From patchwork Wed Jun 2 14:03:55 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 452678 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 91455C4709A for ; Wed, 2 Jun 2021 14:04:46 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 7EF3E613EA for ; Wed, 2 Jun 2021 14:04:46 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230187AbhFBOG1 (ORCPT ); Wed, 2 Jun 2021 10:06:27 -0400 Received: from mail-dm6nam11on2061.outbound.protection.outlook.com ([40.107.223.61]:8225 "EHLO NAM11-DM6-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S229929AbhFBOG0 (ORCPT ); Wed, 2 Jun 2021 10:06:26 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XkwHQTPem+MatItVrXytgkmHeWk2XmhBbmu9uu+hWjg0wRsjIa/T7CKa4QC3VjZujSz+m+q5S7yQxO0iqXOTjIt0FA8PZ1I2I9LY6biGtZZfIlIez1l1RFWhtXro3WB+CtMOjzD7fcxJZPhpaRj5xDJq1Mrt3jnnM/bx4r/fOPXKBVw63jID3YRXah2iJYbG34l/cSF+NLYVdECQCpMLVvZVHJCu+CBuQ9Kbxj3EJqUvB48khPgONUXrkD6vJvZDD9Ylh/5SAlhLw6G/2GAmg6LwNvIdjDXYP21byxKRgh2MZa5AxV35vSeoJBrHHP/BvAMBS1OAlvtn+byo3FKspQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=peVx0zH4JB1ZJYgUG/AjKof+2xC8mo0mNUU2PAGg2KU=; b=Pirg4CFMNxVyfqyEImI2uCRx8y7HW/hZnVjEe5DBeXjtios7ZANgEoJEpUSwBltIxEQ2SyiTf0hRFv6/iW6NI4UMw4m9D3KbYCP5C6oZRNQlRJ00Fn8zkH2L5oNRQlVAeIMxjyUtFG9i4jjTCumIuE1WjEl9TA1cxv2MTFmuveSK0cNppb6tukwzneuYrXCsDFRmJkRQ1bs6sgAvjarWr4yGVO5cS7ySR4/hHhgPPtm9nTkyYOVdKINe9kTc1RvE7QbJPuERfuF0ywcOEfGznLKJ2gEG5uwpoGF7GnfQ8Gdo+vgCyX5m4FlYlBM8oJl67JtBGiSymF8oqr/fYdLcIw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=peVx0zH4JB1ZJYgUG/AjKof+2xC8mo0mNUU2PAGg2KU=; b=vA0RD39PH5Z9P2Ky1fAIMpASxn1R4LAvkG7VfxGZtYho6goFu4IA/pJ2DRSnB3OljXpIeWU2ofdbyo2nUZhWxYL1bBggR+sH7NNO8m5EU0R1wu4/3oTEvH7lx3l7WotCJ7ERA8imwLZgMsBvLWSZegZHIX1Lpi2p2DD/xSEogd8= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SA0PR12MB4512.namprd12.prod.outlook.com (2603:10b6:806:71::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4173.21; Wed, 2 Jun 2021 14:04:41 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94%6]) with mapi id 15.20.4173.030; Wed, 2 Jun 2021 14:04:41 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , tony.luck@intel.com, npmccallum@redhat.com, Brijesh Singh Subject: [PATCH Part1 RFC v3 01/22] x86/sev: shorten GHCB terminate macro names Date: Wed, 2 Jun 2021 09:03:55 -0500 Message-Id: <20210602140416.23573-2-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210602140416.23573-1-brijesh.singh@amd.com> References: <20210602140416.23573-1-brijesh.singh@amd.com> X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SN6PR05CA0010.namprd05.prod.outlook.com (2603:10b6:805:de::23) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SN6PR05CA0010.namprd05.prod.outlook.com (2603:10b6:805:de::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4219.9 via Frontend Transport; Wed, 2 Jun 2021 14:04:40 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: a0566013-336f-4a70-aa5c-08d925cf5da7 X-MS-TrafficTypeDiagnostic: SA0PR12MB4512: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:6790; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: efH/JrUu4fxJJo1/V/ZW/rPfvdhoZznlYtBWMz+UGHn+7sWqO9ORqeHc4fV8eC5OyizhfYAnp5FTb6ebJWPsY/fVyk/qvru2NLktlY7tZ/mI35Qvy3SOvlxmYoQsEnC/jIKGS5YkY3tVPvIL2JRfnJAzMCeflsoiXzSRphWrWjclAzQuW6+E+E+EhnyucFxXFWQKbV4P2IpjBDngY51afMALoNhyw5uFEdrdrKXX7E75iZyZNzGwv+oM0ly8qEqIytOCV9eEpAp70yPH373RaTEWzGPhl8w7VYizfdU1wgaAALCFRSK/eB+IsAILYHSRmtkVXdvtRpZwnOv8lptZU8mn1IDUQulT3Z11+CPaEor+QYKv8Gp7on7vCGFbhk+1oUhlm1t4TjT9pwrUEXUsneTlBxRBYUd8jij4AqzQF9gV0bs+jE5V3n3j9hCZQao8WBsgntNroHuJsW3xmpG1NNbMieg50lCt8JfCqDGhbZcNEMzq8jytzVzUWW3KxPYH/Jqpw9AzZJ6A8eiiyPpG0LAgAPEVUOL1+kJcPkGdTkzfExk2xdTwG3lRPop1hNJ93tqa6oR33+dzckwBHBZ2IaciPdDTPyX+IfUGDeR5qB/t75X+xDlazU/vqfTCXz9z44/PHHTBHk4hqflbBSMcgcSWiU5UVHb9FoBm5nVJDFQ= X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR12MB2718.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(366004)(346002)(396003)(39860400002)(136003)(6666004)(44832011)(7416002)(26005)(2906002)(8676002)(6486002)(7696005)(52116002)(38100700002)(478600001)(956004)(66556008)(186003)(1076003)(36756003)(8936002)(16526019)(66946007)(83380400001)(38350700002)(5660300002)(2616005)(54906003)(4326008)(86362001)(66476007)(316002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData: +EhLSBTAPylrre06yM2RMSKsYTXFSh6vgg6njcTlDY/wD0OfIeZSZ+q5iDQ/eLnrokUcZ0HkFWd0kJDLkeIFFGUr0gVxbkR5WfwjW7/v2naX/ZuqIOmfSUpamLmdAA8U0BLvxMC23kULJfZlP2MzevQ8YHalo6J9dzy2m28/41BQZ7LVRObO2dnvHPTkFRd3RfX6ubFyn5WmFyKi0vDYMkIYO75QS4R2ofA7T658U+ZuE2WL20dBjBv2lJhh+f9ejmD7QjxTbGgN4Yp8gVE0spywAVHubTI6LA3BackIb2qQhS3aS29OeCCRPGb1LU4oZiYrImaxG3acpIf4QTYWRvcfxqd/zLeKqP4IqtvWsEZiGM3sKrnmGkRk76FWjURLDGEVeGMfYfhMsu8wB2AIereRUm2chYF8ictNucqR4TwDmjmi1/4DjmPR4Y4CiEuSbGeCN5vmas4hH9FWa0vSF9sU1RJ/hjibwaDOT3AahoEnE1X/lloqXNV2OUWyrXaUYpHt8iyE/getAaljUgSMUq/DyfUPaMofra+C4kIItBYy1fm40jYouDniN12CaNiOvQZehjKidtFi8oCqBwtaYOqVJVnk7mKZ2YSq9TRqvxp4v5GRrFB/JEyjapGIASek3xwK6tSJOETXmcLMIU2cJqhQ0nMiYTGzqH9YLlLhxzvG7U+zB8O/kOQavT6h0wYIv8Q/bH979HpOrzoiJH+kYSQthEIXiHrVBdrP55TPsa+Xa8m+I2DeFwSL+VdvHfgsiN7/OB005AkR/QzZ3ttVBzDXVY+XJQPjlWW55xf5DRUyrOdUrr7xosq7okdS2nDD61GX17CfS+tnOJgodh6eGKyZpfQnmBJVriMfrkP8QZFFEyzob5EDQzaXuwn5UtzH97Wei1i8yOnPAws6YcaI8q0cJWhYN+L9kmVqD1jr0LAReb0opEToFrmBcm4nXoNCH071vxQssFlXPm6Jjqk2vsHR2q/Ueo1dRIhPRE1jlHcpdxWrzxq+Yi0Z5bAhFkv1v9/2PqdEHFDZT796QZKcTJxREtBqAd6ZJAPO5LbSE1cUTAy8Cc/z8TnToCC5gM288JLIlxzW3qOpPyRm1RShjEbT4sdYVAQYZlWFZ9owZWmAZebDJ0JLofBch0KSwOkMH0wSAOnmdvRuYCydJHPU8xOYPZGOK+gyf9+pGHYHwDnpgk4ewM3bTm1kBhEyI9frNtYHTNqHSD+Z1cDARLnda4IMh7+LhywFdxYTwF9/RPvMYkH3LbHULz54oUw8MZQ6wna4da9QeyJ+32g/YpBAbi13SHk6do6ziEKw4cVhJmFpJOMBJMXT21gI+6zfGQxs X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: a0566013-336f-4a70-aa5c-08d925cf5da7 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Jun 2021 14:04:41.1221 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: vQcYoKMrzYvZ4kkWBJGSlEnrxlNKZb5gb0fuf97k8b+zSJgtw6hM+3I4y7pS8OYyLeh1bqgkevD/TC8wkJmhrQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB4512 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Suggested-by: Borislav Petkov Signed-off-by: Brijesh Singh Reviewed-by: Venu Busireddy --- arch/x86/boot/compressed/sev.c | 6 +++--- arch/x86/include/asm/sev-common.h | 4 ++-- arch/x86/kernel/sev-shared.c | 2 +- arch/x86/kernel/sev.c | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c index 670e998fe930..28bcf04c022e 100644 --- a/arch/x86/boot/compressed/sev.c +++ b/arch/x86/boot/compressed/sev.c @@ -122,7 +122,7 @@ static enum es_result vc_read_mem(struct es_em_ctxt *ctxt, static bool early_setup_sev_es(void) { if (!sev_es_negotiate_protocol()) - sev_es_terminate(GHCB_SEV_ES_REASON_PROTOCOL_UNSUPPORTED); + sev_es_terminate(GHCB_SEV_ES_PROT_UNSUPPORTED); if (set_page_decrypted((unsigned long)&boot_ghcb_page)) return false; @@ -175,7 +175,7 @@ void do_boot_stage2_vc(struct pt_regs *regs, unsigned long exit_code) enum es_result result; if (!boot_ghcb && !early_setup_sev_es()) - sev_es_terminate(GHCB_SEV_ES_REASON_GENERAL_REQUEST); + sev_es_terminate(GHCB_SEV_ES_GEN_REQ); vc_ghcb_invalidate(boot_ghcb); result = vc_init_em_ctxt(&ctxt, regs, exit_code); @@ -202,5 +202,5 @@ void do_boot_stage2_vc(struct pt_regs *regs, unsigned long exit_code) if (result == ES_OK) vc_finish_insn(&ctxt); else if (result != ES_RETRY) - sev_es_terminate(GHCB_SEV_ES_REASON_GENERAL_REQUEST); + sev_es_terminate(GHCB_SEV_ES_GEN_REQ); } diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index 629c3df243f0..11b7d9cea775 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -54,8 +54,8 @@ (((((u64)reason_set) & GHCB_MSR_TERM_REASON_SET_MASK) << GHCB_MSR_TERM_REASON_SET_POS) | \ ((((u64)reason_val) & GHCB_MSR_TERM_REASON_MASK) << GHCB_MSR_TERM_REASON_POS)) -#define GHCB_SEV_ES_REASON_GENERAL_REQUEST 0 -#define GHCB_SEV_ES_REASON_PROTOCOL_UNSUPPORTED 1 +#define GHCB_SEV_ES_GEN_REQ 0 +#define GHCB_SEV_ES_PROT_UNSUPPORTED 1 #define GHCB_RESP_CODE(v) ((v) & GHCB_MSR_INFO_MASK) diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c index 6ec8b3bfd76e..14198075ff8b 100644 --- a/arch/x86/kernel/sev-shared.c +++ b/arch/x86/kernel/sev-shared.c @@ -207,7 +207,7 @@ void __init do_vc_no_ghcb(struct pt_regs *regs, unsigned long exit_code) fail: /* Terminate the guest */ - sev_es_terminate(GHCB_SEV_ES_REASON_GENERAL_REQUEST); + sev_es_terminate(GHCB_SEV_ES_GEN_REQ); } static enum es_result vc_insn_string_read(struct es_em_ctxt *ctxt, diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index 9578c82832aa..460717e3f72d 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -1383,7 +1383,7 @@ DEFINE_IDTENTRY_VC_SAFE_STACK(exc_vmm_communication) show_regs(regs); /* Ask hypervisor to sev_es_terminate */ - sev_es_terminate(GHCB_SEV_ES_REASON_GENERAL_REQUEST); + sev_es_terminate(GHCB_SEV_ES_GEN_REQ); /* If that fails and we get here - just panic */ panic("Returned from Terminate-Request to Hypervisor\n"); @@ -1416,7 +1416,7 @@ bool __init handle_vc_boot_ghcb(struct pt_regs *regs) /* Do initial setup or terminate the guest */ if (unlikely(boot_ghcb == NULL && !sev_es_setup_ghcb())) - sev_es_terminate(GHCB_SEV_ES_REASON_GENERAL_REQUEST); + sev_es_terminate(GHCB_SEV_ES_GEN_REQ); vc_ghcb_invalidate(boot_ghcb); From patchwork Wed Jun 2 14:03:57 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 452677 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3CB76C47242 for ; Wed, 2 Jun 2021 14:04:50 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 2CA33613B8 for ; Wed, 2 Jun 2021 14:04:50 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230239AbhFBOGa (ORCPT ); Wed, 2 Jun 2021 10:06:30 -0400 Received: from mail-dm6nam11on2061.outbound.protection.outlook.com ([40.107.223.61]:8225 "EHLO NAM11-DM6-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S230204AbhFBOG3 (ORCPT ); Wed, 2 Jun 2021 10:06:29 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=IYovAfl/TNxk5UhMueoqrDpa5MGEYYiXTQZN66633GgFWT/P97aSNEapBj2t8u9HxRm8C8Pix0rkfSshOQEHt+EKw9S2nCiLr23tCEpKnC2TuKqZlu6itG1uEApnQ9zjs9q0ZX3WJeqe2VSj1/uw9ZxUmWFkff+God15+S5x8zwtQX0Ze80QXKMxH0ICFZSqr/iAmqoXtasmCDPX4eKKNIxF/z8iYTA49d1pwbZ1J0cowqhF6zwtMIHRLi7pqBuopdmaGCdVCJWpqg7piGp0lfRYkN1RsNPojDWyfQJCLuJkNHEtFr8XR9j6Zz6UIBEwAEBgJtWoI9spYFHxf0Rh+A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tUi8IKlfPuatJ3taYQHxLzfjzCX7c4pWwH07mgJYwMU=; b=VWG1JF2b85LRy43HvT4gPqtek7cL7lxhaPUQo2Yuo/0qkkCKC27hpTUtQywkx1wDIY7DrM/DDdDg7RIQO9zSgLNYx8tUTU1m61KlHDfZiO/o/Iq7MGs23orjJUSyl8R8hwozID6+9vamMJkq8WmG9j5pwQA9iK8evkbPSTPxv5jD1VF7tghepKtT5yo2PkUH127DzohWRRkyzcV78oliavgiAZzqR22NToBneG71nhRoRe3GbjaoyD3ipb7p7jSIJMoAOuc9W0pbN3+ZQhh2j59nyAhjxh79cuGa0l3kk8I31M6S1YBreExzfP+5Ag/Y1IXYqCBszXxihRTFzlKu9Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tUi8IKlfPuatJ3taYQHxLzfjzCX7c4pWwH07mgJYwMU=; b=Wf3UyiaE5mXmHSwO7wq/4DvSOr0ohGbj2rtWavYSk+FxfDUIycUgQqXFhCQ//LEveP0ESzRJmmgsPc7ede+oKprPuAK4N32kVI+mp5nRnArxfZ2NTHzqEtvfrwdfNT9nQVB2viAybrJyR5yNacQiSXL/bXWfQhqufzfbWQ4A8AE= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SA0PR12MB4512.namprd12.prod.outlook.com (2603:10b6:806:71::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4173.21; Wed, 2 Jun 2021 14:04:43 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94%6]) with mapi id 15.20.4173.030; Wed, 2 Jun 2021 14:04:43 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , tony.luck@intel.com, npmccallum@redhat.com, Brijesh Singh Subject: [PATCH Part1 RFC v3 03/22] x86/sev: Save the negotiated GHCB version Date: Wed, 2 Jun 2021 09:03:57 -0500 Message-Id: <20210602140416.23573-4-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210602140416.23573-1-brijesh.singh@amd.com> References: <20210602140416.23573-1-brijesh.singh@amd.com> X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SN6PR05CA0010.namprd05.prod.outlook.com (2603:10b6:805:de::23) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SN6PR05CA0010.namprd05.prod.outlook.com (2603:10b6:805:de::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4219.9 via Frontend Transport; Wed, 2 Jun 2021 14:04:42 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: d64f8b2e-a7d9-456c-137b-08d925cf5f0a X-MS-TrafficTypeDiagnostic: SA0PR12MB4512: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:9508; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: SK7iSoj/CyjlGkwegZfe+Ek9cX10aeaEoKtHrMZHR9crqOHH5RxDYWxwrpX2L30XWRBMTux9uxKdIt4AFPZWVd3evRo3JZK6OxLPiF437V4JAf2Q91IbzNhOmVdMsuk7BFBJoA7EXJU3O18KNnTPwQjXfoV+gRyP8+/Awr0T36PTKPBO/zxga7EsSmV078fSBbyynFpXTZR79QOIFBiAvaE4TcWgbMMfbNzBCW5RVkpK44X4HRakMzmaxj2LhVPMJAF8Gf5gMWOMEahkN1v/iI+SOd5jJnvwh2pRjoQaFGSFUFlRfS8G8bSnOBMlm11UMeiUqGFtHR4b5VSHUnSrwybtrg6NWEHAv2+PLJxcB2+xJTAhPXIdOAOwTSZQHEOiBZKf764Jrl0G9WF7uhQfJEb7voxiVunk/d6affdDu1bJ3INwjiSBUhmqT3UirLQDiTvceyFN49Gsyr66vQLVSYUrWJNPBloPLa0hl8XESApJcVtmvs1x++AuFYaXmAjqokJWyUV+cRFeAOrMQnIDCm/+PfFrl8bdFmqrq8L67bNJUbQGiBTF2MUwoyOIiPT/aIyU88V16i+es0pz9zv0RpXIwGHcjAhoirUa7S178fRH8FkmxLMplfLIKlW++Knlmhxf7EbXRJKW1m1McLSrpw== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR12MB2718.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(366004)(346002)(396003)(39860400002)(136003)(6666004)(44832011)(7416002)(26005)(2906002)(8676002)(6486002)(7696005)(52116002)(38100700002)(478600001)(956004)(66556008)(186003)(1076003)(36756003)(8936002)(16526019)(66946007)(83380400001)(38350700002)(5660300002)(2616005)(54906003)(4326008)(86362001)(66476007)(316002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData: dKUKgl+z0P1DuHLAn4MxfsoHptYek5gBChtvAOJLRMXcWzjXHBV4UOpEZplp4r5tYni/bV3OXEGnFbzSecqjAQC4ySQ4v0pJ4hXKjfCuzZfr7OFdilWbrRsYDdV3SPF1p2Vowi6tBeeQSm99zn6uR2rugSoFs71SUGV4iNieZ+fR9sYt1CWLSxedg5q7V0V2NW+2M39x0tXSyANEvc+vRt5lxOgmIg8emtNdtk5CejYcilflfWRN4W/PpBy3a7rJXutOGCAUNe0zzXoD0PP0O2crAx9F8TJCktUsBCVgvRCds9nAO0yszHua7rAuIXnnhKkUPo9DfIB/GJ/dQNqycCNJUE9rlU5gsscdWh///nRnGUZHcXzPCNFgRTyvSL6moM1ncAZKBzrG81+Xj4dHGtNB2H5DI9yc0Jz/HbKSFPsxzzoxuN0duFH3SO4Y+s8UMjhGhLhYUA5DWSyGpf4dj6HrmJ+XaPMhfBBbh2TcNS23lHYCGvzP4LtmIU9tp8Z9voKW4OED0nZXaXKkz/LJ2xJGgVygnw3JMbd0VJQQyVpZmORFmWtM0aJODWvtQlJwStyA+MrVQ94uAa+IhhhQIhSX2Pvg8ZhlEvqivByFFoCkmRVAHfb6a99mqVCUCh8EY/wXhGMddWneOO09NgWVzbpNfPRzL+3lQ1yPXxcRTh+hwMdDgIzuQldzt1n4SP9Fn0/SWaPnoLGxF0OqTWAy2EX1RZpQDvzzW76yjUbn/Pwm3qrL7LlukTZE+c3FOnxSIdsfFrEJebTkw2SGudfuc2NFtpIw6F348rk1fZwjXoPraG3MNcPZAVwnKNxeVslaSAxoOwS0Ymj689UvQ8IL5eJdasEJ8ap6vX2ws0yZQnG8LeUHYC+nzRNbAQ6LfWjQBxxFRqA1Hm1UPAMwca4RK2Tr4eghWP0p3SZGrXtVPFNGWO32j/MUgXF72lqRUj1l5WsiNvrtsBWkp4cJvXLMHXwoj08gxuZQ4t8Hf7VmgMaTrQc5AkF8JsM0rofIRFsiGej9+rwYd4DfYoDHlJXMpSkNcYdVN9O0qAMNs75G9a2cUiTXAPKriHqEozw7hlqmF2Mew/3ZuIklrzQMz6sXNvyjXo+Kkbwlor3ww8h2BIPdoChd02FLD7mJMyoBLZMdjMQu42IVXseYg9Y+/BS9ZdS0Vq9vl4559frB+FTnyIooS/vgIb0NPc2Ayt7CoKkrsnRcBwnTL1qmgMndoZkb/UCwqZCCBV/ZJ2aYqZyFw0txpbWRGtfZtKjX36eXB6rg4W4eNbo+8rVqGPw2OUyGPx4hfjVbmL6W3oKX8ufuF78xtNwHlgrSdHfqWezwJsT2 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: d64f8b2e-a7d9-456c-137b-08d925cf5f0a X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Jun 2021 14:04:43.4408 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: bEotlSw9bs5m6GdWwc1NY6lOa849Rb5aoGKH9Pp6VOZFz3iz8n3qaeaeiHKmZbSt/Al/RSUJhEQ5lMPvE7TywA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB4512 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The SEV-ES guest calls the sev_es_negotiate_protocol() to negotiate the GHCB protocol version before establishing the GHCB. Cache the negotiated GHCB version so that it can be used later. Signed-off-by: Brijesh Singh Reviewed-by: Venu Busireddy --- arch/x86/include/asm/sev.h | 2 +- arch/x86/kernel/sev-shared.c | 15 ++++++++++++--- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index fa5cd05d3b5b..7ec91b1359df 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -12,7 +12,7 @@ #include #include -#define GHCB_PROTO_OUR 0x0001UL +#define GHCB_PROTOCOL_MIN 1ULL #define GHCB_PROTOCOL_MAX 1ULL #define GHCB_DEFAULT_USAGE 