From patchwork Fri Jan 26 22:15:54 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom Lendacky X-Patchwork-Id: 192802 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:2395:b0:106:343:edcb with SMTP id gw21csp180577dyb; Fri, 26 Jan 2024 14:17:04 -0800 (PST) X-Google-Smtp-Source: AGHT+IFsLz5r7hSSg4iAB7hN5x+uKKvkmhaA49yc7nSf6pTVQiIof+HrTz4Z4YKvo6PYmMNIwnfr X-Received: by 2002:a05:622a:1047:b0:42a:8aa4:49b0 with SMTP id f7-20020a05622a104700b0042a8aa449b0mr171252qte.81.1706307424659; Fri, 26 Jan 2024 14:17:04 -0800 (PST) Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id a11-20020ac85b8b000000b0042a253b9c2csi2051499qta.771.2024.01.26.14.17.04 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 26 Jan 2024 14:17:04 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-40738-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b="pN/q8/gr"; arc=fail (signature failed); spf=pass (google.com: domain of linux-kernel+bounces-40738-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-40738-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 679051C22CC6 for ; Fri, 26 Jan 2024 22:17:04 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id DAB99250F9; Fri, 26 Jan 2024 22:16:27 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="pN/q8/gr" Received: from NAM02-BN1-obe.outbound.protection.outlook.com (mail-bn1nam02on2074.outbound.protection.outlook.com [40.107.212.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D59B233CE7 for ; Fri, 26 Jan 2024 22:16:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.212.74 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706307383; cv=fail; b=ck58eHFYDW8CNkfL7Y7FnHIWnXkGKAE+FBMXpbpTnQqLuWj67w0jn/kUusi1kjFiLvF9sBe1btMnP5Pkq5m0gE77Ngnk0uZ8WRKbJI4b0UrxfH2Gtuh1Q+K3LnNse+HlPvYNNOMZn9XR4RiIyDTnHZRn1L/iHOzcZaLtMgUpPX4= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706307383; c=relaxed/simple; bh=rWIaZbHfpPkeXJqrlBlU26fGAMwT41Pfw0C5/YCwncE=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=kakBntJgUzhUPgMz757Ddw1hqGrISzTmwEAq8OKSmONpbgTdneYHoDWu6ztXd+9ACCFwfi0KVoLHpzn7bvgNRyQ7SSod2XK+2acSsDS/bsjYyUdHN/6ub5JmWSMemF13vgD8Fn4MWaPS1yqqp1+9h+A7iSfPRTse/XtC1E6ipv4= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=pN/q8/gr; arc=fail smtp.client-ip=40.107.212.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=TyaVkhVKgTLoh80+wvFWyqUAPOferwCDCHx6x79HoBeK6uWZt8MKfXVb5DuSaL8yOraaUFmFv0H0N2KcTNFKjSlZPtDDsSEMzNGPybMASg8cc3p8slzeChE8jAIo3NZqunCKabz+HvXH4hs7YkpP/K37ifiShxAIJSOIwMOqH4dsw0+r50HOqP6yzZ0Hdf2yP0rCNMi80OGmR1fj2JomSh4GngFipvxT26BY1AMd5K0Sai7g+Xwk0uQ8QPwXyOhO3tzlcJq8323sszmyTfgus9Yss1WBAJ2BFxtypQ1nvja8641+8CxayDhPKt1GXXondO+xdSKtCQaM73q9xe7oPg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=bZL/FEcAwKOrsFhtrSsNHfv0bAdLs+1yCZPr+pScf+8=; b=Q+CYFEUgkilZ31nWlSI2NgD59nbv2kn806b46I9MT1xrBZ09pz32MuuJYv8hUgSAaSpsOU1yWJOunt3sjjxVzJTPjm88i985w9Qq7EdjMX5lJHQ301WJd0eReEg1LmhQCwHXp0Uo8N3K8iLo5gokiu24z3/WrhkIT1RNoP4pJOyPFymyiGvML0c2X67OADNm/etbHf5wmEdLIsVMJfhw2eKhKDUJQ2z0hnS82p8IVYVYrCHPtqOfNzWyWo/IPJ4aA0sWopqoGNYIMFhkB6iJBnhy/L9dQgaLZow1yQNnn/BRC9NNZiTFReRjfqllvMeLC4ayZx6t5Cf9h6EDQkjVOA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=bZL/FEcAwKOrsFhtrSsNHfv0bAdLs+1yCZPr+pScf+8=; b=pN/q8/grXHgNldaNOsGaRqbbpEFTivX23IposFsgr91VdCy19jsiaeGl0ow/S3sAPED+nZKocyaO70ZEfKBbPZquYYSQSFAISoZ3sguq7ZFu+WXoGgzefbhtQxX6oVoljZSz6B1Y5uLdnhrO5NLKP9zY8415R+wzhMJF3EtjO+M= Received: from CH0P221CA0039.NAMP221.PROD.OUTLOOK.COM (2603:10b6:610:11d::21) by CH2PR12MB4264.namprd12.prod.outlook.com (2603:10b6:610:a4::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.22; Fri, 26 Jan 2024 22:16:19 +0000 Received: from DS2PEPF0000343C.namprd02.prod.outlook.com (2603:10b6:610:11d:cafe::c4) by CH0P221CA0039.outlook.office365.com (2603:10b6:610:11d::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.27 via Frontend Transport; Fri, 26 Jan 2024 22:16:19 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DS2PEPF0000343C.mail.protection.outlook.com (10.167.18.39) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7228.16 via Frontend Transport; Fri, 26 Jan 2024 22:16:19 +0000 Received: from tlendack-t1.amdoffice.net (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Fri, 26 Jan 2024 16:16:17 -0600 From: Tom Lendacky To: , CC: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Andy Lutomirski , "Peter Zijlstra" , Dan Williams , Michael Roth , Ashish Kalra Subject: [PATCH 01/11] x86/sev: Rename snp_init() in the boot/compressed/sev.c file Date: Fri, 26 Jan 2024 16:15:54 -0600 Message-ID: <98db05934aa2d12e7df4e34ca33309b1aa8c0284.1706307364.git.thomas.lendacky@amd.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PEPF0000343C:EE_|CH2PR12MB4264:EE_ X-MS-Office365-Filtering-Correlation-Id: f9baba13-2239-457a-456e-08dc1ebc6bd6 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: nWT2oII6DHCnkrE+cje4k1q/4S1G4V3N305kuXJBVJ7gZ3DHzMAxw16yYeOoJHZsy6lHGXZZv9IIFKHi24RdkXn00eJFe6o90xEgJE6fn64dWn6LqdFUSnIPHPY1/h4XZIl9OsiLxJVehgiSBfc/32g4Au1vIgTlViVU12hAflo/ScR3H9DMTzuctU1xwkxLIg80FIlUO2yFzS5mkIz47i+RvW1trlLAW+7X8dLS+zl3KRbpkZ21OWyvdUsqQMjW93mT+VUF0OkE2grl4LsJDXSccFFVkgW8rhPl8pUcqoRXmBFj7uD/ucJOZJfZTWFPDsi0YK786kMM207YRqOfxaN2I6hSRYDWRacQgwR+QfM00aCzet7+Y6lZn2J0P6alqezAi0SYcLbwW9EjXXl7ocQee7WGAXBXcbyRVZHj9b/pgV2cxaolFuNyNNrs91BghieP3cEHOEcaox9jKgo00TS6ymM4dZeI8xLcbLUXO8QR2S4SoFfOGup/98xYFIHE2qJfDZ13b7AexCOjm2pDNZ8redM+1QtNtW/LY3uWD1ihtKpfw1on+Cb2oxwF8u/5IovXIeSQ74OSKXwDsP/HnQXZTHcXD5CqOnErMUi2sLUftAPJjD7Yqg2C4sDr92NMnyBSJFsqKbDjSFUmPq/FH7IzNx+EKNjYFcwdGMNSp4GcmOmSAqMJHVwJs8nmhJxBDbnTthWNlnI6KvKoBtanXKiwolGOA9RaJ88XFSWDjTxU4YZn+5p1jQqB/x6kuvuDAmdq67k18QLK6fG9a1ahyw== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(376002)(136003)(346002)(396003)(230922051799003)(451199024)(82310400011)(186009)(64100799003)(1800799012)(46966006)(36840700001)(40470700004)(40460700003)(40480700001)(36756003)(83380400001)(110136005)(86362001)(356005)(82740400003)(81166007)(47076005)(36860700001)(16526019)(2616005)(26005)(336012)(426003)(41300700001)(2906002)(6666004)(316002)(70586007)(70206006)(54906003)(478600001)(5660300002)(4326008)(8936002)(7416002)(8676002)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Jan 2024 22:16:19.0720 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f9baba13-2239-457a-456e-08dc1ebc6bd6 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS2PEPF0000343C.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB4264 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1789193014062141887 X-GMAIL-MSGID: 1789193014062141887 The snp_init() function is local to the boot/compressed/sev.c file and is not called from outside of the file. Change the name so that it is not tied to the function definition in arch/x86/include/asm/sev.h. Move the renamed snp_init() and related functions up in the file to avoid having to add a forward declaration and make the function static, too. This will allow the snp_init() function in arch/x86/kernel/sev.c to be changed without having to make the same change in boot/compressed/sev.c. Signed-off-by: Tom Lendacky --- arch/x86/boot/compressed/sev.c | 162 ++++++++++++++++----------------- 1 file changed, 81 insertions(+), 81 deletions(-) diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c index 454acd7a2daf..c3030cfb6484 100644 --- a/arch/x86/boot/compressed/sev.c +++ b/arch/x86/boot/compressed/sev.c @@ -405,6 +405,85 @@ void snp_check_features(void) } } +/* Search for Confidential Computing blob in the EFI config table. */ +static struct cc_blob_sev_info *find_cc_blob_efi(struct boot_params *bp) +{ + unsigned long cfg_table_pa; + unsigned int cfg_table_len; + int ret; + + ret = efi_get_conf_table(bp, &cfg_table_pa, &cfg_table_len); + if (ret) + return NULL; + + return (struct cc_blob_sev_info *)efi_find_vendor_table(bp, cfg_table_pa, + cfg_table_len, + EFI_CC_BLOB_GUID); +} + +/* + * Initial set up of SNP relies on information provided by the + * Confidential Computing blob, which can be passed to the boot kernel + * by firmware/bootloader in the following ways: + * + * - via an entry in the EFI config table + * - via a setup_data structure, as defined by the Linux Boot Protocol + * + * Scan for the blob in that order. + */ +static struct cc_blob_sev_info *find_cc_blob(struct boot_params *bp) +{ + struct cc_blob_sev_info *cc_info; + + cc_info = find_cc_blob_efi(bp); + if (cc_info) + goto found_cc_info; + + cc_info = find_cc_blob_setup_data(bp); + if (!cc_info) + return NULL; + +found_cc_info: + if (cc_info->magic != CC_BLOB_SEV_HDR_MAGIC) + sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SNP_UNSUPPORTED); + + return cc_info; +} + +/* + * Indicate SNP based on presence of SNP-specific CC blob. Subsequent checks + * will verify the SNP CPUID/MSR bits. + */ +static bool snp_setup(struct boot_params *bp) +{ + struct cc_blob_sev_info *cc_info; + + if (!bp) + return false; + + cc_info = find_cc_blob(bp); + if (!cc_info) + return false; + + /* + * If a SNP-specific Confidential Computing blob is present, then + * firmware/bootloader have indicated SNP support. Verifying this + * involves CPUID checks which will be more reliable if the SNP + * CPUID table is used. See comments over snp_setup_cpuid_table() for + * more details. + */ + setup_cpuid_table(cc_info); + + /* + * Pass run-time kernel a pointer to CC info via boot_params so EFI + * config table doesn't need to be searched again during early startup + * phase. + */ + bp->cc_blob_address = (u32)(unsigned long)cc_info; + + return true; +} + /* * sev_check_cpu_support - Check for SEV support in the CPU capabilities * @@ -455,7 +534,7 @@ void sev_enable(struct boot_params *bp) bp->cc_blob_address = 0; /* - * Do an initial SEV capability check before snp_init() which + * Do an initial SEV capability check before snp_setup() which * loads the CPUID page and the same checks afterwards are done * without the hypervisor and are trustworthy. * @@ -470,7 +549,7 @@ void sev_enable(struct boot_params *bp) * Setup/preliminary detection of SNP. This will be sanity-checked * against CPUID/MSR values later. */ - snp = snp_init(bp); + snp = snp_setup(bp); /* Now repeat the checks with the SNP CPUID table. */ @@ -527,85 +606,6 @@ u64 sev_get_status(void) return m.q; } -/* Search for Confidential Computing blob in the EFI config table. */ -static struct cc_blob_sev_info *find_cc_blob_efi(struct boot_params *bp) -{ - unsigned long cfg_table_pa; - unsigned int cfg_table_len; - int ret; - - ret = efi_get_conf_table(bp, &cfg_table_pa, &cfg_table_len); - if (ret) - return NULL; - - return (struct cc_blob_sev_info *)efi_find_vendor_table(bp, cfg_table_pa, - cfg_table_len, - EFI_CC_BLOB_GUID); -} - -/* - * Initial set up of SNP relies on information provided by the - * Confidential Computing blob, which can be passed to the boot kernel - * by firmware/bootloader in the following ways: - * - * - via an entry in the EFI config table - * - via a setup_data structure, as defined by the Linux Boot Protocol - * - * Scan for the blob in that order. - */ -static struct cc_blob_sev_info *find_cc_blob(struct boot_params *bp) -{ - struct cc_blob_sev_info *cc_info; - - cc_info = find_cc_blob_efi(bp); - if (cc_info) - goto found_cc_info; - - cc_info = find_cc_blob_setup_data(bp); - if (!cc_info) - return NULL; - -found_cc_info: - if (cc_info->magic != CC_BLOB_SEV_HDR_MAGIC) - sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SNP_UNSUPPORTED); - - return cc_info; -} - -/* - * Indicate SNP based on presence of SNP-specific CC blob. Subsequent checks - * will verify the SNP CPUID/MSR bits. - */ -bool snp_init(struct boot_params *bp) -{ - struct cc_blob_sev_info *cc_info; - - if (!bp) - return false; - - cc_info = find_cc_blob(bp); - if (!cc_info) - return false; - - /* - * If a SNP-specific Confidential Computing blob is present, then - * firmware/bootloader have indicated SNP support. Verifying this - * involves CPUID checks which will be more reliable if the SNP - * CPUID table is used. See comments over snp_setup_cpuid_table() for - * more details. - */ - setup_cpuid_table(cc_info); - - /* - * Pass run-time kernel a pointer to CC info via boot_params so EFI - * config table doesn't need to be searched again during early startup - * phase. - */ - bp->cc_blob_address = (u32)(unsigned long)cc_info; - - return true; -} - void sev_prep_identity_maps(unsigned long top_level_pgt) { /* From patchwork Fri Jan 26 22:15:55 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom Lendacky X-Patchwork-Id: 192814 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:2395:b0:106:343:edcb with SMTP id gw21csp184048dyb; Fri, 26 Jan 2024 14:25:51 -0800 (PST) X-Google-Smtp-Source: AGHT+IE7qPyMptRG4cFi4ViqviqeWLil6vrgfsa2rn3f6abB52MgevgpPb+EkC0I8+hK5xYpbhIS X-Received: by 2002:a05:6a20:b911:b0:19a:6830:2394 with SMTP id fe17-20020a056a20b91100b0019a68302394mr361501pzb.90.1706307950967; Fri, 26 Jan 2024 14:25:50 -0800 (PST) Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161]) by mx.google.com with ESMTPS id p29-20020a63741d000000b005cdf8b4d2fesi1720498pgc.747.2024.01.26.14.25.50 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 26 Jan 2024 14:25:50 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-40739-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) client-ip=147.75.48.161; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=AyHW7+Gv; arc=fail (signature failed); spf=pass (google.com: domain of linux-kernel+bounces-40739-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-40739-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 390CCB25446 for ; Fri, 26 Jan 2024 22:17:23 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 3AC0045968; Fri, 26 Jan 2024 22:16:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="AyHW7+Gv" Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2062.outbound.protection.outlook.com [40.107.243.62]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F3BFE45967 for ; Fri, 26 Jan 2024 22:16:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.243.62 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706307391; cv=fail; b=biZlWqJX+lHqng0P3S2C21dRl6Dtx7hd4XB3arit/O9sbMNHwnuXaR7K9FIKEaLSjsBhFeVK7xMEf+WEEJpH6mcji4yYBFOilboXaBd0Ul90HjV0ZWTAmenYi05BNeHkaihOfumM69hV3mLTPwMsNJm+EMU9/zZhLr3CNCGjWMw= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706307391; c=relaxed/simple; bh=i2Fi68z3YfGPRkY/+5XcHWtsnjVdh0vbFoAlDggqqS4=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=e8dcYFMoTrIe8udCJQDGUbb9rJkXrf9CH2KiHfAeZG71JmrentYo5N/sXbgeBv0lUVZ8Et8o+pgks2nX9TDhsR6BJ0PDBwU3IeDqSpkq0R9ft0wYMu0b1wZx6RxhaEJwMQ1cwi+3x4QqmUH6nDStGNOEi+5LDwNZephcz1lg5NU= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=AyHW7+Gv; arc=fail smtp.client-ip=40.107.243.62 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VF4U8tH1Tdk2N7+kDowYXNfGGsi1TAc4RPPWKpixt63sr5ZIvBUW4GSMTblbknqym4nTKp0jP3iu7QnNCvhSrJSzWsJITTLB4fE4xtGCbB2UycmXjZd80vDwitUE9wB0Dbc0rfBxpFrpW4ocDeQeFdE0p1oTCECrzzE1dirrCJC+5gFtzJRKGzA70/CjWAjSOqNMxdKpdXvx9rnVQE5tR6elBDEPROQrmXGV8jPtTzIxIC2ZrNFTJUgxuCfLFFC6idc0hYAuOnDxwAoEDC0a516Wqev1NP0FVqBNXdjmAjQDY5LOKYCKIvltsG18dl+U35ib3d7TtjMFGqx75mR9Jw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=9HcNYUneSi2t4u4aCe0j4mkp1AeoTuPw8mskIMrEw+I=; b=BVl6Q9Duv8T0WVI7WXtXCkJ2x7H9fWU0DFXsPKPgW7PrDOICHDKtf+fg28AK2BbsUmquX59W7yc25+mVaSggnBNJilDhDByDMFQ2GQc5shu3qc57je2OuGCQJm34V2xczDrTtzfg3nAYSbk8OkLEV6gpP1U0RoMh0lREgIDvx0YW3zxfl3xZGPFSqSijebTW0RND7UaHPphS49w6MknRkPTpO3uN+KrNQJ4WdJkZR4dEZhUHgx0hbc/NMx0u+yyImu5bu5C+/Egzp5nb3lNo5+9timUNTzji/4Y58V4xY/TaYBePCnJLVzhF7bxJ71rbEVqbkRasVjM73iBLf4zgiA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=9HcNYUneSi2t4u4aCe0j4mkp1AeoTuPw8mskIMrEw+I=; b=AyHW7+Gva9Ywd7WVB2OdSf2pbUOKkXf5Hpc2ycVnm2ZZE+GGS8+ZiwsfJWx23U73rdpwQS8IR4/YBqyPFsVBOJBkF9kl2zlcBc2c2MAB+yvefAjERt9mIIkAwlYAq9oaEimtBPY6kUIz3/nzJc44aHTlDyOSGberFlsjtDF7eEs= Received: from SJ0PR13CA0001.namprd13.prod.outlook.com (2603:10b6:a03:2c0::6) by IA1PR12MB7614.namprd12.prod.outlook.com (2603:10b6:208:429::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.27; Fri, 26 Jan 2024 22:16:26 +0000 Received: from DS2PEPF0000343B.namprd02.prod.outlook.com (2603:10b6:a03:2c0:cafe::31) by SJ0PR13CA0001.outlook.office365.com (2603:10b6:a03:2c0::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7249.10 via Frontend Transport; Fri, 26 Jan 2024 22:16:25 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DS2PEPF0000343B.mail.protection.outlook.com (10.167.18.38) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7228.16 via Frontend Transport; Fri, 26 Jan 2024 22:16:25 +0000 Received: from tlendack-t1.amdoffice.net (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Fri, 26 Jan 2024 16:16:24 -0600 From: Tom Lendacky To: , CC: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Andy Lutomirski , "Peter Zijlstra" , Dan Williams , Michael Roth , Ashish Kalra Subject: [PATCH 02/11] x86/sev: Make the VMPL0 checking function more generic Date: Fri, 26 Jan 2024 16:15:55 -0600 Message-ID: <69c954113a51e3a152c9f5308017c13441f29911.1706307364.git.thomas.lendacky@amd.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PEPF0000343B:EE_|IA1PR12MB7614:EE_ X-MS-Office365-Filtering-Correlation-Id: 9f729a70-d994-4e82-524d-08dc1ebc6fd6 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: xISJTX+AHB6gSKFTPknlpxAHYl95kJ+GfWYS03bmAM7j7VSVn8XAKvQGLTmymgSK/glTpN6muxm/5PxXTpVUvKC2+pm/J9U83Sx6kfK/s/GGNwwVKntKaVNgrrHkGSTGNr2hixbrB4NgsE1FdKCpUHoGMnsZfVWMH8JfGKbYgW3WZILiKTkVUs3q8O+TM21f0hUgJ92Px03Ak0jjl5i0Uk83Hp+/gqTSBmu3XaGWq1ZihXCdZgM0mXOVGzdFuKkEChCwYv0/GB2C8dI/deV43TNFcds50ABa9YJoS/WOtnn3IsIS0SnL3BhLuxeUEXWGsyOoxYeQcUFitARloklfkjX3MTDKdjPuURX6b9G+h0uAWsx3g1hbvkJJLi1pKVYbVe7yz1xpmr9uRULPPp8qrs3Y4StJ46pqUVYEJeVEPpCHvTOeueopV38Sg/LCUnESYL5gkMasDNn+4KJaH8c8p6/SJXnXt1vsELv7LMIZi5siT0S8ZzER/+sUiYhoZTDSXTYNT6R9FeIJzq4XTzIQDSqd6bH+bDGa4zBiEyfLQwQYOYx+Zq6CphDk6pX2OwbY5ZllsVqq9KnuA/TMo7WbwFW+ett6r1ZQRbpid7x7bPecfqxDunKc8HSRRKb7lHd7yTwvos4/n6/ijathHkSS9ZhcH9jq8VyN4ihLdxW5Clhps1oM4Y3LQXu7GwDExnkGDrS81RsU0spT0u0FDzHYkHznNmWlW5umoZus3uZFzT5Ls0zsJ81jimqjUsBzKuRxHFRTQt+ocnSaWccw8lZnT+d5upFe5fhf/wquiXoi75k= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(376002)(396003)(346002)(136003)(39860400002)(230922051799003)(451199024)(82310400011)(186009)(64100799003)(1800799012)(40470700004)(36840700001)(46966006)(54906003)(110136005)(81166007)(70206006)(316002)(70586007)(8676002)(36756003)(8936002)(82740400003)(356005)(40460700003)(40480700001)(86362001)(6666004)(478600001)(47076005)(36860700001)(26005)(2616005)(4326008)(2906002)(41300700001)(7416002)(5660300002)(426003)(83380400001)(16526019)(336012)(41533002)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Jan 2024 22:16:25.7988 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 9f729a70-d994-4e82-524d-08dc1ebc6fd6 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS2PEPF0000343B.