From patchwork Fri Aug 4 15:22:45 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tianyu Lan X-Patchwork-Id: 131230 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:44a:b0:3f2:4152:657d with SMTP id ez10csp349366vqb; Fri, 4 Aug 2023 08:43:50 -0700 (PDT) X-Google-Smtp-Source: AGHT+IG9Qqwxt9yeboO6DQL6/Ej39laumNxTcizkUMwGBjRlTcc0xctJzVQ+HqXAPGwNvEodyn4E X-Received: by 2002:a17:907:7711:b0:99b:f3f3:e412 with SMTP id kw17-20020a170907771100b0099bf3f3e412mr1773931ejc.52.1691163829759; Fri, 04 Aug 2023 08:43:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691163829; cv=none; d=google.com; s=arc-20160816; b=xBlb4SH+U0WgYMScEiUpcaqkzvRu7+/PuYsPjc0jHQJ/EhzG1x3EZyRb7yRzot/sfz cfPBsJ8/hG5b1w6C8k7P4em4NFivB7GIUP1MuTcT/Z78E3IxSYqROwvWKPifL0aTrilH e2rY+qphQP6zSAubtfBbDPS7A/JAgW3Xfel8reOh88Zy8xU25/z1eBDawDwcQKnYxRM9 c36MlZ8m2flWxtW5t1FN/+Ort2QvdjI/YeZ4sUIkl9LpX3SH+pm1u6j+mnh7JlWv/iYR 6pivtrVDMtew6dP1rYk55VR2wci9U2v+9kMUZJyOVccTaOrKGJJNfh/eXrPa0y7fWBgz 1Wxg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=bWip1yjzsAQRFOrEvjB5JNgb3BedXz/Vnpj8L+NzZSc=; fh=TxLVtSsj0Yk+bstPG6ly04YaPbvjOFEmGNSQ8sZkNQc=; b=QTtgf25RGLzGF4tks6mSvSZvqRgtJSuPN3VxnfCip4vbupHy7fit/Ay7KLgI+bf5dT I+hdMwPdw+aC6MrrzhuPgifNTN1lfrxG79XTzULuz61gr2jdhYP77vpSBkZaS3Bwn23P nAjj6oHeMIJ6faY2l3e4hOBDjqBh3n1xAlCniXHZ6C3Rfq16DWmjDEXpGYa5clyIYq1e XZz09myycTOLrWcempp2lnQcPghMePhpyE1hu2xwllDmmCacF3AqmYltCFRdNYKmpfSe pR/4zMPKoqCPRjLtbp0o5JLI+feJR1AHO5TGt16WX3GLTYJRGpStlp/Dapb+8YNGECXL PJrQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=SfKg0TdO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id m11-20020a170906258b00b0099396527229si979706ejb.65.2023.08.04.08.43.05; Fri, 04 Aug 2023 08:43:49 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=SfKg0TdO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232016AbjHDPXE (ORCPT + 99 others); Fri, 4 Aug 2023 11:23:04 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56880 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231995AbjHDPXA (ORCPT ); Fri, 4 Aug 2023 11:23:00 -0400 Received: from mail-pl1-x62c.google.com (mail-pl1-x62c.google.com [IPv6:2607:f8b0:4864:20::62c]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B60AF49EC; Fri, 4 Aug 2023 08:22:58 -0700 (PDT) Received: by mail-pl1-x62c.google.com with SMTP id d9443c01a7336-1bb7b8390e8so15855985ad.2; Fri, 04 Aug 2023 08:22:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1691162578; x=1691767378; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=bWip1yjzsAQRFOrEvjB5JNgb3BedXz/Vnpj8L+NzZSc=; b=SfKg0TdOwJDkmDL+yjgnKoH8G1QunwUxbpJplWgqhcOMKtaH5NaOAzIW9XTfvmK+qB /w3d4bDGZ60v2bJXHaEwCK95a0ex/Eva5Y8BCL75FsdldwLtVWPG8i6kO+0Djve1Z7kc 5rkr7Sd1Q1pdUb4+hSnDXYuJzOKfJ1OMfdTkbAgMQMpLFjKnbarrPY6PycR7glwc1xu2 eyc+m2xT9e7agifIWAZK4J2Xo6hssxH06lpue9rN9/8TKRLz+CjjK6SLDa5TshvkYJFG Qd2uu8lLKsVjQccVnufquDsbqwBRl9FjIVK1objIATObiLStJUaKTBpgFs+zVSldaosl aH4Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691162578; x=1691767378; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=bWip1yjzsAQRFOrEvjB5JNgb3BedXz/Vnpj8L+NzZSc=; b=XOZrUxK31C2gAf+4I69gCoeuEYepGcr4tZAWJA/p8CNiOpSp32p+bLg3+ILvqHC+2q JrNzKgf9nZN+NoCSle0yWOCzXI5c3h68PGE1iOC3UeSmlrPQ6bChjh+f6g+oq6zQchde XzHxUmIXHdNZiIK+/qGANkOWwKgUS2AaisHGcv+r8XWOiPOtYdsiwmrBt5UtABCCmZju XLxeoaqauf+0WN+UDV1yS1YnKzaerEyZznQG1cZF+53bhazdu9EoyWsNU6KRUz0MTexs X5tqC0f6+5lAbyQEfNStH2CsC6zyaR/uV17LMV0lm8EtPN1c342g5QIS6bg/gs5O2nTb Nt4w== X-Gm-Message-State: AOJu0Yx1PiPH5tgF9MoHSWAGFDyGfKE5S0MbWDlqciF0g/Wdi/ndZdP2 IIYl2qSNkGOjciH3/Tpjnik= X-Received: by 2002:a17:902:a711:b0:1b8:72b2:fd3b with SMTP id w17-20020a170902a71100b001b872b2fd3bmr1608076plq.54.1691162578087; Fri, 04 Aug 2023 08:22:58 -0700 (PDT) Received: from ubuntu-Virtual-Machine.corp.microsoft.com ([2001:4898:80e8:f:a0bf:7946:90be:721b]) by smtp.gmail.com with ESMTPSA id s21-20020a170902989500b001aaf2e8b1eesm1891325plp.248.2023.08.04.08.22.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 04 Aug 2023 08:22:57 -0700 (PDT) From: Tianyu Lan To: kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, decui@microsoft.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, daniel.lezcano@linaro.org, arnd@arndb.de, michael.h.kelley@microsoft.com Cc: Tianyu Lan , linux-arch@vger.kernel.org, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, vkuznets@redhat.com, Michael Kelley Subject: [PATCH V4 1/9] x86/hyperv: Add sev-snp enlightened guest static key Date: Fri, 4 Aug 2023 11:22:45 -0400 Message-Id: <20230804152254.686317-2-ltykernel@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230804152254.686317-1-ltykernel@gmail.com> References: <20230804152254.686317-1-ltykernel@gmail.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773313803568836660 X-GMAIL-MSGID: 1773313803568836660 From: Tianyu Lan Introduce static key isolation_type_en_snp for enlightened sev-snp guest check. Reviewed-by: Michael Kelley Signed-off-by: Tianyu Lan --- arch/x86/hyperv/ivm.c | 11 +++++++++++ arch/x86/include/asm/mshyperv.h | 3 +++ arch/x86/kernel/cpu/mshyperv.c | 9 +++++++-- drivers/hv/hv_common.c | 6 ++++++ include/asm-generic/mshyperv.h | 12 +++++++++--- 5 files changed, 36 insertions(+), 5 deletions(-) diff --git a/arch/x86/hyperv/ivm.c b/arch/x86/hyperv/ivm.c index 14f46ad2ca64..b2b5cb19fac9 100644 --- a/arch/x86/hyperv/ivm.c +++ b/arch/x86/hyperv/ivm.c @@ -413,3 +413,14 @@ bool hv_isolation_type_snp(void) { return static_branch_unlikely(&isolation_type_snp); } + +DEFINE_STATIC_KEY_FALSE(isolation_type_en_snp); +/* + * hv_isolation_type_en_snp - Check system runs in the AMD SEV-SNP based + * isolation enlightened VM. + */ +bool hv_isolation_type_en_snp(void) +{ + return static_branch_unlikely(&isolation_type_en_snp); +} + diff --git a/arch/x86/include/asm/mshyperv.h b/arch/x86/include/asm/mshyperv.h index 88d9ef98e087..2fa38e9f6207 100644 --- a/arch/x86/include/asm/mshyperv.h +++ b/arch/x86/include/asm/mshyperv.h @@ -26,6 +26,7 @@ union hv_ghcb; DECLARE_STATIC_KEY_FALSE(isolation_type_snp); +DECLARE_STATIC_KEY_FALSE(isolation_type_en_snp); typedef int (*hyperv_fill_flush_list_func)( struct hv_guest_mapping_flush_list *flush, @@ -45,6 +46,8 @@ extern void *hv_hypercall_pg; extern u64 hv_current_partition_id; +extern bool hv_isolation_type_en_snp(void); + extern union hv_ghcb * __percpu *hv_ghcb_pg; int hv_call_deposit_pages(int node, u64 partition_id, u32 num_pages); diff --git a/arch/x86/kernel/cpu/mshyperv.c b/arch/x86/kernel/cpu/mshyperv.c index c7969e806c64..5398fb2f4d39 100644 --- a/arch/x86/kernel/cpu/mshyperv.c +++ b/arch/x86/kernel/cpu/mshyperv.c @@ -402,8 +402,12 @@ static void __init ms_hyperv_init_platform(void) pr_info("Hyper-V: Isolation Config: Group A 0x%x, Group B 0x%x\n", ms_hyperv.isolation_config_a, ms_hyperv.isolation_config_b); - if (hv_get_isolation_type() == HV_ISOLATION_TYPE_SNP) + + if (cc_platform_has(CC_ATTR_GUEST_SEV_SNP)) { + static_branch_enable(&isolation_type_en_snp); + } else if (hv_get_isolation_type() == HV_ISOLATION_TYPE_SNP) { static_branch_enable(&isolation_type_snp); + } } if (hv_max_functions_eax >= HYPERV_CPUID_NESTED_FEATURES) { @@ -473,7 +477,8 @@ static void __init ms_hyperv_init_platform(void) #if IS_ENABLED(CONFIG_HYPERV) if ((hv_get_isolation_type() == HV_ISOLATION_TYPE_VBS) || - (hv_get_isolation_type() == HV_ISOLATION_TYPE_SNP)) + ((hv_get_isolation_type() == HV_ISOLATION_TYPE_SNP) && + ms_hyperv.paravisor_present)) hv_vtom_init(); /* * Setup the hook to get control post apic initialization. diff --git a/drivers/hv/hv_common.c b/drivers/hv/hv_common.c index 542a1d53b303..4b4aa53c34c2 100644 --- a/drivers/hv/hv_common.c +++ b/drivers/hv/hv_common.c @@ -502,6 +502,12 @@ bool __weak hv_isolation_type_snp(void) } EXPORT_SYMBOL_GPL(hv_isolation_type_snp); +bool __weak hv_isolation_type_en_snp(void) +{ + return false; +} +EXPORT_SYMBOL_GPL(hv_isolation_type_en_snp); + void __weak hv_setup_vmbus_handler(void (*handler)(void)) { } diff --git a/include/asm-generic/mshyperv.h b/include/asm-generic/mshyperv.h index 402a8c1c202d..6b5c41f90398 100644 --- a/include/asm-generic/mshyperv.h +++ b/include/asm-generic/mshyperv.h @@ -36,15 +36,21 @@ struct ms_hyperv_info { u32 nested_features; u32 max_vp_index; u32 max_lp_index; - u32 isolation_config_a; + union { + u32 isolation_config_a; + struct { + u32 paravisor_present : 1; + u32 reserved_a1 : 31; + }; + }; union { u32 isolation_config_b; struct { u32 cvm_type : 4; - u32 reserved1 : 1; + u32 reserved_b1 : 1; u32 shared_gpa_boundary_active : 1; u32 shared_gpa_boundary_bits : 6; - u32 reserved2 : 20; + u32 reserved_b2 : 20; }; }; u64 shared_gpa_boundary; From patchwork Fri Aug 4 15:22:46 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tianyu Lan X-Patchwork-Id: 131254 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:44a:b0:3f2:4152:657d with SMTP id ez10csp385266vqb; Fri, 4 Aug 2023 09:39:29 -0700 (PDT) X-Google-Smtp-Source: AGHT+IF8XTsAoRlVboGGXuDYJCMb6SCZxon3zvWP6E8CgDF2F2/K9u+9ZPxgESjMe8l8MvaF1LUT X-Received: by 2002:a17:906:32c6:b0:997:870d:e8fa with SMTP id k6-20020a17090632c600b00997870de8famr2121077ejk.1.1691167169334; Fri, 04 Aug 2023 