2023-02-13 17:25:46

by Dionna Amalie Glaze

[permalink] [raw]
Subject: [PATCH v14 0/3] Add throttling detection to sev-guest

The guest request synchronous API from SEV-SNP VMs to the host's security
processor consumes a global resource. For this reason, AMD's docs
recommend that the host implements a throttling mechanism. In order for
the guest to know it's been throttled and should try its request again,
we need some good-faith communication from the host that the request
has been throttled.

These patches work with the existing /dev/sev-guest ABI to detect a
throttling code.

Changes from v13:
* Added double-buffering fix to the "Fixes" patch to address a secondary
concern of zero trust with respect to host access to intermediate
cryptographic computations in shared memory.
* Removed module parameters and rate limiting in favor of just
cond_resched.
* Removed possible infinite loop of retries by giving up with an erased
VMPCK and -ETIMEDOUT error after 60 seconds of retries.
Changes from v12:
* Reordered fix patch to the beginning and kept it minimal.
* Changed documentation in same patch as the respective change to the
header.
* Changed exitinfo2 in dev_alert to print in hex.
Changes from v11:
* Squashed all type changing patches into 1 that modifies both sev-guest
and x86/kernel/sev.c.
* Removed fw_err field from sev-guest command struct (renamed exitinfo2).
Changes from v10:
* Added sev_guestreq_err_t typedef early in chain to change a signature
acress x86/sev and virt/coco/sev-guest in a single change. This makes
all patches build. I have 3 cleanup patches to change the type and
subsequently remove the typedef.
* Changed exitinfo2 initial undefined value back to 0xff since Thomas
indicated that a firmware error is only 16 bits.
Changes from v9:
* Rebased on v6.2-rc3
Changes from v8:
* Added documentation changes.
* Changed commit messages to use passive voice.
* Simplified control flow for __sev_platform_init_locked.
Changes from v7:
* Replaced handle_guest_request arguments msg_ver and fw_err with a
pointer to the snp_guest_request_ioctl argument struct.
Changes from v6:
* Rebased on the IV reuse fix patch
* renamed rate_hz to rate_s and fixed its MODULE_PARM_DESC to use the
correct variable name.
* Changed sleep_timeout_interrutible (not defined) to
schedule_timeout_interruptible.
Changes from v5:
* Fixed commit prefix text
* Added all get_maintainers.pl folks to commits' Cc tags
* Changed SET_RET_NO_FW_CALL commit's metadata to show pgonda signs
off and is the author.
Changes from v4:
* Clarified comment on SEV_RET_NO_FW_CALL
* Changed ratelimit loop to use sleep_timeout_interruptible
Changes from v3:
* sev-guest ratelimits itself to one request twice a second.
* Fixed a type signature to use u64 instead of unsigned int
* Set *exitinfo2 unconditionally after the ghcb_hv_call.
Changes from v2:
* Codified the non-firmware-call firmware error code as (u32)-1.
* Changed sev_issue_guest_request unsigned long *fw_err argument to
u64 *exitinfo2 to more accurately and type-safely describe the
value that it outputs.
* Changed sev_issue_guest_request to always set its exitinfo2
argument to either the non-firmware-call error code, the
EXIT_INFO_2 returned from the VMM if the request failed, or 0 on
success. This fixes a bug that returned uninitialized kernel stack
memory to the user when there is no error.
* Changed the throttle behavior to retry in the driver instead of
returning -EAGAIN, due to possible message sequence number reuse
on different message contents.

Changes from v1:
* Changed throttle error code to 2

Dionna Glaze (2):
virt/coco/sev-guest: Add throttling awareness
x86/sev: Change snp_guest_issue_request's fw_err

Peter Gonda (1):
crypto: ccp - Name -1 return value as SEV_RET_NO_FW_CALL

Documentation/virt/coco/sev-guest.rst | 21 ++++--
arch/x86/include/asm/sev-common.h | 3 -
arch/x86/include/asm/sev.h | 4 +-
arch/x86/kernel/sev.c | 13 ++--
drivers/crypto/ccp/sev-dev.c | 22 +++---
drivers/virt/coco/sev-guest/sev-guest.c | 95 +++++++++++++++++--------
include/uapi/linux/psp-sev.h | 7 ++
include/uapi/linux/sev-guest.h | 18 ++++-
8 files changed, 127 insertions(+), 56 deletions(-)

--
2.39.1.581.gbfd45094c4-goog



2023-02-13 17:25:48

by Dionna Amalie Glaze

[permalink] [raw]
Subject: [PATCH v14 1/3] virt/coco/sev-guest: Add throttling awareness

The host is permitted and encouraged to throttle guest requests to the
AMD-SP since it is a shared resource across all VMs. Without
throttling-awareness, the host returning an error will immediately lock
out access to the VMPCK, which makes the VM less useful as it can't
attest itself. Since throttling is expected for a host to protect itself
from an uncooperative guest, a cooperative host can return a VMM error
code that the request was throttled.

The driver interprets the upper 32 bits of exitinfo2 as a VMM error code.
For safety, since the encryption algorithm in GHCBv2 is AES_GCM, control
must remain in the kernel to complete the request with the current
sequence number. Returning without finishing the request allows the
guest to make another request but with different message contents. This
is IV reuse, and breaks cryptographic protections.

A quick fix is to retry for a while and then disable the VMPCK and
return to user space.

A guest request may not make it to the AMD-SP before the host returns to
the guest, so the err local variable in handle_guest_request must be
initialized the same way fw_err is. snp_issue_guest_request similarly
should set fw_err whether or not the value is non-zero, in order to
appropriately clear the error value when zero.

The IV reuse fix for invalid certs_len needs modification to work with
throttling, since a single retry with a modified exit_code may be
throttled without retry and result in a locked-out VMPCK. Instead,
change the exit_code as before and jump to the same retry label, and
deal with the error code fixup by checking if the exit_code had to be
changed.

Another issue that must be fixed is how crypto results are written to
shared memory. The solution is to double-buffer messages.

The encryption algorithms read and write directly to shared unencrypted
memory, which may leak information as well as permit the host to tamper
with the message integrity. Instead copy whole messages in or out as
needed before doing any computation on them.

