From patchwork Thu Aug 10 16:04:04 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tianyu Lan X-Patchwork-Id: 134129 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b824:0:b0:3f2:4152:657d with SMTP id z4csp581685vqi; Thu, 10 Aug 2023 10:44:39 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHFY4Ix6U4Z43YFtgiB97S4d4GOY16PswQ98aHy/1fjeXdkR0zFKi5CTju9ZvvXShPPFVmt X-Received: by 2002:a17:906:10cc:b0:982:b224:2a5d with SMTP id v12-20020a17090610cc00b00982b2242a5dmr2359857ejv.37.1691689478744; Thu, 10 Aug 2023 10:44:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691689478; cv=none; d=google.com; s=arc-20160816; b=taL8QoIXDDRsYWeowFFBFp4B3xD1B+9H6n212IABeuyvanhnKNE74bcstntqiLNdFK iVsr/YmYRvl/EocCErVQyZrRrivwKwRwe8ArcuDk+YnLUQDqnYgquCOBhFABUyQCNVpt 2+6pWYwZFZuzuRUJFV7bcvN/vzi6mgKquDmN43OBnsQCtxoH7VMU91HeLH9SPbB/bGhQ dL1PyMhmWBmGcIZQgwW3iOqNhNFZ6HxRCbyfL4N9fSsaI4x1pnak87iT2Veq9wg/l/iP mE+DOm/RmLJSc2X4wJT22qbXIja+b6s44dNBaSrk8FbWnlFWmw8E5p7vjSgQ1+JqAAqV dyIg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=5OiDRKOFgpns5hcMj/5h29PmrGKgZp4X/9SUFpx9MBE=; fh=TxLVtSsj0Yk+bstPG6ly04YaPbvjOFEmGNSQ8sZkNQc=; b=LS+bTdEyzqDAPTK7EvihckPiwLkP2iPmIuIiQpz7ytnOrLf5hUbLqLZK6vfw/dRH8e wE09BG8yROiE0gxrAtBd0JRQRNNCT3klvMcBUHzD9Se2eggKCPfHxMHTL8ZB/WRCG/+A hc4aZpTpabIoKXcEJWWXvF5FNj/qiNn/557EMRDRfF1A7iA9LgOhFeh5RiXEooaBfRpl M91wuHjP19fi6+hbS9R/BzCp8+Cs/ueWbXCxs/D7nhy7tztzcv8+T5uS7ewWuc0Ke+ND loLQSLyEICma7K2a2ktSo5piSrtxJltnQdso4Ls2+DvLRXEXq+4rB1CrI6s+8diV4w0W YAMg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=KtC5cKAX; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id j24-20020a1709062a1800b0099bd73cbd7dsi1801012eje.429.2023.08.10.10.44.13; Thu, 10 Aug 2023 10:44:38 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=KtC5cKAX; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236366AbjHJQFk (ORCPT + 99 others); Thu, 10 Aug 2023 12:05:40 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48992 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236595AbjHJQFJ (ORCPT ); Thu, 10 Aug 2023 12:05:09 -0400 Received: from mail-pl1-x633.google.com (mail-pl1-x633.google.com [IPv6:2607:f8b0:4864:20::633]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9CE322D44; Thu, 10 Aug 2023 09:04:21 -0700 (PDT) Received: by mail-pl1-x633.google.com with SMTP id d9443c01a7336-1bc7b25c699so8059915ad.1; Thu, 10 Aug 2023 09:04:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1691683461; x=1692288261; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=5OiDRKOFgpns5hcMj/5h29PmrGKgZp4X/9SUFpx9MBE=; b=KtC5cKAXcmBERk/Z9CHPmAbWVvGMwCr6T583pLHy83J0Npk3tkqIPtcYm+kHz9y1B6 hQcxNkROpA29Ip++JCtIoRVtn7nDkjbJFTNI2eVMPp4zjtRL5XMQhSfY63ds3+gyuA/d /l54aeF9yTYaFptfRPsfzQ3JmJczEQsf+W0HFFcuAhVShqcu81sAunZ4GHfDay0puzuC LxWw1G669/WkIsbrU1rgGxjqrqxaZHaiplwpbe8mfYeC7kswD7kIYkWGvyUvBk+VgyEt IpVIEiy5Zk1HllXHMpIeC0ai+tNiiA4EldN8B3dpGhJMPq+y7DycvMFKffW/p3jzDnOY DfYg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691683461; x=1692288261; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=5OiDRKOFgpns5hcMj/5h29PmrGKgZp4X/9SUFpx9MBE=; b=EFW8QkStkh9u0SgZ7Y/4kZhSk2tJwJZX02TkyZJdC9NDO167zZJFUkdkk2Xob1v4Ab eH3qI7OdekQjrJHsVqi020w4mDGf9jws8c1aaURIVx0OjB5XcOEc+Zg3wjV+mOZ3TqEF ZLvV4Uq6ug0Knst8maIW3YqDIlqGt1k/h+TSQAdLKMtYNm1veZjD9YxkK5+3opPzlwBX YDLW8karepD81/EweI+0WMUtBkCSULW6JWs4rrlMChM/p6/5t+N+z9kM/OCJgu+Nly6R QXIsXE4Nz/dHyDNvh4yl/4VIAwnp1LlvOguAnTHnzXtikmE1XAquWr9Le+1uion6Ptgz 6yFA== X-Gm-Message-State: AOJu0YwBV7GNdjwnbvUB0CwZC0WWAcxvLLIWwXRQaviv6lT1Be2sIjhd prkZXLMjr0i/5nJvgyZruTU= X-Received: by 2002:a17:902:cec4:b0:1bc:844:5831 with SMTP id d4-20020a170902cec400b001bc08445831mr3218659plg.57.1691683460928; Thu, 10 Aug 2023 09:04:20 -0700 (PDT) Received: from ubuntu-Virtual-Machine.corp.microsoft.com ([2001:4898:80e8:0:c620:2003:6c97:8057]) by smtp.gmail.com with ESMTPSA id r4-20020a1709028bc400b001b895a17429sm1948821plo.280.2023.08.10.09.04.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 10 Aug 2023 09:04:19 -0700 (PDT) From: Tianyu Lan To: kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, decui@microsoft.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, daniel.lezcano@linaro.org, arnd@arndb.de, michael.h.kelley@microsoft.com Cc: Tianyu Lan , linux-arch@vger.kernel.org, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, vkuznets@redhat.com, Michael Kelley Subject: [PATCH V5 1/8] x86/hyperv: Add sev-snp enlightened guest static key Date: Thu, 10 Aug 2023 12:04:04 -0400 Message-Id: <20230810160412.820246-2-ltykernel@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230810160412.820246-1-ltykernel@gmail.com> References: <20230810160412.820246-1-ltykernel@gmail.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773864986887096586 X-GMAIL-MSGID: 1773864986887096586 From: Tianyu Lan Introduce static key isolation_type_en_snp for enlightened sev-snp guest check. Reviewed-by: Michael Kelley Signed-off-by: Tianyu Lan Reviewed-by: Dexuan Cui --- arch/x86/hyperv/ivm.c | 11 +++++++++++ arch/x86/include/asm/mshyperv.h | 2 ++ arch/x86/kernel/cpu/mshyperv.c | 9 +++++++-- drivers/hv/hv_common.c | 6 ++++++ include/asm-generic/mshyperv.h | 13 ++++++++++--- 5 files changed, 36 insertions(+), 5 deletions(-) diff --git a/arch/x86/hyperv/ivm.c b/arch/x86/hyperv/ivm.c index 14f46ad2ca64..b2b5cb19fac9 100644 --- a/arch/x86/hyperv/ivm.c +++ b/arch/x86/hyperv/ivm.c @@ -413,3 +413,14 @@ bool hv_isolation_type_snp(void) { return static_branch_unlikely(&isolation_type_snp); } + +DEFINE_STATIC_KEY_FALSE(isolation_type_en_snp); +/* + * hv_isolation_type_en_snp - Check system runs in the AMD SEV-SNP based + * isolation enlightened VM. + */ +bool hv_isolation_type_en_snp(void) +{ + return static_branch_unlikely(&isolation_type_en_snp); +} + diff --git a/arch/x86/include/asm/mshyperv.h b/arch/x86/include/asm/mshyperv.h index 88d9ef98e087..9f11f0495950 100644 --- a/arch/x86/include/asm/mshyperv.h +++ b/arch/x86/include/asm/mshyperv.h @@ -26,6 +26,7 @@ union hv_ghcb; DECLARE_STATIC_KEY_FALSE(isolation_type_snp); +DECLARE_STATIC_KEY_FALSE(isolation_type_en_snp); typedef int (*hyperv_fill_flush_list_func)( struct hv_guest_mapping_flush_list *flush, @@ -239,6 +240,7 @@ static inline void hv_vtom_init(void) {} #endif extern bool hv_isolation_type_snp(void); +extern bool hv_isolation_type_en_snp(void); static inline bool hv_is_synic_reg(unsigned int reg) { diff --git a/arch/x86/kernel/cpu/mshyperv.c b/arch/x86/kernel/cpu/mshyperv.c index c7969e806c64..5398fb2f4d39 100644 --- a/arch/x86/kernel/cpu/mshyperv.c +++ b/arch/x86/kernel/cpu/mshyperv.c @@ -402,8 +402,12 @@ static void __init ms_hyperv_init_platform(void) pr_info("Hyper-V: Isolation Config: Group A 0x%x, Group B 0x%x\n", ms_hyperv.isolation_config_a, ms_hyperv.isolation_config_b); - if (hv_get_isolation_type() == HV_ISOLATION_TYPE_SNP) + + if (cc_platform_has(CC_ATTR_GUEST_SEV_SNP)) { + static_branch_enable(&isolation_type_en_snp); + } else if (hv_get_isolation_type() == HV_ISOLATION_TYPE_SNP) { static_branch_enable(&isolation_type_snp); + } } if (hv_max_functions_eax >= HYPERV_CPUID_NESTED_FEATURES) { @@ -473,7 +477,8 @@ static void __init ms_hyperv_init_platform(void) #if IS_ENABLED(CONFIG_HYPERV) if ((hv_get_isolation_type() == HV_ISOLATION_TYPE_VBS) || - (hv_get_isolation_type() == HV_ISOLATION_TYPE_SNP)) + ((hv_get_isolation_type() == HV_ISOLATION_TYPE_SNP) && + ms_hyperv.paravisor_present)) hv_vtom_init(); /* * Setup the hook to get control post apic initialization. diff --git a/drivers/hv/hv_common.c b/drivers/hv/hv_common.c index 542a1d53b303..4b4aa53c34c2 100644 --- a/drivers/hv/hv_common.c +++ b/drivers/hv/hv_common.c @@ -502,6 +502,12 @@ bool __weak hv_isolation_type_snp(void) } EXPORT_SYMBOL_GPL(hv_isolation_type_snp); +bool __weak hv_isolation_type_en_snp(void) +{ + return false; +} +EXPORT_SYMBOL_GPL(hv_isolation_type_en_snp); + void __weak hv_setup_vmbus_handler(void (*handler)(void)) { } diff --git a/include/asm-generic/mshyperv.h b/include/asm-generic/mshyperv.h index 402a8c1c202d..580c766958de 100644 --- a/include/asm-generic/mshyperv.h +++ b/include/asm-generic/mshyperv.h @@ -36,15 +36,21 @@ struct ms_hyperv_info { u32 nested_features; u32 max_vp_index; u32 max_lp_index; - u32 isolation_config_a; + union { + u32 isolation_config_a; + struct { + u32 paravisor_present : 1; + u32 reserved_a1 : 31; + }; + }; union { u32 isolation_config_b; struct { u32 cvm_type : 4; - u32 reserved1 : 1; + u32 reserved_b1 : 1; u32 shared_gpa_boundary_active : 1; u32 shared_gpa_boundary_bits : 6; - u32 reserved2 : 20; + u32 reserved_b2 : 20; }; }; u64 shared_gpa_boundary; @@ -58,6 +64,7 @@ extern void * __percpu *hyperv_pcpu_output_arg; extern u64 hv_do_hypercall(u64 control, void *inputaddr, void *outputaddr); extern u64 hv_do_fast_hypercall8(u16 control, u64 input8); extern bool hv_isolation_type_snp(void); +extern bool hv_isolation_type_en_snp(void); /* Helper functions that provide a consistent pattern for checking Hyper-V hypercall status. */ static inline int hv_result(u64 status) From patchwork Thu Aug 10 16:04:05 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tianyu Lan X-Patchwork-Id: 134095 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b824:0:b0:3f2:4152:657d with SMTP id z4csp539098vqi; Thu, 10 Aug 2023 09:31:20 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEDNKOZ/ty8gXtYpfKqu+yHpe0nMoYLOQ44A8+qCkqCyAHflgxnxgLS8bm2jjx79YsYGgrl X-Received: by 2002:a05:6a20:7fa9:b0:13e:23bc:f4cc with SMTP id d41-20020a056a207fa900b0013e23bcf4ccmr3799875pzj.37.1691685079821; Thu, 10 Aug 2023 09:31:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691685079; cv=none; d=google.com; s=arc-20160816; b=skdbyzWmqvSo/obX/dcATuN5XGhlfv7N9Of8XMU3Qk8OfgwqYyoFjW3n/VFYFWqq+q U3jQD64a6iZRJEvNZe5TKrtZpD2WHwpDSslggmTM2FqHQTAhwU4OVfKWSw4VNPsRnO/0 5PXdGykc1pvfhfEhKmRVnLvesQN/IYIhknbuZfMctihkIck9oVcdPDx0w7FPzTVT2KYV wHF5eqU9LuaIp2t5mDB8wSeWrJ7HFps/w1T9T5vtXkH0JARwQdGUQ3WXGOT7heF4o86q E9WxqQq/9eUIsdUUVvB4Rla30xNt+xORQq4Nwxxnx2TEnG1Kv2lqZkaC+1bdh7szhh4a SHtg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=X8HG9m2FhTY7ykIGIVjN0UNBMFpCY7kGIu3exS03aBg=; fh=TxLVtSsj0Yk+bstPG6ly04YaPbvjOFEmGNSQ8sZkNQc=; b=llyzOETmTwFp94YMW3nCTw+rFsaqN6uhJwNTc0Zlf5tSyBtRD9432txU5KBVLZ12yi Dcmx4Yx3ONivtQIlo7wuV2n5baUvXk3u8T/WyQanmMqdrKFork/ujPMIZc/lvD07hzXN O6FI5S7tMzQLMo+E6WSM0VnlpSrYLtku2tSJ0Mz4jj9pM4FUWC+n+wK55whxOQBO2oD7 EJyHPmsdQABw3WfTwB6kuQDrwgKj2eciqi3RZIbHR4nBKoLKkd7LYb9uicJ4qEikeBKx y9VlAigTOlns9SYoEMrcsfSQHHreV//FqTXI4gL7nt3+1N4fFu+4tXW5vN2O/fPtNTGU P6uw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=BvyOcglw; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id q65-20020a632a44000000b0054ff40bf1ccsi1898737pgq.702.2023.08.10.09.31.06; Thu, 10 Aug 2023 09:31:19 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=BvyOcglw; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236529AbjHJQGA (ORCPT + 99 others); Thu, 10 Aug 2023 12:06:00 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40000 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236530AbjHJQFO (ORCPT ); Thu, 10 Aug 2023 12:05:14 -0400 Received: from mail-pl1-x634.google.com (mail-pl1-x634.google.com [IPv6:2607:f8b0:4864:20::634]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7DB303A9B; Thu, 10 Aug 2023 09:04:24 -0700 (PDT) Received: by mail-pl1-x634.google.com with SMTP id d9443c01a7336-1bba48b0bd2so8201415ad.3; Thu, 10 Aug 2023 09:04:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1691683464; x=1692288264; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=X8HG9m2FhTY7ykIGIVjN0UNBMFpCY7kGIu3exS03aBg=; b=BvyOcglwtN0KdFjuajbsYSGBarEbrGc9nhhaMhMPdeQ060nPx7GPEybQgz+D2JgFzz +FhJLFYCW2FiR7KGHFHtMe4G07OCY3dfRst8sF7jl28hoePPWK2iFmV8O2iecxhwd9dJ Rrj2glh608QcXR3+WgH2+GljkgDb7ggAMNr384/m3FGqp35ulkZGQn/neyYNo4dK1seZ zbKCTYUy3aItNR/RNxKLEAUKjPHfI/zrKufp3/060fbXTse7OqCt5pCQuRConD3jXpng LfNVUeR9P4poZdinRn+cF6tvc16mVNpIoOF8KrDyP/s3SYTeUTSCL9/iBefOijzVysUB EBCw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691683464; x=1692288264; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=X8HG9m2FhTY7ykIGIVjN0UNBMFpCY7kGIu3exS03aBg=; b=CEY/9Q5HGr4TrovAJwSNf+ibQdCObWlwladViUeE1ftw9V/tuiiWsEV1mcupnxsHe1 ZhIkbelsXcgocDX+44LhKmEsd2h6FbE0JRJ4Q0ExPyVvwr89QnXHElXu/ZOvsaHC0Naa G+ar9nyT8GvqVk7vD2fFFIg6R8fF0cqQYgLBq0hjLIwSxcgqtP8Cbgcl10O7Y7DI/gpN 8hfaId74g0FrZr8b3yrfbwkYjxiFIsKWBJAdRzRA9uMxzp67XGTiWtNX3pWe/SFRMXEC yqpFlz6l1kGwnKyMI3MFqF2aijXn32os6rJ6rYCB9NQgDpeYZ54Q/yHWmdJsNLLkucmY HNiA== X-Gm-Message-State: AOJu0Ywh+dvE2ojLSeZLNTZZxWfb6ql7br8lkP3T7AVsNiwJCr81EZrZ cKXVoB4iLYHt6LzL38lYujI= X-Received: by 2002:a17:903:41d2:b0:1b7:f443:c7f8 with SMTP id u18-20020a17090341d200b001b7f443c7f8mr3081314ple.15.1691683463871; Thu, 10 Aug 2023 09:04:23 -0700 (PDT) Received: from ubuntu-Virtual-Machine.corp.microsoft.com ([2001:4898:80e8:0:c620:2003:6c97:8057]) by smtp.gmail.com with ESMTPSA id r4-20020a1709028bc400b001b895a17429sm1948821plo.280.2023.08.10.09.04.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 10 Aug 2023 09:04:22 -0700 (PDT) From: Tianyu Lan To: kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, decui@microsoft.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, daniel.lezcano@linaro.org, arnd@arndb.de, michael.h.kelley@microsoft.com Cc: Tianyu Lan , linux-arch@vger.kernel.org, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, vkuznets@redhat.com, Michael Kelley Subject: [PATCH V5 2/8] x86/hyperv: Set Virtual Trust Level in VMBus init message Date: Thu, 10 Aug 2023 12:04:05 -0400 Message-Id: <20230810160412.820246-3-ltykernel@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230810160412.820246-1-ltykernel@gmail.com> References: <20230810160412.820246-1-ltykernel@gmail.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773860374227788080 X-GMAIL-MSGID: 1773860374227788080 From: Tianyu Lan SEV-SNP guests on Hyper-V can run at multiple Virtual Trust Levels (VTL). During boot, get the VTL at which we're running using the GET_VP_REGISTERs hypercall, and save the value for future use. Then during VMBus initialization, set the VTL with the saved value as required in the VMBus init message. Reviewed-by: Michael Kelley Signed-off-by: Tianyu Lan Reviewed-by: Dexuan Cui --- * Change since v3: Call get_vtl() when SEV-SNP is available and set vtl to 0 by default if fail to get VTL from Hyper-V. * Change since v2: Update the change log. --- arch/x86/hyperv/hv_init.c | 39 ++++++++++++++++++++++++++++++ arch/x86/include/asm/hyperv-tlfs.h | 7 ++++++ drivers/hv/connection.c | 1 + include/asm-generic/mshyperv.h | 1 + include/linux/hyperv.h | 4 +-- 5 files changed, 50 insertions(+), 2 deletions(-) diff --git a/arch/x86/hyperv/hv_init.c b/arch/x86/hyperv/hv_init.c index 6c04b52f139b..0fd0f82c4f07 100644 --- a/arch/x86/hyperv/hv_init.c +++ b/arch/x86/hyperv/hv_init.c @@ -378,6 +378,41 @@ static void __init hv_get_partition_id(void) local_irq_restore(flags); } +static u8 __init get_vtl(void) +{ + u64 control = HV_HYPERCALL_REP_COMP_1 | HVCALL_GET_VP_REGISTERS; + struct hv_get_vp_registers_input *input; + struct hv_get_vp_registers_output *output; + unsigned long flags; + u64 ret; + + local_irq_save(flags); + input = *this_cpu_ptr(hyperv_pcpu_input_arg); + output = (struct hv_get_vp_registers_output *)input; + if (!input) { + local_irq_restore(flags); + goto done; + } + + memset(input, 0, struct_size(input, element, 1)); + input->header.partitionid = HV_PARTITION_ID_SELF; + input->header.vpindex = HV_VP_INDEX_SELF; + input->header.inputvtl = 0; + input->element[0].name0 = HV_X64_REGISTER_VSM_VP_STATUS; + + ret = hv_do_hypercall(control, input, output); + if (hv_result_success(ret)) { + ret = output->as64.low & HV_X64_VTL_MASK; + } else { + pr_err("Failed to get VTL and set VTL to zero by default.