From patchwork Mon Feb 3 22:31:57 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Pratik R. Sampat" X-Patchwork-Id: 861683 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2046.outbound.protection.outlook.com [40.107.220.46]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C99AC1FF7B4; Mon, 3 Feb 2025 22:32:34 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.220.46 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738621956; cv=fail; b=KVnqTZBPCGkLLvZLvlusZLi33a3k9rDlGYbH5OnY0qoxhiTsqMD3Ts9D5qcjzsLAeqr7fJf6Gy2XANEnIWHBmTr14JAtjawwDm1+AYN3RNp+QyquTd1/T1lWYiRIeyHkF7IqQLiEMIPbQHACcEVtUtcMr4Q/u8QRD2NvECxrnw0= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738621956; c=relaxed/simple; bh=R0wWoETAu/rG/sVt8eKTjdHmtOVoBleYgNCRl6Eekuc=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=GCJ4OCkbXlP23j7IWQAe7kE4cV2+5SqqksW3a3o5zSjEx4EQH1sfDCY4ITF+IZ0q+SojDCLWquCwvWEAdZSy65e9p4vr2K44OKb5atnweG+P4Te9WE8Gk/MDECReCNBL9KyiTm4zYVZgh1/k/juIZ0xZxvX9gQ1n/Mu9Lgrke5U= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=KAaOZkT2; arc=fail smtp.client-ip=40.107.220.46 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="KAaOZkT2" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=M69jcw8dOI6Hp5VC27e01qEtjCUL/uQYD4cj2U9VTo2KibSNn2mD4x9FeDAKCxPsiymK7JRuVAoHfuyu4fIcBsaOTNePzN0xLeCKuAj5RMzKrlyhAAta3jvCVc3Qk3CRm2KgDPUKHyenfLQ92/f2GHpwd6qm+kZVpwN3jQbtSk1DkK2iXjE10J9wfZhzIG6ruoyaK4KEiNnN1ftMcM/K2YN6Igy4qIh1kOtVOtROHGqN+tNMwExiKG3Pa7vJ5Rx/BNwfSxXmfsh+K9kEZer2Bpon4qiJJH1ohuzv73IWNtxYrbV8MFoZt4fkRLv5CKK0IhQVKIOXiLlwqPN45WXaKQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=8k+fsTkWW+QLt8Ur3ZzC8OGpQYWHzq3HmAuL/6QstE0=; b=uafnOiAHpMzRwK1kuwiDoAT0t7MUG6hStc1I0DEeC8dLvKj/EQn1oXbu6osDLzVKRE54EBwZSCd7PyQ/ae7y7CDeDPIuK2l9WvIQ1aZkyKZqu0wK0ee3niVXBBK9VhqI/QiLtefOil8wV8SWc7dXbkemYHmoyeDcPOOGoTi0eT/S5Qzd36bs4RFindKAvEbR0VvznfOlgI+adIdV2nZo+dbVEaB2FXXr9ARpi1HlMD1RqTT2P49cWZz37Kv+JN/6c5UVsUqrZL7/JGFgiSxK/qqT0x9o7+6VwdDaRaHisdK60BozzuMZLSda7ye2IyFfhLKGPUqQy+gnDBFAXGmuqA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8k+fsTkWW+QLt8Ur3ZzC8OGpQYWHzq3HmAuL/6QstE0=; b=KAaOZkT2JCGd00YzcOTZ6quiMKKDdulL+zZkvAw+e2ktb7zZW3Ghl8Eeiyv2w/cIjfYxFwzOyIjUrnESALmo6pbMmbBIEBpEfBH7J0tmzBvqBMxo/CKTyxholblseKfmQ1LRNLZpP3kDfNT++JS3XbQb9Kv8K1ElyMuf5YDQKM0= Received: from SJ0PR03CA0189.namprd03.prod.outlook.com (2603:10b6:a03:2ef::14) by DS0PR12MB6440.namprd12.prod.outlook.com (2603:10b6:8:c8::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8398.20; Mon, 3 Feb 2025 22:32:30 +0000 Received: from SN1PEPF0002BA4D.namprd03.prod.outlook.com (2603:10b6:a03:2ef:cafe::de) by SJ0PR03CA0189.outlook.office365.com (2603:10b6:a03:2ef::14) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8356.22 via Frontend Transport; Mon, 3 Feb 2025 22:32:30 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF0002BA4D.mail.protection.outlook.com (10.167.242.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8398.14 via Frontend Transport; Mon, 3 Feb 2025 22:32:29 +0000 Received: from sampat-dell.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Mon, 3 Feb 2025 16:32:28 -0600 From: "Pratik R. Sampat" To: , , , , CC: , , , , , , , , , , , , , , Subject: [PATCH v6 1/9] KVM: SEV: Disable SEV-SNP on FW validation failure Date: Mon, 3 Feb 2025 16:31:57 -0600 Message-ID: <20250203223205.36121-2-prsampat@amd.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250203223205.36121-1-prsampat@amd.com> References: <20250203223205.36121-1-prsampat@amd.com> Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF0002BA4D:EE_|DS0PR12MB6440:EE_ X-MS-Office365-Filtering-Correlation-Id: 4e9e4046-a3fb-46c9-1b6e-08dd44a2a4ba X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; ARA:13230040|1800799024|7416014|376014|36860700013|82310400026; X-Microsoft-Antispam-Message-Info: ihRIAb+1MF29PDj+FSi7Mge/ppGhymaAG6X6g6Z7Yylq/UDqCfei7MBFQo1OEWCnDZziwBCpV92wC39x6e1bvQFvyXs5KSspO/pNQMzez3+u+f1D11xo7NhQxUigv7pjRqnW6HkNOVAAsXefY9JEH5LPUgremX3mUL8J5wtH/BnOmLnhhJFpFiM+cqU06JyFcqKj/XBs4WjlSOFzk8MwfHM3CqI2Ycb31oZITXu5tAYakzflS4S6uuCV5HxZedEeVO8Auz0ty0f5s6aVdbtvmT4+ppbTdiMfS22dcrA4HcJjUhO0v4e8Xn7rsnrANKfAuEIfPopUGvZeql8Oyjm2QE4TqEPm1/a3AURJRjH7kyMp/u5u/Z0k39D9RAwz7CWsJRy5ovgP1Iz+p6DzB8YbfL4uHtMvTaPR/PSdGBqUp7Xm9J1sF+k+Zt4BytP0JGYMPzOsWuq1J74p2QxbLp+Lso5PzT2GchJHUSUD1ZYf8ra8Rzal9VQfU9fW3pfTPbaQYH7ZR1vDTEALCe5TrBncIo1ySf3zBgDiAkI3lLO7KlTcvrbmWSuiqVhodH5NsKuLSA7hlVhm3A+qnK9FQXDzf6KfSzg8UITicOawM7l1rHZWNmPLQnSztx4/S0nRnRUP59atkLwIMl/J/k+v9y6jKGiRfsGQ/I/Z8R8wPL1EGzZdFdlI1W3Ixk602e/PYSaHTBaHVRno6Tg0ckPKg+kGbnJjHixYkXSe/GcTyLLEe5F0xE4X3TuOgFoYNc/nM2NV3GstsMrgZkRa5mQ6S9ysOLIaa73Aqx7Krx2clF9xEqeLRhQ7P2H1SErNXZ6zI7f/tiVQEnD9Blga+uBQf7EDeETuIVa9ZJ7nSb8HfZcad625OEKKUUo3/cwIwEwO+tdmYOmWkA86/PJZWGYrt6IQLK0CwcPnavEiNyVe+xaiL++WAlonPAKeskHL3QUrU6QS/o5oypzRXnhFRtsNWauNJF2YfEWICRd7k7mNAre4R1tEIU7EY0S/1gn+56/B23FOITrphQ+7WfitOVcFeN5GeOcyNaDxWdDnWAm4LO60hkRnLHYyexpFFxzLKifzjRClU30Mv9ONao5BFpOrV+T00BEtAIfSinOiC78DsTMjMg4DC23X/P/peFxWFkGvB5c9g/k4c3X0KKUmDSGVBoOtS5216PXw+iC4ZDETjp+Z9d8MYcpl7CiS00Z9No4Zd/kXhUrkSjYnki/r4NCRUWeP8DyQwYp9yXzH8uufzyI2gAGQQpbg/nvY97GfVop6Zin5joW2MGwQjclFEPVHtn4I2z0IriKIS79tYGr9q+YfbjKlamTN2PpfT7QfHy8kOvsCRusR8w83j+p6kUVOWOdrOpXoYJJltS8pBJ69/e981DAZajH6P7rwBVOsT97KaO9ZzwJDPeCo/hhauFoYbIbpTF3GkAzueyRNPh6r1FctbUD4QtsAN1DmahdyR/aO12YPc8+59j7Xr/gAlOXoEvqetzZexxGDMy1gCP/e6IrbQ4o= X-Forefront-Antispam-Report: CIP:165.204.84.17; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:SATLEXMB04.amd.