From patchwork Fri Oct 21 16:59:40 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dionna Amalie Glaze X-Patchwork-Id: 6888 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:4242:0:0:0:0:0 with SMTP id s2csp808647wrr; Fri, 21 Oct 2022 10:07:44 -0700 (PDT) X-Google-Smtp-Source: AMsMyM5l4mp4fcd/W3ZHQiGaSAr/Jv1PcSfatEK8dzzeWgQNaq+3VJIURvpj6xvUx40LJfeFotmD X-Received: by 2002:a05:6402:2b85:b0:457:6216:d251 with SMTP id fj5-20020a0564022b8500b004576216d251mr18770046edb.56.1666372064231; Fri, 21 Oct 2022 10:07:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666372064; cv=none; d=google.com; s=arc-20160816; b=N1HKMcPWjXE8ZfZD9Wg3ihJFp87f1m0Jl3GvaKA/bzw0MaE047J7cOoxGTaQFxbNTe PIFNCVXZgLpeHJQ+Q9fGvw02RomQUJei+FNxkyvvc7JU8XWYIzc1WYFiMKaGGcsadmZ2 eHLOCV9fSHRTOoxoByG0x6MndyltitpD3btpfjbzrO9GlMTxp7asvZp19xvt9frn3m7U hxs+ropocjC4R4fCohSpuzO4rfdNTpnUeE8QjuplNZajCCSIcbiLTFpoqIzEjHDOozrh boiK5Lr5/CbHHv1zU2eMANaL6O+MGmori6y8aYsmdKpxA4A3W71IlqV2h4iGGYcSUYaV au0A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:dkim-signature; bh=m+6LJgKl0wRgTRLkq4f9veim6S7HXx9ZKXbkLf1zrmQ=; b=ofAZys3+An7tmgaGUjtoV9RVkLm1YTmfXyVjG3+qekF7+YbF7hJyZ4mM7vYRNa4UYi UeSiOi0C/0YV96F2wbyZ7n+rh3vKgWdEOw0hDQegarrQ7LTrU6AoHjffwHY5ckk2Jn79 zM/lulAks5bCv1qILpINhgm3UGHmMLBnveNfd4DeOg228VTCpmjbtmmfDMELB3X1RKqu zDdbQNNXyJaCUzcZEhAB+H5vAlMKUCP26NKTm8k7sEeU3+qQaZ2FtgblEEGcTE6Pm3KX JqbHlrSzzx7riWiPeBtSSI86+dthRF0JHu9g7cZYKoDcPW5ZYQ4wmFtOCumulXwon5V5 HHjA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=IAUiu92e; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id c7-20020a170906528700b00783df65ae5esi19058382ejm.683.2022.10.21.10.07.19; Fri, 21 Oct 2022 10:07:44 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=IAUiu92e; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229802AbiJURAH (ORCPT + 99 others); Fri, 21 Oct 2022 13:00:07 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50958 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229934AbiJURAE (ORCPT ); Fri, 21 Oct 2022 13:00:04 -0400 Received: from mail-yw1-x1149.google.com (mail-yw1-x1149.google.com [IPv6:2607:f8b0:4864:20::1149]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4F6D2558C5 for ; Fri, 21 Oct 2022 09:59:52 -0700 (PDT) Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-367dc159c2fso34348827b3.19 for ; Fri, 21 Oct 2022 09:59:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=m+6LJgKl0wRgTRLkq4f9veim6S7HXx9ZKXbkLf1zrmQ=; b=IAUiu92eRZoXbbSs2RkIa1od4MS2ZKai3lK1I9O75aKToczZ/VnpZ5z1vxJPMa/GkC 0lZR6s0KSFCVAgw42q/iyvA+kgH4bPDygEOtwmVRuTsGKEsMBFRUYetzcXtvMGluFGsl oIRPkUIp+AaAMleOZpYIYm4+q9lNnERRe31K2FGn/prPllHO4BM6VzlqX/JTedIRXn/g TVsFJnaJx3ZF69jFYpZyw6YK4mL41IWE/4P1ddXk2c0qHtRj8j6fw0AoQdrvpaI34rP4 WL66+HcMTo/T5w05qnW0jiXQlTMkXwyTHlgJbbqfWCuOFHRFxD2mQpcOSJyBL1gCfEvx C27w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=m+6LJgKl0wRgTRLkq4f9veim6S7HXx9ZKXbkLf1zrmQ=; b=yp8szvCtnWYMUUFBitjJAtlpaXCt9sLFXDFHyTJNLXO71il5RPh7bR78t+IM+FWeej QG7lXqUow7WpQgwWTgbz+7TRGORVjRsdBzTX1xwELWY9oLteOhZPm31/qDMV/hC1Y8Sj CcxMaatZ4+YBW2l55TTQKZoKk491E4zrYc6I9uHL8qNgnuYxPvTBVcZsh2kkiOXWBqLZ Ua65z3tg9FBkl8egnV5eBmsHSGXwQ9mO8CzvA6D/Su+x4LdR6qLQFlfmvttWAC5NRyF8 Tr5n83KS+5aJscu5eLI0oM9dUY9xEnUd3ng7xEywjnnbyA88Tckhx0GK36xRQ2IrCKPK Uq6w== X-Gm-Message-State: ACrzQf1kHqhRBOqQvL7/RQzKc1wt1dnb0tSbqyughu4DUZSGF7JPdNno TnejQSjzCJk8cXxEqJ25AGYcbLNJ9YviGJc60Ipikov+ADQ99g3hZifOgP9KynXpk2V2L7LAewE VF9WJZMWgs+GAenwCHblRFWS0sfCnAcxPiSKmuz7HjKRz+SMzkyV6CSu9U5mdEYg0NdMXtpi4Ot 6OOIe/X9g= X-Received: from dionnaglaze.