From patchwork Wed Jul 7 18:14:32 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 470893 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id CEB9BC07E9C for ; Wed, 7 Jul 2021 18:15:44 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id B634161CD3 for ; Wed, 7 Jul 2021 18:15:44 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231450AbhGGSSX (ORCPT ); Wed, 7 Jul 2021 14:18:23 -0400 Received: from mail-bn8nam11on2061.outbound.protection.outlook.com ([40.107.236.61]:62945 "EHLO NAM11-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S231376AbhGGSSQ (ORCPT ); Wed, 7 Jul 2021 14:18:16 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=govqA+X9+lzVM/cD+0ruYXc1YZ177VDjcRa2ZwrdvCHR7twPw0eYBdTlPRRUgkob+/xeSNvclcVpcUHGrxfQVc9z+DAGBwIZ/5jnGxJ47UaJQ4MoPqXtA9VjKFndouyfFD2z4tZczhR1a+VM5MbR5SkGuJQLyneeY5qmXzDbppGOT1Z4nD0Gd7+A0KDlRd8cR7Of2742HVrA7N0+ihs9fVX1KnptovzvcgxQ4n3iqGK4I0ZWXgRTxREl34i1WUCLGe8cWHsgyD/4XLkjgwjO4qhgZgPeoo7VSO/pImPf5JB+TJmm53KP1dIvqI97HLFM6c1UELEDU6kK3EI9jTrUrQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=C0N9ZErqug4pgk71YQajHqeQ3GpWF4d9XuQBEPLDLKU=; b=SnHu+UARWILRiFARMWOjz9pZGg5/ECx4n3IZ+D4oSe06tL6v9m/IjRRg+5gkOT/iCki834HbaC4a6YMzGejHqfP22j/xHdm1QwGgOS9SrF1dgeLC5iApBzbSvHX6ZcOp0QHjq1KRao7yX3YIkQAUzzkHO9l6kjiJAByLzJn12sY11FDTnGfpBydPfHx7hmfIKrCyHTJcEYTbDxX37AC0TSBucxGoYjE1Y9F+tZCnDMf1sfBRPOubGT/GhDISOW9gjf3k0X8RhUl1HDVkKkM+Tv9KDku9gZJ0yAA8zDCDDRdAVAS9146iAQg+EWl/vuNlnb6gsQhOmFX9lO2VFKckmQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=C0N9ZErqug4pgk71YQajHqeQ3GpWF4d9XuQBEPLDLKU=; b=bax/LEPFLjmqiSaju20PY2z5JRDotTDhJYqd4aFH2omQGvaB6GzMP4w1HCB97kj0UhB+o6VSbI6RymiIKPvmXQOft38Pa1nbcvkroMSOzFT4XrKNXuNDfiP8D3qFK7EIQPBeBvgy1LJhZkKG2S0x0QlOUtyPjpkwh6Idfh6CjF8= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) by BY5PR12MB3939.namprd12.prod.outlook.com (2603:10b6:a03:1a5::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.21; Wed, 7 Jul 2021 18:15:31 +0000 Received: from BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed]) by BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed%7]) with mapi id 15.20.4287.033; Wed, 7 Jul 2021 18:15:31 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , tony.luck@intel.com, npmccallum@redhat.com, brijesh.ksingh@gmail.com, Brijesh Singh Subject: [PATCH Part1 RFC v4 02/36] x86/sev: Save the negotiated GHCB version Date: Wed, 7 Jul 2021 13:14:32 -0500 Message-Id: <20210707181506.30489-3-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210707181506.30489-1-brijesh.singh@amd.com> References: <20210707181506.30489-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) To BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.19 via Frontend Transport; Wed, 7 Jul 2021 18:15:28 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 5cc1bbae-1f48-4f5c-1a4d-08d941733487 X-MS-TrafficTypeDiagnostic: BY5PR12MB3939: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:9508; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: oJjmhGIR5F1phAfCKaA2jlwFYPRtpCKep5bzcpfxxQGPAk71Rhl43VI0HJn7ZBiR2n94cKmwnoXi9T8vRAj18zoqiXRUmqF+lU9tsG8hP1p/Kl/XUT3oFTbuLQyZ/SzEl9RMGEuf5ztj//qkSIMNw0XwNRbak/1ACRvWgIxH6ND4CF76+gibm/jG6/WD63yubnhOZ0DA3WoIQWkeLfPV77aRbpD3vHz9HkB1j+NnuIFu87PdKjSSaIcrmhhBALNGPwrGhNqi1D9nGVK2ZuiNyDDVNPM9fuLhshe5LZSvv+wVKQnEwi13aXKiVl/GFo73PfB1TTBrkPKK39hLTrrikv057/bZJPZVBcrqy+StK3uUoA5TzyKii1JmYCVnUbkGg7iI0aW6436SdHU6eUVR2GZ10nlBXw58/59FTuzHEgVXWgrSI1OpqL4FuQklcoJsNl+iLy7H28fuj+jDYM+VrQo83WOnJmxNngVVt5O5hoX9PwrRAUrrLAw5HEizoaprhjmIwAN4LkNJqGfpGLLXUYlr/RRXca+aYWTHV0LhWLa0ZdayUgWqWsubzSXsotUo4H+sIOPnN/q25STzZe7TjKgHrBSHzuxrvM/QKl3It9AwE45+i2arVl1u3JfY0C1SQVWu7wsBdHAWG1Q6+h35hOu6zjQDw7hMS9/LWPa4+4oM2LRKdiEn1PiLioZ4DjoWgbk04DDFZ2vfaxMq0jfwHw== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR12MB2711.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(396003)(39860400002)(366004)(376002)(136003)(44832011)(66556008)(38100700002)(38350700002)(66946007)(186003)(66476007)(2906002)(1076003)(26005)(52116002)(8936002)(2616005)(6486002)(7696005)(6666004)(5660300002)(8676002)(956004)(7406005)(7416002)(478600001)(83380400001)(316002)(54906003)(86362001)(36756003)(4326008); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: UPYNYcVq1LQbk402D5wl0W0nZSq1ZkVofeuUEr4cKjk7Zfgu08GsfbrmzeRasfFBi8Cji0799mqKALBMTtMoR520i2ZIv22oV9w+/cOiFkfNExTYDnDngC8ER4n5mY5zxngDJ1hV8OWX8pnWJLiY4ASgo8KLmd2KR/DOiKxuEFFWQCUydi3QFTSmtkJUJDOrESYmnwbyouHpyjbmuZCyH/DvkeNugbGbHSmEDDaP07uiC094CeWOPTa1e+UrTljSGa7UpWW2Xp/Ic6O5rwXKVvOtlEvdEYnpWD76pZYYZ/EE+9g+ozwNtUrxgOP0b/cXll0mWRiPSc+0IbYNqyU8Y3uzzEduTzHcWKvcNbImQtc9546cNECCmSAhPjLuBWPhDMU6+Z93+6TotmH5aNjOEA022GBYaBv6a4HpU3KMTYxw46i0j8AnyDlUeiLi4JiHiXk2HCYKwIXeSKC33qOVRw6AXPQKjwylShOnrbL1NtrPzrAQb0lPkUi/o4mHVyVeyXIwopKWLIKMxqzYRVvdpomfAKbvxjW7o9WCu2m9mruvTw/B1yizhlDNg31hMaZGxqStrRzX6e1+qPjkRmZu5uYqrzWGwcfoEN/ZTSJOHHeqRsXN80v4qZ7o9spPVtv3Dqh/uOzU2YQ2LxB5LpkD6v8qCEHa6Gih1lhffX3dnHFPeNB9JjNmTv/Z/HmNP2RvzKzEiVLeT+YVhTRxVyAYQb9/HW78q0qieI3nyD/Tbl1/e3A5Y6VBCf8M5HdY9pnxuGy6KSY3JoOpaVU+5905YXE2xdSRRQYySbVqULNN8l3XUYhrZRBKMUGB0tSHkorlpUihAvaNxYuAetG+l3VNw7Xwn4Pv95xfzM7UrDIzhDX5Kfo+EDkjEQMk1zZJa1bdMdfVwRjdbJEqfRV5svThnhqLYaGlC14A82aZE/JBqBpMUVacBLviT59P330FciIhchAoIhXTxlptauHQmMRY4U6WJvhYJgB9tGEeZrzYqfuSGh12hu7EvpEqCpvNd+pfyjAsWOiG2fp1JKCQbjj8BB5WzD8ldaBRRdCEu001Q4kPO7sxMlj5UCFGNFRMajDAGnXKAmsjiYHoO1SWQZkjpHcSmuDNl5ibQ01TQYwfM4Xd4dv37IG4+F2lZy81vrl/jvMBut75b3ZJJBv5UDl7qcQ9SL5US4OyWVMXmWJDqX9+4cnowIPLNTAo8nDfN3gh+jWcyE2754BpAiP9KVk85RJja119mw9m6355oKdLOsapsA3tjkS+nBjzw6eofIpk8IVz5/b4Hw+pI72Pp7oRY+zd36/BKMRGh855rIBSD298Wk2VbjhPndrU9Pz6Mq4E X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 5cc1bbae-1f48-4f5c-1a4d-08d941733487 X-MS-Exchange-CrossTenant-AuthSource: BYAPR12MB2711.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jul 2021 18:15:31.0498 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: ktux2SXOBM7PBwWyERbc6E7/DPh0NOFYRQAJiiUyi6eh902/upxbiGyljVW7zsRIAldY1tUuvAZszz4YR2asfg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR12MB3939 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The SEV-ES guest calls the sev_es_negotiate_protocol() to negotiate the GHCB protocol version before establishing the GHCB. Cache the negotiated GHCB version so that it can be used later. Signed-off-by: Brijesh Singh Signed-off-by: Borislav Petkov --- arch/x86/include/asm/sev.h | 2 +- arch/x86/kernel/sev-shared.c | 17 ++++++++++++++--- 2 files changed, 15 insertions(+), 4 deletions(-) diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index fa5cd05d3b5b..7ec91b1359df 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -12,7 +12,7 @@ #include #include -#define GHCB_PROTO_OUR 0x0001UL +#define GHCB_PROTOCOL_MIN 1ULL #define GHCB_PROTOCOL_MAX 1ULL #define GHCB_DEFAULT_USAGE 0ULL diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c index 114f62fe2529..19c2306ac02d 100644 --- a/arch/x86/kernel/sev-shared.c +++ b/arch/x86/kernel/sev-shared.c @@ -14,6 +14,15 @@ #define has_cpuflag(f) boot_cpu_has(f) #endif +/* + * Since feature negotiation related variables are set early in the boot + * process they must reside in the .data section so as not to be zeroed + * out when the .bss section is later cleared. + * + * GHCB protocol version negotiated with the hypervisor. + */ +static u16 ghcb_version __section(".data..ro_after_init"); + static bool __init sev_es_check_cpu_features(void) { if (!has_cpuflag(X86_FEATURE_RDRAND)) { @@ -54,10 +63,12 @@ static bool sev_es_negotiate_protocol(void) if (GHCB_MSR_INFO(val) != GHCB_MSR_SEV_INFO_RESP) return false; - if (GHCB_MSR_PROTO_MAX(val) < GHCB_PROTO_OUR || - GHCB_MSR_PROTO_MIN(val) > GHCB_PROTO_OUR) + if (GHCB_MSR_PROTO_MAX(val) < GHCB_PROTOCOL_MIN || + GHCB_MSR_PROTO_MIN(val) > GHCB_PROTOCOL_MAX) return false; + ghcb_version = min_t(size_t, GHCB_MSR_PROTO_MAX(val), GHCB_PROTOCOL_MAX); + return true; } @@ -102,7 +113,7 @@ static enum es_result sev_es_ghcb_hv_call(struct ghcb *ghcb, enum es_result ret; /* Fill in protocol and format specifiers */ - ghcb->protocol_version = GHCB_PROTOCOL_MAX; + ghcb->protocol_version = ghcb_version; ghcb->ghcb_usage = GHCB_DEFAULT_USAGE; ghcb_set_sw_exit_code(ghcb, exit_code); From patchwork Wed Jul 7 18:14:35 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 470892 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id D6F6BC11F69 for ; Wed, 7 Jul 2021 18:15:48 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id C460A61C83 for ; Wed, 7 Jul 2021 18:15:48 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231429AbhGGSS1 (ORCPT ); Wed, 7 Jul 2021 14:18:27 -0400 Received: from mail-bn8nam11on2061.outbound.protection.outlook.com ([40.107.236.61]:62945 "EHLO NAM11-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S231441AbhGGSSY (ORCPT ); Wed, 7 Jul 2021 14:18:24 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=DeOBhNNxA9S+Qw2LL6APrms+CQFCOEyDByiGvBXwCQiq72kLOCw4We4iHOgz4lXczK68qBzgKCQkNbjt8wcPK38Jn75j6DMRDUJfNLbfJWCJmwqhDOzkP1NdvJyt3ep4QyGneWGUGBtK9jqvhEW6Fo8wAbX0dOVcDRA5fv+hVc6y2QUrDnEE+Rx2hrphG6E8dL4rT5Qg2blFd0Alllggf1us1GpfvRNZi5eGZqfGvmpaaOcNmiTmCkgMvJ68Adtjv383GStCunSk/lp2o9f3U/BjwL53FnGGTdXuEd3k8wd6O2MjN8cl9SKb+puN4Z1Z/+Hnc9H81u4Ew+4jJsYwdA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=IEw7I2/UqGVZJYfjEijRiGlJViEJd73Y5IVmOCMH3GE=; b=eTKJBxLTcTGMHjyRwke4rYK6ud5218Wpnox+WU8SFDljpoDrKDCl/zUz3jwNsKjIO/q13K67xu8cjOTA4oMmAISvGYt3i5yrrk0seOLrCke6wMpvG5xJNbvI62MtGBKuyQljHVKz29thnDRP8dFDvC+V3/ezjkqNfWxsI6vcpbwxK95LGPusnLqCaPPKJRLSF1JTtnB7Be15NTGCQ3P3j9N8pnE9eeEpHUn4DXrAd1HoH7R8xwpf6C7mLt1BNlt9+2Cpeav0loRbyFD6lRBDvTCEJPT9B1Qgzk4W2xpjYcubKRRMWmtWQJr5QhltVeODaiXETqhxi7TqRly1odbZIQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=IEw7I2/UqGVZJYfjEijRiGlJViEJd73Y5IVmOCMH3GE=; b=P2s3ltLAEzzitrQV5rhv//CR6Iu1d4wYsDo7Ap4oVQQgLh/OVi8/ryKmY5hhAlAIL8+1BU6CGq+cKlXmDsP6V5XYzny/Bn64YDjpMigcbSdY4gx8oZ/+u0UUtAgza6uz0RJ97oiafDzP9ehIfe13d9xF4RAUg+xLeYYQ2CSpqLE= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) by BY5PR12MB3939.namprd12.prod.outlook.com (2603:10b6:a03:1a5::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.21; Wed, 7 Jul 2021 18:15:39 +0000 Received: from BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed]) by BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed%7]) with mapi id 15.20.4287.033; Wed, 7 Jul 2021 18:15:38 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , tony.luck@intel.com, npmccallum@redhat.com, brijesh.ksingh@gmail.com, Brijesh Singh Subject: [PATCH Part1 RFC v4 05/36] x86/sev: Define the Linux specific guest termination reasons Date: Wed, 7 Jul 2021 13:14:35 -0500 Message-Id: <20210707181506.30489-6-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210707181506.30489-1-brijesh.singh@amd.com> References: <20210707181506.30489-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) To BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.19 via Frontend Transport; Wed, 7 Jul 2021 18:15:36 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 9680dac4-7a4c-4fb2-81f3-08d94173392f X-MS-TrafficTypeDiagnostic: BY5PR12MB3939: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:9508; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 984wuGON4hl3At0xMj4JIJUB4DAR85Tl6h53Ablv/L0kduUKZV0Kbn6rGyKxQOLUVOunI/Jsp63L5cPYAqShJEHM20Cijv3sI1Go4YOBHUdpgl8MdbqIZ1lLvjypv3DDA0v8uqghyE+8kX1AwmJLoOmxCSfLHSuK2jBgl9WQKZzIw74EZ0PApHFMguGL8SjNi+hy3AHd+uGiijiF7z+PwkuuArZZzSq0waz3X3mLc2YVS1zJ5++WkjaRQcTODWNZKs5yIM9fOeLU366FI/cL5obSEDgmSoXpDM43M3CFZpZ4pWGOq8lR48PesUlfSwSHzDDJ5Gjk3f3HYXQlHUQ89ewGMicpByMPLOs3hf5/VLS9GfhQ4QsLvpNq5mqNWMvs+SdirjI1sx39ssf+4KqMsqGoVK4UF1ZyDYXQdlL1dAO29icDhvvKm789QpgwCvWAufmRb+/tNQmoX+7sZeiwYq7Jw6BNW8MDY3Um6XgYsTOFrEV8az9uDSyaWfBSFP5iZguYxvNKPDVlT7NjrIF7zqdSxr38GbIzd/7fW9kpHDpanV00R+qRWyIo+NtQfhut6zRNkv0q81LStYhVGUL80i+w4IUuFhBAtbIDgWXT6VGSIgQPz7r9f4aALubvgmbzlGu/1s0II/HxaO7K0RRUI87jhcau7li206rRqsFZq8+GSh/2GfWPoOwCCTUFsfTBVWZBbkpaHThfaDJs6bI8Jw== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR12MB2711.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(396003)(39860400002)(366004)(376002)(136003)(44832011)(66556008)(38100700002)(38350700002)(66946007)(186003)(66476007)(2906002)(1076003)(26005)(52116002)(8936002)(2616005)(6486002)(7696005)(5660300002)(8676002)(956004)(7406005)(7416002)(478600001)(83380400001)(316002)(54906003)(86362001)(36756003)(4326008); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: wHWNsu9UvDjScKlVBGBNaa77Q1t5ljkGINhEdNxUghGVy/S2GHlGYr4/RK4pQQfmJVgFjyAPxXhAH9u1iwdWaiGFEyK5YQsVzv2aBuldsaN6pkIzAQhQM8GrBdfdVSq9t4/2BkzWWi5IPs8K0L05iB74PoVx1qjzlg8YMDYDvkxhJJyz0BMiWJGn6M2qHYHgU/da9eBm4PJQUhyUdIpAZEYRxnPIEjwHPzbO7k5ZgSXiyQzjFffe9vERqmoxka1+6mVbomz9WclC+O/P0gqWg2fa/oUPMA6AWdzWq3p963VIxK9deS1j0lCyCOpWVIYZgzdoKSrXWfBxiiBehgaIsrfli5Pr4R/I63th6SC9PrfGRnk1VUsiuoj5FDSTE3heTpJTeErZdNHEavFfWJvECcLllR8IBdvh3eMOZfJLpFkTdZPAlyyYI35wKacmi5g33YrA3oFVqpLvU4hdvVI9VYC9MbeFHpm5MTmxbj/cXI1TGLHd2y2P4WVt8zR76nZd6wVS6q63oLhCbSgy415/TiRuosaTdjYPXfTxvjg+nNIzRLP63T46HKn4c5MCkgWbalfLZ6ZHSmMOmhzn6oy4OmKc/tSbV/B+EnmCK0xdK/VqscjK5LF1XinP2Voj6AK8r+sgGvIgJ4LRwf2G7YREjnqrGNTpSiBH1RenvP4xRJsgAcwRm0Xr26jpI1Y6g0OUAytgkCL7Y9fZfENmjh0TL5ifSsbOxyOREv0eVR1et4oMBCDv6paGd9kuU7m4SvhU9pwb4INEeIt0ZezU2a7olbKrsyYWNV3SRI6Q3Wu0z/+z4G78ayVq7sikBP5nbX2OWdOQcY/NMj9BlEh+MwYuvVjfMTYhEkpl2IRSDf1Y57d5BgObOGORUQU9lY3hQ4gVGtEXnTOzFMSyzuwhqaKMLbdplKIonLa9lOEjFVDinOaqb9o8ewCnuOYmAeBzp13ipN4hrVJJGLS1NrYeqEHqFZkkkqdcSOa0tAYOGSTKEfkJlVFExz+JGK3RiD1RRl4f/t4gq1VRQX7LA6s8PwV538kapWz0E+/+Fjkkor8PssQzqbL/sorXnGLL/0ijcd7g3rpS4/kHNtTlqub9f1tUjFqB/nfutX91M5m+CLoDU5rmUSvrKr/euNWeWFui4NXJ/MGv2gMtUuGlWu27dclHTUF+czanF/xS460laux1eywkSvKDoi2VfqGEOJkL2b6Yd/5L5xGKxX+RhhLHdqe+MKVrC0cSLrxkEm+xNhKdqJDEs46VuvsZ4Bb8DGWWuPnO89PK4biHgkHcszF8yxmCPdmNXNa40oPrZNVl9raWxJDnJmEPs0WqD1eGsGtapdHK X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 9680dac4-7a4c-4fb2-81f3-08d94173392f X-MS-Exchange-CrossTenant-AuthSource: BYAPR12MB2711.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jul 2021 18:15:38.8024 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: NOiPTPWu8GXnPMDSgsUhZadwClfb/YtbtLk/FA8/KnRJ2RXRyrVL3N0s68AAwnb1gsqfN9+sAfq9I5Wc11D8+w== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR12MB3939 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org GHCB specification defines the reason code for reason set 0. The reason codes defined in the set 0 do not cover all possible causes for a guest to request termination. The reason set 1 to 255 is reserved for the vendor-specific codes. Reseve the reason set 1 for the Linux guest. Define an error codes for reason set 1. While at it, change the sev_es_terminate() to accept the reason set parameter. Signed-off-by: Brijesh Singh --- arch/x86/boot/compressed/sev.c | 6 +++--- arch/x86/include/asm/sev-common.h | 8 ++++++++ arch/x86/kernel/sev-shared.c | 11 ++++------- arch/x86/kernel/sev.c | 4 ++-- 4 files changed, 17 insertions(+), 12 deletions(-) diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c index 28bcf04c022e..7760959fe96d 100644 --- a/arch/x86/boot/compressed/sev.c +++ b/arch/x86/boot/compressed/sev.c @@ -122,7 +122,7 @@ static enum es_result vc_read_mem(struct es_em_ctxt *ctxt, static bool early_setup_sev_es(void) { if (!sev_es_negotiate_protocol()) - sev_es_terminate(GHCB_SEV_ES_PROT_UNSUPPORTED); + sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SEV_ES_PROT_UNSUPPORTED); if (set_page_decrypted((unsigned long)&boot_ghcb_page)) return false; @@ -175,7 +175,7 @@ void do_boot_stage2_vc(struct pt_regs *regs, unsigned long exit_code) enum es_result result; if (!boot_ghcb && !early_setup_sev_es()) - sev_es_terminate(GHCB_SEV_ES_GEN_REQ); + sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SEV_ES_GEN_REQ); vc_ghcb_invalidate(boot_ghcb); result = vc_init_em_ctxt(&ctxt, regs, exit_code); @@ -202,5 +202,5 @@ void do_boot_stage2_vc(struct pt_regs *regs, unsigned long exit_code) if (result == ES_OK) vc_finish_insn(&ctxt); else if (result != ES_RETRY) - sev_es_terminate(GHCB_SEV_ES_GEN_REQ); + sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SEV_ES_GEN_REQ); } diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index 23929a3010df..e75e29c05f59 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -63,9 +63,17 @@ (((((u64)reason_set) & GHCB_MSR_TERM_REASON_SET_MASK) << GHCB_MSR_TERM_REASON_SET_POS) | \ ((((u64)reason_val) & GHCB_MSR_TERM_REASON_MASK) << GHCB_MSR_TERM_REASON_POS)) +/* Error code from reason set 0 */ +#define SEV_TERM_SET_GEN 0 #define GHCB_SEV_ES_GEN_REQ 0 #define GHCB_SEV_ES_PROT_UNSUPPORTED 1 #define GHCB_RESP_CODE(v) ((v) & GHCB_MSR_INFO_MASK) +/* Linux specific reason codes (used with reason set 1) */ +#define SEV_TERM_SET_LINUX 1 +#define GHCB_TERM_REGISTER 0 /* GHCB GPA registration failure */ +#define GHCB_TERM_PSC 1 /* Page State Change failure */ +#define GHCB_TERM_PVALIDATE 2 /* Pvalidate failure */ + #endif diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c index 34821da5f05e..c54be2698df0 100644 --- a/arch/x86/kernel/sev-shared.c +++ b/arch/x86/kernel/sev-shared.c @@ -36,15 +36,12 @@ static bool __init sev_es_check_cpu_features(void) return true; } -static void __noreturn sev_es_terminate(unsigned int reason) +static void __noreturn sev_es_terminate(unsigned int set, unsigned int reason) { u64 val = GHCB_MSR_TERM_REQ; - /* - * Tell the hypervisor what went wrong - only reason-set 0 is - * currently supported. - */ - val |= GHCB_SEV_TERM_REASON(0, reason); + /* Tell the hypervisor what went wrong. */ + val |= GHCB_SEV_TERM_REASON(set, reason); /* Request Guest Termination from Hypvervisor */ sev_es_wr_ghcb_msr(val); @@ -242,7 +239,7 @@ void __init do_vc_no_ghcb(struct pt_regs *regs, unsigned long exit_code) fail: /* Terminate the guest */ - sev_es_terminate(GHCB_SEV_ES_GEN_REQ); + sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SEV_ES_GEN_REQ); } static enum es_result vc_insn_string_read(struct es_em_ctxt *ctxt, diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index 540b81ac54c9..0245fe986615 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -1432,7 +1432,7 @@ DEFINE_IDTENTRY_VC_KERNEL(exc_vmm_communication) show_regs(regs); /* Ask hypervisor to sev_es_terminate */ - sev_es_terminate(GHCB_SEV_ES_GEN_REQ); + sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SEV_ES_GEN_REQ); /* If that fails and we get here - just panic */ panic("Returned from Terminate-Request to Hypervisor\n"); @@ -1480,7 +1480,7 @@ bool __init handle_vc_boot_ghcb(struct pt_regs *regs) /* Do initial setup or terminate the guest */ if (unlikely(boot_ghcb == NULL && !sev_es_setup_ghcb())) - sev_es_terminate(GHCB_SEV_ES_GEN_REQ); + sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SEV_ES_GEN_REQ); vc_ghcb_invalidate(boot_ghcb); From patchwork Wed Jul 7 18:14:36 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 470891 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 299EEC11F66 for ; Wed, 7 Jul 2021 18:15:52 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 10A3D61C6D for ; Wed, 7 Jul 2021 18:15:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231533AbhGGSSa (ORCPT ); Wed, 7 Jul 2021 14:18:30 -0400 Received: from mail-bn8nam11on2061.outbound.protection.outlook.com ([40.107.236.61]:62945 "EHLO NAM11-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S231479AbhGGSS0 (ORCPT ); Wed, 7 Jul 2021 14:18:26 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VyXJqZZGjhpxt3ZsZvd7kHnXfnPjbkZUq/p05tbOOCWLtpbypjxZKuFB0LwTnMgt9qQFRHiyCTiQEe+0B1LsBirY3wqWZkTOSXM5Ic8G6ULI/Fsbb7IXtm98c5Wi/rnmKfuVv2vR0H14oMXbcyFgJTe6zw7bmSiEyyw8BiC+YKZpgxMvVywLQyyhEr6oWUHBP2wcRa8TNfzirR6iALV64jitdCUmXwkUFpmwEB8+/lpYid1S5Ia3wnkJdSStvYVrq2ZpHT/VDTTJ1G/pCu7PSIVgG0Gj4ZhgtGC9TnK9tMjdWPNaOF7dogtfTreXEXw9GcXt7ZdKb5va9RCOx2oUTg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=RtNhJC0W4p6xNKQnWOKJN8mlkiNi8O2qF5UIBoVBVOw=; b=YfZyVHshPuMYAFWPcuLL39lVIOdp2zOkk3GRF8NkZBlZT/qhbDZ5LhmHqVxysHFVNCdEgPezazXhPfhxce/i5i0fA4YI9fRyvgecR3Lh2sQFujagm49Ype2i1vIQQMD9k4dRLcq15kGnn84TX68WMhfkTt8JSK6GvVoVQLXum2tchbuexHqkN7toLyiPhAY5LwlvtK8cVnNTkRhLVmF5tXxCeIAXhoxRH3TAQZRxbn1avvsof2NRnul2dwA13Mm7HG8snhbcQHubW/THLBPo0nbpDgBn/BgqCByMY+o+NLA/bew6wkZh+rzpZTrsf0Zw/Nq/tlLcyUnYSmtLuLiFyg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=RtNhJC0W4p6xNKQnWOKJN8mlkiNi8O2qF5UIBoVBVOw=; b=lEUk/druT9eH4skeR68qo7sABFX7YAuTBqBS1HE94YBtTKXlxIjC8/M1Wv0D0tzTHFZh7kiS3zAhaKmlr18nOYTjp205KnUwTpOMaVopKezR+xM1ipFGYTtLXYihrNVdYrKavQPdLdS3fIB6yr/77P1yrI+tn/ZWPstrwrjvCj0= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) by BY5PR12MB3939.namprd12.prod.outlook.com (2603:10b6:a03:1a5::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.21; Wed, 7 Jul 2021 18:15:41 +0000 Received: from BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed]) by BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed%7]) with mapi id 15.20.4287.033; Wed, 7 Jul 2021 18:15:41 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , tony.luck@intel.com, npmccallum@redhat.com, brijesh.ksingh@gmail.com, Brijesh Singh Subject: [PATCH Part1 RFC v4 06/36] x86/sev: check SEV-SNP features support Date: Wed, 7 Jul 2021 13:14:36 -0500 Message-Id: <20210707181506.30489-7-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210707181506.30489-1-brijesh.singh@amd.com> References: <20210707181506.30489-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) To BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.19 via Frontend Transport; Wed, 7 Jul 2021 18:15:39 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 3075f44e-757b-4c3e-c487-08d941733ace X-MS-TrafficTypeDiagnostic: BY5PR12MB3939: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:9508; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: wSgaYhYKlprjJJQgh7EtryRyCLCSgHUm8S8QQe0b1h97bp22AWclV4xD9ph9y5q/CdS6xnTMkD1HAoDfGqsL1n9Ui1nEBqYiwrROEX42kMIR48b+FS2uq/0ubdC3XbLc5uMZGG6l2lnqwCrGif1JLnaqfYYdhISb10h0aJUHx41emKS9P0qYlOm+avCgIUh1nhKBkoxkwc2wNUXQcDbLHilmlhKxqAdgY6k5c97x4Zq8VzqDPyJ7gXXdh4/z0caTI8d8HYclqHuiWbzHyUfmonSSJABifQmZUUE6DrWGMKAsAdcf1JaSD4QrubZsAJeBP8gJNYtBbz+6zR/pxpYDFguo216u6KU/OtqEPuS7Uxl4h49S3ZTQRDKU+dnCIn+9kAaVvP3XYcufPd1S9FsMTZw0zq1cd67MmUltDg6Ab0YPppFZoN0utr4V2MM55YVFXtv/WXgV8tXjN2gpDQmndNv7ngyqcaob/Oa6gkJ5ZRnGNLrOaSK6hX6Dm1cS1wHj+r1JtPkPZZixssczcPD6cBI+HzO+0WcGx4yF/d0PQysK7jr4i/cZMKgU7Ag0EE2hCMS8dl8yaRG9BfS2neP6q4HvLUEo8Mu9zX2S8MYeKTEDnvTWv/6TLOsPyb1EpIs7HYGwP/DE7ozWfFzB+wtfl3uzR7zgkA39AINki7R9A6txPJShpbKzppBgMBr6LuysQuqo3SJIKlyWAXPlPwaVhg== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR12MB2711.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(396003)(39860400002)(366004)(376002)(136003)(44832011)(66556008)(38100700002)(38350700002)(66946007)(186003)(66476007)(2906002)(1076003)(26005)(52116002)(8936002)(2616005)(6486002)(7696005)(6666004)(5660300002)(8676002)(956004)(7406005)(7416002)(478600001)(83380400001)(316002)(54906003)(86362001)(36756003)(4326008); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: tp7BpiXfDPSUwmkmzMkIRLZdbcXlTl0f0G4p6ElpOHdbg/gHWVlwrdPCMGJQO/F7cnEO3rOSAG0xxe1ynIaC0PIHFi8zSofmzaYxg5RS7o0fO9p9hhqxqlaV92ydK7N2eV25oNEiMAkIn+2AH0/y2zsnohHK6S0F0OMvL3G94RYJrS29TXPCZZt1kFpsLrK7WPsKwDgxTwoB4+UmiIDfTngnuByV8fFu8l78JPddvQTWRW19YMDWbLYI6qSuWLL3nJZdIjeDOl7zmH6qGRv8BR7BvUi3Ng+lJ8ubt6nM09mIJnT+3A99QxFIK1XbnqsOT7EywKGlnUluIYHxFrtrqb5rf+pC1utPus6NXtMC1u39iVf2q5MxqCmqhEZ62jxdrXZKIApPQ7e2vnq4sb3E8fXAR/a0n1UvsPYXWPqFCPyFokEjOxDBVgZ5oZP41T8cvmD9skXwXE2wih1aRnh/YOshNcdPLCN+spY277N/pa2sxf3GN1lFzp12xQNRyazlUeYP1NC6/qA3qdcj2ykUGDIsiSoO0tSaV5AvBMfAzMNFYz4ZiHGASDn5pQC71JpBXIFv6MILa59OM0EausT2ilqlG0WrtZoJ2TnqBk2u+kk5AjU7D7GdzQPysKLZwybfLNWe1Pjqeraqskbm1Q96afhd/9zeg1xJYhBlKAMDM0E8TT2Qf6tsIH1p1u0w8/E2UhPxnYWTkCDr7YccJpQB1eRznbk22kb0qY20akEWkaTCefs9gAvTmXkYVyYUBll8lGmN/vgmBrHTRT7YqSIyPTno15UeRrlNd3E8jOzpRncoRbvFMe4zVkSF20jc96TCFYh6QHpbAjvq3+9gsFRSahpjQh29hyMDyLwPugc15m0r5ACb2TdmtP7I5Kc1dk9/AWimZ1Y/I3yX5ILGR5vNUbz4mgt9AzQeUndySjddK49tiZuW2/jSLzKVLkN5U/A6fHD1yU4BQmfoXRCK7tdIAwL3jWMn5LbORHtOgxNW6fctVYHW8YlsOJl7PRUam4diK9UUGYmQb5PyrXVaMbA33irLrp/B2ljgx8gO4JjXjxWU5GhghPHQoMu8a9OjHxsjvzpp6cakyi+4vhI+rAW+Q1Zti14xaxAklXky9yYYravwW9O/LcMxrfN6romZ+osfOxq+Bs3oKT/YP4dlFJslZ2vhmxKGiZss/I4cE5pBFk8eSLDsqZ6Qfg8lKM46zKYD7MDmUNP+F3yfmBZZyE2RksxSAkAb1T59jnuKs2+XjUOtk4QDVGJcWhKBy4RrxNu1tG/eV8Bq62FjuLXVShr3tLOXd2yEPEh4gLBmhGx7zQ/kdll7DcP1XxLpmabBgedy X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 3075f44e-757b-4c3e-c487-08d941733ace X-MS-Exchange-CrossTenant-AuthSource: BYAPR12MB2711.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jul 2021 18:15:41.5388 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: B8uyJ/Ne8+jJJhDRvsw68E9+fz7+Hmqd+5PGpw22jj/cj/BMNdvtZOYbjj7m3ur9qHvtYvljwUW//flwpjz1Ag== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR12MB3939 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Version 2 of the GHCB specification added the advertisement of features that are supported by the hypervisor. If hypervisor supports the SEV-SNP then it must set the SEV-SNP features bit to indicate that the base SEV-SNP is supported. Check the SEV-SNP feature while establishing the GHCB, if failed, terminate the guest. Signed-off-by: Brijesh Singh --- arch/x86/boot/compressed/sev.c | 26 ++++++++++++++++++++++++-- arch/x86/include/asm/sev-common.h | 3 +++ arch/x86/kernel/sev.c | 8 ++++++-- 3 files changed, 33 insertions(+), 4 deletions(-) diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c index 7760959fe96d..7be325d9b09f 100644 --- a/arch/x86/boot/compressed/sev.c +++ b/arch/x86/boot/compressed/sev.c @@ -25,6 +25,7 @@ struct ghcb boot_ghcb_page __aligned(PAGE_SIZE); struct ghcb *boot_ghcb; +static u64 msr_sev_status; /* * Copy a version of this function here - insn-eval.c can't be used in @@ -119,11 +120,32 @@ static enum es_result vc_read_mem(struct es_em_ctxt *ctxt, /* Include code for early handlers */ #include "../../kernel/sev-shared.c" -static bool early_setup_sev_es(void) +static inline bool sev_snp_enabled(void) +{ + unsigned long low, high; + + if (!msr_sev_status) { + asm volatile("rdmsr\n" + : "=a" (low), "=d" (high) + : "c" (MSR_AMD64_SEV)); + msr_sev_status = (high << 32) | low; + } + + return msr_sev_status & MSR_AMD64_SEV_SNP_ENABLED; +} + +static bool do_early_sev_setup(void) { if (!sev_es_negotiate_protocol()) sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SEV_ES_PROT_UNSUPPORTED); + /* + * If SEV-SNP is enabled, then check if the hypervisor supports the SEV-SNP + * features. + */ + if (sev_snp_enabled() && !(sev_hv_features & GHCB_HV_FT_SNP)) + sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SNP_UNSUPPORTED); + if (set_page_decrypted((unsigned long)&boot_ghcb_page)) return false; @@ -174,7 +196,7 @@ void do_boot_stage2_vc(struct pt_regs *regs, unsigned long exit_code) struct es_em_ctxt ctxt; enum es_result result; - if (!boot_ghcb && !early_setup_sev_es()) + if (!boot_ghcb && !do_early_sev_setup()) sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SEV_ES_GEN_REQ); vc_ghcb_invalidate(boot_ghcb); diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index e75e29c05f59..8abc5eb7ca3d 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -54,6 +54,8 @@ #define GHCB_MSR_HV_FT_RESP_VAL(v) \ (((unsigned long)((v) >> GHCB_MSR_HV_FT_POS) & GHCB_MSR_HV_FT_MASK)) +#define GHCB_HV_FT_SNP BIT_ULL(0) + #define GHCB_MSR_TERM_REQ 0x100 #define GHCB_MSR_TERM_REASON_SET_POS 12 #define GHCB_MSR_TERM_REASON_SET_MASK 0xf @@ -67,6 +69,7 @@ #define SEV_TERM_SET_GEN 0 #define GHCB_SEV_ES_GEN_REQ 0 #define GHCB_SEV_ES_PROT_UNSUPPORTED 1 +#define GHCB_SNP_UNSUPPORTED 2 #define GHCB_RESP_CODE(v) ((v) & GHCB_MSR_INFO_MASK) diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index 0245fe986615..504169f1966b 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -665,12 +665,16 @@ static enum es_result vc_handle_msr(struct ghcb *ghcb, struct es_em_ctxt *ctxt) * This function runs on the first #VC exception after the kernel * switched to virtual addresses. */ -static bool __init sev_es_setup_ghcb(void) +static bool __init setup_ghcb(void) { /* First make sure the hypervisor talks a supported protocol. */ if (!sev_es_negotiate_protocol()) return false; + /* If SNP is active, make sure that hypervisor supports the feature. */ + if (sev_feature_enabled(SEV_SNP) && !