\n"); + ret = 0; + } + + local_irq_restore(flags); +done: + return ret; +} + /* * This function is to be invoked early in the boot sequence after the * hypervisor has been detected. @@ -506,6 +541,10 @@ void __init hyperv_init(void) /* Query the VMs extended capability once, so that it can be cached. */ hv_query_ext_cap(0); + /* Find the VTL */ + if (cc_platform_has(CC_ATTR_GUEST_SEV_SNP)) + ms_hyperv.vtl = get_vtl(); + return; clean_guest_os_id: diff --git a/arch/x86/include/asm/hyperv-tlfs.h b/arch/x86/include/asm/hyperv-tlfs.h index cea95dcd27c2..4bf0b315b0ce 100644 --- a/arch/x86/include/asm/hyperv-tlfs.h +++ b/arch/x86/include/asm/hyperv-tlfs.h @@ -301,6 +301,13 @@ enum hv_isolation_type { #define HV_X64_MSR_TIME_REF_COUNT HV_REGISTER_TIME_REF_COUNT #define HV_X64_MSR_REFERENCE_TSC HV_REGISTER_REFERENCE_TSC +/* + * Registers are only accessible via HVCALL_GET_VP_REGISTERS hvcall and + * there is not associated MSR address. + */ +#define HV_X64_REGISTER_VSM_VP_STATUS 0x000D0003 +#define HV_X64_VTL_MASK GENMASK(3, 0) + /* Hyper-V memory host visibility */ enum hv_mem_host_visibility { VMBUS_PAGE_NOT_VISIBLE = 0, diff --git a/drivers/hv/connection.c b/drivers/hv/connection.c index 5978e9dbc286..02b54f85dc60 100644 --- a/drivers/hv/connection.c +++ b/drivers/hv/connection.c @@ -98,6 +98,7 @@ int vmbus_negotiate_version(struct vmbus_channel_msginfo *msginfo, u32 version) */ if (version >= VERSION_WIN10_V5) { msg->msg_sint = VMBUS_MESSAGE_SINT; + msg->msg_vtl = ms_hyperv.vtl; vmbus_connection.msg_conn_id = VMBUS_MESSAGE_CONNECTION_ID_4; } else { msg->interrupt_page = virt_to_phys(vmbus_connection.int_page); diff --git a/include/asm-generic/mshyperv.h b/include/asm-generic/mshyperv.h index 580c766958de..efd0d2aedad3 100644 --- a/include/asm-generic/mshyperv.h +++ b/include/asm-generic/mshyperv.h @@ -54,6 +54,7 @@ struct ms_hyperv_info { }; }; u64 shared_gpa_boundary; + u8 vtl; }; extern struct ms_hyperv_info ms_hyperv; extern bool hv_nested; diff --git a/include/linux/hyperv.h b/include/linux/hyperv.h index bfbc37ce223b..1f2bfec4abde 100644 --- a/include/linux/hyperv.h +++ b/include/linux/hyperv.h @@ -665,8 +665,8 @@ struct vmbus_channel_initiate_contact { u64 interrupt_page; struct { u8 msg_sint; - u8 padding1[3]; - u32 padding2; + u8 msg_vtl; + u8 reserved[6]; }; }; u64 monitor_page1; From patchwork Thu Aug 10 16:04:06 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tianyu Lan X-Patchwork-Id: 134120 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b824:0:b0:3f2:4152:657d with SMTP id z4csp573002vqi; Thu, 10 Aug 2023 10:27:52 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFfNiunv+l4XlhvytNCv5/OYtrdNbmmzLsjFUZ0JlSnRmrwbllG+RW7PiPLL18MMJyov6kt X-Received: by 2002:a17:906:253:b0:993:c48f:184c with SMTP id 19-20020a170906025300b00993c48f184cmr2618831ejl.10.1691688471792; Thu, 10 Aug 2023 10:27:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691688471; cv=none; d=google.com; s=arc-20160816; b=U5EdPM9UlxCOCT6GtijP+7cB7RkhZn+noS2QLGPoDDMWzNls31u3PAmVM1UofRBfAL NvZM71v6aEtxEd5mrpp0S1vUBSRxbSEatZtWmkmtPQZBrwtT77xDs00zlynrz6MGIq/D GgruLcjDdbt7JXnZfScoqpV5UUwCLECq3OvsFYfwahOr7yk/2TxTA6byeLBEYcRK8xCO 8kYWQW5L71aOJVuh/5sSooRZ/LN9+87w8ELNDDoaOPjYD+Sieg4ofmkPGIXOa/mdxc9W tnliIxm4oIqFH3I3VVGAmadoQHUjtoNJJOYxgh5HNvqVCADqUJCLULRVtOz+rJV7+QzB gLAQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=8t2VfLawA9ywP02e+pHf7PaApjxnp0yIluklbdk/jFA=; fh=TxLVtSsj0Yk+bstPG6ly04YaPbvjOFEmGNSQ8sZkNQc=; b=PK+9JxyAWCogjlnRayc8pJi9xfryno9Jmfv0+zfToEAw1hsCD2hTWJ1OrXavU/Sxkl wykjz0fvY+quipEhO6Ia9uxT/IBxv6x8wRhTEsUIPBWAoI1lFIwupNaOZfvMCu+WjCWj fXBl51rNAZPq3o2wFTaGRAwzL0HKdYcWlE/1jGrSvgSaIYRGkPEfCHM+rZ/E3i5dN7wH DuvuSi2zHGsVCZkTqR3NE7+xjxwiV1o/BjHU7PSaIriiWJZExN/lIJN/9/nMgLWn+lRK 7tumOQ8EHG69/ynJiDxUDmKHE+hYqeMS4yc1WlZ7HoRUK2Lfhq5aq9uqmHMTv/PPxM8H K20g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=Nh56mQoW; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id w8-20020a1709067c8800b0098734429161si1921061ejo.181.2023.08.10.10.27.26; Thu, 10 Aug 2023 10:27:51 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=Nh56mQoW; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236403AbjHJQGL (ORCPT + 99 others); Thu, 10 Aug 2023 12:06:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33610 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236389AbjHJQFU (ORCPT ); Thu, 10 Aug 2023 12:05:20 -0400 Received: from mail-pl1-x62a.google.com (mail-pl1-x62a.google.com [IPv6:2607:f8b0:4864:20::62a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C7C263AB5; Thu, 10 Aug 2023 09:04:27 -0700 (PDT) Received: by mail-pl1-x62a.google.com with SMTP id d9443c01a7336-1bc6535027aso9464095ad.2; Thu, 10 Aug 2023 09:04:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1691683466; x=1692288266; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=8t2VfLawA9ywP02e+pHf7PaApjxnp0yIluklbdk/jFA=; b=Nh56mQoWzqfv+j317jO12KM0T1Osl7MSV0J2qA5WZbPMZWmzNQOlzYGDzuNrR1v1wa S2stpUK/8rmn8BD/SKgSRhsbHa7KeAYxMWJnj1IOp75oF+bxYMOd8v10P3W0lCJzuMUs /W1ohHneOyTRIiM7hKpxZqpl7zYUVpMbnnqZRMqTFgrs0+y7ZQ1G67zIcR3vU8Z61FEe ZdNZlCLCyW+YyH+aP9Vzy8AOS7oz413uXGqmg8XlUb4jzzdQHWbLkpvkawxS3qf6xizi n/IlnDUYUt5zVYVtvGujbs4/DBZ2cjT2aG3cWT6KjiF8b4XYyX/fiJLEtHSR4J/q0fOX +/jA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691683466; x=1692288266; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=8t2VfLawA9ywP02e+pHf7PaApjxnp0yIluklbdk/jFA=; b=RZZf1hs1aTFXkn7LAXo+alwd0RyjxJXUw6UCk89G2ZD5xbLg2Au4ZIExcUlpX1Wg6p +dOwaTjGK4emqfCz94OyZMJRZxO14Aali7EykJmN/pPZpBs8V4R0vnT8USHaW5MRbl77 LD6bhx1Ofe0xParr/Hhoe63nkd1S1rWISTqweeNRdOoYGAawF3MSUUJLtvaEWI5wnegU fGlznACdaQuCfJX0PiR4vaGbc1xbJonVavrYzOHBrcvvqL88TSrGWZ/1T8YhJgyBpZKA SR7IMrkeK/c1hgb7jR8Qh4d2BpWqFGbat5Q6GxITMmlQnoptyziLMXTQMmarNltgEkdj hNOg== X-Gm-Message-State: AOJu0YzuC1vRhpRV4+q5hgM+DDc3RHWCLqqvjVay/jSk0mrqkYwzrRJE Pn+4UXRJfqo8Vfbk1LQ7Me0= X-Received: by 2002:a17:903:1c5:b0:1b9:e81f:fb08 with SMTP id e5-20020a17090301c500b001b9e81ffb08mr3293438plh.55.1691683465813; Thu, 10 Aug 2023 09:04:25 -0700 (PDT) Received: from ubuntu-Virtual-Machine.corp.microsoft.com ([2001:4898:80e8:0:c620:2003:6c97:8057]) by smtp.gmail.com with ESMTPSA id r4-20020a1709028bc400b001b895a17429sm1948821plo.280.2023.08.10.09.04.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 10 Aug 2023 09:04:24 -0700 (PDT) From: Tianyu Lan To: kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, decui@microsoft.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, daniel.lezcano@linaro.org, arnd@arndb.de, michael.h.kelley@microsoft.com Cc: Tianyu Lan , linux-arch@vger.kernel.org, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, vkuznets@redhat.com, Michael Kelley Subject: [PATCH V5 3/8] x86/hyperv: Mark Hyper-V vp assist page unencrypted in SEV-SNP enlightened guest Date: Thu, 10 Aug 2023 12:04:06 -0400 Message-Id: <20230810160412.820246-4-ltykernel@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230810160412.820246-1-ltykernel@gmail.com> References: <20230810160412.820246-1-ltykernel@gmail.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773863931224226801 X-GMAIL-MSGID: 1773863931224226801 From: Tianyu Lan hv vp assist page needs to be shared between SEV-SNP guest and Hyper-V. So mark the page unencrypted in the SEV-SNP guest. Reviewed-by: Michael Kelley Signed-off-by: Tianyu Lan Reviewed-by: Dexuan Cui --- arch/x86/hyperv/hv_init.c | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/arch/x86/hyperv/hv_init.c b/arch/x86/hyperv/hv_init.c index 0fd0f82c4f07..547ebf6a03bc 100644 --- a/arch/x86/hyperv/hv_init.c +++ b/arch/x86/hyperv/hv_init.c @@ -18,6 +18,7 @@ #include #include #include +#include #include #include #include @@ -106,8 +107,21 @@ static int hv_cpu_init(unsigned int cpu) * in hv_cpu_die(), otherwise a CPU may not be stopped in the * case of CPU offlining and the VM will hang. */ - if (!*hvp) + if (!