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA1PR12MB7614 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1789193566015137073 X-GMAIL-MSGID: 1789193566015137073 Currently, the enforce_vmpl0() function uses a set argument when testing for VMPL0 and terminates the guest if the guest is not running at VMPL0. Make the function more generic by moving it into the common code, renaming it, allowing it to take an argument for use in the VMPL0 check (RMPADJUST instruction) and return the result of the check, allowing the caller to determine the action taken based on the result. Signed-off-by: Tom Lendacky --- arch/x86/boot/compressed/sev.c | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c index c3030cfb6484..c44fa52d2914 100644 --- a/arch/x86/boot/compressed/sev.c +++ b/arch/x86/boot/compressed/sev.c @@ -327,10 +327,9 @@ void do_boot_stage2_vc(struct pt_regs *regs, unsigned long exit_code) sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SEV_ES_GEN_REQ); } -static void enforce_vmpl0(void) +static bool running_at_vmpl0(void *va) { u64 attrs; - int err; /* * RMPADJUST modifies RMP permissions of a lesser-privileged (numerically @@ -339,12 +338,11 @@ static void enforce_vmpl0(void) * * If the guest is running at VMPL0, it will succeed. Even if that operation * modifies permission bits, it is still ok to do so currently because Linux - * SNP guests are supported only on VMPL0 so VMPL1 or higher permission masks - * changing is a don't-care. + * SNP guests running at VMPL0 only run at VMPL0, so VMPL1 or higher + * permission mask changes are a don't-care. */ attrs = 1; - if (rmpadjust((unsigned long)&boot_ghcb_page, RMP_PG_SIZE_4K, attrs)) - sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_NOT_VMPL0); + return !rmpadjust((unsigned long)va, RMP_PG_SIZE_4K, attrs); } /* @@ -580,7 +578,8 @@ void sev_enable(struct boot_params *bp) if (!(get_hv_features() & GHCB_HV_FT_SNP)) sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SNP_UNSUPPORTED); - enforce_vmpl0(); + if (!running_at_vmpl0(&boot_ghcb_page)) + sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_NOT_VMPL0); } if (snp && !(sev_status & MSR_AMD64_SEV_SNP_ENABLED)) From patchwork Fri Jan 26 22:15:56 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom Lendacky X-Patchwork-Id: 192803 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:2395:b0:106:343:edcb with SMTP id gw21csp180844dyb; Fri, 26 Jan 2024 14:17:46 -0800 (PST) X-Google-Smtp-Source: AGHT+IFWldiX1s517eitpFrwpKKGcJ3uyrHyOGHLf3zMdeksju+evy3uaAFgfO2XTF9KTM4yfX3n X-Received: by 2002:a05:620a:4143:b0:783:e159:ec1 with SMTP id k3-20020a05620a414300b00783e1590ec1mr667715qko.55.1706307466719; Fri, 26 Jan 2024 14:17:46 -0800 (PST) Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id u18-20020a05620a431200b007832366f885si2475779qko.224.2024.01.26.14.17.46 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 26 Jan 2024 14:17:46 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-40740-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=CNhGzjZm; arc=fail (signature failed); spf=pass (google.com: domain of linux-kernel+bounces-40740-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-40740-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 763A61C21F38 for ; Fri, 26 Jan 2024 22:17:46 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 6A49F481D6; Fri, 26 Jan 2024 22:16:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="CNhGzjZm" Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2089.outbound.protection.outlook.com [40.107.220.89]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2D22A45C0D for ; Fri, 26 Jan 2024 22:16:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.220.89 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706307400; cv=fail; b=poSmwpxqcSXrWBe99GvOIdVxbDPVW5oFdl5HmgUhsHFiOUJVR4pyIZB8QH9/CguD11cwTqLPSqDUtshDb7uPgBD0OraIbyoOIPPr+LkMH2Y9uvjWhF8bK6rrXirXU6ZDjNjM/ngIVZ4FwS1BKQyoUOU1+M4qWaAM0YqYnnidtwk= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706307400; c=relaxed/simple; bh=pvR9fQWUOImS51FhVQRU+xcGU/pl3Q4BluYPBNhmXgA=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=ftc4EBoL9o2V+AdnNAQelv3tYXZz4wCssZwQM2GRBoH8NN/RZBJxBILBpqiLUkZiCvEEqxWm7ruCqw8zFu5mx5aBu3KTXckQWV1fo002jO9FBufVok1h9VJ0dRca1icokXMXtqrh81Vr5ZrV5pXQOjYgTOY0x2lCOtVPNZFiXAA= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=CNhGzjZm; arc=fail smtp.client-ip=40.107.220.89 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hmaQ0SfVvxgoL0k3Ymv3qd0gPyelwZRzLCGQBdfJRobhkaZlQ0Ni22s0nCB3wqOwdpjwmj8k83HEA79blIWhfv57FPrJl2mg6KDLteHjiqq25mbDtdcmEa4uxqLObKvY94oeKC9Qij70MtcWgG60nqXU2vwRUnmvbLQ0WheDYTxPAZwF6xsYx5wQgCRFrz/xy8uboVMaMORLl22agidb9fDIn2BfqNM7W9QISxZiWaClsRQj19LnmU6E0sa4AZG+u81/Mr8X6V9LQXca3Oz94TFtfhKZJaScMPrKYbadBq56u/CFyK+tCCWsCHEw7w/snxO5Kdu/z2WEYbBcwQ46sA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=xSLugvkcOil97t6MP3bxL1boJ/lRFI+I0MLgG2nrOng=; b=F1ZPtouFWIzH1V2Q9x/5EzU+9ezNXikzlzb6ghe4AkmLA6ZeAkXo5AVrJ9CH9zND2i1fNCcHFFLfaRPF2DNjBGx/cQpqChC6UyOt6WHIRMki7ZAKLYQjiLAMyK3kfaRPg7ldSwWfo61sRY2qRR7r1++HZ0zvoJuirtIKpj4gA5BjCvEOtD+j9mqg+VRDDfewgiExRcHCQmo4ZAPg5xzGIG0tEanT/7/mHwjmirV6omJwrJw8w9QD0xL8Sj2GbrpGWZfTX5CRN3fKtCrk46t2Cp3w9sx6F/yk2KsCFWSFhIx3AByBKkKl+dndGFoR2CTHTdQ03lYlr2FBEwxFjQ4lbA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xSLugvkcOil97t6MP3bxL1boJ/lRFI+I0MLgG2nrOng=; b=CNhGzjZm3qR+T+C7pjCJaxOxiCkgpXPG3TX0i4Jpksv1lYANnQwydC2d1UK2dXJI+mwJQhE2wqNYByLAKuhd4CEZmoGSHqhl3ya7bLaewkUhMQZCKhQs8aFRpVFYvNyXXtgs83OoKy0HhXtOCXt3dcLaysfr8kANsAEtUqDdosk= Received: from DS0PR17CA0020.namprd17.prod.outlook.com (2603:10b6:8:191::27) by IA1PR12MB6482.namprd12.prod.outlook.com (2603:10b6:208:3a9::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.27; Fri, 26 Jan 2024 22:16:33 +0000 Received: from DS2PEPF0000343E.namprd02.prod.outlook.com (2603:10b6:8:191:cafe::fc) by DS0PR17CA0020.outlook.office365.com (2603:10b6:8:191::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.26 via Frontend Transport; Fri, 26 Jan 2024 22:16:33 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DS2PEPF0000343E.mail.protection.outlook.com (10.167.18.41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7228.16 via Frontend Transport; Fri, 26 Jan 2024 22:16:32 +0000 Received: from tlendack-t1.amdoffice.net (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Fri, 26 Jan 2024 16:16:31 -0600 From: Tom Lendacky To: , CC: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Andy Lutomirski , "Peter Zijlstra" , Dan Williams , Michael Roth , Ashish Kalra Subject: [PATCH 03/11] x86/sev: Check for the presence of an SVSM in the SNP Secrets page Date: Fri, 26 Jan 2024 16:15:56 -0600 Message-ID: <190632a07a86c47e7269eeb4f44cdc358a19d696.1706307364.git.thomas.lendacky@amd.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PEPF0000343E:EE_|IA1PR12MB6482:EE_ X-MS-Office365-Filtering-Correlation-Id: c0ba4f19-d8be-421f-930f-08dc1ebc741a X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: HcXq6gIaW121rUtiPNPn8ChAxtg+oqCm007r7NFVFtlF9IDCpCgJbSmmZwWHDJVqNzgoarVQeG51EjkhfsHFk3nUUpZP4iOoHf+sa3Iudx88SLtxgQXfwHbVUmY/eaGtbwJbEjscJ9K59HfOOi4X9gPL6HU3hl/L2rLbTKJgKTuPZuNUiKGrv5QYwSMnKR4Q0EZJcKVkuDPGdPxA51wo1vikncLNYIOI1GA7GYhbPrwHVLjEQ81Wq9jyioIETWHDt3AFlqPWl3Zd8OYv8qzB2bNEGyvBo5IATSEtrrG6FeQde3YtLH1R4ZUpBY4uT0nts/1//jcZ8ocoDu2HZmPI0V/FGhdYoeGjTZMeWEOZfU9peKcTKwoDRjZN5efCjXQIfbOH7Hx6PugQ5mm1zXcnCyqWBUIzsQyaiw/iV3CkWhsqZlGlGHoYOJwn4UVqZVT4fFIq0piBkElFCy0mk7vz7EgcMhW8Y1zuORKicfU4XX2xzGvyc+sRCFawPWpbJhapUW9rdlobNhOYF4y0vq+sD/eKj9kdccj/xtbTjB8Kalymq8CS3ng4Sa5t9dxFBNnbzkNrun+UdjCPuWuHsMvpqKLys5WfAT50vz56ff6qGcVj9VYnc1Bcn+0nrcXqJ14iKPp6CoujYZCN76ukbh++ubKljVGEajEa/sWXS5Grm8m5qswa1hbAJ6gz3VJAzuEELhmg778SXi/n7kPb9xCpRx8Mp3M+USS0IAvmLRU2wKjN6YslJ1G9j0syMM2Q9V3WY998O3vEbrR6tW/iEebu8w== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(376002)(39860400002)(136003)(396003)(346002)(230922051799003)(186009)(1800799012)(64100799003)(82310400011)(451199024)(46966006)(40470700004)(36840700001)(36860700001)(2616005)(47076005)(83380400001)(356005)(5660300002)(16526019)(26005)(81166007)(82740400003)(336012)(40460700003)(40480700001)(426003)(6666004)(316002)(110136005)(86362001)(478600001)(4326008)(70206006)(54906003)(70586007)(8936002)(8676002)(36756003)(7416002)(41300700001)(2906002)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Jan 2024 22:16:32.9570 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: c0ba4f19-d8be-421f-930f-08dc1ebc741a X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS2PEPF0000343E.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA1PR12MB6482 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1789193058228399285 X-GMAIL-MSGID: 1789193058228399285 During early boot phases, check for the presence of an SVSM when running as an SEV-SNP guest. An SVSM is present if the 64-bit value at offset 0x148 into the secrets page is non-zero. If an SVSM is present, save the SVSM Calling Area address (CAA), located at offset 0x150 into the secrets page, and set the VMPL level of the guest, which should be non-zero, to indicate the presence of an SVSM. Signed-off-by: Tom Lendacky --- arch/x86/boot/compressed/sev.c | 35 ++++++++--------- arch/x86/include/asm/sev-common.h | 4 ++ arch/x86/include/asm/sev.h | 25 +++++++++++- arch/x86/kernel/sev-shared.c | 64 +++++++++++++++++++++++++++++++ arch/x86/kernel/sev.c | 16 ++++++++ 5 files changed, 125 insertions(+), 19 deletions(-) diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c index c44fa52d2914..5d2403914ceb 100644 --- a/arch/x86/boot/compressed/sev.c +++ b/arch/x86/boot/compressed/sev.c @@ -12,6 +12,7 @@ */ #include "misc.h" +#include #include #include #include @@ -28,6 +29,15 @@ static struct ghcb boot_ghcb_page __aligned(PAGE_SIZE); struct ghcb *boot_ghcb; +/* + * SVSM related information: + * When running under an SVSM, the VMPL that Linux is executing at must be + * non-zero. The VMPL is therefore used to indicate the presence of an SVSM. + */ +static u8 vmpl __section(".data"); +static u64 boot_svsm_caa_pa __section(".data"); +static struct svsm_ca *boot_svsm_caa __section(".data"); + /* * Copy a version of this function here - insn-eval.c can't be used in * pre-decompression code. @@ -327,24 +337,6 @@ void do_boot_stage2_vc(struct pt_regs *regs, unsigned long exit_code) sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SEV_ES_GEN_REQ); } -static bool running_at_vmpl0(void *va) -{ - u64 attrs; - - /* - * RMPADJUST modifies RMP permissions of a lesser-privileged (numerically - * higher) privilege level. Here, clear the VMPL1 permission mask of the - * GHCB page. If the guest is not running at VMPL0, this will fail. - * - * If the guest is running at VMPL0, it will succeed. Even if that operation - * modifies permission bits, it is still ok to do so currently because Linux - * SNP guests running at VMPL0 only run at VMPL0, so VMPL1 or higher - * permission mask changes are a don't-care. - */ - attrs = 1; - return !rmpadjust((unsigned long)va, RMP_PG_SIZE_4K, attrs); -} - /* * SNP_FEATURES_IMPL_REQ is the mask of SNP features that will need * guest side implementation for proper functioning of the guest. If any @@ -472,6 +464,13 @@ static bool snp_setup(struct boot_params *bp) */ setup_cpuid_table(cc_info); + /* + * Record the SVSM Calling Area address (CAA) if the guest is not + * running at VMPL0. The CA will be used to communicate with the + * SVSM to perform the SVSM services. + */ + setup_svsm_ca(cc_info); + /* * Pass run-time kernel a pointer to CC info via boot_params so EFI * config table doesn't need to be searched again during early startup diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index b463fcbd4b90..68a8cdf6fd6a 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -159,6 +159,10 @@ struct snp_psc_desc { #define GHCB_TERM_NOT_VMPL0 3 /* SNP guest is not running at VMPL-0 */ #define GHCB_TERM_CPUID 4 /* CPUID-validation failure */ #define GHCB_TERM_CPUID_HV 5 /* CPUID failure during hypervisor fallback */ +#define GHCB_TERM_SECRETS_PAGE 6 /* Secrets page failure */ +#define GHCB_TERM_NO_SVSM 7 /* SVSM is not advertised in the secrets page */ +#define GHCB_TERM_SVSM_VMPL0 8 /* SVSM is present but has set VMPL to 0 */ +#define GHCB_TERM_SVSM_CAA 9 /* SVSM is present but the CA is not page aligned */ #define GHCB_RESP_CODE(v) ((v) & GHCB_MSR_INFO_MASK) diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 5b4a1ce3d368..207c315041ba 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -137,9 +137,32 @@ struct snp_secrets_page_layout { u8 vmpck2[VMPCK_KEY_LEN]; u8 vmpck3[VMPCK_KEY_LEN]; struct secrets_os_area os_area; - u8 rsvd3[3840]; + + u8 vmsa_tweak_bitmap[64]; + + /* SVSM fields */ + u64 svsm_base; + u64 svsm_size; + u64 svsm_caa; + u32 svsm_max_version; + u8 svsm_guest_vmpl; + u8 rsvd3[3]; + + /* Remainder of page */ + u8 rsvd4[3744]; } __packed; +/* + * The SVSM Calling Area (CA) related structures. + */ +struct svsm_ca { + u8 call_pending; + u8 mem_available; + u8 rsvd1[6]; + + u8 svsm_buffer[PAGE_SIZE - 8]; +}; + #ifdef CONFIG_AMD_MEM_ENCRYPT extern void __sev_es_ist_enter(struct pt_regs *regs); extern void __sev_es_ist_exit(void); diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c index 1d24ec679915..99170f129eef 100644 --- a/arch/x86/kernel/sev-shared.c +++ b/arch/x86/kernel/sev-shared.c @@ -104,6 +104,24 @@ static void __noreturn sev_es_terminate(unsigned int set, unsigned int reason) asm volatile("hlt\n" : : : "memory"); } +static bool running_at_vmpl0(void *va) +{ + u64 attrs; + + /* + * RMPADJUST modifies RMP permissions of a lesser-privileged (numerically + * higher) privilege level. Here, clear the VMPL1 permission mask of the + * GHCB page. If the guest is not running at VMPL0, this will fail. + * + * If the guest is running at VMPL0, it will succeed. Even if that operation + * modifies permission bits, it is still ok to do so currently because Linux + * SNP guests running at VMPL0 only run at VMPL0, so VMPL1 or higher + * permission mask changes are a don't-care. + */ + attrs = 1; + return !rmpadjust((unsigned long)va, RMP_PG_SIZE_4K, attrs); +} + /* * The hypervisor features are available from GHCB version 2 onward. */ @@ -1170,3 +1188,49 @@ static int vmgexit_psc(struct ghcb *ghcb, struct snp_psc_desc *desc) out: return ret; } + +/* + * Maintain the GPA of the SVSM Calling Area (CA) in order to utilize the SVSM + * services needed when not runnuing in VMPL0. + */ +static void __init setup_svsm_ca(const struct cc_blob_sev_info *cc_info) +{ + struct snp_secrets_page_layout *secrets_page; + u64 caa; + + BUILD_BUG_ON(sizeof(*secrets_page) != PAGE_SIZE); + + /* + * Use __pa() since this routine is running identity mapped when + * called, both by the decompressor code and the early kernel code. + */ + if (running_at_vmpl0((void *)__pa(&boot_ghcb_page))) + return; + + /* + * Not running at VMPL0, ensure everything has been properly supplied + * for running under an SVSM. + */ + if (!cc_info || !cc_info->secrets_phys || cc_info->secrets_len != PAGE_SIZE) + sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_SECRETS_PAGE); + + secrets_page = (struct snp_secrets_page_layout *)cc_info->secrets_phys; + if (!secrets_page->svsm_size) + sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_NO_SVSM); + + if (!secrets_page->svsm_guest_vmpl) + sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_SVSM_VMPL0); + + vmpl = secrets_page->svsm_guest_vmpl; + + caa = secrets_page->svsm_caa; + if (!PAGE_ALIGNED(caa)) + sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_SVSM_CAA); + + /* + * The CA is identity mapped when this routine is called, both by the + * decompressor code and the early kernel code. + */ + boot_svsm_caa = (struct svsm_ca *)caa; + boot_svsm_caa_pa = caa; +} diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index c67285824e82..7066afaa8133 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -115,6 +115,15 @@ struct ghcb_state { static DEFINE_PER_CPU(struct sev_es_runtime_data*, runtime_data); static DEFINE_PER_CPU(struct sev_es_save_area *, sev_vmsa); +/* + * SVSM related information: + * When running under an SVSM, the VMPL that Linux is executing at must be + * non-zero. The VMPL is therefore used to indicate the presence of an SVSM. + */ +static u8 vmpl __ro_after_init; +static struct svsm_ca *boot_svsm_caa __ro_after_init; +static u64 boot_svsm_caa_pa __ro_after_init; + struct sev_config { __u64 debug : 1, @@ -2098,6 +2107,13 @@ bool __init snp_init(struct boot_params *bp) setup_cpuid_table(cc_info); + /* + * Record the SVSM Calling Area address (CAA) if the guest is not + * running at VMPL0. The CA will be used to communicate with the + * SVSM to perform the SVSM services. + */ + setup_svsm_ca(cc_info); + /* * The CC blob will be used later to access the secrets page. Cache * it here like the boot kernel does. From patchwork Fri Jan 26 22:15:57 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom Lendacky X-Patchwork-Id: 192815 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:2395:b0:106:343:edcb with SMTP id gw21csp184367dyb; Fri, 26 Jan 2024 14:26:35 -0800 (PST) X-Google-Smtp-Source: AGHT+IEJmX4p5l7Oi1Zj5EENEWKHQjN23KWEmZtnxpaDVz1r6g/9jEfzvjfEIsnCoeLuJQBWmA+7 X-Received: by 2002:aa7:8a4f:0:b0:6dd:81dd:862d with SMTP id n15-20020aa78a4f000000b006dd81dd862dmr489823pfa.42.1706307995183; Fri, 26 Jan 2024 14:26:35 -0800 (PST) Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [2604:1380:40f1:3f00::1]) by mx.google.com with ESMTPS id ck27-20020a056a02091b00b005c680fbab22si1817581pgb.509.2024.01.26.14.26.34 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 26 Jan 2024 14:26:35 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-40741-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) client-ip=2604:1380:40f1:3f00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=j6TuPnea; arc=fail (signature failed); spf=pass (google.com: domain of linux-kernel+bounces-40741-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-40741-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id D5E6EB257BC for ; Fri, 26 Jan 2024 22:18:13 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id F270C50A8D; Fri, 26 Jan 2024 22:16:54 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="j6TuPnea" Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2045.outbound.protection.outlook.com [40.107.93.