdDfWV6kiCT8e40zZeqpJ/JXfS5BCbTNfvBRVujhIbJkSyKuZPIEWhSEizvOpXf3ETIe6MiUUNQhIGFKHet6DKTZP6krpjNhxWbuWXhhADhvBn8PQT0K/PrxZ1rQuEgthQX/D4Qi5DBAtGS/RLLUpwP6HJhj3x0yRbua94ADXX2oXrS6iFaobdWrBRtGOp26dvKvc99qKcGCzULWnq7xzzUqsJ6RZcTGWC7i8B7w87IL5DnO985RBE0jWKAE4MMg9eUxE+nrk1Rx4GimdvFELhHfokBwaLeEZq7za35b8qL+dzxhyFUrw3C6gnClgExxNQrK99cHnlyR5QsRMuZ16gFs8IMRLpdNZX52xjllD1CnKk3TdH4FI8RyAw5Ezxz37ltARrCQbG+34+clveN5zhGXMASRzuik44nDXv08pMqOftzUwWvmunC9Mq45iV0J5t4LR0ltBNFjAUjZL7K0LKLPdqpiBgpP8+usUjofMVeNUBX4psutURQ9QHRMfSOmpkxz0/+/t34s+7ZrZCd2D3uEZvwLVnjxt1cRr8OAeexcOHF7VNgh+z9/TVgLaOryCo2N7SfupoFwdKYXIS/rSVzydJ+Vty6T9apxgY6Dtxh9f78ZHrRTF29RqV842k5AUYJWFg= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(39860400002)(136003)(396003)(346002)(376002)(451199018)(46966006)(40470700004)(36840700001)(40460700003)(81166007)(356005)(82310400005)(6666004)(2616005)(16526019)(336012)(426003)(26005)(36860700001)(47076005)(186003)(40480700001)(83380400001)(7416002)(70586007)(8936002)(6916009)(70206006)(2906002)(44832011)(4326008)(41300700001)(5660300002)(82740400003)(316002)(86362001)(7406005)(36756003)(478600001)(1076003)(54906003)(8676002)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:56:49.9537 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: e6faf4d8-d37f-4176-87f3-08db13743941 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF000108EA.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB8001 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,SPF_HELO_PASS, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758380026103185370?= X-GMAIL-MSGID: =?utf-8?q?1758380026103185370?= From: Brijesh Singh When SEV-SNP is enabled in the guest, the hardware places restrictions on all memory accesses based on the contents of the RMP table. When hardware encounters RMP check failure caused by the guest memory access it raises the #NPF. The error code contains additional information on the access type. See the APM volume 2 for additional information. Page state changes are handled by userspace, so if an RMP fault is triggered as a result of an RMP NPT fault, exit to userspace just like with explicit page-state change requests. RMP NPT faults can also occur if the guest pvalidates a 2M page as 4K, in which case the RMP entries need to be PSMASH'd. Handle this case immediately in the kernel. Co-developed-by: Michael Roth Signed-off-by: Michael Roth Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra --- arch/x86/kvm/svm/sev.c | 84 ++++++++++++++++++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.c | 21 +++++++++-- arch/x86/kvm/svm/svm.h | 1 + 3 files changed, 102 insertions(+), 4 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 102966c43e28..197b1f904567 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3347,6 +3347,13 @@ static void set_ghcb_msr(struct vcpu_svm *svm, u64 value) svm->vmcb->control.ghcb_gpa = value; } +static int snp_rmptable_psmash(struct kvm *kvm, kvm_pfn_t pfn) +{ + pfn = pfn & ~(KVM_PAGES_PER_HPAGE(PG_LEVEL_2M) - 1); + + return psmash(pfn); +} + /* * TODO: need to get the value set by userspace in vcpu->run->vmgexit.ghcb_msr * and process that here accordingly. @@ -3872,3 +3879,80 @@ void sev_adjust_mapping_level(struct kvm *kvm, gfn_t gfn, kvm_pfn_t pfn, int *le pr_debug("%s: GFN: 0x%llx, PFN: 0x%llx, level: %d, rmp_level: %d, level_orig: %d, assigned: %d\n", __func__, gfn, pfn, *level, rmp_level, level_orig, assigned); } + +void handle_rmp_page_fault(struct kvm_vcpu *vcpu, gpa_t gpa, u64 error_code) +{ + int order, rmp_level, assigned, ret; + struct kvm_memory_slot *slot; + struct kvm *kvm = vcpu->kvm; + kvm_pfn_t pfn; + gfn_t gfn; + + /* + * Private memslots punt handling of implicit page state changes to + * userspace, so the only RMP faults expected here for + * PFERR_GUEST_SIZEM_MASK. Anything else suggests that the RMP table has + * gotten out of sync with the private memslot. + * + * TODO: However, this case has also been noticed when an access occurs + * to an NPT mapping that has just been split/PSMASHED, in which case + * PFERR_GUEST_SIZEM_MASK might not be set. In those cases it should be + * safe to ignore and let the guest retry, but log these just in case + * for now. + */ + if (!(error_code & PFERR_GUEST_SIZEM_MASK)) { + pr_warn_ratelimited("Unexpected RMP fault for GPA 0x%llx, error_code 0x%llx", + gpa, error_code); + return; + } + + gfn = gpa >> PAGE_SHIFT; + + /* + * Only RMPADJUST/PVALIDATE should cause PFERR_GUEST_SIZEM. + * + * For PVALIDATE, this should only happen if a guest PVALIDATEs a 4K GFN + * that is backed by a huge page in the host whose RMP entry has the + * hugepage/assigned bits set. With UPM, that should only ever happen + * for private pages. + * + * For RMPADJUST, this assumption might not hold, in which case handling + * for obtaining the PFN from HVA-backed memory may be needed. For now, + * just print warnings. + */ + if (!kvm_mem_is_private(kvm, gfn)) { + pr_warn_ratelimited("Unexpected RMP fault, size-mismatch for non-private GPA 0x%llx\n", + gpa); + return; + } + + slot = gfn_to_memslot(kvm, gfn); + if (!kvm_slot_can_be_private(slot)) { + pr_warn_ratelimited("Unexpected RMP fault, non-private slot for GPA 0x%llx\n", + gpa); + return; + } + + ret = kvm_restrictedmem_get_pfn(slot, gfn, &pfn, &order); + if (ret) { + pr_warn_ratelimited("Unexpected RMP fault, no private backing page for GPA 0x%llx\n", + gpa); + return; + } + + assigned = snp_lookup_rmpentry(pfn, &rmp_level); + if (assigned != 1) { + pr_warn_ratelimited("Unexpected RMP fault, no assigned RMP entry for GPA 0x%llx\n", + gpa); + goto out; + } + + ret = snp_rmptable_psmash(kvm, pfn); + if (ret) + pr_err_ratelimited("Unable to split RMP entries for GPA 0x%llx PFN 0x%llx ret %d\n", + gpa, pfn, ret); + +out: + kvm_zap_gfn_range(kvm, gfn, gfn + PTRS_PER_PMD); + put_page(pfn_to_page(pfn)); +} diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 9eb750c8b04c..f9ab4bf6d245 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -1976,15 +1976,28 @@ static int pf_interception(struct kvm_vcpu *vcpu) static int npf_interception(struct kvm_vcpu *vcpu) { struct vcpu_svm *svm = to_svm(vcpu); + int rc; u64 fault_address = svm->vmcb->control.exit_info_2; u64 error_code = svm->vmcb->control.exit_info_1; trace_kvm_page_fault(vcpu, fault_address, error_code); - return kvm_mmu_page_fault(vcpu, fault_address, error_code, - static_cpu_has(X86_FEATURE_DECODEASSISTS) ? - svm->vmcb->control.insn_bytes : NULL, - svm->vmcb->control.insn_len); + rc = kvm_mmu_page_fault(vcpu, fault_address, error_code, + static_cpu_has(X86_FEATURE_DECODEASSISTS) ? + svm->vmcb->control.insn_bytes : NULL, + svm->vmcb->control.insn_len); + + /* + * rc == 0 indicates a userspace exit is needed to handle page + * transitions, so do that first before updating the RMP table. + */ + if (error_code & PFERR_GUEST_RMP_MASK) { + if (rc == 0) + return rc; + handle_rmp_page_fault(vcpu, fault_address, error_code); + } + + return rc; } static int db_interception(struct kvm_vcpu *vcpu) diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 0c655a4d32d5..13b00233b315 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -714,6 +714,7 @@ void sev_es_prepare_switch_to_guest(struct sev_es_save_area *hostsa); void sev_es_unmap_ghcb(struct vcpu_svm *svm); struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu); void sev_adjust_mapping_level(struct kvm *kvm, gfn_t gfn, kvm_pfn_t pfn, int *level); +void handle_rmp_page_fault(struct kvm_vcpu *vcpu, gpa_t gpa, u64 error_code); /* vmenter.S */ From patchwork Mon Feb 20 18:38:36 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59639 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1479234wrn; Mon, 20 Feb 2023 11:38:44 -0800 (PST) X-Google-Smtp-Source: AK7set8fNQUSKYLwle2pKPD0hwNM6tBPtQZYFOmRfB+BZfjjSSYfaiQcu2evAHxplxGgNGPFDOrT X-Received: by 2002:a17:903:2441:b0:196:5bac:e319 with SMTP id l1-20020a170903244100b001965bace319mr3108081pls.35.1676921924226; Mon, 20 Feb 2023 11:38:44 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676921924; cv=pass; d=google.com; s=arc-20160816; b=yDFE83hrSH9z44rLYCmNgaYDmY/GLNyX1W+DMRiKWZ/conS+0Qqgn0dzerFTp+oZIn uaK+qYh2ki+5nlPUFUK5DGcLpEJJ4+ttgfEbYPOnV9subKbCFk3lcl0Pxs9RQ92tRYRi /kWcJkEykGW/stNPWAtd+9exqtKKbLH3pICGWZtK1V8T3Ov29pjOg5E3TxHsT1CSgPDy XikHTqiePYOdMfQiCiMW7+9h9oDiHFKRQCfON2c+wp1n8ZiCkbO8e3qK12Ml62/MhmFT Jp4PUDBQTTJt32AD62BTgeANDha3icWxOpRYIaY0V5gek1G2qjqEq4HOnL+4/8MbiiFJ eBlQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=n1RRgjOiQpLZ01liN8EP3I2nWld/+bK90dZ8xsXbfg0=; b=jz+PWeA1gxts4foGu2jvPj7iDNSBj8CuFD4MPyv0nfpy3g3j1sCUrlIp+3eORysiLD fGpTuGNli3yEHv6LweGbVmXhUS1NpezugY85QMuYDGY2SAfOOqMlxgzoY/Zx2r38I7Xa oA0NKoxzXjlmtxbDTXNVFLreu8mXHflc+4OamDtRln7xfPnMy/54WF9T6ioH6munLi7f JoWLZ5KvHJWQD1CPCW6c2kFJtpWxm8y99olzB5y30kKlrps5fNBHHJiS/DtbqRMQrxRm EJfA7iWFKlmBdvvPFawDSOjP0fJiRretbxDTCRic39srzk1NyO78AJP/wxoi6QQQmcjH RPmA== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=ANa+rBtO; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id z14-20020a170903018e00b001867ea919bdsi8299447plg.25.2023.02.20.11.38.32; Mon, 20 Feb 2023 11:38:44 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=ANa+rBtO; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232721AbjBTTE2 (ORCPT + 99 others); Mon, 20 Feb 2023 14:04:28 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54450 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232903AbjBTTE0 (ORCPT ); Mon, 20 Feb 2023 14:04:26 -0500 Received: from NAM04-MW2-obe.outbound.protection.outlook.com (mail-mw2nam04on20610.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e8c::610]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B0F1A40DD; Mon, 20 Feb 2023 11:03:55 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=EgVTAgi+BvMjNS8x7+bNAsLn5LsX6cjQNXh+5hnm+Wa2fn8GKKuIFg+KsRvICrsi27+6IiB95RWsbp/Nf8Dn00ju0Sitq7VwbSwpGTwvzVPlr8iYF0vdjKnbal+c+UyeskpxU/7DYOTzMmNGUDIlCWwN0Sxy6aSr0onG+LVlKAVXKs7V7ujVyUQVvpIkn9C3gYqpTzo9L2S0Kkb18r2X0yNUfqPPejxYiX/PF9c0C5FDDDZUgJVLi9NDuM6be4k1eU4poKxCHQmFbqB+ws4n6SzzTrW2nNtDl+RDH81x2xDJjoRNSLQVT2jYcRwooNRhhBlL3HU4KxAPCPSR1yLeug== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=n1RRgjOiQpLZ01liN8EP3I2nWld/+bK90dZ8xsXbfg0=; b=TXx94yvyHe00XP83qM9vmdf069XK8xgKi3mu1T0X3c/6QQYJJ4dAqoFdVyp7HegKhlswaEJ92Pn5R9+0uMiE0JjKPpJUprUuKQxgM3tn+2TQbd/XSdxl9LVyvQnTWWcZEnSLDEvdl0bKEDQzQjdey1nFz9icYdfwj3f62KAxsX4+5ibQrEGx6Bvpl/5WnjCKi4j73SAyEvddzGpzu4Zkfjpxup8JNpr9L3q+LAZP9qewL8xalNUDrDIRJ1SYzUczMBXcfwQ2K1uUvSyND1pW9955ufj6VAM8P7rhs6jIVCiSFvQruZXoIS6Ue+3SmIi7AOgcL9AJ5hrFTrBSFoYQzw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=n1RRgjOiQpLZ01liN8EP3I2nWld/+bK90dZ8xsXbfg0=; b=ANa+rBtOjgJFCvgYhsNra63laCUt0BcdCUrUgm7cgdJg42hCv8pgJe+MU4wouA7hslGkEV4yUKNhCrlimR7jSaBYZBfgMcreK8Sa2rAA/RQlWgUVCbspWhhaDRoqlSIrd8RbRuw/Kh9zT9XeCIdM+ekdZHcFnWNbN+rXFpZpfv8= Received: from BL0PR01CA0022.prod.exchangelabs.com (2603:10b6:208:71::35) by DS0PR12MB8269.namprd12.prod.outlook.com (2603:10b6:8:fd::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19; Mon, 20 Feb 2023 18:57:11 +0000 Received: from BL02EPF000108EA.namprd05.prod.outlook.com (2603:10b6:208:71:cafe::d5) by BL0PR01CA0022.outlook.office365.com (2603:10b6:208:71::35) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19 via Frontend Transport; Mon, 20 Feb 2023 18:57:11 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF000108EA.mail.protection.outlook.com (10.167.241.203) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6134.14 via Frontend Transport; Mon, 20 Feb 2023 18:57:10 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:57:10 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH RFC v8 45/56] KVM: SVM: Provide support for SNP_GUEST_REQUEST NAE event Date: Mon, 20 Feb 2023 12:38:36 -0600 Message-ID: <20230220183847.59159-46-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF000108EA:EE_|DS0PR12MB8269:EE_ X-MS-Office365-Filtering-Correlation-Id: 54221cbc-b5c3-4812-b00c-08db137445e9 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: gLmuCbEKzaTuth+0yRZxIwlvWr+NdutP/188OE1HqbeEZ6Vs33rM7IXyRxl/+75fTpA9U5A1sZXOjabmH/d9cNxM51O4E6qErXlt5jWhh4ZxKSaAjqIVWGJOvld5Fgiy95rbzymc4S93aQVi4Hd6vUMSRdJLZXNFEStmte9/YgWYbUOlarPnlrZZ4G76QZG4FkIGNH+jyoZ2RlUn8W0XsH3oI7MrVeUDMc6EBUuFWcRTRshbaa+biHoulSPPz3NokJVlmd5RCSUEfPbGt8/gW2o4yYJii78qek1pL2oYQwOf5IaK55Lr9xsx7jTS2ErTO9a9EjjAngFntFRaUWh4WlVT0EsCicok+z0zun2AhXm30OMGgT46BnsPIPFhxgOPZiNbDfyhDwHkXMgAIBT2klZx6jJ+k+Yul658c8C7qWFke1KVdMLXMTyVNhAxLuCLvCzVCwH9P0KoKral+7kQ7RpauNpN++9uEjeonh01zB5+8JkY4AbFmkHUpVaX0yiM84//4yDkns0gh+UEW+MK6NBk8QourTaz8yKUkqXM6X6QME+mmhlUTw35TUit7C+sunYRtH3NMKy+kTbUvwj5iWHagMW1b/vJnC7aOIL07aX9FXe5qWyA8uj028qliFMhpUVidhTNgO/495f3+aR8hh8SHSrz0USDPXGu56P9PACfwhjwiO3WFVH2ERJjoA7LxUdCUAm+qAlly6ykNdmUEI1wXTyPJnW+oNhmWL3p4ak= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(39860400002)(396003)(136003)(346002)(376002)(451199018)(46966006)(40470700004)(36840700001)(44832011)(81166007)(5660300002)(36860700001)(7406005)(7416002)(86362001)(82310400005)(2906002)(82740400003)(40460700003)(356005)(336012)(36756003)(478600001)(47076005)(186003)(426003)(16526019)(26005)(40480700001)(70206006)(54906003)(41300700001)(83380400001)(316002)(4326008)(70586007)(2616005)(1076003)(8676002)(6666004)(8936002)(6916009)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:57:10.9540 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 54221cbc-b5c3-4812-b00c-08db137445e9 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF000108EA.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB8269 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,SPF_HELO_PASS, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758380083934668065?= X-GMAIL-MSGID: =?utf-8?q?1758380083934668065?= From: Brijesh Singh Version 2 of GHCB specification added the support for two SNP Guest Request Message NAE events. The events allows for an SEV-SNP guest to make request to the SEV-SNP firmware through hypervisor using the SNP_GUEST_REQUEST API define in the SEV-SNP firmware specification. The SNP_EXT_GUEST_REQUEST is similar to SNP_GUEST_REQUEST with the difference of an additional certificate blob that can be passed through the SNP_SET_CONFIG ioctl defined in the CCP driver. The CCP driver provides snp_guest_ext_guest_request() that is used by the KVM to get both the report and certificate data at once. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 185 +++++++++++++++++++++++++++++++++++++++-- arch/x86/kvm/svm/svm.h | 2 + 2 files changed, 181 insertions(+), 6 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 197b1f904567..92179614102e 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -327,6 +327,7 @@ static int sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp) if (ret) goto e_free; + mutex_init(&sev->guest_req_lock); ret = sev_snp_init(&argp->error, false); } else { ret = sev_platform_init(&argp->error); @@ -2059,23 +2060,34 @@ int sev_vm_move_enc_context_from(struct kvm *kvm, unsigned int source_fd) */ static void *snp_context_create(struct kvm *kvm, struct kvm_sev_cmd *argp) { + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; struct sev_data_snp_addr data = {}; - void *context; + void *context, *certs_data; int rc; + /* Allocate memory used for the certs data in SNP guest request */ + certs_data = kzalloc(SEV_FW_BLOB_MAX_SIZE, GFP_KERNEL_ACCOUNT); + if (!certs_data) + return NULL; + /* Allocate memory for context page */ context = snp_alloc_firmware_page(GFP_KERNEL_ACCOUNT); if (!context) - return NULL; + goto e_free; data.gctx_paddr = __psp_pa(context); rc = __sev_issue_cmd(argp->sev_fd, SEV_CMD_SNP_GCTX_CREATE, &data, &argp->error); - if (rc) { - snp_free_firmware_page(context); - return NULL; - } + if (rc) + goto e_free; + + sev->snp_certs_data = certs_data; return context; + +e_free: + snp_free_firmware_page(context); + kfree(certs_data); + return NULL; } static int snp_bind_asid(struct kvm *kvm, int *error) @@ -2693,6 +2705,8 @@ static int snp_decommission_context(struct kvm *kvm) snp_free_firmware_page(sev->snp_context); sev->snp_context = NULL; + kfree(sev->snp_certs_data); + return 0; } @@ -3153,6 +3167,8 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) case SVM_VMGEXIT_UNSUPPORTED_EVENT: case SVM_VMGEXIT_HV_FEATURES: case SVM_VMGEXIT_PSC: + case SVM_VMGEXIT_GUEST_REQUEST: + case SVM_VMGEXIT_EXT_GUEST_REQUEST: break; default: reason = GHCB_ERR_INVALID_EVENT; @@ -3384,6 +3400,149 @@ static int snp_complete_psc(struct kvm_vcpu *vcpu) return 1; } +static unsigned long snp_setup_guest_buf(struct vcpu_svm *svm, + struct sev_data_snp_guest_request *data, + gpa_t req_gpa, gpa_t resp_gpa) +{ + struct kvm_vcpu *vcpu = &svm->vcpu; + struct kvm *kvm = vcpu->kvm; + kvm_pfn_t req_pfn, resp_pfn; + struct kvm_sev_info *sev; + + sev = &to_kvm_svm(kvm)->sev_info; + + if (!IS_ALIGNED(req_gpa, PAGE_SIZE) || !IS_ALIGNED(resp_gpa, PAGE_SIZE)) + return SEV_RET_INVALID_PARAM; + + req_pfn = gfn_to_pfn(kvm, gpa_to_gfn(req_gpa)); + if (is_error_noslot_pfn(req_pfn)) + return SEV_RET_INVALID_ADDRESS; + + resp_pfn = gfn_to_pfn(kvm, gpa_to_gfn(resp_gpa)); + if (is_error_noslot_pfn(resp_pfn)) + return SEV_RET_INVALID_ADDRESS; + + if (rmp_make_private(resp_pfn, 0, PG_LEVEL_4K, 0, true)) + return SEV_RET_INVALID_ADDRESS; + + data->gctx_paddr = __psp_pa(sev->snp_context); + data->req_paddr = __sme_set(req_pfn << PAGE_SHIFT); + data->res_paddr = __sme_set(resp_pfn << PAGE_SHIFT); + + return 0; +} + +static void snp_cleanup_guest_buf(struct sev_data_snp_guest_request *data, unsigned long *rc) +{ + u64 pfn = __sme_clr(data->res_paddr) >> PAGE_SHIFT; + int ret; + + ret = snp_page_reclaim(pfn); + if (ret) + *rc = SEV_RET_INVALID_ADDRESS; + + ret = rmp_make_shared(pfn, PG_LEVEL_4K); + if (ret) + *rc = SEV_RET_INVALID_ADDRESS; +} + +static void snp_handle_guest_request(struct vcpu_svm *svm, gpa_t req_gpa, gpa_t resp_gpa) +{ + struct sev_data_snp_guest_request data = {0}; + struct kvm_vcpu *vcpu = &svm->vcpu; + struct kvm *kvm = vcpu->kvm; + struct kvm_sev_info *sev; + unsigned long rc; + int err; + + if (!sev_snp_guest(vcpu->kvm)) { + rc = SEV_RET_INVALID_GUEST; + goto e_fail; + } + + sev = &to_kvm_svm(kvm)->sev_info; + + mutex_lock(&sev->guest_req_lock); + + rc = snp_setup_guest_buf(svm, &data, req_gpa, resp_gpa); + if (rc) + goto unlock; + + rc = sev_issue_cmd(kvm, SEV_CMD_SNP_GUEST_REQUEST, &data, &err); + if (rc) + /* use the firmware error code */ + rc = err; + + snp_cleanup_guest_buf(&data, &rc); + +unlock: + mutex_unlock(&sev->guest_req_lock); + +e_fail: + ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, rc); +} + +static void snp_handle_ext_guest_request(struct vcpu_svm *svm, gpa_t req_gpa, gpa_t resp_gpa) +{ + struct sev_data_snp_guest_request req = {0}; + struct kvm_vcpu *vcpu = &svm->vcpu; + struct kvm *kvm = vcpu->kvm; + unsigned long data_npages; + struct kvm_sev_info *sev; + unsigned long rc, err; + u64 data_gpa; + + if (!sev_snp_guest(vcpu->kvm)) { + rc = SEV_RET_INVALID_GUEST; + goto e_fail; + } + + sev = &to_kvm_svm(kvm)->sev_info; + + data_gpa = vcpu->arch.regs[VCPU_REGS_RAX]; + data_npages = vcpu->arch.regs[VCPU_REGS_RBX]; + + if (!IS_ALIGNED(data_gpa, PAGE_SIZE)) { + rc = SEV_RET_INVALID_ADDRESS; + goto e_fail; + } + + mutex_lock(&sev->guest_req_lock); + + rc = snp_setup_guest_buf(svm, &req, req_gpa, resp_gpa); + if (rc) + goto unlock; + + rc = snp_guest_ext_guest_request(&req, (unsigned long)sev->snp_certs_data, + &data_npages, &err); + if (rc) { + /* + * If buffer length is small then return the expected + * length in rbx. + */ + if (err == SNP_GUEST_REQ_INVALID_LEN) + vcpu->arch.regs[VCPU_REGS_RBX] = data_npages; + + /* pass the firmware error code */ + rc = err; + goto cleanup; + } + + /* Copy the certificate blob in the guest memory */ + if (data_npages && + kvm_write_guest(kvm, data_gpa, sev->snp_certs_data, data_npages << PAGE_SHIFT)) + rc = SEV_RET_INVALID_ADDRESS; + +cleanup: + snp_cleanup_guest_buf(&req, &rc); + +unlock: + mutex_unlock(&sev->guest_req_lock); + +e_fail: + ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, rc); +} + static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) { struct vmcb_control_area *control = &svm->vmcb->control; @@ -3633,6 +3792,20 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) vcpu->run->vmgexit.ghcb_msr = ghcb_gpa; vcpu->arch.complete_userspace_io = snp_complete_psc; break; + case SVM_VMGEXIT_GUEST_REQUEST: { + snp_handle_guest_request(svm, control->exit_info_1, control->exit_info_2); + + ret = 1; + break; + } + case SVM_VMGEXIT_EXT_GUEST_REQUEST: { + snp_handle_ext_guest_request(svm, + control->exit_info_1, + control->exit_info_2); + + ret = 1; + break; + } case SVM_VMGEXIT_UNSUPPORTED_EVENT: vcpu_unimpl(vcpu, "vmgexit: unsupported event - exit_info_1=%#llx, exit_info_2=%#llx\n", diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 13b00233b315..4a9ffb7e5139 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -93,6 +93,8 @@ struct kvm_sev_info { atomic_t migration_in_progress; u64 snp_init_flags; void *snp_context; /* SNP guest context page */ + void *snp_certs_data; + struct mutex guest_req_lock; /* Lock for guest request handling */ }; struct kvm_svm { From patchwork Mon Feb 20 18:38:37 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59630 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1469238wrn; Mon, 20 Feb 2023 11:11:45 -0800 (PST) X-Google-Smtp-Source: AK7set+/j14Kb7vvc1DS1diaNr3yCdq3ogq6Wj+F1FX/MVybTGCmzS5XgBWqG4jM2orVsIM6CbOg X-Received: by 2002:a05:6a20:2da5:b0:be:bc70:6810 with SMTP id bf37-20020a056a202da500b000bebc706810mr10798297pzb.5.1676920305345; Mon, 20 Feb 2023 11:11:45 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676920305; cv=pass; d=google.com; s=arc-20160816; b=bpg8nnLd6x41eBhEXpqVJor1bgokL73u4umJidQN79A9py3mJadmB7X4/wqUKsYcnn JOydt3T1nIwDUYtojs85liKkBxWS2O1401jrudf+URLc5IJutQkDfzd9gwem4fOZEuVv WtDGLjGM0KWtZ8J36nXaMvDLoxUyRnqPVlldN+o5MjwsSruMK0bJD6gxYcnZ3uFPRBnT dArrUuz4EYtAIBWypXU99yVvLoAVYuJQpS5f2FF0B6Vge4D1M5n4bewmo0MG1QYu3G40 fPkEClxmNWAhQ9t6ZHk9TQNzxA3HpB8iM7DQqaOrkJjKeB9kRcbmAggG8nUsG+2ecBt5 OTNg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=BwVXnDi9jaA4a8BdNgxHpkNnSMn7CrcmD4LD5ZDYAv4=; b=Y+1hS9jQDtnBy34feulb+J+/hMRRYO+gySZ13kY3GffmW19NusQle72nidkTAUBN3S V8vK/JGRO3IlInvady2rp4Hh/19rWZWxPXQ8lQVklmtyU3Pd7sLp1MbhHr5SFKy8kRAV MnbDfnqSTMlc2l7McArhGP3WHBJbfuqIqiMKsl5XQfd7aCVE0sV0YfAVEf4nLFbg5llB Xiu0G4Lg8UyuAUbvKFXPh8ngRU24SNUZ96Mc0Q1fxkz5obIDTjDw9j6Jk3DzVyJeNpzL I2hGKhDj1k0ULH4O7uPl8+O7h4w744rzu9lnU7qm4j1eL86RkGn9wdisHULmhdaFLfxp EZ4A== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=CpdKZCb3; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id q23-20020a63cc57000000b00496b124b645si12556512pgi.226.2023.02.20.11.11.31; Mon, 20 Feb 2023 11:11:45 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=CpdKZCb3; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232918AbjBTTAi (ORCPT + 99 others); Mon, 20 Feb 2023 14:00:38 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48546 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232957AbjBTTAa (ORCPT ); Mon, 20 Feb 2023 14:00:30 -0500 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2079.outbound.protection.outlook.com [40.107.220.79]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D440DCDC7; Mon, 20 Feb 2023 11:00:06 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PDrNglJ0xX+zgLTD59mSx1wmnALZDybesPSuIBlYzitQGXvAdvvCCcdYFxI/6Dr2lhVnqZPn1cE8lnkH/WIES8eTvBbZ3aQicnOKaHB+xiX5vExO+Q/IZMn0q3m2kmXBczxLXBwZHFxY9qjUJ8hGzsd5ft6U7k3ybKEdRqsDqqmBRqjKkrYiif03lKsWS+IagQtZ+ILCgZHdqa3/a9Txa0DbCI87jZDUxDPp/DI7mguVgaqqUFInPv5v9NtSScUQPWkFOcpkd+N0sst7KiezWOU9j7ttkvQgSui8SpvighvQIDorhtntfCLG0wlMgJA7XqGnLwsOM4DjuDiVfbJV8A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=BwVXnDi9jaA4a8BdNgxHpkNnSMn7CrcmD4LD5ZDYAv4=; b=jycO1AGj8yOntyPS8sC7YAhw+aOEiOKNvcSTuMBRzmUFoWOlEK9zywiP1QlpU9jbnmn4I5SyDxVxP0NwUav8UkFD12fRAqC4cbP/NsdzJp9yEYqCLHDDHeHTswY0h/uh1mXheVTdP22bw2mVA2XsAfTh7301UM1wR2PpukZpaDfTYqJ8Tt0h0Wa7SPqLjSMbkomwVmYMftqaP4HcY1KrzLDfoakBQmPg+vb8fkXLK8cdFk7RsohR5klcFyPMotqHPTrBG4kjCi0ZoW5ggohE7gb8CfXlzVpiYn/WYtDC0kdxGBSiqniNESxWhHy87TjHOUZdWQF69XYAWdMAU54nUQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=BwVXnDi9jaA4a8BdNgxHpkNnSMn7CrcmD4LD5ZDYAv4=; b=CpdKZCb3MWz0LJjObZyBRJdvEZt0gYkfYJlOWMtpTp4Y9glzScmTUGFCELmTJOUWaYIYnf0wG8YDWfHrx4wID8R25GvKevV37WOqYz/ncrYkqoYuwMUX/or5Xf1wM3au42yMMz7smX4NHB76n6tOgpnBIqp2blubyTTuQNsaDhw= Received: from BL0PR01CA0019.prod.exchangelabs.com (2603:10b6:208:71::32) by SA0PR12MB4557.namprd12.prod.outlook.com (2603:10b6:806:9d::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19; Mon, 20 Feb 2023 18:57:34 +0000 Received: from BL02EPF000108EA.namprd05.prod.outlook.com (2603:10b6:208:71:cafe::99) by BL0PR01CA0019.outlook.office365.com (2603:10b6:208:71::32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:57:34 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF000108EA.mail.protection.outlook.com (10.167.241.203) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6134.14 via Frontend Transport; Mon, 20 Feb 2023 18:57:33 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:57:31 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH RFC v8 46/56] KVM: SVM: Use a VMSA physical address variable for populating VMCB Date: Mon, 20 Feb 2023 12:38:37 -0600 Message-ID: <20230220183847.59159-47-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF000108EA:EE_|SA0PR12MB4557:EE_ X-MS-Office365-Filtering-Correlation-Id: 84fdfd86-3f56-46c7-f60d-08db13745371 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: ntxKMRTEXGB1icnLd1eH5EPjxNCt3N1sncm2ALlg0usUPaCz4o5e6q/dljRC/kJ7m58BJmThAGPaQr8hZ2adFYBSXfTuDxrqQH39lxIWMmOyC/Rp/40NoDOdJ6JdkSIVhsP2NGvYyPY35Dn0x4YtdWQv+Gb6+RyRpjTZwWxw+ofeYb8zLV2MAcmFWCEbAhgRCUlHKXt7UPFBBWE7dL3qHpY2iu6TvygwTx6r95UBCkWJqxOFYLfk7b0pKjg6vwO46oY9Iy91qjQ1I24prgSNQhcZkmI1/z6TH9p6O9MsFTQPjE5+vudBzdBn04ylArJ3rIMmMmgMczyTJO1QuZkgwKtZ6hgtbFMJpe3T7y8/CVz5g91wAHAucKPEYi1zqvAf+0R/0O3PX3RCHCeFw5X/TC05H2+xtcwTvm2PzOfMaa5HKa1vI2TbXTZzwPO0h065eLCqCwr2snsv3E4OFj7zssfaeP8dW6kO9U5JFd8hgXAeoMIthbsBVuadSS562zE+DgeE7wARCzxEyv1fQwkFWXAWYfA/rpfS3kkoRVHsDa+/9Cl4+Nd9KH4o5leRSRwpy6UsTXAtWmaVpTjuNzMkobCHnri94yNaJeXteHEUeJOWDIMZr7lT9l0it79nuxfGHDUehDHO50+k/0OJ+mUUqbckXfS0MDABGfRnTUg2JlsF2UtY6sDyhSUEUvhBzLfjRpSWSbFgguuU6AwpiXLheVD17QSL7ZFdxxAlPCqbX/Y= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(136003)(376002)(396003)(39860400002)(346002)(451199018)(36840700001)(46966006)(40470700004)(36756003)(40480700001)(8936002)(7416002)(82310400005)(44832011)(356005)(5660300002)(7406005)(86362001)(1076003)(82740400003)(41300700001)(186003)(4326008)(26005)(36860700001)(2906002)(8676002)(83380400001)(316002)(54906003)(70206006)(6916009)(40460700003)(70586007)(16526019)(47076005)(2616005)(478600001)(81166007)(426003)(336012)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:57:33.8137 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 84fdfd86-3f56-46c7-f60d-08db13745371 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF000108EA.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB4557 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758378386051659933?= X-GMAIL-MSGID: =?utf-8?q?1758378386051659933?= From: Tom Lendacky In preparation to support SEV-SNP AP Creation, use a variable that holds the VMSA physical address rather than converting the virtual address. This will allow SEV-SNP AP Creation to set the new physical address that will be used should the vCPU reset path be taken. Signed-off-by: Tom Lendacky Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 5 ++--- arch/x86/kvm/svm/svm.c | 9 ++++++++- arch/x86/kvm/svm/svm.h | 1 + 3 files changed, 11 insertions(+), 4 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 92179614102e..6bec2712ecc6 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3849,10 +3849,9 @@ static void sev_es_init_vmcb(struct vcpu_svm *svm) /* * An SEV-ES guest requires a VMSA area that is a separate from the - * VMCB page. Do not include the encryption mask on the VMSA physical - * address since hardware will access it using the guest key. + * VMCB page. */ - svm->vmcb->control.vmsa_pa = __pa(svm->sev_es.vmsa); + svm->vmcb->control.vmsa_pa = svm->sev_es.vmsa_pa; /* Can't intercept CR register access, HV can't modify CR registers */ svm_clr_intercept(svm, INTERCEPT_CR0_READ); diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index f9ab4bf6d245..745f736d9c98 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -1410,9 +1410,16 @@ static int svm_vcpu_create(struct kvm_vcpu *vcpu) svm->vmcb01.pa = __sme_set(page_to_pfn(vmcb01_page) << PAGE_SHIFT); svm_switch_vmcb(svm, &svm->vmcb01); - if (vmsa_page) + if (vmsa_page) { svm->sev_es.vmsa = page_address(vmsa_page); + /* + * Do not include the encryption mask on the VMSA physical + * address since hardware will access it using the guest key. + */ + svm->sev_es.vmsa_pa = __pa(svm->sev_es.vmsa); + } + svm->guest_state_loaded = false; return 0; diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 4a9ffb7e5139..b6ca6657aa6c 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -198,6 +198,7 @@ struct vcpu_sev_es_state { struct sev_es_save_area *vmsa; struct ghcb *ghcb; struct kvm_host_map ghcb_map; + hpa_t vmsa_pa; bool received_first_sipi; unsigned int ap_reset_hold_type; From patchwork Mon Feb 20 18:38:38 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59627 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1466101wrn; Mon, 20 Feb 2023 11:04:40 -0800 (PST) X-Google-Smtp-Source: AK7set8dRHgFI4DUsPp0FV73Bh4gat3MLrQZTzMPtOmxxTHz6Zkrf0ldkdXCZeRTo3eJCFLQ911k X-Received: by 2002:a05:6402:1655:b0:4ac:b4b1:53fe with SMTP id s21-20020a056402165500b004acb4b153femr2713617edx.20.1676919880312; Mon, 20 Feb 2023 11:04:40 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919880; cv=pass; d=google.com; s=arc-20160816; b=cgPQG4/YQFuh+jvQ4dRRu17Vl0Ym+E4MQgVJjygBZ80O7abwuv0tMbZqNOjBszSzb4 wNWjBMDQ8dzkSg8M/HIkrwwzObd8aafXpHgLRnSWiy1eqWco41TdGkNQjPQnf+km4ADd uXDxEfpWpkun0Be7O6VvlF9q4ygTE0x6qpHFZAeDLWtrjlY2cfTuP/8qRGsXd5FONBx1 2zceRUHR2WS+Lzej3uYETNqmJxuVGRnSmEhVq84KbHxlVuyw4BonERfVYNZf43De6H6v GXNTETd5numQh1ImHtoDGMDw5SzPq2ONMu5vGWHHs4vjkiwkXca9wEALeOFvJ7HfdYPQ ADiA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Z/JaN4o4GcF6leK1nTsDeWGcfPK3zSjcGLL5oef7NBQ=; b=xsZS8AjH6Z/5e68etKvI7008+esPt08UdPsi8G6Sn3pXuC+IvQMKYLCqT1di6O2BNK FcgOjoTtN8X2wxA/nENG48iWMtKRK2x/Fk46ia18PCHjaLJF01Unf6YHKFTuPVCQ/Ijo WRbYSupEY+WxaDm58XMTVkuQDxgWzqxEbiXNECQsUGd8oti84oCJT/QvosEQug8h6KwE himitfP5FUm26p47hP5qy2FOt+SQpTYZIFO2V2teeSNcvLdjj8StTi8y7qXTrjR28VG/ buFTpwX0GZr0ahgrrchJ1Iolf6XtLeeDl37lYY1TqkeyPeAmnxmczpLw1nTdAj9ETRTL 6dZw== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=RZO07Tz7; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id s23-20020aa7d797000000b004acceda66f6si14528970edq.19.2023.02.20.11.04.17; Mon, 20 Feb 2023 11:04:40 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=RZO07Tz7; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232917AbjBTS7e (ORCPT + 99 others); Mon, 20 Feb 2023 13:59:34 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46798 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232858AbjBTS7a (ORCPT ); Mon, 20 Feb 2023 13:59:30 -0500 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2069.outbound.protection.outlook.com [40.107.94.69]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 884AC212AE; Mon, 20 Feb 2023 10:58:47 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=G3/6td9cekTxOFdFxInRjniqfDUphz82Ckwi0T9opZ2Ku2QGL7h0deIDEl/lGl/Yb7QtBlZE5AYu6bYRDlfhuWOnLmvebs6OH3SepFoZmJMKwgSZdhersucsL1fr4iJjfFgYNQKp3cC6+9PT15HoUIq4/v2UuQRvUGCWIuzCevyDkniYR/0D7zhRnmS3dp4l3TF7/bYzrEEUPWyvsfzbtJ2Hc3P67kg4d6L2A6s7WNgIj8bQV4WY9Ul9wDLOgwrBsEiCr7WAJvb2eWPne3+HSmUmg3mtpUSKrDel1HH/PKXJENT65eMJCltNhtVsYJ8ZYmGOn9kbOnc0/GC5dhSZsg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Z/JaN4o4GcF6leK1nTsDeWGcfPK3zSjcGLL5oef7NBQ=; b=MuAHSK6W+GX/Jool9aczJk+rvkUmtR/4P9agd+fhgwPXShq380PCfR/0xRUFTYqqJbJbg3L2n1j/gQf4ARqaKPcPr8ZkmyGOL6WBpm7kCTPQGFO2cYRTKcEkC+1nuwEpIMqxrNRboPyBX8ar0TQYhonozuFvDa3xH/O0fBWYnBebhDUi0BwDVxi9b38LFGbOWkdaNSCc5SFnvaVepM8px//JMyq2/UHOCTLdxMF2vuPXpZIe/PyZwuTwgoo/7G09cadVw0z1RDbS0BJLZK/YxNgmgDI6XI9Zh9e4m2NHdnoXFTOxFBTnqUI5XEtJxe7pQH4cJohgvo2FvqyoRfMU3Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Z/JaN4o4GcF6leK1nTsDeWGcfPK3zSjcGLL5oef7NBQ=; b=RZO07Tz7XYDsbnyPuhvTYo9OFHY3PXKrR5Fm0XYT3aRHn9TcXJyRwHCfAQdVfTLS6z3w4wA5e1QTIz1YM62kTtMwUAkqLOf7/JxwZzYXqHfo2vHv5jL9NVCeO6q2JBrwwKzyrWhHdDXjNgAlQEjMPWH8mBaFzP5TUxc0zF1xT/0= Received: from BL0PR01CA0007.prod.exchangelabs.com (2603:10b6:208:71::20) by PH8PR12MB7349.namprd12.prod.outlook.com (2603:10b6:510:217::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20; Mon, 20 Feb 2023 18:57:54 +0000 Received: from BL02EPF000108EA.namprd05.prod.outlook.com (2603:10b6:208:71:cafe::f7) by BL0PR01CA0007.outlook.office365.com (2603:10b6:208:71::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:57:53 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF000108EA.mail.protection.outlook.com (10.167.241.203) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6134.14 via Frontend Transport; Mon, 20 Feb 2023 18:57:53 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:57:52 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH RFC v8 47/56] KVM: SVM: Support SEV-SNP AP Creation NAE event Date: Mon, 20 Feb 2023 12:38:38 -0600 Message-ID: <20230220183847.59159-48-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF000108EA:EE_|PH8PR12MB7349:EE_ X-MS-Office365-Filtering-Correlation-Id: f9561e8a-d814-403f-9df9-08db13745f37 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: /sivMQrKvsJTGUmIG3kvcy41ETPLPR6Uq+SFttuVWbzASIG0JgPYQe9dV688qAISLV7efVIxyG0hgunIWYGldpHhI9K+w5zphkXZwYBKoz+h7nJG6elKK+thAkpcZeUcsOSfixxb1OC1RWvZb3VlTfeD15I242EsABNfC1Sk3Q+fR10xZpb011iEbbgF/IZ6tV91mQIfrZAFbDAFcR5jQE4wLGVE64Gb20qRTrL5NTp7YJc59o/DxiV4EeX1ljaayLjoUAwMqMzDEgxVIZlIhKOYDiAGCXTeNIxIQDxOQlC9MgOkcUtxeKck77VBdJ0N5xk0zbCoBah9D99+2/RiltozSdamE8PCkw67X1X6uIJBQUGDiEpVVb3tm/wgK3s6l+MsSEdeJ2lYnYuEFvUxiXBFVVKmsRj2JNBcV5hpE8nKewXj1d0EjstFbMUUl2pRdXjBX3NG9S+IptscBRAoHFBfzCbFbaQo0WfTDIODLx9RgxyskjR09V6WrSsZkHbf+PShuUQOhUUJFd33Zn6XV+P08XFjdpiknpZkTvpw+OwYxXQRNtPAUs5QMxdcBkWRTK1hW+vvVYdH6D6oFmqy1PIwE3x3ytVBY5+CAxgWukLryuJE1s17pLa7SNvvHKP9VX+NIrf7Ml95rtzWSzkirg+27/mD8GvQdOiKULTR1sRpWN0op1kFDd4a7yiCN/FIzy4Fvg2sgLB8MRw2H8UWLlQX/7jG5VAEa15ZM82yBUA= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(396003)(136003)(346002)(376002)(39860400002)(451199018)(40470700004)(46966006)(36840700001)(70206006)(40480700001)(40460700003)(6666004)(8936002)(30864003)(83380400001)(7416002)(7406005)(5660300002)(41300700001)(47076005)(44832011)(426003)(86362001)(16526019)(26005)(186003)(1076003)(8676002)(2906002)(70586007)(6916009)(316002)(4326008)(336012)(54906003)(478600001)(2616005)(356005)(36860700001)(36756003)(82310400005)(81166007)(82740400003)(66899018)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:57:53.2984 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f9561e8a-d814-403f-9df9-08db13745f37 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF000108EA.