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6]) (user=dionnaglaze job=sendgmr) by 2002:a25:be14:0:b0:6be:885f:20bb with SMTP id h20-20020a25be14000000b006be885f20bbmr17567487ybk.480.1666371590674; Fri, 21 Oct 2022 09:59:50 -0700 (PDT) Date: Fri, 21 Oct 2022 16:59:40 +0000 In-Reply-To: <20221021165943.1968044-1-dionnaglaze@google.com> Mime-Version: 1.0 References: <20221021165943.1968044-1-dionnaglaze@google.com> X-Mailer: git-send-email 2.38.0.135.g90850a2211-goog Message-ID: <20221021165943.1968044-2-dionnaglaze@google.com> Subject: [PATCH v3 1/4] ccp: Name -1 return value as SEV_RET_NO_FW_CALL From: Dionna Glaze To: linux-kernel@vger.kernel.org, x86@kernel.org Cc: Dionna Glaze , Thomas Lendacky , Paolo Bonzini , Joerg Roedel , Ingo Molnar , Andy Lutomirsky X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1747317753199371750?= X-GMAIL-MSGID: =?utf-8?q?1747317753199371750?= The PSP can return a "firmware error" code of -1 in circumstances where the PSP is not actually called. To make this protocol unambiguous, we add a constant naming the return value. From: Peter Gonda Cc: Thomas Lendacky Cc: Paolo Bonzini Cc: Joerg Roedel Cc: Ingo Molnar Cc: Andy Lutomirsky Signed-off-by: Dionna Glaze --- drivers/crypto/ccp/sev-dev.c | 2 +- include/uapi/linux/psp-sev.h | 7 +++++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 06fc7156c04f..97eb3544ab36 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -444,7 +444,7 @@ static int __sev_platform_init_locked(int *error) { struct psp_device *psp = psp_master; struct sev_device *sev; - int rc = 0, psp_ret = -1; + int rc = 0, psp_ret = SEV_RET_NO_FW_CALL; int (*init_function)(int *error); if (!psp || !psp->sev_data) diff --git a/include/uapi/linux/psp-sev.h b/include/uapi/linux/psp-sev.h index 91b4c63d5cbf..fb61e083d42e 100644 --- a/include/uapi/linux/psp-sev.h +++ b/include/uapi/linux/psp-sev.h @@ -36,6 +36,13 @@ enum { * SEV Firmware status code */ typedef enum { + /* + * This error code is not in the SEV spec but is added to convey that + * there was an error that prevented the SEV Firmware from being called. + * This is (u32)-1 since the firmware error code part of EXIT_INFO_2 is + * the lower 32 bits. + */ + SEV_RET_NO_FW_CALL = 0xffffffff, SEV_RET_SUCCESS = 0, SEV_RET_INVALID_PLATFORM_STATE, SEV_RET_INVALID_GUEST_STATE, From patchwork Fri Oct 21 16:59:41 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dionna Amalie Glaze X-Patchwork-Id: 6886 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:4242:0:0:0:0:0 with SMTP id s2csp808298wrr; Fri, 21 Oct 2022 10:07:07 -0700 (PDT) X-Google-Smtp-Source: AMsMyM6xi4tBZ1Z/+j0rKmqn2YumA/WovkMpP6Le5mp9b6YO7QAdqZgW/XuyIvodIi4OgCS8f6Db X-Received: by 2002:a05:6402:401e:b0:45c:a1ce:94bf with SMTP id d30-20020a056402401e00b0045ca1ce94bfmr18039053eda.177.1666372027345; Fri, 21 Oct 2022 10:07:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666372027; cv=none; d=google.com; s=arc-20160816; b=apIiSXBaodBqLR1XRxoVrDe/9HQi33hSCBoFAEdZQ0Giv+EWRxcG5hjBPaFEuM6Tcv idcqd0N4sfY9AeRylJtzbJGctunf1d0SSLe3UQ1tpEqQVRIDNyS1djaoiFQ6/MyoSROP qeEsMEpFr/vU1d6NnJQjbzNnryTdsNtk0yf/bA3AltQxos0Te1Z2Yt3qGSMRWtLmQoNH KQchWEtuadiobW2iV7mJ6/LXkgZpIMhS9a5mIN23IXwn+Sw+7XGoTcoc65RDXvAC4V9f tCTpjPQjN+vV1/nB2tiNHxAccMNpEsdPjxdaRSOvp7G/6+Xnx1q8UUEmpJ7vD0834HqI bqdQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:dkim-signature; bh=VPzkRYiEhEJdjJcMQc6JBwHg+TKgr2BSOIUTw0Esdx8=; b=oaaJPNy9o+llBHqbuztPWosU4F+zS+4dk6w8jENFf1M9BxsYmv0urCW4J4RrUfJcBe Jjh5CY65R4tPs5Vwv4Irf5Si5/vSk/1WHra+JPh6UxQtrkuJGauLOI/hASEpDkyaF4v4 KJeClBFdbH3ErGRWCKkOeNPUQdC8dPnpsSjzhL20oqvLOCU2+eXAdM1R0vl+8C21QHCf z3bOoG7FbHMfcjn4X9tzLyvbFaeC+/TbRCMPXVDgtlc6ck9fg0PgiOUIe3ukTr8X/YCU mQ7V1Doq6f53S/AMf9sVIIwIoNCRveyUdpQCDaKU1WYhNv5s350X5L6mnck31f8JQrtb