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(13230040)(1800799024)(7416014)(376014)(36860700013)(82310400026); DIR:OUT; SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Feb 2025 22:32:29.4123 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 4e9e4046-a3fb-46c9-1b6e-08dd44a2a4ba X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17]; Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF0002BA4D.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB6440 On incompatible firmware versions, SEV-SNP support is pulled and the setup is not performed. However, the platform and subsequently the KVM capability may continue to advertise support for it. Disable support for SEV-SNP if the FW version validation fails. Fixes: 1dfe571c12cf ("KVM: SEV: Add initial SEV-SNP support") Suggested-by: Sean Christopherson Reviewed-by: Nikunj A Dadhania Tested-by: Srikanth Aithal Signed-off-by: Pratik R. Sampat --- v5..v6: * Collected tags from Nikunj and Srikanth. --- arch/x86/kvm/svm/sev.c | 4 +++- drivers/crypto/ccp/sev-dev.c | 6 ++++++ include/linux/psp-sev.h | 3 +++ 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 0f04f365885c..b709c2f0945c 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3040,7 +3040,9 @@ void __init sev_hardware_setup(void) sev_es_asid_count = min_sev_asid - 1; WARN_ON_ONCE(misc_cg_set_capacity(MISC_CG_RES_SEV_ES, sev_es_asid_count)); sev_es_supported = true; - sev_snp_supported = sev_snp_enabled && cc_platform_has(CC_ATTR_HOST_SEV_SNP); + sev_snp_supported = (sev_snp_enabled && + cc_platform_has(CC_ATTR_HOST_SEV_SNP) && + snp_fw_valid()); out: if (boot_cpu_has(X86_FEATURE_SEV)) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index af018afd9cd7..b45cd60c19b0 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -122,6 +122,12 @@ static inline bool sev_version_greater_or_equal(u8 maj, u8 min) return false; } +bool snp_fw_valid(void) +{ + return sev_version_greater_or_equal(SNP_MIN_API_MAJOR, SNP_MIN_API_MINOR); +} +EXPORT_SYMBOL_GPL(snp_fw_valid); + static void sev_irq_handler(int irq, void *data, unsigned int status) { struct sev_device *sev = data; diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index 903ddfea8585..e841a8fbbb15 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -945,6 +945,7 @@ int sev_do_cmd(int cmd, void *data, int *psp_ret); void *psp_copy_user_blob(u64 uaddr, u32 len); void *snp_alloc_firmware_page(gfp_t mask); void snp_free_firmware_page(void *addr); +bool snp_fw_valid(void); #else /* !CONFIG_CRYPTO_DEV_SP_PSP */ @@ -979,6 +980,8 @@ static inline void *snp_alloc_firmware_page(gfp_t mask) static inline void snp_free_firmware_page(void *addr) { } +static inline bool snp_fw_valid(void) { return false; } + #endif /* CONFIG_CRYPTO_DEV_SP_PSP */ #endif /* __PSP_SEV_H__ */ From patchwork Mon Feb 3 22:31:59 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Pratik R. Sampat" X-Patchwork-Id: 861682 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2056.outbound.protection.outlook.com [40.107.244.56]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4E8DE2101B5; Mon, 3 Feb 2025 22:33:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.244.56 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738621984; cv=fail; b=sIz+UvIVe7ocnc/0pEYoh6A8UjFPud0qyG74DhXr3dce7KMu3ldprZdh35y3Er2twZlYt+UEvukvQBY50D0J5w1tPyo3Dr/ktqq+ykrjI7WcRRigndioqo/6ssvr4g3bxZYFulEjOs9m2DjFnaWv8BMJ/NriYkvb6BY0Kj4ZPXU= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738621984; c=relaxed/simple; bh=s/PrqXq00RidLQB6LHBb1xbgEvaNdJnxQ7kOudeIQ0c=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=c3sMFUwP8E4h3k7UdXTYZFg/gsZQu5W0L3U8pIAosa1S5NGJSt6dg1lWBCQUhnXPZNf87ML37qxVlWk/Y+auuPgfFjdPaAPjDP/AjDueBofJBuMNg4guAexT+QLhoA+Qlyzs5Un/vjMZG7T2dVLMIoxmdnD/Sel2DSk3xGy8PlE= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=XvDAK9nJ; arc=fail smtp.client-ip=40.107.244.56 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="XvDAK9nJ" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=XEKhybZyVFPa8czJWjz2eth9HCKXQmmJmN67jKsQbFRNs9MqWR/e6YG8R3edwYL76WQPSjrGemTgWxuQ6HseCmflniAKG5cs9oB7deEcZUHJIiDLMVyBN7R/0Mz1ZyHiCruP1UW7UdfBtJvVmNOQsC0qePLfMsp94WI1b/+BaNwO5ZWSgUQo0bnEYjYSa+XU2y9inymxjn+QXX5pWATEzr4FO0pvQZrIJhXe1fXBIR1WyhFuCwea9oGlyHTaew6HB2nCYMeMTphNVgLjQu/+J5/XNlUCCl3Cv9HsBTR3X/o/h5wWiyVaaybI1Bqz/jrePSyan/TA9x+oaRbkD+8Q9g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=WFSna/fvG1qE63VV7ANa4hnSuKMcfPjlvuaFiK81GEQ=; b=lugsSYGlG+kSizjmCnZ87dm9QogRWk1yHk2J1d/GeQkgaFqUzx8RgiSlcoRpVvye3vTKUfzLbSKpW+VR2P7See8naSUsROWNWYFT1pbFRUlsksfSp4uBqh9tVJc4+t0feRVrsE2FDx865zZrtRmD7Uazx47FIYu7U32ubZCFHbK2KBBbN74Itaw9gmZRK0/33/ODWFnYaY/Aaq00LmZoiXFyQr42nH9JZOgzRSLlS8jPja9UUlmzxMUWE8qq7FDDCTgtvl0hklg10fuJoWvFRsm9cK1N2ltwGhVGZ9FyVpJeHltkERgA+G6YcHQQdExOT223BDPWRzr7qJILys9/mw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=WFSna/fvG1qE63VV7ANa4hnSuKMcfPjlvuaFiK81GEQ=; b=XvDAK9nJCUPHLBa29VefZUJUlqOFuP+cizG8qROD4ipOee/A5tgG7q5cDS9ujWwFZuZ85E/Fm0LjYwjJfNUTWtuWLtugcEPZvIY+FQbhzKLYxmrhj5vUaoRsC6zKInaoxKEWP2gZu6+ceY9V6gjAZuHMEAk0/mGczP1MT1wZt4U= Received: from SA1P222CA0135.NAMP222.PROD.OUTLOOK.COM (2603:10b6:806:3c2::13) by IA1PR12MB7565.namprd12.prod.outlook.com (2603:10b6:208:42f::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8398.25; Mon, 3 Feb 2025 22:32:58 +0000 Received: from SN1PEPF0002BA4C.namprd03.prod.outlook.com (2603:10b6:806:3c2:cafe::51) by SA1P222CA0135.outlook.office365.com (2603:10b6:806:3c2::13) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8398.24 via Frontend Transport; Mon, 3 Feb 2025 22:32:57 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF0002BA4C.mail.protection.outlook.com (10.167.242.69) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8398.14 via Frontend Transport; Mon, 3 Feb 2025 22:32:57 +0000 Received: from sampat-dell.