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH8PR12MB7349 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377940618419038?= X-GMAIL-MSGID: =?utf-8?q?1758377940618419038?= From: Tom Lendacky Add support for the SEV-SNP AP Creation NAE event. This allows SEV-SNP guests to alter the register state of the APs on their own. This allows the guest a way of simulating INIT-SIPI. A new event, KVM_REQ_UPDATE_PROTECTED_GUEST_STATE, is created and used so as to avoid updating the VMSA pointer while the vCPU is running. For CREATE The guest supplies the GPA of the VMSA to be used for the vCPU with the specified APIC ID. The GPA is saved in the svm struct of the target vCPU, the KVM_REQ_UPDATE_PROTECTED_GUEST_STATE event is added to the vCPU and then the vCPU is kicked. For CREATE_ON_INIT: The guest supplies the GPA of the VMSA to be used for the vCPU with the specified APIC ID the next time an INIT is performed. The GPA is saved in the svm struct of the target vCPU. For DESTROY: The guest indicates it wishes to stop the vCPU. The GPA is cleared from the svm struct, the KVM_REQ_UPDATE_PROTECTED_GUEST_STATE event is added to vCPU and then the vCPU is kicked. The KVM_REQ_UPDATE_PROTECTED_GUEST_STATE event handler will be invoked as a result of the event or as a result of an INIT. The handler sets the vCPU to the KVM_MP_STATE_UNINITIALIZED state, so that any errors will leave the vCPU as not runnable. Any previous VMSA pages that were installed as part of an SEV-SNP AP Creation NAE event are un-pinned. If a new VMSA is to be installed, the VMSA guest page is pinned and set as the VMSA in the vCPU VMCB and the vCPU state is set to KVM_MP_STATE_RUNNABLE. If a new VMSA is not to be installed, the VMSA is cleared in the vCPU VMCB and the vCPU state is left as KVM_MP_STATE_UNINITIALIZED to prevent it from being run. Signed-off-by: Tom Lendacky Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra [mdr: add handling for restrictedmem] Signed-off-by: Michael Roth --- arch/x86/include/asm/kvm_host.h | 1 + arch/x86/include/asm/svm.h | 7 +- arch/x86/kvm/svm/sev.c | 245 ++++++++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.c | 3 + arch/x86/kvm/svm/svm.h | 7 + arch/x86/kvm/x86.c | 9 ++ 6 files changed, 271 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index 28b01cc7f64d..09b36462582c 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -113,6 +113,7 @@ KVM_ARCH_REQ_FLAGS(31, KVM_REQUEST_WAIT | KVM_REQUEST_NO_WAKEUP) #define KVM_REQ_HV_TLB_FLUSH \ KVM_ARCH_REQ_FLAGS(32, KVM_REQUEST_WAIT | KVM_REQUEST_NO_WAKEUP) +#define KVM_REQ_UPDATE_PROTECTED_GUEST_STATE KVM_ARCH_REQ(34) #define CR0_RESERVED_BITS \ (~(unsigned long)(X86_CR0_PE | X86_CR0_MP | X86_CR0_EM | X86_CR0_TS \ diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h index c18d78d5e505..e76ad26ba64f 100644 --- a/arch/x86/include/asm/svm.h +++ b/arch/x86/include/asm/svm.h @@ -278,7 +278,12 @@ enum avic_ipi_failure_cause { #define AVIC_HPA_MASK ~((0xFFFULL << 52) | 0xFFF) #define VMCB_AVIC_APIC_BAR_MASK 0xFFFFFFFFFF000ULL -#define SVM_SEV_FEAT_SNP_ACTIVE BIT(0) +#define SVM_SEV_FEAT_SNP_ACTIVE BIT(0) +#define SVM_SEV_FEAT_RESTRICTED_INJECTION BIT(3) +#define SVM_SEV_FEAT_ALTERNATE_INJECTION BIT(4) +#define SVM_SEV_FEAT_INT_INJ_MODES \ + (SVM_SEV_FEAT_RESTRICTED_INJECTION | \ + SVM_SEV_FEAT_ALTERNATE_INJECTION) struct vmcb_seg { u16 selector; diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 6bec2712ecc6..b2f1a12685ed 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -779,6 +779,7 @@ static int sev_launch_update_data(struct kvm *kvm, struct kvm_sev_cmd *argp) static int sev_es_sync_vmsa(struct vcpu_svm *svm) { + struct kvm_sev_info *sev = &to_kvm_svm(svm->vcpu.kvm)->sev_info; struct sev_es_save_area *save = svm->sev_es.vmsa; /* Check some debug related fields before encrypting the VMSA */ @@ -824,6 +825,12 @@ static int sev_es_sync_vmsa(struct vcpu_svm *svm) if (sev_snp_guest(svm->vcpu.kvm)) save->sev_features |= SVM_SEV_FEAT_SNP_ACTIVE; + /* + * Save the VMSA synced SEV features. For now, they are the same for + * all vCPUs, so just save each time. + */ + sev->sev_features = save->sev_features; + pr_debug("Virtual Machine Save Area (VMSA):\n"); print_hex_dump_debug("", DUMP_PREFIX_NONE, 16, 1, save, sizeof(*save), false); @@ -3161,6 +3168,10 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) if (!ghcb_sw_scratch_is_valid(ghcb)) goto vmgexit_err; break; + case SVM_VMGEXIT_AP_CREATION: + if (!ghcb_rax_is_valid(ghcb)) + goto vmgexit_err; + break; case SVM_VMGEXIT_NMI_COMPLETE: case SVM_VMGEXIT_AP_HLT_LOOP: case SVM_VMGEXIT_AP_JUMP_TABLE: @@ -3543,6 +3554,226 @@ static void snp_handle_ext_guest_request(struct vcpu_svm *svm, gpa_t req_gpa, gp ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, rc); } +static kvm_pfn_t gfn_to_pfn_restricted(struct kvm *kvm, gfn_t gfn) +{ + struct kvm_memory_slot *slot; + kvm_pfn_t pfn; + int order = 0; + + slot = gfn_to_memslot(kvm, gfn); + if (!kvm_slot_can_be_private(slot)) { + pr_err("SEV: Failure retrieving restricted memslot for GFN 0x%llx, flags 0x%x, userspace_addr: 0x%lx\n", + gfn, slot->flags, slot->userspace_addr); + return INVALID_PAGE; + } + + if (!kvm_mem_is_private(kvm, gfn)) { + pr_err("SEV: Failure retrieving restricted PFN for GFN 0x%llx\n", gfn); + return INVALID_PAGE; + } + + if (kvm_restrictedmem_get_pfn(slot, gfn, &pfn, &order)) { + pr_err("SEV: Failure retrieving restricted PFN for GFN 0x%llx\n", gfn); + return INVALID_PAGE; + } + + put_page(pfn_to_page(pfn)); + + return pfn; +} + +static int __sev_snp_update_protected_guest_state(struct kvm_vcpu *vcpu) +{ + struct vcpu_svm *svm = to_svm(vcpu); + kvm_pfn_t pfn; + hpa_t cur_pa; + + WARN_ON(!mutex_is_locked(&svm->sev_es.snp_vmsa_mutex)); + + /* Save off the current VMSA PA for later checks */ + cur_pa = svm->sev_es.vmsa_pa; + + /* Mark the vCPU as offline and not runnable */ + vcpu->arch.pv.pv_unhalted = false; + vcpu->arch.mp_state = KVM_MP_STATE_STOPPED; + + /* Clear use of the VMSA */ + svm->sev_es.vmsa_pa = INVALID_PAGE; + svm->vmcb->control.vmsa_pa = INVALID_PAGE; + + if (cur_pa != __pa(svm->sev_es.vmsa) && VALID_PAGE(cur_pa)) { + /* + * The svm->sev_es.vmsa_pa field holds the hypervisor physical + * address of the about to be replaced VMSA which will no longer + * be used or referenced, so un-pin it. However, restricted + * pages (e.g. via AP creation) should be left to the + * restrictedmem backend to deal with, so don't release the + * page in that case. + */ + if (!VALID_PAGE(gfn_to_pfn_restricted(vcpu->kvm, + gpa_to_gfn(svm->sev_es.snp_vmsa_gpa)))) + kvm_release_pfn_dirty(__phys_to_pfn(cur_pa)); + } + + if (VALID_PAGE(svm->sev_es.snp_vmsa_gpa)) { + /* + * The VMSA is referenced by the hypervisor physical address, + * so retrieve the PFN and ensure it is restricted memory. + */ + pfn = gfn_to_pfn_restricted(vcpu->kvm, gpa_to_gfn(svm->sev_es.snp_vmsa_gpa)); + if (!VALID_PAGE(pfn)) + return pfn; + + /* Use the new VMSA */ + svm->sev_es.vmsa_pa = pfn_to_hpa(pfn); + svm->vmcb->control.vmsa_pa = svm->sev_es.vmsa_pa; + + /* Mark the vCPU as runnable */ + vcpu->arch.pv.pv_unhalted = false; + vcpu->arch.mp_state = KVM_MP_STATE_RUNNABLE; + + svm->sev_es.snp_vmsa_gpa = INVALID_PAGE; + } + + /* + * When replacing the VMSA during SEV-SNP AP creation, + * mark the VMCB dirty so that full state is always reloaded. + */ + vmcb_mark_all_dirty(svm->vmcb); + + return 0; +} + +/* + * Invoked as part of svm_vcpu_reset() processing of an init event. + */ +void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu) +{ + struct vcpu_svm *svm = to_svm(vcpu); + int ret; + + if (!sev_snp_guest(vcpu->kvm)) + return; + + mutex_lock(&svm->sev_es.snp_vmsa_mutex); + + if (!svm->sev_es.snp_ap_create) + goto unlock; + + svm->sev_es.snp_ap_create = false; + + ret = __sev_snp_update_protected_guest_state(vcpu); + if (ret) + vcpu_unimpl(vcpu, "snp: AP state update on init failed\n"); + +unlock: + mutex_unlock(&svm->sev_es.snp_vmsa_mutex); +} + +static int sev_snp_ap_creation(struct vcpu_svm *svm) +{ + struct kvm_sev_info *sev = &to_kvm_svm(svm->vcpu.kvm)->sev_info; + struct kvm_vcpu *vcpu = &svm->vcpu; + struct kvm_vcpu *target_vcpu; + struct vcpu_svm *target_svm; + unsigned int request; + unsigned int apic_id; + bool kick; + int ret; + + request = lower_32_bits(svm->vmcb->control.exit_info_1); + apic_id = upper_32_bits(svm->vmcb->control.exit_info_1); + + /* Validate the APIC ID */ + target_vcpu = kvm_get_vcpu_by_id(vcpu->kvm, apic_id); + if (!target_vcpu) { + vcpu_unimpl(vcpu, "vmgexit: invalid AP APIC ID [%#x] from guest\n", + apic_id); + return -EINVAL; + } + + ret = 0; + + target_svm = to_svm(target_vcpu); + + /* + * The target vCPU is valid, so the vCPU will be kicked unless the + * request is for CREATE_ON_INIT. For any errors at this stage, the + * kick will place the vCPU in an non-runnable state. + */ + kick = true; + + mutex_lock(&target_svm->sev_es.snp_vmsa_mutex); + + target_svm->sev_es.snp_vmsa_gpa = INVALID_PAGE; + target_svm->sev_es.snp_ap_create = true; + + /* Interrupt injection mode shouldn't change for AP creation */ + if (request < SVM_VMGEXIT_AP_DESTROY) { + u64 sev_features; + + sev_features = vcpu->arch.regs[VCPU_REGS_RAX]; + sev_features ^= sev->sev_features; + if (sev_features & SVM_SEV_FEAT_INT_INJ_MODES) { + vcpu_unimpl(vcpu, "vmgexit: invalid AP injection mode [%#lx] from guest\n", + vcpu->arch.regs[VCPU_REGS_RAX]); + ret = -EINVAL; + goto out; + } + } + + switch (request) { + case SVM_VMGEXIT_AP_CREATE_ON_INIT: + kick = false; + fallthrough; + case SVM_VMGEXIT_AP_CREATE: + if (!page_address_valid(vcpu, svm->vmcb->control.exit_info_2)) { + vcpu_unimpl(vcpu, "vmgexit: invalid AP VMSA address [%#llx] from guest\n", + svm->vmcb->control.exit_info_2); + ret = -EINVAL; + goto out; + } + + /* + * Malicious guest can RMPADJUST a large page into VMSA which + * will hit the SNP erratum where the CPU will incorrectly signal + * an RMP violation #PF if a hugepage collides with the RMP entry + * of VMSA page, reject the AP CREATE request if VMSA address from + * guest is 2M aligned. + */ + if (IS_ALIGNED(svm->vmcb->control.exit_info_2, PMD_SIZE)) { + vcpu_unimpl(vcpu, + "vmgexit: AP VMSA address [%llx] from guest is unsafe as it is 2M aligned\n", + svm->vmcb->control.exit_info_2); + ret = -EINVAL; + goto out; + } + + target_svm->sev_es.snp_vmsa_gpa = svm->vmcb->control.exit_info_2; + break; + case SVM_VMGEXIT_AP_DESTROY: + break; + default: + vcpu_unimpl(vcpu, "vmgexit: invalid AP creation request [%#x] from guest\n", + request); + ret = -EINVAL; + break; + } + +out: + if (kick) { + if (target_vcpu->arch.mp_state == KVM_MP_STATE_UNINITIALIZED) + target_vcpu->arch.mp_state = KVM_MP_STATE_RUNNABLE; + + kvm_make_request(KVM_REQ_UPDATE_PROTECTED_GUEST_STATE, target_vcpu); + kvm_vcpu_kick(target_vcpu); + } + + mutex_unlock(&target_svm->sev_es.snp_vmsa_mutex); + + return ret; +} + static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) { struct vmcb_control_area *control = &svm->vmcb->control; @@ -3806,6 +4037,18 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) ret = 1; break; } + case SVM_VMGEXIT_AP_CREATION: + ret = sev_snp_ap_creation(svm); + if (ret) { + ghcb_set_sw_exit_info_1(ghcb, 1); + ghcb_set_sw_exit_info_2(ghcb, + X86_TRAP_GP | + SVM_EVTINJ_TYPE_EXEPT | + SVM_EVTINJ_VALID); + } + + ret = 1; + break; case SVM_VMGEXIT_UNSUPPORTED_EVENT: vcpu_unimpl(vcpu, "vmgexit: unsupported event - exit_info_1=%#llx, exit_info_2=%#llx\n", @@ -3910,6 +4153,8 @@ void sev_es_vcpu_reset(struct vcpu_svm *svm) set_ghcb_msr(svm, GHCB_MSR_SEV_INFO(GHCB_VERSION_MAX, GHCB_VERSION_MIN, sev_enc_bit)); + + mutex_init(&svm->sev_es.snp_vmsa_mutex); } void sev_es_prepare_switch_to_guest(struct sev_es_save_area *hostsa) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 745f736d9c98..539926b07ee5 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -1349,6 +1349,9 @@ static void svm_vcpu_reset(struct kvm_vcpu *vcpu, bool init_event) svm->spec_ctrl = 0; svm->virt_spec_ctrl = 0; + if (init_event) + sev_snp_init_protected_guest_state(vcpu); + init_vmcb(vcpu); if (!init_event) diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index b6ca6657aa6c..37bd7b728d52 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -95,6 +95,8 @@ struct kvm_sev_info { void *snp_context; /* SNP guest context page */ void *snp_certs_data; struct mutex guest_req_lock; /* Lock for guest request handling */ + + u64 sev_features; /* Features set at VMSA creation */ }; struct kvm_svm { @@ -209,6 +211,10 @@ struct vcpu_sev_es_state { bool ghcb_sa_free; u64 ghcb_registered_gpa; + + struct mutex snp_vmsa_mutex; + gpa_t snp_vmsa_gpa; + bool snp_ap_create; }; struct vcpu_svm { @@ -718,6 +724,7 @@ void sev_es_unmap_ghcb(struct vcpu_svm *svm); struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu); void sev_adjust_mapping_level(struct kvm *kvm, gfn_t gfn, kvm_pfn_t pfn, int *level); void handle_rmp_page_fault(struct kvm_vcpu *vcpu, gpa_t gpa, u64 error_code); +void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu); /* vmenter.S */ diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 0154fc7a28c1..9872217e3a06 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -10501,6 +10501,12 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu) if (kvm_check_request(KVM_REQ_UPDATE_CPU_DIRTY_LOGGING, vcpu)) static_call(kvm_x86_update_cpu_dirty_logging)(vcpu); + + if (kvm_check_request(KVM_REQ_UPDATE_PROTECTED_GUEST_STATE, vcpu)) { + kvm_vcpu_reset(vcpu, true); + if (vcpu->arch.mp_state != KVM_MP_STATE_RUNNABLE) + goto out; + } } if (kvm_check_request(KVM_REQ_EVENT, vcpu) || req_int_win || @@ -12698,6 +12704,9 @@ static inline bool kvm_vcpu_has_events(struct kvm_vcpu *vcpu) return true; #endif + if (kvm_test_request(KVM_REQ_UPDATE_PROTECTED_GUEST_STATE, vcpu)) + return true; + if (kvm_arch_interrupt_allowed(vcpu) && (kvm_cpu_has_interrupt(vcpu) || kvm_guest_apic_has_interrupt(vcpu))) From patchwork Mon Feb 20 18:38:39 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59640 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1479367wrn; Mon, 20 Feb 2023 11:39:03 -0800 (PST) X-Google-Smtp-Source: AK7set88/egfbyPxdvdgM6GROKOmSJ6N8j9G3a+Hyf9xmCEW1A8qxrv21exeaTKC7de49mAPjcOw X-Received: by 2002:a17:902:ecc1:b0:19a:b67a:5bd8 with SMTP id a1-20020a170902ecc100b0019ab67a5bd8mr2465660plh.55.1676921943216; Mon, 20 Feb 2023 11:39:03 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676921943; cv=pass; d=google.com; s=arc-20160816; b=ZuO5pSEBIJRxF1MmGgCIMtkOvZuM2kAn6eD7GbzEfZivmwOqGtLxfRdPgpiI4c7a9s r5Q9A62hqMMXlD46VjGhvmHRESHWIA3teQ3jay1sIg9HRb9iT62HwBP8ojyGi6AJLImD PbRVvKI+V1ZTOAolDmy1uxN8cBHaWeIIQBifJdFY9loPZtcf0m+0TpnbWujymNn4+x+/ W9kEDNB2YqneSJCJCDahdUVZ0K0Gw/QPStE+YCLjckHbFdOgUNbhoSKvSXklhP5fv6s2 2uxzKrfIhrToJ98762LGkjQrQARWFxnfzjl6onNp+DzdHH6slo2OT9m0ewiobJZ5QYkw IyhQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=CwZqp+t05+zsG1Vq05f7ztxd34mOR92w8AyhJ0DMD40=; b=s7lp66gG+yXepQZnPVWJomayl6vXC9xEmTcdqizQmOUbyAQ2nWdZBLgTPAaF80lJD9 //97CpklGW81QoRVMFgQ6q0N+3j+1JFCus8oqkrKjyrvGjcdJVfoWhffWFlLiP8pv4Ci VYwOlVz5jbCUjqwDtjQF/9zlcvhNg8pnI/ly7G090wmi3sw9ZUFihRmtOhQ6Q9SZrsGh GRMeDeLHVYP+iWQ6Hqk65sguNiTyQpoFWpT0o8vIGfMRidFhSAsH9G6VJBGIqb2MKCE1 qpZZ96ZKxE6a9gClq4s7y1lcXPXOAL4bf2tv1aqp2VyLQ/rvQFHnpOYbRYBivwvIwn0I mrNw== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=GZfHlX5E; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id j3-20020a170903028300b001990aae7572si5146531plr.294.2023.02.20.11.38.50; Mon, 20 Feb 2023 11:39:03 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=GZfHlX5E; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232858AbjBTTCn (ORCPT + 99 others); Mon, 20 Feb 2023 14:02:43 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51188 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232968AbjBTTCl (ORCPT ); Mon, 20 Feb 2023 14:02:41 -0500 Received: from NAM02-DM3-obe.outbound.protection.outlook.com (mail-dm3nam02on2062f.