From patchwork Fri Aug 20 15:18:56 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 500682 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 47A29C00143 for ; Fri, 20 Aug 2021 15:20:54 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 185C0611AF for ; Fri, 20 Aug 2021 15:20:54 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241044AbhHTPV3 (ORCPT ); Fri, 20 Aug 2021 11:21:29 -0400 Received: from mail-bn8nam08on2046.outbound.protection.outlook.com ([40.107.100.46]:11233 "EHLO NAM04-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S241033AbhHTPV2 (ORCPT ); Fri, 20 Aug 2021 11:21:28 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YpOyTL2h5pKL+gwbPR3HlIrwheuX3DiQt1HXG8lJuVNGgps/c+I1FvKfpncksNmqdpBLXSCXW29QiO5gjMbOGZm7jAhZhrdFB1+Ej9L11Fy1smrV8aa4Ea0Shsar6kdp553E5xwUCZCl4c+IgyJsfjnqvT0dZwMT8oJUVTPFz94DGssrvJa8iUZZaxiKZEghPXal7YGY6fEXsWanAnNv8abjBtz3PlfLHvyUTdxgn6/KT70g98djzd92LgJZTjokEN9nO6flfaFRXMj75SdkzhSIE8y2u/jDr/lNYycbD+qArATzA661VNT3gKjw+9y0mkvw0UlFwwSaqD/onjTnEg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=5v6YTZghRoGRa9/aIt1C8yPC0VleEhMBpxR81rxlubY=; b=hFt4YouKzbFmTcAJNON0tnBWc5AsABxt0MQk8R11n0/y4uZSzWYWKP+e8ywmIZLvLtWiz6i/TfaExwnc+VUIWLlQ1Pw3+80VC7BQjEQRVKSd79RHX3VK9kx4+jPg3qsxp9FLX9qOg+rgvLUVCMjsOa0a7mnUMVoYjfihkDrlcgqDsLvIuJ1tpJB/eIAnd1ujXH+XR3BPX/8EzSzRo7igE33mgwPH3kH+9Wy2wa8AXp2JlSB2+uWsMeVEPNck8B3Vo0yovvpDZhWymFIMRx+UsPvQQhmUlpKVKCISFoit2o3IUIMJr4zkre9PTF1mMjcVHeD75Q3bLDK0xn9cariPvg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=5v6YTZghRoGRa9/aIt1C8yPC0VleEhMBpxR81rxlubY=; b=Y4GD926acpATchg5YrnOubsljyfzx2MkzBif5ZA0NfxBdqwBMTV9bR8c1QA2uexNlpjICCYL3/W6RFC+xWz1/O9+5rYnmmKDjSkPwCYYfEKj4cHK2f+FBgXA3x7lG4t//znNFGOMtFRfGVSKcS5SCaARnmJEQJLYUFw1V9wD2cw= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SA0PR12MB4557.namprd12.prod.outlook.com (2603:10b6:806:9d::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19; Fri, 20 Aug 2021 15:20:47 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3%6]) with mapi id 15.20.4436.019; Fri, 20 Aug 2021 15:20:47 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , "Kirill A . Shutemov" , Andi Kleen , tony.luck@intel.com, marcorr@google.com, sathyanarayanan.kuppuswamy@linux.intel.com, Brijesh Singh Subject: [PATCH Part1 v5 01/38] x86/mm: Add sev_feature_enabled() helper Date: Fri, 20 Aug 2021 10:18:56 -0500 Message-Id: <20210820151933.22401-2-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210820151933.22401-1-brijesh.singh@amd.com> References: <20210820151933.22401-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19 via Frontend Transport; Fri, 20 Aug 2021 15:20:46 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 25db4fad-6bca-49c2-a950-08d963ee1607 X-MS-TrafficTypeDiagnostic: SA0PR12MB4557: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:5797; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: hM7Yxs+PWpiAsD19GZbjEbLOyHjklluJzWAxupwT0dg7hVyz5wI2V5EPUN6ZC82E4X8xpXSV575KdsuPBEhzYa2QxvT2bwuAFDQgJEXixiY/jHFTTTx1XWZUmptgqe8xWK4BMg1aLyojudVONv28NM24AhDrE5Q1avuB2UOjuC1hIyTjnw1pT372BkP5mLDVaDUwsn1gX2yy0GgQNtJKpmlN3IEIRXlZ7Sp2WQCMSIno/Y/Eu1gEWAQJSy1bRFjENWTFWwTTRaUm3UlplOnRsutM8WYauOPZ7zV1jSziy54HWLe5ffuurWQDlwAwjeoQmOK+8u59F+dek+EnDxdOf8vCVMg78nHSX5otxoxT5G2lJfzi3KrBe+Uq/xn0qk2SD9doEuQLrC44qxFoQ/IOwUkvvGAloFMBCfDFo0uPQjJZhEZg6H0ssy78sbif9CaIOz0Rg4FiRyzsiRalAsvTK+VrSZ8R7rso/0MnLilDQSO4CcHUz/ThKsnzVPAqEd9qsv0oyHECQC9zbF5437cW7pS5NE7kRCI2pTsB3S8mUjIM0Dr0bFCe3wRsQE3TKcZe4HEWbVyVdehm7uDQV+apILX/lv9HEBqhVcJqKibNzABCyvTm/UJwW4bg7Wb0cC22xmR8dZAWmDeKbaU49fEUWZwOwAuO8qwDD+n8xxzR9/mAIqf68plN/XR7aorgPQt3Uc02aVRlQgAeCMEYx3k8eg== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR12MB2718.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(396003)(366004)(39860400002)(136003)(376002)(66476007)(66946007)(4326008)(478600001)(44832011)(956004)(2616005)(7696005)(7406005)(38350700002)(52116002)(66556008)(7416002)(38100700002)(6666004)(36756003)(186003)(316002)(8936002)(2906002)(86362001)(26005)(54906003)(1076003)(6486002)(8676002)(5660300002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: rcUs3C9GbJ0AqEKRIToY5HojnFdKs4mgK2mjfuL2ZKCk0Sq5F8pfnpbXvc87OvVowYXczJ7GcYrZB9SHb/TabG7ZDqXTQwAU43thJI8F+Ot3IWlHRWeUPAwXjlAe0CXZ+eWZlUZGU5VP09y5JvpUskG5bHGJ2fm2BapwrVLrf9d3Naja6Xqf9yoRCow9bKtha2VTZObrJLO9uYJKGTsHb8Q2OWbubSXNhC1Ubo7fnVkeCljQtw1DCyMxw3jGj5hdI9hHrPtqzttbRkn3ys+Hz6nnzzR3PniIr5ZAwmu1rw6BkaojAyBNWAkgJowUzM6bWUCM+ICH0OjFfLFB0Zrh03fOBEmVvCWMheJFVelICSbkbG56R3lYnPxEZMWO65rrehrePT0OTv7D6l5xLI0ycTyj1fbp9gk2dOYc6nAjOzjWm9esf/BlquzQW3C73moEYA9cCP7W+oMkRuA0mkD0+3NE2bXiy8/FB82BODz95OaaLl2ZGTlnSrlvMEOLkvXyqsYwQJUUGtIltix6vscfOLCqJrdcoYXN8RGj8R49PPLWef2/su8uk+erqK1Zr0vJp9+fEs9Px4hjsZSZKyl20IVzKxCBlzgKLtn2LVowQnZK4KowpvJj1KHsi/ZkIbrB9D5zvDXa/+YxNg8MJjHYCacOfbTAQHsjjIKNrUHqg4rW7l9Gzup2V9rwBdjuIGo3Rd99DFKy0ElPsbzLH7VV18OuJ8CtAPH9E/gngZAI9LtOOc+I3UHIGPrVd2LEqRh/zQXNtRj+CpKaNRUQHhhlGr3EHYRwQgzHziZQwG9OLr4yqFCmVNQusMt8WkvyCKmS2CiOPl4C5IpUEJ/7bW5zK5nKkb4kF17+cBJj1dPsj/UYExsZmm5lEojwFldP+wEt+DS9kOB0r+v057z48eavIVd9rE4byVUDVd5kamNhaM8tuEd29rbEM8gWQ43tQAxuWhnPgssiCY2uHoNTx8tI6vX/EE96eaaZCsxCZSKGCfxtVp2pvdahapCW4dfALsdFpu+FeVvpAPC5EQlg+3Fmvjzx/oLvUj07RiREV9X8tWf4m8A8BekxPHlHB7bII5k329G5pY20iNxUPbOt30Mdr0tcElyGlC2xR3z6QJmOXvLp2kdhYQ+SoiAL82FOHlCmY+x7megyAmjzDX4YaanRGmE7aeOqndeJykl4IULyyUgLJuuuenVwvt5hB/0Z+kOSbV/J+2HlXz+q425VtD/wA3yFV3SZpc0nacy0GWBX18K5QOhSGOlVW0y3Tx060wYCnaY5Y3HEcHYLGs7d3ed2TNPrFC2h6ixjLcmhabrDlMiM1Ncm0yYAX4y8W4VmKJA+ X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 25db4fad-6bca-49c2-a950-08d963ee1607 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Aug 2021 15:20:47.4671 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: tkgCljRyTDMREW5mifhBbB7XnQHU4WyHPaV7YtLCpHV2Bme/z5LHNwh8pmwRbFJe6h7ibM+1P+ecPYcqQDtUEg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB4557 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org The sev_feature_enabled() helper can be used by the guest to query whether the SNP - Secure Nested Paging feature is active. Signed-off-by: Brijesh Singh --- arch/x86/include/asm/mem_encrypt.h | 8 ++++++++ arch/x86/include/asm/msr-index.h | 2 ++ arch/x86/mm/mem_encrypt.c | 14 ++++++++++++++ 3 files changed, 24 insertions(+) diff --git a/arch/x86/include/asm/mem_encrypt.h b/arch/x86/include/asm/mem_encrypt.h index 9c80c68d75b5..df14291d65de 100644 --- a/arch/x86/include/asm/mem_encrypt.h +++ b/arch/x86/include/asm/mem_encrypt.h @@ -16,6 +16,12 @@ #include +enum sev_feature_type { + SEV, + SEV_ES, + SEV_SNP +}; + #ifdef CONFIG_AMD_MEM_ENCRYPT extern u64 sme_me_mask; @@ -53,6 +59,7 @@ void __init sev_es_init_vc_handling(void); bool sme_active(void); bool sev_active(void); bool sev_es_active(void); +bool sev_feature_enabled(unsigned int feature_type); #define __bss_decrypted __section(".bss..decrypted") @@ -85,6 +92,7 @@ static inline int __init early_set_memory_encrypted(unsigned long vaddr, unsigned long size) { return 0; } static inline void mem_encrypt_free_decrypted_mem(void) { } +static bool sev_feature_enabled(unsigned int feature_type) { return false; } #define __bss_decrypted diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-index.h index a7c413432b33..37589da0282e 100644 --- a/arch/x86/include/asm/msr-index.h +++ b/arch/x86/include/asm/msr-index.h @@ -481,8 +481,10 @@ #define MSR_AMD64_SEV 0xc0010131 #define MSR_AMD64_SEV_ENABLED_BIT 0 #define MSR_AMD64_SEV_ES_ENABLED_BIT 1 +#define MSR_AMD64_SEV_SNP_ENABLED_BIT 2 #define MSR_AMD64_SEV_ENABLED BIT_ULL(MSR_AMD64_SEV_ENABLED_BIT) #define MSR_AMD64_SEV_ES_ENABLED BIT_ULL(MSR_AMD64_SEV_ES_ENABLED_BIT) +#define MSR_AMD64_SEV_SNP_ENABLED BIT_ULL(MSR_AMD64_SEV_SNP_ENABLED_BIT) #define MSR_AMD64_VIRT_SPEC_CTRL 0xc001011f diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c index ff08dc463634..63e7799a9a86 100644 --- a/arch/x86/mm/mem_encrypt.c +++ b/arch/x86/mm/mem_encrypt.c @@ -389,6 +389,16 @@ bool noinstr sev_es_active(void) return sev_status & MSR_AMD64_SEV_ES_ENABLED; } +bool sev_feature_enabled(unsigned int type) +{ + switch (type) { + case SEV: return sev_status & MSR_AMD64_SEV_ENABLED; + case SEV_ES: return sev_status & MSR_AMD64_SEV_ES_ENABLED; + case SEV_SNP: return sev_status & MSR_AMD64_SEV_SNP_ENABLED; + default: return false; + } +} + /* Override for DMA direct allocation check - ARCH_HAS_FORCE_DMA_UNENCRYPTED */ bool force_dma_unencrypted(struct device *dev) { @@ -461,6 +471,10 @@ static void print_mem_encrypt_feature_info(void) if (sev_es_active()) pr_cont(" SEV-ES"); + /* Secure Nested Paging */ + if (sev_feature_enabled(SEV_SNP)) + pr_cont(" SEV-SNP"); + pr_cont("\n"); } From patchwork Fri Aug 20 15:18:58 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 500681 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E3945C4338F for ; Fri, 20 Aug 2021 15:21:02 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id C90BF61186 for ; Fri, 20 Aug 2021 15:21:02 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241106AbhHTPVj (ORCPT ); Fri, 20 Aug 2021 11:21:39 -0400 Received: from mail-co1nam11on2068.outbound.protection.outlook.com ([40.107.220.68]:8352 "EHLO NAM11-CO1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S241066AbhHTPVd (ORCPT ); Fri, 20 Aug 2021 11:21:33 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mJW1kpx8kknzH8cNYIofVXLGJ+zhibzxJWfl9+b5aYtaNTSJzixQX6NNR0qTuRiUd/USwkVSYKTMzhi9DyvOCLrgzgv8BMbKVVmO4MeUalFVxwMYonNdtS2bufHs/tqhHmmC4Wc7KEAIWa9EIHq0tvVLjja4mVxh2cMgmiqDaRolmgQc43XPGmw/Gmyh2SWTwhENn2kgmab7kJMGgdwhisbQ1nX3qgdwqGpvj9Yk5RopHsgzSaxUFkgN6kqqmhwblwOYEwJZqWf12lwCReOZJEuyRawe3/f6k7giMhLa/4tnzfJgSGibF8kz7oYEBhF55w4Sb+yEib5AdkIOQvvSCw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=XR9f5Xjt+Wy+OrimmL0RD9IF1Qe9yBktnGHvL6u1gpk=; b=CLLM70owTiNxodSncAtyNTBkE6Qrjc347BunxNqCsVeV4DA/VBRaYFYSgeRxxKN0Gawzr2mPJ4901jB2IetRuXrx5v7QTYuMAcMg1qBBT9fx3TbgcM6tYyCrvp6oDy6grXPg5gdWwDCOImsZLlTyBnSYs7IE4jK28GbQpqjIQq+OfgS/yHDs1ZmnosDvMUhllz6ZMHC4BrH6qdqZAUd2b0Xby3tkl8+xMdiB7ojTxZjy4lnmcq2s60APocgpvQwOw911AFKSN1AkeZqEVV2kQwN8D5U1FCtL1mdW7U3pQ16/h2PF+DzTr217XyXrQ1RcfVlB3DKn5Okf1qDGVG5VXw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=XR9f5Xjt+Wy+OrimmL0RD9IF1Qe9yBktnGHvL6u1gpk=; b=QLd1YS9T96YbIP6LQrAr+QubJSHV2Ks1GPJ+WZIOZNc50uWZMNcU5c/VXjnqfwR/ffB/XLSK4NVauLEkeFnQ0YtNFw20a8PJMfVnLkU+Efs4MZ/BFuebk6a47q8c+dNy1ybeCfQkwVvif4eXFIU5GbXv5cWVtvGI6ArdUKnBlII= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SN6PR12MB2719.namprd12.prod.outlook.com (2603:10b6:805:6c::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19; Fri, 20 Aug 2021 15:20:50 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3%6]) with mapi id 15.20.4436.019; Fri, 20 Aug 2021 15:20:50 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , "Kirill A . Shutemov" , Andi Kleen , tony.luck@intel.com, marcorr@google.com, sathyanarayanan.kuppuswamy@linux.intel.com, Borislav Petkov Subject: [PATCH Part1 v5 03/38] x86/sev: Get rid of excessive use of defines Date: Fri, 20 Aug 2021 10:18:58 -0500 Message-Id: <20210820151933.22401-4-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210820151933.22401-1-brijesh.singh@amd.com> References: <20210820151933.22401-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19 via Frontend Transport; Fri, 20 Aug 2021 15:20:48 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: c58e7343-e2ea-4d91-d2f3-08d963ee178e X-MS-TrafficTypeDiagnostic: SN6PR12MB2719: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:9508; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: ScqjWuLqlzTP1Y63UQisuTHaERuMFy1KK+uOlXJSR/l0t7BimCdGHJfZVv5R6gNYGR/qCld8885K0i2wZ8Y83ymOU4LdyJrIT7ccIbncLY0Bs/gAh0kiDPxqssIjeHtefwlOTqfNEZp/oUet+q4l6K6TDFujzBBnRqekv6WfdQPx296ePllgEXbXqqb8GYSvhy9ab+0RtOGjG7rFx6sbFWhUjfEPIebA/0qnr4ODxsliGdCmtBD7Ao+9vaXSGvd5swhtc7jgfKRGRnPHf2A7PtCsVBThWkVk/dZ8Gt1xVrSi4wdq/DMT4b0RqQTVrSC5m2cLa/8QegxyH46knRKtDbhZYiOmdc1/zfSyP8zYoF1yNQmBbN+O4adbu1UnfhTzIJN+vwNxT/kmAn4720vQq3+N4/ioC5+HsxlFl2Mr6kzP/aCi+MBMyIpG0Exc2ftSbU3I2N4sLikCWsMr2R5dDpucpqUlyCezUSFUCP74WGdt+8vTzOxUcS2JcN/u3Mr7FTCQO7wIZo9W1/FcpCh7KGix4F2y4lEyYknAN/HX3AEHlZPWQZuUGDA22YXqIbMVZlBXj/cjCFoiHx4YXcZOPsAZX+FY/hWEbsXyI7otfR6QvCKJcSskt1QAQgTTACpEDYEXhbYHlF4S1R2VhF3R1kfvTTDJ/DpEW9OE7yUR6zSCtLp7NOKU/SY+2wsltgkTZ6a+niwVSDxP72mdLlYQ2rYPVVhLfJexpIHNC800kgs= X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR12MB2718.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(366004)(396003)(39860400002)(346002)(136003)(956004)(38100700002)(38350700002)(8936002)(52116002)(6486002)(478600001)(8676002)(44832011)(2616005)(66476007)(7416002)(66556008)(7406005)(2906002)(83380400001)(66946007)(5660300002)(54906003)(316002)(86362001)(6666004)(26005)(4326008)(186003)(7696005)(36756003)(1076003)(26583001); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: LUM86UKPI/dQoUsOLezqdjlgEBIBKwcfS2lO7Z2rjipOl+lxkJUXGlN30OHQkJnQah8AH0GZh+yWUZPmOvhCjNIe49liUXsc49fwf7FvKID0/WwwPUnazbdEPCu8D4OesBl/+qgeqkLPBzQGFZLlRGVgVxZ7COOz3fQy++n4NYR6WHIRAHKDN0kLJxoIwy5eGVqCX0sW0P/PklTMzgdnvHy8OhT0SNfi4/n7tZqr1CrHLEl5I+A2iO86KqyLTOTO3V0X4nboJcEgMSGFpD6oEtNU7d5CB+TKh926J1KSwWGeahfZRCwXv91HgSFcE0+vVwLi6l5UAIESSuvwbegMMxCW7KVbUHL55PeTLCqkv7UHdqomyrIUoZJ582DpQHQnV8dU9RlNGTBtIg4KExpJA6glT1eY3DtkKxVZ4zoygk53Nhn8ynQ7fSAmUQ+5K6oxQSSvqGxvfd0wCoWmW4i5C9jrWtYSLKu1qwSYlo3baJX+tk9FQymoWECc6CGfe2RNwqHT47LvuYvy+rIQXzUfbl1DEDO05Bg5WZ/Gwe4HjF/8QSFlXw03jMRX9k748C4Ed1r9/xXkF8WjJf/MwaNJYoGIyTkQ3noVGnzERoSjBnn/1dDL3s1SzQLSp1G8yB+P754fpmJVRJKSFvGwBCI2dwOHS7rWEHApRYE4wOK9jTvppIF5SN1frDgbeWEfbbMZhPQQ29Qjz15d/sCwy5efbnJQzi3MMbdIi4vJMAC2RWJjf8uE8pMKmDVFzyu2tEraotc+i+WGh9Xpzq0zM1Y4w/OTYdHrXBZ5bAs4VSP+XuY14iCDwQU9ioILhHeMqGLlcTlQRbpD8p+5HTsl4fDBGYOaTwAi5jFIphULUoo0v4lFy2DI/w672f0a/NSG7ap2uv0lOdFRHaTpuy738wzOgKzOkiV793TSC5U6YZr2mPZd158NRd8KH4VC9JK8JQIrMtn3+OLmFh2x1hYC0KRazjx/F4UaHFcBpkxtzyBPuVmc24+/pMeHNXdOgVcnr3UW6M1rngVdblQ/bmOgrIL08c4ra9T1XqSb2UXNi9QCjv10ir7ulU2ynKAS4ZW6RkD/INE4jj5G9Ej6HBLh2KzUshMb/w9t57QRyYKsx2kUjlSBS0pEVTvDXVfvE75qwqiOwoyxE/tfP16fGZlEfAT3mAvpyK7aTWi1/Lt7ktxZaR/7DDWDn7Z1QceqsYTIC9dm70tRnFySnVW2nMMqAJfa6PgHdQEz7+XD+GVo1SiYrYDOFez3msrmvhyet9BTtwEzVrdVFM4SeIGyfs5ow+CqHrqYarYrjWHqqGO2Vi6INQGSLuDsfkUSO7t91NP6AQ5X X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: c58e7343-e2ea-4d91-d2f3-08d963ee178e X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Aug 2021 15:20:50.0756 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: y+sdBf6p5Yh+iRWq6zKESKcqG7O5KwQ7/EeveqgmEl2GlD/gOya4JZa0mX84XocEy6x93MH1gV2hfjlebOW3jg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR12MB2719 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org From: Borislav Petkov Remove all the defines of masks and bit positions for the GHCB MSR protocol and use comments instead which correspond directly to the spec so that following those can be a lot easier and straightforward with the spec opened in parallel to the code. Aligh vertically while at it. No functional changes. Signed-off-by: Borislav Petkov --- arch/x86/include/asm/sev-common.h | 51 +++++++++++++++++-------------- 1 file changed, 28 insertions(+), 23 deletions(-) diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index 855b0ec9c4e8..aac44c3f839c 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -18,20 +18,19 @@ /* SEV Information Request/Response */ #define GHCB_MSR_SEV_INFO_RESP 0x001 #define GHCB_MSR_SEV_INFO_REQ 0x002 -#define GHCB_MSR_VER_MAX_POS 48 -#define GHCB_MSR_VER_MAX_MASK 0xffff -#define GHCB_MSR_VER_MIN_POS 32 -#define GHCB_MSR_VER_MIN_MASK 0xffff -#define GHCB_MSR_CBIT_POS 24 -#define GHCB_MSR_CBIT_MASK 0xff -#define GHCB_MSR_SEV_INFO(_max, _min, _cbit) \ - ((((_max) & GHCB_MSR_VER_MAX_MASK) << GHCB_MSR_VER_MAX_POS) | \ - (((_min) & GHCB_MSR_VER_MIN_MASK) << GHCB_MSR_VER_MIN_POS) | \ - (((_cbit) & GHCB_MSR_CBIT_MASK) << GHCB_MSR_CBIT_POS) | \ + +#define GHCB_MSR_SEV_INFO(_max, _min, _cbit) \ + /* GHCBData[63:48] */ \ + ((((_max) & 0xffff) << 48) | \ + /* GHCBData[47:32] */ \ + (((_min) & 0xffff) << 32) | \ + /* GHCBData[31:24] */ \ + (((_cbit) & 0xff) << 24) | \ GHCB_MSR_SEV_INFO_RESP) + #define GHCB_MSR_INFO(v) ((v) & 0xfffUL) -#define GHCB_MSR_PROTO_MAX(v) (((v) >> GHCB_MSR_VER_MAX_POS) & GHCB_MSR_VER_MAX_MASK) -#define GHCB_MSR_PROTO_MIN(v) (((v) >> GHCB_MSR_VER_MIN_POS) & GHCB_MSR_VER_MIN_MASK) +#define GHCB_MSR_PROTO_MAX(v) (((v) >> 48) & 0xffff) +#define GHCB_MSR_PROTO_MIN(v) (((v) >> 32) & 0xffff) /* CPUID Request/Response */ #define GHCB_MSR_CPUID_REQ 0x004 @@ -46,27 +45,33 @@ #define GHCB_CPUID_REQ_EBX 1 #define GHCB_CPUID_REQ_ECX 2 #define GHCB_CPUID_REQ_EDX 3 -#define GHCB_CPUID_REQ(fn, reg) \ - (GHCB_MSR_CPUID_REQ | \ - (((unsigned long)reg & GHCB_MSR_CPUID_REG_MASK) << GHCB_MSR_CPUID_REG_POS) | \ - (((unsigned long)fn) << GHCB_MSR_CPUID_FUNC_POS)) +#define GHCB_CPUID_REQ(fn, reg) \ + /* GHCBData[11:0] */ \ + (GHCB_MSR_CPUID_REQ | \ + /* GHCBData[31:12] */ \ + (((unsigned long)(reg) & 0x3) << 30) | \ + /* GHCBData[63:32] */ \ + (((unsigned long)fn) << 32)) /* AP Reset Hold */ -#define GHCB_MSR_AP_RESET_HOLD_REQ 0x006 -#define GHCB_MSR_AP_RESET_HOLD_RESP 0x007 +#define GHCB_MSR_AP_RESET_HOLD_REQ 0x006 +#define GHCB_MSR_AP_RESET_HOLD_RESP 0x007 /* GHCB Hypervisor Feature Request/Response */ -#define GHCB_MSR_HV_FT_REQ 0x080 -#define GHCB_MSR_HV_FT_RESP 0x081 +#define GHCB_MSR_HV_FT_REQ 0x080 +#define GHCB_MSR_HV_FT_RESP 0x081 #define GHCB_MSR_TERM_REQ 0x100 #define GHCB_MSR_TERM_REASON_SET_POS 12 #define GHCB_MSR_TERM_REASON_SET_MASK 0xf #define GHCB_MSR_TERM_REASON_POS 16 #define GHCB_MSR_TERM_REASON_MASK 0xff -#define GHCB_SEV_TERM_REASON(reason_set, reason_val) \ - (((((u64)reason_set) & GHCB_MSR_TERM_REASON_SET_MASK) << GHCB_MSR_TERM_REASON_SET_POS) | \ - ((((u64)reason_val) & GHCB_MSR_TERM_REASON_MASK) << GHCB_MSR_TERM_REASON_POS)) + +#define GHCB_SEV_TERM_REASON(reason_set, reason_val) \ + /* GHCBData[15:12] */ \ + (((((u64)reason_set) & 0xf) << 12) | \ + /* GHCBData[23:16] */ \ + ((((u64)reason_val) & 0xff) << 16)) #define GHCB_SEV_ES_GEN_REQ 0 #define GHCB_SEV_ES_PROT_UNSUPPORTED 1 From patchwork Fri Aug 20 15:19:01 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 500674 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id B7CC8C19F34 for ; Fri, 20 Aug 2021 15:22:03 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id A15D561248 for ; Fri, 20 Aug 2021 15:22:03 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235928AbhHTPWk (ORCPT ); Fri, 20 Aug 2021 11:22:40 -0400 Received: from mail-co1nam11on2068.outbound.protection.outlook.com ([40.107.220.68]:8352 "EHLO NAM11-CO1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S241029AbhHTPVp (ORCPT ); Fri, 20 Aug 2021 11:21:45 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=g6Cu6L0IbpxoLhrWe36MTteHCJ25DcoBkvD0c7LbYVUbBi99MXiYes6itFqd01b0iqkG9nMHY2Hu96NaQgOFtWJ9e4PTMMm1K4XaFJfRUcy6Kr921iKz3+14T/uHK8DvJQtrtFU+91rPs+WWelJ2kpYNaffa2PECnRbDB3m/P3abNQVPk9C1Y/BxiQl2d6e8ivCi+Qvr8OIwPK6CXvDPOTIC4WYb+2zuV+jk1vahOZh0CLIk9Boe2jeXzEhFNuGTqlvtoeep1ynNdA2FFVIoZA5uYhVditjRF9rf1crRrkwse8DBsfxujLzK1AyBbfsWLzgPHAxJ6XAvPLOvVDul/A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LsZWwoB/TNIyhU/a3IVzCQpCz29XTt8vd4SB2+Rsd8Y=; b=bEd3uY6BINEMCBTxsSBZvMuXVxPdWThvP/pHPAgdPFAmWO319KgZ34Lp4KEIJqFFT9rbolERZrtei13kMaLK4fgpDFsJudc+XiQwNasLctksrN0new42MxmtXrXTP9/UH713dFqbLdqmSkz9eifUr/23a292bY7AbEdK14bPpE0epmtJdAEX4oghXdBNwKZLCXqHINczkxzp8X446ktnTi/+AqzSn++Ec1w7guLndAJh7VwENpoHqegdZJ+RsKSFNsn/R1Ov0mm+mLzl6Hmx+IwLZlnD0EMfwR5ArrVGUW02B6mPwsRQRWiIkzKsRNEtCDLgRP+5GsGvBMRiCzp5PQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LsZWwoB/TNIyhU/a3IVzCQpCz29XTt8vd4SB2+Rsd8Y=; b=1xj4RPlQC7yn1jG6AXhatMQ04cUHU34pt1rjWScuKbvdoZYGXlsClyh2q7/7iyFPLg4ziX5WEB5lrTJAsDgSn7r71haVlR+w4CyHky0iq5xks9mIFtZs+3iBDnb1fFXieoHiQPK2D4WnEnQyqro8w6s1Vn8tEIiEfod2IXJfg1c= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SN6PR12MB2719.namprd12.prod.outlook.com (2603:10b6:805:6c::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19; Fri, 20 Aug 2021 15:20:54 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3%6]) with mapi id 15.20.4436.019; Fri, 20 Aug 2021 15:20:54 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , "Kirill A . Shutemov" , Andi Kleen , tony.luck@intel.com, marcorr@google.com, sathyanarayanan.kuppuswamy@linux.intel.com, Brijesh Singh Subject: [PATCH Part1 v5 06/38] x86/sev: Save the negotiated GHCB version Date: Fri, 20 Aug 2021 10:19:01 -0500 Message-Id: <20210820151933.22401-7-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210820151933.22401-1-brijesh.singh@amd.com> References: <20210820151933.22401-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19 via Frontend Transport; Fri, 20 Aug 2021 15:20:52 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: ab3c9c33-01b2-4bb4-31bd-08d963ee1a38 X-MS-TrafficTypeDiagnostic: SN6PR12MB2719: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:9508; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: bnPdq9yMl90DA7G16Oqv14SfoZ4kTVwzLAVKT/4oWM2CGwRFIHXDIQE0V6jH+85v3cc2tFbwCtDHsReTFYgtWeVFMgCq7R5krW5UckiHmedCT37h3e4cPqpwdrJvlkGEz7de+QL47Kvm8opFY6Pa+ZTuRay6wsLqz8zdmsuIja05SKTZh2qs/hu8PbBlny0eG5pFu1VZTqBfJmLjId00LLw17jAXNyuRHcHZd1sLWmcS1pkenETPVthWG9NKXGdc0XaVYwqV5gjBfFFoeXLoNdi9EVIfcFuZlqOIjlE3wbfhRAWtFIaMuH7+Y82qK5yjPnLa5BUaWd1+MJ/M3T2PbDzptuD+HYso5guBZb0czCllDJgSOIF6eruYw5CBVB0Vj17gwlfJ4B56J2us98Ewk3ccq2bRXaL+O99vA+4LIF9qXXnZuUrm27se/+qxveuv6EYSPzTRzcH6Ot6/orzwUmC/7F3mE+TmXnD0Vm8waT6XEyhJEAVSbmBexAUUt7yXKr/twVmA5vQ8WX8IyNr1wgy8WoIPi7R+G7VHuqN0CvmwboUrx1Y30fXl23Gh1o39fh2kuGG2FNp8UkcswdM4LWYmWvvzz+u415gXvjT2b6Xh2CWaI0NfXTypObr5KPQjfcuavpK59738MZ5PTif78i92IXz5Tx+6VA8I+UK/yRatQJltXhQWDSOSca7d0Irv X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR12MB2718.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(366004)(396003)(39860400002)(346002)(136003)(956004)(38100700002)(38350700002)(8936002)(52116002)(6486002)(478600001)(8676002)(44832011)(2616005)(66476007)(7416002)(66556008)(7406005)(2906002)(83380400001)(66946007)(5660300002)(54906003)(316002)(86362001)(6666004)(26005)(4326008)(186003)(7696005)(36756003)(1076003); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: VGcYLI6yjt4ckrsf+gNPkah2FFNDOwNyOJMCgoGCc2wyYHRWCHuvk+mTE3DDc2t0Hszx3YMcv0zLSPQGsynZ2KnOF4hYwqe2hyU9p0s0FNHicRHhvNBJgDViqAFsQTfH4gOBLNXv2JpbHdHSd9tf1IBEz5AqPnjJ+WPkZW0Xi7IVT5Xw2KTP7Atml+KdHKOC/WITgpUhQ3jEAanDuoB5NxJNVbQnJVAoyQt0LzVgrrf2ewUjzie9gfoOIVinHoXmtRhc4sXr1HR7KyA78fSqfXcIeTHTOYLzkVn9xWDVt1K5KjMR87nUyj3yOTRbVhTM3/AoOYHCdpgTxMac6SdnBXeGDqd4KVRM8Lm8kZPUUYapBxETywJNV3xpZZFWrQKQhQdDxLePCco/djZZ2+bTFK032wwt4TpbC5UcHk3aDSXyhPSYP8zpoFhbm18lpkMnWRuqa43kaifZe3b/caSHaGwMirJJl0WmhFCcU4gV+aGKw41lCyEdUfSi/EKbiPU0x/z2v02gOxz4fKpNz4vWYMLCR3ft6LBWBMdyJ+CvRW9LdTb8LYh3LbkGL56dxkPv2ojg3y5MbNu34zeQboI7RKlPrFjJfikkBXdsa2rrLfgJs0JRDcHQdUGmBydj8XV3fnL5tGEhPYztuH/N/1YaZAOTW5XNqW80pVrXjGhRUzi7ixX6W4CGclrT1JeB7i2HoaKN1wZDdpUH3cvICUl0B1SioGZYefXPuLu8VMQacRDRsoghk8Suf6PaT7I7CULrAIsNEFUWiDwNrnP7BlEc0vOkkaZjfHikMEMlCadrq+0DJ8OeDPYz2nQn8UeLCuEWd0bm3g3BbnnC3+XrjkWpW3XPPZ0GrNz4v3DfZA9rcl2Wv/TSfp4Ub93KjHqdoR/6t1ZfzZ/nCuMUyQEFKrtN2H4/PNnT8K9Ma6ACkce96Oly1Tbv3s3JLLyf9adqTAzMyXcVamAG5oqnaSikjozS8LIVpRlgp4nYU4PWSWCpYQRWnuESoWvrCLWLcCJ8tnLqaPeFEBZ1+uxbT8HlS1d/NNAA1gvbOlAm3gR4Qwq1noTI8Sp5g3DrvxMJMPumQB8aFxKuxHo53Rcj+xJ7bo8MW9npErBgK2xn2C4xWcdvIykgKyngfYMyrgPpjeC9+OVARmC+qkavYBUx1f5iotYfyqiU7Q/p+GCbQ3euxJ6u25iFiSfbKstYmZ6AwB22D2rFakHLcMIEE5o2tz70+YVThb95DwxMnLkBVuwM0iQEAsC9kPEV6/X7/ogo04UKnsXmH5O1iQoLSPKZOoV4KNP87RX+nb5Nrg8GXEGOLFCvTtDUGKSdzdNiAI4cVGQq2w1p X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: ab3c9c33-01b2-4bb4-31bd-08d963ee1a38 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Aug 2021 15:20:54.4791 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: u75MQwAS85bMf/VZO4PfvzUKp4cnO9boxRhkLH+eu6/KLLlLcNUueoSe50DNvQIZFdyC4FDAV511apjSDd20cQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR12MB2719 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org The SEV-ES guest calls the sev_es_negotiate_protocol() to negotiate the GHCB protocol version before establishing the GHCB. Cache the negotiated GHCB version so that it can be used later. Signed-off-by: Brijesh Singh --- arch/x86/include/asm/sev.h | 2 +- arch/x86/kernel/sev-shared.c | 17 ++++++++++++++--- 2 files changed, 15 insertions(+), 4 deletions(-) diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index fa5cd05d3b5b..7ec91b1359df 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -12,7 +12,7 @@ #include #include -#define GHCB_PROTO_OUR 0x0001UL +#define GHCB_PROTOCOL_MIN 1ULL #define GHCB_PROTOCOL_MAX 1ULL #define GHCB_DEFAULT_USAGE 0ULL diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c index dab73fec74ec..58a6efb1f327 100644 --- a/arch/x86/kernel/sev-shared.c +++ b/arch/x86/kernel/sev-shared.c @@ -14,6 +14,15 @@ #define has_cpuflag(f) boot_cpu_has(f) #endif +/* + * Since feature negotiation related variables are set early in the boot + * process they must reside in the .data section so as not to be zeroed + * out when the .bss section is later cleared. + * + * GHCB protocol version negotiated with the hypervisor. + */ +static u16 __ro_after_init ghcb_version; + static bool __init sev_es_check_cpu_features(void) { if (!has_cpuflag(X86_FEATURE_RDRAND)) { @@ -51,10 +60,12 @@ static bool sev_es_negotiate_protocol(void) if (GHCB_MSR_INFO(val) != GHCB_MSR_SEV_INFO_RESP) return false; - if (GHCB_MSR_PROTO_MAX(val) < GHCB_PROTO_OUR || - GHCB_MSR_PROTO_MIN(val) > GHCB_PROTO_OUR) + if (GHCB_MSR_PROTO_MAX(val) < GHCB_PROTOCOL_MIN || + GHCB_MSR_PROTO_MIN(val) > GHCB_PROTOCOL_MAX) return false; + ghcb_version = min_t(size_t, GHCB_MSR_PROTO_MAX(val), GHCB_PROTOCOL_MAX); + return true; } @@ -99,7 +110,7 @@ static enum es_result sev_es_ghcb_hv_call(struct ghcb *ghcb, enum es_result ret; /* Fill in protocol and format specifiers */ - ghcb->protocol_version = GHCB_PROTOCOL_MAX; + ghcb->protocol_version = ghcb_version; ghcb->ghcb_usage = GHCB_DEFAULT_USAGE; ghcb_set_sw_exit_code(ghcb, exit_code); From patchwork Fri Aug 20 15:19:02 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 500678 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 76D8BC19F34 for ; Fri, 20 Aug 2021 15:21:35 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 5EFE46124B for ; Fri, 20 Aug 2021 15:21:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241289AbhHTPWM (ORCPT ); Fri, 20 Aug 2021 11:22:12 -0400 Received: from mail-co1nam11on2059.outbound.protection.outlook.com ([40.107.220.59]:31347 "EHLO NAM11-CO1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S241219AbhHTPV7 (ORCPT ); Fri, 20 Aug 2021 11:21:59 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=S6Q9s63aiW8MteXZwLS8/12dbt6A1zsXDaSCgLRSXeH54cF6BVYs0q61t6VeZ+Xoy8ZWvmfGY40nUw+oNDpAo6nma3jmcMn4Yus3IeSmM+R7EWBPLHYoKhZdjQB+AvvWqknFNxOin9vDGvfFAFUyE+/suMgWWwgNNVwvQ4FQ5tVS4poS+cU+bbs/7nNSaAvTGaBcvACJ4UFdNHvG8pS32eFaYRwQJOfxcoZN6qio/yK8HJFssi7Q3z5iRFL3/Pjss0CwhEUwR+iznD1OnfP1OupYslyhfzTZkN8k7vDeDkfRCStZnyJfe/gwyMI2+23J9trUsRfa1bTfgx1IS1QEJA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=icLgkybGDDeIqqJqg1fHJ3O1g4lcp0lEYcv8o7LwoxM=; b=KOhsHrD8bxRPfxSR/LtgSdw7anFAdmpflxz7o3lubnAnYlP/402+qvr6lugbnvqRebdj/uQWvK3hpfXYcIBzzWDVDloMNw+4biH6JJ5Pp551WQ+Ugy0eKLxLIUoUGl8oOQbHXk1gBH5thW8lizejLMd907enif4WL7jIwE1Yh/valzMmXhEUW9S6CtduVD4tqlOBbZ3A13A8DF4J+NKJ0Hr6b0G+woGABtJ0ppYv9VO1NdT+xdnQqZDcDzrpX1VNkSilNkNIYmEV4s++lZbOrMHYu9cBYrjpnEuZQFnboQOYnRF97uGOM+X5kLZqHwsERvcv+uqeJb2lBNbXSIQKtg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=icLgkybGDDeIqqJqg1fHJ3O1g4lcp0lEYcv8o7LwoxM=; b=fwTVZH4iq2yfZbxLvfKkvfT9DseY4ZrdZVtBP7KHYIeljbOJcVOpYU4JJjcoUwIzRprfODSxW5u2m0uakatP4ZgWH4DDQWBj+jCwY4PLUR+ct/SYf+KupAoVDQHJ4uymtv+wHA/EVNaS8U6LnKy6J7uHyNAM+a/BjjJZ86JTivY= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SN6PR12MB2719.namprd12.prod.outlook.com (2603:10b6:805:6c::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19; Fri, 20 Aug 2021 15:20:55 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3%6]) with mapi id 15.20.4436.019; Fri, 20 Aug 2021 15:20:55 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , "Kirill A . Shutemov" , Andi Kleen , tony.luck@intel.com, marcorr@google.com, sathyanarayanan.kuppuswamy@linux.intel.com, Brijesh Singh Subject: [PATCH Part1 v5 07/38] x86/sev: Add support for hypervisor feature VMGEXIT Date: Fri, 20 Aug 2021 10:19:02 -0500 Message-Id: <20210820151933.22401-8-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210820151933.22401-1-brijesh.singh@amd.com> References: <20210820151933.22401-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19 via Frontend Transport; Fri, 20 Aug 2021 15:20:54 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 3de647e0-e6d3-4dc3-7265-08d963ee1af5 X-MS-TrafficTypeDiagnostic: SN6PR12MB2719: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:3276; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: jziCwW9smmKYM+93HlN8ab1eTmVkTK5k3KcWmTzAe2Y3PP8Ley/1OKwEcexnSTYDXS3XNWiQVQiBqvdT7p+NxwKJWotUmcj/8Y4I9KPbVCqj1AlkYX47FA0GIcUV1up3Mkoq1Usa/XSyW003Qd7ccM+Q0VjqsonlsF6DKmzNKPXgkhZaSsF6gxfNzsuWSITkzzxd+XwRCdX91JBJZvO1vYhJnOHGzvduyKqb6FlzElQjNl2LXlzMv4cNudKWrhAk64ygUCHWcfBugDs6VL4fzAqDKoJH78SZQbMnsm530Y9V5DpkTg3Sqy0O6L4p7Ete0rxEAQo/IMEGKRogwGHcN8mhIdkWLd4bZ6Cx3siqBX/kQFEkFrzMaqaovgKBwIZk3cprdzKFvriSES/p3fHINqZoaBdXcvojJwWiwEK7aad6I9x+5awQ+FDToM1uj0amiAO7/m/dMNEtrtPmyxuZKIJxETl+HxjqksETztkJnOntVDFhLxNAZrv6iHPGc/jzJWlV/kakRIXmzGuSsUieiSqdHJtZqj3PPjxrqY0Q8GaCbqiFlnvsOKg00QsSZefFkP/7GcMbbgYXBMRY9FSOSyeG2JBlHPpgiNdt0pbZ9PuqVm0CUoADKWGmr6H+kCVRAa8aLpxl8VAyKYWXqcKWLpoduVYiBijIbabdcubmH/TVXR5S6Sf7lrexUQwgX3AjSrngfNGRwK0aha5WBJyePQ== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR12MB2718.