Received: by 2002:a25:7ec1:0:0:0:0:0 with SMTP id z184csp3595876ybc;
        Thu, 14 Nov 2019 11:31:47 -0800 (PST)
X-Google-Smtp-Source: APXvYqxHyKb9p+aZXKOGl6SbI4+VruWyFf+CNmHQtOD2n+unUnXuTy08GNXoOWufveP/dpag9ln2
X-Received: by 2002:a05:6000:104c:: with SMTP id c12mr9522146wrx.212.1573759907458;
        Thu, 14 Nov 2019 11:31:47 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1573759907; cv=none;
        d=google.com; s=arc-20160816;
        b=myUg8xb1k1BS3cppERnarq5mz8KjdXKGwqri5BQKw6LpblABbehVkOLmtil6f5Rugi
         zDTDDkkno0iqLaLAshKWmX6B/v6O+/ftfKnmQ7VpSiXTGv6c7xoYT4GaJt9kWJIq/QMe
         5Z3fmYTxJ2S1ieMxEeXZ0nfpzRILte/+2pThpVIJOA/agzJKkTD9nquwQNs4qXcQI05r
         2UXTIcwdWS4v1pbdnzdWSA8yLSISR09S5mRu2NfzbCDFoXLhM1sVUMTKJxdg72l8vpGr
         lwHWww61Clkw1cY72nL0tkyj60M0lruYN0u2AH5LWadJZykdMy/x7B7+TiXLlqHtKauu
         u2zA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature;
        bh=REvJGBqtN17t/Kpi8Drm01nVRUzEJ8Px9ug31PYdiig=;
        b=mxFQ1Ez8ku/RC7Q/j7hjGfNPdekmE15/yNT7THKTYLazu5c1h5oQtK4fM78wJxqe9O
         Sa5uZPeinq2Jf/sFqtBZAETP5NO/RLLQKEXkr2OhA9LPUjW0LTisLtgT7cRf/uNqQWZD
         ZGmc9o8OzQs+a0S2SJcedUgvuJI86+JOLYP3YzC5zCBtj4l/6OXcfKEx6eUAMORYWW3s
         wDypKydXg9crROKLNvjx3PKuUuQdcI94rnm8Cj339646koV6wgu/M5fvQ0pXvkNo6qqf
         5rQLstdgHo1pmD7bchxshOBJyeSITeVSAF0Cp8lg3CKFp/vH9In3FF4nwVOKZ0PhW80S
         nBjA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=bkTP4tD0;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id o10si5380549edj.316.2019.11.14.11.31.20;
        Thu, 14 Nov 2019 11:31:47 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=bkTP4tD0;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726597AbfKNT1v (ORCPT <rfc822;yuvraaj@gmail.com> + 99 others);
        Thu, 14 Nov 2019 14:27:51 -0500
Received: from mail-io1-f68.google.com ([209.85.166.68]:41948 "EHLO
        mail-io1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726098AbfKNT1u (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 14 Nov 2019 14:27:50 -0500
Received: by mail-io1-f68.google.com with SMTP id r144so8093996iod.8
        for <linux-kernel@vger.kernel.org>; Thu, 14 Nov 2019 11:27:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=REvJGBqtN17t/Kpi8Drm01nVRUzEJ8Px9ug31PYdiig=;
        b=bkTP4tD0KoFK5EgiU/VRa4wtv5URuKzQYq/mSCkaNkwZRGNrlBTY4nexeB3QjYsjC+
         +DrqwgaRpf2MRrIb7uYqqkBS/uNsISF5wamKF3c/JLjW60AYHfZBMJgvfKTNbPwU9RlI
         7i35g0V9NQwaK0uKoaxzkEKWpxXhjhSoe/0C0QQv7VqiDsRJKzYn4GzgV3Wd9ufDAim9
         8rEeU0Ew93wfJ32ZkgoUuXAhA3X/Db41Ag3gp58sM0xEPizKgv6Q9i7BwhjUPwr0fWHv
         UpSnBhXjQnmLsO06mTSI3zF9GRbclW8AWNWjV2EHNh8Xf0TaqL7UpgGbwH+OK0PetAi0
         jyhw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=REvJGBqtN17t/Kpi8Drm01nVRUzEJ8Px9ug31PYdiig=;
        b=Jx8LnDMjMbgTqgyPv8X9OCn9x4bvGV+opea97NBEbW7mLwU7MJULLkkT4snl6NXPrF
         NIEUFaNlhxcqbJJHgK1bRyVaNGJd3LWiP+aTk/zlfeRBc52gWHt1JQO9Ebr7BFTKkHHm
         A7hvKtUXAdtqYpPFXuz3+1cbLagPzEQ6VaoSq+pNMMQtwloOv/i5upW9KE1iFy7OhNru
         3RC4A2bttqftgrajKzDybDV6kNGLXDl1eM0EQJm8E6F61OimXX8oplMYGtqBU85hCmyc
         C7/ZmfWLXNq9D5Ue006/R2xoYqim9svw3IgvHsNyGNWcowZqWbIvjxkbaJm3eHWav7Zj
         4aMA==
X-Gm-Message-State: APjAAAWCuf4nm3ORS3HanfLM/724A3fdLLiLvFPQI/fMh07WrEUvqSo3