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9C70045C1B for ; Fri, 26 Jan 2024 22:16:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.93.45 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706307408; cv=fail; b=WyLOhFOfBUxFPMEc4bsfrWpR4d4H3a/XyRVZH8ReiCvuVG04Wa77MxWLh4+5C9OfZqp3AnGAp0wWenDvBZDx9PN/GV+hyvyo/Izf1FADqfWo46lULWvrdpzHGD+d40Wi08Yl1vvOpgpI+kyScBx9T565jDiu7G9mBA6RUhjHA4g= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706307408; c=relaxed/simple; bh=dk8m8SL3/mpgMj1F4y7jzDkmzzeDi+duokOcGsAMPHw=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=VZV4WOmI+7aV6/j7hlSkwyUy+ci+Wce2QzIN/yZFRxdPdnN3hBfgqTZizuWq1qme/XW7VJu0DUW6Mi/jLkynfuyrR1ziOoQ+yREhS/XBabRRbB/E8LWPilnrhRN82dG//SQgN44A6bCQVC/aq+Xy7o48dOACGu17YAtJ2Y/htqQ= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=j6TuPnea; arc=fail smtp.client-ip=40.107.93.45 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=BPHp2xoqSiRwxC3cYFfYeKXh0d5ViG+K1KUQRQ/9btNogOOG12qdw7j3Jg5EEvv02tGNf3onCSW6J7lS2f+CJ7Ha33b5XK5+bPG+n4pQoZAeD7l7+v/J32MFO1GPzmeM/pWruTYq5qy+kW1Hay+5QohyodAnQaSkjyYc7viJQpMcNGQsg2Lco7piVoiR7i12fSJGzRbmtmQYm9ByO+3t2g/QZ/oRq6GkwCsZd8bcoy0k/vJBNuUsKRNY+ont5P5j0i3Tt6TkXFYQVSIR/M6LU5uuToKXA5JNhMeoCYw8i3ozVewmeb/7fNrxshKrXpY4/ZevxY6ysMylU9g5uFeSWQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=LZ76qrXf8FZ/B/uGLUJesfc+lIOuv9Qur4kjokpDImA=; b=KhU9+7RtEJM60SnjLLkgJp8aIlm++88+OB8jjJsSMT5VYSu7+SSBxxu02gLLGXYxxqk4J3Tup0LJihGBEY4dk7a+mmSJq3prAscOQc6P//S2ZFiotXFt6aPKzxwMF8IGJigtOvVffm61pimV+vm8c7PbLr4cNUsHlFsk0OUBPMUYY8SMB6xLfJAlAnXALeUKy2LNemWJrlbVKQsagxhQQHonxBvPxsW63oDNY+weYZRHP/XZaxS9pkDabJtiV1Xs7qJAPtv0gJkHBNVN6lMuWM2WDuORNuS1sLH5j3iKixzl5YESvM4byZtpf31Z3dnf+LDGJVBuMq3D8TcJkZv7BA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LZ76qrXf8FZ/B/uGLUJesfc+lIOuv9Qur4kjokpDImA=; b=j6TuPneabexw4WD4/ppCNYnttcAQVyZJODcnyHZJ2p9wJZBIsG0P66HdtQlvHxA9BnOak5m9ziwIS5hlgWUSq7i3NEiiHd60254PrLrvhPOMmkeeIygjcSijy9znJGyDS9v9dSZscztpEA6jJnqaGgE2itdG82oJ5dSnISt3dJ4= Received: from SJ0PR13CA0013.namprd13.prod.outlook.com (2603:10b6:a03:2c0::18) by CY8PR12MB7169.namprd12.prod.outlook.com (2603:10b6:930:5e::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7202.30; Fri, 26 Jan 2024 22:16:40 +0000 Received: from DS2PEPF0000343B.namprd02.prod.outlook.com (2603:10b6:a03:2c0:cafe::77) by SJ0PR13CA0013.outlook.office365.com (2603:10b6:a03:2c0::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7249.10 via Frontend Transport; Fri, 26 Jan 2024 22:16:40 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DS2PEPF0000343B.mail.protection.outlook.com (10.167.18.38) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7228.16 via Frontend Transport; Fri, 26 Jan 2024 22:16:40 +0000 Received: from tlendack-t1.amdoffice.net (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Fri, 26 Jan 2024 16:16:39 -0600 From: Tom Lendacky To: , CC: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Andy Lutomirski , "Peter Zijlstra" , Dan Williams , Michael Roth , Ashish Kalra Subject: [PATCH 04/11] x86/sev: Use kernel provided SVSM Calling Areas Date: Fri, 26 Jan 2024 16:15:57 -0600 Message-ID: <8de29476ed1fcfeae79cbe43ee6dbbfecf7e86ea.1706307364.git.thomas.lendacky@amd.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PEPF0000343B:EE_|CY8PR12MB7169:EE_ X-MS-Office365-Filtering-Correlation-Id: d78b7620-67bd-4368-23c3-08dc1ebc786a X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: RlthRZ1WRVcVrvSdZDJjAHIl/Rn9Vv0woyUH1YL/Q5E6hfm+BoQxymFr4gdTH3OsaAjMNYqZWHJkc12/9AHV0nkdby2m7zNmYKZfF8tRFu0LWy8l5lVrPbZxQVP7FXs9vn1wWnoXq/H8RjaBO35M3LI2xsYaXfJxmh36l6OB9HlGHR7NnU4WwqzWpOZnE9irURYOhl9/0Za0jLXib6xRLWRBQDVl1583MD08W/RnEKNZ3DTh9Vc0OyN1ujms6ZOkxpUVCtJhp8V0rJRV2tHsP/MQC0To2pa/iMF4qqTK02ywvFVyCt+RkSFbNYJ5ltNe8pJ3jECPimW5VLm3kBLdN0WUmPK8lfuiLcXTdA1hMZNkD+Q57/e05wxzCWFszrhL8628lomJiPvh0UXMGJTVLIpDBFx2faflRjFjWAIjh4KBzSbdhSM1/szA9ztRoVB29j+hoBelT8ao2S+PwDqnJ+BJfjHqJwjzNsKM/DAkLGtx9Ly/em5bJ0l6gEOm9ect7JQOymuPSUqgQamj3NqunbJ/22olO9xsMtW+h2ICXt8m0DGvLyljcDvfnfspYeZUEW0BRTjs4H4DbDJ7nJanoBsxWY6QcMpXHDWMiv7eXyTM2byhOg8N1EOCWKvMJnm/O9hHVFt2ILdgpHeEdhXw6bIDp7y2CG70lmNR5+ELPshxNep1oo0DonrDx0621EaCRfEmxTZu+LVzxEdtgGgiLEUvCKLI8IHxsCuTAQaCwYIMy9UqI75mOR7EXm2Vvf/aRYQ4oicdE/Bm0UIDvm5kVQ== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(376002)(396003)(136003)(346002)(39860400002)(230922051799003)(64100799003)(82310400011)(451199024)(1800799012)(186009)(36840700001)(46966006)(40470700004)(478600001)(54906003)(7416002)(36860700001)(336012)(16526019)(47076005)(86362001)(41300700001)(82740400003)(356005)(81166007)(83380400001)(36756003)(4326008)(6666004)(8676002)(2906002)(110136005)(26005)(426003)(5660300002)(316002)(30864003)(70586007)(70206006)(8936002)(2616005)(40480700001)(40460700003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Jan 2024 22:16:40.1893 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: d78b7620-67bd-4368-23c3-08dc1ebc786a X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS2PEPF0000343B.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY8PR12MB7169 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1789193612658506835 X-GMAIL-MSGID: 1789193612658506835 The SVSM Calling Area (CA) is used to communicate between Linux and the SVSM. Since the firmware supplied CA for the BSP is likely to be in reserved memory, switch off that CA to a kernel provided CA so that access and use of the CA is available during boot. The CA switch is done using the SVSM core protocol SVSM_CORE_REMAP_CAA call. An SVSM call is executed by filling out the SVSM CA and setting the proper register state as documented by the SVSM protocol. The SVSM is invoked by by requesting the hypervisor to run VMPL0. Once it is safe to allocate/reserve memory, allocate a CA for each CPU. After allocating the new CAs, the BSP will switch from the boot CA to the per-CPU CA. The CA for an AP is identified to the SVSM when creating the VMSA in preparation for booting the AP. Signed-off-by: Tom Lendacky --- arch/x86/include/asm/sev-common.h | 13 ++ arch/x86/include/asm/sev.h | 32 +++++ arch/x86/include/uapi/asm/svm.h | 1 + arch/x86/kernel/sev-shared.c | 94 +++++++++++++- arch/x86/kernel/sev.c | 207 +++++++++++++++++++++++++----- arch/x86/mm/mem_encrypt_amd.c | 8 +- 6 files changed, 320 insertions(+), 35 deletions(-) diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index 68a8cdf6fd6a..71db5ba020b9 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -96,6 +96,19 @@ enum psc_op { /* GHCBData[63:32] */ \ (((u64)(val) & GENMASK_ULL(63, 32)) >> 32) +/* GHCB Run at VMPL Request/Response */ +#define GHCB_MSR_VMPL_REQ 0x016 +#define GHCB_MSR_VMPL_REQ_LEVEL(v) \ + /* GHCBData[39:32] */ \ + (((u64)(v) & GENMASK_ULL(7, 0) << 32) | \ + /* GHCBDdata[11:0] */ \ + GHCB_MSR_VMPL_REQ) + +#define GHCB_MSR_VMPL_RESP 0x017 +#define GHCB_MSR_VMPL_RESP_VAL(v) \ + /* GHCBData[63:32] */ \ + (((u64)(v) & GENMASK_ULL(63, 32)) >> 32) + /* GHCB Hypervisor Feature Request/Response */ #define GHCB_MSR_HV_FT_REQ 0x080 #define GHCB_MSR_HV_FT_RESP 0x081 diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 207c315041ba..2f1e583769fc 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -163,6 +163,36 @@ struct svsm_ca { u8 svsm_buffer[PAGE_SIZE - 8]; }; +#define SVSM_SUCCESS 0 +#define SVSM_ERR_INCOMPLETE 0x80000000 +#define SVSM_ERR_UNSUPPORTED_PROTOCOL 0x80000001 +#define SVSM_ERR_UNSUPPORTED_CALL 0x80000002 +#define SVSM_ERR_INVALID_ADDRESS 0x80000003 +#define SVSM_ERR_INVALID_FORMAT 0x80000004 +#define SVSM_ERR_INVALID_PARAMETER 0x80000005 +#define SVSM_ERR_INVALID_REQUEST 0x80000006 +#define SVSM_ERR_BUSY 0x80000007 + +/* + * SVSM protocol structure + */ +struct svsm_call { + struct svsm_ca *caa; + u64 rax; + u64 rcx; + u64 rdx; + u64 r8; + u64 r9; + u64 rax_out; + u64 rcx_out; + u64 rdx_out; + u64 r8_out; + u64 r9_out; +}; + +#define SVSM_CORE_CALL(x) ((0ULL << 32) | (x)) +#define SVSM_CORE_REMAP_CA 0 + #ifdef CONFIG_AMD_MEM_ENCRYPT extern void __sev_es_ist_enter(struct pt_regs *regs); extern void __sev_es_ist_exit(void); @@ -236,6 +266,7 @@ int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, struct sn void snp_accept_memory(phys_addr_t start, phys_addr_t end); u64 snp_get_unsupported_features(u64 status); u64 sev_get_status(void); +void __init snp_remap_svsm_ca(void); #else static inline void sev_es_ist_enter(struct pt_regs *regs) { } static inline void sev_es_ist_exit(void) { } @@ -264,6 +295,7 @@ static inline int snp_issue_guest_request(u64 exit_code, struct snp_req_data *in static inline void snp_accept_memory(phys_addr_t start, phys_addr_t end) { } static inline u64 snp_get_unsupported_features(u64 status) { return 0; } static inline u64 sev_get_status(void) { return 0; } +static inline void snp_remap_svsm_ca(void) { } #endif #endif diff --git a/arch/x86/include/uapi/asm/svm.h b/arch/x86/include/uapi/asm/svm.h index 80e1df482337..1814b413fd57 100644 --- a/arch/x86/include/uapi/asm/svm.h +++ b/arch/x86/include/uapi/asm/svm.h @@ -115,6 +115,7 @@ #define SVM_VMGEXIT_AP_CREATE_ON_INIT 0 #define SVM_VMGEXIT_AP_CREATE 1 #define SVM_VMGEXIT_AP_DESTROY 2 +#define SVM_VMGEXIT_SNP_RUN_VMPL 0x80000018 #define SVM_VMGEXIT_HV_FEATURES 0x8000fffd #define SVM_VMGEXIT_TERM_REQUEST 0x8000fffe #define SVM_VMGEXIT_TERM_REASON(reason_set, reason_code) \ diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c index 99170f129eef..7e9fa5d8889b 100644 --- a/arch/x86/kernel/sev-shared.c +++ b/arch/x86/kernel/sev-shared.c @@ -14,7 +14,9 @@ #define has_cpuflag(f) boot_cpu_has(f) #else #undef WARN -#define WARN(condition, format...) (!!(condition)) +#define WARN(condition, format...) (!!(condition)) +#undef vc_forward_exception +#define vc_forward_exception(c) panic("SNP: Hypervisor requested exception\n") #endif /* I/O parameters for CPUID-related helpers */ @@ -240,6 +242,96 @@ static enum es_result verify_exception_info(struct ghcb *ghcb, struct es_em_ctxt return ES_VMM_ERROR; } +static __always_inline void issue_svsm_call(struct svsm_call *call, u8 *pending) +{ + /* + * Issue the VMGEXIT to run the SVSM: + * - Load the SVSM register state (RAX, RCX, RDX, R8 and R9) + * - Set the CA call pending field to 1 + * - Issue VMGEXIT + * - Save the SVSM return register state (RAX, RCX, RDX, R8 and R9) + * - Perform atomic exchange of the CA call pending field + */ + asm volatile("mov %9, %%r8\n\t" + "mov %10, %%r9\n\t" + "movb $1, %11\n\t" + "rep; vmmcall\n\t" + "mov %%r8, %3\n\t" + "mov %%r9, %4\n\t" + "xchgb %5, %11\n\t" + : "=a" (call->rax_out), "=c" (call->rcx_out), "=d" (call->rdx_out), + "=m" (call->r8_out), "=m" (call->r9_out), + "+r" (*pending) + : "a" (call->rax), "c" (call->rcx), "d" (call->rdx), + "r" (call->r8), "r" (call->r9), + "m" (call->caa->call_pending) + : "r8", "r9", "memory"); +} + +static int __svsm_msr_protocol(struct svsm_call *call) +{ + u64 val, resp; + u8 pending; + + val = sev_es_rd_ghcb_msr(); + + sev_es_wr_ghcb_msr(GHCB_MSR_VMPL_REQ_LEVEL(0)); + + pending = 0; + issue_svsm_call(call, &pending); + + resp = sev_es_rd_ghcb_msr(); + + sev_es_wr_ghcb_msr(val); + + if (pending) + return -EINVAL; + + if (GHCB_RESP_CODE(resp) != GHCB_MSR_VMPL_RESP) + return -EINVAL; + + if (GHCB_MSR_VMPL_RESP_VAL(resp) != 0) + return -EINVAL; + + return call->rax_out; +} + +static int __svsm_ghcb_protocol(struct ghcb *ghcb, struct svsm_call *call) +{ + struct es_em_ctxt ctxt; + u8 pending; + + vc_ghcb_invalidate(ghcb); + + /* Fill in protocol and format specifiers */ + ghcb->protocol_version = ghcb_version; + ghcb->ghcb_usage = GHCB_DEFAULT_USAGE; + + ghcb_set_sw_exit_code(ghcb, SVM_VMGEXIT_SNP_RUN_VMPL); + ghcb_set_sw_exit_info_1(ghcb, 0); + ghcb_set_sw_exit_info_2(ghcb, 0); + + sev_es_wr_ghcb_msr(__pa(ghcb)); + + pending = 0; + issue_svsm_call(call, &pending); + + if (pending) + return -EINVAL; + + switch (verify_exception_info(ghcb, &ctxt)) { + case ES_OK: + break; + case ES_EXCEPTION: + vc_forward_exception(&ctxt); + fallthrough; + default: + return -EINVAL; + } + + return call->rax_out; +} + static enum es_result sev_es_ghcb_hv_call(struct ghcb *ghcb, struct es_em_ctxt *ctxt, u64 exit_code, u64 exit_info_1, diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index 7066afaa8133..3bd7860fbfe1 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -114,6 +114,8 @@ struct ghcb_state { static DEFINE_PER_CPU(struct sev_es_runtime_data*, runtime_data); static DEFINE_PER_CPU(struct sev_es_save_area *, sev_vmsa); +static DEFINE_PER_CPU(struct svsm_ca *, svsm_caa); +static DEFINE_PER_CPU(u64, svsm_caa_pa); /* * SVSM related information: @@ -121,6 +123,7 @@ static DEFINE_PER_CPU(struct sev_es_save_area *, sev_vmsa); * non-zero. The VMPL is therefore used to indicate the presence of an SVSM. */ static u8 vmpl __ro_after_init; +static struct svsm_ca boot_svsm_ca_page __aligned(PAGE_SIZE); static struct svsm_ca *boot_svsm_caa __ro_after_init; static u64 boot_svsm_caa_pa __ro_after_init; @@ -138,11 +141,26 @@ struct sev_config { */ ghcbs_initialized : 1, + /* + * A flag used to indicate when the per-CPU SVSM CA is to be + * used instead of the boot SVSM CA. + * + * For APs, the per-CPU SVSM CA is created as part of the AP + * bringup, so this flag can be used globally for the BSP and APs. + */ + cas_initialized : 1, + __reserved : 62; }; static struct sev_config sev_cfg __read_mostly; +static struct svsm_ca *__svsm_get_caa(void) +{ + return sev_cfg.cas_initialized ? this_cpu_read(svsm_caa) + : boot_svsm_caa; +} + static __always_inline bool on_vc_stack(struct pt_regs *regs) { unsigned long sp = regs->sp; @@ -560,6 +578,33 @@ static enum es_result vc_ioio_check(struct es_em_ctxt *ctxt, u16 port, size_t si return ES_EXCEPTION; } +static __always_inline void vc_forward_exception(struct es_em_ctxt *ctxt) +{ + long error_code = ctxt->fi.error_code; + int trapnr = ctxt->fi.vector; + + ctxt->regs->orig_ax = ctxt->fi.error_code; + + switch (trapnr) { + case X86_TRAP_GP: + exc_general_protection(ctxt->regs, error_code); + break; + case X86_TRAP_UD: + exc_invalid_op(ctxt->regs); + break; + case X86_TRAP_PF: + write_cr2(ctxt->fi.cr2); + exc_page_fault(ctxt->regs, error_code); + break; + case X86_TRAP_AC: + exc_alignment_check(ctxt->regs, error_code); + break; + default: + pr_emerg("Unsupported exception in #VC instruction emulation - can't continue\n"); + BUG(); + } +} + /* Include code shared with pre-decompression boot stage */ #include "sev-shared.c" @@ -588,6 +633,42 @@ static noinstr void __sev_put_ghcb(struct ghcb_state *state) } } +static int svsm_protocol(struct svsm_call *call) +{ + struct ghcb_state state; + unsigned long flags; + struct ghcb *ghcb; + int ret; + + /* + * This can be called very early in the boot, use native functions in + * order to avoid paravirt issues. + */ + flags = native_save_fl(); + if (flags & X86_EFLAGS_IF) + native_irq_disable(); + + if (sev_cfg.ghcbs_initialized) + ghcb = __sev_get_ghcb(&state); + else if (boot_ghcb) + ghcb = boot_ghcb; + else + ghcb = NULL; + + do { + ret = ghcb ? __svsm_ghcb_protocol(ghcb, call) + : __svsm_msr_protocol(call); + } while (ret == SVSM_ERR_BUSY); + + if (sev_cfg.ghcbs_initialized) + __sev_put_ghcb(&state); + + if (flags & X86_EFLAGS_IF) + native_irq_enable(); + + return ret; +} + void noinstr __sev_es_nmi_complete(void) { struct ghcb_state state; @@ -1348,6 +1429,18 @@ static void __init alloc_runtime_data(int cpu) panic("Can't allocate SEV-ES runtime data"); per_cpu(runtime_data, cpu) = data; + + if (vmpl) { + struct svsm_ca *caa; + + /* Allocate the SVSM CA page if an SVSM is present */ + caa = memblock_alloc(sizeof(*caa), PAGE_SIZE); + if (!caa) + panic("Can't allocate SVSM CA page\n"); + + per_cpu(svsm_caa, cpu) = caa; + per_cpu(svsm_caa_pa, cpu) = __pa(caa); + } } static void __init init_ghcb(int cpu) @@ -1397,6 +1490,31 @@ void __init sev_es_init_vc_handling(void) init_ghcb(cpu); } + /* If running under an SVSM, switch to the per-cpu CA */ + if (vmpl) { + struct svsm_call call = {}; + unsigned long flags; + int ret; + + local_irq_save(flags); + + /* + * SVSM_CORE_REMAP_CA call: + * RAX = 0 (Protocol=0, CallID=0) + * RCX = New CA GPA + */ + call.caa = __svsm_get_caa(); + call.rax = SVSM_CORE_CALL(SVSM_CORE_REMAP_CA); + call.rcx = this_cpu_read(svsm_caa_pa); + ret = svsm_protocol(&call); + if (ret != SVSM_SUCCESS) + panic("Can't remap the SVSM CA, ret=%#x (%d)\n", ret, ret); + + sev_cfg.cas_initialized = true; + + local_irq_restore(flags); + } + sev_es_setup_play_dead(); /* Secondary CPUs use the runtime #VC handler */ @@ -1818,33 +1936,6 @@ static enum es_result vc_handle_exitcode(struct es_em_ctxt *ctxt, return result; } -static __always_inline void vc_forward_exception(struct es_em_ctxt *ctxt) -{ - long error_code = ctxt->fi.error_code; - int trapnr = ctxt->fi.vector; - - ctxt->regs->orig_ax = ctxt->fi.error_code; - - switch (trapnr) { - case X86_TRAP_GP: - exc_general_protection(ctxt->regs, error_code); - break; - case X86_TRAP_UD: - exc_invalid_op(ctxt->regs); - break; - case X86_TRAP_PF: - write_cr2(ctxt->fi.cr2); - exc_page_fault(ctxt->regs, error_code); - break; - case X86_TRAP_AC: - exc_alignment_check(ctxt->regs, error_code); - break; - default: - pr_emerg("Unsupported exception in #VC instruction emulation - can't continue\n"); - BUG(); - } -} - static __always_inline bool is_vc2_stack(unsigned long sp) { return (sp >= __this_cpu_ist_bottom_va(VC2) && sp < __this_cpu_ist_top_va(VC2)); @@ -2094,6 +2185,52 @@ static __init struct cc_blob_sev_info *find_cc_blob(struct boot_params *bp) return cc_info; } +static __init void setup_svsm(struct cc_blob_sev_info *cc_info) +{ + struct svsm_call call = {}; + int ret; + u64 pa; + + /* + * Record the SVSM Calling Area address (CAA) if the guest is not + * running at VMPL0. The CA will be used to communicate with the + * SVSM to perform the SVSM services. + */ + setup_svsm_ca(cc_info); + + /* Nothing to do if not running under an SVSM. */ + if (!vmpl) + return; + + /* + * It is very early in the boot and the kernel is running identity + * mapped but without having adjusted the pagetables to where the + * kernel was loaded (physbase), so the get the CA address using + * RIP-relative addressing. + */ + asm volatile ("lea