0ULL diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c index de0e7e6c52b8..70f181f20d92 100644 --- a/arch/x86/kernel/sev-shared.c +++ b/arch/x86/kernel/sev-shared.c @@ -14,6 +14,13 @@ #define has_cpuflag(f) boot_cpu_has(f) #endif +/* + * Since feature negotiation related variables are set early in the boot + * process they must reside in the .data section so as not to be zeroed + * out when the .bss section is later cleared. + */ +static u16 ghcb_version __section(".data"); + static bool __init sev_es_check_cpu_features(void) { if (!has_cpuflag(X86_FEATURE_RDRAND)) { @@ -54,10 +61,12 @@ static bool sev_es_negotiate_protocol(void) if (GHCB_MSR_INFO(val) != GHCB_MSR_SEV_INFO_RESP) return false; - if (GHCB_MSR_PROTO_MAX(val) < GHCB_PROTO_OUR || - GHCB_MSR_PROTO_MIN(val) > GHCB_PROTO_OUR) + if (GHCB_MSR_PROTO_MAX(val) < GHCB_PROTOCOL_MIN || + GHCB_MSR_PROTO_MIN(val) > GHCB_PROTOCOL_MAX) return false; + ghcb_version = min_t(size_t, GHCB_MSR_PROTO_MAX(val), GHCB_PROTOCOL_MAX); + return true; } @@ -101,7 +110,7 @@ static enum es_result sev_es_ghcb_hv_call(struct ghcb *ghcb, enum es_result ret; /* Fill in protocol and format specifiers */ - ghcb->protocol_version = GHCB_PROTOCOL_MAX; + ghcb->protocol_version = ghcb_version; ghcb->ghcb_usage = GHCB_DEFAULT_USAGE; ghcb_set_sw_exit_code(ghcb, exit_code); From patchwork Wed Jun 2 14:03:59 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 452676 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id EC18AC47093 for ; Wed, 2 Jun 2021 14:05:05 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id D5BD8613DE for ; Wed, 2 Jun 2021 14:05:05 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230382AbhFBOGo (ORCPT ); Wed, 2 Jun 2021 10:06:44 -0400 Received: from mail-dm6nam11on2061.outbound.protection.outlook.com ([40.107.223.61]:8225 "EHLO NAM11-DM6-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S230248AbhFBOGc (ORCPT ); Wed, 2 Jun 2021 10:06:32 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=W0AE6eCruVuz0xt7lTjsi+2cn78gs4DEHl8Cie6H1zNiMVmGCN/je4VnnumQ3coWbWJszay3BflWixFO58mGZsXbdE58SxfT9QkVJgiOF3aczLZBKkEQzt4UQpDuM8jJ8WOGE7hicHJhrUm1HZ6SesOQ8dp9kaLPyD77sh50TTTgMEKuASSSGD8OC7yevTDY7sQ+BCNIARyhHxitmZdpINqY83Dq0q3pNd9iNXY1rCnyc45xdPi3S5Ud6C4+LjUVuC1RQ/Tk1tn6BDNDfDsb1G+O5+oUOKlkxV3GImpC6b1x3CxNd5qRkz0EgdEzcZJC3gY4tVU/Kc+5cyydoabayw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=RvnlmLlXWAGp0I6uSkVUrY0fesrq1cGt4WK9Oo2B/f4=; b=XAihPSWQ2A07M9zLyFD+O++5Ls9yAX2henpdRgZaiFlmODVX4yl8J0YNa6vBik9b9L0r4u4hUIxGbGL2q5GITjEeljpBovyC4/pwMkH3faQS26h+Uv1LlqHxJy1bbg5eWPmF7nA0uaxhaem6KzQ0hL/WknWehewiASnwj73knXpjp7OZ8VmwXne4fgFHx+KRAYpln6Ofo5+o+1/EN4Dd9GqlZckucUZz32wglEZvcVwBSTFUpE6pRMWNwAYrUmKybNy1FD9H0WxhwY4QFQv4at/tsJA2Yy6+nLdLxJZxASNKz31P64NlKNTo/7RoG8VDPcEqnh2rwCG+jZVLCesGsA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=RvnlmLlXWAGp0I6uSkVUrY0fesrq1cGt4WK9Oo2B/f4=; b=OPE/UBTV/nEtcuT1bGELTybjYDOMXd4LFhZCdMDHkRI4m2S0db/7rZyYGfhFDL8LIoPwh1aZq9ua9PeiWFL7iuI2fzIMOljzXK4fsdAbt2EcZMi4G4ZxiMi/+d458+CHkNmY7592WNui4Jm9j2VdTxo1LcLxxdv+ZlTPoCmMMwg= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SA0PR12MB4512.namprd12.prod.outlook.com (2603:10b6:806:71::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4173.21; Wed, 2 Jun 2021 14:04:45 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94%6]) with mapi id 15.20.4173.030; Wed, 2 Jun 2021 14:04:45 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , tony.luck@intel.com, npmccallum@redhat.com, Brijesh Singh Subject: [PATCH Part1 RFC v3 05/22] x86/sev: Add support for hypervisor feature VMGEXIT Date: Wed, 2 Jun 2021 09:03:59 -0500 Message-Id: <20210602140416.23573-6-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210602140416.23573-1-brijesh.singh@amd.com> References: <20210602140416.23573-1-brijesh.singh@amd.com> X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SN6PR05CA0010.namprd05.prod.outlook.com (2603:10b6:805:de::23) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SN6PR05CA0010.namprd05.prod.outlook.com (2603:10b6:805:de::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4219.9 via Frontend Transport; Wed, 2 Jun 2021 14:04:44 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: bf98b167-3851-475a-225c-08d925cf6060 X-MS-TrafficTypeDiagnostic: SA0PR12MB4512: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:4941; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: MThO5AXiJl1+pIa/2heopZBBVy+VWG61ljYuNkNAflXoR2N4irKSbK/uya/DtRPTRwlALZbWeNNOju2eFuQlZYltayRU5n0mYQsUUoiEz/0itEES7QegJnG0yMkBcLaUvtBYGTgDs1VL8hrv6uggANT4zBtP+odJUFXaabSTSG6z6X84xV6NcRCqVVWYIMnmovf4jArwUW6FLDEK6+BXojtEpn9NTL1DkfO7Oxqhg+VPP8hK6CMz/9el1d1zgh+cJxZuvaeJAUEN5AQml+FwRW5URANcfwBAL1PNSvjMlkriEPI/if1nCr6OsZiH0nSqaINaLBfYWE82nG+/+CvDZg0EeTiKKggy2Gq2hlH8y01S/k/1PvYgov0IRgGnha8I+HFbRCZwgvtfY6n3S21rGwOWY1xP7wHvkNKJzhzNLn/kTM/T9TbXu36v7G3lEQMzZFi/ya6z4W1/LlvNC07VQg1iE0EsuOWqFcuaxov818PIzHHryKG6Gc+CkpETAHWLXTN7EXnOBkmYHeWa6jGLQzyI7LSjoUiEYBFMlknWcIHfvCMpq/pkRgIIXOXhfEDgIctNB0g+lZHUUgMvGLkYB3VyOIfc0oTstRKNeEMN/S2f1/UQTl6nMvAQ4BxzzFkGxfc+NJVj8iGnLpxHGuPMhQ== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR12MB2718.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(366004)(346002)(396003)(39860400002)(136003)(6666004)(44832011)(7416002)(26005)(2906002)(8676002)(6486002)(7696005)(52116002)(38100700002)(478600001)(956004)(66556008)(186003)(1076003)(36756003)(8936002)(16526019)(66946007)(83380400001)(38350700002)(5660300002)(2616005)(54906003)(4326008)(86362001)(66476007)(316002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData: asaLTQzU+n5OkbM/bOqpG0waJeqVvFYR58RKAXAVxq+na03noRDwWQqtOPcmqTdM1LFXiElFjxmvaTsP366ICfq66vHVrk+cn6KtDCqtJ8zLs4BUPiA/oAAnC04ZZ+UoqpVHiEjY1GwuZFPqDdIiDxsLYB61E+/WI75Jx2P7rRauZCjtFWW5edVGGytHSvpZGBd5z9NOxX+Vo7Ur3B6+ssQHXrWdXjZb2hpkOdj3pWimFN0oEvj8Lx62FtirXluOJr/6lvkwbCVKl1O30WAZuPhDMJEyxeQjHAzHumxPtNcnWj+t4+kkLlcJSA5zRxGpz4Pa9u62XZ5blfB2Dw6Tt053+DuynoR+k/j2hjAcIYXTHVSfWRKh7cs6b/RmX7Ky7yXZBbSqk22d1dp9Ax/QM2Ig/VBSYryQ7B/YRRlcEluP9tCN1hSDYzaO6ZYQwK6kCqGeJhpkulcYmR52aq3GEvOaKvvCqzvswZXnp9PvySyHaXTSgacIo4bKQofTe3Us96qZz8kNx3H5Kl13BCgEOOjb0gSHyji2KAkeTck+R8c5KPen4gLftQTHfgSMOAIjAcSteZ1WU5eF1LFaq5WL53H4hhnNYOdth7p85InfoOYsQuOvUv6VSOgkXl4a6T4k8wLhLPm4ZjIy/QtucfLBxWKpSow/p0PMNr4l0Eyzr6gMF/VsNDlhly0emmRwMAJYDfW3D828/FvKck/FQAaJC8f/BVdGfMNd8XeuxDqGwZJ7dR6VOzH2XIyvVFYVT0mTPA2mEOtMCIfDJVzO/Rzg0qG1S+JIX5bE4zRbrXW/A2DH/e92/tdr7M7GwoqUPxhC2O004Emk1j+nslIm5zw7U1n9T4vYFACw0jO15wVAaldsZhstLyJZzXFLc+0M+0LvCnZ2v94g9RSwDgROqPYHbsHqHba7GEAU2GYJ7NE1I+nC3dvWSZf1pCAHObb3SmraAFeMSH+/Kl5gKyIE31psfdUr/Drtp9ajfKcVjqrPUyC5HUYH9ua6MY4ZDzbhZ1EU9EPYYOyBTPeoSSuAT1R3lhzXWPTj3yOJKV/gY8dDuGWdeMa3kI7GeC018miVA2P+FO6XjEhYNbnvnngEqclBwKEmutY2I4qY8+0DzKH8ntS2wSh6giJ0wZsYqHmUbOigcaeG+S/DV2GVssKS4wO3QoGOI0tVFZJd/AJoSV117kQoV8nC96tU307Egk8SyarcwxLAzY1rjX+FkpiQb2ZoOuSdVKQx9fvoAvLm0Blpk+VRxqP0BsIy4dI0619AeWva703rWlAqhDgmhmoUo6MRQ6KRJwNi/tbeFu5RFnymL0Hw5Upp9XUX4HkoZ+q7/Ywl X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: bf98b167-3851-475a-225c-08d925cf6060 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Jun 2021 14:04:45.6915 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 9Qd19yKsuzEICjeM1hhxFnw1p7EjJAyFMrdrcCk7CtbpJYou8svrsioqe51vqTOzvLjp8rBp7uTzdhMmJu1low== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB4512 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Version 2 of GHCB specification introduced advertisement of a features that are supported by the hypervisor. Define the GHCB MSR protocol and NAE for the hypervisor feature request and query the feature during the GHCB protocol negotitation. See the GHCB specification for more details. Version 2 of GHCB specification adds several new NAEs, most of them are optional except the hypervisor feature. Now that hypervisor feature NAE is implemented, so bump the GHCB maximum support protocol version. Signed-off-by: Brijesh Singh --- arch/x86/include/asm/sev-common.h | 9 +++++++++ arch/x86/include/asm/sev.h | 2 +- arch/x86/kernel/sev-shared.c | 21 +++++++++++++++++++++ 3 files changed, 31 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index f1e2aacb0d61..981fff2257b9 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -45,6 +45,15 @@ (((unsigned long)reg & GHCB_MSR_CPUID_REG_MASK) << GHCB_MSR_CPUID_REG_POS) | \ (((unsigned long)fn) << GHCB_MSR_CPUID_FUNC_POS)) +/* GHCB Hypervisor Feature Request */ +#define GHCB_MSR_HV_FT_REQ 0x080 +#define GHCB_MSR_HV_FT_RESP 0x081 +#define GHCB_MSR_HV_FT_POS 12 +#define GHCB_MSR_HV_FT_MASK GENMASK_ULL(51, 0) + +#define GHCB_MSR_HV_FT_RESP_VAL(v) \ + (((unsigned long)((v) & GHCB_MSR_HV_FT_MASK) >> GHCB_MSR_HV_FT_POS)) + #define GHCB_MSR_TERM_REQ 0x100 #define GHCB_MSR_TERM_REASON_SET_POS 12 #define GHCB_MSR_TERM_REASON_SET_MASK 0xf diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 7ec91b1359df..134a7c9d91b6 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -13,7 +13,7 @@ #include #define GHCB_PROTOCOL_MIN 1ULL -#define GHCB_PROTOCOL_MAX 1ULL +#define GHCB_PROTOCOL_MAX 2ULL #define GHCB_DEFAULT_USAGE 0ULL #define VMGEXIT() { asm volatile("rep; vmmcall\n\r"); } diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c index 70f181f20d92..94957c5bdb51 100644 --- a/arch/x86/kernel/sev-shared.c +++ b/arch/x86/kernel/sev-shared.c @@ -20,6 +20,7 @@ * out when the .bss section is later cleared. */ static u16 ghcb_version __section(".data"); +static u64 hv_features __section(".data"); static bool __init sev_es_check_cpu_features(void) { @@ -49,6 +50,22 @@ static void __noreturn sev_es_terminate(unsigned int set, unsigned int reason) asm volatile("hlt\n" : : : "memory"); } +static bool get_hv_features(void) +{ + u64 val; + + sev_es_wr_ghcb_msr(GHCB_MSR_HV_FT_REQ); + VMGEXIT(); + + val = sev_es_rd_ghcb_msr(); + if (GHCB_RESP_CODE(val) != GHCB_MSR_HV_FT_RESP) + return false; + + hv_features = GHCB_MSR_HV_FT_RESP_VAL(val); + + return true; +} + static bool sev_es_negotiate_protocol(void) { u64 val; @@ -67,6 +84,10 @@ static bool sev_es_negotiate_protocol(void) ghcb_version = min_t(size_t, GHCB_MSR_PROTO_MAX(val), GHCB_PROTOCOL_MAX); + /* The hypervisor features are available from version 2 onward. */ + if ((ghcb_version >= 2) && !get_hv_features()) + return false; + return true; } From patchwork Wed Jun 2 14:04:01 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 452673 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5AF58C47098 for ; Wed, 2 Jun 2021 14:06:14 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 408E3613EB for ; Wed, 2 Jun 2021 14:06:14 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231300AbhFBOH4 (ORCPT ); Wed, 2 Jun 2021 10:07:56 -0400 Received: from mail-dm6nam11on2061.outbound.protection.outlook.com ([40.107.223.61]:8225 "EHLO NAM11-DM6-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S230366AbhFBOHJ (ORCPT ); Wed, 2 Jun 2021 10:07:09 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ff/xrw8XWNGBsDzA9lRNK7FKyKubXWIqFnB1oz13hn3px2XMC/M+U/1Mmyh+TvCT49rKeTPiZ5cPLBrGCODSEM/fw5hd9M3IUTY+YnrUzri/9QQoj1tsYSo5zFRf0jcPTY9+dYiU1SDiOpmPZYcPgFD2QK4Nu5vYTyC+QPrM6n4tUSV0N5nMu7z0ND958yfrMMT3+j0VTJdFt1EzggddZWIqi84BBNzM/VwG8Y/wLucoFUolIkf2jFc2iSyl+Fzrw7hpC2usbSkHGGo6I1dKJw/3Heotd1Sz45n6s0j1qgB9o/r88MJZSAFpnph5ukqopBn08Oe54lawM/pDhMSTxQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+WeZ6oeX6YiFcQ2u+1zWHvfSKD7SaAk5kyErgRQgHKo=; b=Hschy3yU7XR5tP8d5V6Ps5SiiHO2s01OyMVFFL0VvKioE4xgCqsXjFco6SdsA0jDJRDzVnB16+MCFWKDyH4iQvD+wr56T/1Svv8VtTg+DxjCwIYQ/yfhfYFJ1Jv5twJ40SgTVPKdPDo8EvF2sY/v6JrXpAeKHbMwS2tRrERkHUAQIfhiYM9QYrwI0qfyB8nHI2WurbixxYiIK7hSH7o/QFWbIqPqjNNnQHWurkUZyT0Pr2VKeHkMf5I8ZLB99ro6Gw9PMeCeFYQxWCB8lTBrEQi1YEJlMWmj27zjrLT/kM7k34/qsQ9k81g5VPPhAu6z6f3JXohXj8acqEc/lwNGnA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+WeZ6oeX6YiFcQ2u+1zWHvfSKD7SaAk5kyErgRQgHKo=; b=Tt00zlsYvop6DlpphixPrrGiIN15c2GTfEllbpUh7lACpwTIWCERwIUq9d8Ysws476v7hEKaQ/8e693y+7jjoyBMqdv5hKoZIu8WpjBAYSiLx/yEaruFy3Jz2twuCL8d4r61vsRG58YCUgT1y3k1Vy0fZRexfMzp5WtLnpo7J00= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SA0PR12MB4512.namprd12.prod.outlook.com (2603:10b6:806:71::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4173.21; Wed, 2 Jun 2021 14:04:48 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94%6]) with mapi id 15.20.4173.030; Wed, 2 Jun 2021 14:04:48 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , tony.luck@intel.com, npmccallum@redhat.com, Brijesh Singh Subject: [PATCH Part1 RFC v3 07/22] x86/sev: Add a helper for the PVALIDATE instruction Date: Wed, 2 Jun 2021 09:04:01 -0500 Message-Id: <20210602140416.23573-8-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210602140416.23573-1-brijesh.singh@amd.com> References: <20210602140416.23573-1-brijesh.singh@amd.com> X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SN6PR05CA0010.namprd05.prod.outlook.com (2603:10b6:805:de::23) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SN6PR05CA0010.namprd05.prod.outlook.com (2603:10b6:805:de::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4219.9 via Frontend Transport; Wed, 2 Jun 2021 14:04:47 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: fd941646-53db-40f0-c849-08d925cf61c1 X-MS-TrafficTypeDiagnostic: SA0PR12MB4512: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:5516; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: m1Uus7Cao9GBo6Oymb8DkhAC9YbUeOUh/2LunI66YNJ9XEosLKFAp7ajyufx80T+E12/H5ak2jW77vJeZhXnn1LMqb3E4HlVeT8Vs2H2+l7mK+8eGdHolYYZ4e5xGtNXZLyUUWDZZNv+0aILllMbopilw+FdfIhd/yHlbkNFLHtBS0sMa0c6e/krBfNeG4NTkTF1oJONz5mJmbGphfI9TcIATeT8TFcKTsfCIouoUU0ad2owuRXD5wLJztOxjQrLySq36voxiQRQ7XXUqis7PaM9jtrNXPAJMaFmL6DYvdbfYnfvd8FqXuyJ/kWCVLK5kyyULA4GDX2R85pq65FljT0pbdbjZXwuxFIEhlo7t1aamDKLnF6dBkw6nLH39jSMgJsGVuX2kh/HgRrx51AnxpDFU88o2VT6XPRiIkBYE+r+rbCUSHtg8vwUFocrlaZmZZoT22KAhdDz40DaWFbP76dN2jjRhLkm7Y3H22R+B/ryUNljUIAKt5ORt951IH8sWvQ9+VvzUyHGc3n4ImJoqATAOjF961CK0BCKthatFXpDjqPur8JH/2vDjoZTmAo/5N4b2Ed+RI6R0X4Qi0RsnfUxbBxZBB/WonTqQUKGZvDF0D6s/gAjU8pJ7yzt6xuuuZeBMz1YrJC0hFX3Wy5oTg== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR12MB2718.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(366004)(346002)(396003)(39860400002)(136003)(6666004)(44832011)(7416002)(26005)(2906002)(8676002)(6486002)(7696005)(52116002)(38100700002)(478600001)(956004)(66556008)(186003)(1076003)(36756003)(8936002)(16526019)(66946007)(83380400001)(38350700002)(5660300002)(2616005)(54906003)(4326008)(86362001)(66476007)(316002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData: =?utf-8?q?LZSGvdSFpm692t+7hHvtgXIdNFJ?= =?utf-8?q?IY2sCBz85q0nPrhoyxB7UIDWNGPYv+f8euykGyB5wR4dUwVT/o7B4sE1?= =?utf-8?q?fUNVj6SfQxKCcrAuXlIBdJFmllribpzZ/Uxabwe7e6ccdFxDTFKuwu4S?= =?utf-8?q?P3cIvAEIWhPmqXVcwh8Pg64ti4jT/vXTQspGYCS7ID9XczzM8vC6c+6X?= =?utf-8?q?JkDb1Oa2i9aayCMhNMwYetsBTvCh1IMcS9J2BY5WXqK4hcig06F02sf3?= =?utf-8?q?bDV75YQi5nRyBmNOjjtKGKZnR5Keg248QCKFREu6Ddix0k8LVVVR0nTo?= =?utf-8?q?wmrUIy138sSh4jDLfVwFCBs5CTAhEFeEds7ye4H6kM0P1cTHVAv9XRYc?= =?utf-8?q?VQqfZZW52E+Irn2SYXGvZWwKy3eOCmdn9Lsfrlqzw62HyKkSms5h3Vvb?= =?utf-8?q?vqbkE0sgfQXrtGxHfts6VGPb+1UrG6LYRrtiG1kRzmSzE+9dbpg8bCvF?= =?utf-8?q?O9VVCYSgrmtHWBkEsMW8IvMO8hHE2xe6c5Bdfq7tAAjnfpKHrnHbZ6cT?= =?utf-8?q?7Mg2gsrRBXYixYC5LJkktUbLtP8sWrldtSZMrKwxMkKzRCs9XNHmesCr?= =?utf-8?q?HoMYS5tY4zu81yVUvXNI2P4yacG1IHCMOhc3u08SuAspq1wJawp5Yd/C?= =?utf-8?q?HzAg9koitejOTSGdTztfv+q7yYM2gpVFx7zQLmuVotm1yQ7Ms+Ce+n9S?= =?utf-8?q?eyTFtDWXNVAbfQachiAI+2/252fMmmWCx48fK7+vWdc1jG9g5J7NbvRA?= =?utf-8?q?1koqCrA9bozRqJHGZD+putJ8qc16lV5aIZHmowcztry29hV5kE1zK7nS?= =?utf-8?q?isXIMKpWZWVB1trPyT5pgeJGtkYyQejtgw7pADrE/rE+W51LA2sA3ho/?= =?utf-8?q?l2XpmbETHb93vflS41WWCLAnFq/sw/s9qTSA1dBZhAYFc+jrh/oPdo5u?= =?utf-8?q?M4aAm//uKbFEDju/D7yqmn2TBFpOmb0Jg8XYz0tmtIrmTy0CZLeXE388?= =?utf-8?q?5qhOPKTLz3yBQju2kbi34Sn350nLazYJ0piYUDwYFYaqeryID0Eo0cs3?= =?utf-8?q?imFVDBV7S9HgVWe3Ou13MMk0vMOnfoJUDYSaCSUu27Q4Pta8dMxme+bX?