(sev_hv_features & GHCB_HV_FT_SNP)) + sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SNP_UNSUPPORTED); + /* * Clear the boot_ghcb. The first exception comes in before the bss * section is cleared. @@ -1479,7 +1483,7 @@ bool __init handle_vc_boot_ghcb(struct pt_regs *regs) enum es_result result; /* Do initial setup or terminate the guest */ - if (unlikely(boot_ghcb == NULL && !sev_es_setup_ghcb())) + if (unlikely(boot_ghcb == NULL && !setup_ghcb())) sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SEV_ES_GEN_REQ); vc_ghcb_invalidate(boot_ghcb); From patchwork Wed Jul 7 18:14:38 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 470890 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id C9653C11F67 for ; Wed, 7 Jul 2021 18:15:59 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id B2BE461CB0 for ; Wed, 7 Jul 2021 18:15:59 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231720AbhGGSSh (ORCPT ); Wed, 7 Jul 2021 14:18:37 -0400 Received: from mail-mw2nam10on2073.outbound.protection.outlook.com ([40.107.94.73]:17601 "EHLO NAM10-MW2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S231544AbhGGSSb (ORCPT ); Wed, 7 Jul 2021 14:18:31 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dIzVYkdVHJF+iXUwCyF9pVtDLvGwkdEOFIgVXkB2UDZcEaVt4WQCXQjWByJQmSncqLTd4r6jhb6u6TB1EE2eJpVWytp8xRH09s/C+wyAsPrJjrI1t3MSM1mDWLFIJlUl48qBO7bGsA58Eoa6dVL3CXoNrE41WbOYiZsly1rXy4Pw+BR/Az2KEOBKfY6ShXC9VJwmZWBy2J03dBwS09nNuFepPBBt3fYUHlch2MualrubW4w3+sSSMPjUos6Y5EIySaNIZfmG2vskL94wQ0m0g4CTc1p73Z5SzSOV23rVCV8M+lUhviIW9cflXoI7/rbYp2X2OEAKX7fMYkkeo0GNmw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jvoY8el3yU2so1Jui4tnPlK0mBoD4b0ju1oQd3/iTM8=; b=RXKOj5Q9SzEou/GMuwKekuvUS6kI27SgFTaLpeRvnKZb5lDJoKViRrP1W7SuKQ6CtquJX8otFLLPMGpCDVEcd6oElDnp2py7uXRrvFRro7U7AQrnazEJR4dRmAkY+Aj8TKarDHlqJVv60h4HHcnMGJC83p/rOFADjPutFmdQrwMiWLK1SF3NQiOU8aWYFfmUBLEpwCyrJOuyXXniNlikTIO1pr8ammDwe/WrjSv0CbN76PJwSPMftv7NPOwZM5UPZtFzmg4f937e3EW0y4S35JHp+91w+iE8cQGiDvBZwEqUg2xDf7YfuwIu0JgVXQbMJx7VLZixHitHvcJFOunVOg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jvoY8el3yU2so1Jui4tnPlK0mBoD4b0ju1oQd3/iTM8=; b=2f+xWiifcMSzSI7sgqtVi/Qj2J+Oy+ft/kpnZgKhlGcLVxixuiKwBhOu8hR9AJMFPb/VRd9V4v2+PJlovE4aI6d90qmNRHCyS60iqQ5Gstu+qBdUd/pWrBtx4S9vvktDKfRjb8o5SPXuvat2iX/a1Rl4ujlt2glscybTgej6aSk= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) by BY5PR12MB4644.namprd12.prod.outlook.com (2603:10b6:a03:1f9::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.19; Wed, 7 Jul 2021 18:15:47 +0000 Received: from BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed]) by BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed%7]) with mapi id 15.20.4287.033; Wed, 7 Jul 2021 18:15:47 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , tony.luck@intel.com, npmccallum@redhat.com, brijesh.ksingh@gmail.com, Brijesh Singh Subject: [PATCH Part1 RFC v4 08/36] x86/sev: check the vmpl level Date: Wed, 7 Jul 2021 13:14:38 -0500 Message-Id: <20210707181506.30489-9-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210707181506.30489-1-brijesh.singh@amd.com> References: <20210707181506.30489-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) To BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.19 via Frontend Transport; Wed, 7 Jul 2021 18:15:45 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: c0fd1a2c-736b-420e-d2d6-08d941733e64 X-MS-TrafficTypeDiagnostic: BY5PR12MB4644: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8882; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Jd3CPoHSuuMuXk5EQiVPFl3eQ1uJDnGzMJ57R1QczEy/KMmy5ZIvc2cjWi/Jh5RejFPt/ALa7fgnzGHTmlOnhhTwR73Vvqm+4mqMQQGTLtXZxrNQwkglg26vY0978xdyIU710XFfXS4RXPikjwDHNSbFnjfoaVvJUV0lFUT3TRPaWZ0YtspORy3X0cvtP2pG6u4PhL8RfdzJ06ZTkQNlH2b4kezKUd0mmbncdsMK10DVzQr5AjuLs2jg8NnpZO1T8xUumInFilSG69N4rTQl3glk2IqpDIJlkKyryP6i3ScNYW4fObuO6jmIM0pzKYUfbe43eYGF/STBq2m0ox9mLvvExSCYbOxLdz9gWvHZzl4mSf4V2TfX+2kauro601309n0GnxrJBiDiAx7ECAa8g5bvVZ3w/LEoL+xtBBWcianCzcnqRM53h0qHhzzdRvDsaI20HVSDJ0rPdYxkenH9YHcMF7PxWfM+gixsmmjv7X4R8av87cDAlerjiUUzLFtSfZM4yHFkJxNVxwBFTFkZsG27ZJwBXDIUDIGlOrM3yxH4fNegm5KAcSUk61CnjP0uLxoPVnYAbuZ+/BP+qdzWfkKNMPQOqURbYbknuIuURv7N9acYkzDF+PonG9ClfWd7HoYcFPymAwaZ59oXmvrjSBbBiwDSUpkwErGvRFSw/UHJUVNUExx9XUsXlz5ciDr2iIDU4d9/Nd42n3jd4LKj5Q== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR12MB2711.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(136003)(346002)(366004)(396003)(39860400002)(376002)(186003)(6666004)(2906002)(1076003)(4326008)(83380400001)(316002)(6486002)(7406005)(26005)(52116002)(7416002)(66556008)(8936002)(38350700002)(5660300002)(956004)(36756003)(38100700002)(478600001)(66476007)(44832011)(7696005)(2616005)(8676002)(66946007)(86362001)(54906003); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: MwNYl/Km4rkrETT3j8M9Qs7XErV4lLAQjL+ZdVx7fxUiYr+XXDTG70RrolRUJst/3CwnfWnxNMXeqgUeBPxNd20hYb91Uf9PiezO3ziKar0IAh1zJW022qLeQLW2mv4B3At2zomoGdtOLw87q+1GqxvNIcDu1UrnSlVqP/63CjTdiRrc3iM10J3/wIzmu1pInFeT/erN4hfhi10C1rAH9nBRhoE4zPRn4BbtkXnSowgMfYjT5ZG0XNvFgIj+HLwxvpMnR48idxDUyt4VT4ll3+XYG8qnriTrVc6DrGKIi6yu3/32+gZDMKcoPd54R2fWOeeFRaxuedoqeERCXV5FgGAWkgi7l7ra5MSpdcJeupy+uJz3G4bya+5pBsjcVmR/iMLR9G8Fc5J4wA6jkHbBryDVUtKFURF+fq4au2bdADthGEx9uHYZUv5nb+jXUGVNC6F+4dJEbFz1OF+yhK7Dgmsb0vbOSY5uZg4oqPIDNBWCz0r4O65gk6Z6ytudOsuDWGYFHPOLcoJqFXBkzzNMkXX5qbuGnN+AwIVQ3Ov69x+u2nerC/AEUxxSkD4t7aqFeWZwAtBFvsyMiwyHsSBZSsOa51pOry41aWdUj9WIoPGxa7dv7d09gbP72eJSiYP9dxccgWHx7AJcOnT46MkJ9VD+OziWIB4Inos8PzPWBvvA8mx/rAxq8H88AKZgBRKthyfYszVCvdqAonjkdbEX29vo7ayaHeK8+8Ltrk1+ZHBsOsHKHKrlSi7lzTKzOOo6TOiDsyzGlvZ+GVB0tIeHBrHYfihGcoubJtoSWEiy7+kGTYBrkR7VQWOJba4O34CuU7CKmGpJAMpvxaDZSrFlP+zVQrQF8hWYkynUesbULM9cNq8Ehzb0OwKixKnpuR+FuOrGHJxpZiRtRyr1UsIRdk+GCadX/e3g6IV2Dn5ytNqjHxfrBYv3sYJ+RZYiQ7c7OwGmxRMwN0EwlgeBAgzWtKjdCtc+NJsDvib9JpiczeABaE9+z/Qy5CMiHROMvDV41z70iSk4jG5jK/VFg4UEbALpPmYjYmhViP6UfBEJG/bEFkoTGuDSenpOCbrbMBtSYImoztwj/TzTSzvGCwCC+WP0Xm7iBUWXQ8keJb6dhRTidEO95DxM1YeZ6wXcukTDRkZYFiTcdSWWiyS1oeWcKrG83AFX8L+F26ZNjcPqEr5a/q219RljyX2dDPAlEHgrRixU98QryOdM/FhhuN6YmbslvY6sGMZjAXcoQVWfhVCQR21kKG5fWLhs30knT34vvDRyzlIl3pRn8mXB5vZWKStln0spb4XZOeX9U0bmvSqHUdu5bBKarx/yNZN+VPPG X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: c0fd1a2c-736b-420e-d2d6-08d941733e64 X-MS-Exchange-CrossTenant-AuthSource: BYAPR12MB2711.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jul 2021 18:15:47.5574 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: x2DVAxP2JAMlPBmvYESZGzn44/nBkVY0uz6PQVUJsCLNqn6OLzfH/3bhRDCoeBO+rfhN/bX2Yomr842Nr0kTPg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR12MB4644 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Virtual Machine Privilege Level (VMPL) is an optional feature in the SEV-SNP architecture, which allows a guest VM to divide its address space into four levels. The level can be used to provide the hardware isolated abstraction layers with a VM. The VMPL0 is the highest privilege, and VMPL3 is the least privilege. Certain operations must be done by the VMPL0 software, such as: * Validate or invalidate memory range (PVALIDATE instruction) * Allocate VMSA page (RMPADJUST instruction when VMSA=1) The initial SEV-SNP support assumes that the guest kernel is running on VMPL0. Let's add a check to make sure that kernel is running at VMPL0 before continuing the boot. There is no easy method to query the current VMPL level, so use the RMPADJUST instruction to determine whether its booted at the VMPL0. Signed-off-by: Brijesh Singh --- arch/x86/boot/compressed/sev.c | 41 ++++++++++++++++++++++++++++--- arch/x86/include/asm/sev-common.h | 1 + arch/x86/include/asm/sev.h | 3 +++ 3 files changed, 42 insertions(+), 3 deletions(-) diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c index 7be325d9b09f..2f3081e9c78c 100644 --- a/arch/x86/boot/compressed/sev.c +++ b/arch/x86/boot/compressed/sev.c @@ -134,6 +134,36 @@ static inline bool sev_snp_enabled(void) return msr_sev_status & MSR_AMD64_SEV_SNP_ENABLED; } +static bool is_vmpl0(void) +{ + u64 attrs, va; + int err; + + /* + * There is no straightforward way to query the current VMPL level. The + * simplest method is to use the RMPADJUST instruction to change a page + * permission to a VMPL level-1, and if the guest kernel is launched at + * at a level <= 1, then RMPADJUST instruction will return an error. + */ + attrs = 1; + + /* + * Any page aligned virtual address is sufficent to test the VMPL level. + * The boot_ghcb_page is page aligned memory, so lets use for the test. + */ + va = (u64)&boot_ghcb_page; + + /* Instruction mnemonic supported in binutils versions v2.36 and later */ + asm volatile (".byte 0xf3,0x0f,0x01,0xfe\n\t" + : "=a" (err) + : "a" (va), "c" (RMP_PG_SIZE_4K), "d" (attrs) + : "memory", "cc"); + if (err) + return false; + + return true; +} + static bool do_early_sev_setup(void) { if (!sev_es_negotiate_protocol()) @@ -141,10 +171,15 @@ static bool do_early_sev_setup(void) /* * If SEV-SNP is enabled, then check if the hypervisor supports the SEV-SNP - * features. + * features and is launched at VMPL-0 level. */ - if (sev_snp_enabled() && !(sev_hv_features & GHCB_HV_FT_SNP)) - sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SNP_UNSUPPORTED); + if (sev_snp_enabled()) { + if (!sev_hv_features & GHCB_HV_FT_SNP) + sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SNP_UNSUPPORTED); + + if (!is_vmpl0()) + sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_NOT_VMPL0); + } if (set_page_decrypted((unsigned long)&boot_ghcb_page)) return false; diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index 8abc5eb7ca3d..ea508835ab33 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -78,5 +78,6 @@ #define GHCB_TERM_REGISTER 0 /* GHCB GPA registration failure */ #define GHCB_TERM_PSC 1 /* Page State Change failure */ #define GHCB_TERM_PVALIDATE 2 /* Pvalidate failure */ +#define GHCB_TERM_NOT_VMPL0 3 /* SNP guest is not running at VMPL-0 */ #endif diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index b308815a2c01..242af1154e49 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -62,6 +62,9 @@ extern bool handle_vc_boot_ghcb(struct pt_regs *regs); /* Software defined (when rFlags.CF = 1) */ #define PVALIDATE_FAIL_NOUPDATE 255 +/* RMP page size */ +#define RMP_PG_SIZE_4K 0 + #ifdef CONFIG_AMD_MEM_ENCRYPT extern struct static_key_false sev_es_enable_key; extern void __sev_es_ist_enter(struct pt_regs *regs); From patchwork Wed Jul 7 18:14:39 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 470889 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2D9D2C07E95 for ; Wed, 7 Jul 2021 18:16:16 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 12A7D61C6D for ; Wed, 7 Jul 2021 18:16:16 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231928AbhGGSSw (ORCPT ); Wed, 7 Jul 2021 14:18:52 -0400 Received: from mail-mw2nam10on2073.outbound.protection.outlook.com ([40.107.94.73]:17601 "EHLO NAM10-MW2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S231500AbhGGSSg (ORCPT ); Wed, 7 Jul 2021 14:18:36 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ZMjbwlr82qJePoaQz0PJIlB3mUgNhDqcZf+AHGzOT2PU+13RQ3AFdIij4yCZvAESXEAQ9zdZfVpYj/uk3Ual3K+6ygSESekj0TwWudIp07lU3t6l7y3t4V8n3OWovD1IlVfmsM+1UeYPOTLt8J5Kalkg7+sOTc4xHJHEFLWEl/slV1mK/Lj289o8gXy+W7QXu9XjroFolwCPwi3YPPLLVTSSZ1aGaic5WI8jCRlKVGEL7IzedIAjl3cWrWLxDSgl4KCARInH0lJzNS/Fl6p39ycRZhaCc505eH8sa8ZmjloAZ9QmHmhuEalLMEbv2Ak/XIj5cHqKX5IacfNLToIj4g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6pjBkcL7QnB0SswiCg0GAFBxc5e0iY64A++7veHCNrA=; b=YAeMtvGKl6rgjeJ7zEfGsztQ8aJZcgwuavOoCKnNFGrLXJDRelMQUV4jS/1J/txDEWr2NxH1vATe1vE/FECuGjNTU9E7h+CBiiF7HytPO4OpCaFci4mYfwigD5H2JQAiZvz8d3DN6pjo33hwXQuTp5tZRmEwXLIWa0vHVUDNgwL6qaLVCdapuZ7aEyc5wQtrBV5dUz4OgrJGhRM1DpNY0Zrl1G+ucqoL1ESUjCxDF1EigqqSzHSwzt4AV9F/U/DNWUvsbbxXfJsNYcGuaeaFTb7jwBmXkNoZqckyPheWVN1jhoBqFPisIyaaIHfD0380V13yzzOa4PoI1l/23LlhgA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6pjBkcL7QnB0SswiCg0GAFBxc5e0iY64A++7veHCNrA=; b=ZuDm7afMGzBpBJV+Hb1JmYNXgLr5xefXZe+7IHQXxakSmuu7vvObVX8VJ2Ny5yX+ySlUHvUHNMXD4mrvAiy3Ap8YWTqijvqJG10YZnI97mnXS8ayRFPiklxgql21tcdwEG6EC49y0/7pOTAiIIuMe+RuP1IknVB7W6E+Rr62ObQ= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) by BY5PR12MB4644.namprd12.prod.outlook.com (2603:10b6:a03:1f9::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.19; Wed, 7 Jul 2021 18:15:50 +0000 Received: from BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed]) by BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed%7]) with mapi id 15.20.4287.033; Wed, 7 Jul 2021 18:15:50 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , tony.luck@intel.com, npmccallum@redhat.com, brijesh.ksingh@gmail.com, Brijesh Singh Subject: [PATCH Part1 RFC v4 09/36] x86/compressed: Add helper for validating pages in the decompression stage Date: Wed, 7 Jul 2021 13:14:39 -0500 Message-Id: <20210707181506.30489-10-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210707181506.30489-1-brijesh.singh@amd.com> References: <20210707181506.30489-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) To BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.19 via Frontend Transport; Wed, 7 Jul 2021 18:15:47 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: a10179a3-6a95-426d-d60b-08d941733feb X-MS-TrafficTypeDiagnostic: BY5PR12MB4644: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8882; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: kQcHnR6EBIPDcOFtCYbFZ8BwnWDiSpwRXSU46DTjCOYjrcqTCpFU9cCte8VWkEH+Mv9LO4/2EOMaRJjlrNRniW1ab3qvwKBzDx1qZmtqrAGWp60T9ie/jB7yL8IoIwpqzGegXTrQ8rx/gfd0HPKqKZbk/xrVHAWPsjfn0LTEUCMYO2phq4XwOjA5Hi1V/onuvxYc/4PR5ZDuIgVEQLE8xmx98YAaAt8QdifzKNDaWENRBcpgKvswFcgzK/am/VCjSk4V+DInBpE01l3kECRDm0KzIwypvvjCj3oku+pATG/W1mo6EA89JTy3meQMfhKZiAjXItBVUxANp+ZuOS2CnGl8y+AW6a4IWZ0avCRkqzYyNPubQZ42vc4OAU0WVx/VXVgjeZ3/OrsGsqxbSgZxdRPfbWo4/cZEVMg5lrEUKr7coGy/efJ0u/MqBu8T381iPTKyhVqHB5fjOG9Ji1/lNt10SVTnc/3GpDB+tGSWZQoI/G4fRX23nnRmdRgV8rFIf9oDxcXvQzIBD8givaVWy6t0Vk6luDk1wUkMntWmrNmt/ADSYOFcPzF7cPhYZ88GW1CVr3wsWKvFf9wrzTf/ITGYufXH9OWA79v59or+mBEWwSCHBeCgXAUPG1QZ/pAwXbGvesBSt5r5H2GBG1xBVC3WQMFKDXBn8vRDNYXe1LpSFgfeKmhl4d3KKmODmdXruRqC6ASjwVY2E7heBJgTUw== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR12MB2711.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(136003)(346002)(366004)(396003)(39860400002)(376002)(186003)(6666004)(2906002)(1076003)(4326008)(83380400001)(316002)(6486002)(7406005)(26005)(52116002)(7416002)(66556008)(8936002)(38350700002)(5660300002)(956004)(36756003)(38100700002)(478600001)(66476007)(44832011)(7696005)(2616005)(8676002)(66946007)(86362001)(54906003); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: paPwh1kb7CD/65wPIUzFAIBBHM2KT+dzCYq/Z0SMe4kd/VyGkNCdItRJa0y84Ep4GwbgUj9pPGURdq7wBDAr0IHp9OJyXzkB9PYo7HkEBLB/6aRXc4+C0pAN1GMmhYLeI7qd/leHCJmSm6X/FAf6cGkPT8aPysrdfWW+82+313swuFMCK4+n+IU/lWBJA9CEik4oeLgc5ZBdr3jMR/ZBnJPkYJH2tYdh6Oh+TodWq/dGATSXqT+PNpUrth3GkUCGn6LTLbcXZAeEGkiyBiABXJIFK6e0sTHY7SkbiOM71ZixjTLzVIpCU4x3wD850ObZUpB8jhrBdso6aFpa+BlPY3C2QftrSUHzEpbx7IIB9KUIVKPjQBBErnZWySEIWDhR+G+M6HrsB9oeQklSj7js+KQernvIE9HN7c/aef8+oS5TUZnUQ9ZOt5x0wFjlYYlJEIt5jxsH2fwBSgWMamSm7/s51R8BbZzyekH5qvH5tJ3nXzq2hoHiVDI4tL+o3JQ3+HjgEAsYI3moeqlxYPHZBZVK3rjkmd/z+z6MRfGsDi4DF0tEPz2I2Rym/Ev12bJLgm3wiiDhK5xWCBP1MJG1iQ2pY6F3qZDnKy0RaLCP3Ex19+5CQW/L3LpkxTBZu+iGFSc6GI7DQjXGhRj0E8gOhdW+lgz6ihZRL8Mhis0/Bj2qX2+Q3/dfz5XlVaETJrzIuKH+HWREGo5WlJWNjOca6IVgbOYvDyO+4Qj7/a2hLuO7nS7U7XaN6+IPEf8Fr2ZNqb+SMfDtDyd+J2ykStYSa5AClGObNWafFI+RvPoYWinvWC1S/iZ0rbS0CZaPeNkHzE0fOAi6tZCLC1fYiyNxylAGBfcYRfWeOMorm38qexAtQGnx/tJ6ZWVUyOhDdg040byiaClDoG3Fptp6yXiqmlUg9ZLHeX18oDAF8o34wjIMY4zU3LITvwXbnn94x+qAFDK6BYFCUySUjzPFJB5HgebwpliT4KG6TeKvqHWgL1UKmN4eQpLl8DZDmVb+W4qISj1spwtMSLqQVoh/2Fyva4CmvUAxmAdavQGXLkC33sxohcfk48GCZeQI6gtn1nAjOYhsdKqec2p0wcVgRDPQNnayJRIEb6xA4lBjsOHLbHqodbBLW6IItFEQrLG80zQFtD3LRUlNP8dXKZAWMG1L5IHYOcK35x2Zt0KmJJFhY1h/jVTLmpoU2ORh1P69uCxoyBwzXSgNs3m6QxT2Rqi5vtcd7DrZJxWW50LL/r/ethEeU+0rw57/ii6P+GX+sx/L7CnXGrN7xJgw8DqGkr/Np313P2NSicBN8qSmpqHYA7q4f7N+LH+wEohFcHLTTS9E X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: a10179a3-6a95-426d-d60b-08d941733feb X-MS-Exchange-CrossTenant-AuthSource: BYAPR12MB2711.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jul 2021 18:15:50.1399 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: ZigCn9XvFWKpneyR24v8S10TekK9Dt/ztlhtivwLpVL38QF2cZDh7NPlLKjr5SvijBLRh0hcf3xKErhQMhXeIg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR12MB4644 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Many of the integrity guarantees of SEV-SNP are enforced through the Reverse Map Table (RMP). Each RMP entry contains the GPA at which a particular page of DRAM should be mapped. The VMs can request the hypervisor to add pages in the RMP table via the Page State Change VMGEXIT defined in the GHCB specification. Inside each RMP entry is a Validated flag; this flag is automatically cleared to 0 by the CPU hardware when a new RMP entry is created for a guest. Each VM page can be either validated or invalidated, as indicated by the Validated flag in the RMP entry. Memory access to a private page that is not validated generates a #VC. A VM must use PVALIDATE instruction to validate the private page before using it. To maintain the security guarantee of SEV-SNP guests, when transitioning pages from private to shared, the guest must invalidate the pages before asking the hypervisor to change the page state to shared in the RMP table. After the pages are mapped private in the page table, the guest must issue a page state change VMGEXIT to make the pages private in the RMP table and validate it. On boot, BIOS should have validated the entire system memory. During the kernel decompression stage, the VC handler uses the set_memory_decrypted() to make the GHCB page shared (i.e clear encryption attribute). And while exiting from the decompression, it calls the set_page_encrypted() to make the page private. Add sev_snp_set_page_{private,shared}() helper that is used by the set_memory_{decrypt,encrypt}() to change the page state in the RMP table. Signed-off-by: Brijesh Singh --- arch/x86/boot/compressed/ident_map_64.c | 17 +++++++++- arch/x86/boot/compressed/misc.h | 6 ++++ arch/x86/boot/compressed/sev.c | 41 +++++++++++++++++++++++++ arch/x86/include/asm/sev-common.h | 17 ++++++++++ 4 files changed, 80 insertions(+), 1 deletion(-) diff --git a/arch/x86/boot/compressed/ident_map_64.c b/arch/x86/boot/compressed/ident_map_64.c index f7213d0943b8..59befc610993 100644 --- a/arch/x86/boot/compressed/ident_map_64.c +++ b/arch/x86/boot/compressed/ident_map_64.c @@ -274,16 +274,31 @@ static int set_clr_page_flags(struct x86_mapping_info *info, /* * Changing encryption attributes of a page requires to flush it from * the caches. + * + * If the encryption attribute is being cleared, then change the page + * state to shared in the RMP table. */ - if ((set | clr) & _PAGE_ENC) + if ((set | clr) & _PAGE_ENC) { clflush_page(address); + if (clr) + snp_set_page_shared(pte_pfn(*ptep) << PAGE_SHIFT); + } + /* Update PTE */ pte = *ptep; pte = pte_set_flags(pte, set); pte = pte_clear_flags(pte, clr); set_pte(ptep, pte); + /* + * If the encryption attribute is being set, then change the page state to + * private in the RMP entry. The page state must be done after the PTE + * is updated. + */ + if (set & _PAGE_ENC) + snp_set_page_private(pte_pfn(*ptep) << PAGE_SHIFT); + /* Flush TLB after changing encryption attribute */ write_cr3(top_level_pgt); diff --git a/arch/x86/boot/compressed/misc.h b/arch/x86/boot/compressed/misc.h index 31139256859f..822e0c254b9a 100644 --- a/arch/x86/boot/compressed/misc.h +++ b/arch/x86/boot/compressed/misc.h @@ -121,12 +121,18 @@ void set_sev_encryption_mask(void); #ifdef CONFIG_AMD_MEM_ENCRYPT void sev_es_shutdown_ghcb(void); extern bool sev_es_check_ghcb_fault(unsigned long address); +void snp_set_page_private(unsigned long paddr); +void snp_set_page_shared(unsigned long paddr); + #else static inline void sev_es_shutdown_ghcb(void) { } static inline bool sev_es_check_ghcb_fault(unsigned long address) { return false; } +static inline void snp_set_page_private(unsigned long paddr) { } +static inline void snp_set_page_shared(unsigned long paddr) { } + #endif /* acpi.c */ diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c index 2f3081e9c78c..f386d45a57b6 100644 --- a/arch/x86/boot/compressed/sev.c +++ b/arch/x86/boot/compressed/sev.c @@ -164,6 +164,47 @@ static bool is_vmpl0(void) return true; } +static void __page_state_change(unsigned long paddr, int op) +{ + u64 val; + + if (!sev_snp_enabled()) + return; + + /* + * If private -> shared then invalidate the page before requesting the + * state change in the RMP table. + */ + if ((op == SNP_PAGE_STATE_SHARED) && pvalidate(paddr, RMP_PG_SIZE_4K, 0)) + sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_PVALIDATE); + + /* Issue VMGEXIT to change the page state in RMP table. */ + sev_es_wr_ghcb_msr(GHCB_MSR_PSC_REQ_GFN(paddr >> PAGE_SHIFT, op)); + VMGEXIT(); + + /* Read the response of the VMGEXIT. */ + val = sev_es_rd_ghcb_msr(); + if ((GHCB_RESP_CODE(val) != GHCB_MSR_PSC_RESP) || GHCB_MSR_PSC_RESP_VAL(val)) + sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_PSC); + + /* + * Now that page is added in the RMP table, validate it so that it is + * consistent with the RMP entry. + */ + if ((op == SNP_PAGE_STATE_PRIVATE) && pvalidate(paddr, RMP_PG_SIZE_4K, 1)) + sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_PVALIDATE); +} + +void snp_set_page_private(unsigned long paddr) +{ + __page_state_change(paddr, SNP_PAGE_STATE_PRIVATE); +} + +void snp_set_page_shared(unsigned long paddr) +{ + __page_state_change(paddr, SNP_PAGE_STATE_SHARED); +} + static bool do_early_sev_setup(void) { if (!sev_es_negotiate_protocol()) diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index ea508835ab33..aee07d1bb138 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -45,6 +45,23 @@ (((unsigned long)reg & GHCB_MSR_CPUID_REG_MASK) << GHCB_MSR_CPUID_REG_POS) | \ (((unsigned long)fn) << GHCB_MSR_CPUID_FUNC_POS)) +/* SNP Page State Change */ +#define GHCB_MSR_PSC_REQ 0x014 +#define SNP_PAGE_STATE_PRIVATE 1 +#define SNP_PAGE_STATE_SHARED 2 +#define GHCB_MSR_PSC_GFN_POS 12 +#define GHCB_MSR_PSC_GFN_MASK GENMASK_ULL(39, 0) +#define GHCB_MSR_PSC_OP_POS 52 +#define GHCB_MSR_PSC_OP_MASK 0xf +#define GHCB_MSR_PSC_REQ_GFN(gfn, op) \ + (((unsigned long)((op) & GHCB_MSR_PSC_OP_MASK) << GHCB_MSR_PSC_OP_POS) | \ + ((unsigned long)((gfn) & GHCB_MSR_PSC_GFN_MASK) << GHCB_MSR_PSC_GFN_POS) | \ + GHCB_MSR_PSC_REQ) + +#define GHCB_MSR_PSC_RESP 0x015 +#define GHCB_MSR_PSC_ERROR_POS 32 +#define GHCB_MSR_PSC_RESP_VAL(val) ((val) >> GHCB_MSR_PSC_ERROR_POS) + /* GHCB Hypervisor Feature Request */ #define GHCB_MSR_HV_FT_REQ 0x080 #define GHCB_MSR_HV_FT_RESP 0x081 From patchwork Wed Jul 7 18:14:43 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 470888 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id D20CEC07E9B for ; Wed, 7 Jul 2021 18:16:30 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id BC3A961CCB for ; Wed, 7 Jul 2021 18:16:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231521AbhGGSTJ (ORCPT ); Wed, 7 Jul 2021 14:19:09 -0400 Received: from mail-bn8nam12on2067.outbound.protection.outlook.com ([40.107.237.67]:45063 "EHLO NAM12-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S231643AbhGGSSy (ORCPT ); Wed, 7 Jul 2021 14:18:54 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Jiy0TjZ+TYvtmuj44nTHytWco0FcbE0XRvj445aKurJcHnP92YU4x5CCbXNxqbZg/S4PK3NWuMkYelK6tvvbIIqjtQw4yOZlxvV4M4g/+YJ07OzCbun5Q1Cn8NDRdP1PHgDkqIQTFgvAF4rLr5sCaQ+k/dHAti4rGQ+3/KalpIvtpJXuDmGQWw3oWwR/PimligL2wfwEC7A5d60xXVA4m2TTjnwFX4rmvfjcu+yLakitDvmpTh2Lc9np3Fy51KN7HpyWYOmK5Kr6TicFgC0n/ngJOBGN7cQDhgtT3F6WwmyZE0Jr10E5x4IOHP65FF2I9QUdX+qAFsZQ+C8E3DttBw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=9/JhxqSka73eZEhSsicofqkCL2gbRrNJ9DD4pCzki9Q=; b=k5FnIuX7rjWtZ7GCr1G5zM8CexVuJ0IIsryUEdlr2B86OTut71Lg0z/6s+1WhJX9qOofxRsGmVnu1zA4eKMoigqCQ1Q+lc3prazCH+1IOzFyN3pplQTrSxhcTv/e5Lye0hx61IJyqdUCiNB1P+1aYmTwP0CIv8Nij0vr+h1CLP8RuZP1ulJfoNQWmoKbRFfqJrY0HCgVjEjRtxehEutpGyP/9nP4Cwy/iZOirw83XWihbO/02WsRqmhlQ+EjyBYVMeFA4XnfvMTu5StjaiB4XetTI9Zd6m+u0ClpaVcGEvUUBIGYw7pX4qsxJ6Iw8rKQK7VJ3asbxeRmz0isCQ9V0w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=9/JhxqSka73eZEhSsicofqkCL2gbRrNJ9DD4pCzki9Q=; b=zNMq+2H/zFKKdft81z6cPzhQULA1co9DrKjSIeILuwxHi6/bkytxSxuONGULf1hChSiKhFeydR1i5h4Bd8VVkSkrYrhePPdVVTxHuGtrOJZqwNSGeWM2zn7Pk9zGMY9v6r/IvVKLH2amVXJxPSIUt9s8t4kDT8/+eMnh1JdAtkU= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) by BY5PR12MB5016.namprd12.prod.outlook.com (2603:10b6:a03:1c5::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.20; Wed, 7 Jul 2021 18:16:00 +0000 Received: from BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed]) by BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed%7]) with mapi id 15.20.4287.033; Wed, 7 Jul 2021 18:16:00 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , tony.luck@intel.com, npmccallum@redhat.com, brijesh.ksingh@gmail.com, Brijesh Singh Subject: [PATCH Part1 RFC v4 13/36] x86/kernel: Make the bss.decrypted section shared in RMP table Date: Wed, 7 Jul 2021 13:14:43 -0500 Message-Id: <20210707181506.30489-14-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210707181506.30489-1-brijesh.singh@amd.com> References: <20210707181506.30489-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) To BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.19 via Frontend Transport; Wed, 7 Jul 2021 18:15:57 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: bbb67c54-880d-42e9-1bd3-08d941734600 X-MS-TrafficTypeDiagnostic: BY5PR12MB5016: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:2958; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: tJpKdITOIhzmD1u++4SQBeGV4QtdNH0EKlii/LpTNn6nX1UHTxnvcW8qhhIxRdcRIwzNfEGpTnp/er259LqJr2PimN5iWq0BSPwlCkit2uLrTSfn7po63prsJ/xlhKBi/TMgYyKkfXcZIUk250GFyUJFULNu6d9eBYqjz2tZbnuIuYbYP8/0ctRm2DofsTZWZWuIJPGf2h5fwOTbh5t2Jv3plIQtumCftrud0gubGLk1dercVolw50OOvwfTiM3YDRhS2bEaaLOj4RDifhtSG1XLg1D6Ncp714YeMM59WtRl1Hrss68vb9/rXUNAbb+uP0oDs9NAzrfEno499GuUoOp+qhyv9LerLA0dlOzIY8p0lbfKw+qunO20mRtlvkdh7oH4HZN3LN27FMMYQ1xpwcfyw6O+do9/z7c3YESX/PEMSyvzHxiL2M2uBNNXxMjMtSPAqRQbffRxZ76PhURuJjCC+gQUEav+U/d8yGfjDch6Ni9yX/KDj+iuw5P0YAKAoGN58S80dd7LJiuIsFxvRM3kD3ndsGB7sDjRIog7P0Ja0k8eYF6Sy3IlWm2hGORvmg4EJxa6SRIjgytkV7f917QBh4PhtXM8saHJ0n+U+Zs7e0NIHyyljLKjTlh95woFqK3gVPoOGlvPqGdvLOWHQZWeGmsz5HiBfsVjVerBGPP23UXuhuUYNi2TrHPLXZjb9HM/stxt7lErm8wXpII+gg== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR12MB2711.