Cc: Tom Lendacky <[email protected]>
Cc: Paolo Bonzini <[email protected]>
Cc: Joerg Roedel <[email protected]>
Cc: Peter Gonda <[email protected]>
Cc: Thomas Gleixner <[email protected]>
Cc: Dave Hansen <[email protected]>
Cc: Ingo Molnar <[email protected]>
Cc: Borislav Petkov <[email protected]>
Cc: "H. Peter Anvin" <[email protected]>
Cc: Venu Busireddy <[email protected]>
Cc: Michael Roth <[email protected]>
Cc: "Kirill A. Shutemov" <[email protected]>
Cc: Michael Sterritt <[email protected]>

Fixes: d5af44dde546 ("x86/sev: Provide support for SNP guest request
NAEs")

Signed-off-by: Dionna Glaze <[email protected]>
---
arch/x86/include/asm/sev-common.h | 3 +-
arch/x86/kernel/sev.c | 3 +-
drivers/virt/coco/sev-guest/sev-guest.c | 54 +++++++++++++++++++++----
3 files changed, 50 insertions(+), 10 deletions(-)

diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h
index b8357d6ecd47..b63be696b776 100644
--- a/arch/x86/include/asm/sev-common.h
+++ b/arch/x86/include/asm/sev-common.h
@@ -128,8 +128,9 @@ struct snp_psc_desc {
struct psc_entry entries[VMGEXIT_PSC_MAX_ENTRY];
} __packed;

-/* Guest message request error code */
+/* Guest message request error codes */
#define SNP_GUEST_REQ_INVALID_LEN BIT_ULL(32)
+#define SNP_GUEST_REQ_ERR_BUSY BIT_ULL(33)

#define GHCB_MSR_TERM_REQ 0x100
#define GHCB_MSR_TERM_REASON_SET_POS 12
diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c
index 679026a640ef..a908ffc2dfba 100644
--- a/arch/x86/kernel/sev.c
+++ b/arch/x86/kernel/sev.c
@@ -2212,14 +2212,13 @@ int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, unsigned
if (ret)
goto e_put;

+ *fw_err = ghcb->save.sw_exit_info_2;
if (ghcb->save.sw_exit_info_2) {
/* Number of expected pages are returned in RBX */
if (exit_code == SVM_VMGEXIT_EXT_GUEST_REQUEST &&
ghcb->save.sw_exit_info_2 == SNP_GUEST_REQ_INVALID_LEN)
input->data_npages = ghcb_get_rbx(ghcb);

- *fw_err = ghcb->save.sw_exit_info_2;
-
ret = -EIO;
}

diff --git a/drivers/virt/coco/sev-guest/sev-guest.c b/drivers/virt/coco/sev-guest/sev-guest.c
index 4ec4174e05a3..4945f2dd97a2 100644
--- a/drivers/virt/coco/sev-guest/sev-guest.c
+++ b/drivers/virt/coco/sev-guest/sev-guest.c
@@ -30,6 +30,7 @@
#define DEVICE_NAME "sev-guest"
#define AAD_LEN 48
#define MSG_HDR_VER 1
+#define ACCEPTABLE_REQUEST_RETRY_DURATION (60*HZ)

struct snp_guest_crypto {
struct crypto_aead *tfm;
@@ -43,7 +44,13 @@ struct snp_guest_dev {

void *certs_data;
struct snp_guest_crypto *crypto;
+ /* request and response are in unencrypted memory */
struct snp_guest_msg *request, *response;
+ /*
+ * Avoid information leakage by double-buffering shared messages
+ * in fields that are in regular encrypted memory.
+ */
+ struct snp_guest_msg secret_request, secret_response;
struct snp_secrets_page_layout *layout;
struct snp_req_data input;
u32 *os_area_msg_seqno;
@@ -263,14 +270,17 @@ static int dec_payload(struct snp_guest_dev *snp_dev, struct snp_guest_msg *msg,
static int verify_and_dec_payload(struct snp_guest_dev *snp_dev, void *payload, u32 sz)
{
struct snp_guest_crypto *crypto = snp_dev->crypto;
- struct snp_guest_msg *resp = snp_dev->response;
- struct snp_guest_msg *req = snp_dev->request;
+ struct snp_guest_msg *resp = &snp_dev->secret_response;
+ struct snp_guest_msg *req = &snp_dev->secret_request;
struct snp_guest_msg_hdr *req_hdr = &req->hdr;
struct snp_guest_msg_hdr *resp_hdr = &resp->hdr;

dev_dbg(snp_dev->dev, "response [seqno %lld type %d version %d sz %d]\n",
resp_hdr->msg_seqno, resp_hdr->msg_type, resp_hdr->msg_version, resp_hdr->msg_sz);

+ /* Copy response from shared memory to encrypted memory. */
+ memcpy(resp, snp_dev->response, sizeof(*resp));
+
/* Verify that the sequence counter is incremented by 1 */
if (unlikely(resp_hdr->msg_seqno != (req_hdr->msg_seqno + 1)))
return -EBADMSG;
@@ -294,7 +304,7 @@ static int verify_and_dec_payload(struct snp_guest_dev *snp_dev, void *payload,
static int enc_payload(struct snp_guest_dev *snp_dev, u64 seqno, int version, u8 type,
void *payload, size_t sz)
{
- struct snp_guest_msg *req = snp_dev->request;
+ struct snp_guest_msg *req = &snp_dev->secret_request;
struct snp_guest_msg_hdr *hdr = &req->hdr;

memset(req, 0, sizeof(*req));
@@ -322,22 +332,34 @@ static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, in
u8 type, void *req_buf, size_t req_sz, void *resp_buf,
u32 resp_sz, __u64 *fw_err)
{
- unsigned long err;
+ unsigned long err = 0xff;
+ unsigned long start_time = jiffies;
+ u64 orig_exit_code = exit_code;
u64 seqno;
int rc;
+ unsigned int certs_npages = 0;

/* Get message sequence and verify that its a non-zero */
seqno = snp_get_msg_seqno(snp_dev);
if (!seqno)
return -EIO;

