From patchwork Mon Feb 26 21:32:36 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: John Allen X-Patchwork-Id: 206944 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:a81b:b0:108:e6aa:91d0 with SMTP id bq27csp2348801dyb; Mon, 26 Feb 2024 13:42:51 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCXO0sO9VM3z8ZidFGWF85JmqPMRuYH28anW83qgJ8Mx2v4cgGPRAWjSBHRek4eqc3SUkfVKu9grcWXiSFzSs6BaJ1aXgQ== X-Google-Smtp-Source: AGHT+IHxr0s7DmUGWODQj9unGWiDmC2d/Qa+dgIKNP30yaDKR4wzGboVbLYmvcDTmbXGRkFpXAM1 X-Received: by 2002:a17:902:cece:b0:1d7:2e86:fb2a with SMTP id d14-20020a170902cece00b001d72e86fb2amr9288994plg.65.1708983770975; Mon, 26 Feb 2024 13:42:50 -0800 (PST) Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [2604:1380:40f1:3f00::1]) by mx.google.com with ESMTPS id x7-20020a1709028ec700b001dbad3d9ca4si197498plo.648.2024.02.26.13.42.50 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 26 Feb 2024 13:42:50 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-82354-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) client-ip=2604:1380:40f1:3f00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=KpPw6VOf; arc=fail (signature failed); spf=pass (google.com: domain of linux-kernel+bounces-82354-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-82354-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 918D2B21CEA for ; Mon, 26 Feb 2024 21:34:33 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 562241332A0; Mon, 26 Feb 2024 21:33:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="KpPw6VOf" Received: from NAM04-MW2-obe.outbound.protection.outlook.com (mail-mw2nam04on2046.outbound.protection.outlook.com [40.107.101.46]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B0C87132C1D; Mon, 26 Feb 2024 21:33:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.101.46 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708983195; cv=fail; b=gCcHCi7UCFSkez4bmhpw7Rvkr3I3xqvGFuZEQ1IwwC19LccyGiTQbk4FSdhH9IIB3XGWPDxkXaCWDrue22Yi2xhoS5X9h59UolebID/1INColBLYNXC1Rfrnfry/UmqD8pcD4BVRWw0p0CBW6HPq7HqtsJeRvC7Hkk0OsQPf9qs= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708983195; c=relaxed/simple; bh=rtnGlq6gRg1XcX3RYtBqfd2Z0nbKvriH2QWs29XCtKY=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=Tjzyz2gJgCmTFMBnTmIr2AAJa3Ow+bMPNYgSWPbA/DwOA4sncFZVhO3E2KYZeVk6s+r/poKHEcMvHEjF4BbBRWNUlLJ8FCAtbT4JcF6sOS8QTuFdeO0DmTuR5Q9gXQSoluFOZXuU5ljgjHutfmFfV4LVWlNPhxnYipPVDyvoBgw= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=KpPw6VOf; arc=fail smtp.client-ip=40.107.101.46 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cNpB8A4WCQ9BiS5oYbFTrEy2gqY3D5GZV+Ft515pzHr546wsSVvJhFDMTRdQ3JlBl7ihH1/8qkRx+ymGNbRrFaxTiVyXRRlJcMTkUouWGO+CjlifsGJLSQlvx77Op7dCPW+nJ4yyS3Jg8FA8vpAyiuH2AzvSYpPI5H/0A5NlV+dIBAN2gdbfrL2ffx23hTW9yIZeChzTSUe1J2DGyZqX6iTwLLCZrwLuTPY0eUGwW41E57McF9OPbo9wiAeid1gGyvhj9ou7wfGLbFGpTOw+Q6GlsNLTx7824CWYu9VmaRglWuGeVH/HEYmyYExNb63kBRpoh39FQJjIt3TQxcgSjw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=PTY+shWmlpmyP7U4tVn/xNTUAY1T9x5k0xnVmDBdqug=; b=GMAxnwGwkwsGEpI8h1c7ekdp9P8+vDVNA9cO+3RzI3Mjm39ri6wxM2uAI05hLnWRZf22rKnHm1viYrfvznjY4Lq1pWaEW2BJuExH1TmyC0jUJiSijrnVVpVnt+Bzwz6lpGzwPZK5ylGX8w94AHi6/pY7DLwifY6ChzQmfGXoLMALci76BMNdsktWMM292XxuMCaQ4JGbqQ2VXW3x5MKZVVzoTPC7VCf9BWRaNQ+9Up/B1RCn9rTPEhXPDaHnJS+4yQfRmy1e+nEJYBM80kt+tlXFbiyHzvcNw8weI8GQUmWvZpAHbu5xUmp2Nqig8zzfQ1dB2bNbbnC/QNVC34nPkw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=PTY+shWmlpmyP7U4tVn/xNTUAY1T9x5k0xnVmDBdqug=; b=KpPw6VOfmjr0zllNQ2IkFW6Qom+qdpll+yRrpbCu86s72yz57tLV2QSO1/NPIIll8XvHBFewDNUYRGwkhrHwKva9+F646Da+Jyc2VsJoAq7PgRwhCH5M/1v/kSHFh6cfZNvQs2WIzjiKepdYzTYw5Xpun++lR7ywB/gNT0/CVx8= Received: from CH5P223CA0017.NAMP223.PROD.OUTLOOK.COM (2603:10b6:610:1f3::13) by MW4PR12MB7382.namprd12.prod.outlook.com (2603:10b6:303:222::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7316.34; Mon, 26 Feb 2024 21:33:10 +0000 Received: from CH3PEPF0000000A.namprd04.prod.outlook.com (2603:10b6:610:1f3:cafe::9f) by CH5P223CA0017.outlook.office365.com (2603:10b6:610:1f3::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7292.49 via Frontend Transport; Mon, 26 Feb 2024 21:33:10 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CH3PEPF0000000A.mail.protection.outlook.com (10.167.244.37) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7292.25 via Frontend Transport; Mon, 26 Feb 2024 21:33:10 +0000 Received: from jallen-jump-host.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Mon, 26 Feb 2024 15:33:10 -0600 From: John Allen To: CC: , , , , , , , , , John Allen Subject: [PATCH v2 1/9] x86/boot: Move boot_*msr helpers to asm/shared/msr.h Date: Mon, 26 Feb 2024 21:32:36 +0000 Message-ID: <20240226213244.18441-2-john.allen@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240226213244.18441-1-john.allen@amd.com> References: <20240226213244.18441-1-john.allen@amd.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CH3PEPF0000000A:EE_|MW4PR12MB7382:EE_ X-MS-Office365-Filtering-Correlation-Id: 4ee56327-547d-406b-8ab8-08dc371287c3 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: O+LKNTD0rTvj29NC+JnmR5WGxz+uDDjfKQHf+x8Y4Cs9sinm1tTwRQon6DhRDWUeHUuJxrr9AnR+03bTm1uEzFjoplZ3xYTec0K4Z8z2F6+ylu4aV0N3pNC4neojgfP9tT4XNDd6kTDTCpc8uQw5nn+fpzEAuz0VorCdrADsTfffHORaQxv4/0urGaBCkZ4WLmJfP1XxWLTVeSI77kofE9eMm5REe2tfC46y9Vx/RCWji6zMHoQvskjWX3mOycUX6wLRlMfODrklAk0/RXgwVYEXtRVipg3yqF4HFXoYd9sFEi2cVur9Y+nBzJRCgNIkcsumiyC7aDXtwDR25NsBkgxZInvBVjs9FNoM0hYD//ZHE30K5MBz8w2ruaTq0pktIY0WFPuSqgzMaSe3oiuNCY1dJihXSp+hPGlZq9Gtzyt3OK8u+nQR8cMqYV73siXRukuQ+g47a55iu8ObHkuqxPR9ShI4uFmnol+C+EdPjNwaQFjpS0s+QRnSDrF3eVjc7U9BCihIE9u6MDhqgF7aYemn08xm2/046O7YjEI0hJfv42qZ2HDCjvYPtBh3Hn6CCL+XRFaYscwID6Ai7gamS7eqFKa9Lbjiw2WU3jQa70HzffMUm253GhCW48ybQGE20q0z6rwniJ6KPNe2LDaBbnXVVtfwRz7b9FOZIEbzFNIhq2h4PtsigttpLkGvC72ntvrXzMTyTIJgvVWb8giIfSI0yuvGtAbDZFUkFp6kMUqE5PscicwUu/wXZzvyMHUv X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Feb 2024 21:33:10.5819 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 4ee56327-547d-406b-8ab8-08dc371287c3 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CH3PEPF0000000A.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW4PR12MB7382 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1791999366371827430 X-GMAIL-MSGID: 1791999366371827430 The boot_rdmsr and boot_wrmsr helpers used to reduce the need for inline assembly in the boot kernel can also be useful in code shared by boot and run-time kernel code. Move these helpers to asm/shared/msr.h and rename to raw_rdmsr and raw_wrmsr to indicate that these may also be used outside of the boot kernel. Signed-off-by: John Allen Acked-by: Borislav Petkov (AMD) --- v2: - New in v2 --- arch/x86/boot/compressed/sev.c | 10 +++++----- arch/x86/boot/cpucheck.c | 16 ++++++++-------- arch/x86/boot/msr.h | 26 -------------------------- arch/x86/include/asm/shared/msr.h | 15 +++++++++++++++ 4 files changed, 28 insertions(+), 39 deletions(-) delete mode 100644 arch/x86/boot/msr.h diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c index 454acd7a2daf..743b9eb8b7c3 100644 --- a/arch/x86/boot/compressed/sev.c +++ b/arch/x86/boot/compressed/sev.c @@ -13,6 +13,7 @@ #include "misc.h" #include +#include #include #include #include @@ -23,7 +24,6 @@ #include #include "error.h" -#include "../msr.h" static struct ghcb boot_ghcb_page __aligned(PAGE_SIZE); struct ghcb *boot_ghcb; @@ -60,7 +60,7 @@ static inline u64 sev_es_rd_ghcb_msr(void) { struct msr m; - boot_rdmsr(MSR_AMD64_SEV_ES_GHCB, &m); + raw_rdmsr(MSR_AMD64_SEV_ES_GHCB, &m); return m.q; } @@ -70,7 +70,7 @@ static inline void sev_es_wr_ghcb_msr(u64 val) struct msr m; m.q = val; - boot_wrmsr(MSR_AMD64_SEV_ES_GHCB, &m); + raw_wrmsr(MSR_AMD64_SEV_ES_GHCB, &m); } static enum es_result vc_decode_insn(struct es_em_ctxt *ctxt) @@ -482,7 +482,7 @@ void sev_enable(struct boot_params *bp) } /* Set the SME mask if this is an SEV guest. */ - boot_rdmsr(MSR_AMD64_SEV, &m); + raw_rdmsr(MSR_AMD64_SEV, &m); sev_status = m.q; if (!