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(396003)(376002)(366004)(39860400002)(136003)(66556008)(66476007)(186003)(7416002)(52116002)(86362001)(26005)(956004)(8936002)(478600001)(7406005)(7696005)(8676002)(83380400001)(5660300002)(2616005)(38350700002)(38100700002)(44832011)(2906002)(1076003)(54906003)(6666004)(66946007)(316002)(4326008)(36756003)(6486002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: ajMtQE9AbVQQ+clFVgmOfvc0Z1YHdo3hGpmQ27G6x0nsV8cqjt5jQ1nqv3JiRS4iiqSJb1V6k1wbFTMuwVaGi99+inT9PjO2Kvsajmn9RK7JqOQR2gVN5rl0HtNRPFjLRbySLPZCLH6imKwZmKQRXmcmdZSqt1cmakrYTWsPJEagQN9Otnl4Xjduc/ElqmdHYm7BJoLEfkQLWuWEOofLirmZ7b+xN1fS7x9oHa6YsgzXOB7oMjXV+eLfQkVb1YB0BNuoPu2sBy8k6LFdsKu4b2y/+B7x7OhT0K2i0XI/o2rzpYveUSFVnQX1rhKTF4PueAqVFKEceqak5F2MTCSwMWqkS275J/KObg5QeX7tMGm1Pcu1PUq1jl4wruNUvRVKklcuBwfsTsd1bJtJ1PkCO4aJvsqnI1OHXR7LMSfh5C6ory1ht6OTwLg7BTQm9QhD4HXYznKkU9ZpRSlXoUGwRBFA13A6pXJH2RcX5ATpkJIWaYizUyPyhJI4pX8LfD9ahoysgJeh+vm5y98rChAsw50sE7vT3/NajJ1FXDh+RAth9P/8kr4Sl3M74XCiw/tjFhbNWvUhf0kz2dyAHWaLKbSlKvapuVlL7ndGFKbmeyTNeihPhVyIDToZdnBK+5hovJ1+6EGFeDcR5ZR9h23CJ3Irn6wI8FGaf8kzAtQb5bI0gnCTEjo8C690jHxOVpPVzQeIlQdysDrltLml4tfNf5iWXU3sm+AT8GhugUlMJ4MrKuUs1sqnhkM+wbCIfQOWVIJ65LmF9wgEaCDMsDjvDrpH+XUGfzgpq7g16FeK/y0JfGI0n9Z4AYNF8PfBZSfpjiGXBP8zvgXdUHOF671GerFOwxpwkFpV3vp7pV8YxXLQUc54SWFA+8lAU2Ie43fuxksQV6Aqzwzk/ks0mPwoyhQV3EbNJFLoRL/hpCipTGWwNRdICjgiH13QtFWrbU/e0gDonnInemk5jkKnUV6DFYYpI3HgorIi4h4W9B/Fz43BlPuNjCItOKF7Qca4nek4eHUyZ1BCffQZEIl+IfjEnSYdXzQyHpqO1afItz3h+Cm2IbIdd11FijIfwqm3A7hhDaBdrU6z3m+J4HY8wRCGcIW6WJaaGys5IMm1eFHFZPqxlVK67/xKjP3kkh3Ol9azeF9Pijo0osPBGie8/AHB8ZovX9Fwh7otWT/b83359Dt43YLCyh4LOtXJ9obKjFwuYiWafIBB54ucrYc3he/rzmB9H12yz2jX2xnJaP+CWsZ60K8nqkQkwSwUh22gGEsKWyroPBrVHR+6ZG4KnStJ46isB6kQltCxnBcJQZC0UU9A44fO5Gl1WDGJmrj8qOeA X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: bbb67c54-880d-42e9-1bd3-08d941734600 X-MS-Exchange-CrossTenant-AuthSource: BYAPR12MB2711.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jul 2021 18:16:00.3311 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: Tcf4KLvWm2y2EvYROL4e4u7IE2AQiKcVqrqmmyMaj2GEVwHVO3Y61vJYOxiTXbPDlSr3CaMlQOsWGcJPaec1Ew== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR12MB5016 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The encryption attribute for the bss.decrypted region is cleared in the initial page table build. This is because the section contains the data that need to be shared between the guest and the hypervisor. When SEV-SNP is active, just clearing the encryption attribute in the page table is not enough. The page state need to be updated in the RMP table. Signed-off-by: Brijesh Singh Signed-off-by: Borislav Petkov --- arch/x86/kernel/head64.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/arch/x86/kernel/head64.c b/arch/x86/kernel/head64.c index de01903c3735..f4c3e632345a 100644 --- a/arch/x86/kernel/head64.c +++ b/arch/x86/kernel/head64.c @@ -288,7 +288,14 @@ unsigned long __head __startup_64(unsigned long physaddr, if (mem_encrypt_active()) { vaddr = (unsigned long)__start_bss_decrypted; vaddr_end = (unsigned long)__end_bss_decrypted; + for (; vaddr < vaddr_end; vaddr += PMD_SIZE) { + /* + * When SEV-SNP is active then transition the page to shared in the RMP + * table so that it is consistent with the page table attribute change. + */ + early_snp_set_memory_shared(__pa(vaddr), __pa(vaddr), PTRS_PER_PMD); + i = pmd_index(vaddr); pmd[i] -= sme_get_me_mask(); } From patchwork Wed Jul 7 18:14:45 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 470885 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 90A7EC11F6D for ; Wed, 7 Jul 2021 18:16:53 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 740D461C83 for ; Wed, 7 Jul 2021 18:16:53 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231790AbhGGST2 (ORCPT ); Wed, 7 Jul 2021 14:19:28 -0400 Received: from mail-mw2nam10on2073.outbound.protection.outlook.com ([40.107.94.73]:17601 "EHLO NAM10-MW2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S231441AbhGGSTU (ORCPT ); Wed, 7 Jul 2021 14:19:20 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dA0yElsDkhD6LI1EkXFuw+ZGYefpnayJv0WFEGvQsIsnxZVgTga7xFh/xLoJN3B+BDGhtUiEPAqxiZk3aNs4R+y37z/mez9VMsKk/a4GvKrtnhLXXRHm34DBhE5U7QikUL9LNsLuYAqU9Tnnam5i7wz95m25i7dRXOsqIC6JN0DIWNQVgJIwA+77BtHRhhHshzyrDthX2WM3jbUfd4O+Vj1zeoFR+FKA5CAs5dv8jzwilrjTUHT2hBvwmSWPEjghz+7+UAl4PPuzfEZ78i7qHahw7eMVanN/vy3XyylwYuJFqhkqymy82zYFMIfngw9r9vfv1M2amtZ10gcJ0I02yQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2nFihNeDzQrP2uPQ4cYtOE6S4l7eQRdRxyQTHNBaIxI=; b=F6vHwqN+wE6u1vFyygHjn8BPsb/6Oc9ywESmP7LwUj1N82TpxisqBmks5L5iMbsshCuRd+NMex9jbZOI2IzPPCfdHD7i5bXEc/VfMNvVreYK2xwmDLuXkU7MWF8B4/itY9Ilgy4lvOBPhuTcvTItuPIoAfNl3kZyMOhu1rEVNlYANLFuSjmCfm8Dk/PXjeFdu4OAdwpitJXa3oj+a2TYcfxk4nw5Ff1NK6xX4VF3M0kbtKk/74dEWRO75XDnUoct+bq1dApIho9e75QWsqJcfLZLlSUUWk5SQnFnlclVXvkKkP3vjb5rzoMt5a0Hxru6bRoa3sR1B/FRxaSicl0adA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2nFihNeDzQrP2uPQ4cYtOE6S4l7eQRdRxyQTHNBaIxI=; b=jo8VT+BNMVuudRqtvaurdfk9/58ri3Rdyar7WMDPJfhsLYn6jkI+fyN45fk8+L+QLvMrSz5YmlA1xwcXq+FbkpJdgi0SmURGWpT+0VGYdadCOoL8HyKSSNRRGRjCF/yjy2HFOqkSKxd2/yKN8hP+k1rfN/3iM46OciKt9qJM1I8= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) by BY5PR12MB4644.namprd12.prod.outlook.com (2603:10b6:a03:1f9::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.19; Wed, 7 Jul 2021 18:16:05 +0000 Received: from BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed]) by BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed%7]) with mapi id 15.20.4287.033; Wed, 7 Jul 2021 18:16:05 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , tony.luck@intel.com, npmccallum@redhat.com, brijesh.ksingh@gmail.com, Brijesh Singh Subject: [PATCH Part1 RFC v4 15/36] x86/mm: Add support to validate memory when changing C-bit Date: Wed, 7 Jul 2021 13:14:45 -0500 Message-Id: <20210707181506.30489-16-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210707181506.30489-1-brijesh.singh@amd.com> References: <20210707181506.30489-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) To BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.19 via Frontend Transport; Wed, 7 Jul 2021 18:16:03 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: c5992d06-c860-4c09-4607-08d9417348fe X-MS-TrafficTypeDiagnostic: BY5PR12MB4644: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8273; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: r8vYXOolZ+6Va0SwdFA+ZuyQ7Z0+XwEVqpO5htOZQg8pYP/GUDLrwr/HNAgaABW3Lt4q1MR4MV/Ev9HXC7ynIEd98GbyibaXu62imhBiR5+sfnoJ7tZbSR3FUgZe6SMW9OtCjyYPGSu3IYqyljNPI17yGN8dp2xLBFeyIs1CKadT1aZmvewRJjV+tTT+lGq6LfJAgEYjYE1MbxEC/F70pJUcAmZO3YgabW/q/i1fIVyZqRwqNdiLPkZBl6pJ8uNPs3cnN01PuONIZ1GMbXns5InCiQLGAj8pjU2CfLAeDiqqJt+NBPL0px7N7jP08lphadPJEwNRvB4fASDbMuKfSRLRMmnPenAgkl5SE92LeoYWzSm7Kk6YvC1b+EFoyMWevlNFzDBnOuEd319fM/2yO9H0ge6YdRcZDTPpxHUvocOIRBROKNplxFvfjnFHPKQZun+nVf/fjjo9E4bJKlRQGSRLGhSXM8iGaeC/zrGzX5dKt+iYnZ+cGjSqQf/kRqyiGYZSoc8oK13imOoxLdTfOW+Ddf7PucH9xWztrs9nneQDt87oyHN6115GBQ203+JEjnlNRUR61Vv4RO8IQ5lkTZnrsUxRg6AeJXAWSotMGElgv40l31FPhtsziccaLV3ETxDdAsTgWxij19wPZx4g56/Ot2sBBB5HPtNtYc/UE6lBOaFxj0ty+rijpGsw5xhbdNhDZFThs4+XDmiH15fQgA== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR12MB2711.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(136003)(346002)(366004)(396003)(39860400002)(376002)(186003)(6666004)(2906002)(1076003)(4326008)(83380400001)(316002)(6486002)(7406005)(26005)(52116002)(7416002)(66556008)(8936002)(38350700002)(5660300002)(956004)(36756003)(38100700002)(478600001)(15650500001)(66476007)(44832011)(7696005)(2616005)(8676002)(66946007)(86362001)(54906003); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: qe6EFsM5PJ5l35naOYGMrZ398Y94yvh5QIK7F7gflgwX87So0Bvi1Oica7ijaZ6Qo8Av5CS/u+yspqbE/FUObMJJuYl/JPFU4YaXw/NwgVKPuyjmSUEigUDWVrrGPxcJaudl9qRh3PeDTQNe5zXeppuMHaYLY/GdNgAbzidSynt7Zh6d2wTELBCYhFBeI0bRRJkR2GylJLVL4WHh479ZQ/IYCXKPpFh+xrHcowsNWFkD/haPjmr3FUZwqLklNa+uPiNwY8ulqDWAX6gvpsVaU/GMayjuNkoMubp0r7Nabsx4lwxi8PyryGx3voMMsURAp9t8gDMJpNCb2Z/4GaDQfxa0ucgh+NRuv/u39Iy5KKMWTB6xS8TR2OkPuAkAekjRJsYOfUO0/A6m7Hu3MffuijaB/UTE96bqIO6rZBen/ft201mQCd2Oy25DBwslFK+lS0fNcnZjUbiAsYSHvE4vS3hpHcqYRp/Ei8YBk3x/5j9I7JC5rWSkC/S6GAqSTZI1Lw92CofWKXOWWOXwUHqy/kS6xHkYvvwtMmrJ76haaaTjHX8bcGEPronoCVt92VX2lY0bHS0GQCehPBkv2SpHBc90yYenjM4mYj9o0pxcLKF+DWJ5IcSgWWb3Nc3w8wwQYINWXyIiYSrS/lhRhUD4Zg0RGMk3U8HReJPN5SGU6JyxSLF6URtRf/4hSCk2xXSW2BCIu6bSUl1CmKgn1POielYX1DfoOMQ2GxulLEX/6taiMcpTATGA4t9tQtzkOn3NOblw0klxaoV7+PGipLnLYQlXgrTeDtw/mJ/r5pIyNSJ3kkiOZEwOwOMl9BhxrnoUe5lrb09zMmn+CplXPTf1ixJCO+07fAQbW84YvkKLMbHw8URTO8wti1xnFMP5DKMWwfu5Q7mAq1t5W8qUf7YZDAV07NRDxFVGXXLFVmiC5n5T36NZ+jlMIqFkoXS4oLEaSyMevujSwKOG9V8rgPohs/W/j/i4iNDZ3dEO4ufG6I99zGlwSkpC+tmzTvftSLdwGS+YuJGhlclg8v2ighPSplsQKDnz/BGU9V6as1rmWEB004A/+KPnt8Xizb+WbYadrJyEu2BU5377Ol7FufrCu/k79CZwQi6QwvSWsyeyQaYoZG8atoui+n/UiTsIHRXKNVpN99fK/Nc7slS/fVY1HzypvvAnGyKcPCY5luH+o0REKerGsvjXft5WF1LO33NtU48didN3b1KTK5ZCn95PovGJuGourqnI4/sktyiEOQajegWuY9Ny9mGvWQaeZpewlOEnjeaOrzJH+A3BC/BGJgjSClN96obxCUOaXe/1mgWUYQky4dApnvhcoSvaNJSy X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: c5992d06-c860-4c09-4607-08d9417348fe X-MS-Exchange-CrossTenant-AuthSource: BYAPR12MB2711.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jul 2021 18:16:05.4042 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: A2bxoUF212Q4yuGvui9aSz2w4sW/Oj8rvjdZR1dkc2ny7pI1+RxoG0li7ZJHsnp6LpktetYSnPLKUj2sVKi48w== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR12MB4644 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The set_memory_{encrypt,decrypt}() are used for changing the pages from decrypted (shared) to encrypted (private) and vice versa. When SEV-SNP is active, the page state transition needs to go through additional steps. If the page is transitioned from shared to private, then perform the following after the encryption attribute is set in the page table: 1. Issue the page state change VMGEXIT to add the memory region in the RMP table. 2. Validate the memory region after the RMP entry is added. To maintain the security guarantees, if the page is transitioned from private to shared, then perform the following before encryption attribute is removed from the page table: 1. Invalidate the page. 2. Issue the page state change VMGEXIT to remove the page from RMP table. To change the page state in the RMP table, use the Page State Change VMGEXIT defined in the GHCB specification. Signed-off-by: Brijesh Singh --- arch/x86/include/asm/sev-common.h | 24 +++++ arch/x86/include/asm/sev.h | 4 + arch/x86/include/uapi/asm/svm.h | 2 + arch/x86/kernel/sev.c | 160 ++++++++++++++++++++++++++++++ arch/x86/mm/pat/set_memory.c | 15 +++ 5 files changed, 205 insertions(+) diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index b19d8d301f5d..2277c8085b13 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -60,6 +60,8 @@ #define GHCB_MSR_PSC_REQ 0x014 #define SNP_PAGE_STATE_PRIVATE 1 #define SNP_PAGE_STATE_SHARED 2 +#define SNP_PAGE_STATE_PSMASH 3 +#define SNP_PAGE_STATE_UNSMASH 4 #define GHCB_MSR_PSC_GFN_POS 12 #define GHCB_MSR_PSC_GFN_MASK GENMASK_ULL(39, 0) #define GHCB_MSR_PSC_OP_POS 52 @@ -84,6 +86,28 @@ #define GHCB_HV_FT_SNP BIT_ULL(0) +/* SNP Page State Change NAE event */ +#define VMGEXIT_PSC_MAX_ENTRY 253 + +struct __packed psc_hdr { + u16 cur_entry; + u16 end_entry; + u32 reserved; +}; + +struct __packed psc_entry { + u64 cur_page : 12, + gfn : 40, + operation : 4, + pagesize : 1, + reserved : 7; +}; + +struct __packed snp_psc_desc { + struct psc_hdr hdr; + struct psc_entry entries[VMGEXIT_PSC_MAX_ENTRY]; +}; + #define GHCB_MSR_TERM_REQ 0x100 #define GHCB_MSR_TERM_REASON_SET_POS 12 #define GHCB_MSR_TERM_REASON_SET_MASK 0xf diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 9a676fb0929d..2385651c810e 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -109,6 +109,8 @@ void __init early_snp_set_memory_private(unsigned long vaddr, unsigned long padd void __init early_snp_set_memory_shared(unsigned long vaddr, unsigned long paddr, unsigned int npages); void __init snp_prep_memory(unsigned long paddr, unsigned int sz, int op); +void snp_set_memory_shared(unsigned long vaddr, unsigned int npages); +void snp_set_memory_private(unsigned long vaddr, unsigned int npages); #else static inline void sev_es_ist_enter(struct pt_regs *regs) { } static inline void sev_es_ist_exit(void) { } @@ -121,6 +123,8 @@ early_snp_set_memory_private(unsigned long vaddr, unsigned long paddr, unsigned static inline void __init early_snp_set_memory_shared(unsigned long vaddr, unsigned long paddr, unsigned int npages) { } static inline void __init snp_prep_memory(unsigned long paddr, unsigned int sz, int op) { } +static inline void snp_set_memory_shared(unsigned long vaddr, unsigned int npages) { } +static inline void snp_set_memory_private(unsigned long vaddr, unsigned int npages) { } #endif #endif diff --git a/arch/x86/include/uapi/asm/svm.h b/arch/x86/include/uapi/asm/svm.h index 7fbc311e2de1..f7f65febff70 100644 --- a/arch/x86/include/uapi/asm/svm.h +++ b/arch/x86/include/uapi/asm/svm.h @@ -108,6 +108,7 @@ #define SVM_VMGEXIT_AP_JUMP_TABLE 0x80000005 #define SVM_VMGEXIT_SET_AP_JUMP_TABLE 0 #define SVM_VMGEXIT_GET_AP_JUMP_TABLE 1 +#define SVM_VMGEXIT_PSC 0x80000010 #define SVM_VMGEXIT_HYPERVISOR_FEATURES 0x8000fffd #define SVM_VMGEXIT_UNSUPPORTED_EVENT 0x8000ffff @@ -216,6 +217,7 @@ { SVM_VMGEXIT_NMI_COMPLETE, "vmgexit_nmi_complete" }, \ { SVM_VMGEXIT_AP_HLT_LOOP, "vmgexit_ap_hlt_loop" }, \ { SVM_VMGEXIT_AP_JUMP_TABLE, "vmgexit_ap_jump_table" }, \ + { SVM_VMGEXIT_PSC, "vmgexit_page_state_change" }, \ { SVM_VMGEXIT_HYPERVISOR_FEATURES, "vmgexit_hypervisor_feature" }, \ { SVM_EXIT_ERR, "invalid_guest_state" } diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index 62034879fb3f..5fef7fc46282 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -694,6 +694,166 @@ void __init snp_prep_memory(unsigned long paddr, unsigned int sz, int op) WARN(1, "invalid memory op %d\n", op); } +static int vmgexit_psc(struct snp_psc_desc *desc) +{ + int cur_entry, end_entry, ret; + struct snp_psc_desc *data; + struct ghcb_state state; + struct ghcb *ghcb; + struct psc_hdr *hdr; + unsigned long flags; + + local_irq_save(flags); + + ghcb = __sev_get_ghcb(&state); + if (unlikely(!ghcb)) + panic("SEV-SNP: Failed to get GHCB\n"); + + /* Copy the input desc into GHCB shared buffer */ + data = (struct snp_psc_desc *)ghcb->shared_buffer; + memcpy(ghcb->shared_buffer, desc, sizeof(*desc)); + + hdr = &data->hdr; + cur_entry = hdr->cur_entry; + end_entry = hdr->end_entry; + + /* + * As per the GHCB specification, the hypervisor can resume the guest + * before processing all the entries. Checks whether all the entries + * are processed. If not, then keep retrying. + * + * The stragtegy here is to wait for the hypervisor to change the page + * state in the RMP table before guest access the memory pages. If the + * page state was not successful, then later memory access will result + * in the crash. + */ + while (hdr->cur_entry <= hdr->end_entry) { + ghcb_set_sw_scratch(ghcb, (u64)__pa(data)); + + ret = sev_es_ghcb_hv_call(ghcb, NULL, SVM_VMGEXIT_PSC, 0, 0); + + /* + * Page State Change VMGEXIT can pass error code through + * exit_info_2. + */ + if (WARN(ret || ghcb->save.sw_exit_info_2, + "SEV-SNP: page state change failed ret=%d exit_info_2=%llx\n", + ret, ghcb->save.sw_exit_info_2)) + return 1; + + /* + * Lets do some sanity check that entry processing is not going + * backward. This will happen only if hypervisor is tricking us. + */ + if (WARN((hdr->end_entry > end_entry) || (cur_entry > hdr->cur_entry), + "SEV-SNP: page state change processing going backward, end_entry " + "(expected %d got %d) cur_entry (expected %d got %d)\n", + end_entry, hdr->end_entry, cur_entry, hdr->cur_entry)) + return 1; + + /* Lets verify that reserved bit is not set in the header*/ + if (WARN(hdr->reserved, "Reserved bit is set in the PSC header\n")) + return 1; + } + + __sev_put_ghcb(&state); + local_irq_restore(flags); + + return 0; +} + +static void __set_page_state(struct snp_psc_desc *data, unsigned long vaddr, + unsigned long vaddr_end, int op) +{ + struct psc_hdr *hdr; + struct psc_entry *e; + unsigned long pfn; + int i; + + hdr = &data->hdr; + e = data->entries; + + memset(data, 0, sizeof(*data)); + i = 0; + + while (vaddr < vaddr_end) { + if (is_vmalloc_addr((void *)vaddr)) + pfn = vmalloc_to_pfn((void *)vaddr); + else + pfn = __pa(vaddr) >> PAGE_SHIFT; + + e->gfn = pfn; + e->operation = op; + hdr->end_entry = i; + + /* + * The GHCB specification provides the flexibility to + * use either 4K or 2MB page size in the RMP table. + * The current SNP support does not keep track of the + * page size used in the RMP table. To avoid the + * overlap request, use the 4K page size in the RMP + * table. + */ + e->pagesize = RMP_PG_SIZE_4K; + + vaddr = vaddr + PAGE_SIZE; + e++; + i++; + } + + /* Terminate the guest on page state change failure. */ + if (vmgexit_psc(data)) + sev_es_terminate(1, GHCB_TERM_PSC); +} + +static void set_page_state(unsigned long vaddr, unsigned int npages, int op) +{ + unsigned long vaddr_end, next_vaddr; + struct snp_psc_desc *desc; + + vaddr = vaddr & PAGE_MASK; + vaddr_end = vaddr + (npages << PAGE_SHIFT); + + desc = kmalloc(sizeof(*desc), GFP_KERNEL_ACCOUNT); + if (!desc) + panic("failed to allocate memory"); + + while (vaddr < vaddr_end) { + /* + * Calculate the last vaddr that can be fit in one + * struct snp_psc_desc. + */ + next_vaddr = min_t(unsigned long, vaddr_end, + (VMGEXIT_PSC_MAX_ENTRY * PAGE_SIZE) + vaddr); + + __set_page_state(desc, vaddr, next_vaddr, op); + + vaddr = next_vaddr; + } + + kfree(desc); +} + +void snp_set_memory_shared(unsigned long vaddr, unsigned int npages) +{ + if (!sev_feature_enabled(SEV_SNP)) + return; + + pvalidate_pages(vaddr, npages, 0); + + set_page_state(vaddr, npages, SNP_PAGE_STATE_SHARED); +} + +void snp_set_memory_private(unsigned long vaddr, unsigned int npages) +{ + if (!sev_feature_enabled(SEV_SNP)) + return; + + set_page_state(vaddr, npages, SNP_PAGE_STATE_PRIVATE); + + pvalidate_pages(vaddr, npages, 1); +} + int sev_es_setup_ap_jump_table(struct real_mode_header *rmh) { u16 startup_cs, startup_ip; diff --git a/arch/x86/mm/pat/set_memory.c b/arch/x86/mm/pat/set_memory.c index 156cd235659f..d09df2971d30 100644 --- a/arch/x86/mm/pat/set_memory.c +++ b/arch/x86/mm/pat/set_memory.c @@ -29,6 +29,7 @@ #include #include #include +#include #include "../mm_internal.h" @@ -2009,8 +2010,22 @@ static int __set_memory_enc_dec(unsigned long addr, int numpages, bool enc) */ cpa_flush(&cpa, !this_cpu_has(X86_FEATURE_SME_COHERENT)); + /* + * To maintain the security gurantees of SEV-SNP guest invalidate the memory + * before clearing the encryption attribute. + */ + if (!enc) + snp_set_memory_shared(addr, numpages); + ret = __change_page_attr_set_clr(&cpa, 1); + /* + * Now that memory is mapped encrypted in the page table, validate it + * so that is consistent with the above page state. + */ + if (!ret && enc) + snp_set_memory_private(addr, numpages); + /* * After changing the encryption attribute, we need to flush TLBs again * in case any speculative TLB caching occurred (but no need to flush From patchwork Wed Jul 7 18:14:47 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 470887 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 34A11C11F6A for ; Wed, 7 Jul 2021 18:16:43 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 207DF61CD5 for ; Wed, 7 Jul 2021 18:16:43 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231517AbhGGSTW (ORCPT ); Wed, 7 Jul 2021 14:19:22 -0400 Received: from mail-bn8nam12on2067.outbound.protection.outlook.com ([40.107.237.67]:45063 "EHLO NAM12-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S231863AbhGGSTJ (ORCPT ); Wed, 7 Jul 2021 14:19:09 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hqi+4F38wKxPmVlHnk/mbvHMZ5MaVpDVvIVxYljwfem1PBn242xAnuT7SmGNUDF7x5QC7Icw37txpJAZFCQZV5BYX2WZiD4WnH8/qefDHAvC8OHYsvvW8BAikm/X2Ko1mdA4GVAasPxC77soOUn7cG4lsjyr0eO32tum7ZCl267rN/cSxlEEao76IxkART/sbX0ueH6XAh+MDCrQv5jZmM6bv3bDR0kzCJ0to8JR1eg25dTT8+k0j2w1CKIKqIMFNm4eJqBppRUFlay//FM2DPRfcQplom01G5l3j4fmRzJpvHoUKsa/BVlJuarLV7UliWwwrNvVNPhBpjF2GxJF/A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ar10hDCValtNRg7sDPldEtmq+v3w1Dk8txZ2Tu9WD4s=; b=PtLWSG9Pq92WMR6pwX0Xe2ifvRtqiO8VXfYhK7BUupDRS4CrGiZObtullOZlu3NZmIAzO8miPRi+p/OZl2b6i5I/hn6hReGyXub7I/lBBlfkfyzd2vJqfadE7pwYadcG+OmY9nBD47l4JDgNZfaGBNhiYTnhKmhrPy8SimeHCHnpricD1uLIe8W1RcFqqraT4wv4bcmo6WKOcQ54iKbrv22CjBiJHRlFPcGL1FO+aqMa5cgDx2hGw/wVbHiq6jANTb+I04o4deoY/L22tkImrla+KxsgC+0+zFB4dcQfFKzNheWPKzAioQqMF6YWxEZ8Me7ttsZl4ebFfOGuyKq8hw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ar10hDCValtNRg7sDPldEtmq+v3w1Dk8txZ2Tu9WD4s=; b=Tweh1vGcz7sAmywdfrDqxTfvD8qbxAnUAbUDaWe7Ueu7wdlVvjjtMeGQ0iyA3G3wRFimFaHYyRZiHezLZLCRC+2lUismYzd+nG5zzReGqg9hBNe8CDRIyeGfC7XWw6oBeO6YwN/+XspvH7T8guWcTdcjMssnJMzZlTZ8fRFX2ZQ= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) by BY5PR12MB5016.namprd12.prod.outlook.com (2603:10b6:a03:1c5::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.20; Wed, 7 Jul 2021 18:16:11 +0000 Received: from BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed]) by BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed%7]) with mapi id 15.20.4287.033; Wed, 7 Jul 2021 18:16:10 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , tony.luck@intel.com, npmccallum@redhat.com, brijesh.ksingh@gmail.com, Brijesh Singh Subject: [PATCH Part1 RFC v4 17/36] KVM: SVM: Create a separate mapping for the SEV-ES save area Date: Wed, 7 Jul 2021 13:14:47 -0500 Message-Id: <20210707181506.30489-18-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210707181506.30489-1-brijesh.singh@amd.com> References: <20210707181506.30489-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) To BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.19 via Frontend Transport; Wed, 7 Jul 2021 18:16:08 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 388a9173-a906-4d7c-7102-08d941734c30 X-MS-TrafficTypeDiagnostic: BY5PR12MB5016: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8882; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: zYplID/TrRuUAQhOwFguZAKBzy+d8zWgxU8tP/mFjfDrn6U90op6eO5WQium0NXGcwVfgA3aegvGfbvxGmZU83+bt2n6GG5Bc2poeBrLBP3lG7o/9uCrQ+QJxfAD4H5iMadQlm3z9BBRRcKzauYHKDYLkcTvhE2PtJ5THhZdE/me+Q/TIZmsnDYWrDj2kVHhXs0bXRvYImHEXnocJdqflZIuUH5Fo3JMu8mKxoUYnfFPnw0qFvHvdKqkNJDBM+fBlostKqQGc16SPIlS0AvAR7x7II1lm/VEjs31F4hlu3uweF554iELuoEGhTcIeSgvkQhehG82QdUOFruTQuIcWQKl+3++3M1OjcwcCRM0zYSdpZjZkTToIqUvPPBrgS6bWt0S3Dp1Kz4q4J8IDBH684s9XOJJdyFfNnSeZUbx8NkShbXfcJ2x8wLjRD0ADN984iIIWnr9OcYMNMGc1+3BXq78snvYYSRRUPi9jOzUIqeUN625mS67f/KTnEkPA/uwPNlYlJPSw3kt6VzQwrkm0YSxuwI/qm3QIMIEWuqgo6eXmJKwBTTz03QrorKWOmAnSagG8YoskJZ6MbPA7gLC5x7VyE/nmLdQiNzIjra4HDo8rtUP/61T0sO1PoqxVU/Sg3jODLrLHYdjpE4Z67Lxh2Ehso+xx8Uec99Nr5QQ9aPyiChx4iez6rvZGRRPo9FzyFDGJa3Xgq8j6UBpgl4HMA== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR12MB2711.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(396003)(376002)(366004)(39860400002)(136003)(66556008)(66476007)(186003)(7416002)(52116002)(86362001)(26005)(956004)(8936002)(478600001)(7406005)(7696005)(8676002)(83380400001)(5660300002)(2616005)(38350700002)(38100700002)(44832011)(2906002)(1076003)(54906003)(6666004)(66946007)(316002)(4326008)(36756003)(6486002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: 6R5MeQIrPiqyGUEA0NJUWXOU3jVKirkDq2Ha9f2sNJw/1jJGBJjXKVDG7vfNbrezxd08c61pMbkBAAn7wi/WLhyYaSNcqSKKGEqUbZHZXKLopx5KsIAprHiAkkVyL6XKzefuX3H14X06pexCzpIJ5LiRuhyv9D142CTVhEGzPi5I5EoQvnloo6ZlBX+7sOlKGlU0Yxg+5yBklBuWqaJ3A6EBSqYYXupMRlAOpskUoqd+kfkQNgMvT6D27zYP5ZdfAPZ//Kfl7xoeYPV320THeODNyWwF8B7qsCJikwkVkvkBToOabjw9tUwucelPmVXPQGZAcxIC60iuxDPvIvXF+hcoBtrhv46dRBnuUmA5rGVP4Nfghy5k+qMRWrL3QpFPiKxbKHaH6gThcvtMtICdJs2uxYwMyv/MuzkDwU2AsRCNIwTtQp/rI8f6/kMrYLuyexFFu+HEywEwEzApUQ7ODnTvmdhA5/5PNcHKLVgxeJRYS1vUQNwfX0hanV68gxYa0ENQwboESCCaHER2RtA7DScqrYlWbbf2QjEmjgT0cpepajzE9dwS4jrFBorCzdIFvCvQp5fW5RayFyD3sjOX4FDZG+lHP7eLG+OVYmqWBS/x39aj0oLwlIswHHanxnG8HhqJ5eMb8GvoW9aKdRye+2gON7u7CcK0oHyk26rA7euxBnFHVmqdNno22rv7TnWgmRH4vhm7rBXhUBFIEVdHIwtSGAnXplb/swA7mh0kJWZPp5E32qC2OgMWi76VSy184pF1CT/a840qJ8hLVeU1OxsV6Ck36eDhMrjZypSq0Peoh6mivQljPh3Vt8VArLlooaC0A0YrQewaZA1B19I1dU6xKe5h4wcKvmick70GX4d2Qk1Tod+/CkEgKL38DbyQJIt6MANH/SarvRdH45PqwDkaC/2W+t6k0MFyiq8fAX44D8rSESRIM80VmNxO5ZDffcLXWGktGsgLrqn/SC+G3hFx9AcPSfK3RVKu6os5pwAPebU+KahBgBQ97rC2G2no3h4/Ua6myxW0g4SaiysuCprrYPHUP1Jn84X9LFsr1Pxuo+wi+wdHV7FxgSvdpUlOTTK+hji2NtwtnqJkCjYegiKkG8TTFdH2Pjv7lZga/J4mHcj8+LfWTttjDsdvlq1k9iEDe0xCCrt0lJbkfGFjv2/SzxrVeoRI0V6ucT59IF0BmK8zFKhY9EPn1M51ESNVijvGl/wkHJRxUdgyLITbKzQFeFpEOwVohxxnjyo8L8li0aViBUQNqJH4xWBugwW0WhpjVpBR1pixtBMmBW3nbX9fww2OXDUg4UHwiZlCjKWcGULF5pIaEwTp4TaBb7Ml X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 388a9173-a906-4d7c-7102-08d941734c30 X-MS-Exchange-CrossTenant-AuthSource: BYAPR12MB2711.