09:39:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691167169; cv=none; d=google.com; s=arc-20160816; b=J+nOKfr6RkNj9q9aTFVvALt3tQ81m64Ek83NXDdMEEKOtrSr5azLFUczmsePraDGvF WI0kzuBmeQJRReeGzrLZR+ZU4WQirqkMVzQIJmxxd1WqelF6TFzHPuCy2pNvGQbHJkui HADycWExRUXm53K6c+PLpEUGxO0+MOdHJfBBvh5f7Amd0hYDHDs1+XQvNgV+RzOD0d9f m6Uvs/7Y69LYGST3IItICkYDG52subKb2Ks6vm1MlHSDluyq4DhisksS5U11J4JX8lo2 pmWXRZSYOMc/vtFGrPfgZ4cahlrQSJ/IivMcLnH/jhG+Pnh8DOyLcWzolWMRopIsKvGW FQ8w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=rfduK+LtiEx7csRmg3hNjj/M9RcB35FBofei0BjrvjM=; fh=TxLVtSsj0Yk+bstPG6ly04YaPbvjOFEmGNSQ8sZkNQc=; b=OzJ+ib4/xXwnA9b0BdO0QPg8UvYa05oIPz0cpXtu4s+k328ulPXfclhqKXOjXCgkp+ EOJxj3ugU5Pd91HX1f/piXpIBb+NKFi9RKsHS5RKTCKjvdPq/u5njOJKD9D3w2yAS4/5 8EUkINQD3jdnJuCe5WuXs3Z8I51uhSYsHk8jVyNo5bn9uXiMmybJDlCvH7QnpS+B7mAY B4K3LqlEPCgGfZY5Ru2HWdLL0Dx4kvZvJSOK+Fz1qDhOQa8hXyJ94MPeqPLIaBjltCd0 k7z2m22zFiqkbbTrb/Jzu1ctSmiju+Zk/uoy5oG5CvDUN5dnccH25WOdpSgop27OaYd4 ACdA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=YQeNNUep; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id k18-20020a1709065fd200b00992ac0466e2si903625ejv.653.2023.08.04.09.38.33; Fri, 04 Aug 2023 09:39:29 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=YQeNNUep; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232051AbjHDPXK (ORCPT + 99 others); Fri, 4 Aug 2023 11:23:10 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56914 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232012AbjHDPXC (ORCPT ); Fri, 4 Aug 2023 11:23:02 -0400 Received: from mail-pl1-x634.google.com (mail-pl1-x634.google.com [IPv6:2607:f8b0:4864:20::634]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 47198AC; Fri, 4 Aug 2023 08:23:01 -0700 (PDT) Received: by mail-pl1-x634.google.com with SMTP id d9443c01a7336-1bc02bd4eafso18920485ad.1; Fri, 04 Aug 2023 08:23:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1691162581; x=1691767381; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=rfduK+LtiEx7csRmg3hNjj/M9RcB35FBofei0BjrvjM=; b=YQeNNUep97udHqQLPHfDPgE37kZ1vCY4MnjJflBBzlK48gs46T0yidVw1g38bKbo93 zVCYV0Etlg7IJ0E1qHhbR9nNZq06e0oafIpIaHHYU4J+d1k78aH9700sqr5UMdNUgNDJ tzSB3cUO2e0KKpwQtQxnUb0UutyuEvQMKyfDRKsz1xVeErUL0NbvbzgcXJBwRhULngbm eHUmEOEAKBhxoTsjhEZ5lWM8+ayrv8g5crP3LRNCxMiP6Z1Mf7DsfJS6I34s8LZfXKje KAE55soEavsxPWmdmXduHcmGHbpA6dNIH1k2+BK+yhEeGBov+sUm6o1y8oq3P/AysFvk OU+A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691162581; x=1691767381; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=rfduK+LtiEx7csRmg3hNjj/M9RcB35FBofei0BjrvjM=; b=QlstfYREMNoUwTmUeuANn1c8sjIKOB7U+IPY46kQasDTlOIMxFaZrgE7ormn3ABE6C PIknKmuSEkQ8e8r3MFNY3kZUQ+Jum0WFE/ZlPvWI0QLoYho8/UP6Kz5eoHIJHjAfcDGV DRi1E1Xq9AJYHsQltxKZkm2IUyP/9UcfbQEZ2NwM7AJ5g5aiLXHR5zicdYvMtZUlZ/wk RDy6c1sTYdohXR+p17AlITWog7VajlIZUTB/fYgNL+nrUHvfDylw7PTfS8zE2UxQX+oK g0hJN0e9zWOznVOQjlmAJMD2UsS3DFVwQwieO6nYALodYETb/ZAVMecIuMFo/IzWBABF cBjQ== X-Gm-Message-State: AOJu0YxlNgZHEdn5i8NFNYMd2qIjoi7CEcKK8ljMDcEbTSWrW+hTXVp0 orScJRx4zc94YLpsKVtBT28= X-Received: by 2002:a17:902:d303:b0:1b8:b5f8:c485 with SMTP id b3-20020a170902d30300b001b8b5f8c485mr2424548plc.50.1691162580642; Fri, 04 Aug 2023 08:23:00 -0700 (PDT) Received: from ubuntu-Virtual-Machine.corp.microsoft.com ([2001:4898:80e8:f:a0bf:7946:90be:721b]) by smtp.gmail.com with ESMTPSA id s21-20020a170902989500b001aaf2e8b1eesm1891325plp.248.2023.08.04.08.22.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 04 Aug 2023 08:23:00 -0700 (PDT) From: Tianyu Lan To: kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, decui@microsoft.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, daniel.lezcano@linaro.org, arnd@arndb.de, michael.h.kelley@microsoft.com Cc: Tianyu Lan , linux-arch@vger.kernel.org, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, vkuznets@redhat.com, Michael Kelley Subject: [PATCH V4 2/9] x86/hyperv: Set Virtual Trust Level in VMBus init message Date: Fri, 4 Aug 2023 11:22:46 -0400 Message-Id: <20230804152254.686317-3-ltykernel@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230804152254.686317-1-ltykernel@gmail.com> References: <20230804152254.686317-1-ltykernel@gmail.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773317305659991585 X-GMAIL-MSGID: 1773317305659991585 From: Tianyu Lan SEV-SNP guests on Hyper-V can run at multiple Virtual Trust Levels (VTL). During boot, get the VTL at which we're running using the GET_VP_REGISTERs hypercall, and save the value for future use. Then during VMBus initialization, set the VTL with the saved value as required in the VMBus init message. Reviewed-by: Michael Kelley Signed-off-by: Tianyu Lan --- * Change since v2: Update the change log. --- arch/x86/hyperv/hv_init.c | 36 ++++++++++++++++++++++++++++++ arch/x86/include/asm/hyperv-tlfs.h | 7 ++++++ drivers/hv/connection.c | 1 + include/asm-generic/mshyperv.h | 1 + include/linux/hyperv.h | 4 ++-- 5 files changed, 47 insertions(+), 2 deletions(-) diff --git a/arch/x86/hyperv/hv_init.c b/arch/x86/hyperv/hv_init.c index 6c04b52f139b..1ba367a9686e 100644 --- a/arch/x86/hyperv/hv_init.c +++ b/arch/x86/hyperv/hv_init.c @@ -378,6 +378,40 @@ static void __init hv_get_partition_id(void) local_irq_restore(flags); } +static u8 __init get_vtl(void) +{ + u64 control = HV_HYPERCALL_REP_COMP_1 | HVCALL_GET_VP_REGISTERS; + struct hv_get_vp_registers_input *input; + struct hv_get_vp_registers_output *output; + u64 vtl = 0; + u64 ret; + unsigned long flags; + + local_irq_save(flags); + input = *this_cpu_ptr(hyperv_pcpu_input_arg); + output = (struct hv_get_vp_registers_output *)input; + if (!input) { + local_irq_restore(flags); + goto done; + } + + memset(input, 0, struct_size(input, element, 1)); + input->header.partitionid = HV_PARTITION_ID_SELF; + input->header.vpindex = HV_VP_INDEX_SELF; + input->header.inputvtl = 0; + input->element[0].name0 = HV_X64_REGISTER_VSM_VP_STATUS; + + ret = hv_do_hypercall(control, input, output); + if (hv_result_success(ret)) + vtl = output->as64.low & HV_X64_VTL_MASK; + else + pr_err("Hyper-V: failed to get VTL! %lld", ret); + local_irq_restore(flags); + +done: + return vtl; +} + /* * This function is to be invoked early in the boot sequence after the * hypervisor has been detected. @@ -506,6 +540,8 @@ void __init hyperv_init(void) /* Query the VMs extended capability once, so that it can be cached. */ hv_query_ext_cap(0); + /* Find the VTL */ + ms_hyperv.vtl = get_vtl(); return; clean_guest_os_id: diff --git a/arch/x86/include/asm/hyperv-tlfs.h b/arch/x86/include/asm/hyperv-tlfs.h index cea95dcd27c2..4bf0b315b0ce 100644 --- a/arch/x86/include/asm/hyperv-tlfs.h +++ b/arch/x86/include/asm/hyperv-tlfs.h @@ -301,6 +301,13 @@ enum hv_isolation_type { #define HV_X64_MSR_TIME_REF_COUNT HV_REGISTER_TIME_REF_COUNT #define HV_X64_MSR_REFERENCE_TSC HV_REGISTER_REFERENCE_TSC +/* + * Registers are only accessible via HVCALL_GET_VP_REGISTERS hvcall and + * there is not associated MSR address. + */ +#define HV_X64_REGISTER_VSM_VP_STATUS 0x000D0003 +#define HV_X64_VTL_MASK GENMASK(3, 0) + /* Hyper-V memory host visibility */ enum hv_mem_host_visibility { VMBUS_PAGE_NOT_VISIBLE = 0, diff --git a/drivers/hv/connection.c b/drivers/hv/connection.c index 5978e9dbc286..02b54f85dc60 100644 --- a/drivers/hv/connection.c +++ b/drivers/hv/connection.c @@ -98,6 +98,7 @@ int vmbus_negotiate_version(struct vmbus_channel_msginfo *msginfo, u32 version) */ if (version >= VERSION_WIN10_V5) { msg->msg_sint = VMBUS_MESSAGE_SINT; + msg->msg_vtl = ms_hyperv.vtl; vmbus_connection.msg_conn_id = VMBUS_MESSAGE_CONNECTION_ID_4; } else { msg->interrupt_page = virt_to_phys(vmbus_connection.int_page); diff --git a/include/asm-generic/mshyperv.h b/include/asm-generic/mshyperv.h index 6b5c41f90398..f73a044ecaa7 100644 --- a/include/asm-generic/mshyperv.h +++ b/include/asm-generic/mshyperv.h @@ -54,6 +54,7 @@ struct ms_hyperv_info { }; }; u64 shared_gpa_boundary; + u8 vtl; }; extern struct ms_hyperv_info ms_hyperv; extern bool hv_nested; diff --git a/include/linux/hyperv.h b/include/linux/hyperv.h index bfbc37ce223b..1f2bfec4abde 100644 --- a/include/linux/hyperv.h +++ b/include/linux/hyperv.h @@ -665,8 +665,8 @@ struct vmbus_channel_initiate_contact { u64 interrupt_page; struct { u8 msg_sint; - u8 padding1[3]; - u32 padding2; + u8 msg_vtl; + u8 reserved[6]; }; }; u64 monitor_page1; From patchwork Fri Aug 4 15:22:47 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tianyu Lan X-Patchwork-Id: 131296 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:c44e:0:b0:3f2:4152:657d with SMTP id w14csp23445vqr; Fri, 4 Aug 2023 11:26:43 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEyq87UHe2jF4TeruniRerMZcikl8PaO30NPANClTgI4cf+gE3YSUk6CvT8iArqMlPI+BxC X-Received: by 2002:a05:6a00:3a1f:b0:687:20d6:faea with SMTP id fj31-20020a056a003a1f00b0068720d6faeamr2510026pfb.15.1691173603387; Fri, 04 Aug 2023 11:26:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691173603; cv=none; d=google.com; s=arc-20160816; b=L/+HuMpGkjn+1VSb8fo1SmZ2NrTLC97QHAUIGBxd9x0nfisOetvCdttpG8k9cJ7vNt oBn6e2OQZ5ly2T2n0h6nQzCP6GIEEfSIg779qzhiSyFdd8rXMstj5RpDlT6uCA2XbO+T lIKMzN0VW57xv0+e8IyQOIubUfhTOp01s9rR0CVPQWWdElKWRnW+lsRBFK0hEzbxzmuU So33utywFhXPuIb0vs7Z/URT1pmLOTgx6L5An82RzHGnowJcpb3YCuS/EfH2ARidErxj