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e83::62f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 702E92200A; Mon, 20 Feb 2023 11:02:11 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=CO4iwPjKE80tPuL9lmKCM5mmLO6HYbno7n/ituOTvT2gVHkQANMd8w46IryWQS5luuzAGm/Hr4zoRbDWCRXt/zCGDgrAVI0DT7UPYvjqlThakXsJrBNuwEeuyBHh/RY8mu6/QItTj1cqrAcvdVFMRBAryGfb4hQhnTz8JBw+SazuXS7N0H0H3F2jQ9qyNY6Hne1hMvjVtHxiQ1MAyOTQxEjGwQb+k2O+BntlpxLysa9WSngkJHn6B+CFB/3EswOVrlK+73To80VgIaZezWkqKbs0itded8AMav9+nkSjkIQT97VZIf23CfK05d6QGYQ2zkzs9ovdwFK10ydUhKaT8A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=CwZqp+t05+zsG1Vq05f7ztxd34mOR92w8AyhJ0DMD40=; b=SWuwQchQyY5W0H+mg/T1qnHk7tpH9CEr1CWsrTVIjFRTDrzrqpPf4YS7IDdT08qPP2z0cC7NW5woF8PLcfbLx1UE06mgFpX+euWGnFXvY4d+szj/7qB6x1EpXjtcjvEPUA7t6s4TCJ3TbHF/aVoaEoV9P/mByCd22Tz1Hht2xnrmLqH6NI2zRSCNjlvRVMRZL5Va7npz+rLrlyJL2YxoHM1uEviLs1YdQDMTSUCTGZbKElbiTtVBSxpci29BtzQCpUbSq79ZUkOUdT1EaIcmGwg4SiKwhcgqFynF+S2b06fPSOLZHOP5tK1cHub8nxSkyHxPJASmzkqO/pEwqVVKxw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=CwZqp+t05+zsG1Vq05f7ztxd34mOR92w8AyhJ0DMD40=; b=GZfHlX5EvrGWt1vMCFpgEiJjJxf6LZYxW+1F/tvbbPgKtUOQIsqNCwieNfv1UUboCovFFuSyxW3KpExpm3OAYW8lY7hYjX77rWncS14YvaOQTEA+e0+aKP1+nC33Q8JwsdNXbOz+AWGYLTg21ZgILH/VZtP/p5khO9Bvbzs/+jY= Received: from BL0PR01CA0022.prod.exchangelabs.com (2603:10b6:208:71::35) by DM4PR12MB5939.namprd12.prod.outlook.com (2603:10b6:8:6a::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19; Mon, 20 Feb 2023 18:58:16 +0000 Received: from BL02EPF000108EA.namprd05.prod.outlook.com (2603:10b6:208:71:cafe::18) by BL0PR01CA0022.outlook.office365.com (2603:10b6:208:71::35) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19 via Frontend Transport; Mon, 20 Feb 2023 18:58:16 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF000108EA.mail.protection.outlook.com (10.167.241.203) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6134.14 via Frontend Transport; Mon, 20 Feb 2023 18:58:16 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:58:13 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH RFC v8 48/56] KVM: SVM: Add SNP-specific handling for memory attribute updates Date: Mon, 20 Feb 2023 12:38:39 -0600 Message-ID: <20230220183847.59159-49-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF000108EA:EE_|DM4PR12MB5939:EE_ X-MS-Office365-Filtering-Correlation-Id: bcc55256-0910-4096-d0fb-08db13746cac X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: WBp7NsOjtQRr9r2fumEpdAu2TR9WF4vodunw4ENlL2ILID28X/WPfusVJ37xj3+ktwvUzJe5DP/655UmLFKdVJSlIcWsF16TjWtHGKUVEkWny043koH9hJDr6d0IdnvPe0SHoLbHw4BfNhEyAhSgp39ArmsrNKKfD6EEPMupYkpHZOv7PXCPua6PHZYAu/5T3MtK8b4sqNvMofHg0d/S11Vu8TEbKeLOkihXXz0I86wF71DNWbzYjh1LVijQlGR9cjPZKw1niDGRoDqIEGY+W8lVrROW7SRwz3oOjTDF1WScGjY11i59xfHPitSLgYnfJDjN3o6M1x2cN0JeXjPreqD5A12aOkPavg/TeU9WiLMiQR0DD2PABDKd58TAs1DvOiRoEZa1e9n7G3mTkFOq/XWkZPTMgSdDmbpegjK7SOqlhCnPonTAa488rub51NY1FkoI0S4NCSiNfYTNRUXmtqIMj/3ug1zctR5kHplSAU0wutWTqn6idstZHMIr3z+fZemKhN1J4f5KQinbfdCFwGAnbAljLEUcfW9nDj7RDN3lu6gmOUorYjBCz8ZRPOUs6Y7dKXhCSFUDxSOjl+Nwnflcih3DkM0EUDHMvix+Ai787rblJAxG0ukUCicsCJPEG79NCnEg2G2Veo3dJk3q8zD5r/ryyoLLO4RVG4IK6JpR0B9SmXXXk6NJFT9X2OGDVqbTk3om9EbIWDS/AZVgRRN9p251yCKuK34HB/ZXlNg= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(346002)(136003)(376002)(39860400002)(396003)(451199018)(40470700004)(46966006)(36840700001)(40460700003)(83380400001)(316002)(70586007)(70206006)(54906003)(2616005)(8676002)(8936002)(6666004)(4326008)(6916009)(1076003)(41300700001)(426003)(16526019)(186003)(47076005)(26005)(478600001)(336012)(356005)(40480700001)(36756003)(82310400005)(86362001)(15650500001)(82740400003)(7406005)(44832011)(7416002)(5660300002)(36860700001)(2906002)(81166007)(66899018)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:58:16.0331 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: bcc55256-0910-4096-d0fb-08db13746cac X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF000108EA.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB5939 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,SPF_HELO_PASS, SPF_NONE,T_FILL_THIS_FORM_SHORT autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758380103751286555?= X-GMAIL-MSGID: =?utf-8?q?1758380103751286555?= This will handle RMP table updates and direct map changes needed for page state conversions requested by userspace. Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 126 +++++++++++++++++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.c | 1 + arch/x86/kvm/svm/svm.h | 2 + 3 files changed, 129 insertions(+) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index b2f1a12685ed..73d614c538da 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3381,6 +3381,31 @@ static int snp_rmptable_psmash(struct kvm *kvm, kvm_pfn_t pfn) return psmash(pfn); } +static int snp_make_page_shared(struct kvm *kvm, gpa_t gpa, kvm_pfn_t pfn, int level) +{ + int rc, rmp_level; + + rc = snp_lookup_rmpentry(pfn, &rmp_level); + if (rc < 0) + return -EINVAL; + + /* If page is not assigned then do nothing */ + if (!rc) + return 0; + + /* + * Is the page part of an existing 2MB RMP entry ? Split the 2MB into + * multiple of 4K-page before making the memory shared. + */ + if (level == PG_LEVEL_4K && rmp_level == PG_LEVEL_2M) { + rc = snp_rmptable_psmash(kvm, pfn); + if (rc) + return rc; + } + + return rmp_make_shared(pfn, level); +} + /* * TODO: need to get the value set by userspace in vcpu->run->vmgexit.ghcb_msr * and process that here accordingly. @@ -4373,3 +4398,104 @@ void handle_rmp_page_fault(struct kvm_vcpu *vcpu, gpa_t gpa, u64 error_code) kvm_zap_gfn_range(kvm, gfn, gfn + PTRS_PER_PMD); put_page(pfn_to_page(pfn)); } + +static inline u8 order_to_level(int order) +{ + BUILD_BUG_ON(KVM_MAX_HUGEPAGE_LEVEL > PG_LEVEL_1G); + + if (order >= KVM_HPAGE_GFN_SHIFT(PG_LEVEL_1G)) + return PG_LEVEL_1G; + + if (order >= KVM_HPAGE_GFN_SHIFT(PG_LEVEL_2M)) + return PG_LEVEL_2M; + + return PG_LEVEL_4K; +} + +int sev_update_mem_attr(struct kvm_memory_slot *slot, unsigned int attr, + gfn_t start, gfn_t end) +{ + struct kvm_sev_info *sev = &to_kvm_svm(slot->kvm)->sev_info; + enum psc_op op = (attr & KVM_MEMORY_ATTRIBUTE_PRIVATE) ? SNP_PAGE_STATE_PRIVATE + : SNP_PAGE_STATE_SHARED; + gfn_t gfn = start; + + pr_debug("%s: GFN 0x%llx - 0x%llx, op: %d\n", __func__, start, end, op); + + if (!sev_snp_guest(slot->kvm)) + return 0; + + if (!kvm_slot_can_be_private(slot)) { + pr_err_ratelimited("%s: memslot for gfn: 0x%llx is not private.\n", + __func__, gfn); + return -EPERM; + } + + while (gfn < end) { + kvm_pfn_t pfn; + int level = PG_LEVEL_4K; /* TODO: take actual order into account */ + gpa_t gpa = gfn_to_gpa(gfn); + int npages = 1; + int order; + int rc; + + /* + * No work to do if there was never a page allocated from private + * memory. If there was a page that was deallocated previously, + * the invalidation notifier should have restored the page to + * shared. + */ + rc = kvm_restrictedmem_get_pfn(slot, gfn, &pfn, &order); + if (rc) { + pr_warn_ratelimited("%s: failed to retrieve gfn 0x%llx from private FD\n", + __func__, gfn); + gfn++; + continue; + } + + /* + * TODO: The RMP entry's hugepage bit is ignored for + * shared/unassigned pages. Either handle looping through each + * sub-page as part of snp_make_page_shared(), or remove the + * level argument. + */ + if (op == SNP_PAGE_STATE_PRIVATE && order && + IS_ALIGNED(gfn, 1 << order) && (gfn + (1 << order)) <= end) { + level = order_to_level(order); + npages = 1 << order; + } + + /* + * Grab the PFN from private memslot and update the RMP entry. + * It may be worthwhile to go ahead and map it into the TDP at + * this point if the guest is doing lazy acceptance, but for + * up-front bulk shared->private conversions it's not likely + * the guest will try to access the PFN any time soon, so for + * now just take the let KVM MMU handle faulting it on the next + * access. + */ + switch (op) { + case SNP_PAGE_STATE_SHARED: + rc = snp_make_page_shared(slot->kvm, gpa, pfn, level); + break; + case SNP_PAGE_STATE_PRIVATE: + rc = rmp_make_private(pfn, gpa, level, sev->asid, false); + break; + default: + rc = PSC_INVALID_ENTRY; + break; + } + + put_page(pfn_to_page(pfn)); + + if (rc) { + pr_err_ratelimited("%s: failed op %d gpa %llx pfn %llx level %d rc %d\n", + __func__, op, gpa, pfn, level, rc); + return -EINVAL; + } + + gfn += npages; + } + + return 0; +} diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 539926b07ee5..e2edc4700e55 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -4860,6 +4860,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata = { .alloc_apic_backing_page = svm_alloc_apic_backing_page, .adjust_mapping_level = sev_adjust_mapping_level, + .update_mem_attr = sev_update_mem_attr, }; /* diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 37bd7b728d52..50a2bcaf3fd7 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -725,6 +725,8 @@ struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu); void sev_adjust_mapping_level(struct kvm *kvm, gfn_t gfn, kvm_pfn_t pfn, int *level); void handle_rmp_page_fault(struct kvm_vcpu *vcpu, gpa_t gpa, u64 error_code); void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu); +int sev_update_mem_attr(struct kvm_memory_slot *slot, unsigned int attr, + gfn_t start, gfn_t end); /* vmenter.S */ From patchwork Mon Feb 20 18:38:40 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59628 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1466231wrn; Mon, 20 Feb 2023 11:04:53 -0800 (PST) X-Google-Smtp-Source: AK7set84RDN0CJnuVpLTAviNKWVSboHfH+k3+Ut2s2MNND14DB96432TYDm3Xlk2fYoi815eiItf X-Received: by 2002:aa7:c489:0:b0:4ad:66b:84a8 with SMTP id m9-20020aa7c489000000b004ad066b84a8mr3177716edq.6.1676919893626; Mon, 20 Feb 2023 11:04:53 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676919893; cv=pass; d=google.com; s=arc-20160816; b=LUg1zOA0QBditejJJOoLloCtyvlAfBTjlU2SK91gjoqQoNNr/UNTBV06JcWxDQ1O32 GX0iOZ69nFVwMvihKku75MNXQcuW5LoyX00B0dsrVynp2GOF2pgHsjgKXzCofHxiLjkw 3KES34aiU3RfWUJMh6ramKtGtJV5FmF4zczMTcvf1KRWWPKkAzw+YzbOKZ9fvSmwrHZr /8KLtfiIE5XS9Xe2STgcdcHnKJVDYjUr9SdMpFhNU4vGn9Vbbb7Ij1uTGTvdHLz+zJAG ZsiO4qyuimPyuPr0Afpux+noX+Ccn4XNUkmvH+9RbX36eZCOXz3M7Qk7nQ5Bc52a2sJI El/g== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=d9dPtb0J/B6n406AfrJg339OIKYCnCNwo7m/uhWDMfY=; b=0JqzmXr6sUHpnl2rf7ypFslJ2eWNPB5f9OvOp6O8Kuv0l0EpPzn3uQzFhiX5KAqU86 F+J615PumMmXPJCA3OaccAiO7Z5Nqb+K0sYnLEOlA/QinYeP/FAbbkS0WcMsMkG00/gK CYQgs3UxnmTe8z/Im3C9fKpfe8JCzUsABJ5TCt9p2axkYoghNP3bing+ehlOwSlfd+74 ZWviSQ4wD0c9cHx20nEZCdD4eIVGmyGnRE+wg8TuDUeDZjEP93xSzvzv91IpX9/Vgfxr yr8HNbADdi9iYnLZnO9xH4nZ+Rmvz6cYNTDz6QujUmgQ+IS9KYVmZzVSjqOjsVZkYk29 h8hQ== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=MCpI3e1W; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id e17-20020a056402105100b004aee5f2a56dsi2353485edu.471.2023.02.20.11.04.29; Mon, 20 Feb 2023 11:04:53 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=MCpI3e1W; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232944AbjBTTAO (ORCPT + 99 others); Mon, 20 Feb 2023 14:00:14 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47976 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232911AbjBTTAM (ORCPT ); Mon, 20 Feb 2023 14:00:12 -0500 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2076.outbound.protection.outlook.com [40.107.94.76]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C7B2B1E9F5; Mon, 20 Feb 2023 10:59:37 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=TLV3QQsEGZSu8710w2osmcV4RHcw2UgPGml7vwAorec4dyGcVoMFz+ERVqw5ryGa1PkMTr7znLv5dlBEKGoI4HW2X6FCmPsctFlpygzMwApuV/Qc5gj27/p1GzRh8U056X5xEW8yKq3r9FB3QtLoLtIaGgA0WUzTTvkUzbODKjGikN7yudCF5qIrPSU/Kk4rMQdPKZuG/jg/y05yfk5wzcmYcqVcNOr58BaPbWaX+pCEYbqYKmVYg8mhSyA9pJ9Qu2nTkwJU7uKWV9va4MkAKqC6JRXVkCy+2klAmHTGKqofPlsrEvo7147e3SV79167D3o/RE9SAjvZMCuiZueBag== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=d9dPtb0J/B6n406AfrJg339OIKYCnCNwo7m/uhWDMfY=; b=UmAd5w/a+zj2LcI890mdC8xgGIqNs8NcNryEFeldtQXc7VbCEAaoVoXW4mIUb7goc97S6fU34S2kXx2vzRtkwJvu8K5P9nYiU+bQIg+a1+SfjMlpPxvSwXNwoZCKalrz0n9tNpGCSK3zabE0gW8/kDbsZJwAFoJlX9RgTOIbDoNvaOoSseYcDplLcWPOqX/TqQTETKSpE4Q+vvuR8/JgMdHNklfouuMF/y5gwwNsvzzhW5JRtNhcorYalAvEHWy5T+oZu+cAQSWwGzShGdWCv6I2CAeMaZBdyLNypkdMAnX7ZI77tmqUFv4vb2T2Cl9V1/Lf1OiyOPV05RVjpuF11A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=d9dPtb0J/B6n406AfrJg339OIKYCnCNwo7m/uhWDMfY=; b=MCpI3e1WmlGp5o3G5hOLQwYy58HQ81kP6avyRb3xtqyJFOLwuKr71uasLywu7+Ok6Bxa7BKQ0jjxe7+4SZbhXGZAUi+Fyj8GghV5tr7+VhqZ7JNuZ6SihzpvAbFlmVMu2B8tfrnDQdBW2HrftK+iVezGJhEJu1ogiOgX1Kfl2fg= Received: from MW4PR02CA0013.namprd02.prod.outlook.com (2603:10b6:303:16d::13) by PH8PR12MB6963.namprd12.prod.outlook.com (2603:10b6:510:1be::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20; Mon, 20 Feb 2023 18:58:35 +0000 Received: from CO1NAM11FT013.eop-nam11.prod.protection.outlook.com (2603:10b6:303:16d:cafe::1) by MW4PR02CA0013.outlook.office365.com (2603:10b6:303:16d::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19 via Frontend Transport; Mon, 20 Feb 2023 18:58:35 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1NAM11FT013.mail.protection.outlook.com (10.13.174.227) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.21 via Frontend Transport; Mon, 20 Feb 2023 18:58:35 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:58:34 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH RFC v8 49/56] KVM: SVM: Implement .fault_is_private callback for SNP Date: Mon, 20 Feb 2023 12:38:40 -0600 Message-ID: <20230220183847.59159-50-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1NAM11FT013:EE_|PH8PR12MB6963:EE_ X-MS-Office365-Filtering-Correlation-Id: a626403f-4abd-4245-6a54-08db13747814 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 3xsTmTtwZ3Q/QLmceQLkWyD+sMYUrSej4eqJpbsjCTCgYmGIgp+UT3HnpbWytpaIUWo1AZQHbUaRX/Ou2fe383JrK9NCpYa8ku0G70oT2lIPw0J/pkh4d5QjVOfpVHd2UqrTGAI8uu2l6P0zYYAXtGGl1lPmozORWBwiqaCwOJ4vwQj5Z08ebbLm/oa4pqHWWGVsOlb8FMRskLyWQBhveWtISfHInADI0vXuex8FDw5TupECKbhnXLsGX2qgN2PQqXjAIbwfdRBpT+bEyj7RKYxIr3p2VWu+Eub3MGsEH9MsoCr6MXmgeckOr7aLFA/kraaWuydECTARYWE0w8jWkn9Dzb0hpQyORYI+ox1KpFDu0Wtq/L6PjX2Mghj5QIdDCVE1RGfmQ83Qr9E4oiHIRnEh1RIbO0f8VQWF/ix3M+DKU2xWrPJBZv8XhJ9ryicyPTlt/Lj+2ik4euHDtojYujG7c3onX11F9Y0fqL/lRHJBiYYG70zJ5Q02p2p3w++mS3QYpiE198zRARphm16Ok9xRKrPfPCszVzeIBZLnDCQSohvksTFKYjDaCixw5gol0xWk0CnjT/0XlsO6IPO9pTFzVN9aAmxxixw6f3nUTZ+xFN5oUpAdlfi5DSIWYqon+IQtDeLSc/IR5Df9t4I0d4tFu1tlf6PQr9E+mkWdm0xAqmQ5HqsHmQErrCt9GK7qK48ywfFfBRCWDuNcVyzfrSJDuiqYIj2tMG0gzryqeQouDaiharWPfn79/tyHbGUmTs9UOgC+A9LcpT4MPQfi2A== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(136003)(346002)(396003)(39860400002)(376002)(451199018)(46966006)(36840700001)(40470700004)(7406005)(7416002)(2906002)(44832011)(8936002)(5660300002)(47076005)(36860700001)(426003)(83380400001)(36756003)(6666004)(16526019)(26005)(2616005)(1076003)(70586007)(186003)(81166007)(40480700001)(356005)(86362001)(70206006)(40460700003)(41300700001)(82740400003)(6916009)(8676002)(4326008)(478600001)(316002)(336012)(54906003)(82310400005)(142923001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:58:35.3076 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: a626403f-4abd-4245-6a54-08db13747814 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT013.