(sev_status & MSR_AMD64_SEV_ENABLED)) return; @@ -523,7 +523,7 @@ u64 sev_get_status(void) if (sev_check_cpu_support() < 0) return 0; - boot_rdmsr(MSR_AMD64_SEV, &m); + raw_rdmsr(MSR_AMD64_SEV, &m); return m.q; } diff --git a/arch/x86/boot/cpucheck.c b/arch/x86/boot/cpucheck.c index fed8d13ce252..bb5c28d0a1f1 100644 --- a/arch/x86/boot/cpucheck.c +++ b/arch/x86/boot/cpucheck.c @@ -25,9 +25,9 @@ #include #include #include +#include #include #include "string.h" -#include "msr.h" static u32 err_flags[NCAPINTS]; @@ -133,9 +133,9 @@ int check_cpu(int *cpu_level_ptr, int *req_level_ptr, u32 **err_flags_ptr) struct msr m; - boot_rdmsr(MSR_K7_HWCR, &m); + raw_rdmsr(MSR_K7_HWCR, &m); m.l &= ~(1 << 15); - boot_wrmsr(MSR_K7_HWCR, &m); + raw_wrmsr(MSR_K7_HWCR, &m); get_cpuflags(); /* Make sure it really did something */ err = check_cpuflags(); @@ -147,9 +147,9 @@ int check_cpu(int *cpu_level_ptr, int *req_level_ptr, u32 **err_flags_ptr) struct msr m; - boot_rdmsr(MSR_VIA_FCR, &m); + raw_rdmsr(MSR_VIA_FCR, &m); m.l |= (1 << 1) | (1 << 7); - boot_wrmsr(MSR_VIA_FCR, &m); + raw_wrmsr(MSR_VIA_FCR, &m); set_bit(X86_FEATURE_CX8, cpu.flags); err = check_cpuflags(); @@ -159,14 +159,14 @@ int check_cpu(int *cpu_level_ptr, int *req_level_ptr, u32 **err_flags_ptr) struct msr m, m_tmp; u32 level = 1; - boot_rdmsr(0x80860004, &m); + raw_rdmsr(0x80860004, &m); m_tmp = m; m_tmp.l = ~0; - boot_wrmsr(0x80860004, &m_tmp); + raw_wrmsr(0x80860004, &m_tmp); asm("cpuid" : "+a" (level), "=d" (cpu.flags[0]) : : "ecx", "ebx"); - boot_wrmsr(0x80860004, &m); + raw_wrmsr(0x80860004, &m); err = check_cpuflags(); } else if (err == 0x01 && diff --git a/arch/x86/boot/msr.h b/arch/x86/boot/msr.h deleted file mode 100644 index aed66f7ae199..000000000000 --- a/arch/x86/boot/msr.h +++ /dev/null @@ -1,26 +0,0 @@ -/* SPDX-License-Identifier: GPL-2.0-only */ -/* - * Helpers/definitions related to MSR access. - */ - -#ifndef BOOT_MSR_H -#define BOOT_MSR_H - -#include - -/* - * The kernel proper already defines rdmsr()/wrmsr(), but they are not for the - * boot kernel since they rely on tracepoint/exception handling infrastructure - * that's not available here. - */ -static inline void boot_rdmsr(unsigned int reg, struct msr *m) -{ - asm volatile("rdmsr" : "=a" (m->l), "=d" (m->h) : "c" (reg)); -} - -static inline void boot_wrmsr(unsigned int reg, const struct msr *m) -{ - asm volatile("wrmsr" : : "c" (reg), "a"(m->l), "d" (m->h) : "memory"); -} - -#endif /* BOOT_MSR_H */ diff --git a/arch/x86/include/asm/shared/msr.h b/arch/x86/include/asm/shared/msr.h index 1e6ec10b3a15..a20b1c08c99f 100644 --- a/arch/x86/include/asm/shared/msr.h +++ b/arch/x86/include/asm/shared/msr.h @@ -12,4 +12,19 @@ struct msr { }; }; +/* + * The kernel proper already defines rdmsr()/wrmsr(), but they are not for the + * boot kernel since they rely on tracepoint/exception handling infrastructure + * that's not available here. + */ +static inline void raw_rdmsr(unsigned int reg, struct msr *m) +{ + asm volatile("rdmsr" : "=a" (m->l), "=d" (m->h) : "c" (reg)); +} + +static inline void raw_wrmsr(unsigned int reg, const struct msr *m) +{ + asm volatile("wrmsr" : : "c" (reg), "a"(m->l), "d" (m->h) : "memory"); +} + #endif /* _ASM_X86_SHARED_MSR_H */ From patchwork Mon Feb 26 21:32:37 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: John Allen X-Patchwork-Id: 206939 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:a81b:b0:108:e6aa:91d0 with SMTP id bq27csp2345907dyb; Mon, 26 Feb 2024 13:34:42 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCUh89h4K+q9Idmp/16sRuJWFMkGXbNx5mLykmDkjCAeX87U0eGUc4tmupKptrHz2xpw5IkIYyxmiD7tEsb5PngBAuGZGw== X-Google-Smtp-Source: AGHT+IHAyccOgnMyOJQR0qkGF3hyTpqF39qhSQ8DbvonSsNy5058IQalfT3YbZUExrBmp+KmxSSt X-Received: by 2002:a0c:f505:0:b0:68c:92ca:fec5 with SMTP id j5-20020a0cf505000000b0068c92cafec5mr331988qvm.51.1708983281923; Mon, 26 Feb 2024 13:34:41 -0800 (PST) Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id q2-20020a05621419e200b0068fda00db1asi5990919qvc.173.2024.02.26.13.34.41 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 26 Feb 2024 13:34:41 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-82355-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=jp10aC3O; arc=fail (signature failed); spf=pass (google.com: domain of linux-kernel+bounces-82355-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-82355-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id A6F511C21FC6 for ; Mon, 26 Feb 2024 21:34:41 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 325851332BA; Mon, 26 Feb 2024 21:33:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="jp10aC3O" Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2076.outbound.protection.outlook.com [40.107.94.76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 542F6132C2A; Mon, 26 Feb 2024 21:33:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.94.76 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708983198; cv=fail; b=f46ASMwzNLpUfCkOsnWnVmYg6IkeEJ3E78i6yhHCAzCG2kAhcPMdiKZAM7BjryvIHp8KrpHVS6Q+tJl/OgfDkbKMyN4OL6Eey4jXvlnw9tAB8kgL6a4upw3f+v3AweiFFZPlPlfRfKsWkLtJ7rmYOEFxKFczFZu0vuzGxGSzO4g= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708983198; c=relaxed/simple; bh=oGI4z1E+dcaInNs25HvjRZ14QNhk4dNjV+0SupNKLg8=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=X19bmV7pUs/YTLHyg1u+0zsQeGzLWq9oC1n+WwGEJzJe+vhFjv9YZdDWmqSukZorURIDLAU7Rogq87LqIN9+i3e5VjgchB/ovsPGx5DUfsj9Jy84MsZaNXDaAQMmlt6TpFjifJxiNm8hvffhvXHBV+dn5zOeDZjMWPp9d6UZ3Tg= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=jp10aC3O; arc=fail smtp.client-ip=40.107.94.76 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=TgOT3l7qU8vIxID7R+iSf56QmUPwczDVvH1q/wSZFPW24jgRmuZuyVboXJ6HPM5D6/t+zcb6nt38AdSJe0hp528IXCZJ2LP56SGbnE3wSS91fcuFB0qY4bNaj0ae/x05FyPkqpaQiu3bQjtBjTdZ+eTP8yRpRKRz4Bdn/XOQbFgBzp2jZq+hi1ZkPtyGlyky0p6boxRRNqUvOcJfInm9ZfwaEi02DS4SAoClt5bcD+EaMIgC5JeFEDB/EFZavO36LcQRj+gw4/yDaZAYr8kWtT1vts08TdbKlXE5xM1yGXFh+QxDZUErVoDZ+LQ41sjNbjtIsJwMiaRjoWqhyY+HSg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=9umBMiWClOer5d/riBrXbCzpKrxM/rqB1EX6hZ8JvO8=; b=AbANk3x7y7O8RADL9kjFCANi0CSjqgmQNGydsvkhY0uhPdz6CpUIeKdMymV2Zlu82S939uEKLJTr3phWATbOloqurV3hkf6Ezwo+3JbVNqB8kF6wUC1yPehzTH2gNfxzv4ccVyUJL/NxuiuBD7Qi7fgCyp4xjWj71EFx9iUOSSRzc8oabowgcuri640Dp3OfgDRVGZpmDOM5SpLlzp6foX/1MCjmC5hiNub65jVoziGul7AkBBA7Oi3nlqqkXO5uw8XKJ7msedidUD8ARLQinwuzINtToxIBNozbWfA7JJKCqAV9MH0UIp0OVB0j3zRoGx6QMjjfcxRxRK8IoqofOQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=9umBMiWClOer5d/riBrXbCzpKrxM/rqB1EX6hZ8JvO8=; b=jp10aC3O9dwP9QruT9cdxi+v31UI3aeusD60mAlyLl9q3IXYG3s1AZXjpQpZsNkbXn0YDvQO1nN78i4kIFV1ta0zREIVio2aAlS120cW540HQ8UXmKf0tBWsRSjaZPGSZq7LwdkmveDOusAIh4++8fEkYnubp1rwtpPvDkctXug= Received: from CH5PR04CA0018.namprd04.prod.outlook.com (2603:10b6:610:1f4::29) by SA0PR12MB7075.namprd12.prod.outlook.com (2603:10b6:806:2d5::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7316.34; Mon, 26 Feb 2024 21:33:14 +0000 Received: from CH3PEPF0000000E.namprd04.prod.outlook.com (2603:10b6:610:1f4:cafe::15) by CH5PR04CA0018.outlook.office365.com (2603:10b6:610:1f4::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7292.49 via Frontend Transport; Mon, 26 Feb 2024 21:33:14 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CH3PEPF0000000E.mail.protection.outlook.com (10.167.244.42) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7292.25 via Frontend Transport; Mon, 26 Feb 2024 21:33:13 +0000 Received: from jallen-jump-host.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Mon, 26 Feb 2024 15:33:13 -0600 From: John Allen To: CC: , , , , , , , , , John Allen Subject: [PATCH v2 2/9] KVM: x86: SVM: Emulate reads and writes to shadow stack MSRs Date: Mon, 26 Feb 2024 21:32:37 +0000 Message-ID: <20240226213244.18441-3-john.allen@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240226213244.18441-1-john.allen@amd.com> References: <20240226213244.18441-1-john.allen@amd.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CH3PEPF0000000E:EE_|SA0PR12MB7075:EE_ X-MS-Office365-Filtering-Correlation-Id: 2a972bfe-2d28-42c2-a29a-08dc371289c1 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Lcer7778P7qA6n1qIFMHd3r/MLfLIK5F7bpBPqqAdNm8jg7NZRSWA/zRKBAzFbjr9cp/Upeo1tCQY8/t03Fh4gTN0ti+QPB96FDfsSdO3cXHkNUrH9Y4iWGEw1eCuZb12kC52oxHVkbo8YxfHnQE4FohYoG+cAKSsfxbh4Rt5pzreyN4XXRWsTVGy/bRYH0CenYtdG+TmlMZkdfAiK2133SUkAKToT7HgFIOzDAfP7bE55DJpje2aekkCCugFEs6s8f8k5qmrDUGT2PwgrW1q/BsKgGiT+hp5B8y+k5I705XCeglRi2VEVbIuHWNXXAVxopNgAgKKCEP/wZ9dDQHsbSziA0Y/46yLVgZ2wJA7oVNIrk8+Brz2xUNXYfH+HDRJ9NOWFatDpwyq5FzkHLekGziAMVnVu6tD9TotPs6B6vqGsrYiEF0avxUSo6nFtRjX01eBDsoaYO/BYGS7PFhDKmmz+SG5qw7zWQjNGs57dwUcR7qg5i/kLsjxusVZ5rGNLM9BdDDcs4UgWSNlA+af+rpsDux5qFEbZYPcTP8QnvIuiibLcGjk/XKPeaSWOEGARVWnQF/q6IqG6lh6MDN4CNG2TuGXuCzB3y1+qlYHL9F/sVDs8IlnvQgTcQ6uIZ7WQ5qXIwvbAzphR44m8Z4ldyVGfaZBQJ86DjSPi2a8g4pKOdR5GbvqeYGGbkVhNXNlAsFJfEuBIfjmvBQQQW2DD3GpHYcscoqBn0Ed+tBzNpoTrIB8rLWa2xfUo/ApshE X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Feb 2024 21:33:13.8937 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 2a972bfe-2d28-42c2-a29a-08dc371289c1 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CH3PEPF0000000E.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB7075 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1791998854012024389 X-GMAIL-MSGID: 1791998854012024389 Set up interception of shadow stack MSRs. In the event that shadow stack is unsupported on the host or the MSRs are otherwise inaccessible, the interception code will return an error. In certain circumstances such as host initiated MSR reads or writes, the interception code will get or set the requested MSR value. Signed-off-by: John Allen --- arch/x86/kvm/svm/svm.