m1NUNYsNmT/Kf32lwcHCtPlIUVSeYymbKCMWO7v/lLrMkHGBy1nRaVZ1J4nsBZElFuQh N9lA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=hJBdL12ty40lO6lWuXeIofQP11zU97c0ieetMiyqTqA=; fh=TxLVtSsj0Yk+bstPG6ly04YaPbvjOFEmGNSQ8sZkNQc=; b=JyDldXuO9pFa93zcK9Mb6E2JUCZe1t6kCCwfOLlyDqTkAFxxD5aDkWEY1Js3ytbJJ3 oZhMGa2rTDs77ReGKmV+0bstXrYqFTuAjsctWqgC354fXhkRFXqnStDY3PIRavaDSlMp nm3BNX77w4rCj5pjocsL6cwHQt6RNzaQc41hC6Eur0REqUJ4OJYt6jPaamAsSmTydpWW iba1NwXoQdZ7QJoa/3iRJSZdqT1QkPfQHOzfjYv7nh6d8c9HU1LChjDDPJ5CFVxWNn3H v9WXZV1idwt6wS+tWCg1oz5dWpSFVVN9ZOHC3y5yb3vRIyf1aO6YNI3Bmz/PfMlY/eD8 RZuA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=W2T5pP2E; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id e14-20020a056a001a8e00b006874802b48fsi2222226pfv.54.2023.08.04.11.26.29; Fri, 04 Aug 2023 11:26:43 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=W2T5pP2E; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232057AbjHDPXP (ORCPT + 99 others); Fri, 4 Aug 2023 11:23:15 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56944 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231998AbjHDPXE (ORCPT ); Fri, 4 Aug 2023 11:23:04 -0400 Received: from mail-pl1-x62d.google.com (mail-pl1-x62d.google.com [IPv6:2607:f8b0:4864:20::62d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A9B9649D7; Fri, 4 Aug 2023 08:23:03 -0700 (PDT) Received: by mail-pl1-x62d.google.com with SMTP id d9443c01a7336-1b8b4748fe4so15977835ad.1; Fri, 04 Aug 2023 08:23:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1691162583; x=1691767383; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=hJBdL12ty40lO6lWuXeIofQP11zU97c0ieetMiyqTqA=; b=W2T5pP2EJN5zqF8Z+DKcufI9AsnQKXIGa8KQQHYomVq+l/owylgAIbgpNvvAKhJcx4 gID+37L9h5GRh5H212epPftUmDJgZDx5+jyk+ouIa8tLWKpcxOF7HaM5Bn5G/Av1qbbu gGptNRIJcc3Vbj/Gq4oxgbJrnhn/hAfxrooUyw/rVq5an1ZfPq1glKnLtli4YRhhBpWl +JwlvYr524fPv6iEh++V/FAIoxph1khScslRIrTdHuFk2NHbMuseUSMe2nl8xc/bq2s4 +rCFJhQ6hrt9oquXyT0hQMy4aKrglGIpQl4o77WG7LeUrX9WgUkULxDP+6yQGoh3sTh6 3xhA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691162583; x=1691767383; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=hJBdL12ty40lO6lWuXeIofQP11zU97c0ieetMiyqTqA=; b=WKG72EyDZEiV8Af7RIIdJA1NSK+1vCHhXE3QZyueEAu5tdV834Sk4PQb3MnN7hcuA3 M+QHPMwIiZUs28EFdwa6Gt0MKmKvkYcSb+konxvrwIYic2Gz8k/tzzpJu9iUmQNlY4qb B0GnizoR20/i3czMlI0RDH7mqs6LbkGzbG1fpahgm+ZFevHL21fPp5jxDkYhvVcqDYu2 sVOqfM5D4E88sMYWvKkJNlKCOzvfAliYGgV7PSKDDkxZfRHKwYeLZ8Fr1ux0fsu7VnK3 fveZkSkN5ww4COBuieL7KetF5DbsKSm3LJJgnyVmD9dsRXWzADgn0uX7TSVV6z3zBz0+ OyMg== X-Gm-Message-State: AOJu0Yy/OVLzx1RZ8rxc89Bh1xfi04iaz8R1HJYWYUQiBV7SJ031Cqfq GbqaCfl/Hywtm+PXhMedzlI= X-Received: by 2002:a17:903:1247:b0:1bb:a6de:8e49 with SMTP id u7-20020a170903124700b001bba6de8e49mr2210844plh.9.1691162583111; Fri, 04 Aug 2023 08:23:03 -0700 (PDT) Received: from ubuntu-Virtual-Machine.corp.microsoft.com ([2001:4898:80e8:f:a0bf:7946:90be:721b]) by smtp.gmail.com with ESMTPSA id s21-20020a170902989500b001aaf2e8b1eesm1891325plp.248.2023.08.04.08.23.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 04 Aug 2023 08:23:02 -0700 (PDT) From: Tianyu Lan To: kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, decui@microsoft.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, daniel.lezcano@linaro.org, arnd@arndb.de, michael.h.kelley@microsoft.com Cc: Tianyu Lan , linux-arch@vger.kernel.org, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, vkuznets@redhat.com, Michael Kelley Subject: [PATCH V4 3/9] x86/hyperv: Mark Hyper-V vp assist page unencrypted in SEV-SNP enlightened guest Date: Fri, 4 Aug 2023 11:22:47 -0400 Message-Id: <20230804152254.686317-4-ltykernel@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230804152254.686317-1-ltykernel@gmail.com> References: <20230804152254.686317-1-ltykernel@gmail.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773324052645660377 X-GMAIL-MSGID: 1773324052645660377 From: Tianyu Lan hv vp assist page needs to be shared between SEV-SNP guest and Hyper-V. So mark the page unencrypted in the SEV-SNP guest. Reviewed-by: Michael Kelley Signed-off-by: Tianyu Lan --- arch/x86/hyperv/hv_init.c | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/arch/x86/hyperv/hv_init.c b/arch/x86/hyperv/hv_init.c index 1ba367a9686e..b004370d3b01 100644 --- a/arch/x86/hyperv/hv_init.c +++ b/arch/x86/hyperv/hv_init.c @@ -18,6 +18,7 @@ #include #include #include +#include #include #include #include @@ -106,8 +107,21 @@ static int hv_cpu_init(unsigned int cpu) * in hv_cpu_die(), otherwise a CPU may not be stopped in the * case of CPU offlining and the VM will hang. */ - if (!*hvp) + if (!*hvp) { *hvp = __vmalloc(PAGE_SIZE, GFP_KERNEL | __GFP_ZERO); + + /* + * Hyper-V should never specify a VM that is a Confidential + * VM and also running in the root partition. Root partition + * is blocked to run in Confidential VM. So only decrypt assist + * page in non-root partition here. + */ + if (*hvp && hv_isolation_type_en_snp()) { + WARN_ON_ONCE(set_memory_decrypted((unsigned long)(*hvp), 1)); + memset(*hvp, 0, PAGE_SIZE); + } + } + if (*hvp) msr.pfn = vmalloc_to_pfn(*hvp); From patchwork Fri Aug 4 15:22:48 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tianyu Lan X-Patchwork-Id: 131283 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:6358:1a9a:b0:139:fa0d:b2d with SMTP id gm26csp104982rwb; Fri, 4 Aug 2023 10:57:51 -0700 (PDT) X-Google-Smtp-Source: AGHT+IF8jpyJ+qyoLUMFp8XJx0LT5fcc39Whqh+sJ5+bWryNNmgCf/O72PNhUP0iBq6aAS5cVsNm X-Received: by 2002:a17:906:209b:b0:993:da87:1c81 with SMTP id 27-20020a170906209b00b00993da871c81mr491592ejq.20.1691171871437; Fri, 04 Aug 2023 10:57:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691171871; cv=none; d=google.com; s=arc-20160816; b=0ehEAMDlPjJWGJqG8UuAcyoDBCkIKym7os3QnCkySCpn3ClEt8wDUi+uZfsaj2q3v7 Eu2q5rUKkox0iiNhphLEdpx/UHGkcuOQ6vo6e2mdyVjywyuHtLl/ygjGEWrdQrmXHjHt sNhiCRGB4wqrSzxDWfvT3jzotjGmDhmbz2Ba31A3AiKeHwYG3orgZ3JE/iC1Jra1lPTJ PKD9edJEEaSHgQNw/wvnboVlaXiIen2QdNwM/oHGY2acYUsqM7UDOJ3wdaW0dclJfz54 SZ9ANpMfhLaNpAgs9OQZIZhVGbyFvT4zHU+wtqT1z2gOfLEfDj60PiH4pde5/k6bGtuv +TDg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=0mqb14LBzHQf18FY7xszQiIf830qOZYbv6/JECgr54c=; fh=TxLVtSsj0Yk+bstPG6ly04YaPbvjOFEmGNSQ8sZkNQc=; b=jAQES21sWg++05jLRF6IRmDlgoFvuhLV/ZuWqzo1h0WYqKq/lkr8pzd69zyTyXyAGw RUpEuioTfj1qp/sElNlqUdpAFZk2g4Wfrtyzq/O30hE86grU/WC/hpEl2NQxLEsvq4Gd bt4Kvqu7627jfddNAumL6pKoCy5OYPYtQ9E0ab5ct3rlVezhfKFzo5/BqslwA+baeq4p T/V6fZCbOWXpicMtPkFNkq5qgcXYaBONJ31d3+8WYfrya7WEDxN++dCztAc13dQpdXDL 4YzIU75ahUCwCrenfIoKoM5Sxd+hGZDbQoMSeheFyBwk/VfC6ntJ2yJGisnly3yRATKZ Xa1g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=ewvQeUgL; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id t15-20020a170906608f00b00987e40fd473si1871854ejj.1019.2023.08.04.10.57.23; Fri, 04 Aug 2023 10:57:51 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=ewvQeUgL; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232036AbjHDPXY (ORCPT + 99 others); Fri, 4 Aug 2023 11:23:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56994 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232031AbjHDPXH (ORCPT ); Fri, 4 Aug 2023 11:23:07 -0400 Received: from mail-pl1-x635.google.com (mail-pl1-x635.google.com [IPv6:2607:f8b0:4864:20::635]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 451AE49E8; Fri, 4 Aug 2023 08:23:06 -0700 (PDT) Received: by mail-pl1-x635.google.com with SMTP id d9443c01a7336-1bb2468257fso15359465ad.0; Fri, 04 Aug 2023 08:23:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1691162585; x=1691767385; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=0mqb14LBzHQf18FY7xszQiIf830qOZYbv6/JECgr54c=; b=ewvQeUgLX6uTQYq5z+/mwfrbq4AC2eOnbFrL/5kRmyq2f4jlf/xYcxMpWbG6d/BXrL eBmvRd9CHMu9sDx0RpP/OqJL4/itItEZBb/+2OFBdm0TwdYXn9DsQQXyMzcL1eLEcl/7 WjrmB9bpJQzkujo2l0f+iQZdS+PNfh41LUc2W2f668oHSEes0vD5YvTvvE0poRIe48B6 qGMvE6YLdrC4dSz4lriKsubc3DiEbDTS3f/3I48lFnq10fn4ridNgf83USuJP5ceiUEQ FciLzAddIcPdlnZrVtLAL7BuKRbsIwmkHmYJ27mgjk00SFY/6OsRVhaBUe5vmIbRUMEm 2zKA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691162585; x=1691767385; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=0mqb14LBzHQf18FY7xszQiIf830qOZYbv6/JECgr54c=; b=kDYEGPRzX1mI4VYW8KcVX6/i1SMyaO+kUAulx+n3ZPSxQNHjBOSixNDO6v/DUTlDRT OrKxPT+rsfWd3F3zQAZJ/X9/l6/nlaVEkjPuzF4c9aSJDqt+9JCOybghf8Qp7R+Bu/ro TC+AHf4Kbz9JqZ19k+vKj42Qs4sqY9jUDAN2mAKaEtb9h1L4OqQ3kuCOehelw0uyYw7V retGirYjgF0LGRxrPDiNe7fnSiQ8QWgkHIydsboDgXd5OX7BZfIcNjzU07xQc98A5Cki th9uMfRHIT8OUjnYvuRfjf3X0aD3AblPOBnyDZnU+YkQUwlUa2V2zVl1q1HYLkkpSRBB QLQw== X-Gm-Message-State: AOJu0YyiG1SW831zW9Y7J+lmKXU4ewsUV/naQzi75W0bqYXmv+7rUAZ/ d9v4pK0Jqhp/pFgeWr61mro= X-Received: by 2002:a17:902:b201:b0:1bb:94ed:20a with SMTP id t1-20020a170902b20100b001bb94ed020amr1640568plr.24.1691162585503; Fri, 04 Aug 2023 08:23:05 -0700 (PDT) Received: from ubuntu-Virtual-Machine.corp.microsoft.com ([2001:4898:80e8:f:a0bf:7946:90be:721b]) by smtp.gmail.com with ESMTPSA id s21-20020a170902989500b001aaf2e8b1eesm1891325plp.248.2023.08.04.08.23.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 04 Aug 2023 08:23:05 -0700 (PDT) From: Tianyu Lan To: kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, decui@microsoft.