boot_svsm_ca_page(%%rip), %0" + : "=r" (pa) + : "p" (&boot_svsm_ca_page)); + + /* + * Switch over to the boot SVSM CA while the current CA is still + * addressable. There is no GHCB at this point so use the MSR protocol. + * + * SVSM_CORE_REMAP_CA call: + * RAX = 0 (Protocol=0, CallID=0) + * RCX = New CA GPA + */ + call.caa = __svsm_get_caa(); + call.rax = SVSM_CORE_CALL(SVSM_CORE_REMAP_CA); + call.rcx = pa; + ret = svsm_protocol(&call); + if (ret != SVSM_SUCCESS) + panic("Can't remap the SVSM CA, ret=%#x (%d)\n", ret, ret); + + boot_svsm_caa = (struct svsm_ca *)pa; + boot_svsm_caa_pa = pa; +} + bool __init snp_init(struct boot_params *bp) { struct cc_blob_sev_info *cc_info; @@ -2107,12 +2244,7 @@ bool __init snp_init(struct boot_params *bp) setup_cpuid_table(cc_info); - /* - * Record the SVSM Calling Area address (CAA) if the guest is not - * running at VMPL0. The CA will be used to communicate with the - * SVSM to perform the SVSM services. - */ - setup_svsm_ca(cc_info); + setup_svsm(cc_info); /* * The CC blob will be used later to access the secrets page. Cache @@ -2278,3 +2410,12 @@ static int __init snp_init_platform_device(void) return 0; } device_initcall(snp_init_platform_device); + +void __init snp_remap_svsm_ca(void) +{ + if (!vmpl) + return; + + /* Update the CAA to a proper kernel address */ + boot_svsm_caa = &boot_svsm_ca_page; +} diff --git a/arch/x86/mm/mem_encrypt_amd.c b/arch/x86/mm/mem_encrypt_amd.c index 70b91de2e053..8943286f9fdc 100644 --- a/arch/x86/mm/mem_encrypt_amd.c +++ b/arch/x86/mm/mem_encrypt_amd.c @@ -2,7 +2,7 @@ /* * AMD Memory Encryption Support * - * Copyright (C) 2016 Advanced Micro Devices, Inc. + * Copyright (C) 2016-2024 Advanced Micro Devices, Inc. * * Author: Tom Lendacky */ @@ -492,6 +492,12 @@ void __init sme_early_init(void) */ if (sev_status & MSR_AMD64_SEV_ENABLED) ia32_disable(); + + /* + * Switch the SVSM CA mapping (if active) from identity mapped to + * kernel mapped. + */ + snp_remap_svsm_ca(); } void __init mem_encrypt_free_decrypted_mem(void) From patchwork Fri Jan 26 22:15:58 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom Lendacky X-Patchwork-Id: 192806 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:2395:b0:106:343:edcb with SMTP id gw21csp181428dyb; Fri, 26 Jan 2024 14:19:11 -0800 (PST) X-Google-Smtp-Source: AGHT+IE1QCf3wH4nX42o8o9toPO9xUidhW8tSYgPMkMU8mhojXRWwVxOBx6msv2SQ09CxlOpVjhy X-Received: by 2002:a17:902:e547:b0:1d7:6800:3e63 with SMTP id n7-20020a170902e54700b001d768003e63mr756243plf.138.1706307551042; Fri, 26 Jan 2024 14:19:11 -0800 (PST) Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99]) by mx.google.com with ESMTPS id q13-20020a170902dacd00b001d71bd9a8a8si1786020plx.494.2024.01.26.14.19.10 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 26 Jan 2024 14:19:11 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-40743-ouuuleilei=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=3viWUttB; arc=fail (signature failed); spf=pass (google.com: domain of linux-kernel+bounces-40743-ouuuleilei=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-40743-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 744BB283FC6 for ; Fri, 26 Jan 2024 22:18:35 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 2AC8D524B3; Fri, 26 Jan 2024 22:17:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="3viWUttB" Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2044.outbound.protection.outlook.com [40.107.243.44]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7938950274 for ; Fri, 26 Jan 2024 22:16:52 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.243.44 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706307414; cv=fail; b=R6Mvm9fIHFprLcRD7f1qjBb2qA1ylrj9y0ViE34Wu9iCF3SSQ3SAi1srCIkxnh6PiZWUEVLrUuMEcNzb+cCe2bZWiop5Ir7kpOucqQj+JOvpaLJe6LJW1L0NW+h+pwsGz9OfNaJijDZc4Xb3sY96uuPpHBXtaj9pQk+N/Il+Chs= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706307414; c=relaxed/simple; bh=8v6dQpaOlKJgTaTV0zh7zHJzkv6Xg2BA31rSSN/0mZ0=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=ocSg3FU2lpKPiyepVzg7K1UdeiSnhjQD33IchTa/srADalV2pXZq39K2S6Z4Hn3JwqY6qBJA3Ya4N7ByRWLpdMb2obEzpAffHLc7BrtXfPOhvmLhGo6qwvcfeO0jQUfwJ9Kw96PCBum8MD8pH9fVkZiZ1wqnKhkjFNs9vJPybL8= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=3viWUttB; arc=fail smtp.client-ip=40.107.243.44 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=U7rVgZcCjrm/CZib9ikUesUUCuGSTvXqPTFIhLIuC4lmPIa4YhyzleIImXBCCjwOeyHSrc3RXaEMFNxJYQ4/eDL/aRM1JzTCjXK8GmqQ9758Vhi1nWTgxm7SZBliGxQyaeSiRn0HHWZm1T5v5gB2U+KP+ECmnzfySHMR/u5ibVrzjev5YhntYXES5eVRfSTQ3DakFS0UTvbVHFG6gky5Sl/9/0t4w+4uRxsiiQ+E53ccRI5OXmBSITLR9/asY+KXEE9Ci+lyhqapf7NkpRpSMur0tEDFC/fIM/hiwsB3uX/6A1i/ZmsaSIbQvI2AMn+3hel3ucI+U/x9XP/G0oFzhQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=LZaiXg0XOAUycPigfvWnAtcnJgY+VGJf7lJr4f4Cmwg=; b=PHNu6D24h1zCbvTSVe7R7Qxb3dW1xhTOJWzsP5UvWdDriHABtARMX9MewygUjd0lXTfHlXHpKtHW0v0F/2uxmO3Xni8JulV2sF1Ikbtd/iA2eIRQM1SkqiTLkjbouXg+DGBlFtLyCYuvCFN46WHxzhk6ll8/3PHQ9HPXUQnqozqsBGNB1Vo0j02DEngleUgtqsaYaZj1h0T7W+XZ1QZV0GPR/9l1t2FgU4u/dR4O1/Z3V1Hs3+0t2IlTHNpQgVeJfLaQU2BHxRSwt/g5zuFMLmdfm3pfnybWplV0ctZH0kR95ADD26HRyqO4ZaO/PpZnaHoDWwIQB+pOd3nRLEAqNQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LZaiXg0XOAUycPigfvWnAtcnJgY+VGJf7lJr4f4Cmwg=; b=3viWUttBZbA8FXM2Qy5OqtvM8DPB+Z5rHwLovjHokzqjoF53EWaXzBVOmn5V7RNRCYU6WN+DAFq8sSG1SAultk1/Xic0YZuwG9PEJm03xF5u7jZQhnfyUUACF3Ymw8K3Hz9HDnRMKudexI61uj5vel31DOQlgq8Xg4dSFWyy4JQ= Received: from DM5PR07CA0082.namprd07.prod.outlook.com (2603:10b6:4:ad::47) by SJ0PR12MB6942.namprd12.prod.outlook.com (2603:10b6:a03:449::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.28; Fri, 26 Jan 2024 22:16:47 +0000 Received: from DS2PEPF00003440.namprd02.prod.outlook.com (2603:10b6:4:ad:cafe::e8) by DM5PR07CA0082.outlook.office365.com (2603:10b6:4:ad::47) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.27 via Frontend Transport; Fri, 26 Jan 2024 22:16:47 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DS2PEPF00003440.mail.protection.outlook.com (10.167.18.43) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7228.16 via Frontend Transport; Fri, 26 Jan 2024 22:16:47 +0000 Received: from tlendack-t1.amdoffice.net (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Fri, 26 Jan 2024 16:16:46 -0600 From: Tom Lendacky To: , CC: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Andy Lutomirski , "Peter Zijlstra" , Dan Williams , Michael Roth , Ashish Kalra Subject: [PATCH 05/11] x86/sev: Perform PVALIDATE using the SVSM when not at VMPL0 Date: Fri, 26 Jan 2024 16:15:58 -0600 Message-ID: X-Mailer: git-send-email 2.42.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PEPF00003440:EE_|SJ0PR12MB6942:EE_ X-MS-Office365-Filtering-Correlation-Id: 9a5753c0-cd2b-464a-b234-08dc1ebc7c9f X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: prYiOjtjaSaIru3tqkmc7YX9CodzNQ2FOylZu+IhNz9xYlDGmyH9qHTUgvZolsS7cuSE8Yti6a9D8uZ054anKqCC3KzVqKVmvgRq4+OPhGfn0id5W/dkKH8QUoKV31mHZLTe1rLr/bmhAOgYETJmlv9SSPS7T/F285qL0aPuHmSieLaf7NnyTwjTlHfG0fYh7Tdfi6NhKcGGvPD2KcqEYTclPigP6LYCvlUaTKu9jPrGP9izZC9plRuRp+HOFRdg2/vom7Leb6DYOSgCZ7ucxEuXqcjJBcyaN0/sOTUpZunxCcfYLmZ/wXF/+Cw7eQ/cH4yuGrWRv+b0ZiFS/LfBQEhWCsmgwpcoIhm2/R0TQygtBmMhxKlCPrLaRz64/grR2ZBam0L7lnCmBQ8MrAc82JhgTZpBvyjEBMrMM+tyFZr5CBLoPBXjd2t4B9bjV5mjJ7BokuQ5+Kn0mrx0eeZ45a/J/jonptwkG+VX/ipaOXhSz+xHZflYTMFMY3Zgx+kK8W8shXr4KTgF6vY8TIzM1Ky30HHXaitkThIW/CPLy3BS27dBxv26DRIZPqDiWqI1XC0wGQOusGMeishbKMO4MN1ltoVUbhclua6m5Yict3jOZnVRtajWaYOkxkRzq4DeP8VMhfpXMOx53GqAoSw/l9m9H2SnlcmhPDlJX7wk263IG0uyCkC15NHUZpQTv8mwzaPZmifW2Zi4rlOXoaRglgOeCQNdCPlNBgT3VnQMM8oweeWQncASUhdlL0Qb/VvbjWngU/qUbZJZZYgXG+991Q== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(346002)(376002)(396003)(39860400002)(136003)(230922051799003)(64100799003)(82310400011)(186009)(1800799012)(451199024)(36840700001)(46966006)(40470700004)(36860700001)(478600001)(86362001)(6666004)(81166007)(356005)(47076005)(40480700001)(40460700003)(82740400003)(83380400001)(2616005)(8936002)(54906003)(4326008)(316002)(30864003)(2906002)(7416002)(5660300002)(36756003)(110136005)(70586007)(70206006)(8676002)(26005)(16526019)(426003)(336012)(41300700001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Jan 2024 22:16:47.2355 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 9a5753c0-cd2b-464a-b234-08dc1ebc7c9f X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS2PEPF00003440.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR12MB6942 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1789193146474452209 X-GMAIL-MSGID: 1789193146474452209 The PVALIDATE instruction can only be performed at VMPL0. An SVSM will be present when running at VMPL1 or a lower privilege level. When an SVSM is present, use the SVSM_CORE_PVALIDATE call to perform memory validation instead of issuing the PVALIDATE instruction directly. The validation of a single 4K page is now explicitly identified as such in the function name, pvalidate_4k_page(). The pvalidate_pages() function is used for validating 1 or more pages at either 4K or 2M in size. Each function, however, determines whether it can issue the PVALIDATE directly or whether the SVSM needs to be invoked. Signed-off-by: Tom Lendacky --- arch/x86/boot/compressed/sev.c | 42 +++++++- arch/x86/include/asm/sev.h | 22 +++++ arch/x86/kernel/sev-shared.c | 176 ++++++++++++++++++++++++++++++++- arch/x86/kernel/sev.c | 25 +++-- 4 files changed, 247 insertions(+), 18 deletions(-) diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c index 5d2403914ceb..3fbb614c31e0 100644 --- a/arch/x86/boot/compressed/sev.c +++ b/arch/x86/boot/compressed/sev.c @@ -38,6 +38,16 @@ static u8 vmpl __section(".data"); static u64 boot_svsm_caa_pa __section(".data"); static struct svsm_ca *boot_svsm_caa __section(".data"); +static struct svsm_ca *__svsm_get_caa(void) +{ + return boot_svsm_caa; +} + +static u64 __svsm_get_caa_pa(void) +{ + return boot_svsm_caa_pa; +} + /* * Copy a version of this function here - insn-eval.c can't be used in * pre-decompression code. @@ -135,6 +145,24 @@ static bool fault_in_kernel_space(unsigned long address) /* Include code for early handlers */ #include "../../kernel/sev-shared.c" +static int svsm_protocol(struct svsm_call *call) +{ + struct ghcb *ghcb; + int ret; + + if (boot_ghcb) + ghcb = boot_ghcb; + else + ghcb = NULL; + + do { + ret = ghcb ? __svsm_ghcb_protocol(ghcb, call) + : __svsm_msr_protocol(call); + } while (ret == SVSM_ERR_BUSY); + + return ret; +} + bool sev_snp_enabled(void) { return sev_status & MSR_AMD64_SEV_SNP_ENABLED; @@ -151,8 +179,8 @@ static void __page_state_change(unsigned long paddr, enum psc_op op) * If private -> shared then invalidate the page before requesting the * state change in the RMP table. */ - if (op == SNP_PAGE_STATE_SHARED && pvalidate(paddr, RMP_PG_SIZE_4K, 0)) - sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_PVALIDATE); + if (op == SNP_PAGE_STATE_SHARED) + pvalidate_4k_page(paddr, paddr, 0); /* Issue VMGEXIT to change the page state in RMP table. */ sev_es_wr_ghcb_msr(GHCB_MSR_PSC_REQ_GFN(paddr >> PAGE_SHIFT, op)); @@ -167,8 +195,8 @@ static void __page_state_change(unsigned long paddr, enum psc_op op) * Now that page state is changed in the RMP table, validate it so that it is * consistent with the RMP entry. */ - if (op == SNP_PAGE_STATE_PRIVATE && pvalidate(paddr, RMP_PG_SIZE_4K, 1)) - sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_PVALIDATE); + if (op == SNP_PAGE_STATE_PRIVATE) + pvalidate_4k_page(paddr, paddr, 1); } void snp_set_page_private(unsigned long paddr) @@ -261,6 +289,12 @@ void sev_es_shutdown_ghcb(void) if (!sev_es_check_cpu_features()) error("SEV-ES CPU Features missing."); + /* + * Ensure that the boot GHCB isn't used for the PVALIDATE when running + * under an SVSM. + */ + boot_ghcb = NULL; + /* * GHCB Page must be flushed from the cache and mapped encrypted again. * Otherwise the running kernel will see strange cache effects when diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 2f1e583769fc..dbd7fd041689 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -172,6 +172,27 @@ struct svsm_ca { #define SVSM_ERR_INVALID_PARAMETER 0x80000005 #define SVSM_ERR_INVALID_REQUEST 0x80000006 #define SVSM_ERR_BUSY 0x80000007 +#define SVSM_PVALIDATE_FAIL_SIZEMISMATCH 0x80001006 + +/* + * The SVSM PVALIDATE related structures + */ +struct svsm_pvalidate_entry { + u64 page_size : 2, + action : 1, + ignore_cf : 1, + rsvd : 8, + pfn : 52; +}; + +struct svsm_pvalidate_call { + u16 entries; + u16 next; + + u8 rsvd1[4]; + + struct svsm_pvalidate_entry entry[]; +}; /* * SVSM protocol structure @@ -192,6 +213,7 @@ struct svsm_call { #define SVSM_CORE_CALL(x) ((0ULL << 32) | (x)) #define SVSM_CORE_REMAP_CA 0 +#define SVSM_CORE_PVALIDATE 1 #ifdef CONFIG_AMD_MEM_ENCRYPT extern void __sev_es_ist_enter(struct pt_regs *regs); diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c index 7e9fa5d8889b..f26e872bc5d0 100644 --- a/arch/x86/kernel/sev-shared.c +++ b/arch/x86/kernel/sev-shared.c @@ -81,6 +81,8 @@ static u32 cpuid_std_range_max __ro_after_init; static u32 cpuid_hyp_range_max __ro_after_init; static u32 cpuid_ext_range_max __ro_after_init; +static int svsm_protocol(struct svsm_call *call); + static bool __init sev_es_check_cpu_features(void) { if (!has_cpuflag(X86_FEATURE_RDRAND)) { @@ -1181,7 +1183,65 @@ static void __init setup_cpuid_table(const struct cc_blob_sev_info *cc_info) } } -static void pvalidate_pages(struct snp_psc_desc *desc) +static int base_pvalidate_4k_page(unsigned long vaddr, bool validate) +{ + return pvalidate(vaddr, RMP_PG_SIZE_4K, validate); +} + +static int svsm_pvalidate_4k_page(unsigned long paddr, bool validate) +{ + struct svsm_pvalidate_call *pvalidate_call; + struct svsm_call call = {}; + u64 pvalidate_call_pa; + unsigned long flags; + int ret; + + /* + * This can be called very early in the boot, use native functions in + * order to avoid paravirt issues. + */ + flags = native_save_fl(); + if (flags & X86_EFLAGS_IF) + native_irq_disable(); + + call.caa = __svsm_get_caa(); + + pvalidate_call = (struct svsm_pvalidate_call *)call.caa->svsm_buffer; + pvalidate_call_pa = __svsm_get_caa_pa() + offsetof(struct svsm_ca, svsm_buffer); + + pvalidate_call->entries = 1; + pvalidate_call->next = 0; + pvalidate_call->entry[0].page_size = RMP_PG_SIZE_4K; + pvalidate_call->entry[0].action = validate; + pvalidate_call->entry[0].ignore_cf = 0; + pvalidate_call->entry[0].pfn = paddr >> PAGE_SHIFT; + + /* Protocol 0, Call ID 1 */ + call.rax = SVSM_CORE_CALL(SVSM_CORE_PVALIDATE); + call.rcx = pvalidate_call_pa; + + ret = svsm_protocol(&call); + + if (flags & X86_EFLAGS_IF) + native_irq_enable(); + + return ret; +} + +static void pvalidate_4k_page(unsigned long vaddr, unsigned long paddr, bool validate) +{ + int ret; + + ret = vmpl ? svsm_pvalidate_4k_page(paddr, validate) + : base_pvalidate_4k_page(vaddr, validate); + + if (ret) { + WARN(1, "Failed to validate address 0x%lx ret %d", vaddr, ret); + sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_PVALIDATE); + } +} + +static void base_pvalidate_pages(struct snp_psc_desc *desc) { struct psc_entry *e; unsigned long vaddr; @@ -1215,6 +1275,120 @@ static void pvalidate_pages(struct snp_psc_desc *desc) } } +static void svsm_pvalidate_pages(struct snp_psc_desc *desc) +{ + struct svsm_pvalidate_call *pvalidate_call; + struct svsm_pvalidate_entry *pe; + unsigned int call_count, i; + struct svsm_call call = {}; + u64 pvalidate_call_pa; + struct psc_entry *e; + unsigned long flags; + unsigned long vaddr; + bool action; + int ret; + + /* + * This can be called very early in the boot, use native functions in + * order to avoid paravirt issues. + */ + flags = native_save_fl(); + if (flags & X86_EFLAGS_IF) + native_irq_disable(); + + call.caa = __svsm_get_caa(); + + pvalidate_call = (struct svsm_pvalidate_call *)call.caa->svsm_buffer; + pvalidate_call_pa = __svsm_get_caa_pa() + offsetof(struct svsm_ca, svsm_buffer); + + /* Calculate how many entries the CA buffer can hold */ + call_count = sizeof(call.caa->svsm_buffer); + call_count -= offsetof(struct svsm_pvalidate_call, entry); + call_count /= sizeof(pvalidate_call->entry[0]); + + /* Protocol 0, Call ID 1 */ + call.rax = SVSM_CORE_CALL(SVSM_CORE_PVALIDATE); + call.rcx = pvalidate_call_pa; + + pvalidate_call->entries = 0; + pvalidate_call->next = 0; + + for (i = 0; i <= desc->hdr.end_entry; i++) { + e = &desc->entries[i]; + pe = &pvalidate_call->entry[pvalidate_call->entries]; + + pe->page_size = e->pagesize ? RMP_PG_SIZE_2M : RMP_PG_SIZE_4K; + pe->action = e->operation == SNP_PAGE_STATE_PRIVATE; + pe->ignore_cf = 0; + pe->pfn = e->gfn; + + pvalidate_call->entries++; + if (pvalidate_call->entries < call_count && i != desc->hdr.end_entry) + continue; + + ret = svsm_protocol(&call); + if (ret == SVSM_PVALIDATE_FAIL_SIZEMISMATCH && + pvalidate_call->entry[pvalidate_call->next].page_size == RMP_PG_SIZE_2M) { + u64 pfn, pfn_end; + + /* + * The "next" field is the index of the failed entry. Calculate the + * index of the entry after the failed entry before the fields are + * cleared so that processing can continue on from that point (take + * into account the for loop adding 1 to the entry). + */ + i -= pvalidate_call->entries - pvalidate_call->next; + i += 1; + + action = pvalidate_call->entry[pvalidate_call->next].action; + pfn = pvalidate_call->entry[pvalidate_call->next].pfn; + pfn_end = pfn + 511; + + pvalidate_call->entries = 0; + pvalidate_call->next = 0; + for (; pfn <= pfn_end; pfn++) { + pe = &pvalidate_call->entry[pvalidate_call->entries]; + + pe->page_size = RMP_PG_SIZE_4K; + pe->action = action; + pe->ignore_cf = 0; + pe->pfn = pfn; + + pvalidate_call->entries++; + if (pvalidate_call->entries < call_count && pfn != pfn_end) + continue; + + ret = svsm_protocol(&call); + if (ret != SVSM_SUCCESS) + break; + + pvalidate_call->entries = 0; + pvalidate_call->next = 0; + } + } + + if (ret != SVSM_SUCCESS) { + pe = &pvalidate_call->entry[pvalidate_call->next]; + vaddr = (unsigned long)pfn_to_kaddr(pe->pfn); + + WARN(1, "Failed to validate address %lx ret=%#x (%d)", vaddr, ret, ret); + sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_PVALIDATE); + } + + pvalidate_call->entries = 0; + pvalidate_call->next = 0; + } + + if (flags & X86_EFLAGS_IF) + native_irq_enable(); +} + +static void pvalidate_pages(struct snp_psc_desc *desc) +{ + vmpl ? svsm_pvalidate_pages(desc) + : base_pvalidate_pages(desc); +} + static