*hvp) { *hvp = __vmalloc(PAGE_SIZE, GFP_KERNEL | __GFP_ZERO); + + /* + * Hyper-V should never specify a VM that is a Confidential + * VM and also running in the root partition. Root partition + * is blocked to run in Confidential VM. So only decrypt assist + * page in non-root partition here. + */ + if (*hvp && hv_isolation_type_en_snp()) { + WARN_ON_ONCE(set_memory_decrypted((unsigned long)(*hvp), 1)); + memset(*hvp, 0, PAGE_SIZE); + } + } + if (*hvp) msr.pfn = vmalloc_to_pfn(*hvp); From patchwork Thu Aug 10 16:04:07 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tianyu Lan X-Patchwork-Id: 134099 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b824:0:b0:3f2:4152:657d with SMTP id z4csp542785vqi; Thu, 10 Aug 2023 09:37:28 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEkD4EjQnQR5nv+llwlHybMPm99D0gGr2hERJCCfYouIZVbv9AcGMyW5EH3kiiG5YdO8yDs X-Received: by 2002:a17:902:ec8d:b0:1bc:4f04:17f9 with SMTP id x13-20020a170902ec8d00b001bc4f0417f9mr2515626plg.9.1691685447695; Thu, 10 Aug 2023 09:37:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691685447; cv=none; d=google.com; s=arc-20160816; b=Jy6us1qoFtVWzuD9EFVk9lMF2yS0O9QZ7w1X0LfcsulBenAi584vc5atjBhUkgZ76T ZIaOmI9JzANMD/fBBkLEK20jlDJxiFaWNLC3l7W8o92M8mrGEpWpLT96l7ZkG2yhOHPW tSHdbzhxyi21FXDxvyoIiFzngoX92a9Zc4GsPfF8rCXo0v6drI9xz08Nm+LAThAln62C FDW/rWGXvobA2fuvUyv4T0Wqkw1RPCv9PmhbwCPixaQqDhSz8omF6Na5HipgUgjAmF51 mpIFot8MraG7c+4ZcfMsBJkko3Kmfam+hvkWZboDsUuDyAW3Yu6pn3ULH3TQuTfcXuLr d0cw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=0mqb14LBzHQf18FY7xszQiIf830qOZYbv6/JECgr54c=; fh=TxLVtSsj0Yk+bstPG6ly04YaPbvjOFEmGNSQ8sZkNQc=; b=RgS4PsWSQDySfQNBvoC06oDr18ChZk+UiGCHeuo5wEqaHwSBYW2tIUIhzdFSJ9j4KV RTBX4ayQJ0LdCEafltfOmKsK768aViYaIA/v29Hy8Vi4RoSDTOzUAr/I7MQg7kbITlJN qCuEYhY25w/N0DL301ZNbBTi6bMA/CANFHlJBNrf/u77KYS/X2rMqZXciYXQ/PP+dNT/ 5gowXzoT05VdtHwz4Dj5AZeSWMt9Ou2hiEyVDHx+O2MMCiigofEykAYS8Nl7MYAX6hmP r+2pd2O4LcohzxW3JYBLZL4xvwQ/G28Qz9f++klon7ZLKXJn+OpMtpHzz+k6PYld11LS z1AA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b="ZNHK/PMc"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id ij30-20020a170902ab5e00b001b9e21bc14dsi1641318plb.652.2023.08.10.09.37.06; Thu, 10 Aug 2023 09:37:27 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b="ZNHK/PMc"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236663AbjHJQGP (ORCPT + 99 others); Thu, 10 Aug 2023 12:06:15 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60102 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236614AbjHJQFV (ORCPT ); Thu, 10 Aug 2023 12:05:21 -0400 Received: from mail-pl1-x636.google.com (mail-pl1-x636.google.com [IPv6:2607:f8b0:4864:20::636]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 44CA52D4F; Thu, 10 Aug 2023 09:04:28 -0700 (PDT) Received: by mail-pl1-x636.google.com with SMTP id d9443c01a7336-1bcad794ad4so8394075ad.3; Thu, 10 Aug 2023 09:04:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1691683467; x=1692288267; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=0mqb14LBzHQf18FY7xszQiIf830qOZYbv6/JECgr54c=; b=ZNHK/PMcRaN1J6Uwf4XvlEjTLZCToZf9+yZtIIKSo2ubf0ljKFrx4TdG7NOe2sYyeC jz0rw/20j1wNn6bldu7tUiSDG9FUZEsB+X5CzBM/h9nbaMORoxB7m7mjTW6HZBlQ1067 BgfRCPq7aWZyRej58WS+zzrakA7vsarfhWebuMQXw0CiLZpNSawGbE+jUlCitD9jkRby kNTjkOIEIkz0Yr2MI0L+vXOdQ2/et/UnqT8/OhDy414bX9KC7+Ndf4V/KSttvI4plofV VDUFc0Vl9CMlU374RSqMIAzgW5XBHHcoeCYApzABGsexevW/8CYgxEyE/OnwF35xU0zq cMSg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691683467; x=1692288267; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=0mqb14LBzHQf18FY7xszQiIf830qOZYbv6/JECgr54c=; b=b2KO+1iIdagmWjBizj2MkYJV7z/ei53Zjk/5RShhGIVdv00W9IxCP2xtKlEPrkauLz ZxkGxIvoU5W0VsjOcA6S2bRvyGeLcw1MaCCluR0HA3gjzUqz0lyUEBMr8mHqjWFYHm4D AxQOeGezf1XXWMMSCxxKOsstGkIvL6lodfoMKOAyiJ0DLF9mhQ0NVwfy/1ohyoNXoVp0 YwLKt5a1KZkRy4lEm7ybJI3vGVsBS6ovCGSQvOY25gUncDCpMOmdGWghTKNoLDbh+KAu YNwwkZq7mqYNhag4LMuc7haExwUoHcAKSzKgFRA0Pg5Uu2sj7xoibclnqprXAjHEgU5V Fojg== X-Gm-Message-State: AOJu0YymlRpIOpnmgbnR1cd1pMj1mm6bI0KDwO9iWMcTg5OxzC1AHEWC t4M2+rUfR1gnOiW+LuG2Nh4= X-Received: by 2002:a17:902:9009:b0:1bb:d280:5e0b with SMTP id a9-20020a170902900900b001bbd2805e0bmr2062451plp.18.1691683467253; Thu, 10 Aug 2023 09:04:27 -0700 (PDT) Received: from ubuntu-Virtual-Machine.corp.microsoft.com ([2001:4898:80e8:0:c620:2003:6c97:8057]) by smtp.gmail.com with ESMTPSA id r4-20020a1709028bc400b001b895a17429sm1948821plo.280.2023.08.10.09.04.25 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 10 Aug 2023 09:04:26 -0700 (PDT) From: Tianyu Lan To: kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, decui@microsoft.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, daniel.lezcano@linaro.org, arnd@arndb.de, michael.h.kelley@microsoft.com Cc: Tianyu Lan , linux-arch@vger.kernel.org, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, vkuznets@redhat.com, Michael Kelley Subject: [PATCH V5 4/8] drivers: hv: Mark percpu hvcall input arg page unencrypted in SEV-SNP enlightened guest Date: Thu, 10 Aug 2023 12:04:07 -0400 Message-Id: <20230810160412.820246-5-ltykernel@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230810160412.820246-1-ltykernel@gmail.com> References: <20230810160412.820246-1-ltykernel@gmail.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773860760498208245 X-GMAIL-MSGID: 1773860760498208245 From: Tianyu Lan Hypervisor needs to access input arg, VMBus synic event and message pages. Mark these pages unencrypted in the SEV-SNP guest and free them only if they have been marked encrypted successfully. Reviewed-by: Michael Kelley Signed-off-by: Tianyu Lan Reviewed-by: Dexuan Cui --- drivers/hv/hv.c | 57 +++++++++++++++++++++++++++++++++++++++--- drivers/hv/hv_common.c | 13 ++++++++++ 2 files changed, 67 insertions(+), 3 deletions(-) diff --git a/drivers/hv/hv.c b/drivers/hv/hv.c index de6708dbe0df..ec6e35a0d9bf 100644 --- a/drivers/hv/hv.c +++ b/drivers/hv/hv.c @@ -20,6 +20,7 @@ #include #include #include +#include #include "hyperv_vmbus.h" /* The one and only */ @@ -78,7 +79,7 @@ int hv_post_message(union hv_connection_id connection_id, int hv_synic_alloc(void) { - int cpu; + int cpu, ret = -ENOMEM; struct hv_per_cpu_context *hv_cpu; /* @@ -123,26 +124,76 @@ int hv_synic_alloc(void) goto err; } } + + if (hv_isolation_type_en_snp()) { + ret = set_memory_decrypted((unsigned long) + hv_cpu->synic_message_page, 1); + if (ret) { + pr_err("Failed to decrypt SYNIC msg page: %d\n", ret); + hv_cpu->synic_message_page = NULL; + + /* + * Free the event page here so that hv_synic_free() + * won't later try to re-encrypt it. + */ + free_page((unsigned long)hv_cpu->synic_event_page); + hv_cpu->synic_event_page = NULL; + goto err; + } + + ret = set_memory_decrypted((unsigned long) + hv_cpu->synic_event_page, 1); + if (ret) { + pr_err("Failed to decrypt SYNIC event page: %d\n", ret); + hv_cpu->synic_event_page = NULL; + goto err; + } + + memset(hv_cpu->synic_message_page, 0, PAGE_SIZE); + memset(hv_cpu->synic_event_page, 0, PAGE_SIZE); + } } return 0; + err: /* * Any memory allocations that succeeded will be freed when * the caller cleans up by calling hv_synic_free() */ - return -ENOMEM; + return ret; } void hv_synic_free(void) { - int cpu; + int cpu, ret; for_each_present_cpu(cpu) { struct hv_per_cpu_context *hv_cpu = per_cpu_ptr(hv_context.cpu_context, cpu); + /* It's better to leak the page if the encryption fails. */ + if (hv_isolation_type_en_snp()) { + if (hv_cpu->synic_message_page) { + ret = set_memory_encrypted((unsigned long) + hv_cpu->synic_message_page, 1); + if (ret) { + pr_err("Failed to encrypt SYNIC msg page: %d\n", ret); + hv_cpu->synic_message_page = NULL; + } + } + + if (hv_cpu->synic_event_page) { + ret = set_memory_encrypted((unsigned long) + hv_cpu->synic_event_page, 1); + if (ret) { + pr_err("Failed to encrypt SYNIC event page: %d\n", ret); + hv_cpu->synic_event_page = NULL; + } + } + } + free_page((unsigned long)hv_cpu->synic_event_page); free_page((unsigned long)hv_cpu->synic_message_page); } diff --git a/drivers/hv/hv_common.c b/drivers/hv/hv_common.c index 4b4aa53c34c2..2d43ba2bc925 100644 --- a/drivers/hv/hv_common.c +++ b/drivers/hv/hv_common.c @@ -24,6 +24,7 @@ #include #include #include +#include #include #include @@ -359,6 +360,7 @@ int hv_common_cpu_init(unsigned int cpu) u64 msr_vp_index; gfp_t flags; int pgcount = hv_root_partition ? 