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, daniel.lezcano@linaro.org, arnd@arndb.de, michael.h.kelley@microsoft.com Cc: Tianyu Lan , linux-arch@vger.kernel.org, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, vkuznets@redhat.com, Michael Kelley Subject: [PATCH V4 4/9] drivers: hv: Mark percpu hvcall input arg page unencrypted in SEV-SNP enlightened guest Date: Fri, 4 Aug 2023 11:22:48 -0400 Message-Id: <20230804152254.686317-5-ltykernel@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230804152254.686317-1-ltykernel@gmail.com> References: <20230804152254.686317-1-ltykernel@gmail.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773322236166237074 X-GMAIL-MSGID: 1773322236166237074 From: Tianyu Lan Hypervisor needs to access input arg, VMBus synic event and message pages. Mark these pages unencrypted in the SEV-SNP guest and free them only if they have been marked encrypted successfully. Reviewed-by: Michael Kelley Signed-off-by: Tianyu Lan --- drivers/hv/hv.c | 57 +++++++++++++++++++++++++++++++++++++++--- drivers/hv/hv_common.c | 13 ++++++++++ 2 files changed, 67 insertions(+), 3 deletions(-) diff --git a/drivers/hv/hv.c b/drivers/hv/hv.c index de6708dbe0df..ec6e35a0d9bf 100644 --- a/drivers/hv/hv.c +++ b/drivers/hv/hv.c @@ -20,6 +20,7 @@ #include #include #include +#include #include "hyperv_vmbus.h" /* The one and only */ @@ -78,7 +79,7 @@ int hv_post_message(union hv_connection_id connection_id, int hv_synic_alloc(void) { - int cpu; + int cpu, ret = -ENOMEM; struct hv_per_cpu_context *hv_cpu; /* @@ -123,26 +124,76 @@ int hv_synic_alloc(void) goto err; } } + + if (hv_isolation_type_en_snp()) { + ret = set_memory_decrypted((unsigned long) + hv_cpu->synic_message_page, 1); + if (ret) { + pr_err("Failed to decrypt SYNIC msg page: %d\n", ret); + hv_cpu->synic_message_page = NULL; + + /* + * Free the event page here so that hv_synic_free() + * won't later try to re-encrypt it. + */ + free_page((unsigned long)hv_cpu->synic_event_page); + hv_cpu->synic_event_page = NULL; + goto err; + } + + ret = set_memory_decrypted((unsigned long) + hv_cpu->synic_event_page, 1); + if (ret) { + pr_err("Failed to decrypt SYNIC event page: %d\n", ret); + hv_cpu->synic_event_page = NULL; + goto err; + } + + memset(hv_cpu->synic_message_page, 0, PAGE_SIZE); + memset(hv_cpu->synic_event_page, 0, PAGE_SIZE); + } } return 0; + err: /* * Any memory allocations that succeeded will be freed when * the caller cleans up by calling hv_synic_free() */ - return -ENOMEM; + return ret; } void hv_synic_free(void) { - int cpu; + int cpu, ret; for_each_present_cpu(cpu) { struct hv_per_cpu_context *hv_cpu = per_cpu_ptr(hv_context.cpu_context, cpu); + /* It's better to leak the page if the encryption fails. */ + if (hv_isolation_type_en_snp()) { + if (hv_cpu->synic_message_page) { + ret = set_memory_encrypted((unsigned long) + hv_cpu->synic_message_page, 1); + if (ret) { + pr_err("Failed to encrypt SYNIC msg page: %d\n", ret); + hv_cpu->synic_message_page = NULL; + } + } + + if (hv_cpu->synic_event_page) { + ret = set_memory_encrypted((unsigned long) + hv_cpu->synic_event_page, 1); + if (ret) { + pr_err("Failed to encrypt SYNIC event page: %d\n", ret); + hv_cpu->synic_event_page = NULL; + } + } + } + free_page((unsigned long)hv_cpu->synic_event_page); free_page((unsigned long)hv_cpu->synic_message_page); } diff --git a/drivers/hv/hv_common.c b/drivers/hv/hv_common.c index 4b4aa53c34c2..2d43ba2bc925 100644 --- a/drivers/hv/hv_common.c +++ b/drivers/hv/hv_common.c @@ -24,6 +24,7 @@ #include #include #include +#include #include #include @@ -359,6 +360,7 @@ int hv_common_cpu_init(unsigned int cpu) u64 msr_vp_index; gfp_t flags; int pgcount = hv_root_partition ? 2 : 1; + int ret; /* hv_cpu_init() can be called with IRQs disabled from hv_resume() */ flags = irqs_disabled() ? GFP_ATOMIC : GFP_KERNEL; @@ -378,6 +380,17 @@ int hv_common_cpu_init(unsigned int cpu) outputarg = (void **)this_cpu_ptr(hyperv_pcpu_output_arg); *outputarg = (char *)(*inputarg) + HV_HYP_PAGE_SIZE; } + + if (hv_isolation_type_en_snp()) { + ret = set_memory_decrypted((unsigned long)*inputarg, pgcount); + if (ret) { + kfree(*inputarg); + *inputarg = NULL; + return ret; + } + + memset(*inputarg, 0x00, pgcount * PAGE_SIZE); + } } msr_vp_index = hv_get_register(HV_REGISTER_VP_INDEX); From patchwork Fri Aug 4 15:22:49 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tianyu Lan X-Patchwork-Id: 131250 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:44a:b0:3f2:4152:657d with SMTP id ez10csp382445vqb; Fri, 4 Aug 2023 09:34:36 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGWqLgQOgd9UwVBtwo6TEflJBSLJTbdotadx3PTpK1oHxjLEXQWE9Z1BIsncR/bnTZifHqk X-Received: by 2002:a17:907:7889:b0:99b:4668:865f with SMTP id ku9-20020a170907788900b0099b4668865fmr2342226ejc.10.1691166875831; Fri, 04 Aug 2023 09:34:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691166875; cv=none; d=google.com; s=arc-20160816; b=UNPZPmJ0NldVVO/tww80lt8c5G2UmAzftibIuiguwpif5bCFN3HT4uYOygY8vufNAO T2Nhk9dXV8ruzBOocNblYcuJerFO1QQhamiguOA6miSuzS9W5qbcJrB4u07iezKk0b2O wXh2C5GAr0tEGZxerVhA9arKdYsNGnqO9cSIvyNICXCcax5N/LvwqGuUzz7v9RI0yl6/ YG1g3QgUpX9gDIDmilDVSuff8W7NgZtcwx3EJBWP+rJcTddt5/VlBGEfJr2f9kQqEgRq Z8lLgH/a1mOTrfxG9vI+wQUkUYeJVmvOqpzsDz6OpTI1ji6k+Afu7UgQNQhgFZx7PIll VAKg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=lGDTbc8t+NaU1OP3xKzemfdpSc0H/y8ZWu0f/3/zAAY=; fh=0q4Ral/ZvWHifErBr5uVVFNUVQsTG1/TVmQRaCWii40=; b=riSFUfK8r097p6k30XlRprxxDhtqOqJ4YtwQgDc8KcCNqzQtCydOWDFa57YO1+/eQP 7vmwvwH6gLUFg7ALY+hko2OVswCLFgFY4MVZtole6AFEk6L9h42DgZw2pseWbVDEATKb Lyuo8kpT6/c+r1GK5djPsBQ7InCNrVO15QkmQMdSq01RuKvyM55s4my8UdOs6q1AIjxo 8S8vfDHn4QwDpA/zPTtFe+hRKavAcaKWGGFOqqOPyD1d5gbIl36CiXTCHD+v5gma4bhz 1L24qHpSxdZ3RECWmi/bQp4Kocty3xW7QNAZgB3SnpDI6rGMc0mR7d164anMv0RHvprG LUVg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=WRy+WGkn; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id gw1-20020a170906f14100b0099233cac125si1785979ejb.915.2023.08.04.09.33.53; Fri, 04 Aug 2023 09:34:35 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=WRy+WGkn; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232083AbjHDPX1 (ORCPT + 99 others); Fri, 4 Aug 2023 11:23:27 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57010 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232035AbjHDPXI (ORCPT ); Fri, 4 Aug 2023 11:23:08 -0400 Received: from mail-pl1-x632.google.com (mail-pl1-x632.google.com [IPv6:2607:f8b0:4864:20::632]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5956A49F0; Fri, 4 Aug 2023 08:23:07 -0700 (PDT) Received: by mail-pl1-x632.google.com with SMTP id d9443c01a7336-1b8ad8383faso19426985ad.0; Fri, 04 Aug 2023 08:23:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1691162587; x=1691767387; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=lGDTbc8t+NaU1OP3xKzemfdpSc0H/y8ZWu0f/3/zAAY=; b=WRy+WGkntymcLuEpT2lKn8XoQ/VswdVwHbhd3QD6XVOnnA7L6KrOK+9dePe1RJSBjD dLdGdHZTZfGW2KQ6cj+X9DUFfmb7AzkTzKoyfCnw+AtdIfslz0DDk5CuEE8sUVJR2MgZ I5l3D1KzymrYnTjXwbEIi6Si0NyPB+B0mWcFtxu+XoGIeBfBpE3W4n0/dm3VGAPqo+64 TUlGk32uiwzTd7u6TqhyRYvXeOTzs8sNFWagUMD30o7s0ZKMZ8yh+yaTvKwbVqBqRKLD Hca0c2qTf1wE4RdiX2bBmjYBEDIPvKala/RxbhwB0ZADxXlXCKhY5EjiIGcbcT9yr9vQ LLEw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691162587; x=1691767387; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=lGDTbc8t+NaU1OP3xKzemfdpSc0H/y8ZWu0f/3/zAAY=; b=MFpgYLlbQ9JLVUstpOWZ0ye3S1gvv9KhILn3P2/sAwFzsmLosTZXKpf9hYsJC47VnY ai69fGy3RbYg7SKuNEyrE6kUmeoH2PNlLs48njWp7AiVVHHiGXB0+3NzZX3dWPAVYOB6 OQCUC2bXPuIUQzY3TW0thusWsR8oYE5ImAxvT1KuJ9vs6FRkUG7aSz8oXPiIKs+Llkh5 Js5JZGbOIWFdvytGNEXuMGOXcco9taAqz8/oDEhZD2W31C8tMRs5TsVuJPpJssFkbkgd t3S2vqD/KGb4gGoZw+Y6QR82I36pgHdZv1TNX3gykZWPY2x0U7LH7iEb3QOxB0WdztxV k8SQ== X-Gm-Message-State: AOJu0Yy8dTnnV1vzgAu86IXFAEnJJrQNMHtz/nJJvhbDMOuPIhgoEZBp uP3yPBSNfUSXesu4OtYbF7A= X-Received: by 2002:a17:902:74c3:b0:1bc:203f:3b3c with SMTP id f3-20020a17090274c300b001bc203f3b3cmr2106299plt.24.1691162586772; Fri, 04 Aug 2023 08:23:06 -0700 (PDT) Received: from ubuntu-Virtual-Machine.corp.microsoft.com ([2001:4898:80e8:f:a0bf:7946:90be:721b]) by smtp.gmail.com with ESMTPSA id s21-20020a170902989500b001aaf2e8b1eesm1891325plp.248.2023.08.04.08.23.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 04 Aug 2023 08:23:06 -0700 (PDT) From: Tianyu Lan To: kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, decui@microsoft.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, daniel.lezcano@linaro.org, arnd@arndb.de, michael.h.kelley@microsoft.com Cc: Tianyu Lan , linux-arch@vger.kernel.org, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, vkuznets@redhat.com Subject: [PATCH V4 5/9] x86/hyperv: Use vmmcall to implement Hyper-V hypercall in sev-snp enlightened guest Date: Fri, 4 Aug 2023 11:22:49 -0400 Message-Id: <20230804152254.686317-6-ltykernel@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230804152254.686317-1-ltykernel@gmail.com> References: <20230804152254.686317-1-ltykernel@gmail.