= =?utf-8?q?Zhq8WRRZcPnggLGGe2LWUZU4hFpanBbkPJNt8xV3QiB7nEQoesLlaEcR?= =?utf-8?q?g0kmf/HzKDj+KBd/Q6IKHPu//r+gD+2K5Jezd9hlhtLHy/O3kIwP4JiE?= =?utf-8?q?uEGQylGit/Wed2Q6lT2lFEZRMxfWR9xC3rVFVRYnpdlY+DyRmdJFyMS+?= =?utf-8?q?eyZpDTYYdGChc2TflMhUH6jxxLBc1LXGztgeBordjWFWexh7LkwpPK0L?= =?utf-8?q?nRH8cFoIXqDgR8yuZHhZdLXrITMFI?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: fd941646-53db-40f0-c849-08d925cf61c1 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Jun 2021 14:04:48.0002 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: mmKBsSK5ugnc1ixsx2RFf4v1mvJDYJkKSBbyrM6WArf5wLOiiMIxWZvDE95nKywootYNrg+l+Yqy2xWmhyxNjA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB4512 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org An SNP-active guest uses the PVALIDATE instruction to validate or rescind the validation of a guest page’s RMP entry. Upon completion, a return code is stored in EAX and rFLAGS bits are set based on the return code. If the instruction completed successfully, the CF indicates if the content of the RMP were changed or not. See AMD APM Volume 3 for additional details. Signed-off-by: Brijesh Singh --- arch/x86/include/asm/sev.h | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 134a7c9d91b6..1b7a172b832b 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -59,6 +59,9 @@ extern void vc_no_ghcb(void); extern void vc_boot_ghcb(void); extern bool handle_vc_boot_ghcb(struct pt_regs *regs); +/* Software defined (when rFlags.CF = 1) */ +#define PVALIDATE_FAIL_NOUPDATE 255 + #ifdef CONFIG_AMD_MEM_ENCRYPT extern struct static_key_false sev_es_enable_key; extern void __sev_es_ist_enter(struct pt_regs *regs); @@ -81,12 +84,29 @@ static __always_inline void sev_es_nmi_complete(void) __sev_es_nmi_complete(); } extern int __init sev_es_efi_map_ghcbs(pgd_t *pgd); +static inline int pvalidate(unsigned long vaddr, bool rmp_psize, bool validate) +{ + bool no_rmpupdate; + int rc; + + asm volatile(".byte 0xF2, 0x0F, 0x01, 0xFF\n\t" + CC_SET(c) + : CC_OUT(c) (no_rmpupdate), "=a"(rc) + : "a"(vaddr), "c"(rmp_psize), "d"(validate) + : "memory", "cc"); + + if (no_rmpupdate) + return PVALIDATE_FAIL_NOUPDATE; + + return rc; +} #else static inline void sev_es_ist_enter(struct pt_regs *regs) { } static inline void sev_es_ist_exit(void) { } static inline int sev_es_setup_ap_jump_table(struct real_mode_header *rmh) { return 0; } static inline void sev_es_nmi_complete(void) { } static inline int sev_es_efi_map_ghcbs(pgd_t *pgd) { return 0; } +static inline int pvalidate(unsigned long vaddr, bool rmp_psize, bool validate) { return 0; } #endif #endif From patchwork Wed Jun 2 14:04:02 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 452671 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7944FC4708F for ; Wed, 2 Jun 2021 14:07:00 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 5B77A60FE4 for ; Wed, 2 Jun 2021 14:07:00 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231542AbhFBOIe (ORCPT ); Wed, 2 Jun 2021 10:08:34 -0400 Received: from mail-dm6nam11on2064.outbound.protection.outlook.com ([40.107.223.64]:38497 "EHLO NAM11-DM6-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S230331AbhFBOHj (ORCPT ); Wed, 2 Jun 2021 10:07:39 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=HAp0Bu61J/PS2txVpry3kQM3/bTssqU2C48QVcavXOO1GspPxCVL7Et+ry4CbWif3rCpDmMLmdH5U6oree9SoTBw9CRxpufaKwLZoNVNZb1B5BCxyGouQKeYOKaYcn1vo46t10SoM9E7uABU3z4vVXvums+Gw7IqOvv0wUNhLAV2D//f+q7jFBzMewSGdWiCzc0i3lCsXUBOBqbnL/k8OAN3jXVENn2W1p2SUf0/loMJza0KQBzKOHYZw3r2B5IBRqTugA7FdIBAtzzHXeiDwWxUDMiqoTj7o04DTorQDQjiCFX0iCoY1hfNg72+bZ7RYzx1t8k6tenPJ+nkCeJIkw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=9t0VtGyoAnhhXWNXyCvl2HZxmjAAoLOM3Dosv5S4/cM=; b=h6meVlBDw3WNjzzwM49tvAmbKkve8BM9AftS9L35xsYS+EzncngcNZiyjeOQtxcoSSqOjvbDLSZWMp9sg25EevVmJ2J6FN3MoPFT+25bZWK4gin9ycPt31fHw2Ca5aa0/F3bcA85FljCkaRdB9iNrRw6L9SSu47DVK44uill+wgMJRqd8Swr61EukM30rlGeu+iv+xYRBh3KvY6Ylta/UFJt6yyRDmOQK4exyKB3jmR89uUom9xpa+g9Yl6WhvK54q79rMcRjo8I+9nynUcb4vitKcnqlCTxg6UnM08Ti1CYyCt1ZV1do4lf22L8dchI42J66NqMvgWjWX7ioz0UkA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=9t0VtGyoAnhhXWNXyCvl2HZxmjAAoLOM3Dosv5S4/cM=; b=u6b0IctE9EgNTvHT71BzVLI7ePt/DSIyoTjgIMTB3cltLlszqjRGjCLN6wtNBSkkWxWMNSBsmlhmHQaVs3BKaCWxR7wyv56dsTiIc+tlwX7cRUlGMmOpZCDDxSLopaKCMzZ1wDIg3T/XEvwAJPX8bjlSqt2E9C7zqw8fCq2d744= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SA0PR12MB4512.namprd12.prod.outlook.com (2603:10b6:806:71::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4173.21; Wed, 2 Jun 2021 14:04:51 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94%6]) with mapi id 15.20.4173.030; Wed, 2 Jun 2021 14:04:51 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , tony.luck@intel.com, npmccallum@redhat.com, Brijesh Singh Subject: [PATCH Part1 RFC v3 08/22] x86/compressed: Add helper for validating pages in the decompression stage Date: Wed, 2 Jun 2021 09:04:02 -0500 Message-Id: <20210602140416.23573-9-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210602140416.23573-1-brijesh.singh@amd.com> References: <20210602140416.23573-1-brijesh.singh@amd.com> X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SN6PR05CA0010.namprd05.prod.outlook.com (2603:10b6:805:de::23) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SN6PR05CA0010.namprd05.prod.outlook.com (2603:10b6:805:de::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4219.9 via Frontend Transport; Wed, 2 Jun 2021 14:04:48 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 5ee8f10f-f9eb-42f6-0a4b-08d925cf626d X-MS-TrafficTypeDiagnostic: SA0PR12MB4512: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:9508; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: nVZJtB8mHDlOZbULrnkGt0Hb8JSr9uhdZt1ObMwDglxpBeDoCn/QDHCZAVqyKaKsZxjFVqth32eEV2tms3eG1jafzKKPDAyhGYxrnouJELkrkqjChkk6ye/FTgttkWCSyAEcF3oMGsI2gW4ET/JBUkx9aMvjFKB60FCy9kU2aZkKi5cWeql97HlQFxmy8TGeSAEtOaiAZsspKtUE6c25mQ8YVPb23PgC2285muzcS3ds/r74YnK1bVn/0NK0hCrEFh1tqWl39xOisE43xqEHbsmLOc40DgNZn/xdkpo2wbraNDWkFHvVi8Uauz48xjj32x7v9inq8Xwm2nHz1mob/YWnQMh4sRPFOsUhlvjms+NIC/LZNo3sL+s9VLdy1XacLdZRziEh6id4EsKfgqqwJ3I0pS7CzcAXHoT4FUuNa0eBkG00bkL3RJUq0oOsDUbtNC/7MJMmv3Dpr5eWhYkvcCUrPrcw/tG3vst8CnFWar9PwOiSlTc3aGhMmivX/Y2Zw9HdOivkFqLTeKshhGRCqRkDW6n9mjRdjPk5IjJ6oNFLOUWwd2AeqJrg5QTjMn9xgy9TRDklrJzJOvRf6fdh373OKZHG99qBYMjuXct47/CeEBCN7q9qzcmU2jPOPrFmVgdCvjVsNyDgkg4Niyi1Aw== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR12MB2718.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(366004)(346002)(396003)(39860400002)(136003)(6666004)(44832011)(7416002)(26005)(2906002)(8676002)(6486002)(7696005)(52116002)(38100700002)(478600001)(956004)(66556008)(186003)(1076003)(36756003)(8936002)(16526019)(66946007)(83380400001)(38350700002)(5660300002)(2616005)(54906003)(4326008)(86362001)(66476007)(316002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData: uLMakkphVov1r07YfUnuZs7g7UESZkczmIofTcASYK5LeEdP41BZ+ZIxrGUNphJLnIx0eJgXzb7uPvokIhstfoQxn74c4mzoF9byMLPiJBzpNBeP6RO2zWEVJOzwhq9B2W8wS0O1tW1By/qZ8nSPVUG4qLbM2m14r7HsQaGux+uV+I6e3Qb7S0TJx2ccnpYXIF2LQPIgGDHdCw7DOGpFeuHa3AAamdE7B3oXEtakhgbnGVKOtV55NkGnsRWfhP03aN8nqRoa3D/as6aTT3kTomeEkvMEcem7s32vyArboqN3YfTQImuFeWaehP70IpRwIeFfZEmGqWpRLqn709lO4IUWBaFJ4+th3W8QBlVcNXVFCKvMEcXVNqtTIO6m6tBdjMhguvKjAv2W0cdX/qnCiNNvfmfVTRExrxcHlExRgzDeg+iluCr6wD0U6cJIdn9VbCYcttHtUjvSsNk85Pddq489lC6tSaikPBkXAvi6BuE01vBpElPsfRfz1pbk3a50g9Hs32gFR+/3+LLra6nEK8L1AtX+iQWFJbDqaNn5alY3glWm3f0Hr9SkqIIA7v/wY2CFCf7MCMWj5scLwzonowqeF/f6dGhlCvROwicNyJi5SWLksLY2t5+5EVeZkTk262fPoxltHQdefpO+uOOr4wXL3tLE4SdagvEfAxO7hqCqfVaEPVA+gNqoOIuMCOsvLQbV7fXZdU2bI+/sSlZ57AfpmVkEOnm93995aTMAzLgiNUobFsZURvT7amUdBbHhMq+d4ieOZHKKXB9m5dWhHMV69rdppgDFQXsAe+B1PafgV+uWBN7eIrCtJ8ikYcO5AOV5AFCEEj3oj0k+JYPCF9maT+e4sMhuezeZLYaMkNLGoWnUmPGT1XdhmyzD1EtIKCM1izkMQhNt+cplGSkqa7p/11KLTvCc66g0AubA9esW1/amYs8/uZIVFKDlFH6apLKH9/G3anuDNsQxKZv9P6bUiH+wc6/rdsSatqOI0kjXk4erPtlZ8Xoon70zH86ttekCPx0z27v+Qw4LazorYKGY1wHcpnxmq7iA4jbgZo81oIAQh+O7OVbMV7n2WnEPRo1unjW+eAFz6NGrOsm+xBENxpq29yBZVuS+67M4/2lhRnwiW/tWvwQljIk6HYw1ApRe3w80mI8XKAG5y6JDoVoWepRW139cr19PUKwgOQdKxZKya0E5E2ZCUpMGyAZ0RoUYaF5tEG5rpLawzUhCEwPYdEE9k3rmKOUk51m1bMCb4c7pNySTb26ZRPYNRs9Wx8CfkNm+Zo/zCchsWxzLnjw8Aqcl4AI1Ltrcbk7Fiq9mm7Gr3hXJ7ArIh2xtIDG7 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 5ee8f10f-f9eb-42f6-0a4b-08d925cf626d X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Jun 2021 14:04:50.4288 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: gux3QjWOJjWqxMP2mWCEUFWyF3i1l8H5lI1cIAiLulbqiKwcx756f0sGtJ9h76WZDaWlqfrAN9lPtKWFd0YKog== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB4512 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Many of the integrity guarantees of SEV-SNP are enforced through the Reverse Map Table (RMP). Each RMP entry contains the GPA at which a particular page of DRAM should be mapped. The VMs can request the hypervisor to add pages in the RMP table via the Page State Change VMGEXIT defined in the GHCB specification. Inside each RMP entry is a Validated flag; this flag is automatically cleared to 0 by the CPU hardware when a new RMP entry is created for a guest. Each VM page can be either validated or invalidated, as indicated by the Validated flag in the RMP entry. Memory access to a private page that is not validated generates a #VC. A VM must use PVALIDATE instruction to validate the private page before using it. To maintain the security guarantee of SEV-SNP guests, when transitioning pages from private to shared, the guest must invalidate the pages before asking the hypervisor to change the page state to shared in the RMP table. After the pages are mapped private in the page table, the guest must issue a page state change VMGEXIT to make the pages private in the RMP table and validate it. On boot, BIOS should have validated the entire system memory. During the kernel decompression stage, the VC handler uses the set_memory_decrypted() to make the GHCB page shared (i.e clear encryption attribute). And while exiting from the decompression, it calls the set_page_encrypted() to make the page private. Add sev_snp_set_page_{private,shared}() helper that is used by the set_memory_{decrypt,encrypt}() to change the page state in the RMP table. Signed-off-by: Brijesh Singh --- Hi Boris, As you pointed in the v2 feedback, the RMP_PG_SIZE_4K macro is later moved from sev-common.h to generic header file. You wanted to avoid the move and define the macro in generic from the get go. But that generic file is not included in part1 of the series so I kept the macro definition in sev-common.h and later moved to generic in part2 series. This is mainly to make sure that part1 compiles independently. -Brijesh arch/x86/boot/compressed/ident_map_64.c | 17 ++++++++- arch/x86/boot/compressed/misc.h | 6 ++++ arch/x86/boot/compressed/sev.c | 46 +++++++++++++++++++++++++ arch/x86/include/asm/sev-common.h | 19 ++++++++++ arch/x86/include/asm/sev.h | 3 ++ 5 files changed, 90 insertions(+), 1 deletion(-) diff --git a/arch/x86/boot/compressed/ident_map_64.c b/arch/x86/boot/compressed/ident_map_64.c index f7213d0943b8..59befc610993 100644 --- a/arch/x86/boot/compressed/ident_map_64.c +++ b/arch/x86/boot/compressed/ident_map_64.c @@ -274,16 +274,31 @@ static int set_clr_page_flags(struct x86_mapping_info *info, /* * Changing encryption attributes of a page requires to flush it from * the caches. + * + * If the encryption attribute is being cleared, then change the page + * state to shared in the RMP table. */ - if ((set | clr) & _PAGE_ENC) + if ((set | clr) & _PAGE_ENC) { clflush_page(address); + if (clr) + snp_set_page_shared(pte_pfn(*ptep) << PAGE_SHIFT); + } + /* Update PTE */ pte = *ptep; pte = pte_set_flags(pte, set); pte = pte_clear_flags(pte, clr); set_pte(ptep, pte); + /* + * If the encryption attribute is being set, then change the page state to + * private in the RMP entry. The page state must be done after the PTE + * is updated. + */ + if (set & _PAGE_ENC) + snp_set_page_private(pte_pfn(*ptep) << PAGE_SHIFT); + /* Flush TLB after changing encryption attribute */ write_cr3(top_level_pgt); diff --git a/arch/x86/boot/compressed/misc.h b/arch/x86/boot/compressed/misc.h index e5612f035498..49a2a5848eec 100644 --- a/arch/x86/boot/compressed/misc.h +++ b/arch/x86/boot/compressed/misc.h @@ -121,12 +121,18 @@ void set_sev_encryption_mask(void); #ifdef CONFIG_AMD_MEM_ENCRYPT void sev_es_shutdown_ghcb(void); extern bool sev_es_check_ghcb_fault(unsigned long address); +void snp_set_page_private(unsigned long paddr); +void snp_set_page_shared(unsigned long paddr); + #else static inline void sev_es_shutdown_ghcb(void) { } static inline bool sev_es_check_ghcb_fault(unsigned long address) { return false; } +static inline void snp_set_page_private(unsigned long paddr) { } +static inline void snp_set_page_shared(unsigned long paddr) { } + #endif /* acpi.c */ diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c index 0745ea61d32e..808fe1f6b170 100644 --- a/arch/x86/boot/compressed/sev.c +++ b/arch/x86/boot/compressed/sev.c @@ -134,6 +134,52 @@ static inline bool sev_snp_enabled(void) return msr_sev_status & MSR_AMD64_SEV_SNP_ENABLED; } +static void __page_state_change(unsigned long paddr, int op) +{ + u64 val; + + if (!sev_snp_enabled()) + return; + + /* + * If private -> shared then invalidate the page before requesting the + * state change in the RMP table. + */ + if ((op == SNP_PAGE_STATE_SHARED) && pvalidate(paddr, RMP_PG_SIZE_4K, 0)) + goto e_pvalidate; + + /* Issue VMGEXIT to change the page state in RMP table. */ + sev_es_wr_ghcb_msr(GHCB_MSR_PSC_REQ_GFN(paddr >> PAGE_SHIFT, op)); + VMGEXIT(); + + /* Read the response of the VMGEXIT. */ + val = sev_es_rd_ghcb_msr(); + if ((GHCB_RESP_CODE(val) != GHCB_MSR_PSC_RESP) || GHCB_MSR_PSC_RESP_VAL(val)) + sev_es_terminate(1, GHCB_TERM_PSC); + + /* + * Now that page is added in the RMP table, validate it so that it is + * consistent with the RMP entry. + */ + if ((op == SNP_PAGE_STATE_PRIVATE) && pvalidate(paddr, RMP_PG_SIZE_4K, 1)) + goto e_pvalidate; + + return; + +e_pvalidate: + sev_es_terminate(1, GHCB_TERM_PVALIDATE); +} + +void snp_set_page_private(unsigned long paddr) +{ + __page_state_change(paddr, SNP_PAGE_STATE_PRIVATE); +} + +void snp_set_page_shared(unsigned long paddr) +{ + __page_state_change(paddr, SNP_PAGE_STATE_SHARED); +} + static bool early_setup_sev_es(void) { if (!sev_es_negotiate_protocol()) diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index 3ebf00772f26..1424b8ffde0b 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -56,6 +56,25 @@ #define GHCB_MSR_HV_FT_RESP_VAL(v) \ (((unsigned long)((v) & GHCB_MSR_HV_FT_MASK) >> GHCB_MSR_HV_FT_POS)) +#define GHCB_HV_FT_SNP BIT_ULL(0) + +/* SNP Page State Change */ +#define GHCB_MSR_PSC_REQ 0x014 +#define SNP_PAGE_STATE_PRIVATE 1 +#define SNP_PAGE_STATE_SHARED 2 +#define GHCB_MSR_PSC_GFN_POS 12 +#define GHCB_MSR_PSC_GFN_MASK GENMASK_ULL(39, 0) +#define GHCB_MSR_PSC_OP_POS 52 +#define GHCB_MSR_PSC_OP_MASK 0xf +#define GHCB_MSR_PSC_REQ_GFN(gfn, op) \ + (((unsigned long)((op) & GHCB_MSR_PSC_OP_MASK) << GHCB_MSR_PSC_OP_POS) | \ + ((unsigned long)((gfn) & GHCB_MSR_PSC_GFN_MASK) << GHCB_MSR_PSC_GFN_POS) | \ + GHCB_MSR_PSC_REQ) + +#define GHCB_MSR_PSC_RESP 0x015 +#define GHCB_MSR_PSC_ERROR_POS 32 +#define GHCB_MSR_PSC_RESP_VAL(val) ((val) >> GHCB_MSR_PSC_ERROR_POS) + #define GHCB_MSR_TERM_REQ 0x100 #define GHCB_MSR_TERM_REASON_SET_POS 12 #define GHCB_MSR_TERM_REASON_SET_MASK 0xf diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 1b7a172b832b..c41c786d69fe 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -62,6 +62,9 @@ extern bool handle_vc_boot_ghcb(struct pt_regs *regs); /* Software defined (when rFlags.CF = 1) */ #define PVALIDATE_FAIL_NOUPDATE 