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index e90b429c84f1..70f6fb1a166b 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2864,6 +2864,15 @@ static int svm_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) if (guest_cpuid_is_intel(vcpu)) msr_info->data |= (u64)svm->sysenter_esp_hi << 32; break; + case MSR_IA32_S_CET: + msr_info->data = svm->vmcb->save.s_cet; + break; + case MSR_IA32_INT_SSP_TAB: + msr_info->data = svm->vmcb->save.isst_addr; + break; + case MSR_KVM_SSP: + msr_info->data = svm->vmcb->save.ssp; + break; case MSR_TSC_AUX: msr_info->data = svm->tsc_aux; break; @@ -3090,6 +3099,15 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr) svm->vmcb01.ptr->save.sysenter_esp = (u32)data; svm->sysenter_esp_hi = guest_cpuid_is_intel(vcpu) ? (data >> 32) : 0; break; + case MSR_IA32_S_CET: + svm->vmcb->save.s_cet = data; + break; + case MSR_IA32_INT_SSP_TAB: + svm->vmcb->save.isst_addr = data; + break; + case MSR_KVM_SSP: + svm->vmcb->save.ssp = data; + break; case MSR_TSC_AUX: /* * TSC_AUX is always virtualized for SEV-ES guests when the From patchwork Mon Feb 26 21:32:38 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: John Allen X-Patchwork-Id: 206940 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:a81b:b0:108:e6aa:91d0 with SMTP id bq27csp2346230dyb; Mon, 26 Feb 2024 13:35:35 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCXUpjmEAj3NGhOLc8IYuo/9S2LmBVjGsbHVZfJRtZpo6oyN39wgHPUv2y18VUSF4P/HLntlCLsOiF9swCE0OvRoHmh8UQ== X-Google-Smtp-Source: AGHT+IEytJ1TfuVvn8qawrlnHofSqzLZ+6PLDhJmi2EFmZctfiOxzfQRu7kwM3UYzy8M15USz0C/ X-Received: by 2002:a05:620a:248f:b0:787:d86e:4805 with SMTP id i15-20020a05620a248f00b00787d86e4805mr628153qkn.28.1708983335012; Mon, 26 Feb 2024 13:35:35 -0800 (PST) Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id xx19-20020a05620a5d9300b007878204f461si6007536qkn.768.2024.02.26.13.35.34 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 26 Feb 2024 13:35:34 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-82356-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=vkjXY38N; arc=fail (signature failed); spf=pass (google.com: domain of linux-kernel+bounces-82356-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-82356-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id D5B991C21475 for ; Mon, 26 Feb 2024 21:35:16 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id C70A713399D; Mon, 26 Feb 2024 21:33:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="vkjXY38N" Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2075.outbound.protection.outlook.com [40.107.237.75]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 267C513247C; Mon, 26 Feb 2024 21:33:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.237.75 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708983203; cv=fail; b=HBnMakpTQpQDdhYtwpRrw3BBY1f325gT5AKPZZmRkBEVnsSWlwCbU1tHWwad1Y9Jsht0vXBksQRRiWTFXGwAXybgDr2Nfe+IFdjjuBvTJUAIQDkfvHeBBsdLg025VTuDrHY8FSkOZ7y5RdEOD5rXP9h+m9k1+aa6wZFH6m4XbjA= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708983203; c=relaxed/simple; bh=1TkrsaUUi9mF1kWRi7rFDTa6weQnnlwxMAsLrEwfR7c=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=clS0cYSoobnlRVoXE2fjgFodqT3phneP4rms9S2drnk2cWqCt3+5nuH7szYLosj6XkWhV+UT6PkfmpaJnR0lj+t8fUSEMZt/naLQgIpyNLgf8hE4d4rJ5p32k30vdGyC0UVBnNbSASj4xXET54PWXgVCfT99+i3eeWVXqJFTFC8= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=vkjXY38N; arc=fail smtp.client-ip=40.107.237.75 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=NemWL0OAcdxPKWE5VwhQqkSComZLoI0H+eCTBzGej6zn+W2JyWbd4SgUnVPuAzVjELJq0cTkVP9vyGVYp2IA955AUfYkdkUGJP3c94ZXrVBocCGJyttnUA68nW3N3Mg7awgGuk4+kDi1MuPYsqflWXoWbcoMfSdfVqJnFiiiedizXjPw7xM4jIIVfq28IVf9+FCpL4ZQXcnXQRw0KPVBcPGB/kVhyC35el+YUWtcXfvAmRGnzSL/nuHygqL3ud/IHq+sCt6vPfLROg4Jo9cK03eURzqgqRQTp/41qMN/ROUZuFKGqkt9hiq9Mxpw8SpIAGEdy+TtC47gWO4mSPwmew== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=dB9LwhudYW6UmKBiw2KUxpzIr+HrXSN6qNTvq/Iov7Q=; b=nxjwbQPi6tLwgzjJkCduRi6mq1Blzb4AhhzoggGgRTxIn4+PCGUzoCsglTqJ2NwDiwr4jB3qzf7BiWgl/kG0aytJJIWRSg0ufrXXbYpgIts/Yyp4bEwY2xwBp/P5wmUmBBU2MgRs5C5N+4/RZnFjYKyxTSYv4ISE4gZit5LGVT3b2PA7/xhOSPtk0wkXqcBDqfKAtzaCRw0z2d/wuhYVJIpwGg5hpmpfJumubq37CEmzJPteZbAKSjAVg6BcGDnM6OYwoPpixnj6m68+8NRnROEf67y3S09WL/W+7+0LQI5oYfk5yo32io+5RM4sGu92JK5rcva2LpgmnQmFWyvi2w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dB9LwhudYW6UmKBiw2KUxpzIr+HrXSN6qNTvq/Iov7Q=; b=vkjXY38NF1yHMYP82Rdl/SKw5aJ9ueyLOJJ+ws9gR/hnzyGjCnA/HFsyArqIOkeLZJMF829h9R75wdSlzoKtk/bxiy5ZXPp7ex5oXpKu/E6MQY7ZE3f4qniSU0V23b+TVCs3y1CFRujHVjpkOxzp0VndZBQ6Txzstjv/Xxc4A2c= Received: from CH0PR03CA0030.namprd03.prod.outlook.com (2603:10b6:610:b0::35) by SA1PR12MB8143.namprd12.prod.outlook.com (2603:10b6:806:333::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7316.34; Mon, 26 Feb 2024 21:33:17 +0000 Received: from CH3PEPF0000000F.namprd04.prod.outlook.com (2603:10b6:610:b0:cafe::75) by CH0PR03CA0030.outlook.office365.com (2603:10b6:610:b0::35) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7292.49 via Frontend Transport; Mon, 26 Feb 2024 21:33:17 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CH3PEPF0000000F.mail.protection.outlook.com (10.167.244.40) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7292.25 via Frontend Transport; Mon, 26 Feb 2024 21:33:17 +0000 Received: from jallen-jump-host.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Mon, 26 Feb 2024 15:33:16 -0600 From: John Allen To: CC: , , , , , , , , , John Allen Subject: [PATCH v2 3/9] KVM: x86: SVM: Update dump_vmcb with shadow stack save area additions Date: Mon, 26 Feb 2024 21:32:38 +0000 Message-ID: <20240226213244.18441-4-john.allen@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240226213244.18441-1-john.allen@amd.com> References: <20240226213244.18441-1-john.allen@amd.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CH3PEPF0000000F:EE_|SA1PR12MB8143:EE_ X-MS-Office365-Filtering-Correlation-Id: a99b3da6-bbd1-4e6e-37f1-08dc37128b9e X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: wojdGW1MzIxP0ufPp7bwuYqgq84phnm6esfOrhB0Qy4TySHQ5q48DeD7YX2kH8dSLWVNWNk3kwA5xeiGfY8lOPBgWTlhau6o4T6ErR8V0vkdNgLGtZcvioKkZRIZUVLkLsqFJEnL4Sg/JunYkpfqAkYy+dRd3YOk8CLemSyGkdiHU+vk6H6S00ytY8LR3Lkt1NbejcO+pb+z/SqcP+2JvT+KS47MmhlnXBt/tqPbaURip+cYXsMJLnlq61zyXQb689VcLNiJKBzagN5PJ/koAnULSK9pAGtPpMoV+Dmo/KjpGHKRqOzhoqWXQtVWJTzPfguDF9Mc4OY0QlOde7RjTJXGvbgmCavBUHC3VpMKDAPhUfNHTTpDdyoizxkqOxumZsKnHHj5wF+AhsyXkASjIXWWihfvLyMPp3inFU/370YLSurl4zCHQsnsBY5eL/CTmCSlDiw4eyLh0kXvpcsW1n0TGu9FBwK/BFcIxbBTsFxF5JYkLNXd4PgmD+BkrOWXsTRnh6ZX4ZZkhj55TGIALgjqyS7hmnmM15SG6wiOxgL9wprACWTgPRvVL6cMA+TwbOOmH05Vh1S8ag5AdWNTu63XmJ4utWDe7CXtnl8fIaBXDkaJ2TL2zTtkl8XwHuqOh0uW+kuH/sEcAv0kkPbJlTad3XeRm0fyIK153EngTSbzV3QBK0ioLdXI3QLQUbrrlhODHgeXH8W0kB05G2ufB1Odk/qUYd4G0wwr5MB66Zz277RpY81mLUUv4LS+9Dlf X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Feb 2024 21:33:17.0483 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: a99b3da6-bbd1-4e6e-37f1-08dc37128b9e X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CH3PEPF0000000F.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR12MB8143 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1791998909881446023 X-GMAIL-MSGID: 1791998909881446023 Add shadow stack VMCB save area fields to dump_vmcb. Only include S_CET, SSP, and ISST_ADDR. Since there currently isn't support to decrypt and dump the SEV-ES save area, exclude PL0_SSP, PL1_SSP, PL2_SSP, PL3_SSP, and U_CET which are only inlcuded in the SEV-ES save area. Signed-off-by: John Allen --- arch/x86/kvm/svm/svm.