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH8PR12MB6963 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758377954471888059?= X-GMAIL-MSGID: =?utf-8?q?1758377954471888059?= KVM MMU will use this to determine whether an #NPF should be serviced with restricted memory or not. Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 10 ++++++++++ arch/x86/kvm/svm/svm.c | 1 + arch/x86/kvm/svm/svm.h | 2 ++ 3 files changed, 13 insertions(+) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 73d614c538da..7a74a92cb39a 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -4499,3 +4499,13 @@ int sev_update_mem_attr(struct kvm_memory_slot *slot, unsigned int attr, return 0; } + +bool sev_fault_is_private(struct kvm *kvm, gpa_t gpa, u64 error_code, bool *private_fault) +{ + if (!sev_snp_guest(kvm)) + return false; + + *private_fault = (error_code & PFERR_GUEST_ENC_MASK) ? true : false; + + return true; +} diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index e2edc4700e55..18e4a6c17d11 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -4861,6 +4861,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata = { .adjust_mapping_level = sev_adjust_mapping_level, .update_mem_attr = sev_update_mem_attr, + .fault_is_private = sev_fault_is_private, }; /* diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 50a2bcaf3fd7..97038afa8020 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -728,6 +728,8 @@ void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu); int sev_update_mem_attr(struct kvm_memory_slot *slot, unsigned int attr, gfn_t start, gfn_t end); +bool sev_fault_is_private(struct kvm *kvm, gpa_t gpa, u64 error_code, bool *private_fault); + /* vmenter.S */ void __svm_sev_es_vcpu_run(struct vcpu_svm *svm, bool spec_ctrl_intercepted); From patchwork Mon Feb 20 18:38:41 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59642 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1479711wrn; Mon, 20 Feb 2023 11:40:00 -0800 (PST) X-Google-Smtp-Source: AK7set/JNlH5/wzyAHtfKoliuewuph+oRBekgGkU6eZgU71orOfABk4nG28wlXDJpKwGHyrY4QvK X-Received: by 2002:a17:902:fa0f:b0:19a:c229:70c1 with SMTP id la15-20020a170902fa0f00b0019ac22970c1mr3224149plb.53.1676922000712; Mon, 20 Feb 2023 11:40:00 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676922000; cv=pass; d=google.com; s=arc-20160816; b=DQu89sNAE53Zt5aYTZ79mI4dwdDc3gQ4nYCQi5VvaPoZY8MnKw0az/c2s4WLTx/q5f dMKwTD+xxenhYp2Gz91v/ZjmubSAs5KVwzL28Swhp9tuW0jQ25c3M6K2/hZOqDB1r5WN Kqjr10rPM35qZ1KrPm75UYlT4+abbqEu1Rt9l/eZcGp4Ccs4yL3BKRzdON+lfVaJN1jl xowiql4vxz9YW/ELY5OxqKi6GmOdz0bGXLCEQJrjFPzJ6BuA+99x+3f0SPVMYNZDOTr4 mgYzzoksyNvxdOjVnOBkXAgin+sdSe+YuoqrRq/7rpiRKuOULs96j7CTnpruiShEtf8x Hebw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=KnSphTWBNbwGmWsTY+YjMyKJE+TqSxm46nIWpnun/yg=; b=k71HVUYbBabz0nCpqMG6EpkaZ7DQ5Ptvu10Mgdt/xZ0F1Q9XMFJHyE65fxIzvM1qQt FNcpR6wGb4Ku9e8hEi2XW7kIJTzu8umH00iMp653eUePMDqgwaT5P5SGYpbXgsGjXRQB cCgEveNYS8M3WOTlmkz9MEIZ0Xwfz3fOMg7GaLvDaYI3jZfL/0kJAW8ZBUEiNnwkrhwM lqn4KCOOXGh4s/36Vce5NJxCL+e5qaGQDVgkHJPaVJNSV7RPXq7O18LzbZivCCXVT9fc vk7n9GIMYXjQfZyKeJ3OdRweNZYrJuCPKR/hw9Xb6GUcyAR+az9zPpxHINYtRPuIYepi xOXQ== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=PjZObEk9; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id 69-20020a630048000000b004f83b89ae67si4002596pga.384.2023.02.20.11.39.48; Mon, 20 Feb 2023 11:40:00 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=PjZObEk9; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232947AbjBTTA3 (ORCPT + 99 others); Mon, 20 Feb 2023 14:00:29 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48340 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232950AbjBTTA0 (ORCPT ); Mon, 20 Feb 2023 14:00:26 -0500 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2040.outbound.protection.outlook.com [40.107.236.40]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3113E448E; Mon, 20 Feb 2023 11:00:00 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Bx/oVMYN50rwy3n67GbfW0YlvimcydZ7aJJLylq1zAnU0fCFuqutyFn7EM34bT2z3bP0M/5y1RCDtbQK1CJ0uRYNoNF1F12zsL9nIxTjZXHyMm9r8cpI2rcfOr2hXI5iYG7KXDN0xY6l/Uxzl4aOzHhceoZ2Py0axp19HyGgMYNkAUAoG34Cm+sq8GguQOeFKVeKFm47qPJYoeUh+k0DHo8PXCWm1yz3Omqw1iKLmzxLF2msp98jwXTGmSYN6hqTb6nO34VjmMoQQZclDuswI6JUxSxADBSEnfc1fqgCWCSPm0npSBkdi32NAlZjoVh4dTkNsBwKXEABAoGOXowmXg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=KnSphTWBNbwGmWsTY+YjMyKJE+TqSxm46nIWpnun/yg=; b=gq9IIMntuMVcdGcvKHW/WnpqXmniggtgmlNqcRkoZNF58usVdSWeqHQwrVGYothUjWuImuqpN0bPnts4IlF2A12TCT38WvjOgQLWn0oJ9pHFlMyiLU/+XVLxGlhqxm8gQZ6YMKN8BJunYyIBrU27kxj9VxNyPq6f4n6KnwWDkV9qjvNu7u7tUVBBoaGnZJYwo0l6+D7yRMqjbDexs0f0nDg+l+Ahg35biTLAyDmTckt185ImJBUefmsJJlDn3YKMTehrmyZoceCumVE7sbIvLZQmDRLDsX55qh++gk6iMMI0T8beDU0gThyRvdWtE++d3ivVnUuQm5JGgQwG7xk3TA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=KnSphTWBNbwGmWsTY+YjMyKJE+TqSxm46nIWpnun/yg=; b=PjZObEk981RiCaSHEjid0Bo4fifOIg4o1ZlsQ9aK+4RFjEvhnSMsbEvM2ldcOHwkhDWCtINK52Y1vwtLa4scdMNPb8emWi0GQM0PSWGDpJahfiGjA7b8vpt/r+MxliDjlp0wpXfVPEjop/fP4AnW43is0p4UcsbSml+6OEJ2R3E= Received: from MW4PR04CA0135.namprd04.prod.outlook.com (2603:10b6:303:84::20) by BN9PR12MB5036.namprd12.prod.outlook.com (2603:10b6:408:135::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20; Mon, 20 Feb 2023 18:58:57 +0000 Received: from CO1NAM11FT086.eop-nam11.prod.protection.outlook.com (2603:10b6:303:84:cafe::61) by MW4PR04CA0135.outlook.office365.com (2603:10b6:303:84::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:58:56 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1NAM11FT086.mail.protection.outlook.com (10.13.175.73) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:58:56 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:58:55 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH RFC v8 50/56] KVM: SEV: Handle restricted memory invalidations for SNP Date: Mon, 20 Feb 2023 12:38:41 -0600 Message-ID: <20230220183847.59159-51-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1NAM11FT086:EE_|BN9PR12MB5036:EE_ X-MS-Office365-Filtering-Correlation-Id: 2077a6bc-7a03-445b-49e1-08db13748497 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: tciTx6DkaeYjeG1TlzwJW1Ucx4P+B9OZk3Kq7MbMYnhNfXViEKkZT/wGz/LwFgjB/vZvZ8LuKOU91vFqBBZfz1eFIQkKfcTsnGTOcWHZvJ/Jtgo6aoJJRq0S468GJN+YwwGApRoeSfPo9K6OlXmiHzHAgyirNJeS4gb97MBi0QsfzqhNTWhVhX+lrw30kWXBiGXrg6+e7mSKnJ6CiOw9V8w7d0fM3hkADuNZgHnhhqYgLDE/nf+2Aow8sp1XnFiU1YE1mYNlG8rcN6/eU8UbqNmpiMQZr/BfjSIcFSx2ZGNplhAoYF3fpDZnUPRoTUUB2vc1VwtTCRJXNOtZnBXRQbWOWY56LHiYOeznHE2Z9g67kpWv4+9GdJiimf1IcJCKjXn+LkpgphNPANq4NKtojuaLA00AU/UMoftWR+H8Yyc7m6uqKQOnagWC8heNISNMF6LtXT/mUixCwSTI6IRlw9DpOKB8ESMbHmoRdnTq+7o39xfPhueqtsw9RxopMv51sTPevOrgt4cRsqX1wRV8Bh6FgdSohMc5VMmH0Po22GZFzL67i+3+vkzyGRq66kO9+30afs4sA5pXycg9dTwhgAPF5sFz7nduY+12QE85oNvky4QgDw37N7lHcMRn5HdSEK+EZHlNsXL8ganRRy2Airw9k9OZNHd6KsTRgyM4CNWB/CskurNJRe6M0qKTHw/+cJ2QnoE2BtAgDhejfLAxVw3WpCm3IPwBvNZ/ildkIf8= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(39860400002)(136003)(346002)(396003)(376002)(451199018)(40470700004)(36840700001)(46966006)(8936002)(2616005)(36860700001)(7406005)(7416002)(5660300002)(336012)(4326008)(47076005)(82310400005)(8676002)(86362001)(70586007)(70206006)(6916009)(83380400001)(36756003)(54906003)(426003)(40480700001)(478600001)(316002)(40460700003)(41300700001)(26005)(186003)(16526019)(82740400003)(356005)(2906002)(81166007)(6666004)(44832011)(1076003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:58:56.3136 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 2077a6bc-7a03-445b-49e1-08db13748497 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT086.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN9PR12MB5036 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758380163832438294?= X-GMAIL-MSGID: =?utf-8?q?1758380163832438294?= Implement a platform hook to do the work of restoring the direct map entries and cleaning up RMP table entries for restricted memory that is being freed back to the host. Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 62 ++++++++++++++++++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.c | 1 + arch/x86/kvm/svm/svm.h | 1 + 3 files changed, 64 insertions(+) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 7a74a92cb39a..bedec90d034f 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -4509,3 +4509,65 @@ bool sev_fault_is_private(struct kvm *kvm, gpa_t gpa, u64 error_code, bool *priv return true; } + +void sev_invalidate_private_range(struct kvm_memory_slot *slot, gfn_t start, gfn_t end) +{ + gfn_t gfn = start; + + if (!sev_snp_guest(slot->kvm)) + return; + + if (!kvm_slot_can_be_private(slot)) { + pr_warn_ratelimited("SEV: Memslot for GFN: 0x%llx is not private.\n", + gfn); + return; + } + + while (gfn <= end) { + gpa_t gpa = gfn_to_gpa(gfn); + int level = PG_LEVEL_4K; + int order, rc; + kvm_pfn_t pfn; + + rc = kvm_restrictedmem_get_pfn(slot, gfn, &pfn, &order); + if (rc) { + pr_warn_ratelimited("SEV: Failed to retrieve restricted PFN for GFN 0x%llx, rc: %d\n", + gfn, rc); + gfn++; + continue; + } + + if (order) { + int rmp_level; + + if (IS_ALIGNED(gpa, page_level_size(PG_LEVEL_2M)) && + gpa + page_level_size(PG_LEVEL_2M) <= gfn_to_gpa(end)) + level = PG_LEVEL_2M; + else + pr_debug("%s: GPA 0x%llx is not aligned to 2M, skipping 2M directmap restoration\n", + __func__, gpa); + + /* + * TODO: It may still be possible to restore 2M mapping here, + * but keep it simple for now. + */ + if (level == PG_LEVEL_2M && + (!snp_lookup_rmpentry(pfn, &rmp_level) || rmp_level == PG_LEVEL_4K)) { + pr_debug("%s: PFN 0x%llx is not mapped as 2M private range, skipping 2M directmap restoration\n", + __func__, pfn); + level = PG_LEVEL_4K; + } + } + + pr_debug("%s: GPA %llx PFN %llx order %d level %d\n", + __func__, gpa, pfn, order, level); + rc = snp_make_page_shared(slot->kvm, gpa, pfn, level); + if (rc) + pr_err("SEV: Failed to restore page to shared, GPA: 0x%llx PFN: 0x%llx order: %d rc: %d\n", + gpa, pfn, order, rc); + + gfn += page_level_size(level) >> PAGE_SHIFT; + put_page(pfn_to_page(pfn)); + cond_resched(); + } +} diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 18e4a6c17d11..3fe5f13b5f3a 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -4862,6 +4862,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata = { .adjust_mapping_level = sev_adjust_mapping_level, .update_mem_attr = sev_update_mem_attr, .fault_is_private = sev_fault_is_private, + .invalidate_restricted_mem = sev_invalidate_private_range, }; /* diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 97038afa8020..857b674e68f0 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -727,6 +727,7 @@ void handle_rmp_page_fault(struct kvm_vcpu *vcpu, gpa_t gpa, u64 error_code); void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu); int sev_update_mem_attr(struct kvm_memory_slot *slot, unsigned int attr, gfn_t start, gfn_t end); +void sev_invalidate_private_range(struct kvm_memory_slot *slot, gfn_t start, gfn_t end); bool sev_fault_is_private(struct kvm *kvm, gpa_t gpa, u64 error_code, bool *private_fault); From patchwork Mon Feb 20 18:38:42 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59633 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1470761wrn; Mon, 20 Feb 2023 11:15:56 -0800 (PST) X-Google-Smtp-Source: AK7set8t8JuqpYYQsu/V/zoV5gRu6K0V8Ja21Hk0od4e62Yrt93q+T2c2Jzq7QMva5KpT0zIeUvV X-Received: by 2002:a05:6402:12d9:b0:4ad:71bd:67c9 with SMTP id k25-20020a05640212d900b004ad71bd67c9mr3142562edx.25.1676920556791; Mon, 20 Feb 2023 11:15:56 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676920556; cv=pass; d=google.com; s=arc-20160816; b=l+WgnGayWAPr8cBD1GDMTk/ptgk4wgiDrt1NZ+yrY4y0iHJ2ngDCTZFkJLKMosp46A 6ey6CbXWb9C7lqaMTPSBjfBD7Q1FNkvRtR5p0bMYN1iO9SqWCg4jrBrv3pIJjmIWvLzk 0m73E6FT7J9kAJPXvLPKSI/7Vl7304dQ1OM3FLlupfkzO2OKVGKgzEguIWxAbCiOInjY FDyCQNMEKmMEOIM4MV+K1KKPX+eKPc0FS0inqTyL+wGKa8V1eKrysmcVSeULnBQ3nFYT kbJ85g0RSroIfZ1Wv4TWc+CGus5mg8l6R5TjrzelPalUoJisJU2OUNr7YGqK2TrFcmem Lmuw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=AnmyPryN/heSuGOFY8VRmqMvbLRbxeGy7ersAZFqHrs=; b=b6j8yBizULdHsueRIk5osapZOaFzERmb2lodo6yGm8nDk4wMixS9YSt3TjgiNbVfLa RwG82KRzquwR9rWl1+tQ3I3amRs1ZGvYxB5ALFSa+fCfrrgxFHLHZsHbI0aBdXZaMvo2 ZESLpPFRrZVQH/cIrZ5iPj87uq+Scq4G4/pokrVJLa0RL1pCu5c6WhISzMH6b4ExsVKe CUXjoTIZ5dubNoSj6gXICkUty2Kz7NFz9J7262V4u8xhcUom9XxJ7uh8lspuUbPGK5Y3 N7BMXWrUIwNMn9X+Id6BivlaSUt5bMq0PV7IxaDATh7DEQUh1XmG7rydkRK8HOnxfGxe xuVw== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=3CBYj510; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id u19-20020a056402065300b004acda4c9666si15643465edx.225.2023.02.20.11.15.34; Mon, 20 Feb 2023 11:15:56 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=3CBYj510; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233085AbjBTTFu (ORCPT + 99 others); Mon, 20 Feb 2023 14:05:50 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56700 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233068AbjBTTFs (ORCPT ); Mon, 20 Feb 2023 14:05:48 -0500 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2051.outbound.protection.outlook.com [40.107.243.51]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 56D9E21976; Mon, 20 Feb 2023 11:05:20 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=W2aenU3s6cZD5hVCPjgOAoPTP2W6rpwaGeyZr83O6oQmUVFM4kuTcJt6HKSjhWX19hO2dOBfdpmMSgPqyTn1t9RLJfARFZkvE0tUH0IgceK6WT8/8FSNFBTDM4zf/0vSqxfTZPxzRjBT2vD7VbgpMhddkYyojjzbKs/v02IDznlB/U0zvsHWvdjuIsg18WXdDlMuFE+a87dYKnwvSGToljI8gdvNPXYaaE35T/eOdMlxsh+DioN0OvoR3H0l0wspm8veTfneXVA+L5N0Yldz8MLjTNkAfdA/i7IJ9kna610n9upu7pSsuTebYMNf7X+Dzev8Zi7jYu8lLZ3X8EaNdw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=AnmyPryN/heSuGOFY8VRmqMvbLRbxeGy7ersAZFqHrs=; b=cyK72mdA3W40+GoElJkksYkV12Nto+lYHLiMJ/ICUDyoEJ3KVjyZg/NuIXRcNbHoaUuYSxNC3+mBGGy8D1gC7glvcPb765MhP4FyhqAlJR9daQ37SRiCFf2iRrkO8gwuhtWypydJZDHimaFDeTwAG4VwAXG7w0oc8Z7C7A0TpA9T03/AvGIxpmqHqA5J5k92Zbtm16uGEtIMccecPPbKsWjD/jUUeK5mQqbGtxfC/jC5u0HdBGdjrfF79MVf5SlE0w1UwbiSA4qaOrUZEUS74Vr1o0hEaP3dmKtR8Xq979/6OjULjQ+j1q15EstqVgmHLviXERNvZeGS7hN8615DUg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=AnmyPryN/heSuGOFY8VRmqMvbLRbxeGy7ersAZFqHrs=; b=3CBYj510JB/Xi9kZ6Rl3hpwED5tzOJQUeTWTpyiRgMGVC9uF5d1tQ9FoovDjnYQG9HiisJNLUy1rFsklT2loKSWjAYNcQOh7pWeh/EL6jWbxpvvI70zyxICUQbEl4tuv6/k+MZrf4Rr5YyL+RTa9h2Udlzd/jh8F5zwGLo6Br4Q= Received: from BL0PR01CA0014.prod.exchangelabs.com (2603:10b6:208:71::27) by SJ2PR12MB8112.namprd12.prod.outlook.com (2603:10b6:a03:4f8::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19; Mon, 20 Feb 2023 18:59:44 +0000 Received: from BL02EPF000108EA.namprd05.prod.outlook.com (2603:10b6:208:71:cafe::65) by BL0PR01CA0014.outlook.office365.com (2603:10b6:208:71::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 18:59:44 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF000108EA.mail.protection.outlook.com (10.167.241.203) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6134.14 via Frontend Transport; Mon, 20 Feb 2023 18:59:40 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:59:37 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH RFC v8 51/56] KVM: SVM: Add module parameter to enable the SEV-SNP Date: Mon, 20 Feb 2023 12:38:42 -0600 Message-ID: <20230220183847.59159-52-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF000108EA:EE_|SJ2PR12MB8112:EE_ X-MS-Office365-Filtering-Correlation-Id: 52d75de6-2d76-454e-aea0-08db1374a0ee X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: sTe4xAMoq5qs8YNKgQysFoV6mcA4pIKYsNbhB2cFfiIcPw1x9RKRny+Z0hBatdIf5FTLLRcg5W3wDysgVBdYh1lfTi7F6Fs1nIN+tNkGEI7oppP90DgN0+cbjwYXpGkHSyL2IuypupiJIqHW/vn4uTd26PcIBsW1dW/BIeuj47sIAeDxq7r07GE39CrjJY5dE4KA6u6gSpX3EISmF4BJj1OlZIzsOH+J7dEAKgy0Rz2QpDHH8BLdg1EkuWLVuQ5YkyYqzo0TH8tjs7Hq1/STP0quYMEHxvXJMe4eGnympgGX4dsIbHhDzgR0PtjQAhYsBwRKzqmEj+tqYYF8OrxmXgVM4Fav1RC5OGt1CvMVveBnmonxPe7lo3p9idQx/jjiuDONs9bFaoEEI9SB1hDsXG1u0eCT3sqz32timjJHqipHfV2AH1w5sUaxhmBut+pCCtWe+Sb7JnSRSKg8NxD6qhjL3lRuT5CVA+/bRTPJn6JKzXK6ZpU//6c4rMCnaOZ/dPRmhojKEBc89kR01n8Wa4OD3vFk7PAYmkIyTqiGzfeJBbxg40YN7aasn8Kt1rMk/rAvpv0ta39uKFqPKcBmCVAoJTMbbJbo0mnyvKq6cV1JsdQ/L1X8r/GuzwRZHSsWESr13zeqafFB42q2Pnn2cjiDsCg12Rew/TRfpSqA3D9/3Ta4Cl7EMw5FbbmtXTnw3QhjPKqJH7tiEBJPmNXrqOeain0aINXfviAd7s6VDFo= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(39860400002)(136003)(396003)(376002)(346002)(451199018)(36840700001)(40470700004)(46966006)(40460700003)(41300700001)(83380400001)(54906003)(70586007)(316002)(2616005)(6916009)(4326008)(8936002)(6666004)(1076003)(8676002)(70206006)(426003)(47076005)(26005)(336012)(186003)(16526019)(478600001)(36756003)(40480700001)(2906002)(82310400005)(82740400003)(356005)(7406005)(44832011)(5660300002)(36860700001)(7416002)(81166007)(86362001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:59:40.8781 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 52d75de6-2d76-454e-aea0-08db1374a0ee X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF000108EA.