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(366004)(396003)(39860400002)(346002)(136003)(956004)(38100700002)(38350700002)(8936002)(52116002)(6486002)(478600001)(8676002)(44832011)(2616005)(66476007)(7416002)(66556008)(7406005)(2906002)(83380400001)(66946007)(5660300002)(54906003)(316002)(86362001)(6666004)(26005)(4326008)(186003)(7696005)(36756003)(1076003); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: KVPUoI2E0RSHmKlKB8CeDNBPnN9n5Y6KyR7KQ4qx1GqJHhHquTx5A57cCF3hnRFk+0It6aTYXYuG2AGIbY+xwl/zW8Bi57G6VijmSz83LBBihqxCXzMrlMYLG+9ymSLlsKASye7sxyzxxk/dBHfn1BiqR8/kjZn1fsjm5cbng71Id7LvdU8GwJ7b69m9HOe8RqJdTsDwtkXef88tGHDASafmwdH0e1+B36v3hFRZ4ZqjVXhMzPUze2wzChXewz4gO3v8T8VLfxe0jBYpeC/JA0rvdQHhuU8urcfBPcDRoBnaWnWMI2l3nqM0DWcxSKLwMOvSWBEXWn8yCNnErUtW/aYRz6MZIC1SjyY79FBnZKnhjVujF3y9Gpe14JsVJepZBBuDIhVp5KW2/Z5Qxv/LbhKEF5R8xMfnljG09vrcMoNjRkx5SH6WyinRNGsu3sdnmkL0z5PLZTacUPVy1J7Gq5vglo8eO7/TTalUBWHmCn9+ShyTWgu4vMIXmH68gcakXIC2qD9lEYgs54VNxYACQjWuSvcWOyHKEHPiHEpecDnw5spNlCxOqAgzS8e6DfMeLT4Edq7R3mYkBmruzVyoBapBpdmN9iXrbR5zAYTGIYtpBBIDVBC3rM5QXNHXuBVqzX8BZK7XOvHFaNlqwYVlstVcgdQNSiIox/F15eMyR2iMROZqyBJ4ThM5UrqPPZK2V15ORYW2Bs+4QTqaQIz42uw422Is5V4iA8uRZcgoZHc4PH1RGLHIDdh1qjRma6TCupvTi4cVyMAApOt0CkDAIcj0adjBczqExBXySlMxGjUmopx+d399bAtMJdUzg1wkpDJPV3R/zEHpBCxgPoMgx3+j6We+q/o35NOJDVDfa3sSSY0JLR8N0a0WusnUv/jZA7HaK08ObxrDy2VaCUEnMXQ4V8WUlTc6Ng1NzqQuh8sx2OY/XAYo0RQCgDnB4npqkXWZxinDyxXYdQXFkV8hauTfnft8D0X8cpCoSe+TN24xjKiorBb2Ti9EE14ehPwaf5qeUPtnGx9IxX7Wdey466VAfmZtVqgAaD6RvWrjpbnaP/rAWuEtE22jf2ynGuD9/D5sabi2bs6guquiHEIV0T+CRaCdPkUMPK7NGPkBBZ9ktyb3GhLLRPpPT1KRYNaduVBNh1T4GrMAdLgYflbWh8a7CrQQgh48eGm1iaMT416IgH6PdmlJZ/XjO9iTW76C8p+c7AKU2MdRlqvf4haMZ9achbhK1EQV7VXhjSrMXFW2i/KJW9T1sPg+yoQJoCRBC7YdwrF6hthx1ZKkAFRCOeY9heYctazFR7utMoHRxbN7qIB+vZcGsGJP59DLVkhV X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 3de647e0-e6d3-4dc3-7265-08d963ee1af5 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Aug 2021 15:20:55.7693 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: a4PUV4W4SNERFr9Kc7iORS1bKUGeise/oflB45u639zpQm2MEs9DotHE1xn7J4P4TpKSD1GY/QhI7AE1UJhrPQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR12MB2719 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org Version 2 of GHCB specification introduced advertisement of a features that are supported by the hypervisor. Add support to query the HV features on boot. Version 2 of GHCB specification adds several new NAEs, most of them are optional except the hypervisor feature. Now that hypervisor feature NAE is implemented, so bump the GHCB maximum support protocol version. Signed-off-by: Brijesh Singh --- arch/x86/include/asm/mem_encrypt.h | 2 ++ arch/x86/include/asm/sev-common.h | 3 +++ arch/x86/include/asm/sev.h | 2 +- arch/x86/include/uapi/asm/svm.h | 2 ++ arch/x86/kernel/sev-shared.c | 23 +++++++++++++++++++++++ 5 files changed, 31 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/mem_encrypt.h b/arch/x86/include/asm/mem_encrypt.h index df14291d65de..fb857f2e72cb 100644 --- a/arch/x86/include/asm/mem_encrypt.h +++ b/arch/x86/include/asm/mem_encrypt.h @@ -26,6 +26,7 @@ enum sev_feature_type { extern u64 sme_me_mask; extern u64 sev_status; +extern u64 sev_hv_features; void sme_encrypt_execute(unsigned long encrypted_kernel_vaddr, unsigned long decrypted_kernel_vaddr, @@ -66,6 +67,7 @@ bool sev_feature_enabled(unsigned int feature_type); #else /* !CONFIG_AMD_MEM_ENCRYPT */ #define sme_me_mask 0ULL +#define sev_hv_features 0ULL static inline void __init sme_early_encrypt(resource_size_t paddr, unsigned long size) { } diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index 3278ee578937..891569c07ed7 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -60,6 +60,9 @@ /* GHCB Hypervisor Feature Request/Response */ #define GHCB_MSR_HV_FT_REQ 0x080 #define GHCB_MSR_HV_FT_RESP 0x081 +#define GHCB_MSR_HV_FT_RESP_VAL(v) \ + /* GHCBData[63:12] */ \ + (((u64)(v) & GENMASK_ULL(63, 12)) >> 12) #define GHCB_MSR_TERM_REQ 0x100 #define GHCB_MSR_TERM_REASON_SET_POS 12 diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 7ec91b1359df..134a7c9d91b6 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -13,7 +13,7 @@ #include #define GHCB_PROTOCOL_MIN 1ULL -#define GHCB_PROTOCOL_MAX 1ULL +#define GHCB_PROTOCOL_MAX 2ULL #define GHCB_DEFAULT_USAGE 0ULL #define VMGEXIT() { asm volatile("rep; vmmcall\n\r"); } diff --git a/arch/x86/include/uapi/asm/svm.h b/arch/x86/include/uapi/asm/svm.h index efa969325ede..b0ad00f4c1e1 100644 --- a/arch/x86/include/uapi/asm/svm.h +++ b/arch/x86/include/uapi/asm/svm.h @@ -108,6 +108,7 @@ #define SVM_VMGEXIT_AP_JUMP_TABLE 0x80000005 #define SVM_VMGEXIT_SET_AP_JUMP_TABLE 0 #define SVM_VMGEXIT_GET_AP_JUMP_TABLE 1 +#define SVM_VMGEXIT_HV_FEATURES 0x8000fffd #define SVM_VMGEXIT_UNSUPPORTED_EVENT 0x8000ffff /* Exit code reserved for hypervisor/software use */ @@ -218,6 +219,7 @@ { SVM_VMGEXIT_NMI_COMPLETE, "vmgexit_nmi_complete" }, \ { SVM_VMGEXIT_AP_HLT_LOOP, "vmgexit_ap_hlt_loop" }, \ { SVM_VMGEXIT_AP_JUMP_TABLE, "vmgexit_ap_jump_table" }, \ + { SVM_VMGEXIT_HV_FEATURES, "vmgexit_hypervisor_feature" }, \ { SVM_EXIT_ERR, "invalid_guest_state" } diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c index 58a6efb1f327..8bd67087d79e 100644 --- a/arch/x86/kernel/sev-shared.c +++ b/arch/x86/kernel/sev-shared.c @@ -23,6 +23,9 @@ */ static u16 __ro_after_init ghcb_version; +/* Bitmap of SEV features supported by the hypervisor */ +u64 __ro_after_init sev_hv_features = 0; + static bool __init sev_es_check_cpu_features(void) { if (!has_cpuflag(X86_FEATURE_RDRAND)) { @@ -48,6 +51,22 @@ static void __noreturn sev_es_terminate(unsigned int set, unsigned int reason) asm volatile("hlt\n" : : : "memory"); } +static bool get_hv_features(void) +{ + u64 val; + + sev_es_wr_ghcb_msr(GHCB_MSR_HV_FT_REQ); + VMGEXIT(); + + val = sev_es_rd_ghcb_msr(); + if (GHCB_RESP_CODE(val) != GHCB_MSR_HV_FT_RESP) + return false; + + sev_hv_features = GHCB_MSR_HV_FT_RESP_VAL(val); + + return true; +} + static bool sev_es_negotiate_protocol(void) { u64 val; @@ -66,6 +85,10 @@ static bool sev_es_negotiate_protocol(void) ghcb_version = min_t(size_t, GHCB_MSR_PROTO_MAX(val), GHCB_PROTOCOL_MAX); + /* The hypervisor features are available from version 2 onward. */ + if (ghcb_version >= 2 && !get_hv_features()) + return false; + return true; } From patchwork Fri Aug 20 15:19:07 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 500680 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7CC27C4320A for ; Fri, 20 Aug 2021 15:21:21 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 661636120F for ; Fri, 20 Aug 2021 15:21:21 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241217AbhHTPV6 (ORCPT ); Fri, 20 Aug 2021 11:21:58 -0400 Received: from mail-bn8nam08on2087.outbound.protection.outlook.com ([40.107.100.87]:15585 "EHLO NAM04-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S241147AbhHTPVn (ORCPT ); Fri, 20 Aug 2021 11:21:43 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=aqG4Uw+c5KrO6pOe2YukON9GgnAwYjZx9l/IIXRQcV19CU+GoXLMVHsM42yahxWXKJ8QosTfjWireZubM6O+mVDbU9q88LIpZ8Bor7EmWT9SOtI/GNaPAqQAV1BNdswDpsk8RfLVRQeBIXVNudi499tEeJC8HL4MJC69oDfZ4H2VpCaCYZKgJlC408ZSNGnN/McMJJP12nnPMSy+E7fMBst2vzw63qn195Gn9XemSD036bTHAsDxmPM9Ng9DZTudE4LDSl2ok1UlhIOrEyLVCqJzQ+qMbUZe8zQUOmBb3cUo4SMaIpkyAl5j48Veyb0g8kfN7PeG5muzu9FoxxcekA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=YPq/Bm8D4+T6YUsvjWVRoSIexYZEsWXMUsMbx0WMS4Y=; b=SgYNms7aZLH/9FNHG4T8jduVcr/jhZBaRtczJno098T3Y9+Aw86lWAQpAhtrDKOiESXXjlMsSCSafvLqI9DIu6xRrfiPTWxJAzPTUslmOeNMaEzL/tU700313WKVTwnLxLQ15EJYacVLtlwmDwYvX9GxwRltSIzUOE3xcJANTWC3NKr9n1mklVbQy8RsFNTMhbya9ulj8hhzchYZLLyF8DhZACEna4TGzz2pUUAXL+HBmRNgCeAfBDevG9XYD4rEXG++naFhwdDH+2l/9ArgWLZeUHZhkGcdi+EE2FIU7vp7hoZqhhAOp1sEn/lJdcv+GbIQyNtjFnDY6p+V4u4LIw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=YPq/Bm8D4+T6YUsvjWVRoSIexYZEsWXMUsMbx0WMS4Y=; b=5Ljzs2R9p7tP7DieIuCEzZZBML48nrFbgiezf5I9nyUmsEFrqvr2lQDHJ87s26VdBopcRC+WGmF8vgkSU1V2e6jjvAPlwPTuZk/luaN7I60PG5yOd9+038+4lRxEKQOolCxqz0Yiim1LU2om8G4C9hq6uFYhTdIOkY4LS83d3T8= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SA0PR12MB4557.namprd12.prod.outlook.com (2603:10b6:806:9d::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19; Fri, 20 Aug 2021 15:21:03 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3%6]) with mapi id 15.20.4436.019; Fri, 20 Aug 2021 15:21:03 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , "Kirill A . Shutemov" , Andi Kleen , tony.luck@intel.com, marcorr@google.com, sathyanarayanan.kuppuswamy@linux.intel.com, Brijesh Singh Subject: [PATCH Part1 v5 12/38] x86/compressed: Register GHCB memory when SEV-SNP is active Date: Fri, 20 Aug 2021 10:19:07 -0500 Message-Id: <20210820151933.22401-13-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210820151933.22401-1-brijesh.singh@amd.com> References: <20210820151933.22401-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19 via Frontend Transport; Fri, 20 Aug 2021 15:21:01 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 66e6febe-de9b-4b90-3995-08d963ee1f47 X-MS-TrafficTypeDiagnostic: SA0PR12MB4557: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:6430; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: jNfbIiZEpTiCnr92fETCX+EwZKoVq6HHWeaK6AkaOCwPCnjwWPD6mjOYQlzyiXrPWECroLWqd0/N2WmfRpn+BRZWF2RXRXI6kxAz04Kz21c/1mH/TylxEHtWjEwkA0hhdKxIuhMeg7mRAjWoWwM38y3NAMUJBEf7ECMdGFeJH3EAUHZU77JxaJgJ4fVUpnKV+S93hEnNmQK9JNWP9d17O5puYF0iGYxeudddha5bpZuu2xaUxQeW9wJ/rdJbR0KZNGBJFhPjO8ik0I+H84p3G9TLo+rA7pHePd4JccUjZCNanbQ/BVuYIyVh7/DY3RvcL6nOwHr8P96m4pT0bPdwPbGamslmWjgSIVUd7ilGMWj4Ueuiz0POEfnpcfb6U7i8yBQkS0fMmggOxK96xsAuOZwOeUCcDbAHxXt6H8QnQ3EiAuJrLWMEOX3G1wxgWbLL3FE3kAEoMRCd+OyAUTuFh3O12IHb8dGsTpc36OIMse30+5Ad3RYzEe1vbXxAkZIoj8bkbgxLkHUD3y5SjjfYK03VvS/8HgztknfW3XYDk8Swnprint8Vb95fPriZfA8sA0czR65n8QAFkxmS2knigFcwcfxFk88nnHL5kR4a4DXCtHTJCLCD4KNCHAl+cx8sB1JGsQdtC8IIXnKk+zKNG5eRyQ7ElfcZ2hX9nkL87FdtaltClB5LBr/UvswMYBHYpkUihgjnhDltrD5C9wb9vg== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR12MB2718.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(396003)(366004)(39860400002)(136003)(376002)(66476007)(66946007)(4326008)(478600001)(44832011)(956004)(2616005)(7696005)(7406005)(38350700002)(52116002)(66556008)(7416002)(38100700002)(36756003)(186003)(316002)(8936002)(2906002)(86362001)(26005)(54906003)(1076003)(6486002)(8676002)(5660300002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: XJAjJ0l8dkrkD0RyBh1TkH0r51Kf11d9gBlZG9UpOQwVA2JZSHAeCgOA6O3YYdOfTnICoTOYvSkPdGSeTkl22gZsupOE1TCirX1lZGQ7s93KejxKYg58nobf5hL2UEXcRj2CwTDyKeUQ90/hDa84c/tUO1ujhx0iQQzuaAguJ+k+ItyCiEVJGcL3UVlDCn8QyEicTk1mpxZFHJP0J1DPnN/+4Gzt9IdUqqWV8MLYvSms5aANROlkwGkvuj8XnhvSLZXFb6ODecZSphqh1y75stUsRZdMIk7SlMlesV3GVb1QVYRQHUqTUbaYhHMswkOMBhdJeXf3g1xzZrlny6uoMHGVzmfxIennwWV/IoTiS/faXA6y2x6W0zJT4/sq24SgCwsQ6iFAXf05f2C9ATKfusvTWYQ6cmDH/g74ZN6aMwHAJHaGpvAjl1HqlvLwuWTe2UaT99BwXHL32rO6pRI/Gyckl8Ri/wQ4nUjzWAocCrzQ6au4vjOoT+dS5tvI4ESj5/7UHJCC2kMaNEC7Rx26IoRW/PYovIrsSImrHp7AlrcOvB45/5RTLTN/euKEIFYUkyJvS2mSKefrW3RaRFP0jS6b/X9n18xOhwHXnY/1XIVtJUTAWEjJBUUGjLYwPruMRt7ZubVdbXwHiCf/N+E6tdiHdAmaEmgWg1xs2Cz1mekfCYaFOZgjd0oD/18o20DEzGELGRRW6h+dl5Kq4OGlpMjPXjEfiYJwjsMakWxwxWmqGj0t8Fhs3bRhpNMyOd/zjymYPOGGGnr6PTZtEOOZ64r6F38rrp5opjMOH2pSev9RTSS4EiblEbBaRTr0Nv+Syl5WgHCFvRCbdjNiTEINF5hVeCwB5SgeNV+boNlVmQHAsHPNw+V04vAH+g6pSPAI/oeCO4y/Ek/f6DvgTzE4MWb8gfUrZSsRTvWjwmy8uez4OQ5l3GX6H27/fKtUtyr5cIykkRtn9e5dBD6rv4OhpnKDLbprn/QKI+fBrIwqbClL8uZ/ChxV5gIRXmfUGBXlkG2oopMWdFjQ0nW4udMwoCaBizYd10ecZCzxscELXYdnjSUYCIRCPb/dM+0/QbrygAB4ILThNvJyWeT+Rln5kN09hw2hEx07GjcuY7c7w7zHo8tA6jUbmooK2VmIZ3FCJPWh1pRfigx5Nd1JgXW1B9VO8HF3QbLKmUMNZGeqpXjIFBwKujlFlkJ3uC0aqFISfIvdeRkp0U5Fv81uLph8SHilWN8G7fxzEb/8w9W+jV0jRq8sTeAPmJeaV+vbvtLQHs1CrBXwbd4V9wO4Knooyol+GviqMfcsNflWDO0AMRFpXlkcaXiqGCWlssVydMcB X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 66e6febe-de9b-4b90-3995-08d963ee1f47 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Aug 2021 15:21:02.9352 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: TRADk/6Iyd5HA2CiU9jlrcz/hdltqA6MhBal5KRJwnSNqYArzvXfsyEmr0Fm1dKk4jwnB+las5M+sg9Bp6P+Hg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB4557 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org The SEV-SNP guest is required to perform GHCB GPA registration. This is because the hypervisor may prefer that a guest use a consistent and/or specific GPA for the GHCB associated with a vCPU. For more information, see the GHCB specification. If hypervisor can not work with the guest provided GPA then terminate the guest boot. Signed-off-by: Brijesh Singh --- arch/x86/boot/compressed/sev.c | 4 ++++ arch/x86/include/asm/sev-common.h | 13 +++++++++++++ arch/x86/kernel/sev-shared.c | 16 ++++++++++++++++ 3 files changed, 33 insertions(+) diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c index 5c4ba211bcef..6e8d97c280aa 100644 --- a/arch/x86/boot/compressed/sev.c +++ b/arch/x86/boot/compressed/sev.c @@ -233,6 +233,10 @@ static bool do_early_sev_setup(void) /* Initialize lookup tables for the instruction decoder */ inat_init_tables(); + /* SEV-SNP guest requires the GHCB GPA must be registered */ + if (sev_snp_enabled()) + snp_register_ghcb_early(__pa(&boot_ghcb_page)); + return true; } diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index 1cd8ce838af8..37aa77565726 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -57,6 +57,19 @@ #define GHCB_MSR_AP_RESET_HOLD_REQ 0x006 #define GHCB_MSR_AP_RESET_HOLD_RESP 0x007 +/* GHCB GPA Register */ +#define GHCB_MSR_REG_GPA_REQ 0x012 +#define GHCB_MSR_REG_GPA_REQ_VAL(v) \ + /* GHCBData[63:12] */ \ + (((u64)((v) & GENMASK_ULL(51, 0)) << 12) | \ + /* GHCBData[11:0] */ \ + GHCB_MSR_REG_GPA_REQ) + +#define GHCB_MSR_REG_GPA_RESP 0x013 +#define GHCB_MSR_REG_GPA_RESP_VAL(v) \ + /* GHCBData[63:12] */ \ + (((u64)(v) & GENMASK_ULL(63, 12)) >> 12) + /* SNP Page State Change */ enum psc_op { SNP_PAGE_STATE_PRIVATE = 1, diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c index 8bd67087d79e..1adc74ab97c0 100644 --- a/arch/x86/kernel/sev-shared.c +++ b/arch/x86/kernel/sev-shared.c @@ -67,6 +67,22 @@ static bool get_hv_features(void) return true; } +static void snp_register_ghcb_early(unsigned long paddr) +{ + unsigned long pfn = paddr >> PAGE_SHIFT; + u64 val; + + sev_es_wr_ghcb_msr(GHCB_MSR_REG_GPA_REQ_VAL(pfn)); + VMGEXIT(); + + val = sev_es_rd_ghcb_msr(); + + /* If the response GPA is not ours then abort the guest */ + if ((GHCB_RESP_CODE(val) != GHCB_MSR_REG_GPA_RESP) || + (GHCB_MSR_REG_GPA_RESP_VAL(val) != pfn)) + sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_REGISTER); +} + static bool sev_es_negotiate_protocol(void) { u64 val; From patchwork Fri Aug 20 15:19:08 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 500679 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8B5F6C4320A for ; Fri, 20 Aug 2021 15:21:30 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 6D95461220 for ; Fri, 20 Aug 2021 15:21:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241117AbhHTPWH (ORCPT ); Fri, 20 Aug 2021 11:22:07 -0400 Received: from mail-co1nam11on2068.outbound.protection.outlook.com ([40.107.220.68]:40033 "EHLO NAM11-CO1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S241121AbhHTPV5 (ORCPT ); Fri, 20 Aug 2021 11:21:57 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=iywTcCqj8/5Sh1v94g4BXO74+6OR51rFjlCXMp6wvnP7DxK2ZAG2DziJJdFcuZzjrRSnJu6SQSDMJxkGSpocIMsh7lqtSBzaXHZKs9zEQOcw/Wz2g7P/A3xSI7m1XyQcSEsBCPW2dOCJ6X8u7RB4Te2r3tf7mSZisG9SA8nZChSvER2jLqy3y40kRW6ztyhmcaV2ixellUupxEiTE7+EhQOGVNvHwPMzI/yGLcQtKmeYmJx6c1YnwUjUgfLwASvEbTP83oajlF7MQPZCO3PL3dFE8UF78A9NXOWufPBAcB9FUjYmzMvOCh777aP4QyUc8jpfsgPCbw270lbQ6SgV4A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pKyQ+gWQfBbI3I9S3HR4XseBcat27P14nxDmfzCS4nI=; b=XFIHaqhy72eiXe9BiDWoxZeAD5qAk70KeZBgQJWxO9sRPPHnFaYw5CICRhpNIfMXd5CoLCXJ126uTPP+nChVllBbdotD2SyZo60IbPhJQn6Hr2Z+5Q3+h3KxFdeMrlS1L0IIE10ZjYdfCxNW/Yet30oUao8Jm3+R8dex289BGxoPfNX9VG7ms+F6BYtFIgd4ZeyGQ+dtmzPkXE39w/K700fVwb9yeurRtbqaqOprZoHWPlFrYdRUIxiqUk8+x5ErkPKDdYSxHiE6DGp6SkxF6lXZL4CKfJju+nHGdlGJ0F6R+3ppcxDC2j0bToQ3eabiPRzZJoYFwsFSQal7/OL0vg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pKyQ+gWQfBbI3I9S3HR4XseBcat27P14nxDmfzCS4nI=; b=vrXGEYZfl3zP7fv12pjMcoNsJauXH48QZC53tS4g/esBFPMA9SrOHtQW/KNrWeNo1zwLBLFIMA0FKBAowsRq+qi8lEhMWsb01QYG13lHsxp3BjQ9uLx+qd0WPcFUAbwGO1q+CKRwBlTeImUqwv8XkVBUzcUa1PhuQHfAHkXAAEQ= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SN1PR12MB2446.namprd12.prod.outlook.com (2603:10b6:802:26::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4415.22; Fri, 20 Aug 2021 15:21:04 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3%6]) with mapi id 15.20.4436.019; Fri, 20 Aug 2021 15:21:04 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , "Kirill A . Shutemov" , Andi Kleen , tony.luck@intel.com, marcorr@google.com, sathyanarayanan.kuppuswamy@linux.intel.com, Brijesh Singh Subject: [PATCH Part1 v5 13/38] x86/sev: Register GHCB memory when SEV-SNP is active Date: Fri, 20 Aug 2021 10:19:08 -0500 Message-Id: <20210820151933.22401-14-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210820151933.22401-1-brijesh.singh@amd.com> References: <20210820151933.22401-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19 via Frontend Transport; Fri, 20 Aug 2021 15:21:03 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 936d1282-b43f-40a3-87b1-08d963ee1ffe X-MS-TrafficTypeDiagnostic: SN1PR12MB2446: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:7219; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 30qxTmp0aGm7cNAQO0fY1xu4ByQy+Oydx+MUCUPrAQypsKqdmVJNmkSBhSJJPmLGQl6fH3AWLlfqQkfEj88wMpNQSErY0DLFG2+RBT/X107PBcGpyqIvVtYX01nDeHLsN/bXXif2UuESnJsu58vE0vlDsJJUuBaqS1dljuc60FgaxoKJn8hd46lQCF+a8LL7p7zgNnE3vS67mQtUMijII43jWabHx5mw9iA+ZsrduW8kjFThbzHiq2yNlyKHYUWNh9b9quwMjbBB4VaPsiQHjEccG9o/meg5hf58ars5gmEkVRiOyUEJtBzR6X4MvmDeCf+k5an2kEGfjfr+Bpi3eV3GxyWgLhW1ko1IZs4sohQv87+58U38tsvWhTmjTYCe+mJmp5l0OC0dPgLXtz7mQRnJ+HH59hs5ZmhrzfeKZhE5PmyZNIKdOtzpofiKXn38jr1hNkUYke44Ir+kfrpsBZ30X5NI+uiBwoFZIf3HlR2EgYT/ExG6qLhex7+UP2+MgH2XobcYOA6AJeoS5Le+nJpDP6jCEyEuZ8vwLBoEFn5wK3tUCCSlyQeB1MpkWEOgj+5eSP07qhOew8RVJoWUu1FAS9OQUC8CdO6M/pJAMF6Kchoz2/x6vasL3c1yhYmE0wfSXg7TVbchHjGDZF5SM31hlISwewUCXPWA0w2ZZECv1vr4n5YPgMGyrZXvvG7TsumQ7BUcRJ/EvlX58GG5DQ== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR12MB2718.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(136003)(396003)(376002)(39860400002)(346002)(66556008)(478600001)(54906003)(4326008)(1076003)(6486002)(7416002)(38350700002)(52116002)(2616005)(7696005)(38100700002)(8676002)(26005)(8936002)(2906002)(316002)(66946007)(86362001)(66476007)(44832011)(36756003)(956004)(5660300002)(7406005)(186003); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: SQnMU7tp+LdRRr0ummxsFi/gZGY5CDhG31plA5NyorHMjAVzw5CdGHc8wEH0v84rpElvxATEAlYKZ4L/dvjGjuMPJdLln47HZ90Acqyn+tBGSmcghAx2PZELlioST/kosCQdeDzx9eprDICd5aAL3/P73yM0GDJAmUkYNPQJS1NoML/drm9d4KfPSlAVPP+e8iqs++ZKWErxRihOOVKKzAJ31CZC0AiMhNZxBPM/BrHFkuu2GAyR+SyQXFsnPVbafbw53UuApzH7cIvivtnhZxK3uLuNRNEMukW0FeSM3bZ9YyD0DKuC1DW3D77rMkhyjTQo8B601D9LDflxfrBiDZ36NAEq26ozcqSDmYe6gUEf4VTw/vj6TBnKrgWciHfBstqLAcsR5NKTc1yeQUeHEdH7PiAkaOs0SOxdSWwKwdRscZuXxO+X9vNXXWzvgvaMe0xUjXG3DnKpqPyAuq8qadGtajxG3WSyy1GMd8kwL3RGT8HMv955ITnMIot9VbAPT4btzDyPh7FMyoZKu85XbtIfmANjFV3eD9xCY0ZmLbpaglWhOjwSzEOmdPD7+SmzlseyMln8mclUn+wfoIE6QAJqUYFvQXjv+FDieV6+AZSmKPtYLcSrFf7EskKqEDS7W3PuqK3VDb9xZzDg4DWR5iFwWHLnLPfosTRITRWUkVO1164XTESuqbnTeA4A196yfkJMsywnSpFx3wM0lla3ixJGf4OmlaPlEnS/1Hm0aYJDjHk6zB1NzeSTfHQbdS3TYsZ3x17YMFNaPYyYGiRW0vDQH6TxrePVeGCHGEOsSFHih8H3h0YCCuPt6GPq7YZ3XV9Hiu+iqk0LRFbkShU+WCkffg934A156h+Z3nqL9GqZr+0WkTAwhUebbsQr+ltNENtGstB/zvuYH1bE0Q/qxuxBWJDrp9h74nunPSJrCfD0n0uO6quBu8Oqf+VpzDwhJpEQPpPekLHJycpjrZFWzerlO2hy0tO5NS1XA0sdNrXi1HOFc6eQNoEVT2fkQfQCFuYvwxtUifhAEr38O2zaVJZehm1gZi3vQ6e0YLuXS3FzYPbphLrfv8NGtXkF7BtHyhj4Pf23YTpYKYYytNkpDXeNiVtIIq3iB4+jH/pKj9sLT8+nCLX+kSs20kUK3sal38orJayEIPKJ8eK/LEYvw9fXo/JlAFqqvoHVY/snmSYUqDj/WI4FAJiLibtqVQarVHaR/oUEeolJcc/ouyYvz9YODkDDhBq8/qY/MqTSB8pBcCD9G32Lj8LAmeWJKH/Qfw7VX1OjL5eh2MLD6I0/rvnBgLbrKAXWdv4WzGMz8gSzi8p1p0kcFkooPPnRck4Q X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 936d1282-b43f-40a3-87b1-08d963ee1ffe X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Aug 2021 15:21:04.1445 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: fLAJACpIXEDWgxYhduRFrIWMASu+CBzZ/AJlFYcuC4RXt+5XYkIJ8ZqTIeXFskvA+3R0n+61xGCXl8ennViplg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB2446 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org The SEV-SNP guest is required to perform GHCB GPA registration. This is because the hypervisor may prefer that a guest use a consistent and/or specific GPA for the GHCB associated with a vCPU. For more information, see the GHCB specification section GHCB GPA Registration. During the boot, init_ghcb() allocates a per-cpu GHCB page. On very first VC exception, the exception handler switch to using the per-cpu GHCB page allocated during the init_ghcb(). The GHCB page must be registered in the current vcpu context. Signed-off-by: Brijesh Singh --- arch/x86/kernel/sev-internal.h | 12 ++++++++++++ arch/x86/kernel/sev.c | 28 ++++++++++++++++++++++++++++ 2 files changed, 40 insertions(+) create mode 100644 arch/x86/kernel/sev-internal.h diff --git a/arch/x86/kernel/sev-internal.h b/arch/x86/kernel/sev-internal.h new file mode 100644 index 000000000000..0fb7324803b4 --- /dev/null +++ b/arch/x86/kernel/sev-internal.h @@ -0,0 +1,12 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * Forward declarations for sev-shared.c + * + * Author: Brijesh Singh + */ + +#ifndef __X86_SEV_INTERNAL_H__ + +static void snp_register_ghcb_early(unsigned long paddr); + +#endif /* __X86_SEV_INTERNAL_H__ */ diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index 06e6914cdc26..9ab541b893c2 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -31,6 +31,8 @@ #include #include +#include "sev-internal.h" + #define DR7_RESET_VALUE 0x400 /* For early boot hypervisor communication in SEV-ES enabled guests */ @@ -87,6 +89,13 @@ struct sev_es_runtime_data { * is currently unsupported in SEV-ES guests. */ unsigned long dr7; + + /* + * SEV-SNP requires that the GHCB must be registered before using it. + * The flag below will indicate whether the GHCB is registered, if its + * not registered then sev_es_get_ghcb() will perform the registration. + */ + bool snp_ghcb_registered; }; struct ghcb_state { @@ -191,6 +200,16 @@ void noinstr __sev_es_ist_exit(void) this_cpu_write(cpu_tss_rw.x86_tss.ist[IST_INDEX_VC], *(unsigned long *)ist); } +static void snp_register_ghcb(struct sev_es_runtime_data *data, unsigned long paddr) +{ + if (data->snp_ghcb_registered) + return; + + snp_register_ghcb_early(paddr); + + data->snp_ghcb_registered = true; +} + /* * Nothing shall interrupt this code path while holding the per-CPU * GHCB. The backup GHCB is only for NMIs interrupting this path. @@ -237,6 +256,10 @@ static noinstr struct ghcb *__sev_get_ghcb(struct ghcb_state *state) data->ghcb_active = true; } + /* SEV-SNP guest requires that GHCB must be registered. */ + if (sev_feature_enabled(SEV_SNP)) + snp_register_ghcb(data, __pa(ghcb)); + return ghcb; } @@ -681,6 +704,10 @@ static bool __init setup_ghcb(void) /* Alright - Make the boot-ghcb public */ boot_ghcb = &boot_ghcb_page; + /* SEV-SNP guest requires that GHCB GPA must be registered. */ + if (sev_feature_enabled(SEV_SNP)) + snp_register_ghcb_early(__pa(&boot_ghcb_page)); + return true; } @@ -770,6 +797,7 @@ static void __init init_ghcb(int cpu) data->ghcb_active = false; data->backup_ghcb_active = false; + data->snp_ghcb_registered = false; } void __init sev_es_init_vc_handling(void) From patchwork Fri Aug 20 15:19:09 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 500677 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 51DE0C432BE for ; Fri, 20 Aug 2021 15:21:46 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 3CA616126A for ; Fri, 20 Aug 2021 15:21:46 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241188AbhHTPWV (ORCPT ); Fri, 20 Aug 2021 11:22:21 -0400 Received: from mail-co1nam11on2074.outbound.protection.outlook.com ([40.107.220.74]:58049 "EHLO NAM11-CO1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S241250AbhHTPWF (ORCPT ); Fri, 20 Aug 2021 11:22:05 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=aRMkTt/BP9jMDD443cWE1QwF+xjXJdhZjMrkK1fZ8ZsjqTHyEM2Ra7gmgmJPOmdE3/P8778OcNtrY/erccwuhjKuiox7mzueww1048DJPOTMAWU40+weTnRQ25llstmZk/VhUTJmI51J1P0UePLs+OvDQDob1caS/9S7UnPEE17fhTzvCwBmzdHWyhi4JFDxkdCOpDT1goT5C7uvjj7YqFw5tZyIi3GCWvn4ro9EhScbfWw/BqeqCM7xhMUoXHYw1hfjsbvKkPBtTryCtJap8GiZyZBhMfOwXHRc+v8bxUPueNQ0+0oaWzEBVjQhBjtFOD9uCdIrjVfyIcYzpVbWmA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7XJaf9Sd3uCj6h+YVUCGKJMr+GJXoBbOu1AbKab/s0Q=; b=OQcvzJGS9/Plga5nR1y+f27GYpmxQ2DvfoaYnUPSUk0gkdJULrcL83CBobXPYPnjABeHQRPdVzFx+gt4Cb5RJkt1Gy1IWcbukQ3aw34b9DZXqDCDJbqxqHNRqeuTzdp3nalJcdeWK1qtuxUZ+Qy9GSVrWIo0gdH2SasQkDzUZluu1wTsOd1AIf5uzNQF9BePeI2Ve+ywMruIuQU3dNhC68DODJuB/W8oBy6Fd3DxYsTYXVwuHraFXo95geR49sIaDrdf92SbuIDThdTap0qjpvsNfGpxux5VPPm21/8CyIvl0cTSag7zkM4J4pGMCEbQEb9o8cwVz1mKX9kIibA4tw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7XJaf9Sd3uCj6h+YVUCGKJMr+GJXoBbOu1AbKab/s0Q=; b=h1JyM6fOvL+p8KwW8TO/NZR5bSBpp9wdDz4p8GXlTAwMiQXGpdrq+MbT9s8MQ2wAfj6Uf8rC9N8gvOPOyK5NJ/IAapeR+GstQXcmEW0DEiu1YAbIeoTfbA+Fy2N/Yk+JcbDFwuX7KscLgTy6afVIoEJNvY0fCs2ezRkQ2GPb1DM= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SN1PR12MB2446.namprd12.prod.outlook.com (2603:10b6:802:26::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4415.22; Fri, 20 Aug 2021 15:21:05 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3%6]) with mapi id 15.20.4436.019; Fri, 20 Aug 2021 15:21:05 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , "Kirill A . Shutemov" , Andi Kleen , tony.luck@intel.com, marcorr@google.com, sathyanarayanan.kuppuswamy@linux.intel.com, Brijesh Singh Subject: [PATCH Part1 v5 14/38] x86/sev: Add helper for validating pages in early enc attribute changes Date: Fri, 20 Aug 2021 10:19:09 -0500 Message-Id: <20210820151933.22401-15-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210820151933.22401-1-brijesh.singh@amd.com> References: <20210820151933.22401-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19 via Frontend Transport; Fri, 20 Aug 2021 15:21:04 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: d7f3d9b8-f5aa-47c0-7a49-08d963ee20bb X-MS-TrafficTypeDiagnostic: SN1PR12MB2446: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:3044; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: nFENNIsueq34vCUEBQpUIHx7Slcp1jua5or0EwBFdCZAHT38OzZEFzs0HiX9zUEzN5L57b8NEJfwq8C68pf5VDlmJ3n3KEIEzMViZ081J5nVBCCzYRtLk15/ZTI8cdeSLa0oRffdlAuAvwiWcLacKb6bSZmkrLtJmoEaVTIgZKetwDAWTJdKWQfj5VJwRrd+sWdhtdUMoFpVV28bC91dej2Hg4oy/qiO4lIFrK1idK0pS9cgnH0Ob+8x6ats7fU512YqrLmP7c9XPEc0pwH1rt6efkS/SkteBRsZ8aO77KliELE3DJB3tFnsUsiNq8pIg9KRGcLR57FwFsMBhbqAjgftU7NzLemKU7sBrX4ixqOftWExFyzY5W/SowHHpk459K7PL0D0vqgQfSy4609xBIsftJYyKOHOKwSBldFo+4Zx9BtzH47+0zlcWv2eIQqcdu6NpmVKMKam+rUGUwEbnmZNNQav6LuDY2KvF0M4BYfGnAFnSQ+7YepFpOpsIjsTdKNoOpYa9wAAiUKVirIwUQBXwT3l+80JpAzwdp5OWLXktjYrsdC1JLbF5G2ZtQ7j3D5IuOGTwCksF1QClqtoCwDXwCM6dezPMD0SYTWNHetz4arOaX3jkUcrV8ifjNbW2THHB9h1dl3wkUPDLNDQjHM8ptqdM73PONufq4BP8Ge5HE82FqX1UfmO36hzMfz6 X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR12MB2718.