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 70f6fb1a166b..0b8b346a470a 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -3431,6 +3431,10 @@ static void dump_vmcb(struct kvm_vcpu *vcpu) "rip:", save->rip, "rflags:", save->rflags); pr_err("%-15s %016llx %-13s %016llx\n", "rsp:", save->rsp, "rax:", save->rax); + pr_err("%-15s %016llx %-13s %016llx\n", + "s_cet:", save->s_cet, "ssp:", save->ssp); + pr_err("%-15s %016llx\n", + "isst_addr:", save->isst_addr); pr_err("%-15s %016llx %-13s %016llx\n", "star:", save01->star, "lstar:", save01->lstar); pr_err("%-15s %016llx %-13s %016llx\n", From patchwork Mon Feb 26 21:32:39 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: John Allen X-Patchwork-Id: 206945 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:a81b:b0:108:e6aa:91d0 with SMTP id bq27csp2349251dyb; Mon, 26 Feb 2024 13:43:58 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCW2hzS8kNjDU1KR0bk4Vp94lCx+l4eMMbuMhGO+2Zou6jD/sCV25E8zQ5oXTo1Kbc/V6BNTEUw1D6k5hbIf6ve7cNs83w== X-Google-Smtp-Source: AGHT+IEmv+P54paFXGizXhDSwtl+1+s+SW0cWgu4yQIMLOG6eoG8Z8tA80+6zbK8YAUZO0fIdAut X-Received: by 2002:a17:903:120c:b0:1db:eb9e:1ab5 with SMTP id l12-20020a170903120c00b001dbeb9e1ab5mr8049526plh.52.1708983838622; Mon, 26 Feb 2024 13:43:58 -0800 (PST) Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [2604:1380:40f1:3f00::1]) by mx.google.com with ESMTPS id e11-20020a170902784b00b001d9fcd34721si225142pln.119.2024.02.26.13.43.58 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 26 Feb 2024 13:43:58 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-82357-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) client-ip=2604:1380:40f1:3f00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=CFfkN3Nx; arc=fail (signature failed); spf=pass (google.com: domain of linux-kernel+bounces-82357-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-82357-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id DACAEB251CF for ; Mon, 26 Feb 2024 21:35:23 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id BB39F1339A8; Mon, 26 Feb 2024 21:33:27 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="CFfkN3Nx" Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2088.outbound.protection.outlook.com [40.107.243.88]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CAFD1132479; Mon, 26 Feb 2024 21:33:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.243.88 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708983204; cv=fail; b=bOkWZKrLXa5UPs/cqEduMdaoK86ZAYmyaMQdW+XPlI9RI+xrVzUsCfcy5vT9OHvJa3sqEGVtp2Y4YuE2S2jN8KNKqKm3BMXtndj8QfG2W5G7Gsg8ps7Ayt/F3004Xxq7U/8+GPtKnv+sak4vF1r2876Xp9OSoR55VmTc8kMY9eY= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708983204; c=relaxed/simple; bh=a7Kbeq917FP2okWrYaow0qB+Q/vr8rDFLGffwC3qleM=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=aF6pZ2QMKJHq0cn7dnn4bHLK4vIY7i8U4R/KlI07alh2STpKelSIBVM+VOnsn49+szWR8M1yhqh/LifCo5Ik8pwb+r4peHCKrkSrcyR7rJqIcotbQq8gr5IxG4zYbBu3w/1mufdslXHcxGeDzv06A0xISzbdyq6qVxd4+kIWeeo= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=CFfkN3Nx; arc=fail smtp.client-ip=40.107.243.88 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PHfL3HFv9rVzlXUAdVe9J7tKv3cNFl3ayQFR7eEkGezS/zEgbXjpkIpt5Km/ZRWdkuO1lLyPlIAfjpUM5QSayLZ8JbnnvdjUKUtaH+4eR+My6QDxILAIET9nmnP0HeTyHdE9i/TkOFJP/DTR7mZBjwInSGwkuEAeJ1HMJXZ6eNiIvo5KKOvUZT31w6OxbPpVXX1iqIKW5x5zTeL7qg9KQSfCaTTX8EVDAcP07pK/lzgpWtXZ8iip9rakSvm8Ih+R2DrjjA4BhwH/5PwbNpN4tttGa4/NaLKBV4lNHa6lSGlBf2fJO/ODX3cHsQal0MelF2bbCYTuyg1lwlUiNkKVFQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Dq11PjNVqbSlbn1JHP40LqVBB2E8p6flh/dFIJHaq6A=; b=OMFyPGKDuYfx6vvKaOkkS3f/EMFbSnt7wxDmrFboplK6Ra3XJi+G9DAr4whreyMJTwLolXRx6+XSxhp4gIUB2475QMA9c9U/9yon/crDNIBBTNBbFy3uiEohvKKJmhDcZw3veSy9QAroyme1gG1DKlJ90QFms6rn/9ZrOC5W5V1xii7EbGquY4BNq5pKzCYapHLPm/Ip2k1IxU1sWG3DXxBxHv+/v3y5dBHV4eSpgIVcWk1MtlqLXAxFWz6Oa9Z/ns96u6ewBmiuy58GvXmN1QM+2PovLVCuFnfExiN9x3o+w4pjeZ+3Q/iYjw0Zc8DmMnQw3bKvyn5tB+b0SIYLPA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Dq11PjNVqbSlbn1JHP40LqVBB2E8p6flh/dFIJHaq6A=; b=CFfkN3NxOo7+eogRhSiL7AQcEJ9JsZvWC1Ru7u/8w4Oh+bFQdlSzbMjPNbGkL2hIrVtpUZiPE+gxhBFteJIbvciDpWfuXI4lIH9v5Lkoj6roth8hFrLTtaMFJkxiXc2JP7HCsd8pgNx8M5y/rDoN5oFwxzNxKclLJF6UHptZqTk= Received: from CH2PR14CA0050.namprd14.prod.outlook.com (2603:10b6:610:56::30) by MN2PR12MB4390.namprd12.prod.outlook.com (2603:10b6:208:26e::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7316.34; Mon, 26 Feb 2024 21:33:20 +0000 Received: from CH3PEPF0000000B.namprd04.prod.outlook.com (2603:10b6:610:56:cafe::59) by CH2PR14CA0050.outlook.office365.com (2603:10b6:610:56::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7292.49 via Frontend Transport; Mon, 26 Feb 2024 21:33:20 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CH3PEPF0000000B.mail.protection.outlook.com (10.167.244.38) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7292.25 via Frontend Transport; Mon, 26 Feb 2024 21:33:20 +0000 Received: from jallen-jump-host.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Mon, 26 Feb 2024 15:33:19 -0600 From: John Allen To: CC: , , , , , , , , , John Allen Subject: [PATCH v2 4/9] KVM: x86: SVM: Pass through shadow stack MSRs Date: Mon, 26 Feb 2024 21:32:39 +0000 Message-ID: <20240226213244.18441-5-john.allen@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240226213244.18441-1-john.allen@amd.com> References: <20240226213244.18441-1-john.allen@amd.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CH3PEPF0000000B:EE_|MN2PR12MB4390:EE_ X-MS-Office365-Filtering-Correlation-Id: 783fdb48-ce6d-4481-4a60-08dc37128d99 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: OtqxsUH5YjcjlHUDyH2TUpPH2AXizzedbTe19lmMzMAc2D3GRxJKdkAr0dV+9EfGhkxk60Q1KhWQURtBpo4xfutd1tdzBIm64bG9IluxjlXQfnTr3U/xc3KFSNtXp358xx385PLvhOHRiJ4+/4bITYXoYvbWgc77yizj4pC2Pb6TXr7BCcg7qnmjxwSCQaJvoE7Cib1YQCIugEzP3dSSN+KNFenjSIbiajjFCGffJxHFO6sPCEHZuJBguvb/Q7/Wjcnal2KhBKZOxEs4/woRJXCkn1azGJuWenpNRvUVvdmz0mPbm6NXDtOtf2zoF/0LKK0AAsqaga5BkRS60w3Ga89ZYD499w2ZRVAKVGdA4sGa9AfSy7odrixCqPkPiY+/HkK8bkrla7Umu5XfXAQWDGiF9cgIP0b+oGRf8PQuZ5JTVTL017TqxjmxR3sQ+qpN6kJyQ67RusVn4Gn3SQv1vqPAof0cg16tnCm9NvMjVsoxLpHrpvWe2LkEv4/NRreDGvu7czspP5GdFfFDA7eEyWpj5zrVzGDTuq99RE3cNMsd3LW77CUuWqcl9MPB+SAJKZyZ5n41P3gLi0IB+ICycwjrWXgJnrHqCAboeWvTCxC7q1jD43DjlBrhf6zEQPNnbgD/YZxWJBtQvvchHZDsQhuA6Jk0qcTDgRjgox1DxSo8AYUVmH8hM7BzlAaLBF77SLL4aAvrnUDnAhIcA+AY+zg4WcAVxejpTEzlA4VGdP1W4MZEIYGNlo7nMCNNqkl1 X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Feb 2024 21:33:20.3715 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 783fdb48-ce6d-4481-4a60-08dc37128d99 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CH3PEPF0000000B.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR12MB4390 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1791999437362191161 X-GMAIL-MSGID: 1791999437362191161 If kvm supports shadow stack, pass through shadow stack MSRs to improve guest performance. Signed-off-by: John Allen --- arch/x86/kvm/svm/svm.c | 26 ++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.h | 2 +- 2 files changed, 27 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 0b8b346a470a..68da482713cf 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -140,6 +140,13 @@ static const struct svm_direct_access_msrs { { .index = X2APIC_MSR(APIC_TMICT), .always = false }, { .index = X2APIC_MSR(APIC_TMCCT), .always = false }, { .index = X2APIC_MSR(APIC_TDCR), .always = false }, + { .index = MSR_IA32_U_CET, .always = false }, + { .index = MSR_IA32_S_CET, .always = false }, + { .index = MSR_IA32_INT_SSP_TAB, .always = false }, + { .index = MSR_IA32_PL0_SSP, .always = false }, + { .index = MSR_IA32_PL1_SSP, .always = false }, + { .index = MSR_IA32_PL2_SSP, .always = false }, + { .index = MSR_IA32_PL3_SSP, .always = false }, { .index = MSR_INVALID, .always = false }, }; @@ -1222,6 +1229,25 @@ static inline void init_vmcb_after_set_cpuid(struct kvm_vcpu *vcpu) set_msr_interception(vcpu, svm->msrpm, MSR_IA32_SYSENTER_EIP, 1, 1); set_msr_interception(vcpu, svm->msrpm, MSR_IA32_SYSENTER_ESP, 1, 1); } + + if (kvm_cpu_cap_has(X86_FEATURE_SHSTK)) { + bool shstk_enabled = guest_cpuid_has(vcpu, X86_FEATURE_SHSTK); + + set_msr_interception(vcpu, svm->msrpm, MSR_IA32_U_CET, + shstk_enabled, shstk_enabled); + set_msr_interception(vcpu, svm->msrpm, MSR_IA32_S_CET, + shstk_enabled, shstk_enabled); + set_msr_interception(vcpu, svm->msrpm, MSR_IA32_INT_SSP_TAB, + shstk_enabled, shstk_enabled); + set_msr_interception(vcpu, svm->msrpm, MSR_IA32_PL0_SSP, + shstk_enabled, shstk_enabled); + set_msr_interception(vcpu, svm->msrpm, MSR_IA32_PL1_SSP, + shstk_enabled, shstk_enabled); + set_msr_interception(vcpu, svm->msrpm, MSR_IA32_PL2_SSP, + shstk_enabled, shstk_enabled); + set_msr_interception(vcpu, svm->msrpm, MSR_IA32_PL3_SSP, + shstk_enabled, shstk_enabled); + } } static void init_vmcb(struct kvm_vcpu *vcpu) diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 8ef95139cd24..0741fa049fd7 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -30,7 +30,7 @@ #define IOPM_SIZE PAGE_SIZE * 3 #define MSRPM_SIZE PAGE_SIZE * 2 -#define MAX_DIRECT_ACCESS_MSRS 47 +#define MAX_DIRECT_ACCESS_MSRS 54 #define MSRPM_OFFSETS 32 extern u32 msrpm_offsets[MSRPM_OFFSETS] __read_mostly; extern bool npt_enabled; From patchwork Mon Feb 26 21:32:40 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: John Allen X-Patchwork-Id: 206947 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:a81b:b0:108:e6aa:91d0 with SMTP id bq27csp2349450dyb; Mon, 26 Feb 2024 13:44:27 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCVhOHMFJZBAazciCCtX4mi4+h7teuYdkE7MlJ48zlb2cD03gNifRKmld24FEED6XIwhDopzt+DZiwzcZqyjVD16lfYuKA== X-Google-Smtp-Source: AGHT+IHaso+ibrMf9198jPYs2mxoCSRIptTvSydfeVdWsk2BCHFL9KfQiMkXiwBFmtcSpV6uzmZ1 