+ /* Clear shared memory's response for the host to populate. */
memset(snp_dev->response, 0, sizeof(struct snp_guest_msg));

- /* Encrypt the userspace provided payload */
+ /* Encrypt the userspace provided payload in snp_dev->secret_request. */
rc = enc_payload(snp_dev, seqno, msg_ver, type, req_buf, req_sz);
if (rc)
return rc;

+ /*
+ * Write the fully encrypted request to the shared unencrypted
+ * request page.
+ */
+ memcpy(snp_dev->request, &snp_dev->secret_request,
+ sizeof(snp_dev->secret_request));
+
+retry:
/*
* Call firmware to process the request. In this function the encrypted
* message enters shared memory with the host. So after this call the
@@ -346,6 +368,20 @@ static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, in
*/
rc = snp_issue_guest_request(exit_code, &snp_dev->input, &err);

+ /*
+ * The host may return SNP_GUEST_REQ_ERR_EBUSY if the request has been
+ * throttled. Retry in the driver to avoid returning and reusing the
+ * message sequence number on a different message.
+ */
+ if (err == SNP_GUEST_REQ_ERR_BUSY) {
+ if (jiffies - start_time > ACCEPTABLE_REQUEST_RETRY_DURATION) {
+ rc = -ETIMEDOUT;
+ goto disable_vmpck;
+ }
+ cond_resched();
+ goto retry;
+ }
+
/*
* If the extended guest request fails due to having too small of a
* certificate data buffer, retry the same guest request without the
@@ -354,7 +390,7 @@ static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, in
*/
if (exit_code == SVM_VMGEXIT_EXT_GUEST_REQUEST &&
err == SNP_GUEST_REQ_INVALID_LEN) {
- const unsigned int certs_npages = snp_dev->input.data_npages;
+ certs_npages = snp_dev->input.data_npages;

exit_code = SVM_VMGEXIT_GUEST_REQUEST;

@@ -366,8 +402,12 @@ static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, in
* of the VMPCK and the error code being propagated back to the
* user as an ioctl() return code.
*/
- rc = snp_issue_guest_request(exit_code, &snp_dev->input, &err);
+ cond_resched();
+ goto retry;

+ }
+ if (orig_exit_code == SVM_VMGEXIT_EXT_GUEST_REQUEST &&
+ exit_code != orig_exit_code) {
/*
* Override the error to inform callers the given extended
* request buffer size was too small and give the caller the
--
2.39.1.581.gbfd45094c4-goog


2023-02-13 17:25:51

by Dionna Amalie Glaze

[permalink] [raw]
Subject: [PATCH v14 2/3] crypto: ccp - Name -1 return value as SEV_RET_NO_FW_CALL

From: Peter Gonda <[email protected]>

The PSP can return a "firmware error" code of -1 in circumstances where
the PSP is not actually called. To make this protocol unambiguous, the
value is named SEV_RET_NO_FW_CALL.

Cc: Thomas Lendacky <[email protected]>
Cc: Paolo Bonzini <[email protected]>
Cc: Joerg Roedel <[email protected]>
Cc: Ingo Molnar <[email protected]>
Cc: Andy Lutomirsky <[email protected]>
Cc: John Allen <[email protected]>
Cc: Herbert Xu <[email protected]>
Cc: "David S. Miller" <[email protected]>
Cc: Borislav Petkov <[email protected]>

Signed-off-by: Peter Gonda <[email protected]>
Signed-off-by: Dionna Glaze <[email protected]>
---
Documentation/virt/coco/sev-guest.rst | 2 +-
drivers/crypto/ccp/sev-dev.c | 22 ++++++++++++++--------
include/uapi/linux/psp-sev.h | 7 +++++++
3 files changed, 22 insertions(+), 9 deletions(-)

diff --git a/Documentation/virt/coco/sev-guest.rst b/Documentation/virt/coco/sev-guest.rst
index bf593e88cfd9..e76393e389eb 100644
--- a/Documentation/virt/coco/sev-guest.rst
+++ b/Documentation/virt/coco/sev-guest.rst
@@ -41,7 +41,7 @@ The guest ioctl should be issued on a file descriptor of the /dev/sev-guest devi
The ioctl accepts struct snp_user_guest_request. The input and output structure is
specified through the req_data and resp_data field respectively. If the ioctl fails
to execute due to a firmware error, then fw_err code will be set otherwise the
-fw_err will be set to 0x00000000000000ff.
+fw_err will be set to 0x00000000ffffffff, i.e., the lower 32-bits are -1.

The firmware checks that the message sequence counter is one greater than
the guests message sequence counter. If guest driver fails to increment message
diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index 06fc7156c04f..ac205f78a595 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -440,12 +440,19 @@ static int __sev_init_ex_locked(int *error)
return __sev_do_cmd_locked(SEV_CMD_INIT_EX, &data, error);
}

+static inline int __sev_do_init_locked(int *psp_ret)
+{
+ if (sev_init_ex_buffer)
+ return __sev_init_ex_locked(psp_ret);
+ else
+ return __sev_init_locked(psp_ret);
+}
+
static int __sev_platform_init_locked(int *error)
{
struct psp_device *psp = psp_master;
struct sev_device *sev;
- int rc = 0, psp_ret = -1;
- int (*init_function)(int *error);
+ int rc = 0, psp_ret = SEV_RET_NO_FW_CALL;

if (!psp || !psp->sev_data)
return -ENODEV;
@@ -456,15 +463,12 @@ static int __sev_platform_init_locked(int *error)
return 0;

if (sev_init_ex_buffer) {
- init_function = __sev_init_ex_locked;
rc = sev_read_init_ex_file();
if (rc)
return rc;
- } else {
- init_function = __sev_init_locked;
}