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(136003)(396003)(376002)(39860400002)(346002)(66556008)(478600001)(54906003)(4326008)(1076003)(6486002)(7416002)(38350700002)(52116002)(83380400001)(2616005)(7696005)(38100700002)(8676002)(26005)(8936002)(2906002)(316002)(66946007)(86362001)(66476007)(44832011)(36756003)(956004)(5660300002)(7406005)(186003); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: wq0uBUKXpyoVyTsWw4V6HqW0jSuzQys6SybFRL8OCgvOYrFAbhI/7/I5AKckNW6H5V6s1YlEuNWkxHUHJVwQdoH5b2MWjKQ00vPoA46TPLdU5o2QqvBRvBBrmc6VvFRZhnHHETpVL6WMSidKQqkT/BT8JVVBjZo9vHD8INyLcvHTJhlOeV/8wqY1r4pVkaSoyTe3SHdHidDUGMURpnIJPj1vsNPDYNhWuDCVefARZRoyG0amQEBLqx+0bGsFpoTbg1dwCf6IjRni4OHkX6Lruir7ktEIsPwhvxxkjO5YneMl0XAK8lfwBuK1lWCe2ylox6svPQCmNYI6jUgCsbFgyMCeLQ/SrTTy7GosSqZpbvQsLbC6pvP08w85QWdFhUx3XD/jH6CNUtURFLLs+u4xiyTiWqns9IT5mISPy9ZduEtBzhhl5UXYa1ZZRXdu4I26pVdabcwBDiOyu6EwSXg9m6bsKEdCYt5HUpJa0V2Y+Li3GHldxy46QakwpVlbeAhubFbPpFrhkphsSiF+5DioQ8KyoWNXdULVQt7/5S209CaDNaBaq7wW2Zlxji5CVokVCNduvwt6/lwgU51GpvQloqHUHaZsMJt7NYVAWuvUEcK7FgUrAYS3skBt7mRogxe61H2a6KOKJRGcxBKZuYu+zTioSxsXnXbWUj4g7iht5s4LRWEJvW7wFsYblxCT/zkKI18vNtySbNBdbXO/bBbI4l23Hz0x4mvtnj6oR7NGcdo4yjFqLW69ibzhg7HN6AM8Qp5HobU1RvWlch2tSJJ8QHUyYBt9yYyGhaxZlBXXzgBPuSse9VzqchZ+zX51FYGg0rhwVD4y9KM5y4YK7dptFnuURfHeQ36yyNs01AQmBVokyPwEnEu00fXDWJPwuQ/gdGb5te6DHsafHILXgssgT5xpkvh+79n09dvUQtYieQeTezXxZ51sAfWJlYOvBHEgTgtb4NGNvxZGjd/rj0+3wUUX8w55Zr6a8JsPHiXG7AU+vCRV66ZD6aWcpn5JMSZ5JOXKw74E4HiWQkC+XVjjrBWaLDK4bUi3NZsdTejy7popwCG4LgXuUv9O/PsUR5wL/6QuqP5Ubq1IEXPDMRXTs6wNgPTSiETEB8FxWuXFdOMoXlKFaLo4p3Z+Ms/j/AewLvchydiiM3rdbwi6KZGyT01EhXdkQQrqs935DbMSd/uhky1LL/6gdi/ASSm5rBMJOf8rbZm3V433fEQO++FfLXcJSfHEDbm+NCyWX9m+dajn/6gAIqYiVpenm8eAiZ5MfxKvdnL8Fe6se8UrhGsAV1mdy6TuYmkljzlFCOQa8nGlQwOCjPr0UbMCnv+MaYSA X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: d7f3d9b8-f5aa-47c0-7a49-08d963ee20bb X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Aug 2021 15:21:05.4008 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: D1fJZxVsAuYRffV1ryGWiaVs3grPIeXyRocWSytrPvQmgTIF8n4QybIbyaRZQX4I1fHZqKdwkkELqx/RpOwg0g== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB2446 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org The early_set_memory_{encrypt,decrypt}() are used for changing the page from decrypted (shared) to encrypted (private) and vice versa. When SEV-SNP is active, the page state transition needs to go through additional steps. If the page is transitioned from shared to private, then perform the following after the encryption attribute is set in the page table: 1. Issue the page state change VMGEXIT to add the page as a private in the RMP table. 2. Validate the page after its successfully added in the RMP table. To maintain the security guarantees, if the page is transitioned from private to shared, then perform the following before clearing the encryption attribute from the page table. 1. Invalidate the page. 2. Issue the page state change VMGEXIT to make the page shared in the RMP table. The early_set_memory_{encrypt,decrypt} can be called before the GHCB is setup, use the SNP page state MSR protocol VMGEXIT defined in the GHCB specification to request the page state change in the RMP table. While at it, add a helper snp_prep_memory() that can be used outside the sev specific files to change the page state for a specified memory range. Signed-off-by: Brijesh Singh --- arch/x86/include/asm/sev.h | 10 ++++ arch/x86/kernel/sev.c | 102 +++++++++++++++++++++++++++++++++++++ arch/x86/mm/mem_encrypt.c | 51 +++++++++++++++++-- 3 files changed, 159 insertions(+), 4 deletions(-) diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 242af1154e49..ecd8cd8c5908 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -104,6 +104,11 @@ static inline int pvalidate(unsigned long vaddr, bool rmp_psize, bool validate) return rc; } +void __init early_snp_set_memory_private(unsigned long vaddr, unsigned long paddr, + unsigned int npages); +void __init early_snp_set_memory_shared(unsigned long vaddr, unsigned long paddr, + unsigned int npages); +void __init snp_prep_memory(unsigned long paddr, unsigned int sz, enum psc_op op); #else static inline void sev_es_ist_enter(struct pt_regs *regs) { } static inline void sev_es_ist_exit(void) { } @@ -111,6 +116,11 @@ static inline int sev_es_setup_ap_jump_table(struct real_mode_header *rmh) { ret static inline void sev_es_nmi_complete(void) { } static inline int sev_es_efi_map_ghcbs(pgd_t *pgd) { return 0; } static inline int pvalidate(unsigned long vaddr, bool rmp_psize, bool validate) { return 0; } +static inline void __init +early_snp_set_memory_private(unsigned long vaddr, unsigned long paddr, unsigned int npages) { } +static inline void __init +early_snp_set_memory_shared(unsigned long vaddr, unsigned long paddr, unsigned int npages) { } +static inline void __init snp_prep_memory(unsigned long paddr, unsigned int sz, enum psc_op op) { } #endif #endif diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index 9ab541b893c2..0ddc032fd252 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -591,6 +591,108 @@ static u64 get_jump_table_addr(void) return ret; } +static void pvalidate_pages(unsigned long vaddr, unsigned int npages, bool validate) +{ + unsigned long vaddr_end; + int rc; + + vaddr = vaddr & PAGE_MASK; + vaddr_end = vaddr + (npages << PAGE_SHIFT); + + while (vaddr < vaddr_end) { + rc = pvalidate(vaddr, RMP_PG_SIZE_4K, validate); + if (WARN(rc, "Failed to validate address 0x%lx ret %d", vaddr, rc)) + sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_PVALIDATE); + + vaddr = vaddr + PAGE_SIZE; + } +} + +static void __init early_set_page_state(unsigned long paddr, unsigned int npages, enum psc_op op) +{ + unsigned long paddr_end; + u64 val; + + paddr = paddr & PAGE_MASK; + paddr_end = paddr + (npages << PAGE_SHIFT); + + while (paddr < paddr_end) { + /* + * Use the MSR protocol because this function can be called before the GHCB + * is established. + */ + sev_es_wr_ghcb_msr(GHCB_MSR_PSC_REQ_GFN(paddr >> PAGE_SHIFT, op)); + VMGEXIT(); + + val = sev_es_rd_ghcb_msr(); + + if (WARN(GHCB_RESP_CODE(val) != GHCB_MSR_PSC_RESP, + "Wrong PSC response code: 0x%x\n", + (unsigned int)GHCB_RESP_CODE(val))) + goto e_term; + + if (WARN(GHCB_MSR_PSC_RESP_VAL(val), + "Failed to change page state to '%s' paddr 0x%lx error 0x%llx\n", + op == SNP_PAGE_STATE_PRIVATE ? "private" : "shared", + paddr, GHCB_MSR_PSC_RESP_VAL(val))) + goto e_term; + + paddr = paddr + PAGE_SIZE; + } + + return; + +e_term: + sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_PSC); +} + +void __init early_snp_set_memory_private(unsigned long vaddr, unsigned long paddr, + unsigned int npages) +{ + if (!sev_feature_enabled(SEV_SNP)) + return; + + /* + * Ask the hypervisor to mark the memory pages as private in the RMP + * table. + */ + early_set_page_state(paddr, npages, SNP_PAGE_STATE_PRIVATE); + + /* Validate the memory pages after they've been added in the RMP table. */ + pvalidate_pages(vaddr, npages, 1); +} + +void __init early_snp_set_memory_shared(unsigned long vaddr, unsigned long paddr, + unsigned int npages) +{ + if (!sev_feature_enabled(SEV_SNP)) + return; + + /* + * Invalidate the memory pages before they are marked shared in the + * RMP table. + */ + pvalidate_pages(vaddr, npages, 0); + + /* Ask hypervisor to mark the memory pages shared in the RMP table. */ + early_set_page_state(paddr, npages, SNP_PAGE_STATE_SHARED); +} + +void __init snp_prep_memory(unsigned long paddr, unsigned int sz, enum psc_op op) +{ + unsigned long vaddr, npages; + + vaddr = (unsigned long)__va(paddr); + npages = PAGE_ALIGN(sz) >> PAGE_SHIFT; + + if (op == SNP_PAGE_STATE_PRIVATE) + early_snp_set_memory_private(vaddr, paddr, npages); + else if (op == SNP_PAGE_STATE_SHARED) + early_snp_set_memory_shared(vaddr, paddr, npages); + else + WARN(1, "invalid memory op %d\n", op); +} + int sev_es_setup_ap_jump_table(struct real_mode_header *rmh) { u16 startup_cs, startup_ip; diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c index 63e7799a9a86..d434376568de 100644 --- a/arch/x86/mm/mem_encrypt.c +++ b/arch/x86/mm/mem_encrypt.c @@ -30,6 +30,7 @@ #include #include #include +#include #include "mm_internal.h" @@ -48,6 +49,34 @@ EXPORT_SYMBOL_GPL(sev_enable_key); /* Buffer used for early in-place encryption by BSP, no locking needed */ static char sme_early_buffer[PAGE_SIZE] __initdata __aligned(PAGE_SIZE); +/* + * When SNP is active, change the page state from private to shared before + * copying the data from the source to destination and restore after the copy. + * This is required because the source address is mapped as decrypted by the + * caller of the routine. + */ +static inline void __init snp_memcpy(void *dst, void *src, size_t sz, + unsigned long paddr, bool decrypt) +{ + unsigned long npages = PAGE_ALIGN(sz) >> PAGE_SHIFT; + + if (!sev_feature_enabled(SEV_SNP) || !decrypt) { + memcpy(dst, src, sz); + return; + } + + /* + * With SNP, the paddr needs to be accessed decrypted, mark the page + * shared in the RMP table before copying it. + */ + early_snp_set_memory_shared((unsigned long)__va(paddr), paddr, npages); + + memcpy(dst, src, sz); + + /* Restore the page state after the memcpy. */ + early_snp_set_memory_private((unsigned long)__va(paddr), paddr, npages); +} + /* * This routine does not change the underlying encryption setting of the * page(s) that map this memory. It assumes that eventually the memory is @@ -96,8 +125,8 @@ static void __init __sme_early_enc_dec(resource_size_t paddr, * Use a temporary buffer, of cache-line multiple size, to * avoid data corruption as documented in the APM. */ - memcpy(sme_early_buffer, src, len); - memcpy(dst, sme_early_buffer, len); + snp_memcpy(sme_early_buffer, src, len, paddr, enc); + snp_memcpy(dst, sme_early_buffer, len, paddr, !enc); early_memunmap(dst, len); early_memunmap(src, len); @@ -272,14 +301,28 @@ static void __init __set_clr_pte_enc(pte_t *kpte, int level, bool enc) clflush_cache_range(__va(pa), size); /* Encrypt/decrypt the contents in-place */ - if (enc) + if (enc) { sme_early_encrypt(pa, size); - else + } else { sme_early_decrypt(pa, size); + /* + * ON SNP, the page state in the RMP table must happen + * before the page table updates. + */ + early_snp_set_memory_shared((unsigned long)__va(pa), pa, 1); + } + /* Change the page encryption mask. */ new_pte = pfn_pte(pfn, new_prot); set_pte_atomic(kpte, new_pte); + + /* + * If page is set encrypted in the page table, then update the RMP table to + * add this page as private. + */ + if (enc) + early_snp_set_memory_private((unsigned long)__va(pa), pa, 1); } static int __init early_set_memory_enc_dec(unsigned long vaddr, From patchwork Fri Aug 20 15:19:11 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 500673 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id B0C04C43216 for ; Fri, 20 Aug 2021 15:22:21 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 9B64B61245 for ; Fri, 20 Aug 2021 15:22:21 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241482AbhHTPW5 (ORCPT ); Fri, 20 Aug 2021 11:22:57 -0400 Received: from mail-co1nam11on2074.outbound.protection.outlook.com ([40.107.220.74]:58049 "EHLO NAM11-CO1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S241303AbhHTPWU (ORCPT ); Fri, 20 Aug 2021 11:22:20 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=AD66gOf1vXgMH5h2zGmoeOGQqFKGj037xPKCtLHC+TTp5IvHGBPnT+ueC/9YI1HvGuaorAKER7Qrzw6PZu6noPP1C1XSHUbQ/XJ0NtFjMxlfB/dlsHbdvofphd7Q8s+3oJscJThM3B7i2IGwrUI2HFzs+H5l8XnX6uOjoKpPLuoXKeOh7I0HZRu5b3Jx8aofId2v2b2FaF+ftwqY1lKNpJTkzCTyBQdx3YCpsCTTS+M7BqW0FA6iTgs7aPm9cbTdQbU8EROd6LnZj72fX8KiRBOrDF15MpUc7621cRtRfWfr362+70O0L7Zh1UbuPWiCLxt0LTvNxZWCFSztHLqE+Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+GAj0n/mh4HxIHmd8pu1nVhyIj/Ean9oCwoFOmBwMJ4=; b=NIZC4QxH2dftZb8G6+PBVZI7gh92m8RkiOy15B29DVKfVSRXuvZbaUu17ggWRKHG1aXjLl9ZrYue77p93f9WU17ePlnHvj56Q2vVEzP0M13rPRDLDPd6dMw8qEGFL9CBx/6ktuO/R8XL/1b55bszOTJyV778LRnysXtWQxAXs9py3vsre0mb8LIjaArzFC8dwr5WtBfRVk3fVYFdt/zDJoQLlool0A3pDa2YoptlQyDzV2nlFEnI9y5JCu/Vx8qKpcel/mv2UVIBsWdSEDlmRM9Q+7T/vGo5dtkCLwJfJ8fR3Jip59QsxPTO+JmVjT69IzcglNh/O0Gh7beSBQVUww== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+GAj0n/mh4HxIHmd8pu1nVhyIj/Ean9oCwoFOmBwMJ4=; b=xbszn9ayIDU8VXJUH/Jot6tCMZiqM2BENpd6vaRUKMcnybvD7qdCGBlkYK8C8YSPybGeH2ElOEAVbVWUcLcdTay6KBl+PFSWfgndJboopk48WE6GM1+4IsMM+rj5EzBp77EynUjVXTWDg6lAdWtYPN74CbOAI0yj5qpFHbcVAeE= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SN1PR12MB2446.namprd12.prod.outlook.com (2603:10b6:802:26::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4415.22; Fri, 20 Aug 2021 15:21:08 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3%6]) with mapi id 15.20.4436.019; Fri, 20 Aug 2021 15:21:08 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , "Kirill A . Shutemov" , Andi Kleen , tony.luck@intel.com, marcorr@google.com, sathyanarayanan.kuppuswamy@linux.intel.com, Brijesh Singh Subject: [PATCH Part1 v5 16/38] x86/kernel: Validate rom memory before accessing when SEV-SNP is active Date: Fri, 20 Aug 2021 10:19:11 -0500 Message-Id: <20210820151933.22401-17-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210820151933.22401-1-brijesh.singh@amd.com> References: <20210820151933.22401-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19 via Frontend Transport; Fri, 20 Aug 2021 15:21:06 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 24e8c95a-7068-4cfa-d868-08d963ee223c X-MS-TrafficTypeDiagnostic: SN1PR12MB2446: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:6430; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: z+qy+TXfWVdcPFNCtljsM8jNEqZpJaE+I0VjM/dQ4gKdrF8fdHmJvc/VvIqMF1Onhn1pt/eFgDXQArBufs7T3GomegnRjXvwxoFzBvRqbnez6MDu1dt0BeqvFFnJQzYveDpEmkqM0sErmjf8//oskhrZbdc9K7UVtS2yPrQ6kxLlhVHBsUS/3fl7bTSgFCYMBp6GNWzEqNvIoeOkuoSvYS5hY41uUg4gdID/FIUQsix50iXD+o9+gVBsk1/8rwMVu5WNR/aawWhzz/g8La2aPG69Ebl7DE4PH7H2GmmZZeAyKZDGrwjzZSXqMrguxprb490cOT4smVihyi8vNGcMVWXpDdcO0y63q1nDeEsppsY3cXIKacZgKquh4glBbfV8e/H98+ym6XkUMWkrRv4j17wNCc3CW075nEgPY6LoYwUGzMJDxei3dM2BiLkaNz8qoNN/9yhnszmadPbbl2D/B5xiUioifGcWaO9X2hcge1Dn8HzZLQg52wCIwx4NXIJ7qGCmmLirPrKDmIulvRW/Yzzsz4etWHhjl6Qtnmhr57COxPxXnsmcUIcQarrOJEt1z0PuE6ee22EosQu/IcF5YQdNqTwhhh4I3B9TcFjzTONDjIgWO81b2vIbs6SSTs0B9oUVAjt2Alkrh+7t5a7K6WCYNOPRNg9LUPcCJYM9bHImUyk9vmT05lYwTLIEqYvqW0hVGPX5Vu36HV+BOivrIg== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR12MB2718.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(136003)(396003)(376002)(39860400002)(346002)(66556008)(478600001)(54906003)(4326008)(1076003)(6486002)(7416002)(38350700002)(52116002)(83380400001)(2616005)(7696005)(38100700002)(8676002)(26005)(8936002)(15650500001)(2906002)(316002)(66946007)(86362001)(66476007)(44832011)(36756003)(956004)(6666004)(5660300002)(7406005)(186003); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: DrV06unxxeCp2w2dMfodb5qIkg3iua4Xa4VFbeWZyFU4H+6yF3S2iJc6ghipYLW0wRmtv3VV5Q5Lvspc/TWNk6Zb2ThZ0wcEKSgFomKYlp4LTfIypkxtS5Tl5ecbHQt6yBDzw6tsAqCQwdP0oIo0GXMg/nQagp9RZIwYvvs33oXQ8P/X2he8zne1jH9XydRXygpXQI8X9Nwj/dgPZBj6J/KRhILmkWkzjalck6q715LtD4NiIHGOHAFi5uVXjg5gM8KtRPt+FJqBXYU5Opa9yp3jsggBA0h+KF7wJsax30ElDq8HOT6vvX7+z3f/KKHfKg2l2LU58TOsUQ243lGY2smFYdUAgxAv9qVeYVwT7k6NDVyySbZTU+vSt55/jl9sqZpKsVX8GYr6AGvbpLd38pyA365gsrn/8twWmQq3A/RQ7Ao4vMiVduCLzwRnvYYxulIQqHtZdRbfmSPNjzSY/FPmQ4dVslLlcy0/iUONV7zpMp61aFq8rDFd9SSGPa5x5UD6WzClS+8qQA0ECuh0cbbPHd9kmed3OUcw/R/7H5FH6Qq7oeCuI5zCV8ww7YnteEytJnOKkwNyy+kMI+fhdiBgof4K8J2320jd/niJ5fp2Bm3ckxRJNXt+u874o6xgHJx/SqT9PXzysJ8m+WjSgWY6lngmpky+Rc+0q1sdL/WR/bO8144N1BeoGYg9KyQ+W4KGLNTnmMNtrjGrRJpFF5u6/CHe4By3ccMLZMX7HVPHCs4qYSZz8v0woUVQQOZUCH6PqjMF4OxXob1Z4Gjz+IfWkKD0keSrY6g0L1hnlYgOm6bvZ9phZzTdGXJJUVT/labDqO5f4/AIQ909UWa8ji1HEb8BnrogtiNMKsZAr4zH8AdpAihdiyqN88Wm+7d0TNi0JcHoJdyOiXJhxQvUUhJSsRcLRGZi3NHdAcy0B/zn3S8puoFRYdLCWnkrQSc/df9GtrcCYuHqC/WSWtsPIcZcG5lg662Ye/Ce4efUGFGT3Gsato6eekJve399ZvpyLU+ubTqsonH0zxWcARz9z+NJ1gfHnJUeN1FUD2LV///VIRdsOQ9RAD7wQ35zEr5HCPlW0YZoy3neB63kzUmx450sG5AyiFKCdLEEUG68CpitwDpABVKM94qa3SRNz6Gme6ar8MEtRYYwg+/jSw96g0aS9fb1TZu4pIFoKkU2VRbb3CoBH8ECkN19mqfXVJZuAcaMMfQUcnRv/yzEnZjgxs1i3swEwpaPucbIJE1da+Uejf28fjB4zL5BoqYR0eQN32z5xNIO7V9VY09BLG+3N8VcjCc4a2kQW84037RoA3KugPsOJSx+VvrE6ayndHKi X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 24e8c95a-7068-4cfa-d868-08d963ee223c X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Aug 2021 15:21:08.0223 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: eE46G4bXuZceEBXoa3S1YrVxiuVmMkaKofODuZ0M939hAoLmJKWBwGkp24g+JMNBVLKaJA9jewvOKQI0QwaBnA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB2446 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org The probe_roms() access the memory range (0xc0000 - 0x10000) to probe various ROMs. The memory range is not part of the E820 system RAM range. The memory range is mapped as private (i.e encrypted) in page table. When SEV-SNP is active, all the private memory must be validated before the access. The ROM range was not part of E820 map, so the guest BIOS did not validate it. An access to invalidated memory will cause a VC exception. The guest does not support handling not-validated VC exception yet, so validate the ROM memory regions before it is accessed. Signed-off-by: Brijesh Singh --- arch/x86/kernel/probe_roms.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/arch/x86/kernel/probe_roms.c b/arch/x86/kernel/probe_roms.c index 9e1def3744f2..9c09df86d167 100644 --- a/arch/x86/kernel/probe_roms.c +++ b/arch/x86/kernel/probe_roms.c @@ -21,6 +21,7 @@ #include #include #include +#include static struct resource system_rom_resource = { .name = "System ROM", @@ -197,11 +198,21 @@ static int __init romchecksum(const unsigned char *rom, unsigned long length) void __init probe_roms(void) { - const unsigned char *rom; unsigned long start, length, upper; + const unsigned char *rom; unsigned char c; int i; + /* + * The ROM memory is not part of the E820 system RAM and is not pre-validated + * by the BIOS. The kernel page table maps the ROM region as encrypted memory, + * the SEV-SNP requires the encrypted memory must be validated before the + * access. Validate the ROM before accessing it. + */ + snp_prep_memory(video_rom_resource.start, + ((system_rom_resource.end + 1) - video_rom_resource.start), + SNP_PAGE_STATE_PRIVATE); + /* video rom */ upper = adapter_rom_resources[0].start; for (start = video_rom_resource.start; start < upper; start += 2048) { From patchwork Fri Aug 20 15:19:12 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 500672 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8FC4DC43214 for ; Fri, 20 Aug 2021 15:22:23 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 7878A6124A for ; Fri, 20 Aug 2021 15:22:23 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241507AbhHTPW7 (ORCPT ); Fri, 20 Aug 2021 11:22:59 -0400 Received: from mail-co1nam11on2068.outbound.protection.outlook.com ([40.107.220.68]:40033 "EHLO NAM11-CO1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S241112AbhHTPWV (ORCPT ); Fri, 20 Aug 2021 11:22:21 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=HDLSvJUp7woQ3tiXwj2Q7b1F5ivgkMf2mpET4hIlu57ufkDGQ+LS55jF0fCUFIRFirZyqpPrZIsbvZlLQq2JT4MPtG126s+iazLPtsiVVQAwY3u6GWwm0hWbrg8uVDwx3lal/w2vYJDA3HXFueMjBdbn7R1pdm6C2Rn93CxYRtCBt4ZT5VuK3pbX998J1cawJdfbWCGOMR2m4hLs3Uvtah3VoTAsyVcboJDh8pVK+MskBJUmPFPR5ixk0sQBGDgZaauqxRlfU2wzTCZIbLOx79+vG/mZLkPoSMntZEPy6BaOiiXMskKFnSj9wfJC+JPXlz3JfCtw4MAY6E+QW9FA4w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=mSbJjpXf4ZAM86SXRaSKtnfJ0KgZZpjemjGJtTqJQYM=; b=oBs86YctdExZ+OwePQNkdanlYi1mrftwVWeq1gzPjhJn4Jo6WyGiA0yZ3xPPOhcUPCisp7h0xBAcFljoll0rX9vTOFcNJzXySd6fdugER8yI94+cHjRx3iVe2gk7g7rSL/Ns/sGy0B2Vhvvl4rl5aDpAJCTxGmCV7UvDqJi57ouKflBzqgAp5vBfxDX0kzpP4qqL/5084yH4eu5NFU+sN9kh2PSOCV5DoBwKKHLc8ZQmH8a+5oGxv9y6+p9aczo90uC5XPfS3MkC2OLi7m4EmygoxPq5tmDX8PaYB0tXL4NvLIgHdTS2pP9V2TvG6iBknd5l3mWzU+KUOXRSL0ZIqw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=mSbJjpXf4ZAM86SXRaSKtnfJ0KgZZpjemjGJtTqJQYM=; b=QQvl8UmQg0TxUlZWJnlK4yp1FwyyPIhNWTselXDjRcOTgNfdjlQRxgTqWYv/ni8v0j9AVb2fofRcXm4g7DEiTevCkqMjTKz2cy7JsF4tHoOrJ/zXRZkvPPwCA2pj+zHDJTRQmdgRZCSITuP6EtmBocPUMpSdk6pSEr8xf5AFMCM= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SN1PR12MB2446.namprd12.prod.outlook.com (2603:10b6:802:26::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4415.22; Fri, 20 Aug 2021 15:21:09 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3%6]) with mapi id 15.20.4436.019; Fri, 20 Aug 2021 15:21:09 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , "Kirill A . Shutemov" , Andi Kleen , tony.luck@intel.com, marcorr@google.com, sathyanarayanan.kuppuswamy@linux.intel.com, Brijesh Singh Subject: [PATCH Part1 v5 17/38] x86/mm: Add support to validate memory when changing C-bit Date: Fri, 20 Aug 2021 10:19:12 -0500 Message-Id: <20210820151933.22401-18-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210820151933.22401-1-brijesh.singh@amd.com> References: <20210820151933.22401-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19 via Frontend Transport; Fri, 20 Aug 2021 15:21:08 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: e6adb851-c2d6-49b0-69c1-08d963ee2313 X-MS-TrafficTypeDiagnostic: SN1PR12MB2446: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8273; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: zKGa/FgnhPekSZEBegpdudwQcJeIPEXlkFlO1uK1sfxRUOXyp3/Vl3qwR5hRgvaildCde2xMyr0OYb2cn0xZdEhvFB/BgPiFd3gGaXHsP7QI6I7vK/jV7RKKsOiXa9EOX8rgDYjfznZ/gChHV24IoDlD5Gqs8qWPTf7KseSjOdw4FNLQ1U/kFT2xVFIsX0Lya/8g2xRaYgwx2uBlitRSmmeEN2lKTW796sKg4PEAEigg9aR0RaqD2Z+R47ufpIJUC4i9L+RnNWfj/y2m1UQ057PAleOeVDsBFihQcZmlThnJGoCfWRQVNrdpTaMwfeDnvIO+XJSmFv0Goh6AcJYdFt5hdFjBQYSJUNw2IO6fNi+ojpeyva8hcjcETT7QC6WoY5pZcFtF5G0KCO7P62QTTT72/J/s8uARJfY36IkVNSHyQN9/nN7Hq7ImumNbqt9WsEr0eItXGfeWSRZVejJ8biL1IGqixZAaJUGzCvpjubtIfUS7VVFAoaKNchlCw/MXsZP1qz0IeMdFygTbN1LD6su3th5f+X50S6s7djwtGWif8F95ybD2Ci1HP3cf48a9js6in4UHfYlRKRtrYeIRhw30rIDwm557l1Ib0GBbdenypUe0wim0hD0CZIEzDxZLJtyamxmg0RDd+r+QMgIcfKl3clbxbZuzIA3htHsQuQGcJtdMT6pR17L43ab1M3tZ4aKPU9UFH8vddh1iCTTOmw== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR12MB2718.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(136003)(396003)(376002)(39860400002)(346002)(66556008)(478600001)(54906003)(4326008)(1076003)(6486002)(7416002)(38350700002)(52116002)(83380400001)(2616005)(7696005)(38100700002)(8676002)(26005)(8936002)(15650500001)(2906002)(316002)(66946007)(86362001)(66476007)(44832011)(36756003)(956004)(6666004)(5660300002)(7406005)(186003); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: 5B9+YOLeDJp5arFXL+T9XwnaplwGLBdlDDfTnK6+/J1vysL/dmPHpggV8KYSY4iaeB2JJa4Ae7PqqInawyE4MqpsxnSfj/klD32Hj2lWABQA4YA+kwCV0MtytnmmDgDLeh9909ig+xopV2xx+pjVzU0Zg5uzOFKt6uGCqBOayTDnD7TNKpdYKJZ1Nb+7s+ZZQkj86a2Kmb/vqhuZScRQMMo6/69gJSrKR6jeeWsAN6eozZNH25lDLg5hBFovq9ffHDq1ABZwdEcYXRb02TVj/p9An7OJ7+7lAiKnTkjoTELujrkjqpHeUvlAaHHgqe+7I+I+uioj3ifxnZA/f1dzGiLl4LE5C01dMU+063Lwvgtmln0+QcuLIMjXNFHNiDidD/tMSP177X90eAx/1ChShz6g19NkVNgG6FbGspeQdWiWFRXTS2YJlnSB3bJBgC5MGaW+CJRgVN105RYOr1kD1+DViuvn2F9WmrEjFdfj+HT7jy/kxchhbDqr4IZd2LsPly1qo0xn/HbeB0HBVCjeKOatxM+OsrbZPEQLIH79yyLbILDhvNCZmtl61mGvvtaBxfeX39+ILmJe6OFclfX+gnNDDyS3CjH9ZtCHSV38qD+T4RPd0Qzdi8tDdxafcYd581pxANEwDEw7Qje2lH5rO84DtzCA91eFwcSJw2DWsfRHyE3Bvx9SqOpJYMfJJrMzdgtfDDCc8/zmmzwOKV/v5Wne5YBRg3DSTGw2ObCAx44juFLgKu+Y0WTvk1rAkIQ8kNiMbGeyGi75IZLmi9hA1NDb7nQfc+wZxWo2cf+eswdWhNyYgn92IbuVPQK87j9f4CH+00Sp0hZ5BwHA7A9A07bY3mpgvMXSGP6di1I9bW1NNxTOovU6NzE22OfCet1ujMnZiLATsOLrYT7Dt0JlfXPa6PL5PX+Wg4O0gFr5q94F/djC6s06p4xEWRVVELEFQQ0tEb433A8ZkWWfIrcLOo8YGd9W5pSdAzdU3DLbBb9WvcufbWYmG9QuyePw25AhSgJIMGFN+wU43wCPUrZh6TB7mVncHfm10wTYx+s9PGCJillEx7ivjeI6Lgtw5r6i6MxieIERYZm5XF1TLSkV7Ehxh71F3e+P+QCdwqdeylDZLSFPBlG3EMAFyXX+1XwINB+hnK/WDfks8u2jMG/gdcT3kaN4CwfJx0kkVb0Rw9rAOrKhCZKYeRUOOhrVTu1jH9vjtEkHwGiUJqTolj31GGjos3RQwG4qQB3yFrJ0zwvkiHX1Rzt9tQNU5KAn8GNGSL2cA35EXtpWPZPPqHZ8EAncT74jO8CaeHQpD5OUvk5AhYSWylALMg4ubXjCySC+ X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: e6adb851-c2d6-49b0-69c1-08d963ee2313 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Aug 2021 15:21:09.3355 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: L+7+wvmqb+HEC4TAo7BBYxlDlke+i1MyDgLInni1nqNhvUa5Kl33RYToZYm8UL/iXwDAgpGx0aTuik2P+OhANQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB2446 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org The set_memory_{encrypt,decrypt}() are used for changing the pages from decrypted (shared) to encrypted (private) and vice versa. When SEV-SNP is active, the page state transition needs to go through additional steps. If the page is transitioned from shared to private, then perform the following after the encryption attribute is set in the page table: 1. Issue the page state change VMGEXIT to add the memory region in the RMP table. 