Pf7A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=Ve1rHl0w; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id sh40-20020a1709076ea800b0078d1e610b3esi20111467ejc.26.2022.10.21.10.06.41; Fri, 21 Oct 2022 10:07:07 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=Ve1rHl0w; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229494AbiJURAE (ORCPT + 99 others); Fri, 21 Oct 2022 13:00:04 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50574 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229763AbiJURAC (ORCPT ); Fri, 21 Oct 2022 13:00:02 -0400 Received: from mail-pl1-x64a.google.com (mail-pl1-x64a.google.com [IPv6:2607:f8b0:4864:20::64a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A31E851A2C for ; Fri, 21 Oct 2022 09:59:52 -0700 (PDT) Received: by mail-pl1-x64a.google.com with SMTP id p3-20020a170902e74300b0018546b77dccso2003175plf.17 for ; Fri, 21 Oct 2022 09:59:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=VPzkRYiEhEJdjJcMQc6JBwHg+TKgr2BSOIUTw0Esdx8=; b=Ve1rHl0wvmEV+BaAo+AZbIjJY+aKHDudtiZg5pxgxHHbv7Q0LZBBxX+1Yiw80ft0dw oY/2D4LjoidfZcWSyCzI2syNgkKzsj2IAzeJr1OOW80f5ZT9JcFnjInJbv86ng3khx20 KbFmr0M4xkf8SFMrlNv8cmgZ3FNM6AibVN1EU5h9lB8rsHb3F8T/A+W+fpLz+ZsHw81i EqP77QJWylrgiUEa9miAw3OSBdvannh2tWWi/8dIc8XARg65nbUBGtRcwF5YFIcY5R/3 aeBM1Z6vjh/F7UxPwOMWf57HtQLAVM3g5gKG/M2jB0nONJynwHMwTpmuhazhaV3UGr52 VY3g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=VPzkRYiEhEJdjJcMQc6JBwHg+TKgr2BSOIUTw0Esdx8=; b=CrqoR3C7URS7CY7DshfBCb6fnTck3Km94grg1KFSxAOFBTO9v+HX6ApbO1Eqci+AGl 9cW/hLZPVdsPmN9XRQK3fMTd+VL16ylrABx+yadx/Fyw1ET0srM99d/QvtZWZ+oAgHaq W8OvtFcsJ5HkeO+015SETRoxwCsNpeIgQVs9PQrinSCQwumrNxS5BuSu1PPAmZO2gD0k 67jQBAeszRgnJWSIwU0BuTwnCUM64JGRmHHjiQEyOc3w7hcfW9yA6YuUuJM6fX0RnwH1 idqq+uokPkv29EuZqaS1QLCWOfQRHw5VjVFjP0u6OuYse6KmL14VadguhrxtF5lHvzf5 wAiQ== X-Gm-Message-State: ACrzQf0FQBbxVb3qlb0v3aRCw1FhwxGlABINC87BfKbAxypJpQ0H8xgc y+pKy0x1jYxN4Ym3vzASIWcMa91Im1AGYJScBloTrUAWSAvuLdDNUINYuE8EZz7vwQc/qiEK7il 99Lrsp9oMZDttffXBlkDzjQ0FqNAohLfYB5E1mUK1hfXvfKConv7yaglS+kKYh98XPYxZMk17N2 MnIkymrZc= X-Received: from dionnaglaze.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6]) (user=dionnaglaze job=sendgmr) by 2002:a17:902:ec83:b0:17c:afb3:d1ec with SMTP id x3-20020a170902ec8300b0017cafb3d1ecmr20014781plg.172.1666371592336; Fri, 21 Oct 2022 09:59:52 -0700 (PDT) Date: Fri, 21 Oct 2022 16:59:41 +0000 In-Reply-To: <20221021165943.1968044-1-dionnaglaze@google.com> Mime-Version: 1.0 References: <20221021165943.1968044-1-dionnaglaze@google.com> X-Mailer: git-send-email 2.38.0.135.g90850a2211-goog Message-ID: <20221021165943.1968044-3-dionnaglaze@google.com> Subject: [PATCH v3 2/4] x86/sev: Change snp_guest_issue_request's fw_err From: Dionna Glaze To: linux-kernel@vger.kernel.org, x86@kernel.org Cc: Dionna Glaze , Tom Lendacky , Paolo Bonzini , Joerg Roedel , Peter Gonda , Thomas Gleixner , Dave Hansen X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1747317714901453602?= X-GMAIL-MSGID: =?utf-8?q?1747317714901453602?= The GHCB specification declares that the firmware error value for a guest request will be stored in the lower 32 bits of EXIT_INFO_2. The upper 32 bits are for the VMM's own error code. The fw_err argument is thus a misnomer, and callers will need access to all 64 bits. The type of unsigned long also causes problems, since sw_exit_info2 is u64 (unsigned long long) vs the argument's previous unsigned long*. The signature change requires the follow-up change to drivers/virt/coco/sev-guest to use the new expected type in order to compile. The firmware might not even be called, so we bookend the call with the no firmware call error and clearing the error. Cc: Tom Lendacky Cc: Paolo Bonzini Cc: Joerg Roedel