- rc = init_function(&psp_ret);
+ rc = __sev_do_init_locked(&psp_ret);
if (rc && psp_ret == SEV_RET_SECURE_DATA_INVALID) {
/*
* Initialization command returned an integrity check failure
@@ -473,9 +477,11 @@ static int __sev_platform_init_locked(int *error)
* initialization function should succeed by replacing the state
* with a reset state.
*/
- dev_err(sev->dev, "SEV: retrying INIT command because of SECURE_DATA_INVALID error. Retrying once to reset PSP SEV state.");
- rc = init_function(&psp_ret);
+ dev_err(sev->dev,
+"SEV: retrying INIT command because of SECURE_DATA_INVALID error. Retrying once to reset PSP SEV state.");
+ rc = __sev_do_init_locked(&psp_ret);
}
+
if (error)
*error = psp_ret;

diff --git a/include/uapi/linux/psp-sev.h b/include/uapi/linux/psp-sev.h
index 91b4c63d5cbf..e8cfb8bde0d7 100644
--- a/include/uapi/linux/psp-sev.h
+++ b/include/uapi/linux/psp-sev.h
@@ -36,6 +36,13 @@ enum {
* SEV Firmware status code
*/
typedef enum {
+ /*
+ * This error code is not in the SEV spec but is added to convey that
+ * there was an error that prevented the SEV Firmware from being called.
+ * The SEV API error codes are 16 bits, so the -1 value will not overlap
+ * with possible values from the specification.
+ */
+ SEV_RET_NO_FW_CALL = -1,
SEV_RET_SUCCESS = 0,
SEV_RET_INVALID_PLATFORM_STATE,
SEV_RET_INVALID_GUEST_STATE,
--
2.39.1.581.gbfd45094c4-goog


2023-02-13 17:25:55

by Dionna Amalie Glaze

[permalink] [raw]
Subject: [PATCH v14 3/3] x86/sev: Change snp_guest_issue_request's fw_err

The GHCB specification declares that the firmware error value for a
guest request will be stored in the lower 32 bits of EXIT_INFO_2.
The upper 32 bits are for the VMM's own error code. The fw_err argument
is thus a misnomer, and callers will need access to all 64 bits.

The type of unsigned long also causes problems, since sw_exit_info2 is
u64 (unsigned long long) vs the argument's unsigned long*. This type
is changed for issuing the guest request. The ioctl command struct's
error field is passed directly instead of a local variable, since an
incomplete guest request may not set the error code, and uninitialized
stack memory would be written back to user space.

The firmware might not even be called, so the call is bookended with
the no firmware call error and clearing the error.

Since the "fw_err" field is really exitinfo2 split into the upper bits'
vmm error code and lower bits' firmware error code, sev-guest.h is
updated to represent the 64 bit value as a union.

Cc: Tom Lendacky <[email protected]>
Cc: Paolo Bonzini <[email protected]>
Cc: Joerg Roedel <[email protected]>
Cc: Peter Gonda <[email protected]>
Cc: Thomas Gleixner <[email protected]>
Cc: Dave Hansen <[email protected]>
Cc: Ingo Molnar <[email protected]>
Cc: Borislav Petkov <[email protected]>
Cc: "H. Peter Anvin" <[email protected]>
Cc: Venu Busireddy <[email protected]>
Cc: Michael Roth <[email protected]>
Cc: "Kirill A. Shutemov" <[email protected]>
Cc: Michael Sterritt <[email protected]>

Signed-off-by: Dionna Glaze <[email protected]>
---
Documentation/virt/coco/sev-guest.rst | 21 +++++++----
arch/x86/include/asm/sev-common.h | 4 ---
arch/x86/include/asm/sev.h | 4 +--
arch/x86/kernel/sev.c | 12 ++++---
drivers/virt/coco/sev-guest/sev-guest.c | 47 ++++++++++++-------------
include/uapi/linux/sev-guest.h | 18 ++++++++--
6 files changed, 62 insertions(+), 44 deletions(-)

diff --git a/Documentation/virt/coco/sev-guest.rst b/Documentation/virt/coco/sev-guest.rst
index e76393e389eb..48e89ea2a618 100644
--- a/Documentation/virt/coco/sev-guest.rst
+++ b/Documentation/virt/coco/sev-guest.rst
@@ -37,11 +37,12 @@ along with a description:
the return value. General error numbers (-ENOMEM, -EINVAL)
are not detailed, but errors with specific meanings are.

-The guest ioctl should be issued on a file descriptor of the /dev/sev-guest device.
-The ioctl accepts struct snp_user_guest_request. The input and output structure is
-specified through the req_data and resp_data field respectively. If the ioctl fails
-to execute due to a firmware error, then fw_err code will be set otherwise the
-fw_err will be set to 0x00000000ffffffff, i.e., the lower 32-bits are -1.
+The guest ioctl should be issued on a file descriptor of the
+/dev/sev-guest device. The ioctl accepts struct
+snp_user_guest_request. The input and output structure is specified
+through the req_data and resp_data field respectively. If the ioctl
+fails to execute due to a firmware error, then the fw_error code will
+be set, otherwise fw_error will be set to -1.

The firmware checks that the message sequence counter is one greater than
the guests message sequence counter. If guest driver fails to increment message
@@ -57,8 +58,14 @@ counter (e.g. counter overflow), then -EIO will be returned.
__u64 req_data;
__u64 resp_data;

- /* firmware error code on failure (see psp-sev.h) */
- __u64 fw_err;
+ /* bits[63:32]: VMM error code, bits[31:0] firmware error code (see psp-sev.h) */
+ union {
+ __u64 exitinfo2;
+ struct {
+ __u32 fw_error;
+ __u32 vmm_error;
+ };
+ };
};

2.1 SNP_GET_REPORT
diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h
index b63be696b776..0759af9b1acf 100644
--- a/arch/x86/include/asm/sev-common.h
+++ b/arch/x86/include/asm/sev-common.h
@@ -128,10 +128,6 @@ struct snp_psc_desc {
struct psc_entry entries[VMGEXIT_PSC_MAX_ENTRY];
} __packed;