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jul 2021 18:16:10.7581 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 4Ij8C1759YO+I+RlnX/eG4kIfRtmiQ4IhJl1DaclJug1haROuU3v/zmZAjr0df8MVyHSGNehDfhZ8DBANQq2HA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR12MB5016 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org From: Tom Lendacky The save area for SEV-ES/SEV-SNP guests, as used by the hardware, is different from the save area of a non SEV-ES/SEV-SNP guest. This is the first step in defining the multiple save areas to keep them separate and ensuring proper operation amongst the different types of guests. Create an SEV-ES/SEV-SNP save area and adjust usage to the new save area definition where needed. Signed-off-by: Tom Lendacky Signed-off-by: Brijesh Singh --- arch/x86/include/asm/svm.h | 83 +++++++++++++++++++++++++++++--------- arch/x86/kvm/svm/sev.c | 24 +++++------ arch/x86/kvm/svm/svm.h | 2 +- 3 files changed, 77 insertions(+), 32 deletions(-) diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h index ff614cdcf628..a7fa24ec8ddf 100644 --- a/arch/x86/include/asm/svm.h +++ b/arch/x86/include/asm/svm.h @@ -228,6 +228,7 @@ struct vmcb_seg { u64 base; } __packed; +/* Save area definition for legacy and SEV-MEM guests */ struct vmcb_save_area { struct vmcb_seg es; struct vmcb_seg cs; @@ -244,8 +245,58 @@ struct vmcb_save_area { u8 cpl; u8 reserved_2[4]; u64 efer; + u8 reserved_3[112]; + u64 cr4; + u64 cr3; + u64 cr0; + u64 dr7; + u64 dr6; + u64 rflags; + u64 rip; + u8 reserved_4[88]; + u64 rsp; + u64 s_cet; + u64 ssp; + u64 isst_addr; + u64 rax; + u64 star; + u64 lstar; + u64 cstar; + u64 sfmask; + u64 kernel_gs_base; + u64 sysenter_cs; + u64 sysenter_esp; + u64 sysenter_eip; + u64 cr2; + u8 reserved_5[32]; + u64 g_pat; + u64 dbgctl; + u64 br_from; + u64 br_to; + u64 last_excp_from; + u64 last_excp_to; + u8 reserved_6[72]; + u32 spec_ctrl; /* Guest version of SPEC_CTRL at 0x2E0 */ +} __packed; + +/* Save area definition for SEV-ES and SEV-SNP guests */ +struct sev_es_save_area { + struct vmcb_seg es; + struct vmcb_seg cs; + struct vmcb_seg ss; + struct vmcb_seg ds; + struct vmcb_seg fs; + struct vmcb_seg gs; + struct vmcb_seg gdtr; + struct vmcb_seg ldtr; + struct vmcb_seg idtr; + struct vmcb_seg tr; + u8 reserved_1[43]; + u8 cpl; + u8 reserved_2[4]; + u64 efer; u8 reserved_3[104]; - u64 xss; /* Valid for SEV-ES only */ + u64 xss; u64 cr4; u64 cr3; u64 cr0; @@ -273,22 +324,14 @@ struct vmcb_save_area { u64 br_to; u64 last_excp_from; u64 last_excp_to; - - /* - * The following part of the save area is valid only for - * SEV-ES guests when referenced through the GHCB or for - * saving to the host save area. - */ - u8 reserved_7[72]; - u32 spec_ctrl; /* Guest version of SPEC_CTRL at 0x2E0 */ - u8 reserved_7b[4]; + u8 reserved_7[80]; u32 pkru; - u8 reserved_7a[20]; - u64 reserved_8; /* rax already available at 0x01f8 */ + u8 reserved_9[20]; + u64 reserved_10; /* rax already available at 0x01f8 */ u64 rcx; u64 rdx; u64 rbx; - u64 reserved_9; /* rsp already available at 0x01d8 */ + u64 reserved_11; /* rsp already available at 0x01d8 */ u64 rbp; u64 rsi; u64 rdi; @@ -300,21 +343,21 @@ struct vmcb_save_area { u64 r13; u64 r14; u64 r15; - u8 reserved_10[16]; + u8 reserved_12[16]; u64 sw_exit_code; u64 sw_exit_info_1; u64 sw_exit_info_2; u64 sw_scratch; u64 sev_features; - u8 reserved_11[48]; + u8 reserved_13[48]; u64 xcr0; u8 valid_bitmap[16]; u64 x87_state_gpa; } __packed; struct ghcb { - struct vmcb_save_area save; - u8 reserved_save[2048 - sizeof(struct vmcb_save_area)]; + struct sev_es_save_area save; + u8 reserved_save[2048 - sizeof(struct sev_es_save_area)]; u8 shared_buffer[2032]; @@ -324,13 +367,15 @@ struct ghcb { } __packed; -#define EXPECTED_VMCB_SAVE_AREA_SIZE 1032 +#define EXPECTED_VMCB_SAVE_AREA_SIZE 740 +#define EXPECTED_SEV_ES_SAVE_AREA_SIZE 1032 #define EXPECTED_VMCB_CONTROL_AREA_SIZE 272 #define EXPECTED_GHCB_SIZE PAGE_SIZE static inline void __unused_size_checks(void) { BUILD_BUG_ON(sizeof(struct vmcb_save_area) != EXPECTED_VMCB_SAVE_AREA_SIZE); + BUILD_BUG_ON(sizeof(struct sev_es_save_area) != EXPECTED_SEV_ES_SAVE_AREA_SIZE); BUILD_BUG_ON(sizeof(struct vmcb_control_area) != EXPECTED_VMCB_CONTROL_AREA_SIZE); BUILD_BUG_ON(sizeof(struct ghcb) != EXPECTED_GHCB_SIZE); } @@ -401,7 +446,7 @@ struct vmcb { /* GHCB Accessor functions */ #define GHCB_BITMAP_IDX(field) \ - (offsetof(struct vmcb_save_area, field) / sizeof(u64)) + (offsetof(struct sev_es_save_area, field) / sizeof(u64)) #define DEFINE_GHCB_ACCESSORS(field) \ static inline bool ghcb_##field##_is_valid(const struct ghcb *ghcb) \ diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 8d36f0c73071..751a4604a51d 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -552,12 +552,20 @@ static int sev_launch_update_data(struct kvm *kvm, struct kvm_sev_cmd *argp) static int sev_es_sync_vmsa(struct vcpu_svm *svm) { - struct vmcb_save_area *save = &svm->vmcb->save; + struct sev_es_save_area *save = svm->vmsa; /* Check some debug related fields before encrypting the VMSA */ - if (svm->vcpu.guest_debug || (save->dr7 & ~DR7_FIXED_1)) + if (svm->vcpu.guest_debug || (svm->vmcb->save.dr7 & ~DR7_FIXED_1)) return -EINVAL; + /* + * SEV-ES will use a VMSA that is pointed to by the VMCB, not + * the traditional VMSA that is part of the VMCB. Copy the + * traditional VMSA as it has been built so far (in prep + * for LAUNCH_UPDATE_VMSA) to be the initial SEV-ES state. + */ + memcpy(save, &svm->vmcb->save, sizeof(svm->vmcb->save)); + /* Sync registgers */ save->rax = svm->vcpu.arch.regs[VCPU_REGS_RAX]; save->rbx = svm->vcpu.arch.regs[VCPU_REGS_RBX]; @@ -584,14 +592,6 @@ static int sev_es_sync_vmsa(struct vcpu_svm *svm) save->pkru = svm->vcpu.arch.pkru; save->xss = svm->vcpu.arch.ia32_xss; - /* - * SEV-ES will use a VMSA that is pointed to by the VMCB, not - * the traditional VMSA that is part of the VMCB. Copy the - * traditional VMSA as it has been built so far (in prep - * for LAUNCH_UPDATE_VMSA) to be the initial SEV-ES state. - */ - memcpy(svm->vmsa, save, sizeof(*save)); - return 0; } @@ -2606,7 +2606,7 @@ void sev_es_create_vcpu(struct vcpu_svm *svm) void sev_es_prepare_guest_switch(struct vcpu_svm *svm, unsigned int cpu) { struct svm_cpu_data *sd = per_cpu(svm_data, cpu); - struct vmcb_save_area *hostsa; + struct sev_es_save_area *hostsa; /* * As an SEV-ES guest, hardware will restore the host state on VMEXIT, @@ -2616,7 +2616,7 @@ void sev_es_prepare_guest_switch(struct vcpu_svm *svm, unsigned int cpu) vmsave(__sme_page_pa(sd->save_area)); /* XCR0 is restored on VMEXIT, save the current host value */ - hostsa = (struct vmcb_save_area *)(page_address(sd->save_area) + 0x400); + hostsa = (struct sev_es_save_area *)(page_address(sd->save_area) + 0x400); hostsa->xcr0 = xgetbv(XCR_XFEATURE_ENABLED_MASK); /* PKRU is restored on VMEXIT, save the current host value */ diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 2908c6ab5bb4..bb64b7f1b433 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -170,7 +170,7 @@ struct vcpu_svm { } shadow_msr_intercept; /* SEV-ES support */ - struct vmcb_save_area *vmsa; + struct sev_es_save_area *vmsa; struct ghcb *ghcb; struct kvm_host_map ghcb_map; bool received_first_sipi; From patchwork Wed Jul 7 18:14:51 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 470883 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id BF734C07E9B for ; Wed, 7 Jul 2021 18:17:17 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id A92E361CB0 for ; Wed, 7 Jul 2021 18:17:17 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231893AbhGGSTz (ORCPT ); Wed, 7 Jul 2021 14:19:55 -0400 Received: from mail-bn8nam12on2067.outbound.protection.outlook.com ([40.107.237.67]:45063 "EHLO NAM12-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S232136AbhGGSTe (ORCPT ); Wed, 7 Jul 2021 14:19:34 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QHdhl9ptc/8r1x5fIIkIsryWS7GfKLbKbTs6iVWLP9pNE6+ISTqWtBSpH4NiHiZ6PgoZc64t7YRg7Zr487tuIJKQNl/w0pQNgUUJ6jMaX3IWcNJCxnsiXWGa/GptbI6788JdM6MfSLgYQLzs2sv1rDNytE3nju8GYBmAk1Cn4UkAsXV1ArWWDz3fEfu7jT27ZK34Jvnnesr6w8GcS+KGuawSaCczlZBao8Lt7CkShyQTpD+G4qCmJg6MY1H50q65iLTgiDVNyKhJpAn3bLCnn5RvdyIxOAdl3knJxN8OECvDLfr4o0ThSmNHuEswvYoki0Q9vLHOVIzL86gD7x6NeQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=fx2WDBdjGaBF/g6x3agK+7pQ+o9Ag8h7WcyLfaEPrfQ=; b=GiGE7epdlK9IW5SQWb3Ar4TR88+QZV2vmtu5CL6UiWHFhtKdjc/27yS1BQCdEDbqeteYq1dGNN2GSIFI+H3LFmnovRLirhc9gIn6n6NgIfvP65FpuNFpyNuqJp6u3MqTEeN0RLfuLwBQAAzCkSfZAUsKk5UMoj2e+H61ujfMB2jcYAf+e6YhveuusUg33dgf7+OoezcnH45WwIbZbOembhZxWXld7iF+quRJY9QCh8bpwFQdoFaq052T8xQxQHkqSP25fT+LScpuBKu56MnOf7AzTRmfYjQKxUcHQ2suSufGgWAcMNcSAkeR/txSzYCm5K6/vcWjhF8TImkPZB4feA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=fx2WDBdjGaBF/g6x3agK+7pQ+o9Ag8h7WcyLfaEPrfQ=; b=NjOBBCtyjfX4X0LsD7Mdc2VDsL9qsplL74aaFOahWim2QmQZEesyE1UXDMxLg4WzpXehf6gd7O+xIA7CWzTVHLljuDpaIfD+oMevb9/Ry9lHLpmhVHmTWCnzpv0xKtell9fyXxowX4elwwWyaV/AchBSFCUNpbib5VNuhKsSMBw= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) by BY5PR12MB5016.namprd12.prod.outlook.com (2603:10b6:a03:1c5::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.20; Wed, 7 Jul 2021 18:16:22 +0000 Received: from BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed]) by BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed%7]) with mapi id 15.20.4287.033; Wed, 7 Jul 2021 18:16:22 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , tony.luck@intel.com, npmccallum@redhat.com, brijesh.ksingh@gmail.com, Brijesh Singh Subject: [PATCH Part1 RFC v4 21/36] x86/head/64: set up a startup %gs for stack protector Date: Wed, 7 Jul 2021 13:14:51 -0500 Message-Id: <20210707181506.30489-22-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210707181506.30489-1-brijesh.singh@amd.com> References: <20210707181506.30489-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) To BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.19 via Frontend Transport; Wed, 7 Jul 2021 18:16:20 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: a99c028e-c169-415f-c418-08d94173533b X-MS-TrafficTypeDiagnostic: BY5PR12MB5016: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:9508; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: BtGAYpi3IPs5rPY1/y/t4LiGBmh5rbAIfJG4NHbXRzT5XD/E+n4pGPO6mDXg8dJqTMnUFDhOxGq15wBX36JWXpIy6v9VEsvnWSL59mwQ8LwTuBn+3ufhUvxiUn/xuIBf9MEccUM76pKjOGUf21WnM9NaJyJUoYxJNaZEBK/iT013Ur2cIfoQ8fWKs9nZZuPHivw5P6U4a6G/z9pAUvs3FzGF58AIZ69oDx2m/X5n0Ee8XvIhPr2IX22FYR6nVp0gYVymg41/fP9nUTEaOMkmO6XxCPmzarT5HRnymD+SnVfpp189IBmsxl+G/loWzqivUYKGrjoikaN+DvGtOgcd5/6JiQyjakQOxGvO4fifrlwz9UMDVDOi6wh2jRt04lQKfV7QShs5RmmHeiJMKkarY0J5plTw4yEXZB1lCgF0ruJ444H5CsalossixGtmGmeieTF0mYtEXCCGEup0G2YWvajfK6mc7lERH0kEucB2QeMdAoWRnedCDKquDsKCPmNtG+GJMznBhig5l8APvS+mSkSMbBs7nsn56HkccGf4I1ccZ4H+YJZygCOM2jiwg7uPJZqEj3Gi95dOoHP0gam1jOH50rnHfY3oeBG1AM4VR1r4t589AI3L84+YoHYFYiubVVDPqdod/rC7+jqPpD9p1yPtvc4GVD6fAUSrCAtyjFxXMktU8ty1hABqKTlnGgG7CXcieG9wb4S5lR0cdfZkfg== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR12MB2711.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(396003)(376002)(366004)(39860400002)(136003)(66556008)(66476007)(186003)(7416002)(52116002)(86362001)(26005)(956004)(8936002)(478600001)(7406005)(7696005)(8676002)(83380400001)(5660300002)(2616005)(38350700002)(38100700002)(44832011)(2906002)(1076003)(54906003)(6666004)(66946007)(316002)(4326008)(36756003)(6486002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: N87hNKigKyD5zHjB1BXm9lUrGOXkKm1SPKK8w6EG5HTFOJJ9ulyiSJ5WK7+Q7s46GfJTxehXrBAqk9q354l4DZNIDRLjxcnqG3NnLZRYV6+SeKypQfAQ/EtsKYZ71gdH2ZqskPI95Lp17ZqlR1pIsCewtm6ogxQFtYZbpNSqGrNU1iN2paFL3VnsyqSmvFxl0GTGnC7QK6SCmqsurSpnaxEfZwBfyV5fo7Xz0VfNOW+Xc3LLlDx8MJ8TqJCQc674VLz2w6vbmLkNL9YlUWvk11cIK2L4tpt5V66wpdPNoul++0R/eSdr6dBFJoR5p5/YkqflK4nNIRufok2MeWWwG7Eap+DtuUo8+z69soCAI+74QkQ/pafw2DQADdAxV6f41iFU0vkqxAhJAQnOaO6ckOTe/AFBdgNj/K17pznGV99P+ynu4m9/zDzL9hpz/Anwrw7OjfGSoUjKgx599uuMvtYCOQp7Q6SOCdFR5Hhxztwl5GixP0qDWty1CJPpV8qi5zp4yIcCFCwDSiAbr7gM/Di13ddAPFU2VE2Ci2gAGnSKh4XIqxohWIhrzg21Ci4DVZg04+vX2+M9gM2oPO/cT1t0OZJpbCkhiqZpygGIY8RW5SbgRUdt6iU+jBS6LUoa+Djm+F3ssh0a3P/bt1UKDRWRWzjQ7l5zpszxdy8cC5i/sCI0q/Rw2mnX7wAGG+uk0YKoHqurIrZhtLvoJGsRtGAlHP7/cHmteODhkbOfayp+oPKQKuG6ag1gHdYLBXLy4vkVF/C+fz+5qiDJU8hSJB9qcWZ99Ldp+XAGdaW65RPnTAwP9obIfl64g+EeU/k+mbu6GOFg8bKgdw+Mz+2y13U+PE4DlstPp+xb9FykHIH/20ksHzknXSQ6tNY6JkE2vuXl771eFNZ4QtDAFxd5Gn5CQwHn7DD6OLfvUy9A+I+vNywFU8bwximX443hETU3K3QN18kHCAEjjwkIilxKKGe3KDxi9iaWjqB6/4aJY1Pxy2y1hHdMmjJcpuiKihEErktexSt+eFgPU0ldP2QSbbU3CW7ej34P2rzZ9iSbJCPXqrd1LQXMl8at8L+tFGDspVnA7WumACAQmi31AlOAurdw4t2PPy6t0cmcewBz70gUwg83Ld8G57UsOhEGSFulVPPzxCmCL6tqee6ADUNUk3QpQ5zzCW//idIcjeRKk/Jp5BXxQG4AKoMKP+GuIzu+bAFfGxUCo+8WJ170Ry9/UlWIKM9F5NHnZ0n1j6wx8hEr4B/x6BozK0lu7Ki+0tLi/VO6qqloqTC2OiHT4AeOAu7UGfY2nMpbBCCsnh0sRfpWofCDYtBAKo3TcS0jSwdj X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: a99c028e-c169-415f-c418-08d94173533b X-MS-Exchange-CrossTenant-AuthSource: BYAPR12MB2711.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jul 2021 18:16:22.5174 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: +9S9IF+jTOfvYLIhDNYYsKdOB10i8nOu8Ua0mTsH02HBgyuWahmBl8n/r06L2Bj3xVHsP11iB+0S6SZaqrhcnA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR12MB5016 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org From: Michael Roth As of commit 103a4908ad4d ("x86/head/64: Disable stack protection for head$(BITS).o") kernel/head64.c is compiled with -fno-stack-protector to allow a call to set_bringup_idt_handler(), which would otherwise have stack protection enabled with CONFIG_STACKPROTECTOR_STRONG. While sufficient for that case, this will still cause issues if we attempt to call out to any external functions that were compiled with stack protection enabled that in-turn make stack-protected calls, or if the exception handlers set up by set_bringup_idt_handler() make calls to stack-protected functions. Subsequent patches for SEV-SNP CPUID validation support will introduce both such cases. Attempting to disable stack protection for everything in scope to address that is prohibitive since much of the code, like SEV-ES #VC handler, is shared code that remains in use after boot and could benefit from having stack protection enabled. Attempting to inline calls is brittle and can quickly balloon out to library/helper code where that's not really an option. Instead, set up %gs to point a buffer that stack protector can use for canary values when needed. In doing so, it's likely we can stop using -no-stack-protector for head64.c, but that hasn't been tested yet, and head32.c would need a similar solution to be safe, so that is left as a potential follow-up. Signed-off-by: Michael Roth Signed-off-by: Brijesh Singh --- arch/x86/kernel/head64.c | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/arch/x86/kernel/head64.c b/arch/x86/kernel/head64.c index f4c3e632345a..8615418f98f1 100644 --- a/arch/x86/kernel/head64.c +++ b/arch/x86/kernel/head64.c @@ -74,6 +74,9 @@ static struct desc_struct startup_gdt[GDT_ENTRIES] = { [GDT_ENTRY_KERNEL_DS] = GDT_ENTRY_INIT(0xc093, 0, 0xfffff), }; +/* For use by stack protector code before switching to virtual addresses */ +static char startup_gs_area[64]; + /* * Address needs to be set at runtime because it references the startup_gdt * while the kernel still uses a direct mapping. @@ -598,6 +601,8 @@ void early_setup_idt(void) */ void __head startup_64_setup_env(unsigned long physbase) { + u64 gs_area = (u64)fixup_pointer(startup_gs_area, physbase); + /* Load GDT */ startup_gdt_descr.address = (unsigned long)fixup_pointer(startup_gdt, physbase); native_load_gdt(&startup_gdt_descr); @@ -605,7 +610,18 @@ void __head startup_64_setup_env(unsigned long physbase) /* New GDT is live - reload data segment registers */ asm volatile("movl %%eax, %%ds\n" "movl %%eax, %%ss\n" - "movl %%eax, %%es\n" : : "a"(__KERNEL_DS) : "memory"); + "movl %%eax, %%es\n" + "movl %%eax, %%gs\n" : : "a"(__KERNEL_DS) : "memory"); + + /* + * GCC stack protection needs a place to store canary values. The + * default is %gs:0x28, which is what the kernel currently uses. + * Point GS base to a buffer that can be used for this purpose. + * Note that newer GCCs now allow this location to be configured, + * so if we change from the default in the future we need to ensure + * that this buffer overlaps whatever address ends up being used. + */ + native_wrmsr(MSR_GS_BASE, gs_area, gs_area >> 32); startup_64_load_idt(physbase); } From patchwork Wed Jul 7 18:14:52 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 470880 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7D43AC11F66 for ; Wed, 7 Jul 2021 18:17:47 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 6964C61C83 for ; Wed, 7 Jul 2021 18:17:47 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232313AbhGGSU0 (ORCPT ); Wed, 7 Jul 2021 14:20:26 -0400 Received: from mail-bn8nam12on2057.outbound.protection.outlook.com ([40.107.237.57]:41568 "EHLO NAM12-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S232050AbhGGSTq (ORCPT ); Wed, 7 Jul 2021 14:19:46 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=eQFg7N+9ZwB0qTppJgBUiGxPOQ15QA4i7y592w/LD1e2aOKAUoW1+jFro9nYO9crW1wJsjfLHrNQ9hCMxaRDozzCFHT5F+FgrzKLzGUyUgJpbz5ruif+EI0f9OwJ7/Id6p3667BbWBCDihgZuBo9AHj8C2sQa0I2skzsk8CAeVCMUe6TYZv6nQChnwQv1VC46/cA/YietEUn1WZI4uV5ILQLZj2eb3rPpVQ4Z+HwlZxIy95ab1k8b7MEHPDGq6bWW4mQKDRvzi6lEgT3uFeHL7BBTDUEiASbOj8HG7H9/UDBZRa70AeFgMU/ZGgR5OgzYnqyvV10I/X15wbP1l1NBA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=KiWbdxaVYo6yGflzsIqUHjYzBRDbDTO0jVJIW4bZPI8=; b=ZWGR+zKgjQ20vc6TJ753gQnnpGmm1hLeFhxx3UYl85GL+3SPjlokSivbOQ8D/7uQYV1+VXtE+HMUVX5k5lwevOO2epKW2KhETl6IptcL7KXC1phtUI9FVCu8FKtukR7bNnDqi2MTNS9fwtHkJeUwS+lLrlJovT4eO3tY69RqM04dA35jT3B8NJEalNS2mhVBQGU8IuU9Hdjke+MxBW6WHa3Q0cnD26LW9KVQEWcKBIk/eNwea5ZAJebWv32FWDC8tGSxcmpT2h81EzxzBOACXN/EhEoGKQoac3juyDS46gDXYwbW5ciuhoxfSMtYfN5eer8W3KRwP1FSgezbvAMgIw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=KiWbdxaVYo6yGflzsIqUHjYzBRDbDTO0jVJIW4bZPI8=; b=W/kyHlDG+VmeMGDw1FvPpYG9eoo7VO9LdCMyyUsi/oNBBsLpNA2UeoA/XiwT0nD+3NGUHyysx9aF8pBHq0eNUWaxVLmOE9UMFNgdXhlS7pIPCnmGrtw6OC4tND4vkf0ZyPWoM0WvQm7gWQ8pvSwB2g8qNvkvhtiDjqInqHipV3k= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) by BY5PR12MB5016.namprd12.prod.outlook.com (2603:10b6:a03:1c5::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.20; Wed, 7 Jul 2021 18:16:25 +0000 Received: from BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed]) by BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed%7]) with mapi id 15.20.4287.033; Wed, 7 Jul 2021 18:16:25 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , tony.luck@intel.com, npmccallum@redhat.com, brijesh.ksingh@gmail.com, Brijesh Singh Subject: [PATCH Part1 RFC v4 22/36] x86/sev: move MSR-based VMGEXITs for CPUID to helper Date: Wed, 7 Jul 2021 13:14:52 -0500 Message-Id: <20210707181506.30489-23-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210707181506.30489-1-brijesh.singh@amd.com> References: <20210707181506.30489-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) To BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.19 via Frontend Transport; Wed, 7 Jul 2021 18:16:22 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: dc8400c7-ca67-40fe-f7ee-08d9417354b5 X-MS-TrafficTypeDiagnostic: BY5PR12MB5016: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:4303; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: V9Q+H6YTvJ+WpgOBZPtX79QGQK3/XVl0ZQqcuZgSpQEZ6LM7xii3rNadK/hFiQvPpH1srUUWBcKxKmKRSPw4a3IpItnnbeosA6ktgdtSaXPP7lujQybetZGVC69doNFRvmuTHYwvMUUWSO7VThs+Zta3ardi8j6Xz1YtCSaPZ2cIxN6j1atDpe9UFObOEaQGyrTJER702aegqGHw2q21Iazqt958EegM8+f9BBdmOJp6WPjxKX5p/iA424B3Q7Y4obL2kSxVxKgNMCxCT+rlU2h+ljX/Yf+pCshJPW/0JkCrW29HunPog00vyCtjTE4dW2bHRgWqc8pVZj9QOzCPJcH/8uwSHtfgACeXnpXTR/9xCQJ/ld5rDdNdDvYSwQsH3hA4lFhkz5dnRKHPevbgm9a3nGadLgRDuc0gEI3PPuopYGkeQHW5uqzbvJvLQVx/bMyJOQsC2B47R9jGBZQcAUxs6LefY3llvoQYdUs4i+3lkKdBR0QM6UlB8N81xGLnc9fbfFpB0vwG3Qzo5siGlyKZ2bEtd4ItS0a1WIzC1q9N4sOuKXjLn7CHXnMxTa9olfp3nlvXvx3toubeyEfXZW1yc/aZIzoSaF/PfIWsMf1UeEWALAGA+vQ+S31FwuMHSiKcHW7+OQ/Sr+GJ4Z8m4vAnjL5TB/dfPc3DFAfWGIgwCS1pHsMmx4ljn2OtcAOPIeJSv60n1YCpgU+KxzVh+g== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR12MB2711.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(396003)(376002)(366004)(39860400002)(136003)(66556008)(66476007)(186003)(7416002)(52116002)(86362001)(26005)(956004)(8936002)(478600001)(7406005)(7696005)(8676002)(83380400001)(5660300002)(2616005)(38350700002)(38100700002)(44832011)(2906002)(1076003)(54906003)(6666004)(66946007)(316002)(4326008)(36756003)(6486002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: kdVRYWQb2kgKLOp+05vvYeZjwySuZnoMe0jkRTMuFJEI1RfqJciWbTa18UAZYx8xbWiLHtEcdO+QwZ/HKbooGAZ4qWE465kE4tvXNfmKgnq2APGw9A7DGyc1PyBTeXfLiqN3JMu8BMKVBDYF/4kgKlNCOiG86yxkdMOM/eoB63mY8cNue6MKeMs0D/imH7YthmzOyWSTenvezVfFbAma5lk4EmFIiJTojCx6kV5yPEvKZGrFAaLDm1FdpUP8acITzuHXRnu8BuNuoeeiVnlFboAWKa+S957SvVjhrJ6iC1v8WZQ8nMTab+BHSgMINeAW8ZUT5LI9BxaSP2mJG3i3YRT6hxX3+iM90SNvxe/2+aiSzzxOl+cm7LM0yj8vCMZPW92iFk2+RjUAT+9rZE1XE+gA/lSOJLn5mRgXbFVlkN+enKHQbT1KVe+3/JWYz+nibdNgxI46KzfFZx3YdFlxn+gUgCHDQBbFvUl/9TYTGgwT0+7cFsnfHImuKoudn3IWc3g4QE2B5nYEa/kSh598sPuJw0KGRHmy0aHJeLCVw2AQU27O0sbj4V1QrKVwAB3cRpEJ5MU8qN++1Os3Ed60i5b+JeP5xCyChlYD7XN/Sj1Him1KRjZcg7rLlBLPoyBDXcWUFyjqR8Ub53tijGfp00qCXZV915xVB3N1nmeXcJqpWL7DVB1NRudzxHSTqi96y0L4MOHSXT2+ssdWOoVBlreK6jqcVbr4Brwu8aYuGLl2Klt7cU8h7N9M3ClT9HwkXxzxpVSGWOK1v70sgYXR27/Z785gmtEMf5ScK5a8U838fWqJBxI0AYwU5bXjnZtY/Q49guZiHGGuWMkSjTwFteRDld8sr5l0mmJmE4FqxP+W5QULt9k2GvGfOi7ECYPV/1SolWZ/A25fZscdet8Ryx3E8nwJzO+vyT9cWHXbSs/Ve3HLnTOw40eW4jAnTDIXamzOQPzusgYU6EzNXDn2tOqd1D6fzYIAMHm7gBwGfCi1Zhpnb+ZhVRTtYTortTeIfSFctI8Vfv3/+WbYNwUlxiWrjhElKZfyxPtsUFxRcN39YGorITJ+TRSoQedMlfVUKcTCpD1wK0jS3aDYFmY+DXUkwgehxTDzDTfZLl/Fu80SYrYcV56UWKin0un040BBSZ7niT+HKHvFhBLPv1QF+fMcnZCgIxf8xvYCIAdQO9ga0fZl9R0JCFCpvZsZYaTBmDLHJycYaKDKQYauo5d4cDoAWsHgoK8smmvf9Z48dbDCFYtSP+dj7BfIb96fSYEQa7uE649hyLGKrUThCXCXuHeADlpCpdkmKCOsnSaDRqppGZjqq2xC0Bz0VZ/NPlc3 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: dc8400c7-ca67-40fe-f7ee-08d9417354b5 X-MS-Exchange-CrossTenant-AuthSource: BYAPR12MB2711.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jul 2021 18:16:24.9910 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: VCJOLzf93tOWxj+RW70W3mYWlEN6uqe81sZERIHN5ewF8e+HyEmUPbU3sAzmSNveJWA9mcnUOQ3iul9e1lbBeA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR12MB5016 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org From: Michael Roth This code will also be used later for SEV-SNP-validated CPUID code in some cases, so move it to a common helper. Signed-off-by: Michael Roth Signed-off-by: Brijesh Singh --- arch/x86/kernel/sev-shared.c | 84 +++++++++++++++++++++++++----------- 1 file changed, 58 insertions(+), 26 deletions(-) diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c index be4025f14b4f..4884de256a49 100644 --- a/arch/x86/kernel/sev-shared.c +++ b/arch/x86/kernel/sev-shared.c @@ -184,6 +184,58 @@ static enum es_result sev_es_ghcb_hv_call(struct ghcb *ghcb, return ret; } +static int sev_es_cpuid_msr_proto(u32 func, u32 subfunc, u32 *eax, u32 *ebx, + u32 *ecx, u32 *edx) +{ + u64 val; + + if (eax) { + sev_es_wr_ghcb_msr(GHCB_CPUID_REQ(func, GHCB_CPUID_REQ_EAX)); + VMGEXIT(); + val = sev_es_rd_ghcb_msr(); + + if (GHCB_RESP_CODE(val) != GHCB_MSR_CPUID_RESP) + return -EIO; + + *eax = (val >> 32); + } + + if (ebx) { + sev_es_wr_ghcb_msr(GHCB_CPUID_REQ(func, GHCB_CPUID_REQ_EBX)); + VMGEXIT(); + val = sev_es_rd_ghcb_msr(); + + if (GHCB_RESP_CODE(val) != GHCB_MSR_CPUID_RESP) + return -EIO; + + *ebx = (val >> 32); + } + + if (ecx) { + sev_es_wr_ghcb_msr(GHCB_CPUID_REQ(func, GHCB_CPUID_REQ_ECX)); + VMGEXIT(); + val = sev_es_rd_ghcb_msr(); + + if (GHCB_RESP_CODE(val) != GHCB_MSR_CPUID_RESP) + return -EIO; + + *ecx = (val >> 32); + } + + if (edx) { + sev_es_wr_ghcb_msr(GHCB_CPUID_REQ(func, GHCB_CPUID_REQ_EDX)); + VMGEXIT(); + val = sev_es_rd_ghcb_msr(); + + if (GHCB_RESP_CODE(val) != GHCB_MSR_CPUID_RESP) + return -EIO; + + *edx = (val >> 32); + } + + return 0; +} + /* * Boot VC Handler - This is the first VC handler during boot, there is no GHCB * page yet, so it only supports the MSR based communication with the @@ -192,39 +244,19 @@ static enum es_result sev_es_ghcb_hv_call(struct ghcb *ghcb, void __init do_vc_no_ghcb(struct pt_regs *regs, unsigned long exit_code) { unsigned int fn = lower_bits(regs->ax, 32); - unsigned long val; + u32 eax, ebx, ecx, edx; /* Only CPUID is supported via MSR protocol */ if (exit_code != SVM_EXIT_CPUID) goto fail; - sev_es_wr_ghcb_msr(GHCB_CPUID_REQ(fn, GHCB_CPUID_REQ_EAX)); - VMGEXIT(); - val = sev_es_rd_ghcb_msr(); - if (GHCB_RESP_CODE(val) != GHCB_MSR_CPUID_RESP) + if (sev_es_cpuid_msr_proto(fn, 0, &eax, &ebx, &ecx, &edx)) goto fail; - regs->ax = val >> 32; - sev_es_wr_ghcb_msr(GHCB_CPUID_REQ(fn, GHCB_CPUID_REQ_EBX)); - VMGEXIT(); - val = sev_es_rd_ghcb_msr(); - if (GHCB_RESP_CODE(val) != GHCB_MSR_CPUID_RESP) - goto fail; - regs->bx = val >> 32; - - sev_es_wr_ghcb_msr(GHCB_CPUID_REQ(fn, GHCB_CPUID_REQ_ECX)); - VMGEXIT(); - val = sev_es_rd_ghcb_msr(); - if (GHCB_RESP_CODE(val) != GHCB_MSR_CPUID_RESP) - goto fail; - regs->cx = val >> 32; - - sev_es_wr_ghcb_msr(GHCB_CPUID_REQ(fn, GHCB_CPUID_REQ_EDX)); - VMGEXIT(); - val = sev_es_rd_ghcb_msr(); - if (GHCB_RESP_CODE(val) != GHCB_MSR_CPUID_RESP) - goto fail; - regs->dx = val >> 32; + regs->ax = eax; + regs->bx = ebx; + regs->cx = ecx; + regs->dx = edx; /* * This is a VC handler and the #VC is only raised when SEV-ES is From patchwork Wed Jul 7 18:14:53 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 470879 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 44868C07E9B for ; Wed, 7 Jul 2021 18:17:58 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 282E061CC8 for ; Wed, 7 Jul 2021 18:17:58 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232335AbhGGSUf (ORCPT ); Wed, 7 Jul 2021 14:20:35 -0400 Received: from mail-bn8nam12on2067.outbound.protection.outlook.com ([40.107.237.67]:45063 "EHLO NAM12-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S232095AbhGGSTs (ORCPT ); Wed, 7 Jul 2021 14:19:48 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=f9FNbJYFh71t8bSuyST1dkbNhxLsA31gRZUCqfpEZ/kz99VTsunWMfuoID3qaf2M0kRUIX9Dv+XR57is9EtU9wDyyczFQaWgPfSJAy0kViueB/ORm/2RfylOrrxqYvpwZgP8w4qpjzpMtdmqpskyglVYbXk8COzfPQ494eqFoH8pB97PuvigvTeh9uMBzD/btgsRkwJ/lLUoOmp+beMbQALbgIlb9d+JY1eBN9muvyTPmMzFu8FufS3oUDWu+K2SgzzAgtoyd+3F91xYuJL0gEEdV+4mzB7D+osUnI2XrGpEqXl0r0MUmLVzvnIa9fZDcV/2U0ngtJoRe4vtUitJJw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hBU5NjKVuUubgJqFZUVr/Woemez+mkT4i2hl+Sgn2jg=; b=idvRn870tbm2jaRmmm0O8yc+xcvsGVzMjnb4FiHIvyy+bMZ6FepyrN0YzL1fOfp+PhNGy93LWeV5slBXSP2S8Tmraxt/2jmRbu1BgMeEZ451OiFTgfQZ2zTS1y+SlMAInaSW4Of0uWnIkdyPoH6B2stjz18kGmv3mEuvObX9ngRsJi7JhllZA76INtuvoV4fR4jZmEM0dXcfXvEb+E/l2dFyPPq/SvVfSfJBQB4YLvHncrkx8PoH6RqsNVlMcwG890Pbsx7Evf1N1ezk6UHdwq3BcUsTa6TCcC7vMaD8XHnCQEFHOsyArtiWQDcTdLTIw/aU3IltL23BedTJ4GxCrg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hBU5NjKVuUubgJqFZUVr/Woemez+mkT4i2hl+Sgn2jg=; b=wPdyUSavU9XuskIMzq6jAj9GSQM7SV27ESHy+9dYjbi9jXJjvlk0XBng6vT3YG6sVwQH0xwyo+cwg+wS3XLfR63PvnwlGx+xRpfG9dMVdYH4ytSEELknvmY+fBbF7qktjEBhxCPELsr3YV3h+2V2IjBU8SR/aUF/eBul7sliIf4= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) by BY5PR12MB5016.namprd12.prod.outlook.com (2603:10b6:a03:1c5::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.20; Wed, 7 Jul 2021 18:16:28 +0000 Received: from BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed]) by BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed%7]) with mapi id 15.20.4287.033; Wed, 7 Jul 2021 18:16:27 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , tony.luck@intel.com, npmccallum@redhat.com, brijesh.ksingh@gmail.com, Brijesh Singh Subject: [PATCH Part1 RFC v4 23/36] KVM: x86: move lookup of indexed CPUID leafs to helper Date: Wed, 7 Jul 2021 13:14:53 -0500 Message-Id: <20210707181506.30489-24-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210707181506.30489-1-brijesh.singh@amd.com> References: <20210707181506.30489-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) To BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.19 via Frontend Transport; Wed, 7 Jul 2021 18:16:25 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 3611973b-3c3e-422f-543a-08d94173565b X-MS-TrafficTypeDiagnostic: BY5PR12MB5016: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:2150; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: zsFimDqvzw6lvrhqepEGwsowY5lEme8sZXbuJMpEtnD4nyhx6iGUBpSQRrYSpB5uEaFr47v7ZHjIZnfC5lvTt4W2xD1UNf4KjQmi0XrmPBVUypjreJte/Zdt83o7Y9K0t6gC/CFYKMRFbfi4G5M5Zm5tvJI9QUK2hosbfvBQDEC/WdRlvzdp335uB3tAQ0ontI8I5BzPjLRBqAZ5UmYcpgp5SaAaHJay8+RH+bAThLNC4tQxnIVjFE0H1uZ6JPxPz3CiIeezuoyDasAqJ4KQvmW1O/agFDJbLtJLFWNl+8bglrhGZ6T0nr7h4Jy9fCW9lCWTEy5CtlifTOlCgYYnPY6kZ4TigVa1gF4OhOuEkaGb8cuN9PxYGapGfANeacK67xb9e8U8BDmcGcwHBZzMpKgbD4UkPOZftSZOBcpEIZMCRPEjVMJBW6RN9DPgJZGdSFRf4oW3sZhx1xLTI1zFbLSf36QCXbX73VGcW+CU/60j7I1jv5ATJVzPThrS7L8U8eATapZ+SnqpwMMzvwv0EbuOjX8A16zOz6wmI5LU+hr2+ZEkpIRf056jTemurYpe047hyXOY7OjrzLy/CE7d/VAMaD3u+BFVNi5N0km8NfFpmEtAhkuj88bIsKfHN4gNHMUGu/qujoZbnZ682Fn3+kzZJ/Z+w0DCdgCOGnc8XIFqnF1lHlRzpNDn4SRjp0fy8OpxPtDC76wI1kvcCkZ0tg== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR12MB2711.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(396003)(376002)(366004)(39860400002)(136003)(66556008)(66476007)(186003)(7416002)(52116002)(86362001)(26005)(956004)(8936002)(478600001)(7406005)(7696005)(8676002)(83380400001)(5660300002)(2616005)(38350700002)(38100700002)(44832011)(2906002)(1076003)(54906003)(6666004)(66946007)(316002)(4326008)(36756003)(6486002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: QTvbYX/w5rlXMROyhh0WxN1eEtT9qLSak5ILBDgsxbb0J/Haui/haENosXbK20xf4jQ3k4B/EuA+e6m60izrSmpsSF82qgtYoiqGfuEIooCE0mMEY72LCpSLD8MEgB8gkh0pq73FhM8Xbgm5RpDbtuzaRuUm0NvsmkJ43nnRSj8b+VsVqupsPquQAqiaTjVpyukQH2HpCwL2NKWjpz25AlTOWOcmlVi8NH+e5tUExyQhLXONQGQBf9iSH+s8ddpLP1YmTDoBkIDvN0mjtLxWxTWymQPoIaqdeMmfVajm+nEo6P2blyqyhCqehNFG3R8kHSvz8w7BIn1agT+xu6LQkKKcJuPBLneRarojnICajVJh07TtxWQw/aM/cfVNBbQygT9zCd7vOvXcuY39g6s136a3YNoe/mPQgc7/CoX3Qrq7MM20Ze7724Z62BXR0kVsQOgTVy3xepV1LCC/v9uO++vogBUfkhW/44UMFHPyJCytQX+rfXAHXelwfKISxGZY0rtCRcY+kz/jgcZeJ1CrcIkRqvmysgyz7M2WrLriDNyENmA3jAR81PSGblLQRLBqHVHD1knSNlciEvyT/fI5w+tNp5CIAYtKoi+PkLttQbY1BSIYHVo8z5y+F+uuXSrJFM3KU2yCARarJ/ofdTZ0T3V8xNHVC2akJpIX327d83uJGVryJ6uHxHuNItocUgLjOfE56NKFZKY0Apu40dC4HQeP0Mi4Oqv6sympKozzOC2ND2Upco+bKpW7UkU2puopFjLaos3kBX0PoDHG7tz31OMyIBYj+wlcF/e4fMiK6TtDOe/X6dT5zgQ9kQl6nezTVGRoH9gmpwu8/w1VDKm4zCsoLIqI2fo1Y0IuHjfBIGBEHHaUdjOFk1X7023VWSWzJf9eTlLAPIbaRhx/AWOoHGfmdyPu+H1njMY6Wdx2suA8YrDtznDDqaw00NUxFdK+rhdnoBEYa/qBSqi874WedveuP1iTnGysVXpd/Pcg+IbtR9SS6l/UNONyyVeeoNH/2LpKxYHp20SMzxfM+2LvLks0HuyPpEAiw+iWJJEPVc1JWRNIPYseicrmxa1sHuM/+I8sGfwciFVwLn8qX8oaq0e3rdxINbTsDT13fz8nYYP1Zn5pLnA/e7SIiBwCr2n1EwNogiu7oKKR8h06//KAg7kSN0zAxLKp57Y+fa2Z7Ykw3XgBEaRQqSuMBuGBa2BqsPD/nJ4b0gcdd+RmzEGS/OJTSsuDbXlqz6vYdyjk9B5fKsQ0RrRhnyPY3+aGMkau1JiKFdkz4NtHEUYKvAPyeGHUV53DM4QQ4J401dwIRHRGPcNI/fgZQad3zLR2Hzka X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 3611973b-3c3e-422f-543a-08d94173565b X-MS-Exchange-CrossTenant-AuthSource: BYAPR12MB2711.