X-Received: by 2002:a17:902:ea0e:b0:1dc:620f:f175 with SMTP id s14-20020a170902ea0e00b001dc620ff175mr10071129plg.38.1708983866966; Mon, 26 Feb 2024 13:44:26 -0800 (PST) Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [2604:1380:40f1:3f00::1]) by mx.google.com with ESMTPS id t10-20020a170902e84a00b001dcaf71fefasi209803plg.543.2024.02.26.13.44.26 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 26 Feb 2024 13:44:26 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-82358-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) client-ip=2604:1380:40f1:3f00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=Ft8cRW1U; arc=fail (signature failed); spf=pass (google.com: domain of linux-kernel+bounces-82358-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-82358-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 7D302B25533 for ; Mon, 26 Feb 2024 21:35:44 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 8058B13473C; Mon, 26 Feb 2024 21:33:32 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="Ft8cRW1U" Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2083.outbound.protection.outlook.com [40.107.223.83]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 150E31339AA; Mon, 26 Feb 2024 21:33:27 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.223.83 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708983209; cv=fail; b=BgE0MR1qSlPIqKZBb88F0OfQxKC8WuMYOkuaKuKBco+C55fEV8FO0+rriqqHMWitBqI+Vx9QL+0IkQheDJJkciMRiK9yGEAnop7tgedP3mzCCZc2aWIO6qe3Rs2HrGrR8izOX8y40s4Wpe/THdKBr5HnhJieulYq2l6QKMoAxVI= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708983209; c=relaxed/simple; bh=adG/ABrWVrZE3MsUfOnn8zbLG0RC0aNV9+6dAwjY1X4=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=Agg2xUT9V9ITM4lr8srOcBdnTre9adBhCts781fg+u4pwdEPeyICIiTntPDRVcyJ93BFYEUS3QqHyKMX95K6RaaYHxBbR1UE6abSA14Ej0T7crVtrHgQY81kG/fzb7D1XHhZXPmB4W9ZgXMqe2snKgLl4eC6BReRTHXPYg4ykRY= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=Ft8cRW1U; arc=fail smtp.client-ip=40.107.223.83 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=huUhrZGekS98don+sGRo1kGDmFA3+aVNc9L6+C8Upb2X8i0ph1JqXVJyMBS1vhfcvQfxvasMeDau+bxRcLbA4a692qLH+aNeOkEmUtQ22e2NkDq47aYqd97fpbqOj2gnRn+OIvX7oGhjW8ophdhEq70rCKseEAAMsnBYjfmAKrNS/PnnUMldd9v8ko2NrZCT71ifUeHhmqLGs04pz60pWoLUQDlReuvQ4CDaud6OKakRW9CbWT49PSUVxXwzeOkSPR1K0EZIQPeE3r+T3QYF5Oi1blEwPog0WDh17W6UQRwmyyHcl9Fb8s72mwwN4vv5/I80eBZ3NetMX9Nz9LnMpQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=s+ddYQ0Pdno3LKSDluChSeYK84B+ZLWxt5OvWSAnbXw=; b=DF5Lrmr4nvw8DiLM6eXuEKB7dZoYoXLPI7fkRJRdUTKGd4+6FjffjAI4U4zc++ry7geBzieIpFWKfUT7DvW9sDLHzTQcV4txg56SfQEbzCSev7GD6J+WFYX6l8gDxvCfV8I3f+tF3aYuMlqLQ3N4rcf0zB61+LNylU2JNSFwfVP76murUDNu5DvDijZm1zQtP+I4cCslp+ppoB8Cj6k6fZlVwVO4WoLXL7gQhAEUNLuDqgeSCVcjxk5jA/Q5W48Fdw9T+rIGQeurLg6r3w85IW5EhtlK1RcFUkQ/Afmvcjc9cbRxPXyb3AP9bTjmuCoVOTmJpa+oXF/HLrPKJWOu4Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=s+ddYQ0Pdno3LKSDluChSeYK84B+ZLWxt5OvWSAnbXw=; b=Ft8cRW1UHav82EJ5NN8TnskuAw+4yx1pZEghoVc2Aw7nvNtS1GgwgMmhn47/4n8x4YdCSiEpxZSPG5B4Eh1blRWIll1aZbaol9UzMQCbYmroDY1uYNKCv5ACqmE7FTQgqYEs2Tct4DnILfuRTu7rnzxTr8f+w7ckJtdLwrDamto= Received: from CH5P223CA0013.NAMP223.PROD.OUTLOOK.COM (2603:10b6:610:1f3::8) by LV2PR12MB5918.namprd12.prod.outlook.com (2603:10b6:408:174::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7316.36; Mon, 26 Feb 2024 21:33:24 +0000 Received: from CH3PEPF0000000A.namprd04.prod.outlook.com (2603:10b6:610:1f3:cafe::62) by CH5P223CA0013.outlook.office365.com (2603:10b6:610:1f3::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7292.49 via Frontend Transport; Mon, 26 Feb 2024 21:33:24 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CH3PEPF0000000A.mail.protection.outlook.com (10.167.244.37) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7292.25 via Frontend Transport; Mon, 26 Feb 2024 21:33:24 +0000 Received: from jallen-jump-host.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Mon, 26 Feb 2024 15:33:23 -0600 From: John Allen To: CC: , , , , , , , , , John Allen Subject: [PATCH v2 5/9] KVM: SVM: Rename vmplX_ssp -> plX_ssp Date: Mon, 26 Feb 2024 21:32:40 +0000 Message-ID: <20240226213244.18441-6-john.allen@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240226213244.18441-1-john.allen@amd.com> References: <20240226213244.18441-1-john.allen@amd.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CH3PEPF0000000A:EE_|LV2PR12MB5918:EE_ X-MS-Office365-Filtering-Correlation-Id: df9f37ee-c7ba-428b-3c92-08dc37129012 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: NDqGmE2K4GSwcgVY9ytcWKG8NupLCY9upjGHjxvWk1pSjPm9Wof3yonbsPa5uUR0Qo3OlvIAYRCMrDnkUuMXLHezAVaNXbjPlKlic1zke5GjVPV5mB1fETHgSgR//DjuuBEcPA4oX69V4iTvt/uZx29OQNvWZH9e+v8thFUNfygNr9CoGBsu3WJP5xqrXSIh/U2GaFTXPeOG2UcN+v4gcuqaKzojByyiWRbFA4nD6sFc1kK6CkYkWKzkhFNtFT7FIOAuiBOh4D2VJV18UOfcdxaxkTaSmQUsaSGuPhHR9bkVyyZPZNrA2bVnO7gKdnctDrsLHX18rbI13NNGUkAlmAk43NjxM0k5SQpom0zwKBWxzti5BdClkcelA+5lt/NT0s9Fha0PfDDdtQ4uCtxUVoh7w5CPYa5yaeQV/8+l2XNafhThFHRRFBn7h8NNLubLzfdh6yf09Dw6SSF9QZYs9pJ2+nK1LiLTh0piN0UaN4nZ132pq5gPJV9C0PT8elaSR/OoynPlnieypLsfGlD6XLd+j+ta78zwlEYcJ7wsIc5/UySGvBP3PIBB0sAwACg/7g64+vXezTrMRW9FpMw2qlTabyMCeIb7W/Q5jRTN+gBCtLlrsgRpSW4/EDE/1yle0DD07LE0EOCxdHM/Y0V9d2Sicm8IcdLH0fwj8PDyrYo6DK7KzBmISxZPtzHyuQ1v3mYq2vhEjOlu8Zh5/EHDhOy5hgeL4eBmDqA3a38thZWLjcL5zadWKTW4XfwzFbsN X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Feb 2024 21:33:24.5196 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: df9f37ee-c7ba-428b-3c92-08dc37129012 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CH3PEPF0000000A.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV2PR12MB5918 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1791999467439195171 X-GMAIL-MSGID: 1791999467439195171 Rename SEV-ES save area SSP fields to be consistent with the APM. Signed-off-by: John Allen --- arch/x86/include/asm/svm.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h index 87a7b917d30e..728c98175b9c 100644 --- a/arch/x86/include/asm/svm.h +++ b/arch/x86/include/asm/svm.h @@ -358,10 +358,10 @@ struct sev_es_save_area { struct vmcb_seg ldtr; struct vmcb_seg idtr; struct vmcb_seg tr; - u64 vmpl0_ssp; - u64 vmpl1_ssp; - u64 vmpl2_ssp; - u64 vmpl3_ssp; + u64 pl0_ssp; + u64 pl1_ssp; + u64 pl2_ssp; + u64 pl3_ssp; u64 u_cet; u8 reserved_0xc8[2]; u8 vmpl; From patchwork Mon Feb 26 21:32:41 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: John Allen X-Patchwork-Id: 206943 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:a81b:b0:108:e6aa:91d0 with SMTP id bq27csp2348358dyb; Mon, 26 Feb 2024 13:41:44 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCXvol4+DM4xzmcGi2RS8P4EqO11XQjoueRn/7q1y0stj2bHe/pjCX3lQ2171jkPp2F3++4mw2/tix78+Pn4ecVYMwwhsg== X-Google-Smtp-Source: AGHT+IEsHoiNJeMgwmC0xSL48bOz5Uxj8vS6otvYIvDwLPe0X+FkqbJfnr4qOo/Q1son3SIiEd4k X-Received: by 2002:a17:906:b289:b0:a42:fc9b:f249 with SMTP id q9-20020a170906b28900b00a42fc9bf249mr4607750ejz.65.1708983704131; Mon, 26 Feb 2024 13:41:44 -0800 (PST) Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id fy25-20020a170906b7d900b00a3fadd69d7dsi121971ejb.33.2024.02.26.13.41.43 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 26 Feb 2024 13:41:44 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-82359-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=XxymhIZp; arc=fail (signature failed); spf=pass (google.com: domain of linux-kernel+bounces-82359-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-82359-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 809911F2BEB7 for ; Mon, 26 Feb 2024 21:36:04 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id B4EFB132C08; Mon, 26 Feb 2024 21:33:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="XxymhIZp" Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2042.outbound.protection.outlook.com [40.107.223.