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773316998271495768 X-GMAIL-MSGID: 1773316998271495768 From: Tianyu Lan In sev-snp enlightened guest, Hyper-V hypercall needs to use vmmcall to trigger vmexit and notify hypervisor to handle hypercall request. Signed-off-by: Tianyu Lan --- arch/x86/include/asm/mshyperv.h | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/arch/x86/include/asm/mshyperv.h b/arch/x86/include/asm/mshyperv.h index 2fa38e9f6207..025eda129d99 100644 --- a/arch/x86/include/asm/mshyperv.h +++ b/arch/x86/include/asm/mshyperv.h @@ -64,12 +64,12 @@ static inline u64 hv_do_hypercall(u64 control, void *input, void *output) if (!hv_hypercall_pg) return U64_MAX; - __asm__ __volatile__("mov %4, %%r8\n" - CALL_NOSPEC + __asm__ __volatile__("mov %[output], %%r8\n" + ALTERNATIVE("vmmcall", CALL_NOSPEC, X86_FEATURE_SEV_ES) : "=a" (hv_status), ASM_CALL_CONSTRAINT, - "+c" (control), "+d" (input_address) - : "r" (output_address), - THUNK_TARGET(hv_hypercall_pg) + "+c" (control), "+d" (input_address) + : [output] "r" (output_address), + THUNK_TARGET(hv_hypercall_pg) : "cc", "memory", "r8", "r9", "r10", "r11"); #else u32 input_address_hi = upper_32_bits(input_address); @@ -105,7 +105,8 @@ static inline u64 _hv_do_fast_hypercall8(u64 control, u64 input1) #ifdef CONFIG_X86_64 { - __asm__ __volatile__(CALL_NOSPEC + __asm__ __volatile__("mov %[thunk_target], %%r8\n" + ALTERNATIVE("vmmcall", CALL_NOSPEC, X86_FEATURE_SEV_ES) : "=a" (hv_status), ASM_CALL_CONSTRAINT, "+c" (control), "+d" (input1) : THUNK_TARGET(hv_hypercall_pg) @@ -150,13 +151,13 @@ static inline u64 _hv_do_fast_hypercall16(u64 control, u64 input1, u64 input2) #ifdef CONFIG_X86_64 { - __asm__ __volatile__("mov %4, %%r8\n" - CALL_NOSPEC - : "=a" (hv_status), ASM_CALL_CONSTRAINT, - "+c" (control), "+d" (input1) - : "r" (input2), - THUNK_TARGET(hv_hypercall_pg) - : "cc", "r8", "r9", "r10", "r11"); + __asm__ __volatile__("mov %[output], %%r8\n" + ALTERNATIVE("vmmcall", CALL_NOSPEC, X86_FEATURE_SEV_ES) + : "=a" (hv_status), ASM_CALL_CONSTRAINT, + "+c" (control), "+d" (input1) + : [output] "r" (input2), + THUNK_TARGET(hv_hypercall_pg) + : "cc", "r8", "r9", "r10", "r11"); } #else { From patchwork Fri Aug 4 15:22:50 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tianyu Lan X-Patchwork-Id: 131252 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:44a:b0:3f2:4152:657d with SMTP id ez10csp384419vqb; Fri, 4 Aug 2023 09:38:00 -0700 (PDT) X-Google-Smtp-Source: AGHT+IE2OcgvCkuOmzD0kqVpy7zxammsKOZ2sIb/I+8edZ+3QB/ZZAk5lx1b2pOntPHAxVFiN/Xh X-Received: by 2002:a05:6402:5164:b0:521:d1f0:300c with SMTP id d4-20020a056402516400b00521d1f0300cmr2188061ede.23.1691167080145; Fri, 04 Aug 2023 09:38:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691167080; cv=none; d=google.com; s=arc-20160816; b=RqVoLLWL/zW5VQsi5PF8gA06rM8b78kTdPqQI+Mv4F9rlv48fWxu5NXTF729BHMBCM 8QY2hvzTv06p4DB0/DjeuY7sGLqs9a2zPs/J8y8cxmoAExsQpF1HxpyAbIrYYXHiIsvY GWjdoMGaxt+xRm+4eiI98TvjctJZVArijZBpgleKSvF58ML4fR1MGph5C3MxsgvC3Grc SyuLz6GAKA2GdLFDooUl/SX9QYfbr4qw0qn6WLZAb0WRLE0vtqZVir20XO8MJf0Vvy59 Zmp3zlWlM6ZXHqBaawPu3FcGPAmnW24rWvazLpqt+ueCwOKhMZxHqVqXx6WXz8d9XyJB nduw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=lxyPRx65GPTmM7WIGpMjts/akUWiTXqh+ZFAndUPdXI=; fh=TxLVtSsj0Yk+bstPG6ly04YaPbvjOFEmGNSQ8sZkNQc=; b=V0+kHzq27XNaBP37Lh6fEs1YRual87hk1Zqkiffvx9/tQ3mmr+MefsaW0uruVyz+cF WWcBc0w0+AaBSgIxY5tmyuOvt4PhveuMyvxu5XbtEWUI05Z4eDoEMyNy3diS53y+c3QK vHRCdqAvJrOlr4d6w+1mQd1QYyCy/73Y7N61LwhX6FM5funwKrjjAkYlelS6TqqkULvC XSS/FUsNyj5O76PS3KXCYJN38f7G/JLNyJ3seWvGQLNsdpXgbvaJXLklyh7K1fb5PPzR 3OqmZT/clMv0VVLpEAUuX5ieEcJu1bUjp1n8NRK5zIwmQuYAt4o7tgKF/lIGfao/ORn/ BcBA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=Ys4LxoTj; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id u22-20020aa7d896000000b005230f1ff03esi1887781edq.275.2023.08.04.09.36.57; Fri, 04 Aug 2023 09:38:00 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=Ys4LxoTj; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232098AbjHDPXa (ORCPT + 99 others); Fri, 4 Aug 2023 11:23:30 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56956 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232039AbjHDPXJ (ORCPT ); Fri, 4 Aug 2023 11:23:09 -0400 Received: from mail-pl1-x630.google.com (mail-pl1-x630.google.com [IPv6:2607:f8b0:4864:20::630]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4EADC49FD; Fri, 4 Aug 2023 08:23:08 -0700 (PDT) Received: by mail-pl1-x630.google.com with SMTP id d9443c01a7336-1b8ad356f03so15873355ad.1; Fri, 04 Aug 2023 08:23:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1691162588; x=1691767388; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=lxyPRx65GPTmM7WIGpMjts/akUWiTXqh+ZFAndUPdXI=; b=Ys4LxoTjJLJNlf1KghdOXawDjuuvqnxI01dSB1N/OH8xutrxveIeQ2p/n31GTSVIV/ MwRtwaxer4ympeYbkdZ8VZCar3PRKMjoAQNOA6Vvbs2R7HPpQUnCs4GgcFNqSJw002B2 dlpuGab5pM/nJLY3EM0u5EBAXsB6qM7blUGMz3GAdpkrthcQ4jl6GH/L0KScRt7yhGiH aTSWnNFr6PSEe5DLGsSEO7sQNi3EH8fcyQ6JJ4eMke1BLrJbb46Sm5JtI24cv09LuA8P 2vBs5/nOnlPgPe2ZtaMzRTbDdZIoL5l7hzowfcpTWt69tkmSBfFgRC3DszqWnFU5Pv3m 0Rig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691162588; x=1691767388; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=lxyPRx65GPTmM7WIGpMjts/akUWiTXqh+ZFAndUPdXI=; b=ZxZxlxl5qnfFe/h6bwPLjnONSuP05vuiFFwM9IAjihORpUfxl/eeF6cJu3YvGjWYwh qtajRlmMfoFKjInLef+kTrZv4CokPiorukq6ocVAp5WuMhBdnqXGQS+g/AGxzDExY0GS WVp+MmaQNzzFEhJG7Wz0pqp4LCxEP4YW733E3d/RALsf+1/BM5pw3VKlUKhj+cHtNdq8 b67Qju3S2lOx4j8+bRZV7ouyytcvVJd5chHsKS1uZMAWAxhzsrt4iYthNebLJRkxHC62 hZrEeJCTqoaZFp0vmmmFuChH85R1kN+eFLo1b6XoxW7eChI192B2Kljw3hRSRz6hW+tT +fCg== X-Gm-Message-State: AOJu0YxHCIUWjO4tDqMmLJ43/gicABdSf6bDApQh6WjvuawJo2sAXCF3 kEUDr+Fd8EGziQLaa+jcVCo= X-Received: by 2002:a17:902:b482:b0:1bb:a941:d940 with SMTP id y2-20020a170902b48200b001bba941d940mr1957448plr.15.1691162587729; Fri, 04 Aug 2023 08:23:07 -0700 (PDT) Received: from ubuntu-Virtual-Machine.corp.microsoft.com ([2001:4898:80e8:f:a0bf:7946:90be:721b]) by smtp.gmail.com with ESMTPSA id s21-20020a170902989500b001aaf2e8b1eesm1891325plp.248.2023.08.04.08.23.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 04 Aug 2023 08:23:07 -0700 (PDT) From: Tianyu Lan To: kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, decui@microsoft.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, daniel.lezcano@linaro.org, arnd@arndb.de, michael.h.kelley@microsoft.com Cc: Tianyu Lan , linux-arch@vger.kernel.org, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, vkuznets@redhat.com, Michael Kelley Subject: [PATCH V4 6/9] clocksource: hyper-v: Mark hyperv tsc page unencrypted in sev-snp enlightened guest Date: Fri, 4 Aug 2023 11:22:50 -0400 Message-Id: <20230804152254.686317-7-ltykernel@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230804152254.686317-1-ltykernel@gmail.com> References: <20230804152254.686317-1-ltykernel@gmail.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773317212132820204 X-GMAIL-MSGID: 1773317212132820204 From: Tianyu Lan Hyper-V tsc page is shared with hypervisor and mark the page unencrypted in sev-snp enlightened guest when it's used. Reviewed-by: Michael Kelley Signed-off-by: Tianyu Lan --- drivers/clocksource/hyperv_timer.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/clocksource/hyperv_timer.c b/drivers/clocksource/hyperv_timer.c index e56307a81f4d..8ff7cd4e20bb 100644 --- a/drivers/clocksource/hyperv_timer.c +++ b/drivers/clocksource/hyperv_timer.c @@ -390,7 +390,7 @@ static __always_inline u64 read_hv_clock_msr(void) static union { struct ms_hyperv_tsc_page page; u8 reserved[PAGE_SIZE]; -} tsc_pg __aligned(PAGE_SIZE); +} tsc_pg __bss_decrypted __aligned(PAGE_SIZE); static struct ms_hyperv_tsc_page *tsc_page = &tsc_pg.page; static unsigned long tsc_pfn; From patchwork Fri Aug 4 15:22:51 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tianyu Lan X-Patchwork-Id: 131231 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:44a:b0:3f2:4152:657d with SMTP id ez10csp352216vqb; Fri, 4 Aug 2023 08:49:02 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHPIhSqa6ha3n0plLKwQwrk6UAjIO2AAoQ+u5Matfi//EDFWvRRjEl6ukV2Cs21nh6OK2s9 X-Received: by 2002:a05:6a00:1405:b0:682:f48a:7295 with SMTP id l5-20020a056a00140500b00682f48a7295mr2347128pfu.31.1691164141872; Fri, 04 Aug 2023 08:49:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691164141; cv=none; d=google.com; s=arc-20160816; b=Pc4rC9mfC1e+qPxRc2bCNCV+r9/PHYE3uNHHduQG46/edPCDffqjrIM/VtoCnJSrmf f9sJJC6oIBi5796/r/vVgdd+H7lhvSQV2TcvzlK41orWwi6+GJP7FlvGd9FE9COYJbeq T9Aap86aXYivEpBdwrQ0i5hJcJAYEUONzdSQ5jaY4jwWXUN431yy8X+XrnQqYl7XTTxT xztbJuWTzVKn2iiI60427KAyGf3teKLDim00USbOuOGRDB3cf6KRDSl/RkbbovfVY1KN JbRpGFaL5itPiCksU4UDEoRqLIvGJrhVcYotOHcw6meTpgOThdJRVjxjpHJAATk4pujl O2Qg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Sq9LvdY3HdT3vtMq+ZNLZnr22DfhYXIa+DFz1zBy99s=; fh=TxLVtSsj0Yk+bstPG6ly04YaPbvjOFEmGNSQ8sZkNQc=; b=fr1APGqAgwQz9UF9ta6x0//wflnZIiuCD7AmNdY4AIywpl7Z0uvlr9u7vugyTR0eUc PjLIhvwMZw6+o3GaVMc/CWAoo5CJ4Yb0oqnYr8vF+yPxz3ccGU8vExQlPjG+ZHH5DSWg v0L1h33ooyjrNKDW0GmOKlFRWO7J42L38/S6yhwMpjDTlEdeRTHGBdt5eE8gZ1DfYYsm q4f/o7fesNjqse6ekkIV2VfSMFY2uwSToQV45Py+TAl6X/NBKP+Qt0Nu+zqmvU6Nvsvp OdoyEiLIV1KJeFKfFSilyxBEpqF2ythViYbH7nLpWyq0Ti4yo8u3DZpdk5dBjoQJ6Dr4 FuEQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=QhYGcvA6; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id