2 : 1; + int ret; /* hv_cpu_init() can be called with IRQs disabled from hv_resume() */ flags = irqs_disabled() ? GFP_ATOMIC : GFP_KERNEL; @@ -378,6 +380,17 @@ int hv_common_cpu_init(unsigned int cpu) outputarg = (void **)this_cpu_ptr(hyperv_pcpu_output_arg); *outputarg = (char *)(*inputarg) + HV_HYP_PAGE_SIZE; } + + if (hv_isolation_type_en_snp()) { + ret = set_memory_decrypted((unsigned long)*inputarg, pgcount); + if (ret) { + kfree(*inputarg); + *inputarg = NULL; + return ret; + } + + memset(*inputarg, 0x00, pgcount * PAGE_SIZE); + } } msr_vp_index = hv_get_register(HV_REGISTER_VP_INDEX); From patchwork Thu Aug 10 16:04:08 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tianyu Lan X-Patchwork-Id: 134122 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b824:0:b0:3f2:4152:657d with SMTP id z4csp573811vqi; Thu, 10 Aug 2023 10:29:32 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEZ3lO+diq9MdClgUGfQJVokY9Gw4RHzmA59FQyF1MsIE8rqlIHhBFTpH3Ay/fBvyHpoT5G X-Received: by 2002:a17:906:3298:b0:99b:cb7a:c164 with SMTP id 24-20020a170906329800b0099bcb7ac164mr2482956ejw.62.1691688572347; Thu, 10 Aug 2023 10:29:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691688572; cv=none; d=google.com; s=arc-20160816; b=GvRqj8XlBr5ydUcRjXiHHA8Sxk/gqVBW7aLCKDcYSmhJKnKMaKNZxU8dYMzC87k0FA c1yg9Cdo+UV9Ovn/tlDdfjFDwmR95DEjM1V+8wkwDP8vTJzF4ThAzGDO/KngepkLQhco zp5FnA+Rhfw/SKP0tFxHAGxoQ6W8o2mHfqhVS9Ixp/3igSlhp4aYMQHOe1nwZaiwIIK+ bYAFjpTgI3RDB3v771iU0knHJTS+KKfQ503o2i1aJs6zS8R8UC46nNrjaY01Yz25eDZh a/DJVv+U5/lMQuq1zEMoxZkG7vQrNsVZBa3FjOFJpxj4RxhUVcpb7gKe2t9MQgkRiRxd 5yQA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=VrmI5CfPxVY7AnD9ZXTkBFKVyDfbtlM8uSjA/DWsUFg=; fh=0q4Ral/ZvWHifErBr5uVVFNUVQsTG1/TVmQRaCWii40=; b=KLcppv/ZsDWhkoLn3tBT9xadIPPYeSWZpAa1I+ry4kWindwEJ/+0tkNJng/tR6lsR1 /Eq2lJdeSJp/Ia8Up92bs2+vy16j5mRoo2ygacKyDc0CNPf29/X3u4MelB23bnlEgTfJ SJmLgbeg7BYCG6eIyinbHt/rt8Hfix6FeqFPgfoJpp+p67WkQIcujxgqCAD0wtK4rJwz mkNOBZPQTs2zFq/PwXCOqcLPNAIYGZwOpg86cNSQmyCH8qUB+ksFciOJgrYy/2Iy4jgx YeS9U38c6/fs4ATWb/mPfiLjKcHRxBABBwKWDMV9/JAKt9lvE30goNnepS7+7RU1Wsv/ YGTw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=nKKUhZeb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id g11-20020a17090670cb00b00997ea7d6658si1892822ejk.61.2023.08.10.10.29.08; Thu, 10 Aug 2023 10:29:32 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=nKKUhZeb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236488AbjHJQGd (ORCPT + 99 others); Thu, 10 Aug 2023 12:06:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48990 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236465AbjHJQFi (ORCPT ); Thu, 10 Aug 2023 12:05:38 -0400 Received: from mail-pl1-x630.google.com (mail-pl1-x630.google.com [IPv6:2607:f8b0:4864:20::630]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D542E3C0D; Thu, 10 Aug 2023 09:04:32 -0700 (PDT) Received: by mail-pl1-x630.google.com with SMTP id d9443c01a7336-1bb893e6365so8234095ad.2; Thu, 10 Aug 2023 09:04:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1691683470; x=1692288270; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=VrmI5CfPxVY7AnD9ZXTkBFKVyDfbtlM8uSjA/DWsUFg=; b=nKKUhZebRQhMhb8DbOpZRrQ8kDB57Yk6YeTf74gDwfzeZ5Pam9jhu1xY7+/5wtUarE cN33Kz99N4+6hOZ18gb7x4hI4Bj/Qg3vsBMrseoKvwlh5oa8rvX7BQp3QQNtMD8LJQ+R mWeUa4OM2chIJ9WviufkH5nC4blEts252hdn8TK18x4SRjYBoVD5iUDn4q+xTIZGLd9F wZNkdw71WYbN17fQhTCA67i7D1dDjBPnETala0dgcMd7zByl0pWknvUecBFJD46T1lBF kD3qU7DikYlgaGk74RsQI5A0kHzumsYs1zw9UihpvOnUjchgenirBUhfk+XI7tIR0NA+ qY4w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691683470; x=1692288270; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=VrmI5CfPxVY7AnD9ZXTkBFKVyDfbtlM8uSjA/DWsUFg=; b=Jy0sif7mdJvWkADQg/ps1tB1UXkVHDyA7NC7onizGLtMQLhC+IA7ibhKt6/GNQAwEX UH+c3x0yOTubRw5ZiNK4wrMFO3tQ+lPbn0J3f7o4CGHqJ24GscuShNrsBAEKYCdtab29 T3RX9wGpPy6VuuOXJiI7korwUj0jCL7WFXvSDICV2gWMmEdus+NVCNagR6SFxgKevcD5 l0nbRdpwIhQsAPFheKuUvxor49itOt/M4mRFsf8+7jrgE8qCZ0HUtDy9Y7djx6Y/Ucds K8FhTzwA2bo7Hh/SDEsbAX5Et1K0gP4xhUbkrG8WE42SArE6JNbmw8tqrZ3V9cIJFrG0 OcHg== X-Gm-Message-State: AOJu0YwB/JGG2LMuzei36RdSSWnAlyIQVyVtFNAxoBnOQi//ZIkIpPQF jQGSm655fxaogkk7mBnbRG0= X-Received: by 2002:a17:902:daca:b0:1bb:1e69:28be with SMTP id q10-20020a170902daca00b001bb1e6928bemr2944141plx.42.1691683469696; Thu, 10 Aug 2023 09:04:29 -0700 (PDT) Received: from ubuntu-Virtual-Machine.corp.microsoft.com ([2001:4898:80e8:0:c620:2003:6c97:8057]) by smtp.gmail.com with ESMTPSA id r4-20020a1709028bc400b001b895a17429sm1948821plo.280.2023.08.10.09.04.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 10 Aug 2023 09:04:28 -0700 (PDT) From: Tianyu Lan To: kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, decui@microsoft.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, daniel.lezcano@linaro.org, arnd@arndb.de, michael.h.kelley@microsoft.com Cc: Tianyu Lan , linux-arch@vger.kernel.org, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, vkuznets@redhat.com Subject: [PATCH V5 5/8] x86/hyperv: Use vmmcall to implement Hyper-V hypercall in sev-snp enlightened guest Date: Thu, 10 Aug 2023 12:04:08 -0400 Message-Id: <20230810160412.820246-6-ltykernel@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230810160412.820246-1-ltykernel@gmail.com> References: <20230810160412.820246-1-ltykernel@gmail.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773864036417512008 X-GMAIL-MSGID: 1773864036417512008 From: Tianyu Lan In sev-snp enlightened guest, Hyper-V hypercall needs to use vmmcall to trigger vmexit and notify hypervisor to handle hypercall request. Signed-off-by: Tianyu Lan --- arch/x86/include/asm/mshyperv.h | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/arch/x86/include/asm/mshyperv.h b/arch/x86/include/asm/mshyperv.h index 9f11f0495950..07cad6c2af56 100644 --- a/arch/x86/include/asm/mshyperv.h +++ b/arch/x86/include/asm/mshyperv.h @@ -62,12 +62,12 @@ static inline u64 hv_do_hypercall(u64 control, void *input, void *output) if (!hv_hypercall_pg) return U64_MAX; - __asm__ __volatile__("mov %4, %%r8\n" - CALL_NOSPEC + __asm__ __volatile__("mov %[output], %%r8\n" + ALTERNATIVE(CALL_NOSPEC, "vmmcall", X86_FEATURE_SEV_ES) : "=a" (hv_status), ASM_CALL_CONSTRAINT, - "+c" (control), "+d" (input_address) - : "r" (output_address), - THUNK_TARGET(hv_hypercall_pg) + "+c" (control), "+d" (input_address) + : [output] "r" (output_address), + THUNK_TARGET(hv_hypercall_pg) : "cc", "memory", "r8", "r9", "r10", "r11"); #else u32 input_address_hi = upper_32_bits(input_address); @@ -103,7 +103,8 @@ static inline u64 _hv_do_fast_hypercall8(u64 control, u64 input1) #ifdef CONFIG_X86_64 { - __asm__ __volatile__(CALL_NOSPEC + __asm__ __volatile__("mov %[thunk_target], %%r8\n" + ALTERNATIVE(CALL_NOSPEC, "vmmcall", X86_FEATURE_SEV_ES) : "=a" (hv_status), ASM_CALL_CONSTRAINT, "+c" (control), "+d" (input1) : THUNK_TARGET(hv_hypercall_pg) @@ -148,13 +149,13 @@ static inline u64 _hv_do_fast_hypercall16(u64 control, u64 input1, u64 input2) #ifdef CONFIG_X86_64 { - __asm__ __volatile__("mov %4, %%r8\n" - CALL_NOSPEC - : "=a" (hv_status), ASM_CALL_CONSTRAINT, - "+c" (control), "+d" (input1) - : "r" (input2), - THUNK_TARGET(hv_hypercall_pg) - : "cc", "r8", "r9", "r10", "r11"); + __asm__ __volatile__("mov %[output], %%r8\n" + ALTERNATIVE(CALL_NOSPEC, "vmmcall", X86_FEATURE_SEV_ES) + : "=a" (hv_status), ASM_CALL_CONSTRAINT, + "+c" (control), "+d" (input1) + : [output] "r" (input2), + THUNK_TARGET(hv_hypercall_pg) + : "cc", "r8", "r9", "r10", "r11"); } #else { From patchwork Thu Aug 10 16:04:09 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tianyu