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id ED880134735; Mon, 26 Feb 2024 21:33:30 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.223.42 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708983213; cv=fail; b=uGPiivmazHHAX1WPGjaEQ213fWAJyb5MFTPTY6Lrhgoy/c2ocAmQN3lMDi5R48d6LkjRJ0V63fLnvdlHiIG3mhYUbg8MTBLNi+rgXINIRAI4PIq5X8sIQ9ZBiWaiabD0lTwBgpqIpUoctgiYezEtCrQ5qEV6jbvkzGYjjrb8GAY= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708983213; c=relaxed/simple; bh=ZzMR9NL+iOlvGkVw29tC6MVRLuXxqgXEExLmpq42p54=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=sFlKlv7Xp2tkLvAtXBf7CGybfHKDZrrFsSCpLpqlhSw8fVOKuLfa1QNZld+pqn2pYLZXGXr45JOmPo5PPxy/VrD0F+Tok5koyCiwcMEu6cx6jsK0pW4SfB25ow6JJEyQjIPUgQWN5S74pjzIJh7jocSgIqWuvjccnPzlKrSdHl0= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=XxymhIZp; arc=fail smtp.client-ip=40.107.223.42 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=O2Gob23UqdW5OMxmWTO19FRlBPg+ibCvl4i1zTn1Q91yoMe5Ij2hj/epn2J87hLdUJBJFdVb6UEerOGy/j3MR5sBhG7agtC5nDP2Y+V8x4lksK62xnp149hiz+AwrtW1I9ICkaxG7g4oVksxk6vGiSE+wVpkHIkBFY1dmrfdkfGN+IoS/29GsSuuYC4tUTuG802N2ZKPycMW9rNyLC9D1/imsUpKcm8uW9h72weRLrSlch74wxRHnJi32gw9eAf+QnlkT7ZnSXMJtoqgh8xFqz+H7er5pGDfwRpUQZcoU63f4vqKbtwfIzDuB9uY2jNkTV13ttArqH3Xkcwj/eKMnw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=R3Gy8dugqKHWN5FieegfFCw/GVM0x8C+XZCNJ+OXsa4=; b=Sl/0M28Enm2vID8b2G8Gd/Lnr3E6pGMavlHvP5sgeeyMrTdgpJjAUPJsQ/XT8kPYMPC1WBiB4Rnx6xdjs101DJoE7BTdPvsp0MJvCnJzBACnPmlHKVp4RMKJ+PfH1+f+zhm7HnJA7D5Jcwkh9IFZhRUEmzEQN89Myvtl/SR3X/k7Aq8yvvKIv+XtOtwL1LamL4KA3BUywvdvT9WIPgk+uMwRdts69ubtMezPH1aWtdePWrhPytreq+tcpKpqKph1v9jEdvbBHUQvLVhbDYYAjlDdfaEUqvnSgRF+62J7dg0OWXr8WIb724gup55aiOJcgJF2aNhRW56rFVI+yx1J9A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=R3Gy8dugqKHWN5FieegfFCw/GVM0x8C+XZCNJ+OXsa4=; b=XxymhIZphwHnaLDUSpmSJkfAWbZFs+4J9ZTh+eJZy2s50NlaK2flmd15h3VBZQMs37mUBBiDi63+cv8P8tzq05qMB2fZtp3UEp/G6HiElrdVlW5jo9cVAsJhfVxfQbKUdJCs0pyUCUd78JGvZhLKxFO75HYe8cYJNHYOrw7K5vc= Received: from CH5PR04CA0011.namprd04.prod.outlook.com (2603:10b6:610:1f4::27) by MW5PR12MB5622.namprd12.prod.outlook.com (2603:10b6:303:198::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7316.36; Mon, 26 Feb 2024 21:33:28 +0000 Received: from CH3PEPF0000000E.namprd04.prod.outlook.com (2603:10b6:610:1f4:cafe::eb) by CH5PR04CA0011.outlook.office365.com (2603:10b6:610:1f4::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7292.49 via Frontend Transport; Mon, 26 Feb 2024 21:33:28 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CH3PEPF0000000E.mail.protection.outlook.com (10.167.244.42) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7292.25 via Frontend Transport; Mon, 26 Feb 2024 21:33:28 +0000 Received: from jallen-jump-host.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Mon, 26 Feb 2024 15:33:27 -0600 From: John Allen To: CC: , , , , , , , , , John Allen Subject: [PATCH v2 6/9] KVM: SVM: Add MSR_IA32_XSS to the GHCB for hypervisor kernel Date: Mon, 26 Feb 2024 21:32:41 +0000 Message-ID: <20240226213244.18441-7-john.allen@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240226213244.18441-1-john.allen@amd.com> References: <20240226213244.18441-1-john.allen@amd.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CH3PEPF0000000E:EE_|MW5PR12MB5622:EE_ X-MS-Office365-Filtering-Correlation-Id: 943d1a2d-3c1a-48f3-5590-08dc3712926d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: yQcnWAN4flEY0dzcmXPSELz3HRzrrCYD6QUEsgP2EzN4tgPT8Gp8+4Y6VcMQ46rHF0ucV+aN/HQarbQ317gxJD0Q07QyRp7h6Id6n3ihE48u995UYEJYTatfK4bD9zG14jz2DVAfsZ9GgLLhjW6CPgDkJg1/SGPKeIlRF30/1u/h+Bit3Pukonl2kSH9WqVuchekZJhcoN88Yv46ZDHydLamWvnSsMHrWi5CmTX106hdw9vypPna1mBNeLKgSP4CVXpuZj5WdR4qmGDjzQ7RFWpguyuSHUqdBLU7TrtdzRIDmeNWBGVJkcEyz+GDjNsjOANirJ+LPuac5ZK0fr5AeIZrq3hKnyz8YivX5RIGCBCt8KWxGPmeU6gwfBOEnkCAzptzse+Ng7kjpRZv5zPryqxL/T7cztU1a3DF7QgGqQNbYcENZvGlbFE0qh4Oc2v+XOTg6ZRSiagIhN52sbi8ewz+9KremV7K3qsG2FLMwu3xzvxtm7hHYsA6XM7HoCcjXixPtiizr36FVyv11K/+rUE+Gc4WIfV7Iq9styc2yeq7NbBMywCxK4Qny819ebO2mVJyKr3Xvk7KFg1MCRHZZcmTdU/76ppypCiz+FsyuQx8yIpkyYnKvw7kojAX/Ut2oTOErBq3AHMXfMUDWf5csTytY1HK4oj7JfNGm+r92GN8RPCcmo5c2fyghEe9cFZhgHGaYHzNX+6lgd2Nuc7iChEJyK0vnj02DDYsHYaMifpdltauEKeHssZRH0OhIdFv X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Feb 2024 21:33:28.4720 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 943d1a2d-3c1a-48f3-5590-08dc3712926d X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CH3PEPF0000000E.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW5PR12MB5622 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1791999296605307562 X-GMAIL-MSGID: 1791999296605307562 When a guest issues a cpuid instruction for Fn0000000D_x0B (CetUserOffset), KVM will intercept and need to access the guest MSR_IA32_XSS value. For SEV-ES, this is encrypted and needs to be included in the GHCB to be visible to the hypervisor. Signed-off-by: John Allen --- v2: - Omit passing through XSS as this has already been properly implemented in a26b7cd22546 ("KVM: SEV: Do not intercept accesses to MSR_IA32_XSS for SEV-ES guests") --- arch/x86/include/asm/svm.h | 1 + arch/x86/kvm/svm/sev.c | 9 +++++++-- arch/x86/kvm/svm/svm.h | 1 + 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h index 728c98175b9c..44cd41e2fb68 100644 --- a/arch/x86/include/asm/svm.h +++ b/arch/x86/include/asm/svm.h @@ -673,5 +673,6 @@ DEFINE_GHCB_ACCESSORS(sw_exit_info_1) DEFINE_GHCB_ACCESSORS(sw_exit_info_2) DEFINE_GHCB_ACCESSORS(sw_scratch) DEFINE_GHCB_ACCESSORS(xcr0) +DEFINE_GHCB_ACCESSORS(xss) #endif diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index f06f9e51ad9d..c3060d2068eb 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -2458,8 +2458,13 @@ static void sev_es_sync_from_ghcb(struct vcpu_svm *svm) svm->vmcb->save.cpl = kvm_ghcb_get_cpl_if_valid(svm, ghcb); - if (kvm_ghcb_xcr0_is_valid(svm)) { - vcpu->arch.xcr0 = ghcb_get_xcr0(ghcb); + if (kvm_ghcb_xcr0_is_valid(svm) || kvm_ghcb_xss_is_valid(svm)) { + if (kvm_ghcb_xcr0_is_valid(svm)) + vcpu->arch.xcr0 = ghcb_get_xcr0(ghcb); + + if (kvm_ghcb_xss_is_valid(svm)) + vcpu->arch.ia32_xss = ghcb_get_xss(ghcb); + kvm_update_cpuid_runtime(vcpu); } diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 0741fa049fd7..eb9c9e337c43 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -723,5 +723,6 @@ DEFINE_KVM_GHCB_ACCESSORS(sw_exit_info_1) DEFINE_KVM_GHCB_ACCESSORS(sw_exit_info_2) DEFINE_KVM_GHCB_ACCESSORS(sw_scratch) DEFINE_KVM_GHCB_ACCESSORS(xcr0) +DEFINE_KVM_GHCB_ACCESSORS(xss) #endif From patchwork Mon Feb 26 21:32:42 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: John Allen X-Patchwork-Id: 206949 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:a81b:b0:108:e6aa:91d0 with SMTP id bq27csp2350318dyb; Mon, 26 Feb 2024 13:46:43 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCXRIZtUfkbczRavyyu2BHPXw/DzGFy24yOI6IbNeUH1yj+wfp2xdKCKKOPyxcItcIaj48Zkghaw1Dc51MS0AGrzUDAXdg== X-Google-Smtp-Source: AGHT+IGs0zJGjioOfH1eClIPS9UwL/mNzOj5IxFZFO90VJpNVAau0htUjY8qq2M3di8hRs+sZDdI X-Received: by 2002:aa7:c919:0:b0:565:ff53:5359 with SMTP id b25-20020aa7c919000000b00565ff535359mr1548705edt.41.1708984003002; Mon, 26 Feb 2024 13:46:43 -0800 (PST) Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id eh22-20020a0564020f9600b005642c27ffb9si109659edb.386.2024.02.26.13.46.42 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 26 Feb 2024 13:46:42 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-82361-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b="c/9yfnJY"; arc=fail (signature failed); spf=pass (google.com: domain of linux-kernel+bounces-82361-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-82361-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id B959C1F2C881 for ; Mon, 26 Feb 2024 21:36:45 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 0EA291353F3; Mon, 26 Feb 2024 21:33:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="c/9yfnJY" Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2055.outbound.protection.outlook.com [40.107.93.55]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 540BE132C0A; Mon, 26 Feb 2024 21:33:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.93.55 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708983220; cv=fail; b=EkDT9oNBkdPCitdiujSzdRIlvcxzQjxkZURMIxvP3ly+10C9X03X3iDWWCiKavUlgLDuFREipn1TgMT7/SFoYaWwkHL+lDYxw/j1UukM/qtvRQ0yvG3mRb0Zr8doVPS5jEZ5YsWXtbEpgQggBXxSVJvoqMPUmcOgwCLABWP4HlQ= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708983220; c=relaxed/simple; bh=7ob0I6tysZJ/J4Wduw57ZmYcN99yyGsSZbO5/ew3sTs=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=jaVYoOpnJAPKCdgHroqA339gaaNNxX4zH44sEz2sP2dylK+QCtwgkP/NhZUeeX+pc3BrN4OZJPzH9AAygLyjVi5/jMc2T6Zywxghg0LOsToM12wTJ+3mX44z3tRtBgewxGQTqHv8+WMB5caZDnfdWfb92fLhPKHz9j+OXqbriiA= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=c/9yfnJY; arc=fail smtp.client-ip=40.107.93.55 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=juaT0lU89/hFRR4p01XJhXhmPxfPQfpDtzuPVBlggA3B0WpNmnuDVCVAo6ljtPrBvgQ9yqbsyh/Hwinf9JZHE4wNpTYacP0driP0TW4wlnHDdZtQuyRkGSQFi2FGaQ1qYJW53lH4VoVwTIOEHcRM6G7gGFlnmgc4lYd3hTQTCCxPoZPnsUwEKBzxjG9KHlmmSO+sX0WfTEqVjaLS1ZGWQMPTzfPnCbX+Wuro0S0Gd8+hjNxO1z0rGK85pq3QMjxYe0nhFBLYU4mQn5r7AP9UO2Vl50M42ev/DcxCQljEu98rgT5ZYMLs64HenBAn2QK6k0/O1GenkLoy+QHbGHmVSA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=mdKCaSdJgqE3ljWDqNuC2Vw9YeeoMmkN76MoNaolgSg=; b=gOQ1MZBNA61AJ3CoWmdp8imXG2i22UpeI1OQ4drbedOSDdGRNAPw9547fxGkUR5K4jlNuw9ZiPERN7FczriQHPf2KpzyXQmsmagpR2CqF4SAjKDjJLa+M6VsDso2fqSa93tq3Lb/6MhxewexkUoGwnq8LGpCWqeThNcsOQw9SMQigrbYELs3nXY9rrfTUIlow/krUycTpTMWQZiy3eGa/F9UpiztwUEf/6iDOY0s0+sTJKJKer/pOUNYmJU5FrLZRUdB2zyurmhzCDZn+xRFZPposA3ORerUFzhQR4BOQuWlaaDJAP3PmljK1mB3qDMY1vv4EPSkAlknp6t6fBZGUw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=mdKCaSdJgqE3ljWDqNuC2Vw9YeeoMmkN76MoNaolgSg=; b=c/9yfnJYoT61FdKIA3RZtkXDjQQOlNuRkJt0+wbsMJOnkpLcrV/o0GZRXLBmdQXGk4pkGt09Q+TcJzUARt/cs/DtlU9f0QSTbmSoLCKju8QIXyc1zPCVXbGCYcbx8Kk58sYx9zmO02cYDaczvboOwqkI2+7YUk7B9s68n60TtcM= Received: from CH0PR03CA0011.namprd03.prod.outlook.com (2603:10b6:610:b0::16) by SA1PR12MB7443.namprd12.prod.outlook.com (2603:10b6:806:2b7::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7316.34; Mon, 26 Feb 2024 21:33:35 +0000 Received: from CH3PEPF0000000F.namprd04.prod.outlook.com (2603:10b6:610:b0:cafe::85) by CH0PR03CA0011.outlook.office365.com (2603:10b6:610:b0::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7292.49 via Frontend Transport; Mon, 26 Feb 2024 21:33:32 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CH3PEPF0000000F.mail.protection.outlook.com (10.167.244.40) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7292.25 via Frontend Transport; Mon, 26 Feb 2024 21:33:32 +0000 Received: from jallen-jump-host.