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ2PR12MB8112 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758378649596977874?= X-GMAIL-MSGID: =?utf-8?q?1758378649596977874?= From: Brijesh Singh Add a module parameter than can be used to enable or disable the SEV-SNP feature. Now that KVM contains the support for the SNP set the GHCB hypervisor feature flag to indicate that SNP is supported. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 7 ++++--- arch/x86/kvm/svm/svm.h | 2 +- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index bedec90d034f..70d5650d8d95 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -55,14 +55,15 @@ module_param_named(sev, sev_enabled, bool, 0444); /* enable/disable SEV-ES support */ static bool sev_es_enabled = true; module_param_named(sev_es, sev_es_enabled, bool, 0444); + +/* enable/disable SEV-SNP support */ +static bool sev_snp_enabled = true; +module_param_named(sev_snp, sev_snp_enabled, bool, 0444); #else #define sev_enabled false #define sev_es_enabled false #endif /* CONFIG_KVM_AMD_SEV */ -/* enable/disable SEV-SNP support */ -static bool sev_snp_enabled; - #define AP_RESET_HOLD_NONE 0 #define AP_RESET_HOLD_NAE_EVENT 1 #define AP_RESET_HOLD_MSR_PROTO 2 diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 857b674e68f0..221b38d3c845 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -694,7 +694,7 @@ void avic_refresh_virtual_apic_mode(struct kvm_vcpu *vcpu); #define GHCB_VERSION_MAX 2ULL #define GHCB_VERSION_MIN 1ULL -#define GHCB_HV_FT_SUPPORTED 0 +#define GHCB_HV_FT_SUPPORTED (GHCB_HV_FT_SNP | GHCB_HV_FT_SNP_AP_CREATION) extern unsigned int max_sev_asid; From patchwork Mon Feb 20 18:38:43 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59641 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1479678wrn; Mon, 20 Feb 2023 11:39:53 -0800 (PST) X-Google-Smtp-Source: AK7set9Oc4S8TU4XPGYEvMZIhvSTVOnAuhkwypK1UXJNeg4ypDj3kAhYi7t1x7Iir2lXIzVCnwNe X-Received: by 2002:aa7:9eda:0:b0:5a8:5e6d:28d7 with SMTP id r26-20020aa79eda000000b005a85e6d28d7mr1659706pfq.0.1676921992712; Mon, 20 Feb 2023 11:39:52 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676921992; cv=pass; d=google.com; s=arc-20160816; b=QFXMkVDEGgO4paN4zRC2Wkh+nPS+X5rsFxBwpqLDTM1LHjQpeYbEX6y9SLf0Fffkbr RUp8QYwVdsy4MbtkH2b88kWxkw9HNoTGqFPU6fuGfopm7GHHx9JfM8N/t7QyPia8xG3D IpmyDtP9s1shXQN+gJX3ljmLBjQpUIUH0D0iu//AtVvNy4FaqihsRAIm9VvMNbYk4458 yYNSuivsa01J7Eosd12LlDXp36kKMBESTAaX9RAG4yv5IJ0VW4eM37PMU5cSqVsG1+nQ 9XOFtVPQO7CBEAScviGe/RQYrr5nH8IC4FbJUo2osP4kE0LiUSQNmZybp2hTSFRpFZAV 9V9Q== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=kRUxSUaNWiRvHuEScxe5r3QlLNMXENAPIQKIYkpvNqE=; b=VxQkattYaebQMKQ6omKVHg65jtuMbZkllYeFq8cGNHxt/gAtfPChT8l5oseQI68tkT 4Wy26FoubpGRyTcpiNYj3UOldJ3FsAaGkHtGneRThTputyowrHj9+gSQTmMaFFUCSJGg W852Q1eIFZeDzbNgUjRfN0RMTWkQDsR7teIFqjG9EcZQH4w5eg6Tdsf7mIkPhRqrwF4w E2sVMGLPs/x7MD9pP9kTdU9qziVnXluBHujYCxvRVZ62xQe89vwNsAdiEYEH9mmMjMhX nfF8uV8EHk/8dMGv4YfX7PtYgQWbe3GzzS+ZeUOC0yynhD5gg+lx29EGp4I0B8CgpIK+ 12DQ== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=d++de2Gh; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id w14-20020a056a0014ce00b005a91f5ed6b2si18619050pfu.147.2023.02.20.11.39.40; Mon, 20 Feb 2023 11:39:52 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=d++de2Gh; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232977AbjBTTCO (ORCPT + 99 others); Mon, 20 Feb 2023 14:02:14 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50680 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232897AbjBTTCM (ORCPT ); Mon, 20 Feb 2023 14:02:12 -0500 Received: from NAM04-BN8-obe.outbound.protection.outlook.com (mail-bn8nam04on20628.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e8d::628]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 451C41E29E; Mon, 20 Feb 2023 11:01:38 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=KFixzlaHQRPn/4tJOZdLKyRN3pn9JFfZc5aRJDLzcyP28sysiegffJfMu5ggOhz8+ZrvHMuLNyqBJATz5KN4Paly8WNgrsG6R3oG/z7QQJG9GSa9tv6nxutG39BdKghNg1tBMEENPKxuJ0mU0uyGJwpSgs9CyUjjASVwyKuCjoc+evs0aSaiai5XH4bv/z7JFJgHYsA5vZNRhtkDoxNXBZ0Q1Y35PdQjTmtv8QRcOt/B6sF3k0ptV1ueA/UrJtrp4SW6pHATj7mj3pYQYDoehxK6w5/+S+xHZNKa6Pk/3KVS54ZmoXi+2ZBSoc7iZ8VBKqWdHQG1p2ZBYTOY1b+dCw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=kRUxSUaNWiRvHuEScxe5r3QlLNMXENAPIQKIYkpvNqE=; b=cb4y0Fz6oWSuC5zBEGtZk4J5IEPj5lA4EMBKrWpSKY8sAwSmzUHkiL4wKc4jqxe4K6sSz192gi/nNZOfERml8OsnxgRW5P0USzYbfXCKo+dC6wfqLzN4XYNp+bqzPnzXlrqPEJ12uEE9Y+qEKL2/pgPigfY+AOFu8ish7GX2xc33i+A0ZBASNZ6cBwNAVb/spSzBHhajbvIoBUufGLeqrPHM0AD80Rd0PaeJTk5t8qIpjRmdqeHSDP9UtuGBIn7M//bUjN59isHl0J8IsWOdWzcj+GInZLj2k1hzqtSe0CXFzHeWijGDg3XsrMFHpKY38Se4gkhH+xT+nBxKfGhAuw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kRUxSUaNWiRvHuEScxe5r3QlLNMXENAPIQKIYkpvNqE=; b=d++de2GhzQ7DGgzYFkDuNI7LnoQ2Qb9ilJJiUFHZEwLqsQ1vJydUL2zsj/wZlM4FBNKKhv61VIE0e/Sf/mlgpE0pF1CgIqTTS/06FjVOw6TfAJcBb2TJ66DvQll92JXN5Aojh58cKLTXYTf8cgIW671PsPCl3ah25DQTkllvZso= Received: from BL0PR01CA0032.prod.exchangelabs.com (2603:10b6:208:71::45) by IA1PR12MB6138.namprd12.prod.outlook.com (2603:10b6:208:3ea::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20; Mon, 20 Feb 2023 19:00:00 +0000 Received: from BL02EPF000108EA.namprd05.prod.outlook.com (2603:10b6:208:71:cafe::71) by BL0PR01CA0032.outlook.office365.com (2603:10b6:208:71::45) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 19:00:00 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF000108EA.mail.protection.outlook.com (10.167.241.203) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6134.14 via Frontend Transport; Mon, 20 Feb 2023 18:59:59 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 12:59:58 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH RFC v8 52/56] ccp: Add support to decrypt the page Date: Mon, 20 Feb 2023 12:38:43 -0600 Message-ID: <20230220183847.59159-53-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF000108EA:EE_|IA1PR12MB6138:EE_ X-MS-Office365-Filtering-Correlation-Id: 71a72801-7bda-466e-4307-08db1374aadc X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: khXlFckNrLOpwfl8dDBBL4I2gjhAv1HO81ff3sUWr9lKzhkrtrVoyVxNJvLiivKvcfMp6k2RnxcNfgY4QxktVmiQvOA8N8RNz8g43+s1t2zgtM9n5I/7RwqPtBG7qe55C/L50vzOmp1MORm5Uuk+3J/s7rjAQRsQSRcv8a9oy6WXJEcnuDdxF8ejEjNOpuEbhrFq0m4pyI96yayaMjNbJVakdXNLwnY2ZxKpNVOAcvwNNKAR9Dhc2qpJyW6cfE9HX82LmwYkOjdh7EWXfu08vNSwcCDNaBuk4xpWKv3jxkFlnMf1rwi3canX7TmnkfsNbgWDk5HFsRTuVgRVvN8UKMYpTrmOGDRm1JsTewxlvROO0sCBzqbbr0SrnKMHa+JOC68PmFwEFLt3GokQ5+1oah9hkwiX2nZaBZrPdpIvsGQM83KxFP/gY8+Ly+KpPzroScHK8IxKG/0bky5QJ/prChzDyW7aipXcyLxIZl47siUsg2Skc7SAHRMohf5r5gmivgzvY+XGSsZG/R8pnwTGY5nYQMteEAGq8GenDo+YgUd3HTexFbo4Yfg79YV0RBdCDqaWYVgnnpXhAIrgsXTi4Sdx12B45MVBm3U81wk4rvotnNhCZy5X+Jjxm9P6gpj3w07wbvqYeUzKkYOutoI0fXdJecJWDfqpe/qdZsjsdcAcQ238aXXhbF6BLGG4iYEyS5PK/KAh95PsC1/qEpbGez3AL184ZvoHALJn1fbtapJgsyKObK9TJg9Ddaaaol/fTUdiA7dsFrefeHQT7mzrvw== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(396003)(346002)(39860400002)(136003)(376002)(451199018)(40470700004)(36840700001)(46966006)(86362001)(2616005)(426003)(40460700003)(336012)(47076005)(83380400001)(7406005)(478600001)(6666004)(1076003)(186003)(26005)(2906002)(16526019)(70206006)(70586007)(44832011)(41300700001)(82310400005)(6916009)(36756003)(8676002)(5660300002)(4326008)(316002)(54906003)(8936002)(7416002)(40480700001)(36860700001)(82740400003)(81166007)(356005)(36900700001)(134885004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 18:59:59.5815 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 71a72801-7bda-466e-4307-08db1374aadc X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF000108EA.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA1PR12MB6138 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,SPF_HELO_PASS, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758380155394667855?= X-GMAIL-MSGID: =?utf-8?q?1758380155394667855?= From: Brijesh Singh Add support to decrypt guest encrypted memory. These API interfaces can be used for example to dump VMCBs on SNP guest exit. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra [mdr: minor commit fixups] Signed-off-by: Michael Roth --- drivers/crypto/ccp/sev-dev.c | 32 ++++++++++++++++++++++++++++++++ include/linux/psp-sev.h | 22 ++++++++++++++++++++-- 2 files changed, 52 insertions(+), 2 deletions(-) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index e65563bc8298..bf5167b2acfc 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -2017,6 +2017,38 @@ int sev_guest_df_flush(int *error) } EXPORT_SYMBOL_GPL(sev_guest_df_flush); +int snp_guest_dbg_decrypt_page(u64 gctx_pfn, u64 src_pfn, u64 dst_pfn, int *error) +{ + struct sev_data_snp_dbg data = {0}; + struct sev_device *sev; + int ret; + + if (!psp_master || !psp_master->sev_data) + return -ENODEV; + + sev = psp_master->sev_data; + + if (!sev->snp_initialized) + return -EINVAL; + + data.gctx_paddr = sme_me_mask | (gctx_pfn << PAGE_SHIFT); + data.src_addr = sme_me_mask | (src_pfn << PAGE_SHIFT); + data.dst_addr = sme_me_mask | (dst_pfn << PAGE_SHIFT); + + /* The destination page must be in the firmware state. */ + if (rmp_mark_pages_firmware(data.dst_addr, 1, false)) + return -EIO; + + ret = sev_do_cmd(SEV_CMD_SNP_DBG_DECRYPT, &data, error); + + /* Restore the page state */ + if (snp_reclaim_pages(data.dst_addr, 1, false)) + ret = -EIO; + + return ret; +} +EXPORT_SYMBOL_GPL(snp_guest_dbg_decrypt_page); + int snp_guest_ext_guest_request(struct sev_data_snp_guest_request *data, unsigned long vaddr, unsigned long *npages, unsigned long *fw_err) { diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index 81bafc049eca..92116e2b74fd 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -710,7 +710,6 @@ struct sev_data_snp_dbg { u64 gctx_paddr; /* In */ u64 src_addr; /* In */ u64 dst_addr; /* In */ - u32 len; /* In */ } __packed; /** @@ -913,13 +912,27 @@ int sev_guest_decommission(struct sev_data_decommission *data, int *error); * @error: SEV command return code * * Returns: + * 0 if the sev successfully processed the command + * -%ENODEV if the sev device is not available + * -%ENOTSUPP if the sev does not support SEV + * -%ETIMEDOUT if the sev command timed out + * -%EIO if the sev returned a non-zero return code + */ +int sev_do_cmd(int cmd, void *data, int *psp_ret); + +/** + * snp_guest_dbg_decrypt_page - perform SEV SNP_DBG_DECRYPT command + * + * @sev_ret: sev command return code + * + * Returns: * 0 if the SEV successfully processed the command * -%ENODEV if the SEV device is not available * -%ENOTSUPP if the SEV does not support SEV * -%ETIMEDOUT if the SEV command timed out * -%EIO if the SEV returned a non-zero return code */ -int sev_do_cmd(int cmd, void *data, int *psp_ret); +int snp_guest_dbg_decrypt_page(u64 gctx_pfn, u64 src_pfn, u64 dst_pfn, int *error); void *psp_copy_user_blob(u64 uaddr, u32 len); void *snp_alloc_firmware_page(gfp_t mask); @@ -987,6 +1000,11 @@ static inline void *psp_copy_user_blob(u64 __user uaddr, u32 len) { return ERR_P void snp_mark_pages_offline(unsigned long pfn, unsigned int npages) {} +static inline int snp_guest_dbg_decrypt_page(u64 gctx_pfn, u64 src_pfn, u64 dst_pfn, int *error) +{ + return -ENODEV; +} + static inline void *snp_alloc_firmware_page(gfp_t mask) { return NULL; From patchwork Mon Feb 20 18:38:44 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59631 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1469616wrn; Mon, 20 Feb 2023 11:12:45 -0800 (PST) X-Google-Smtp-Source: AK7set8oZ+H3H5MIZG7xo3PVxTLGWNphrgeqWcuA6ohMTuoY3cXy8mtXB+HfpcxbReKHQxvjqC9F X-Received: by 2002:a05:6a00:2401:b0:594:26a7:cbd2 with SMTP id z1-20020a056a00240100b0059426a7cbd2mr2476242pfh.8.1676920364845; Mon, 20 Feb 2023 11:12:44 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676920364; cv=pass; d=google.com; s=arc-20160816; b=As7cshdRcyp5yn2qQYAVWzfZnKyV94XoLpNo19Nw2EuJOsOdFcQTeUSJmbQlf6E9r+ T8W8/43G5/pL8okMRBc+DaNAtGkPzlCTNkQykJ6J50IG1dhJhPeiDXO1cUohIvu/6ZPD QXiIwYdTmvBrPckKK3unMyhOTr6Mz1bb3Ooa0/XmRa28TMiJeodpyqsfa95xTYN9siI+ ppw675cEPcM8hCI9NI8j5jVYH0lE8+Mdx6K2tPcZ389jQAJhs1tE1cAZGPNdLOFeP0UH kHBBFIzDPXikCZOWF5L28lQuBms0HuhrEyDvmuAIWyqsv1i2w4gInRF8DVPEVLloWlIP 2M8Q== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=LopXYiYyykv0LOA+8gvAgfurQClPV2ZL2OUbKE6L/Ic=; b=Or9t/44f/ihY2bocjHLVMegrPon6DxxhiKwvabnGoYHgca3nJyfxVvCE7YeTsiRYXw 0fqTqx5cr99WXKTECUXEuXkF60Uvg1w+4iaqEpOfyPzi6Y9TFIJ5w7KyHt70OLB7vJB8 2gekCnOR4tovbSyUmFk+0L1jiqKKM4b/8HAYwZZqzoIsAIW0z7OR6+rR55CqJ7uraWE7 Tcv3yxIzdM1BDj/uNIFpfuY6QreU59CiYlU9atPJ/Q5bGZGWyGMWfABUVT2ntXQc9Kgi GNLU+ZuHZEUTNforNqw7rkDo6MBFXu+nAtkbFcytnaOrZPjQcR/COlspvXHUJxbZDMAU bX0g== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=sH3qZDr5; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id i10-20020a62870a000000b005a8a67dcafcsi6110822pfe.74.2023.02.20.11.12.31; Mon, 20 Feb 2023 11:12:44 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=sH3qZDr5; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233043AbjBTTDl (ORCPT + 99 others); Mon, 20 Feb 2023 14:03:41 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51614 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233034AbjBTTDf (ORCPT ); Mon, 20 Feb 2023 14:03:35 -0500 Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on20618.outbound.protection.outlook.com [IPv6:2a01:111:f400:7ea9::618]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 27E6E22027; Mon, 20 Feb 2023 11:03:03 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Us5oc+c0EjiEBa80509rTHcthGEwyqHLk6lKfA2CmCm+GF3bdAP9GqimCNw5w1N1k4zMVzU1cFFebw4+rNahCo8HdNdN/IgcyOXurp3QuK28DcHQDx4i+YHLEyPAFCeudbE1R5ziSIHpzyj0YUYHpzVN3b/zzS8WySYn7h1cZAISEsyoQtfZTWnLWWe9zMKeMRLKnqIIQ0zNybc2gyJZjIqgEqvAediOPXuFAYHL4qadkeWEYAHakr3ZP726NNb70R2T4O1tedOaoCL9uPoLnRXECYptcDKLBroSM+Gx+46DG4tsAaLVJnv1RmzGfNTSqms0LW/JQrllebH3BZFw+g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=LopXYiYyykv0LOA+8gvAgfurQClPV2ZL2OUbKE6L/Ic=; b=CFPbLXvZBN/tZM5QZI2AoleBlb70IloHefT7SMzI34JMaNhitFmsDAPcosRc13mSAXidsOjdccTb/R9wd2HfyLNmpnCG++ORDbgd6x6g84VYGfxLGA1432/ZagWhwbWzSEDPIFpC47UHsKm5S2t2FvJ+0guDPKZxWCTIjZPVEywuEkPQWNIredhw+oyTW6yU9Q7ax89N7ARneeDA18Hi/2xuGOJ11W2SyVWAVHBYaBnY2Vs7wAPcnOlcaJKEgd8vdIDnAUWNJDmb6li1xXo+XYlTuMnjvFhA0I+zLwWAg/gyGNmsJw6gMqEqlNEXq7uk09qWBd5cB+TMM09OWzESXQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LopXYiYyykv0LOA+8gvAgfurQClPV2ZL2OUbKE6L/Ic=; b=sH3qZDr5v+nqc6H9IC9VmZRpvGVel9X7mvS7ym8dKX683tsrVnY33yMVNyrw/Ze1CYEPsQIjrHjv2jMeuCzOAAX4deq3kDlcqNOKs5XMrniEaaFGJkyNjtpbjOkAaMbJDhlpmuZOpisaGUMYkya4yvQWJFghPegUYxVK+dd/caU= Received: from MW2PR16CA0049.namprd16.prod.outlook.com (2603:10b6:907:1::26) by SA1PR12MB8642.namprd12.prod.outlook.com (2603:10b6:806:383::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19; Mon, 20 Feb 2023 19:00:20 +0000 Received: from CO1NAM11FT036.eop-nam11.prod.protection.outlook.com (2603:10b6:907:1:cafe::b) by MW2PR16CA0049.outlook.office365.com (2603:10b6:907:1::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 19:00:20 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1NAM11FT036.mail.protection.outlook.com (10.13.174.124) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.21 via Frontend Transport; Mon, 20 Feb 2023 19:00:20 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 13:00:19 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH RFC v8 53/56] KVM: SVM: Make VMSAVE target area memory allocation SNP safe Date: Mon, 20 Feb 2023 12:38:44 -0600 Message-ID: <20230220183847.59159-54-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1NAM11FT036:EE_|SA1PR12MB8642:EE_ X-MS-Office365-Filtering-Correlation-Id: b711566e-bba1-4401-6bce-08db1374b6b0 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: wBDpVUHt03FwxxTaPXUM5WKI/7ajoFeBvmHUw9lALTFPQmWsVobxRpfWFo4S7EgzDgI3GZgh3SQQ7FviTTEMzeIzlCNjAhuunbV4efECxzlvdj1OBp1PebjOC1lopUUjDc4hNUO7u0gqMFAUcFyCp43wz/Ag2M9T0bRSclGLODiXn2m+QWcj0M4EHoGj/qeCXA2tOA567v07/WME+lkXKLT8/1ZxSJHf+sn0ZT36cGQeiDbp8Ed8FHwkpziQZsafGRIp0FO6Uy2T5aFLYnCTJnj5RuI3NT/YO7JCXxA8XpFJjJRuLOV9fYCd5jk0ZVG9ea3Q8Y0LcOVTXNQ6Mv18U9M4hoT0WInFdBQ9rq1U6mVAG6w7EkTfegh1syBDJX9zzJIuC/UY4rkEoHUM2A0EqGm+xANSipgo4ldprikIHOYpDyUWxtnlogjyYMOrjhjcPqK2mrBB+78KTY3luBKh1koJZyOwz3dimqXxtvQoRNuWlSPAfMskVu31KTIrqeq+iXq+xdGlvg270aUHWUt/+udj8wJ2hTX2PuH3wC6p1XkGQRSVHzeCJ6vMCiG3Jg7qsqyQ7bO483ir2QxShrILUCVNlpmRL/h/QWdIlm2TajAyHCN2Oa5Xbg6zWljvroaE2nUbgRAXe3WFGeCVZGXYqpPy0gUpDa+87l8G9j6MqzhZLYOdtAEKFEO9raC+GgfbbD2KsPJzBrbH0d1mqf/DTcF1W7stFSWvhr8SXNlij10= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(396003)(39860400002)(376002)(346002)(136003)(451199018)(40470700004)(36840700001)(46966006)(40460700003)(54906003)(70206006)(70586007)(316002)(83380400001)(8936002)(8676002)(41300700001)(6666004)(6916009)(4326008)(2616005)(1076003)(186003)(426003)(16526019)(26005)(47076005)(356005)(478600001)(336012)(40480700001)(36756003)(82310400005)(86362001)(2906002)(82740400003)(7416002)(7406005)(5660300002)(36860700001)(44832011)(81166007)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 19:00:20.3644 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: b711566e-bba1-4401-6bce-08db1374b6b0 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT036.