Cc: Peter Gonda Cc: Thomas Gleixner Cc: Dave Hansen Fixes: d5af44dde546 ("x86/sev: Provide support for SNP guest request NAEs") Signed-off-by: Dionna Glaze --- arch/x86/include/asm/sev.h | 4 ++-- arch/x86/kernel/sev.c | 11 ++++++++--- 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index ebc271bb6d8e..8ebd78b6a57c 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -196,7 +196,7 @@ void snp_set_memory_private(unsigned long vaddr, unsigned int npages); void snp_set_wakeup_secondary_cpu(void); bool snp_init(struct boot_params *bp); void __init __noreturn snp_abort(void); -int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, unsigned long *fw_err); +int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, u64 *exitinfo2); #else static inline void sev_es_ist_enter(struct pt_regs *regs) { } static inline void sev_es_ist_exit(void) { } @@ -217,7 +217,7 @@ static inline void snp_set_wakeup_secondary_cpu(void) { } static inline bool snp_init(struct boot_params *bp) { return false; } static inline void snp_abort(void) { } static inline int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, - unsigned long *fw_err) + unsigned long *exitinfo2) { return -ENOTTY; } diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index a428c62330d3..5a402df7549e 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -22,6 +22,7 @@ #include #include #include +#include #include #include @@ -2175,7 +2176,7 @@ static int __init init_sev_config(char *str) } __setup("sev=", init_sev_config); -int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, unsigned long *fw_err) +int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, u64 *exitinfo2) { struct ghcb_state state; struct es_em_ctxt ctxt; @@ -2186,9 +2187,11 @@ int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, unsigned if (!cc_platform_has(CC_ATTR_GUEST_SEV_SNP)) return -ENODEV; - if (!fw_err) + if (!exitinfo2) return -EINVAL; + *exitinfo2 = SEV_RET_NO_FW_CALL; + /* * __sev_get_ghcb() needs to run with IRQs disabled because it is using * a per-CPU GHCB. @@ -2218,9 +2221,11 @@ int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, unsigned ghcb->save.sw_exit_info_2 == SNP_GUEST_REQ_INVALID_LEN) input->data_npages = ghcb_get_rbx(ghcb); - *fw_err = ghcb->save.sw_exit_info_2; + *exitinfo2 = ghcb->save.sw_exit_info_2; ret = -EIO; + } else { + *exitinfo2 = 0; } e_put: From patchwork Fri Oct 21 16:59:42 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dionna Amalie Glaze X-Patchwork-Id: 6885 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:4242:0:0:0:0:0 with SMTP id s2csp808272wrr; Fri, 21 Oct 2022 10:07:05 -0700 (PDT) X-Google-Smtp-Source: AMsMyM5J0VX1Tzx7u8HW1244Xi1WCRdeR+VrwoEjHfVvFu4ggcUQqCUe36HYVRfWiQsbeppDws2J X-Received: by 2002:a17:90a:990d:b0:212:d772:1ab4 with SMTP id b13-20020a17090a990d00b00212d7721ab4mr2441168pjp.184.1666372025007; Fri, 21 Oct 2022 10:07:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666372025; cv=none; d=google.com; s=arc-20160816; b=sXr85zlnx6xLXF1oxZt+Ex1qs9ES7LPt6o6DQbczVguNEzDEUyuy2WRwgFHt02v2fZ 7mfFIaExbp2LbBH7SekYX1E9qBxkwom2/BhiiNgICgRG8bCcKNmffR1A6y+j1eiDnl1q nG3BJjtx8kOMX5xbmDnPOT6W4ku+GkZ3Xp9PbjYju4nIzmiZU+f9pcj7BEae3OsoGnZG 2w7Nl7m8JZVUG8vfEliVCc2gc21Paxhw8WfzEpl52TzLcmlo49uBsdvYZgp4GfU5hYNf RLajjMbkicIpO5nyZXZZbJ1XWXgA89Ac/QzDV/Qdbv/6d3HVD60xsvDAlHD9P2uLozgH 1DlQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:dkim-signature; bh=t50s+W2sjRzmfaqPHM8BWoKuylKuq2NrCynpVhPS9Gk=; b=KQIZITsq2emcLALSQlCSZTW2CYmDHoSvCyrOGfNVbONyZpmHkP7WB7qG4UrGqm2SaN D0zvhpvrGJJhy59dwzq0PzFI9ajPGK/6JO2z88UWBN81vk0NZo4d7vMybwEPOdepqgy1 o7hFRyxjt5ecikDG5elvc9SfZD1UeHGP8liIUMF9G2aTl5DlEDlU258JdoOBeLYnellf