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Mon, 3 Feb 2025 16:32:56 -0600 From: "Pratik R. Sampat" To: , , , , CC: , , , , , , , , , , , , , , Subject: [PATCH v6 3/9] KVM: selftests: SEV-SNP test for KVM_SEV_INIT2 Date: Mon, 3 Feb 2025 16:31:59 -0600 Message-ID: <20250203223205.36121-4-prsampat@amd.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250203223205.36121-1-prsampat@amd.com> References: <20250203223205.36121-1-prsampat@amd.com> Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF0002BA4C:EE_|IA1PR12MB7565:EE_ X-MS-Office365-Filtering-Correlation-Id: 6af52d96-23d2-42c2-9848-08dd44a2b58a X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; ARA:13230040|1800799024|36860700013|7416014|376014|82310400026; X-Microsoft-Antispam-Message-Info: RTWiHJL6fep3bJXDdNZvMmTEQzj8wr8Ofn7O2s3QuvGrRXo4MzINzEL7Fu4rbCFADQBkGVlnbhUo9VNiy5kROcmgJt/y+2TJHvr3EAGJpJWpasctxek4nn/koU/hE24xrW6aMC2zvAb3KfD7Za2csqGzzqIy1zExuFC/VHlevcjCbO0ozq0ti3lttZ/GGXRIPztdrC9EV3HvRIdh8DqxbNLdoe+c4Gx8JxKI/fYnMI7g6iOXjPhlpATEt/wR96C8ap5MB0RoMxaqsWsO1k/ZBokwxQwpg8ox8/z4pdH+KGOs7Rw14kPgrm3IvCyZkvMCUsH3iy6t+/uwY9G0n1sHFERuYeeg7p9V0c5+Hkm0/Odax1HlxXOfJDuZ9JRzo2R/yDDiKjLQpf87rCYK5KHCAZPfDd1x3o6bMU14dj9I9Q74AR+eaVEjtfeiuSkMUxJlsTtvNytx/QU9CB3druv/g8bsCPC66VzRpVCUg9kyEhDooDpi6R8B9pQq41s80A8HFm1A+acBHn2+Mj2pW/p4kcuUdnyKG4w+3vmdT8ky/cHJg80B5zOqss0zdc6/Ci2YmgTXx5JglXh/Vjb0uZ5nUhbQWQ/1KQ/s2VAcOeiLVX2jjqNRqMdd49z8AxVVOec58+072fVW3R67Ud1PFmhBKiEWj0XaeyF7NyZi3X7GLgKPm96VQzCMWU6hwV/WR2XMRASZUyqg8kq/YR3nbmj2iSzWcePE4RPU9LOA2YVf+mO0Sluv7WR6v0dT3SLCRJYUarZDzSzawKXY896h+tJn/Jhrx1OBDJj3w9l/cHnZIgWa0Q11FtTaZFL3elJgsN/8ZMtVMT6rAmb3Pbtx7mO2pbWN0HwguK7hNq+t9AuGebHof1QChA6FiJeBUK7Fs25jJ3lo4B/rnfVnmwWtI039dtun62VjXi40H/y1cQ9Z6802p6YEme+poGQSOBRJVKOQMDxDAPRyoRzeNMTgR+FtiGm6X+BghRvDL9fs6zpCse+S4DbKuSA0qJErp7/igxScSov0SCa5/PzQk54OCpa2RHKwtwzilRWmJKgMHy9/cf8mX1zpCyxnBuDRvjUcO2912hy/vAWsOm8n1gkpl6djxYqCL8sQB14Yuje4WjtNK+DlVm+V5q9WTSS16fN+1zUYqJ8OID8+9QU+T0ayXraLz+N9nuOdzKqcDz1bcV/6nlXogZFboiCF6E9xCCvIlc/HcTrfD5JTjDW1QGeegrVL8pRpg/YD5EGyFjyxG7qLb9EXoJApIVEQAQ0dMm0qm6wtWG39WVoxc5ajjtv1S7MHDfCP5depoEqpaQ9F/EbkOZQUs+AvjvKtHEWfw+ibUbjwvdSd3REfSlgbV1zEba+zCi2EXGjnaHG9opeQ4CxWPN9nThCjzqlvdXfwgiiAY2k84tLrYNTD2USnKQirZUadjaO3qIsnmLAl22WDPkpM58EQo1GtKyDiTbgqYH3Plv5qCD7LMD+BIVfgDvgpRn459AHsbpL8c+8dqfnbsAouVX8= X-Forefront-Antispam-Report: CIP:165.204.84.17; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:SATLEXMB04.amd.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(13230040)(1800799024)(36860700013)(7416014)(376014)(82310400026); DIR:OUT; SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Feb 2025 22:32:57.6846 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 6af52d96-23d2-42c2-9848-08dd44a2b58a X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17]; Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF0002BA4C.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA1PR12MB7565 Add the X86_FEATURE_SEV_SNP CPU feature to the architectural definition for the SEV-SNP VM type to exercise the KVM_SEV_INIT2 call. Ensure that the SNP test is skipped in scenarios where CPUID supports it but KVM does not, preventing reporting of failure in such cases. Reviewed-by: Nikunj A Dadhania Tested-by: Srikanth Aithal Signed-off-by: Pratik R. Sampat --- v5..v6: * Rename KVM CPU feature X86_FEATURE_SNP to X86_FEATURE_SEV_SNP (Nikunj) * Collected tags from Nikunj and Srikanth. --- tools/testing/selftests/kvm/include/x86/processor.h | 1 + tools/testing/selftests/kvm/x86/sev_init2_tests.c | 13 +++++++++++++ 2 files changed, 14 insertions(+) diff --git a/tools/testing/selftests/kvm/include/x86/processor.h b/tools/testing/selftests/kvm/include/x86/processor.h index d60da8966772..6f63fd10bbc6 100644 --- a/tools/testing/selftests/kvm/include/x86/processor.h +++ b/tools/testing/selftests/kvm/include/x86/processor.h @@ -199,6 +199,7 @@ struct kvm_x86_cpu_feature { #define X86_FEATURE_VGIF KVM_X86_CPU_FEATURE(0x8000000A, 0, EDX, 16) #define X86_FEATURE_SEV KVM_X86_CPU_FEATURE(0x8000001F, 0, EAX, 1) #define X86_FEATURE_SEV_ES KVM_X86_CPU_FEATURE(0x8000001F, 0, EAX, 3) +#define X86_FEATURE_SEV_SNP KVM_X86_CPU_FEATURE(0x8000001F, 0, EAX, 4) /* * KVM defined paravirt features. diff --git a/tools/testing/selftests/kvm/x86/sev_init2_tests.c b/tools/testing/selftests/kvm/x86/sev_init2_tests.c index 3fb967f40c6a..ab3dd11ac163 100644 --- a/tools/testing/selftests/kvm/x86/sev_init2_tests.c +++ b/tools/testing/selftests/kvm/x86/sev_init2_tests.c @@ -28,6 +28,7 @@ int kvm_fd; u64 supported_vmsa_features; bool have_sev_es; +bool have_snp; static