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR12MB8642 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,SPF_HELO_PASS, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758378448500694343?= X-GMAIL-MSGID: =?utf-8?q?1758378448500694343?= From: Ashish Kalra Implement a workaround for an SNP erratum where the CPU will incorrectly signal an RMP violation #PF if a hugepage (2mb or 1gb) collides with the RMP entry of the VMSAVE target page. When SEV-SNP is globally enabled, the CPU marks the VMSAVE target page as "InUse" while the VMSAVE instruction is executing. If another CPU writes to a different page in the same 2MB region while the VMSAVE is executing, the CPU will throw an RMP violation #PF. Use the snp safe generic allocator for allocating the VMSA target page which will ensure that the page returned is not a hugepage, as it is already being used for the allocating the VMCB, VMSA and AVIC backing page. Co-developed-by: Marc Orr Signed-off-by: Marc Orr Reported-by: Alper Gun Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- arch/x86/kvm/svm/svm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 3fe5f13b5f3a..8bda31a61757 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -665,7 +665,7 @@ static int svm_cpu_init(int cpu) int ret = -ENOMEM; memset(sd, 0, sizeof(struct svm_cpu_data)); - sd->save_area = alloc_page(GFP_KERNEL | __GFP_ZERO); + sd->save_area = snp_safe_alloc_page(NULL); if (!sd->save_area) return ret; From patchwork Mon Feb 20 18:38:45 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59629 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1468373wrn; Mon, 20 Feb 2023 11:09:26 -0800 (PST) X-Google-Smtp-Source: AK7set/Dswnj+xlOAGCDJJjx0v+0ziRBNrILoqV6aX3UrA0zXF0Wy4O1SzVYUXsZ8jfDK+SlKROX X-Received: by 2002:a17:902:ce89:b0:19a:9434:af30 with SMTP id f9-20020a170902ce8900b0019a9434af30mr5115913plg.18.1676920166581; Mon, 20 Feb 2023 11:09:26 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676920166; cv=pass; d=google.com; s=arc-20160816; b=W20eUwKoYCEqmienj4UbZM2q+28jZkQTjTNG2g8tOWIsb33WA8L6P/N35yDSGS+n9Z wBOoQSJmTX+0U835agNU/sA6WQIr2b2Ap6vcPuyarrru0DnHrQO7lZwPZQ+ze+S3QlJ0 HJclKrHw8iwR5mdvk3/f7TcNYBagZ2YDSQCoy0vFvArQC65wijm4HzD7PW2Yw7e8DasU wF4WVrsNMbQv9hT4aFxFwFsln4JKbnSmaSWCAXNShpHfbANHgZ2odwzmQzW3XGx4WDAg gtdJHb1jeYjm1mlpZooh5pWULuAfNRWQSQp8zWh8YRCou0rDv+9UHWfgQRXvZROiRHUE w/3g== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=2M6hrAR8Ctx+uOCboGePLQAUWptiNchqX1bNzjVjiko=; b=UVwRZBGAEgIXmMpl3TSNWYUlgwCDjciUP9vpYDZFDtkQYGvbCI3y99DARUqS3qD7lp BS5Ti6DqTQ8Ljd3SF3yk4Fqq6EiIwgU/N29lQ6ybu6fOaAZEWcvUfhIfiHAxTmg4mpaK cd91HVt+15JojVmm6VdWys4bucZQRKCMNTbzH3beWMNb6e2xUCrEpPmN7mdQwC1mtfxG PoNZuy8t753cx34UA0X7YRhXsSy3uBco96THjnX7Lr34pz1UFqxvLJM24iXppGg5aXsX qf/gwTpHwm8ud4sSX1U24CnNGxD9tk3ZMA029cNfoVRUhZO/4UIhOsITUdE/InsOEhsN y4gw== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=KWQmPL8b; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id km3-20020a17090327c300b0019aa9ef4f47si5024057plb.443.2023.02.20.11.09.13; Mon, 20 Feb 2023 11:09:26 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=KWQmPL8b; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233053AbjBTTDL (ORCPT + 99 others); Mon, 20 Feb 2023 14:03:11 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52156 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232968AbjBTTDF (ORCPT ); Mon, 20 Feb 2023 14:03:05 -0500 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2062c.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe5b::62c]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 946B121947; Mon, 20 Feb 2023 11:02:26 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=djcn8ThIoyrU41bEYDWLwFYChKAW8DTjTqlwK0dDvJkV4m94JIgWSL31ckuhe01MBG06R2O3thrUUYbSmpSiK5b5tBcucu6jBLmbtV0du5w0tur2dbOOU6TB+sfIUi7Zu6xp15qouWz5nH925yTzrWhj1N4vKOqgx/VDlDCWsZ6tvMiyNfK3DEZUKT418pjyd65Oy/7yF+brcJybNXPwiCYGA7RgA8YeJKApSfWMaZj6RrpwQNFA+3UiHoEwQ6zsd4EQyQiuK7Gyzp0bPv3788W1FLM1ba5X6agjPwyQPWdvRmJh0T8M+L2kEAZiCXxHSja5jqSyMrP3iKEbqUX7Lg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2M6hrAR8Ctx+uOCboGePLQAUWptiNchqX1bNzjVjiko=; b=CjKLVTE2cYJQAqkZBrXNecAvg3H5/4Z+D3YBt/9EERpk7C8S4QVMBhYoKWHWfZnOu8RwgjGKWU7/MGWImyeCfUzT8DFCLqdy/NVgSJ6EttIS2yOnYosG1GomiHuOMrpijONwbs/9NQDBEh1JXlhdwIC3OAyOwJlboemEN1V9fr6UqXHYi0n+cmYtuKUGwK8OAEDzA16mA1TpHoOSffU5LtWN5U+3pMtnPetxhcwwbkiOlUDm+p6N3vyrxLnWQ1DIGtx3FaOLuWSYxpYwWXfOlhFslJj4zK7v4NV3J4zliUQpSOHH6yoPcsqNpojHAzuNwLEpc63gzQDtyZn0LoOslQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2M6hrAR8Ctx+uOCboGePLQAUWptiNchqX1bNzjVjiko=; b=KWQmPL8bu1lqQm+OY+FOyE0MbFhzno8IgkEoNzsWMh3guGApBwDcApX/QwAh1pad0AdVm5YW//qj1WySSx0wf7y7DYSay6AZkY2dHHlFa+iwXRf40Nv0R4BGvl0Rpnw1YLIrGIb5Wqm0uSoMhtPvwgNSm6duSw7JhjRNBnrATSg= Received: from MW4PR03CA0056.namprd03.prod.outlook.com (2603:10b6:303:8e::31) by DM4PR12MB6208.namprd12.prod.outlook.com (2603:10b6:8:a5::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19; Mon, 20 Feb 2023 19:00:41 +0000 Received: from CO1NAM11FT077.eop-nam11.prod.protection.outlook.com (2603:10b6:303:8e:cafe::54) by MW4PR03CA0056.outlook.office365.com (2603:10b6:303:8e::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19 via Frontend Transport; Mon, 20 Feb 2023 19:00:41 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1NAM11FT077.mail.protection.outlook.com (10.13.175.55) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.19 via Frontend Transport; Mon, 20 Feb 2023 19:00:41 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 13:00:40 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Dionna Glaze , "Tom Lendacky" Subject: [PATCH RFC v8 54/56] x86/sev: Add KVM commands for instance certs Date: Mon, 20 Feb 2023 12:38:45 -0600 Message-ID: <20230220183847.59159-55-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1NAM11FT077:EE_|DM4PR12MB6208:EE_ X-MS-Office365-Filtering-Correlation-Id: c4025751-8b34-4a24-1238-08db1374c32d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: qERWmM6kAcyem68EePiJhnI2MMVSFNyShOfMpsEtP20IEyzXsj2L4q46HzSC4z9D/EMB+9MFQHhN6cHg+Z+WhHDL1zVVtEYKO0o6wunc540vElz/3e3g/ZPAay/1RXdCA6x5hcspBK1JUH3FMB0vTQcHFzm/2VTNxMRmt6TbrM4Z22j1AeK2I0QPULdwrI1foiOXuqdvwJKxUDno297eRmaCJm4ys5IclnRaAm0LBZ0RfRI3E/mqb+fIhOODJdHmKvRRGRFUmd5M5oT5ptNXyU2XhjjgaTK6faa5zBPMgdNfjMXWaFN/QxNlTTyzzxsB6Q5k3V+wySyof/tetC7HCWgJyZR+qK2evF/C1Tf7t1lyPMwarzFIHOVlHduANBH4akO13yWSH+dqsKupcMBi5sCMblFalCBWpBvTPNGzzPjMpsjXa8X7j7lbmVPu/mFpksft2zeOSX5sbt9MwFRYalF/3ABQxuezgD9p2dnj+CTxTec8R2e1gLxp0H6CpOQ3kR8SoRAu1WomECWwLZ14RXJlBGKLAC/Jbm2MMyd4FX8EaziQRdfNS1fuBzqD1uatt3YmPJsSrlyNZSMqCVlmGNGaDGMs5lKJ/3UrVQd2cQ+sqByoZJGpVVtveA0Rulwj4SNgB7truWRE31jESp+1W8YCNCDPYbdZprG9qpYcLoTnWTcmmNc1Y7hy+/JEMa0E31B87plsUX6LCG4I3hFVal2V8nGtemsKT1dKgbx2wYY= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(39860400002)(346002)(396003)(136003)(376002)(451199018)(36840700001)(40470700004)(46966006)(336012)(478600001)(36860700001)(2616005)(47076005)(81166007)(426003)(70206006)(1076003)(2906002)(83380400001)(186003)(6916009)(316002)(40460700003)(16526019)(8676002)(70586007)(54906003)(36756003)(7416002)(82310400005)(40480700001)(356005)(8936002)(86362001)(26005)(4326008)(5660300002)(44832011)(41300700001)(7406005)(82740400003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 19:00:41.3139 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: c4025751-8b34-4a24-1238-08db1374c32d X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT077.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB6208 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,SPF_HELO_PASS, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758378240884247089?= X-GMAIL-MSGID: =?utf-8?q?1758378240884247089?= From: Dionna Glaze The /dev/sev device has the ability to store host-wide certificates for the key used by the AMD-SP for SEV-SNP attestation report signing, but for hosts that want to specify additional certificates that are specific to the image launched in a VM, a different way is needed to communicate those certificates. Add two new KVM ioctl to handle this: KVM_SEV_SNP_{GET,SET}_CERTS The certificates that are set with this command are expected to follow the same format as the host certificates, but that format is opaque to the kernel. The new behavior for custom certificates is that the extended guest request command will now return the overridden certificates if they were installed for the instance. The error condition for a too small data buffer is changed to return the overridden certificate data size if there is an overridden certificate set installed. Setting a 0 length certificate returns the system state to only return the host certificates on an extended guest request. Also increase the SEV_FW_BLOB_MAX_SIZE another 4K page to allow space for an extra certificate. Cc: Tom Lendacky Cc: Paolo Bonzini Signed-off-by: Dionna Glaze Signed-off-by: Ashish Kalra [mdr: remove used of "we" and "this patch" in commit log] Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 111 ++++++++++++++++++++++++++++++++++++++- arch/x86/kvm/svm/svm.h | 1 + include/linux/psp-sev.h | 2 +- include/uapi/linux/kvm.h | 12 +++++ 4 files changed, 123 insertions(+), 3 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 70d5650d8d95..18b64b7005e7 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -2089,6 +2089,7 @@ static void *snp_context_create(struct kvm *kvm, struct kvm_sev_cmd *argp) goto e_free; sev->snp_certs_data = certs_data; + sev->snp_certs_len = 0; return context; @@ -2404,6 +2405,86 @@ static int snp_launch_finish(struct kvm *kvm, struct kvm_sev_cmd *argp) return ret; } +static int snp_get_instance_certs(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct kvm_sev_snp_get_certs params; + + if (!sev_snp_guest(kvm)) + return -ENOTTY; + + if (!sev->snp_context) + return -EINVAL; + + if (copy_from_user(¶ms, (void __user *)(uintptr_t)argp->data, + sizeof(params))) + return -EFAULT; + + /* No instance certs set. */ + if (!sev->snp_certs_len) + return -ENOENT; + + if (params.certs_len < sev->snp_certs_len) { + /* Output buffer too small. Return the required size. */ + params.certs_len = sev->snp_certs_len; + + if (copy_to_user((void __user *)(uintptr_t)argp->data, ¶ms, + sizeof(params))) + return -EFAULT; + + return -EINVAL; + } + + if (copy_to_user((void __user *)(uintptr_t)params.certs_uaddr, + sev->snp_certs_data, sev->snp_certs_len)) + return -EFAULT; + + return 0; +} + +static int snp_set_instance_certs(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + unsigned long length = SEV_FW_BLOB_MAX_SIZE; + void *to_certs = sev->snp_certs_data; + struct kvm_sev_snp_set_certs params; + + if (!sev_snp_guest(kvm)) + return -ENOTTY; + + if (!sev->snp_context) + return -EINVAL; + + if (copy_from_user(¶ms, (void __user *)(uintptr_t)argp->data, + sizeof(params))) + return -EFAULT; + + if (params.certs_len > SEV_FW_BLOB_MAX_SIZE) + return -EINVAL; + + /* + * Setting a length of 0 is the same as "uninstalling" instance- + * specific certificates. + */ + if (params.certs_len == 0) { + sev->snp_certs_len = 0; + return 0; + } + + /* Page-align the length */ + length = (params.certs_len + PAGE_SIZE - 1) & PAGE_MASK; + + if (copy_from_user(to_certs, + (void __user *)(uintptr_t)params.certs_uaddr, + params.certs_len)) { + return -EFAULT; + } + + sev->snp_certs_len = length; + + return 0; +} + int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) { struct kvm_sev_cmd sev_cmd; @@ -2503,6 +2584,12 @@ int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) case KVM_SEV_SNP_LAUNCH_FINISH: r = snp_launch_finish(kvm, &sev_cmd); break; + case KVM_SEV_SNP_GET_CERTS: + r = snp_get_instance_certs(kvm, &sev_cmd); + break; + case KVM_SEV_SNP_SET_CERTS: + r = snp_set_instance_certs(kvm, &sev_cmd); + break; default: r = -EINVAL; goto out; @@ -3550,8 +3637,28 @@ static void snp_handle_ext_guest_request(struct vcpu_svm *svm, gpa_t req_gpa, gp if (rc) goto unlock; - rc = snp_guest_ext_guest_request(&req, (unsigned long)sev->snp_certs_data, - &data_npages, &err); + /* + * If the VMM has overridden the certs, then change the error message + * if the size is inappropriate for the override. Otherwise, use a + * regular guest request and copy back the instance certs. + */ + if (sev->snp_certs_len) { + if ((data_npages << PAGE_SHIFT) < sev->snp_certs_len) { + rc = -EINVAL; + err = SNP_GUEST_REQ_INVALID_LEN; + goto datalen; + } + rc = sev_issue_cmd(kvm, SEV_CMD_SNP_GUEST_REQUEST, &req, + (int *)&err); + } else { + rc = snp_guest_ext_guest_request(&req, + (unsigned long)sev->snp_certs_data, + &data_npages, &err); + } +datalen: + if (sev->snp_certs_len) + data_npages = sev->snp_certs_len >> PAGE_SHIFT; + if (rc) { /* * If buffer length is small then return the expected diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 221b38d3c845..dced46559508 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -94,6 +94,7 @@ struct kvm_sev_info { u64 snp_init_flags; void *snp_context; /* SNP guest context page */ void *snp_certs_data; + unsigned int snp_certs_len; /* Size of instance override for certs */ struct mutex guest_req_lock; /* Lock for guest request handling */ u64 sev_features; /* Features set at VMSA creation */ diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index 92116e2b74fd..3b28b78938f6 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -22,7 +22,7 @@ #define __psp_pa(x) __pa(x) #endif -#define SEV_FW_BLOB_MAX_SIZE 0x4000 /* 16KB */ +#define SEV_FW_BLOB_MAX_SIZE 0x5000 /* 20KB */ /** * SEV platform state diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 6e684bf5f723..ad7e24e43547 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -1928,6 +1928,8 @@ enum sev_cmd_id { KVM_SEV_SNP_LAUNCH_START, KVM_SEV_SNP_LAUNCH_UPDATE, KVM_SEV_SNP_LAUNCH_FINISH, + KVM_SEV_SNP_GET_CERTS, + KVM_SEV_SNP_SET_CERTS, KVM_SEV_NR_MAX, }; @@ -2075,6 +2077,16 @@ struct kvm_sev_snp_launch_finish { __u8 pad[6]; }; +struct kvm_sev_snp_get_certs { + __u64 certs_uaddr; + __u64 certs_len; +}; + +struct kvm_sev_snp_set_certs { + __u64 certs_uaddr; + __u64 certs_len; +}; + #define KVM_DEV_ASSIGN_ENABLE_IOMMU (1 << 0) #define KVM_DEV_ASSIGN_PCI_2_3 (1 << 1) #define KVM_DEV_ASSIGN_MASK_INTX (1 << 2) From patchwork Mon Feb 20 18:38:46 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59634 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1470852wrn; Mon, 20 Feb 2023 11:16:12 -0800 (PST) X-Google-Smtp-Source: AK7set+tea5I8C+XLMF6lTeoIj+FqN0U+TsbXa/PGtUoh70vXLkJDa4PG02JFiseEHz7sWbHkNUf X-Received: by 2002:a17:906:11ce:b0:88a:a27c:c282 with SMTP id o14-20020a17090611ce00b0088aa27cc282mr9561346eja.47.1676920571879; Mon, 20 Feb 2023 11:16:11 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676920571; cv=pass; d=google.com; s=arc-20160816; b=StPP6MTu2KqzLWiCyKfxzAbMFB177VZ1F50lB0bUxBhZnTY/E1qGdehyiW6m+FWTqM zs3vf+Dw8PrwcOTZ9kB8mDn2U4WoW094Wz+DD7i55nOFq+ECmx+10J+S9XFMskID9BUj j4ozRRwSwlpLoQcoHhBOT7s3lSPXcFKX1cY6qdNg1imrGT9fMqoVDkgAVk/h3KhIXe9n sAULiWTBrhkvK1K1QpfJC2Ao121QjEamqmtK86ZlkPXyF6vWf4WY+st8z1xvgf0vfXs8 rNrwlVMYdKq50MJZ2lO21KN6eVBpF4nDViBpLXONhd8X4Tz+GktIV/U83zgxOxCsCrDT X7XA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=bhdLB+9fGVwgfwLdW0pGauuauXN7czdXY6hjutnQW1g=; b=Qrzh6OKOhl5rMaxmXNJG1O+4CtSRorS6HMP63i23nGMkuq4RNTdnry/OBWPgMwwbil ouyxClZu3Gd0VUBgEVZXahIyO6aD/GCx1ppl65UNBH5OvdxzUZRKKi7ocdAjD95OVHeU