int vmgexit_psc(struct ghcb *ghcb, struct snp_psc_desc *desc) { int cur_entry, end_entry, ret = 0; diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index 3bd7860fbfe1..2fd21090ef6b 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -161,6 +161,12 @@ static struct svsm_ca *__svsm_get_caa(void) : boot_svsm_caa; } +static u64 __svsm_get_caa_pa(void) +{ + return sev_cfg.cas_initialized ? this_cpu_read(svsm_caa_pa) + : boot_svsm_caa_pa; +} + static __always_inline bool on_vc_stack(struct pt_regs *regs) { unsigned long sp = regs->sp; @@ -777,7 +783,6 @@ static void early_set_pages_state(unsigned long vaddr, unsigned long paddr, { unsigned long paddr_end; u64 val; - int ret; vaddr = vaddr & PAGE_MASK; @@ -785,12 +790,9 @@ static void early_set_pages_state(unsigned long vaddr, unsigned long paddr, paddr_end = paddr + (npages << PAGE_SHIFT); while (paddr < paddr_end) { - if (op == SNP_PAGE_STATE_SHARED) { - /* Page validation must be rescinded before changing to shared */ - ret = pvalidate(vaddr, RMP_PG_SIZE_4K, false); - if (WARN(ret, "Failed to validate address 0x%lx ret %d", paddr, ret)) - goto e_term; - } + /* Page validation must be rescinded before changing to shared */ + if (op == SNP_PAGE_STATE_SHARED) + pvalidate_4k_page(vaddr, paddr, false); /* * Use the MSR protocol because this function can be called before @@ -812,12 +814,9 @@ static void early_set_pages_state(unsigned long vaddr, unsigned long paddr, paddr, GHCB_MSR_PSC_RESP_VAL(val))) goto e_term; - if (op == SNP_PAGE_STATE_PRIVATE) { - /* Page validation must be performed after changing to private */ - ret = pvalidate(vaddr, RMP_PG_SIZE_4K, true); - if (WARN(ret, "Failed to validate address 0x%lx ret %d", paddr, ret)) - goto e_term; - } + /* Page validation must be performed after changing to private */ + if (op == SNP_PAGE_STATE_PRIVATE) + pvalidate_4k_page(vaddr, paddr, true); vaddr += PAGE_SIZE; paddr += PAGE_SIZE; From patchwork Fri Jan 26 22:15:59 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom Lendacky X-Patchwork-Id: 192805 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:2395:b0:106:343:edcb with SMTP id gw21csp181274dyb; Fri, 26 Jan 2024 14:18:51 -0800 (PST) X-Google-Smtp-Source: AGHT+IHikH+7EBVw5RLcgG3qOkQafWHiXsOcs3UtRE5ba1XxRmIPBQ+PY8z0zfB/7qtiHpI6H86/ X-Received: by 2002:a05:620a:2218:b0:783:cfc1:4aa7 with SMTP id m24-20020a05620a221800b00783cfc14aa7mr415786qkh.145.1706307531419; Fri, 26 Jan 2024 14:18:51 -0800 (PST) Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id s2-20020a05620a030200b0078396230acbsi2226188qkm.341.2024.01.26.14.18.51 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 26 Jan 2024 14:18:51 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-40744-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=uOmqq04m; arc=fail (signature failed); spf=pass (google.com: domain of linux-kernel+bounces-40744-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-40744-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 2B38E1C21F38 for ; Fri, 26 Jan 2024 22:18:51 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id B256F55786; Fri, 26 Jan 2024 22:17:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="uOmqq04m" Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2040.outbound.protection.outlook.com [40.107.236.40]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BF51051C2D for ; Fri, 26 Jan 2024 22:16:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.236.40 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706307420; cv=fail; b=BGNadXix+UXV7uj7UbW8ZiYf1eLBxGYVj06Y38iqDWUxPtpnh4U5F9gj6snqShbejliojlOb8Uk5nDTQ6tr4W8LTEKj9Akivv8nyHCTfW9mUaXJVFigLVLAwuzRXKgEaouljk7SiTHjZV2/iIIFcI3RIfBvWcYsuzELIuwY/3W8= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706307420; c=relaxed/simple; bh=ckWkCbCh+ZZVATMX9CWYHgNDekKjBfdqCGr4a7aut2M=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=WEQKPM5EWLGeWkVHOViefZx3uSBg6dcSrrQZj0Ie3LEdmBeldVZiUBT2zYFq0UU6DZA3nMGyLHM0wOTeGtwMPOycHbwtA9JDIm0coq1Z/XaAB0o1Wf+L7TATvYsjh1imou8wU5LwuOPA7L0UKN8A48WBfPKg/kZYM57xEIASjWw= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=uOmqq04m; arc=fail smtp.client-ip=40.107.236.40 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=UHXMVCBA3NTHd/Gawke86/tgeWb+ydCVVmxQvQ2Nfl6zd14r1BTe+0Zk7JriS6pfjHT5iRch958HX7nXMe+n4wgiZjFs++OFtNOnHSaXVtY6GeAHUpaX3JQ9fU/zJLhpujByJpsr9PLEbnCyFFX/HM8xdrxAhX03C4yR9mlAqdou1cDCjJLEtASiDwI+vZP/Eercp3Xl3MTK/ACZRQg9jWJGWgxgUQnZ0rTJE3OeC9Kr7ck/WTqhtPgaNr8ww7ZPam61izdo7An/TxCnK+XguloSKRLxOdnzzvRAdewWBjE8cYXvTUEvnMMlY4+q0XRfgtnua9ndcnpjigQtjOJBCg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=27n8vr2UIOEyWHE5Xeqq8EiSVBZ3qjjxLrr0LbEd/ew=; b=mZFXNElJouKMo9sY+bzI7Qn31wPdXlQ6idX9zv/FmFBKXyRgU3f4i3puxdYPiz2cspheAe5KHAGWAc2cSIXQ2egn6dmHR9KSrOC0lgiehGpl/OAdQl5QCNK2pqzb3i4wt9vPGtwkqHrCvNSEQ/FxjfKJEVSeSPBYC+qOj2cRGykSvoBkXDQ5a+0AxhZRrgXISXp5PjgIC91JPvNrOLkm11Z3Y04ip+7W+/zxbip5X57RB5shagy74r0eBvVA32IpSiduE0r5GtNZ1sDFCLEQ8Zb0uOlr7kaJmpb58gENdsUhb93gThzVo6rW/1Mai/op3q1Hfo/lucAZMljliYUAuQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=27n8vr2UIOEyWHE5Xeqq8EiSVBZ3qjjxLrr0LbEd/ew=; b=uOmqq04mVy6Rr2o953OZwYk1h/kFPVJUXUDkj8DulE7/OhjyMldzSHz1Sayng1W8YoBFQsJyzQgl0x2T4KIgIVnERR8Ln7JxnqgQ1etIlCfMa9CwdX5EiiMuj6eB7aD1CIxhgt+cMh3TSSA21+UffnmNEH8D3XzT0pbHBK/QXwM= Received: from DM6PR04CA0002.namprd04.prod.outlook.com (2603:10b6:5:334::7) by CH2PR12MB4072.namprd12.prod.outlook.com (2603:10b6:610:7e::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.27; Fri, 26 Jan 2024 22:16:54 +0000 Received: from DS2PEPF0000343F.namprd02.prod.outlook.com (2603:10b6:5:334:cafe::28) by DM6PR04CA0002.outlook.office365.com (2603:10b6:5:334::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.28 via Frontend Transport; Fri, 26 Jan 2024 22:16:54 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DS2PEPF0000343F.mail.protection.outlook.com (10.167.18.42) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7228.16 via Frontend Transport; Fri, 26 Jan 2024 22:16:54 +0000 Received: from tlendack-t1.amdoffice.net (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Fri, 26 Jan 2024 16:16:53 -0600 From: Tom Lendacky To: , CC: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Andy Lutomirski , "Peter Zijlstra" , Dan Williams , Michael Roth , Ashish Kalra Subject: [PATCH 06/11] x86/sev: Use the SVSM to create a vCPU when not in VMPL0 Date: Fri, 26 Jan 2024 16:15:59 -0600 Message-ID: X-Mailer: git-send-email 2.42.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PEPF0000343F:EE_|CH2PR12MB4072:EE_ X-MS-Office365-Filtering-Correlation-Id: 703fc87b-ce9b-43c6-5786-08dc1ebc80e8 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 7CoN27Wu3PT77FLbEGYLs0LrG1pbxxX6RnLwW/AdLIdfXe83zWnwm3j+5w2F6Lo3pEq1/bskMA+23NaL3Sdt2BEadJHGmE6F/RXQ9VTSG8c0uMMm2PJlu0aTJ22NYX3rSddr3y8E1cycEsptNjNI12BqKcbQJGQUaxNZWSJHR6sc/wxrX1Sovd0nYGxJ8HdijwDZehVcGWA3MY3OxZpLrBUOvapxO+X1BGKqfl+BkR+gvh6Ct3s4TSETWJM9Be+W2dDYEP3TdPi1Q7GtC/w4qOidLA+oVPCAoCGf8J/nMPCrwhx7kABF91xL4bT9GIAvFB0jvhXC4PQC7DGyA3H6myVqcXauHiKO9i1Ymtx7UIPaDm3tVqtWizTfhlBLTW9MMCS6j7ynnJzHULN8fDmnP/KzXFfzW6TIHT+a0AK012JZxjzAE53lU1F9bIl2JRoQMrhuBHr886MgZP+dNwgfu48NM6o15Dx/wRwlTuxvEQOt6y4i2kRsICs+xEGsjvOB3i1pIue5Jj3jNFfGdo0RVdzdYyBaSGjoPm4rs7XCsjqb5/73Eh6ZdvskmyG8ZrqN9Fti87wayVqY87vIQQXdyRf7VuEt6cn+TlxjoZ0tdONIYTTmWk6+Q+uhwQ908IYpZr2g3CIG/UvepgogxgsERe3lCaf7YmKs3zN7nvVSDl3mJ52V04/aoO/O372tgUmAHTRCDxdyP8xWhfXYlGoeGc1haIpHpOdwmc3mkkY+e2n578v+JsnPf5P9j7wmNafC2xzz6Lx4DbdzZpgF0TaTdg== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(396003)(136003)(346002)(376002)(39860400002)(230922051799003)(64100799003)(186009)(82310400011)(1800799012)(451199024)(46966006)(36840700001)(40470700004)(40460700003)(40480700001)(47076005)(83380400001)(36756003)(356005)(81166007)(86362001)(4326008)(36860700001)(8936002)(5660300002)(82740400003)(26005)(426003)(2616005)(16526019)(336012)(8676002)(316002)(54906003)(70586007)(110136005)(70206006)(41300700001)(7416002)(2906002)(478600001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Jan 2024 22:16:54.3756 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 703fc87b-ce9b-43c6-5786-08dc1ebc80e8 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS2PEPF0000343F.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB4072 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1789193126341081418 X-GMAIL-MSGID: 1789193126341081418 Using the RMPADJUST instruction, the VSMA attribute can only be changed at VMPL0. An SVSM will be present when running at VMPL1 or a lower privilege level. When an SVSM is present, use the SVSM_CORE_CREATE_VCPU call or the SVSM_CORE_DESTROY_VCPU call to perform VMSA attribute changes. Use the VMPL level supplied by the SVSM within the VMSA and when starting the AP. Signed-off-by: Tom Lendacky --- arch/x86/include/asm/sev.h | 2 ++ arch/x86/kernel/sev.c | 60 +++++++++++++++++++++++++++++++++----- 2 files changed, 54 insertions(+), 8 deletions(-) diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index dbd7fd041689..372bc6183b29 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -214,6 +214,8 @@ struct svsm_call { #define SVSM_CORE_CALL(x) ((0ULL << 32) | (x)) #define SVSM_CORE_REMAP_CA 0 #define SVSM_CORE_PVALIDATE 1 +#define SVSM_CORE_CREATE_VCPU 2 +#define SVSM_CORE_DELETE_VCPU 3 #ifdef CONFIG_AMD_MEM_ENCRYPT extern void __sev_es_ist_enter(struct pt_regs *regs); diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index 2fd21090ef6b..ddb9141f0959 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -995,7 +995,7 @@ void snp_accept_memory(phys_addr_t start, phys_addr_t end) set_pages_state(vaddr, npages, SNP_PAGE_STATE_PRIVATE); } -static int snp_set_vmsa(void *va, bool vmsa) +static int base_snp_set_vmsa(void *va, bool vmsa) { u64 attrs; @@ -1013,6 +1013,40 @@ static int snp_set_vmsa(void *va, bool vmsa) return rmpadjust((unsigned long)va, RMP_PG_SIZE_4K, attrs); } +static int svsm_snp_set_vmsa(void *va, void *caa, int apic_id, bool vmsa) +{ + struct svsm_call call = {}; + unsigned long flags; + int ret; + + local_irq_save(flags); + + call.caa = this_cpu_read(svsm_caa); + call.rcx = __pa(va); + + if (vmsa) { + /* Protocol 0, Call ID 2 */ + call.rax = SVSM_CORE_CALL(SVSM_CORE_CREATE_VCPU); + call.rdx = __pa(caa); + call.r8 = apic_id; + } else { + /* Protocol 0, Call ID 3 */ + call.rax = SVSM_CORE_CALL(SVSM_CORE_DELETE_VCPU); + } + + ret = svsm_protocol(&call); + + local_irq_restore(flags); + + return ret; +} + +static int snp_set_vmsa(void *va, void *caa, int apic_id, bool vmsa) +{ + return vmpl ? svsm_snp_set_vmsa(va, caa, apic_id, vmsa) + : base_snp_set_vmsa(va, vmsa); +} + #define __ATTR_BASE (SVM_SELECTOR_P_MASK | SVM_SELECTOR_S_MASK) #define INIT_CS_ATTRIBS (__ATTR_BASE | SVM_SELECTOR_READ_MASK | SVM_SELECTOR_CODE_MASK) #define INIT_DS_ATTRIBS (__ATTR_BASE | SVM_SELECTOR_WRITE_MASK) @@ -1044,11 +1078,11 @@ static void *snp_alloc_vmsa_page(void) return page_address(p + 1); } -static void snp_cleanup_vmsa(struct sev_es_save_area *vmsa) +static void snp_cleanup_vmsa(struct sev_es_save_area *vmsa, int apic_id) { int err; - err = snp_set_vmsa(vmsa, false); + err = snp_set_vmsa(vmsa, NULL, apic_id, false); if (err) pr_err("clear VMSA page failed (%u), leaking page\n", err); else @@ -1059,6 +1093,7 @@ static int wakeup_cpu_via_vmgexit(u32 apic_id, unsigned long start_ip) { struct sev_es_save_area *cur_vmsa, *vmsa; struct ghcb_state state; + struct svsm_ca *caa; unsigned long flags; struct ghcb *ghcb; u8 sipi_vector; @@ -1105,6 +1140,12 @@ static int wakeup_cpu_via_vmgexit(u32 apic_id, unsigned long start_ip) if (!vmsa) return -ENOMEM; + /* + * If an SVSM is present, then the SVSM CAA per-CPU variable will + * have a value, otherwise it will be NULL. + */ + caa = per_cpu(svsm_caa, cpu); + /* CR4 should maintain the MCE value */ cr4 = native_read_cr4() & X86_CR4_MCE; @@ -1152,11 +1193,11 @@ static int wakeup_cpu_via_vmgexit(u32 apic_id, unsigned long start_ip) * VMPL level * SEV_FEATURES (matches the SEV STATUS MSR right shifted 2 bits) */ - vmsa->vmpl = 0; + vmsa->vmpl = vmpl; vmsa->sev_features = sev_status >> 2; /* Switch the page over to a VMSA page now that it is initialized */ - ret = snp_set_vmsa(vmsa, true); + ret = snp_set_vmsa(vmsa, caa, apic_id, true); if (ret) { pr_err("set VMSA page failed (%u)\n", ret); free_page((unsigned long)vmsa); @@ -1172,7 +1213,10 @@ static int wakeup_cpu_via_vmgexit(u32 apic_id, unsigned long start_ip) vc_ghcb_invalidate(ghcb); ghcb_set_rax(ghcb, vmsa->sev_features); ghcb_set_sw_exit_code(ghcb, SVM_VMGEXIT_AP_CREATION); - ghcb_set_sw_exit_info_1(ghcb, ((u64)apic_id << 32) | SVM_VMGEXIT_AP_CREATE); + ghcb_set_sw_exit_info_1(ghcb, + ((u64)apic_id << 32) | + ((u64)vmpl << 16) | + SVM_VMGEXIT_AP_CREATE); ghcb_set_sw_exit_info_2(ghcb, __pa(vmsa)); sev_es_wr_ghcb_msr(__pa(ghcb)); @@ -1190,13 +1234,13 @@ static int wakeup_cpu_via_vmgexit(u32 apic_id, unsigned long start_ip) /* Perform cleanup if there was an error */ if (ret) { - snp_cleanup_vmsa(vmsa); + snp_cleanup_vmsa(vmsa, apic_id); vmsa = NULL; } /* Free up any previous VMSA page */ if (cur_vmsa) - snp_cleanup_vmsa(cur_vmsa); + snp_cleanup_vmsa(cur_vmsa, apic_id); /* Record the current VMSA page */ per_cpu(sev_vmsa, cpu) = vmsa; From patchwork Fri Jan 26 22:16:00 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom Lendacky X-Patchwork-Id: 192808 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:2395:b0:106:343:edcb with SMTP id gw21csp181555dyb; Fri, 26 Jan 2024 14:19:30 -0800 (PST) X-Google-Smtp-Source: AGHT+IHiG51bBfVJI3rG9t73Hy16ilhXZlT5BwhrgP6duNJ57+rlwAGI9f5efkhmKmkn2qhM5TfP X-Received: by 2002:a17:903:2596:b0:1d7:92d7:57bb with SMTP id jb22-20020a170903259600b001d792d757bbmr331940plb.60.1706307570231; Fri, 26 Jan 2024 14:19:30 -0800 (PST) Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id jf3-20020a170903268300b001d730b78015si1730956plb.107.2024.01.26.14.19.30 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 26 Jan 2024 14:19:30 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-40745-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=XUtj3Y+u; arc=fail (signature failed); spf=pass (google.com: domain of linux-kernel+bounces-40745-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-40745-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 0B61C282260 for ; Fri, 26 Jan 2024 22:19:06 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 5C0455731D; Fri, 26 Jan 2024 22:17:10 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="XUtj3Y+u" Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2085.outbound.protection.outlook.com [40.107.94.85]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 581D955797 for ; Fri, 26 Jan 2024 22:17:05 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.94.85 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706307426; cv=fail; b=o3Xt/PBsevRqcyUDrLpFhjedGaeZ1s/29aqaaAeRPfpFOM05JJPQpYaaxraFPenUBsFwR4pIrboIeKnWiVwpHU3O9J2+fFGlr3SL8Vr3h4jJ2ckZxql1YfSKmIwBvfzZiI3dlfKqCjtVVTCXmRR6Pan7WXXZ+QFaamsC+83TIy4= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706307426; c=relaxed/simple; bh=oq7YfFD2dDgLtmFugXOCuVkrbCbu3KiOTFU9CGemJhQ=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=V+Y7Jpr+Hejuvf23ZDYd+Yl1SADrq0SeCINK4qIZLw1oPOXOKr2IY2MZn08JM6nDoqh+tOOi3V6pJIbJuay3cEXg7uTn+mAPpNC9E2nyQnePNWeQ7Xw/fQopSxNrRHa7idMm/pLMeRBP4Jr7Y30URtsI38r5PsnKJe88BnACxDE= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=XUtj3Y+u; arc=fail smtp.client-ip=40.107.94.85 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Ey2/y6PURau74jarG44Qct48JwldZ0FEl+pTkSIwQDf1AT6w1B9QjAcpjy56jAUZM9UcrV7rZ63/KASehYF6RbVS7XfppYkLUQGHoM5ZqPbXFSZhrJnstLCAwPw/JDMKbtcUKcO9a/GoFqKt1ydHXZLpUdIf1EyVqilBbhCPNqKrWQmgYNGCRJJU4m7TiStrAruWGwWnVrzh7xyS+aMcSBDwyxH+I17tSz+PgqbjfHkA5H6DijsfR1JEawxzrS3o3/7+dfUvZ0tJJ9y6Tn6lHord0cnmovtdCFtEzVn97d+FA8DA3Dib7gUavJv2sQWuhyDOFTu96LqSxke9VqZS+w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ky/2oTXlLBO58QPkIvtKmVm+qw3qmD3XCklbrcvsxII=; b=QMWAva9xdTnSN9RnijUCA7iUM0XLLDXKQ+zn21RXeTKv/RbSItXKEkGr7xoo7yjTsII4FnWOygR9/8QkFUSkyOSukKf+bW6G2BaLxU+vJGCVWL3YqU9nwsJnC+6RQO52GMJ9ctLU9SqXpsmO1wt1vtYl3aJTjt9OR216yHPEAbq/qlCsMmyY62ISgm+kNiqWTwMHWK2CTq5OZ2lpgk3LGwLGuDpr6DED//O0lQOL5HwXDpxUxWYfrEPzuvFKk4eKI3AkFURWLF6Ex+bxSI8BIU0ni/2ae38xrujaW/EmUK81ZmpLuzdPaByZ9PsZVs301VK23B1/Rojk5FlUsfDvKg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ky/2oTXlLBO58QPkIvtKmVm+qw3qmD3XCklbrcvsxII=; b=XUtj3Y+uV8W67wsXXrpUuXr14ngM3kNfhUSZsSbAAZOHP8LkSa/hbllVC3Kc9Y1QETO3ohsRDkV7B+Ak4Pq4hVahbggpPkWxMpR0hsuDN3eIHTaMeQ/ZH5CvObOlva2jO8kRbwjcpxwfrWlw4dSKlGnIq7xMud2DtqvmA3z1w4A= Received: from DM5PR07CA0072.namprd07.prod.outlook.com (2603:10b6:4:ad::37) by PH7PR12MB5757.namprd12.prod.outlook.com (2603:10b6:510:1d0::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.22; Fri, 26 Jan 2024 22:17:02 +0000 Received: from DS2PEPF00003440.namprd02.prod.outlook.com (2603:10b6:4:ad:cafe::f0) by DM5PR07CA0072.outlook.office365.com (2603:10b6:4:ad::37) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.26 via Frontend Transport; Fri, 26 Jan 2024 22:17:01 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DS2PEPF00003440.mail.protection.outlook.com (10.167.18.43) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7228.16 via Frontend Transport; Fri, 26 Jan 2024 22:17:01 +0000 Received: from tlendack-t1.amdoffice.net (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Fri, 26 Jan 2024 16:17:00 -0600 From: Tom Lendacky To: , CC: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Andy Lutomirski , "Peter Zijlstra" , Dan Williams , Michael Roth , Ashish Kalra Subject: [PATCH 07/11] x86/sev: Provide SVSM discovery support Date: Fri, 26 Jan 2024 16:16:00 -0600 Message-ID: <2518c82f24f3e5d7533eea72512cea9ce985704b.1706307364.git.thomas.lendacky@amd.