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jul 2021 18:16:27.7525 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: mZcr/bQyTEe2dwmNCkmvsWnL7NF+VoDmtY7ERwvDEcp4m3eE9vFE/ofNKGTeHO+UG78fAqoiL0ceaqlNyey4ag== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR12MB5016 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org From: Michael Roth Determining which CPUID leafs have significant ECX/index values is also needed by guest kernel code when doing SEV-SNP-validated CPUID lookups. Move this to common code to keep future updates in sync. Signed-off-by: Michael Roth Signed-off-by: Brijesh Singh --- arch/x86/include/asm/cpuid-indexed.h | 26 ++++++++++++++++++++++++++ arch/x86/kvm/cpuid.c | 17 ++--------------- 2 files changed, 28 insertions(+), 15 deletions(-) create mode 100644 arch/x86/include/asm/cpuid-indexed.h diff --git a/arch/x86/include/asm/cpuid-indexed.h b/arch/x86/include/asm/cpuid-indexed.h new file mode 100644 index 000000000000..f5ab746f5712 --- /dev/null +++ b/arch/x86/include/asm/cpuid-indexed.h @@ -0,0 +1,26 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#ifndef _ASM_X86_CPUID_INDEXED_H +#define _ASM_X86_CPUID_INDEXED_H + +static __always_inline bool cpuid_function_is_indexed(u32 function) +{ + switch (function) { + case 4: + case 7: + case 0xb: + case 0xd: + case 0xf: + case 0x10: + case 0x12: + case 0x14: + case 0x17: + case 0x18: + case 0x1f: + case 0x8000001d: + return true; + } + + return false; +} + +#endif /* _ASM_X86_CPUID_INDEXED_H */ diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index b4da665bb892..be6b226f50e4 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c @@ -19,6 +19,7 @@ #include #include #include +#include #include "cpuid.h" #include "lapic.h" #include "mmu.h" @@ -608,22 +609,8 @@ static struct kvm_cpuid_entry2 *do_host_cpuid(struct kvm_cpuid_array *array, cpuid_count(entry->function, entry->index, &entry->eax, &entry->ebx, &entry->ecx, &entry->edx); - switch (function) { - case 4: - case 7: - case 0xb: - case 0xd: - case 0xf: - case 0x10: - case 0x12: - case 0x14: - case 0x17: - case 0x18: - case 0x1f: - case 0x8000001d: + if (cpuid_function_is_indexed(function)) entry->flags |= KVM_CPUID_FLAG_SIGNIFCANT_INDEX; - break; - } return entry; } From patchwork Wed Jul 7 18:14:54 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 470877 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9621BC11F68 for ; Wed, 7 Jul 2021 18:18:37 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 81E2E61CCD for ; Wed, 7 Jul 2021 18:18:37 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232502AbhGGSVQ (ORCPT ); Wed, 7 Jul 2021 14:21:16 -0400 Received: from mail-bn8nam12on2075.outbound.protection.outlook.com ([40.107.237.75]:26112 "EHLO NAM12-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S232508AbhGGSUX (ORCPT ); Wed, 7 Jul 2021 14:20:23 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=L5Pj2D442YTzlVGryNSzmu8pFB8xhkV9/GmmGDUG0W5vI9e8yXUpu9/BGY290XqO3xo6SCnu7OlOE7WbdyL0wcn+00betxH3tsK6N51kXDsT1xUMS3I4PU7Q7HZ81F2aKNGTe29jgKObtrmVaN05TcI7kjScoEViwypIDTd2yiRHmbXAA0G/CX7z1a5MVpBByWXNIibECNOUehGhDs0OF/6Ugp9R1JHqJGFrXbDLBYfrmYq9R2edJsGr6pgb1lMOB2W/N/6pcU8CGt0xM4FCVm+vQrtifpUOvL8O5+/G0K3WwVvWt1f7JCEcm/wIvT6LAtqAZrhr0aoW/cotbPx+QQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=IPZMrIjJ8mD/qBfBptD/Ox46LRwQeKqAd9aThHVDvOI=; b=eFulPikaeL5ryWd4dZDNDWSEAenvLq4VmVERpvdb3ebXCbmFdIYwkReSVJAJ3XksknB/LbqBz47McrROIn5O/01m9KpxcQcbMZX3X8qjZAlgLyhBK16a3ICYjA86l6tgloaJYhXLgdBx1QhTIK9KkuOouOPIcNuPsGmw1eZH0FHhWdPSsTbjpzzKWu8XabF4p/CNuUBMF6YL2hO0HYPpSVolrmp90X8RUo6mU+VsnoT9RrvGtAx2GEcRrwNeVNBWYEqkdfDcl1sekVW+PAXWVVpCoZ+mT4FgYRGvq8p8+iOPNSFzY0pNsoxZe9/GYtaGjk9s1XKV6n16OdKcbKE47w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=IPZMrIjJ8mD/qBfBptD/Ox46LRwQeKqAd9aThHVDvOI=; b=zJwH49CTTjV37zbV6b4hTeP2mWH5lFwd+yj/kDB4c9ICN8fMvOlZ4/WsB6zvT//yJfOOgIEQV0YVaEnB6QbrXM0vcoj8Pe8kM1cFNjP30WLk+LyfuBUXjU72YoSrn4CrM2enAA0FhyadazSQeiCSk6NAJHZT0JlJThkmZ2vf/dg= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) by BY5PR12MB5016.namprd12.prod.outlook.com (2603:10b6:a03:1c5::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.20; Wed, 7 Jul 2021 18:16:30 +0000 Received: from BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed]) by BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed%7]) with mapi id 15.20.4287.033; Wed, 7 Jul 2021 18:16:30 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , tony.luck@intel.com, npmccallum@redhat.com, brijesh.ksingh@gmail.com, Brijesh Singh Subject: [PATCH Part1 RFC v4 24/36] x86/compressed/acpi: move EFI config table access to common code Date: Wed, 7 Jul 2021 13:14:54 -0500 Message-Id: <20210707181506.30489-25-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210707181506.30489-1-brijesh.singh@amd.com> References: <20210707181506.30489-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) To BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.19 via Frontend Transport; Wed, 7 Jul 2021 18:16:28 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 40d8fd6a-95f5-427d-da9b-08d9417357d3 X-MS-TrafficTypeDiagnostic: BY5PR12MB5016: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:2276; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: FligQslX/nqSLIKKK7St2SjdBqNYPSOCQWP/f5fVXk0alBCLENoZxgex7gDXpxOmehTCTeMYzNUcLB4aHYrXTjMcqc3J3pup7xgfV2lqiczOq9V2YZ27i1p7JsZEsizOH2vuT94MfgveMoZL45G80h9vBYr9TftQl/WVXsYsT/uwvF1nmdYMzm7OPdGgY4E8I8uZuAJwfS02sf16yRVGbxn+9fOFjwHKvGhSA6IKJPi9Muqa4CtM9TV4QOhhw/xoT55UsLC7R5XgbUawGr3MufqTZRvCe8KY9Ll6PUM6DkUSBmf7cJEB0PhsyAFmZmNQq2MPPNa7MmOI1BXHmup4fIY2JwpYUYIueZcr/hseMZkJGG9TsdQxG7js7XYR9iwSFIJLkFdxcfT+2LEmU5XusTl5Mn5yLE9yqFcL1NuNjFkn5tM66sPbZ8q3LCyVcNGVID6uP38TVjAt7leHpxhUwJAjfE47MtXFSGBmDp6bUT9Bl36RloJiHVREHf/CQeUaA6xP74HhDVQ4geZ5rHliPgUZjrTsEczAQN+QuS5VtA1/iqAcMR0L+cM0RtMBVZe6g21laFaf97tAUTGxWu6OnoEmqCG2QuECnrYOs5Aqa7QcwhSf0IiCB6lUT+pfyPYgGtJqEc9n45Ny4VhPDDMOQVVw2kYF3CTCMvdM2VMYPfFiB0Y6g4DRlzUWiveNWEC0+6f2Ysl6qyGwPeWV7T5I6g== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR12MB2711.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(396003)(376002)(366004)(39860400002)(136003)(66556008)(66476007)(186003)(7416002)(52116002)(86362001)(26005)(956004)(8936002)(478600001)(7406005)(7696005)(8676002)(83380400001)(5660300002)(2616005)(38350700002)(38100700002)(44832011)(2906002)(1076003)(54906003)(6666004)(66946007)(316002)(4326008)(36756003)(6486002)(30864003); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: V/xY1WuiR5o8Qx+vaGhw3GgS4CCJasBwIfrmSbdPoFSutf79EubvsSezwK/fxIYIlaKmv8JhYHyoSJXsGSOZlcQWf8P2l6wTDVlyrtk1fZ7z0vSf1GTs/0DV9QbilIF04nIMP69JbaL5RmUjj2dHurQT9TznZNeq8Irt4TG2vZXNM3qIa/uLDsL8hV9lJs18/jfIuAXdkO72lV7rFI90dJ49p5CKt9jhlRBkJ3xnxeXdph4pED82ClC6Us5fg/TUAr9+/5v/QfCsXWv5olnmjJeeaLmZurDze+GHlhW1MKJqA6PJVNq3Lry/PhdeAqCp/XtPpE6vCVIUJQLGWAkp2SkMyg2ZhNWYL+R5ltZxZ6u29VpCTSLu/4c/qWYsVbUwEkOWwk04kssttA7pyp5c7pY5WKZ2DisaWXbcDXKiSJpk5bS49newapzEXC8hzSTn0ZSD3iHFlbErMNg1mgyLzlpRbgHEe2o1In3l38xL6E/qrmFaTQh8j+BQK1xXnow6IehlkoDNKI0lLPwyd1hBJd5UQgHG9Dse/wMHGISifG5+0BAMlXMrhkqCUYBnDo0VCLk+m34BFwavBUzjtTI0yW9Kx7Cpv4BB8g3r/xAOZMnuLpSBx4XQPPband2X9xmsmkSyOZGTrsmVcD4pGVY4IXiJ4/Ix9i5Y+pKmPB7RxJmGmG5t+b2n/vR3cQWEXoHpYHqm5Eh4vIhmpesBT+gakdXtu5PkH+ZtPrQP49ZHMNWqxGuURjjNT6mF/sLphGl+kzGTvqYbM+rMdyqATvbYVy1c5E2MTvnfjy78KeVYIAv4dPgBrFpAvmLC3IZBsjziUU46YebJNE3A4o4NfQ3HWdf2ZjfgunyRnOYhIJPZdEyMpPPggFyXvOKbRKiFA7yb6DU9x62KvrqZn5BadMUT/oJ+RPpFjuKgahp9+tKJeWfM7CflrqXcmlY+b8xzARN6ZHlis9jAFJbnc5s6IPOkrPnd9rr4c4tjc9UMMj4K9ddYvTY/NmtTZIW93JvVFw5pbQvl8lMAinnpJvhZC5PDk1tpBzvP+sZnGWf2CdmtbEZnctgfxCfXbk2lQFwAG1Uzs7j3Yu9EfygSScf1wvFm/bJ1pfmn+ptD3MeELXVXzXP0GpmWDpluSSBwAug837XBI839YEFSx5ni+1DI3igB6SPJto3VFmaGoO1DUxwNRIrfdMsKy2FDHOFGY9OM9+do5Tg/f4vMReLtMJpPjsq0CBZlfTjR4yHS/+rSzhxCkQLf/AxUFG8yBdj+d1+SbZKaVodBUcApPqrbO/3Nsm89pPw3+R8vkQRYcUsSclcalP5X1HP6XUlGclwXGQIGlFSN X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 40d8fd6a-95f5-427d-da9b-08d9417357d3 X-MS-Exchange-CrossTenant-AuthSource: BYAPR12MB2711.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jul 2021 18:16:30.2530 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: VFcZq9RuwmVk1/IuYKqJjcS+XUh+DXM7HdmC/wCzB77NB3lQL05pYsm2S8QgO017W2esZn4D6c3nsYLZ8WJrgQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR12MB5016 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org From: Michael Roth Future patches for SEV-SNP-validated CPUID will also require early parsing of the EFI configuration. Move the related code into a set of helpers that can be re-used for that purpose. Signed-off-by: Michael Roth Signed-off-by: Brijesh Singh --- arch/x86/boot/compressed/Makefile | 1 + arch/x86/boot/compressed/acpi.c | 124 +++++--------- arch/x86/boot/compressed/efi-config-table.c | 180 ++++++++++++++++++++ arch/x86/boot/compressed/misc.h | 50 ++++++ 4 files changed, 272 insertions(+), 83 deletions(-) create mode 100644 arch/x86/boot/compressed/efi-config-table.c diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile index 431bf7f846c3..b41aecfda49c 100644 --- a/arch/x86/boot/compressed/Makefile +++ b/arch/x86/boot/compressed/Makefile @@ -100,6 +100,7 @@ endif vmlinux-objs-$(CONFIG_ACPI) += $(obj)/acpi.o vmlinux-objs-$(CONFIG_EFI_MIXED) += $(obj)/efi_thunk_$(BITS).o +vmlinux-objs-$(CONFIG_EFI) += $(obj)/efi-config-table.o efi-obj-$(CONFIG_EFI_STUB) = $(objtree)/drivers/firmware/efi/libstub/lib.a $(obj)/vmlinux: $(vmlinux-objs-y) $(efi-obj-y) FORCE diff --git a/arch/x86/boot/compressed/acpi.c b/arch/x86/boot/compressed/acpi.c index 8bcbcee54aa1..e087dcaf43b3 100644 --- a/arch/x86/boot/compressed/acpi.c +++ b/arch/x86/boot/compressed/acpi.c @@ -24,42 +24,36 @@ struct mem_vector immovable_mem[MAX_NUMNODES*2]; * Search EFI system tables for RSDP. If both ACPI_20_TABLE_GUID and * ACPI_TABLE_GUID are found, take the former, which has more features. */ +#ifdef CONFIG_EFI +static bool +rsdp_find_fn(efi_guid_t guid, unsigned long vendor_table, bool efi_64, + void *opaque) +{ + acpi_physical_address *rsdp_addr = opaque; + + if (!(efi_guidcmp(guid, ACPI_TABLE_GUID))) { + *rsdp_addr = vendor_table; + } else if (!(efi_guidcmp(guid, ACPI_20_TABLE_GUID))) { + *rsdp_addr = vendor_table; + return false; + } + + return true; +} +#endif + static acpi_physical_address -__efi_get_rsdp_addr(unsigned long config_tables, unsigned int nr_tables, +__efi_get_rsdp_addr(unsigned long config_table_pa, unsigned int config_table_len, bool efi_64) { acpi_physical_address rsdp_addr = 0; - #ifdef CONFIG_EFI - int i; - - /* Get EFI tables from systab. */ - for (i = 0; i < nr_tables; i++) { - acpi_physical_address table; - efi_guid_t guid; - - if (efi_64) { - efi_config_table_64_t *tbl = (efi_config_table_64_t *)config_tables + i; - - guid = tbl->guid; - table = tbl->table; - - if (!IS_ENABLED(CONFIG_X86_64) && table >> 32) { - debug_putstr("Error getting RSDP address: EFI config table located above 4GB.\n"); - return 0; - } - } else { - efi_config_table_32_t *tbl = (efi_config_table_32_t *)config_tables + i; - - guid = tbl->guid; - table = tbl->table; - } + int ret; - if (!(efi_guidcmp(guid, ACPI_TABLE_GUID))) - rsdp_addr = table; - else if (!(efi_guidcmp(guid, ACPI_20_TABLE_GUID))) - return table; - } + ret = efi_foreach_conf_entry((void *)config_table_pa, config_table_len, + efi_64, rsdp_find_fn, &rsdp_addr); + if (ret) + debug_putstr("Error getting RSDP address.\n"); #endif return rsdp_addr; } @@ -87,7 +81,9 @@ static acpi_physical_address kexec_get_rsdp_addr(void) efi_system_table_64_t *systab; struct efi_setup_data *esd; struct efi_info *ei; + bool efi_64; char *sig; + int ret; esd = (struct efi_setup_data *)get_kexec_setup_data_addr(); if (!esd) @@ -98,18 +94,16 @@ static acpi_physical_address kexec_get_rsdp_addr(void) return 0; } - ei = &boot_params->efi_info; - sig = (char *)&ei->efi_loader_signature; - if (strncmp(sig, EFI64_LOADER_SIGNATURE, 4)) { + /* Get systab from boot params. */ + ret = efi_bp_get_system_table(boot_params, (unsigned long *)&systab, &efi_64); + if (ret) + error("EFI system table not found in kexec boot_params."); + + if (!efi_64) { debug_putstr("Wrong kexec EFI loader signature.\n"); return 0; } - /* Get systab from boot params. */ - systab = (efi_system_table_64_t *) (ei->efi_systab | ((__u64)ei->efi_systab_hi << 32)); - if (!systab) - error("EFI system table not found in kexec boot_params."); - return __efi_get_rsdp_addr((unsigned long)esd->tables, systab->nr_tables, true); } #else @@ -119,54 +113,18 @@ static acpi_physical_address kexec_get_rsdp_addr(void) { return 0; } static acpi_physical_address efi_get_rsdp_addr(void) { #ifdef CONFIG_EFI - unsigned long systab, config_tables; - unsigned int nr_tables; - struct efi_info *ei; + unsigned long config_table_pa = 0; + unsigned int config_table_len; bool efi_64; - char *sig; - - ei = &boot_params->efi_info; - sig = (char *)&ei->efi_loader_signature; - - if (!strncmp(sig, EFI64_LOADER_SIGNATURE, 4)) { - efi_64 = true; - } else if (!strncmp(sig, EFI32_LOADER_SIGNATURE, 4)) { - efi_64 = false; - } else { - debug_putstr("Wrong EFI loader signature.\n"); - return 0; - } - - /* Get systab from boot params. */ -#ifdef CONFIG_X86_64 - systab = ei->efi_systab | ((__u64)ei->efi_systab_hi << 32); -#else - if (ei->efi_systab_hi || ei->efi_memmap_hi) { - debug_putstr("Error getting RSDP address: EFI system table located above 4GB.\n"); - return 0; - } - systab = ei->efi_systab; -#endif - if (!systab) - error("EFI system table not found."); - - /* Handle EFI bitness properly */ - if (efi_64) { - efi_system_table_64_t *stbl = (efi_system_table_64_t *)systab; - - config_tables = stbl->tables; - nr_tables = stbl->nr_tables; - } else { - efi_system_table_32_t *stbl = (efi_system_table_32_t *)systab; - - config_tables = stbl->tables; - nr_tables = stbl->nr_tables; - } + int ret; - if (!config_tables) - error("EFI config tables not found."); + ret = efi_bp_get_conf_table(boot_params, &config_table_pa, + &config_table_len, &efi_64); + if (ret || !config_table_pa) + error("EFI config table not found."); - return __efi_get_rsdp_addr(config_tables, nr_tables, efi_64); + return __efi_get_rsdp_addr(config_table_pa, config_table_len, + efi_64); #else return 0; #endif diff --git a/arch/x86/boot/compressed/efi-config-table.c b/arch/x86/boot/compressed/efi-config-table.c new file mode 100644 index 000000000000..d1a34aa7cefd --- /dev/null +++ b/arch/x86/boot/compressed/efi-config-table.c @@ -0,0 +1,180 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Helpers for early access to EFI configuration table + * + * Copyright (C) 2021 Advanced Micro Devices, Inc. + * + * Author: Michael Roth + */ + +#include "misc.h" +#include +#include + +/* Get vendor table address/guid from EFI config table at the given index */ +static int get_vendor_table(void *conf_table, unsigned int idx, + unsigned long *vendor_table_pa, + efi_guid_t *vendor_table_guid, + bool efi_64) +{ + if (efi_64) { + efi_config_table_64_t *table_entry = + (efi_config_table_64_t *)conf_table + idx; + + if (!IS_ENABLED(CONFIG_X86_64) && + table_entry->table >> 32) { + debug_putstr("Error: EFI config table entry located above 4GB.\n"); + return -EINVAL; + } + + *vendor_table_pa = table_entry->table; + *vendor_table_guid = table_entry->guid; + + } else { + efi_config_table_32_t *table_entry = + (efi_config_table_32_t *)conf_table + idx; + + *vendor_table_pa = table_entry->table; + *vendor_table_guid = table_entry->guid; + } + + return 0; +} + +/* + * Iterate through the entries in the EFI configuration table and pass the + * associated GUID/physical address of each entry on the provided callback + * function. + * + * @conf_table: pointer to EFI configuration table + * @conf_table_len: number of entries in EFI configuration table + * @efi_64: true if using 64-bit EFI + * @fn: callback function that returns true if iteration + * should continue + * @opaque: optional caller-provided data structure to pass to + * callback function on each iteration + * + * Returns 0 on success. + */ +int +efi_foreach_conf_entry(void *conf_table, unsigned int conf_table_len, + bool efi_64, bool (*fn)(efi_guid_t vendor_table_guid, + unsigned long vendor_table_pa, + bool efi_64, + void *opaque), + void *opaque) +{ + unsigned int i; + + for (i = 0; i < conf_table_len; i++) { + unsigned long vendor_table_pa; + efi_guid_t vendor_table_guid; + + if (get_vendor_table(conf_table, i, &vendor_table_pa, + &vendor_table_guid, efi_64)) + return -EINVAL; + + if (!fn(vendor_table_guid, vendor_table_pa, efi_64, opaque)) + break; + } + + return 0; +} + +/* + * Given boot_params, retrieve the physical address of EFI system table. + * + * @boot_params: pointer to boot_params + * @sys_table_pa: location to store physical address of system table + * @is_efi_64: location to store whether using 64-bit EFI or not + * + * Returns 0 on success. On error, return params are left unchanged. + */ +int +efi_bp_get_system_table(struct boot_params *boot_params, + unsigned long *sys_table_pa, bool *is_efi_64) +{ + unsigned long sys_table; + struct efi_info *ei; + bool efi_64; + char *sig; + + if (!sys_table_pa || !is_efi_64) + return -EINVAL; + + ei = &boot_params->efi_info; + sig = (char *)&ei->efi_loader_signature; + + if (!strncmp(sig, EFI64_LOADER_SIGNATURE, 4)) { + efi_64 = true; + } else if (!strncmp(sig, EFI32_LOADER_SIGNATURE, 4)) { + efi_64 = false; + } else { + debug_putstr("Wrong EFI loader signature.\n"); + return -ENOENT; + } + + /* Get systab from boot params. */ +#ifdef CONFIG_X86_64 + sys_table = ei->efi_systab | ((__u64)ei->efi_systab_hi << 32); +#else + if (ei->efi_systab_hi || ei->efi_memmap_hi) { + debug_putstr("Error: EFI system table located above 4GB.\n"); + return -EINVAL; + } + sys_table = ei->efi_systab; +#endif + if (!sys_table) { + debug_putstr("EFI system table not found."); + return -ENOENT; + } + + *sys_table_pa = sys_table; + *is_efi_64 = efi_64; + return 0; +} + +/* + * Given boot_params, locate EFI system table from it and return the physical + * address EFI configuration table. + * + * @boot_params: pointer to boot_params + * @conf_table_pa: location to store physical address of config table + * @conf_table_len: location to store number of config table entries + * @is_efi_64: location to store whether using 64-bit EFI or not + * + * Returns 0 on success. On error, return params are left unchanged. + */ +int +efi_bp_get_conf_table(struct boot_params *boot_params, + unsigned long *conf_table_pa, + unsigned int *conf_table_len, + bool *is_efi_64) +{ + unsigned long sys_table_pa = 0; + int ret; + + if (!conf_table_pa || !conf_table_len || !is_efi_64) + return -EINVAL; + + ret = efi_bp_get_system_table(boot_params, &sys_table_pa, is_efi_64); + if (ret) + return ret; + + /* Handle EFI bitness properly */ + if (*is_efi_64) { + efi_system_table_64_t *stbl = + (efi_system_table_64_t *)sys_table_pa; + + *conf_table_pa = stbl->tables; + *conf_table_len = stbl->nr_tables; + } else { + efi_system_table_32_t *stbl = + (efi_system_table_32_t *)sys_table_pa; + + *conf_table_pa = stbl->tables; + *conf_table_len = stbl->nr_tables; + } + + return 0; +} diff --git a/arch/x86/boot/compressed/misc.h b/arch/x86/boot/compressed/misc.h index 822e0c254b9a..522baf8ff04a 100644 --- a/arch/x86/boot/compressed/misc.h +++ b/arch/x86/boot/compressed/misc.h @@ -21,6 +21,7 @@ #include #include #include +#include #include #include #include @@ -174,4 +175,53 @@ void boot_stage2_vc(void); unsigned long sev_verify_cbit(unsigned long cr3); +#ifdef CONFIG_EFI +/* helpers for early EFI config table access */ +int efi_foreach_conf_entry(void *conf_table, unsigned int conf_table_len, + bool efi_64, + bool (*fn)(efi_guid_t guid, + unsigned long vendor_table_pa, + bool efi_64, + void *opaque), + void *opaque); + +int efi_bp_get_system_table(struct boot_params *boot_params, + unsigned long *sys_table_pa, + bool *is_efi_64); + +int efi_bp_get_conf_table(struct boot_params *boot_params, + unsigned long *conf_table_pa, + unsigned int *conf_table_len, + bool *is_efi_64); +#else +static inline int +efi_foreach_conf_entry(void *conf_table, unsigned int conf_table_len, + bool efi_64, + bool (*fn)(efi_guid_t guid, + unsigned long vendor_table_pa, + bool efi_64, + void *opaque), + void *opaque); +{ + return -ENOENT; +} + +static inline int +efi_bp_get_system_table(struct boot_params *boot_params, + unsigned long *sys_table_pa, + bool *is_efi_64) +{ + return -ENOENT; +} + +static inline int +efi_bp_get_conf_table(struct boot_params *boot_params, + unsigned long *conf_table_pa, + unsigned int *conf_table_len, + bool *is_efi_64) +{ + return -ENOENT; +} +#endif /* CONFIG_EFI */ + #endif /* BOOT_COMPRESSED_MISC_H */ From patchwork Wed Jul 7 18:14:55 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 470886 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3B726C11F68 for ; Wed, 7 Jul 2021 18:16:51 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 2A6DB61CCA for ; Wed, 7 Jul 2021 18:16:51 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231556AbhGGST3 (ORCPT ); Wed, 7 Jul 2021 14:19:29 -0400 Received: from mail-bn8nam08on2041.outbound.protection.outlook.com ([40.107.100.41]:45792 "EHLO NAM04-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S231643AbhGGSTR (ORCPT ); Wed, 7 Jul 2021 14:19:17 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PF/lgwCRw3TZc+NKvIZYNxgVY7AN9dcGoGXwK+jLI8OxbYumUD/K3xRszTQKEtrY5Q0vEoIqHygteCnzgnHCEtBdhtgrUfdoWMwURSMcafdu8UXZLl8n1ZaezpaNvi7G3rE1Ey9WGQgIKoHAEZhkCtdflkYsmCVfk1MUoSHoWkEbzNNhFCy/N6jaOetmKHGGQNwideIztehOGwrMO13o9gX83LbzwbIJiWOQyfCXgkvqUy+OKn1xeZEmhPRZv6MzlQCo5QfYiD2mQJk7J9roMiR2QvTjerES9vBpg6rhQL5Fuk5kIO35uiH5fG54lN6A+QCJe0LnquQIP141X7lm7Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GiUqerpB9vjzA1VWp+uR5Yl+kyR8h9OKCLWLo/DJvek=; b=Bj5FGSWSWV/VuD6b68SMLUJ5SltR8mD6Ub6XzlRRaUAQY4j2qshUR8cf4ArE2N8Nn2Q7TbN7bX/E2+7LNOr5G/gziRh8hEzaMFFeAq36q4rE8+nL07/N7kKsCywnuEKCNgu3BJ/+NvVJiWGRx2+08aTXbPf6fEX+bKkEaO4PNms5AbAKumAPXzxIoBrPTapuP/yzU8UhJppEv1/si6D0bmKFvuuPDQAVq7o0Whcd3WfTSwrFX2M+/no61DelABW9coQTmY5l0E2TTKZgLW8PNpKt2iasz2qpTZzYTM4dt1g/U6Qgf/z5wDT+/gD1RdMdAXay34m9hMihb9Nq1rOJug== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GiUqerpB9vjzA1VWp+uR5Yl+kyR8h9OKCLWLo/DJvek=; b=dWWovH9GBQMrAiIOwaCL7qorkuYuPLFa+fcEHy6jCRrdxzwj70upBkeWv2KW0djoWwCf2ztrj+i71g8JAL3exkKvjasiHhLj2w+lOidATwbt1qaAx+bNdTDwkTom84DPWNIooFuNJZ9z31G70WQBIscMrdaivRVJCzEIndAU2Kg= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) by BY5PR12MB3683.namprd12.prod.outlook.com (2603:10b6:a03:1a5::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4287.27; Wed, 7 Jul 2021 18:16:33 +0000 Received: from BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed]) by BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed%7]) with mapi id 15.20.4287.033; Wed, 7 Jul 2021 18:16:32 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , tony.luck@intel.com, npmccallum@redhat.com, brijesh.ksingh@gmail.com, Brijesh Singh Subject: [PATCH Part1 RFC v4 25/36] x86/boot: Add Confidential Computing type to setup_data Date: Wed, 7 Jul 2021 13:14:55 -0500 Message-Id: <20210707181506.30489-26-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210707181506.30489-1-brijesh.singh@amd.com> References: <20210707181506.30489-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) To BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.19 via Frontend Transport; Wed, 7 Jul 2021 18:16:30 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 52d29a9f-0353-4d48-64e1-08d941735953 X-MS-TrafficTypeDiagnostic: BY5PR12MB3683: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:7219; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: TyW23MbKhxUc6nBezNiwIm6LFU0etLhpU0ol1CjPOxyKJWUS4ao7MmBXAcBx7HzxUpj/zj4jFvEKf0P1B0Q2fEULyfsgCCxul9vUmu6TA/YZ0QyfTATtQHnNAaGJ7f8tRkaRlrO6t3cb0zvTonIb+Uqet5mwa2/TeynL/rxiSeEMBbsZ2vMAqYLmrH+fY3p1bAiFkXxsQaY9tp5wx2ELI92CgfNoMjlvMtxkLDtDTMou8JF5MJ40nkpbRtviwLs8eNQqLLL0CZzGA3KQCWoHRLRAWe96i0LLdj8I472qVUUf+fkQ3SyypIvGKVzp02yurQU6CKr8Y3TLFDBZWGQ0yOV0aSOtF/k8at7aySEnj5KLYdQffQpvavDEy11ou1eSI+t/A/oX3emdugxG0bLYxbqZzup54rGQwOgwxSoNqGvOPUsG6Zh0aonlDS3t6v2WgsmcHnXv9oxJTGxeRafk+1qD/DwIlmOUUvNwYtgNntONDAUsnZR346OIsD9aJDFvWo7QGeVGOTVPmHL99bYbntjKqEvBJyEe7iOZ3GO5mQQ/GOGgcK7txRf5VZYc06E/NFOfyO1qpVHlq6z5WZjUA17x5sP3rzni5BtvFvpwxd+DkRvDfQwjI4tx//BjxbI433dHzp1KyPC8AXqz8pu2LK4eALP+wKSZP76CBfmnbfQt2X254f2ZixE+RxG3iarpjbCQy/n43FEOp2bvV8CCOg== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR12MB2711.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(39860400002)(136003)(346002)(376002)(396003)(5660300002)(8936002)(2616005)(44832011)(956004)(38350700002)(26005)(6666004)(7406005)(7416002)(1076003)(66946007)(4326008)(54906003)(66476007)(8676002)(66556008)(2906002)(36756003)(38100700002)(52116002)(186003)(6486002)(7696005)(478600001)(86362001)(316002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: HEAOp9HCNFe5cDkdM2bbRFcacJDzNKREs/9inZO2XYpJAENATJu8V4Mp3IIxVJJXct+0v+BO080/vEvoRvGvsTXpkltIyjwn3DXvGOBXvKqiWxjE0oKFyBDQoRQB0YxiuRKv5LWPC8Jn18AI8JyjI5QqWYL6LEg2/KDvhvbNIju5UqKor9wI2FTN8VDPEsibUZ389Lq2FQGWZAihIxLDbJcI01Tn1McCSVLUAhycEalqtYLMW4KNkjEY0yHEvq6CY+QglmGXTzDrMF9WaXYqh42X72NdlR+3TEEMowMn4YFMax8nByrC/NI1kdl2Q/+0965SMEX/0gdOKa9s+ieSW+dOSMOfi92uikQbg7okwEG8LMLklwh+A113tWvKXF6RqYZ0nIn/ikq2XtfXpBSWH3eXYvUAF8e196GhCo/35MbuA54r2T+LvECOyiq1XN0iNSXVGDLRlM1Pz8yXSIQsabMceEygLChqDAzUADjWrWzxPJtWxTqqNRRPStcvEX485hCuuR8PJEKJNgTpO58Mk492shMQrX62IMaztD2+myoWBCVKjPzIm5qrFq2rajmMEnuVtIWD+/sVlPIlmBV87bWsP/xjjTyoxbWfFufXniLHCrN6HMO3kTAzhJwZk5xvXs0txMs+iSb8lNBamDkBDs1Nf1wJIrlAW3VqT6LYQhOKPXSeFJf7xwsuhU4Xqfg26QqFlxRi9n8werVVbAuk2xidnjju7TDwBrf9L7wz6sJcVL6bmRAMYZ/Ly5sq4W6/s7skWLrl97OxCLUxl2zHPx6yik/LiqoX6qK9zWTzdPXP7vrmSOldBh66esC5imMtL5GByWQtG3hBVYTMIh73TUf9ovd4JMlHlPDGzxvUPp3/0dDv85uwB09Ytpi/Z4pdlpC0LqP1ud2yvbhWG+is3fssuhJiqd2KFeTJyx+mQ7dp6hebdhu/uMyGSPsO4iznGvMcsfqfihNiHFptXs1GlXpevw3HoKD//Jwj+SflvIYRCff8FE0E31J6HeJjDLiwsUaN3/L4qxGTIECrgQYxoIpDlpy8KD43Lee4KZHL2A9FxAdOZulGUEGLw6pFsvRJsKdM+yVFWJLYqZsZtvAdonksn5oM7bzMqUemUn9dIQ8Zi6sFTohIMVBUFztBSrVHxuN8zqNhOWQAeyFlCrTP49EKg/SJGBPwoqA5W7BPrIc5ijQMdkjv/N/NKsiz2SBWkIAHdyKHYZCvfa1QgHDWEbnsPHLzA6MEKxcSTB/agmtIt0Rm1CZ4PeG4CEhV9rA31vVsubpuwY1I5V/5SvsaLAq5KiGAj2FuVIc2u4fLPKj6aHmU8zOr5X1I/IkRJfaP X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 52d29a9f-0353-4d48-64e1-08d941735953 X-MS-Exchange-CrossTenant-AuthSource: BYAPR12MB2711.