2. Validate the memory region after the RMP entry is added. To maintain the security guarantees, if the page is transitioned from private to shared, then perform the following before encryption attribute is removed from the page table: 1. Invalidate the page. 2. Issue the page state change VMGEXIT to remove the page from RMP table. To change the page state in the RMP table, use the Page State Change VMGEXIT defined in the GHCB specification. Signed-off-by: Brijesh Singh --- arch/x86/include/asm/sev-common.h | 24 +++++ arch/x86/include/asm/sev.h | 4 + arch/x86/include/uapi/asm/svm.h | 2 + arch/x86/kernel/sev.c | 165 ++++++++++++++++++++++++++++++ arch/x86/mm/pat/set_memory.c | 15 +++ 5 files changed, 210 insertions(+) diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index 37aa77565726..3388db814fd0 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -74,6 +74,8 @@ enum psc_op { SNP_PAGE_STATE_PRIVATE = 1, SNP_PAGE_STATE_SHARED, + SNP_PAGE_STATE_PSMASH, + SNP_PAGE_STATE_UNSMASH, }; #define GHCB_MSR_PSC_REQ 0x014 @@ -99,6 +101,28 @@ enum psc_op { #define GHCB_HV_FT_SNP BIT_ULL(0) +/* SNP Page State Change NAE event */ +#define VMGEXIT_PSC_MAX_ENTRY 253 + +struct psc_hdr { + u16 cur_entry; + u16 end_entry; + u32 reserved; +} __packed; + +struct psc_entry { + u64 cur_page : 12, + gfn : 40, + operation : 4, + pagesize : 1, + reserved : 7; +} __packed; + +struct snp_psc_desc { + struct psc_hdr hdr; + struct psc_entry entries[VMGEXIT_PSC_MAX_ENTRY]; +} __packed; + #define GHCB_MSR_TERM_REQ 0x100 #define GHCB_MSR_TERM_REASON_SET_POS 12 #define GHCB_MSR_TERM_REASON_SET_MASK 0xf diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index ecd8cd8c5908..005f230d0406 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -109,6 +109,8 @@ void __init early_snp_set_memory_private(unsigned long vaddr, unsigned long padd void __init early_snp_set_memory_shared(unsigned long vaddr, unsigned long paddr, unsigned int npages); void __init snp_prep_memory(unsigned long paddr, unsigned int sz, enum psc_op op); +void snp_set_memory_shared(unsigned long vaddr, unsigned int npages); +void snp_set_memory_private(unsigned long vaddr, unsigned int npages); #else static inline void sev_es_ist_enter(struct pt_regs *regs) { } static inline void sev_es_ist_exit(void) { } @@ -121,6 +123,8 @@ early_snp_set_memory_private(unsigned long vaddr, unsigned long paddr, unsigned static inline void __init early_snp_set_memory_shared(unsigned long vaddr, unsigned long paddr, unsigned int npages) { } static inline void __init snp_prep_memory(unsigned long paddr, unsigned int sz, enum psc_op op) { } +static inline void snp_set_memory_shared(unsigned long vaddr, unsigned int npages) { } +static inline void snp_set_memory_private(unsigned long vaddr, unsigned int npages) { } #endif #endif diff --git a/arch/x86/include/uapi/asm/svm.h b/arch/x86/include/uapi/asm/svm.h index b0ad00f4c1e1..0dcdb6e0c913 100644 --- a/arch/x86/include/uapi/asm/svm.h +++ b/arch/x86/include/uapi/asm/svm.h @@ -108,6 +108,7 @@ #define SVM_VMGEXIT_AP_JUMP_TABLE 0x80000005 #define SVM_VMGEXIT_SET_AP_JUMP_TABLE 0 #define SVM_VMGEXIT_GET_AP_JUMP_TABLE 1 +#define SVM_VMGEXIT_PSC 0x80000010 #define SVM_VMGEXIT_HV_FEATURES 0x8000fffd #define SVM_VMGEXIT_UNSUPPORTED_EVENT 0x8000ffff @@ -219,6 +220,7 @@ { SVM_VMGEXIT_NMI_COMPLETE, "vmgexit_nmi_complete" }, \ { SVM_VMGEXIT_AP_HLT_LOOP, "vmgexit_ap_hlt_loop" }, \ { SVM_VMGEXIT_AP_JUMP_TABLE, "vmgexit_ap_jump_table" }, \ + { SVM_VMGEXIT_PSC, "vmgexit_page_state_change" }, \ { SVM_VMGEXIT_HV_FEATURES, "vmgexit_hypervisor_feature" }, \ { SVM_EXIT_ERR, "invalid_guest_state" } diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index 0ddc032fd252..106b4aaddfde 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -693,6 +693,171 @@ void __init snp_prep_memory(unsigned long paddr, unsigned int sz, enum psc_op op WARN(1, "invalid memory op %d\n", op); } +static int vmgexit_psc(struct snp_psc_desc *desc) +{ + int cur_entry, end_entry, ret; + struct snp_psc_desc *data; + struct ghcb_state state; + struct ghcb *ghcb; + struct psc_hdr *hdr; + unsigned long flags; + + local_irq_save(flags); + + ghcb = __sev_get_ghcb(&state); + if (unlikely(!ghcb)) + panic("SEV-SNP: Failed to get GHCB\n"); + + /* Copy the input desc into GHCB shared buffer */ + data = (struct snp_psc_desc *)ghcb->shared_buffer; + memcpy(ghcb->shared_buffer, desc, sizeof(*desc)); + + hdr = &data->hdr; + cur_entry = hdr->cur_entry; + end_entry = hdr->end_entry; + + /* + * As per the GHCB specification, the hypervisor can resume the guest + * before processing all the entries. Checks whether all the entries + * are processed. If not, then keep retrying. + * + * The stragtegy here is to wait for the hypervisor to change the page + * state in the RMP table before guest access the memory pages. If the + * page state was not successful, then later memory access will result + * in the crash. + */ + while (hdr->cur_entry <= hdr->end_entry) { + ghcb_set_sw_scratch(ghcb, (u64)__pa(data)); + + ret = sev_es_ghcb_hv_call(ghcb, NULL, SVM_VMGEXIT_PSC, 0, 0); + + /* + * Page State Change VMGEXIT can pass error code through + * exit_info_2. + */ + if (WARN(ret || ghcb->save.sw_exit_info_2, + "SEV-SNP: PSC failed ret=%d exit_info_2=%llx\n", + ret, ghcb->save.sw_exit_info_2)) { + ret = 1; + goto out; + } + + /* + * Sanity check that entry processing is not going backward. + * This will happen only if hypervisor is tricking us. + */ + if (WARN(hdr->end_entry > end_entry || cur_entry > hdr->cur_entry, + "SEV-SNP: PSC processing going backward, end_entry %d (got %d) cur_entry %d (got %d)\n", + end_entry, hdr->end_entry, cur_entry, hdr->cur_entry)) { + ret = 1; + goto out; + } + + /* Verify that reserved bit is not set */ + if (WARN(hdr->reserved, "Reserved bit is set in the PSC header\n")) { + ret = 1; + goto out; + } + } + +out: + __sev_put_ghcb(&state); + local_irq_restore(flags); + + return 0; +} + +static void __set_page_state(struct snp_psc_desc *data, unsigned long vaddr, + unsigned long vaddr_end, int op) +{ + struct psc_hdr *hdr; + struct psc_entry *e; + unsigned long pfn; + int i; + + hdr = &data->hdr; + e = data->entries; + + memset(data, 0, sizeof(*data)); + i = 0; + + while (vaddr < vaddr_end) { + if (is_vmalloc_addr((void *)vaddr)) + pfn = vmalloc_to_pfn((void *)vaddr); + else + pfn = __pa(vaddr) >> PAGE_SHIFT; + + e->gfn = pfn; + e->operation = op; + hdr->end_entry = i; + + /* + * The GHCB specification provides the flexibility to + * use either 4K or 2MB page size in the RMP table. + * The current SNP support does not keep track of the + * page size used in the RMP table. To avoid the + * overlap request, use the 4K page size in the RMP + * table. + */ + e->pagesize = RMP_PG_SIZE_4K; + + vaddr = vaddr + PAGE_SIZE; + e++; + i++; + } + + if (vmgexit_psc(data)) + sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_PSC); +} + +static void set_page_state(unsigned long vaddr, unsigned int npages, int op) +{ + unsigned long vaddr_end, next_vaddr; + struct snp_psc_desc *desc; + + vaddr = vaddr & PAGE_MASK; + vaddr_end = vaddr + (npages << PAGE_SHIFT); + + desc = kmalloc(sizeof(*desc), GFP_KERNEL_ACCOUNT); + if (!desc) + panic("SEV-SNP: failed to alloc memory for PSC descriptor\n"); + + while (vaddr < vaddr_end) { + /* + * Calculate the last vaddr that can be fit in one + * struct snp_psc_desc. + */ + next_vaddr = min_t(unsigned long, vaddr_end, + (VMGEXIT_PSC_MAX_ENTRY * PAGE_SIZE) + vaddr); + + __set_page_state(desc, vaddr, next_vaddr, op); + + vaddr = next_vaddr; + } + + kfree(desc); +} + +void snp_set_memory_shared(unsigned long vaddr, unsigned int npages) +{ + if (!sev_feature_enabled(SEV_SNP)) + return; + + pvalidate_pages(vaddr, npages, 0); + + set_page_state(vaddr, npages, SNP_PAGE_STATE_SHARED); +} + +void snp_set_memory_private(unsigned long vaddr, unsigned int npages) +{ + if (!sev_feature_enabled(SEV_SNP)) + return; + + set_page_state(vaddr, npages, SNP_PAGE_STATE_PRIVATE); + + pvalidate_pages(vaddr, npages, 1); +} + int sev_es_setup_ap_jump_table(struct real_mode_header *rmh) { u16 startup_cs, startup_ip; diff --git a/arch/x86/mm/pat/set_memory.c b/arch/x86/mm/pat/set_memory.c index ad8a5c586a35..8e6952d626ec 100644 --- a/arch/x86/mm/pat/set_memory.c +++ b/arch/x86/mm/pat/set_memory.c @@ -29,6 +29,7 @@ #include #include #include +#include #include "../mm_internal.h" @@ -2009,8 +2010,22 @@ static int __set_memory_enc_dec(unsigned long addr, int numpages, bool enc) */ cpa_flush(&cpa, !this_cpu_has(X86_FEATURE_SME_COHERENT)); + /* + * To maintain the security gurantees of SEV-SNP guest invalidate the memory + * before clearing the encryption attribute. + */ + if (!enc) + snp_set_memory_shared(addr, numpages); + ret = __change_page_attr_set_clr(&cpa, 1); + /* + * Now that memory is mapped encrypted in the page table, validate it + * so that is consistent with the above page state. + */ + if (!ret && enc) + snp_set_memory_private(addr, numpages); + /* * After changing the encryption attribute, we need to flush TLBs again * in case any speculative TLB caching occurred (but no need to flush From patchwork Fri Aug 20 15:19:16 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 500666 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1C29FC4338F for ; Fri, 20 Aug 2021 15:24:32 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 057D461214 for ; Fri, 20 Aug 2021 15:24:32 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241056AbhHTPZI (ORCPT ); Fri, 20 Aug 2021 11:25:08 -0400 Received: from mail-dm3nam07on2084.outbound.protection.outlook.com ([40.107.95.84]:16576 "EHLO NAM02-DM3-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S241138AbhHTPXd (ORCPT ); Fri, 20 Aug 2021 11:23:33 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kqyAtshYbmi7T+x/SbYBtYY2C2e0V2kA3oc5StZGUzOUa8Q5TFWYhScyfCqoS8uff3ciXjI/wqJRIxw+qIHQVVWgzhZIr8iEfqtFp8h4AqK3BRXloAw03G2vJYgshVMpBgPolrFhOhMAD7hZj4LraFxELWzyK4SJmtpqvmMAXqnDwTK6rRfWMgfj9jf3XiKiqidIDtuG/PN6DgtzPSEmhjqmmy9moLCJEbMI+p2Zx45ghaHDfPCE9Yt5JKEcncxb7KBvbboxw5lDnET7YxxwDQRjaBCAgUT0gjrCWiZyGWzV2E1VWG8gPG9C0FzxcqR9wvTMXUJXDZLK84w1La+zqQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=IdF8q6VgRdbV2LwEZioEQ3Z8CB40ZABdJHS8hah9rwk=; b=coqUL0OpMF4iJHhHpCa5Hk9QQrgVyWwGwnZsDaIRhrC9rhnv3nTUVXKMlH5hyzWFVgiw+SHNzNdv4hnXJRt6P8CiFk6p2lAKxh/g4SagAlHH18LGVmJGStpKC7Ru5dAMv1d44g99dI3bBmkYP+rOu+qZbb4XNBuFN/HMoseQhTHPbs9M7bIzz7QO/5VqZt5/b4brQiHm6iCrPQ+eQozwEcs3xqbAlyOVD20zuea+FXJIqArZMIeY0qFxy2CgArkZb6bb+suCUEX6rKFp5u2ZkKf8oxUikuOLmv9Bb57HvyO2ulojT42lRfUh6cvP+UUU1xDc5U3mB5vnC+/VbKQdfw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=IdF8q6VgRdbV2LwEZioEQ3Z8CB40ZABdJHS8hah9rwk=; b=gGgNGWLG8PF4tKkOCrkO00BqQ+0ly4tMIejyUZeGIXI0B3kQc0/yiJXKH/D2uTj5FBjKEfQ9M1sAUzf5HqRs7thDQWS1FFCUqXjZqI9I+oZ3WcTxwCA2xsqYyRkp22Ae/TYVi1My1KqRBdFnp25/LrMUASvnXETuBWMbBLFCifY= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SN1PR12MB2446.namprd12.prod.outlook.com (2603:10b6:802:26::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4415.22; Fri, 20 Aug 2021 15:21:14 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3%6]) with mapi id 15.20.4436.019; Fri, 20 Aug 2021 15:21:14 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , "Kirill A . Shutemov" , Andi Kleen , tony.luck@intel.com, marcorr@google.com, sathyanarayanan.kuppuswamy@linux.intel.com, Brijesh Singh Subject: [PATCH Part1 v5 21/38] KVM: SVM: Update the SEV-ES save area mapping Date: Fri, 20 Aug 2021 10:19:16 -0500 Message-Id: <20210820151933.22401-22-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210820151933.22401-1-brijesh.singh@amd.com> References: <20210820151933.22401-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19 via Frontend Transport; Fri, 20 Aug 2021 15:21:13 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 3c95f397-8919-4ade-0939-08d963ee263d X-MS-TrafficTypeDiagnostic: SN1PR12MB2446: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:5236; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: K/5bz6kCVimcW3YTTPpm3g1h1plGJF90Af2n2rdYLwMOIxGMr1GKPxv7yiKylG4SuCnlhpW+2evHBaBvkxpQy65mV4Q4xd0dIuQ+oIXWyvkQFZGF073wG3w0JlMHhmJB5msk/Oe3a1n/Y9JJAdotPr6bmFIzcg/RAaw9K0u6afCFkiLArPvUE+SM7YJGjwHYOXAgoT4HXbVf2NBaVTeHzhz2n8jSbysElYOdWKORRXxYJapcXFF8tZ++DAuBAVbgVr787s02INHskA29Z+aARB0ba+8L24u89wBkB5yoLfL8IaDQPZwrDxrWl13PPPDWOoSHCHODy1KQX5xcccxmTKtrCIY5BcMDvhnkIzcb+VHMnCPKUkGlm4CNegvCubV1OkHX351f3czsFsfYBtq1pi/UtSCXUNIEmoGYXsJuzX9o4/sWluukx0xYiHjWLTawk6gtUTXp+/N52es3eB74troZlmV6IHc4K5/3z1W6xbm2PeF6SdocdPckAYBvoeL3L26a//3LbhGqDF+qoaEU3EZLTGbfCd3VOcwt0X7k9xMsSIjDj7KamTW7KAtXeb5JG9MZqfFyrWir9CcJpeAIinfnLVfxb5a005iWjEQWNZ1wcC2gXawqWh6RKAs6nI5kOHSbi3e8E+YC2YiKd2ODwOXpZhPaz/DF0BSsK6RKfri+7WtokBgFWnS88cGf43zZVgS+5XnHBDCxqG3LnL9Xfg== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR12MB2718.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(136003)(396003)(376002)(39860400002)(346002)(66556008)(478600001)(54906003)(4326008)(1076003)(6486002)(7416002)(38350700002)(52116002)(83380400001)(2616005)(7696005)(38100700002)(8676002)(26005)(8936002)(15650500001)(2906002)(316002)(66946007)(86362001)(66476007)(44832011)(36756003)(956004)(5660300002)(7406005)(186003); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: 2FXOLvxhGqVxBElcDxHVuIphjZye7E/EWnVLv6JpAxtFPsLYiVzepP4RypfQGRsYzx2qI4mMWVj85B1pUnrbsC7OKp2GwE3NX5BEzhcIlPE9xcAqwg8u+xa6quZBepjv5uXxLhHJ7SmCrycO0AEK6raBZTeGF+ce7f7aKICUHX+kJT/inQ4YhTkVV6+X2zbqFYkLulu7hY1Z44VZXd0xOEn9ZXeBb2NuktpX13Vb6S6glWcPY3CjognbhQDb4rJbWqgZkcp2MWtl44GIMmZRlhftkgE27H76yeE3gheEx8oYRN46kmLJHlOcUuBdV5e9syhCs61Ub6bRKxP4kKNE+NH4dm82Qu0Dgpep/Ig1g5wZYAt3F8PgkVFxDnxExNVLRGpp6Z2yWsJPlQAA7azkWNJ3Mtwx/8vlYPm9LG+yMm81ZURNmQgYT/g521Zg+v13Cp82qI0eTp+cPVOG2tG38aPnU2BQowHmBALZzDR9OotEmXqJNUXVeABdbac+pQA3SpXs89H0GO21L+IxguSQwI6WXbut7QiblqB7WmZ868FeCTOu7N2f4cmtNzM7WE+WqNRDKSs6n/gL/sw71mCELkLOAydfurZ6gH6wcgOS2yJB9b8crsEa08eFflWHzXofKkryrY2GkErG6sXFOilFxQdaB6lNV1QO5NoZWRJdiL2blk4w8TsozJnqiUQLYEqfiHuCuzFSEiNe2dJaWgDoL22icTwWZl/6/Z1XyesRAPRVYlEHtDeNozZuaszJAvWO9nFNrtQwLeiGUq+Yz2Eqdh9w0XccP4Xce72wiX6yparNtfmiyz4D30At/izNghzxpgIv5XQo4hz+YWy35tN1Mkozu/+UM74zjhUMSAqdhOJ/13VnSpxK2hbuAACRERVI7OmInHLLbidU27YIx40UO5HTA3kKef3+LtlReBuSKv3Ererhwm8Z3bFqiBwhMemKtDEwWxYs/0sXwtt388glMRDbowGbkdnAdSqkRTld7hd1Bo66Cba46JGzNRTb2S1vYPQrfZ6PZVQkvX/B94Pjg95tuWKIcyr77AkAWOe6yDabOWrOBrIUJhccrTD4gcJWLXFHThLw+hbg7amlZvBRnw8y7BX0GH7for+OlmXHVTL/5+1j0Udd9jy2L3LmqbHa0B9ojob+arJgPX22ZMFoBBAiERpdiHrQ1C46yKX4TbA6RtHy91XS16kuBzAAmgvBQTsJoX72U4Ny124t24dO+OmyRMvVp2UYHOYVNX0osulQzPq/LxHyMjoQImleyRivq9ennE1po+0i5LSL793ail1pZw8YLh5tsWGTrBxcYUhoAQOBxCvZsgpKTqWRu1aX X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 3c95f397-8919-4ade-0939-08d963ee263d X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Aug 2021 15:21:14.6695 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: d62xoTtOu42FjijsElMdcr8L7VYsXbkPr6KT7DoP2gfuL/g0dz2dyzMMnXikDfZFCjmQ0EZ59qg4ln1rtijkUg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB2446 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org From: Tom Lendacky This is the final step in defining the multiple save areas to keep them separate and ensuring proper operation amongst the different types of guests. Update the SEV-ES/SEV-SNP save area to match the APM. This save area will be used for the upcoming SEV-SNP AP Creation NAE event support. Signed-off-by: Tom Lendacky Signed-off-by: Brijesh Singh --- arch/x86/include/asm/svm.h | 66 +++++++++++++++++++++++++++++--------- 1 file changed, 50 insertions(+), 16 deletions(-) diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h index 748fe1c82a2b..44a3f920f886 100644 --- a/arch/x86/include/asm/svm.h +++ b/arch/x86/include/asm/svm.h @@ -288,7 +288,13 @@ struct sev_es_save_area { struct vmcb_seg ldtr; struct vmcb_seg idtr; struct vmcb_seg tr; - u8 reserved_1[43]; + u64 vmpl0_ssp; + u64 vmpl1_ssp; + u64 vmpl2_ssp; + u64 vmpl3_ssp; + u64 u_cet; + u8 reserved_1[2]; + u8 vmpl; u8 cpl; u8 reserved_2[4]; u64 efer; @@ -301,9 +307,19 @@ struct sev_es_save_area { u64 dr6; u64 rflags; u64 rip; - u8 reserved_4[88]; + u64 dr0; + u64 dr1; + u64 dr2; + u64 dr3; + u64 dr0_addr_mask; + u64 dr1_addr_mask; + u64 dr2_addr_mask; + u64 dr3_addr_mask; + u8 reserved_4[24]; u64 rsp; - u8 reserved_5[24]; + u64 s_cet; + u64 ssp; + u64 isst_addr; u64 rax; u64 star; u64 lstar; @@ -314,7 +330,7 @@ struct sev_es_save_area { u64 sysenter_esp; u64 sysenter_eip; u64 cr2; - u8 reserved_6[32]; + u8 reserved_5[32]; u64 g_pat; u64 dbgctl; u64 br_from; @@ -323,12 +339,12 @@ struct sev_es_save_area { u64 last_excp_to; u8 reserved_7[80]; u32 pkru; - u8 reserved_9[20]; - u64 reserved_10; /* rax already available at 0x01f8 */ + u8 reserved_8[20]; + u64 reserved_9; /* rax already available at 0x01f8 */ u64 rcx; u64 rdx; u64 rbx; - u64 reserved_11; /* rsp already available at 0x01d8 */ + u64 reserved_10; /* rsp already available at 0x01d8 */ u64 rbp; u64 rsi; u64 rdi; @@ -340,16 +356,34 @@ struct sev_es_save_area { u64 r13; u64 r14; u64 r15; - u8 reserved_12[16]; - u64 sw_exit_code; - u64 sw_exit_info_1; - u64 sw_exit_info_2; - u64 sw_scratch; + u8 reserved_11[16]; + u64 guest_exit_info_1; + u64 guest_exit_info_2; + u64 guest_exit_int_info; + u64 guest_nrip; u64 sev_features; - u8 reserved_13[48]; + u64 vintr_ctrl; + u64 guest_exit_code; + u64 virtual_tom; + u64 tlb_id; + u64 pcpu_id; + u64 event_inj; u64 xcr0; - u8 valid_bitmap[16]; - u64 x87_state_gpa; + u8 reserved_12[16]; + + /* Floating point area */ + u64 x87_dp; + u32 mxcsr; + u16 x87_ftw; + u16 x87_fsw; + u16 x87_fcw; + u16 x87_fop; + u16 x87_ds; + u16 x87_cs; + u64 x87_rip; + u8 fpreg_x87[80]; + u8 fpreg_xmm[256]; + u8 fpreg_ymm[256]; } __packed; struct ghcb_save_area { @@ -406,7 +440,7 @@ struct ghcb { #define EXPECTED_VMCB_SAVE_AREA_SIZE 740 #define EXPECTED_GHCB_SAVE_AREA_SIZE 1032 -#define EXPECTED_SEV_ES_SAVE_AREA_SIZE 1032 +#define EXPECTED_SEV_ES_SAVE_AREA_SIZE 1648 #define EXPECTED_VMCB_CONTROL_AREA_SIZE 1024 #define EXPECTED_GHCB_SIZE PAGE_SIZE From patchwork Fri Aug 20 15:19:18 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 500675 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8C102C432BE for ; Fri, 20 Aug 2021 15:22:02 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 7664F61242 for ; Fri, 20 Aug 2021 15:22:02 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241095AbhHTPWi (ORCPT ); Fri, 20 Aug 2021 11:22:38 -0400 Received: from mail-bn8nam08on2087.outbound.protection.outlook.com ([40.107.100.87]:15585 "EHLO NAM04-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S241118AbhHTPWI (ORCPT ); Fri, 20 Aug 2021 11:22:08 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=E+xrbZmD2XobuBAqdvkF6r10vmQpWggdV7JgVmPmNeajCxikGNdbobh6eJmwITaSgd3id57gFJ/6/I2c4uxYg0S1pqRqCvsf1zukTJWpCLWoGLhzISk8LNenqNW9jMKojjT9wGIHw/NmyKhAKu+Vcms0ZN75NnB4OmpEDdUOSRTEvbZRQiNoqJNF4iAGE/tQRTOXLfATMX2JoZ3nymGhR/6l6oIdA1vqMNpXnqJAwu4MrkMFy1xJ7O45NrskN2mvJM+bWs5niWiNJeVefmq3pWnz4p3B/W7aC/8g3yrA+Ac1VTusP8yRm7gIEPpP6Cce9Peovd22TMIm0dFAEJkO3Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=evrmQ0dNpEqVvr3I01KIDOwQFoxzpcbaf5oU9vPkZcA=; b=nR8cQ5CR2B8apjdu+f2VRrSrKf7j7ik+T+I12WBi89/iqZWxXnE9sISZRRJU4xBB9EvR4u+Txg/Ibx3VSOWLhcRZtnPn2rwxdYaPmSVLGGzanpLNEvj/LyK1GVXFmpKL2vg+zdjvY8L6VcZlbRqBNtsTz6OO6Q8HYX1VtWZbOqNpn6YwwQNzgzMAXrixm0boMh2ALFvQ7BbevX8LlnNBqiX+NYY/oT5VYVFyqn+f0+eSnJoPMpsXhxD15bAfPn/VKEP85YvQqBMOG3jI8NiAtKF6ZkATvho05rRNHMU8HqZq3lhp6OzR5vaLOh4jMEyEcE5brUXVfFePFJzSGPtSUQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=evrmQ0dNpEqVvr3I01KIDOwQFoxzpcbaf5oU9vPkZcA=; b=vCJ6P/yObDf7LR1/hWIelTIIbS0WLJL5uI5m28tDLQhxPPvDesjuvtSNkaZvliUonWVot1N7jbeoHPS/EMeDyPcF4zyj68hnzdonWeJ+MIrd2QuZSP4lQ2UN6suSwA+TDd7e+exPaQHnlQIyv46XO4Ax8EuKAj0OMeLHszwDkac= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SA0PR12MB4557.namprd12.prod.outlook.com (2603:10b6:806:9d::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19; Fri, 20 Aug 2021 15:21:17 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3%6]) with mapi id 15.20.4436.019; Fri, 20 Aug 2021 15:21:17 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , "Kirill A . Shutemov" , Andi Kleen , tony.luck@intel.com, marcorr@google.com, sathyanarayanan.kuppuswamy@linux.intel.com, Brijesh Singh Subject: [PATCH Part1 v5 23/38] x86/head/64: set up a startup %gs for stack protector Date: Fri, 20 Aug 2021 10:19:18 -0500 Message-Id: <20210820151933.22401-24-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210820151933.22401-1-brijesh.singh@amd.com> References: <20210820151933.22401-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19 via Frontend Transport; Fri, 20 Aug 2021 15:21:16 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 978f47c1-8c2e-4517-7fb6-08d963ee27d6 X-MS-TrafficTypeDiagnostic: SA0PR12MB4557: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:9508; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: grZ3zsc3t1z7vJgpdhrVGgn5fAvZeSJ2CzmvtFvGsjGFywdSe/+QXMgNncl9k2UO+M/mINRuNhyU1+eFjf/zB0VcYEa+KUJ8U9GYsmbbYc7yZJx1AT/E9Xgyy6KKZQ3F4cNHnf0R0YZ5wtTG1ld87rbiBLvA+ev+KXjYYxqzdQ4uHltFotghJf5JuVxYlpLy+nUpyEj5hi5qcQfLhlzaPICX8REgbF/r8CY2u6dON6ZiCF9En4tklI7n6TtJhw63ejI/no5MxwdxRZjdMyaJc31HSdfNe5fyLzD8ewwe5zIZzXr6oARKeBbRTU/pU2cVSWfFF/14mmXMZQuUn22jtDOvbnJXtSA/kE3cS8HqvGTbOSrlBS9D7b6vFrNfS75FPZ9YPba95kqFqTbfvL9ZQn/Y7GHtzbU6W3TdtBK7K8tc8qDG4rPBC7qGr8Q0ihagg6CzHfgSRLi3q5DxC6zMD/vKXqDKbAwItc0kHDbqqSezpkF2t7siF6SP39IX/ngTuFJU/1tQVfpZB66/S8o2B/dBz9kIvqk+vNyssBs9vpaYW2jIoZQGXHGogbX8Zf/gqoZwNFOJl3x1FLZ7vQm22yv//8euHyJgMPmYMH4HjJaUoY3OperQV5CeMMIolxh6bL20nEbBve89F06m/9v6HkAisFEhFhBdJTBJOgZPc+mJhz5V/A9M79F8QXoVbto1co47B6rmyHBZU3L4H6xqWQ== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR12MB2718.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(396003)(366004)(39860400002)(136003)(376002)(66476007)(66946007)(4326008)(478600001)(44832011)(956004)(2616005)(7696005)(7406005)(38350700002)(52116002)(66556008)(7416002)(38100700002)(36756003)(186003)(316002)(8936002)(2906002)(83380400001)(86362001)(26005)(54906003)(1076003)(6486002)(8676002)(5660300002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: C00X63XgG9A5USk27K9qZYq2fw9q3/6Cpvi4HlrPjxob+46ue5uzfaOzFjtrHpM4jC7RT1SsT7NJoMe3DCtTlm1WKAlUFnUn8QR2+jxqIficBzhk9YUAXNwkRCYkKGExzejlNOs3Ds9hawYjUgaXvWC0ZhBR3lMihM7zCDHuFrqJ2JqifBogK9t2FRdn+YvWa41A5JJUYPZy7+k+ucjMZEfqr5WnthsCt93e9QiuY4mFp0lWI3N7aYP23/WS06pNBXn5v3UFLwW54pgpfEcGQjBTvhpOEQiDlixU6ivjT+XyDjsXTeF4t0ySdQiAQ7GR0tmjZE+oifqmyUmhZA8Xd9ooZaYBYg/Jzsxd7mEApZoe/7EH5Y4roQWwaT0QuiYbU3RE86RR61I9EXKwmkps5U/Hb/SdtpbK5fHXS7aKF47z3LMdhVn7NZq7f/7ecZrqONDXturysavZHgKHLlYXjkZih6wvj+K8jBY2eUB14leZXvJprapngQPdHNDOcVUvae+ZevI/XINaTamDKiuPAGOisJXkdVVf30msbsZIZDd9H6dm0eAKe12PIfkA+Nu2UOqZp54JVR451aQo4GS7PnorZ+2Q4H66Dc7afMICxCUsO+83adxk9FJINIkR7GE8xpIwLbx79FE/b3rbPY0qpgCdBt1MQXfNe9+QD8tJryCigyFvBOy3AjyAaUtAOH1RzMVjEN83PgKNFQON/vB6htGeC2awrXGwm18ptefThHLl5ExRtzZmtAlzYy8nZcTZFVJIMQ72eK/3EjRTz09GFSHTh4VE2SzADpi8yBT0S0N6p+rjpeAFrtFpgNsSS01lcpVmIPhDugrcuDiRdenoAGwNufgXAsSq6iueJnnTLifh1mD0JTIhyerDG+Hh6gWmTyPiAJuvxKetONR+kAQK3O1abLqRT1d+0hTqUEmhtXWA0zFia0VFn6ilGtlp+BSWIa4Ciq1ke9JkKQ+PSZRAq9TSF5LiVfkxyWP73x+/+MniG4i5VLxUNUGcYPc4S4ReswsP93oln1nSKOe9kopBETV3c4TBrd1M9oK6b4bcsJhaVGRFibFZ5AB2FRyqh45IUEtCQ+TMKSpcODi26SD2MIVCSER9OdKBZeNU87oRVHQjXKRSQub8qBNAqB7h+oE5BCA9bDvm2QqLEjfEoNDHQjGvDMsFCX18WcIpGCDTbvp7L2kvqfQqRQiloWSEiBzUcDETGHTsmm6hxupZ5tU5V4/yOd55UPrpkxlITmYFMo2I429oxHzCQpqS6MtTNRIYOq0q/9aJ0mpbuwpWQf0hq61L4+2/Y0jH/CCQvx91aU25VUY+SAIm2HI4E4y5ezxb X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 978f47c1-8c2e-4517-7fb6-08d963ee27d6 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Aug 2021 15:21:17.4089 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: Yp8JXpW89gxpwi/NNey4QGih64BHBYpHwYeEUQId3PENXIvSmPdPqcUMwnzRq7bB5rjaRlN9c6YZGwQ+GBLAkg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB4557 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org From: Michael Roth As of commit 103a4908ad4d ("x86/head/64: Disable stack protection for head$(BITS).o") kernel/head64.c is compiled with -fno-stack-protector to allow a call to set_bringup_idt_handler(), which would otherwise have stack protection enabled with CONFIG_STACKPROTECTOR_STRONG. While sufficient for that case, this will still cause issues if we attempt to call out to any external functions that were compiled with stack protection enabled that in-turn make stack-protected calls, or if the exception handlers set up by set_bringup_idt_handler() make calls to stack-protected functions. Subsequent patches for SEV-SNP CPUID validation support will introduce both such cases. Attempting to disable stack protection for everything in scope to address that is prohibitive since much of the code, like SEV-ES #VC handler, is shared code that remains in use after boot and could benefit from having stack protection enabled. Attempting to inline calls is brittle and can quickly balloon out to library/helper code where that's not really an option. Instead, set up %gs to point a buffer that stack protector can use for canary values when needed. In doing so, it's likely we can stop using -no-stack-protector for head64.c, but that hasn't been tested yet, and head32.c would need a similar solution to be safe, so that is left as a potential follow-up. Signed-off-by: Michael Roth Signed-off-by: Brijesh Singh --- arch/x86/kernel/Makefile | 2 +- arch/x86/kernel/head64.c | 20 ++++++++++++++++++++ 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel/Makefile index 3e625c61f008..5abdfd0dbbc3 100644 --- a/arch/x86/kernel/Makefile +++ b/arch/x86/kernel/Makefile @@ -46,7 +46,7 @@ endif # non-deterministic coverage. KCOV_INSTRUMENT := n -CFLAGS_head$(BITS).o += -fno-stack-protector +CFLAGS_head32.o += -fno-stack-protector CFLAGS_irq.o := -I $(srctree)/$(src)/../include/asm/trace diff --git a/arch/x86/kernel/head64.c b/arch/x86/kernel/head64.c index a1711c4594fa..f1b76a54c84e 100644 --- a/arch/x86/kernel/head64.c +++ b/arch/x86/kernel/head64.c @@ -74,6 +74,11 @@ static struct desc_struct startup_gdt[GDT_ENTRIES] = { [GDT_ENTRY_KERNEL_DS] = GDT_ENTRY_INIT(0xc093, 0, 0xfffff), }; +/* For use by stack protector code before switching to virtual addresses */ +#if CONFIG_STACKPROTECTOR +static char startup_gs_area[64]; +#endif + /* * Address needs to be set at runtime because it references the startup_gdt * while the kernel still uses a direct mapping. @@ -605,6 +610,8 @@ void early_setup_idt(void) */ void __head startup_64_setup_env(unsigned long physbase) { + u64 gs_area = (u64)fixup_pointer(startup_gs_area, physbase); + /* Load GDT */ startup_gdt_descr.address = (unsigned long)fixup_pointer(startup_gdt, physbase); native_load_gdt(&startup_gdt_descr); @@ -614,5 +621,18 @@ void __head startup_64_setup_env(unsigned long physbase) "movl %%eax, %%ss\n" "movl %%eax, %%es\n" : : "a"(__KERNEL_DS) : "memory"); + /* + * GCC stack protection needs a place to store canary values. The + * default is %gs:0x28, which is what the kernel currently uses. + * Point GS base to a buffer that can be used for this purpose. + * Note that newer GCCs now allow this location to be configured, + * so if we change from the default in the future we need to ensure + * that this buffer overlaps whatever address ends up being used. + */ +#if CONFIG_STACKPROTECTOR + asm volatile("movl %%eax, %%gs\n" : : "a"(__KERNEL_DS) : "memory"); + native_wrmsr(MSR_GS_BASE, gs_area, gs_area >> 32); +#endif + startup_64_load_idt(physbase); } From patchwork Fri Aug 20 15:19:20 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 500669 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 017E4C4320A for ; Fri, 20 Aug 2021 15:23:21 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id DF20D61242 for ; Fri, 20 Aug 2021 15:23:20 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241457AbhHTPX4 (ORCPT ); Fri, 20 Aug 2021 11:23:56 -0400 Received: from mail-bn8nam08on2040.outbound.protection.outlook.com ([40.107.100.40]:2451 "EHLO NAM04-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S241464AbhHTPWx (ORCPT ); Fri, 20 Aug 2021 11:22:53 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=HBAGl7AwNfI+GiEzUPB3q9/EnbHQAS2X9pYnfY6j76dj2ieE/q6iWKTzWMIqi8UNA+4belGjt8/VyWLJP/8+5tzc/MkmBJvpxt2PDSPtDJuiQp3HF3ML6el5Rc3hHAT69btrcvXO7MRAdypbHhsjyyKxvJ4OpUA20glNgZ+dvtZsCpGoqhREpLo7AaFip7QZBR5UmGYxeE9smg1B1Xcm3YsKDmMHor1Nue2XflUJUemOnIDdgAorGfUHRk9bZoZ8g3/WJjKXrx7dMScLLoOac/3awQded9tQUwTZHhvOGH35OOYqxzm0QqEquOStYFVFwBameN1biOkcH0D68/S6JQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Leho8Jmkv5yLql5LB5x4IW1bbgPiHRPzBpGLROjWfHc=; b=oRqaMYPvlcGRGe85PPSSO5lhaaCXfNc9PiQi8lGCMAM/0CVClnn/ZJdGbyncnfV1heyMvzmSqAEP8UHkZhPH4UfIJoqMshLEkCPnPoQRourqXGwjPpHKNqasnHZQcofTdAm7XVyKHyzLnHH94PPxwabByH+VnD+U+4xQAjkTxW9B+JFwvJpbIJQYffPZEb5rlLBCUvruLWxI4E/Ex12CWv3fqpwRX8ujftTe+BmXDa0+Jwz2T0Wskx/6WXHsEDWKPhWbnTQCWSSOBAHeSXCb83Qugny0sbt/JYUQ+E/9niBtkoO2yZupUAaGFF1XNxOtV9Y4N0NWAMPsDzxiDdlzdw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Leho8Jmkv5yLql5LB5x4IW1bbgPiHRPzBpGLROjWfHc=; b=MeOFTVnfWalVA5MSID8xxswBtMV6NQIBSQA7JbsfNAsB4AcEssW6rlZdLPmDrVe7oDP2cQN6aFbG6PBhDK0LllJNTQv3GXd0lzg2Rzh0wAUd2/8pqaTdLqhj3m7iAoPevrhNRBTWxqND+xvZvxzE+YWK7af5UtL1tE9fcgWLCwM= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SA0PR12MB4557.namprd12.prod.outlook.com (2603:10b6:806:9d::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19; Fri, 20 Aug 2021 15:21:20 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3%6]) with mapi id 15.20.4436.019; Fri, 20 Aug 2021 15:21:20 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , "Kirill A . Shutemov" , Andi Kleen , tony.luck@intel.com, marcorr@google.com, sathyanarayanan.kuppuswamy@linux.intel.com, Brijesh Singh Subject: [PATCH Part1 v5 25/38] KVM: x86: move lookup of indexed CPUID leafs to helper Date: Fri, 20 Aug 2021 10:19:20 -0500 Message-Id: <20210820151933.22401-26-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210820151933.22401-1-brijesh.singh@amd.com> References: <20210820151933.22401-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19 via Frontend Transport; Fri, 20 Aug 2021 15:21:18 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 87d552e6-b495-4996-3257-08d963ee2978 X-MS-TrafficTypeDiagnostic: SA0PR12MB4557: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:2150; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: GIRe7PU1d0CLqbUOpp0gBMy4UIEHppyrODbISf9rqmXcY/n6v846cGcFhAgdq0eWgyseTszsUjASozOCAzJYhaynwmlugqcH2smk3WXy+eabDrczy0ZeaU74p3ivwACUy12cWd3t8TIv+18N1nEBQAHIVfYlS+6j5877CnqRwhN8kJ0vtSZStj3jZcRzRLGXhB1ZLDF+q99sT6S3nUcHwrO7zsGHR3Jl2dmeh0vLKtHlxhYMK+asjyjw5UTnVYY2eGh3ZAshsXtyeI0BOMi9FMb15+WUwmxU7CvPFNJKkmmOUkCE2FxNxGHr1EhQQLDafep+fnFIlr/4kq/65rbXO2dFBoROwjRIFwZtPJu2SxDx7umjtgmvfBJ3cH7sJHOlieIAjojFgNazvQtQaEgnzgDAW0KiJhw9OyHS9H1Ev1Ga/a4wfga1jkqFL+xmYWJRAY9GH89S9FOXd+1u19ysYgMxej0OdKO7tkspZsunSYWJAmuQfMollarYy6I9g2ou9dJN00lhsY9MAUgJ3G2rqcdgYyy7yYkPRWKoOCSf1zrlY/QB1a/7SGesFBrcRAyYQIoNLiDSf2D3xSKIvrhmGUw89ovTGqXXUja4ffpe55K1butM+oFDVthD6+ucS/Hbx6lvzanMUPln8HvqUHYlfRmGyzZGqitYfmx+uji+fw0VnfJ2BHUFvX9aGKdNHsznjAsDzU0kDK3fSLbVbfZrww== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR12MB2718.