i8JY3ObUyWcHxdInq92DhPnI/j2tc7PViAuAX3lIYc7VuYyfoE1X0wbaQOwPoCfOPxTs qzL5t3zQWNvXLjqKdNiEcgNJyGFqB3FRBmwhBy2S0RSXupdVft/J4gBlTWo6hXybtLUJ bHpQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=D9gJIDip; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id y15-20020a655b0f000000b004613324b2f8si26244987pgq.747.2022.10.21.10.06.51; Fri, 21 Oct 2022 10:07:04 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=D9gJIDip; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229995AbiJURAQ (ORCPT + 99 others); Fri, 21 Oct 2022 13:00:16 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50962 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229975AbiJURAE (ORCPT ); Fri, 21 Oct 2022 13:00:04 -0400 Received: from mail-pl1-x64a.google.com (mail-pl1-x64a.google.com [IPv6:2607:f8b0:4864:20::64a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 505AE558F4 for ; Fri, 21 Oct 2022 09:59:54 -0700 (PDT) Received: by mail-pl1-x64a.google.com with SMTP id o17-20020a170902d4d100b0018552c4f4bcso1996722plg.13 for ; Fri, 21 Oct 2022 09:59:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=t50s+W2sjRzmfaqPHM8BWoKuylKuq2NrCynpVhPS9Gk=; b=D9gJIDipIbDmmnhQPtT5HvABc6SjejzqBT5yiNYUXkric3SrAQON1oJaySHETkWhRF PX+KXKZ8JyA88v5tE4EMTFFJ56/REmpBVnlywvFa42c+E/x0SheZzLwiWE2jhqQ+ldz/ enUDwkgtlYTXMR/moT5KYh1uSh5HqP4f5+krbjx7kwfdJGvD8LMPgse7XWYz84ecIap3 Gm1jQw7vlBv3YOHYsL+3u0MKUTb4Wr9w9Kl/hnfs7pZzn9geE9pgrSyKDnTu2C10Z9vr 7m2WMljG5b0dphDbKtqSD/H50W5Ti5sTtcWvFUQJcn/fzKGTVFPvaTkkgPtnH78qD43g NoSg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=t50s+W2sjRzmfaqPHM8BWoKuylKuq2NrCynpVhPS9Gk=; b=Z84mbLYoaaHWZQaHkhTVpLqYOUqgFTVFYMRIs1sCb0pCFGSpKBQcN0cwBHylTIedwG tnSF81C+Dn6LD/iPXM1v/8ig6D9uBMTLaTkaw5y+Z6JWCj6C44N/SHo7sfjCH2SPJ4Gx QunKNEQFhFD5+i+vjXGPGbbxkut/rnlA9zhtQxCP8jjeIYNWBvEy9Qnn/no6NgOysimm A9Z6XcD44midn81meKuoISjBAQaEDpjmJCzBzG/UTes7w0BCmFQ7+kVL4tZwVAnf0qh6 r074J8pKTH5jZHwxmOLNl6E5AqWFtmH1p7oon0Li9R5g5dEkyUpihODhXZ8jJNYQr0dy poxg== X-Gm-Message-State: ACrzQf0M3EsiZ/lMmAUi9oIbTQ0JPTdLdbtpIrDo0yIkzTuTydrXgP7o b7br5YS2kDVfWZFNp7odBRR1h0WHOfCGNcLPlV4DJhOnotSmb3YowWZx4Pp6S+umrLYc8/bP6s2 arAw2G25RZRhUXaXXXP44HF8eJxSx8lwabJuzK6PqseLRyCBfI8Zjxpftzgcgr+xnr7u+br/T3K 6GdCBLXkQ= X-Received: from dionnaglaze.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6]) (user=dionnaglaze job=sendgmr) by 2002:a17:902:e191:b0:181:b25e:9c17 with SMTP id y17-20020a170902e19100b00181b25e9c17mr20441665pla.57.1666371593958; Fri, 21 Oct 2022 09:59:53 -0700 (PDT) Date: Fri, 21 Oct 2022 16:59:42 +0000 In-Reply-To: <20221021165943.1968044-1-dionnaglaze@google.com> Mime-Version: 1.0 References: <20221021165943.1968044-1-dionnaglaze@google.com> X-Mailer: git-send-email 2.38.0.135.g90850a2211-goog Message-ID: <20221021165943.1968044-4-dionnaglaze@google.com> Subject: [PATCH v3 3/4] virt/coco/sev-guest: Remove err in handle_guest_request From: Dionna Glaze To: linux-kernel@vger.kernel.org, x86@kernel.org Cc: Dionna Glaze , Tom Lendacky , Paolo Bonzini , Joerg Roedel , Peter Gonda , Thomas Gleixner , Dave Hansen X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1747317712508743769?= X-GMAIL-MSGID: =?utf-8?q?1747317712508743769?