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jul 2021 18:16:32.7066 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: IwZ9Vikw2AAiJFsspTcYPUiDDdzcwGcH7raiYjCfMkPATyVblQIG7Zfwfltr418KZL92qS1RSTJesDMUAIQBSg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR12MB3683 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org While launching the encrypted guests, the hypervisor may need to provide some additional information during the guest boot. When booting under the EFI based BIOS, the EFI configuration table contains an entry for the confidential computing blob that contains the required information. To support booting encrypted guests on non-EFI VM, the hypervisor needs to pass this additional information to the kernel with a different method. For this purpose, introduce SETUP_CC_BLOB type in setup_data to hold the physical address of the confidential computing blob location. The boot loader or hypervisor may choose to use this method instead of EFI configuration table. The CC blob location scanning should give preference to setup_data data over the EFI configuration table. In AMD SEV-SNP, the CC blob contains the address of the secrets and CPUID pages. The secrets page includes information such as a VM to PSP communication key and CPUID page contains PSP filtered CPUID values. Define the AMD SEV confidential computing blob structure. While at it, define the EFI GUID for the confidential computing blob. Signed-off-by: Brijesh Singh --- arch/x86/include/asm/sev.h | 12 ++++++++++++ arch/x86/include/uapi/asm/bootparam.h | 1 + include/linux/efi.h | 1 + 3 files changed, 14 insertions(+) diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index f68c9e2c3851..e41bd55dba5d 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -44,6 +44,18 @@ struct es_em_ctxt { void do_vc_no_ghcb(struct pt_regs *regs, unsigned long exit_code); +/* AMD SEV Confidential computing blob structure */ +#define CC_BLOB_SEV_HDR_MAGIC 0x45444d41 +struct cc_blob_sev_info { + u32 magic; + u16 version; + u16 reserved; + u64 secrets_phys; + u32 secrets_len; + u64 cpuid_phys; + u32 cpuid_len; +}; + static inline u64 lower_bits(u64 val, unsigned int bits) { u64 mask = (1ULL << bits) - 1; diff --git a/arch/x86/include/uapi/asm/bootparam.h b/arch/x86/include/uapi/asm/bootparam.h index b25d3f82c2f3..1ac5acca72ce 100644 --- a/arch/x86/include/uapi/asm/bootparam.h +++ b/arch/x86/include/uapi/asm/bootparam.h @@ -10,6 +10,7 @@ #define SETUP_EFI 4 #define SETUP_APPLE_PROPERTIES 5 #define SETUP_JAILHOUSE 6 +#define SETUP_CC_BLOB 7 #define SETUP_INDIRECT (1<<31) diff --git a/include/linux/efi.h b/include/linux/efi.h index 6b5d36babfcc..75aeb2a56888 100644 --- a/include/linux/efi.h +++ b/include/linux/efi.h @@ -344,6 +344,7 @@ void efi_native_runtime_setup(void); #define EFI_CERT_SHA256_GUID EFI_GUID(0xc1c41626, 0x504c, 0x4092, 0xac, 0xa9, 0x41, 0xf9, 0x36, 0x93, 0x43, 0x28) #define EFI_CERT_X509_GUID EFI_GUID(0xa5c059a1, 0x94e4, 0x4aa7, 0x87, 0xb5, 0xab, 0x15, 0x5c, 0x2b, 0xf0, 0x72) #define EFI_CERT_X509_SHA256_GUID EFI_GUID(0x3bd2a492, 0x96c0, 0x4079, 0xb4, 0x20, 0xfc, 0xf9, 0x8e, 0xf1, 0x03, 0xed) +#define EFI_CC_BLOB_GUID EFI_GUID(0x067b1f5f, 0xcf26, 0x44c5, 0x85, 0x54, 0x93, 0xd7, 0x77, 0x91, 0x2d, 0x42) /* * This GUID is used to pass to the kernel proper the struct screen_info From patchwork Wed Jul 7 18:14:56 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 470882 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id CC904C07E9E for ; Wed, 7 Jul 2021 18:17:19 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id AD26361C83 for ; Wed, 7 Jul 2021 18:17:19 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232382AbhGGST6 (ORCPT ); Wed, 7 Jul 2021 14:19:58 -0400 Received: from mail-bn8nam08on2041.outbound.protection.outlook.com ([40.107.100.41]:45792 "EHLO NAM04-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S232069AbhGGST2 (ORCPT ); Wed, 7 Jul 2021 14:19:28 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=TQrcE6+663OXwP4Hy29ozvoecWLsP3tvt+2LQcreOkq6dFXaO5ino7MUZ4eaJd6DQ54mpMtae1419o335QeGG5UnDyQVyMKP+LpcPyZ7fI4P9TJdL4l2Fv7PjRLD9ENcqV83zKfoHQCJJghDKm18jDyKLsLzxa1U0pnCDGPKdtNv5DtIiYbUKEkhTSGdDXE5THaqn679J5PqZhdRH2KMVLG11+QKTWyTMlfO+c4ADxk3xMyliQACjFDg+xhGApDTQN3awTRg+3VWbnzhoa9TKxLXky0nLt1AqxNgP1rhUhWzAmglLoYJPuQ3OBNDtOCzAxnla2NLmIB+OG5bpk0XCQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=l5Bj4ChvzX1GEpzBwT4c6XJS0kWfJq1wmxQJV3kjYSM=; b=K2olZqbOhvaSxR1wk1GPiy50ohrbvthJ2OIGcyhKf6Tp3wJxAOBMW4lLgny+DaD0BCd11gXIW3374R09e/iGiW9aphwXUvNONXRfO/Ytuu7fmZ/s/90xn+ThrlWRdF8bigksjXla0a4YzEhunSqD/ygBkNRbPtkhfZpXjOMqmJF3vudQcSH+ndXuQmnpvi9Ynmcj1/PkJKAtkQHoh1I0snz69uMq0qwfe1ZfpB2yGBMgszFZyWz49ssq8gEpoAUljwsQCk4XgrOvxQ0r0M6kRl1Nxf1dOrMKHRaQ4ARDG9PnWxOoHfHVPUltfoUyeXOQPSua6/V9zKf8zPh7VP1u2g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=l5Bj4ChvzX1GEpzBwT4c6XJS0kWfJq1wmxQJV3kjYSM=; b=OMNIb6eifOxlspazNc4/zb8Jyi1EDv2GH7Jj7VkH6h7FTq2qXGMma7vUbCV2JUmnpIQBey9ETYU6qJlYv1NGgoZ5BpwWoo9GGv1kPQaHVEHTZQzqlxW2zMnETr4iwnFnEp0AUz1hpI+VX65e8DhzXKngeK0AeAT8ZDaxCnRroYQ= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) by BY5PR12MB3683.namprd12.prod.outlook.com (2603:10b6:a03:1a5::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4287.27; Wed, 7 Jul 2021 18:16:36 +0000 Received: from BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed]) by BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed%7]) with mapi id 15.20.4287.033; Wed, 7 Jul 2021 18:16:35 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , tony.luck@intel.com, npmccallum@redhat.com, brijesh.ksingh@gmail.com, Brijesh Singh Subject: [PATCH Part1 RFC v4 26/36] x86/compressed/64: enable SEV-SNP-validated CPUID in #VC handler Date: Wed, 7 Jul 2021 13:14:56 -0500 Message-Id: <20210707181506.30489-27-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210707181506.30489-1-brijesh.singh@amd.com> References: <20210707181506.30489-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) To BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.19 via Frontend Transport; Wed, 7 Jul 2021 18:16:32 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: bb525b83-f1d6-40c2-8775-08d941735acc X-MS-TrafficTypeDiagnostic: BY5PR12MB3683: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:372; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: RCjjQyzPr/RJjHQbQVx5YViGWvg3rV9e+fv6lZ1sFuY4Mc5UO9sM1Mutwi74AVseBwi0Qm1l00p6Z/2/0hm7s6OFemr8xPOaXbCIs3d6y7K46WifdZqSJIIN2QiLyOpvQ1Ji982B+hF7XwNiI1OoPK/+fFYxtki8rCLUmqBWXJkLZoFOK+D3nSyywEoi4Wnlo50Or/0WrQTmelIBnzzzwwATx5MbyC4sOiKlHPnRH4aCPaNAsgtLYv1IcYFG0q4RaYYmgE6pOBD9wiGH7U7N/JBWJuAllttg+i7IyoSRkYYZ1Q4DZVA5gywCcAOEQ2AQLk2I5isiAtGyBVfTVvMF5lU0GN01QEd/3IZ1j096fDm2QMSTtCpES1VOY+rrljyjL3x4u7X3PGxmbMBFVsLlYpQR90WSfxZ6Vkd8gaZBgrObvV7u+IuqUtfq4MHJLo4vQ67F6HTfs9BNkFg/ZXLk35zHoqW8s6/Qll7ksyQUjkzLMwqVYpLTkFACgD7lk5np/1qjcg92aXRwyk/hI+ABpTtpNTu+DY01zdP+Lxw37fMR7FyHlMr1n2OrO7G583RwOFPIJ7o7+Rd8Oqcz6jvSKzTHkCm+IZLO+iylNiNo+HYygS1r1RZTscFpECcSLA8W7M6kIYVgGhRu5lN5HB0dU4JXP1BTgzhjIYt78kEPSpuY8Rm93j0U2vIG1NTPLMUhxN90ULNxi4U+z9Ls/PMvOw== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR12MB2711.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(39860400002)(136003)(346002)(376002)(396003)(5660300002)(8936002)(2616005)(44832011)(956004)(38350700002)(26005)(6666004)(7406005)(83380400001)(7416002)(1076003)(66946007)(4326008)(54906003)(66476007)(8676002)(66556008)(15650500001)(2906002)(36756003)(38100700002)(52116002)(186003)(6486002)(7696005)(478600001)(30864003)(86362001)(316002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: Oxs6JPJcVCIfo5/cQ+nx59dp7j3SV0zgOVY3OvoraIFY9dKMHcblMADGzFMff30jEcOjTEjqwh1JbtyeqCFauKh3hI/V2og0r2gLbPUPfF7IHMWNXQ03TwIOh9JadOYk8He9SYYaB+FzzEUb/r1u8mameo3keGmDJyOe7QOq8qVHCbIUxi0IaZhiHlq58CW/4nSN2mJnkRXiVSIS4SHOLlQ+I3UoVtbHqOo5vSNvXS1k07ITroKyZRBC+iFURCQLkGoBf/oEZmg2XH8hwx1Amg0W5I7Q5xIWLMqZJe4esKOcvDFFP+dgre5NFeDnI+VkCegtx+xAkUb7JMz2YP7Y9SDd/xjiVibCijbHht2EURJD80F9BLVmFp13OXhI+rjRmi9BZJj1eh1nErdkTGcOE6WVamBaTAByEZD4awL8/E2ZUBh5z247w4Q308wxL1PJpt5XKQNDq10li2hAJp2EWtxH3jrcQXoA/azj3hdnhmJmF0qBQsVFy0Jb9/d0gsYTwhtrzPACM/FzN09bZhhJyqpd4YDl0Gc+HA99wNSN/N/jmBiySouVqp5Qj+IxLaanJcBGXIj3f9TwIviWc47KUnLiiSjNTwTuHdINCPOP1h33hdoZL5chvaMEdjqjss73r9CTtqerxl9PA8TQo2WhAEAsFQaGNUKIRjtxNmGLf9THrHXbP8BvBdIezcIhlPL+aZO6J90w76Vte+6LdJHcpLWG+NeP8gTJ1T5NvOtt3EMOgNQkd79uTyi8fWQhMa2lS5LRm7FgXmk5I0Z9ko8uMAKuGuq+nLc9PLq0GcJmaTk45bV2G1IFlkt+LcJE7mBn0mMQ/BadCVjqzDwNTc+Hs6ZpRIV7msTAtLm8tWsef21jKaogkvPCezaaXa+Ot0uTUHDpB3Mpgoe16zLMRA0vIrkqfiQ+94k5sKmq2aQ5mz5GphazzGAx8cAS6WM2K6b2dpF2DF1FW9ZgUzQUWeaVt3B4/bBN0xJXrR5pVJoNp+U7uzg60Adtm7vLRSgBbc6zteSz3ZyBpx9FS08Ap5UTRoawp51ZkoJeR3mYytcEjNFe601kRsG8Hx3B1rRyFGQ59EP7iL/9H6YzhqTDE71tXaV5cZH1aCc9WWuWYO6XAsvhfW3z2TAwcqym4PKqFz1VYnLAnfXuIzzOgYuPQn+vSORKvC2dd5ZZGIprJLeHpTt9bslRfneNBV3CzXRBDloaXtssXXyT5q7PJF5zBuKkvsuFD8MnIzirBeNPk2dXM4HqdX+gZUg1emaQLnTQZnkU96xmLTCcfjbGdFuzi0nWgLNDhO/Px8ZxVxm5klEvritNT3ntKwXxF7AXO8qAd/gw X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: bb525b83-f1d6-40c2-8775-08d941735acc X-MS-Exchange-CrossTenant-AuthSource: BYAPR12MB2711.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jul 2021 18:16:35.2762 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: f1fwLJJImytyH5UohE/b0xPiSdnbmoOawm8tdZP6Moe8Y5javAyqaO96aRw/MXXJdWf7xk5twPt2gB4y19ueRA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR12MB3683 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org From: Michael Roth CPUID instructions generate a #VC exception for SEV-ES/SEV-SNP guests, for which early handlers are currently set up to handle. In the case of SEV-SNP, guests can use a special location in guest memory address space that has been pre-populated with firmware-validated CPUID information to look up the relevant CPUID values rather than requesting them from hypervisor via a VMGEXIT. Determine the location of the CPUID memory address in advance of any CPUID instructions/exceptions and, when available, use it to handle the CPUID lookup. Signed-off-by: Michael Roth Signed-off-by: Brijesh Singh --- arch/x86/boot/compressed/efi-config-table.c | 44 +++ arch/x86/boot/compressed/head_64.S | 1 + arch/x86/boot/compressed/idt_64.c | 7 +- arch/x86/boot/compressed/misc.h | 10 + arch/x86/boot/compressed/sev.c | 3 + arch/x86/include/asm/sev-common.h | 2 + arch/x86/include/asm/sev.h | 3 + arch/x86/kernel/sev-shared.c | 322 ++++++++++++++++++++ arch/x86/kernel/sev.c | 4 + 9 files changed, 394 insertions(+), 2 deletions(-) diff --git a/arch/x86/boot/compressed/efi-config-table.c b/arch/x86/boot/compressed/efi-config-table.c index d1a34aa7cefd..678fc4236030 100644 --- a/arch/x86/boot/compressed/efi-config-table.c +++ b/arch/x86/boot/compressed/efi-config-table.c @@ -178,3 +178,47 @@ efi_bp_get_conf_table(struct boot_params *boot_params, return 0; } + +/* + * Given boot_params, locate EFI system/config table from it and search for + * physical for the vendor table associated with GUID. + * + * @boot_params: pointer to boot_params + * @guid: GUID of vendor table + * @vendor_table_pa: location to store physical address of vendor table + * + * Returns 0 on success. On error, return params are left unchanged. + */ +int +efi_bp_find_vendor_table(struct boot_params *boot_params, efi_guid_t guid, + unsigned long *vendor_table_pa) +{ + unsigned long conf_table_pa = 0; + unsigned int conf_table_len = 0; + unsigned int i; + bool efi_64; + int ret; + + ret = efi_bp_get_conf_table(boot_params, &conf_table_pa, + &conf_table_len, &efi_64); + if (ret) + return ret; + + for (i = 0; i < conf_table_len; i++) { + unsigned long vendor_table_pa_tmp; + efi_guid_t vendor_table_guid; + int ret; + + if (get_vendor_table((void *)conf_table_pa, i, + &vendor_table_pa_tmp, + &vendor_table_guid, efi_64)) + return -EINVAL; + + if (!efi_guidcmp(guid, vendor_table_guid)) { + *vendor_table_pa = vendor_table_pa_tmp; + return 0; + } + } + + return -ENOENT; +} diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S index a2347ded77ea..1c1658693fc9 100644 --- a/arch/x86/boot/compressed/head_64.S +++ b/arch/x86/boot/compressed/head_64.S @@ -441,6 +441,7 @@ SYM_CODE_START(startup_64) .Lon_kernel_cs: pushq %rsi + movq %rsi, %rdi /* real mode address */ call load_stage1_idt popq %rsi diff --git a/arch/x86/boot/compressed/idt_64.c b/arch/x86/boot/compressed/idt_64.c index 9b93567d663a..1f6511a6625d 100644 --- a/arch/x86/boot/compressed/idt_64.c +++ b/arch/x86/boot/compressed/idt_64.c @@ -3,6 +3,7 @@ #include #include #include "misc.h" +#include static void set_idt_entry(int vector, void (*handler)(void)) { @@ -28,13 +29,15 @@ static void load_boot_idt(const struct desc_ptr *dtr) } /* Setup IDT before kernel jumping to .Lrelocated */ -void load_stage1_idt(void) +void load_stage1_idt(void *rmode) { boot_idt_desc.address = (unsigned long)boot_idt; - if (IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT)) + if (IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT)) { + sev_snp_cpuid_init(rmode); set_idt_entry(X86_TRAP_VC, boot_stage1_vc); + } load_boot_idt(&boot_idt_desc); } diff --git a/arch/x86/boot/compressed/misc.h b/arch/x86/boot/compressed/misc.h index 522baf8ff04a..74c3cf3b982c 100644 --- a/arch/x86/boot/compressed/misc.h +++ b/arch/x86/boot/compressed/misc.h @@ -193,6 +193,10 @@ int efi_bp_get_conf_table(struct boot_params *boot_params, unsigned long *conf_table_pa, unsigned int *conf_table_len, bool *is_efi_64); + +int efi_bp_find_vendor_table(struct boot_params *boot_params, efi_guid_t guid, + unsigned long *vendor_table_pa); + #else static inline int efi_foreach_conf_entry(void *conf_table, unsigned int conf_table_len, @@ -222,6 +226,12 @@ efi_bp_get_conf_table(struct boot_params *boot_params, { return -ENOENT; } + +int efi_bp_find_vendor_table(struct boot_params *boot_params, efi_guid_t guid, + unsigned long *vendor_table_pa); +{ + return -ENOENT; +} #endif /* CONFIG_EFI */ #endif /* BOOT_COMPRESSED_MISC_H */ diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c index d4cbadf80838..13a6ce74f320 100644 --- a/arch/x86/boot/compressed/sev.c +++ b/arch/x86/boot/compressed/sev.c @@ -20,6 +20,9 @@ #include #include #include +#include +#include +#include #include "error.h" diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index 5da5f5147623..e14d24f0950c 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -132,5 +132,7 @@ struct __packed snp_psc_desc { #define GHCB_TERM_PSC 1 /* Page State Change failure */ #define GHCB_TERM_PVALIDATE 2 /* Pvalidate failure */ #define GHCB_TERM_NOT_VMPL0 3 /* SNP guest is not running at VMPL-0 */ +#define GHCB_TERM_CPUID 4 /* CPUID-validation failure */ +#define GHCB_TERM_CPUID_HYP 5 /* CPUID failure during hypervisor fallback */ #endif diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index e41bd55dba5d..e403bd1fcb23 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -11,6 +11,7 @@ #include #include #include +#include #define GHCB_PROTOCOL_MIN 1ULL #define GHCB_PROTOCOL_MAX 2ULL @@ -127,6 +128,7 @@ void snp_set_memory_shared(unsigned long vaddr, unsigned int npages); void snp_set_memory_private(unsigned long vaddr, unsigned int npages); void snp_set_wakeup_secondary_cpu(void); +void sev_snp_cpuid_init(struct boot_params *bp); #else static inline void sev_es_ist_enter(struct pt_regs *regs) { } static inline void sev_es_ist_exit(void) { } @@ -143,6 +145,7 @@ static inline void snp_set_memory_shared(unsigned long vaddr, unsigned int npage static inline void snp_set_memory_private(unsigned long vaddr, unsigned int npages) { } static inline void snp_set_wakeup_secondary_cpu(void) { } +static inline void sev_snp_cpuid_init(struct boot_params *bp) { } #endif #endif diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c index 4884de256a49..5e0e8e208a8c 100644 --- a/arch/x86/kernel/sev-shared.c +++ b/arch/x86/kernel/sev-shared.c @@ -14,6 +14,25 @@ #define has_cpuflag(f) boot_cpu_has(f) #endif +struct sev_snp_cpuid_fn { + u32 eax_in; + u32 ecx_in; + u64 unused; + u64 unused2; + u32 eax; + u32 ebx; + u32 ecx; + u32 edx; + u64 reserved; +} __packed; + +struct sev_snp_cpuid_info { + u32 count; + u32 reserved1; + u64 reserved2; + struct sev_snp_cpuid_fn fn[0]; +} __packed; + /* * Since feature negotiation related variables are set early in the boot * process they must reside in the .data section so as not to be zeroed @@ -26,6 +45,15 @@ static u16 ghcb_version __section(".data..ro_after_init"); /* Bitmap of SEV features supported by the hypervisor */ u64 sev_hv_features __section(".data..ro_after_init") = 0; +/* + * These are also stored in .data section to avoid the need to re-parse + * boot_params and re-determine CPUID memory range when .bss is cleared. + */ +static int sev_snp_cpuid_enabled __section(".data"); +static unsigned long sev_snp_cpuid_pa __section(".data"); +static unsigned long sev_snp_cpuid_sz __section(".data"); +static const struct sev_snp_cpuid_info *cpuid_info __section(".data"); + static bool __init sev_es_check_cpu_features(void) { if (!has_cpuflag(X86_FEATURE_RDRAND)) { @@ -236,6 +264,171 @@ static int sev_es_cpuid_msr_proto(u32 func, u32 subfunc, u32 *eax, u32 *ebx, return 0; } +static bool sev_snp_cpuid_active(void) +{ + return sev_snp_cpuid_enabled; +} + +static int sev_snp_cpuid_xsave_size(u64 xfeatures_en, u32 base_size, + u32 *xsave_size, bool compacted) +{ + u64 xfeatures_found = 0; + int i; + + *xsave_size = base_size; + + for (i = 0; i < cpuid_info->count; i++) { + const struct sev_snp_cpuid_fn *fn = &cpuid_info->fn[i]; + + if (!(fn->eax_in == 0xd && fn->ecx_in > 1 && fn->ecx_in < 64)) + continue; + if (!(xfeatures_en & (1UL << fn->ecx_in))) + continue; + if (xfeatures_found & (1UL << fn->ecx_in)) + continue; + + xfeatures_found |= (1UL << fn->ecx_in); + if (compacted) + *xsave_size += fn->eax; + else + *xsave_size = max(*xsave_size, fn->eax + fn->ebx); + } + + /* + * Either the guest set unsupported XCR0/XSS bits, or the corresponding + * entries in the CPUID table were not present. This is not a valid + * state to be in. + */ + if (xfeatures_found != (xfeatures_en & ~3ULL)) + return -EINVAL; + + return 0; +} + +static void sev_snp_cpuid_hyp(u32 func, u32 subfunc, u32 *eax, u32 *ebx, + u32 *ecx, u32 *edx) +{ + /* + * Currently MSR protocol is sufficient to handle fallback cases, but + * should that change make sure we terminate rather than grabbing random + * values. Handling can be added in future to use GHCB-page protocol for + * cases that occur late enough in boot that GHCB page is available + */ + if (cpuid_function_is_indexed(func) && subfunc != 0) + sev_es_terminate(1, GHCB_TERM_CPUID_HYP); + + if (sev_es_cpuid_msr_proto(func, 0, eax, ebx, ecx, edx)) + sev_es_terminate(1, GHCB_TERM_CPUID_HYP); +} + +/* + * Returns -EOPNOTSUPP if feature not enabled. Any other return value should be + * treated as fatal by caller since we cannot fall back to hypervisor to fetch + * the values for security reasons (outside of the specific cases handled here) + */ +static int sev_snp_cpuid(u32 func, u32 subfunc, u32 *eax, u32 *ebx, u32 *ecx, + u32 *edx) +{ + bool found = false; + int i; + + if (!sev_snp_cpuid_active()) + return -EOPNOTSUPP; + + if (!cpuid_info) + return -EIO; + + for (i = 0; i < cpuid_info->count; i++) { + const struct sev_snp_cpuid_fn *fn = &cpuid_info->fn[i]; + + if (fn->eax_in != func) + continue; + + if (cpuid_function_is_indexed(func) && fn->ecx_in != subfunc) + continue; + + *eax = fn->eax; + *ebx = fn->ebx; + *ecx = fn->ecx; + *edx = fn->edx; + found = true; + + break; + } + + if (!found) { + *eax = *ebx = *ecx = *edx = 0; + goto out; + } + + if (func == 0x1) { + u32 ebx2, edx2; + + sev_snp_cpuid_hyp(func, subfunc, NULL, &ebx2, NULL, &edx2); + /* initial APIC ID */ + *ebx = (*ebx & 0x00FFFFFF) | (ebx2 & 0xFF000000); + /* APIC enabled bit */ + *edx = (*edx & ~BIT_ULL(9)) | (edx2 & BIT_ULL(9)); + + /* OSXSAVE enabled bit */ + if (native_read_cr4() & X86_CR4_OSXSAVE) + *ecx |= BIT_ULL(27); + } else if (func == 0x7) { + /* OSPKE enabled bit */ + *ecx &= ~BIT_ULL(4); + if (native_read_cr4() & X86_CR4_PKE) + *ecx |= BIT_ULL(4); + } else if (func == 0xB) { + /* extended APIC ID */ + sev_snp_cpuid_hyp(func, 0, NULL, NULL, NULL, edx); + } else if (func == 0xd && (subfunc == 0x0 || subfunc == 0x1)) { + bool compacted = false; + u64 xcr0 = 1, xss = 0; + u32 xsave_size; + + if (native_read_cr4() & X86_CR4_OSXSAVE) + xcr0 = xgetbv(XCR_XFEATURE_ENABLED_MASK); + if (subfunc == 1) { + /* boot/compressed doesn't set XSS so 0 is fine there */ +#ifndef __BOOT_COMPRESSED + if (*eax & 0x8) /* XSAVES */ + if (boot_cpu_has(X86_FEATURE_XSAVES)) + rdmsrl(MSR_IA32_XSS, xss); +#endif + /* + * The PPR and APM aren't clear on what size should be + * encoded in 0xD:0x1:EBX when compaction is not enabled + * by either XSAVEC or XSAVES since SNP-capable hardware + * has the entries fixed as 1. KVM sets it to 0 in this + * case, but to avoid this becoming an issue it's safer + * to simply treat this as unsupported or SNP guests. + */ + if (!(*eax & 0xA)) /* (XSAVEC|XSAVES) */ + return -EINVAL; + + compacted = true; + } + + if (sev_snp_cpuid_xsave_size(xcr0 | xss, *ebx, &xsave_size, + compacted)) + return -EINVAL; + + *ebx = xsave_size; + } else if (func == 0x8000001E) { + u32 ebx2, ecx2; + + /* extended APIC ID */ + sev_snp_cpuid_hyp(func, subfunc, eax, &ebx2, &ecx2, NULL); + /* compute ID */ + *ebx = (*ebx & 0xFFFFFFF00) | (ebx2 & 0x000000FF); + /* node ID */ + *ecx = (*ecx & 0xFFFFFFF00) | (ecx2 & 0x000000FF); + } + +out: + return 0; +} + /* * Boot VC Handler - This is the first VC handler during boot, there is no GHCB * page yet, so it only supports the MSR based communication with the @@ -244,15 +437,25 @@ static int sev_es_cpuid_msr_proto(u32 func, u32 subfunc, u32 *eax, u32 *ebx, void __init do_vc_no_ghcb(struct pt_regs *regs, unsigned long exit_code) { unsigned int fn = lower_bits(regs->ax, 32); + unsigned int subfn = lower_bits(regs->cx, 32); u32 eax, ebx, ecx, edx; + int ret; /* Only CPUID is supported via MSR protocol */ if (exit_code != SVM_EXIT_CPUID) goto fail; + ret = sev_snp_cpuid(fn, subfn, &eax, &ebx, &ecx, &edx); + if (ret == 0) + goto out; + + if (ret != -EOPNOTSUPP) + goto fail; + if (sev_es_cpuid_msr_proto(fn, 0, &eax, &ebx, &ecx, &edx)) goto fail; +out: regs->ax = eax; regs->bx = ebx; regs->cx = ecx; @@ -552,6 +755,19 @@ static enum es_result vc_handle_cpuid(struct ghcb *ghcb, struct pt_regs *regs = ctxt->regs; u32 cr4 = native_read_cr4(); enum es_result ret; + u32 eax, ebx, ecx, edx; + int cpuid_ret; + + cpuid_ret = sev_snp_cpuid(regs->ax, regs->cx, &eax, &ebx, &ecx, &edx); + if (cpuid_ret == 0) { + regs->ax = eax; + regs->bx = ebx; + regs->cx = ecx; + regs->dx = edx; + return ES_OK; + } + if (cpuid_ret != -EOPNOTSUPP) + return ES_VMM_ERROR; ghcb_set_rax(ghcb, regs->ax); ghcb_set_rcx(ghcb, regs->cx); @@ -603,3 +819,109 @@ static enum es_result vc_handle_rdtsc(struct ghcb *ghcb, return ES_OK; } + +#ifdef BOOT_COMPRESSED +static struct setup_data *get_cc_setup_data(struct boot_params *bp) +{ + struct setup_data *hdr = (struct setup_data *)bp->hdr.setup_data; + + while (hdr) { + if (hdr->type == SETUP_CC_BLOB) + return hdr; + hdr = (struct setup_data *)hdr->next; + } + + return NULL; +} + +/* + * For boot/compressed kernel: + * + * 1) Search for CC blob in the following order/precedence: + * - via linux boot protocol / setup_data entry + * - via EFI configuration table + * 2) Return a pointer to the CC blob, NULL otherwise. + */ +static struct cc_blob_sev_info *sev_snp_probe_cc_blob(struct boot_params *bp) +{ + struct cc_blob_sev_info *cc_info = NULL; + struct setup_data_cc { + struct setup_data header; + u32 cc_blob_address; + } *sd; + + /* Try to get CC blob via setup_data */ + sd = (struct setup_data_cc *)get_cc_setup_data(bp); + if (sd) { + cc_info = (struct cc_blob_sev_info *)(unsigned long)sd->cc_blob_address; + goto out_verify; + } + + /* CC blob isn't in setup_data, see if it's in the EFI config table */ + (void)efi_bp_find_vendor_table(bp, EFI_CC_BLOB_GUID, + (unsigned long *)&cc_info); + +out_verify: + /* CC blob should be either valid or not present. Fail otherwise. */ + if (cc_info && cc_info->magic != CC_BLOB_SEV_HDR_MAGIC) + sev_es_terminate(1, GHCB_SNP_UNSUPPORTED); + + return cc_info; +} +#else +/* + * Probing for CC blob for run-time kernel will be enabled in a subsequent + * patch. For now we need to stub this out. + */ +static struct cc_blob_sev_info *sev_snp_probe_cc_blob(struct boot_params *bp) +{ + return NULL; +} +#endif + +/* + * Initial set up of CPUID table when running identity-mapped. + * + * NOTE: Since SEV_SNP feature partly relies on CPUID checks that can't + * happen until we access CPUID page, we skip the check and hope the + * bootloader is providing sane values. Current code relies on all CPUID + * page lookups originating from #VC handler, which at least provides + * indication that SEV-ES is enabled. Subsequent init levels will check for + * SEV_SNP feature once available to also take SEV MSR value into account. + */ +void sev_snp_cpuid_init(struct boot_params *bp) +{ + struct cc_blob_sev_info *cc_info; + + if (!bp) + sev_es_terminate(1, GHCB_TERM_CPUID); + + cc_info = sev_snp_probe_cc_blob(bp); + + if (!cc_info) + return; + + sev_snp_cpuid_pa = cc_info->cpuid_phys; + sev_snp_cpuid_sz = cc_info->cpuid_len; + + /* + * These should always be valid values for SNP, even if guest isn't + * actually configured to use the CPUID table. + */ + if (!sev_snp_cpuid_pa || sev_snp_cpuid_sz < PAGE_SIZE) + sev_es_terminate(1, GHCB_TERM_CPUID); + + cpuid_info = (const struct sev_snp_cpuid_info *)sev_snp_cpuid_pa; + + /* + * We should be able to trust the 'count' value in the CPUID table + * area, but ensure it agrees with CC blob value to be safe. + */ + if (sev_snp_cpuid_sz < (sizeof(struct sev_snp_cpuid_info) + + sizeof(struct sev_snp_cpuid_fn) * + cpuid_info->count)) + sev_es_terminate(1, GHCB_TERM_CPUID); + + if (cpuid_info->count > 0) + sev_snp_cpuid_enabled = 1; +} diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index 59e0dd04cb02..04ef5e79fa12 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -19,6 +19,8 @@ #include #include #include +#include +#include #include #include @@ -32,6 +34,8 @@ #include #include #include +#include +#include #include "sev-internal.h" From patchwork Wed Jul 7 18:14:58 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 470884 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 46E92C07E9E for ; Wed, 7 Jul 2021 18:17:05 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 34E2661CCD for ; Wed, 7 Jul 2021 18:17:05 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232291AbhGGSTn (ORCPT ); Wed, 7 Jul 2021 14:19:43 -0400 Received: from mail-dm6nam12on2068.outbound.protection.outlook.com ([40.107.243.68]:46944 "EHLO NAM12-DM6-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S232035AbhGGSTY (ORCPT ); Wed, 7 Jul 2021 14:19:24 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mmvPCbmUwu5znVAyNdzCvt0612Ps9R7c16S6DAXM3e24hT1St25ckX2H9MUxxBQEA7B2yrYlP0PXd6zEwcQ2evLCn1DOii73XE1qynun+/hRbuIVSEC1gESg2RmRsKVmlu6aCl5T20i9cbA8BAcf3vwWpnJwWeMnnT6fbaVU5BOdy5t3MZw9oEKvLg9scYE5Trw2bXtdweHfigKnR88T2DVjEUIuIxgq1x+C0kPRvz5z9J89huX7GPtoa0No/UC/3Ff3eCjfU8QqG+ic8C+a+MTfBiMTewUOAF/b3u564yWgAsViILvvXY6OY+S1TR2mCWmT5V7ZVjNTyJCe2elZLw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=uIuGp7KBHI64lwmkF6UGH2PkA4+umPxRd0Yii9FMJ5I=; b=YD7UzEsCNbFxjUVXM6sQ6SI53KU+FMhcWck4rGwlDlh6Sm4Tb0IYWHfxUUPXXxrDZvUEYQ7zHpDBOfWAdl8laglqepGX4o+5TQ5qpb5P59tjRgMuqU/mKcvlZC/Qc174/z+00PSVuUhyzp6rycx+ihLNvfKxyMiemKpMPuv6erTdSvmIJWjL1cqg3o0UIv0L0QaHpR+CB3Y/QS3lbaOA0lXifg0Ayo4I89F6YPP4lJgmihMv7tzt8EwzkJPK32oNEV6stYpDtLkeKFUX9+ch4/DCwNSO3NEia4mdqaDh1W+HLxuotT2s3i/T4Q2YNx6k2ZmJ1DiSu64HtkkbQjMYBg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=uIuGp7KBHI64lwmkF6UGH2PkA4+umPxRd0Yii9FMJ5I=; b=x7gPR0Qwv88gMM6gEhFLAiJ5clU0HCcVCCQZGbiyXmERfKnbHPW1SWFlESzEeEk8DNmpBOiG3tFxGyhk6/d89nR2+3pQRQedEw+ydYrYlM5AtxM+U3QALP8edUZOkIRTzw5++BSRVdozN3IzOqR/gQNWNmAezz5Lr8vPzCYyxxk= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) by BYAPR12MB3527.namprd12.prod.outlook.com (2603:10b6:a03:13c::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.20; Wed, 7 Jul 2021 18:16:40 +0000 Received: from BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed]) by BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed%7]) with mapi id 15.20.4287.033; Wed, 7 Jul 2021 18:16:40 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , tony.luck@intel.com, npmccallum@redhat.com, brijesh.ksingh@gmail.com, Brijesh Singh Subject: [PATCH Part1 RFC v4 28/36] x86/compressed/64: store Confidential Computing blob address in bootparams Date: Wed, 7 Jul 2021 13:14:58 -0500 Message-Id: <20210707181506.30489-29-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210707181506.30489-1-brijesh.singh@amd.com> References: <20210707181506.30489-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) To BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.19 via Frontend Transport; Wed, 7 Jul 2021 18:16:38 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: a6aa2024-a2c1-480e-cea1-08d941735de0 X-MS-TrafficTypeDiagnostic: BYAPR12MB3527: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:260; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: sewOYFtgPvXw9n2on5DnKOII5sU2GWPCau9usWUPbe5CiEEDVSP6g4texRxQR4HmLVPfUCNn2Hi7mVHL+5qZalc/vt/R7DlbbXjL9UKUgRvt+vIg6hmgwIqT3oL9xxGLaeGtyJPxhoQ8hREoh/U0TgXD1ElLoDijEMhujgiBnLsx99QCxirMTG9R0CozxflW0t9yZ4ZXPkRU4872HypsHcqeO9XrWwTI/sO8YeTStqKk4bCsb873K6X3bgv45G2+L1/Ty0vgpCVUHUq8HXhGBq7z1I2VMNQgkQcFSKtV7mo7yZofw+tJ+GqVNb4149MofrEaJLn03yQWo+I0imuxbFTSKWomIjHShHbDtx9XlnqfUEyQTE9iBrW+SBYADEvMYsplSShOXGFOrlTiHTVfp9N24cMdmpHADYAaWHJuG8/EEMY8/jll5RQUd3ZEDJydwa/I1H1E9gHvnWVwjVkjc49L8HDn36csE8bzSmuhdxg75bhTL5z4n17rQd4INl+evzUDQLLoWSe4Jat5PTXTn8HzWddohDhnkCcfEGh5yW++y+8933MrmRzSlbil35JaJhQ0Ha/iCZgHy9NclxFwaN1/3VVGTIQmUzOGYk8zZBPNEV9l1T56eFhHs/M5emGAj4QvsHBhkcdF1FbfdBPF5vBfDRcB52DdHKDuQZgNpLdmpgsS7XI9q3IRmBkVwX6vvXBam0XH1gyWFZpDM+2zBg== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR12MB2711.