255 +/* RMP page size */ +#define RMP_PG_SIZE_4K 0 + #ifdef CONFIG_AMD_MEM_ENCRYPT extern struct static_key_false sev_es_enable_key; extern void __sev_es_ist_enter(struct pt_regs *regs); From patchwork Wed Jun 2 14:04:04 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 452675 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4BB03C4708F for ; Wed, 2 Jun 2021 14:05:38 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 34A5C613B8 for ; Wed, 2 Jun 2021 14:05:38 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230247AbhFBOHT (ORCPT ); Wed, 2 Jun 2021 10:07:19 -0400 Received: from mail-mw2nam12on2072.outbound.protection.outlook.com ([40.107.244.72]:37216 "EHLO NAM12-MW2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S230406AbhFBOGq (ORCPT ); Wed, 2 Jun 2021 10:06:46 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cXQcgK21VAARBbDTigV280jC5s0+nWgg00B8u0rKFNw+DhBAccjjJCg9DYtHXh2+/Sf2/3DkR4BlJgbIypYoAaYaatSksHpRybIM3k75iKZn08sv/vlLkxiO11DtNjPMJh5gQl862R9LtlT1Lit225Qw9J7L6XHz7ybUdUOW7EbqhlhsWHaRUUJ+fmXre023bdPHgfCdFkWgPfKp5M218TF3wuIxsXJ3SHyI+a6oNxQiatgcN3uWm9zWMITNn3WpjLkj5iSbGPWzR+bn6robfaInkMlUNhsP0vzBW5OoYKLmOqBitmQIi67vAVaFv33N4r4zxVv/+2pnXQpniv+veg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=UQz/NHTmBVURDJonopcz/LpLFbGaaQMHzzbDWbcW3f0=; b=e6o6C/NMnGCQHL+5vdVOx5axiqUyFz53NVQZrA0tFILXOBT69FeAngIXbCF2N1g9eDwDCD+R4I56p3c4LbLF5A5shlZGIqR4itcb1eNBrqZYZvXlLAVSn+06HYUIDak8Ho6+TQrWio2b/GXoZXjYKe5UnblM7ijR6luJXbZlcWBRTXQ9eO68LMMP/T88MMiesmD8Zx41tPuau8JlvxUX10CeWWGt4LgipG+v/FIxpfYmwW+iFGoWpL/zvpXPzzlvCa3K1zOA0qWh7ixVxBxQ/nUCA6wlGD/dJTY4ZgRT5oCsnYye2pe4yUpkyUeLpakyknvpkvafzKdelypksMxHYA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=UQz/NHTmBVURDJonopcz/LpLFbGaaQMHzzbDWbcW3f0=; b=vkmFTAbSrB6tjPi4ioTeh4rCblIJ5hOa9/eI072E5lNxvfLiLJB/V6Sb9dVXpVD7qIA0usCSaCok58N9uKY6nYczIVr+jJSga5/CyEEbsmtWUDrIgsa7Fw9aWkCEpFDy3qQbRq59tq0eI78OkuOSQdQ8bEpYHrJOwPyYL1T/U8g= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SN6PR12MB2766.namprd12.prod.outlook.com (2603:10b6:805:78::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4173.22; Wed, 2 Jun 2021 14:04:55 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94%6]) with mapi id 15.20.4173.030; Wed, 2 Jun 2021 14:04:54 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , tony.luck@intel.com, npmccallum@redhat.com, Brijesh Singh Subject: [PATCH Part1 RFC v3 10/22] x86/sev: Register GHCB memory when SEV-SNP is active Date: Wed, 2 Jun 2021 09:04:04 -0500 Message-Id: <20210602140416.23573-11-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210602140416.23573-1-brijesh.singh@amd.com> References: <20210602140416.23573-1-brijesh.singh@amd.com> X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SN6PR05CA0010.namprd05.prod.outlook.com (2603:10b6:805:de::23) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SN6PR05CA0010.namprd05.prod.outlook.com (2603:10b6:805:de::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4219.9 via Frontend Transport; Wed, 2 Jun 2021 14:04:53 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 1a9b085b-f7d2-4bc8-9958-08d925cf654f X-MS-TrafficTypeDiagnostic: SN6PR12MB2766: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:7219; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: VYFphx7kRqM8A4EVlDE8Et4IJ+O8Lk9sHDq1WZ47vQgq7YUwN8XfgV610iWjvx+X1cuElbjlSt9n+Nvihf61A7pHP7W4l7OHNDORe3G+8Y5eg2tN8YKW9UUilxsP1fi0Wdbw2lmYqjRZxbXIkl2UNAcvMRvh2uWclHZoLm+pMtN/KV85yPgCwZSRhDNdMgkZ/SZlRzAuD8KGMrv5VmMEPHsj4MlOGxyASl+NwZ4dSrM0nKvsLJqm+1Mc/A8ovbPGBiY09ys/VdUppBbNF5DeCRj36KwKrxZtOjwHkTZG9Pl+qeklsc37Lm9oVA4pvyXnOZmkpR9UuKrC/iMXSTADI2QVvMogq9fTjWNYg0r/jHVZhukAIGwyLgcfi79Ku4uRqT4/EZn4Nb3+hf1r8HCjTdURYS7h4IhPDJfRJqalEHoTt+GR4LhjRTDohoEassrMFrXqr9jvkLfgcFZR9X3xpJbDhbM3R4ed0pht+0P2hWnBi4bRmvi15r0l2R+KQdsSeYgT6w9EBy0JKcyzAFKzDypshbY+Uw5I4HT9MYLRdP5g+nODeiXEoDym6r3XBjYE3jYoZC0FerxlI0+XIVFS+cuDJgcEDFtmZmW3AGtUtw3j19DaHDCPsS73UgIz5N84wmSTgHYlvUhFVLSP3xf1pw== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR12MB2718.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(136003)(346002)(396003)(39860400002)(366004)(6486002)(38350700002)(86362001)(66946007)(38100700002)(44832011)(52116002)(36756003)(8676002)(7416002)(26005)(4326008)(2616005)(1076003)(186003)(956004)(16526019)(2906002)(316002)(54906003)(6666004)(66476007)(478600001)(5660300002)(7696005)(66556008)(8936002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData: OHBtE7DqUutSgqJY33ibzF0w3krYCY5jFUSu0a+wqCqw5COFjMGazijdE+/gr5HSAK6qQbCBoPLQV4dSMJiXza3UaJE2hfuIlglW4fdHqWWlhnbgs4bvIZNMVLeBd9I9k2wqSwQTrxgIbtVW133unjXMAexGgDM3q8MfOwXHsAw2KC/flEn5WOtwDcmhIIqQOVs0LQ1cfJdUiTLDadnhajK26xnrBbJkPEAdAEcbvj6TuZFYaRk/rEJFvPO8nwiZEU6bpviV0PF7IqRb8yKBnDiLalgO4KymjXR5IFKwykM65wspbUUnBtDGQcx5I8C3dasD2tVvlLs0t0iqwDaD8105t1nGaDAVlZETu5aMgMdZNVioIucck84b0yxaK9iC5bTCqhDq4cFQ0jEXdTRWk4nhWSniagM0VSsHu6AVTlcE6dpyLOsTzQn9dd5jqc37QHtRTQo2H6z4WUy3zYh6OTHHuYi1CU2N/TwOPKP9r0ka6BxDipCAxy5Blh7drtu1kv7XyEQBKu8+mhHUSf7y9UmccY1GnBsig+lQg/POas69c0rcr9VwILKJv6OLNWvNvfC+MnVoBiEOEdC6dLJDZSJ3dBCqyUwMNAe4Yq+yBRuL2sQzhdYtTmNwvUW083t5RA8AeVnCyWOotNOyszkHQT3bEy7ZFxnXTQ8ByL1slvI8QjWsqDk089NS6oxIbzYudZGcKv2hzZyu2hG7HCO9ijYugVYajnBxNzG5pN3PtSljXzu1gVB35y0ZRPslGy4Sy5bl8iSusA/bmvRl3Dleo9vL6LMPfcn9oWgyNc3043Ul4QciwAM/CtS0qUVoJCQGgXiZTjDXHaCAAO3qBOHhPQGIugsjeGAb0nDd0BmEWXciBpr5q0rNhYE8BntbuqYAMbjjS1PAY5ALb4DDuPXYtEBiNRNoUTHpiWQ+4zvJXVkApoVHUDvk8cerFn7ZlUWO1X9xCbeDIxLYvuotOrii4I0c7jZF3X6fQzrry4/qKdApQEUnH1D8iLmPB/yVEPfrc49vN1XYLmLoMQD0XcHC4F648B8NPiKUZnaZNrp6RPkV+BvWC0jJAhTizDOSt0YnwB8Nft0Df8iNtowdPpV53njS5Um8JRQ+giUWYzHQ/pMJx1p59FIOBHchJ0zIyWTuZOvx96yLDgKoaqgZAoRac5PjmVk/zUyKTZ3s4ZbXvLSk9jkmil6qrpwfrOjF4DsWgzGSTV9UsxvDOI5gPfebwqiHQblajgZAoZdQiFilM5WhBvI3QpM5rXRKgN+uMJeikd5YCYpP54Du7dCDEFzQ2mIG+8f2MHAK08jFmLsAOG5pZESyUVsWAqfju2k/JWRI X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 1a9b085b-f7d2-4bc8-9958-08d925cf654f X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Jun 2021 14:04:54.7523 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 3fW0JjAHFndoNQF7MFvB6zGVR7zriT6NVON0HRl/ZcG48Sf+avFAf+Yhw6cohK9njPLg+8BYqyXebKggGw+bzQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR12MB2766 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The SEV-SNP guest is required to perform GHCB GPA registration. This is because the hypervisor may prefer that a guest use a consistent and/or specific GPA for the GHCB associated with a vCPU. For more information, see the GHCB specification section GHCB GPA Registration. During the boot, init_ghcb() allocates a per-cpu GHCB page. On very first VC exception, the exception handler switch to using the per-cpu GHCB page allocated during the init_ghcb(). The GHCB page must be registered in the current vcpu context. Signed-off-by: Brijesh Singh --- arch/x86/kernel/sev-internal.h | 12 ++++++++++++ arch/x86/kernel/sev.c | 28 ++++++++++++++++++++++++++++ 2 files changed, 40 insertions(+) create mode 100644 arch/x86/kernel/sev-internal.h diff --git a/arch/x86/kernel/sev-internal.h b/arch/x86/kernel/sev-internal.h new file mode 100644 index 000000000000..d23c81013a8e --- /dev/null +++ b/arch/x86/kernel/sev-internal.h @@ -0,0 +1,12 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * Forward declarations for sev-shared.c + * + * Author: Brijesh Singh + */ + +#ifndef _ARCH_X86_KERNEL_SEV_INTERNAL_H + +static void snp_register_ghcb_early(unsigned long paddr); + +#endif /* _ARCH_X86_KERNEL_SEV_INTERNAL_H */ diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index 9b70b7332614..455c09a9b2c2 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -32,6 +32,8 @@ #include #include +#include "sev-internal.h" + #define DR7_RESET_VALUE 0x400 /* For early boot hypervisor communication in SEV-ES enabled guests */ @@ -88,6 +90,13 @@ struct sev_es_runtime_data { * is currently unsupported in SEV-ES guests. */ unsigned long dr7; + + /* + * SEV-SNP requires that the GHCB must be registered before using it. + * The flag below will indicate whether the GHCB is registered, if its + * not registered then sev_es_get_ghcb() will perform the registration. + */ + bool snp_ghcb_registered; }; struct ghcb_state { @@ -192,6 +201,16 @@ void noinstr __sev_es_ist_exit(void) this_cpu_write(cpu_tss_rw.x86_tss.ist[IST_INDEX_VC], *(unsigned long *)ist); } +static void snp_register_ghcb(struct sev_es_runtime_data *data, unsigned long paddr) +{ + if (data->snp_ghcb_registered) + return; + + snp_register_ghcb_early(paddr); + + data->snp_ghcb_registered = true; +} + static __always_inline struct ghcb *sev_es_get_ghcb(struct ghcb_state *state) { struct sev_es_runtime_data *data; @@ -218,6 +237,10 @@ static __always_inline struct ghcb *sev_es_get_ghcb(struct ghcb_state *state) data->ghcb_active = true; } + /* SEV-SNP guest requires that GHCB must be registered. */ + if (sev_feature_enabled(SEV_SNP)) + snp_register_ghcb(data, __pa(ghcb)); + return ghcb; } @@ -622,6 +645,10 @@ static bool __init sev_es_setup_ghcb(void) /* Alright - Make the boot-ghcb public */ boot_ghcb = &boot_ghcb_page; + /* SEV-SNP guest requires that GHCB GPA must be registered. */ + if (sev_feature_enabled(SEV_SNP)) + snp_register_ghcb_early(__pa(&boot_ghcb_page)); + return true; } @@ -711,6 +738,7 @@ static void __init init_ghcb(int cpu) data->ghcb_active = false; data->backup_ghcb_active = false; + data->snp_ghcb_registered = false; } void __init sev_es_init_vc_handling(void) From patchwork Wed Jun 2 14:04:05 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 452674 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 11971C47097 for ; Wed, 2 Jun 2021 14:05:46 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id F1E78613F3 for ; Wed, 2 Jun 2021 14:05:45 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231161AbhFBOHZ (ORCPT ); Wed, 2 Jun 2021 10:07:25 -0400 Received: from mail-dm6nam11on2041.outbound.protection.outlook.com ([40.107.223.41]:9824 "EHLO NAM11-DM6-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S230291AbhFBOG4 (ORCPT ); Wed, 2 Jun 2021 10:06:56 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=NFWdwn9PB0TKIXo1l61DtoDHf9dQquuC5H3wU0QAXzVmuUgN+MiiFR7SyyOVe2v59S639q4WRh2zTsXF6FsJ8vucyrpQes3h+uMHi+bvzAqLYN/u1V2ahbuLP1057Z8go2xksdHMCg+2/VCPliniA6blx29oAX2Vze8GWlW36eiylURxjJ5+2s5NJp2h9vgTV2DGgl3kmRHIxUTHWY25ZFtCCwsJ+oLIEacMoJtF5czbS+32oHuv2GICtASsKS2LwR0/q/0EbHFznZ3a5D0d+rdd0HZsrUA2ugRi3nMMpv5CWPvC8yYgIjofdCejPOac7uRKDErfUIp6KhN+iEv5zw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dAxXa3XbI3kMvkyIuMan4kaJrAgUQ5kUqyJ5dU1SEUk=; b=dhaEckshBrT8RQm4Ez3mLpmPk9xLWA9NR/oWLnMLn44plKRs/G54jSCyk77ynFq6PPwGKMJu6RK/L+JHyNNvhDbihYIXz+dAf0gaVbd+G3fbU7H1Uo/U7AATG04Vcfutw28h5IgR6WF408yTQtBzdxkgjRdHYeAivXil9QzPHiHB3RP0uObzYuVxKc9r6V9i3hZx/BleAyeLBUFkgMA2gBr15aJcS7pQ+Ru/Npw7IbuZbbYhU4yjzM0ZDXZRbE/+i24Ohn3ykZBhhwJSyH/4TB6gUNYvMvsXW/fGoUKqK/Ie51w9oho7pFYc0jrB7q7QZMtR0P+Hyk+t6P+Inlks1Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dAxXa3XbI3kMvkyIuMan4kaJrAgUQ5kUqyJ5dU1SEUk=; b=2FxEWp1TzBZJr/yDAoBRTYk7tokOQJGbe7aQeYWG3BJJSZ7eoFk4yCVt5607KdexpI13Pva07rLvMWoshSZ15bnmrxS4rPzUcNB1f8Dp9/k56TRk1+GhyljevWkKiLyXShum4HqIifyPX0MP20eDmk8DoiKcEJjMmMOj9P1pWJ4= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SN6PR12MB2766.namprd12.prod.outlook.com (2603:10b6:805:78::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4173.22; Wed, 2 Jun 2021 14:04:56 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94%6]) with mapi id 15.20.4173.030; Wed, 2 Jun 2021 14:04:56 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , tony.luck@intel.com, npmccallum@redhat.com, Brijesh Singh Subject: [PATCH Part1 RFC v3 11/22] x86/sev: Add helper for validating pages in early enc attribute changes Date: Wed, 2 Jun 2021 09:04:05 -0500 Message-Id: <20210602140416.23573-12-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210602140416.23573-1-brijesh.singh@amd.com> References: <20210602140416.23573-1-brijesh.singh@amd.com> X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SN6PR05CA0010.namprd05.prod.outlook.com (2603:10b6:805:de::23) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SN6PR05CA0010.namprd05.prod.outlook.com (2603:10b6:805:de::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4219.9 via Frontend Transport; Wed, 2 Jun 2021 14:04:55 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 24b83349-d104-4a69-7f3c-08d925cf6683 X-MS-TrafficTypeDiagnostic: SN6PR12MB2766: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:3044; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 2iyiAwmwxSkly9Lrgpl5y0E3HTFjinuqHOIf1H9uGvCKS7kCPP8Wahx/kcRLepBRvIj6YyiQLI1PJUgNTPDt8ptcb1WvxYwczm9kJIQo1lV1R9isgPuGdnHbecdJH7DFwpbcZpj5Gw+pePiVeorUqTwcL3OF8w7KsOWsDKAj4jOndBA6VGWQKRi45vQLHQJfytg5s3jmd7MQqL5n6OjiRstJqPdlRFQPxrnG+qQ4EWq9jc/9Vija+2ks/AKRu1cHyyndnmpygcFcgfqLcmzzfLtnB0BfGW7/wmX3ForIhbV256BefEAUyUfBdlx2/oIBOlZZvHDzlWths8e11zqXqom66QUVqkPYP6jHyXtZ6XoN5zHs4WZL2CjgYno0Vs5pLjvVlJKe6xPtkFWSzmNMpWxyDgzHSdEc1/DB+2VIASvcg6NWX8EuEE5E+6e48uMXqhjCA96FAzhHMxK9j7MTXd/po1k+l34hMK9MLBa0UeK+GzoH37nhOS4YS2Oqw7xE+gOINxpwaJAyGp1qyzd1gQOcc3f84fIgk+AMUhq/Rz8zCFGRYCuZ6qf4UfuP0k46EWPS7rfxkRBgi0dHIOlEhTb3pVHFQME96FSCzZ/Ua0AMFoOSQ/MGoljVpQjLdktolAAhWBhvqcHJP7n3JJ/W5w== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR12MB2718.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(136003)(346002)(396003)(39860400002)(366004)(6486002)(38350700002)(86362001)(66946007)(38100700002)(44832011)(52116002)(36756003)(8676002)(83380400001)(7416002)(26005)(4326008)(2616005)(1076003)(186003)(956004)(16526019)(2906002)(316002)(54906003)(6666004)(66476007)(478600001)(5660300002)(7696005)(66556008)(8936002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData: S7zCA1tRwRB2DcTNn1YxxUpawyOT7yqPF7sDqOnU3777a4oUjaS03bowx1Kly8jNiO7hZdjg220dtmznVPOTG1P++IQtNXpK5RQFrIK2DHfWVvUcgOWrvXayX0h+MUbFr6iDk9+FboE69q5VWHgBwrfrBHgqyHkmX5OhirX2AHlQtepJU5Of/a82jsXoK9gitAYNKb5BPMB4TeMKt0srje/9TxSP5/H/aw76bvmMjb1LuXL+vSmJnkuB85Sl2sxA37dsbNHOSO0rCqGP4QoL+QzeQhO7IkmFceYCnK1wqqfyVPM/VuQW7YqRhYQhavaC+CVFySOKu2BVPWXN6Gs1661LpP6wsDzHp9kklJOWh1P4lD4hOZK0qJ+5puKzpXZPGd/Kb6yzc9ZqR7ZIznemJaK83AeE3C7SI9Cuw7hXLKV9RHgrq2u9AhZXZWOSkDl1H9YWy24WDiJbmr/vwMJ+HtFRIqOQdgpyeHo3590dHTSNd8FrYf5J7YRxSVamKGFuZa5gYF6fJnEIs3NKlFao1xEgWes40IsUgtTzmHDCkB8o7Ky9mx9cMH8iaeJ59+xsGMDA64xDgvbFkdSf3eDHQT6Hh5bOpMJry87YwEFtesntlrT1R63rpfu+f+/qbJOisCsLiZa/1GkOAdyTrvsfnw8qUFZtLNQoJNXkf5BqZDiRlQ2xWuy19m/wWZfxKaQGeABT5VJ03QLYu+maF4v0mCdy7CRsUdY8N8mRuW1ZcNfaSf9MiNpDi59n56msywIY+NYQWKnia3Ugs5Oo72ziH9/epccMMwoSAz0h5LBRP0KXmPqn91YAFOlZQ18c+40icDM65GFl1bDQ8F2oxD9JDalGqMGe7iykU/9OaBED+0wMJwIDaqBt3gkg7ESOaXCe3bOYvSszCNblOO4GwKLVgtE5CSO2b8zbyx/U70FikueXqJpR2Ys+5+ik02gmb1gNMcAFcOZBNwcNrSty7hpE+zcpfJVE66j3vX32heTB9x4gOX1q/DfglWNikF8N0C3HKAOpaVeg7AKAOWVr/OK21qZ7M4p8caueszY4TZLjjabmBSUB20fgU9j7crBWIe1UbdcQbH8PuBKRpExx3Vk3FUf6zRwGU0o1m5G7gMgsB765Lc0kKTrh8Q3kvTkq/km3W8BRMwuEwX+PkbK54LkKjZM7WcRiOP43c3fRPfQa/hJhZh9XYCLZwUqkRhJTQk5iPHoOwCx8op/ov85LxjlGlOYpQ4o7WMhW5oUxf/mJmCE63CNxLDwfefgUGZNXCVBkkEa0kGd4IV7uh4K+AD5Wg15yPBskj0WHtXC3GAAVdZx4tsobQIsV6vENFP+qEBjI X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 24b83349-d104-4a69-7f3c-08d925cf6683 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Jun 2021 14:04:56.5923 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: Kwdg7H0mJTVwN854ZJ3gYMcrVVgrhwKbJTMLsVLqdi5TjRcsDxFiDhfLR5sTzO9Rofe/e/SvUd1FZtlqonVgfQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR12MB2766 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The early_set_memory_{encrypt,decrypt}() are used for changing the page from decrypted (shared) to encrypted (private) and vice versa. When SEV-SNP is active, the page state transition needs to go through additional steps. If the page is transitioned from shared to private, then perform the following after the encryption attribute is set in the page table: 1. Issue the page state change VMGEXIT to add the page as a private in the RMP table. 