Lan X-Patchwork-Id: 134116 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b824:0:b0:3f2:4152:657d with SMTP id z4csp561798vqi; Thu, 10 Aug 2023 10:08:31 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEC4QaGRLYGLqWWf96BESbAy5QMQn6px5rX+/IzCwRXmHYMi6drOXXczn3fQYTrFbNiIKzU X-Received: by 2002:a2e:9bd3:0:b0:2b9:dd5d:5d0a with SMTP id w19-20020a2e9bd3000000b002b9dd5d5d0amr2561721ljj.40.1691687311322; Thu, 10 Aug 2023 10:08:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691687311; cv=none; d=google.com; s=arc-20160816; b=JZQi21bG72yM6LunBTUqZWS63P8QqWEo2sxXZhoy5YS4XGgWE4yM7OUl+aOnYH770b o8t1Fw7PJnHtL5w4HJFZzMaihbAdykqO1227JCq7O7Wu+j3QE1pMjShROFKzct/GXI0q AHot4zA0XQtY5zx07DrfetApP/MUEYVV+2lqWpBfQmebxyVR2zYn96hjABHISfMB+dq7 fdDQ4QkIC4VN6ZQ47Zxl7mQa5Ov9fAgsECBSaKUtjYMkaAUT2OklJwU0aDVVX3n+dLFa Yq7wB5WBu/Ki14WTj9EIdiihuUQJXVmaVx7n2Bcve7GDtxRGyqzmAiP3hOW3EWEcn4CA QGUg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=lxyPRx65GPTmM7WIGpMjts/akUWiTXqh+ZFAndUPdXI=; fh=TxLVtSsj0Yk+bstPG6ly04YaPbvjOFEmGNSQ8sZkNQc=; b=Ey6SfT4/RGF/Jyh0qGBl/6kXxnD0qbzb9avoMsRX7vjFyXH149oLfr6lDhrxkSWppH f2oDvdvpGeSm6tWjQ0qD/NMl7eUkGn+TdvoFojqT+wxB6HY2uCCWHuG/tS3SKbWxGGgL pgTzdnAiN0hQVO+sK5/Vs1t2bcy7zupY1Ue6BF7wj/BTalVichdZ+RmUpEURphq1vET/ 7n5RIt8lmFRlhAAB8JubHWkSimakAzWokItnzahgwnYAbz9z+7cmWB11ExZidlJ9G/ff BPZl7svVrbv7rejyHT1YVGRYw6HiBDrJgKa36KVhYDVazWinnbPtpLke/v8rHbC4+AJ0 IWUA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=RCXffTJs; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id dv26-20020a170906b81a00b0099d54631b4bsi1890034ejb.170.2023.08.10.10.08.06; Thu, 10 Aug 2023 10:08:31 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=RCXffTJs; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232030AbjHJQGm (ORCPT + 99 others); Thu, 10 Aug 2023 12:06:42 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42988 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236313AbjHJQFk (ORCPT ); Thu, 10 Aug 2023 12:05:40 -0400 Received: from mail-pl1-x630.google.com (mail-pl1-x630.google.com [IPv6:2607:f8b0:4864:20::630]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 77A003C25; Thu, 10 Aug 2023 09:04:36 -0700 (PDT) Received: by mail-pl1-x630.google.com with SMTP id d9443c01a7336-1bbff6b2679so8285335ad.1; Thu, 10 Aug 2023 09:04:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1691683472; x=1692288272; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=lxyPRx65GPTmM7WIGpMjts/akUWiTXqh+ZFAndUPdXI=; b=RCXffTJsDHcffmIPSgUKPLAjuz2B9B5upDilpJKvxXdse+2iU9qMd7XeUioEsL/IIx P49mC4Z7C2BWR4jgNtbX/rq5y7v1XSel5TXFTXUok3MrW+MmiJqkH3byV+llrk8HKq6U H7CoWlLozmvsDFj0PqumGlemwyQxY//zMB8iQjPFrgkXNtpuXt/bFiVYqYPuOJiI/06R vEy0jn5ymAGIXiBbExFCqoQ/R0nqeIBKzln7CVzEzdqsufVa2N2Zm+Ss86+gTrSekJi0 uz/CuciUxpLsNLDHf/pCvPxUVUSizB3w+dTFkwkyLWm/lFN799wXItMTWoCcb2WAnHyD gltQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691683472; x=1692288272; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=lxyPRx65GPTmM7WIGpMjts/akUWiTXqh+ZFAndUPdXI=; b=JyK6ut6fatUSWJI4ZuMAM13Uvd8T695aNPaz5djXjN6G13QKoi2HVNbNGIbFRH6B69 J5HSQ2FK16yh3iwzJeh9bmvEg7fM1oK5+HnFkgiiteJ/38MgtogOw+xEEqXgt7ycTj9H lh1+4iUpavoj/bsyIUundvq0ks1OPHVzENApSWQE0GON6AlnKfb/MHWoEiPWIjvb0nu9 GBljHeYnOEpoeEcwGfQSgbMK0fkswZej51A4X6XjxLIySRBZ4aoBGEYfFawEY7FU9MMm +SKC7B23PCk1oedsosSDxffD7v3qi8bN44XH7ov8dClBzkgytJFYsPYOTTdMozBFWTCI QdQw== X-Gm-Message-State: AOJu0Yw6CrUdN22PjUPiuw37/9ieG3WwC7eMzUkzWplRqmSDiBuqGzE5 3jY50nTmFQajLdbXPFJiDwc= X-Received: by 2002:a17:902:b10f:b0:1bc:50f9:8f20 with SMTP id q15-20020a170902b10f00b001bc50f98f20mr2336492plr.23.1691683472544; Thu, 10 Aug 2023 09:04:32 -0700 (PDT) Received: from ubuntu-Virtual-Machine.corp.microsoft.com ([2001:4898:80e8:0:c620:2003:6c97:8057]) by smtp.gmail.com with ESMTPSA id r4-20020a1709028bc400b001b895a17429sm1948821plo.280.2023.08.10.09.04.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 10 Aug 2023 09:04:31 -0700 (PDT) From: Tianyu Lan To: kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, decui@microsoft.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, daniel.lezcano@linaro.org, arnd@arndb.de, michael.h.kelley@microsoft.com Cc: Tianyu Lan , linux-arch@vger.kernel.org, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, vkuznets@redhat.com, Michael Kelley Subject: [PATCH V5 6/8] clocksource: hyper-v: Mark hyperv tsc page unencrypted in sev-snp enlightened guest Date: Thu, 10 Aug 2023 12:04:09 -0400 Message-Id: <20230810160412.820246-7-ltykernel@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230810160412.820246-1-ltykernel@gmail.com> References: <20230810160412.820246-1-ltykernel@gmail.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773862714102450692 X-GMAIL-MSGID: 1773862714102450692 From: Tianyu Lan Hyper-V tsc page is shared with hypervisor and mark the page unencrypted in sev-snp enlightened guest when it's used. Reviewed-by: Michael Kelley Signed-off-by: Tianyu Lan Reviewed-by: Dexuan Cui --- drivers/clocksource/hyperv_timer.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/clocksource/hyperv_timer.c b/drivers/clocksource/hyperv_timer.c index e56307a81f4d..8ff7cd4e20bb 100644 --- a/drivers/clocksource/hyperv_timer.c +++ b/drivers/clocksource/hyperv_timer.c @@ -390,7 +390,7 @@ static __always_inline u64 read_hv_clock_msr(void) static union { struct ms_hyperv_tsc_page page; u8 reserved[PAGE_SIZE]; -} tsc_pg __aligned(PAGE_SIZE); +} tsc_pg __bss_decrypted __aligned(PAGE_SIZE); static struct ms_hyperv_tsc_page *tsc_page = &tsc_pg.page; static unsigned long tsc_pfn; From patchwork Thu Aug 10 16:04:10 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tianyu Lan X-Patchwork-Id: 134114 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b824:0:b0:3f2:4152:657d with SMTP id z4csp560116vqi; Thu, 10 Aug 2023 10:06:16 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEJjVGlVn47+bXp/t0sk9NJ7m/2x8i2icxplAnDl0C1XWlFIF17jgNpI4hp0QqOwnEG1Ye0 X-Received: by 2002:a17:906:3d2a:b0:99b:237e:6ee with SMTP id l10-20020a1709063d2a00b0099b237e06eemr2665489ejf.30.1691687175842; Thu, 10 Aug 2023 10:06:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691687175; cv=none; d=google.com; s=arc-20160816; b=dIv10AIiDwikGDo7t+vchLDx3Ywm1UB0iAZodhf15bSHA4cxL8vXTSVXo20AFPtbZA wKa8ROw7CKHGSpFxdxuW9CK+6szu7kSFnkfCmB9SiaKbBvdAHM3WJBmvqXgmWlK9AjD3 3u7zIsmVC/I+4cVAdnCQbJZjiWuImvDZzFisZ5kyoT9ci8og3/UrSVNFfwOI8mXd1WUQ iuzOLkta9wEsc7Zutps5zHiyclbelMPxqs9/l5aK8UX4dF665EpOVK3f4QWBiv9KHAuj Oz2KpE9TcDe78bqE7CjkwD8098Po//n2eqwAvc12E+3CPsl/useYZaCbK020wiBhHuH5 DTHQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=J7FB9Vxp0+WyI1KuAkoksmy5QM/XFX9os/58JlPRcHE=; fh=TxLVtSsj0Yk+bstPG6ly04YaPbvjOFEmGNSQ8sZkNQc=; b=abeNWdaHQevbOSWwYVVIFfUIiuFyGyQOxJIyhj/YuHPOsfGgjN3Kvk5sMQ6DERoEbx jtmXEyAaulbeU8xZjTtPZk7cB/xl8NTu9dp731sD4v+f30XXwLJNJHLCLaFGPY7kBmxB CDONZgwl1pHGHI1G5y1y/Jw3ouu2cv6TiYpTG2YAHFNQrgx9ZhcJ8pYAgf+vscKfmBDr aGV9OzOyPhx3MKrC/I6XLo+HtJtSBMvaLs9XLyIbrNQhfydJuQlecJamyP3G9bmDQ0rr iSa+s265NE7isgfe+yIZqqGGDxIMctTdMuUa6iOXu7J+p2oLtEnFy7C4fDqB6wYzvjmJ b1jA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=glCwwTkj; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id a19-20020a1709066d5300b0099bd5a1b111si1863688ejt.411.2023.08.10.10.05.48; Thu, 10 Aug 2023 10:06:15 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=glCwwTkj; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232679AbjHJQNY (ORCPT + 99 others); Thu, 10 Aug 2023 12:13:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45262 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236710AbjHJQNH (ORCPT ); Thu, 10 Aug 2023 12:13:07 -0400 Received: from mail-pl1-x62c.google.com (mail-pl1-x62c.google.com [IPv6:2607:f8b0:4864:20::62c]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4971E3C32; Thu, 10 Aug 2023 09:04:38 -0700 (PDT) Received: by mail-pl1-x62c.google.com with SMTP id d9443c01a7336-1bcad794ad4so8395095ad.3; Thu, 10 Aug 2023 