int __sev_ioctl(int vm_fd, int cmd_id, void *data) { @@ -83,6 +84,9 @@ void test_vm_types(void) if (have_sev_es) test_init2(KVM_X86_SEV_ES_VM, &(struct kvm_sev_init){}); + if (have_snp) + test_init2(KVM_X86_SNP_VM, &(struct kvm_sev_init){}); + test_init2_invalid(0, &(struct kvm_sev_init){}, "VM type is KVM_X86_DEFAULT_VM"); if (kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_SW_PROTECTED_VM)) @@ -138,15 +142,24 @@ int main(int argc, char *argv[]) "sev-es: KVM_CAP_VM_TYPES (%x) does not match cpuid (checking %x)", kvm_check_cap(KVM_CAP_VM_TYPES), 1 << KVM_X86_SEV_ES_VM); + have_snp = kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_SNP_VM); + TEST_ASSERT(!have_snp || kvm_cpu_has(X86_FEATURE_SEV_SNP), + "sev-snp: KVM_CAP_VM_TYPES (%x) indicates SNP support (bit %d), but CPUID does not", + kvm_check_cap(KVM_CAP_VM_TYPES), KVM_X86_SNP_VM); + test_vm_types(); test_flags(KVM_X86_SEV_VM); if (have_sev_es) test_flags(KVM_X86_SEV_ES_VM); + if (have_snp) + test_flags(KVM_X86_SNP_VM); test_features(KVM_X86_SEV_VM, 0); if (have_sev_es) test_features(KVM_X86_SEV_ES_VM, supported_vmsa_features); + if (have_snp) + test_features(KVM_X86_SNP_VM, supported_vmsa_features); return 0; } From patchwork Mon Feb 3 22:32:01 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Pratik R. Sampat" X-Patchwork-Id: 861681 Received: from NAM04-DM6-obe.outbound.protection.outlook.com (mail-dm6nam04on2067.outbound.protection.outlook.com [40.107.102.67]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CCF58211471; Mon, 3 Feb 2025 22:33:28 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.102.67 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738622010; cv=fail; b=BQFuvUqNG0frzRn7/xh4s9Sy+eWc8KjRii/DmLX1e5bOeaVJZoOvaZEkGPHgbQboSV7EBBYLWrm1fLDMl+v7aNsbCop5Sll8ZC23eCQwEP1pY8pxN2cTa1MhNNbsAk8t8SdytF91yeeKY3J4vdUi1UnvpLM8ElxdaSdlyY4mWtI= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738622010; c=relaxed/simple; bh=aI/XFdPV8tR1zsYy3w3XWHy1nZWjMMWjUpzn7DEhq6w=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=C/32CfmeU60GUTR2lXnqRcyXwWMZKmWn7o5noFBvTGePS1rredTwlhtFUf0YSg65CpYVzNUc5fIF0NPjF7BPPCQenRMt6tNwSygrgyYqSElFgKJjWS2aAOI7UG05dHwB9dmF7clmtwZyjMoENGAYNC4kLwCNgnu2cGNwdvstMLg= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=wgQaf2za; arc=fail smtp.client-ip=40.107.102.67 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="wgQaf2za" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=Fv+x9FDgoKzI4Dbw12Je0Bml0fWeexCZVD1pXbsi7jgAHeCErvlmcFL8kv8uFiqB1sD/7m7+1aQ1Qc0Rt9b2Bj05INuDggNCU7PIbYMfGKJ/ktLTTPaChixQxLdk6KeepVpltAJM55XyPx1zgrG0+MJI332etpM+t1Zdo8Et4xxZn2QmgRLHfuf20NelepODmLBll9adM9zqzUkZSJgU3SyC1080tbj03jlJmXTwVKvDCrrsSUP0nH7JJD+fWVxmFZtzxEXQJca5dNqgWqsZZx5/iMirVV7/ou8N9LCuI7/gqKyJNkWC8IOsljPHMpMU4or4OjitVrI7zuy3qq5TBA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=JB+m17vZRaIn9rhyDe8cjTnD1OxYa+bgZE1uuh+UL9M=; b=CSy2pE8luUZj0hj6+dnB2T+x+4pRsG/ZB3b7B+AOZVB0OzD065oNSWgzJAXbEBflixklrOtNA1RwS7OIBNTMSErozJsdZ/SOxJNLV70Q+bzdSNLeCntrLR2W/zfsDtuVTNN7DA+YirA6AybX5dwB9f15jVpL+q+j/nbqvBnB4e0Bm4CIgkXVr9+LtgkFI3op5W97TMholkjoErhlL3qrVtkawuwCk5aTgrpReNttfGib+H5OE2rkXbBMdNFZP5WnQBU8Jd9SoxHTjVIw6ex1BCoojITbJhXMm0lTONImNDlGvopCdbGNk0EA6NpVJJXPNH4/B9cOe3nHeInBkShP0w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JB+m17vZRaIn9rhyDe8cjTnD1OxYa+bgZE1uuh+UL9M=; b=wgQaf2zaRk8g4gpQMkkD6//0JkUJP8KzEOVgtf+zpnLQXCDImhZjLXu2TeuQ0yzof7fQYJ9O9FXMaMQOF6h0kuKVmb62qc76GpNx1fNrHouok7RjE1/nBTLx5DmPcobwnN5uoeCVMeQGPzOVxg4Y6A3KH5Tnv7YliJ2v+aOUWIo= Received: from SA1P222CA0130.NAMP222.PROD.OUTLOOK.COM (2603:10b6:806:3c2::21) by PH8PR12MB7182.namprd12.prod.outlook.com (2603:10b6:510:229::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8398.23; Mon, 3 Feb 2025 22:33:26 +0000 Received: from SN1PEPF0002BA4C.namprd03.prod.outlook.com (2603:10b6:806:3c2:cafe::9b) by SA1P222CA0130.outlook.office365.com (2603:10b6:806:3c2::21) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8398.24 via Frontend Transport; Mon, 3 Feb 2025 22:33:25 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF0002BA4C.mail.protection.outlook.com (10.167.242.69) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8398.14 via Frontend Transport; Mon, 3 Feb 2025 22:33:25 +0000 Received: from sampat-dell.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Mon, 3 Feb 2025 16:33:24 -0600 From: "Pratik R. Sampat" To: , , , , CC: , , , , , , , , , , , , , , Subject: [PATCH v6 5/9] KVM: selftests: Introduce SEV VM type check Date: Mon, 3 Feb 2025 16:32:01 -0600 Message-ID: <20250203223205.36121-6-prsampat@amd.