2. Validate the page after its successfully added in the RMP table. To maintain the security guarantees, if the page is transitioned from private to shared, then perform the following before clearing the encryption attribute from the page table. 1. Invalidate the page. 2. Issue the page state change VMGEXIT to make the page shared in the RMP table. The early_set_memory_{encrypt,decrypt} can be called before the GHCB is setup, use the SNP page state MSR protocol VMGEXIT defined in the GHCB specification to request the page state change in the RMP table. While at it, add a helper snp_prep_memory() that can be used outside the sev specific files to change the page state for a specified memory range. Signed-off-by: Brijesh Singh --- arch/x86/include/asm/sev.h | 20 +++++++ arch/x86/kernel/sev.c | 105 +++++++++++++++++++++++++++++++++++++ arch/x86/mm/mem_encrypt.c | 47 ++++++++++++++++- 3 files changed, 170 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index c41c786d69fe..7c2cb5300e43 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -65,6 +65,12 @@ extern bool handle_vc_boot_ghcb(struct pt_regs *regs); /* RMP page size */ #define RMP_PG_SIZE_4K 0 +/* Memory opertion for snp_prep_memory() */ +enum snp_mem_op { + MEMORY_PRIVATE, + MEMORY_SHARED +}; + #ifdef CONFIG_AMD_MEM_ENCRYPT extern struct static_key_false sev_es_enable_key; extern void __sev_es_ist_enter(struct pt_regs *regs); @@ -103,6 +109,11 @@ static inline int pvalidate(unsigned long vaddr, bool rmp_psize, bool validate) return rc; } +void __init early_snp_set_memory_private(unsigned long vaddr, unsigned long paddr, + unsigned int npages); +void __init early_snp_set_memory_shared(unsigned long vaddr, unsigned long paddr, + unsigned int npages); +void __init snp_prep_memory(unsigned long paddr, unsigned int sz, int op); #else static inline void sev_es_ist_enter(struct pt_regs *regs) { } static inline void sev_es_ist_exit(void) { } @@ -110,6 +121,15 @@ static inline int sev_es_setup_ap_jump_table(struct real_mode_header *rmh) { ret static inline void sev_es_nmi_complete(void) { } static inline int sev_es_efi_map_ghcbs(pgd_t *pgd) { return 0; } static inline int pvalidate(unsigned long vaddr, bool rmp_psize, bool validate) { return 0; } +static inline void __init +early_snp_set_memory_private(unsigned long vaddr, unsigned long paddr, unsigned int npages) +{ +} +static inline void __init +early_snp_set_memory_shared(unsigned long vaddr, unsigned long paddr, unsigned int npages) +{ +} +static inline void __init snp_prep_memory(unsigned long paddr, unsigned int sz, int op) { } #endif #endif diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index 455c09a9b2c2..6e9b45bb38ab 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -532,6 +532,111 @@ static u64 get_jump_table_addr(void) return ret; } +static void pvalidate_pages(unsigned long vaddr, unsigned int npages, bool validate) +{ + unsigned long vaddr_end; + int rc; + + vaddr = vaddr & PAGE_MASK; + vaddr_end = vaddr + (npages << PAGE_SHIFT); + + while (vaddr < vaddr_end) { + rc = pvalidate(vaddr, RMP_PG_SIZE_4K, validate); + if (WARN(rc, "Failed to validate address 0x%lx ret %d", vaddr, rc)) + sev_es_terminate(1, GHCB_TERM_PVALIDATE); + + vaddr = vaddr + PAGE_SIZE; + } +} + +static void __init early_set_page_state(unsigned long paddr, unsigned int npages, int op) +{ + unsigned long paddr_end; + u64 val; + + paddr = paddr & PAGE_MASK; + paddr_end = paddr + (npages << PAGE_SHIFT); + + while (paddr < paddr_end) { + /* + * Use the MSR protocol because this function can be called before the GHCB + * is established. + */ + sev_es_wr_ghcb_msr(GHCB_MSR_PSC_REQ_GFN(paddr >> PAGE_SHIFT, op)); + VMGEXIT(); + + val = sev_es_rd_ghcb_msr(); + + if (GHCB_RESP_CODE(val) != GHCB_MSR_PSC_RESP) + goto e_term; + + if (WARN(GHCB_MSR_PSC_RESP_VAL(val), + "Failed to change page state to '%s' paddr 0x%lx error 0x%llx\n", + op == SNP_PAGE_STATE_PRIVATE ? "private" : "shared", + paddr, GHCB_MSR_PSC_RESP_VAL(val))) + goto e_term; + + paddr = paddr + PAGE_SIZE; + } + + return; + +e_term: + sev_es_terminate(1, GHCB_TERM_PSC); +} + +void __init early_snp_set_memory_private(unsigned long vaddr, unsigned long paddr, + unsigned int npages) +{ + if (!sev_feature_enabled(SEV_SNP)) + return; + + /* Ask hypervisor to add the memory pages in RMP table as a 'private'. */ + early_set_page_state(paddr, npages, SNP_PAGE_STATE_PRIVATE); + + /* Validate the memory pages after they've been added in the RMP table. */ + pvalidate_pages(vaddr, npages, 1); +} + +void __init early_snp_set_memory_shared(unsigned long vaddr, unsigned long paddr, + unsigned int npages) +{ + if (!sev_feature_enabled(SEV_SNP)) + return; + + /* + * Invalidate the memory pages before they are marked shared in the + * RMP table. + */ + pvalidate_pages(vaddr, npages, 0); + + /* Ask hypervisor to make the memory pages shared in the RMP table. */ + early_set_page_state(paddr, npages, SNP_PAGE_STATE_SHARED); +} + +void __init snp_prep_memory(unsigned long paddr, unsigned int sz, int op) +{ + unsigned long vaddr, npages; + + vaddr = (unsigned long)__va(paddr); + npages = PAGE_ALIGN(sz) >> PAGE_SHIFT; + + switch (op) { + case MEMORY_PRIVATE: { + early_snp_set_memory_private(vaddr, paddr, npages); + return; + } + case MEMORY_SHARED: { + early_snp_set_memory_shared(vaddr, paddr, npages); + return; + } + default: + break; + } + + WARN(1, "invalid memory op %d\n", op); +} + int sev_es_setup_ap_jump_table(struct real_mode_header *rmh) { u16 startup_cs, startup_ip; diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c index 63e7799a9a86..45d9feb0151a 100644 --- a/arch/x86/mm/mem_encrypt.c +++ b/arch/x86/mm/mem_encrypt.c @@ -30,6 +30,7 @@ #include #include #include +#include #include "mm_internal.h" @@ -48,6 +49,34 @@ EXPORT_SYMBOL_GPL(sev_enable_key); /* Buffer used for early in-place encryption by BSP, no locking needed */ static char sme_early_buffer[PAGE_SIZE] __initdata __aligned(PAGE_SIZE); +/* + * When SNP is active, changes the page state from private to shared before + * copying the data from the source to destination and restore after the copy. + * This is required because the source address is mapped as decrypted by the + * caller of the routine. + */ +static inline void __init snp_memcpy(void *dst, void *src, size_t sz, + unsigned long paddr, bool decrypt) +{ + unsigned long npages = PAGE_ALIGN(sz) >> PAGE_SHIFT; + + if (!sev_feature_enabled(SEV_SNP) || !decrypt) { + memcpy(dst, src, sz); + return; + } + + /* + * If the paddr needs to be accessed decrypted, mark the page + * shared in the RMP table before copying it. + */ + early_snp_set_memory_shared((unsigned long)__va(paddr), paddr, npages); + + memcpy(dst, src, sz); + + /* Restore the page state after the memcpy. */ + early_snp_set_memory_private((unsigned long)__va(paddr), paddr, npages); +} + /* * This routine does not change the underlying encryption setting of the * page(s) that map this memory. It assumes that eventually the memory is @@ -96,8 +125,8 @@ static void __init __sme_early_enc_dec(resource_size_t paddr, * Use a temporary buffer, of cache-line multiple size, to * avoid data corruption as documented in the APM. */ - memcpy(sme_early_buffer, src, len); - memcpy(dst, sme_early_buffer, len); + snp_memcpy(sme_early_buffer, src, len, paddr, enc); + snp_memcpy(dst, sme_early_buffer, len, paddr, !enc); early_memunmap(dst, len); early_memunmap(src, len); @@ -277,9 +306,23 @@ static void __init __set_clr_pte_enc(pte_t *kpte, int level, bool enc) else sme_early_decrypt(pa, size); + /* + * If page is getting mapped decrypted in the page table, then the page state + * change in the RMP table must happen before the page table updates. + */ + if (!enc) + early_snp_set_memory_shared((unsigned long)__va(pa), pa, 1); + /* Change the page encryption mask. */ new_pte = pfn_pte(pfn, new_prot); set_pte_atomic(kpte, new_pte); + + /* + * If page is set encrypted in the page table, then update the RMP table to + * add this page as private. + */ + if (enc) + early_snp_set_memory_private((unsigned long)__va(pa), pa, 1); } static int __init early_set_memory_enc_dec(unsigned long vaddr, From patchwork Wed Jun 2 14:04:08 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 452669 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id D198EC47083 for ; Wed, 2 Jun 2021 14:08:11 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id BB251613D8 for ; Wed, 2 Jun 2021 14:08:11 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231416AbhFBOJx (ORCPT ); Wed, 2 Jun 2021 10:09:53 -0400 Received: from mail-mw2nam12on2072.outbound.protection.outlook.com ([40.107.244.72]:37216 "EHLO NAM12-MW2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S230386AbhFBOIM (ORCPT ); Wed, 2 Jun 2021 10:08:12 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Hu3C8XNTb7KbgZx3cGlt26Zrd4wHYSaNZEoZejp2R8AewFaFx3sICfh4A0opvXRLn0A2SxVTqd97M2QrxSVOJTmQXNa1S0nc2MbfubxjMdD7wkz1J8W12k+FGwqftSsByh2ZDUC+qqU6xpWQS0/y8BM02De60AZt+eJBmmV1KRRJv9DKyRqFq74Naj9KokN0UAAqiYXLAEikUdAz4mG79XvaI+6iClq4Ll0JAhCsYOKrMfYlcl/MFIp0vLwfzEejcPfjdwEi3ACbGz9SLXF/09eJhsF/M5W3jy6YCir7HLvFzty+og8PhOWIqXY5UdWMtnK3ANjtmumGJq5okf4zZQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=V7ZFKwoMevA3mMgIn1B+sT8tzfenkuPQ+1aptZ11G9Q=; b=fdw1oNFYCWiIUiPziErRNXP9NChNwsni7RRwuXtMfEx9wCqLHUov+XMkFZPg3B0C098kHyoVnC7j3SbAAP5sLF+Pf0r8jDSEiNymEvGC71k0p6a4MDfCu4tXs41hjf53xE0uMytCmXbrPdDfDDnr83iLzrg4pl8v5ffTDxAJKPX5Tn+XMIk0+1MKxJwwmttGEMSAyPikSop41KQB6fie/yHxrsUGQYvbsdEoBZInCSwyCh/3gG+WFPg67JUYyzwNpJ5uZiZuoNPaMTi16ejpMVPxn+qviXAQ14RKt6Nc/HDNGttltqMqr6M/cDEsXngiZAdpTqmwBBQk6yqLvr+1jg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=V7ZFKwoMevA3mMgIn1B+sT8tzfenkuPQ+1aptZ11G9Q=; b=hMtkvWSLsYKkUJsznO+CFwIjdLJXtmx/CUOCdRChCA+raxCWbzKPHlheH8USdJV3AaIG3eTdQAr24uL7bUOgXgqsxKUGjferNLNVtME7gbACiMKVaSG7TAObrFvtBODRpUBj5S0/AZFcwF+1aW56pYO/16suXIMrBudVaOP/OOo= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SN6PR12MB2766.namprd12.prod.outlook.com (2603:10b6:805:78::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4173.22; Wed, 2 Jun 2021 14:05:02 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94%6]) with mapi id 15.20.4173.030; Wed, 2 Jun 2021 14:05:02 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , tony.luck@intel.com, npmccallum@redhat.com, Brijesh Singh Subject: [PATCH Part1 RFC v3 14/22] x86/mm: Add support to validate memory when changing C-bit Date: Wed, 2 Jun 2021 09:04:08 -0500 Message-Id: <20210602140416.23573-15-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210602140416.23573-1-brijesh.singh@amd.com> References: <20210602140416.23573-1-brijesh.singh@amd.com> X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SN6PR05CA0010.namprd05.prod.outlook.com (2603:10b6:805:de::23) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SN6PR05CA0010.namprd05.prod.outlook.com (2603:10b6:805:de::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4219.9 via Frontend Transport; Wed, 2 Jun 2021 14:05:01 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 2b6babd7-b186-4cd1-16bc-08d925cf6a22 X-MS-TrafficTypeDiagnostic: SN6PR12MB2766: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:7691; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: X/2Oe0rMTHbuQdyKCN/Zw6cBpX0LLWMKmgtjGAdzHXGd40KxcDvvW/ZwjZ64q5QqYNNhZneyKIMRG4l1DllRffGHLoFJRFX4AxvhXQ6gz5mY4TvU0mvdUEgvE8GAh9iRiECOGXPu7mE9nMVjWyOOuxVi09a0Vk8xoI3YBCbrL00RqyykSRAWhcHSpSXc1exOFXCxXWomii7CMHZgSI4eNAt710gmHfeVMtsCDmhUlOT9YosiAa/B1jUOsllMUTVkGM+wo0Wen5etFNCTJ1SwadfOcUGsEAzAwTKAj7Py+VUaR8w8aYDsS3fY9zO3UhwEbMEPO6uPiThY/B8/4R+xo40XpkWfrn8HnYUjmmFTTLTNMrYeRJFO3djXTQyutCOHlqMQIXRjniqjfx+Xh29DkehptVgePFPFX/IjzbjrxmSBbZibtpFB95e83YwtLLB4PTK47MBUkt29uwiTu3XKlEX5YITHIpnxeSc5AqrCw1BKRfcCiQNV7wAiylhN+FDrRDufli1k0TavuQcox8juY8qt1+3OvTLi3swHhkByoaQTmp/IT8bmyiwXqZ360N6qaRl9cpya4OlwrqNKQ8P5MWpdqBjv2KN0+Gm7Q1KEOFonGKR+ELXEL031DagJqHFtLR5RGOHY+xwHieRbPmOlDg== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR12MB2718.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(136003)(346002)(396003)(39860400002)(366004)(6486002)(38350700002)(86362001)(66946007)(38100700002)(44832011)(52116002)(36756003)(8676002)(83380400001)(7416002)(26005)(4326008)(2616005)(1076003)(186003)(956004)(16526019)(2906002)(316002)(54906003)(66476007)(15650500001)(478600001)(5660300002)(7696005)(66556008)(8936002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData: 02J8ThA/mmJ21nvCqksivziAhYC+svOZV3MqFMLz1TzJJqiQnqEeyacfwDTXK9/so9n6gKuv865z6cVkrNLKSfM0J82ZkMJqRVpuRVX3rA2rOiBb1I8oCHBAVFY1mNv8EQLtl/c5LrLQfBu2lfBTfkUTM3+YYSafpsFwNh4PuaxxKqm28Ph6791DZBUxlITXiVwi5ngDHFLj7JzEuEMb9MTkVc4KHpSm1jYtsf1q+mcp+m5Px6Hu+tz6qTb5L2Trct80t3/mrEi861J0dymArMTbl72uqHf1ib0ceehAc+La3I8NsVvTfaLEE8jjXV1ntXf2cTRtlb1vZ6f8JORfjniXXYXF14Gilg9VGOspzlJ0O/ve3a0TG91sJ4Wp4VQaPuhJNh9GjCy0AfezSZk7fEo2i7JrwWscMN3q3wGw7As6+tQ9XTyoCvprmOI9ih8OXE7GNhi3bpMaA+tjGCAncZN4+xJ86D/ELCuRfI6zSycOu4jhgsfAQr+8mta/aEiOt7g09WJq43DNZdKPHe1cwMWHc83PYXIt4W2IQp6L+k/6vEMb6uJr/myXrrXX7pUhgqTr5wh7gPUx3O8JUoqqCE/mRd0LAvPgjXtvAPISnZl/4pYutttMSLMky5+3P0nifndoH0eF7kwH/juKnvz5uCEiAnBAfB5WMofXL53u4mtkRRNAu1jiAlReTT/d7AAY8HpRKT7KJdFZngWuEYZE6HKOYvPX/rWd6A03W+ftznQcEYrU52l5uPkfkUvmXhrPGKwbZcVweCZsH9wdkM49ByZyhs3Q72g2g9Wh3wyjgChJ7xooBZOTQPYSIf40VkUyQfZk486jtViwn8RNevYo85+3U90g2mOSLKuVDOcYMdoT8zsXGE4Aqi/X55ZL5YPxTM2l28xnz3S/fQPZ+pw9yGw+KKr4xtDfnuPhWuk/j8vdesK1mfgxBf9K6VpLx5qJA6tHW96PTnwC7Gg30f42FSh3bZV8MAMF/H/SibHacfOeOAzlaeuLHQMUDVLZHWc4vqV1hOICXyRF+jyiNWh8dLpC2YxmAxIMo2cuW9W+5s0GsYUZ/aPlrpBx58x68tqF5YS7HUO+BJYki56+5EIElX1QhJqsjZ1gZQpOiEFM3xwbJIj81d483Dt8ePy69HKWH+1s4IBBnCbVQJYGWIBZpzfCRGlhNRivarFL1wD1MB+bD0uAWiQcpNDEesnVjjQ8NiLw1cdj6tob8zw0Ut//p3Fgcg69kHQ1pv4TSuezFwRrIKi1RN6zpsCkE4AOq6Nf6NgRuJqpOpoVH8ZdNrBtV5lZYh3Rza9vMPCDJwHPOeE/5L7Qi8pY3RskGcNWxRKi X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 2b6babd7-b186-4cd1-16bc-08d925cf6a22 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Jun 2021 14:05:02.0621 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: Mtw2O/0DjWCV1lDJloWXdsLWiMV1y1UG9+BjG+AFcInqkRWvtmtgv6frYVGn6UTT8pdNyo4DpUtRgpvMJLah2w== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR12MB2766 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The set_memory_{encrypt,decrypt}() are used for changing the pages from decrypted (shared) to encrypted (private) and vice versa. When SEV-SNP is active, the page state transition needs to go through additional steps. If the page is transitioned from shared to private, then perform the following after the encryption attribute is set in the page table: 1. Issue the page state change VMGEXIT to add the memory region in the RMP table. 