-/* Guest message request error codes */
-#define SNP_GUEST_REQ_INVALID_LEN BIT_ULL(32)
-#define SNP_GUEST_REQ_ERR_BUSY BIT_ULL(33)
-
#define GHCB_MSR_TERM_REQ 0x100
#define GHCB_MSR_TERM_REASON_SET_POS 12
#define GHCB_MSR_TERM_REASON_SET_MASK 0xf
diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h
index ebc271bb6d8e..05de34d10d89 100644
--- a/arch/x86/include/asm/sev.h
+++ b/arch/x86/include/asm/sev.h
@@ -196,7 +196,7 @@ void snp_set_memory_private(unsigned long vaddr, unsigned int npages);
void snp_set_wakeup_secondary_cpu(void);
bool snp_init(struct boot_params *bp);
void __init __noreturn snp_abort(void);
-int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, unsigned long *fw_err);
+int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, u64 *exitinfo2);
#else
static inline void sev_es_ist_enter(struct pt_regs *regs) { }
static inline void sev_es_ist_exit(void) { }
@@ -217,7 +217,7 @@ static inline void snp_set_wakeup_secondary_cpu(void) { }
static inline bool snp_init(struct boot_params *bp) { return false; }
static inline void snp_abort(void) { }
static inline int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input,
- unsigned long *fw_err)
+ u64 *exitinfo2)
{
return -ENOTTY;
}
diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c
index a908ffc2dfba..82aa81fafb71 100644
--- a/arch/x86/kernel/sev.c
+++ b/arch/x86/kernel/sev.c
@@ -22,6 +22,8 @@
#include <linux/efi.h>
#include <linux/platform_device.h>
#include <linux/io.h>
+#include <linux/psp-sev.h>
+#include <uapi/linux/sev-guest.h>

#include <asm/cpu_entry_area.h>
#include <asm/stacktrace.h>
@@ -2175,7 +2177,7 @@ static int __init init_sev_config(char *str)
}
__setup("sev=", init_sev_config);

-int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, unsigned long *fw_err)
+int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, u64 *exitinfo2)
{
struct ghcb_state state;
struct es_em_ctxt ctxt;
@@ -2186,9 +2188,11 @@ int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, unsigned
if (!cc_platform_has(CC_ATTR_GUEST_SEV_SNP))
return -ENODEV;

- if (!fw_err)
+ if (!exitinfo2)
return -EINVAL;

+ *exitinfo2 = SEV_RET_NO_FW_CALL;
+
/*
* __sev_get_ghcb() needs to run with IRQs disabled because it is using
* a per-CPU GHCB.
@@ -2212,11 +2216,11 @@ int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, unsigned
if (ret)
goto e_put;

- *fw_err = ghcb->save.sw_exit_info_2;
+ *exitinfo2 = ghcb->save.sw_exit_info_2;
if (ghcb->save.sw_exit_info_2) {
/* Number of expected pages are returned in RBX */
if (exit_code == SVM_VMGEXIT_EXT_GUEST_REQUEST &&
- ghcb->save.sw_exit_info_2 == SNP_GUEST_REQ_INVALID_LEN)
+ ghcb->save.sw_exit_info_2 == SNP_GUEST_VMM_ERR(SNP_GUEST_VMM_ERR_INVALID_LEN))
input->data_npages = ghcb_get_rbx(ghcb);

ret = -EIO;
diff --git a/drivers/virt/coco/sev-guest/sev-guest.c b/drivers/virt/coco/sev-guest/sev-guest.c
index 4945f2dd97a2..fdc3bc9df8d9 100644
--- a/drivers/virt/coco/sev-guest/sev-guest.c
+++ b/drivers/virt/coco/sev-guest/sev-guest.c
@@ -328,11 +328,11 @@ static int enc_payload(struct snp_guest_dev *snp_dev, u64 seqno, int version, u8
return __enc_payload(snp_dev, req, payload, sz);
}

-static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, int msg_ver,
- u8 type, void *req_buf, size_t req_sz, void *resp_buf,
- u32 resp_sz, __u64 *fw_err)
+static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code,
+ struct snp_guest_request_ioctl *arg,
+ u8 type, void *req_buf, size_t req_sz,
+ void *resp_buf, u32 resp_sz)
{
- unsigned long err = 0xff;
unsigned long start_time = jiffies;
u64 orig_exit_code = exit_code;
u64 seqno;
@@ -348,7 +348,7 @@ static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, in
memset(snp_dev->response, 0, sizeof(struct snp_guest_msg));

/* Encrypt the userspace provided payload in snp_dev->secret_request. */
- rc = enc_payload(snp_dev, seqno, msg_ver, type, req_buf, req_sz);
+ rc = enc_payload(snp_dev, seqno, arg->msg_version, type, req_buf, req_sz);
if (rc)
return rc;

@@ -366,14 +366,15 @@ static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, in
* sequence number must be incremented or the VMPCK must be deleted to
* prevent reuse of the IV.
*/
- rc = snp_issue_guest_request(exit_code, &snp_dev->input, &err);
+ rc = snp_issue_guest_request(exit_code, &snp_dev->input,
+ &arg->exitinfo2);

/*
- * The host may return SNP_GUEST_REQ_ERR_EBUSY if the request has been
+ * The host may return SNP_GUEST_VMM_ERR_BUSY if the request has been
* throttled. Retry in the driver to avoid returning and reusing the
* message sequence number on a different message.
*/
- if (err == SNP_GUEST_REQ_ERR_BUSY) {
+ if (arg->vmm_error == SNP_GUEST_VMM_ERR_BUSY) {
if (jiffies - start_time > ACCEPTABLE_REQUEST_RETRY_DURATION) {
rc = -ETIMEDOUT;
goto disable_vmpck;
@@ -389,7 +390,7 @@ static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, in
* and thus avoid IV reuse.
*/
if (exit_code == SVM_VMGEXIT_EXT_GUEST_REQUEST &&
- err == SNP_GUEST_REQ_INVALID_LEN) {
+ arg->vmm_error == SNP_GUEST_VMM_ERR_INVALID_LEN) {
certs_npages = snp_dev->input.data_npages;

exit_code = SVM_VMGEXIT_GUEST_REQUEST;
@@ -413,17 +414,14 @@ static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, in
* request buffer size was too small and give the caller the
* required buffer size.
*/
- err = SNP_GUEST_REQ_INVALID_LEN;
+ arg->vmm_error = SNP_GUEST_VMM_ERR_INVALID_LEN;
snp_dev->input.data_npages = certs_npages;
}