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250203223205.36121-1-prsampat@amd.com> References: <20250203223205.36121-1-prsampat@amd.com> Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF0002BA4C:EE_|PH8PR12MB7182:EE_ X-MS-Office365-Filtering-Correlation-Id: 4e738582-04af-465c-bab9-08dd44a2c657 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; ARA:13230040|376014|7416014|36860700013|82310400026|1800799024; X-Microsoft-Antispam-Message-Info: CmKQNP81LGgYbtbpCzGCEfufVtQ+cULd4vIcWV7RIG5+kPXGqPUg5uwBDvhULw9LAG78g32bn8ObuUjcSl4hdXtYLN8TOAwMHZS0PWBgm4r2GZZ573n3lES/NbCQBGIjBmKY49xVmtACz+7yie1TAUhdW+x4gtnMIF/HGxhymYC9/+kGcvA3H/MQRJ9o5J/QHsjLa3ZbFXml3lgaTtiEyGcX93Wk87TwKObXyy962Rim9XDrW29571HKT8mejtb+psYUolSnbuKbhUIEO+B5gi1l5ZfV08ofj68EC2BrpYa6dF7SjJXv8m2Az/JLWK3ONkYWx1zNIr9LUep7joXYnKARsOIuIRtyOT0IiNl5jvElTG3ebnGmPpbwDG7ntgpW/O1ZEkDn24e4a5R2EpLZ5VRdMM29SN65d5Nvuf6kbeKJ69CA4WHxvaqB+Ek1QN7aDqWgf5kgx8rOiYs0oev/UqffOvU9lgPw3xAoFigEPXBWsbElYjRf9fSjYXECHCEC7EtNoGZfps+gJ+Z2kNROvG1Ty8dU8pzSPLrW2/7Sz2TZc5VLcXQrfwua04hzxLIGu+h4Mor3wfrO+x/47FqVvqOzR32ERnYSDfxXXuZDGA7IrGCAF1+/5s6f4t8GYvyUM8MeijYtyJKK5LDocJYbEcgdvi972l4jwLcRchMrW1DuR6k2kkF7y2WyjaBI/3rAkxsEYhNH8zAPQtTb7DSrAO4PSELtcNKGd7Pr5CiMzu1rdubp3/sDpRtuJLisnI5OFBWznnzROgb984C8E4Q1/nu3o0PN8nFdeRs8BUuo06tmfmGWJocrMi//6igsHPFeuGTua+WA//rv5DxL4180vvN3Rxc1aMleQg/rX9Uvkw0zUT/ahQCPQP1myUBLckLQJNLsS04NFcfmU+nNpPs6dd1monOPaouzO4XPuYNc9L6/6Qy/w76jW/sbTyI+bFZA2ZvxmDCIdLeZQ2DHqfe4PhObW1osdML/7eO71mJjId9JzTipCG8tJFPyH1Lj2ckYnC3T321nK/LME5o5Iaf3A8LY7ZUjRNouQFIeR5k82Rz9rENnbt02xPN6Dz1iuYe8CQU3hiVPymfobJEg/34FgyFa+7JmEvm+ADU9ksXmHj8sr3rgLM4JfGR6W8qRXPHxq9J/cKWAlW+PYQpN4U5pt6LZoA+dDk7VJmP7E6qnTCrP1z9G+irfQh1GbYGrw4T2HfQTuICEEHyIx1U1fmbFAvr0lMN0cHJo9kw2u0ILhBlSI+PrNE20Vt1naljkdpcbrrzPRgnSrHlqrHD9wG24mZIK6X+7xMiZhCudt93TE9ZrYKyIQWZxCPD6wesMyBPi552saQj15HOkKHLfUnmA+QUGfUXJAiuQcZfJS5wbHzmn6UJRDCIaPY1XmQjnuwTvBBGj+9G2AJDS8GproR3DcFyorshbwtuW+DKg7nDRaXAOzafhZsFv6TGlV71SlcD7ISdOe4Q7ZzJ/nS1s71RLpN1i6E/r0trzXrico9vIl7A= X-Forefront-Antispam-Report: CIP:165.204.84.17; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:SATLEXMB04.amd.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(13230040)(376014)(7416014)(36860700013)(82310400026)(1800799024); DIR:OUT; SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Feb 2025 22:33:25.8726 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 4e738582-04af-465c-bab9-08dd44a2c657 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17]; Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF0002BA4C.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH8PR12MB7182 In preparation for SNP, declutter the vm type check by introducing a SEV-SNP VM type check as well as a transitive set of helper functions. The SNP VM type is the subset of SEV-ES. Similarly, the SEV-ES and SNP types are subset of the SEV VM type check. Tested-by: Srikanth Aithal Signed-off-by: Pratik R. Sampat --- v5..v6: * Commit message grammar * Collected tags from Srikanth. --- tools/testing/selftests/kvm/include/x86/sev.h | 4 ++++ tools/testing/selftests/kvm/lib/x86/processor.c | 4 ++-- tools/testing/selftests/kvm/lib/x86/sev.c | 17 +++++++++++++++++ .../testing/selftests/kvm/x86/sev_smoke_test.c | 2 +- 4 files changed, 24 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/kvm/include/x86/sev.h b/tools/testing/selftests/kvm/include/x86/sev.h index e7df5d0987f6..faed91435963 100644 --- a/tools/testing/selftests/kvm/include/x86/sev.h +++ b/tools/testing/selftests/kvm/include/x86/sev.h @@ -29,6 +29,10 @@ enum sev_guest_state { #define VMGEXIT() { __asm__ __volatile__("rep; vmmcall"); } +bool is_sev_vm(struct kvm_vm *vm); +bool is_sev_es_vm(struct kvm_vm *vm); +bool is_sev_snp_vm(struct kvm_vm *vm); + void sev_vm_launch(struct kvm_vm *vm, uint32_t policy); void sev_vm_launch_measure(struct kvm_vm *vm, uint8_t *measurement); void sev_vm_launch_finish(struct kvm_vm *vm); diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testing/selftests/kvm/lib/x86/processor.c index bd5a802fa7a5..a92dc1dad085 100644 --- a/tools/testing/selftests/kvm/lib/x86/processor.c +++ b/tools/testing/selftests/kvm/lib/x86/processor.c @@ -639,7 +639,7 @@ void kvm_arch_vm_post_create(struct kvm_vm *vm) sync_global_to_guest(vm, host_cpu_is_amd); sync_global_to_guest(vm, is_forced_emulation_enabled); - if (vm->type == KVM_X86_SEV_VM || vm->type == KVM_X86_SEV_ES_VM) { + if (is_sev_vm(vm)) { struct kvm_sev_init init = { 0 }; vm_sev_ioctl(vm, KVM_SEV_INIT2, &init); @@ -1156,7 +1156,7 @@ void kvm_get_cpu_address_width(unsigned int *pa_bits, unsigned int *va_bits) void kvm_init_vm_address_properties(struct kvm_vm *vm) { - if (vm->type == KVM_X86_SEV_VM || vm->type == KVM_X86_SEV_ES_VM) { + if (is_sev_vm(vm)) { vm->arch.sev_fd = open_sev_dev_path_or_exit(); vm->arch.c_bit = BIT_ULL(this_cpu_property(X86_PROPERTY_SEV_C_BIT)); vm->gpa_tag_mask = vm->arch.c_bit; diff --git a/tools/testing/selftests/kvm/lib/x86/sev.c b/tools/testing/selftests/kvm/lib/x86/sev.c index e9535ee20b7f..280ec42e281b 100644 --- a/tools/testing/selftests/kvm/lib/x86/sev.c +++ b/tools/testing/selftests/kvm/lib/x86/sev.c @@ -4,6 +4,23 @@ #include "sev.h" +bool is_sev_snp_vm(struct kvm_vm *vm) +{ + return vm->type == KVM_X86_SNP_VM; +} + +/* A SNP VM is also a SEV-ES VM */ +bool is_sev_es_vm(struct kvm_vm *vm) +{ + return is_sev_snp_vm(vm) || vm->type == KVM_X86_SEV_ES_VM; +} + +/* A SEV-ES and SNP VM is also a SEV VM */ +bool is_sev_vm(struct kvm_vm *vm) +{ + return is_sev_es_vm(vm) || vm->type == KVM_X86_SEV_VM; +} + /* * sparsebit_next_clear() can return 0 if [x, 2**64-1] are all set, and the * -1 would then cause an underflow back to 2**64 - 1. This is expected and diff --git a/tools/testing/selftests/kvm/x86/sev_smoke_test.c b/tools/testing/selftests/kvm/x86/sev_smoke_test.c index 38f647fe55d2..b18c78314d5b 100644 --- a/tools/testing/selftests/kvm/x86/sev_smoke_test.c +++ b/tools/testing/selftests/kvm/x86/sev_smoke_test.c @@ -123,7 +123,7 @@ static void test_sev(void *guest_code, uint64_t policy) for (;;) { vcpu_run(vcpu); - if (policy & SEV_POLICY_ES) { + if (is_sev_es_vm(vm)) { TEST_ASSERT(vcpu->run->exit_reason == KVM_EXIT_SYSTEM_EVENT, "Wanted SYSTEM_EVENT, got %s", exit_reason_str(vcpu->run->exit_reason)); From patchwork Mon Feb 3 22:32:03 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Pratik R. Sampat" X-Patchwork-Id: 861680 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2080.outbound.protection.outlook.com [40.107.220.