= The err variable may not be set in the call to snp_issue_guest_request, yet it is unconditionally written back to fw_err if fw_err is non-null. This is undefined behavior, and currently returns uninitialized kernel stack memory to user space. The fw_err argument is better to just pass through to snp_issue_guest_request, so we do that. Since the issue_request's signature has changed fw_err to exitinfo2, we change the argument name here. Cc: Tom Lendacky Cc: Paolo Bonzini Cc: Joerg Roedel Cc: Peter Gonda Cc: Thomas Gleixner Cc: Dave Hansen Fixes: fce96cf04430 ("virt: Add SEV-SNP guest driver") Signed-off-by: Dionna Glaze --- drivers/virt/coco/sev-guest/sev-guest.c | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/drivers/virt/coco/sev-guest/sev-guest.c b/drivers/virt/coco/sev-guest/sev-guest.c index f422f9c58ba7..0508c2f46f6b 100644 --- a/drivers/virt/coco/sev-guest/sev-guest.c +++ b/drivers/virt/coco/sev-guest/sev-guest.c @@ -303,9 +303,8 @@ static int enc_payload(struct snp_guest_dev *snp_dev, u64 seqno, int version, u8 static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, int msg_ver, u8 type, void *req_buf, size_t req_sz, void *resp_buf, - u32 resp_sz, __u64 *fw_err) + u32 resp_sz, __u64 *exitinfo2) { - unsigned long err; u64 seqno; int rc; @@ -322,9 +321,7 @@ static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, in return rc; /* Call firmware to process the request */ - rc = snp_issue_guest_request(exit_code, &snp_dev->input, &err); - if (fw_err) - *fw_err = err; + rc = snp_issue_guest_request(exit_code, &snp_dev->input, exitinfo2); if (rc) return rc; From patchwork Fri Oct 21 16:59:43 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dionna Amalie Glaze X-Patchwork-Id: 6887 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:4242:0:0:0:0:0 with SMTP id s2csp808591wrr; Fri, 21 Oct 2022 10:07:38 -0700 (PDT) X-Google-Smtp-Source: AMsMyM4LLOGnrd1+ux6vg0WuS4aPIkv+Sy6/oRcFtEGMq820dew25s+wlmiS8dVl1herdCxVGaNI X-Received: by 2002:a05:6402:42c7:b0:45c:a6f1:c0af with SMTP id i7-20020a05640242c700b0045ca6f1c0afmr17941216edc.75.1666372058332; Fri, 21 Oct 2022 10:07:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666372058; cv=none; d=google.com; s=arc-20160816; b=zuChBWoM52GaTvJs1RDVnwmP0BisTTrPOZFGIBG69iNZR4NMka00H4vTWHjIREOe+2 XPt7+SQbPQoOcVdVThsRTYMHB5Qz8/byxafGRxrUqw15aEALz/CR6lGccAMRAL8p97du h+5i59cx3a4v2l338dAXl6E4O0RZdttiM/8RPhC3RoaNQ1/A7bi0aW2zSfKg3dgCEZnY +lWeL3/c2YQqjBq2LC6Owmh4GHHHIfcCfP8P9VLllEunF4bxgqCIQFHNsV4SyVov8dm7 4xqCAH+7zQ7nEjKjEVSToNW2jW5okLjkcVb6FYfuAv0VF2jduR4KmW1+hCrhmTOsAdWm GxBQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:dkim-signature; bh=dO505Xy9Iu56vKjLdviNHzvPncOQ05EfhM0+fDYGP1k=; b=CJegsEcHpA3hDQkF/MRU/i74R/fA282XhiDVYnVK+UTmPDkkxcc40xmDJVSNLxpPbY NNcV1UyLnG6T1vrYH3JqQK97FpDTn1nALRQ0YpoGP4+kwunYgh3yQYEX0qosXrexXbid uHRVv9eP8jxVOA97ve3XCU8u39hgxJn+NrSKjhDDgRh6I2Yp7cFG/s7wF+MDZ+bIIJbl RDz7I/zfAiHvwnrm4F8enL+Uu+i68GrOoaT4I5cMdO5Defqv/Jnbo0v8Th/q7+r+pjRT sPZU1xb7Nc1idfhBttkPTA4h+LjlHv858ULWJnx+rc18Oq93B5p0biI0lZ1NekOH/h6a 9uSw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=FFU2BCN+; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id b15-20020a056402350f00b0045bfaaab6d1si21412658edd.48.2022.10.21.10.07.10; Fri, 21 Oct 2022 10:07:38 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=FFU2BCN+; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229961AbiJURAV (ORCPT + 99 others); Fri, 21 Oct 2022 13:00:21 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51340 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230054AbiJURAN (ORCPT ); Fri, 21 Oct 2022 13:00:13 -0400 Received: from mail-pg1-x549.google.com (mail-pg1-x549.google.com [IPv6:2607:f8b0:4864:20::549]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 97A085603D for ; Fri, 21 Oct 2022 09:59:56 -0700 (PDT) Received: by mail-pg1-x549.google.com with SMTP id s82-20020a632c55000000b0046b2491aa95so1615040pgs.7 for ; Fri, 21 Oct 2022 09:59:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=dO505Xy9Iu56vKjLdviNHzvPncOQ05EfhM0+fDYGP1k=; b=FFU2BCN+saMvG81c5ljwwxLZW9Rg/pTM6PuXKjVDcrafO80Nr5q1EKQ3MVmcJBTiNZ cSQLSGI3Tl+6MUwr6kngSsT3+lthevNxl2FW72nusDJ56Dez1OFahtdrdyAn77+0zeAH