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(39860400002)(346002)(376002)(396003)(136003)(366004)(26005)(2616005)(5660300002)(478600001)(316002)(44832011)(6486002)(1076003)(66946007)(66556008)(83380400001)(86362001)(186003)(956004)(66476007)(8936002)(8676002)(52116002)(36756003)(54906003)(2906002)(7696005)(38100700002)(38350700002)(4326008)(6666004)(7406005)(7416002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: 9GaHpQX1uHGkl5nlH44yp0wW6wsVFSM6CWszinH82RaqUgZIYinulM3SapWFwpeMkctKpDIAS0IMFcYRUdqEkOs1Fyl6Z/92Ni9TXcm2vnMibXUXgQWQ89FxYMuPuXs6KzKfXSmWQ0Hgh899J6xTkOeZrD91B6dx9WY+U3mz0Nr0VFBnT8hUlknCahjYy8H/UhhhjgXifONcbEkm5RTw7OOhEVPhncwal3faPy0h20xQ/XVr5WZgv6qiZlbzeyph3FtWlm3/UaI9wIu3/FJdU99tEUJjiBmYJdwOAWR6iCT0a2KlJFdxJpzDjrfkQtmjDXLBfE+kF9K4S/A0GbijxTlf9pRnyRfK2aoHpWJAeAk25GXPr0onaWoWMLEIgZSYDRktqMcawFICBzvPidLUzlXds9ySxztoyXjmLBXRRf0Gmi//lyiIffiEkyON8RAwwgtD1+yRDbaKvYksPb2G4H68AoB/ub4JMDdLoBoAXgS26BBftsj85cAfQNVIG/Icps7NZtN9qyq3jrjnSA1pBo7klxeWVKUEb0i9jTWIZYkiBYIxf2ttLcmEi9T9/e42lPoJWH6zB3acmFS94TOkOzitFNilMAs04stMmnb8zA7bS1ZBh5lBjOWNKMhb5wujStnFm1qoBmHSg9tE45rIYS+k0+tcxbINBLrES7IqaNxfiAfluvU+LwEAM5lqq03euylv1FjIurGWT5Ufl1945TWO8HgBdlXONZVCL/lx88fEHl7Y6Wc5vo9gnCU4OfAhP+0wihnnP/Qfk/Y3mGZYH2es8JWcYfZHFeno264jmQe4+r3k/SHdnxDVwXiFKP1SYpcJ5/C//Z/VJ+7WpReJ+tyCVqJnYI4ckjJh088ElWSmXXwK35ugvADwQRbw1PSKpi0oDDiQjio9NWPwcBEcYaJFVFzaNGV8ECg6NiLyRKV8rkqI8ChL294TvUiDb3DBw7Pv5mDoUtHnV1BPfGcSF8tLPHvtb45DlKd5J01M+U5mFGOZqE4/yGKCmnReDD9UG7Yyc6flE1QRSJGbHFPfVrtzm+ejAKQ0xlJlHMr86eHMNyL//E+bE4MIfWtZ3Bz/xj7K/acKVcdGwXJ2roeYEHZR10awFCVcxYSQjjxp2fK1LBK2dpJIQb6BZ+8smeKfEtLtdq/K8GvTM6ES/2RhGhf0sPWOiljjkL7oGEcSIU6wk6l/zXkXh69ZaYNsoNvSjeXzCoXL2zx1rMGERkBfw6eyRG7cYAm+QGqlHRmbjO/ipjnrouHzjP9FrXGD8tshLvJm0djX8QutpD75RSWTZ3xkOmU/LauboxXv7Kdi2nECzWTkkBqG3EpVdszxesBd X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: a6aa2024-a2c1-480e-cea1-08d941735de0 X-MS-Exchange-CrossTenant-AuthSource: BYAPR12MB2711.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jul 2021 18:16:40.3483 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: Lsxl3ONComGNhuhU3ShqtB3UYIWuiuQggRQ29ZBM4sKPMIUzy+uCG7q8gi1E4+fIFyXP9EMbZftPj12z1hgu8Q== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR12MB3527 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org From: Michael Roth When the Confidential Computing blob is located by the boot/compressed kernel, store a pointer to it in bootparams->cc_blob_address to avoid the need for the run-time kernel to rescan the EFI config table to find it again. Since this function is also shared by the run-time kernel, this patch also adds the logic to make use of bootparams->cc_blob_address when it has been initialized. Signed-off-by: Michael Roth Signed-off-by: Brijesh Singh --- arch/x86/kernel/sev-shared.c | 38 +++++++++++++++++++++++++----------- 1 file changed, 27 insertions(+), 11 deletions(-) diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c index 5e0e8e208a8c..23328727caf4 100644 --- a/arch/x86/kernel/sev-shared.c +++ b/arch/x86/kernel/sev-shared.c @@ -820,7 +820,6 @@ static enum es_result vc_handle_rdtsc(struct ghcb *ghcb, return ES_OK; } -#ifdef BOOT_COMPRESSED static struct setup_data *get_cc_setup_data(struct boot_params *bp) { struct setup_data *hdr = (struct setup_data *)bp->hdr.setup_data; @@ -840,6 +839,16 @@ static struct setup_data *get_cc_setup_data(struct boot_params *bp) * 1) Search for CC blob in the following order/precedence: * - via linux boot protocol / setup_data entry * - via EFI configuration table + * 2) If found, initialize boot_params->cc_blob_address to point to the + * blob so that uncompressed kernel can easily access it during very + * early boot without the need to re-parse EFI config table + * 3) Return a pointer to the CC blob, NULL otherwise. + * + * For run-time/uncompressed kernel: + * + * 1) Search for CC blob in the following order/precedence: + * - via linux boot protocol / setup_data entry + * - via boot_params->cc_blob_address * 2) Return a pointer to the CC blob, NULL otherwise. */ static struct cc_blob_sev_info *sev_snp_probe_cc_blob(struct boot_params *bp) @@ -857,27 +866,34 @@ static struct cc_blob_sev_info *sev_snp_probe_cc_blob(struct boot_params *bp) goto out_verify; } +#ifdef __BOOT_COMPRESSED /* CC blob isn't in setup_data, see if it's in the EFI config table */ (void)efi_bp_find_vendor_table(bp, EFI_CC_BLOB_GUID, (unsigned long *)&cc_info); +#else + /* + * CC blob isn't in setup_data, see if boot kernel passed it via + * boot_params. + */ + if (bp->cc_blob_address) + cc_info = (struct cc_blob_sev_info *)(unsigned long)bp->cc_blob_address; +#endif out_verify: /* CC blob should be either valid or not present. Fail otherwise. */ if (cc_info && cc_info->magic != CC_BLOB_SEV_HDR_MAGIC) sev_es_terminate(1, GHCB_SNP_UNSUPPORTED); +#ifdef __BOOT_COMPRESSED + /* + * Pass run-time kernel a pointer to CC info via boot_params for easier + * access during early boot. + */ + bp->cc_blob_address = (u32)(unsigned long)cc_info; +#endif + return cc_info; } -#else -/* - * Probing for CC blob for run-time kernel will be enabled in a subsequent - * patch. For now we need to stub this out. - */ -static struct cc_blob_sev_info *sev_snp_probe_cc_blob(struct boot_params *bp) -{ - return NULL; -} -#endif /* * Initial set up of CPUID table when running identity-mapped. From patchwork Wed Jul 7 18:15:01 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 470878 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 827B1C07E9C for ; Wed, 7 Jul 2021 18:18:36 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 6644361CCA for ; Wed, 7 Jul 2021 18:18:36 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231477AbhGGSVO (ORCPT ); Wed, 7 Jul 2021 14:21:14 -0400 Received: from mail-bn8nam08on2046.outbound.protection.outlook.com ([40.107.100.46]:38144 "EHLO NAM04-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S232296AbhGGSUZ (ORCPT ); Wed, 7 Jul 2021 14:20:25 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mYmibSsd1an9rpJ6i4zVE993/QAMWrSPzesCwJwajqWIp/P+ngu9F8HfSHELFQ70usKMkm/jgKHsK1af9+WaRo+l9yTX0gBxObso6qkfQIvh2tm9ACh1AoOJmOfnY31TAI9prF1eYd7lnJNba+NgaEPK6iggusO7NOdI8+nzSpWmChNdnLVVFdu4n1yxkOFznoD3gj4YWxyJWwjS5cbBZFQ31zvGrOHnFrNLDn7QnXCof0nTGuO+Y/J1EXI6NuGYTv5wKAKg3AnkC+cZgS5cErrUNWvAl+4IJOyrufMnTsmrZXUqcbMIpGuZ/bE8aOI+QsKVcq78XVe5bnW2KVKzqA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0B6FiFCaDmM5RZo5rPzgiexy2y5sO1Pr34P5srvJpVg=; b=Xj1nyMCylZAkTyO79kq2fphqMros1v4rapVAh08xZ2ujP1SHSmiR6+tPBVZ9GrrTeXnXGwRNIVWE3lT/eNVYvwbo/UwMgZbQXGp//uaLejRtQDEyJymZHOo4KQ7bp2To4BybEFILosB/f5hTr7Vipncr7Yzd3RnoGRPazNllGBM5d+QTKOS7JBDqITnD3hGEQPbt8Qy6szJQtpFyr8fLmiihy3U6wY/BVqmWo828s9JsQE/cxmoE5vuQK50ihWBETLokRT8kkuVqbPKVdPpRjRrOepK8MBxLR4a+T6e1WizXK1jnYSWC1ggNirMKtZMyqNhxKeaO1XApL5IiFagR7A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0B6FiFCaDmM5RZo5rPzgiexy2y5sO1Pr34P5srvJpVg=; b=uuSpKkHMX2zlER3mgpcXzAh7KoI+YNnygi/zEQyOj62ouJnAKisTmp8eWFwrOG/SH2k6+bWjylzqpKZCPo1XI3t4xmVYPRNUVx6GNyB068b4zvZUuqm6bYjg5Zl7uJCg5j74OBXPbfmIP7cyIvU6nP6a99X37+h1WidXJoXhioc= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) by BY5PR12MB3683.namprd12.prod.outlook.com (2603:10b6:a03:1a5::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4287.27; Wed, 7 Jul 2021 18:16:48 +0000 Received: from BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed]) by BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed%7]) with mapi id 15.20.4287.033; Wed, 7 Jul 2021 18:16:48 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , tony.luck@intel.com, npmccallum@redhat.com, brijesh.ksingh@gmail.com, Brijesh Singh Subject: [PATCH Part1 RFC v4 31/36] x86/sev: Provide support for SNP guest request NAEs Date: Wed, 7 Jul 2021 13:15:01 -0500 Message-Id: <20210707181506.30489-32-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210707181506.30489-1-brijesh.singh@amd.com> References: <20210707181506.30489-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) To BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.19 via Frontend Transport; Wed, 7 Jul 2021 18:16:46 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 85c1362f-5533-4479-f492-08d941736294 X-MS-TrafficTypeDiagnostic: BY5PR12MB3683: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8273; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: tyjYEU5u4AjayshIni8i0raGxh4dY4Sea/xwOo6jRcYsWxl6AV4qo91NQeP5VmioGElgpw/fI63gWd5ekrAhaEvRSsDaTpQhrqAC7sJLCAolEkHNM/TltuFkTRadvxa2luF1BImyWbdDP+3hnAUSazmdDMxUADQI9vgGd9Sh3scK7U+moDXomyLpAnM2825XatAUMbxsQVbu0QzCEZqevaZPc6r3FvCcI73NlJtro7TEe4c0+kKx03kXfKOLVixMy2HpMzq3pHeIlmWhUdBT/d2znH5yDUKM4z2rYtp/gVR3HScMqUx2kgejv8GCCU9/V+EhXZLuQ4mkMkQi828WlxLCnb/hg/FtVklnCs/WbApdv+LpSlm9P19MpYlz3s5ZLOzCl5yPX+sWT9JwC0SeCPfALF4GP45aempSz6ZMGOhzL9snVbI94iXl8ki+0vYYjw+DVafRkv2mOjGeBlBkp8qcVQwUlbNTgZG0fyZZypb2OVeVmqgZVB+uCwwb0740aLuyFnVV7HL24ON299/O6CErRmS96sc37oe/9DXXGqCkYtEYxih5q9lUcycujyuRIO3Co7Ch7xQLY8yrygLwjQjRhn+TKQHaT9pGA2cs2xwN40AdTt1rflrJT4wtgcnf+8z80iABO4osNklauWbB1TdpsR2sGV1YpYLZOWPhL/T2AOXNhU0Vn5aZnV60OjomZq5jUE6K+GwVScmxbpomXg== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR12MB2711.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(39860400002)(136003)(346002)(376002)(396003)(5660300002)(8936002)(2616005)(44832011)(956004)(38350700002)(26005)(6666004)(7406005)(83380400001)(7416002)(1076003)(66946007)(4326008)(54906003)(66476007)(8676002)(66556008)(2906002)(36756003)(38100700002)(52116002)(186003)(6486002)(7696005)(478600001)(86362001)(316002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: 5sEiQH5zWHPUb4BKoyI9e9/07O3Oc1gzzD4+AMFTi9jfnUXPcO0+rFCogAVL21aJUebMFF8DkU6QmYz8ycHHNApVj1q+qifzZpJlgwjnCOdkaVujvYh1AO3gU+km/Qna7MJ+czWL/rdfKiacBJNFC7tNZsZB9p5bbVcMXFEYmaODQY/Pmh03R5PaB+hVYzKjQuJUpOfMVTrGvT8x3o4NwVTIqvYsyMpv+bkRLxUPy8/H3FtLu0ztkoMIeyb4vgiIJCEV9a3CtaRUpcAlrggPDocHr8eQb/TD0vqTGlWVzAW9HSGGa2F3jNqyWiHZumX1aBAmIWk/oaTVhBOdqiEpUu4LHNUtbudpw+8t0mwbkObpNxByUGhZCk/4yibIu0ByGU4hWUcZF96at0CfQDiANRyTNf0f/NyigPCvjyabBNlRn5F9iB7XSifGMXXKiQXbyusMeIWgBn8tMtf7YSPrBgnUUrUgtu4V15oDoJd7Us3pAUEeTRXWC2TdHjlCXouH/GZ3RYGj9AhtL0lS3wV/NkChBvavW8wznJcatMHNtQiLVHfIWbmk222KR+STthXCZSYYt31JBD6EVwulULscMFd8w6ooq9iKHvd8rbQ8ccWE42jL6by6QLv+2aw5mDLgOwVtKBj/QJIWJhlebQT2ppLj4cJixK9yt2UrCuW1YH1sIR1ypQ+p9THc2pey9Xc441umsUqgdPbzoln0a1jwT3pV7iGRB1xE1BoUU7BPt4PKcv9zMrO10+O03kBvGmz8FdgTBmcW+uf3Inmmr/ATql1HtL/SKTNIAHneavIA6bMhPRm3/y3o8+BQeQIy2h6TZ5qVOMRMYU5ivsdhjY0wso6XWtVuDbUCIqakzOY2aoiqVVQxka5fXJq297kft4pbyImi3uaY1fCwBVsKjBlV72Q7iE/RI22l/HKmnlWKD7ZN0bRApjIaHK+jRpedPMrM3dU2PVxgvK903mKl8QT+eCLPT7UVsQaEOI1Lg3JaH9HArzNrSv9M1lsQKC8ivwNhtVPVRuYG1b7/G4V5EfsImRmSOKTv2a8FtBJrNCcIzoUlaxYhPymT9LhZIVrz+ytAzfd/KN3RJystfL2Nvj3XaMohdZ5h8FFm4EI0efj99pm5wXx2F5fYcxst1lrT425o5TnZYpQrtX/rfL6INYMSYeZoM75r4zS0rAvpghlYHoYx5bMcp237qxTct7weT9vqz6Y+a/Ws080vsxOSBV9zEkWYthbVnhzApnt4eaRkcudMrxOAaLSRacPCedQqK1d6G4mPaSYct4giCl8lbljnZXffxzRupMuxY/cYh16T2SofXJsuaT7iBmYwosJX5GPD X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 85c1362f-5533-4479-f492-08d941736294 X-MS-Exchange-CrossTenant-AuthSource: BYAPR12MB2711.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jul 2021 18:16:48.2618 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: GO+JN6d5AuR/WVWKlDC2OmzZh+FkGHHRJRBwJY0IVE2mgkvtWVhslo+dy1kuzNPGMiO6wYtVMnwIrCnO3eauKQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR12MB3683 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Version 2 of GHCB specification provides SNP_GUEST_REQUEST and SNP_EXT_GUEST_REQUEST NAE that can be used by the SNP guest to communicate with the PSP. While at it, add a snp_issue_guest_request() helper that can be used by driver or other subsystem to issue the request to PSP. See SEV-SNP and GHCB spec for more details. Signed-off-by: Brijesh Singh --- arch/x86/include/uapi/asm/svm.h | 4 +++ arch/x86/kernel/sev.c | 57 +++++++++++++++++++++++++++++++++ include/linux/sev-guest.h | 48 +++++++++++++++++++++++++++ 3 files changed, 109 insertions(+) create mode 100644 include/linux/sev-guest.h diff --git a/arch/x86/include/uapi/asm/svm.h b/arch/x86/include/uapi/asm/svm.h index 997918f0a89a..9aaf0ab386ef 100644 --- a/arch/x86/include/uapi/asm/svm.h +++ b/arch/x86/include/uapi/asm/svm.h @@ -109,6 +109,8 @@ #define SVM_VMGEXIT_SET_AP_JUMP_TABLE 0 #define SVM_VMGEXIT_GET_AP_JUMP_TABLE 1 #define SVM_VMGEXIT_PSC 0x80000010 +#define SVM_VMGEXIT_GUEST_REQUEST 0x80000011 +#define SVM_VMGEXIT_EXT_GUEST_REQUEST 0x80000012 #define SVM_VMGEXIT_AP_CREATION 0x80000013 #define SVM_VMGEXIT_AP_CREATE_ON_INIT 0 #define SVM_VMGEXIT_AP_CREATE 1 @@ -221,6 +223,8 @@ { SVM_VMGEXIT_NMI_COMPLETE, "vmgexit_nmi_complete" }, \ { SVM_VMGEXIT_AP_HLT_LOOP, "vmgexit_ap_hlt_loop" }, \ { SVM_VMGEXIT_AP_JUMP_TABLE, "vmgexit_ap_jump_table" }, \ + { SVM_VMGEXIT_GUEST_REQUEST, "vmgexit_guest_request" }, \ + { SVM_VMGEXIT_EXT_GUEST_REQUEST, "vmgexit_ext_guest_request" }, \ { SVM_VMGEXIT_PSC, "vmgexit_page_state_change" }, \ { SVM_VMGEXIT_AP_CREATION, "vmgexit_ap_creation" }, \ { SVM_VMGEXIT_HYPERVISOR_FEATURES, "vmgexit_hypervisor_feature" }, \ diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index 04ef5e79fa12..b85cab838372 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -21,6 +21,7 @@ #include #include #include +#include #include #include @@ -2024,3 +2025,59 @@ bool __init handle_vc_boot_ghcb(struct pt_regs *regs) while (true) halt(); } + +int snp_issue_guest_request(int type, struct snp_guest_request_data *input, unsigned long *fw_err) +{ + struct ghcb_state state; + unsigned long id, flags; + struct ghcb *ghcb; + int ret; + + if (!sev_feature_enabled(SEV_SNP)) + return -ENODEV; + + + local_irq_save(flags); + + ghcb = __sev_get_ghcb(&state); + if (!ghcb) + return -ENODEV; + + vc_ghcb_invalidate(ghcb); + + if (type == GUEST_REQUEST) { + id = SVM_VMGEXIT_GUEST_REQUEST; + } else if (type == EXT_GUEST_REQUEST) { + id = SVM_VMGEXIT_EXT_GUEST_REQUEST; + ghcb_set_rax(ghcb, input->data_gpa); + ghcb_set_rbx(ghcb, input->data_npages); + } else { + ret = -EINVAL; + goto e_put; + } + + + ret = sev_es_ghcb_hv_call(ghcb, NULL, id, input->req_gpa, input->resp_gpa); + if (ret) + goto e_put; + + if (ghcb->save.sw_exit_info_2) { + + /* Number of expected pages are returned in RBX */ + if (id == EXT_GUEST_REQUEST) + input->data_npages = ghcb_get_rbx(ghcb); + + if (fw_err) + *fw_err = ghcb->save.sw_exit_info_2; + + ret = -EIO; + goto e_put; + } + +e_put: + __sev_put_ghcb(&state); + local_irq_restore(flags); + + return ret; +} +EXPORT_SYMBOL_GPL(snp_issue_guest_request); diff --git a/include/linux/sev-guest.h b/include/linux/sev-guest.h new file mode 100644 index 000000000000..24dd17507789 --- /dev/null +++ b/include/linux/sev-guest.h @@ -0,0 +1,48 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * AMD Secure Encrypted Virtualization (SEV) guest driver interface + * + * Copyright (C) 2021 Advanced Micro Devices, Inc. + * + * Author: Brijesh Singh + * + */ + +#ifndef __LINUX_SEV_GUEST_H_ +#define __LINUX_SEV_GUEST_H_ + +#include + +enum vmgexit_type { + GUEST_REQUEST, + EXT_GUEST_REQUEST, + + GUEST_REQUEST_MAX +}; + +/* + * The error code when the data_npages is too small. The error code + * is defined in the GHCB specification. + */ +#define SNP_GUEST_REQ_INVALID_LEN 0x100000000ULL + +struct snp_guest_request_data { + unsigned long req_gpa; + unsigned long resp_gpa; + unsigned long data_gpa; + unsigned int data_npages; +}; + +#ifdef CONFIG_AMD_MEM_ENCRYPT +int snp_issue_guest_request(int vmgexit_type, struct snp_guest_request_data *input, + unsigned long *fw_err); +#else + +static inline int snp_issue_guest_request(int type, struct snp_guest_request_data *input, + unsigned long *fw_err) +{ + return -ENODEV; +} + +#endif /* CONFIG_AMD_MEM_ENCRYPT */ +#endif /* __LINUX_SEV_GUEST_H__ */ From patchwork Wed Jul 7 18:15:04 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 470876 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 14C2FC07E95 for ; Wed, 7 Jul 2021 18:18:58 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id F2AFD61CC9 for ; Wed, 7 Jul 2021 18:18:57 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231404AbhGGSVh (ORCPT ); Wed, 7 Jul 2021 14:21:37 -0400 Received: from mail-bn8nam08on2069.outbound.protection.outlook.com ([40.107.100.69]:21697 "EHLO NAM04-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S232406AbhGGSVA (ORCPT ); Wed, 7 Jul 2021 14:21:00 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=IqFYSo6znlzYi/XSmwlsKMfH6UiRv5+HtGnPVxEXGc8A+Nyie+V6xcS5VzPM6r0kakFyD1veedRtjTwlp6pgwkD0cOI3aj2PBPtMnilBzpINSDY2iILDLHp4161WKWVt9H2HIF63LnjST/joNuF57ya3xY3AQU1VCQIUeYi9jM+fIz3sCLpqpz9E6zaEwaHoG+fc/f07Agk7sr9dGThHd1TImgc5Q6iOpEEo7hQt+ptYw9Q0qSRIch820jHfQ740Os08DmkHiaXXYocosZQ6RdSGUYzplI0ldXZ7bUI+6IMSzgid5/xYwfHUVqWKs+f6z5wMxAc/yCNUIyQ4A36PRQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tR23niDP6KqzoZ++CMef5OYnX++6222K6rIuW+vAly4=; b=W2s424oX8KerALJ57Y5H245CiKX6cxWhS8w36zuFhFNVbp9YwJh3GTE4GKG5whpuA9ccT7bHmkvB5xJVjJaC7SKtu1Cfi0fnpDlYdhpuI0TAcKAQyDbjJNWhKc81LUIZqGq4CGfFaaJrQR+d5nMvZ7t1unpCZi4onW+qATTi+wYiYOvtG9fnehJMFTTCOdtNrhXYeGM2LM4ntRErZUuDT4x/yBP3wuVRpys7T0wNHk7LOk0PHcPXjPbVyPZ8wy73KIHKXCA/w7U4UxkkWgvEmlkBL08NITBIngv6VqGgkhlr7nHin8qEEJSxUt8B9UrW5HFPxJ0nrDvBjbm5aVw8OQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tR23niDP6KqzoZ++CMef5OYnX++6222K6rIuW+vAly4=; b=WVdPB02OB76eQroV759C6fEH3uxQOrG44YQVfdYQzh5Z9zvuSmQd8r2zxGpkQWEbw/TDgnIsUqcYQR/Gw/E8lrQci6UvqpeBKOC5eboRM3vi0cSfQXIuNiKPx7VKauQm4rqQAyb9BNlYGxbU0+Tqcjyz2CBxbbrkKm9LnkhavUI= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) by BY5PR12MB3683.namprd12.prod.outlook.com (2603:10b6:a03:1a5::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4287.27; Wed, 7 Jul 2021 18:16:56 +0000 Received: from BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed]) by BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed%7]) with mapi id 15.20.4287.033; Wed, 7 Jul 2021 18:16:56 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , tony.luck@intel.com, npmccallum@redhat.com, brijesh.ksingh@gmail.com, Brijesh Singh Subject: [PATCH Part1 RFC v4 34/36] virt: Add SEV-SNP guest driver Date: Wed, 7 Jul 2021 13:15:04 -0500 Message-Id: <20210707181506.30489-35-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210707181506.30489-1-brijesh.singh@amd.com> References: <20210707181506.30489-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) To BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.19 via Frontend Transport; Wed, 7 Jul 2021 18:16:53 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 55973e93-e350-47bf-5363-08d941736704 X-MS-TrafficTypeDiagnostic: BY5PR12MB3683: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:3044; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: jlITFMYdB7zBQh0R+TQFN4lbBwRgVnp8A9uZdLePyM8dJ4rN7EqAPKc33FoVXYLOyk2AkRGfsP4BvnqYuFEddytA7WgGO9wMVy/VQ3d4sL7OMGdASYqEceMupea5keB58jmwLbGzv9DCsrNcbJ4+ex+BM6v10NKQdi1Il8JzCE+tIk8ECt7e3v6WTWrWypsuEKpsS1bnKQu2sFkJQodTK7N9tb9zXKUBQjn4d5LHvnKU9g3+63Hiov8ds0dd+acRkAReTwMFCfPR4dUvAK/uHtuUFmOAUPWtI2kK5jrVUx2WoGZnJGJm1x4BnwmBSjhZvNP5kMPi22KcZAO7dgsDZ19gBbtUe1CUbG4tL8NtskJMUm4bgY+oNrv+/CZiSmIoqNphGMCwDe+c/dkRtXNmet1N51H/DSW6k5TypGwaTDbr+QjOVWTabGZ+hKXB7myI1TiHf36F5U/hkiFpbZtp+YNwtAdlEWCEE2/m1dGtkalQrDMzMD2RoB/NEF9G47rAFWTZq95YWlGZ2OuJ4Fqz/X1IVyxJI4d/ww3mHCJY/+nG1yjxGgfXCODxi3EZ7wVo1An/swFwdmY8IKhsmWgRQQo7Es/pCZ6oSObGTftLYga1sM1utp3rfWlh0/zBzSSbUsGwTf0hA+6S9BUgdpIFLXQB/1copbmQOl+4eWPQlzyoQecajXDNPoJdOuuwG6RpdEoenytoLZESMqSwMrDPGeI/kUsMyEAzTmJKJPuZtAZNhuDgNLuRUduybYN7R2L0iJvKS56DNlm9xkp9/BVrsjv8jhbx7ol9Gd8j842Tbb0= X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR12MB2711.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(5660300002)(8936002)(2616005)(44832011)(956004)(38350700002)(26005)(6666004)(7406005)(83380400001)(7416002)(1076003)(66946007)(4326008)(54906003)(66476007)(8676002)(66556008)(2906002)(36756003)(966005)(38100700002)(52116002)(186003)(6486002)(498600001)(7696005)(30864003)(86362001); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: N523uKV03FMUVjZlLkolFFRZxOsZjwGF+fOLPMS36EPAoam3QQcvTr8Y8MCkXUYtVhMcpPgIGIGu4Gckmqgyo33bjv121sRR5kzdvllZ80+uMuFf7KSce3T9q6bXIRs6psFaoGVW3TzeqlEX0c7Znu4lYN6aiU6+nDZwGgtXdDePqG6OF0EtR7lFaIfp5kpkJLpu84o5HIdluY49S1Xphn/xpqql693jHTxRUuDaISRlCj76okfoZ1CavwRk75YPjCBAlrTXDMWH0ze+FgiOx/XMMVQqLeQ/O0YMSq3LgUKhPi3DnTmYR0AZyp9O558S2lNcRQbC/S0QeRvCiNvu923pNSom6ehEw4MDpNR2XWJBgN0TL/Dz60WM6jV04A0rWlDDLJgF43VerLs1022zKOITBzJBX0ffGQLsR2BN+I3Xbn1PPn202QXHWc/9kDsFircbEkXFrlG9qmTZMIW/WicFxS/qnbOpHI6I/BOrAQdSSWpU2oFAPzNas4f4m915H/ceGM6I14Xn9NNV8E6GR52XAgH385amthwBuc7Xk9Ic/SlUTMavyKqrpjXPn6bWqdrysDHxcFj5bLuRA1fO41FMj8rhABp2mduJkFWjeOPg3Un5XG9c2+MeJthS0CKk4rKugJ17UKL6RcmbXNtAicHgHlSfYqorJso2vVNTMsU1ccNYfI09tJkqbJ63gU3F72M8wrH2Xs/aguPrgZTHtNyAIYSXPm1z1EELfBy8HKO1jYQ02bAronuUCyK1c7nD9kT7w4uzAEsKqVctpyI9FTdtzmK9t/krUlLYE4SKVJAwSnMc44pSW/uFp7Xgj65vbkNScu+YZbI4y28qEDvPGvf4L8Gk6TBlKyagfa9AMI7CpAem3bkebG5TTLOwrWohoiTc9WfvWk8DpSEBG2knuUDogCU43q3+8dHa579gGaJLhe/bsxjrNOdObJZBDLAGlKO2XU/1bxvnqoX/v+Im6bp0BQ9n9BpqLTduBQF5EMEtNiQ85zEI68AF5Vo2DLAghUPht44XeeWQJoheRxHPE8HIQJEAZoblUU9dvw9rME/E2kAjAI8nhhHoAD9iL07xh+onmi/W7B/UXqLlWYSWvUluhBDqF+O+OPQVxlBln+EFEXj7PjazRihqlxpf5CxAKeAb+I2We0A0DjbRMIKjT4GAjFurtPrlQHAY0tQ9TodTOAQCesuREHZz3UqhJhoSW9I1EEvwbxIq/0JT+OS9wN/TXIUnS26F2gGAPo/ahBBx67IlmT6zDwfA2++B7YUeYINpIZ8Nj2r594VU6hGQjWFkbh2jVW62KdKYuJm3ueRgbh/4ivu0MVXSm6vM6p2C X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 55973e93-e350-47bf-5363-08d941736704 X-MS-Exchange-CrossTenant-AuthSource: BYAPR12MB2711.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jul 2021 18:16:55.8784 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: w+l2+4TjKIFoIwL14aXcAu/uN/SYv3YYd/ymhvDVUDWX2SRuL7hEVawZR8bHz38REU47b0nUVPif8DkIqJaMXA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR12MB3683 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org SEV-SNP specification provides the guest a mechanisum to communicate with the PSP without risk from a malicious hypervisor who wishes to read, alter, drop or replay the messages sent. The driver uses snp_issue_guest_request() to issue GHCB SNP_GUEST_REQUEST or SNP_EXT_GUEST_REQUEST NAE events to submit the request to PSP. The PSP requires that all communication should be encrypted using key specified through the platform_data. The userspace can use SNP_GET_REPORT ioctl() to query the guest attestation report. See SEV-SNP spec section Guest Messages for more details. Signed-off-by: Brijesh Singh --- Documentation/virt/coco/sevguest.rst | 69 ++++ drivers/virt/Kconfig | 3 + drivers/virt/Makefile | 1 + drivers/virt/coco/sevguest/Kconfig | 9 + drivers/virt/coco/sevguest/Makefile | 2 + drivers/virt/coco/sevguest/sevguest.c | 449 ++++++++++++++++++++++++++ drivers/virt/coco/sevguest/sevguest.h | 63 ++++ include/uapi/linux/sev-guest.h | 44 +++ 8 files changed, 640 insertions(+) create mode 100644 Documentation/virt/coco/sevguest.rst create mode 100644 drivers/virt/coco/sevguest/Kconfig create mode 100644 drivers/virt/coco/sevguest/Makefile create mode 100644 drivers/virt/coco/sevguest/sevguest.c create mode 100644 drivers/virt/coco/sevguest/sevguest.h create mode 100644 include/uapi/linux/sev-guest.h diff --git a/Documentation/virt/coco/sevguest.rst b/Documentation/virt/coco/sevguest.rst new file mode 100644 index 000000000000..52d5915037ef --- /dev/null +++ b/Documentation/virt/coco/sevguest.rst @@ -0,0 +1,69 @@ +.. SPDX-License-Identifier: GPL-2.0 + +=================================================================== +The Definitive SEV Guest API Documentation +=================================================================== + +1. General description +====================== + +The SEV API is a set of ioctls that are issued to by the guest or +hypervisor to get or set certain aspect of the SEV virtual machine. +The ioctls belong to the following classes: + + - Hypervisor ioctls: These query and set global attributes which affect the + whole SEV firmware. These ioctl is used by platform provision tools. + + - Guest ioctls: These query and set attribute of the SEV virtual machine. + +2. API description +================== + +This section describes ioctls that can be used to query or set SEV guests. +For each ioctl, the following information is provided along with a +description: + + Technology: + which SEV techology provides this ioctl. sev, sev-es, sev-snp or all. + + Type: + hypervisor or guest. The ioctl can be used inside the guest or the + hypervisor. + + Parameters: + what parameters are accepted by the ioctl. + + Returns: + the return value. General error numbers (ENOMEM, EINVAL) + are not detailed, but errors with specific meanings are. + +The guest ioctl should be called to /dev/sev-guest device. The ioctl accepts +struct snp_user_guest_request. The input and output structure is specified +through the req_data and resp_data field respectively. If the ioctl fails +to execute due to the firmware error, then fw_err code will be set. + +:: + struct snp_user_guest_request { + /* Request and response structure address */ + __u64 req_data; + __u64 resp_data; + + /* firmware error code on failure (see psp-sev.h) */ + __u64 fw_err; + }; + +2.1 SNP_GET_REPORT +------------------ + +:Technology: sev-snp +:Type: guest ioctl +:Parameters (in): struct snp_report_req +:Returns (out): struct snp_report_resp on success, -negative on error + +The SNP_GET_REPORT ioctl can be used to query the attestation report from the +SEV-SNP firmware. The ioctl uses the SNP_GUEST_REQUEST (MSG_REPORT_REQ) command +provided by the SEV-SNP firmware to query the attestation report. + +On success, the snp_report_resp.data will contains the report. The report +format is described in the SEV-SNP specification. See the SEV-SNP specification +for further details. diff --git a/drivers/virt/Kconfig b/drivers/virt/Kconfig index 8061e8ef449f..e457e47610d3 100644 --- a/drivers/virt/Kconfig +++ b/drivers/virt/Kconfig @@ -36,4 +36,7 @@ source "drivers/virt/vboxguest/Kconfig" source "drivers/virt/nitro_enclaves/Kconfig" source "drivers/virt/acrn/Kconfig" + +source "drivers/virt/coco/sevguest/Kconfig" + endif diff --git a/drivers/virt/Makefile b/drivers/virt/Makefile index 3e272ea60cd9..9c704a6fdcda 100644 --- a/drivers/virt/Makefile +++ b/drivers/virt/Makefile @@ -8,3 +8,4 @@ obj-y += vboxguest/ obj-$(CONFIG_NITRO_ENCLAVES) += nitro_enclaves/ obj-$(CONFIG_ACRN_HSM) += acrn/ +obj-$(CONFIG_SEV_GUEST) += coco/sevguest/ diff --git a/drivers/virt/coco/sevguest/Kconfig b/drivers/virt/coco/sevguest/Kconfig new file mode 100644 index 000000000000..96190919cca8 --- /dev/null +++ b/drivers/virt/coco/sevguest/Kconfig @@ -0,0 +1,9 @@ +config SEV_GUEST + tristate "AMD SEV Guest driver" + default y + depends on AMD_MEM_ENCRYPT && CRYPTO_AEAD2 + help + The driver can be used by the SEV-SNP guest to communicate with the PSP to + request the attestation report and more. + + If you choose 'M' here, this module will be called sevguest. diff --git a/drivers/virt/coco/sevguest/Makefile b/drivers/virt/coco/sevguest/Makefile new file mode 100644 index 000000000000..b1ffb2b4177b --- /dev/null +++ b/drivers/virt/coco/sevguest/Makefile @@ -0,0 +1,2 @@ +# SPDX-License-Identifier: GPL-2.0-only +obj-$(CONFIG_SEV_GUEST) += sevguest.o diff --git a/drivers/virt/coco/sevguest/sevguest.c b/drivers/virt/coco/sevguest/sevguest.c new file mode 100644 index 000000000000..f3f86f9b5b22 --- /dev/null +++ b/drivers/virt/coco/sevguest/sevguest.c @@ -0,0 +1,449 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * AMD Secure Encrypted Virtualization Nested Paging (SEV-SNP) guest request interface + * + * Copyright (C) 2021 Advanced Micro Devices, Inc. + * + * Author: Brijesh Singh + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "sevguest.h" + +#define DEVICE_NAME "sev-guest" +#define AAD_LEN 48 +#define MSG_HDR_VER 1 + +struct snp_guest_crypto { + struct crypto_aead *tfm; + uint8_t *iv, *authtag; + int iv_len, a_len; +}; + +struct snp_guest_dev { + struct device *dev; + struct miscdevice misc; + + struct snp_guest_crypto *crypto; + struct snp_guest_msg *request, *response; +}; + +static u8 vmpck_id; +static DEFINE_MUTEX(snp_cmd_mutex); + +static inline struct snp_guest_dev *to_snp_dev(struct file *file) +{ + struct miscdevice *dev = file->private_data; + + return container_of(dev, struct snp_guest_dev, misc); +} + +static struct snp_guest_crypto *init_crypto(struct snp_guest_dev *snp_dev, uint8_t *key, + size_t keylen) +{ + struct snp_guest_crypto *crypto; + + crypto = kzalloc(sizeof(*crypto), GFP_KERNEL_ACCOUNT); + if (!crypto) + return NULL; + + crypto->tfm = crypto_alloc_aead("gcm(aes)", 0, 0); + if (IS_ERR(crypto->tfm)) + goto e_free; + + if (crypto_aead_setkey(crypto->tfm, key, keylen)) + goto e_free_crypto; + + crypto->iv_len = crypto_aead_ivsize(crypto->tfm); + if (crypto->iv_len < 12) { + dev_err(snp_dev->dev, "IV length is less than 12.