2. Validate the memory region after the RMP entry is added. To maintain the security guarantees, if the page is transitioned from private to shared, then perform the following before encryption attribute is removed from the page table: 1. Invalidate the page. 2. Issue the page state change VMGEXIT to remove the page from RMP table. To change the page state in the RMP table, use the Page State Change VMGEXIT defined in the GHCB specification. Signed-off-by: Brijesh Singh --- arch/x86/include/asm/sev-common.h | 24 +++++++ arch/x86/include/asm/sev.h | 4 ++ arch/x86/include/uapi/asm/svm.h | 2 + arch/x86/kernel/sev.c | 107 ++++++++++++++++++++++++++++++ arch/x86/mm/pat/set_memory.c | 14 ++++ 5 files changed, 151 insertions(+) diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index ae99a8a756fe..86bb185b5ec1 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -62,6 +62,8 @@ #define GHCB_MSR_PSC_REQ 0x014 #define SNP_PAGE_STATE_PRIVATE 1 #define SNP_PAGE_STATE_SHARED 2 +#define SNP_PAGE_STATE_PSMASH 3 +#define SNP_PAGE_STATE_UNSMASH 4 #define GHCB_MSR_PSC_GFN_POS 12 #define GHCB_MSR_PSC_GFN_MASK GENMASK_ULL(39, 0) #define GHCB_MSR_PSC_OP_POS 52 @@ -86,6 +88,28 @@ #define GHCB_MSR_GPA_REG_RESP 0x013 #define GHCB_MSR_GPA_REG_RESP_VAL(v) ((v) >> GHCB_MSR_GPA_REG_VALUE_POS) +/* SNP Page State Change NAE event */ +#define VMGEXIT_PSC_MAX_ENTRY 253 + +struct __packed snp_page_state_header { + u16 cur_entry; + u16 end_entry; + u32 reserved; +}; + +struct __packed snp_page_state_entry { + u64 cur_page : 12, + gfn : 40, + operation : 4, + pagesize : 1, + reserved : 7; +}; + +struct __packed snp_page_state_change { + struct snp_page_state_header header; + struct snp_page_state_entry entry[VMGEXIT_PSC_MAX_ENTRY]; +}; + #define GHCB_MSR_TERM_REQ 0x100 #define GHCB_MSR_TERM_REASON_SET_POS 12 #define GHCB_MSR_TERM_REASON_SET_MASK 0xf diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 7c2cb5300e43..e2141fc28058 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -114,6 +114,8 @@ void __init early_snp_set_memory_private(unsigned long vaddr, unsigned long padd void __init early_snp_set_memory_shared(unsigned long vaddr, unsigned long paddr, unsigned int npages); void __init snp_prep_memory(unsigned long paddr, unsigned int sz, int op); +void snp_set_memory_shared(unsigned long vaddr, unsigned int npages); +void snp_set_memory_private(unsigned long vaddr, unsigned int npages); #else static inline void sev_es_ist_enter(struct pt_regs *regs) { } static inline void sev_es_ist_exit(void) { } @@ -130,6 +132,8 @@ early_snp_set_memory_shared(unsigned long vaddr, unsigned long paddr, unsigned i { } static inline void __init snp_prep_memory(unsigned long paddr, unsigned int sz, int op) { } +static inline void snp_set_memory_shared(unsigned long vaddr, unsigned int npages) { } +static inline void snp_set_memory_private(unsigned long vaddr, unsigned int npages) { } #endif #endif diff --git a/arch/x86/include/uapi/asm/svm.h b/arch/x86/include/uapi/asm/svm.h index 554f75fe013c..41573cf44470 100644 --- a/arch/x86/include/uapi/asm/svm.h +++ b/arch/x86/include/uapi/asm/svm.h @@ -108,6 +108,7 @@ #define SVM_VMGEXIT_AP_JUMP_TABLE 0x80000005 #define SVM_VMGEXIT_SET_AP_JUMP_TABLE 0 #define SVM_VMGEXIT_GET_AP_JUMP_TABLE 1 +#define SVM_VMGEXIT_PSC 0x80000010 #define SVM_VMGEXIT_UNSUPPORTED_EVENT 0x8000ffff #define SVM_EXIT_ERR -1 @@ -215,6 +216,7 @@ { SVM_VMGEXIT_NMI_COMPLETE, "vmgexit_nmi_complete" }, \ { SVM_VMGEXIT_AP_HLT_LOOP, "vmgexit_ap_hlt_loop" }, \ { SVM_VMGEXIT_AP_JUMP_TABLE, "vmgexit_ap_jump_table" }, \ + { SVM_VMGEXIT_PSC, "vmgexit_page_state_change" }, \ { SVM_EXIT_ERR, "invalid_guest_state" } diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index 6e9b45bb38ab..4847ac81cca3 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -637,6 +637,113 @@ void __init snp_prep_memory(unsigned long paddr, unsigned int sz, int op) WARN(1, "invalid memory op %d\n", op); } +static int page_state_vmgexit(struct ghcb *ghcb, struct snp_page_state_change *data) +{ + struct snp_page_state_header *hdr; + int ret = 0; + + hdr = &data->header; + + /* + * As per the GHCB specification, the hypervisor can resume the guest before + * processing all the entries. The loop checks whether all the entries are + * processed. If not, then keep retrying. + */ + while (hdr->cur_entry <= hdr->end_entry) { + + ghcb_set_sw_scratch(ghcb, (u64)__pa(data)); + + ret = sev_es_ghcb_hv_call(ghcb, NULL, SVM_VMGEXIT_PSC, 0, 0); + + /* Page State Change VMGEXIT can pass error code through exit_info_2. */ + if (WARN(ret || ghcb->save.sw_exit_info_2, + "SEV-SNP: page state change failed ret=%d exit_info_2=%llx\n", + ret, ghcb->save.sw_exit_info_2)) + return 1; + } + + return 0; +} + +static void set_page_state(unsigned long vaddr, unsigned int npages, int op) +{ + struct snp_page_state_change *data; + struct snp_page_state_header *hdr; + struct snp_page_state_entry *e; + unsigned long vaddr_end; + struct ghcb_state state; + struct ghcb *ghcb; + int idx; + + vaddr = vaddr & PAGE_MASK; + vaddr_end = vaddr + (npages << PAGE_SHIFT); + + ghcb = sev_es_get_ghcb(&state); + if (unlikely(!ghcb)) + panic("SEV-SNP: Failed to get GHCB\n"); + + data = (struct snp_page_state_change *)ghcb->shared_buffer; + hdr = &data->header; + + while (vaddr < vaddr_end) { + e = data->entry; + memset(data, 0, sizeof(*data)); + + for (idx = 0; idx < VMGEXIT_PSC_MAX_ENTRY; idx++, e++) { + unsigned long pfn; + + if (is_vmalloc_addr((void *)vaddr)) + pfn = vmalloc_to_pfn((void *)vaddr); + else + pfn = __pa(vaddr) >> PAGE_SHIFT; + + e->gfn = pfn; + e->operation = op; + hdr->end_entry = idx; + + /* + * The GHCB specification provides the flexibility to + * use either 4K or 2MB page size in the RMP table. + * The current SNP support does not keep track of the + * page size used in the RMP table. To avoid the + * overlap request, use the 4K page size in the RMP + * table. + */ + e->pagesize = RMP_PG_SIZE_4K; + vaddr = vaddr + PAGE_SIZE; + + if (vaddr >= vaddr_end) + break; + } + + /* Terminate the guest on page state change failure. */ + if (page_state_vmgexit(ghcb, data)) + sev_es_terminate(1, GHCB_TERM_PSC); + } + + sev_es_put_ghcb(&state); +} + +void snp_set_memory_shared(unsigned long vaddr, unsigned int npages) +{ + if (!sev_feature_enabled(SEV_SNP)) + return; + + pvalidate_pages(vaddr, npages, 0); + + set_page_state(vaddr, npages, SNP_PAGE_STATE_SHARED); +} + +void snp_set_memory_private(unsigned long vaddr, unsigned int npages) +{ + if (!sev_feature_enabled(SEV_SNP)) + return; + + set_page_state(vaddr, npages, SNP_PAGE_STATE_PRIVATE); + + pvalidate_pages(vaddr, npages, 1); +} + int sev_es_setup_ap_jump_table(struct real_mode_header *rmh) { u16 startup_cs, startup_ip; diff --git a/arch/x86/mm/pat/set_memory.c b/arch/x86/mm/pat/set_memory.c index 156cd235659f..20cd5ebc972f 100644 --- a/arch/x86/mm/pat/set_memory.c +++ b/arch/x86/mm/pat/set_memory.c @@ -29,6 +29,7 @@ #include #include #include +#include #include "../mm_internal.h" @@ -2009,8 +2010,21 @@ static int __set_memory_enc_dec(unsigned long addr, int numpages, bool enc) */ cpa_flush(&cpa, !this_cpu_has(X86_FEATURE_SME_COHERENT)); + /* + * To maintain the security guarantees of SEV-SNP guest, invalidate + * the memory before clearing the encryption attribute. + */ + if (!enc) + snp_set_memory_shared(addr, numpages); + ret = __change_page_attr_set_clr(&cpa, 1); + /* + * Now that memory is marked encrypted in the page table, validate it. + */ + if (!ret && enc) + snp_set_memory_private(addr, numpages); + /* * After changing the encryption attribute, we need to flush TLBs again * in case any speculative TLB caching occurred (but no need to flush From patchwork Wed Jun 2 14:04:09 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 452668 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id B61BCC4709C for ; Wed, 2 Jun 2021 14:09:02 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id A3FB9613BF for ; Wed, 2 Jun 2021 14:09:02 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231931AbhFBOKm (ORCPT ); Wed, 2 Jun 2021 10:10:42 -0400 Received: from mail-mw2nam12on2062.outbound.protection.outlook.com ([40.107.244.62]:11521 "EHLO NAM12-MW2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S231592AbhFBOIr (ORCPT ); Wed, 2 Jun 2021 10:08:47 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Za0m6XsvNnD/BCOL9N9htjIPrLoIFo2USlNCob8eSjYmZZeRhAb3aUBLNPIO+Bi4IfO4U1KNFnIHdbOvX3D3GBYjxxC5NYzRlrLIfRhtwFRCiYzRedVYXlvt4N5vFvWz1w64Ewdd2A0z3XCZ6mXJcWWIn458HnC8jcDHe432XYM3TonLUUKKc4wA/vh9bNOqDe7HKj6RKxJyUhAvXeFjzjybeGqIIg4LfVFf1qxM2TDX/waGgQ9hsyZV/whqnFj8+H4A0s4LIYyMaDQpWXllhF+hyc7GB4Vr1FveN98MVcJcB/YIAi7ikTmI8/R1oTivHH4L19Mz0Gywb1sSUJbMwQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jMrjUnVepEzQT2zCxLV5ivalIMMuIKD/RxguuBq3Wvo=; b=VpgisA8gTUAraDQMXtTVznhVmYUAcwy8TiqjBWoNzZa/ks3wZ8nl1O5X0PBLUCe0iTXyrlUrl/8nOmedgqFCRe8LGO+VutcR6UV7vy2TmHLWo/7kil3e+rfVNDESGSR4Ts+384Y5xrkiiOy7IqwvmS3t6a92nMWHBRPRTIQheJSVP4qiiQbxIeJgImKZc7wA2oOu4OsjUIkwyl4M2cgJmqOu3ODMYBTv6SU0fcQUYj3T/A+JMrbX5pAWIUZbWA3rET6DLdSekgTXA1ZT5BVEQUK6n1U86SQZh77625sk0kKkh9xczip97xc1wipPSa/P7A16LKG1kga8xCGFUW6jQQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jMrjUnVepEzQT2zCxLV5ivalIMMuIKD/RxguuBq3Wvo=; b=w75EpsAqZ0C70bsO/iNX7eWcZC0rjkZWCdv04x15hsXfp6oWaI+Czy4jTcWbP7TOQZbrO6+RbIbWsH53OkDPa1xW/knk5y29Sgw2GkSq61yYJgnq/s/mCf8eJQM8vt/6UEb067QVtcFdI6JbXdEkv/8DwZyzdx8Cm/g3QOcQpIM= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SN6PR12MB2766.namprd12.prod.outlook.com (2603:10b6:805:78::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4173.22; Wed, 2 Jun 2021 14:05:03 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94%6]) with mapi id 15.20.4173.030; Wed, 2 Jun 2021 14:05:03 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , tony.luck@intel.com, npmccallum@redhat.com, Brijesh Singh Subject: [PATCH Part1 RFC v3 15/22] KVM: SVM: define new SEV_FEATURES field in the VMCB Save State Area Date: Wed, 2 Jun 2021 09:04:09 -0500 Message-Id: <20210602140416.23573-16-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210602140416.23573-1-brijesh.singh@amd.com> References: <20210602140416.23573-1-brijesh.singh@amd.com> X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SN6PR05CA0010.namprd05.prod.outlook.com (2603:10b6:805:de::23) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SN6PR05CA0010.namprd05.prod.outlook.com (2603:10b6:805:de::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4219.9 via Frontend Transport; Wed, 2 Jun 2021 14:05:02 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: db9dfabd-203d-45aa-6817-08d925cf6ae9 X-MS-TrafficTypeDiagnostic: SN6PR12MB2766: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:6790; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: /TQ4ipZZcMe/6rvxR9N6WxhlGqJCeGP4znfa6gqgblP1+GAfHJlGz0OFbJPwnxYoVSUTNR6IfnxQf5ZatXnqWsxBP4ejlmcaaV+8f2NyHHib+O6GkRHdlcYEHfJf5WYY4DP4otEp9pibUzJ+HM/ozijX8d60xp7a8OgV2EOrwKCd6ApBV/C0osItnIe54f+NaE9EDEj+ofBr5SaIaD6nPw4Rch50GXSHfIlyMIyLgL6TI2PUoHucwgFyloa/PAKps1kAk6QSjw2AeiFguQgvcLZdRMB72kUTNEX0echjYsW7AS6JQAO8IYRuzeyi/+1jAQoDYhkKWbIOvH3wjHYqeP39obk5zyYfrfcHT3buMDjou+36dBRZGmFDZkz1aXPmYX7M0jMcgzc4x8LqOYms/W2H7JYyDnsafEzOSA6g0HjBB5bS3QN+JRKLGo8e345agczQhCruNUXxxYBVDn1RcqbKqEdQOg0I+5UVB+2njbHoSuEwzWN5k1nQkdFBwRb2y+BoM6OmX+ESTpLkLzxFpGuZ4eGb9s2cP21eLVcUNtnB2U6yd8jWfBP+zoWSEjYv7kA/QlOmOGXH86o4SKPp7jmT9Fj+Pts8ICiKARGWv9ufoczM2i1LB1cVQg7qDycU/69VYl7+p+osSxdbvGu9nA== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR12MB2718.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(136003)(346002)(396003)(39860400002)(366004)(6486002)(38350700002)(86362001)(66946007)(38100700002)(44832011)(52116002)(36756003)(8676002)(83380400001)(7416002)(26005)(4326008)(2616005)(1076003)(186003)(956004)(16526019)(2906002)(316002)(54906003)(66476007)(478600001)(5660300002)(7696005)(66556008)(8936002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData: Qk12zGRFENXpjs47Ada8bsZNuwgohbUZXmnot5Wmpjq9jgfNZss1kwM6cyviCvaGDcJ2dW0cZmqXVAWz9cb0z77OgHNDrl9mNGFtdjqap+hy7sr9+TKLssk+UuWyD7ezNc8dGLT5l2dEZs2z7gME0lkVKgz5uc3NtKNGjwicl/pvbNag1wgq+cR8trOcVATrIjZwSuj3swGFbeCF51nTFnZGoyU7Z1Brc6n8mzoIbAggl/nROorTVv+dCPAxTiiWSVU0MLTsQ/EKi764g1jUfxsjvJTmYu8OdIIBmdT8MV9WJi6Xtur3FjyVz2wnZ39mZgBNTTt/O+tgx+x8XkqZ192rAT+yTSlXHFvBa3jX3cx0mThjFa9zhwCBf6t1BK19ek4RgdeiCsvdbTifxUnvgCnWmK6kKpjzNP8IlU/zeGcbR/R2jFm64tLt9+a5yRVrxSp7+24xq8ztTYk4E9FkPDhE0I5b8YY0ffRfHuhJow0XJF6iMov9m/74kjCb9bmagfujDXwzkPV056brgwiMWZt4w717CFCdokS3IlETCT+GiFF8emUVX2pDxP/49KtS2j5FUT0fXtiD3Z6ylEUCpB28s5uPgcbvDwVB+uEL9hY4B5mI5bz1WEUpJ54mHJZbQeEztfb6dEk7ZwAkmeVZY3UvzR0uf8syZlHI5sO0U9GvCVRNbUkIAM/9dFbzE8YF1AqgVR2vOitzY5p2jRXd4ZLZTdgXiARKAQ/E7l/gn5zAQscYJzdvbCjD6/wxULK4saKceVK9aYsJHgRz5OPiC1xOZhpmQKJ059CPWWVszGb1hv0jFtcwXE2LkRWnDGU2UQMKl/L35hgXGHG47ca4BFjF2pp4N3BL9M2jcTBC6tFoDM707M3SAVM6e8eIx1ft7E2jo/c/JhrUKt1wNPUSh5DW/Z+hmPYqOd/8JJFM/TZtlFVd5pOzyYOmeE9o80RpeFSd7ln1S5+2Xf5Dzj8uWm+vdAyyn9NsfivIH93RV+165Q+OXqYA9aVDp7FYpZ/C4GgvdA7+sGNuLqHpaO4E7blpMWlEZSncJROWZqGVRhhuodBHhPr/9b5aL48+NHa7cqbP5tsVFAOH9q1Zrxc3DR+HhL/QoVS1CK+W32ekcZ2G02BlyeCWRCeQPxdM+XT/eVZM6Dh27GPQ5Pgd+ha29m1dEQ0kE4cswVqIpPNYHnD3NMY5vB9IXw50KWBbxYmIUDW5AliWbA94k0PkVb2HChisWo5LoH3pMORSIWGiChPw+p6zAxy4lRs31kKLd9W8moFuRjs5TK7yISEhQG+n9D3yejCfHwbr5nM9N9VUQNQoyqGTNPVbz1LmIZ4u8/tr X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: db9dfabd-203d-45aa-6817-08d925cf6ae9 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Jun 2021 14:05:03.3654 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: zQKw0yaHqu4kj2FC+exsyaRmCV5APxjWXhEP7wGHtQZZ5yTHXlp/T2CYmoTbGgRY709TOf2EY9ZeCOlIkVWkcQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR12MB2766 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The hypervisor uses the SEV_FEATURES field (offset 3B0h) in the Save State Area to control the SEV-SNP guest features such as SNPActive, vTOM, ReflectVC etc. An SEV-SNP guest can read the SEV_FEATURES fields through the SEV_STATUS MSR. While at it, update the dump_vmcb() to log the VMPL level. See APM2 Table 15-34 and B-4 for more details. Signed-off-by: Brijesh Singh --- arch/x86/include/asm/svm.h | 6 ++++-- arch/x86/kvm/svm/svm.c | 4 ++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h index 772e60efe243..fb38fae3d5ab 100644 --- a/arch/x86/include/asm/svm.h +++ b/arch/x86/include/asm/svm.h @@ -230,7 +230,8 @@ struct vmcb_save_area { struct vmcb_seg ldtr; struct vmcb_seg idtr; struct vmcb_seg tr; - u8 reserved_1[43]; + u8 reserved_1[42]; + u8 vmpl; u8 cpl; u8 reserved_2[4]; u64 efer; @@ -295,7 +296,8 @@ struct vmcb_save_area { u64 sw_exit_info_1; u64 sw_exit_info_2; u64 sw_scratch; - u8 reserved_11[56]; + u64 sev_features; + u8 reserved_11[48]; u64 xcr0; u8 valid_bitmap[16]; u64 x87_state_gpa; diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 05eca131eaf2..2acf187a3100 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -3186,8 +3186,8 @@ static void dump_vmcb(struct kvm_vcpu *vcpu) "tr:", save01->tr.selector, save01->tr.attrib, save01->tr.limit, save01->tr.base); - pr_err("cpl: %d efer: %016llx\n", - save->cpl, save->efer); + pr_err("vmpl: %d cpl: %d efer: %016llx\n", + save->vmpl, save->cpl, save->efer); pr_err("%-15s %016llx %-13s %016llx\n", "cr0:", save->cr0, "cr2:", save->cr2); pr_err("%-15s %016llx %-13s %016llx\n", From patchwork Wed Jun 2 14:04:12 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 452672 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id D33D6C47083 for ; Wed, 2 Jun 2021 14:06:37 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id B8C0260FE3 for ; Wed, 2 Jun 2021 14:06:37 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231151AbhFBOIS (ORCPT ); Wed, 2 Jun 2021 10:08:18 -0400 Received: from mail-mw2nam08on2087.outbound.protection.outlook.com ([40.107.101.87]:45825 "EHLO NAM04-MW2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S230010AbhFBOHW (ORCPT ); Wed, 2 Jun 2021 10:07:22 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=et5iR1CJZEMb9Qpp1wnzUNCvJWQgH9zQW9VrHEqSoN4aZIU/kiBZuaJuFtHGJed67Iq6CFs/PiAjcrOUTaEE2PDim2fNG2L94BJspcfatbnekfgoF0cmdXIBVQud4rKcBNAjfdTP1Xx5c/eA65oAEsYL7Xi49rPSjHuz+eSV/ckPAz2bHkN1gvPiK65hBnfODNkIRbrfbEmETyLaDH49dd6OVW9rvWgOes47Q3LaUMzw/DCWLJC3m7iR0MQqPJ381OIcCUPiGqgZnxJiK6JyQdRVegWXC02UeAb6TH39aJXEyX9gyA+EKZSRDHRYYYVOXmunXHs5WtXx3MYii7zvHQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dqleyn+92uLtJZ2DVgVJpIsdTMTbdLECR/8GSyQtQFc=; b=GuOslvmpZJwlrZ4cB2aSOt7z7WD/lTaFWOv+kU0kEPV+RwcFmHxsPiDM3Ooa0FRGZpNn/gzr5dHELLibekBNvDYHfp34DgSd4YmRejDCc+ZQQpzqJdFkngyIvzs1m8nb5MVFz+896nrqdDsCHouU0d9kvDzQwMtKzqkC+T0X6I9aJqJmOufN9xWzOnTyT48MICnzIAXOs0pNe05arJ2M+T3OvGvj2AR3cjbb9fUlrDOeT+4t9Au3/qWIdXUtnyICz95c500prRMbQTnhvMpgrejpUDlaXtejh8sln+OmexrBAXP/uYpuzQ8LJqNcyb2CL2S6ngQBcE4lzl8DhWhLng== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dqleyn+92uLtJZ2DVgVJpIsdTMTbdLECR/8GSyQtQFc=; b=tCPRIZuScRsYqbf7SoDrFljSJ0SLZk4q4o0T8LvQEUKLQVmXAdfTVUSFW+CkAVxuEYbt2ZctArg3xibbr6wHDOQHplc40mIxKaLHFCbQBdCZsuJpcq8AjXnlQkQXQfygIU0Oa2v7y/CYLtefU43HBRABY+s2mcoiKKVTrIs5Aic= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SA0PR12MB4446.namprd12.prod.outlook.com (2603:10b6:806:71::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4173.22; Wed, 2 Jun 2021 14:05:10 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94%6]) with mapi id 15.20.4173.030; Wed, 2 Jun 2021 14:05:10 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , tony.luck@intel.com, npmccallum@redhat.com, Brijesh Singh Subject: [PATCH Part1 RFC v3 18/22] KVM: SVM: Update the SEV-ES save area mapping Date: Wed, 2 Jun 2021 09:04:12 -0500 Message-Id: <20210602140416.23573-19-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210602140416.23573-1-brijesh.singh@amd.com> References: <20210602140416.23573-1-brijesh.singh@amd.com> X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SN6PR05CA0010.namprd05.prod.outlook.com (2603:10b6:805:de::23) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SN6PR05CA0010.namprd05.prod.outlook.com (2603:10b6:805:de::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4219.9 via Frontend Transport; Wed, 2 Jun 2021 14:05:08 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: a7a1f731-6dde-4120-d883-08d925cf6e87 X-MS-TrafficTypeDiagnostic: SA0PR12MB4446: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:5236; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: azoIlvM90dIUYYvu9EgjNvJmVAXVh3hums+CkhXa8X+mRw0o8/MZjn0s9k68NTVjR/01lMBePBrbtEzDTtaF3rUTNoTrX7Fhunot1AqeQ5DaCj1cb2G4/0JkmoeCMlXlXBLIvQ7dWa1KCDRXxLs87KpZ+bTAP5lK7ZuPDUeuER30jhLH+oWp2H7MygLCL+8VcCuzGBe7UV8rZf7UBvWYjyRIjPU7NkQliYNcHTLpIMktF/T+e56ouzZX85lsmmpExmbIldwu0yxO/j5VPbY8VpydBu3nLPQbRVhwLmFp9pQeZY1wlGjVkYRFqbf+UFYoFJGljXPALXqce08NPZvCTmMcxe6MSUPpwGAH9AFEjk1NAIWR8LuVkHGVt8YYbjzWKlJkzBuq2BqCBMAKrdLZ4NXBAhlwnYs+sdTGolFZafWYx+vSN0xBi0BYoDuYJGciaGy3lGWXctNBT4uBk2OOfSXOTeXjKgp1GGG76enG4rTbEmW02nNRVKR9CLZ3CQQPh3wx6XwgRmDjwOISwYJO78nyx55mbdqpz/vGjJyep9hAYpRijq+gkV4EZhCM/+8j7YUG6BaeLpOR9WDBYAGbnerJUnTxWfj4KTuZ3tBRrGksBhIzaj+JNQywGlyHJWVRhAsQT2TRkO1aBlQ+O+t4gQ== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR12MB2718.