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 42A62212B09; Mon, 3 Feb 2025 22:33:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.220.80 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738622032; cv=fail; b=uUXWcq2V8eU7UnkLVBVteNefwukmQVDvAZyAuNDsA7z9uDCnafQCz5afUm92jED0/kJ97KJmHmFmXxEbo6xuvq5nTlZrUMjs2am1eHICnvW5xUf6YCJcptvCFnd4DuGZndp/0Rgkfm54/2wmbUBaejpRKzG9yoGG1av3exQOCe4= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738622032; c=relaxed/simple; bh=tyrSnNQj7m2pgzsnTmT60Iq30+aK0VbmX2qUnHYg0Do=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=isKn8x+H1B6f5123SM0rHvXtsHU2pZ/U40xlzCf9C0XMJpA5KL5YeKOF4IU+36/qKr2HdqEcLtow4CzudNmZdzAERceleejcsjqLRaRyh8u7qovwIQPyC7mMyaJ7cgBleNDcI7CYitX5yeuUPLhOpYBbOL/jHNLYSd/+i7YaMJI= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=IIPRU8mE; arc=fail smtp.client-ip=40.107.220.80 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="IIPRU8mE" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=dZ7xWb6SFnYo9LUH8UfeteiYXEJuQL2NU4r/oDhs0LlTMrh6eDrz5FZphQnl1EL9+WxA5jizH3Zx3CmrId0HLlPW+eq/bLL1Xc2rV1Affla9ybjl5OBZfES5FUvSsXLkBRzV9APblfak+dh8mp8jPeozXA0278YrIsYco0NmC1vudjxakq7m5fOhfoxi6YC/MP8+oON/f6flPGdlHjKV/SruNfF3vGTu8Qqu9WqQZgZC8KvTdhyJLldFt2Ysz7ACdrf9WBrkDiDoS9P7Sk3IyZNRTJeVisNiISqfjrH1XZIGEJmFX+CC9lF7BGIVixZIkiIllZA3OQE26VFgPpL2bw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=t9F2IFI91GFTPbJm2q7dCmQ8NcfczfdPaIYq3U6eKNg=; b=TSoVksV3mAxjXMAWlyreYSGMYvcps/3oCARwt1ZvKa/EKc0hH6EPVC/mR/jhHfFEHf2Z8bCaSbPzJPUx5P+8abiGvHCrHEZX+C01R92YevcBk+7OIPcg4+1QiP4mHzK+6/7JdN+fg/iOxpLZnimcLHA+uiheCqi29yOkOpIXUx5TXOkTFojaqG6clewX+OxiVCzIRsKw0lGlvh9BgnYvNfiGXb+5AzCK+Qr+/2PlYeJsURBdWuP56tVDuVh/ViRPCWdwGZKXHHlnFrkwtPGgLaNFfWWgaLlcyWBhhN8GqohOfoM55HrvIf7h0Qvz3Cqr6PY7+XqcgE2orhS142xkkA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=t9F2IFI91GFTPbJm2q7dCmQ8NcfczfdPaIYq3U6eKNg=; b=IIPRU8mE7+xiCMch4qSU5OwiewAM1Smy6SW0E5OSS+aEPwKLT9pZCCx/XxycmpARW8tIsZ23wx/tiI0Q0j0flX3Z0rBA5sdGtiNck6jCVsmBMEw6QEWHiMtwchYG6SLOQ4r8vXffpre8gQQYYloYkuZaNEbmDGXXI8GwBRFJeCs= Received: from SN6PR08CA0014.namprd08.prod.outlook.com (2603:10b6:805:66::27) by CYYPR12MB8750.namprd12.prod.outlook.com (2603:10b6:930:be::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8398.24; Mon, 3 Feb 2025 22:33:49 +0000 Received: from SN1PEPF0002BA4D.namprd03.prod.outlook.com (2603:10b6:805:66:cafe::99) by SN6PR08CA0014.outlook.office365.com (2603:10b6:805:66::27) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8398.24 via Frontend Transport; Mon, 3 Feb 2025 22:33:49 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF0002BA4D.mail.protection.outlook.com (10.167.242.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8398.14 via Frontend Transport; Mon, 3 Feb 2025 22:33:48 +0000 Received: from sampat-dell.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Mon, 3 Feb 2025 16:33:47 -0600 From: "Pratik R. Sampat" To: , , , , CC: , , , , , , , , , , , , , , Subject: [PATCH v6 7/9] KVM: selftests: Force GUEST_MEMFD flag for SNP VM type Date: Mon, 3 Feb 2025 16:32:03 -0600 Message-ID: <20250203223205.36121-8-prsampat@amd.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250203223205.36121-1-prsampat@amd.com> References: <20250203223205.36121-1-prsampat@amd.com> Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF0002BA4D:EE_|CYYPR12MB8750:EE_ X-MS-Office365-Filtering-Correlation-Id: d94e016b-fefd-41f1-0e6f-08dd44a2d41d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; ARA:13230040|82310400026|7416014|1800799024|36860700013|376014; X-Microsoft-Antispam-Message-Info: YI328HS5YJ6334dh6r9c3zQ5dUnpFIjp5quQr/xMhDB/YOuVo7127F9EGCp3BW8MdXugLG/N0FdK3q04pKcLROJNNmQAXKFfyJDf+MB0a6yBIAb8q2OgZQ4lssUbF8+74bOiX++cU29bIeto2SFOlHYfW/45QBhzUSd26m7X9slojijYdFDV1yikFaRxr8Jmdyex3KfB7z0BDJtp1LOql6p5yHgXX8RyuuiIY7YSxecCAe2GPbsjGsJiG1Mcsxpi3DJ4gJe0009gFaTvnaSz3JvGkxDtntuKQdCYpBZ9f4JcdKAT6ZIur/iJIEd1C09XbYmdwfZs58n5lAJBddgV8gUSMQNQeciMomYdhFKOSLIT7fCHguZ06AhBFyXC9pwnOyWKv0Qbze0rV556KBRnek6OVz5lvI/bX/bJ0JTtUWS8JFkc0QMTvU72g70o6TjY9DM2rKkQ9oZRDE8veNWr1nMc+F4IzlEe2kG7u3Usv8sqmuNynga6i8UnrndUyuM8nUIFa9Hod+9GKLw4cyBnTx8DaxVHzj7ShnBRYChuVmIWICsEbOmqQcPuimGmtDSH15a4BiAgxUuPbAonMWjPDBC0VJMZ3EXsunilvSRxvNf1b+6bNJqzKsl+t9Cv6meq1eM02C2LVKHlhx/UYeAWsCefpySeKq/nvObnPoJQ1CwWPxR5M4xZDJoBeUGcMeonoYmZIM96Zoc0auGYyQuHmyk7kXDHxbchuzgKqTxMa2sYyw5yEmnGORom/pb9RQpLpgCRFW7Xny7KVayHZciABt7BbtAN32AoopUy7aLjLR3QQ3H8SfCPLrgFyYexa03Wrj2L+oabot73B0FX50d2lPUBPTopFimtKICp5BptH4lq8FmzYa0EjFzO2GmHilhTnJvAAdOdbfrd8GP4UxK9oRAlVCOtDxIdqHFUYBKcHqadkUIyMEJC3PljVtRnmddd53XEN37eEWNHI6X7BXcC0K+1vkV7zXwWomC3Ic5LwwesWFTyxmvvMJJXFjCr+nbub6opPM6veUS4ma1afj7Mpoux7Kgn5K153Q5a2pr6VnkP7pamXnIbi1BbFFf3zURllGc7Sh5qWhAiCQUAMWPy8jJadp9Ksn/WNbihZFkRd9+no9ImKDLix2LhTtj6M2Vf0tnQqeLBjsHCV+2aEFRdwLl3vTgR4TmaYBJiuIW4uRFQMpx8YNLNK9RTQdDHPLIHldBkJXKsF7m63WAMI0sdYEgST2054LSIvSg4zJkbN4vg3cPJO4ziayIlOdPfwt0PyAhUIl5fbu96TvO7SJ2ZChdOqUvhzAUjSowFJng0v115//szqXp6xBq84tod1MkrVsEoBWRqx1rZ4TihXoPeeBwhYzwsXg0OzECmKDunnZvBoyBeZJ3r5Eam7cudlPF0qqVznKGJ4aL6XsDmiaJ85DrASlrVSJxXHf+v5M0ky8Xs/pjiKG/B3p75jJRvqXuPzOa/L6J9fuwRZOtuDL2Aig28g0F6xxxKKb+1923/htc= X-Forefront-Antispam-Report: CIP:165.204.84.17; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:SATLEXMB04.amd.