        e3VwIlMsrVBCGBy2Scsbq/8pN/YxZDeYPXBLoQxywA==
X-Received: by 2002:a6b:6a17:: with SMTP id x23mr9873142iog.193.1573759669802;
 Thu, 14 Nov 2019 11:27:49 -0800 (PST)
MIME-Version: 1.0
References: <20190710201244.25195-1-brijesh.singh@amd.com> <20190710201244.25195-2-brijesh.singh@amd.com>
 <CAMkAt6pzXrZw1TZgcX-G0wDNZBjf=1bQdErAJTxfzYQ2MJDZvw@mail.gmail.com> <4f509f43-a576-144d-efd4-ab0362f1d667@amd.com>
In-Reply-To: <4f509f43-a576-144d-efd4-ab0362f1d667@amd.com>
From:   Peter Gonda <pgonda@google.com>
Date:   Thu, 14 Nov 2019 11:27:38 -0800
Message-ID: <CAMkAt6qfPyqGuNv9gKirote=zj6Vha=9Vu1HSFkxx334s-GV1g@mail.gmail.com>
Subject: Re: [PATCH v3 01/11] KVM: SVM: Add KVM_SEV SEND_START command
To:     Brijesh Singh <brijesh.singh@amd.com>
Cc:     "kvm@vger.kernel.org" <kvm@vger.kernel.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@redhat.com>,
        "H. Peter Anvin" <hpa@zytor.com>,
        Paolo Bonzini <pbonzini@redhat.com>,
        =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= <rkrcmar@redhat.com>,
        Joerg Roedel <joro@8bytes.org>, Borislav Petkov <bp@suse.de>,
        "Lendacky, Thomas" <Thomas.Lendacky@amd.com>,
        "x86@kernel.org" <x86@kernel.org>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, Nov 12, 2019 at 2:27 PM Brijesh Singh <brijesh.singh@amd.com> wrote:
>
>
> On 11/12/19 12:35 PM, Peter Gonda wrote:
> > On Wed, Jul 10, 2019 at 1:13 PM Singh, Brijesh <brijesh.singh@amd.com> wrote:
> >> +static int sev_send_start(struct kvm *kvm, struct kvm_sev_cmd *argp)
> >> +{
> >> +       struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info;
> >> +       void *amd_cert = NULL, *session_data = NULL;
> >> +       void *pdh_cert = NULL, *plat_cert = NULL;
> >> +       struct sev_data_send_start *data = NULL;
> >> +       struct kvm_sev_send_start params;
> >> +       int ret;
> >> +
> >> +       if (!sev_guest(kvm))
> >> +               return -ENOTTY;
> >> +
> >> +       if (copy_from_user(&params, (void __user *)(uintptr_t)argp->data,
> >> +                               sizeof(struct kvm_sev_send_start)))
> >> +               return -EFAULT;
> >> +
> >> +       data = kzalloc(sizeof(*data), GFP_KERNEL);
> >> +       if (!data)
> >> +               return -ENOMEM;
> >> +
> >> +       /* userspace wants to query the session length */
> >> +       if (!params.session_len)
> >> +               goto cmd;
> >> +
> >> +       if (!params.pdh_cert_uaddr || !params.pdh_cert_len ||
> >> +           !params.session_uaddr)
> >> +               return -EINVAL;
> > I think pdh_cert is only required if the guest policy SEV bit is set.
> > Can pdh_cert be optional?
>
>
> We don't cache the policy information in kernel, having said so we can
> try caching it during the LAUNCH_START to optimize this case. I have to
> check with FW folks but I believe all those fields are required. IIRC,
> When I passed NULL then SEND_START failed for me. But I double check it
> and update you on this.


I must have misinterpreted the this line of the spec:
"If GCTX.POLICY.SEV is 1, the PDH, PEK, CEK, ASK, and ARK certificates
are validated."
I thought that since they were not validated they were not needed.