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(366004)(396003)(346002)(136003)(39860400002)(478600001)(8936002)(7416002)(16526019)(44832011)(66476007)(186003)(66946007)(4326008)(8676002)(7696005)(52116002)(1076003)(86362001)(83380400001)(38350700002)(6486002)(15650500001)(316002)(6666004)(5660300002)(54906003)(38100700002)(26005)(66556008)(36756003)(2616005)(956004)(2906002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData: PuX2D00Oq5LoPU88p42woyigAKrolJ3K7QdfjsVSzfzRdHaYlMZc1uvEIA35SCYo31fh+aR5C19SAbs9XwxGMjZA0f/ndsTy48w5R0iC5mkLG6MdoUR9fWrpZ2wqB/6HKVwvFiaLu5csIOWgKwyiTmCZC+J8bh/FkELg2HcOzEfekd43xXXwmgNH/sOaBR6armIuP+PzJW+OIElac5Vw01ruYovE2LKARh/+Dsjxmob72iBnZY2o4TVgS7LDvsUfX+e00uLGBsJ/U2ivWp6QJVzJJj78vHH0kcGo14Gex341c+YWVMiGHla96Nc7uKsGudS2u+zSmDI1GPt6cUIXGEj4PXAGiVNru2UzXO/SLaJ2h2PzgSvOfKfI81mFjLHs38RQ0U4r7Xp84CTmGY3KB6wMsJu5Pymad6xleT8BjxhfAJVGIzQXo+9XsSH9afg/Yt4L7T1ltONOLQH7aNdnx9q1ZDnnk5fa0zmQCguxfTay4/bwjLlDb0hQqILA01stb+WDM1e8Gvp5ooWKdoyE5+6GJ5nm8pk1/cwQtlf2imK0nwRpxj9ZdLBoouNmdVd0MIWIDih8IyumNdhR4v3nvrydVeYzZYf3GQhS96jbNGt/IMKVsXfFIMjyBNkhnM/Vp7kpgGTYxyIerUYEGl9xHz6q5Vfud6qEEbx8YCF6n2K/f0EjxPRCMH0GJ2QUBzDMKzZgnAZYQQKVcaRJYAIjVySZq2TUVO9J7marRtFemdN0urEiYJGy9Mjezf7tYhegYqLULki4zC7m3IYt1PtS6iVxQeFdNIsP6DWDn1R/jHBi01/CfJk1k1qW2KsHKTmMRexKM0eIa/V6TXdDtMyBeGaug3eUTI/0GmH/XgyNeZjE+BcUrJxJqnrchs+UcN6PoJsc0vJKEM0L7WIcC38McuypElFV6SKHdPY+hl4aJmMU9SBnOqDOYCwSuY6Gp8ldRvOiYfKoA3PnQf57oesjTTuRGGLiB+S4Om827BPbTzFdm83De16HoGuXRSYgvBCoKdxzPTaMC9eakSBC9ExhueoH1xW9DqU33AcnwhYpXDpzLYxoXI+t6YsQAy+O4HpmpEKuVvcbc9PFmRDtsIEZ3heKuZ+ElUhfMc60W3sLvEiFxx4M7xCFtFOH1f4Pu6++GfB/kj7k4IdSqBpBt0fpz7ZuRYlTFBSjXXpAklcl4FoaHFU9GjmOxeV8spETaEcVTrXKUWuMFY5XF6bmu/qwaRYcNigR+WeQ7NzmWDxMkZPVW266TnXVTIQ8eYbzdFVI0t4H/vTdRR2VoIdM2C71BV/QX6XvKRAyNmf/ji3K5Bik8QNIzDind3IaHJ7wS26m X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: a7a1f731-6dde-4120-d883-08d925cf6e87 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Jun 2021 14:05:10.0555 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: +lPhjBSrjCY65HT8dC0Uj4XeD1Ah7/jEpdR357tQkuxVbhdK1QmbjcWu0VR4rNKZ3U98000CjkN3LNC4+GXjuQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB4446 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org From: Tom Lendacky This is the final step in defining the multiple save areas to keep them separate and ensuring proper operation amongst the different types of guests. Update the SEV-ES/SEV-SNP save area to match the APM. This save area will be used for the upcoming SEV-SNP AP Creation NAE event support. Signed-off-by: Tom Lendacky Signed-off-by: Brijesh Singh --- arch/x86/include/asm/svm.h | 66 +++++++++++++++++++++++++++++--------- 1 file changed, 50 insertions(+), 16 deletions(-) diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h index f5edfc552240..b6f358d6b975 100644 --- a/arch/x86/include/asm/svm.h +++ b/arch/x86/include/asm/svm.h @@ -282,7 +282,13 @@ struct sev_es_save_area { struct vmcb_seg ldtr; struct vmcb_seg idtr; struct vmcb_seg tr; - u8 reserved_1[43]; + u64 vmpl0_ssp; + u64 vmpl1_ssp; + u64 vmpl2_ssp; + u64 vmpl3_ssp; + u64 u_cet; + u8 reserved_1[2]; + u8 vmpl; u8 cpl; u8 reserved_2[4]; u64 efer; @@ -295,9 +301,19 @@ struct sev_es_save_area { u64 dr6; u64 rflags; u64 rip; - u8 reserved_4[88]; + u64 dr0; + u64 dr1; + u64 dr2; + u64 dr3; + u64 dr0_addr_mask; + u64 dr1_addr_mask; + u64 dr2_addr_mask; + u64 dr3_addr_mask; + u8 reserved_4[24]; u64 rsp; - u8 reserved_5[24]; + u64 s_cet; + u64 ssp; + u64 isst_addr; u64 rax; u64 star; u64 lstar; @@ -308,7 +324,7 @@ struct sev_es_save_area { u64 sysenter_esp; u64 sysenter_eip; u64 cr2; - u8 reserved_6[32]; + u8 reserved_5[32]; u64 g_pat; u64 dbgctl; u64 br_from; @@ -317,12 +333,12 @@ struct sev_es_save_area { u64 last_excp_to; u8 reserved_7[80]; u32 pkru; - u8 reserved_9[20]; - u64 reserved_10; /* rax already available at 0x01f8 */ + u8 reserved_8[20]; + u64 reserved_9; /* rax already available at 0x01f8 */ u64 rcx; u64 rdx; u64 rbx; - u64 reserved_11; /* rsp already available at 0x01d8 */ + u64 reserved_10; /* rsp already available at 0x01d8 */ u64 rbp; u64 rsi; u64 rdi; @@ -334,16 +350,34 @@ struct sev_es_save_area { u64 r13; u64 r14; u64 r15; - u8 reserved_12[16]; - u64 sw_exit_code; - u64 sw_exit_info_1; - u64 sw_exit_info_2; - u64 sw_scratch; + u8 reserved_11[16]; + u64 guest_exit_info_1; + u64 guest_exit_info_2; + u64 guest_exit_int_info; + u64 guest_nrip; u64 sev_features; - u8 reserved_13[48]; + u64 vintr_ctrl; + u64 guest_exit_code; + u64 virtual_tom; + u64 tlb_id; + u64 pcpu_id; + u64 event_inj; u64 xcr0; - u8 valid_bitmap[16]; - u64 x87_state_gpa; + u8 reserved_12[16]; + + /* Floating point area */ + u64 x87_dp; + u32 mxcsr; + u16 x87_ftw; + u16 x87_fsw; + u16 x87_fcw; + u16 x87_fop; + u16 x87_ds; + u16 x87_cs; + u64 x87_rip; + u8 fpreg_x87[80]; + u8 fpreg_xmm[256]; + u8 fpreg_ymm[256]; } __packed; struct ghcb_save_area { @@ -400,7 +434,7 @@ struct ghcb { #define EXPECTED_VMCB_SAVE_AREA_SIZE 740 #define EXPECTED_GHCB_SAVE_AREA_SIZE 1032 -#define EXPECTED_SEV_ES_SAVE_AREA_SIZE 1032 +#define EXPECTED_SEV_ES_SAVE_AREA_SIZE 1648 #define EXPECTED_VMCB_CONTROL_AREA_SIZE 272 #define EXPECTED_GHCB_SIZE PAGE_SIZE From patchwork Wed Jun 2 14:04:16 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 452670 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id C68D8C47083 for ; Wed, 2 Jun 2021 14:07:48 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id AB173613BF for ; Wed, 2 Jun 2021 14:07:48 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231266AbhFBOJI (ORCPT ); Wed, 2 Jun 2021 10:09:08 -0400 Received: from mail-dm3nam07on2075.outbound.protection.outlook.com ([40.107.95.75]:17697 "EHLO NAM02-DM3-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S230445AbhFBOHx (ORCPT ); Wed, 2 Jun 2021 10:07:53 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VOgECZfvxhR57Srnx5a6m0JBRxR80FkK2FDvJyqZelHaVYTfa5j4GYPTxnL9AcfAUg3xXKPsvBYUsMP20/uJWGjHLAhG1Md4JLO2ESQVvpdXSpWx/dNdWIRkVSevxRb1C8HFsHe5lfdsKFuR+pH0xa6eBGnx3nunUJWTMAFgRIePasf4YxW53QtFOwbOqJjJuwaIOY0BiP2R7SfWkCXKWnxL8koWAlICeXxhQvsv6ynpGUdQqaDRMm+hG7WSMBtn8pBCM3bWmLOOmpDYF4t+NZkx0LmoiAcKPOpXon+YyIDCykC7f7HVY3XPqOIFj4dM2ou06L1Mla/ulL57l5B3nA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=FJmw1kbpTVt2WC6F6eysFi7+4/+/zkbL7V1MiJ4BhvE=; b=Lf88bDQv7odM10VuFrmhqyeoHI4xmgAYlZv0yn5T69TqW6/ff0hVZURfQBm494CTo5Kd1nxiEc/fZr3OCgNQjrE+c4ZvHvqGcLUdKoGp7NANWk7O5y9gkdc9vSxgv059jmiWbgsF50YxeghbuJ8WyTDeq6GD9uXORoXegHZAt/IWhZdx0YYUoCp/XxHnEU2aPvxQEdsLmit7rOnkjHSPhzMYty9JmbP3YCsCiltZ51JNbUcQPcVdSaLh+4b1CvCrUBXMQlDgNi2RRMWuZZM/LJlQ7lJXCWTJR4xgq3w1zF7YXi8R/cWAYN1AivyawHGpHLYx7EmX1elodZnfcXo7Bg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=FJmw1kbpTVt2WC6F6eysFi7+4/+/zkbL7V1MiJ4BhvE=; b=pcmeFPq+vJxrs9q0hCp5Vz/qL+TrEvWSnNVdI7kc8rxTD/B1wupN6KzlnwgORKLwbYn3m+ufXGr8YX1kHpf0sFHgcKKDLiPLHiNfviouVKrm9MEB+jD85Ia2Jtx6cmjCNOQLSaSycx3JBVi8B5s3+vJkwO0lDlfe6wyWj1qGQ+g= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SA0PR12MB4592.namprd12.prod.outlook.com (2603:10b6:806:9b::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4195.22; Wed, 2 Jun 2021 14:05:26 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94%6]) with mapi id 15.20.4173.030; Wed, 2 Jun 2021 14:05:24 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , tony.luck@intel.com, npmccallum@redhat.com, Brijesh Singh Subject: [PATCH Part1 RFC v3 22/22] virt: Add SEV-SNP guest driver Date: Wed, 2 Jun 2021 09:04:16 -0500 Message-Id: <20210602140416.23573-23-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210602140416.23573-1-brijesh.singh@amd.com> References: <20210602140416.23573-1-brijesh.singh@amd.com> X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SN6PR05CA0010.namprd05.prod.outlook.com (2603:10b6:805:de::23) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SN6PR05CA0010.namprd05.prod.outlook.com (2603:10b6:805:de::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4219.9 via Frontend Transport; Wed, 2 Jun 2021 14:05:23 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 0f33ebab-d25c-485d-832f-08d925cf7790 X-MS-TrafficTypeDiagnostic: SA0PR12MB4592: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:4941; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: LFbfdpwqLB3WkNLpXXSf7YDbbVgryAfGRyBvwLWjme8lyPsa9o+cf2SgsO3+ancFYX09kVw0DRHCWPe9lwp44ZqXqAQb5pIoaxqzdAmNrMb3CgY20AqbNZ132t9XtbUfwarnOQL/nZ5XlLrQqK7jeBlYfrIbtaQ94j/Y9E1wdVdRn4HcWa79WPiI+GhWnzhS7bDUxUNs9ERD5ireX+ZIsZUvLorxLlYhyFTDYWzh4wfLVwnqcWbSh80zUuY2rR1VC86tGEhHM4cVX7o4fcxkHMw63as8gDaYaK1piXs8lAn+FAwA1rlHqCqMQEm9R6NZ7VYXXHPD0+P45c2ZRpIESdXWW9lE/LIE1sU2tfprLVAFCeseut52g6fusDrXg1S3oF+epq8yh47e42Hv5ErI7pQDr1uSDyF6ludvTMMVT9Pmfg7Gp1TtsUubcA8LRoXPCzBUzyjcXP5LC9+lBCDL/GsKduWseyce+gw4a63IpSm+cTBQuc1oP/iCvRoBjALxM6Ju+qCHHH11UceTcG5BZOy7s//6F806sQZMM5XNBqol2kRcXQwjZZIwmwSHHTaNGF46lWVvRGIskt3BRozjoB4vZRoGShGuu70MwmzyOd2Wv9JrCQlF5siXdmPdpG21UV2F4lwis7nNCn+fdlNlQWyh23250fv2n7xp4v6iXKUYmsoB+d4ziZlfozop1Z78Jk25QIUtADWPNR+jQqzql5MTT7cvCKw7/2FgAgCk5X5NOE5yp23GriG2nJCg1OILI3JPJnUQ/+kZk3x+934Eug== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR12MB2718.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(396003)(346002)(136003)(39860400002)(366004)(376002)(966005)(30864003)(956004)(8936002)(8676002)(36756003)(478600001)(54906003)(83380400001)(1076003)(44832011)(2616005)(6666004)(38350700002)(38100700002)(5660300002)(66476007)(66556008)(2906002)(66946007)(4326008)(26005)(86362001)(186003)(7696005)(52116002)(16526019)(6486002)(7416002)(316002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData: 5z7VgVKJI8WtuHI5+FmrfBrPritOMXHqisoUv1dZ2nTW9KbbzI22pu3iY0WduVfm7WZ9FfRE+br+1e5CKwWmIUlh3n+zWnPDEYFDrXCJrm7gifwseE1OoQ1qxVGsVjwx8YlhfEwemOIRd8/xA+io0c9pj8ggpNvlGqXNdAqh2VAHDvCSxGd+3mY3QY7i7lNOlEMtzuYmrn9HXz3ss1WfqqeVCUpJ2IECL19VNQF4dnzZcdSh/zohFDlsDUGsWHTCMykSBnyck+4fqzvk9XsaH7WUPZNky6bbM1RGaVCU2fEGfvHEkMMzIzyWyQRDAQa/pJo8WHAXj2vBbgTqrTIrEZVdiDHK2RAQp8jI36+DtagDSuc11vgtzpc9iH/Wqy/pI3zpgNgN+WK9MroM1WtW5/RqgYEyTq9hcjtl1U9v7AVbK30UgG594PmRjssTYjMQdFT+nLtDcCMTGD0ROkNZo+Obp2mZd6nUUgOhI51M4YMrbaFg3rSdfXw07ARhEgHjQuGq/NrgXT4RqBzv6r1n42wbBKSXml5WU8JcNW6syfmlGixCm87ShLMgptNi/gVqms4db7yFekIlHnszX6dkCx2MREc6Gvwask74HFS+lWqUTkmbtJ/7s7pgl2VHRjVY0byJKDbz0XA6KOvmPuZTM0n6q1nPCV14ApCc67LIR0aUCYmIaqlhPB3iW/rOdYmPcPuZeZkR+ZW6nWfSU2AAIE7aHna4XHQLLQRGZRjnh9RBSrLQSPrNXBa9ZtZLeBwZiS/NXpSYDHO5e3R1yTPqA+KUe/twYFmq1hMWZNt7rKAuBkvyMz3kLGK/uDLYPCg8kHzCPQtYLYjnoT1RLjIxtm0d4RovsDXSi6FhDdKO6fNFocZUgaCWYxvQ3x3dtf29j6BOAbV8lxjWRbNJCKFYFJNaiCHMpbbjnzZMFub/iwu05Z8HxJjHOD8b5KNW1DBgrR399G+kusLKbRyWIJUfdkIVUtNnhsi/TPTojR42GgxoQlzizCIT240Ee3zM85tbGVd37Qq/SCCtfbE9xE/6zS0J7rugJpRZvlVjylJfxaHmWnN6ypjjDSElY+m9hJTAC89Gn/3FB6143NkHcHRMT1x2zKrrcNYRk6LWtt2CemqgouyxmTjVZlohrzKjqW4TpHghbRVrdyOmEDyPy0iu5cT0knaRmg4PaDzh8Q3smJtyjli8wJiSajTj0CRtq5SMxMCDheDGurj5/UKdRvZS26G1AOL7IcRTwI4zkQbPKoT+PaZcWYG72xZ2R/Z2SMM0Z+dVkg64SJW7ANylalpr/2HCypoWeTfZEdjYMbrGrs3m2dsvxaAfiwpzDX/XvqKl X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 0f33ebab-d25c-485d-832f-08d925cf7790 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Jun 2021 14:05:24.6481 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 0w6RKjpEmUvLmyIfHVcFS5DaCXNrZ8gnB9JpgFLPJcBOs7xXm+C44URrvo3HrlrXlt0SBPpYZ5lRaYO0kcUjHw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB4592 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org SEV-SNP specification provides the guest a mechanism to communicate with the PSP without risk from a malicious hypervisor who wishes to read, alter, drop or replay the messages sent. The driver uses snp_issue_guest_request() to issue GHCB SNP_GUEST_REQUEST NAE event. This command constructs a trusted channel between the guest and the PSP firmware. The userspace can use the following ioctls provided by the driver: 1. Request an attestation report that can be used to assume the identity and security configuration of the guest. 