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(396003)(366004)(39860400002)(136003)(376002)(66476007)(66946007)(4326008)(478600001)(44832011)(956004)(2616005)(7696005)(7406005)(38350700002)(52116002)(66556008)(7416002)(38100700002)(6666004)(36756003)(186003)(316002)(8936002)(2906002)(83380400001)(86362001)(26005)(54906003)(1076003)(6486002)(8676002)(5660300002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: RFGDeabkwHdw9A5ABB0Lam0EFgog80Qo729/bzQ4ZL9J39S4tnphfykg68YghtgrAxD20ehskg2Q0DTeZBjO6H8CKLEPg3GYthKLAhi85RR6sAr0nntpe35gDOyPxsDhv62x1rP3rTI0DcVg3MpkCDWBd/dVnDZnwmtEHZEd/DjkVjV9Hq6k10x6iS/8l41NHvUzhwsjKWz5ycOAutSlwp9ALGMiT7mzw23H6tPhLd4LCX5DF7/jdLj/l4Bvh8UQqiLG8pw6n0irW1a9IT/erPVmTWxISYxdm491AwmvkLBTaOGUT1po8bSQyOhLZl53AKkX8oyrkWahhM4tFfR/O4mJDzkuVMFSNo98ZEi6AZZvZ6LxoINm8+EwVf3zhjJBrPAdwnlokYVkifmSeFH/+6Z6NpbjtfIQqwxdwug9/xPNHPEL2thUPi4/o88G5U0nsCjxCRnFjqnbiz0s/nY11zd2YkyTIo/k7qD7axzYn2Spma6h2zkjb1bPU1La2VW6QEHS2RLeiLhEye3mDk2mmNJa2VVitajqeXwAcRSY3JODMPTWSZOgkXHznERILjqrti00qow244lPv23yoQGbrX1HXa/00SfdecN3GHR/E8TXw1Ib4WGvrO9YuEivrmGbDw3i/dH8otf7vo5h+sw/GXkg/UaoeE6+yYgPridq3xiRRJghbKwj6cmmpJ6xfw+RvgYMzWqShicDNnoEKcAtE8DYFLZIaeXS1WgUYDNv9FBtVC7bWzorxKrzjEgbW2s9MA06WLaXP5Lm3Ggc3NdLw9XIKQ5/5wGi+abB+KPw8q9uN5E+rStzBi0CcxXIRIYetvzuVpcSy5TiGDn6i+Bn5PkqNBJ3lZMchTo3gbV9yu1mtyM0dyPjf2peZPraycj8HFsGQvLSF73Wa1t20y5ilClRNdQ/TdYzUiUH7yJk+1J3630MA8PN/LEzfXkUoBXZcBAzX/i7+r8hFkeYdRYCS2tzNgLoyvEj3YUJwB+qmE5ji8kOn5PFjTgBKOhe0G5Kv7gV78xbrb/hx3xhADwgGfhT24tdscbWmTmA+JjwSwuniznkZ3Ha88y3SbpxaHYijpGYZwFMMURf+U0lQML58PY5oRAul1pP9Bj51wsOHPGTi3rIB/SnosL9yPT6t2hpXiFtn7Vpb1EiaXab+AOmkxpmAm91P0bJ9HuDNRUHm8oPKZhuq0yXj32SghYDm5SiI1azZkXuP5rUG2Rx6Y0QcRFZaMK59EXhyHii9HIkGFXwt4s2y6eFO42qR9g7RTii031bba+VjbES1d6uepvN/0ibCbgWyyaIpU2YEtehrTnVxbpRQXONhc8eYfTQalfo X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 87d552e6-b495-4996-3257-08d963ee2978 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Aug 2021 15:21:20.0224 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: tpsMZ7O858Qb73Pq8Z0sYXXfjFVba7wwe02KcVOOgvLiHTjlZHIjnK+C11mF1spvnoQ7Ctv3mqVAEKiHPZaPlg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB4557 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org From: Michael Roth Determining which CPUID leafs have significant ECX/index values is also needed by guest kernel code when doing SEV-SNP-validated CPUID lookups. Move this to common code to keep future updates in sync. Signed-off-by: Michael Roth Signed-off-by: Brijesh Singh --- arch/x86/include/asm/cpuid.h | 26 ++++++++++++++++++++++++++ arch/x86/kvm/cpuid.c | 17 ++--------------- 2 files changed, 28 insertions(+), 15 deletions(-) create mode 100644 arch/x86/include/asm/cpuid.h diff --git a/arch/x86/include/asm/cpuid.h b/arch/x86/include/asm/cpuid.h new file mode 100644 index 000000000000..61426eb1f665 --- /dev/null +++ b/arch/x86/include/asm/cpuid.h @@ -0,0 +1,26 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#ifndef _ASM_X86_CPUID_H +#define _ASM_X86_CPUID_H + +static __always_inline bool cpuid_function_is_indexed(u32 function) +{ + switch (function) { + case 4: + case 7: + case 0xb: + case 0xd: + case 0xf: + case 0x10: + case 0x12: + case 0x14: + case 0x17: + case 0x18: + case 0x1f: + case 0x8000001d: + return true; + } + + return false; +} + +#endif /* _ASM_X86_CPUID_H */ diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index 739be5da3bca..9ef13775f29e 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c @@ -19,6 +19,7 @@ #include #include #include +#include #include "cpuid.h" #include "lapic.h" #include "mmu.h" @@ -608,22 +609,8 @@ static struct kvm_cpuid_entry2 *do_host_cpuid(struct kvm_cpuid_array *array, cpuid_count(entry->function, entry->index, &entry->eax, &entry->ebx, &entry->ecx, &entry->edx); - switch (function) { - case 4: - case 7: - case 0xb: - case 0xd: - case 0xf: - case 0x10: - case 0x12: - case 0x14: - case 0x17: - case 0x18: - case 0x1f: - case 0x8000001d: + if (cpuid_function_is_indexed(function)) entry->flags |= KVM_CPUID_FLAG_SIGNIFCANT_INDEX; - break; - } return entry; } From patchwork Fri Aug 20 15:19:21 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 500676 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 29B6AC4320E for ; Fri, 20 Aug 2021 15:21:53 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 16BE26124B for ; Fri, 20 Aug 2021 15:21:53 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241328AbhHTPWY (ORCPT ); Fri, 20 Aug 2021 11:22:24 -0400 Received: from mail-bn8nam12on2059.outbound.protection.outlook.com ([40.107.237.59]:18017 "EHLO NAM12-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S241261AbhHTPWH (ORCPT ); Fri, 20 Aug 2021 11:22:07 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=lKbL1wLKi/2pgqFPkz9Qf8KHO/gaIeKxaJDT526wVJH8DturzauuxgKAP/T42861872f8mCVVfhFsoZVWteaEbPuVn7JW1weIZ66mjsn6JoDMgOXY1NtGFYhKsAF6I8S6NyruX1FKkqzSfdsd7mhGFS7ApAq3Lt2vTZCSabqyOPCpTV2B/TWEaEKDVHP4o+SJ0SUY6xegCu/+omZSz5nN3vVL3G+Nu2/b4iaa9KA9CfAQT5zORaIvPV7V6KoJFCx1+ionl725HAeV5/NiW4mIWYcAvSyKpMDM0ooyskxHdQ9DsPD/Q1A2YebdY42zfpz136KmSYXQYu4f0f57kc5FQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=WWwwMrQlJ/Vyk+y8B9pRCEavc+7EKvWY7FPqoU8sMxQ=; b=TEfniRS/BYFI5hb1Mzv+7J+GJF8bzBzJnt28GOnTnNnG0r51JmpuHTb8PghyCEJyLpsSm4JCpis082ziljKlyGeozWKp+mTGPlFkXCV8AUzZUVn+RimDVnaG4hM0E87Iw5gpux+rGLLkcHQJgKCTb8I3jS989SaBG9YyyW3EtDbghmyQWZ4MAPDwcGyPKGkdyqpoB+VBx+mdMKo+f4A5BUsYKgfmeaBgBEpWaJmZjvP9+hhnLnbrIH1FyqiFKPC+V/+FHgCurPQZgkhv8n07eVuq4K8GWbz9DT5yf8ZRyMmcIzJ55RhsXxwW7VaOvGFfJnPaHapi8YCDxh2aTBqCWw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=WWwwMrQlJ/Vyk+y8B9pRCEavc+7EKvWY7FPqoU8sMxQ=; b=WqimFakgHduWY1XBZwqIDa1sZvQYTeq9hrfFs5BSc9zIdUGLk8JyeLLxjlcz8FHiAOLhFP78XOi+q28rBd9rGI+wE5nthsM/7Avo9oObnttw/+ki5dKVEIVj2Q5eZxbeDerwfuxG9aeHWdt58gVy/rGk8819Ibblk5Mz+YeUkRc= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SN6PR12MB2638.namprd12.prod.outlook.com (2603:10b6:805:6f::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19; Fri, 20 Aug 2021 15:21:21 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3%6]) with mapi id 15.20.4436.019; Fri, 20 Aug 2021 15:21:21 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , "Kirill A . Shutemov" , Andi Kleen , tony.luck@intel.com, marcorr@google.com, sathyanarayanan.kuppuswamy@linux.intel.com, Brijesh Singh Subject: [PATCH Part1 v5 26/38] x86/compressed/acpi: move EFI config table access to common code Date: Fri, 20 Aug 2021 10:19:21 -0500 Message-Id: <20210820151933.22401-27-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210820151933.22401-1-brijesh.singh@amd.com> References: <20210820151933.22401-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19 via Frontend Transport; Fri, 20 Aug 2021 15:21:20 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: b5a80506-7dce-4923-54f6-08d963ee2a31 X-MS-TrafficTypeDiagnostic: SN6PR12MB2638: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:2276; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: iScexd+yEx/SqOTtjnAwRbjcEAjfSuZWEFMc31ucswARheh+HiFcT23q+h2Y6sm0eFjca7cp3CukLLqMpmq2nYu0kkffXgzHfU9QtXHYiSt1NB/JIGXysrCG/AWRwBs9j8WMCtAGMMs3f05kajC1lZyG5vR0lGt2wEQ6qhDQZ+Zk18BtnET9qppHhXlQ7f1VRMnnMjq21HcjY0aNYvDfBT0CO7trKn2Em9/2M7q3NmAH24XYiKBvdKkIgP9okG4iKQfng0pUuOYJSwGFOMMv2IlJeWOq3R5SBQM6xdd0BUiajVnlQCZGrcVQ0uoKKUrWaJN+/3GM0f99WMDbeOScZp+fhkmyYM3RtfBWfrOWCn/7P01d/qLPZA5Ab/axuVVdb6UyZbOtG6snmhhUUZSR22BvVoKdkHIF0IYMAYvwov27X4L0is1u+suyfoS2qGRqF2B13YRmTQ5szvQt5qaSLMQfBVuDSlHgK2TT0FXv5bUxObeRFGBIwddOeGIn7DDVhOAZ2yKnPUBa0Bk8CLndjQrgG+gLy3YQA2t+R0XOBx31cdSb2QqkfEQYwrOb/2V2G5f/pmd4U30OiwkkaL+inCIVL0hpK0BtqEuALHnfEkendLkZaksHPdvvwZjDnPBxNB7ZJGqoWMFJdxRCsCwk8ytx2lxQbBCUpM16jaUmimdQUnFLLJxmVaCHvr1MPUc/9QkMysp0P4I/ZL82PSwcSA== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR12MB2718.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(136003)(396003)(39860400002)(346002)(376002)(366004)(8676002)(8936002)(86362001)(83380400001)(30864003)(316002)(54906003)(1076003)(478600001)(2616005)(44832011)(2906002)(4326008)(7406005)(956004)(66556008)(7416002)(66476007)(186003)(66946007)(26005)(5660300002)(36756003)(7696005)(52116002)(38100700002)(6486002)(38350700002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: 0c2KWNelLL7X5kPjBWbd6s0XXXlWyDkUn3vXV9gdsLp5Mkgfh1FnFlRcF0oL3MFF5pgkAtp2FAtp08V7qEr79zkYPbYDVGchXb42P83JoTOEyJK75mmaLoJVmFOj0RHXPVijAi1LlJhOXJO4mfAitIiUiSz+cn8410w2O03aixiZs29LR3IkOuDcgOJUJXjZ4TkNTFq40ExCp/CYvqETE+oF02BfQQ8JE6fmTgWVa46agWmaAsXD/3MGjvoxAuH3Gq1T1L/sUU9KldKBM0gjBWIm9lkRVe2Zm8bfHopSRKS5h3YnPVrhBOMA5Pd3Jrpm3P8hIcYp4ln1t4fl8wcSVtwHu+X/SPEGIqeJiaWtDlsEG+MbQG6TU91GpXP2u+mdmuojlTZW2sl5KSO7LIGRj39FusrZFsZPCcKGDv10jGgQajhZLC60nADuHfGYjc9DognkWC36eTJnP4Zvne51DXgep1IaXO2VJxI31qeY+wkBXrM1Z0srnWbpRICTbSV2qDN+HlZja5JK5dcL+75mpM+v6qLis59/+1HGHw3RYIFiVvYr66rNP9URLgcfD8TbV6Ww+WrernSzIrq+rYyxQl79bDacj9rxm5qFFGLUM3wmxbFLC6FmqumwErBimLUEf3V2xDCGs+qQGqz0eE90Zg1pUziqNbYRX+0BF+ccwDmW6sw3lFaF6WlbTGlhvXUkoL6cVHA9CUCmrgyWQoLnfe0/QNoE/M6u+wk6DGDrdOsxS1aQb6cwJJABYbNzSYRqpe2UquOaZgW2uORTc07Bc0PnnT/FTttTEtsaIcGBVEfRI9L6FuSn4bjt/mO/difAIUqai4IfmgfYI4echJNs2k0nnRbV8KSn6O7bBUuOqdYmIV+zuaJ0SUz2WICstp+6Cax56TNplFixNaE4Rm2BXihgZGHdLCiG47HxVPk7Y1SAeJZGF5xWmTV/Zwb2UqW5+jKWDu1mt75QrD1TaqU67RulzdTAL1TDn/uawfN3CvXnfho5XX8D8+iDIdJJphju4eRLIVBFjKG1BpzqtUoccoryqYmWN6iV7JntUmsGe9lDZK+Nd9rOD/jFcOtHGA2ODA7ZZGOBEUx5zzm8Oqq/r8IIT3I/h7/92QULi+Ee6o44hK5/yn+12Oer/Nuskbw0aN2rpTGQH5pYfmuDGEoo394SaumSc30lt8oo4Yrlk4b2WlZSzcNc16nloH0n4cWUAjEDUXRNAk9BWQNbxxCP5l6nzo6QLyucint/kv5yc6dxLfz1ll8tCNbB6GWIh0ri1PsKDjbUs5jQVyQuvVqkaUr+hZw8ZDye1wKXohyxQeCRfv3IiFbEwigeM3YrbDs0 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: b5a80506-7dce-4923-54f6-08d963ee2a31 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Aug 2021 15:21:21.3836 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: BkQtfYXIyIO6JkfPkE2Lzwy4uerOnpd9ID//oMDKlXZZM4L2uZDNj9p9UdwRuScqoe5HVP5KHufVNk38cFVG+w== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR12MB2638 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org From: Michael Roth Future patches for SEV-SNP-validated CPUID will also require early parsing of the EFI configuration. Move the related code into a set of helpers that can be re-used for that purpose. Signed-off-by: Michael Roth Signed-off-by: Brijesh Singh --- arch/x86/boot/compressed/Makefile | 1 + arch/x86/boot/compressed/acpi.c | 113 +++++-------------- arch/x86/boot/compressed/efi.c | 178 ++++++++++++++++++++++++++++++ arch/x86/boot/compressed/misc.h | 43 ++++++++ 4 files changed, 251 insertions(+), 84 deletions(-) create mode 100644 arch/x86/boot/compressed/efi.c diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile index 431bf7f846c3..d364192c2367 100644 --- a/arch/x86/boot/compressed/Makefile +++ b/arch/x86/boot/compressed/Makefile @@ -100,6 +100,7 @@ endif vmlinux-objs-$(CONFIG_ACPI) += $(obj)/acpi.o vmlinux-objs-$(CONFIG_EFI_MIXED) += $(obj)/efi_thunk_$(BITS).o +vmlinux-objs-$(CONFIG_EFI) += $(obj)/efi.o efi-obj-$(CONFIG_EFI_STUB) = $(objtree)/drivers/firmware/efi/libstub/lib.a $(obj)/vmlinux: $(vmlinux-objs-y) $(efi-obj-y) FORCE diff --git a/arch/x86/boot/compressed/acpi.c b/arch/x86/boot/compressed/acpi.c index 8bcbcee54aa1..3a3f997d7210 100644 --- a/arch/x86/boot/compressed/acpi.c +++ b/arch/x86/boot/compressed/acpi.c @@ -25,41 +25,22 @@ struct mem_vector immovable_mem[MAX_NUMNODES*2]; * ACPI_TABLE_GUID are found, take the former, which has more features. */ static acpi_physical_address -__efi_get_rsdp_addr(unsigned long config_tables, unsigned int nr_tables, - bool efi_64) +__efi_get_rsdp_addr(unsigned long config_table_pa, + unsigned int config_table_len, bool efi_64) { acpi_physical_address rsdp_addr = 0; - #ifdef CONFIG_EFI - int i; - - /* Get EFI tables from systab. */ - for (i = 0; i < nr_tables; i++) { - acpi_physical_address table; - efi_guid_t guid; - - if (efi_64) { - efi_config_table_64_t *tbl = (efi_config_table_64_t *)config_tables + i; - - guid = tbl->guid; - table = tbl->table; - - if (!IS_ENABLED(CONFIG_X86_64) && table >> 32) { - debug_putstr("Error getting RSDP address: EFI config table located above 4GB.\n"); - return 0; - } - } else { - efi_config_table_32_t *tbl = (efi_config_table_32_t *)config_tables + i; - - guid = tbl->guid; - table = tbl->table; - } + int ret; - if (!(efi_guidcmp(guid, ACPI_TABLE_GUID))) - rsdp_addr = table; - else if (!(efi_guidcmp(guid, ACPI_20_TABLE_GUID))) - return table; - } + ret = efi_find_vendor_table(config_table_pa, config_table_len, + ACPI_20_TABLE_GUID, efi_64, + (unsigned long *)&rsdp_addr); + if (ret == -ENOENT) + ret = efi_find_vendor_table(config_table_pa, config_table_len, + ACPI_TABLE_GUID, efi_64, + (unsigned long *)&rsdp_addr); + if (ret) + debug_putstr("Error getting RSDP address.\n"); #endif return rsdp_addr; } @@ -87,7 +68,9 @@ static acpi_physical_address kexec_get_rsdp_addr(void) efi_system_table_64_t *systab; struct efi_setup_data *esd; struct efi_info *ei; + bool efi_64; char *sig; + int ret; esd = (struct efi_setup_data *)get_kexec_setup_data_addr(); if (!esd) @@ -98,18 +81,16 @@ static acpi_physical_address kexec_get_rsdp_addr(void) return 0; } - ei = &boot_params->efi_info; - sig = (char *)&ei->efi_loader_signature; - if (strncmp(sig, EFI64_LOADER_SIGNATURE, 4)) { + /* Get systab from boot params. */ + ret = efi_get_system_table(boot_params, (unsigned long *)&systab, &efi_64); + if (ret) + error("EFI system table not found in kexec boot_params."); + + if (!efi_64) { debug_putstr("Wrong kexec EFI loader signature.\n"); return 0; } - /* Get systab from boot params. */ - systab = (efi_system_table_64_t *) (ei->efi_systab | ((__u64)ei->efi_systab_hi << 32)); - if (!systab) - error("EFI system table not found in kexec boot_params."); - return __efi_get_rsdp_addr((unsigned long)esd->tables, systab->nr_tables, true); } #else @@ -119,54 +100,18 @@ static acpi_physical_address kexec_get_rsdp_addr(void) { return 0; } static acpi_physical_address efi_get_rsdp_addr(void) { #ifdef CONFIG_EFI - unsigned long systab, config_tables; - unsigned int nr_tables; - struct efi_info *ei; + unsigned long config_table_pa = 0; + unsigned int config_table_len; bool efi_64; - char *sig; - - ei = &boot_params->efi_info; - sig = (char *)&ei->efi_loader_signature; - - if (!strncmp(sig, EFI64_LOADER_SIGNATURE, 4)) { - efi_64 = true; - } else if (!strncmp(sig, EFI32_LOADER_SIGNATURE, 4)) { - efi_64 = false; - } else { - debug_putstr("Wrong EFI loader signature.\n"); - return 0; - } - - /* Get systab from boot params. */ -#ifdef CONFIG_X86_64 - systab = ei->efi_systab | ((__u64)ei->efi_systab_hi << 32); -#else - if (ei->efi_systab_hi || ei->efi_memmap_hi) { - debug_putstr("Error getting RSDP address: EFI system table located above 4GB.\n"); - return 0; - } - systab = ei->efi_systab; -#endif - if (!systab) - error("EFI system table not found."); - - /* Handle EFI bitness properly */ - if (efi_64) { - efi_system_table_64_t *stbl = (efi_system_table_64_t *)systab; - - config_tables = stbl->tables; - nr_tables = stbl->nr_tables; - } else { - efi_system_table_32_t *stbl = (efi_system_table_32_t *)systab; - - config_tables = stbl->tables; - nr_tables = stbl->nr_tables; - } + int ret; - if (!config_tables) - error("EFI config tables not found."); + ret = efi_get_conf_table(boot_params, &config_table_pa, + &config_table_len, &efi_64); + if (ret || !config_table_pa) + error("EFI config table not found."); - return __efi_get_rsdp_addr(config_tables, nr_tables, efi_64); + return __efi_get_rsdp_addr(config_table_pa, config_table_len, + efi_64); #else return 0; #endif diff --git a/arch/x86/boot/compressed/efi.c b/arch/x86/boot/compressed/efi.c new file mode 100644 index 000000000000..16ff5cb9a1fb --- /dev/null +++ b/arch/x86/boot/compressed/efi.c @@ -0,0 +1,178 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Helpers for early access to EFI configuration table + * + * Copyright (C) 2021 Advanced Micro Devices, Inc. + * + * Author: Michael Roth + */ + +#include "misc.h" +#include +#include + +/* Get vendor table address/guid from EFI config table at the given index */ +static int get_vendor_table(void *conf_table, unsigned int idx, + unsigned long *vendor_table_pa, + efi_guid_t *vendor_table_guid, + bool efi_64) +{ + if (efi_64) { + efi_config_table_64_t *table_entry = + (efi_config_table_64_t *)conf_table + idx; + + if (!IS_ENABLED(CONFIG_X86_64) && + table_entry->table >> 32) { + debug_putstr("Error: EFI config table entry located above 4GB.\n"); + return -EINVAL; + } + + *vendor_table_pa = table_entry->table; + *vendor_table_guid = table_entry->guid; + + } else { + efi_config_table_32_t *table_entry = + (efi_config_table_32_t *)conf_table + idx; + + *vendor_table_pa = table_entry->table; + *vendor_table_guid = table_entry->guid; + } + + return 0; +} + +/** + * Given EFI config table, search it for the physical address of the vendor + * table associated with GUID. + * + * @conf_table: pointer to EFI configuration table + * @conf_table_len: number of entries in EFI configuration table + * @guid: GUID of vendor table + * @efi_64: true if using 64-bit EFI + * @vendor_table_pa: location to store physical address of vendor table + * + * Returns 0 on success. On error, return params are left unchanged. + */ +int +efi_find_vendor_table(unsigned long conf_table_pa, unsigned int conf_table_len, + efi_guid_t guid, bool efi_64, + unsigned long *vendor_table_pa) +{ + unsigned int i; + + for (i = 0; i < conf_table_len; i++) { + unsigned long vendor_table_pa_tmp; + efi_guid_t vendor_table_guid; + int ret; + + if (get_vendor_table((void *)conf_table_pa, i, + &vendor_table_pa_tmp, + &vendor_table_guid, efi_64)) + return -EINVAL; + + if (!efi_guidcmp(guid, vendor_table_guid)) { + *vendor_table_pa = vendor_table_pa_tmp; + return 0; + } + } + + return -ENOENT; +} + +/** + * Given boot_params, retrieve the physical address of EFI system table. + * + * @boot_params: pointer to boot_params + * @sys_table_pa: location to store physical address of system table + * @is_efi_64: location to store whether using 64-bit EFI or not + * + * Returns 0 on success. On error, return params are left unchanged. + */ +int +efi_get_system_table(struct boot_params *boot_params, + unsigned long *sys_table_pa, bool *is_efi_64) +{ + unsigned long sys_table; + struct efi_info *ei; + bool efi_64; + char *sig; + + if (!sys_table_pa || !is_efi_64) + return -EINVAL; + + ei = &boot_params->efi_info; + sig = (char *)&ei->efi_loader_signature; + + if (!strncmp(sig, EFI64_LOADER_SIGNATURE, 4)) { + efi_64 = true; + } else if (!strncmp(sig, EFI32_LOADER_SIGNATURE, 4)) { + efi_64 = false; + } else { + debug_putstr("Wrong EFI loader signature.\n"); + return -ENOENT; + } + + /* Get systab from boot params. */ +#ifdef CONFIG_X86_64 + sys_table = ei->efi_systab | ((__u64)ei->efi_systab_hi << 32); +#else + if (ei->efi_systab_hi || ei->efi_memmap_hi) { + debug_putstr("Error: EFI system table located above 4GB.\n"); + return -EINVAL; + } + sys_table = ei->efi_systab; +#endif + if (!sys_table) { + debug_putstr("EFI system table not found."); + return -ENOENT; + } + + *sys_table_pa = sys_table; + *is_efi_64 = efi_64; + return 0; +} + +/** + * Given boot_params, locate EFI system table from it and return the physical + * address EFI configuration table. + * + * @boot_params: pointer to boot_params + * @conf_table_pa: location to store physical address of config table + * @conf_table_len: location to store number of config table entries + * @is_efi_64: location to store whether using 64-bit EFI or not + * + * Returns 0 on success. On error, return params are left unchanged. + */ +int +efi_get_conf_table(struct boot_params *boot_params, + unsigned long *conf_table_pa, + unsigned int *conf_table_len, + bool *is_efi_64) +{ + unsigned long sys_table_pa = 0; + int ret; + + if (!conf_table_pa || !conf_table_len || !is_efi_64) + return -EINVAL; + + ret = efi_get_system_table(boot_params, &sys_table_pa, is_efi_64); + if (ret) + return ret; + + /* Handle EFI bitness properly */ + if (*is_efi_64) { + efi_system_table_64_t *stbl = + (efi_system_table_64_t *)sys_table_pa; + + *conf_table_pa = stbl->tables; + *conf_table_len = stbl->nr_tables; + } else { + efi_system_table_32_t *stbl = + (efi_system_table_32_t *)sys_table_pa; + + *conf_table_pa = stbl->tables; + *conf_table_len = stbl->nr_tables; + } + + return 0; +} diff --git a/arch/x86/boot/compressed/misc.h b/arch/x86/boot/compressed/misc.h index 822e0c254b9a..16b092fd7aa1 100644 --- a/arch/x86/boot/compressed/misc.h +++ b/arch/x86/boot/compressed/misc.h @@ -21,6 +21,7 @@ #include #include #include +#include #include #include #include @@ -174,4 +175,46 @@ void boot_stage2_vc(void); unsigned long sev_verify_cbit(unsigned long cr3); +#ifdef CONFIG_EFI +/* helpers for early EFI config table access */ +int +efi_find_vendor_table(unsigned long conf_table_pa, unsigned int conf_table_len, + efi_guid_t guid, bool efi_64, + unsigned long *vendor_table_pa); + +int efi_get_system_table(struct boot_params *boot_params, + unsigned long *sys_table_pa, + bool *is_efi_64); + +int efi_get_conf_table(struct boot_params *boot_params, + unsigned long *conf_table_pa, + unsigned int *conf_table_len, + bool *is_efi_64); +#else +static inline int +efi_find_vendor_table(unsigned long conf_table_pa, unsigned int conf_table_len, + efi_guid_t guid, bool efi_64, + unsigned long *vendor_table_pa) +{ + return -ENOENT; +} + +static inline int +efi_get_system_table(struct boot_params *boot_params, + unsigned long *sys_table_pa, + bool *is_efi_64) +{ + return -ENOENT; +} + +static inline int +efi_get_conf_table(struct boot_params *boot_params, + unsigned long *conf_table_pa, + unsigned int *conf_table_len, + bool *is_efi_64) +{ + return -ENOENT; +} +#endif /* CONFIG_EFI */ + #endif /* BOOT_COMPRESSED_MISC_H */ From patchwork Fri Aug 20 15:19:23 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 500670 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 44B8AC4338F for ; Fri, 20 Aug 2021 15:23:10 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 271326124A for ; Fri, 20 Aug 2021 15:23:10 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241441AbhHTPXr (ORCPT ); Fri, 20 Aug 2021 11:23:47 -0400 Received: from mail-bn8nam12on2079.outbound.protection.outlook.com ([40.107.237.79]:51265 "EHLO NAM12-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S241452AbhHTPWw (ORCPT ); Fri, 20 Aug 2021 11:22:52 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=g1SasmJZfn0xNDu7KWKcjzQF4qUXYm/4bomCZXDIEUBqNZOOL41KbTLXubBhYlxNnILk3O+sCAvjrLpzVY5zzPEy1oTghno/KEYtCZEL7mDf2QpG9YDFZ8ueMNgvVjbNdf2W+U24MB/3+wrqrKXYo/Pabs3KENuJX3ulRqTK+Ltlg4TR37XY8U/qUBFwIiCgSp7y0wrvzC6HzoRcnwc7Q0pTrrdgl9ia2k2GwLUUqUA3EKzkqtxsNH9DhkCEHUc6mGyJFbm9+LIqH2fI7EEof8pIZORFFwxJhBYgK+XjcJjgJ07FjkftqriZIGCNk5YOTD5xgZq0tBnqJcLsihS1/A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1biS2P4q7Nu3PZQH9xz0Npb2/yW0YdUtAbzcXh6MTYA=; b=ccwi61jrSdwX4IwC3lCo9a6+DUdJfI1Blv8XN11Tl+ApOBNkyUDP7sr7zmQpuGv7rbamoDjJFxZV/2rauGrjK1PPGdarM1XlVmokTdlBlm7g2GWhiMywYUJfuWgZmqwLQICzV27lmUguOdCEr86uVypIx4xHpKzNBHfAZ9pUP8VHeJf6FDXhV8uW78JZM8xHbPcJ9KM3QZ2bpotVh9R4Tfkhu4tioNuzRrc3olxz/dN5fghaISm/b/SqH1YbH/MF11ganHPOTiBQPt5+blZtodapeqEsgGHoOK6dx1YubfQUR0C8U4aYs/Q3BqIfCQYbhPuCsi0Xp+kPcNt2B7NtRg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1biS2P4q7Nu3PZQH9xz0Npb2/yW0YdUtAbzcXh6MTYA=; b=m4tyzTKmmhuX8Fc6Tks6snQhPG9e3D6x1lZXYraZfvhsbw2z5MyLN0OUTk1++xnY2mRZ8NiMeLZGcD8pK9CnO6QTvLOTUaF9J0YpIVldHzyQQg5ifQ+3pMAVRAsqh9R2eYUPEsUNsk06bQQga378gcK5/7Vk+9nph1riFr+TFHc= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SN6PR12MB2638.namprd12.prod.outlook.com (2603:10b6:805:6f::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19; Fri, 20 Aug 2021 15:21:25 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3%6]) with mapi id 15.20.4436.019; Fri, 20 Aug 2021 15:21:23 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , "Kirill A . Shutemov" , Andi Kleen , tony.luck@intel.com, marcorr@google.com, sathyanarayanan.kuppuswamy@linux.intel.com, Brijesh Singh Subject: [PATCH Part1 v5 28/38] x86/compressed/64: enable SEV-SNP-validated CPUID in #VC handler Date: Fri, 20 Aug 2021 10:19:23 -0500 Message-Id: <20210820151933.22401-29-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210820151933.22401-1-brijesh.singh@amd.com> References: <20210820151933.22401-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19 via Frontend Transport; Fri, 20 Aug 2021 15:21:22 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: b7e71279-31da-494b-464a-08d963ee2bb7 X-MS-TrafficTypeDiagnostic: SN6PR12MB2638: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:1332; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: hjVggq7yyY13zd8tbM4aKzh2NMF+/LAJSjxnrjdD3OnUnO8SOcNTPlXuLNTu+8z0Z9WUT+WUxljemh/9fBEPDS9t8cVAkcr1ifk8JHSyUqbN+82Tv0nYj6TadXTTU1Y5OFXx4osgMDN7JUXHmOWuF108qk8wmg5bwXlIrwVVB0EsPR9n+V0AeqSL8ID+fmsYXfc++IIFITdF07iy+qg2hq5vCijlSTmMZvl32tan8cbihh1N+gKICBgSFr16u11jVEVBjdpXbSeK9fqZg16WZg88ctiO28JBuffkru3la99cmzQS5ijLZjgCgyfbIuwultElRwg158hiPXKvIGexHoPyO2ofCgx43MAzRTeQdLaF0rjoLzmhL5EGRI2XZzFKbzdeD2lAOYDA7dXZ/U/s1b3wPdmpb2q9ZwWerAGnvtN7/lgk0eAJth2sKCka6+N1wcVhIYawM4oksSyv5OeEY7iPQPbqus6Knwi+Ql/mZUJFFT61CWCDzuWN2RhmVgjl4YGC+0Q7N5LODiBCUpgiWoJgfxpBkxul2KW9PiGREKqqtHlNFFSyi3T8Zao72rIBSQwQMPxf07QNLNDsGp8VtS46LXwkgWztqlwh6olT7N3w1kCwop9jSCePueGs3szJR8iPRKdIVT65jmamw+q5Ma6jNoJsfbyJTAaefC9QqfOdGPjyDglh8Y2cuqj7o/pmzkYPKUBB73+85I/9SgMLBA== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR12MB2718.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(136003)(396003)(39860400002)(346002)(376002)(366004)(8676002)(8936002)(86362001)(83380400001)(30864003)(316002)(54906003)(1076003)(15650500001)(478600001)(2616005)(44832011)(2906002)(4326008)(7406005)(956004)(66556008)(7416002)(66476007)(186003)(66946007)(26005)(5660300002)(36756003)(7696005)(52116002)(38100700002)(6486002)(38350700002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: YS7tVZQRYAhUeuDpkZh3m6fYlcM0K3SIwwBTI+3oPoo5u6/pIvtrsh6CX7rfjx+HCAs5JpwiR84wKa7/esRBf2BeuKviaCnVC/BmiQb7gu6aYAl0bztajCkYuIDqggHQ6kpUjxr4aSmGCLWGCQUkca8GLMLYhBfBILHJ6FwKaIVshf9/bjklJBMUgkko3/6yido6a3Vxe2asSuGh00JPkGZs87SV5iFlo4GwEAcouL6YA7rx2//6Tj8Wcg6VYOuSxhLYcY8q3jfkJZAMSWVy4cA1ZxNHw2jgR+wA1dsoKOadbDqr79V3RkDZqFt8cqqgY+zzamS1cSwA/mWl7RbyU6A+EMy5NmWAqXt+q3E1MPeyP2NNYd7jbMrr8P32eQCAe+JqSYgHZZfZLokc8GxD6DoF5M+6/2PCIkb5SMcb6Ig8hbeju/8x4PwUFQny5V6QX7D8S8uezFUZUEFVccSHruLqGnq/MKg6GeyfTtNlAMJ+AClRH0gZ6aWx8FtN86ZtzCC5STkXdLvVC78d4V6yLRnzBksHe00ktR/MCwqIgB58YXv6/ANmgmPzhqO6A15QL2HGK1A/d+ML8owA7MjsruSkF6tIsi0/GKsMuxFY86vaNV4M/brNnupSMdTxPMpa7LZi5KOK/ywL2Zeyc7V239kWIEMtOt2phlyXRI/wR58mZFN+TaIZrEj7PpMtTwd3RpevrHAmZeGQbhsVwpQt+6xsO6GVybcAliQmbkUz7/8xwmIMxt/FzRFKufFNle9zbLpgweRoIEM2jXv8PKrCv8EuxbVqsNrZYrtx+y3m0BCo0+RD4Day1RlAQEHZs4QIN7koSQXFroSZEKJFzkP/7xVgt1AJVrNly4NHCv7sqGo4ZZyeI8y48P09GNtZPnPqeFEAEz3+P+gm+kfo3uXNjlWZSQfrviulOWci6LyENWqoEr0Vy5YbMTgFlfKnpk7dZ8cXlP9/4sS/rmPrVkAzN3Aufrwmf0zGi+Xrk7iGX9NnMmlYPEEYGQH4wtH2eZKm0/Wqaud8QM9kItFoP5SUdrpTr37of18cExZuU2q1Hqkm3AYfjrEoCW/nmDHI/uLW7kcuTmhuIL32bEd1thKchTE07nPDgrrcpI0RyZuV/bhY92N3aXKP6Y40bl9Xup1yEFtDjAWVWPY6UYITaCEPKkpzTF9cgiDJze1Sl5NbXNQs2lzs01Qka3dZgMTIdV4Ugs4ImvG8zHGtupRLCbIEzbdwfqEGzQJM2ywcw8xOYryIdxWfpmO1+uwdHycEHf0EOSQIfCSvVKu0n2vqtgHoFbhcixagrUdURDJ+vl6zmmG6izp0BU5An0/z6Bpy2wUL X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: b7e71279-31da-494b-464a-08d963ee2bb7 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Aug 2021 15:21:23.8522 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 3/77zIO8alTG4vWRQradJgNPimUSESyc/zSRW3fs/sQ9aAgJcP2upozjVYrFmgLiBCoD4w0PSv2qnPgCoGKofg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR12MB2638 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org From: Michael Roth CPUID instructions generate a #VC exception for SEV-ES/SEV-SNP guests, for which early handlers are currently set up to handle. In the case of SEV-SNP, guests can use a special location in guest memory address space that has been pre-populated with firmware-validated CPUID information to look up the relevant CPUID values rather than requesting them from hypervisor via a VMGEXIT. Determine the location of the CPUID memory address in advance of any CPUID instructions/exceptions and, when available, use it to handle the CPUID lookup. Signed-off-by: Michael Roth Signed-off-by: Brijesh Singh --- arch/x86/boot/compressed/efi.c | 1 + arch/x86/boot/compressed/head_64.S | 1 + arch/x86/boot/compressed/idt_64.c | 7 +- arch/x86/boot/compressed/misc.h | 1 + arch/x86/boot/compressed/sev.c | 3 + arch/x86/include/asm/sev-common.h | 2 + arch/x86/include/asm/sev.h | 3 + arch/x86/kernel/sev-shared.c | 374 +++++++++++++++++++++++++++++ arch/x86/kernel/sev.c | 4 + 9 files changed, 394 insertions(+), 2 deletions(-) diff --git a/arch/x86/boot/compressed/efi.c b/arch/x86/boot/compressed/efi.c index 16ff5cb9a1fb..a1529a230ea7 100644 --- a/arch/x86/boot/compressed/efi.c +++ b/arch/x86/boot/compressed/efi.c @@ -176,3 +176,4 @@ efi_get_conf_table(struct boot_params *boot_params, return 0; } + diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S index a2347ded77ea..1c1658693fc9 100644 --- a/arch/x86/boot/compressed/head_64.S +++ b/arch/x86/boot/compressed/head_64.S @@ -441,6 +441,7 @@ SYM_CODE_START(startup_64) .Lon_kernel_cs: pushq %rsi + movq %rsi, %rdi /* real mode address */ call load_stage1_idt popq %rsi diff --git a/arch/x86/boot/compressed/idt_64.c b/arch/x86/boot/compressed/idt_64.c index 9b93567d663a..1f6511a6625d 100644 --- a/arch/x86/boot/compressed/idt_64.c +++ b/arch/x86/boot/compressed/idt_64.c @@ -3,6 +3,7 @@ #include #include #include "misc.h" +#include static void set_idt_entry(int vector, void (*handler)(void)) { @@ -28,13 +29,15 @@ static void load_boot_idt(const struct desc_ptr *dtr) } /* Setup IDT before kernel jumping to .Lrelocated */ -void load_stage1_idt(void) +void load_stage1_idt(void *rmode) { boot_idt_desc.address = (unsigned long)boot_idt; - if (IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT)) + if (IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT)) { + sev_snp_cpuid_init(rmode); set_idt_entry(X86_TRAP_VC, boot_stage1_vc); + } load_boot_idt(&boot_idt_desc); } diff --git a/arch/x86/boot/compressed/misc.h b/arch/x86/boot/compressed/misc.h index 16b092fd7aa1..cdd328aa42c2 100644 --- a/arch/x86/boot/compressed/misc.h +++ b/arch/x86/boot/compressed/misc.h @@ -190,6 +190,7 @@ int efi_get_conf_table(struct boot_params *boot_params, unsigned long *conf_table_pa, unsigned int *conf_table_len, bool *is_efi_64); + #else static inline int efi_find_vendor_table(unsigned long conf_table_pa, unsigned int conf_table_len, diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c index 6e8d97c280aa..910bf5cf010e 100644 --- a/arch/x86/boot/compressed/sev.c +++ b/arch/x86/boot/compressed/sev.c @@ -20,6 +20,9 @@ #include #include #include +#include +#include +#include #include "error.h" diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index 072540dfb129..5f134c172dbf 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -148,6 +148,8 @@ struct snp_psc_desc { #define GHCB_TERM_PSC 1 /* Page State Change failure */ #define GHCB_TERM_PVALIDATE 2 /* Pvalidate failure */ #define GHCB_TERM_NOT_VMPL0 3 /* SNP guest is not running at VMPL-0 */ +#define GHCB_TERM_CPUID 4 /* CPUID-validation failure */ +#define GHCB_TERM_CPUID_HV 5 /* CPUID failure during hypervisor fallback */ #define GHCB_RESP_CODE(v) ((v) & GHCB_MSR_INFO_MASK) diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 534fa1c4c881..c73931548346 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -11,6 +11,7 @@ #include #include #include +#include #define GHCB_PROTOCOL_MIN 1ULL #define GHCB_PROTOCOL_MAX 2ULL @@ -126,6 +127,7 @@ void __init snp_prep_memory(unsigned long paddr, unsigned int sz, enum psc_op op void snp_set_memory_shared(unsigned long vaddr, unsigned int npages); void snp_set_memory_private(unsigned long vaddr, unsigned int npages); void snp_set_wakeup_secondary_cpu(void); +void sev_snp_cpuid_init(struct boot_params *bp); #else static inline void sev_es_ist_enter(struct pt_regs *regs) { } static inline void sev_es_ist_exit(void) { } @@ -141,6 +143,7 @@ static inline void __init snp_prep_memory(unsigned long paddr, unsigned int sz, static inline void snp_set_memory_shared(unsigned long vaddr, unsigned int npages) { } static inline void snp_set_memory_private(unsigned long vaddr, unsigned int npages) { } static inline void snp_set_wakeup_secondary_cpu(void) { } +static inline void sev_snp_cpuid_init(struct boot_params *bp) { } #endif #endif diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c index ae4556925485..651980ddbd65 100644 --- a/arch/x86/kernel/sev-shared.c +++ b/arch/x86/kernel/sev-shared.c @@ -14,6 +14,25 @@ #define has_cpuflag(f) boot_cpu_has(f) #endif +struct sev_snp_cpuid_fn { + u32 eax_in; + u32 ecx_in; + u64 unused; + u64 unused2; + u32 eax; + u32 ebx; + u32 ecx; + u32 edx; + u64 reserved; +} __packed; + +struct sev_snp_cpuid_info { + u32 count; + u32 reserved1; + u64 reserved2; + struct sev_snp_cpuid_fn fn[0]; +} __packed; + /* * Since feature negotiation related variables are set early in the boot * process they must reside in the .data section so as not to be zeroed @@ -26,6 +45,15 @@ static u16 __ro_after_init ghcb_version; /* Bitmap of SEV features supported by the hypervisor */ u64 __ro_after_init sev_hv_features = 0; +/* + * These are also stored in .data section to avoid the need to re-parse + * boot_params and re-determine CPUID memory range when .bss is cleared. + */ +static int sev_snp_cpuid_enabled __section(".data"); +static unsigned long sev_snp_cpuid_pa __section(".data"); +static unsigned long sev_snp_cpuid_sz __section(".data"); +static const struct sev_snp_cpuid_info *cpuid_info __section(".data"); + static bool __init sev_es_check_cpu_features(void) { if (!has_cpuflag(X86_FEATURE_RDRAND)) { @@ -236,6 +264,219 @@ static int sev_cpuid_hv(u32 func, u32 subfunc, u32 *eax, u32 *ebx, return 0; } +static bool sev_snp_cpuid_active(void) +{ + return sev_snp_cpuid_enabled; +} + +static int sev_snp_cpuid_xsave_size(u64 xfeatures_en, u32 base_size, + u32 *xsave_size, bool compacted) +{ + u64 xfeatures_found = 0; + int i; + + *xsave_size = base_size; + + for (i = 0; i < cpuid_info->count; i++) { + const struct sev_snp_cpuid_fn *fn = &cpuid_info->fn[i]; + + if (!(fn->eax_in == 0xd && fn->ecx_in > 1 && fn->ecx_in < 64)) + continue; + if (!(xfeatures_en & (1UL << fn->ecx_in))) + continue; + if (xfeatures_found & (1UL << fn->ecx_in)) + continue; + + xfeatures_found |= (1UL << fn->ecx_in); + if (compacted) + *xsave_size += fn->eax; + else + *xsave_size = max(*xsave_size, fn->eax + fn->ebx); + } + + /* + * Either the guest set unsupported XCR0/XSS bits, or the corresponding + * entries in the CPUID table were not present. This is not a valid + * state to be in. + */ + if (xfeatures_found != (xfeatures_en & ~3ULL)) + return -EINVAL; + + return 0; +} + +static void sev_snp_cpuid_hv(u32 func, u32 subfunc, u32 *eax, u32 *ebx, + u32 *ecx, u32 *edx) +{ + /* + * Currently MSR protocol is sufficient to handle fallback cases, but + * should that change make sure we terminate rather than grabbing random + * values. Handling can be added in future to use GHCB-page protocol for + * cases that occur late enough in boot that GHCB page is available + */ + if (cpuid_function_is_indexed(func) && subfunc != 0) + sev_es_terminate(1, GHCB_TERM_CPUID_HV); + + if (sev_cpuid_hv(func, 0, eax, ebx, ecx, edx)) + sev_es_terminate(1, GHCB_TERM_CPUID_HV); +} + +static bool sev_snp_cpuid_find(u32 func, u32 subfunc, u32 *eax, u32 *ebx, + u32 *ecx, u32 *edx) +{ + int i; + bool found = false; + + for (i = 0; i < cpuid_info->count; i++) { + const struct sev_snp_cpuid_fn *fn = &cpuid_info->fn[i]; + + if (fn->eax_in != func) + continue; + + if (cpuid_function_is_indexed(func) && fn->ecx_in != subfunc) + continue; + + *eax = fn->eax; + *ebx = fn->ebx; + *ecx = fn->ecx; + *edx = fn->edx; + found = true; + + break; + } + + return found; +} + +static bool sev_snp_cpuid_in_range(u32 func) +{ + int i; + u32 std_range_min = 0; + u32 std_range_max = 0; + u32 hyp_range_min = 0x40000000; + u32 hyp_range_max = 0; + u32 ext_range_min = 0x80000000; + u32 ext_range_max = 0; + + for (i = 0; i < cpuid_info->count; i++) { + const struct sev_snp_cpuid_fn *fn = &cpuid_info->fn[i]; + + if (fn->eax_in == std_range_min) + std_range_max = fn->eax; + else if (fn->eax_in == hyp_range_min) + hyp_range_max = fn->eax; + else if (fn->eax_in == ext_range_min) + ext_range_max = fn->eax; + } + + if ((func >= std_range_min && func <= std_range_max) || + (func >= hyp_range_min && func <= hyp_range_max) || + (func >= ext_range_min && func <= ext_range_max)) + return true; + + return false; +} + +/* + * Returns -EOPNOTSUPP if feature not enabled. Any other return value should be + * treated as fatal by caller since we cannot fall back to hypervisor to fetch + * the values for security reasons (outside of the specific cases handled here) + */ +static int sev_snp_cpuid(u32 func, u32 subfunc, u32 *eax, u32 *ebx, u32 *ecx, + u32 *edx) +{ + if (!sev_snp_cpuid_active()) + return -EOPNOTSUPP; + + if (!cpuid_info) + return -EIO; + + if (!sev_snp_cpuid_find(func, subfunc, eax, ebx, ecx, edx)) { + /* + * Some hypervisors will avoid keeping track of CPUID entries + * where all values are zero, since they can be handled the + * same as out-of-range values (all-zero). In our case, we want + * to be able to distinguish between out-of-range entries and + * in-range zero entries, since the CPUID table entries are + * only a template that may need to be augmented with + * additional values for things like CPU-specific information. + * So if it's not in the table, but is still in the valid + * range, proceed with the fix-ups below. Otherwise, just return + * zeros. + */ + *eax = *ebx = *ecx = *edx = 0; + if (!sev_snp_cpuid_in_range(func)) + goto out; + } + + if (func == 0x1) { + u32 ebx2, edx2; + + sev_snp_cpuid_hv(func, subfunc, NULL, &ebx2, NULL, &edx2); + /* initial APIC ID */ + *ebx = (*ebx & 0x00FFFFFF) | (ebx2 & 0xFF000000); + /* APIC enabled bit */ + *edx = (*edx & ~BIT_ULL(9)) | (edx2 & BIT_ULL(9)); + + /* OSXSAVE enabled bit */ + if (native_read_cr4() & X86_CR4_OSXSAVE) + *ecx |= BIT_ULL(27); + } else if (func == 0x7) { + /* OSPKE enabled bit */ + *ecx &= ~BIT_ULL(4); + if (native_read_cr4() & X86_CR4_PKE) + *ecx |= BIT_ULL(4); + } else if (func == 0xB) { + /* extended APIC ID */ + sev_snp_cpuid_hv(func, 0, NULL, NULL, NULL, edx); + } else if (func == 0xd && (subfunc == 0x0 || subfunc == 0x1)) { + bool compacted = false; + u64 xcr0 = 1, xss = 0; + u32 xsave_size; + + if (native_read_cr4() & X86_CR4_OSXSAVE) + xcr0 = xgetbv(XCR_XFEATURE_ENABLED_MASK); + if (subfunc == 1) { + /* boot/compressed doesn't set XSS so 0 is fine there */ +#ifndef __BOOT_COMPRESSED + if (*eax & 0x8) /* XSAVES */ + if (boot_cpu_has(X86_FEATURE_XSAVES)) + rdmsrl(MSR_IA32_XSS, xss); +#endif + /* + * The PPR and APM aren't clear on what size should be + * encoded in 0xD:0x1:EBX when compaction is not enabled + * by either XSAVEC or XSAVES since SNP-capable hardware + * has the entries fixed as 1. KVM sets it to 0 in this + * case, but to avoid this becoming an issue it's safer + * to simply treat this as unsupported or SNP guests. + */ + if (!(*eax & 0xA)) /* (XSAVEC|XSAVES) */ + return -EINVAL; + + compacted = true; + } + + if (sev_snp_cpuid_xsave_size(xcr0 | xss, *ebx, &xsave_size, + compacted)) + return -EINVAL; + + *ebx = xsave_size; + } else if (func == 0x8000001E) { + u32 ebx2, ecx2; + + /* extended APIC ID */ + sev_snp_cpuid_hv(func, subfunc, eax, &ebx2, &ecx2, NULL); + /* compute ID */ + *ebx = (*ebx & 0xFFFFFFF00) | (ebx2 & 0x000000FF); + /* node ID */ + *ecx = (*ecx & 0xFFFFFFF00) | (ecx2 & 0x000000FF); + } + +out: + return 0; +} + /* * Boot VC Handler - This is the first VC handler during boot, there is no GHCB * page yet, so it only supports the MSR based communication with the @@ -244,15 +485,25 @@ static int sev_cpuid_hv(u32 func, u32 subfunc, u32 *eax, u32 *ebx, void __init do_vc_no_ghcb(struct pt_regs *regs, unsigned long exit_code) { unsigned int fn = lower_bits(regs->ax, 32); + unsigned int subfn = lower_bits(regs->cx, 32); u32 eax, ebx, ecx, edx; + int ret; /* Only CPUID is supported via MSR protocol */ if (exit_code != SVM_EXIT_CPUID) goto fail; + ret = sev_snp_cpuid(fn, subfn, &eax, &ebx, &ecx, &edx); + if (ret == 0) + goto out; + + if (ret != -EOPNOTSUPP) + goto fail; + if (sev_cpuid_hv(fn, 0, &eax, &ebx, &ecx, &edx)) goto fail; +out: regs->ax = eax; regs->bx = ebx; regs->cx = ecx; @@ -552,6 +803,19 @@ static enum es_result vc_handle_cpuid(struct ghcb *ghcb, struct pt_regs *regs = ctxt->regs; u32 cr4 = native_read_cr4(); enum es_result ret; + u32 eax, ebx, ecx, edx; + int cpuid_ret; + + cpuid_ret = sev_snp_cpuid(regs->ax, regs->cx, &eax, &ebx, &ecx, &edx); + if (cpuid_ret == 0) { + regs->ax = eax; + regs->bx = ebx; + regs->cx = ecx; + regs->dx = edx; + return ES_OK; + } + if (cpuid_ret != -EOPNOTSUPP) + return ES_VMM_ERROR; ghcb_set_rax(ghcb, regs->ax); ghcb_set_rcx(ghcb, regs->cx); @@ -603,3 +867,113 @@ static enum es_result vc_handle_rdtsc(struct ghcb *ghcb, return ES_OK; } + +#ifdef BOOT_COMPRESSED +static struct setup_data *get_cc_setup_data(struct boot_params *bp) +{ + struct setup_data *hdr = (struct setup_data *)bp->hdr.setup_data; + + while (hdr) { + if (hdr->type == SETUP_CC_BLOB) + return hdr; + hdr = (struct setup_data *)hdr->next; + } + + return NULL; +} + +/* + * For boot/compressed kernel: + * + * 1) Search for CC blob in the following order/precedence: + * - via linux boot protocol / setup_data entry + * - via EFI configuration table + * 2) Return a pointer to the CC blob, NULL otherwise. + */ +static struct cc_blob_sev_info *sev_snp_probe_cc_blob(struct boot_params *bp) +{ + struct cc_blob_sev_info *cc_info = NULL; + struct setup_data_cc { + struct setup_data header; + u32 cc_blob_address; + } *sd; + unsigned long conf_table_pa; + unsigned int conf_table_len; + bool efi_64; + + /* Try to get CC blob via setup_data */ + sd = (struct setup_data_cc *)get_cc_setup_data(bp); + if (sd) { + cc_info = (struct cc_blob_sev_info *)(unsigned long)sd->cc_blob_address; + goto out_verify; + } + + /* CC blob isn't in setup_data, see if it's in the EFI config table */ + if (!efi_get_conf_table(bp, &conf_table_pa, &conf_table_len, &efi_64)) + (void)efi_find_vendor_table(conf_table_pa, conf_table_len, + EFI_CC_BLOB_GUID, efi_64, + (unsigned long *)&cc_info); + +out_verify: + /* CC blob should be either valid or not present. Fail otherwise. */ + if (cc_info && cc_info->magic != CC_BLOB_SEV_HDR_MAGIC) + sev_es_terminate(1, GHCB_SNP_UNSUPPORTED); + + return cc_info; +} +#else +/* + * Probing for CC blob for run-time kernel will be enabled in a subsequent + * patch. For now we need to stub this out. + */ +static struct cc_blob_sev_info *sev_snp_probe_cc_blob(struct boot_params *bp) +{ + return NULL; +} +#endif + +/* + * Initial set up of CPUID table when running identity-mapped. + * + * NOTE: Since SEV_SNP feature partly relies on CPUID checks that can't + * happen until we access CPUID page, we skip the check and hope the + * bootloader is providing sane values. Current code relies on all CPUID + * page lookups originating from #VC handler, which at least provides + * indication that SEV-ES is enabled. Subsequent init levels will check for + * SEV_SNP feature once available to also take SEV MSR value into account. + */ +void sev_snp_cpuid_init(struct boot_params *bp) +{ + struct cc_blob_sev_info *cc_info; + + if (!bp) + sev_es_terminate(1, GHCB_TERM_CPUID); + + cc_info = sev_snp_probe_cc_blob(bp); + + if (!cc_info) + return; + + sev_snp_cpuid_pa = cc_info->cpuid_phys; + sev_snp_cpuid_sz = cc_info->cpuid_len; + + /* + * These should always be valid values for SNP, even if guest isn't + * actually configured to use the CPUID table. + */ + if (!sev_snp_cpuid_pa || sev_snp_cpuid_sz < PAGE_SIZE) + sev_es_terminate(1, GHCB_TERM_CPUID); + + cpuid_info = (const struct sev_snp_cpuid_info *)sev_snp_cpuid_pa; + + /* + * We should be able to trust the 'count' value in the CPUID table + * area, but ensure it agrees with CC blob value to be safe. + */ + if (sev_snp_cpuid_sz < (sizeof(struct sev_snp_cpuid_info) + + sizeof(struct sev_snp_cpuid_fn) * + cpuid_info->count)) + sev_es_terminate(1, GHCB_TERM_CPUID); + + sev_snp_cpuid_enabled = 1; +} diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index ddf8ced4a879..d7b6f7420551 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -19,6 +19,8 @@ #include #include #include +#include +#include #include #include @@ -32,6 +34,8 @@ #include #include #include +#include +#include #include "sev-internal.h" From patchwork Fri Aug 20 15:19:24 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 500668 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id A1102C4320E for ; Fri, 20 Aug 2021 15:23:25 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 8C11D61245 for ; Fri, 20 Aug 2021 15:23:25 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241677AbhHTPYC (ORCPT ); Fri, 20 Aug 2021 11:24:02 -0400 Received: from mail-bn8nam12on2059.outbound.protection.outlook.com ([40.107.237.59]:18017 "EHLO NAM12-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S241475AbhHTPW5 (ORCPT ); Fri, 20 Aug 2021 11:22:57 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Fl7InRnriP4I7uNPiyvK5QQ0cn+tJ5WyPySw1cn8V3jzZbR73bWvNwTEXzod8nRNTYIJD6rZ2scszBQXYAyhKHw9AexJLcKx7jgvSJS+BBncxFfTN5Jbd+DbKDLSuZREM5++jdH5bJYp+eAI+1+7WJI5aLj/7Gu0tF2UC/UfLE5LcUS7yr3iEqOH6J7W4whOnwcl5GsvVoB2Ckcg+htxlSrSAUhfYUA1vPwMJXSXBVhYXzyW8kehZwlmuxEOLroA79Q5nEeq3yRK7jyvFxU3ry6dEZGclBUZ2RJJSlDPSAk7TiAAF4wbhSK7NDaxwB+UUoVKgwUcJaLRb726kM5QbA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=QkU/foi/ZGV71ZkywRRN3v/j5D2IBhlBMTCjHQgFerI=; b=WfgfmILtID+WTw3i55QuuQfQCAbWBiOq7vCBZ9fd1ISj85tRzL0P3izaMNssiUR6hwVVJYjAayHGdKWGfTGPnZBxh8UGsk2Fl9KvqFdUscphOpll283Ev4YNr0RyGuPk+nuAyqHWQC/l/YYvNEJ13vhFf/NH9SU0uZGBIyY0fO5lkdyzB6EsgP2u6LoomTSihRiVv3u392UImLq95zZ2aomb/z7RzDaOTe51S7ksnbG7+yB3QOuiCNPDUX8oy51DiZ3nnUV8zcer+WZtzZpYtCJM5JGsumLd46Sa8SA9PIQgKMT7TULfD+Mp3UAkTKBdOPUORD/Wrrgz1r3GWtSo3g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=QkU/foi/ZGV71ZkywRRN3v/j5D2IBhlBMTCjHQgFerI=; b=a9yOsTBEm1Jg13xklWAm/tZffNyod9jrPO7Z2mB2qkPSgoAzi4xk8D5mGx8WVkeM1W0QG138rf5grgEbgCVdCR/XW6k1b5s8x/e9Z1D7x0lHE87C/KILx+nzC6fQJcfAIK7YFclqkmN0V37etOD+3xovAT3gnd6MAtEFpY0djec= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SN6PR12MB2638.namprd12.prod.outlook.com (2603:10b6:805:6f::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19; Fri, 20 Aug 2021 15:21:26 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3%6]) with mapi id 15.20.4436.019; Fri, 20 Aug 2021 15:21:25 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , "Kirill A . Shutemov" , Andi Kleen , tony.luck@intel.com, marcorr@google.com, sathyanarayanan.kuppuswamy@linux.intel.com, Brijesh Singh Subject: [PATCH Part1 v5 29/38] x86/boot: add a pointer to Confidential Computing blob in bootparams Date: Fri, 20 Aug 2021 10:19:24 -0500 Message-Id: <20210820151933.22401-30-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210820151933.22401-1-brijesh.singh@amd.com> References: <20210820151933.22401-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19 via Frontend Transport; Fri, 20 Aug 2021 15:21:24 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 5928fc55-154c-46bc-1a32-08d963ee2c79 X-MS-TrafficTypeDiagnostic: SN6PR12MB2638: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8882; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 7y9KZKNQyHjA3X+12KYfPl7eW++JRPQlW31tiF51YfrNMtPv3NoraNTlEqrD/QUXJTbqxyk6MerETe+XluS2HlgBsjYSZuXpQEY2xRcCCMa4+4RoACUFrVzOreUSha+tPp7eHTtNYQGATAQV1+9ge7/lutgk2JebzH1pjrgD+CvmsoiFcQxwUbaCr8F1fxYJNFuGDoWOyibw2pOr3iV8QZVnKqqImkh4fw27ueTqA/55SegXON1iPM4bq3UPUkPhbAGTVg+jpF5t+vBFq3o7KaS0kDHdNf6FaI7qf7QMnJ8Tt/S5HaA43RZp/ylXPdi4t19gI2Idbg0FRw117aDaggm87s0tKQeeTCKMibt+BKlJjabL6f2zeCJfnqg7j14W8/5EeEaWfO82F5U2UXfx7Cpx2842AQEhSRUrMXbGuU4Skse5q6YcbiuTP7nUzsKLRUX3HgVSHkpn/gjfX+552S+2TAMh47k767rtL0smtXMz96fenErjHvoCUsQL/WIzh8Md92TMHEAvbLyFsxcjoddpHt9GkhyUuk7E29J6VTkiFjJc12AP08mDmgH1cd/EOOUqkSWKJDemV8fuGEDgXouSWs6QdKMCL1GX9wkYrHKtHaBLXiUomreTRHzK5FEsFpPOsk1B8N0c1Qk/A43ONMSy0Fe3ZWm22aH2+4aW9m8iFj7qVSHmwp6LUbQs1bF4goveL4YxsQF96rei5q//pQ== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR12MB2718.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(136003)(396003)(39860400002)(346002)(376002)(366004)(8676002)(8936002)(86362001)(83380400001)(316002)(54906003)(1076003)(478600001)(2616005)(44832011)(2906002)(4326008)(7406005)(956004)(66556008)(7416002)(66476007)(186003)(66946007)(26005)(5660300002)(36756003)(7696005)(52116002)(38100700002)(6486002)(38350700002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: l58GRwdNcrUjlwXXxJs/G7sA3soMs91xsYBl9XD4R60jcEoWBZ/u8gc6ccmYxoyVk52BNbBWZnI8zGdSpASXTw0ZMoWNeNx2hNlEWkbhAICE+cROW9FtjlbMbPTESWu+Zr/K76Bjc1PiZ7j9UDCsw6lzkqiSK1WKA7vXr76NJtWTh42f/A/qqAFYUtlPRfYwcoNiA/NZ5cLfVATmTXo5vdVAVB7YysKd6i4OBDpdyvQ3QRlgNow7jsUrnrBvOZdhNrQgiywmeWPYwYRLSg6zYJ7ap6hyYuD4ldZNI43xVqpTu/pJ5S+b0/ReHhWdnTsZ2389gQPpcHJu23/ekdZ9Ddefx5j8bCp27VoHguiq/QOo68H1HSmfyh4EqrqZi7bEAG5XIaXU7Y1b0oFq/QpMAhTV+ZUC63ND5AEripXEM2S3YJKa9f+G1n9NbxS8951202gKnWg+ecYVUc+ZMW43S/L9q4YWZ95TeMHZ5o8WHfdzRK1IcolUCiYcskI+X9EcTa/tyDosYQCIwe17onyFTyH3I3Ia1molK3vs9F843yn577QgGUvWxCQlaLvnWRn610xBeg1MQjiU6Kk7gTwNllb3mAsvrPOoBoQK0ognatDUlrkIOvnWuOWwXpU5AGYsCtVoxcnuxhlEkC6ZwISYOz+UAWSSZQC02IOySC6Fs/4GqZFjqdcIHW37RLLt+W4qNRkHdqy8DPLxPM2dSypPgxmPS3NRpLGy+G+xEKDsVWqQk5obWEKBQweqbJco1NvbdSQTcjKKx7R8kJ+ehNPgQfCOgq/wQLJ6kA+j5z1HjWPc9yq+/H41LdWBt+geyxK9c1sBWrKOW2a3YuKJ7kMVEibrKMb+8wQwsRFN9Zrrrq0oILOKlutot7E2vBUfKwMNf1pBXa/J9hryACP5OjvjekNUv9GIjE9k0NWpGaD8K6l9lk1xhazR42s6Af9QUA9sKUuOaEfYGYCeyCTkz4VVlkUwEZOASEGY6nCPZa+017KHS4gAsbwG+msBnU9vO5YBJGYHibtHhnqQFlKzQEUPF6z868OSkbOVMKn/h4NfHAfKX9ntwSkGwDRsO3LHv9MoxANuM7h63sZROMKDY7nkq1pgYgNQCfy2b01jSflmiI1gIn4TqhND0XqiWkcZgDmzOszVeiDFVbbXN6gvdfvRnLHZA2YHG8HqAN2JFLeM0Vvd1oYcmyxZQ6+eKgmEORkXLrnjEKQjyYSiDcZLx+YTaY4voQox5QDsorAekLD3pDEw1NyH6Yw/UK4ZiZt/txeHRxjNJ83sxVvS8yiTYexMRqL51lb2iXsia3IaU2+C7imk2p4RgwNDQyvZPoTBQlYk X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 5928fc55-154c-46bc-1a32-08d963ee2c79 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Aug 2021 15:21:25.1065 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 8Xuj5trPMNK8zh6LRvLa195ymbSx8zecrN5+yJsmaYqvl/+T/gd39C4WJj+JH3dHn8jsUHB2BeiCw84WV+MrvA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR12MB2638 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org From: Michael Roth The previously defined Confidential Computing blob is provided to the kernel via a setup_data structure or EFI config table entry. Currently these are both checked for by boot/compressed kernel to access the CPUID table address within it for use with SEV-SNP CPUID enforcement. To also enable SEV-SNP CPUID enforcement for the run-time kernel, similar early access to the CPUID table is needed early on while it's still using the identity-mapped page table set up by boot/compressed, where global pointers need to be accessed via fixup_pointer(). This is much of an issue for accessing setup_data, and the EFI config table helper code currently used in boot/compressed *could* be used in this case as well since they both rely on identity-mapping. However, it has some reliance on EFI helpers/string constants that would need to be accessed via fixup_pointer(), and fixing it up while making it shareable between boot/compressed and run-time kernel is fragile and introduces a good bit of uglyness. Instead, this patch adds a boot_params->cc_blob_address pointer that boot/compressed can initialize so that the run-time kernel can access the prelocated CC blob that way instead. Signed-off-by: Michael Roth Signed-off-by: Brijesh Singh --- arch/x86/include/asm/bootparam_utils.h | 1 + arch/x86/include/uapi/asm/bootparam.h | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/bootparam_utils.h b/arch/x86/include/asm/bootparam_utils.h index 981fe923a59f..53e9b0620d96 100644 --- a/arch/x86/include/asm/bootparam_utils.h +++ b/arch/x86/include/asm/bootparam_utils.h @@ -74,6 +74,7 @@ static void sanitize_boot_params(struct boot_params *boot_params) BOOT_PARAM_PRESERVE(hdr), BOOT_PARAM_PRESERVE(e820_table), BOOT_PARAM_PRESERVE(eddbuf), + BOOT_PARAM_PRESERVE(cc_blob_address), }; memset(&scratch, 0, sizeof(scratch)); diff --git a/arch/x86/include/uapi/asm/bootparam.h b/arch/x86/include/uapi/asm/bootparam.h index 1ac5acca72ce..bea5cdcdf532 100644 --- a/arch/x86/include/uapi/asm/bootparam.h +++ b/arch/x86/include/uapi/asm/bootparam.h @@ -188,7 +188,8 @@ struct boot_params { __u32 ext_ramdisk_image; /* 0x0c0 */ __u32 ext_ramdisk_size; /* 0x0c4 */ __u32 ext_cmd_line_ptr; /* 0x0c8 */ - __u8 _pad4[116]; /* 0x0cc */ + __u8 _pad4[112]; /* 0x0cc */ + __u32 cc_blob_address; /* 0x13c */ struct edid_info edid_info; /* 0x140 */ struct efi_info efi_info; /* 0x1c0 */ __u32 alt_mem_k; /* 0x1e0 */ From patchwork Fri Aug 20 15:19:25 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 500671 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 668D7C432BE for ; Fri, 20 Aug 2021 15:22:56 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 4F1C861245 for ; Fri, 20 Aug 2021 15:22:56 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241142AbhHTPXc (ORCPT ); Fri, 20 Aug 2021 11:23:32 -0400 Received: from mail-bn1nam07on2078.outbound.protection.outlook.com ([40.107.212.78]:42963 "EHLO NAM02-BN1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S241379AbhHTPWj (ORCPT ); Fri, 20 Aug 2021 11:22:39 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=e3Baqv0uSDBin+SeHzykkDi8gh27Cax8Ts7bnB6JQJcYGFF2aO/s4cysmdEe5GwdXzOtISWEyoWVPszR9tcW2V2wUns1Ppl7icl91lES+vYr0kXbPDshntLnoNmlf20VLBQriTshdFX0F2yzX5DaMA8RHTAx1P4yFNTxpNHVksi0PDaLMiMvSQsvlsoYC3gmaW/vPYvxIPFdWHnXJYf2w6RtCgCRSymkOnSKToPR9x3pB1nuPSVuVACBurLMNWXk+1QxkrlmXLVm5rHgpiyAycuZHJ/DQ/P1MucwI7gqc+x1aQG+AznbOejvgQfIvJuQGecvpC9wxzeOSZhopCyOTw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=avLF6Udb91bbGGtykJCdLRsOgYGd8bNxvuZiGtuAHm8=; b=DyZONSZ9Svw1yu1ERK42IQPGFVHxPjIsTMR8s4E3LYNJkahadmhoyO4iQjn7QjGG5iLK9SrsDogifLd3gGJFMb9izNh4Aits2PAtMUwzLPx56dzxTVDaYSRoc0G8sqH4TqnMXlIIg1EFly3N4UJTg1xyPr5w3RrRUxNlinLg+JJ2esV3sg9x9sPa2vsgP4kna0Hpgj9MFqqBLZfAKkg+0kozo4MzqnyFpdbhSo0sU9K9w5B9FhRtPu1sH7d9MyGrUpIdj3usJndAO2eNc1fYNC0Yiq0jhudJ8IZ313jJOpDQRvJIrkRh1ldY8Av3q5Nuw4/g1aQq0kDv+SGay7f8fQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=avLF6Udb91bbGGtykJCdLRsOgYGd8bNxvuZiGtuAHm8=; b=nRQ3pHcDV/jGvTAV9eqMHvODGhRjVZ17389JWRtMF8zyiBBe3Plaau3BVN2GL0wbb70Wvc0xtN8RZWCsoiZ/duk+zzKPTfSWKg4uxemplIEuPIrUZ4B87FknkX48jShSSEug8j80bEJCvijIVMhmsFy3knTvBSXgK+erfxGjRo0= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SA0PR12MB4592.namprd12.prod.outlook.com (2603:10b6:806:9b::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.21; Fri, 20 Aug 2021 15:21:58 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3%6]) with mapi id 15.20.4436.019; Fri, 20 Aug 2021 15:21:58 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , "Kirill A . Shutemov" , Andi Kleen , tony.luck@intel.com, marcorr@google.com, sathyanarayanan.kuppuswamy@linux.intel.com, Brijesh Singh Subject: [PATCH Part1 v5 30/38] x86/compressed/64: store Confidential Computing blob address in bootparams Date: Fri, 20 Aug 2021 10:19:25 -0500 Message-Id: <20210820151933.22401-31-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210820151933.22401-1-brijesh.singh@amd.com> References: <20210820151933.22401-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19 via Frontend Transport; Fri, 20 Aug 2021 15:21:25 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 7b8cafd1-d7e9-47e1-309a-08d963ee2d63 X-MS-TrafficTypeDiagnostic: SA0PR12MB4592: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:260; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 32bI4iIsadWKzq408pzfPklxLjlVA0kSBL5QhBpO0kdeToOVU5r7lEgN3MATeBjLpcBSfVPh14n7K60SaZ1Dnlb3HpH2KuOgBz/nYVKBi1agDWfpwsOYVZDbdYpDWk3/xojFuRf0fPlxAf/TmH1eX+WEKcujQ+9xQKWxkNwp2RqtGQ+NYSwP7iMws1rlKbK9SaP7ToFvc+Gbztui1iHGdvBOm5/1fVngB/VoZOkCqLeYOrXAI8OwathAFSkv2lxaSOHvdz6daRdEAXGcdbtxwyrgX0JqLjFRZcM+V+u9ZReqAdYMi+CmFcMIX0/NXZ4pi12eYfO51gEDHSZtwHmLpMHWlf7jJa37mdDSHr1bo9GpiB0Rs/DNLDID9is1HLohliE2DY8o+3cY2x0gTh49Fy+T8CPOyud0WezoFBIiGDDT0KbzYPnh6wssPQUZ/L1mtIa98LJ9KJ+8680DDnIshk0zqtJrJaE1cDiHLuhl2fhtzaLp2cijtvYPRdaNiVcwWBnLzB3xz7eqZBVYd76PHSkkwCBLimL80yWQrZc/5yfKgbB05kZ/tNEag1xQjhPYOq9FKlLLVUT1DMGE5TmBI5U4FjEqp9kDaZ5Q6m5Jkqzh8SLTLGB+Z01Q0jjym+y5bAOKW7LaAb5qsqG1K9In7tcSurw+yTrSiCK0NNJl9o2hNhxmUAJsPEXDVJ5eAXkWiCjxzMxX4fdnyLG4y5wfHg== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR12MB2718.