09:04:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1691683474; x=1692288274; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=J7FB9Vxp0+WyI1KuAkoksmy5QM/XFX9os/58JlPRcHE=; b=glCwwTkjf8Uu+nfvqC8lsvnDKhodhaELn8VBqXmXLcfNlTORjbcxd7Exa7cXnJaXO5 TE50A4LHkJrEpSIbgwS+NSoIxTrY4WEE9LoECNKDg2umt3tV2i5HswEzuhh1H7qYhZjk oZ4KS+Cbr7GC9l2G97C6MgEhAwlIUgNdBh0xVnK3bLYnPtDLCpKC/OdHkVzeeO5SfNe1 W7hOINHFAtTYtpkgCASxySy/MVv96DymXFmiVPofBw/3oaeHzUIyC4auZWeClfqeted+ DlHrBrwjqSIui+kqAleBllo8Oi1H60S8GH4gH7/9s9baZNPU1y8VWbtm5Jw3P/X2T48j 81MQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691683474; x=1692288274; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=J7FB9Vxp0+WyI1KuAkoksmy5QM/XFX9os/58JlPRcHE=; b=Fb9eel1m23mYGRvI7jy/HOWGcBmGksPw5Wvb9T5tIeCdlcG9Zh9udeaNn3OnW1e7ik 792jOtIdmGc5xa8HVDVuwLhFUclMvg0ubOhOpJQdwtjF78po4qY1Kj9AVZo+khe90wP4 p/HN+DhOK28SnVeZbFa+j4+rrhnyAyw97jeYBzQOBaWRoSbQf0OiqnV+1oG0WASQnZsV +/xhCSJX5z3vYTffy5HuMG+ny/Busjoaja23AD8TSs3BKVuqgtG7EclinFJlFu04vtxI Vmsl4DCdbFLsjw7N/uYnLeDldEB+DFgN6sGbJ5Rhh13NrG775+SHDuo9jg7DJ6b7PPGT KyJA== X-Gm-Message-State: AOJu0YxR+uosQGdemIoYPApvlV7ktvlT2JYpVnSpXtFfSDcRQvnFQdHq 9DdS6d+8t98rxnbRfE/FwWQ= X-Received: by 2002:a17:902:70c1:b0:1bb:a834:696 with SMTP id l1-20020a17090270c100b001bba8340696mr2212002plt.29.1691683474562; Thu, 10 Aug 2023 09:04:34 -0700 (PDT) Received: from ubuntu-Virtual-Machine.corp.microsoft.com ([2001:4898:80e8:0:c620:2003:6c97:8057]) by smtp.gmail.com with ESMTPSA id r4-20020a1709028bc400b001b895a17429sm1948821plo.280.2023.08.10.09.04.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 10 Aug 2023 09:04:33 -0700 (PDT) From: Tianyu Lan To: kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, decui@microsoft.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, daniel.lezcano@linaro.org, arnd@arndb.de, michael.h.kelley@microsoft.com Cc: Tianyu Lan , linux-arch@vger.kernel.org, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, vkuznets@redhat.com, Michael Kelley Subject: [PATCH V5 7/8] x86/hyperv: Add smp support for SEV-SNP guest Date: Thu, 10 Aug 2023 12:04:10 -0400 Message-Id: <20230810160412.820246-8-ltykernel@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230810160412.820246-1-ltykernel@gmail.com> References: <20230810160412.820246-1-ltykernel@gmail.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773862572133636137 X-GMAIL-MSGID: 1773862572133636137 From: Tianyu Lan In the AMD SEV-SNP guest, AP needs to be started up via sev es save area and Hyper-V requires to call HVCALL_START_VP hypercall to pass the gpa of sev es save area with AP's vp index and VTL(Virtual trust level) parameters. Override wakeup_secondary_cpu_64 callback with hv_snp_boot_ap. Reviewed-by: Michael Kelley Signed-off-by: Tianyu Lan --- arch/x86/hyperv/ivm.c | 100 ++++++++++++++++++++++++++++++ arch/x86/include/asm/mshyperv.h | 14 +++++ arch/x86/kernel/cpu/mshyperv.c | 13 +++- include/asm-generic/hyperv-tlfs.h | 1 + 4 files changed, 126 insertions(+), 2 deletions(-) diff --git a/arch/x86/hyperv/ivm.c b/arch/x86/hyperv/ivm.c index b2b5cb19fac9..ee08a0cd6da3 100644 --- a/arch/x86/hyperv/ivm.c +++ b/arch/x86/hyperv/ivm.c @@ -18,11 +18,20 @@ #include #include #include +#include +#include +#include +#include +#include +#include #ifdef CONFIG_AMD_MEM_ENCRYPT #define GHCB_USAGE_HYPERV_CALL 1 +static u8 ap_start_input_arg[PAGE_SIZE] __bss_decrypted __aligned(PAGE_SIZE); +static u8 ap_start_stack[PAGE_SIZE] __aligned(PAGE_SIZE); + union hv_ghcb { struct ghcb ghcb; struct { @@ -357,6 +366,97 @@ static bool hv_is_private_mmio(u64 addr) return false; } +#define hv_populate_vmcb_seg(seg, gdtr_base) \ +do { \ + if (seg.selector) { \ + seg.base = 0; \ + seg.limit = HV_AP_SEGMENT_LIMIT; \ + seg.attrib = *(u16 *)(gdtr_base + seg.selector + 5); \ + seg.attrib = (seg.attrib & 0xFF) | ((seg.attrib >> 4) & 0xF00); \ + } \ +} while (0) \ + +int hv_snp_boot_ap(int cpu, unsigned long start_ip) +{ + struct sev_es_save_area *vmsa = (struct sev_es_save_area *) + __get_free_page(GFP_KERNEL | __GFP_ZERO); + struct desc_ptr gdtr; + u64 ret, rmp_adjust, retry = 5; + struct hv_enable_vp_vtl *start_vp_input; + unsigned long flags; + + native_store_gdt(&gdtr); + + vmsa->gdtr.base = gdtr.address; + vmsa->gdtr.limit = gdtr.size; + + asm volatile("movl %%es, %%eax;" : "=a" (vmsa->es.selector)); + hv_populate_vmcb_seg(vmsa->es, vmsa->gdtr.base); + + asm volatile("movl %%cs, %%eax;" : "=a" (vmsa->cs.selector)); + hv_populate_vmcb_seg(vmsa->cs, vmsa->gdtr.base); + + asm volatile("movl %%ss, %%eax;" : "=a" (vmsa->ss.selector)); + hv_populate_vmcb_seg(vmsa->ss, vmsa->gdtr.base); + + asm volatile("movl %%ds, %%eax;" : "=a" (vmsa->ds.selector)); + hv_populate_vmcb_seg(vmsa->ds, vmsa->gdtr.base); + + vmsa->efer = native_read_msr(MSR_EFER); + + asm volatile("movq %%cr4, %%rax;" : "=a" (vmsa->cr4)); + asm volatile("movq %%cr3, %%rax;" : "=a" (vmsa->cr3)); + asm volatile("movq %%cr0, %%rax;" : "=a" (vmsa->cr0)); + + vmsa->xcr0 = 1; + vmsa->g_pat = HV_AP_INIT_GPAT_DEFAULT; + vmsa->rip = (u64)secondary_startup_64_no_verify; + vmsa->rsp = (u64)&ap_start_stack[PAGE_SIZE]; + + /* + * Set the SNP-specific fields for this VMSA: + * VMPL level + * SEV_FEATURES (matches the SEV STATUS MSR right shifted 2 bits) + */ + vmsa->vmpl = 0; + vmsa->sev_features = sev_status >> 2; + + /* + * Running at VMPL0 allows the kernel to change the VMSA bit for a page + * using the RMPADJUST instruction. However, for the instruction to + * succeed it must target the permissions of a lesser privileged + * (higher numbered) VMPL level, so use VMPL1 (refer to the RMPADJUST + * instruction in the AMD64 APM Volume 3). + */ + rmp_adjust = RMPADJUST_VMSA_PAGE_BIT | 1; + ret = rmpadjust((unsigned long)vmsa, RMP_PG_SIZE_4K, + rmp_adjust); + if (ret != 0) { + pr_err("RMPADJUST(%llx) failed: %llx\n", (u64)vmsa, ret); + return ret; + } + + local_irq_save(flags); + start_vp_input = + (struct hv_enable_vp_vtl *)ap_start_input_arg; + memset(start_vp_input, 0, sizeof(*start_vp_input)); + start_vp_input->partition_id = -1; + start_vp_input->vp_index = cpu; + start_vp_input->target_vtl.target_vtl = ms_hyperv.vtl; + *(u64 *)&start_vp_input->vp_context = __pa(vmsa) | 1; + + do { + ret = hv_do_hypercall(HVCALL_START_VP, + start_vp_input, NULL); + } while (hv_result(ret) == HV_STATUS_TIME_OUT && retry--); + + local_irq_restore(flags); + + if (!hv_result_success(ret)) + pr_err("HvCallStartVirtualProcessor failed: %llx\n", ret); + return ret; +} + void __init hv_vtom_init(void) { /* diff --git a/arch/x86/include/asm/mshyperv.h b/arch/x86/include/asm/mshyperv.h index 07cad6c2af56..8dce3c8ce038 100644 --- a/arch/x86/include/asm/mshyperv.h +++ b/arch/x86/include/asm/mshyperv.h @@ -48,6 +48,13 @@ extern u64 hv_current_partition_id; extern union hv_ghcb * __percpu *hv_ghcb_pg; +/* + * DEFAULT INIT GPAT and SEGMENT LIMIT value in struct VMSA + * to start AP in enlightened SEV guest. + */ +#define HV_AP_INIT_GPAT_DEFAULT 0x0007040600070406ULL +#define HV_AP_SEGMENT_LIMIT 0xffffffff + int hv_call_deposit_pages(int node, u64 partition_id, u32 num_pages); int hv_call_add_logical_proc(int node, u32 lp_index, u32 acpi_id); int hv_call_create_vp(int node, u64 partition_id, u32 vp_index, u32 flags); @@ -232,12 +239,19 @@ void hv_ghcb_msr_read(u64 msr, u64 *value); bool hv_ghcb_negotiate_protocol(void); void __noreturn hv_ghcb_terminate(unsigned int set, unsigned int reason); void hv_vtom_init(void); +int hv_snp_boot_ap(int cpu, unsigned long start_ip); #else static inline void hv_ghcb_msr_write(u64 msr, u64 value) {} static inline void hv_ghcb_msr_read(u64 msr, u64 *value) {} static inline bool hv_ghcb_negotiate_protocol(void) { return false; } static inline void hv_ghcb_terminate(unsigned int set, unsigned int reason) {} static inline void hv_vtom_init(void) {} +<<<<<<< ours +static int hv_snp_boot_ap(int cpu, unsigned long start_ip) {} +======= +static