@@ -102,6 +102,13 @@
/* SNP Page State Change NAE event */
#define VMGEXIT_PSC_MAX_ENTRY 253
+/* The page state change hdr structure in not valid */
+#define PSC_INVALID_HDR 1
+/* The hdr.cur_entry or hdr.end_entry is not valid */
+#define PSC_INVALID_ENTRY 2
+/* Page state change encountered undefined error */
+#define PSC_UNDEF_ERR 3
+
struct __packed snp_page_state_header {
u16 cur_entry;
u16 end_entry;
@@ -2640,6 +2640,7 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm)
case SVM_VMGEXIT_AP_JUMP_TABLE:
case SVM_VMGEXIT_UNSUPPORTED_EVENT:
case SVM_VMGEXIT_HV_FT:
+ case SVM_VMGEXIT_PSC:
break;
default:
goto vmgexit_err;
@@ -2888,7 +2889,8 @@ static int snp_make_page_private(struct kvm_vcpu *vcpu, gpa_t gpa, kvm_pfn_t pfn
static int __snp_handle_page_state_change(struct kvm_vcpu *vcpu, int op, gpa_t gpa, int level)
{
struct kvm *kvm = vcpu->kvm;
- int rc, tdp_level;
+ int rc = PSC_UNDEF_ERR;
+ int tdp_level;
kvm_pfn_t pfn;
gpa_t gpa_end;
@@ -2923,8 +2925,11 @@ static int __snp_handle_page_state_change(struct kvm_vcpu *vcpu, int op, gpa_t g
case SNP_PAGE_STATE_PRIVATE:
rc = snp_make_page_private(vcpu, gpa, pfn, level);
break;
+ case SNP_PAGE_STATE_PSMASH:
+ case SNP_PAGE_STATE_UNSMASH:
+ /* TODO: Add support to handle it */
default:
- rc = -EINVAL;
+ rc = PSC_INVALID_ENTRY;
break;
}
@@ -2943,6 +2948,68 @@ static int __snp_handle_page_state_change(struct kvm_vcpu *vcpu, int op, gpa_t g
return rc;
}
+static inline unsigned long map_to_psc_vmgexit_code(int rc)
+{
+ switch (rc) {
+ case PSC_INVALID_HDR:
+ return ((1ul << 32) | 1);
+ case PSC_INVALID_ENTRY:
+ return ((1ul << 32) | 2);
+ case RMPUPDATE_FAIL_OVERLAP:
+ return ((3ul << 32) | 2);
+ default: return (4ul << 32);
+ }
+}
+
+static unsigned long snp_handle_page_state_change(struct vcpu_svm *svm, struct ghcb *ghcb)
+{
+ struct snp_page_state_entry *entry;
+ struct kvm_vcpu *vcpu = &svm->vcpu;
+ struct snp_page_state_change *info;
+ int level, op, rc = PSC_UNDEF_ERR;
+ gpa_t gpa;
+
+ if (!sev_snp_guest(vcpu->kvm))
+ goto out;
+
+ if (!setup_vmgexit_scratch(svm, true, sizeof(ghcb->save.sw_scratch))) {
+ pr_err("vmgexit: scratch area is not setup.\n");
+ rc = PSC_INVALID_HDR;
+ goto out;
+ }
+
+ info = (struct snp_page_state_change *)svm->ghcb_sa;
+ entry = &info->entry[info->header.cur_entry];
+
+ if ((info->header.cur_entry >= VMGEXIT_PSC_MAX_ENTRY) ||
+ (info->header.end_entry >= VMGEXIT_PSC_MAX_ENTRY) ||
+ (info->header.cur_entry > info->header.end_entry)) {
+ rc = PSC_INVALID_ENTRY;
+ goto out;
+ }
+
+ while (info->header.cur_entry <= info->header.end_entry) {
+ entry = &info->entry[info->header.cur_entry];
+ gpa = gfn_to_gpa(entry->gfn);
+ level = RMP_TO_X86_PG_LEVEL(entry->pagesize);
+ op = entry->operation;
+
+ if (!IS_ALIGNED(gpa, page_level_size(level))) {
+ rc = PSC_INVALID_ENTRY;
+ goto out;
+ }
+
+ rc = __snp_handle_page_state_change(vcpu, op, gpa, level);
+ if (rc)
+ goto out;
+
+ info->header.cur_entry++;
+ }
+
+out:
+ return rc ? map_to_psc_vmgexit_code(rc) : 0;
+}
+
static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm)
{
struct vmcb_control_area *control = &svm->vmcb->control;
@@ -3187,6 +3254,15 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu)
ret = 1;
break;
}
+ case SVM_VMGEXIT_PSC: {
+ unsigned long rc;
+
+ ret = 1;
+
+ rc = snp_handle_page_state_change(svm, ghcb);
+ ghcb_set_sw_exit_info_2(ghcb, rc);
+ break;
+ }
case SVM_VMGEXIT_UNSUPPORTED_EVENT:
vcpu_unimpl(vcpu,
"vmgexit: unsupported event - exit_info_1=%#llx, exit_info_2=%#llx\n",
@@ -57,6 +57,9 @@ struct rmpupdate {
*/
#define FAIL_INUSE 3
+/* RMUPDATE detected 4K page and 2MB page overlap. */
+#define RMPUPDATE_FAIL_OVERLAP 7
+
#ifdef CONFIG_AMD_MEM_ENCRYPT
struct rmpentry *snp_lookup_page_in_rmptable(struct page *page, int *level);
int psmash(struct page *page);
SEV-SNP VMs can ask the hypervisor to change the page state in the RMP table to be private or shared using the Page State Change NAE event as defined in the GHCB specification section 4.1.6. Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> --- arch/x86/include/asm/sev-common.h | 7 +++ arch/x86/kvm/svm/sev.c | 80 ++++++++++++++++++++++++++++++- include/linux/sev.h | 3 ++ 3 files changed, 88 insertions(+), 2 deletions(-)