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Mon, 26 Feb 2024 15:33:31 -0600 From: John Allen To: CC: , , , , , , , , , John Allen Subject: [PATCH v2 7/9] x86/sev-es: Include XSS value in GHCB CPUID request Date: Mon, 26 Feb 2024 21:32:42 +0000 Message-ID: <20240226213244.18441-8-john.allen@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240226213244.18441-1-john.allen@amd.com> References: <20240226213244.18441-1-john.allen@amd.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CH3PEPF0000000F:EE_|SA1PR12MB7443:EE_ X-MS-Office365-Filtering-Correlation-Id: e4ff8780-f622-4ac9-40c0-08dc371294c8 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 0LRjpCn7+RMe0JhaWSXpVIsN0r37QE6MiPGFqhiXvXeA1hp4fXSeX90rSEjnVmNClvG/RnbWSibtd6HVkGcVKmwD7Fds2DQLdnkYuK/5QEy/WU4IJhx1tRmTwxjGjVrR2h5dwND7ortiy/5hyrI3ERiOUpgleCMkGez6Kt6k1VqEJgmbAL1v5QmeeZLAxRfghfgOxUyD2uQIBR3KXiRs/b4mTfIMtY4DtyCTFusdAWb5K3E6iNW3h1PUJqAguHFEa/aYTYUVW98+pxdLbxWsiukR2wGHrGkkZNMI0jvizs8jiEhlvhZ5qsawyQhAXMxiHvDx64ozUUmaRz2/9Cz/y9pv8whp/SaMmgTVBQNB/uukUNhwRdCQ7HxhIllLhrPQFBmbPGX0S+s+lI4+8NNOotaU4oLAOn/ai5FH3wsznhJh9pGnaJoLiRb33uva46QN/l1oKD4hSNCxccCXDRIJ//6wXXhkjmPWQKfyC7tF+daIalHgUrK+Q918L8SnnV4FECy4xqV4cn44T9BhoV+iy6ZBET8MbrPUk3eEB+HmbZjrB93bgNglDVNeDGDKezErwynZ6aaZzLiUmpXWk+jQ4IIbMsOi5MPLx5ubFyJ4dVD4msBCwL6aX2pwvXf2spl5O1mlQZDRw8M9hpfu5DPJQdi6mM+LoRdPXie6/RpDAGuye2Esl7GZGPt0sfj2jQgB1RoEfpilNmk2GtxWpn+msDiDq90ohJr59ish/qUsJOVPESt21tKlDW5pzEs0mnGg X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Feb 2024 21:33:32.4233 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: e4ff8780-f622-4ac9-40c0-08dc371294c8 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CH3PEPF0000000F.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR12MB7443 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1791999609511734356 X-GMAIL-MSGID: 1791999609511734356 When a guest issues a cpuid instruction for Fn0000000D_x0B (CetUserOffset), the hypervisor may intercept and access the guest XSS value. For SEV-ES, this is encrypted and needs to be included in the GHCB to be visible to the hypervisor. The rdmsr instruction needs to be called directly as the code may be used in early boot in which case the rdmsr wrappers should be avoided as they are incompatible with the decompression boot phase. Signed-off-by: John Allen Acked-by: Borislav Petkov (AMD) --- v2: - Use raw_rdmsr instead of calling rdmsr directly. --- arch/x86/kernel/sev-shared.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c index 1d24ec679915..10ac130cc953 100644 --- a/arch/x86/kernel/sev-shared.c +++ b/arch/x86/kernel/sev-shared.c @@ -966,6 +966,13 @@ static enum es_result vc_handle_cpuid(struct ghcb *ghcb, /* xgetbv will cause #GP - use reset value for xcr0 */ ghcb_set_xcr0(ghcb, 1); + if (has_cpuflag(X86_FEATURE_SHSTK) && regs->ax == 0xd && regs->cx <= 1) { + struct msr m; + + raw_rdmsr(MSR_IA32_XSS, &m); + ghcb_set_xss(ghcb, m.q); + } + ret = sev_es_ghcb_hv_call(ghcb, ctxt, SVM_EXIT_CPUID, 0, 0); if (ret != ES_OK) return ret; From patchwork Mon Feb 26 21:32:43 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: John Allen X-Patchwork-Id: 206950 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:a81b:b0:108:e6aa:91d0 with SMTP id bq27csp2350414dyb; Mon, 26 Feb 2024 13:46:59 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCWaJy8Om/x4RniI/C+VN9fNTtKbQHNd5Sj9C+RJsu7pnyYikMuC83Oh7eiM+yJInZnSDLswxgelr1cZEcH0mZXu8djXuw== X-Google-Smtp-Source: AGHT+IHHfFO0i+N8St71cPccwclnQ+sddc2NWXngchuA4qQhE8FNmY4sjoYO4ib/CVZJWEq0xTlv X-Received: by 2002:a17:906:a2c8:b0:a43:6136:f1f2 with SMTP id by8-20020a170906a2c800b00a436136f1f2mr2700777ejb.25.1708984019419; Mon, 26 Feb 2024 13:46:59 -0800 (PST) Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id p23-20020a170906141700b00a3fb1b2a2bbsi116063ejc.1042.2024.02.26.13.46.59 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 26 Feb 2024 13:46:59 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-82360-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=1hG2VuFH; arc=fail (signature failed); spf=pass (google.com: domain of linux-kernel+bounces-82360-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-82360-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 1C0061F2C7A3 for ; Mon, 26 Feb 2024 21:36:42 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 902D91353E7; Mon, 26 Feb 2024 21:33:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="1hG2VuFH" Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2040.outbound.protection.outlook.com [40.107.236.40]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EE73D132C09; Mon, 26 Feb 2024 21:33:38 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.236.40 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708983220; cv=fail; b=GtLxy7pvkW+XSqiOeBcTR8WmaMwS77qdX/htsy+3k3fL72Y0nOWk460jrJbTGl8sts00nb4ti6jtGNRIwURfgYiIqW90MK7erD3biFbYWL6IKfv/pjMxsGjA+1VMNVv2loqypdckL1WKd4sllZx5Qt2dYCmoh7XMbv89vAR0k7o= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708983220; c=relaxed/simple; bh=TWe/GoX7unY7TDsBKAQIyKabGHNwuZLS0FcVR/q6KUw=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=W6qqU1qpNjQPH8wmW7sVZxDn4UE5cm9i52SgeecoFwUx5BMZ7BxiryFHdLJWov9z7wX6ooCLcuVoopjQGndLTf8VNtk7+fsbLUp5ma399bRmDs//wdOoTZZ84zluGwPsY3SzJapLAxaIeqJEERXMfwP7WtDlvWItIKTSipgPmCI= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=1hG2VuFH; arc=fail smtp.client-ip=40.107.236.40 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=aOVNnYipF1k8t+v4s2Ho3Fscilxu5L/L7l0q2DfBMZZ0LV30C7LlCHtlWZm7nr4RPwIilW3k3x7OCCL+QF1NRP5M3cdQFPdKgjXOt1qzNJ3DwWiqh56ozSb247+yEmIwU5iIiH8b59gbjrPp3IR57TyFqTezGVw/kX9cYNDr5bvV3nd0Ac41aQmzzww6JD8qsDU6tQyCAaKKAx57F97JeOvC9J06XfXO5Zjv5FiGqMg6zTEZ7rrbBOxRRf9DLnYzGDnHeOeJZCJETazrFoAp06+hh1jszT0EEyoBAcFVxNtma/wfcwulWslRYSI+pjFSpz20EUy5siY+j9AQY3ESkQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=/SkAmPau6YEGtzE5zoZz5RgHpEsEQxHwBgGGFR+//N8=; b=iR4gUzjirUZzI/9Rfl9tDO1+CzbSoPpJbN818wtUaYlAJbs629p3K83sr4cokpdUX3Ew8BojZX3PR9tDSPFV7qpnfwOQlvmOm9CZnUkXw79aX9n6Zt8NKxgHXmgQufR3fduN1HxFVLnOzAJwrFImhZjlulRizp+/OHm0tV+fRgsZI9MjaedY3IPcYBgc0WOfSmssiUAA5upiRXMGu+dJ6AZZjQXto6QIAS1/KSBaEsR6Qny0gB7ivPUjP1bHrIODjteJdmpYXZBIIC0tknTLpDKICFO8O1XHi7FaXc68/yhqvs9DzjR+SsfUoxbhkZT3nq6nt+PuXt9+LMtuo/AyuA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/SkAmPau6YEGtzE5zoZz5RgHpEsEQxHwBgGGFR+//N8=; b=1hG2VuFHDUPDdaC6NNEZy0wNqJ/T4uJabgSylW5y7bAvJzmNNuuRmHFSy15UweNf3T1M7+gBv6RLCzfkpaxUQBtcYB2y8LNQSptal9JXIxjNAJfHINJcJFXirLyWe4n3P9owWpeFRCDLIrjdHMaa/PCuKPvWm3QnuOpd6w8KgGQ= Received: from CH2PR19CA0018.namprd19.prod.outlook.com (2603:10b6:610:4d::28) by SN7PR12MB6714.namprd12.prod.outlook.com (2603:10b6:806:272::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7316.34; Mon, 26 Feb 2024 21:33:36 +0000 Received: from CH3PEPF00000010.namprd04.prod.outlook.com (2603:10b6:610:4d:cafe::60) by CH2PR19CA0018.outlook.office365.com (2603:10b6:610:4d::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7292.49 via Frontend Transport; Mon, 26 Feb 2024 21:33:36 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CH3PEPF00000010.mail.protection.outlook.com (10.167.244.41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7292.25 via Frontend Transport; Mon, 26 Feb 2024 21:33:36 +0000 Received: from jallen-jump-host.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Mon, 26 Feb 2024 15:33:35 -0600 From: John Allen To: CC: , , , , , , , , , John Allen Subject: [PATCH v2 8/9] KVM: SVM: Use KVM-governed features to track SHSTK Date: Mon, 26 Feb 2024 21:32:43 +0000 Message-ID: <20240226213244.18441-9-john.allen@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240226213244.18441-1-john.allen@amd.com> References: <20240226213244.18441-1-john.allen@amd.