- if (fw_err)
- *fw_err = err;
-
if (rc) {
dev_alert(snp_dev->dev,
- "Detected error from ASP request. rc: %d, fw_err: %llu\n",
- rc, *fw_err);
+ "Detected error from ASP request. rc: %d, exitinfo2: %llx\n",
+ rc, arg->exitinfo2);
goto disable_vmpck;
}

@@ -470,9 +468,9 @@ static int get_report(struct snp_guest_dev *snp_dev, struct snp_guest_request_io
if (!resp)
return -ENOMEM;

- rc = handle_guest_request(snp_dev, SVM_VMGEXIT_GUEST_REQUEST, arg->msg_version,
+ rc = handle_guest_request(snp_dev, SVM_VMGEXIT_GUEST_REQUEST, arg,
SNP_MSG_REPORT_REQ, &req, sizeof(req), resp->data,
- resp_len, &arg->fw_err);
+ resp_len);
if (rc)
goto e_free;

@@ -510,9 +508,8 @@ static int get_derived_key(struct snp_guest_dev *snp_dev, struct snp_guest_reque
if (copy_from_user(&req, (void __user *)arg->req_data, sizeof(req)))
return -EFAULT;

- rc = handle_guest_request(snp_dev, SVM_VMGEXIT_GUEST_REQUEST, arg->msg_version,
- SNP_MSG_KEY_REQ, &req, sizeof(req), buf, resp_len,
- &arg->fw_err);
+ rc = handle_guest_request(snp_dev, SVM_VMGEXIT_GUEST_REQUEST, arg,
+ SNP_MSG_KEY_REQ, &req, sizeof(req), buf, resp_len);
if (rc)
return rc;

@@ -572,12 +569,12 @@ static int get_ext_report(struct snp_guest_dev *snp_dev, struct snp_guest_reques
return -ENOMEM;

snp_dev->input.data_npages = npages;
- ret = handle_guest_request(snp_dev, SVM_VMGEXIT_EXT_GUEST_REQUEST, arg->msg_version,
+ ret = handle_guest_request(snp_dev, SVM_VMGEXIT_EXT_GUEST_REQUEST, arg,
SNP_MSG_REPORT_REQ, &req.data,
- sizeof(req.data), resp->data, resp_len, &arg->fw_err);
+ sizeof(req.data), resp->data, resp_len);

/* If certs length is invalid then copy the returned length */
- if (arg->fw_err == SNP_GUEST_REQ_INVALID_LEN) {
+ if (arg->vmm_error == SNP_GUEST_VMM_ERR_INVALID_LEN) {
req.certs_len = snp_dev->input.data_npages << PAGE_SHIFT;

if (copy_to_user((void __user *)arg->req_data, &req, sizeof(req)))
@@ -612,7 +609,7 @@ static long snp_guest_ioctl(struct file *file, unsigned int ioctl, unsigned long
if (copy_from_user(&input, argp, sizeof(input)))
return -EFAULT;

- input.fw_err = 0xff;
+ input.exitinfo2 = 0xff;

/* Message version must be non-zero */
if (!input.msg_version)
@@ -643,7 +640,7 @@ static long snp_guest_ioctl(struct file *file, unsigned int ioctl, unsigned long

mutex_unlock(&snp_cmd_mutex);

- if (input.fw_err && copy_to_user(argp, &input, sizeof(input)))
+ if (input.exitinfo2 && copy_to_user(argp, &input, sizeof(input)))
return -EFAULT;

return ret;
diff --git a/include/uapi/linux/sev-guest.h b/include/uapi/linux/sev-guest.h
index 256aaeff7e65..2aa39112cf8d 100644
--- a/include/uapi/linux/sev-guest.h
+++ b/include/uapi/linux/sev-guest.h
@@ -52,8 +52,14 @@ struct snp_guest_request_ioctl {
__u64 req_data;
__u64 resp_data;

- /* firmware error code on failure (see psp-sev.h) */
- __u64 fw_err;
+ /* bits[63:32]: VMM error code, bits[31:0] firmware error code (see psp-sev.h) */
+ union {
+ __u64 exitinfo2;
+ struct {
+ __u32 fw_error;
+ __u32 vmm_error;
+ };
+ };
};

struct snp_ext_report_req {
@@ -77,4 +83,12 @@ struct snp_ext_report_req {
/* Get SNP extended report as defined in the GHCB specification version 2. */
#define SNP_GET_EXT_REPORT _IOWR(SNP_GUEST_REQ_IOC_TYPE, 0x2, struct snp_guest_request_ioctl)

+/* Guest message request EXIT_INFO_2 constants */
+#define SNP_GUEST_FW_ERR_MASK GENMASK_ULL(31, 0)
+#define SNP_GUEST_VMM_ERR_SHIFT 32
+#define SNP_GUEST_VMM_ERR(x) (((u64)x) << SNP_GUEST_VMM_ERR_SHIFT)
+
+#define SNP_GUEST_VMM_ERR_INVALID_LEN 1
+#define SNP_GUEST_VMM_ERR_BUSY 2
+
#endif /* __UAPI_LINUX_SEV_GUEST_H_ */
--
2.39.1.581.gbfd45094c4-goog


2023-02-13 21:43:39

by Tom Lendacky

[permalink] [raw]
Subject: Re: [PATCH v14 1/3] virt/coco/sev-guest: Add throttling awareness