2. Ask the firmware to provide a key derived from a root key. See SEV-SNP spec section Guest Messages for more details. Signed-off-by: Brijesh Singh --- drivers/virt/Kconfig | 3 + drivers/virt/Makefile | 1 + drivers/virt/sevguest/Kconfig | 10 + drivers/virt/sevguest/Makefile | 4 + drivers/virt/sevguest/snp.c | 448 +++++++++++++++++++++++++++++++++ drivers/virt/sevguest/snp.h | 63 +++++ include/uapi/linux/sev-guest.h | 56 +++++ 7 files changed, 585 insertions(+) create mode 100644 drivers/virt/sevguest/Kconfig create mode 100644 drivers/virt/sevguest/Makefile create mode 100644 drivers/virt/sevguest/snp.c create mode 100644 drivers/virt/sevguest/snp.h create mode 100644 include/uapi/linux/sev-guest.h diff --git a/drivers/virt/Kconfig b/drivers/virt/Kconfig index 8061e8ef449f..4de714c5ee9a 100644 --- a/drivers/virt/Kconfig +++ b/drivers/virt/Kconfig @@ -36,4 +36,7 @@ source "drivers/virt/vboxguest/Kconfig" source "drivers/virt/nitro_enclaves/Kconfig" source "drivers/virt/acrn/Kconfig" + +source "drivers/virt/sevguest/Kconfig" + endif diff --git a/drivers/virt/Makefile b/drivers/virt/Makefile index 3e272ea60cd9..b2d1a8131c90 100644 --- a/drivers/virt/Makefile +++ b/drivers/virt/Makefile @@ -8,3 +8,4 @@ obj-y += vboxguest/ obj-$(CONFIG_NITRO_ENCLAVES) += nitro_enclaves/ obj-$(CONFIG_ACRN_HSM) += acrn/ +obj-$(CONFIG_SEV_GUEST) += sevguest/ diff --git a/drivers/virt/sevguest/Kconfig b/drivers/virt/sevguest/Kconfig new file mode 100644 index 000000000000..e88a85527bf6 --- /dev/null +++ b/drivers/virt/sevguest/Kconfig @@ -0,0 +1,10 @@ +config SEV_GUEST + tristate "AMD SEV Guest driver" + default y + depends on AMD_MEM_ENCRYPT + help + Provides AMD SNP guest request driver. The driver can be used by the + guest to communicate with the hypervisor to request the attestation report + and more. + + If you choose 'M' here, this module will be called sevguest. diff --git a/drivers/virt/sevguest/Makefile b/drivers/virt/sevguest/Makefile new file mode 100644 index 000000000000..1505df437682 --- /dev/null +++ b/drivers/virt/sevguest/Makefile @@ -0,0 +1,4 @@ +# SPDX-License-Identifier: GPL-2.0-only +sevguest-y := snp.o + +obj-$(CONFIG_SEV_GUEST) += sevguest.o diff --git a/drivers/virt/sevguest/snp.c b/drivers/virt/sevguest/snp.c new file mode 100644 index 000000000000..00d8e8fddf2c --- /dev/null +++ b/drivers/virt/sevguest/snp.c @@ -0,0 +1,448 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * AMD Secure Encrypted Virtualization Nested Paging (SEV-SNP) guest request interface + * + * Copyright (C) 2021 Advanced Micro Devices, Inc. + * + * Author: Brijesh Singh + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "snp.h" + +#define DEVICE_NAME "sev-guest" +#define AAD_LEN 48 +#define MSG_HDR_VER 1 + +struct snp_guest_crypto { + struct crypto_aead *tfm; + uint8_t *iv, *authtag; + int iv_len, a_len; +}; + +struct snp_guest_dev { + struct device *dev; + struct miscdevice misc; + + struct snp_guest_crypto *crypto; + struct snp_guest_msg *request, *response; +}; + +static DEFINE_MUTEX(snp_cmd_mutex); + +static inline struct snp_guest_dev *to_snp_dev(struct file *file) +{ + struct miscdevice *dev = file->private_data; + + return container_of(dev, struct snp_guest_dev, misc); +} + +static struct snp_guest_crypto *init_crypto(struct snp_guest_dev *snp_dev, uint8_t *key, + size_t keylen) +{ + struct snp_guest_crypto *crypto; + + crypto = kzalloc(sizeof(*crypto), GFP_KERNEL_ACCOUNT); + if (!crypto) + return NULL; + + crypto->tfm = crypto_alloc_aead("gcm(aes)", 0, 0); + if (IS_ERR(crypto->tfm)) + goto e_free; + + if (crypto_aead_setkey(crypto->tfm, key, keylen)) + goto e_free_crypto; + + crypto->iv_len = crypto_aead_ivsize(crypto->tfm); + if (crypto->iv_len < 12) { + dev_err(snp_dev->dev, "IV length is less than 12.\n"); + goto e_free_crypto; + } + + crypto->iv = kmalloc(crypto->iv_len, GFP_KERNEL_ACCOUNT); + if (!crypto->iv) + goto e_free_crypto; + + if (crypto_aead_authsize(crypto->tfm) > MAX_AUTHTAG_LEN) { + if (crypto_aead_setauthsize(crypto->tfm, MAX_AUTHTAG_LEN)) { + dev_err(snp_dev->dev, "failed to set authsize to %d\n", MAX_AUTHTAG_LEN); + goto e_free_crypto; + } + } + + crypto->a_len = crypto_aead_authsize(crypto->tfm); + crypto->authtag = kmalloc(crypto->a_len, GFP_KERNEL_ACCOUNT); + if (!crypto->authtag) + goto e_free_crypto; + + return crypto; + +e_free_crypto: + crypto_free_aead(crypto->tfm); +e_free: + kfree(crypto->iv); + kfree(crypto->authtag); + kfree(crypto); + + return NULL; +} + +static void deinit_crypto(struct snp_guest_crypto *crypto) +{ + crypto_free_aead(crypto->tfm); + kfree(crypto->iv); + kfree(crypto->authtag); + kfree(crypto); +} + +static int enc_dec_message(struct snp_guest_crypto *crypto, struct snp_guest_msg *msg, + uint8_t *src_buf, uint8_t *dst_buf, size_t len, bool enc) +{ + struct snp_guest_msg_hdr *hdr = &msg->hdr; + struct scatterlist src[3], dst[3]; + DECLARE_CRYPTO_WAIT(wait); + struct aead_request *req; + int ret; + + req = aead_request_alloc(crypto->tfm, GFP_KERNEL); + if (!req) + return -ENOMEM; + + /* + * AEAD memory operations: + * +------ AAD -------+------- DATA -----+---- AUTHTAG----+ + * | msg header | plaintext | hdr->authtag | + * | bytes 30h - 5Fh | or | | + * | | cipher | | + * +------------------+------------------+----------------+ + */ + sg_init_table(src, 3); + sg_set_buf(&src[0], &hdr->algo, AAD_LEN); + sg_set_buf(&src[1], src_buf, hdr->msg_sz); + sg_set_buf(&src[2], hdr->authtag, crypto->a_len); + + sg_init_table(dst, 3); + sg_set_buf(&dst[0], &hdr->algo, AAD_LEN); + sg_set_buf(&dst[1], dst_buf, hdr->msg_sz); + sg_set_buf(&dst[2], hdr->authtag, crypto->a_len); + + aead_request_set_ad(req, AAD_LEN); + aead_request_set_tfm(req, crypto->tfm); + aead_request_set_callback(req, 0, crypto_req_done, &wait); + + aead_request_set_crypt(req, src, dst, len, crypto->iv); + ret = crypto_wait_req(enc ? crypto_aead_encrypt(req) : crypto_aead_decrypt(req), &wait); + + aead_request_free(req); + return ret; +} + +static int encrypt_payload(struct snp_guest_dev *snp_dev, struct snp_guest_msg *msg, + void *plaintext, size_t len) +{ + struct snp_guest_crypto *crypto = snp_dev->crypto; + struct snp_guest_msg_hdr *hdr = &msg->hdr; + + memset(crypto->iv, 0, crypto->iv_len); + memcpy(crypto->iv, &hdr->msg_seqno, sizeof(hdr->msg_seqno)); + + return enc_dec_message(crypto, msg, plaintext, msg->payload, len, true); +} + +static int decrypt_payload(struct snp_guest_dev *snp_dev, struct snp_guest_msg *msg, + void *plaintext, size_t len) +{ + struct snp_guest_crypto *crypto = snp_dev->crypto; + struct snp_guest_msg_hdr *hdr = &msg->hdr; + + /* Build IV with response buffer sequence number */ + memset(crypto->iv, 0, crypto->iv_len); + memcpy(crypto->iv, &hdr->msg_seqno, sizeof(hdr->msg_seqno)); + + return enc_dec_message(crypto, msg, msg->payload, plaintext, len, false); +} + +static int __handle_guest_request(struct snp_guest_dev *snp_dev, int msg_type, + struct snp_user_guest_request *input, uint8_t *req_buf, + size_t req_sz, uint8_t *resp_buf, size_t resp_sz, size_t *msg_sz) +{ + struct snp_guest_msg *response = snp_dev->response; + struct snp_guest_msg_hdr *resp_hdr = &response->hdr; + struct snp_guest_msg *request = snp_dev->request; + struct snp_guest_msg_hdr *req_hdr = &request->hdr; + struct snp_guest_crypto *crypto = snp_dev->crypto; + struct snp_guest_request_data data; + int ret; + + memset(request, 0, sizeof(*request)); + + /* Populate the request header */ + req_hdr->algo = SNP_AEAD_AES_256_GCM; + req_hdr->hdr_version = MSG_HDR_VER; + req_hdr->hdr_sz = sizeof(*req_hdr); + req_hdr->msg_type = msg_type; + req_hdr->msg_version = input->msg_version; + req_hdr->msg_seqno = snp_msg_seqno(); + req_hdr->msg_vmpck = 0; + req_hdr->msg_sz = req_sz; + + dev_dbg(snp_dev->dev, "request [seqno %lld type %d version %d sz %d]\n", + req_hdr->msg_seqno, req_hdr->msg_type, req_hdr->msg_version, req_hdr->msg_sz); + + /* Encrypt the request message buffer */ + ret = encrypt_payload(snp_dev, request, req_buf, req_sz); + if (ret) + return ret; + + /* Call firmware to process the request */ + data.req_gpa = __pa(request); + data.resp_gpa = __pa(response); + ret = snp_issue_guest_request(GUEST_REQUEST, &data); + input->fw_err = ret; + if (ret) + return ret; + + dev_dbg(snp_dev->dev, "response [msg_seqno %lld msg_type %d msg_version %d msg_sz %d]\n", + resp_hdr->msg_seqno, resp_hdr->msg_type, resp_hdr->msg_version, resp_hdr->msg_sz); + + /* Verify that the sequence counter is incremented by 1 */ + if (unlikely(resp_hdr->msg_seqno != (req_hdr->msg_seqno + 1))) + return -EBADMSG; + + /* Verify response message type and version */ + if ((resp_hdr->msg_type != (req_hdr->msg_type + 1)) || + (resp_hdr->msg_version != req_hdr->msg_version)) + return -EBADMSG; + + /* + * If the message size is greather than our buffer length then return + * an error. + */ + if (unlikely((resp_hdr->msg_sz + crypto->a_len) > resp_sz)) + return -EBADMSG; + + /* Decrypt the payload */ + ret = decrypt_payload(snp_dev, response, resp_buf, resp_hdr->msg_sz + crypto->a_len); + if (ret) + return ret; + + *msg_sz = resp_hdr->msg_sz; + return 0; +} + +static int handle_guest_request(struct snp_guest_dev *snp_dev, int msg_type, + struct snp_user_guest_request *input, void *req_buf, + size_t req_len, void __user *resp_buf, size_t resp_len) +{ + struct snp_guest_crypto *crypto = snp_dev->crypto; + struct page *page; + size_t msg_len; + int ret; + + /* Allocate the buffer to hold response */ + resp_len += crypto->a_len; + page = alloc_pages(GFP_KERNEL_ACCOUNT, get_order(resp_len)); + if (!page) + return -ENOMEM; + + ret = __handle_guest_request(snp_dev, msg_type, input, req_buf, req_len, + page_address(page), resp_len, &msg_len); + if (ret) + goto e_free; + + if (copy_to_user(resp_buf, page_address(page), msg_len)) + ret = -EFAULT; + +e_free: + __free_pages(page, get_order(resp_len)); + + return ret; +} + +static int get_report(struct snp_guest_dev *snp_dev, struct snp_user_guest_request *input) +{ + struct snp_user_report __user *report = (struct snp_user_report *)input->data; + struct snp_user_report_req req; + + if (copy_from_user(&req, &report->req, sizeof(req))) + return -EFAULT; + + return handle_guest_request(snp_dev, SNP_MSG_REPORT_REQ, input, &req.user_data, + sizeof(req.user_data), report->response, sizeof(report->response)); +} + +static int derive_key(struct snp_guest_dev *snp_dev, struct snp_user_guest_request *input) +{ + struct snp_user_derive_key __user *key = (struct snp_user_derive_key *)input->data; + struct snp_user_derive_key_req req; + + if (copy_from_user(&req, &key->req, sizeof(req))) + return -EFAULT; + + return handle_guest_request(snp_dev, SNP_MSG_KEY_REQ, input, &req, sizeof(req), + key->response, sizeof(key->response)); +} + +static long snp_guest_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) +{ + struct snp_guest_dev *snp_dev = to_snp_dev(file); + struct snp_user_guest_request input; + void __user *argp = (void __user *)arg; + int ret = -ENOTTY; + + if (copy_from_user(&input, argp, sizeof(input))) + return -EFAULT; + + mutex_lock(&snp_cmd_mutex); + switch (ioctl) { + case SNP_GET_REPORT: { + ret = get_report(snp_dev, &input); + break; + } + case SNP_DERIVE_KEY: { + ret = derive_key(snp_dev, &input); + break; + } + default: + break; + } + + mutex_unlock(&snp_cmd_mutex); + + if (copy_to_user(argp, &input, sizeof(input))) + return -EFAULT; + + return ret; +} + +static void free_shared_pages(void *buf, size_t sz) +{ + unsigned int npages = PAGE_ALIGN(sz) >> PAGE_SHIFT; + + /* If fail to restore the encryption mask then leak it. */ + if (set_memory_encrypted((unsigned long)buf, npages)) + return; + + __free_pages(virt_to_page(buf), get_order(sz)); +} + +static void *alloc_shared_pages(size_t sz) +{ + unsigned int npages = PAGE_ALIGN(sz) >> PAGE_SHIFT; + struct page *page; + int ret; + + page = alloc_pages(GFP_KERNEL_ACCOUNT, get_order(sz)); + if (IS_ERR(page)) + return NULL; + + ret = set_memory_decrypted((unsigned long)page_address(page), npages); + if (ret) { + __free_pages(page, get_order(sz)); + return NULL; + } + + return page_address(page); +} + +static const struct file_operations snp_guest_fops = { + .owner = THIS_MODULE, + .unlocked_ioctl = snp_guest_ioctl, +}; + +static int __init snp_guest_probe(struct platform_device *pdev) +{ + struct snp_secrets_page_layout *secrets; + struct device *dev = &pdev->dev; + struct snp_guest_dev *snp_dev; + uint8_t key[VMPCK_KEY_LEN]; + struct miscdevice *misc; + struct resource *res; + void __iomem *base; + int ret; + + snp_dev = devm_kzalloc(&pdev->dev, sizeof(struct snp_guest_dev), GFP_KERNEL); + if (!snp_dev) + return -ENOMEM; + + platform_set_drvdata(pdev, snp_dev); + snp_dev->dev = dev; + + res = platform_get_mem_or_io(pdev, 0); + if (IS_ERR(res)) + return PTR_ERR(res); + + /* Map the secrets page to get the key */ + base = ioremap_encrypted(res->start, resource_size(res)); + if (IS_ERR(base)) + return PTR_ERR(base); + + secrets = (struct snp_secrets_page_layout *)base; + memcpy_fromio(key, secrets->vmpck0, sizeof(key)); + iounmap(base); + + snp_dev->crypto = init_crypto(snp_dev, key, sizeof(key)); + if (!snp_dev->crypto) + return -EIO; + + /* Allocate the shared page used for the request and response message. */ + snp_dev->request = alloc_shared_pages(sizeof(struct snp_guest_msg)); + if (IS_ERR(snp_dev->request)) + return PTR_ERR(snp_dev->request); + + snp_dev->response = alloc_shared_pages(sizeof(struct snp_guest_msg)); + if (IS_ERR(snp_dev->response)) { + ret = PTR_ERR(snp_dev->response); + goto e_free_req; + } + + misc = &snp_dev->misc; + misc->minor = MISC_DYNAMIC_MINOR; + misc->name = DEVICE_NAME; + misc->fops = &snp_guest_fops; + + return misc_register(misc); + +e_free_req: + free_shared_pages(snp_dev->request, sizeof(struct snp_guest_msg)); + return ret; +} + +static int __exit snp_guest_remove(struct platform_device *pdev) +{ + struct snp_guest_dev *snp_dev = platform_get_drvdata(pdev); + + free_shared_pages(snp_dev->request, sizeof(struct snp_guest_msg)); + free_shared_pages(snp_dev->response, sizeof(struct snp_guest_msg)); + deinit_crypto(snp_dev->crypto); + misc_deregister(&snp_dev->misc); + + return 0; +} + +static struct platform_driver snp_guest_driver = { + .remove = __exit_p(snp_guest_remove), + .driver = { + .name = "snp-guest", + }, +}; + +module_platform_driver_probe(snp_guest_driver, snp_guest_probe); + +MODULE_AUTHOR("Brijesh Singh "); +MODULE_LICENSE("GPL"); +MODULE_VERSION("1.0.0"); +MODULE_DESCRIPTION("AMD SNP Guest Driver"); diff --git a/drivers/virt/sevguest/snp.h b/drivers/virt/sevguest/snp.h new file mode 100644 index 000000000000..930ffc0f4be3 --- /dev/null +++ b/drivers/virt/sevguest/snp.h @@ -0,0 +1,63 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * Copyright (C) 2021 Advanced Micro Devices, Inc. + * + * Author: Brijesh Singh + * + * SEV-SNP API spec is available at https://developer.amd.com/sev + */ + +#ifndef __LINUX_SNP_GUEST_H_ +#define __LINUX_SNP_GUEST_H_ + +#include + +#define MAX_AUTHTAG_LEN 32 + +/* See SNP spec SNP_GUEST_REQUEST section for the structure */ +enum msg_type { + SNP_MSG_TYPE_INVALID = 0, + SNP_MSG_CPUID_REQ, + SNP_MSG_CPUID_RSP, + SNP_MSG_KEY_REQ, + SNP_MSG_KEY_RSP, + SNP_MSG_REPORT_REQ, + SNP_MSG_REPORT_RSP, + SNP_MSG_EXPORT_REQ, + SNP_MSG_EXPORT_RSP, + SNP_MSG_IMPORT_REQ, + SNP_MSG_IMPORT_RSP, + SNP_MSG_ABSORB_REQ, + SNP_MSG_ABSORB_RSP, + SNP_MSG_VMRK_REQ, + SNP_MSG_VMRK_RSP, + + SNP_MSG_TYPE_MAX +}; + +enum aead_algo { + SNP_AEAD_INVALID, + SNP_AEAD_AES_256_GCM, +}; + +struct snp_guest_msg_hdr { + u8 authtag[MAX_AUTHTAG_LEN]; + u64 msg_seqno; + u8 rsvd1[8]; + u8 algo; + u8 hdr_version; + u16 hdr_sz; + u8 msg_type; + u8 msg_version; + u16 msg_sz; + u32 rsvd2; + u8 msg_vmpck; + u8 rsvd3[35]; +} __packed; + +struct snp_guest_msg { + struct snp_guest_msg_hdr hdr; + u8 payload[4000]; +} __packed; + +#endif /* __LINUX_SNP_GUEST_H__ */ diff --git a/include/uapi/linux/sev-guest.h b/include/uapi/linux/sev-guest.h new file mode 100644 index 000000000000..0a8454631605 --- /dev/null +++ b/include/uapi/linux/sev-guest.h @@ -0,0 +1,56 @@ +/* SPDX-License-Identifier: GPL-2.0-only WITH Linux-syscall-note */ +/* + * Userspace interface for AMD SEV and SEV-SNP guest driver. + * + * Copyright (C) 2021 Advanced Micro Devices, Inc. + * + * Author: Brijesh Singh + * + * SEV-SNP API specification is available at: https://developer.amd.com/sev/ + */ + +#ifndef __UAPI_LINUX_SEV_GUEST_H_ +#define __UAPI_LINUX_SEV_GUEST_H_ + +#include + +struct snp_user_report_req { + __u8 user_data[64]; +}; + +struct snp_user_report { + struct snp_user_report_req req; + + /* see SEV-SNP spec for the response format */ + __u8 response[4000]; +}; + +struct snp_user_derive_key_req { + __u8 root_key_select; + __u64 guest_field_select; + __u32 vmpl; + __u32 guest_svn; + __u64 tcb_version; +}; + +struct snp_user_derive_key { + struct snp_user_derive_key_req req; + + /* see SEV-SNP spec for the response format */ + __u8 response[64]; +}; + +struct snp_user_guest_request { + /* Message version number (must be non-zero) */ + __u8 msg_version; + __u64 data; + + /* firmware error code on failure (see psp-sev.h) */ + __u32 fw_err; +}; + +#define SNP_GUEST_REQ_IOC_TYPE 'S' +#define SNP_GET_REPORT _IOWR(SNP_GUEST_REQ_IOC_TYPE, 0x0, struct snp_user_guest_request) +#define SNP_DERIVE_KEY _IOWR(SNP_GUEST_REQ_IOC_TYPE, 0x1, struct snp_user_guest_request) + +#endif /* __UAPI_LINUX_SEV_GUEST_H_ */