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CH3PEPF00000010:EE_|SN7PR12MB6714:EE_ X-MS-Office365-Filtering-Correlation-Id: 152bf045-2cc6-435a-3b4d-08dc37129717 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: mzUAIw+fXhad49XxIp/cgjwW2G5Ug9XBQoedqGUIL7+0qKmSy0z1tenhPDScty6o6vbr3OkPGPlP33KaHHQns+kFf5c2pVVC8natPeBPKQaYDP55x5ca9tgyUPnsy9C/G9Pwx5rUx7uMTPoe4Zx5hMRJeDFz70AjbDIbCg8662Mf11GsAYWMpoxCZTW4Db1Slf9s2A8GmR46lkhjDnIccFj9KPGqcfq0R1P822jjwHXoSa7SMv+DjQC3GlWPzmBG55T/KJ9CNpU9Duo4/420n+pnl9VWxTVzEFzKQam5sE++4ZqzNiocnVlQWV6vGql+YkGalNkDn3B9b41hn6mQNHrW1MErt1OpXbKmXq76NIT+rd0D8krKkb+Gct3DM32AFKIJuQtK8+04AIBC320zT5mhItdjr5nsGW8zuEwlDj+aReG7L4JZ4HT+/0Zuv6or8uA41ip1SHXRL8lI7KUCxTeRocDr/q7NTdyxMgmZS1YNYtn1/UQj6t/sbdVlEUHrF8LL/twGr36RpF92VLftadsgxeUAP6gH1JRDOAoZ+d40eR7tOCyfVflaJoNt24F3oo356p26ThbaIwHc3d+TZCwLeO46cZf2kE0trtO0ftAwulkuUlx4Dg9KX6jDzXn4gv67EhJe/uzcv8FH4IkJuZ1ntLbAUy5i/mGJaVfPompDwWIXsygJLu1vZH0rXekge6O7tspLhfnozD8pSstGUzj2zAfYviJBfwG6s6p6v8M4FY98zMqRCOR0nhUldcQW X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Feb 2024 21:33:36.2963 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 152bf045-2cc6-435a-3b4d-08dc37129717 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CH3PEPF00000010.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB6714 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1791999627097377680 X-GMAIL-MSGID: 1791999627097377680 Use the KVM-governed features framework to track whether SHSTK can be by both userspace and guest for SVM. Signed-off-by: John Allen --- arch/x86/kvm/svm/svm.c | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 68da482713cf..1181f017c173 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -4386,6 +4386,7 @@ static void svm_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_PFTHRESHOLD); kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_VGIF); kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_VNMI); + kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_SHSTK); svm_recalc_instruction_intercepts(vcpu, svm); From patchwork Mon Feb 26 21:32:44 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: John Allen X-Patchwork-Id: 206941 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:a81b:b0:108:e6aa:91d0 with SMTP id bq27csp2347048dyb; Mon, 26 Feb 2024 13:37:44 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCWphqhE5YN1PYwrtLsYbWGEXXQmUpmhVeEn51lBn+rXK3mwoJ/SWpfB5cv2J+VRj8PQn9TXq1/Q34BOEyN0Zd0FyAb8rQ== X-Google-Smtp-Source: AGHT+IE9BlXD5jOHr91KRiQodUDmu06G8Aswb7NjW/OVNBHrbkqObGCDCcZy2qv2o55ET8+kIeF5 X-Received: by 2002:a05:6a20:9e4a:b0:1a0:f0db:2245 with SMTP id mt10-20020a056a209e4a00b001a0f0db2245mr388412pzb.54.1708983464392; Mon, 26 Feb 2024 13:37:44 -0800 (PST) Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id 17-20020a630011000000b005dcbb6a2cccsi4289186pga.44.2024.02.26.13.37.44 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 26 Feb 2024 13:37:44 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-82362-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=VsC9rVbE; arc=fail (signature failed); spf=pass (google.com: domain of linux-kernel+bounces-82362-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-82362-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 88BDA28F5F0 for ; Mon, 26 Feb 2024 21:37:08 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 415C5135A4C; Mon, 26 Feb 2024 21:33:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="VsC9rVbE" Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2078.outbound.protection.outlook.com [40.107.237.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A3D341353E9; Mon, 26 Feb 2024 21:33:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.237.78 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708983225; cv=fail; b=e5tUSDzRndlijx73Ty7qhYOvtRJPn2ZmniD5Wg93TpR6e5Awgu7gy+tvI8n19X4PVaOh2gphzrIPV5O8bCV2X+XDgW699iJpb+FY4ogC/s7/UTbESfJN1pYiR1ti3dSITWTS/gXhggLSEFDq6sxUy7bgZC9J7VS2g2tc2J/7eCg= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708983225; c=relaxed/simple; bh=H9YXNTWjqPnp1YfKoDowcyg6Zv1FbLoFTq1TUm6PiWI=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=fpVGVAL5KM7gOfbwjFRAKu07B4j0/QmBAffslJWLP265Es+npmg+MIevydbYQjqaZlOBU3hSYm8UVEXYzHd582ZMWe4sjQqJdw4BeTGIBHTz2CogiPzaFFBts8UkgUH+yvCDDo8eqaAM5+b0nv/altWAk1NWvHDVZDQ0SYk4mSQ= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=VsC9rVbE; arc=fail smtp.client-ip=40.107.237.78 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RntYAE0Q6/hZdDKniIXmToEhi8ZqOunArHSMGN1tZ/fs08hf5eize+ZGTxPk+cuWSQ7EfiJuju5/x5I2UgVJ4openngG0gxf2SCksJP9ukl+vMs942qITMs5653icPlh4LxWcxDTU/6qkmpsMxEQ7XZyvWNeHFrHiRVvh53HGHJXweaoXAVLGHPhFLK8sC/1X8+4vFfvWpj515lCIskOvwLb8+PR9db7sAMUym0nyPQZWfxPhEnXHYXk0g3z2il2OhqMFjpNBMaRHS1o4tfp+kauePOSFMK1BBjXG6NpBoINhvxGYXtyPlhSlQojqWgq8Xf3PQxmI649VMfrZey2xw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=kG+9PySf9s/IXt/ytfi0Dr0DGxifcANasQNJu38+Owo=; b=KFG3ifTHx9qvcMOf4xsh7pSjIX7WFp3Ngp+fHZNkI8NWMqnD7C4i9YihT6j3B7e9DtYD6kNNL7lpdCrbtmC+7E8Gyz7KFig0CKO9GlezSmASX49YTW0RZs2d0klB1aoW0fmMvl/tz09oSUvL6NDNeYDgox9lh0YR+xjJVElIC7vAc7E5XmG6bBozXh+oXkjkdGh25tJtpPHIngIMlCSqoYM9RjJ5vqQ1wmhp/1RKC2u67cJbApUb9ivvUwmeERrtQBtOwuaD3BF+Wf6bCtpLqeSug5JLmOWPfWHFv/taG9gY1gqfXQMLo2KVH/Ga1MF3ZAK/any0FpFJ5KN3jfgBGg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kG+9PySf9s/IXt/ytfi0Dr0DGxifcANasQNJu38+Owo=; b=VsC9rVbEaov+uPTaF2p7p76dvvXJ3Uxy4BMZPqpSZoWdgmDY0lAk2QP7QcMMI2qqvy5P2WzKAjWU5ep5D0Kxydm1DDQwl/8K/dnU4mxesaxJIgnXa2XyWC2XQk+VBDL+YT2xcmZW4zPqKwZMjLg29G6B9nSOaCRd2HmvvMPqRJw= Received: from CH2PR19CA0018.namprd19.prod.outlook.com (2603:10b6:610:4d::28) by MW6PR12MB7087.namprd12.prod.outlook.com (2603:10b6:303:238::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7316.34; Mon, 26 Feb 2024 21:33:40 +0000 Received: from CH3PEPF00000010.namprd04.prod.outlook.com (2603:10b6:610:4d:cafe::35) by CH2PR19CA0018.outlook.office365.com (2603:10b6:610:4d::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7292.49 via Frontend Transport; Mon, 26 Feb 2024 21:33:40 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CH3PEPF00000010.mail.protection.outlook.com (10.167.244.41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7292.25 via Frontend Transport; Mon, 26 Feb 2024 21:33:40 +0000 Received: from jallen-jump-host.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Mon, 26 Feb 2024 15:33:39 -0600 From: John Allen To: CC: , , , , , , , , , John Allen Subject: [PATCH v2 9/9] KVM: SVM: Add CET features to supported_xss Date: Mon, 26 Feb 2024 21:32:44 +0000 Message-ID: <20240226213244.18441-10-john.allen@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240226213244.18441-1-john.allen@amd.com> References: <20240226213244.18441-1-john.allen@amd.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CH3PEPF00000010:EE_|MW6PR12MB7087:EE_ X-MS-Office365-Filtering-Correlation-Id: dab00498-e7f7-4965-a835-08dc3712996d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: cdbiX+YVpO22KpS5cU0mJxmUlrrYjj2QTsxTXJMkZyLpyByUIn9JsLDhzyKop8t0InL1XnF2+/B9wA34QryfSR8AwrSuB2WgPu3u+Aoy84WYgHt83qnK7SJt2ryW1Deg1zbM6U+yHe/O18FyKNma/RqVxQf1M8bQYUIpuG1qlExKCJu9wwHBIFJxl7HOaAAsxk8irwm51rBbqHYdRmAYFEQ8pl8Hp1X/B0I3Hf3+WOK09148WicPuTnD+fXHDPZ3LJsXHw538eklnUUDkg1ljVaEgmLtw4lHmutOQ44NrlmRIpWKMbwQt1vOq96wym6KYkY+ZpMe1tkN6NqaCVIKJsrhJLYU0pQbfE3Gym8XA5hzoD3YlNSvW8xv/cZXx8NrOeJx3YbzRs5C7uH7G6Kp0d3pdTzpSS3KqxUFKn1Ykd2CGz8+fSV8TvaWEGaJzGwI5apqSmOFhD081qPMNcbBNyV2yUTx48gmlhxPDjxsHEJOeSxz31WM6DoeiGpWobxLg95uduJdG/+ftfa7E3R41NpByUTnftx46M00YTFr2L+YT671FikwpL548SSzi34seZUytlegGADUXlWbSnY14UeRKp2pe4rRxaotvS0+qX7nJ8ndFg07u50sOWkUtmJ1r6l58eQDyh09495w0H6qideRBwAJTSzWBfBa/c21AqnlMS5SRT2OOydIRF0hI39kUhSuG/oeWIQ3xVYaZunpIbUk2sJXvZFay7OM5/8XqKJa71YIfEsUff5MDh/htCZS X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Feb 2024 21:33:40.2182 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: dab00498-e7f7-4965-a835-08dc3712996d X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CH3PEPF00000010.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW6PR12MB7087 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1791999044997913274 X-GMAIL-MSGID: 1791999044997913274 If the CPU supports CET, add CET XSAVES feature bits to the supported_xss mask. Signed-off-by: John Allen --- arch/x86/kvm/svm/svm.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 1181f017c173..d97d82ebec4a 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -5177,6 +5177,10 @@ static __init void svm_set_cpu_caps(void) boot_cpu_has(X86_FEATURE_AMD_SSBD)) kvm_cpu_cap_set(X86_FEATURE_VIRT_SSBD); + if (kvm_cpu_cap_has(X86_FEATURE_SHSTK)) + kvm_caps.supported_xss |= XFEATURE_MASK_CET_USER | + XFEATURE_MASK_CET_KERNEL; + if (enable_pmu) { /* * Enumerate support for PERFCTR_CORE if and only if KVM has