GYvH0iTYIlcONtM9AG4IfgsIoYioGdR0el6JXYRxuHbN19rKZUJqQP9EA/L4nQJnYUPN Ogo8WZeKcBr9Zohs3uSTsWkeg5uo0CcejDJF4nfQq/JankNKsYu8bitbrEkk7g532Dhb zZo1UHBfOdhQAunzPt0VV6dVGvvt/eZ+BEJgEEprFBknFHmszA4UFdcU8qpeNwaBVXXn fJ0w== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=DtUz3FYM; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id uj42-20020a170907c9aa00b008b13a20190dsi15793897ejc.551.2023.02.20.11.15.48; Mon, 20 Feb 2023 11:16:11 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=DtUz3FYM; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233058AbjBTTEQ (ORCPT + 99 others); Mon, 20 Feb 2023 14:04:16 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54126 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232721AbjBTTEO (ORCPT ); Mon, 20 Feb 2023 14:04:14 -0500 Received: from NAM04-DM6-obe.outbound.protection.outlook.com (mail-dm6nam04on2082.outbound.protection.outlook.com [40.107.102.82]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EE6632201D; Mon, 20 Feb 2023 11:03:45 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=DLDu94Nqnh9/vD1yUqt8QADAm08mbhkWREprrsfNLwl9tzkufTtVpAKG0/VVtxi0Eqw49eyQViT8tVrvYcHIyiP+DYTTd32g/nMcSUu6zp0x7G+0hj0WwhZG++MjMcicRDFOegv6veIdLgNS9nq6q7S0GJGru+UOofZIjetqHRtIbQZ3OsZmqpyZORRVejRuKFrjCJKqc5gcpJCd9cP5qsewj8JmXzptQetb5/XkEmtBIK+6LFBYnmOLLLxU3yJ9tJMH7H813NS6aEVGzTqmb9NP5GIC71GmSuQBkLRQsvVnvt7AXplMpmKfUOrdLfXSvX+RgWgVsoL066wnACvdXg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=bhdLB+9fGVwgfwLdW0pGauuauXN7czdXY6hjutnQW1g=; b=Zr+Bi4jFXsFxOQ4Hz5nZRBzJx3f7wEIR/b59kp27uG2n7MZPwo0e5XNeVxw5JMyyGSp2QeBc/F7NFbZKYojJ3cigJQgk4y+PBXRP0uccqbLjbfFHnW95oMb3J75HKKqbSB9zS+S/sdQK9pVsZvTgYM0bEjXiB0w8LMB1T/1YZcTbJRYgGuMHMl1smvaXPAYr3pJ+bpP9S8Tv0sUR0MzT1B3ixvBLeAvuxZT21KRJQt6csA+iuVTseZ1sUDiF3S7lZ/69RQYK7VILnZpTNJyoQCV1rlaYmQ2BLwkiuF1yB1tBLlAoFsIerIyYi9FsFXnJFzUbRONJIbkJGnG0jGL5mw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=bhdLB+9fGVwgfwLdW0pGauuauXN7czdXY6hjutnQW1g=; b=DtUz3FYMKqlsy4VdJNvf6rrjZ5X0RkEy5lOJSTU2T3awTQh3xKom3q/bh2slCozG0aet3xBiCz2ZJ4+zkBMXfo7CxH2CvzzbHXbFWV/m+HBbbTOwWzQS+UkF/cIekSBWSFROPKSylAxjXYWGHvtG3KQ49VvRBIum+9UFdp4uW+Q= Received: from MW4P222CA0023.NAMP222.PROD.OUTLOOK.COM (2603:10b6:303:114::28) by SN7PR12MB7810.namprd12.prod.outlook.com (2603:10b6:806:34c::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20; Mon, 20 Feb 2023 19:01:02 +0000 Received: from CO1NAM11FT018.eop-nam11.prod.protection.outlook.com (2603:10b6:303:114:cafe::64) by MW4P222CA0023.outlook.office365.com (2603:10b6:303:114::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.19 via Frontend Transport; Mon, 20 Feb 2023 19:01:02 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1NAM11FT018.mail.protection.outlook.com (10.13.175.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.21 via Frontend Transport; Mon, 20 Feb 2023 19:01:02 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 13:01:01 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Dionna Glaze , "Thomas Lendacky" Subject: [PATCH RFC v8 55/56] x86/sev: Document KVM_SEV_SNP_{G,S}ET_CERTS Date: Mon, 20 Feb 2023 12:38:46 -0600 Message-ID: <20230220183847.59159-56-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1NAM11FT018:EE_|SN7PR12MB7810:EE_ X-MS-Office365-Filtering-Correlation-Id: f41b3fd6-8231-470a-4532-08db1374cfb3 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: e65c5ls0TTnpXU4cZJQW4nNcRpTjRarYf1eErEGrO6OXnOWPpla+eNKBdyqaSpWOEyCDvWA/4W9lhsYdoF7yvLyEwIeo/PR9dTxUFXEK14QMWGj+MVV8obywmfNFFKd9Z81/EP4GC7HWy0ZUF5YC1gN4pst9KV3h4RzGR5FX41gbwISznl6G2zrzaVqllQuKWuI389zL1Q8R9/HKPOmeuTQvurAO8mw4KJCWZEpylcY6AVeqCYpHuFy8Cax9b8VUO5zMiujQ8k78cZGi6oKyNW3wgDev/5NHv0xPL/APoYRRyqmczau6DOGW3y7dQW/gcyTZSWDDYaL+Jnm72OH7jnSHw0klAkFCU+I+ozTGslmwSvalE8O51aJpIzu9/SI4VWcQNhwmc8rRdmwhb9yLPb5QjBY3S61h2qkyV8xXY68agEXdbKIpz3WC6250dw6HzY9Agqwo5e6n4QIfMgN1D45dEa1pNNXGZgWsfUixOGnfza7LU8FMUt9ynJzVejswFNZd8I9RryxTrrTBhaYhDpa3LxGyZ2LcTH8giMugPKAlyPaXXbVhyLwawpLPbMJxXnFkmWgFK4cGKJ++3YYGNyhPwzyyiBsSfYZGk+lcsjq2JGnl7VWH2TdPWGWdo/2OSsq5SEETJXplsYDltAAJ4QBZAtJnHE3BRBNGIsWbhub+u9EXpKs+g66eM3mScwBMKRvh3aXatC2X4TIKdE4G8D67Px5dNj3dAi4x8lJSHqE= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(396003)(346002)(376002)(136003)(39860400002)(451199018)(36840700001)(46966006)(40470700004)(2906002)(26005)(186003)(16526019)(41300700001)(356005)(82740400003)(44832011)(6666004)(1076003)(81166007)(2616005)(7416002)(5660300002)(36860700001)(7406005)(8936002)(478600001)(316002)(40460700003)(86362001)(70206006)(70586007)(6916009)(8676002)(4326008)(336012)(82310400005)(47076005)(40480700001)(426003)(36756003)(83380400001)(54906003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 19:01:02.3104 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f41b3fd6-8231-470a-4532-08db1374cfb3 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT018.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB7810 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758378665122144354?= X-GMAIL-MSGID: =?utf-8?q?1758378665122144354?= From: Dionna Glaze Update the KVM_MEMORY_ENCRYPT_OP documentation to include the new commands for overriding the host certificates that the guest receives from an extended guest request. Cc: Thomas Lendacky Cc: Paolo Bonzini Signed-off-by: Dionna Glaze Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- .../virt/kvm/x86/amd-memory-encryption.rst | 44 +++++++++++++++++++ 1 file changed, 44 insertions(+) diff --git a/Documentation/virt/kvm/x86/amd-memory-encryption.rst b/Documentation/virt/kvm/x86/amd-memory-encryption.rst index dafb0c9984f1..153003ff2c51 100644 --- a/Documentation/virt/kvm/x86/amd-memory-encryption.rst +++ b/Documentation/virt/kvm/x86/amd-memory-encryption.rst @@ -537,6 +537,50 @@ Returns: 0 on success, -negative on error See SEV-SNP specification for further details on launch finish input parameters. +22. KVM_SEV_SNP_GET_CERTS +------------------------- + +After the SNP guest launch flow has started, the KVM_SEV_SNP_GET_CERTS command +can be issued to request the data that has been installed with the +KVM_SEV_SNP_SET_CERTS command. + +Parameters (in/out): struct kvm_sev_snp_get_certs + +Returns: 0 on success, -negative on error + +:: + + struct kvm_sev_snp_get_certs { + __u64 certs_uaddr; + __u64 certs_len + }; + +If no certs have been installed, then the return value is -ENOENT. +If the buffer specified in the struct is too small, the certs_len field will be +overwritten with the required bytes to receive all the certificate bytes and the +return value will be -EINVAL. + +23. KVM_SEV_SNP_SET_CERTS +------------------------- + +After the SNP guest launch flow has started, the KVM_SEV_SNP_SET_CERTS command +can be issued to override the /dev/sev certs data that is returned when a +guest issues an extended guest request. This is useful for instance-specific +extensions to the host certificates. + +Parameters (in/out): struct kvm_sev_snp_set_certs + +Returns: 0 on success, -negative on error + +:: + + struct kvm_sev_snp_set_certs { + __u64 certs_uaddr; + __u64 certs_len + }; + +The certs_len field may not exceed SEV_FW_BLOB_MAX_SIZE. + References ========== From patchwork Mon Feb 20 18:38:47 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 59636 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1474763wrn; Mon, 20 Feb 2023 11:26:29 -0800 (PST) X-Google-Smtp-Source: AK7set/f4k8aMgLutNMLqIF6ziX3YD59hoswP1cQZuGtgAGW7oi8Zu2SpAVd5c6N/0Ox9FEpYQSZ X-Received: by 2002:a17:902:da8b:b0:19b:c37:25e3 with SMTP id j11-20020a170902da8b00b0019b0c3725e3mr3786032plx.6.1676921188955; Mon, 20 Feb 2023 11:26:28 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1676921188; cv=pass; d=google.com; s=arc-20160816; b=LMqRqdJg3yTJldQw6i0KwAEPf/we7pdCA5MPZ2FAWInJ9tpy46zonPBboGsqEF7612 1XGx+sNVeTntVjFLoyCIeLn8zJGa3LTMExn7tKQpZBOdYattq2fc0cdcypxscvTRC370 iuZsbbvjPhPIuXp9xotG9VyFKVsX/JcVOQ9JmKbgp2NQiUluMxz/j5XkyZmown5Zf9Gj YC9tsNfM1ut9FdfMFJSvoaZc2CXZDJiWwjePFHA+O+KTDbtfL5duiq6B1jTMJ/l4clRM RTSNv4bzqd88qLs9BXZNPhLu34SAxwbpq5XPYZuiggKQ9FxqNYEYil5+L/uR35SGXUBF cQDQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=xfgvNgPkzXxiD3rUfJwSEsnsZDwFqlVnWGrip+638u0=; b=v0J9BsTEN/R59W9+K/IOgJz2IeF1aX+iDs9JegRMNPCsKbX304pNmAw+BUbfvWR+tY YzRCH90dHCKSNlO21ZOpgwlOQg2prcVB1AofcDR+yzyMvUr5B0lFP/tebsryOm4i6Zpy iFy+s6U/SOcfPd2z3W/kVkHIPQ86L6q908bV6QbuPtfGKG6Sq5gCj1ljdjppIGOZIzHs U3+TtBSODYbwcSR3ttECDNSr7f3n0PCNJyaVufL/gZEh09l6MnoT9hUFg+GfphvattsF EyeGJyKy6mvWrr51eKf575zXJ47zFYDf7FGuyXsxnZBdCEOok7w2wgix9/OT6OQ3SJ5A o6Sw== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=sCzOp8ro; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id s12-20020a170902ea0c00b0019931c82e24si11728795plg.195.2023.02.20.11.26.13; Mon, 20 Feb 2023 11:26:28 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=sCzOp8ro; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233070AbjBTTI5 (ORCPT + 99 others); Mon, 20 Feb 2023 14:08:57 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60842 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233122AbjBTTIx (ORCPT ); Mon, 20 Feb 2023 14:08:53 -0500 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on20600.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe5b::600]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7DA32166DA; Mon, 20 Feb 2023 11:08:12 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Z/Zt95TYguED0j75IMIetOmHnYQyZDjUneQsiw/UtNo+/1/LFd0iGB4Jb6hA4EUY/tIOYSWGFcJnxgAysB6TRUo5o/jN2ROgz6mtJr4g8o5fthDxhPtCSs4/R9B74gsB1VTAIR0chLuF5DBD/jZxGF/mGrn9XjZVwO+tqWB6e+1plYOvzYfChsQxGv3Fb3TC4YIa9tdXH8CloAHaMqtKjHeRs6E4s5FvyHtIk5IuvmvjafnGvhySMQStzeXYFG3PUACBMF/f+P+JnqrU4e6wMUIlOAylDveCievsQmHlJZurdRACyMQkh9ThsmXOKy0RnWpTPB+1UIZdrhcceZejhw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=xfgvNgPkzXxiD3rUfJwSEsnsZDwFqlVnWGrip+638u0=; b=CdXECGTskGdUt58NZqxEZg3D0Bd9XbtEUzzArPSedjhUqpkDjCI8FLlvBAkqL7ZM8MLwBQoBW1xRGrtAjaPdrnICSWdrT4Q22isicUOEmYN2+ZzPPj0ANTzqk/dKoEDHz72occEP3UGlvbI6BXoHgu4qelN2wNVlhZvsHlaZtc+vCyTGJgKoJL5fI8m9FtP8TDDbE7O08oMcuEjKk46MtWfaUCWXKbxkwqSKmjk8PdvFqqplHh5TouuQidiajZTvK8ByZrpQlKXVVNxr93I4vf+vnwNq0QHp/0VUWttL3O+4GNDTvDxjwrWrd1urA1Z6g/c68vemr3NnmEOi0X/FLA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xfgvNgPkzXxiD3rUfJwSEsnsZDwFqlVnWGrip+638u0=; b=sCzOp8ro4SFWXtWwIr143m2wbwzFpF050yzqxY2bzyhR3kRQ3HL4X+XUgAohQ92O4Vw2qZjSwUcwLc+ek7MPGY/hGlMpj+dl0nWFNgogWUojUI4WJYemHiI0S8AvvZ+q8g30e5FC2DfbuW7OSR7fINPOCnq9zJviZ2aLX0+/+kw= Received: from MW4PR04CA0049.namprd04.prod.outlook.com (2603:10b6:303:6a::24) by SN7PR12MB7936.namprd12.prod.outlook.com (2603:10b6:806:347::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20; Mon, 20 Feb 2023 19:01:23 +0000 Received: from CO1NAM11FT003.eop-nam11.prod.protection.outlook.com (2603:10b6:303:6a:cafe::48) by MW4PR04CA0049.outlook.office365.com (2603:10b6:303:6a::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 19:01:23 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1NAM11FT003.mail.protection.outlook.com (10.13.175.93) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 19:01:23 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 13:01:22 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH RFC v8 56/56] iommu/amd: Add IOMMU_SNP_SHUTDOWN support Date: Mon, 20 Feb 2023 12:38:47 -0600 Message-ID: <20230220183847.59159-57-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1NAM11FT003:EE_|SN7PR12MB7936:EE_ X-MS-Office365-Filtering-Correlation-Id: b369f4ba-f405-4719-1d71-08db1374dc2d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: InLlUBpeVAYIg/MCVuuByIk89FbaZCdlRaVm9cviSpw20tuDsXRgA7avVWo8QYnwlZN17YjjLQ1/KsRHm/aWU9M2vHCrf+TMo+f/h8R5z4zMBvoU8O5PzvJ/IV5J9yGQ6TdnTP+5lbhdvXvkamd66QLV2bwaQbxZ6ZeLK+4UUuffBQQwZoTcQhigB2WF7AhbRIGD3S45WUzjPqc0pH2ETKCfWaGzTIogSRvkXrYIjdM/d6wu4JDUnQ+WJMYO3Eygl/Y1zlxyzGNVuOxRiZm2kBOr7l0OI9GadNKqI2b2Sdl5hfCEuA55R9gfAwiZz2V/agopa/l18f0gMm0uMC7VWndPfUx7xPtrxrS8zIPyGbUbREjJnqyrvUKVYYzYN4quVnyzQycZz+nY63ZjjjblwF1eAC1EGXGGRYnMjVm+o+l6XTluFOEHakbmPLpaJPCbj2EwQeQlhys/KEcP6EOKGnNHXDudZelvxmIlWZbzz5MqFV/uZ95pgzq/egpJTrHrZJEbbCSV7VlphcF1HFJM712E6TjqvPCubfaXk+L7hNyX0N2Q2gvSeazIgNPqqqtwV9KcaUj/ZyekjquDo8B+Chu4wdKoMveoIiAlz+OGrenHpQ4W721ACZPDcEGQTsX42kJmYeMm2YDmtML5buV6gx9qa13bxcMJT2ICIdkdIn/Rt24stqrklW8X5b1tSzp6uy7cC7VD+Sv7CV98WrVoQCYEROplhYxd4OpIZlKxZlY= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(376002)(346002)(136003)(39860400002)(396003)(451199018)(46966006)(40470700004)(36840700001)(2906002)(186003)(26005)(16526019)(5660300002)(7406005)(6666004)(7416002)(44832011)(2616005)(36860700001)(47076005)(426003)(40480700001)(86362001)(40460700003)(1076003)(336012)(8676002)(6916009)(70206006)(356005)(70586007)(4326008)(81166007)(41300700001)(54906003)(82310400005)(316002)(83380400001)(478600001)(8936002)(82740400003)(36756003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 19:01:23.2729 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: b369f4ba-f405-4719-1d71-08db1374dc2d X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT003.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB7936 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,SPF_HELO_PASS, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758379313010853433?= X-GMAIL-MSGID: =?utf-8?q?1758379313010853433?= From: Ashish Kalra Add a new IOMMU API interface amd_iommu_snp_disable() to transition IOMMU pages to Hypervisor state from Reclaim state after SNP_SHUTDOWN_EX command. Invoke this API from the CCP driver after SNP_SHUTDOWN_EX command. Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- drivers/crypto/ccp/sev-dev.c | 20 ++++++++++++++ drivers/iommu/amd/init.c | 53 ++++++++++++++++++++++++++++++++++++ include/linux/amd-iommu.h | 1 + 3 files changed, 74 insertions(+) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index bf5167b2acfc..7ded2f9111e0 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -24,6 +24,7 @@ #include #include #include +#include #include #include @@ -1503,6 +1504,25 @@ static int __sev_snp_shutdown_locked(int *error) return ret; } + /* + * SNP_SHUTDOWN_EX with IOMMU_SNP_SHUTDOWN set to 1 disables SNP + * enforcement by the IOMMU and also transitions all pages + * associated with the IOMMU to the Reclaim state. + * Firmware was transitioning the IOMMU pages to Hypervisor state + * before version 1.53. But, accounting for the number of assigned + * 4kB pages in a 2M page was done incorrectly by not transitioning + * to the Reclaim state. This resulted in RMP #PF when later accessing + * the 2M page containing those pages during kexec boot. Hence, the + * firmware now transitions these pages to Reclaim state and hypervisor + * needs to transition these pages to shared state. SNP Firmware + * version 1.53 and above are needed for kexec boot. + */ + ret = amd_iommu_snp_disable(); + if (ret) { + dev_err(sev->dev, "SNP IOMMU shutdown failed\n"); + return ret; + } + sev->snp_initialized = false; dev_dbg(sev->dev, "SEV-SNP firmware shutdown\n"); diff --git a/drivers/iommu/amd/init.c b/drivers/iommu/amd/init.c index 1a2d425bf568..d1270e3c5baf 100644 --- a/drivers/iommu/amd/init.c +++ b/drivers/iommu/amd/init.c @@ -30,6 +30,7 @@ #include #include #include +#include #include @@ -3651,4 +3652,56 @@ int amd_iommu_snp_enable(void) return 0; } + +static int iommu_page_make_shared(void *page) +{ + unsigned long pfn; + + pfn = iommu_virt_to_phys(page) >> PAGE_SHIFT; + return rmp_make_shared(pfn, PG_LEVEL_4K); +} + +static int iommu_make_shared(void *va, size_t size) +{ + void *page; + int ret; + + if (!va) + return 0; + + for (page = va; page < (va + size); page += PAGE_SIZE) { + ret = iommu_page_make_shared(page); + if (ret) + return ret; + } + + return 0; +} + +int amd_iommu_snp_disable(void) +{ + struct amd_iommu *iommu; + int ret; + + if (!amd_iommu_snp_en) + return 0; + + for_each_iommu(iommu) { + ret = iommu_make_shared(iommu->evt_buf, EVT_BUFFER_SIZE); + if (ret) + return ret; + + ret = iommu_make_shared(iommu->ppr_log, PPR_LOG_SIZE); + if (ret) + return ret; + + ret = iommu_make_shared((void *)iommu->cmd_sem, PAGE_SIZE); + if (ret) + return ret; + } + + amd_iommu_snp_en = false; + return 0; +} +EXPORT_SYMBOL_GPL(amd_iommu_snp_disable); #endif diff --git a/include/linux/amd-iommu.h b/include/linux/amd-iommu.h index 953e6f12fa1c..a1b33b838842 100644 --- a/include/linux/amd-iommu.h +++ b/include/linux/amd-iommu.h @@ -208,6 +208,7 @@ struct amd_iommu *get_amd_iommu(unsigned int idx); #ifdef CONFIG_AMD_MEM_ENCRYPT int amd_iommu_snp_enable(void); +int amd_iommu_snp_disable(void); #endif #endif /* _ASM_X86_AMD_IOMMU_H */