int hv_snp_boot_ap(int cpu, unsigned long start_ip) { return 0; } +static inline void hv_sev_init_mem_and_cpu(void) {} +>>>>>>> theirs #endif extern bool hv_isolation_type_snp(void); diff --git a/arch/x86/kernel/cpu/mshyperv.c b/arch/x86/kernel/cpu/mshyperv.c index 5398fb2f4d39..c2ccb49b49c2 100644 --- a/arch/x86/kernel/cpu/mshyperv.c +++ b/arch/x86/kernel/cpu/mshyperv.c @@ -295,6 +295,16 @@ static void __init hv_smp_prepare_cpus(unsigned int max_cpus) native_smp_prepare_cpus(max_cpus); + /* + * Override wakeup_secondary_cpu_64 callback for SEV-SNP + * enlightened guest. + */ + if (hv_isolation_type_en_snp()) + apic->wakeup_secondary_cpu_64 = hv_snp_boot_ap; + + if (!hv_root_partition) + return; + #ifdef CONFIG_X86_64 for_each_present_cpu(i) { if (i == 0) @@ -502,8 +512,7 @@ static void __init ms_hyperv_init_platform(void) # ifdef CONFIG_SMP smp_ops.smp_prepare_boot_cpu = hv_smp_prepare_boot_cpu; - if (hv_root_partition) - smp_ops.smp_prepare_cpus = hv_smp_prepare_cpus; + smp_ops.smp_prepare_cpus = hv_smp_prepare_cpus; # endif /* diff --git a/include/asm-generic/hyperv-tlfs.h b/include/asm-generic/hyperv-tlfs.h index f4e4cc4f965f..fdac4a1714ec 100644 --- a/include/asm-generic/hyperv-tlfs.h +++ b/include/asm-generic/hyperv-tlfs.h @@ -223,6 +223,7 @@ enum HV_GENERIC_SET_FORMAT { #define HV_STATUS_INVALID_PORT_ID 17 #define HV_STATUS_INVALID_CONNECTION_ID 18 #define HV_STATUS_INSUFFICIENT_BUFFERS 19 +#define HV_STATUS_TIME_OUT 120 #define HV_STATUS_VTL_ALREADY_ENABLED 134 /* From patchwork Thu Aug 10 16:04:11 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tianyu Lan X-Patchwork-Id: 134103 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b824:0:b0:3f2:4152:657d with SMTP id z4csp543607vqi; Thu, 10 Aug 2023 09:38:50 -0700 (PDT) X-Google-Smtp-Source: AGHT+IESA7RGHOUSjpnRyvz/1NBd7Z5JqoR+SYMg8qVdWvlkJuXDg/x2bomDVnD+DVu6Ejs/Qr4Y X-Received: by 2002:a17:903:1248:b0:1bb:7d2f:7c19 with SMTP id u8-20020a170903124800b001bb7d2f7c19mr3327353plh.64.1691685529717; Thu, 10 Aug 2023 09:38:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691685529; cv=none; d=google.com; s=arc-20160816; b=BrL02MyD7A4QrPOF4g6FZqBI+Nj/cOTX3IuFAUpHyherl/ENqvvdV65ZXsT267eP1V TmouY8BNXztUv/Yebt6sDt1JzefoJ4WT2SNJlWhkfTe0iRsbnZeILUyPLHW6LJOUTIQA fZ8yAFuiE4x+HN9S+6FV1L7+4A5O5oJegWtnVxV5q2d0Qfik6/116lunBnpLH0IB6471 7vIP2tFyJmmdl5uXEOIcWO7hSH0PQnwaDNK69QpTe0IpXfVKFSra5NSIkLZZFQQfOOc1 xTOhMYgYbZgU+KVlhaeqelE55HNO5eN3bRPKUxILR9bEPQI0zaOcS2nOxyaDQu6AQymZ MIFg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Oyq9KI3NurUC1G8S0DuY90VVqt2QiudPjei5bx+xe8I=; fh=TxLVtSsj0Yk+bstPG6ly04YaPbvjOFEmGNSQ8sZkNQc=; b=VRNH/ijxbjyzJfZG+0vukgn/4bfIssCIs35rRLK4+w9JTbBRgN5Bg7L6uqb99TWg9m 3U5DNf2y7SVQILTcimWZUd2gLL/EXPhASQfFG1thY0+qqErw8+Rxyez8w0kpngMyNjdc 7W1zYIgoL/gOCYwXxuPpJtJ/vWyO//8Y8ckNKBpSWaSdUKWGPYJXxXHj7tJ/JKyjSFSz HtVcCFX+HkTZgzSGfJVv9f0p7ugga5U7f+XJTUUZ4jnCEfbEw6XoadJOX686icRRE60o uvx6hu0/1eJrYkSAdubcdSMBCtX/KDt2LiU8Q1xQlO13U6vWVfeXqd2OOull5gNjJujv ET6g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=OzwLYJDB; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id ik29-20020a170902ab1d00b001b9e9edea43si1708705plb.552.2023.08.10.09.38.27; Thu, 10 Aug 2023 09:38:49 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=OzwLYJDB; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236655AbjHJQNL (ORCPT + 99 others); Thu, 10 Aug 2023 12:13:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45274 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236556AbjHJQNE (ORCPT ); Thu, 10 Aug 2023 12:13:04 -0400 Received: from mail-pl1-x629.google.com (mail-pl1-x629.google.com [IPv6:2607:f8b0:4864:20::629]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2E7352703; Thu, 10 Aug 2023 09:04:45 -0700 (PDT) Received: by mail-pl1-x629.google.com with SMTP id d9443c01a7336-1bbf8cb694aso9441665ad.3; Thu, 10 Aug 2023 09:04:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1691683478; x=1692288278; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Oyq9KI3NurUC1G8S0DuY90VVqt2QiudPjei5bx+xe8I=; b=OzwLYJDBajWtJkd2M3jwwzEWK28bhXxlwnwqBRIBLdtT4DVYXxRwl66np/1CXRDtM7 XOfC3IbH+t/NJNTBRfJMgMbo2FFxptaC717HHYel7YjhvxnB39xBE9K/aQoNdA2GmACM J5w7LFnEqVGJJJSqhEycc1sXyUFFps8+zGNZUMmqhO8Wi7wMB8E1kUUuhysD0RO79gFj vf8ah+BiwsCOcW28UWj5IQJM4iNWymQfqBOmZDtmKSeqs0ANsGfJsF5fpWpxkQ+Efboq gKULvGBR+8q4QDtX7cUVQuHNJRFof9C7TdWxyrO7cbKIXrH/jBKiLrcGq/YIXXcOx2ga Kw9A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691683478; x=1692288278; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Oyq9KI3NurUC1G8S0DuY90VVqt2QiudPjei5bx+xe8I=; b=UpLCvtMJx7ZIAZAGvDfp0SkgwGGdPFfkum3WRKc8fKsWIPeZAq5yGKj/mccp1Iy+Q5 Uiy7WQ5L2ZiIsKzGzYiRKDDzqmmyGzUhcIaH28ZnNd68LZOEEUfiCSdlJnSJGNMm2EHI rsq9LmXRlyNCvt+6cfsoNEzA9DFAcTdwi/E8WPP1oSfw7WK+Ql6S41ic5awz+J2biASo E5yjbsMq2nEH5LGafiQPsICB22qiLjAhUqvfJYEnSE7NO7zfzOdQYTdzbZ7PNl305jC4 QJEscB37pkUoAqsAGy680QcM2PHdUW5TVUX/Q2HZNldGRVYfQ5oWzV3AbI5uXsL6JIXx lQdQ== X-Gm-Message-State: AOJu0YyqhCdE43bXdbYxqhtRwKd7kqwrXaFpLaMMv3E6+DOIJsZ1yKkG vpMQ8nKoVyjoaNiezTpNA2w= X-Received: by 2002:a17:902:8688:b0:1b9:c205:a876 with SMTP id g8-20020a170902868800b001b9c205a876mr2395865plo.29.1691683478550; Thu, 10 Aug 2023 09:04:38 -0700 (PDT) Received: from ubuntu-Virtual-Machine.corp.microsoft.com ([2001:4898:80e8:0:c620:2003:6c97:8057]) by smtp.gmail.com with ESMTPSA id r4-20020a1709028bc400b001b895a17429sm1948821plo.280.2023.08.10.09.04.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 10 Aug 2023 09:04:35 -0700 (PDT) From: Tianyu Lan To: kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, decui@microsoft.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, daniel.lezcano@linaro.org, arnd@arndb.de, michael.h.kelley@microsoft.com Cc: Tianyu Lan , linux-arch@vger.kernel.org, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, vkuznets@redhat.com, Michael Kelley Subject: [PATCH V5 8/8] x86/hyperv: Add hyperv-specific handling for VMMCALL under SEV-ES Date: Thu, 10 Aug 2023 12:04:11 -0400 Message-Id: <20230810160412.820246-9-ltykernel@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230810160412.820246-1-ltykernel@gmail.com> References: <20230810160412.820246-1-ltykernel@gmail.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773860846068613594 X-GMAIL-MSGID: 1773860846068613594 From: Tianyu Lan Add Hyperv-specific handling for faults caused by VMMCALL instructions. Reviewed-by: Michael Kelley Signed-off-by: Tianyu Lan Reviewed-by: Dexuan Cui --- arch/x86/kernel/cpu/mshyperv.c | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/arch/x86/kernel/cpu/mshyperv.c b/arch/x86/kernel/cpu/mshyperv.c index c2ccb49b49c2..b7d73f3107c6 100644 --- a/arch/x86/kernel/cpu/mshyperv.c +++ b/arch/x86/kernel/cpu/mshyperv.c @@ -32,6 +32,7 @@ #include #include #include +#include /* Is Linux running as the root partition? */ bool hv_root_partition; @@ -574,6 +575,22 @@ static bool __init ms_hyperv_msi_ext_dest_id(void) return eax & HYPERV_VS_PROPERTIES_EAX_EXTENDED_IOAPIC_RTE; } +#ifdef CONFIG_AMD_MEM_ENCRYPT +static void hv_sev_es_hcall_prepare(struct ghcb *ghcb, struct pt_regs *regs) +{ + /* RAX and CPL are already in the GHCB */ + ghcb_set_rcx(ghcb, regs->cx); + ghcb_set_rdx(ghcb, regs->dx); + ghcb_set_r8(ghcb, regs->r8); +} + +static bool hv_sev_es_hcall_finish(struct ghcb *ghcb, struct pt_regs *regs) +{ + /* No checking of the return state needed */ + return true; +} +#endif + const __initconst struct hypervisor_x86 x86_hyper_ms_hyperv = { .name = "Microsoft Hyper-V", .detect = ms_hyperv_platform, @@ -581,4 +598,8 @@ const __initconst struct hypervisor_x86 x86_hyper_ms_hyperv = { .init.x2apic_available = ms_hyperv_x2apic_available, .init.msi_ext_dest_id = ms_hyperv_msi_ext_dest_id, .init.init_platform = ms_hyperv_init_platform, +#ifdef CONFIG_AMD_MEM_ENCRYPT + .runtime.sev_es_hcall_prepare = hv_sev_es_hcall_prepare, + .runtime.sev_es_hcall_finish = hv_sev_es_hcall_finish, +#endif };