dglUnvnlJDB2n3QMWzc/yZHme2KTNjD5P2OvH1q2yoH5Pm2NHaMTZDmLSsfeYCq51jUA BuudSfVO55MgZqeWXMUC56jfGhiG9SemjaZynM1T+gwcQgzSvVX9TAqvw2FcAiXDPRGY xJ7QvAZ+GkX/cSaMcYfVguBMjJTkyH0xYF3eUgvXweV52j64YsvNChJ6g0k7IF34I3RT 8Qgg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=dO505Xy9Iu56vKjLdviNHzvPncOQ05EfhM0+fDYGP1k=; b=P7nSXHSChrpJjFDwGvQ6ZByuyVAVNIihrLeqlBx9Fanqq2cxrgvSYHK6wW8ycxSTDB 0DXfpUIOCg9l0kG1oy9En1kqilV5Ogo1TCzllRvkeXHEAxtCX6X5IJGU+QukRs2M2XXf Ns/2y0/mnA9J7jepWrQ0ln0wdpPQWWMsoU1bl+kW38fc/+i+jTHrzfLzKb3HwDTALwNZ f2wRRaLSF+sKc1OYeTY9HKw3zfEnTtgUbl+d8cNvSSDGFAKHiukrF3ubm0Z6WD5WLMG0 pbmYRQHf6KwUB64z22BL4kEeNyE1TrXI4bwRc6r6cdT6bbxni1TibJHfJjYdR2URYF9M UR1A== X-Gm-Message-State: ACrzQf1e4FjXKFttdC7svbwzR1gFZtb7U9uvIVKwm4RJ4ljvAy1wi7EK XN+eo167HukacV5ERr19moIdB8a8any0S0byPaUwrDWyXQR04XXDvSOYY3gXWf+u/j/6NyG8aYY vtzPwaOhNpleiwrGR5mj4JB3jjcpVuI0P1MztRCfj/WRqLMb34x6op6mJ9sVpHmASc45DEYftXb 6yT5ek1g4= X-Received: from dionnaglaze.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6]) (user=dionnaglaze job=sendgmr) by 2002:a17:902:d70e:b0:178:2d9d:ba7b with SMTP id w14-20020a170902d70e00b001782d9dba7bmr20349417ply.90.1666371595675; Fri, 21 Oct 2022 09:59:55 -0700 (PDT) Date: Fri, 21 Oct 2022 16:59:43 +0000 In-Reply-To: <20221021165943.1968044-1-dionnaglaze@google.com> Mime-Version: 1.0 References: <20221021165943.1968044-1-dionnaglaze@google.com> X-Mailer: git-send-email 2.38.0.135.g90850a2211-goog Message-ID: <20221021165943.1968044-5-dionnaglaze@google.com> Subject: [PATCH v3 4/4] virt/coco/sev-guest: interpret VMM errors from guest request From: Dionna Glaze To: linux-kernel@vger.kernel.org, x86@kernel.org Cc: Dionna Glaze , Tom Lendacky , Paolo Bonzini , Joerg Roedel , Peter Gonda , Thomas Gleixner , Dave Hansen X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1747317747425861157?= X-GMAIL-MSGID: =?utf-8?q?1747317747425861157?= The GHCB specification states that the upper 32 bits of exitinfo2 are for the VMM's error codes. The sev-guest ABI has already locked in that the fw_err status of the input will be 64 bits, and that BIT_ULL(32) means that the extended guest request's data buffer was too small, so we have to keep that ABI. We can still interpret the upper 32 bits of exitinfo2 for the user anyway in case the request gets throttled. For safety, since the encryption algorithm in GHCBv2 is AES_GCM, we cannot return to user space without having completed the request with the current sequence number. If we were to return and the guest were to make another request but with different message contents, then that would be IV reuse. When throttled, the driver will reschedule itself and then try again. The ioctl may block indefinitely, but that has always been the case when deferring these requests to the host. Cc: Tom Lendacky Cc: Paolo Bonzini Cc: Joerg Roedel Cc: Peter Gonda Cc: Thomas Gleixner Cc: Dave Hansen Signed-off-by: Dionna Glaze --- drivers/virt/coco/sev-guest/sev-guest.c | 32 ++++++++++++++++++++----- include/uapi/linux/sev-guest.h | 18 ++++++++++++-- 2 files changed, 42 insertions(+), 8 deletions(-) diff --git a/drivers/virt/coco/sev-guest/sev-guest.c b/drivers/virt/coco/sev-guest/sev-guest.c index 0508c2f46f6b..7abf4c3daa6d 100644 --- a/drivers/virt/coco/sev-guest/sev-guest.c +++ b/drivers/virt/coco/sev-guest/sev-guest.c @@ -305,9 +305,12 @@ static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, in u8 type, void *req_buf, size_t req_sz, void *resp_buf, u32 resp_sz, __u64 *exitinfo2) { + unsigned int vmm_err; u64 seqno; int rc; + might_resched(); + /* Get message sequence and verify that its a non-zero */ seqno = snp_get_msg_seqno(snp_dev); if (!seqno) @@ -320,9 +323,26 @@ static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, in if (rc) return rc; +retry: /* Call firmware to process the request */ rc = snp_issue_guest_request(exit_code, &snp_dev->input, exitinfo2); + vmm_err = *exitinfo2 >> SNP_GUEST_VMM_ERR_SHIFT; + /* + * The host may return EBUSY if the request has been throttled. + * We retry in the driver to avoid returning and reusing the message + * sequence number on a different message. + */ + if (vmm_err == SNP_GUEST_VMM_ERR_BUSY) { + cond_resched(); + goto retry; + } + + if (vmm_err && vmm_err != SNP_GUEST_VMM_ERR_INVALID_LEN) { + pr_err("sev-guest: host returned unknown error code: %d\n", + vmm_err); + return -EINVAL; + } if (rc) return rc; @@ -375,7 +395,7 @@ static int get_report(struct snp_guest_dev *snp_dev, struct snp_guest_request_io rc = handle_guest_request(snp_dev, SVM_VMGEXIT_GUEST_REQUEST, arg->msg_version, SNP_MSG_REPORT_REQ, &req, sizeof(req), resp->data, - resp_len, &arg->fw_err); + resp_len, &arg->exitinfo2); if (rc) goto e_free; @@ -415,7 +435,7 @@ static int get_derived_key(struct snp_guest_dev *snp_dev, struct snp_guest_reque rc = handle_guest_request(snp_dev, SVM_VMGEXIT_GUEST_REQUEST, arg->msg_version, SNP_MSG_KEY_REQ, &req, sizeof(req), buf, resp_len, - &arg->fw_err); + &arg->exitinfo2); if (rc) return rc; @@ -477,10 +497,10 @@ static int get_ext_report(struct snp_guest_dev *snp_dev, struct snp_guest_reques snp_dev->input.data_npages = npages; ret = handle_guest_request(snp_dev, SVM_VMGEXIT_EXT_GUEST_REQUEST, arg->msg_version, SNP_MSG_REPORT_REQ, &req.data, - sizeof(req.data), resp->data, resp_len, &arg->fw_err); + sizeof(req.data), resp->data, resp_len, &arg->exitinfo2); /* If certs length is invalid then copy the returned length */ - if (arg->fw_err == SNP_GUEST_REQ_INVALID_LEN) { + if (arg->vmm_error == SNP_GUEST_VMM_ERR_INVALID_LEN) { req.certs_len = snp_dev->input.data_npages << PAGE_SHIFT; if (copy_to_user((void __user *)arg->req_data, &req, sizeof(req))) @@ -515,7 +535,7 @@ static long snp_guest_ioctl(struct file *file, unsigned int ioctl, unsigned long if (copy_from_user(&input, argp, sizeof(input))) return -EFAULT; - input.fw_err = 0xff; + input.exitinfo2 = SEV_RET_NO_FW_CALL; /* Message version must be non-zero */ if (!input.msg_version) @@ -546,7 +566,7 @@ static long snp_guest_ioctl(struct file *file, unsigned int ioctl, unsigned long mutex_unlock(&snp_cmd_mutex); - if (input.fw_err && copy_to_user(argp, &input, sizeof(input))) + if (input.exitinfo2 && copy_to_user(argp, &input, sizeof(input))) return -EFAULT; return ret; diff --git a/include/uapi/linux/sev-guest.h b/include/uapi/linux/sev-guest.h index 256aaeff7e65..8e4144aa78c9 100644 --- a/include/uapi/linux/sev-guest.h +++ b/include/uapi/linux/sev-guest.h @@ -52,8 +52,15 @@ struct snp_guest_request_ioctl { __u64 req_data; __u64 resp_data; - /* firmware error code on failure (see psp-sev.h) */ - __u64 fw_err; + /* bits[63:32]: VMM error code, bits[31:0] firmware error code (see psp-sev.h) */ + union { + __u64 exitinfo2; + __u64 fw_err; /* Name deprecated in favor of others */ + struct { + __u32 fw_error; + __u32 vmm_error; + }; + }; }; struct snp_ext_report_req { @@ -77,4 +84,11 @@ struct snp_ext_report_req { /* Get SNP extended report as defined in the GHCB specification version 2. */ #define SNP_GET_EXT_REPORT _IOWR(SNP_GUEST_REQ_IOC_TYPE, 0x2, struct snp_guest_request_ioctl) +/* Guest message request EXIT_INFO_2 constants */ +#define SNP_GUEST_FW_ERR_MASK GENMASK_ULL(31, 0) +#define SNP_GUEST_VMM_ERR_SHIFT 32 + +#define SNP_GUEST_VMM_ERR_INVALID_LEN 1 +#define SNP_GUEST_VMM_ERR_BUSY 2 + #endif /* __UAPI_LINUX_SEV_GUEST_H_ */