\n"); + goto e_free_crypto; + } + + crypto->iv = kmalloc(crypto->iv_len, GFP_KERNEL_ACCOUNT); + if (!crypto->iv) + goto e_free_crypto; + + if (crypto_aead_authsize(crypto->tfm) > MAX_AUTHTAG_LEN) { + if (crypto_aead_setauthsize(crypto->tfm, MAX_AUTHTAG_LEN)) { + dev_err(snp_dev->dev, "failed to set authsize to %d\n", MAX_AUTHTAG_LEN); + goto e_free_crypto; + } + } + + crypto->a_len = crypto_aead_authsize(crypto->tfm); + crypto->authtag = kmalloc(crypto->a_len, GFP_KERNEL_ACCOUNT); + if (!crypto->authtag) + goto e_free_crypto; + + return crypto; + +e_free_crypto: + crypto_free_aead(crypto->tfm); +e_free: + kfree(crypto->iv); + kfree(crypto->authtag); + kfree(crypto); + + return NULL; +} + +static void deinit_crypto(struct snp_guest_crypto *crypto) +{ + crypto_free_aead(crypto->tfm); + kfree(crypto->iv); + kfree(crypto->authtag); + kfree(crypto); +} + +static int enc_dec_message(struct snp_guest_crypto *crypto, struct snp_guest_msg *msg, + uint8_t *src_buf, uint8_t *dst_buf, size_t len, bool enc) +{ + struct snp_guest_msg_hdr *hdr = &msg->hdr; + struct scatterlist src[3], dst[3]; + DECLARE_CRYPTO_WAIT(wait); + struct aead_request *req; + int ret; + + req = aead_request_alloc(crypto->tfm, GFP_KERNEL); + if (!req) + return -ENOMEM; + + /* + * AEAD memory operations: + * +------ AAD -------+------- DATA -----+---- AUTHTAG----+ + * | msg header | plaintext | hdr->authtag | + * | bytes 30h - 5Fh | or | | + * | | cipher | | + * +------------------+------------------+----------------+ + */ + sg_init_table(src, 3); + sg_set_buf(&src[0], &hdr->algo, AAD_LEN); + sg_set_buf(&src[1], src_buf, hdr->msg_sz); + sg_set_buf(&src[2], hdr->authtag, crypto->a_len); + + sg_init_table(dst, 3); + sg_set_buf(&dst[0], &hdr->algo, AAD_LEN); + sg_set_buf(&dst[1], dst_buf, hdr->msg_sz); + sg_set_buf(&dst[2], hdr->authtag, crypto->a_len); + + aead_request_set_ad(req, AAD_LEN); + aead_request_set_tfm(req, crypto->tfm); + aead_request_set_callback(req, 0, crypto_req_done, &wait); + + aead_request_set_crypt(req, src, dst, len, crypto->iv); + ret = crypto_wait_req(enc ? crypto_aead_encrypt(req) : crypto_aead_decrypt(req), &wait); + + aead_request_free(req); + return ret; +} + +static int __enc_payload(struct snp_guest_dev *snp_dev, struct snp_guest_msg *msg, + void *plaintext, size_t len) +{ + struct snp_guest_crypto *crypto = snp_dev->crypto; + struct snp_guest_msg_hdr *hdr = &msg->hdr; + + memset(crypto->iv, 0, crypto->iv_len); + memcpy(crypto->iv, &hdr->msg_seqno, sizeof(hdr->msg_seqno)); + + return enc_dec_message(crypto, msg, plaintext, msg->payload, len, true); +} + +static int dec_payload(struct snp_guest_dev *snp_dev, struct snp_guest_msg *msg, + void *plaintext, size_t len) +{ + struct snp_guest_crypto *crypto = snp_dev->crypto; + struct snp_guest_msg_hdr *hdr = &msg->hdr; + + /* Build IV with response buffer sequence number */ + memset(crypto->iv, 0, crypto->iv_len); + memcpy(crypto->iv, &hdr->msg_seqno, sizeof(hdr->msg_seqno)); + + return enc_dec_message(crypto, msg, msg->payload, plaintext, len, false); +} + +static int verify_and_dec_payload(struct snp_guest_dev *snp_dev, void *payload, u32 sz) +{ + struct snp_guest_crypto *crypto = snp_dev->crypto; + struct snp_guest_msg *resp = snp_dev->response; + struct snp_guest_msg *req = snp_dev->request; + struct snp_guest_msg_hdr *req_hdr = &req->hdr; + struct snp_guest_msg_hdr *resp_hdr = &resp->hdr; + + dev_dbg(snp_dev->dev, "response [seqno %lld type %d version %d sz %d]\n", + resp_hdr->msg_seqno, resp_hdr->msg_type, resp_hdr->msg_version, resp_hdr->msg_sz); + + /* Verify that the sequence counter is incremented by 1 */ + if (unlikely(resp_hdr->msg_seqno != (req_hdr->msg_seqno + 1))) + return -EBADMSG; + + /* Verify response message type and version number. */ + if ((resp_hdr->msg_type != (req_hdr->msg_type + 1)) || + (resp_hdr->msg_version != req_hdr->msg_version)) + return -EBADMSG; + + /* + * If the message size is greater than our buffer length then return + * an error. + */ + if (unlikely((resp_hdr->msg_sz + crypto->a_len) > sz)) + return -EBADMSG; + + return dec_payload(snp_dev, resp, payload, resp_hdr->msg_sz + crypto->a_len); +} + +static bool enc_payload(struct snp_guest_dev *snp_dev, int version, u8 type, + void *payload, size_t sz) +{ + struct snp_guest_msg *req = snp_dev->request; + struct snp_guest_msg_hdr *hdr = &req->hdr; + + memset(req, 0, sizeof(*req)); + + hdr->algo = SNP_AEAD_AES_256_GCM; + hdr->hdr_version = MSG_HDR_VER; + hdr->hdr_sz = sizeof(*hdr); + hdr->msg_type = type; + hdr->msg_version = version; + hdr->msg_seqno = snp_msg_seqno(); + hdr->msg_vmpck = vmpck_id; + hdr->msg_sz = sz; + + dev_dbg(snp_dev->dev, "request [seqno %lld type %d version %d sz %d]\n", + hdr->msg_seqno, hdr->msg_type, hdr->msg_version, hdr->msg_sz); + + return __enc_payload(snp_dev, req, payload, sz); +} + +static int handle_guest_request(struct snp_guest_dev *snp_dev, int version, u8 type, + void *req_buf, size_t req_sz, void *resp_buf, + u32 resp_sz, __u64 *fw_err) +{ + struct snp_guest_request_data data; + unsigned long err; + int rc; + + memset(snp_dev->response, 0, sizeof(*snp_dev->response)); + + /* Encrypt the userspace provided payload */ + rc = enc_payload(snp_dev, version, type, req_buf, req_sz); + if (rc) + return rc; + + /* Call firmware to process the request */ + data.req_gpa = __pa(snp_dev->request); + data.resp_gpa = __pa(snp_dev->response); + rc = snp_issue_guest_request(GUEST_REQUEST, &data, &err); + + if (fw_err) + *fw_err = err; + + if (rc) + return rc; + + return verify_and_dec_payload(snp_dev, resp_buf, resp_sz); +} + +static int get_report(struct snp_guest_dev *snp_dev, struct snp_user_guest_request *arg) +{ + struct snp_guest_crypto *crypto = snp_dev->crypto; + struct snp_report_resp *resp; + struct snp_report_req req; + int rc, resp_len; + + if (!arg->req_data || !arg->resp_data) + return -EINVAL; + + /* Copy the request payload from the userspace */ + if (copy_from_user(&req, (void __user *)arg->req_data, sizeof(req))) + return -EFAULT; + + /* Message version must be non-zero */ + if (!req.msg_version) + return -EINVAL; + + /* + * The intermediate response buffer is used while decrypting the + * response payload. Make sure that it has enough space to cover the + * authtag. + */ + resp_len = sizeof(resp->data) + crypto->a_len; + resp = kzalloc(resp_len, GFP_KERNEL_ACCOUNT); + if (!resp) + return -ENOMEM; + + /* Issue the command to get the attestation report */ + rc = handle_guest_request(snp_dev, req.msg_version, SNP_MSG_REPORT_REQ, + &req.user_data, sizeof(req.user_data), resp->data, resp_len, + &arg->fw_err); + if (rc) + goto e_free; + + /* Copy the response payload to userspace */ + if (copy_to_user((void __user *)arg->resp_data, resp, sizeof(*resp))) + rc = -EFAULT; + +e_free: + kfree(resp); + return rc; +} + +static long snp_guest_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) +{ + struct snp_guest_dev *snp_dev = to_snp_dev(file); + void __user *argp = (void __user *)arg; + struct snp_user_guest_request input; + int ret = -ENOTTY; + + if (copy_from_user(&input, argp, sizeof(input))) + return -EFAULT; + + mutex_lock(&snp_cmd_mutex); + + switch (ioctl) { + case SNP_GET_REPORT: { + ret = get_report(snp_dev, &input); + break; + } + default: + break; + } + + mutex_unlock(&snp_cmd_mutex); + + if (copy_to_user(argp, &input, sizeof(input))) + return -EFAULT; + + return ret; +} + +static void free_shared_pages(void *buf, size_t sz) +{ + unsigned int npages = PAGE_ALIGN(sz) >> PAGE_SHIFT; + + /* If fail to restore the encryption mask then leak it. */ + if (set_memory_encrypted((unsigned long)buf, npages)) + return; + + __free_pages(virt_to_page(buf), get_order(sz)); +} + +static void *alloc_shared_pages(size_t sz) +{ + unsigned int npages = PAGE_ALIGN(sz) >> PAGE_SHIFT; + struct page *page; + int ret; + + page = alloc_pages(GFP_KERNEL_ACCOUNT, get_order(sz)); + if (IS_ERR(page)) + return NULL; + + ret = set_memory_decrypted((unsigned long)page_address(page), npages); + if (ret) { + __free_pages(page, get_order(sz)); + return NULL; + } + + return page_address(page); +} + +static const struct file_operations snp_guest_fops = { + .owner = THIS_MODULE, + .unlocked_ioctl = snp_guest_ioctl, +}; + +static int __init snp_guest_probe(struct platform_device *pdev) +{ + struct snp_guest_platform_data *data; + struct device *dev = &pdev->dev; + struct snp_guest_dev *snp_dev; + struct miscdevice *misc; + int ret; + + if (!dev->platform_data) + return -ENODEV; + + data = (struct snp_guest_platform_data *)dev->platform_data; + vmpck_id = data->vmpck_id; + + snp_dev = devm_kzalloc(&pdev->dev, sizeof(struct snp_guest_dev), GFP_KERNEL); + if (!snp_dev) + return -ENOMEM; + + platform_set_drvdata(pdev, snp_dev); + snp_dev->dev = dev; + + snp_dev->crypto = init_crypto(snp_dev, data->vmpck, sizeof(data->vmpck)); + if (!snp_dev->crypto) + return -EIO; + + /* Allocate the shared page used for the request and response message. */ + snp_dev->request = alloc_shared_pages(sizeof(struct snp_guest_msg)); + if (IS_ERR(snp_dev->request)) { + ret = PTR_ERR(snp_dev->request); + goto e_free_crypto; + } + + snp_dev->response = alloc_shared_pages(sizeof(struct snp_guest_msg)); + if (IS_ERR(snp_dev->response)) { + ret = PTR_ERR(snp_dev->response); + goto e_free_req; + } + + misc = &snp_dev->misc; + misc->minor = MISC_DYNAMIC_MINOR; + misc->name = DEVICE_NAME; + misc->fops = &snp_guest_fops; + + return misc_register(misc); + +e_free_req: + free_shared_pages(snp_dev->request, sizeof(struct snp_guest_msg)); + +e_free_crypto: + deinit_crypto(snp_dev->crypto); + + return ret; +} + +static int __exit snp_guest_remove(struct platform_device *pdev) +{ + struct snp_guest_dev *snp_dev = platform_get_drvdata(pdev); + + free_shared_pages(snp_dev->request, sizeof(struct snp_guest_msg)); + free_shared_pages(snp_dev->response, sizeof(struct snp_guest_msg)); + deinit_crypto(snp_dev->crypto); + misc_deregister(&snp_dev->misc); + + return 0; +} + +static struct platform_driver snp_guest_driver = { + .remove = __exit_p(snp_guest_remove), + .driver = { + .name = "snp-guest", + }, +}; + +module_platform_driver_probe(snp_guest_driver, snp_guest_probe); + +MODULE_AUTHOR("Brijesh Singh "); +MODULE_LICENSE("GPL"); +MODULE_VERSION("1.0.0"); +MODULE_DESCRIPTION("AMD SNP Guest Driver"); diff --git a/drivers/virt/coco/sevguest/sevguest.h b/drivers/virt/coco/sevguest/sevguest.h new file mode 100644 index 000000000000..4cd2f8b81154 --- /dev/null +++ b/drivers/virt/coco/sevguest/sevguest.h @@ -0,0 +1,63 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * Copyright (C) 2021 Advanced Micro Devices, Inc. + * + * Author: Brijesh Singh + * + * SEV-SNP API spec is available at https://developer.amd.com/sev + */ + +#ifndef __LINUX_SEVGUEST_H_ +#define __LINUX_SEVGUEST_H_ + +#include + +#define MAX_AUTHTAG_LEN 32 + +/* See SNP spec SNP_GUEST_REQUEST section for the structure */ +enum msg_type { + SNP_MSG_TYPE_INVALID = 0, + SNP_MSG_CPUID_REQ, + SNP_MSG_CPUID_RSP, + SNP_MSG_KEY_REQ, + SNP_MSG_KEY_RSP, + SNP_MSG_REPORT_REQ, + SNP_MSG_REPORT_RSP, + SNP_MSG_EXPORT_REQ, + SNP_MSG_EXPORT_RSP, + SNP_MSG_IMPORT_REQ, + SNP_MSG_IMPORT_RSP, + SNP_MSG_ABSORB_REQ, + SNP_MSG_ABSORB_RSP, + SNP_MSG_VMRK_REQ, + SNP_MSG_VMRK_RSP, + + SNP_MSG_TYPE_MAX +}; + +enum aead_algo { + SNP_AEAD_INVALID, + SNP_AEAD_AES_256_GCM, +}; + +struct snp_guest_msg_hdr { + u8 authtag[MAX_AUTHTAG_LEN]; + u64 msg_seqno; + u8 rsvd1[8]; + u8 algo; + u8 hdr_version; + u16 hdr_sz; + u8 msg_type; + u8 msg_version; + u16 msg_sz; + u32 rsvd2; + u8 msg_vmpck; + u8 rsvd3[35]; +} __packed; + +struct snp_guest_msg { + struct snp_guest_msg_hdr hdr; + u8 payload[4000]; +} __packed; + +#endif /* __LINUX_SNP_GUEST_H__ */ diff --git a/include/uapi/linux/sev-guest.h b/include/uapi/linux/sev-guest.h new file mode 100644 index 000000000000..e8cfd15133f3 --- /dev/null +++ b/include/uapi/linux/sev-guest.h @@ -0,0 +1,44 @@ +/* SPDX-License-Identifier: GPL-2.0-only WITH Linux-syscall-note */ +/* + * Userspace interface for AMD SEV and SEV-SNP guest driver. + * + * Copyright (C) 2021 Advanced Micro Devices, Inc. + * + * Author: Brijesh Singh + * + * SEV API specification is available at: https://developer.amd.com/sev/ + */ + +#ifndef __UAPI_LINUX_SEV_GUEST_H_ +#define __UAPI_LINUX_SEV_GUEST_H_ + +#include + +struct snp_report_req { + /* message version number (must be non-zero) */ + __u8 msg_version; + + /* user data that should be included in the report */ + __u8 user_data[64]; +}; + +struct snp_report_resp { + /* response data, see SEV-SNP spec for the format */ + __u8 data[4000]; +}; + +struct snp_user_guest_request { + /* Request and response structure address */ + __u64 req_data; + __u64 resp_data; + + /* firmware error code on failure (see psp-sev.h) */ + __u64 fw_err; +}; + +#define SNP_GUEST_REQ_IOC_TYPE 'S' + +/* Get SNP attestation report */ +#define SNP_GET_REPORT _IOWR(SNP_GUEST_REQ_IOC_TYPE, 0x0, struct snp_user_guest_request) + +#endif /* __UAPI_LINUX_SEV_GUEST_H_ */ From patchwork Wed Jul 7 18:15:05 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 470881 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6D8E6C07E9E for ; Wed, 7 Jul 2021 18:17:31 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 5040A61CB0 for ; Wed, 7 Jul 2021 18:17:31 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232008AbhGGSUK (ORCPT ); Wed, 7 Jul 2021 14:20:10 -0400 Received: from mail-dm6nam12on2046.outbound.protection.outlook.com ([40.107.243.46]:54561 "EHLO NAM12-DM6-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S232245AbhGGSTm (ORCPT ); Wed, 7 Jul 2021 14:19:42 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Of4slQiKLwMtGjxmYKnrf1DMlecyWhsSbvPzHBEn7YzWvKhDxMJTUzGWJMkEU4gPCoy4WC78pAG8CspnlcVsxh7u22VZKBm6N3tVWk2Ki9y+Yz/uKUCAf+1aH5Drjl3GIxF35LJfqiOW6p1aB4lgAhAkdqy+LfcQehOP712F0KPchGcwifX34QTQB1bXo7/KhnvPx+VxHv0EcmdIY3jnBcU+ExfFMsqcaGXhSBzgQfVicoH5kZv7P4wUKmk6a0RpryvUh6RGfbZyrUaXx9Bo2r7YhVhrbyJkW2xNn16c2cbJCmVl7OFNLao/nucKyMEiKSFXzgZvokfehx1JxHeZwQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=W/IHMOVem7t7z2OV4kUnI967SHyn8TUBIuL3M5S8ay0=; b=BppHbiDQXPrApQ/vUUQsFlEyu7CRznKvdGP4wvBOdYvhdSQHkuxONKO/ksoVsPwXD4w4cnOVeNZ+5ae0c6TBqyih3NQUPTLvglmiimxAefa6xUbUJShsAhcF2/bUySch5/y3g6uVpygEsZs22BvEhBb3fje2OlRAPlZirpW/8cGq0MhvX0THQlnhhrXya+Xi7rwfvLNsTZvOYDJU4JWfifBOuCPkqk014U4C7vwCXAUx8MaOhrsZVJzVmOzIch+SOmxH8wl9mp4drhWRdsadiEH36015YD33dsbo+2CbvYauj/Rxv3PdooVPTyK6I9IuaF/YLNaxXhEj0xtmX/b9Hw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=W/IHMOVem7t7z2OV4kUnI967SHyn8TUBIuL3M5S8ay0=; b=ScNWuFLi1miBzEuFDcjz5x/Frwzoy5kbgu80Hx6liy4J3yYBoRN0tSsFi+8TgVqgUvrLgevn64CInkzieSTLD1fB1NIS82OJaE/SwNjIVcfApkgKIKjTaMg/8TOtmnsUIcfF0IZ1CoDqi2f2mxQuPWAWCx9YBG7ba/qbWnkEtFk= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) by BYAPR12MB3527.namprd12.prod.outlook.com (2603:10b6:a03:13c::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.20; Wed, 7 Jul 2021 18:16:58 +0000 Received: from BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed]) by BYAPR12MB2711.namprd12.prod.outlook.com ([fe80::40e3:aade:9549:4bed%7]) with mapi id 15.20.4287.033; Wed, 7 Jul 2021 18:16:58 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , tony.luck@intel.com, npmccallum@redhat.com, brijesh.ksingh@gmail.com, Brijesh Singh Subject: [PATCH Part1 RFC v4 35/36] virt: sevguest: Add support to derive key Date: Wed, 7 Jul 2021 13:15:05 -0500 Message-Id: <20210707181506.30489-36-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210707181506.30489-1-brijesh.singh@amd.com> References: <20210707181506.30489-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) To BYAPR12MB2711.namprd12.prod.outlook.com (2603:10b6:a03:63::10) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA0PR11CA0104.namprd11.prod.outlook.com (2603:10b6:806:d1::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.19 via Frontend Transport; Wed, 7 Jul 2021 18:16:56 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 2112b32f-7620-48c1-6a87-08d9417368a5 X-MS-TrafficTypeDiagnostic: BYAPR12MB3527: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:2582; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: o5ydBn21GoXp2gFKS66M3DU/1eBS5DX4C/yWXkFHrjRLqvCvz5kvcOTwTqCkVHzCE1V//e3WNikES/2w/HF+eUGACHLP8Ast9pbD8lIs9Z0Xs1JR2nouy2Pj9xryWrt3CaeXgqL61d2tUIboYCkWSS1F3YwLXAI9+Sgm/wcx9jm0M9i/rJ30FQ9eAG3EzqxFa66SY/pbr2aekJFr+LaHpYFIUnnWJGSg0ZmJmoCyCFcdnnaU8T5CGBY8iTSvs+SK4Oh4FifUG479rtyXtgOF4kz2TqUphHsud361Do6Enz8tiS/kMjheawiGtQN5Pbf7k3/bH4gDvdoS8ZxJIy7G5P4xKudCiMmC6gBDwt8CZy8ebz8CLRnU40Uqe7BdU3YTiQFjIlbKI8xdep42TkIlziSIjYX+iGUsORg9pkwI3xxI3FKLiqJV4sVB3beyosumceXLnMrpOPX+6d38785nabbQ9uOKYk10PSw26SZbc7kYWuFOnQcdn2lbFmGW2wAPLNnfTJwkX2VI7UOGVGMIjEg0sk728CTzzcD6Eb9YRnp6xc64wIdplCmxBnGuVunr+T4jPuBPVJUDjF+9WF8O6+FCJm30yMnueDLSQS4Te0zgw22iknxOHcxMHbsrBhTnA1n3wi0TqEQcAiVkvOFTdipEc3LoiI3ZBG848/6VA+siuG5CtFZSJXnWvuT9ZRmz+v7RGXmeztbSKAuiG5yuqg== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR12MB2711.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(26005)(2616005)(5660300002)(498600001)(44832011)(6486002)(1076003)(66946007)(66556008)(83380400001)(86362001)(186003)(956004)(66476007)(8936002)(8676002)(52116002)(36756003)(54906003)(2906002)(7696005)(38100700002)(38350700002)(4326008)(6666004)(7406005)(7416002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: x6joJQOXuDsZ6RYp5TrE4w4WeXP5EmCBEixt/hxI4gKEyXrb9c/nvLVNjYkeqvMsi0CyBOm5Yl8xiHWMJkgpJlc9fpxf44fln2Y2FadDBbZdnDYaNDpO+DB/KoycXVfdgpRJlfRwptAvXhzWtNQIs/x32rDAiFBRjXNPEurq2yuW64Chy2jX7Yl5tDNfshmUf/0Wl8QmtSAUSMMyaId+f9F9AgoT9qhhVYG1RztfLcgN7vM+bw6v03wwpq+zZJqbfmMAFeYHRV0hb2dP29lXaw6yI/rHACF+31os0tGZtLyk5F+5gMufHPUhaKs2SOhfa5OituigBBRSKtl0+586Ft4BknJoWak+glxQqco4BGMf4OlXVu7f/dZJpFF/a2WzVQTYzLybjtGtv9IdgX69Fu6a7LxVf+SkdDYMXAHRb211ZIHcivbMCMC4mXregGfwSL2GApLli5XYY/+31VeDxYEovThiNOeLoac8rWlaWcJ72L7QnOQ3A9KuhFRC0cOng2+FFhlFaNgkubMomKWoogR8otInjebPo4eyIyPMy7TgDJx8rjNIj1CJZw+CnEjDr3YCyGwd+O80GfLqeyCJeJXoJVAWdlZsFbg/lMiZl71a68A8WTlkTUqKtY6twGmhut3/zNd3qJJ6aJIZj8N3d3wfXp1Ay5zEJXsmChXskPI0AFrYX/054heGc9NOf132dlApOBzI8a61PhDjokuY/SP5UNDiiQp3oDmGDr98LpdPqBZJ9bGKbZBXZm7VK3o8W1dqjQHhhqyUXHwqTFDOdnZCGlHOSi8+7dWKs6/OMcwbr3Rm6todb1u89mxkAE+MOLufiHwJXNISxAOldiIlneLdHiJi0RL4TUutwW9aXSvWVYp5E5wdj4xMiQ+oSthTDWSNh6Lii+QcsAHJgcMKTkpckg0DOAx560VVDnDf1e1+4mw3juERPmOUhRDJV8vBrAd7wgkU0j6Xn+4sw2OrHrQTC7yV/CI31E2jwGFB7SiIqpORVXhc271K4YD3+eO9U5gL1PGYjK5hC93vGQcZWH1sTjQ8eZolpyNq10QiOE9eptGLOoL/r0ySZFAxtB/H5Gh6jOIw1rCBv+9UR7G3KBhuAein9P8AqNdfhXYe7VRmgxU73t3Wj54E0z8ucHNkr5PPVIxXInxhGKOWFm1pXavuGXiuMfNt9b00gWq6bc/Ocw9vtwfBNVAbW2epwF2ahxmykV0DES+w1A2uzhUypNjCIyJirPZmZ4UCeYG32RVinjbB1hXDoAfJ/EV9MzktVWpbq/IY1BXRnw84Qc/ffPQX9p6t5rBN68BQHSVM4XZ4oK52UIEP1BqknX+RIYDh X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 2112b32f-7620-48c1-6a87-08d9417368a5 X-MS-Exchange-CrossTenant-AuthSource: BYAPR12MB2711.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jul 2021 18:16:58.4460 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: OvYpKSAjJuph2bQ0VjXhid9EUr/KNOjPeQlkvVBfvGYXZ8RlF5lPxmEbh97FNPmZkSg/60qZ4qTi6lJi91aEPA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR12MB3527 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The SNP_GET_DERIVED_KEY ioctl interface can be used by the SNP guest to ask the firmware to provide a key derived from a root key. The derived key may be used by the guest for any purposes it choose, such as a sealing key or communicating with the external entities. See SEV-SNP firmware spec for more information. Signed-off-by: Brijesh Singh --- Documentation/virt/coco/sevguest.rst | 18 ++++++++++ drivers/virt/coco/sevguest/sevguest.c | 48 +++++++++++++++++++++++++++ include/uapi/linux/sev-guest.h | 24 ++++++++++++++ 3 files changed, 90 insertions(+) diff --git a/Documentation/virt/coco/sevguest.rst b/Documentation/virt/coco/sevguest.rst index 52d5915037ef..25446670d816 100644 --- a/Documentation/virt/coco/sevguest.rst +++ b/Documentation/virt/coco/sevguest.rst @@ -67,3 +67,21 @@ provided by the SEV-SNP firmware to query the attestation report. On success, the snp_report_resp.data will contains the report. The report format is described in the SEV-SNP specification. See the SEV-SNP specification for further details. + +2.2 SNP_GET_DERIVED_KEY +----------------------- +:Technology: sev-snp +:Type: guest ioctl +:Parameters (in): struct snp_derived_key_req +:Returns (out): struct snp_derived_key_req on success, -negative on error + +The SNP_GET_DERIVED_KEY ioctl can be used to get a key derive from a root key. +The derived key can be used by the guest for any purpose, such as sealing keys +or communicating with external entities. + +The ioctl uses the SNP_GUEST_REQUEST (MSG_KEY_REQ) command provided by the +SEV-SNP firmware to derive the key. See SEV-SNP specification for further details +on the various fileds passed in the key derivation request. + +On success, the snp_derived_key_resp.data will contains the derived key +value. diff --git a/drivers/virt/coco/sevguest/sevguest.c b/drivers/virt/coco/sevguest/sevguest.c index f3f86f9b5b22..2f20db80490a 100644 --- a/drivers/virt/coco/sevguest/sevguest.c +++ b/drivers/virt/coco/sevguest/sevguest.c @@ -304,6 +304,50 @@ static int get_report(struct snp_guest_dev *snp_dev, struct snp_user_guest_reque return rc; } +static int get_derived_key(struct snp_guest_dev *snp_dev, struct snp_user_guest_request *arg) +{ + struct snp_guest_crypto *crypto = snp_dev->crypto; + struct snp_derived_key_resp *resp; + struct snp_derived_key_req req; + int rc, resp_len; + + if (!arg->req_data || !arg->resp_data) + return -EINVAL; + + /* Copy the request payload from the userspace */ + if (copy_from_user(&req, (void __user *)arg->req_data, sizeof(req))) + return -EFAULT; + + /* Message version must be non-zero */ + if (!req.msg_version) + return -EINVAL; + + /* + * The intermediate response buffer is used while decrypting the + * response payload. Make sure that it has enough space to cover the + * authtag. + */ + resp_len = sizeof(resp->data) + crypto->a_len; + resp = kzalloc(resp_len, GFP_KERNEL_ACCOUNT); + if (!resp) + return -ENOMEM; + + /* Issue the command to get the attestation report */ + rc = handle_guest_request(snp_dev, req.msg_version, SNP_MSG_KEY_REQ, + &req.data, sizeof(req.data), resp->data, resp_len, + &arg->fw_err); + if (rc) + goto e_free; + + /* Copy the response payload to userspace */ + if (copy_to_user((void __user *)arg->resp_data, resp, sizeof(*resp))) + rc = -EFAULT; + +e_free: + kfree(resp); + return rc; +} + static long snp_guest_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) { struct snp_guest_dev *snp_dev = to_snp_dev(file); @@ -321,6 +365,10 @@ static long snp_guest_ioctl(struct file *file, unsigned int ioctl, unsigned long ret = get_report(snp_dev, &input); break; } + case SNP_GET_DERIVED_KEY: { + ret = get_derived_key(snp_dev, &input); + break; + } default: break; } diff --git a/include/uapi/linux/sev-guest.h b/include/uapi/linux/sev-guest.h index e8cfd15133f3..621a9167df7a 100644 --- a/include/uapi/linux/sev-guest.h +++ b/include/uapi/linux/sev-guest.h @@ -36,9 +36,33 @@ struct snp_user_guest_request { __u64 fw_err; }; +struct __snp_derived_key_req { + __u32 root_key_select; + __u32 rsvd; + __u64 guest_field_select; + __u32 vmpl; + __u32 guest_svn; + __u64 tcb_version; +}; + +struct snp_derived_key_req { + /* message version number (must be non-zero) */ + __u8 msg_version; + + struct __snp_derived_key_req data; +}; + +struct snp_derived_key_resp { + /* response data, see SEV-SNP spec for the format */ + __u8 data[64]; +}; + #define SNP_GUEST_REQ_IOC_TYPE 'S' /* Get SNP attestation report */ #define SNP_GET_REPORT _IOWR(SNP_GUEST_REQ_IOC_TYPE, 0x0, struct snp_user_guest_request) +/* Get a derived key from the root */ +#define SNP_GET_DERIVED_KEY _IOWR(SNP_GUEST_REQ_IOC_TYPE, 0x1, struct snp_user_guest_request) + #endif /* __UAPI_LINUX_SEV_GUEST_H_ */