n27-20020a056a00213b00b0064f78c32b89si1812707pfj.95.2023.08.04.08.48.26; Fri, 04 Aug 2023 08:49:01 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=QhYGcvA6; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232071AbjHDPXp (ORCPT + 99 others); Fri, 4 Aug 2023 11:23:45 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57398 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232075AbjHDPXY (ORCPT ); Fri, 4 Aug 2023 11:23:24 -0400 Received: from mail-pl1-x62a.google.com (mail-pl1-x62a.google.com [IPv6:2607:f8b0:4864:20::62a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1B8744C0D; Fri, 4 Aug 2023 08:23:09 -0700 (PDT) Received: by mail-pl1-x62a.google.com with SMTP id d9443c01a7336-1b8b2b60731so15258245ad.2; Fri, 04 Aug 2023 08:23:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1691162589; x=1691767389; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Sq9LvdY3HdT3vtMq+ZNLZnr22DfhYXIa+DFz1zBy99s=; b=QhYGcvA68q5paBoUtmqGJ2PLqfJpfRUz/kNgEhtZeoVQ06kllkJVd2Y0eN94d11z0B X30AR31Fmdl+LVgxYCTqskQ8syXSQDJbbOB79/ySvBwWxq1bXQHYy3UKz4rgMjhxftjf oaHuXwQUxp8/zMx9BNqf9vX4QZX3JR75KPVvfPm0+0+dwTOcRbytEMqLAa8/JBRXiY8M wMz7xXNP2GM5Fr+YbVsqeXcsgLcXAR9mFlU+CciNOhfD0SJ8RlXHOgigSFFBc5Q7e8cK fSlto9a3WLmilJceh/hlPvWIYfwRR5sr0mGRjY4CRbn8zYyXjuAYsM4tzKxKZ4KviIdr f67w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691162589; x=1691767389; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Sq9LvdY3HdT3vtMq+ZNLZnr22DfhYXIa+DFz1zBy99s=; b=Lko/X+OHJy863+i1XvxSoF5PMJbQhH9hJsrwglFF8vTpTAHHajGGIIGyuivkC0lVHX taqTZJtIuicj8PlUnGUzPf9XDB6Fn21JXYOCOlvQ5tRER+Ugd618z1Jg8wx+l3K7AWYi Y9Ne0BL7mPXhOTQWtPyAl9ACo8p9qYMgqBx/a0QTMjVbq4u5laN853Z/zFPkiTZehYbd qgpMszFcazuW+g+s3QevL+UQU7IbNgpyTm32a2desCTZL2PZWgjnqFM7BtDMSsb1I7Zm ldEuTJrAo0pywvyX7Yj80f2bYVNeXJz5eeeyQfNCWJLw81XHcYKmIuQfp9SGVwu/YBha xaRQ== X-Gm-Message-State: AOJu0YwdaggpavFPYXE11idJWcuJBihKCp5lwpt1OVpkQauQ3gghELlN OTv3uDm8pkcuuPmVFSu0mNA= X-Received: by 2002:a17:902:7446:b0:1b3:8862:9823 with SMTP id e6-20020a170902744600b001b388629823mr1685731plt.28.1691162589042; Fri, 04 Aug 2023 08:23:09 -0700 (PDT) Received: from ubuntu-Virtual-Machine.corp.microsoft.com ([2001:4898:80e8:f:a0bf:7946:90be:721b]) by smtp.gmail.com with ESMTPSA id s21-20020a170902989500b001aaf2e8b1eesm1891325plp.248.2023.08.04.08.23.08 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 04 Aug 2023 08:23:08 -0700 (PDT) From: Tianyu Lan To: kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, decui@microsoft.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, daniel.lezcano@linaro.org, arnd@arndb.de, michael.h.kelley@microsoft.com Cc: Tianyu Lan , linux-arch@vger.kernel.org, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, vkuznets@redhat.com, Michael Kelley Subject: [PATCH V4 7/9] x86/hyperv: Add smp support for SEV-SNP guest Date: Fri, 4 Aug 2023 11:22:51 -0400 Message-Id: <20230804152254.686317-8-ltykernel@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230804152254.686317-1-ltykernel@gmail.com> References: <20230804152254.686317-1-ltykernel@gmail.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773314130988102740 X-GMAIL-MSGID: 1773314130988102740 From: Tianyu Lan In the AMD SEV-SNP guest, AP needs to be started up via sev es save area and Hyper-V requires to call HVCALL_START_VP hypercall to pass the gpa of sev es save area with AP's vp index and VTL(Virtual trust level) parameters. Override wakeup_secondary_cpu_64 callback with hv_snp_boot_ap. Reviewed-by: Michael Kelley Signed-off-by: Tianyu Lan --- arch/x86/hyperv/ivm.c | 100 ++++++++++++++++++++++++++++++ arch/x86/include/asm/mshyperv.h | 9 +++ arch/x86/kernel/cpu/mshyperv.c | 13 +++- include/asm-generic/hyperv-tlfs.h | 1 + 4 files changed, 121 insertions(+), 2 deletions(-) diff --git a/arch/x86/hyperv/ivm.c b/arch/x86/hyperv/ivm.c index b2b5cb19fac9..ee08a0cd6da3 100644 --- a/arch/x86/hyperv/ivm.c +++ b/arch/x86/hyperv/ivm.c @@ -18,11 +18,20 @@ #include #include #include +#include +#include +#include +#include +#include +#include #ifdef CONFIG_AMD_MEM_ENCRYPT #define GHCB_USAGE_HYPERV_CALL 1 +static u8 ap_start_input_arg[PAGE_SIZE] __bss_decrypted __aligned(PAGE_SIZE); +static u8 ap_start_stack[PAGE_SIZE] __aligned(PAGE_SIZE); + union hv_ghcb { struct ghcb ghcb; struct { @@ -357,6 +366,97 @@ static bool hv_is_private_mmio(u64 addr) return false; } +#define hv_populate_vmcb_seg(seg, gdtr_base) \ +do { \ + if (seg.selector) { \ + seg.base = 0; \ + seg.limit = HV_AP_SEGMENT_LIMIT; \ + seg.attrib = *(u16 *)(gdtr_base + seg.selector + 5); \ + seg.attrib = (seg.attrib & 0xFF) | ((seg.attrib >> 4) & 0xF00); \ + } \ +} while (0) \ + +int hv_snp_boot_ap(int cpu, unsigned long start_ip) +{ + struct sev_es_save_area *vmsa = (struct sev_es_save_area *) + __get_free_page(GFP_KERNEL | __GFP_ZERO); + struct desc_ptr gdtr; + u64 ret, rmp_adjust, retry = 5; + struct hv_enable_vp_vtl *start_vp_input; + unsigned long flags; + + native_store_gdt(&gdtr); + + vmsa->gdtr.base = gdtr.address; + vmsa->gdtr.limit = gdtr.size; + + asm volatile("movl %%es, %%eax;" : "=a" (vmsa->es.selector)); + hv_populate_vmcb_seg(vmsa->es, vmsa->gdtr.base); + + asm volatile("movl %%cs, %%eax;" : "=a" (vmsa->cs.selector)); + hv_populate_vmcb_seg(vmsa->cs, vmsa->gdtr.base); + + asm volatile("movl %%ss, %%eax;" : "=a" (vmsa->ss.selector)); + hv_populate_vmcb_seg(vmsa->ss, vmsa->gdtr.base); + + asm volatile("movl %%ds, %%eax;" : "=a" (vmsa->ds.selector)); + hv_populate_vmcb_seg(vmsa->ds, vmsa->gdtr.base); + + vmsa->efer = native_read_msr(MSR_EFER); + + asm volatile("movq %%cr4, %%rax;" : "=a" (vmsa->cr4)); + asm volatile("movq %%cr3, %%rax;" : "=a" (vmsa->cr3)); + asm volatile("movq %%cr0, %%rax;" : "=a" (vmsa->cr0)); + + vmsa->xcr0 = 1; + vmsa->g_pat = HV_AP_INIT_GPAT_DEFAULT; + vmsa->rip = (u64)secondary_startup_64_no_verify; + vmsa->rsp = (u64)&ap_start_stack[PAGE_SIZE]; + + /* + * Set the SNP-specific fields for this VMSA: + * VMPL level + * SEV_FEATURES (matches the SEV STATUS MSR right shifted 2 bits) + */ + vmsa->vmpl = 0; + vmsa->sev_features = sev_status >> 2; + + /* + * Running at VMPL0 allows the kernel to change the VMSA bit for a page + * using the RMPADJUST instruction. However, for the instruction to + * succeed it must target the permissions of a lesser privileged + * (higher numbered) VMPL level, so use VMPL1 (refer to the RMPADJUST + * instruction in the AMD64 APM Volume 3). + */ + rmp_adjust = RMPADJUST_VMSA_PAGE_BIT | 1; + ret = rmpadjust((unsigned long)vmsa, RMP_PG_SIZE_4K, + rmp_adjust); + if (ret != 0) { + pr_err("RMPADJUST(%llx) failed: %llx\n", (u64)vmsa, ret); + return ret; + } + + local_irq_save(flags); + start_vp_input = + (struct hv_enable_vp_vtl *)ap_start_input_arg; + memset(start_vp_input, 0, sizeof(*start_vp_input)); + start_vp_input->partition_id = -1; + start_vp_input->vp_index = cpu; + start_vp_input->target_vtl.target_vtl = ms_hyperv.vtl; + *(u64 *)&start_vp_input->vp_context = __pa(vmsa) | 1; + + do { + ret = hv_do_hypercall(HVCALL_START_VP, + start_vp_input, NULL); + } while (hv_result(ret) == HV_STATUS_TIME_OUT && retry--); + + local_irq_restore(flags); + + if (!hv_result_success(ret)) + pr_err("HvCallStartVirtualProcessor failed: %llx\n", ret); + return ret; +} + void __init hv_vtom_init(void) { /* diff --git a/arch/x86/include/asm/mshyperv.h b/arch/x86/include/asm/mshyperv.h index 025eda129d99..5173c3524873 100644 --- a/arch/x86/include/asm/mshyperv.h +++ b/arch/x86/include/asm/mshyperv.h @@ -50,6 +50,13 @@ extern bool hv_isolation_type_en_snp(void); extern union hv_ghcb * __percpu *hv_ghcb_pg; +/* + * DEFAULT INIT GPAT and SEGMENT LIMIT value in struct VMSA + * to start AP in enlightened SEV guest. + */ +#define HV_AP_INIT_GPAT_DEFAULT 0x0007040600070406ULL +#define HV_AP_SEGMENT_LIMIT 0xffffffff + int hv_call_deposit_pages(int node, u64 partition_id, u32 num_pages); int hv_call_add_logical_proc(int node, u32 lp_index, u32 acpi_id); int hv_call_create_vp(int node, u64 partition_id, u32 vp_index, u32 flags); @@ -234,12 +241,14 @@ void hv_ghcb_msr_read(u64 msr, u64 *value); bool hv_ghcb_negotiate_protocol(void); void __noreturn hv_ghcb_terminate(unsigned int set, unsigned int reason); void hv_vtom_init(void); +int hv_snp_boot_ap(int cpu, unsigned long start_ip); #else static inline void hv_ghcb_msr_write(u64 msr, u64 value) {} static inline void hv_ghcb_msr_read(u64 msr, u64 *value) {} static inline bool hv_ghcb_negotiate_protocol(void) { return false; } static inline void hv_ghcb_terminate(unsigned int set, unsigned int reason) {} static inline void hv_vtom_init(void) {} +static int hv_snp_boot_ap(int cpu, unsigned long start_ip) {} #endif extern bool hv_isolation_type_snp(void); diff --git a/arch/x86/kernel/cpu/mshyperv.c b/arch/x86/kernel/cpu/mshyperv.c index 5398fb2f4d39..c2ccb49b49c2 100644 --- a/arch/x86/kernel/cpu/mshyperv.c +++ b/arch/x86/kernel/cpu/mshyperv.c @@ -295,6 +295,16 @@ static void __init hv_smp_prepare_cpus(unsigned int max_cpus) native_smp_prepare_cpus(max_cpus); + /* + * Override wakeup_secondary_cpu_64 callback for SEV-SNP + * enlightened guest. + */ + if (hv_isolation_type_en_snp()) + apic->wakeup_secondary_cpu_64 = hv_snp_boot_ap; + + if (!hv_root_partition) + return; + #ifdef CONFIG_X86_64 for_each_present_cpu(i) { if (i == 0) @@ -502,8 +512,7 @@ static void __init ms_hyperv_init_platform(void) # ifdef CONFIG_SMP smp_ops.smp_prepare_boot_cpu = hv_smp_prepare_boot_cpu; - if (hv_root_partition) - smp_ops.smp_prepare_cpus = hv_smp_prepare_cpus; + smp_ops.smp_prepare_cpus = hv_smp_prepare_cpus; # endif /* diff --git a/include/asm-generic/hyperv-tlfs.h b/include/asm-generic/hyperv-tlfs.h index f4e4cc4f965f..fdac4a1714ec 100644 --- a/include/asm-generic/hyperv-tlfs.h +++ b/include/asm-generic/hyperv-tlfs.h @@ -223,6 +223,7 @@ enum HV_GENERIC_SET_FORMAT { #define HV_STATUS_INVALID_PORT_ID 17 #define HV_STATUS_INVALID_CONNECTION_ID 18 #define HV_STATUS_INSUFFICIENT_BUFFERS 19 +#define HV_STATUS_TIME_OUT 120 #define HV_STATUS_VTL_ALREADY_ENABLED 134 /* From patchwork Fri Aug 4 15:22:52 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tianyu Lan X-Patchwork-Id: 131247 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:44a:b0:3f2:4152:657d with SMTP id ez10csp380874vqb; Fri, 4 Aug 2023 09:31:56 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHcm+SFSXmancjV+8X4YkEWzI6ARFYoRnae/ADO4QA5CdFxMbmajp3usNnWIwSNbKSIfCDi X-Received: by 2002:a05:6402:1507:b0:51a:3159:53c7 with SMTP id f7-20020a056402150700b0051a315953c7mr2068775edw.30.1691166716016; Fri, 04 Aug 2023 09:31:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691166716; cv=none; d=google.com; s=arc-20160816; b=Tyr+a6YXGnPoYPREZVy3oauPpGz2ME+7aD249cSZDdBRQJfTO6N5bjUbZ7bLQyx14H Y7W/oaW2/TSJJC/j0tb98Has7+lw6M+gPWv2lNOCHKb9Jtbjma4H1t1AbBrAvaojauye 02eR3yJmq2McXoIjV7DzXkCqF+rFeerYvtnAJ6xglaM6UKcDq+cjfnWh5baNsMRLORRV OfbA/kJ+i0BddqeTSmEnbsGWx/aicEBqPqqR5SBw3YdWnGI/AHRmGtmdO9ed61sHan+c qdWPQLHu3nOUj+G+6pqutfvvnOcGuu8rELHqCp+NlgYIOYGeTV7ZaXSuU/wf4WRsLG2Q HLsg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=S/yjG/PXeGWCnCPze9ZC5SK1hTOJifDNU3KSq+GeaZI=; fh=TxLVtSsj0Yk+bstPG6ly04YaPbvjOFEmGNSQ8sZkNQc=; b=ejwKz7yoGuf0MGNzJ4zKQB5JkiPd52llUQaVzM1M4pNjg++N4ShobaMf7kRzdW2jz3 l4tQXAs0O9UPCaf9N0SMVCbcCntEHI+EXtcLT+ffJSpcLMbIDr3a+YpGxu+PdQhUL0+F 1mFQZxN4d+NTdNeVSmzRo1AIMGGGMjLADULPBE0T/ZmjGDHEzh9ESt757+N2X4giBMDv 4x/PQdEe7TmWaSEstsWnaMbJu9Wv4RCz0eRZ+Nv79cu9pRLsf0qfhQAgkDk7xnwLItKF l/y03/issjMMEKDEM12B6IJu5q5jvpEG0OPZwgSJ8F0jhU9GnI4WveXBe4y+977AbuOq hhHQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=pQ5JeQT0; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id c26-20020a056402121a00b00522c0ee05d9si1061552edw.241.2023.08.04.09.31.21; Fri, 04 Aug 2023 09:31:55 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=pQ5JeQT0; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231378AbjHDPX6 (ORCPT + 99 others); Fri, 4 Aug 2023 11:23:58 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57524 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232087AbjHDPX3 (ORCPT ); Fri, 4 Aug 2023 11:23:29 -0400 Received: from mail-pl1-x62b.google.com (mail-pl1-x62b.google.com [IPv6:2607:f8b0:4864:20::62b]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0D7A34C1C; Fri, 4 Aug 2023 08:23:11 -0700 (PDT) Received: by mail-pl1-x62b.google.com with SMTP id d9443c01a7336-1b8ad907ba4so16168495ad.0; Fri, 04 Aug 2023 08:23:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1691162590; x=1691767390; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=S/yjG/PXeGWCnCPze9ZC5SK1hTOJifDNU3KSq+GeaZI=; b=pQ5JeQT0gkKlesiR3SfkcGZoESOHrjYICqueH+rLk2diLzhzUtwBpj19beaCMMPVPD aMx6NVTRUUSi4CoWMJA1S/jcIEknZ5g0wBCR3/t0MPUGmVbYgqv7lECvDc4lqfIuQVgt DNnLVr/j08uynTSuupzrYxxawblH7P1s1mwMw8EO6QYEiIwL3P2FZ1X4FdZNALv73FyF RKHnsUhJjrgc4QZVCKSDGGQbKc5t3Zr2RWQ4eewfTf+yc+FrVw/cIcHSjKdwtk3yBPmp AKFdpwYqMD17LoEPsEcUh3mOpKqvWmuciQnEMF16bkl0BZ5qv9u0hlqDpwBi8mJcEK2q GBoQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691162590; x=1691767390; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=S/yjG/PXeGWCnCPze9ZC5SK1hTOJifDNU3KSq+GeaZI=; b=OhSu8Bp8J2f90B0gArx1J6LuL3CbP1lchVKXFwK4Xh16Fpi0j0uyTyrS7CWWmqtNFG yCbZ90D6m6qKqtnSro/tIdZzlqT4BOzKYWposnGJixBSH/uA1JgCkHjh2yx+5fAAhyqt tGrHz42B5hM6SUPooZgmwzNykCSbah/g+hbfCZPEsFp2gzJ9xBQz9h+w4gDIEHdWyAPi L9nhPEOKb2r792NowBklnWeBw+EJLYW1gVFJCCpYRBN5XuLeDFJD7m6B1CNiiZJxc6O3 ubKLbuKtQL0jPVjEAfEwG2DKRxqOJPfst/adQs8n9VWy63hnCyZlfCBT0buP5cWbL43n phBw== X-Gm-Message-State: AOJu0YykO0qCGfKQBZRcJDnTEHA6fBy3HLF7Ua1B/vCxYH17reraKPo4 2Ux13P3Kuz+hOg4pAWgaIU0= X-Received: by 2002:a17:902:c405:b0:1bb:a85f:4645 with SMTP id k5-20020a170902c40500b001bba85f4645mr2389099plk.15.1691162590133; Fri, 04 Aug 2023 08:23:10 -0700 (PDT) Received: from ubuntu-Virtual-Machine.corp.microsoft.com ([2001:4898:80e8:f:a0bf:7946:90be:721b]) by smtp.gmail.com with ESMTPSA id s21-20020a170902989500b001aaf2e8b1eesm1891325plp.248.2023.08.04.08.23.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 04 Aug 2023 08:23:09 -0700 (PDT) From: Tianyu Lan To: kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, decui@microsoft.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, daniel.lezcano@linaro.org, arnd@arndb.de, michael.h.kelley@microsoft.com Cc: Tianyu Lan , linux-arch@vger.kernel.org, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, vkuznets@redhat.com, Michael Kelley Subject: [PATCH V4 8/9] x86/hyperv: Add hyperv-specific handling for VMMCALL under SEV-ES Date: Fri, 4 Aug 2023 11:22:52 -0400 Message-Id: <20230804152254.686317-9-ltykernel@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230804152254.686317-1-ltykernel@gmail.com> References: <20230804152254.686317-1-ltykernel@gmail.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773316830724567202 X-GMAIL-MSGID: 1773316830724567202 From: Tianyu Lan Add Hyperv-specific handling for faults caused by VMMCALL instructions. Reviewed-by: Michael Kelley Signed-off-by: Tianyu Lan --- arch/x86/kernel/cpu/mshyperv.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/arch/x86/kernel/cpu/mshyperv.c b/arch/x86/kernel/cpu/mshyperv.c index c2ccb49b49c2..29e836b950e1 100644 --- a/arch/x86/kernel/cpu/mshyperv.c +++ b/arch/x86/kernel/cpu/mshyperv.c @@ -32,6 +32,7 @@ #include #include #include +#include /* Is Linux running as the root partition? */ bool hv_root_partition; @@ -574,6 +575,20 @@ static bool __init ms_hyperv_msi_ext_dest_id(void) return eax & HYPERV_VS_PROPERTIES_EAX_EXTENDED_IOAPIC_RTE; } +static void hv_sev_es_hcall_prepare(struct ghcb *ghcb, struct pt_regs *regs) +{ + /* RAX and CPL are already in the GHCB */ + ghcb_set_rcx(ghcb, regs->cx); + ghcb_set_rdx(ghcb, regs->dx); + ghcb_set_r8(ghcb, regs->r8); +} + +static bool hv_sev_es_hcall_finish(struct ghcb *ghcb, struct pt_regs *regs) +{ + /* No checking of the return state needed */ + return true; +} + const __initconst struct hypervisor_x86 x86_hyper_ms_hyperv = { .name = "Microsoft Hyper-V", .detect = ms_hyperv_platform, @@ -581,4 +596,6 @@ const __initconst struct hypervisor_x86 x86_hyper_ms_hyperv = { .init.x2apic_available = ms_hyperv_x2apic_available, .init.msi_ext_dest_id = ms_hyperv_msi_ext_dest_id, .init.init_platform = ms_hyperv_init_platform, + .runtime.sev_es_hcall_prepare = hv_sev_es_hcall_prepare, + .runtime.sev_es_hcall_finish = hv_sev_es_hcall_finish, }; From patchwork Fri Aug 4 15:22:53 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tianyu Lan X-Patchwork-Id: 131240 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:44a:b0:3f2:4152:657d with SMTP id ez10csp375614vqb; Fri, 4 Aug 2023 09:23:11 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGnqEOyoswlrWh0X1b+Qa1Sq5EG77RT2OiS1H5wajBqDFaRZ/tslahxFPlUyzrALaIrk5Bv X-Received: by 2002:a05:6a00:1306:b0:668:73f5:dce0 with SMTP id j6-20020a056a00130600b0066873f5dce0mr2025384pfu.29.1691166191019; Fri, 04 Aug 2023 09:23:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691166191; cv=none; d=google.com; s=arc-20160816; b=PbzqwlhmnW8koRQEf+Tyo76OOT0NSjJ0cI/AzYnjVW0sLAtfHNNNQ9r0I7b/scJtUf jxJOk2pn04NQbavInun4z0amjQS5NhE/QQDn2sJ1O0qg0nQ+osdUqUYd7xLEWE4dYm4X Iptx1DfnLcQeQJldCgTCEujGIxTW3M7HiXiWxbmd7x2aZ0sFxXk0fD11lSRPMcpNfAqf oa7gICJPrOCIPI9dR0k8g9a6ltszt998NpL2/aDGTqmURC0G34JtZz0aOrcxXTRVT/7R VaBusT7/zDq5t6sZJGAJBjQ4jdF4cjiGnGYvJhhP9xS3gSezWLruDkfYNFCBw7rEvUJN gb2w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=8ilQ+OtySQykbmOy9rH55sJLBXlE4zan0gUeshOZx4U=; fh=TxLVtSsj0Yk+bstPG6ly04YaPbvjOFEmGNSQ8sZkNQc=; b=ej7boik7MGiaFXhBt6j/gjJUs5Iu8zy1GZZ/nenkiQKm8B0GRKr+lz0xFK/5lHfFrh VaZ1+NB3ismOzQj8bN5ah5d36bGs//VxCgHrh0alCz31k6yPtm/XbfJCQH/zMc9cQFLd dfMOUY55NUFqrEo+xUC2Dnau6cnaLcjnkRfMT7pFmsvjDHWgGpA1dWPy0+enUuH/cT7J fAnXqZbRVJrC8KWiR0z3eVL4zzehTbF17rR3CljWpQyc6HgOoivgWdw2yEvILYlFUzZa 7NaYFnSLtzSjRV7xicHFR9F31PbuZVt9+3eU3MDYkfDVo4mRvOY4UKG7ch0N2mJxyAcw Ikug== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=fjCSmhXX; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id m18-20020a056a00081200b006875d7c82d5si2013022pfk.188.2023.08.04.09.22.56; Fri, 04 Aug 2023 09:23:11 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=fjCSmhXX; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232158AbjHDPYC (ORCPT + 99 others); Fri, 4 Aug 2023 11:24:02 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56994 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232103AbjHDPXk (ORCPT ); Fri, 4 Aug 2023 11:23:40 -0400 Received: from mail-pj1-x1033.google.com (mail-pj1-x1033.google.com [IPv6:2607:f8b0:4864:20::1033]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E01BE4ECA; Fri, 4 Aug 2023 08:23:13 -0700 (PDT) Received: by mail-pj1-x1033.google.com with SMTP id 98e67ed59e1d1-2680182bc21so1211168a91.2; Fri, 04 Aug 2023 08:23:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1691162592; x=1691767392; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=8ilQ+OtySQykbmOy9rH55sJLBXlE4zan0gUeshOZx4U=; b=fjCSmhXXXjiFcUCVjV/wXBFi1uQXwKZumQQzsVZLfFZ5hVvj2DEFEaHPouVLB5TE9p rjU1+xwjW1BaVAtcVf6n2MmZtA70isRiUMcv8/ZCR0hlMOjRwFWdWBwMY6+pRlh7eTJx UX0NoZwwvk2hlYqb1Ij5ucQCRAB7V+EVx2NyV6kdTUkuUG4afPMUIyKB6ksJwl8rrSkD MlnW1GNIuRYNolc7BcFepHzT3cAdSeD5MCj962U5i1JlD1psD5lz152QI79B37PHqhE/ jgDncRzvN1wYES9D3jaL44gBXhVqiUx/5U55PtFJ1/66Op+M+Do8PuLHHo0I6yvt33hL 3FHw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691162592; x=1691767392; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=8ilQ+OtySQykbmOy9rH55sJLBXlE4zan0gUeshOZx4U=; b=VtbNSlEA3lQ5/lFzaWtcCIso74gQW3PNSzFHy1GphLhflTcyWiyeiC5zbY3ylyepEp DBpGn+Eng5Rrwz7quyDT2XvhMJeCrMNwfiyn+Law8byUAkkJvIlk5pSMfHA56gpysSnj lwxfUJeMuciikozzncPyYwnZzToQHWTCsd0ptnjoub4hqLPnTTvBsRrbjoxgHZ3LaIcT 0fG7PxNpZL5Vmd3RB+okUsYUxXUkKZhkwLqdEy+BgdGL/ZgiM0/HVPJ3tTDbt0OBireQ Oh92VAGMo3cT5028TU0EH6D//EooqbtHkijh/vsrYW08NFHv3ZI8g59vKPUKru5j5yOF riXQ== X-Gm-Message-State: AOJu0Ywn+NvI54ZlMIF+a4XzZbSSFqs+P+zhEp5sBBIBk6d8DfD0PVxB VbIoQY1hQCZ2rPj4nuIj6Zw= X-Received: by 2002:a17:90b:4c51:b0:25e:d727:6fb4 with SMTP id np17-20020a17090b4c5100b0025ed7276fb4mr1710426pjb.2.1691162592540; Fri, 04 Aug 2023 08:23:12 -0700 (PDT) Received: from ubuntu-Virtual-Machine.corp.microsoft.com ([2001:4898:80e8:f:a0bf:7946:90be:721b]) by smtp.gmail.com with ESMTPSA id s21-20020a170902989500b001aaf2e8b1eesm1891325plp.248.2023.08.04.08.23.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 04 Aug 2023 08:23:12 -0700 (PDT) From: Tianyu Lan To: kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, decui@microsoft.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, daniel.lezcano@linaro.org, arnd@arndb.de, michael.h.kelley@microsoft.com Cc: Tianyu Lan , linux-arch@vger.kernel.org, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, vkuznets@redhat.com, Michael Kelley Subject: [PATCH V4 9/9] x86/hyperv: Initialize cpu and memory for SEV-SNP enlightened guest Date: Fri, 4 Aug 2023 11:22:53 -0400 Message-Id: <20230804152254.686317-10-ltykernel@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230804152254.686317-1-ltykernel@gmail.com> References: <20230804152254.686317-1-ltykernel@gmail.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773316279507742360 X-GMAIL-MSGID: 1773316279507742360 From: Tianyu Lan Hyper-V enlightened guest doesn't have boot loader support. Boot Linux kernel directly from hypervisor with data (kernel image, initrd and parameter page) and memory for boot up that is initialized via AMD SEV PSP protocol (Please reference Section 4.5 Launching a Guest of [1]). Kernel needs to read processor and memory info from EN_SEV_ SNP_PROCESSOR/MEM_INFO_ADDR address which are populated by Hyper-V. The data is prepared by hypervisor via SNP_ LAUNCH_UPDATE with page type SNP_PAGE_TYPE_UNMEASURED and Initialize smp cpu related ops, validate system memory and add them into e820 table. [1]: https://www.amd.com/system/files/TechDocs/56860.pdf Reviewed-by: Michael Kelley Signed-off-by: Tianyu Lan --- Change since v2: * Update change log. --- arch/x86/hyperv/ivm.c | 88 +++++++++++++++++++++++++++++++++ arch/x86/include/asm/mshyperv.h | 17 +++++++ arch/x86/kernel/cpu/mshyperv.c | 3 ++ 3 files changed, 108 insertions(+) diff --git a/arch/x86/hyperv/ivm.c b/arch/x86/hyperv/ivm.c index ee08a0cd6da3..e86b2a54cdfd 100644 --- a/arch/x86/hyperv/ivm.c +++ b/arch/x86/hyperv/ivm.c @@ -67,6 +67,8 @@ union hv_ghcb { static u16 hv_ghcb_version __ro_after_init; +static u32 processor_count; + u64 hv_ghcb_hypercall(u64 control, void *input, void *output, u32 input_size) { union hv_ghcb *hv_ghcb; @@ -457,6 +459,92 @@ int hv_snp_boot_ap(int cpu, unsigned long start_ip) return ret; } +static __init void hv_snp_get_smp_config(unsigned int early) +{ + /* + * The "early" parameter can be true only if old-style AMD + * Opteron NUMA detection is enabled, which should never be + * the case for an SEV-SNP guest. See CONFIG_AMD_NUMA. + * For safety, just do nothing if "early" is true. + */ + if (early) + return; + + /* + * There is no firmware and ACPI MADT table support in + * in the Hyper-V SEV-SNP enlightened guest. Set smp + * related config variable here. + */ + while (num_processors < processor_count) { + early_per_cpu(x86_cpu_to_apicid, num_processors) = num_processors; + early_per_cpu(x86_bios_cpu_apicid, num_processors) = num_processors; + physid_set(num_processors, phys_cpu_present_map); + set_cpu_possible(num_processors, true); + set_cpu_present(num_processors, true); + num_processors++; + } +} + +__init void hv_sev_init_mem_and_cpu(void) +{ + struct memory_map_entry *entry; + struct e820_entry *e820_entry; + u64 e820_end; + u64 ram_end; + u64 page; + + /* + * Hyper-V enlightened snp guest boots kernel + * directly without bootloader. So roms, bios + * regions and reserve resources are not available. + * Set these callback to NULL. + */ + x86_platform.legacy.rtc = 0; + x86_platform.legacy.reserve_bios_regions = 0; + x86_platform.set_wallclock = set_rtc_noop; + x86_platform.get_wallclock = get_rtc_noop; + x86_init.resources.probe_roms = x86_init_noop; + x86_init.resources.reserve_resources = x86_init_noop; + x86_init.mpparse.find_smp_config = x86_init_noop; + x86_init.mpparse.get_smp_config = hv_snp_get_smp_config; + + /* + * Hyper-V SEV-SNP enlightened guest doesn't support ioapic + * and legacy APIC page read/write. + */ + disable_ioapic_support(); + + /* Get processor and mem info. */ + processor_count = *(u32 *)__va(EN_SEV_SNP_PROCESSOR_INFO_ADDR); + entry = (struct memory_map_entry *)__va(EN_SEV_SNP_MEM_INFO_ADDR); + + /* + * There is no bootloader/EFI firmware in the SEV SNP guest. + * E820 table in the memory just describes memory for kernel, + * ACPI table, cmdline, boot params and ramdisk. The dynamic + * data(e.g, vcpu number and the rest memory layout) needs to + * be read from EN_SEV_SNP_PROCESSOR_INFO_ADDR. + */ + for (; entry->numpages != 0; entry++) { + e820_entry = &e820_table->entries[ + e820_table->nr_entries - 1]; + e820_end = e820_entry->addr + e820_entry->size; + ram_end = (entry->starting_gpn + + entry->numpages) * PAGE_SIZE; + + if (e820_end < entry->starting_gpn * PAGE_SIZE) + e820_end = entry->starting_gpn * PAGE_SIZE; + + if (e820_end < ram_end) { + pr_info("Hyper-V: add e820 entry [mem %#018Lx-%#018Lx]\n", e820_end, ram_end - 1); + e820__range_add(e820_end, ram_end - e820_end, + E820_TYPE_RAM); + for (page = e820_end; page < ram_end; page += PAGE_SIZE) + pvalidate((unsigned long)__va(page), RMP_PG_SIZE_4K, true); + } + } +} + void __init hv_vtom_init(void) { /* diff --git a/arch/x86/include/asm/mshyperv.h b/arch/x86/include/asm/mshyperv.h index 5173c3524873..c8f33a7af90e 100644 --- a/arch/x86/include/asm/mshyperv.h +++ b/arch/x86/include/asm/mshyperv.h @@ -57,6 +57,21 @@ extern union hv_ghcb * __percpu *hv_ghcb_pg; #define HV_AP_INIT_GPAT_DEFAULT 0x0007040600070406ULL #define HV_AP_SEGMENT_LIMIT 0xffffffff +/* + * Hyper-V puts processor and memory layout info + * to this address in SEV-SNP enlightened guest. + */ +#define EN_SEV_SNP_PROCESSOR_INFO_ADDR 0x802000 +#define EN_SEV_SNP_MEM_INFO_ADDR 0x802018 + +struct memory_map_entry { + u64 starting_gpn; + u64 numpages; + u16 type; + u16 flags; + u32 reserved; +}; + int hv_call_deposit_pages(int node, u64 partition_id, u32 num_pages); int hv_call_add_logical_proc(int node, u32 lp_index, u32 acpi_id); int hv_call_create_vp(int node, u64 partition_id, u32 vp_index, u32 flags); @@ -242,6 +257,7 @@ bool hv_ghcb_negotiate_protocol(void); void __noreturn hv_ghcb_terminate(unsigned int set, unsigned int reason); void hv_vtom_init(void); int hv_snp_boot_ap(int cpu, unsigned long start_ip); +void hv_sev_init_mem_and_cpu(void); #else static inline void hv_ghcb_msr_write(u64 msr, u64 value) {} static inline void hv_ghcb_msr_read(u64 msr, u64 *value) {} @@ -249,6 +265,7 @@ static inline bool hv_ghcb_negotiate_protocol(void) { return false; } static inline void hv_ghcb_terminate(unsigned int set, unsigned int reason) {} static inline void hv_vtom_init(void) {} static int hv_snp_boot_ap(int cpu, unsigned long start_ip) {} +static inline void hv_sev_init_mem_and_cpu(void) {} #endif extern bool hv_isolation_type_snp(void); diff --git a/arch/x86/kernel/cpu/mshyperv.c b/arch/x86/kernel/cpu/mshyperv.c index 29e836b950e1..ba9a3a65f664 100644 --- a/arch/x86/kernel/cpu/mshyperv.c +++ b/arch/x86/kernel/cpu/mshyperv.c @@ -539,6 +539,9 @@ static void __init ms_hyperv_init_platform(void) if (!(ms_hyperv.features & HV_ACCESS_TSC_INVARIANT)) mark_tsc_unstable("running on Hyper-V"); + if (hv_isolation_type_en_snp()) + hv_sev_init_mem_and_cpu(); + hardlockup_detector_disable(); }