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(136003)(396003)(39860400002)(366004)(376002)(66556008)(6486002)(54906003)(66946007)(1076003)(66476007)(316002)(38100700002)(7406005)(7416002)(38350700002)(8676002)(4326008)(956004)(2616005)(8936002)(26005)(36756003)(44832011)(86362001)(186003)(5660300002)(52116002)(83380400001)(2906002)(478600001)(7696005); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: 4wv8xktt9t2W8zIhcO9A0MrtRksclycPmi2sxp3DdEhFsq32fIzlyRbY+613SQgv8dLOH2a+/U835ZUPMyfNiZT8LMkq47Nk5ABZR0sewi7Xu1/t2pVfKL5LwqOJBj7gDd5HzakimxC7kcRSbL1Eqf3bsYdptLcgSd4gU0ngvG0/G86qTz1QWV6hwspbMAH19L4xws9tkB9xPzk3ZyNyxSEs8xz5kHTgMbn1oWbhvBh16+nGxjpvUzcoz9EjKiCW42t8H2jikRv84G/EnvoBcgnfwDivfMN5lTCzoIuxh84YkSRTcYiqKK6FoFlg+6wpWfVboy9g7Pqtrlamfooc6xZz0Gk5ErONq0fhuy1DuBKwJigQn/D0ZCTOGMASjJXssbjwq1makAZak61WpF0BLbA/R4QKQlqaHER78C7tU4H7DmPGg5KcIj1tX1BK0xClIBRpbL1TF9g42e5woXY0MkJjn/dAs/CX0gvPMVs6ZI/BmrpqgLXvnhlWFan5dzhvvaV7BiY3eWYLeKgoowd8JN/BaGUVrWuB6cISPl6naBSonth4pgE8mcZPcGf+xpRot6uuQX+ZUkACbzvzmBAOI+9+S2nXmzO8MB7y4H2PMemeKjcQ304Ilwk3OHczx+cXQd4AM5xKmXN3UO17XDHItcx9iOahDh9bi1ad4uxjWDIiCfOo0IAz/eldW2k/EFxGo3Sn+G3GGq+klUGpJAPkv3gk2bvO1DsFBSzllkZ89zmSIAWm4k4BuRLo2l/jwytKcsdT09Df9CII4Tej7uPoWrHWcAoOm+ge8tvqZaE1oUb8/1D/x+tdJ4WnduUGu8ZZ9+Ryq3mIxL1YybVxUDBQdDJ6kYFIMcp4P0QpAiIN5SUirfUHfLZtKQdPQ7IQM7zzoUncNTcUmE+X7M3wGLmMgzq1bkAIpim+83tySKm1/YjCwkWnGR8s3/LPDnyFUmKmWe5zHRMhVl0wjCH00/Z2XSoF9QNd3NPqvp/Vbr2relXcWH/ynbFU6wl1g8gPchIsZV1zCi42EWQ1pFhm5jkRqQKiYMk4cNrv+H6Vr0lFWd0zpgTRBPJskPwwx8wH4t30hYM3h86y0ovg65M3Y/qMo2CR/jShjXyC5AOCBcyKktuRq20hmy0ZRdJohqqZz2b5wf4squfFrnSe+fv487zMQVavH552A19PM6mEO/bjlHCpkZ0lYq9XZmIAqxiSUEC4MmbrDv3CuitazKC107FEoDSoECyKWlbfqCqet+dFu1vijihVdwRp0Kn7FLSbQsZMZGF/6tDZKOgpTZB9xYVE5FfjSBa9IiBqxjF37RTYmPYMekvY6FIqpPQZomqojYCl X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 7b8cafd1-d7e9-47e1-309a-08d963ee2d63 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Aug 2021 15:21:26.6166 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: rLhalUd0y6j0oBaPiHrCRGSXUqCeArOsRgF6/sos9F9+q+g5uywnq1M5JAcM/vzDeNc//HD73plt5HBhFHPB8A== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB4592 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org From: Michael Roth When the Confidential Computing blob is located by the boot/compressed kernel, store a pointer to it in bootparams->cc_blob_address to avoid the need for the run-time kernel to rescan the EFI config table to find it again. Since this function is also shared by the run-time kernel, this patch also adds the logic to make use of bootparams->cc_blob_address when it has been initialized. Signed-off-by: Michael Roth Signed-off-by: Brijesh Singh --- arch/x86/kernel/sev-shared.c | 40 ++++++++++++++++++++++++++---------- 1 file changed, 29 insertions(+), 11 deletions(-) diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c index 651980ddbd65..6f70ba293c5e 100644 --- a/arch/x86/kernel/sev-shared.c +++ b/arch/x86/kernel/sev-shared.c @@ -868,7 +868,6 @@ static enum es_result vc_handle_rdtsc(struct ghcb *ghcb, return ES_OK; } -#ifdef BOOT_COMPRESSED static struct setup_data *get_cc_setup_data(struct boot_params *bp) { struct setup_data *hdr = (struct setup_data *)bp->hdr.setup_data; @@ -888,6 +887,16 @@ static struct setup_data *get_cc_setup_data(struct boot_params *bp) * 1) Search for CC blob in the following order/precedence: * - via linux boot protocol / setup_data entry * - via EFI configuration table + * 2) If found, initialize boot_params->cc_blob_address to point to the + * blob so that uncompressed kernel can easily access it during very + * early boot without the need to re-parse EFI config table + * 3) Return a pointer to the CC blob, NULL otherwise. + * + * For run-time/uncompressed kernel: + * + * 1) Search for CC blob in the following order/precedence: + * - via linux boot protocol / setup_data entry + * - via boot_params->cc_blob_address * 2) Return a pointer to the CC blob, NULL otherwise. */ static struct cc_blob_sev_info *sev_snp_probe_cc_blob(struct boot_params *bp) @@ -897,9 +906,11 @@ static struct cc_blob_sev_info *sev_snp_probe_cc_blob(struct boot_params *bp) struct setup_data header; u32 cc_blob_address; } *sd; +#ifdef __BOOT_COMPRESSED unsigned long conf_table_pa; unsigned int conf_table_len; bool efi_64; +#endif /* Try to get CC blob via setup_data */ sd = (struct setup_data_cc *)get_cc_setup_data(bp); @@ -908,29 +919,36 @@ static struct cc_blob_sev_info *sev_snp_probe_cc_blob(struct boot_params *bp) goto out_verify; } +#ifdef __BOOT_COMPRESSED /* CC blob isn't in setup_data, see if it's in the EFI config table */ if (!efi_get_conf_table(bp, &conf_table_pa, &conf_table_len, &efi_64)) (void)efi_find_vendor_table(conf_table_pa, conf_table_len, EFI_CC_BLOB_GUID, efi_64, (unsigned long *)&cc_info); +#else + /* + * CC blob isn't in setup_data, see if boot kernel passed it via + * boot_params. + */ + if (bp->cc_blob_address) + cc_info = (struct cc_blob_sev_info *)(unsigned long)bp->cc_blob_address; +#endif out_verify: /* CC blob should be either valid or not present. Fail otherwise. */ if (cc_info && cc_info->magic != CC_BLOB_SEV_HDR_MAGIC) sev_es_terminate(1, GHCB_SNP_UNSUPPORTED); +#ifdef __BOOT_COMPRESSED + /* + * Pass run-time kernel a pointer to CC info via boot_params for easier + * access during early boot. + */ + bp->cc_blob_address = (u32)(unsigned long)cc_info; +#endif + return cc_info; } -#else -/* - * Probing for CC blob for run-time kernel will be enabled in a subsequent - * patch. For now we need to stub this out. - */ -static struct cc_blob_sev_info *sev_snp_probe_cc_blob(struct boot_params *bp) -{ - return NULL; -} -#endif /* * Initial set up of CPUID table when running identity-mapped. From patchwork Fri Aug 20 15:19:26 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 500667 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 70904C4338F for ; Fri, 20 Aug 2021 15:24:19 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 5377961245 for ; Fri, 20 Aug 2021 15:24:19 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241242AbhHTPYx (ORCPT ); Fri, 20 Aug 2021 11:24:53 -0400 Received: from mail-bn1nam07on2073.outbound.protection.outlook.com ([40.107.212.73]:11243 "EHLO NAM02-BN1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S241492AbhHTPXN (ORCPT ); Fri, 20 Aug 2021 11:23:13 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=l7ZsPhGu/yduXLGZh4e3UviWjIwusEKsqf19Vfk4bgyt0VXn57y1/BbBpLzV6I5iNctejKO4pLkoQuefUqZy3DD9vFomiZHLswI9a/RmQRkoB+bPX0hIWocdatbfxDQ0jD0F3y5iTImwb5UdERLW2QikQnXyzJzWyPveX8IDbrioWrYrJ1nXqfLFBNuKd1Z6g93ni1ewZ+ymlztdgIv+pUDBEuOrcOLJ+2XPGxQly524da1aDWhVUZ82DYJuMAxXGGaO3v1d0VSo6boGU4eE5vy/4dQq6RnWFR6pPST9bx4Fy5xjmciaO4ld/EPylgAM2ocpXCq93tT41KRhed5cLQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TJcUNVlui0PHuiBwQIVI8DOA68ENcPTaKmWVAZOdWzI=; b=eUyub166iVWGjMYn4LVZd/7wiD/4hXO4A/Ke9071VZswjGvZDWTLNym331kA6nLMc1AEritjx5f4Ikj1QIWNI2Pi2eXXTp5Ii2D1c5lrjedfXUvfiSptzyeNvP/7b99kcAFonN/d9yRFIlRhpLeP/wELw2wqBWioQs9GqFYNljXGrF3xjpIG3XZQLWkY6e87rCfiySllFp/GGj7L702IjMxizjSSKQSoeaA1uOwIRLK1JS7X4g5MmduyTNl0eS2vU70uwy+1yOn2oQuvbL4Uc1ygDK4jSt8Fqi+KFBcYQHSgH731ZKqxZr5bY7icwVYcvGdMqAukpIgnwX1uvXswqw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TJcUNVlui0PHuiBwQIVI8DOA68ENcPTaKmWVAZOdWzI=; b=HeKZP3K8oRVsDiPupyO9EyIUgMcPWZzbBekA9YzATauX38NNkcjNPOXVRsYmy6hg1qlqq97xSldn2EqY5/b3ReD6HCxg+R7NoK3CF363dtyJ9JUdlJ70EbJ9Y7nBXGaJxI0cpTx3/Kxgfhjrm2h7xje2C4i487znq1SiLn6WWvI= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SA0PR12MB4592.namprd12.prod.outlook.com (2603:10b6:806:9b::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.21; Fri, 20 Aug 2021 15:21:58 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3%6]) with mapi id 15.20.4436.019; Fri, 20 Aug 2021 15:21:58 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , "Kirill A . Shutemov" , Andi Kleen , tony.luck@intel.com, marcorr@google.com, sathyanarayanan.kuppuswamy@linux.intel.com, Brijesh Singh Subject: [PATCH Part1 v5 31/38] x86/compressed/64: add identity mapping for Confidential Computing blob Date: Fri, 20 Aug 2021 10:19:26 -0500 Message-Id: <20210820151933.22401-32-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210820151933.22401-1-brijesh.singh@amd.com> References: <20210820151933.22401-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19 via Frontend Transport; Fri, 20 Aug 2021 15:21:27 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: e5148727-bc2d-4958-a297-08d963ee2e47 X-MS-TrafficTypeDiagnostic: SA0PR12MB4592: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8273; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: acvn+3OuHEMfTGo6eD+UlUJf59Dpm2jRXtadfZKicqYXKvmGsjIAJOrXOjYN1sMEqOfTpY26EE5l+AVX4qh8LS259N346TpQ04sYXIK+Adzs0YUjdKYGm8ntCGfBHoUXp3z7IZxj0u2eL+Ebfv78CXNXJ58R1crBVjvZxqufWS4TX26Y+BxkcGmcFSsGaxlLk7o0oBdX01LPwFtfQyFXyWl/7O9vfhI3Jip4cv2Z8jIs8oLuqg+psjidj7rzR1MazxW9b7M/gFUlXBVj8i0q0QVLGH3Ktf3972bUdAlIUUNFZNupYgxv1uWxXdiLHtOrn14r6vooEN0K/yZL4UnzeBsg/JJEFCcK9Tilietzvk3t9KfauDSUk/UKOeVnwER4K8TzUz9QlOsBACR04Z+M6UywjtIFFvtFWIgYowJzvSN+7kuqRHlJ+AMgYbPY9/TeaEnAvLCUfiFPxWLdhQePoqJK7jVq0OpALoiz9IYBb5kPcv/dSNINM2vXRoCxGVUr/LEvZ2aSxKHxFiEHAP/plmBgiXFPt196+LVasBzRMHNcFJ7Eny0b+7nxaJLI4/A3OV6JRykTSeOwfxNo0kEqd0fxJKA3KTpzVapWNj09CRbASmyVQdmVWd/+3zSRlTZ3XwI5LbiIK4Bmf72L4GwfpKVlNJS7df67oG0QcqUGWuD5HAV/LQXrgw1sMMxQabwj8vOmd/6jt0+FK9fEzmV1hw== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR12MB2718.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(136003)(396003)(39860400002)(366004)(376002)(66556008)(6486002)(54906003)(66946007)(1076003)(66476007)(316002)(38100700002)(7406005)(7416002)(38350700002)(8676002)(4326008)(956004)(2616005)(8936002)(26005)(36756003)(44832011)(86362001)(186003)(5660300002)(52116002)(83380400001)(2906002)(478600001)(7696005); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: 6uZVRoR8VS+T/QrT3D9ljSbiTp5XXkKgR4HQqwQ/ekkN/8mbvHhf5gSyofbWlifANB2NWJbWR2lv97wjcLJxTVHfX7gWEYP8/welVITUK/LZM3G+oljkK3RNE4mF7QY4oUrfUYTliB2sozqhJVjVCr3JK39yTp1LQ61oq6HzKOv8dyTmD9khm3wmh1Y5ikpb4ADpkL9aRr54ReaJ9otM6i5ZLly7xecZpx1UYCmRuYBoO+a06ou6OZorzPnuYUGbEDRqpuhQ0tTQCTDzhxbjUqjIa9iXjSGV9eLugqrziOJLZZcJIXcYPK2Jk2ZcEffbapcw+7RXu0OBb/UaR+m+sGedEEkq9I3SpoKGr+UDnZxF94/Y0soDOtN3mEWG06BHb0+r8G13j4Lry+eUMF85OY0wpyHlJuZWuJrKvD+Dg7D+l00x9qNM3Sr3ji0bfwSb2xkbgmv8BqU13+hDOLsyNYtBTWF7pLbeKTpxLiykZTJQL/6VLd+z33IXW9hTui5g7Xivgg9ggE9NepNy3cwiuQlWUVJ2r4Fl4Yz1liC0iHnA8ZsfJrNw6IFY4/Zce1yIdm5mP+mBk0bYP/W5gsfW4U6eE6HzvopoMcwsjY5O9NJZQcnRftCIFktmLjUdtAJNcbtZRuM7Qh2mBmwjSPw5O1f2v1sSlAG7LPs6erKu9/7RjnxiDjGNddyYDdZA+GllXTdO2UEMEh3hUubP7/NlRKhBkU74bZ70h1UNPyvM3Y9PCWi1sFRcaF2rsiW+hZ8zOeNkCBICBKbjKR8910FVrImeJb+G7/q5zVQdz5Dc6edhRUhQexoEwD7fmh6k8kAfSDrV1BgzxGFqX2WGIsjjfkwGPtzIJURipbPzO75KU/Hbdg2KmquGYc46wXjLWAQmAccBK4+RbQEYLB8ssmEb60hMbxzHYDhcnoCjTSU6Ax608x1EbNQGpYhM2HzeQYYQquEWz9WsRF3mHFsGb+tIdrfUCpsRRQMluUNF/EiXJ025diJgs/RkgoxoJyJ6ymtrIqh7FQCOlcqy8LGzBNWkyPQ10BL9XuabtBrCX2aoGusqFs6xQyb3b0RPKS/jpkhmjeuWSq0LqicqWzsCQsQyky3u83/qBiStDlt8XbVQJ4H1bfuKU9/ppsR7cvk/zIRf+UrKlY5/g5yoeqgmV6BcKhn2yyGSmow1k6MgbvHXkBnDWFWa8WMzr77rjkK+3tZFLNGXx21tpJ3I/UxFBkdEcpu542VNdPAFqSvPvdYrrESPeIqzZZD7pcp8mHtnEEiDYJ2G42/oXsNAPXwgdvLzPex/LtseMaW1LJEl0gOlyE8qAlL3d+qafNMVJpMtlkvn X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: e5148727-bc2d-4958-a297-08d963ee2e47 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Aug 2021 15:21:28.1277 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: bRdM5PCCzWOQrDO+4j9/nA+CDoDbwQjWXXvKj2RCLpxklLm/jck35oXVWftc8pAjSLBm35Z+9lZMBB9wSyjf6g== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB4592 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org From: Michael Roth The run-time kernel will need to access the Confidential Computing blob very early in boot to access the CPUID table it points to. At that stage of boot it will be relying on the identity-mapped page table set up by boot/compressed kernel, so make sure we have both of them mapped in advance. Signed-off-by: Michael Roth Signed-off-by: Brijesh Singh --- arch/x86/boot/compressed/ident_map_64.c | 18 ++++++++++++++++++ arch/x86/boot/compressed/sev.c | 2 +- arch/x86/include/asm/sev.h | 6 ++++++ 3 files changed, 25 insertions(+), 1 deletion(-) diff --git a/arch/x86/boot/compressed/ident_map_64.c b/arch/x86/boot/compressed/ident_map_64.c index 3cf7a7575f5c..54374e0f0257 100644 --- a/arch/x86/boot/compressed/ident_map_64.c +++ b/arch/x86/boot/compressed/ident_map_64.c @@ -37,6 +37,9 @@ #include /* For COMMAND_LINE_SIZE */ #undef _SETUP +#define __BOOT_COMPRESSED +#include /* For sev_snp_active() + ConfidentialComputing blob */ + extern unsigned long get_cmd_line_ptr(void); /* Used by PAGE_KERN* macros: */ @@ -163,6 +166,21 @@ void initialize_identity_maps(void *rmode) cmdline = get_cmd_line_ptr(); add_identity_map(cmdline, cmdline + COMMAND_LINE_SIZE); + /* + * The ConfidentialComputing blob is used very early in uncompressed + * kernel to find CPUID memory to handle cpuid instructions. Make sure + * an identity-mapping exists so they can be accessed after switchover. + */ + if (sev_snp_enabled()) { + struct cc_blob_sev_info *cc_info = + (void *)(unsigned long)boot_params->cc_blob_address; + + add_identity_map((unsigned long)cc_info, + (unsigned long)cc_info + sizeof(*cc_info)); + add_identity_map((unsigned long)cc_info->cpuid_phys, + (unsigned long)cc_info->cpuid_phys + cc_info->cpuid_len); + } + /* Load the new page-table. */ sev_verify_cbit(top_level_pgt); write_cr3(top_level_pgt); diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c index 910bf5cf010e..d1ecba457350 100644 --- a/arch/x86/boot/compressed/sev.c +++ b/arch/x86/boot/compressed/sev.c @@ -123,7 +123,7 @@ static enum es_result vc_read_mem(struct es_em_ctxt *ctxt, /* Include code for early handlers */ #include "../../kernel/sev-shared.c" -static inline bool sev_snp_enabled(void) +bool sev_snp_enabled(void) { unsigned long low, high; diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index c73931548346..345740aa5559 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -127,6 +127,9 @@ void __init snp_prep_memory(unsigned long paddr, unsigned int sz, enum psc_op op void snp_set_memory_shared(unsigned long vaddr, unsigned int npages); void snp_set_memory_private(unsigned long vaddr, unsigned int npages); void snp_set_wakeup_secondary_cpu(void); +#ifdef __BOOT_COMPRESSED +bool sev_snp_enabled(void); +#endif /* __BOOT_COMPRESSED */ void sev_snp_cpuid_init(struct boot_params *bp); #else static inline void sev_es_ist_enter(struct pt_regs *regs) { } @@ -144,6 +147,9 @@ static inline void snp_set_memory_shared(unsigned long vaddr, unsigned int npage static inline void snp_set_memory_private(unsigned long vaddr, unsigned int npages) { } static inline void snp_set_wakeup_secondary_cpu(void) { } static inline void sev_snp_cpuid_init(struct boot_params *bp) { } +#ifdef __BOOT_COMPRESSED +static inline bool sev_snp_enabled { return false; } +#endif /*__BOOT_COMPRESSED */ #endif #endif From patchwork Fri Aug 20 15:19:27 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 500665 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 88EB7C432BE for ; Fri, 20 Aug 2021 15:24:34 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 7113B61214 for ; Fri, 20 Aug 2021 15:24:34 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241784AbhHTPZK (ORCPT ); Fri, 20 Aug 2021 11:25:10 -0400 Received: from mail-bn1nam07on2078.outbound.protection.outlook.com ([40.107.212.78]:42963 "EHLO NAM02-BN1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S241033AbhHTPXc (ORCPT ); Fri, 20 Aug 2021 11:23:32 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jZawO4tUTlp3ij0V5OdNz+sdkdR4uCLFNykesv57QgtN65SjCdKXn3xhr5x8Hu9x1yg/SkJ0GMv290uoNLOKJ6zNYJx61bCrQn1m7Yt7wU5Jm1Y9bjxgSFT65bwBtnIvYrg0pU6DIpSI7/wTBAZ/dsi0o32w+7NCC8jR7b6BdHavHt2wXp7DilfhjsFMK1U1NHp+pbwFPmtjwa28i3fG8QjC4dkQs8V+jBHA+K3j8efed6fngq5Thl4lgw3G4xSJz7PpegzuCN88/M1fiqAIj19F1ma9U5SbUz/Y1sYPpfZ4Tu8+XeQD9tOvSza6qKOQkqFPu07WZP7xufdn8ZIbeg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=SqkMDx0/0vzGlPt+rSYAi+VmVx6/g1a6Y8Sb8px6ZIE=; b=Skfyg3IyE+uy0co1feEBSDgyzAVeXfeHx+2KfV90anm+sWe3iJfluc1k/SUtlrVexMVphXH80XiA9zLBOxVAxe8YHGjsytAfGIG4Avx1A809qOBhzhMu4u3L2Vpk005HJOz3DyAU+2VwuF/gXj2K6cyHybBRNVqjvQbrv5j50OPmJL2+hq2xbMgHeYh7OiDiDkothlu0eohA3LHonlZC4JGmairCk2nbn06wJYRxZ+oseH503OHOP6LM5xUn+kMOK9Ukjky/9/Q6/njbwwZdAdswRlvxNzknh0IRo4Mv2uWxYWT+Kdg/bcfvigrqN41M42HW6W150R8uL0o1quNpRw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=SqkMDx0/0vzGlPt+rSYAi+VmVx6/g1a6Y8Sb8px6ZIE=; b=1LaWG/tEK9oJh82lrXN3wTqhcTuikY+QuBqpKmxCvWVbogCAi1CUvR3KChF9n1co8/xM/3x3RGAuh6slFyHukJWSocXEJCawSa4Kg6vT+4sUO42I65N9GI97xqv55FosfZGLckdP2gni63yzQ0iLwKA6eEDCNBBIygW+WDfrVKQ= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SA0PR12MB4592.namprd12.prod.outlook.com (2603:10b6:806:9b::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.21; Fri, 20 Aug 2021 15:21:59 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3%6]) with mapi id 15.20.4436.019; Fri, 20 Aug 2021 15:21:58 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , "Kirill A . Shutemov" , Andi Kleen , tony.luck@intel.com, marcorr@google.com, sathyanarayanan.kuppuswamy@linux.intel.com, Brijesh Singh Subject: [PATCH Part1 v5 32/38] x86/sev: enable SEV-SNP-validated CPUID in #VC handlers Date: Fri, 20 Aug 2021 10:19:27 -0500 Message-Id: <20210820151933.22401-33-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210820151933.22401-1-brijesh.singh@amd.com> References: <20210820151933.22401-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19 via Frontend Transport; Fri, 20 Aug 2021 15:21:28 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 3e001756-f61a-43c5-652f-08d963ee2f08 X-MS-TrafficTypeDiagnostic: SA0PR12MB4592: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8273; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: om0rqE0dY4ybpSzTV8RI0KxJhJaNGJoDFV1ldtPoU9q/TNf8D0eq+lNoF7gE9NBy+6sMgrihANCucA5L+zST5IcndpNQt/MtS0dXgD3vWyjc7Ppcxa3eg9eiI03UYefkGeGM1yA8IZXNKqEYNusYVGgstkQbIDxLeOOIJf/1kE7Pde5pPSSUVGu8zOUXhFCA+8oMjA77s9IlbWGa2uCof6qPye7Cm6jOvJfjyqLfLfGEwP7Qh9mjb4SEcr4RHFqUg8MJSWkNgZBGBkaRJE99mk76SgZLS5NsylPwQdL8hq05pfSQtr0oF/054X3YP0JqPGVoUxSFaS2NYbiHL2mL6vs8c1JweBYINPrLf+KGYWyake2bZjejEqsVYwyLpiDub0WX3IRkRtb7fBknNQNCDGDvz23cFkjq0A0z1c/3sxnAH981UUPZJvg9hyHGLKyvJ+6bdnVtJVriQb+fdJIVpjywyxV+9yciiN2zJFWZfv9NdhrLEk8ZplCO4x4zZMawjRrzFMDGQnB105ue/tRjGROlx/lpYavE0nJkMEe6kSC1oqS1WjxJBbcvx1GerhkQvWAXLmK0WNgnSuFVAo9qD4LcYwibg2FUJ8mDvvqKMUdlCtklN14iAo6N393AMJsZ3cOXajLH3VbCD9+GU4qv/6JzQa0C+ST3CmE52RliJdxLjK2s3dUdFDV5bBizb65o9JsUNhnyujOSeWtlF8+47g== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR12MB2718.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(136003)(396003)(39860400002)(366004)(376002)(66556008)(6486002)(54906003)(66946007)(1076003)(66476007)(316002)(38100700002)(7406005)(7416002)(38350700002)(8676002)(4326008)(956004)(2616005)(8936002)(26005)(36756003)(44832011)(86362001)(186003)(5660300002)(15650500001)(52116002)(83380400001)(30864003)(2906002)(478600001)(7696005); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: bmNen83W007xVHgiZFVc0I/os7uMKEGNi6gUcc+EtKN0Gove+EhYNg8LkgNWtXeVJfCtJAG5ojb7F7gs463UlpjoZzLU8XEM6MS+ef78PRaCyVom4uL1dBrOWR2WAEMHSJy61jb0RHphaE+obG0IYD+S+6L6d+tJaFpHhLEeKF6l3POywLT6AZa6NhpC57wLhFpPtPRISuNr+u981DTKYdNP9KtPz6ng0pt6Y2dteq/VpoBisogFiJNjpM2CId95tDrcI+PgrA5zW5VzKPKHa0RjMSGTJemikYiPPEv5YNr/x6H63O1M9SvDDi8SfUbT2vLoP9FU7P1wnbCbjOU5HHbGbaYl2b+UjPNqobl5q3PiZnY4eajnJXfBrxvKqJ2ZqaqFtYFZabiisgT+/I0Nze+DWSCqDYPjNnIX7J+T9AGhgB7jzsC5ulu/gfeWE4ijSLRRL+GMmcIBIMOuSLSkBJtdOy3eoQ9sFO/G9nYQ05xl3Ayle+LyxP5LptulEMuq7HU/Wn8S0OZeS0WY+QQpcZalJfv6MKCEyTZSEQp+0QTS7HzMD6Hn5vEJG3/5keH42aP4qRSMEZqFypzacRiADD5O8Cl5/bRsMhHvfeK3EXvGs1tNi5QsoFBTiK5nNfHll1XcmimLiez18JDKVMpc1cnFqvOMAd8BtOTcspJujGwVRa3g6sh3P8ATkyOO+BHc8KFir07LscQTeTz+B6hwwJp/2g4wbQTxYk/0M/bV8tLj8gefbjMb3Pg/cnpJhKe4/m8SLG6Fcc0gKYoVNdF0+gA+6FYEhEdm+ot3e/4QDOUNhl+urXz5wxffBAyXxV0mavVm4jvuCuyFmSktLI6gNMX4YDtnaPr+H0S3JZtO5bAgt6CuWRjk54weRAMhf4fIH1lZlPlaw2MfnlSraWOmlpyNNr6nTGo5NR0sihJYD7i9QzXfI7fPyX2QOnz7/rYzgZGboPUgaktIpz8OXpTDUJf35eZpypYJuvBKuHh9+k6pXrkyp4blZlVCvndoEMlDoAHAO0opab+y1mBVVk6SCP4qUYEiuwncjevy0k2b3XWjvy2GKPp42nhLFIHSPu1PGC86c/fVUDpJuDWVdY0NOO2oh/Eo21GghcvJ5GTjoWwmlkrWw1aYMlbJ/w0E1Cotl6REUe2HLjC/j+o4RdRa/uybSIkKiUlPDQ5LPlxswS4swfsVktuj7bjNupZ4hlU155tuzfi4Hy1hV47eF50e21CuHcK8HeOb3+AjexL+LxBGASmdgjNnZdchzpUxfGHpfL0ojWqw+klzPWZL23lsm+/AyCguVLonLAzPogMPElOuMy6YF8aEsU4W9nXSor7z X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 3e001756-f61a-43c5-652f-08d963ee2f08 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Aug 2021 15:21:29.4140 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: Is/k5DLdvtASTz9WdmnCLd7quiFOVipvEovcyDTO60+G0PNijNOEKQpa+bCsLO5Yk4SZV6h2xvesAfEZON5Fig== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB4592 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org From: Michael Roth This adds support for utilizing the SEV-SNP-validated CPUID table in the various #VC handler routines used throughout boot/run-time. Mostly this is handled by re-using the CPUID lookup code introduced earlier for the boot/compressed kernel, but at various stages of boot some work needs to be done to ensure the CPUID table is set up and remains accessible throughout. The following init routines are introduced to handle this: sev_snp_cpuid_init(): This sets up access to the CPUID memory range for the #VC handler that gets set up just after entry to startup_64(). Since the code is still using an identity mapping, the existing sev_snp_cpuid_init() used by boot/compressed is used here as well, but annotated as __init so it can be cleaned up later (boot/compressed/sev.c already defines away __init when it pulls in shared SEV code). The boot/compressed kernel handles any necessary lookup of ConfidentialComputing blob from EFI and puts it into boot_params if present, so only boot_params needs to be checked. sev_snp_cpuid_init_virtual(): This is called when the previous identity mapping is gone and the memory used for the CPUID memory range needs to be mapped into the new page table with encryption bit set and accessed via __va(). Since this path is also entered later by APs to set up their initial VC handlers, a function pointer is used to switch them to a handler that doesn't attempt to re-initialize the SNP CPUID feature, as at that point it will have already been set up. sev_snp_cpuid_init_remap_early(): This is called when the previous mapping of CPUID memory range is no longer present. early_memremap() is now available, so use that to create a new one that can be used until memremap() is available. sev_snp_cpuid_init_remap(): This switches away from using early_memremap() to ioremap_encrypted() to map CPUID memory range, otherwise the leak detector will complain. This mapping is what gets used for the remaining life of the guest. Signed-off-by: Michael Roth Signed-off-by: Brijesh Singh --- arch/x86/include/asm/realmode.h | 1 + arch/x86/include/asm/setup.h | 5 +- arch/x86/include/asm/sev.h | 6 +++ arch/x86/kernel/head64.c | 21 ++++++-- arch/x86/kernel/head_64.S | 6 ++- arch/x86/kernel/setup.c | 3 ++ arch/x86/kernel/sev-shared.c | 95 ++++++++++++++++++++++++++++++++- arch/x86/kernel/smpboot.c | 2 + 8 files changed, 129 insertions(+), 10 deletions(-) diff --git a/arch/x86/include/asm/realmode.h b/arch/x86/include/asm/realmode.h index 5db5d083c873..ff0eecee4235 100644 --- a/arch/x86/include/asm/realmode.h +++ b/arch/x86/include/asm/realmode.h @@ -63,6 +63,7 @@ extern unsigned long initial_stack; #ifdef CONFIG_AMD_MEM_ENCRYPT extern unsigned long initial_vc_handler; #endif +extern unsigned long initial_idt_setup; extern unsigned char real_mode_blob[]; extern unsigned char real_mode_relocs[]; diff --git a/arch/x86/include/asm/setup.h b/arch/x86/include/asm/setup.h index a12458a7a8d4..12fc52894ad8 100644 --- a/arch/x86/include/asm/setup.h +++ b/arch/x86/include/asm/setup.h @@ -50,8 +50,9 @@ extern void reserve_standard_io_resources(void); extern void i386_reserve_resources(void); extern unsigned long __startup_64(unsigned long physaddr, struct boot_params *bp); extern unsigned long __startup_secondary_64(void); -extern void startup_64_setup_env(unsigned long physbase); -extern void early_setup_idt(void); +extern void startup_64_setup_env(unsigned long physbase, struct boot_params *bp); +extern void early_setup_idt_common(void *rmode); +extern void __init early_setup_idt(void *rmode); extern void __init do_early_exception(struct pt_regs *regs, int trapnr); #ifdef CONFIG_X86_INTEL_MID diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 345740aa5559..a5f0a1c3ccbe 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -129,6 +129,9 @@ void snp_set_memory_private(unsigned long vaddr, unsigned int npages); void snp_set_wakeup_secondary_cpu(void); #ifdef __BOOT_COMPRESSED bool sev_snp_enabled(void); +#else +void sev_snp_cpuid_init_virtual(void); +void sev_snp_cpuid_init_remap_early(void); #endif /* __BOOT_COMPRESSED */ void sev_snp_cpuid_init(struct boot_params *bp); #else @@ -149,6 +152,9 @@ static inline void snp_set_wakeup_secondary_cpu(void) { } static inline void sev_snp_cpuid_init(struct boot_params *bp) { } #ifdef __BOOT_COMPRESSED static inline bool sev_snp_enabled { return false; } +#else +static inline void sev_snp_cpuid_init_virtual(void) { } +static inline void sev_snp_cpuid_init_remap_early(void) { } #endif /*__BOOT_COMPRESSED */ #endif diff --git a/arch/x86/kernel/head64.c b/arch/x86/kernel/head64.c index f1b76a54c84e..4700926deb52 100644 --- a/arch/x86/kernel/head64.c +++ b/arch/x86/kernel/head64.c @@ -576,7 +576,7 @@ static void set_bringup_idt_handler(gate_desc *idt, int n, void *handler) } /* This runs while still in the direct mapping */ -static void startup_64_load_idt(unsigned long physbase) +static void startup_64_load_idt(unsigned long physbase, struct boot_params *bp) { struct desc_ptr *desc = fixup_pointer(&bringup_idt_descr, physbase); gate_desc *idt = fixup_pointer(bringup_idt_table, physbase); @@ -586,6 +586,7 @@ static void startup_64_load_idt(unsigned long physbase) void *handler; /* VMM Communication Exception */ + sev_snp_cpuid_init(bp); /* used by #VC handler */ handler = fixup_pointer(vc_no_ghcb, physbase); set_bringup_idt_handler(idt, X86_TRAP_VC, handler); } @@ -594,8 +595,8 @@ static void startup_64_load_idt(unsigned long physbase) native_load_idt(desc); } -/* This is used when running on kernel addresses */ -void early_setup_idt(void) +/* Used for all CPUs */ +void early_setup_idt_common(void *rmode) { /* VMM Communication Exception */ if (IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT)) @@ -605,10 +606,20 @@ void early_setup_idt(void) native_load_idt(&bringup_idt_descr); } +/* This is used by boot processor when running on kernel addresses */ +void __init early_setup_idt(void *rmode) +{ + /* SEV-SNP CPUID setup for use by #VC handler */ + if (IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT)) + sev_snp_cpuid_init_virtual(); + + early_setup_idt_common(rmode); +} + /* * Setup boot CPU state needed before kernel switches to virtual addresses. */ -void __head startup_64_setup_env(unsigned long physbase) +void __head startup_64_setup_env(unsigned long physbase, struct boot_params *bp) { u64 gs_area = (u64)fixup_pointer(startup_gs_area, physbase); @@ -634,5 +645,5 @@ void __head startup_64_setup_env(unsigned long physbase) native_wrmsr(MSR_GS_BASE, gs_area, gs_area >> 32); #endif - startup_64_load_idt(physbase); + startup_64_load_idt(physbase, bp); } diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S index d8b3ebd2bb85..78f35e446498 100644 --- a/arch/x86/kernel/head_64.S +++ b/arch/x86/kernel/head_64.S @@ -218,7 +218,10 @@ SYM_INNER_LABEL(secondary_startup_64_no_verify, SYM_L_GLOBAL) /* Setup and Load IDT */ pushq %rsi - call early_setup_idt + movq %rsi, %rdi + movq initial_idt_setup(%rip), %rax + ANNOTATE_RETPOLINE_SAFE + call *%rax popq %rsi /* Check if nx is implemented */ @@ -341,6 +344,7 @@ SYM_DATA(initial_gs, .quad INIT_PER_CPU_VAR(fixed_percpu_data)) #ifdef CONFIG_AMD_MEM_ENCRYPT SYM_DATA(initial_vc_handler, .quad handle_vc_boot_ghcb) #endif +SYM_DATA(initial_idt_setup, .quad early_setup_idt) /* * The FRAME_SIZE gap is a convention which helps the in-kernel unwinder diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c index bff3a784aec5..e81fc19657b7 100644 --- a/arch/x86/kernel/setup.c +++ b/arch/x86/kernel/setup.c @@ -48,6 +48,7 @@ #include #include #include +#include #include /* @@ -1075,6 +1076,8 @@ void __init setup_arch(char **cmdline_p) init_mem_mapping(); + sev_snp_cpuid_init_remap_early(); + idt_setup_early_pf(); /* diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c index 6f70ba293c5e..e257df79830c 100644 --- a/arch/x86/kernel/sev-shared.c +++ b/arch/x86/kernel/sev-shared.c @@ -264,7 +264,7 @@ static int sev_cpuid_hv(u32 func, u32 subfunc, u32 *eax, u32 *ebx, return 0; } -static bool sev_snp_cpuid_active(void) +static inline bool sev_snp_cpuid_active(void) { return sev_snp_cpuid_enabled; } @@ -960,7 +960,7 @@ static struct cc_blob_sev_info *sev_snp_probe_cc_blob(struct boot_params *bp) * indication that SEV-ES is enabled. Subsequent init levels will check for * SEV_SNP feature once available to also take SEV MSR value into account. */ -void sev_snp_cpuid_init(struct boot_params *bp) +void __init sev_snp_cpuid_init(struct boot_params *bp) { struct cc_blob_sev_info *cc_info; @@ -995,3 +995,94 @@ void sev_snp_cpuid_init(struct boot_params *bp) sev_snp_cpuid_enabled = 1; } + +#ifndef __BOOT_COMPRESSED + +static bool __init early_make_pgtable_enc(unsigned long physaddr) +{ + pmdval_t pmd; + + /* early_pmd_flags hasn't been updated with SME bit yet; add it */ + pmd = (physaddr & PMD_MASK) + early_pmd_flags + sme_get_me_mask(); + + return __early_make_pgtable((unsigned long)__va(physaddr), pmd); +} + +/* + * This is called when we switch to virtual kernel addresses, before #PF + * handler is set up. boot_params have already been parsed at this point, + * but CPUID page is no longer identity-mapped so we need to create a + * virtual mapping. + */ +void __init sev_snp_cpuid_init_virtual(void) +{ + /* + * We rely on sev_snp_cpuid_init() to do initial parsing of bootparams + * and initial setup. If that didn't enable the feature then don't try + * to enable it here. + */ + if (!sev_snp_cpuid_active()) + return; + + /* + * Either boot_params/EFI advertised the feature even though SNP isn't + * enabled, or something else went wrong. Bail out. + */ + if (!sev_feature_enabled(SEV_SNP)) + sev_es_terminate(1, GHCB_TERM_CPUID); + + /* If feature is enabled, but we can't map CPUID info, we're hosed */ + if (!early_make_pgtable_enc(sev_snp_cpuid_pa)) + sev_es_terminate(1, GHCB_TERM_CPUID); + + cpuid_info = (const struct sev_snp_cpuid_info *)__va(sev_snp_cpuid_pa); +} + +/* Called after early_ioremap_init() */ +void __init sev_snp_cpuid_init_remap_early(void) +{ + if (!sev_snp_cpuid_active()) + return; + + /* + * This really shouldn't be possible at this point. + */ + if (!sev_feature_enabled(SEV_SNP)) + sev_es_terminate(1, GHCB_TERM_CPUID); + + cpuid_info = early_memremap(sev_snp_cpuid_pa, sev_snp_cpuid_sz); +} + +/* Final switch to run-time mapping */ +static int __init sev_snp_cpuid_init_remap(void) +{ + if (!sev_snp_cpuid_active()) + return 0; + + pr_info("Using SNP CPUID page, %d entries present.