On 2/13/23 11:25, Dionna Glaze wrote:
> The host is permitted and encouraged to throttle guest requests to the
> AMD-SP since it is a shared resource across all VMs. Without
> throttling-awareness, the host returning an error will immediately lock
> out access to the VMPCK, which makes the VM less useful as it can't
> attest itself. Since throttling is expected for a host to protect itself
> from an uncooperative guest, a cooperative host can return a VMM error
> code that the request was throttled.
>
> The driver interprets the upper 32 bits of exitinfo2 as a VMM error code.
> For safety, since the encryption algorithm in GHCBv2 is AES_GCM, control
> must remain in the kernel to complete the request with the current
> sequence number. Returning without finishing the request allows the
> guest to make another request but with different message contents. This
> is IV reuse, and breaks cryptographic protections.
>
> A quick fix is to retry for a while and then disable the VMPCK and
> return to user space.
>
> A guest request may not make it to the AMD-SP before the host returns to
> the guest, so the err local variable in handle_guest_request must be
> initialized the same way fw_err is. snp_issue_guest_request similarly
> should set fw_err whether or not the value is non-zero, in order to
> appropriately clear the error value when zero.
>
> The IV reuse fix for invalid certs_len needs modification to work with
> throttling, since a single retry with a modified exit_code may be
> throttled without retry and result in a locked-out VMPCK. Instead,
> change the exit_code as before and jump to the same retry label, and
> deal with the error code fixup by checking if the exit_code had to be
> changed.
>
> Another issue that must be fixed is how crypto results are written to
> shared memory. The solution is to double-buffer messages.

This should really be a new, separate patch.

>
> The encryption algorithms read and write directly to shared unencrypted
> memory, which may leak information as well as permit the host to tamper
> with the message integrity. Instead copy whole messages in or out as
> needed before doing any computation on them.
>
> Cc: Tom Lendacky <[email protected]>
> Cc: Paolo Bonzini <[email protected]>
> Cc: Joerg Roedel <[email protected]>
> Cc: Peter Gonda <[email protected]>
> Cc: Thomas Gleixner <[email protected]>
> Cc: Dave Hansen <[email protected]>
> Cc: Ingo Molnar <[email protected]>
> Cc: Borislav Petkov <[email protected]>
> Cc: "H. Peter Anvin" <[email protected]>
> Cc: Venu Busireddy <[email protected]>
> Cc: Michael Roth <[email protected]>
> Cc: "Kirill A. Shutemov" <[email protected]>
> Cc: Michael Sterritt <[email protected]>
>
> Fixes: d5af44dde546 ("x86/sev: Provide support for SNP guest request
> NAEs")

This shouldn't line wrap.

>
> Signed-off-by: Dionna Glaze <[email protected]>
> ---
> arch/x86/include/asm/sev-common.h | 3 +-
> arch/x86/kernel/sev.c | 3 +-
> drivers/virt/coco/sev-guest/sev-guest.c | 54 +++++++++++++++++++++----
> 3 files changed, 50 insertions(+), 10 deletions(-)
>
> diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h
> index b8357d6ecd47..b63be696b776 100644
> --- a/arch/x86/include/asm/sev-common.h
> +++ b/arch/x86/include/asm/sev-common.h
> @@ -128,8 +128,9 @@ struct snp_psc_desc {
> struct psc_entry entries[VMGEXIT_PSC_MAX_ENTRY];
> } __packed;
>
> -/* Guest message request error code */
> +/* Guest message request error codes */
> #define SNP_GUEST_REQ_INVALID_LEN BIT_ULL(32)
> +#define SNP_GUEST_REQ_ERR_BUSY BIT_ULL(33)
>
> #define GHCB_MSR_TERM_REQ 0x100
> #define GHCB_MSR_TERM_REASON_SET_POS 12
> diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c
> index 679026a640ef..a908ffc2dfba 100644
> --- a/arch/x86/kernel/sev.c
> +++ b/arch/x86/kernel/sev.c
> @@ -2212,14 +2212,13 @@ int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, unsigned
> if (ret)
> goto e_put;
>
> + *fw_err = ghcb->save.sw_exit_info_2;
> if (ghcb->save.sw_exit_info_2) {
> /* Number of expected pages are returned in RBX */
> if (exit_code == SVM_VMGEXIT_EXT_GUEST_REQUEST &&
> ghcb->save.sw_exit_info_2 == SNP_GUEST_REQ_INVALID_LEN)
> input->data_npages = ghcb_get_rbx(ghcb);
>
> - *fw_err = ghcb->save.sw_exit_info_2;
> -
> ret = -EIO;
> }
>
> diff --git a/drivers/virt/coco/sev-guest/sev-guest.c b/drivers/virt/coco/sev-guest/sev-guest.c
> index 4ec4174e05a3..4945f2dd97a2 100644
> --- a/drivers/virt/coco/sev-guest/sev-guest.c
> +++ b/drivers/virt/coco/sev-guest/sev-guest.c
> @@ -30,6 +30,7 @@
> #define DEVICE_NAME "sev-guest"
> #define AAD_LEN 48
> #define MSG_HDR_VER 1
> +#define ACCEPTABLE_REQUEST_RETRY_DURATION (60*HZ)
>
> struct snp_guest_crypto {
> struct crypto_aead *tfm;
> @@ -43,7 +44,13 @@ struct snp_guest_dev {
>
> void *certs_data;
> struct snp_guest_crypto *crypto;
> + /* request and response are in unencrypted memory */
> struct snp_guest_msg *request, *response;
> + /*
> + * Avoid information leakage by double-buffering shared messages
> + * in fields that are in regular encrypted memory.
> + */
> + struct snp_guest_msg secret_request, secret_response;
> struct snp_secrets_page_layout *layout;
> struct snp_req_data input;
> u32 *os_area_msg_seqno;
> @@ -263,14 +270,17 @@ static int dec_payload(struct snp_guest_dev *snp_dev, struct snp_guest_msg *msg,
> static int verify_and_dec_payload(struct snp_guest_dev *snp_dev, void *payload, u32 sz)
> {
> struct snp_guest_crypto *crypto = snp_dev->crypto;
> - struct snp_guest_msg *resp = snp_dev->response;
> - struct snp_guest_msg *req = snp_dev->request;
> + struct snp_guest_msg *resp = &snp_dev->secret_response;
> + struct snp_guest_msg *req = &snp_dev->secret_request;
> struct snp_guest_msg_hdr *req_hdr = &req->hdr;
> struct snp_guest_msg_hdr *resp_hdr = &resp->hdr;
>
> dev_dbg(snp_dev->dev, "response [seqno %lld type %d version %d sz %d]\n",
> resp_hdr->msg_seqno, resp_hdr->msg_type, resp_hdr->msg_version, resp_hdr->msg_sz);
>
> + /* Copy response from shared memory to encrypted memory. */
> + memcpy(resp, snp_dev->response, sizeof(*resp));
> +
> /* Verify that the sequence counter is incremented by 1 */
> if (unlikely(resp_hdr->msg_seqno != (req_hdr->msg_seqno + 1)))
> return -EBADMSG;
> @@ -294,7 +304,7 @@ static int verify_and_dec_payload(struct snp_guest_dev *snp_dev, void *payload,
> static int enc_payload(struct snp_guest_dev *snp_dev, u64 seqno, int version, u8 type,
> void *payload, size_t sz)
> {
> - struct snp_guest_msg *req = snp_dev->request;
> + struct snp_guest_msg *req = &snp_dev->secret_request;
> struct snp_guest_msg_hdr *hdr = &req->hdr;
>
> memset(req, 0, sizeof(*req));
> @@ -322,22 +332,34 @@ static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, in
> u8 type, void *req_buf, size_t req_sz, void *resp_buf,
> u32 resp_sz, __u64 *fw_err)
> {
> - unsigned long err;
> + unsigned long err = 0xff;
> + unsigned long start_time = jiffies;
> + u64 orig_exit_code = exit_code;
> u64 seqno;
> int rc;
> + unsigned int certs_npages = 0;
>
> /* Get message sequence and verify that its a non-zero */
> seqno = snp_get_msg_seqno(snp_dev);
> if (!seqno)
> return -EIO;
>
> + /* Clear shared memory's response for the host to populate. */
> memset(snp_dev->response, 0, sizeof(struct snp_guest_msg));
>
> - /* Encrypt the userspace provided payload */
> + /* Encrypt the userspace provided payload in snp_dev->secret_request. */
> rc = enc_payload(snp_dev, seqno, msg_ver, type, req_buf, req_sz);
> if (rc)
> return rc;
>
> + /*
> + * Write the fully encrypted request to the shared unencrypted
> + * request page.
> + */
> + memcpy(snp_dev->request, &snp_dev->secret_request,
> + sizeof(snp_dev->secret_request));
> +
> +retry:
> /*
> * Call firmware to process the request. In this function the encrypted
> * message enters shared memory with the host. So after this call the
> @@ -346,6 +368,20 @@ static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, in
> */
> rc = snp_issue_guest_request(exit_code, &snp_dev->input, &err);
>
> + /*
> + * The host may return SNP_GUEST_REQ_ERR_EBUSY if the request has been
> + * throttled. Retry in the driver to avoid returning and reusing the
> + * message sequence number on a different message.
> + */
> + if (err == SNP_GUEST_REQ_ERR_BUSY) {
> + if (jiffies - start_time > ACCEPTABLE_REQUEST_RETRY_DURATION) {
> + rc = -ETIMEDOUT;
> + goto disable_vmpck;
> + }
> + cond_resched();
> + goto retry;