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(13230040)(82310400026)(7416014)(1800799024)(36860700013)(376014); DIR:OUT; SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Feb 2025 22:33:48.9761 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: d94e016b-fefd-41f1-0e6f-08dd44a2d41d X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17]; Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF0002BA4D.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CYYPR12MB8750 Force the SEV-SNP VM type to set the KVM_MEM_GUEST_MEMFD flag for the creation of private memslots. Tested-by: Srikanth Aithal Signed-off-by: Pratik R. Sampat --- v5..v6: * Collected tags from Srikanth. --- tools/testing/selftests/kvm/lib/kvm_util.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index 33fefeb3ca44..089488e2eaf6 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -413,14 +413,17 @@ struct kvm_vm *__vm_create(struct vm_shape shape, uint32_t nr_runnable_vcpus, nr_extra_pages); struct userspace_mem_region *slot0; struct kvm_vm *vm; - int i; + int i, flags = 0; pr_debug("%s: mode='%s' type='%d', pages='%ld'\n", __func__, vm_guest_mode_string(shape.mode), shape.type, nr_pages); vm = ____vm_create(shape); - vm_userspace_mem_region_add(vm, VM_MEM_SRC_ANONYMOUS, 0, 0, nr_pages, 0); + if (shape.type == KVM_X86_SNP_VM) + flags |= KVM_MEM_GUEST_MEMFD; + + vm_userspace_mem_region_add(vm, VM_MEM_SRC_ANONYMOUS, 0, 0, nr_pages, flags); for (i = 0; i < NR_MEM_REGIONS; i++) vm->memslots[i] = 0; From patchwork Mon Feb 3 22:32:05 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Pratik R. Sampat" X-Patchwork-Id: 861679 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2044.outbound.protection.outlook.com [40.107.223.44]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BD76720FA9D; Mon, 3 Feb 2025 22:34:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.223.44 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738622058; cv=fail; b=Dvx+OCB8G34EpxIT8dV6jvmJ2Aw4a6xwfe9SPsCYbzJAkRZnTN5b3pdliayRO/Cw5ByqolfWqA8jH4/HdjD4KueNSBWRzPVb5R17+pzHLoanUGYadeOKg+0YgR+TvVFZ4cLH+j74V1jhRsuPs5kVkaqAa5iC8qbqBhOGFgTy2II= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738622058; c=relaxed/simple; bh=9MgVYFLYY4ec9JxQTapimjL+0DXZVB6JSMMKAI32RLA=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=mX2arxG7p/8VRiSku7DXsgQzKicsBX1YqK354g0qn3g2uNKF+KDaYGatetfDE3HZGoI+hYCL/bS5vpPyQ6KrSWV3ZZmAs8U7qLt3Dmw4HKXUvzH8x97hEiSenWCy4Q3als8G8sBEjbDbIMNhw7aErRhyE0Pr+sJTY0FZ4TMhDXo= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=cbC4Ndm5; arc=fail smtp.client-ip=40.107.223.44 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="cbC4Ndm5" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=KBb7AWiiYiqmi+d4xRWucoSl6SLb6NwrNNayw2YVMyvsRBhb3NgBoG4KloZhJ3nNrT5R1FiTmnV1zd3oQNzSPwZDmL126h9lWNVhbnkkPALv68ys3gozpy6KNlSgaTx73+KKOdsrV8db8S5MkxBKgOpl/UBXy8svtpJGsTutR9GPNO2cp06Tr9a7uusvTYyOSYFgV74x+CcNLOBuGAH6Pm04d/lSt1lMPjtECEyga4qYggWKMSNU+zmRPC2flM/jc41hnMx5s9p2E4C7Kr3eSihxqLWC25hsjV3u3TwJWS+MyCqQPBJ+byM68Bdj7fkcqLAk2vbK+0do4AAwtNzF8A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=AMonE8Jnl1T77qB+HYCpOlYadKOE73Jwtdt+alX6DUI=; b=qDfYspILVXUj48JOkoSdhP6JS+x5gurLCCeccIwWu5IZAb4cI52nU5JjZC3M2ufOcX+PtHbasiuyqVRRP8e0gHYYBkvwRAqxzhRtmqnkaTfcQ26S7SEG/HG5pShQ7SI01jxrl7Nb497016k7R5+iLlIeVxxPENJ5+oIkSxnIFWBGGLtr7obUNCr/1Rj0EvPMgXkD9IjJDQChOboWUshWDbveeN5FwGb/MdQL+2lWMuEmnc0d8fq3KOgqmKmw8ExEdlX6NLGvIfGcGqOZjsuTkImqq9KxU9fD/Ja13KBJ/wcdoLmoPSYIy5b9xg42lUeRHAw2pHl07fJ97NQwQH09RQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=AMonE8Jnl1T77qB+HYCpOlYadKOE73Jwtdt+alX6DUI=; b=cbC4Ndm5FMar6RT+XQ08V8J6g4Fg0upDfu18PiEf67P5yXp3H0tHlsCvju+QHGwnBhKE8SxBXGoH3gTIUzk1J0FzaSsURDBaU+vGbvE3788jmfbscspc+OFbZZJ50nf1lsa/92zL006v58KC9LqWF5jXCetmG1LBpfOf75Z4hd0= Received: from BYAPR06CA0061.namprd06.prod.outlook.com (2603:10b6:a03:14b::38) by MW5PR12MB5599.namprd12.prod.outlook.com (2603:10b6:303:194::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8398.24; Mon, 3 Feb 2025 22:34:12 +0000 Received: from SN1PEPF0002BA52.namprd03.prod.outlook.com (2603:10b6:a03:14b:cafe::5e) by BYAPR06CA0061.outlook.office365.com (2603:10b6:a03:14b::38) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8398.25 via Frontend Transport; Mon, 3 Feb 2025 22:34:12 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF0002BA52.mail.protection.outlook.com (10.167.242.75) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8398.14 via Frontend Transport; Mon, 3 Feb 2025 22:34:12 +0000 Received: from sampat-dell.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Mon, 3 Feb 2025 16:34:10 -0600 From: "Pratik R. Sampat" To: , , , , CC: , , , , , , , , , , , , , , Subject: [PATCH v6 9/9] KVM: selftests: Add a basic SEV-SNP smoke test Date: Mon, 3 Feb 2025 16:32:05 -0600 Message-ID: <20250203223205.36121-10-prsampat@amd.