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PEPF00003440:EE_|PH7PR12MB5757:EE_ X-MS-Office365-Filtering-Correlation-Id: cff1de95-a4d2-4c0e-d588-08dc1ebc8522 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: SXSlH4D8/AeaUUKxr9VHGIb5taeo6Om/aqe9/vERlGVEXvFihKTl7d22LwP/IODMuMdJUEBg0RaiiFOOH7Ln+NDGa7R01+HyMSsBOoay03A6sBLfHLCw10ROXc19sN5WgFJnem/XdLumZW5KVVcix1HKKpO6AKBTjdVgZIFbFpvfewg5yj0OT6VeBeskt4kB7TKNKG2+s3JL3MJ5YmbjGeBZ5xc5ZKndEdDOhoBubDEus8a8470vlw8LYadOhCU7desJefXE58lMeXnyEWM6ZRY5wTQ5055dtasVqqA3T+a9iCADGP3Mz5Rf1crGFtLPjB2MieKsZl4GFABEjH/r3ZvmhvgmKUCEctYJLPrALNok2WBHQITheJ3IJrq+mmHcOkUyqDPapx+E4GLFEuGkfioIscZXW8i/xHvYgB3zkEP8hxLBOgOscVsdtgg+p5RXha8+Pq2fSDdF/ftIkKTjL8VR0w6yGARIbgg6/RltRay18ywxH3ODgUHlEuIDqzjCn8LEMn3NrU2kZqayuRRagVjEiZe1tO6B7O3NlTPR09YYkqKAKRYSvMdXNu3eMOrbtUeH66xLk4WdjbaQ3cQh7aDTNtTlYyrEb1gNc0iHvKpOtbVCgZ4zO9N4bnkieJFUVCfxjFaFw3XPZQqrnec7kasLhwI0HD1KdRl8PsgiexrE33JKEkwAID7kkQ8xR5PoR4t+iYdaTzstyXOzSKVyavoj5wb8ksciCKTy2Zyyo7g87xlJku0/i+jX6FvMvObVpoIAg483HeshD4tYPpfTXg== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(346002)(376002)(136003)(396003)(39860400002)(230922051799003)(82310400011)(186009)(64100799003)(1800799012)(451199024)(36840700001)(40470700004)(46966006)(2906002)(40480700001)(40460700003)(36860700001)(478600001)(7416002)(5660300002)(83380400001)(356005)(70586007)(110136005)(316002)(2616005)(54906003)(36756003)(4326008)(41300700001)(8676002)(8936002)(86362001)(426003)(16526019)(336012)(26005)(81166007)(70206006)(82740400003)(47076005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Jan 2024 22:17:01.5324 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: cff1de95-a4d2-4c0e-d588-08dc1ebc8522 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS2PEPF00003440.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB5757 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1789193166804617630 X-GMAIL-MSGID: 1789193166804617630 The SVSM specification documents an alternative method of discovery for the SVSM using a reserved CPUID bit and a reserved MSR. For the CPUID support, the #VC handler of an SEV-SNP guest should modify the returned value in the EAX register for the 0x8000001f CPUID function by setting bit 28 when an SVSM is present. For the MSR support, new reserved MSR 0xc001f000 has been defined. A #VC should be generated when accessing this MSR. The #VC handler is expected to ignore writes to this MSR and return the physical calling area address (CAA) on reads of this MSR. Signed-off-by: Tom Lendacky --- arch/x86/include/asm/msr-index.h | 2 ++ arch/x86/kernel/sev-shared.c | 4 ++++ arch/x86/kernel/sev.c | 17 +++++++++++++++++ 3 files changed, 23 insertions(+) diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-index.h index f1bd7b91b3c6..4746135cbe21 100644 --- a/arch/x86/include/asm/msr-index.h +++ b/arch/x86/include/asm/msr-index.h @@ -622,6 +622,8 @@ #define MSR_AMD64_VIRT_SPEC_CTRL 0xc001011f +#define MSR_SVSM_CAA 0xc001f000 + /* AMD Collaborative Processor Performance Control MSRs */ #define MSR_AMD_CPPC_CAP1 0xc00102b0 #define MSR_AMD_CPPC_ENABLE 0xc00102b1 diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c index f26e872bc5d0..9bd7d7e75b31 100644 --- a/arch/x86/kernel/sev-shared.c +++ b/arch/x86/kernel/sev-shared.c @@ -628,6 +628,10 @@ static int snp_cpuid_postprocess(struct ghcb *ghcb, struct es_em_ctxt *ctxt, /* node ID */ leaf->ecx = (leaf->ecx & GENMASK(31, 8)) | (leaf_hv.ecx & GENMASK(7, 0)); break; + case 0x8000001f: + if (vmpl) + leaf->eax |= BIT(28); + break; default: /* No fix-ups needed, use values as-is. */ break; diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index ddb9141f0959..121a9bad86c9 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -1326,12 +1326,29 @@ int __init sev_es_efi_map_ghcbs(pgd_t *pgd) return 0; } +static enum es_result vc_handle_svsm_caa_msr(struct es_em_ctxt *ctxt) +{ + struct pt_regs *regs = ctxt->regs; + + /* Writes to the SVSM CAA msr are ignored */ + if (ctxt->insn.opcode.bytes[1] == 0x30) + return ES_OK; + + regs->ax = lower_32_bits(this_cpu_read(svsm_caa_pa)); + regs->dx = upper_32_bits(this_cpu_read(svsm_caa_pa)); + + return ES_OK; +} + static enum es_result vc_handle_msr(struct ghcb *ghcb, struct es_em_ctxt *ctxt) { struct pt_regs *regs = ctxt->regs; enum es_result ret; u64 exit_info_1; + if (regs->cx == MSR_SVSM_CAA) + return vc_handle_svsm_caa_msr(ctxt); + /* Is it a WRMSR? */ exit_info_1 = (ctxt->insn.opcode.bytes[1] == 0x30) ? 1 : 0; From patchwork Fri Jan 26 22:16:01 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom Lendacky X-Patchwork-Id: 192807 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:2395:b0:106:343:edcb with SMTP id gw21csp181504dyb; Fri, 26 Jan 2024 14:19:23 -0800 (PST) X-Google-Smtp-Source: AGHT+IGhsCJ1YcdKCdyWKHj1v8r5QwA0mfN+WZpTAcwMr3bHOTp+PHF7DjC9jFUkJKJSr+eah+Xc X-Received: by 2002:ac2:4ac9:0:b0:510:2850:80a0 with SMTP id m9-20020ac24ac9000000b00510285080a0mr225613lfp.28.1706307563094; Fri, 26 Jan 2024 14:19:23 -0800 (PST) Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id br2-20020a170906d14200b00a308e9f0b23si977106ejb.122.2024.01.26.14.19.22 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 26 Jan 2024 14:19:23 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-40746-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=r8q3pmV3; arc=fail (signature failed); spf=pass (google.com: domain of linux-kernel+bounces-40746-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-40746-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 878F71F23BDA for ; Fri, 26 Jan 2024 22:19:22 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 14E9F58221; Fri, 26 Jan 2024 22:17:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="r8q3pmV3" Received: from NAM04-DM6-obe.outbound.protection.outlook.com (mail-dm6nam04on2073.outbound.protection.outlook.com [40.107.102.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 07B415732D for ; Fri, 26 Jan 2024 22:17:10 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.102.73 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706307432; cv=fail; b=RVlqntnkg+x0tMyZ+kb8l6jmFrb5dBRlMHHbZb5KMYZPB/dFif5FmB8ANNkDDlck4684CFLMP1iFMOOH9crv92bE0VjQ/KSlGIBcbI9mNfPMZJPzUxaUBPUqZsA0D6Ajdy97vNo6FJpcAg9zwBhRFQwSkIXmkCzC8pmlG7O1XHs= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706307432; c=relaxed/simple; bh=0n6m2Zsfr66giVTEkIIr/zW0oHNb8RD5ygAUH7zWIEw=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=cJtDY+pIB/iAbDj5Ts7qYGSAnsdznDKp9EVImPkuYwlkxJkOAzQ/X+yC4eB0oXJfngHiJQM+MLw7iNIXLt15+OlofzZfkjj3oulbAxFcmDDwAh8wpwBB3Mgfb6Scspe/HGtIqXofVmlMC/agmR2S2rbu/0wZ+UX7kNhhSvJvuDk= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=r8q3pmV3; arc=fail smtp.client-ip=40.107.102.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=N3bZZYXvkrjzSH8vW8q1FNCtwCL0Sw2Ukgl7RK/X5/26OTKLDgtSbfirvmQ3cbti8BmF+qV94nK092DIwdzBvTVd2b9qBIF71HQnuLW7NB5HyyjE0uLRBtrScRZM9STZaaBtmiWxkpiYxpjC24CQhLhgmrfzK/tVG0lfP7SayPXP0xORchu3txKUWDFe7735URC81W8ynpez7HsP7664MR6+TQ0/ZfCmxIb7nA3Fz3wMsqAl2JyGxus1EIlMlAEdE8SRyRzezajjxtHyczhRMJpBGVWyvX0kr2aNTg4GDv8M58no1rie51LfC9lw4uV0XXfWTS3wEQK5lnV0c/MAxA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=EKMspNQivsAnHFX55tmTi7IRJ3oYh7RnrB9iZYusHCY=; b=XEKqV6ugSI11+uD2ihU2QKppItOuefDX6INzHk0DVPaqBqkHmA7aE0KHSFeLR8zWdXilexV4iOBwcv3t9blpcTN5sZG6KREBs+VuGRzYh9eGbQXU5EA/Z1vkWCf5zlWM6dhxNHW2fQgiHx11AB7mdtXiPiOwwjgW14CIZrdWfIOv5XsXLtRi3FYvma5yOPW/8VUaqB6fuCP8NvuJfhc+lC2rD7R11ysDNqbePdl59gdzZFxDxNwgD6q1psb8JOW/vRlDY1wyoFYmg6vnHIhxQoA4XLS5/86r8hHR9FmC0OKGuUQQE+7ut/PUnqM3qZoOuos04Ofk686ZzehhIN3ZBg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=EKMspNQivsAnHFX55tmTi7IRJ3oYh7RnrB9iZYusHCY=; b=r8q3pmV34FAW64YvSFMM00lS4NlprIgRhMZKyLV7Rq1/Nk8yd55Zto2JS1ntcnTwDXGVVIbvBTQx2JH7khfq0/tGtJeITeq6j1XkBvvV8Tbwy2BjytsoxC9MS2STZngSkMPpwZX13WQ5TjMI4/rPrpO00Y/2j1LbcVqMqvjhFUA= Received: from SJ0PR03CA0032.namprd03.prod.outlook.com (2603:10b6:a03:33e::7) by PH7PR12MB7259.namprd12.prod.outlook.com (2603:10b6:510:207::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.22; Fri, 26 Jan 2024 22:17:08 +0000 Received: from DS2PEPF0000343D.namprd02.prod.outlook.com (2603:10b6:a03:33e:cafe::48) by SJ0PR03CA0032.outlook.office365.com (2603:10b6:a03:33e::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.22 via Frontend Transport; Fri, 26 Jan 2024 22:17:08 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DS2PEPF0000343D.mail.protection.outlook.com (10.167.18.40) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7228.16 via Frontend Transport; Fri, 26 Jan 2024 22:17:08 +0000 Received: from tlendack-t1.amdoffice.net (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Fri, 26 Jan 2024 16:17:07 -0600 From: Tom Lendacky To: , CC: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Andy Lutomirski , "Peter Zijlstra" , Dan Williams , Michael Roth , Ashish Kalra Subject: [PATCH 08/11] x86/sev: Provide guest VMPL level to userspace Date: Fri, 26 Jan 2024 16:16:01 -0600 Message-ID: <61316ac5a8217f0397da87c78c2db08580ad75a5.1706307364.git.thomas.lendacky@amd.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PEPF0000343D:EE_|PH7PR12MB7259:EE_ X-MS-Office365-Filtering-Correlation-Id: d872a322-783d-46ba-33b8-08dc1ebc8939 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: p0d1a6xWCJESKieas5AN8KtPyghMdNawWIKYBYY3OsZWTZ/c0zmAjj82Ki6Qf16ZGRQcZ4h/JP+WpJv6n8hwGrcNkSlP3mPOtoQDEtqR1DJlpoBrVFWwGE8jPPqKylBsH0XeK2HIKWCflSGWknFb1z+x+6+sQjOkYVnVVVTLcqXzhRIruOppMaU8a8w9OLJkpz4TIpdgxL2ABNxis5adQK2gOJdLX9cEwok8a/FoTvlFXFxVX5tQew9jo480hAwEywyBbzcAqwp6T23ZOrsKytDoB5VotZh73e+GTeo6E9CaaCBitzv7VUFp8gv4ILLTVKxTdSr7LM9wpfc1O4V2UQWD3NKa8GJpo7v1YaKD6+7+PBMkf/fofCXGBr8kzFWIzhejHkiDw4RmdB2ETTaONrJ04l+EsjbzVIofFX9UOPyCGT29Tttjb57hy194nz6M2o+X5OY6or8C1HcCh8K5c6jVYu1IqhgDcjrpioahV+ornZAiAusrHRbkcU8yoCTgRgut3y+Zf/xN+2DE0IXcoP1nBzB6+gMSfbpJ5CEdNwt6nRLWvgICe+whl9B8DWw7rz2BpRKQrKgVBijjq7WNkl6uVNia0tUCoGE+Ki8/oQMwFLtL+EMkzgrgohQS07zp1P5IXNwca/G7V1iHLVzz4ekcOi+MhgPxyZtRnpYJLsXbOfkv1KG3KpFxODQzMl8whpgdnRzS+rxCQXD5sF+LQOTiLV1Jiz5EWK32fFz1LIWv0TW712lpvHFrI3nCOujkJ8r2aWXpvcnMerde+U5Wxw== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(346002)(39860400002)(136003)(376002)(396003)(230922051799003)(82310400011)(1800799012)(186009)(451199024)(64100799003)(40470700004)(46966006)(36840700001)(40480700001)(40460700003)(70586007)(2906002)(426003)(6666004)(316002)(110136005)(2616005)(26005)(7416002)(336012)(8676002)(356005)(54906003)(16526019)(5660300002)(36860700001)(83380400001)(82740400003)(4326008)(36756003)(41300700001)(81166007)(478600001)(86362001)(70206006)(47076005)(8936002)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Jan 2024 22:17:08.3898 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: d872a322-783d-46ba-33b8-08dc1ebc8939 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS2PEPF0000343D.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB7259 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1789193159269730062 X-GMAIL-MSGID: 1789193159269730062 Requesting an attestation report from userspace involves providing the VMPL level for the report. Currently any value from 0-3 is valid because Linux enforces running at VMPL0. When an SVSM is present, though, Linux will not be running at VMPL0 and only VMPL values starting at the VMPL level Linux is running at to 3 are valid. In order to allow userspace to determine the minimum VMPL value that can be supplied to an attestation report, create a sysfs entry that can be used to retrieve the current VMPL level of Linux. Signed-off-by: Tom Lendacky --- arch/x86/kernel/sev.c | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index 121a9bad86c9..9844c772099c 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -2479,3 +2479,40 @@ void __init snp_remap_svsm_ca(void) /* Update the CAA to a proper kernel address */ boot_svsm_caa = &boot_svsm_ca_page; } + +static ssize_t vmpl_show(struct kobject *kobj, + struct kobj_attribute *attr, char *buf) +{ + return sysfs_emit(buf, "%d\n", vmpl); +} + +static struct kobj_attribute vmpl_attr = __ATTR_RO(vmpl); + +static struct attribute *vmpl_attrs[] = { + &vmpl_attr.attr, + NULL +}; + +static struct attribute_group sev_attr_group = { + .attrs = vmpl_attrs, +}; + +static int __init sev_sysfs_init(void) +{ + struct kobject *sev_kobj; + int ret; + + if (!cc_platform_has(CC_ATTR_GUEST_SEV_SNP)) + return -ENODEV; + + sev_kobj = kobject_create_and_add("sev", kernel_kobj); + if (!sev_kobj) + return -ENOMEM; + + ret = sysfs_create_group(sev_kobj, &sev_attr_group); + if (ret) + kobject_put(sev_kobj); + + return ret; +} +arch_initcall(sev_sysfs_init); From patchwork Fri Jan 26 22:16:02 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom Lendacky X-Patchwork-Id: 192809 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:2395:b0:106:343:edcb with SMTP id gw21csp181604dyb; Fri, 26 Jan 2024 14:19:38 -0800 (PST) X-Google-Smtp-Source: AGHT+IHvpPkKtNuK29I2Kx1YkM9aTE0xv6yXPXli816va9PL8KJTf6MQqdmNWbdlgSZjRRuB2ItP X-Received: by 2002:a05:600c:4193:b0:40e:470a:d867 with SMTP id p19-20020a05600c419300b0040e470ad867mr259863wmh.222.1706307578493; Fri, 26 Jan 2024 14:19:38 -0800 (PST) Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id q10-20020a056402248a00b0055eb33f07dfsi8487eda.482.2024.01.26.14.19.38 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 26 Jan 2024 14:19:38 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-40747-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=k2pjKN9K; arc=fail (signature failed); spf=pass (google.com: domain of linux-kernel+bounces-40747-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-40747-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id EBC101F23B93 for ; Fri, 26 Jan 2024 22:19:37 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id BA24822EFA; Fri, 26 Jan 2024 22:17:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="k2pjKN9K" Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2082.outbound.protection.outlook.com [40.107.94.82]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 872A258232 for ; Fri, 26 Jan 2024 22:17:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.94.82 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706307441; cv=fail; b=Qi0e0lzwHLFAKZdbjcEexmW2IuRXfVXi6x4rfiWmmZUU9Y29h0Hwq1K9DXmetV68K2AosXLmU01gQOj9aMEmWAH0m9ZKwF73o2qJjyJQ79aHbQX5PaFFk5x+yD+pKBji8w/lGc4TavGz2phOtMxZGVLKRjiegCGtf930oknnMJg= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706307441; c=relaxed/simple; bh=stgzIMbyznHHZFAn0ml5w0WpsdxXzcpbNR0bSeXi2So=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=hp0/Yc8MvD/nm9BQK9fRrbSlpP4PSJbZyfACQ4BPIRYYm4+T0z4xDCBSxb3hMTBVHGh9xcGonMTnn0V3GAre6GHu5lI2isvlgNQM04m0pTTGzebgAmX+tzXFD5BwebvP2M5+cL7QOXR7IUPKx2rBAL0h9NM2JYPkoOEDg+/rp/U= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=k2pjKN9K; arc=fail smtp.client-ip=40.107.94.82 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cEqnD3+VAVcDrNRpb1IWWlEsQHYs+5xCdY7eqnnVNR/qGn+fK08XeqQ6BU8jPeVXG44JnQA0MD1WYz/2bkOaGnTCd5oM7+lhIiWLaAtuF3j2+q/yKjoLP6bzaS1Qk6USa06OQxP7em3ouZt8qPbv/NRcxF+5Z+9KL32DfXARd44sAVbakeK1PRZQ4rCmf18oG1KpamM6tQgUe0kfuxBtwMF0qHf3jbkkG49YlIkxU/TeeHmbfL6ADblw+Fx1bFte2lubCNQTx9A8v6JAXsXtigThI4CdO5UkXKleDiW4Y6AFYFHrBeHKIJOpwWMZZBaqupuUcAtSpp/HyqL1c2hi2A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=8yrUcdqBxhjfxgvOzkcHfa6rOsPlXdgLnM32EQ4P5+0=; b=KJC72tSGo3NK006rNv6me2CSU9wG3meCYdZg5mzT1vrdeEWtN4iSzkSRPxqTJYDyded/SFXxKHQ+QxlqQKSICrsyCH2CmAlWOXhKFXNoFGw1ASRplMtNscT056iYqnz2tIutVaNLFLz0k9ke0wKMr8PPaX+Pu9U3PkQ5XIk3ZbD4tuxSkMD2iDS3zgf5Ya29Kk9R4fuK8c+pxAyqdROE7iyvsbs9pP9VIW1ozoz818mKH3JMKJGWqjWAjnT59LfKE8h3fyP7uJs1pAGwXaC6hwgU3CYq0uXB0JWiI5xJ7ddAOG+oea9sSAhx7hrrI/7ncLO+0/d71qDBK1hAEA5UUQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8yrUcdqBxhjfxgvOzkcHfa6rOsPlXdgLnM32EQ4P5+0=; b=k2pjKN9KiYWuaoGRlhSwIaKbluXEC3nqc/5uYTu6ufq4H4DdJL23tPYs+NaEKFM55oc7Rx5xun5qixZcSCLqXF6hh1KxY9PLtkSJoFP4p5NyPM6CZwsCoLtCFx/Jm9Z8dij19vUGUshvL/Xhgl2nxsSFNVifr3OENlwwO3hnESs= Received: from CH0P221CA0043.NAMP221.PROD.OUTLOOK.COM (2603:10b6:610:11d::23) by SA1PR12MB6869.namprd12.prod.outlook.com (2603:10b6:806:25d::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.27; Fri, 26 Jan 2024 22:17:17 +0000 Received: from DS2PEPF0000343C.namprd02.prod.outlook.com (2603:10b6:610:11d:cafe::f2) by CH0P221CA0043.outlook.office365.com (2603:10b6:610:11d::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.28 via Frontend Transport; Fri, 26 Jan 2024 22:17:16 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DS2PEPF0000343C.mail.protection.outlook.com (10.167.18.39) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7228.16 via Frontend Transport; Fri, 26 Jan 2024 22:17:16 +0000 Received: from tlendack-t1.amdoffice.net (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Fri, 26 Jan 2024 16:17:14 -0600 From: Tom Lendacky To: , CC: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Andy Lutomirski , "Peter Zijlstra" , Dan Williams , Michael Roth , Ashish Kalra Subject: [PATCH 09/11] virt: sev-guest: Choose the VMPCK key based on executing VMPL Date: Fri, 26 Jan 2024 16:16:02 -0600 Message-ID: X-Mailer: git-send-email 2.42.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PEPF0000343C:EE_|SA1PR12MB6869:EE_ X-MS-Office365-Filtering-Correlation-Id: 81372be2-0ece-473d-cc5d-08dc1ebc8e0d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: P6PEHfIgq1KwzUVQPBrjZqZrOmMTJjs1c8JivhATzLrwdjmIV2iFwpUkyRj3JBb8bKB4hLUqjFGSEYI24EZyjrtUntYdbX9OewzXS8hk+MTBSh17zyOdHbreczLrC8LhGHOGiQ7fycL5vTynMhUF5BvCTu5DtcftiV5S3zwAqEMSu08MG83s/+dEGYNApJT0KoMdzLYIe2JegvpSgQQuTiBT6scbwJh0tzxp0Ze8ezMa/IFpOowrcJ5YZdzC2qzjhNZ5alPvHJAK+QXP33QWHHTKHmjjttiNqSoYmUwpbH3kUZSdVygVfcVUDK6GGlw5zmFhQuzH6aJymbxx5NXYIKO3rJoslc84jhTvQ/khEFUB8rn3EQ0exX4yOQ0IXj3jki1U7pAUnytBux4ao379TQYKTczArOm25lCWSr0rqGVLKxoJ/nGAO9XZ6sdhBtkgLh+U77cWjBu3mXsnPCluLeouvYDcOO0YutnTpZPpzj05t8okhp6Bxdw6TlS/doOtHB7OWQDTUjEgoqL8L3z8SstbXijMRDGDpWWCwx4HdQev/AGBOiNnwyIYwe4r0co0RZKBVxgctOcghdo3GzJSAlZq6c3unWKf5SRjo3ZSyAoX13dz7nVqrzrKZkyBhhFnfSoPB6JwtJr0egHC0wkZYN/lC/L96odH8LpIL8UKMZxK87sFBrhcbj79juMZfSrLMpB7jxxNLDZ+9WQYswF3hBS+7PlgNM2+5em5jpRatpry4kr9/XxZtSHZGJD5HEqOetxc+BuU1hmgMVoB+VizZA== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(346002)(396003)(136003)(39860400002)(376002)(230922051799003)(186009)(451199024)(64100799003)(82310400011)(1800799012)(40470700004)(36840700001)(46966006)(40480700001)(40460700003)(426003)(2616005)(6666004)(86362001)(16526019)(336012)(26005)(478600001)(70206006)(110136005)(70586007)(316002)(54906003)(4326008)(8676002)(83380400001)(8936002)(47076005)(82740400003)(36756003)(41300700001)(5660300002)(81166007)(356005)(2906002)(36860700001)(7416002)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Jan 2024 22:17:16.4784 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 81372be2-0ece-473d-cc5d-08dc1ebc8e0d X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS2PEPF0000343C.