It looks like you will ensure throttling by continually calling the
hypervisor for 60 seconds, shouldn't there be a delay here?

> + }
> +
> /*
> * If the extended guest request fails due to having too small of a
> * certificate data buffer, retry the same guest request without the
> @@ -354,7 +390,7 @@ static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, in
> */
> if (exit_code == SVM_VMGEXIT_EXT_GUEST_REQUEST &&
> err == SNP_GUEST_REQ_INVALID_LEN) {
> - const unsigned int certs_npages = snp_dev->input.data_npages;
> + certs_npages = snp_dev->input.data_npages;
>
> exit_code = SVM_VMGEXIT_GUEST_REQUEST;
>
> @@ -366,8 +402,12 @@ static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, in
> * of the VMPCK and the error code being propagated back to the
> * user as an ioctl() return code.
> */
> - rc = snp_issue_guest_request(exit_code, &snp_dev->input, &err);
> + cond_resched();
> + goto retry;
>
> + }

Nit, add a blank line here.

Thanks,
Tom

> + if (orig_exit_code == SVM_VMGEXIT_EXT_GUEST_REQUEST &&
> + exit_code != orig_exit_code) {
> /*
> * Override the error to inform callers the given extended
> * request buffer size was too small and give the caller the

2023-02-13 22:28:29

by Dionna Amalie Glaze

[permalink] [raw]
Subject: Re: [PATCH v14 1/3] virt/coco/sev-guest: Add throttling awareness

>
> This should really be a new, separate patch.
>

I had it as a separate patch and squashed since I felt it necessary to
be considered still a "Fixes" patch. Should both claim to fix the same
patch?

>
> It looks like you will ensure throttling by continually calling the
> hypervisor for 60 seconds, shouldn't there be a delay here?
>

I can change cond_resched() to sleep_timeout_killable(some_constant)

> > - rc = snp_issue_guest_request(exit_code, &snp_dev->input, &err);
> > + cond_resched();
> > + goto retry;
> >
> > + }
>
> Nit, add a blank line here.
>

Will do.

> Thanks,
> Tom
>


--
-Dionna Glaze, PhD (she/her)

2023-02-14 14:28:34

by Tom Lendacky

[permalink] [raw]
Subject: Re: [PATCH v14 1/3] virt/coco/sev-guest: Add throttling awareness

On 2/13/23 16:28, Dionna Amalie Glaze wrote:
>>
>> This should really be a new, separate patch.
>>
>
> I had it as a separate patch and squashed since I felt it necessary to
> be considered still a "Fixes" patch. Should both claim to fix the same
> patch?

If they both fix a bug, yes. You can have multiple patches that fix
different bugs that were all introduced by one commit.

Thanks,
Tom

>
>>
>> It looks like you will ensure throttling by continually calling the
>> hypervisor for 60 seconds, shouldn't there be a delay here?
>>
>
> I can change cond_resched() to sleep_timeout_killable(some_constant)
>
>>> - rc = snp_issue_guest_request(exit_code, &snp_dev->input, &err);
>>> + cond_resched();
>>> + goto retry;
>>>
>>> + }
>>
>> Nit, add a blank line here.
>>
>
> Will do.
>
>> Thanks,
>> Tom
>>
>
>