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250203223205.36121-1-prsampat@amd.com> References: <20250203223205.36121-1-prsampat@amd.com> Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF0002BA52:EE_|MW5PR12MB5599:EE_ X-MS-Office365-Filtering-Correlation-Id: 9c1566f9-3a56-4293-b237-08dd44a2e1ee X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; ARA:13230040|82310400026|7416014|376014|1800799024|36860700013; X-Microsoft-Antispam-Message-Info: +xiATD8DH8VnUlLZQy2uhFLJxLlxBXD3nUCnra4qGkLPoPtVo76abBAR/Y4ik7oqXmmHXUMbkDmtwWYr18qMm7RTno/r/g4QnQBSuM8MeF3l/5+v9MPe4Raz02AUuncQx2uM4V+V71h+Fgpr9cBxAjWQa5o2w6To0qPWW6Vr4DxjYwo+VoqeiWthr7kf0IxgG4RJXg000qaxav4TXw7MhXi5IXIli2hJgPpLVFgqkwqmXg+RcOL8TD0MmqR16XFxiXa6mDBTr9MZOo5aypKsqk9MBVYgJEyHFzOxloHuIHWxfRaIPHtowIPWkqArjIj7T+8NDqmtW/NORlsVNazw9C01jB3RBMZzLW/2hQ1WFkoR062A0MalkprIPI3Qc/AFyniqesITHsGIHfUpTzFVqfPM/yvFmWEFi5iFcAUUMBmRU2yXkyVMmoPm0agr+sNt0AC+z/avygGankJQMW6B/GqAPnV4PLSovBDviish3glK6cgliNPPNpEvhfu/fCMkJn6qy7KKXSsUU7gjm6SxmAQHSyl/M9WX8kMMU8u7fTgQ7xlCOX8EzWmDeiiZsZ8YayUPEIVL9PKh/2UZ3hWW5szc+VJUVLoFYuj9ySZeKd0bMGOhZ02PiUqX6tJazIGDfrhLrRjYg9pmoImZXVg59oiOqdUKxMG4G7tqsxe1ClNu3D1G4zS5u6lgT6uxkuZrrQ7vr50Ck+NzyyXYJ9I3+ocDbSAeibQnThUl/hSxBLeS9IWKZvoFU4hFtBT4hjFbAJsd+1e2pFm92vvZZrCaq6pVLer7pJxDvUf9/aNgJfeJDyGHZScMzA8Hcohwytl67fmWpTXKdJvY7B79T3iiBAw3MTNT646XtRXYYdI3DvtwQJPhMTPWzJDsBr7F1ftNBdSAQU5mUB1P1WICcWR64nfZwmaech6AhADPJoeRRaGqV3BrNA5WLBjeRTd27Um6D0/RS9bE4AO1F/J4SYnAE2yQWpaxFsQs7K/DbGFXzohTopSnhqUnaLWj9BGQNp29Jg+FgICkeASvccZ8ol3KenYa0c5loSeG1SOreN1Tb++D6Z5RWHZNyUqB5wUqMhRqshOdk/rm5oK156WIaDWAueQfm+0tbX4oK9rRfMYYr9p8kvzQTPn0DxgX4zDO3qny5C2b1XqIHfBV3D2xn6bTjzmqgeZt82w+cai52JkRP+yBLJzt3vKv/jIW3szQxEN30BxLbxdm05BtMv/MMPpz0VCJcFQxs2XRBvu0FwHZG8h3JD2ZgrcpsrCMzJyik+VJ6wk84owW4mLuXlJy4UQVKkSnbKO9sH5/AAJZ2nVdcIB1Ii2CCvtzpPnGaRT/iAc2wsxCGsACyvU9ONhf95KRt5c5XWWmaS/MN9N3gYxhV3fAiSY/M2qh3rJZVWXAsx1tPa5qPFPL93ZA7TlN5r1jLQJMxPt4zNnh167oEGLjGCVWUCYtfOeYXM2D1qcCfdB1IwA/uEG963HptsWu/fky3zxXIHeogScUj+iuUVmHTj0= X-Forefront-Antispam-Report: CIP:165.204.84.17; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:SATLEXMB04.amd.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(13230040)(82310400026)(7416014)(376014)(1800799024)(36860700013); DIR:OUT; SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Feb 2025 22:34:12.1604 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 9c1566f9-3a56-4293-b237-08dd44a2e1ee X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17]; Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF0002BA52.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW5PR12MB5599 Extend sev_smoke_test to also run a minimal SEV-SNP smoke test that initializes and sets up private memory regions required to run a simple SEV-SNP guest. Similar to its SEV-ES smoke test counterpart, this also does not support GHCB and ucall yet and uses the GHCB MSR protocol to trigger an exit of the type KVM_EXIT_SYSTEM_EVENT. Tested-by: Srikanth Aithal Signed-off-by: Pratik R. Sampat --- v5..v6: * Rename KVM CPU feature X86_FEATURE_SNP to X86_FEATURE_SEV_SNP (Nikunj) * Collected tags from Srikanth. --- .../selftests/kvm/x86/sev_smoke_test.c | 42 +++++++++++++++++++ 1 file changed, 42 insertions(+) diff --git a/tools/testing/selftests/kvm/x86/sev_smoke_test.c b/tools/testing/selftests/kvm/x86/sev_smoke_test.c index 3a36cd3ca151..3336550152c0 100644 --- a/tools/testing/selftests/kvm/x86/sev_smoke_test.c +++ b/tools/testing/selftests/kvm/x86/sev_smoke_test.c @@ -16,6 +16,18 @@ #define XFEATURE_MASK_X87_AVX (XFEATURE_MASK_FP | XFEATURE_MASK_SSE | XFEATURE_MASK_YMM) +static void guest_snp_code(void) +{ + uint64_t sev_msr = rdmsr(MSR_AMD64_SEV); + + GUEST_ASSERT(sev_msr & MSR_AMD64_SEV_ENABLED); + GUEST_ASSERT(sev_msr & MSR_AMD64_SEV_ES_ENABLED); + GUEST_ASSERT(sev_msr & MSR_AMD64_SEV_SNP_ENABLED); + + wrmsr(MSR_AMD64_SEV_ES_GHCB, GHCB_MSR_TERM_REQ); + VMGEXIT(); +} + static void guest_sev_es_code(void) { /* TODO: Check CPUID after GHCB-based hypercall support is added. */ @@ -157,11 +169,21 @@ static void test_sev_es(uint64_t policy) __test_sev(guest_sev_es_code, KVM_X86_SEV_ES_VM, policy); } +static void test_snp(uint64_t policy) +{ + __test_sev(guest_snp_code, KVM_X86_SNP_VM, policy); +} + static void test_sync_vmsa_sev_es(uint64_t policy) { __test_sync_vmsa(KVM_X86_SEV_ES_VM, policy); } +static void test_sync_vmsa_snp(uint64_t policy) +{ + __test_sync_vmsa(KVM_X86_SNP_VM, policy); +} + static void guest_shutdown_code(void) { struct desc_ptr idt; @@ -195,6 +217,11 @@ static void test_sev_es_shutdown(uint64_t policy) __test_sev_shutdown(KVM_X86_SEV_ES_VM, SEV_POLICY_ES); } +static void test_snp_shutdown(uint64_t policy) +{ + __test_sev_shutdown(KVM_X86_SNP_VM, policy); +} + int main(int argc, char *argv[]) { const u64 xf_mask = XFEATURE_MASK_X87_AVX; @@ -217,5 +244,20 @@ int main(int argc, char *argv[]) } } + if (kvm_cpu_has(X86_FEATURE_SEV_SNP)) { + uint64_t snp_policy = snp_default_policy(); + + test_snp(snp_policy); + /* Test minimum firmware level */ + test_snp(snp_policy | SNP_FW_VER_MAJOR(SNP_MIN_API_MAJOR) | + SNP_FW_VER_MINOR(SNP_MIN_API_MINOR)); + + test_snp_shutdown(snp_policy); + + if (kvm_has_cap(KVM_CAP_XCRS) && + (xgetbv(0) & kvm_cpu_supported_xcr0() & xf_mask) == xf_mask) + test_sync_vmsa_snp(snp_policy); + } + return 0; }