\n", cpuid_info->count); + + /* + * This really shouldn't be possible at this point either. + */ + if (!sev_feature_enabled(SEV_SNP)) + sev_es_terminate(1, GHCB_TERM_CPUID); + + /* Clean up earlier mapping. */ + if (cpuid_info) + early_memunmap((void *)cpuid_info, sev_snp_cpuid_sz); + + /* + * We need ioremap_encrypted() to get an encrypted mapping, but this + * is normal RAM so can be accessed directly. + */ + cpuid_info = (__force void *)ioremap_encrypted(sev_snp_cpuid_pa, + sev_snp_cpuid_sz); + if (!cpuid_info) + return -EIO; + + return 0; +} + +arch_initcall(sev_snp_cpuid_init_remap); + +#endif /* __BOOT_COMPRESSED */ diff --git a/arch/x86/kernel/smpboot.c b/arch/x86/kernel/smpboot.c index ca78711620e0..02c172ab97de 100644 --- a/arch/x86/kernel/smpboot.c +++ b/arch/x86/kernel/smpboot.c @@ -1044,6 +1044,8 @@ static int do_boot_cpu(int apicid, int cpu, struct task_struct *idle, early_gdt_descr.address = (unsigned long)get_cpu_gdt_rw(cpu); initial_code = (unsigned long)start_secondary; initial_stack = idle->thread.sp; + /* don't repeat IDT setup work specific to the BSP */ + initial_idt_setup = (unsigned long)early_setup_idt_common; /* Enable the espfix hack for this CPU */ init_espfix_ap(cpu); From patchwork Fri Aug 20 15:19:31 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 500664 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9A974C4338F for ; Fri, 20 Aug 2021 15:25:05 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 7CEC361242 for ; Fri, 20 Aug 2021 15:25:05 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241625AbhHTPZk (ORCPT ); Fri, 20 Aug 2021 11:25:40 -0400 Received: from mail-dm6nam12on2078.outbound.protection.outlook.com ([40.107.243.78]:55424 "EHLO NAM12-DM6-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S241693AbhHTPYL (ORCPT ); Fri, 20 Aug 2021 11:24:11 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=CbKoEhI6FdEepLtSN1xzdTnLXXgr30q88geILL7K0VCMh/9QVt07WSg5n0UwVSdUt3AI7LC66g7zQv0aO+1KULzqgBfq6lI0cPBSgoHuuV5oVAyoTwbVGvG8aVrA7OpeWQJJCme6mPuDxmjKI3UytTWx5YRP1ZPfd1+XOHYa7Kq0KXLGZuZHQ8sHKm52D3FEKcMAhInMkG6R2TZMr84OwSZ2wGwlNTLsTZrQxokANvRN6J1f+W9ree5lKbuDlDOC8K9jMT9DIPwMtDBuX6+4kJ1owOVrmgcBtEvXGtTprxeZiMSHdztkMCTrUXVWZTVse5ltH2opCWiprPb70pgl4g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=wQ8+m52Wwk4SOIkv2bA6CL8WxWzZ4G0YpJxaGEu7Hzc=; b=PLSzxbLXgF6y0Qk/2T4Of8XtdQnEwSXW4P1oJ7vGwYWJ3W3pEBL61CswTusnlprbcEujzAjHifC7ze9avnMEnPN3YLbDgEreiP6ER1rw5Z9XZoJFmja76OhMLzuS/kU5N5ELSGeFzb4BZn+n5uvk0Kruq7PA+8XtF37f1iQs6rJu1DWff9Omtit1SmrFAD9iZJgSWEEUlHpHDdwEUgYd795Ct/FPxkWHiax9DHnNBudWRbmapB6JdVj0Xr0e/Ilxr/rNoBgdTwV0wk2XrHptapecPNR9sO/weQzA3lnJxBZjF5DVmFkBn6oDCRm6wyWSflANTNDuA8jhbLt4DZb6MA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=wQ8+m52Wwk4SOIkv2bA6CL8WxWzZ4G0YpJxaGEu7Hzc=; b=z0c4yMb9Yxlrx2SZYzYoxUEfhI0942Mca6pIzxW/SNTgNQr4PdhdZNoCTYj63Z8e1OASdbjwkkGTTcJdeCVBHhN00zPWJgn9JzzWapfT4PrpjnoYDr9eum/Xt7OyY3ZHBS5jhUhHYU35TT+UhVCnkfoF8ZLqSYqWFaIahyy6C0g= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none; kernel.org; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SN6PR12MB2637.namprd12.prod.outlook.com (2603:10b6:805:6b::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4415.21; Fri, 20 Aug 2021 15:22:05 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3%6]) with mapi id 15.20.4436.019; Fri, 20 Aug 2021 15:22:04 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , "Kirill A . Shutemov" , Andi Kleen , tony.luck@intel.com, marcorr@google.com, sathyanarayanan.kuppuswamy@linux.intel.com, Brijesh Singh Subject: [PATCH Part1 v5 36/38] virt: Add SEV-SNP guest driver Date: Fri, 20 Aug 2021 10:19:31 -0500 Message-Id: <20210820151933.22401-37-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210820151933.22401-1-brijesh.singh@amd.com> References: <20210820151933.22401-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA9P223CA0002.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:26::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19 via Frontend Transport; Fri, 20 Aug 2021 15:21:33 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 14ff181e-dc65-453f-c6a2-08d963ee3207 X-MS-TrafficTypeDiagnostic: SN6PR12MB2637: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:3044; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: L8XxSv95lmTeMdoljh1BUnVw4+ojoou6ynm1UCTUHsz6sMa4Zu/WiFq3KncOwapsbLm5Z0Y8NxWC685CvA2s2lJa7rvL8ZJhZULPyx+jmOgocRDHBv77ZuONOuCJ+OplER3H8zEhzYaw/2kp+IJpZzo8S/iTdHyXRBPBFSXjOmUWpmIg/hZ5xw29upPqcZhY8K89BToLPvtv3v7eiDqY37OXKKyGxrK2L0jYXabux4vyJfwF3nnothbwXbUvJPyo4nNwgFcF13ebWrX0HLR016AAM3NW7Ezyh3wj6bim5mIA7gPOWQZx90IM3iMq2IKrWPPWjAeuLOpsKBiS7jafWCff79srUi+ioJaYQUDMVrfgv49PDpqXR2pn1GmvpXiuG7F77V8mix82evXWre6zo0TTuDRgbmLOx2zXVt5dbdP6g0pWmjK8Hw7Q3FwF1opfc84R+sbJDM1fzymMtbSD0lehW3dwsMdytSs8BNTf1PXp3Os957ITUSaTAjH3Gr8BVYJpdaIHXhk/hX4VdMMcapSn0VM/nm5m/W9RX64ZRxzPPPwiybgYAysBE7pG9pM3ztE5Wfr7//m9nVkLz79REA9ThJeIKexSdeHyHvPxt3LIufskOSdSLe8RnkVBCTmMDpYrX0TF7l9ntsi1DVf6XjycNgv9zyUERDhfoT9XOPpOz8e2qI4E+6joCith7R4FKnjygg+Eum1mR4mJhs//jbB5VXHpePGOWe3sXfinC5Lf70G0kaPJKXGCZ4Wi++Ys+3/nOm+LFuFnlYhn3ycxJbLcGDwa35KOV+ZqXCjFTj4= X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR12MB2718.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(396003)(136003)(346002)(376002)(39860400002)(36756003)(956004)(8936002)(2906002)(4326008)(52116002)(8676002)(83380400001)(2616005)(26005)(86362001)(7416002)(7406005)(186003)(66476007)(44832011)(38100700002)(54906003)(5660300002)(7696005)(38350700002)(1076003)(316002)(6486002)(66946007)(966005)(478600001)(30864003)(66556008); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: umYcCb+QI+Md9ld5f0jWFwg1zCEYbbw4EYyLoKys7MDhkf4kvkzhyU4wkn1cyNVvkKdYC/8FnnzPzieP0dRioqzmGGbyThKGHGrtfLUUUD80q1wtz6zSCcR/++RmBcLjjjwd86q0diAbMucf9KDJ0NbQT52zE0Ws9+qjYY04sH3lC68uemphwcm7D+5/r1Nah+iuy6j8mJcoIJxIV1A34FXR4Yg+pm5v0KwxvcsSZxD6IesfrkL+RcRMAwNJ96pbYRW/rLizugcjMunP6ubbXa0XezWlugDZ6Yk10eql0JN+QBPXe+lZa4WUQIRZX2OoHPoiI9AxEd+CatktXlgrC5httzMoet7r6bC8FRkO42JDQgQTrSqsbI2PfxWg108yoRAWPdt03la4WS0sWXnDoX0ZpF/98IaH0VaRBduEzwpP1+LO59XD+bKMQ2vVZLrOBpQGqgxYf71tVCVUJlvfNDRyesljZ22GMzvA6tHW+o2SYJ2cgKHv5VK0/gEOo5I8zQIrE0qfDRKTfPZ76/b0qDCojbjNReGPulMyn4REErTjxCfimpGXFTsM5V+LgtqeaQOcPs2Z4nUSVC1HyDJSb7bjlWQTP1oUbXC/omWZZVtD1S6PT/es/R9q3RX1FkpIenikf2DD2QwkbTqt4bUZq1nG8GY/wFm0LPejDaP1FfrQiQl90+9jV3QrQ1so4dpY370Ikbe1K+O/zrTkxCwggZ0270e4qn5y8rTxalmTccfKjBvT7dZpRc8/BMQkLPrey8+AwRG+0Fy0URwvw+tyycWjINZK1WyMO6Eb5aqP6zIfVamZia0PJ7CiYEGhdFpUckIwbQxm3oYgz3ZX9gILocMxd5Ogyckjjn9S36+JDUIlYV7t6kLFqqJ7m6gtHdsEQcO2ygcu65cJouZdxG0YEWniVwyCU6yZ86LhfXmwRLvFz7D+N+saN00zbbw1CCtpKoRPtPF21GObcnWK9gzmi3cVJvtepb9C98TSE3UcKaXkAb2Md29mD+3PfUdfSsG6jXwQLwSzEIPFzGsQo+t7bJ/y1/xHF7rlVdBnjFb7grqvvAM6P3KPkFrmuIliiXpFTsJxAAQNRSzzANFZkecuHkke6lzyBw6SsG6uBnD2GN51xM3E9mvB3QqnaQJeOQv6OSfFAt2wST8Nbri0uB84QlOi0jL9eVKGZtIkFaUI9jORrUECS4CzSUiHRRpnm0iHnE0NRhz6CVT7D7NAnMhJYdms/1mQxnoIZkX+6gMrv70ZugA4OErzCSWAGNHFHcqU2Uro7wab5nahk9mLEpPol67aeQlxgaaH9ZyK3hO4Xw19GPlQGc1lckeXR7hZSBMc X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 14ff181e-dc65-453f-c6a2-08d963ee3207 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Aug 2021 15:21:34.4341 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: oPwe1Mv5kOz2DwhJ5SANuOEZdd9WSMz4NBqpgo7l7UWKXk4wLRa06EIFzXyZ5mOcs+fQc2Ge9Ewxr9zhi8kyDQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR12MB2637 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org SEV-SNP specification provides the guest a mechanisum to communicate with the PSP without risk from a malicious hypervisor who wishes to read, alter, drop or replay the messages sent. The driver uses snp_issue_guest_request() to issue GHCB SNP_GUEST_REQUEST or SNP_EXT_GUEST_REQUEST NAE events to submit the request to PSP. The PSP requires that all communication should be encrypted using key specified through the platform_data. The userspace can use SNP_GET_REPORT ioctl() to query the guest attestation report. See SEV-SNP spec section Guest Messages for more details. Signed-off-by: Brijesh Singh --- Documentation/virt/coco/sevguest.rst | 69 ++++ drivers/virt/Kconfig | 3 + drivers/virt/Makefile | 1 + drivers/virt/coco/sevguest/Kconfig | 9 + drivers/virt/coco/sevguest/Makefile | 2 + drivers/virt/coco/sevguest/sevguest.c | 448 ++++++++++++++++++++++++++ drivers/virt/coco/sevguest/sevguest.h | 63 ++++ include/uapi/linux/sev-guest.h | 44 +++ 8 files changed, 639 insertions(+) create mode 100644 Documentation/virt/coco/sevguest.rst create mode 100644 drivers/virt/coco/sevguest/Kconfig create mode 100644 drivers/virt/coco/sevguest/Makefile create mode 100644 drivers/virt/coco/sevguest/sevguest.c create mode 100644 drivers/virt/coco/sevguest/sevguest.h create mode 100644 include/uapi/linux/sev-guest.h diff --git a/Documentation/virt/coco/sevguest.rst b/Documentation/virt/coco/sevguest.rst new file mode 100644 index 000000000000..52d5915037ef --- /dev/null +++ b/Documentation/virt/coco/sevguest.rst @@ -0,0 +1,69 @@ +.. SPDX-License-Identifier: GPL-2.0 + +=================================================================== +The Definitive SEV Guest API Documentation +=================================================================== + +1. General description +====================== + +The SEV API is a set of ioctls that are issued to by the guest or +hypervisor to get or set certain aspect of the SEV virtual machine. +The ioctls belong to the following classes: + + - Hypervisor ioctls: These query and set global attributes which affect the + whole SEV firmware. These ioctl is used by platform provision tools. + + - Guest ioctls: These query and set attribute of the SEV virtual machine. + +2. API description +================== + +This section describes ioctls that can be used to query or set SEV guests. +For each ioctl, the following information is provided along with a +description: + + Technology: + which SEV techology provides this ioctl. sev, sev-es, sev-snp or all. + + Type: + hypervisor or guest. The ioctl can be used inside the guest or the + hypervisor. + + Parameters: + what parameters are accepted by the ioctl. + + Returns: + the return value. General error numbers (ENOMEM, EINVAL) + are not detailed, but errors with specific meanings are. + +The guest ioctl should be called to /dev/sev-guest device. The ioctl accepts +struct snp_user_guest_request. The input and output structure is specified +through the req_data and resp_data field respectively. If the ioctl fails +to execute due to the firmware error, then fw_err code will be set. + +:: + struct snp_user_guest_request { + /* Request and response structure address */ + __u64 req_data; + __u64 resp_data; + + /* firmware error code on failure (see psp-sev.h) */ + __u64 fw_err; + }; + +2.1 SNP_GET_REPORT +------------------ + +:Technology: sev-snp +:Type: guest ioctl +:Parameters (in): struct snp_report_req +:Returns (out): struct snp_report_resp on success, -negative on error + +The SNP_GET_REPORT ioctl can be used to query the attestation report from the +SEV-SNP firmware. The ioctl uses the SNP_GUEST_REQUEST (MSG_REPORT_REQ) command +provided by the SEV-SNP firmware to query the attestation report. + +On success, the snp_report_resp.data will contains the report. The report +format is described in the SEV-SNP specification. See the SEV-SNP specification +for further details. diff --git a/drivers/virt/Kconfig b/drivers/virt/Kconfig index 8061e8ef449f..e457e47610d3 100644 --- a/drivers/virt/Kconfig +++ b/drivers/virt/Kconfig @@ -36,4 +36,7 @@ source "drivers/virt/vboxguest/Kconfig" source "drivers/virt/nitro_enclaves/Kconfig" source "drivers/virt/acrn/Kconfig" + +source "drivers/virt/coco/sevguest/Kconfig" + endif diff --git a/drivers/virt/Makefile b/drivers/virt/Makefile index 3e272ea60cd9..9c704a6fdcda 100644 --- a/drivers/virt/Makefile +++ b/drivers/virt/Makefile @@ -8,3 +8,4 @@ obj-y += vboxguest/ obj-$(CONFIG_NITRO_ENCLAVES) += nitro_enclaves/ obj-$(CONFIG_ACRN_HSM) += acrn/ +obj-$(CONFIG_SEV_GUEST) += coco/sevguest/ diff --git a/drivers/virt/coco/sevguest/Kconfig b/drivers/virt/coco/sevguest/Kconfig new file mode 100644 index 000000000000..96190919cca8 --- /dev/null +++ b/drivers/virt/coco/sevguest/Kconfig @@ -0,0 +1,9 @@ +config SEV_GUEST + tristate "AMD SEV Guest driver" + default y + depends on AMD_MEM_ENCRYPT && CRYPTO_AEAD2 + help + The driver can be used by the SEV-SNP guest to communicate with the PSP to + request the attestation report and more. + + If you choose 'M' here, this module will be called sevguest. diff --git a/drivers/virt/coco/sevguest/Makefile b/drivers/virt/coco/sevguest/Makefile new file mode 100644 index 000000000000..b1ffb2b4177b --- /dev/null +++ b/drivers/virt/coco/sevguest/Makefile @@ -0,0 +1,2 @@ +# SPDX-License-Identifier: GPL-2.0-only +obj-$(CONFIG_SEV_GUEST) += sevguest.o diff --git a/drivers/virt/coco/sevguest/sevguest.c b/drivers/virt/coco/sevguest/sevguest.c new file mode 100644 index 000000000000..d029a98ad088 --- /dev/null +++ b/drivers/virt/coco/sevguest/sevguest.c @@ -0,0 +1,448 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * AMD Secure Encrypted Virtualization Nested Paging (SEV-SNP) guest request interface + * + * Copyright (C) 2021 Advanced Micro Devices, Inc. + * + * Author: Brijesh Singh + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "sevguest.h" + +#define DEVICE_NAME "sev-guest" +#define AAD_LEN 48 +#define MSG_HDR_VER 1 + +struct snp_guest_crypto { + struct crypto_aead *tfm; + u8 *iv, *authtag; + int iv_len, a_len; +}; + +struct snp_guest_dev { + struct device *dev; + struct miscdevice misc; + + struct snp_guest_crypto *crypto; + struct snp_guest_msg *request, *response; +}; + +static u8 vmpck_id; +static DEFINE_MUTEX(snp_cmd_mutex); + +static inline struct snp_guest_dev *to_snp_dev(struct file *file) +{ + struct miscdevice *dev = file->private_data; + + return container_of(dev, struct snp_guest_dev, misc); +} + +static struct snp_guest_crypto *init_crypto(struct snp_guest_dev *snp_dev, u8 *key, size_t keylen) +{ + struct snp_guest_crypto *crypto; + + crypto = kzalloc(sizeof(*crypto), GFP_KERNEL_ACCOUNT); + if (!crypto) + return NULL; + + crypto->tfm = crypto_alloc_aead("gcm(aes)", 0, 0); + if (IS_ERR(crypto->tfm)) + goto e_free; + + if (crypto_aead_setkey(crypto->tfm, key, keylen)) + goto e_free_crypto; + + crypto->iv_len = crypto_aead_ivsize(crypto->tfm); + if (crypto->iv_len < 12) { + dev_err(snp_dev->dev, "IV length is less than 12.\n"); + goto e_free_crypto; + } + + crypto->iv = kmalloc(crypto->iv_len, GFP_KERNEL_ACCOUNT); + if (!crypto->iv) + goto e_free_crypto; + + if (crypto_aead_authsize(crypto->tfm) > MAX_AUTHTAG_LEN) { + if (crypto_aead_setauthsize(crypto->tfm, MAX_AUTHTAG_LEN)) { + dev_err(snp_dev->dev, "failed to set authsize to %d\n", MAX_AUTHTAG_LEN); + goto e_free_crypto; + } + } + + crypto->a_len = crypto_aead_authsize(crypto->tfm); + crypto->authtag = kmalloc(crypto->a_len, GFP_KERNEL_ACCOUNT); + if (!crypto->authtag) + goto e_free_crypto; + + return crypto; + +e_free_crypto: + crypto_free_aead(crypto->tfm); +e_free: + kfree(crypto->iv); + kfree(crypto->authtag); + kfree(crypto); + + return NULL; +} + +static void deinit_crypto(struct snp_guest_crypto *crypto) +{ + crypto_free_aead(crypto->tfm); + kfree(crypto->iv); + kfree(crypto->authtag); + kfree(crypto); +} + +static int enc_dec_message(struct snp_guest_crypto *crypto, struct snp_guest_msg *msg, + u8 *src_buf, u8 *dst_buf, size_t len, bool enc) +{ + struct snp_guest_msg_hdr *hdr = &msg->hdr; + struct scatterlist src[3], dst[3]; + DECLARE_CRYPTO_WAIT(wait); + struct aead_request *req; + int ret; + + req = aead_request_alloc(crypto->tfm, GFP_KERNEL); + if (!req) + return -ENOMEM; + + /* + * AEAD memory operations: + * +------ AAD -------+------- DATA -----+---- AUTHTAG----+ + * | msg header | plaintext | hdr->authtag | + * | bytes 30h - 5Fh | or | | + * | | cipher | | + * +------------------+------------------+----------------+ + */ + sg_init_table(src, 3); + sg_set_buf(&src[0], &hdr->algo, AAD_LEN); + sg_set_buf(&src[1], src_buf, hdr->msg_sz); + sg_set_buf(&src[2], hdr->authtag, crypto->a_len); + + sg_init_table(dst, 3); + sg_set_buf(&dst[0], &hdr->algo, AAD_LEN); + sg_set_buf(&dst[1], dst_buf, hdr->msg_sz); + sg_set_buf(&dst[2], hdr->authtag, crypto->a_len); + + aead_request_set_ad(req, AAD_LEN); + aead_request_set_tfm(req, crypto->tfm); + aead_request_set_callback(req, 0, crypto_req_done, &wait); + + aead_request_set_crypt(req, src, dst, len, crypto->iv); + ret = crypto_wait_req(enc ? crypto_aead_encrypt(req) : crypto_aead_decrypt(req), &wait); + + aead_request_free(req); + return ret; +} + +static int __enc_payload(struct snp_guest_dev *snp_dev, struct snp_guest_msg *msg, + void *plaintext, size_t len) +{ + struct snp_guest_crypto *crypto = snp_dev->crypto; + struct snp_guest_msg_hdr *hdr = &msg->hdr; + + memset(crypto->iv, 0, crypto->iv_len); + memcpy(crypto->iv, &hdr->msg_seqno, sizeof(hdr->msg_seqno)); + + return enc_dec_message(crypto, msg, plaintext, msg->payload, len, true); +} + +static int dec_payload(struct snp_guest_dev *snp_dev, struct snp_guest_msg *msg, + void *plaintext, size_t len) +{ + struct snp_guest_crypto *crypto = snp_dev->crypto; + struct snp_guest_msg_hdr *hdr = &msg->hdr; + + /* Build IV with response buffer sequence number */ + memset(crypto->iv, 0, crypto->iv_len); + memcpy(crypto->iv, &hdr->msg_seqno, sizeof(hdr->msg_seqno)); + + return enc_dec_message(crypto, msg, msg->payload, plaintext, len, false); +} + +static int verify_and_dec_payload(struct snp_guest_dev *snp_dev, void *payload, u32 sz) +{ + struct snp_guest_crypto *crypto = snp_dev->crypto; + struct snp_guest_msg *resp = snp_dev->response; + struct snp_guest_msg *req = snp_dev->request; + struct snp_guest_msg_hdr *req_hdr = &req->hdr; + struct snp_guest_msg_hdr *resp_hdr = &resp->hdr; + + dev_dbg(snp_dev->dev, "response [seqno %lld type %d version %d sz %d]\n", + resp_hdr->msg_seqno, resp_hdr->msg_type, resp_hdr->msg_version, resp_hdr->msg_sz); + + /* Verify that the sequence counter is incremented by 1 */ + if (unlikely(resp_hdr->msg_seqno != (req_hdr->msg_seqno + 1))) + return -EBADMSG; + + /* Verify response message type and version number. */ + if (resp_hdr->msg_type != (req_hdr->msg_type + 1) || + resp_hdr->msg_version != req_hdr->msg_version) + return -EBADMSG; + + /* + * If the message size is greater than our buffer length then return + * an error. + */ + if (unlikely((resp_hdr->msg_sz + crypto->a_len) > sz)) + return -EBADMSG; + + return dec_payload(snp_dev, resp, payload, resp_hdr->msg_sz + crypto->a_len); +} + +static bool enc_payload(struct snp_guest_dev *snp_dev, int version, u8 type, + void *payload, size_t sz) +{ + struct snp_guest_msg *req = snp_dev->request; + struct snp_guest_msg_hdr *hdr = &req->hdr; + + memset(req, 0, sizeof(*req)); + + hdr->algo = SNP_AEAD_AES_256_GCM; + hdr->hdr_version = MSG_HDR_VER; + hdr->hdr_sz = sizeof(*hdr); + hdr->msg_type = type; + hdr->msg_version = version; + hdr->msg_seqno = snp_msg_seqno(); + hdr->msg_vmpck = vmpck_id; + hdr->msg_sz = sz; + + dev_dbg(snp_dev->dev, "request [seqno %lld type %d version %d sz %d]\n", + hdr->msg_seqno, hdr->msg_type, hdr->msg_version, hdr->msg_sz); + + return __enc_payload(snp_dev, req, payload, sz); +} + +static int handle_guest_request(struct snp_guest_dev *snp_dev, int version, u8 type, + void *req_buf, size_t req_sz, void *resp_buf, + u32 resp_sz, __u64 *fw_err) +{ + struct snp_guest_request_data data; + unsigned long err; + int rc; + + memset(snp_dev->response, 0, sizeof(*snp_dev->response)); + + /* Encrypt the userspace provided payload */ + rc = enc_payload(snp_dev, version, type, req_buf, req_sz); + if (rc) + return rc; + + /* Call firmware to process the request */ + data.req_gpa = __pa(snp_dev->request); + data.resp_gpa = __pa(snp_dev->response); + rc = snp_issue_guest_request(GUEST_REQUEST, &data, &err); + + if (fw_err) + *fw_err = err; + + if (rc) + return rc; + + return verify_and_dec_payload(snp_dev, resp_buf, resp_sz); +} + +static int get_report(struct snp_guest_dev *snp_dev, struct snp_user_guest_request *arg) +{ + struct snp_guest_crypto *crypto = snp_dev->crypto; + struct snp_report_resp *resp; + struct snp_report_req req; + int rc, resp_len; + + if (!arg->req_data || !arg->resp_data) + return -EINVAL; + + /* Copy the request payload from the userspace */ + if (copy_from_user(&req, (void __user *)arg->req_data, sizeof(req))) + return -EFAULT; + + /* Message version must be non-zero */ + if (!req.msg_version) + return -EINVAL; + + /* + * The intermediate response buffer is used while decrypting the + * response payload. Make sure that it has enough space to cover the + * authtag. + */ + resp_len = sizeof(resp->data) + crypto->a_len; + resp = kzalloc(resp_len, GFP_KERNEL_ACCOUNT); + if (!resp) + return -ENOMEM; + + /* Issue the command to get the attestation report */ + rc = handle_guest_request(snp_dev, req.msg_version, SNP_MSG_REPORT_REQ, + &req.user_data, sizeof(req.user_data), resp->data, resp_len, + &arg->fw_err); + if (rc) + goto e_free; + + /* Copy the response payload to userspace */ + if (copy_to_user((void __user *)arg->resp_data, resp, sizeof(*resp))) + rc = -EFAULT; + +e_free: + kfree(resp); + return rc; +} + +static long snp_guest_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) +{ + struct snp_guest_dev *snp_dev = to_snp_dev(file); + void __user *argp = (void __user *)arg; + struct snp_user_guest_request input; + int ret = -ENOTTY; + + if (copy_from_user(&input, argp, sizeof(input))) + return -EFAULT; + + mutex_lock(&snp_cmd_mutex); + + switch (ioctl) { + case SNP_GET_REPORT: { + ret = get_report(snp_dev, &input); + break; + } + default: + break; + } + + mutex_unlock(&snp_cmd_mutex); + + if (copy_to_user(argp, &input, sizeof(input))) + return -EFAULT; + + return ret; +} + +static void free_shared_pages(void *buf, size_t sz) +{ + unsigned int npages = PAGE_ALIGN(sz) >> PAGE_SHIFT; + + /* If fail to restore the encryption mask then leak it. */ + if (set_memory_encrypted((unsigned long)buf, npages)) + return; + + __free_pages(virt_to_page(buf), get_order(sz)); +} + +static void *alloc_shared_pages(size_t sz) +{ + unsigned int npages = PAGE_ALIGN(sz) >> PAGE_SHIFT; + struct page *page; + int ret; + + page = alloc_pages(GFP_KERNEL_ACCOUNT, get_order(sz)); + if (IS_ERR(page)) + return NULL; + + ret = set_memory_decrypted((unsigned long)page_address(page), npages); + if (ret) { + __free_pages(page, get_order(sz)); + return NULL; + } + + return page_address(page); +} + +static const struct file_operations snp_guest_fops = { + .owner = THIS_MODULE, + .unlocked_ioctl = snp_guest_ioctl, +}; + +static int __init snp_guest_probe(struct platform_device *pdev) +{ + struct snp_guest_platform_data *data; + struct device *dev = &pdev->dev; + struct snp_guest_dev *snp_dev; + struct miscdevice *misc; + int ret; + + if (!dev->platform_data) + return -ENODEV; + + data = (struct snp_guest_platform_data *)dev->platform_data; + vmpck_id = data->vmpck_id; + + snp_dev = devm_kzalloc(&pdev->dev, sizeof(struct snp_guest_dev), GFP_KERNEL); + if (!snp_dev) + return -ENOMEM; + + platform_set_drvdata(pdev, snp_dev); + snp_dev->dev = dev; + + snp_dev->crypto = init_crypto(snp_dev, data->vmpck, sizeof(data->vmpck)); + if (!snp_dev->crypto) + return -EIO; + + /* Allocate the shared page used for the request and response message. */ + snp_dev->request = alloc_shared_pages(sizeof(struct snp_guest_msg)); + if (IS_ERR(snp_dev->request)) { + ret = PTR_ERR(snp_dev->request); + goto e_free_crypto; + } + + snp_dev->response = alloc_shared_pages(sizeof(struct snp_guest_msg)); + if (IS_ERR(snp_dev->response)) { + ret = PTR_ERR(snp_dev->response); + goto e_free_req; + } + + misc = &snp_dev->misc; + misc->minor = MISC_DYNAMIC_MINOR; + misc->name = DEVICE_NAME; + misc->fops = &snp_guest_fops; + + return misc_register(misc); + +e_free_req: + free_shared_pages(snp_dev->request, sizeof(struct snp_guest_msg)); + +e_free_crypto: + deinit_crypto(snp_dev->crypto); + + return ret; +} + +static int __exit snp_guest_remove(struct platform_device *pdev) +{ + struct snp_guest_dev *snp_dev = platform_get_drvdata(pdev); + + free_shared_pages(snp_dev->request, sizeof(struct snp_guest_msg)); + free_shared_pages(snp_dev->response, sizeof(struct snp_guest_msg)); + deinit_crypto(snp_dev->crypto); + misc_deregister(&snp_dev->misc); + + return 0; +} + +static struct platform_driver snp_guest_driver = { + .remove = __exit_p(snp_guest_remove), + .driver = { + .name = "snp-guest", + }, +}; + +module_platform_driver_probe(snp_guest_driver, snp_guest_probe); + +MODULE_AUTHOR("Brijesh Singh "); +MODULE_LICENSE("GPL"); +MODULE_VERSION("1.0.0"); +MODULE_DESCRIPTION("AMD SNP Guest Driver"); diff --git a/drivers/virt/coco/sevguest/sevguest.h b/drivers/virt/coco/sevguest/sevguest.h new file mode 100644 index 000000000000..4cd2f8b81154 --- /dev/null +++ b/drivers/virt/coco/sevguest/sevguest.h @@ -0,0 +1,63 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * Copyright (C) 2021 Advanced Micro Devices, Inc. + * + * Author: Brijesh Singh + * + * SEV-SNP API spec is available at https://developer.amd.com/sev + */ + +#ifndef __LINUX_SEVGUEST_H_ +#define __LINUX_SEVGUEST_H_ + +#include + +#define MAX_AUTHTAG_LEN 32 + +/* See SNP spec SNP_GUEST_REQUEST section for the structure */ +enum msg_type { + SNP_MSG_TYPE_INVALID = 0, + SNP_MSG_CPUID_REQ, + SNP_MSG_CPUID_RSP, + SNP_MSG_KEY_REQ, + SNP_MSG_KEY_RSP, + SNP_MSG_REPORT_REQ, + SNP_MSG_REPORT_RSP, + SNP_MSG_EXPORT_REQ, + SNP_MSG_EXPORT_RSP, + SNP_MSG_IMPORT_REQ, + SNP_MSG_IMPORT_RSP, + SNP_MSG_ABSORB_REQ, + SNP_MSG_ABSORB_RSP, + SNP_MSG_VMRK_REQ, + SNP_MSG_VMRK_RSP, + + SNP_MSG_TYPE_MAX +}; + +enum aead_algo { + SNP_AEAD_INVALID, + SNP_AEAD_AES_256_GCM, +}; + +struct snp_guest_msg_hdr { + u8 authtag[MAX_AUTHTAG_LEN]; + u64 msg_seqno; + u8 rsvd1[8]; + u8 algo; + u8 hdr_version; + u16 hdr_sz; + u8 msg_type; + u8 msg_version; + u16 msg_sz; + u32 rsvd2; + u8 msg_vmpck; + u8 rsvd3[35]; +} __packed; + +struct snp_guest_msg { + struct snp_guest_msg_hdr hdr; + u8 payload[4000]; +} __packed; + +#endif /* __LINUX_SNP_GUEST_H__ */ diff --git a/include/uapi/linux/sev-guest.h b/include/uapi/linux/sev-guest.h new file mode 100644 index 000000000000..e8cfd15133f3 --- /dev/null +++ b/include/uapi/linux/sev-guest.h @@ -0,0 +1,44 @@ +/* SPDX-License-Identifier: GPL-2.0-only WITH Linux-syscall-note */ +/* + * Userspace interface for AMD SEV and SEV-SNP guest driver. + * + * Copyright (C) 2021 Advanced Micro Devices, Inc. + * + * Author: Brijesh Singh + * + * SEV API specification is available at: https://developer.amd.com/sev/ + */ + +#ifndef __UAPI_LINUX_SEV_GUEST_H_ +#define __UAPI_LINUX_SEV_GUEST_H_ + +#include + +struct snp_report_req { + /* message version number (must be non-zero) */ + __u8 msg_version; + + /* user data that should be included in the report */ + __u8 user_data[64]; +}; + +struct snp_report_resp { + /* response data, see SEV-SNP spec for the format */ + __u8 data[4000]; +}; + +struct snp_user_guest_request { + /* Request and response structure address */ + __u64 req_data; + __u64 resp_data; + + /* firmware error code on failure (see psp-sev.h) */ + __u64 fw_err; +}; + +#define SNP_GUEST_REQ_IOC_TYPE 'S' + +/* Get SNP attestation report */ +#define SNP_GET_REPORT _IOWR(SNP_GUEST_REQ_IOC_TYPE, 0x0, struct snp_user_guest_request) + +#endif /* __UAPI_LINUX_SEV_GUEST_H_ */