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR12MB6869 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1789193175660043710 X-GMAIL-MSGID: 1789193175660043710 Currently, the sev-guest driver uses the vmpck-0 key by default. When an SVSM is present the kernel is running at a VMPL other than 0 and the vmpck-0 key is no longer available. So choose the vmpck key based on the active VMPL level. Signed-off-by: Tom Lendacky --- arch/x86/include/asm/sev.h | 2 ++ arch/x86/kernel/sev.c | 6 ++++++ drivers/virt/coco/sev-guest/sev-guest.c | 10 +++++++--- 3 files changed, 15 insertions(+), 3 deletions(-) diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 372bc6183b29..b126e50a1358 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -291,6 +291,7 @@ void snp_accept_memory(phys_addr_t start, phys_addr_t end); u64 snp_get_unsupported_features(u64 status); u64 sev_get_status(void); void __init snp_remap_svsm_ca(void); +int snp_get_vmpl(void); #else static inline void sev_es_ist_enter(struct pt_regs *regs) { } static inline void sev_es_ist_exit(void) { } @@ -320,6 +321,7 @@ static inline void snp_accept_memory(phys_addr_t start, phys_addr_t end) { } static inline u64 snp_get_unsupported_features(u64 status) { return 0; } static inline u64 sev_get_status(void) { return 0; } static inline void snp_remap_svsm_ca(void) { } +static inline int snp_get_vmpl(void) { return 0; } #endif #endif diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index 9844c772099c..849df3aae4e1 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -2442,6 +2442,12 @@ int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, struct sn } EXPORT_SYMBOL_GPL(snp_issue_guest_request); +int snp_get_vmpl(void) +{ + return vmpl; +} +EXPORT_SYMBOL_GPL(snp_get_vmpl); + static struct platform_device sev_guest_device = { .name = "sev-guest", .id = -1, diff --git a/drivers/virt/coco/sev-guest/sev-guest.c b/drivers/virt/coco/sev-guest/sev-guest.c index 87f241825bc3..1ff897913bf4 100644 --- a/drivers/virt/coco/sev-guest/sev-guest.c +++ b/drivers/virt/coco/sev-guest/sev-guest.c @@ -2,7 +2,7 @@ /* * AMD Secure Encrypted Virtualization (SEV) guest driver interface * - * Copyright (C) 2021 Advanced Micro Devices, Inc. + * Copyright (C) 2021-2024 Advanced Micro Devices, Inc. * * Author: Brijesh Singh */ @@ -70,8 +70,8 @@ struct snp_guest_dev { u8 *vmpck; }; -static u32 vmpck_id; -module_param(vmpck_id, uint, 0444); +static int vmpck_id = -1; +module_param(vmpck_id, int, 0444); MODULE_PARM_DESC(vmpck_id, "The VMPCK ID to use when communicating with the PSP."); /* Mutex to serialize the shared buffer access and command handling. */ @@ -923,6 +923,10 @@ static int __init sev_guest_probe(struct platform_device *pdev) if (!snp_dev) goto e_unmap; + /* Adjust the default VMPCK key based on the executing VMPL level */ + if (vmpck_id == -1) + vmpck_id = snp_get_vmpl(); + ret = -EINVAL; snp_dev->vmpck = get_vmpck(vmpck_id, layout, &snp_dev->os_area_msg_seqno); if (!snp_dev->vmpck) { From patchwork Fri Jan 26 22:16:03 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom Lendacky X-Patchwork-Id: 192810 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:2395:b0:106:343:edcb with SMTP id gw21csp181727dyb; Fri, 26 Jan 2024 14:19:59 -0800 (PST) X-Google-Smtp-Source: AGHT+IGvYGeHUk2x0ayqjLPhhybfoliMi1W6TemAZVBT02TuK3ZEugoz3hYgrDr8blpgGlwiXY/f X-Received: by 2002:a17:90a:a384:b0:293:e476:78d4 with SMTP id x4-20020a17090aa38400b00293e47678d4mr565630pjp.16.1706307599676; Fri, 26 Jan 2024 14:19:59 -0800 (PST) Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id pf10-20020a17090b1d8a00b00294fe9a7b74si438299pjb.180.2024.01.26.14.19.59 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 26 Jan 2024 14:19:59 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-40748-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=c4vMQ6fW; arc=fail (signature failed); spf=pass (google.com: domain of linux-kernel+bounces-40748-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-40748-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id B6A53283785 for ; Fri, 26 Jan 2024 22:19:52 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id AB3B941C9F; Fri, 26 Jan 2024 22:17:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="c4vMQ6fW" Received: from NAM04-MW2-obe.outbound.protection.outlook.com (mail-mw2nam04on2087.outbound.protection.outlook.com [40.107.101.87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B019724A1D for ; Fri, 26 Jan 2024 22:17:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.101.87 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706307449; cv=fail; b=gzXRZC9vAEkpUErXcInortuQrVHovspbFe6rKluMWd9DX6K66ulRqUPxuyD5dEaiJbBLa4F4q213VBNHNYZ0QlhHXzojajCADCdAq9VdLKfTJVMFnEoO+XSCLQRTKNuXIs8vx7B5nOH0NPIsrHS4wuliMmekWAWR9BEH3urSE7w= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706307449; c=relaxed/simple; bh=zv2NoQvY6xBwiGu7+L1yCl0+0ZhJ9c4RlMQQbLkvlU0=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=OEeKg2qbkDvnYUwW9Y6c+FC2W0SeJRmh4+pGy0tj9pNlXDrAzIa1V+62i5S7HLmi/AlJLNgdZF8YaoDKIpi9GgVMaYZhGKRAF9qrkcvhHeB9twBraclhruj0VcvoiAlYSC+peFMRxpZ4AFzeMdcEbIZE0l9L+1NCL8YK+TjEKT4= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=c4vMQ6fW; arc=fail smtp.client-ip=40.107.101.87 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MTAbdzSkOsIfeGLpxEirSJsMl4xbCuXypHKx4XhQJt5voNLfKbabJm9tbbzknb05XjggzgqiNaNTtHi2ekOmn295utq/AefymmtTVgfG87Xs5bp4qczUxVNYlV/nZi6u7kalsp4L3OuTqCQmrVVQSFIsWC2BpPhVHO9cFrX5cErX9SJJaDWLtBterKwdBjpAIpWNmOGaSJRT0AnkLYC6qur207+K6ZA2rQYkILzfhcCjGRJMPzRwKtM0vhsiyw3LfESgywLFiVCNHmv+XnupMqfpmbi3Xt+ucPT1kSCtp96ZC3U6n0Tay38EfuMqQA22q3HgJ/04sPlAScHnt2Dp1g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=s/QH1IkoxWFLqenf6Jg0sLYZt/55pkjiGykghjEXdr0=; b=GXswpnKaDWcpugAptwXRU8SDuzuszdVPXmOdFy+XGb5NtxNp24gFIQTCrkhIxVJr96AAVPEFXl6JLDiBCAR7V4xNmccTEd0QFJvGR8Hk30UUus7bEp05Na3T87bnfxFqk3X2Y3c5RMCjgdFNF0BFJNufeVgtGMsVm5H+r0x/nGVncVc2wVGMLjjuGUSYi7f7fvRhrbE09O4c2jDxpXAR4Ati+rzWc8HdAe0OPQMMsJ+cSEKAD5SEDogcQy/fOp+h++6vL70scOpQ3TG0AS8/fdr97/bWrweLGcOYr9aArYtNkat4G0r1ioggguqJelJe8iT5bD/pgoPRZ0aFRY8ECQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=s/QH1IkoxWFLqenf6Jg0sLYZt/55pkjiGykghjEXdr0=; b=c4vMQ6fWggepC9jEDT/4CUBTa9crdjvTU4KKIYP5oy3b+BxlAkmatbKJPcxZmU15G0/Cnn8T1B4od27qjbplLVtmuDVDPzTPX1E7cRCra0s2SwXGG7uHA9QgrpCrOs5h+mvOHK733teKXwY39tnRKhrkOv2okkIzznjCmEn5VpA= Received: from DS0PR17CA0003.namprd17.prod.outlook.com (2603:10b6:8:191::17) by CH3PR12MB7738.namprd12.prod.outlook.com (2603:10b6:610:14e::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.26; Fri, 26 Jan 2024 22:17:23 +0000 Received: from DS2PEPF0000343E.namprd02.prod.outlook.com (2603:10b6:8:191:cafe::17) by DS0PR17CA0003.outlook.office365.com (2603:10b6:8:191::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.26 via Frontend Transport; Fri, 26 Jan 2024 22:17:23 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DS2PEPF0000343E.mail.protection.outlook.com (10.167.18.41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7228.16 via Frontend Transport; Fri, 26 Jan 2024 22:17:23 +0000 Received: from tlendack-t1.amdoffice.net (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Fri, 26 Jan 2024 16:17:21 -0600 From: Tom Lendacky To: , CC: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Andy Lutomirski , "Peter Zijlstra" , Dan Williams , Michael Roth , Ashish Kalra Subject: [PATCH 10/11] x86/sev: Extend the config-fs attestation support for an SVSM Date: Fri, 26 Jan 2024 16:16:03 -0600 Message-ID: <10637f104d1ed7f21e281a4890f2c549d1e85985.1706307364.git.thomas.lendacky@amd.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PEPF0000343E:EE_|CH3PR12MB7738:EE_ X-MS-Office365-Filtering-Correlation-Id: 526225e5-71f0-48ad-debf-08dc1ebc923d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 1K+fefvR2rtQhE5xxxMqTolfOLUrp+qtt2pgpzgQtQyoqA+SC3uWSyVeqhtBOnPr+xGfRE5Y48GPis+56DRNvcasK50TEf9OG3KZ9DNt0XXGj/WFEgjldnM7AL6rMp755znV8tAl06KAWd5yWi3fPzHPG0bHrb2EkopkU1RE13AR1ga6n3iVqalUwHB6BrlPHiaayKOxchED75mm2pCINWw0Z+DAYDFKNeb2gNgo60iMPVKDiKwxTS5JadfcIsKQpJ7XG3qTpFAMBQkgDo/G/1gvOeKf2P800M03JOaTQT+bO3kE5AOfT40grDmEqZ01BWb0MDhQ6Kdpj0diihnXeDwtvLs5TLyIY90HRqtQg0FMvIWvMObvwDlGgvQjIOOSRF/oxBq/aog2m34/A7Dr0DLcDOHSPBRwc/TK+qoHF6+OcW3CbbuPK84+8WNdc+dG6uF99nB0uUmh214wFJ/7ZAuJGmtw+eLlmqdiglSBVJv1m4EbYDfL47bfZJiFzgh79DmfvlVgHopmdyx4D5KYY0rw1VzPnv7/iU3PSqV+myjtEYaBCLVqWv2QRNiG+biJSCDWvn8zOP4zgtCLYpPJE1QxMXJHfsxnia+nzh2YW2rndRYqgZel03cyHJ1D83od+gvTOgtBFzVptct7u5/MzDnw/0w/sTOkHgtwX6VdXq8dJtuJadvMud4woKCiu+vzlkjdvsnIbAatr23IetNDOt8PVMij+FG9OuWfP0PvRpfAwFoqlTJfBCXAlwkeHzsZlr5vgiNLVuRrPOLIqYtL6jpiMP8tAYerLfKVYDeC6ZI= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(136003)(396003)(39860400002)(346002)(376002)(230922051799003)(82310400011)(186009)(1800799012)(64100799003)(451199024)(46966006)(40470700004)(36840700001)(110136005)(70206006)(70586007)(356005)(54906003)(316002)(8676002)(41300700001)(16526019)(26005)(8936002)(40460700003)(40480700001)(81166007)(478600001)(966005)(2616005)(82740400003)(86362001)(6666004)(2906002)(5660300002)(7416002)(30864003)(4326008)(83380400001)(336012)(426003)(36756003)(47076005)(36860700001)(36900700001)(309714004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Jan 2024 22:17:23.5199 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 526225e5-71f0-48ad-debf-08dc1ebc923d X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS2PEPF0000343E.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH3PR12MB7738 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1789193197356092135 X-GMAIL-MSGID: 1789193197356092135 When an SVSM is present, the guest can also request attestation reports from the SVSM. These SVSM attestation reports can be used to attest the SVSM and any services running within the SVSM. Extend the config-fs attestation support to allow for an SVSM attestation report. This involves creating four (4) new config-fs attributes: - 'svsm' (input) This attribute is used to determine whether the attestation request should be sent to the SVSM or to the SEV firmware. - 'service_guid' (input) Used for requesting the attestation of a single service within the SVSM. A null GUID implies that the SVSM_ATTEST_SERVICES call should be used to request the attestation report. A non-null GUID implies that the SVSM_ATTEST_SINGLE_SERVICE call should be used. - 'service_version' (input) Used with the SVSM_ATTEST_SINGLE_SERVICE call, the service version represents a specific service manifest version be used for the attestation report. - 'manifestblob' (output) Used to return the service manifest associated with the attestation report. Signed-off-by: Tom Lendacky --- Documentation/ABI/testing/configfs-tsm | 55 ++++++++++ arch/x86/include/asm/sev.h | 31 +++++- arch/x86/kernel/sev.c | 50 +++++++++ drivers/virt/coco/sev-guest/sev-guest.c | 137 ++++++++++++++++++++++++ drivers/virt/coco/tsm.c | 95 +++++++++++++++- include/linux/tsm.h | 11 ++ 6 files changed, 376 insertions(+), 3 deletions(-) diff --git a/Documentation/ABI/testing/configfs-tsm b/Documentation/ABI/testing/configfs-tsm index dd24202b5ba5..c5423987d323 100644 --- a/Documentation/ABI/testing/configfs-tsm +++ b/Documentation/ABI/testing/configfs-tsm @@ -31,6 +31,21 @@ Description: Standardization v2.03 Section 4.1.8.1 MSG_REPORT_REQ. https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/56421.pdf +What: /sys/kernel/config/tsm/report/$name/manifestblob +Date: January, 2024 +KernelVersion: v6.9 +Contact: linux-coco@lists.linux.dev +Description: + (RO) Optional supplemental data that a TSM may emit, visibility + of this attribute depends on TSM, and may be empty if no + manifest data is available. + + When @provider is "sev_guest" and the "svsm" attribute is set + this file contains the service manifest used for the SVSM + attestation report from Secure VM Service Module for SEV-SNP + Guests v1.00 Section 7. + https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/58019.pdf + What: /sys/kernel/config/tsm/report/$name/provider Date: September, 2023 KernelVersion: v6.7 @@ -80,3 +95,43 @@ Contact: linux-coco@lists.linux.dev Description: (RO) Indicates the minimum permissible value that can be written to @privlevel. + +What: /sys/kernel/config/tsm/report/$name/svsm +Date: January, 2024 +KernelVersion: v6.9 +Contact: linux-coco@lists.linux.dev +Description: + (WO) Attribute is visible if a TSM implementation provider + supports the concept of attestation reports for TVMs running + under an SVSM, like SEV-SNP. Specifying any non-zero value + implies that the attestation report should come from the SVSM. + Secure VM Service Module for SEV-SNP Guests v1.00 Section 7. + https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/58019.pdf + +What: /sys/kernel/config/tsm/report/$name/service_guid +Date: January, 2024 +KernelVersion: v6.9 +Contact: linux-coco@lists.linux.dev +Description: + (WO) Attribute is visible if a TSM implementation provider + supports the concept of attestation reports for TVMs running + under an SVSM, like SEV-SNP. Specifying a empty or null GUID + (00000000-0000-0000-0000-000000) requests all active services + within the SVSM be part of the attestation report. Specifying + a non-null GUID requests an attestation report of just the + specified service using the manifest form specified by the + service_version attribute. + Secure VM Service Module for SEV-SNP Guests v1.00 Section 7. + https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/58019.pdf + +What: /sys/kernel/config/tsm/report/$name/service_version +Date: January, 2024 +KernelVersion: v6.9 +Contact: linux-coco@lists.linux.dev +Description: + (WO) Attribute is visible if a TSM implementation provider + supports the concept of attestation reports for TVMs running + under an SVSM, like SEV-SNP. Indicates the service manifest + version requested for the attestation report. + Secure VM Service Module for SEV-SNP Guests v1.00 Section 7. + https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/58019.pdf diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index b126e50a1358..4cafa92d1d3e 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -194,6 +194,27 @@ struct svsm_pvalidate_call { struct svsm_pvalidate_entry entry[]; }; +/* + * The SVSM Attestation related structures + */ +struct svsm_location_entry { + u64 pa; + u32 len; + u8 rsvd[4]; +}; + +struct svsm_attestation_call { + struct svsm_location_entry report_buffer; + struct svsm_location_entry nonce; + struct svsm_location_entry manifest_buffer; + struct svsm_location_entry certificates_buffer; + + /* For attesting a single service */ + u8 service_guid[16]; + u32 service_version; + u8 rsvd[4]; +}; + /* * SVSM protocol structure */ @@ -217,6 +238,10 @@ struct svsm_call { #define SVSM_CORE_CREATE_VCPU 2 #define SVSM_CORE_DELETE_VCPU 3 +#define SVSM_ATTEST_CALL(x) ((1ULL << 32) | (x)) +#define SVSM_ATTEST_SERVICES 0 +#define SVSM_ATTEST_SINGLE_SERVICE 1 + #ifdef CONFIG_AMD_MEM_ENCRYPT extern void __sev_es_ist_enter(struct pt_regs *regs); extern void __sev_es_ist_exit(void); @@ -287,6 +312,7 @@ void snp_set_wakeup_secondary_cpu(void); bool snp_init(struct boot_params *bp); void __init __noreturn snp_abort(void); int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, struct snp_guest_request_ioctl *rio); +int snp_issue_svsm_attestation_request(u64 call_id, struct svsm_attestation_call *input); void snp_accept_memory(phys_addr_t start, phys_addr_t end); u64 snp_get_unsupported_features(u64 status); u64 sev_get_status(void); @@ -316,7 +342,10 @@ static inline int snp_issue_guest_request(u64 exit_code, struct snp_req_data *in { return -ENOTTY; } - +static inline int snp_issue_svsm_attestation_request(u64 call_id, struct svsm_attestation_call *input) +{ + return -ENOTTY; +} static inline void snp_accept_memory(phys_addr_t start, phys_addr_t end) { } static inline u64 snp_get_unsupported_features(u64 status) { return 0; } static inline u64 sev_get_status(void) { return 0; } diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index 849df3aae4e1..83bc5efa8fcf 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -2378,6 +2378,56 @@ static int __init init_sev_config(char *str) } __setup("sev=", init_sev_config); +static void update_attestation_input(struct svsm_call *call, struct svsm_attestation_call *input) +{ + /* If (new) lengths have been returned, propograte them up */ + if (call->rcx_out != call->rcx) + input->manifest_buffer.len = call->rcx_out; + + if (call->rdx_out != call->rdx) + input->certificates_buffer.len = call->rdx_out; + + if (call->r8_out != call->r8) + input->report_buffer.len = call->r8_out; +} + +int snp_issue_svsm_attestation_request(u64 call_id, struct svsm_attestation_call *input) +{ + struct svsm_attestation_call *attest_call; + struct svsm_call call = {}; + unsigned long flags; + u64 attest_call_pa; + int ret; + + if (!vmpl) + return -EINVAL; + + local_irq_save(flags); + + call.caa = __svsm_get_caa(); + + attest_call = (struct svsm_attestation_call *)call.caa->svsm_buffer; + attest_call_pa = __svsm_get_caa_pa() + offsetof(struct svsm_ca, svsm_buffer); + + memcpy(attest_call, input, sizeof(*attest_call)); + + /* + * Set input registers for the request and set RDX and R8 to known + * values in order to detect length values being returned in them. + */ + call.rax = call_id; + call.rcx = attest_call_pa; + call.rdx = -1; + call.r8 = -1; + ret = svsm_protocol(&call); + update_attestation_input(&call, input); + + local_irq_restore(flags); + + return ret; +} +EXPORT_SYMBOL_GPL(snp_issue_svsm_attestation_request); + int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, struct snp_guest_request_ioctl *rio) { struct ghcb_state state; diff --git a/drivers/virt/coco/sev-guest/sev-guest.c b/drivers/virt/coco/sev-guest/sev-guest.c index 1ff897913bf4..3693373c4227 100644 --- a/drivers/virt/coco/sev-guest/sev-guest.c +++ b/drivers/virt/coco/sev-guest/sev-guest.c @@ -783,6 +783,140 @@ struct snp_msg_cert_entry { u32 length; }; +static int sev_svsm_report_new(struct tsm_report *report, void *data) +{ + unsigned int report_len, manifest_len, certificates_len; + void *report_blob, *manifest_blob, *certificates_blob; + struct svsm_attestation_call attest_call = {}; + struct tsm_desc *desc = &report->desc; + unsigned int size; + bool try_again; + void *buffer; + u64 call_id; + int ret; + + /* + * Allocate pages for the request: + * - Report blob (4K) + * - Manifest blob (4K) + * - Certificate blob (16K) + * + * Above addresses must be 4K aligned + */ + report_len = SZ_4K; + manifest_len = SZ_4K; + certificates_len = SEV_FW_BLOB_MAX_SIZE; + +retry: + size = report_len + manifest_len + certificates_len; + buffer = alloc_pages_exact(size, __GFP_ZERO); + if (!buffer) + return -ENOMEM; + + report_blob = buffer; + attest_call.report_buffer.pa = __pa(report_blob); + attest_call.report_buffer.len = report_len; + + manifest_blob = report_blob + report_len; + attest_call.manifest_buffer.pa = __pa(manifest_blob); + attest_call.manifest_buffer.len = manifest_len; + + certificates_blob = manifest_blob + manifest_len; + attest_call.certificates_buffer.pa = __pa(certificates_blob); + attest_call.certificates_buffer.len = certificates_len; + + attest_call.nonce.pa = __pa(desc->inblob); + attest_call.nonce.len = desc->inblob_len; + + if (guid_is_null(&desc->service_guid)) { + call_id = SVSM_ATTEST_CALL(SVSM_ATTEST_SERVICES); + } else { + export_guid(attest_call.service_guid, &desc->service_guid); + attest_call.service_version = desc->service_version; + + call_id = SVSM_ATTEST_CALL(SVSM_ATTEST_SINGLE_SERVICE); + } + + ret = snp_issue_svsm_attestation_request(call_id, &attest_call); + switch (ret) { + case SVSM_SUCCESS: + break; + case SVSM_ERR_INVALID_PARAMETER: + try_again = false; + + if (attest_call.report_buffer.len > report_len) { + report_len = PAGE_ALIGN(attest_call.report_buffer.len); + try_again = true; + } + + if (attest_call.manifest_buffer.len > manifest_len) { + manifest_len = PAGE_ALIGN(attest_call.manifest_buffer.len); + try_again = true; + } + + if (attest_call.certificates_buffer.len > certificates_len) { + certificates_len = PAGE_ALIGN(attest_call.certificates_buffer.len); + try_again = true; + } + + /* If one of the buffers wasn't large enough, retry the request */ + if (try_again) { + free_pages_exact(buffer, size); + goto retry; + } + + ret = -EINVAL; + goto error; + case SVSM_ERR_BUSY: + ret = -EAGAIN; + goto error; + default: + pr_err_ratelimited("SVSM attestation request failed (%#x)\n", ret); + ret = -EINVAL; + goto error; + } + + ret = -ENOMEM; + + report_len = attest_call.report_buffer.len; + void *rbuf __free(kvfree) = kvzalloc(report_len, GFP_KERNEL); + if (!rbuf) + goto error; + + memcpy(rbuf, report_blob, report_len); + report->outblob = no_free_ptr(rbuf); + report->outblob_len = report_len; + + manifest_len = attest_call.manifest_buffer.len; + void *mbuf __free(kvfree) = kvzalloc(manifest_len, GFP_KERNEL); + if (!mbuf) + goto error; + + memcpy(mbuf, manifest_blob, manifest_len); + report->manifestblob = no_free_ptr(mbuf); + report->manifestblob_len = manifest_len; + + certificates_len = attest_call.certificates_buffer.len; + if (!certificates_len) + goto success; + + void *cbuf __free(kvfree) = kvzalloc(certificates_len, GFP_KERNEL); + if (!cbuf) + goto error; + + memcpy(cbuf, certificates_blob, certificates_len); + report->auxblob = no_free_ptr(cbuf); + report->auxblob_len = certificates_len; + +success: + ret = 0; + +error: + free_pages_exact(buffer, size); + + return ret; +} + static int sev_report_new(struct tsm_report *report, void *data) { struct snp_msg_cert_entry *cert_table; @@ -797,6 +931,9 @@ static int sev_report_new(struct tsm_report *report, void *data) if (desc->inblob_len != SNP_REPORT_USER_DATA_SIZE) return -EINVAL; + if (desc->svsm) + return sev_svsm_report_new(report, data); + void *buf __free(kvfree) = kvzalloc(size, GFP_KERNEL); if (!buf) return -ENOMEM; diff --git a/drivers/virt/coco/tsm.c b/drivers/virt/coco/tsm.c index d1c2db83a8ca..33fa26406bc6 100644 --- a/drivers/virt/coco/tsm.c +++ b/drivers/virt/coco/tsm.c @@ -35,7 +35,7 @@ static DECLARE_RWSEM(tsm_rwsem); * The attestation report format is TSM provider specific, when / if a standard * materializes that can be published instead of the vendor layout. Until then * the 'provider' attribute indicates the format of 'outblob', and optionally - * 'auxblob'. + * 'auxblob' and 'manifestblob'. */ struct tsm_report_state { @@ -48,6 +48,7 @@ struct tsm_report_state { enum tsm_data_select { TSM_REPORT, TSM_CERTS, + TSM_MANIFEST, }; static struct tsm_report *to_tsm_report(struct config_item *cfg) @@ -119,6 +120,77 @@ static ssize_t tsm_report_privlevel_floor_show(struct config_item *cfg, } CONFIGFS_ATTR_RO(tsm_report_, privlevel_floor); +static ssize_t tsm_report_svsm_store(struct config_item *cfg, + const char *buf, size_t len) +{ + struct tsm_report *report = to_tsm_report(cfg); + unsigned int val; + int rc; + + rc = kstrtouint(buf, 0, &val); + if (rc) + return rc; + + guard(rwsem_write)(&tsm_rwsem); + rc = try_advance_write_generation(report); + if (rc) + return rc; + report->desc.svsm = !!val; + + return len; +} +CONFIGFS_ATTR_WO(tsm_report_, svsm); + +static ssize_t tsm_report_service_guid_store(struct config_item *cfg, + const char *buf, size_t len) +{ + struct tsm_report *report = to_tsm_report(cfg); + size_t guid_len; + int rc; + + guard(rwsem_write)(&tsm_rwsem); + rc = try_advance_write_generation(report); + if (rc) + return rc; + + /* Obtain the GUID string length */ + guid_len = (len && buf[len - 1] == '\n') ? len - 1 : len; + if (guid_len && guid_len != UUID_STRING_LEN) + return -EINVAL; + + if (guid_len == UUID_STRING_LEN) { + rc = guid_parse(buf, &report->desc.service_guid); + if (rc) + return rc; + } else { + report->desc.service_guid = guid_null; + } + + return len; +} +CONFIGFS_ATTR_WO(tsm_report_, service_guid); + +static ssize_t tsm_report_service_version_store(struct config_item *cfg, + const char *buf, size_t len) +{ + struct tsm_report *report = to_tsm_report(cfg); + unsigned int val; + int rc; + + rc = kstrtouint(buf, 0, &val); + if (rc) + return rc; + + guard(rwsem_write)(&tsm_rwsem); + rc = try_advance_write_generation(report); + if (rc) + return rc; + report->desc.service_version = val; + + return len; +} +CONFIGFS_ATTR_WO(tsm_report_, service_version); + static ssize_t tsm_report_inblob_write(struct config_item *cfg, const void *buf, size_t count) { @@ -163,6 +235,9 @@ static ssize_t __read_report(struct tsm_report *report, void *buf, size_t count, if (select == TSM_REPORT) { out = report->outblob; len = report->outblob_len; + } else if (select == TSM_MANIFEST) { + out = report->manifestblob; + len = report->manifestblob_len; } else { out = report->auxblob; len = report->auxblob_len; @@ -188,7 +263,7 @@ static ssize_t read_cached_report(struct tsm_report *report, void *buf, /* * A given TSM backend always fills in ->outblob regardless of - * whether the report includes an auxblob or not. + * whether the report includes an auxblob/manifestblob or not. */ if (!report->outblob || state->read_generation != state->write_generation) @@ -224,8 +299,10 @@ static ssize_t tsm_report_read(struct tsm_report *report, void *buf, kvfree(report->outblob); kvfree(report->auxblob); + kvfree(report->manifestblob); report->outblob = NULL; report->auxblob = NULL; + report->manifestblob = NULL; rc = ops->report_new(report, provider.data); if (rc < 0) return rc; @@ -252,6 +329,15 @@ static ssize_t tsm_report_auxblob_read(struct config_item *cfg, void *buf, } CONFIGFS_BIN_ATTR_RO(tsm_report_, auxblob, NULL, TSM_OUTBLOB_MAX); +static ssize_t tsm_report_manifestblob_read(struct config_item *cfg, void *buf, + size_t count) +{ + struct tsm_report *report = to_tsm_report(cfg); + + return tsm_report_read(report, buf, count, TSM_MANIFEST); +} +CONFIGFS_BIN_ATTR_RO(tsm_report_, manifestblob, NULL, TSM_OUTBLOB_MAX); + #define TSM_DEFAULT_ATTRS() \ &tsm_report_attr_generation, \ &tsm_report_attr_provider @@ -265,6 +351,9 @@ static struct configfs_attribute *tsm_report_extra_attrs[] = { TSM_DEFAULT_ATTRS(), &tsm_report_attr_privlevel, &tsm_report_attr_privlevel_floor, + &tsm_report_attr_svsm, + &tsm_report_attr_service_guid, + &tsm_report_attr_service_version, NULL, }; @@ -280,6 +369,7 @@ static struct configfs_bin_attribute *tsm_report_bin_attrs[] = { static struct configfs_bin_attribute *tsm_report_bin_extra_attrs[] = { TSM_DEFAULT_BIN_ATTRS(), &tsm_report_attr_auxblob, + &tsm_report_attr_manifestblob, NULL, }; @@ -288,6 +378,7 @@ static void tsm_report_item_release(struct config_item *cfg) struct tsm_report *report = to_tsm_report(cfg); struct tsm_report_state *state = to_state(report); + kvfree(report->manifestblob); kvfree(report->auxblob); kvfree(report->outblob); kfree(state); diff --git a/include/linux/tsm.h b/include/linux/tsm.h index de8324a2223c..7c36b8448b4f 100644 --- a/include/linux/tsm.h +++ b/include/linux/tsm.h @@ -4,6 +4,7 @@ #include #include +#include #define TSM_INBLOB_MAX 64 #define TSM_OUTBLOB_MAX SZ_32K @@ -19,11 +20,17 @@ * @privlevel: optional privilege level to associate with @outblob * @inblob_len: sizeof @inblob * @inblob: arbitrary input data + * @svsm: optional indicator of where to obtain the tsm report blob + * @service_guid: optional SVSM service guid to attest + * @service_version: optional SVSM service manifest version requested */ struct tsm_desc { unsigned int privlevel; size_t inblob_len; u8 inblob[TSM_INBLOB_MAX]; + bool svsm; + guid_t service_guid; + unsigned int service_version; }; /** @@ -33,6 +40,8 @@ struct tsm_desc { * @outblob: generated evidence to provider to the attestation agent * @auxblob_len: sizeof(@auxblob) * @auxblob: (optional) auxiliary data to the report (e.g. certificate data) + * @manifestblob_len: sizeof(@manifestblob) + * @manifestblob: (optional) manifest data associated with the report */ struct tsm_report { struct tsm_desc desc; @@ -40,6 +49,8 @@ struct tsm_report { u8 *outblob; size_t auxblob_len; u8 *auxblob; + size_t manifestblob_len; + u8 *manifestblob; }; /** From patchwork Fri Jan 26 22:16:04 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom Lendacky X-Patchwork-Id: 192811 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:2395:b0:106:343:edcb with SMTP id gw21csp181821dyb; Fri, 26 Jan 2024 14:20:09 -0800 (PST) X-Google-Smtp-Source: AGHT+IExiFE6dEqI2USH7kPLPgpVcSoHlHz/eSNgIeoLsEDMKQA3KXSdeKWE+ukcTPMuUD9Q7pso X-Received: by 2002:a05:600c:4504:b0:40e:d411:a16d with SMTP id t4-20020a05600c450400b0040ed411a16dmr347354wmo.29.1706307609675; Fri, 26 Jan 2024 14:20:09 -0800 (PST) Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id b5-20020aa7cd05000000b0055c992af827si1075849edw.291.2024.01.26.14.20.09 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 26 Jan 2024 14:20:09 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-40749-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=R9kvv2Kc; arc=fail (signature failed); spf=pass (google.com: domain of linux-kernel+bounces-40749-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-40749-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 110BB1F23C35 for ; Fri, 26 Jan 2024 22:20:09 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id B9CC550A8B; Fri, 26 Jan 2024 22:17:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="R9kvv2Kc" Received: from NAM04-BN8-obe.outbound.protection.outlook.com (mail-bn8nam04on2076.outbound.protection.outlook.com [40.107.100.76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5FA8041C9B for ; Fri, 26 Jan 2024 22:17:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.100.76 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706307457; cv=fail; b=gFqpPgjXwMREHrwi6eiPK6dr2jfIbZyRP81UqVmtaAjTkcMuqcVqj4+LkdES//AddJEjh1DPWvdDG+UeBUamjsnt30m/LVCTpYkq/iXPoLMn6z3WWd4C7AhaCx9j5col3Er1szJPe7Y3JniOmF0oZn7YoSvQuF73tPXhFWVRtE0= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706307457; c=relaxed/simple; bh=F9Uq61zorLEyRYVf+AcwG/Ld2eqNDwiyh/SWKBADdnk=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=jRKRUyQMLIO7Hu/aWz3BNDLwadXqLcQJuX3vwOkTrkptbavXcSuFXhChCtaB2neFcjV+avCa4ZtuMdT6+NVxl0t6CJJdq5+0zffv2zyQe5sG3UcCwIF6XR7c8bYnZSZ4TAYGikAoj8zUtLJ6oGeLpSiaTqnNEdO2+HvpMxGdBv8= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=R9kvv2Kc; arc=fail smtp.client-ip=40.107.100.76 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=TmcSGaGdfLeIsLNABUla75aM6ur5bDRQcuZEUdVOgZ+asgUk5PdEUDdzcErC5ZwhwCRBSAyefJsozB8TvD9AdhaE7+jbdIxnxM+V9y3oGhIqnumiSSt3JdsWENaSgJB1Z6rrl/Fv8NDBRNqD7sgPF4k7vkMe5J04aFHizcNbfWvk0LpwjG/51x7vFVKnD/fyBMRkBBEOcJ/8Vq3zR06mm/5bnnhuRnNCJy2pU16p6yuTehxiLs//myzVBEz1MRA+JHOgV7e2Mbw63XTrF4sti/ydmGrzT3LUuF7xh0OMO900EVLyd/NGIwmzwDbpeOukMG8w746qr2grU3kKjSvxrg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=mfvsnk4nOTqvQjmwQKlkw037x589HbEiEY57gt2pI9I=; b=ccYSSdkf80iIPumsW9V/J1mfl/nsPY1XQrR/eTs8Xogq2eV9AyjqvDTHsbUKRMsrKvcOdO+w+x+iAp+ZEhbM0GD4C1SezFpDhutm5tXh0/ij5I08Ofvy1BboMuPoozK3fGHccnQAlHjlc037BWwhc558n6hoa9lyrz5Y6eP18iB7ENZJwCEafxlhqd2pzE4TNRCBAc7ylwVIiIJ0jKHuFKM7SIKeuu8hU3KSs28zaWIaeM2ubccyUku3jf2llwdqhdujL2Ib6VgpRlAMF6sHvhRmAXD+U2RT0AgYZ+FfOb1432WnK3Aha/3VSolPLepcZcA8umMD0WcVvLapeCHhRw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=mfvsnk4nOTqvQjmwQKlkw037x589HbEiEY57gt2pI9I=; b=R9kvv2Kcja7FmmJ/hXSp8IVr3WeSeIhM1VhbFeRVhCFbeKQj2B4QpNwP+3nbIhx+MBQtZ1bPjVBA12vcgKZnl3PlFa9J5OL0cuzuoZbeNHxNflkqDafn1pK0xmWfXaeKbM9deDgegPhuKOgniBX/XRHNQrAADnKB6NIJFG3q6VI= Received: from DS0PR17CA0009.namprd17.prod.outlook.com (2603:10b6:8:191::9) by SA1PR12MB8968.namprd12.prod.outlook.com (2603:10b6:806:388::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.27; Fri, 26 Jan 2024 22:17:31 +0000 Received: from DS2PEPF0000343E.namprd02.prod.outlook.com (2603:10b6:8:191:cafe::e) by DS0PR17CA0009.outlook.office365.com (2603:10b6:8:191::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.27 via Frontend Transport; Fri, 26 Jan 2024 22:17:31 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DS2PEPF0000343E.mail.protection.outlook.com (10.167.18.41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7228.16 via Frontend Transport; Fri, 26 Jan 2024 22:17:31 +0000 Received: from tlendack-t1.amdoffice.net (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Fri, 26 Jan 2024 16:17:28 -0600 From: Tom Lendacky To: , CC: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Andy Lutomirski , "Peter Zijlstra" , Dan Williams , Michael Roth , Ashish Kalra Subject: [PATCH 11/11] x86/sev: Allow non-VMPL0 execution when an SVSM is present Date: Fri, 26 Jan 2024 16:16:04 -0600 Message-ID: X-Mailer: git-send-email 2.42.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PEPF0000343E:EE_|SA1PR12MB8968:EE_ X-MS-Office365-Filtering-Correlation-Id: a690091d-45c8-4bcd-82b6-08dc1ebc96ef X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 7V7RPHMOgcBHncJX16y4jyTwAVuoqBkGjCgSPdlxIpdq1NNrXtP+h6mKWa5d2sCw29BVcshnC8Ha1vLMwMojW2CEphNfqDgljKduBJC1AfgjEPHTpEfWShTjjDWTrsD8YU/7hQXYxqmUtGlip06G6JSID6+LM2f4ewT7NeRm2GakTQ0Kq8T1VVKSZK1XjwuW6buOevJer/TN6vPElMt1lKwJ5lajXiTr9BUKxzN7nggpK1eRVbvBRj7RtYIJhgxbeDR0Pfwure3Ixaw175wbrOXf6sSFfOtyRQSBi/APc95LpCv0FkUOPstsuDF0rs1C7PVh8cnO2ZSz2t07zTmkXRekoKlPBpmGMoGrZp/mRu3k6Eq5ADP1QjH6mGekisClwWuGJQ95no7hNteRmwbXnpDNnytXNufX2Xb/wkXenCqS0lOWS0NoSRcZRBsY3/GCa7fgwygPLBdIjfB9bgEkm1m/mRTegFAmxRnYg3Pbx4jdBpsl5vAIvXJutSsV8oxqOmg/FAO64J0NEHk4/picmn+aAncQ0tRhZM3Ittg+jrNSCVyOeQqsRVMPgmA++pgjDNqKEeiINLrop14uMbDT5AhdK6UDfYtV1NwoN0u0qQQsAjL1gYSj+b9LjSB+bqZm92A/dxBAQmu2PHx+yVa/X7/5WIlkG6KerSsK7XNfoeqvXaChf6M73TDE+T/uC1BoHSM+Fh5fYV3OKb8SPbuZLsg8v+eLr1iUGXl+nuB6mbdk8YFIouYfgMc02xC/55cUE3xSmLijpOoBMLt4n9qm6g== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(346002)(376002)(396003)(136003)(39860400002)(230922051799003)(451199024)(1800799012)(64100799003)(82310400011)(186009)(46966006)(40470700004)(36840700001)(41300700001)(426003)(26005)(2616005)(336012)(40480700001)(40460700003)(16526019)(6666004)(36860700001)(47076005)(54906003)(316002)(81166007)(478600001)(83380400001)(82740400003)(356005)(36756003)(70206006)(5660300002)(2906002)(7416002)(110136005)(70586007)(86362001)(4326008)(8676002)(8936002)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Jan 2024 22:17:31.3950 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: a690091d-45c8-4bcd-82b6-08dc1ebc96ef X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS2PEPF0000343E.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR12MB8968 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1789193208233574130 X-GMAIL-MSGID: 1789193208233574130 To allow execution at a level other than VMPL0, an SVSM must be present. Allow the SEV-SNP guest to continue booting if an SVSM is detected and the hypervisor supports the SVSM feature as indicated in the GHCB hypervisor features bitmap. Signed-off-by: Tom Lendacky --- arch/x86/boot/compressed/sev.c | 11 +++++++++-- arch/x86/include/asm/sev-common.h | 1 + arch/x86/kernel/sev.c | 20 +++++++++++++++++--- 3 files changed, 27 insertions(+), 5 deletions(-) diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c index 3fbb614c31e0..6740f6298524 100644 --- a/arch/x86/boot/compressed/sev.c +++ b/arch/x86/boot/compressed/sev.c @@ -608,10 +608,17 @@ void sev_enable(struct boot_params *bp) * features. */ if (sev_status & MSR_AMD64_SEV_SNP_ENABLED) { - if (!(get_hv_features() & GHCB_HV_FT_SNP)) + u64 hv_features = get_hv_features(); + + if (!(hv_features & GHCB_HV_FT_SNP)) sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SNP_UNSUPPORTED); - if (!running_at_vmpl0(&boot_ghcb_page)) + /* + * VMPL0 is not required if an SVSM is present and the hypervisor + * supports the required SVSM GHCB events. + */ + if (!running_at_vmpl0(&boot_ghcb_page) && + !(vmpl && (hv_features & GHCB_HV_FT_SNP_MULTI_VMPL))) sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_NOT_VMPL0); } diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index 71db5ba020b9..3de377a4e981 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -118,6 +118,7 @@ enum psc_op { #define GHCB_HV_FT_SNP BIT_ULL(0) #define GHCB_HV_FT_SNP_AP_CREATION BIT_ULL(1) +#define GHCB_HV_FT_SNP_MULTI_VMPL BIT_ULL(5) /* * SNP Page State Change NAE event diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index 83bc5efa8fcf..a2c1a28335a5 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -2344,22 +2344,36 @@ static void dump_cpuid_table(void) * sort of indicator, and there's not really any other good place to do it, * so do it here. */ -static int __init report_cpuid_table(void) +static void __init report_cpuid_table(void) { const struct snp_cpuid_table *cpuid_table = snp_cpuid_get_table(); if (!cpuid_table->count) - return 0; + return; pr_info("Using SNP CPUID table, %d entries present.\n", cpuid_table->count); if (sev_cfg.debug) dump_cpuid_table(); +} + +static void __init report_vmpl_level(void) +{ + if (!cc_platform_has(CC_ATTR_GUEST_SEV_SNP)) + return; + + pr_info("SNP running at VMPL%u.\n", vmpl); +} + +static int __init report_snp_info(void) +{ + report_vmpl_level(); + report_cpuid_table(); return 0; } -arch_initcall(report_cpuid_table); +arch_initcall(report_snp_info); static int __init init_sev_config(char *str) {