Received: by 2002:a25:6193:0:0:0:0:0 with SMTP id v141csp1145689ybb; Fri, 20 Mar 2020 14:17:29 -0700 (PDT) X-Google-Smtp-Source: ADFU+vtQfGiEXsWBEhYJOx+VTCF8ixItjpmBtt2d/SJROxCBQNLkqGFnAGtBKYZiL2dXQr5PyIfS X-Received: by 2002:aca:ecd0:: with SMTP id k199mr8479583oih.60.1584739049352; Fri, 20 Mar 2020 14:17:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1584739049; cv=none; d=google.com; s=arc-20160816; b=OevmxupvHGtmAJDgA5j2iqn6hPZKqW2c0i0f6uYZo8wATZIZ+pnbzkBigedI2RTrX6 SKaP1jfEZptJm/ap06RgZnaKpz5pAfBdn5/2odC5AKye+dCN+vcx4rolU0iSEUBNolSx 5mRrJNcK5WFsGODSD3P25zL24gCYx7rsArnd+o9WGp7tnjYpQIw1aQC54i3xfRtKT3ZH SqBh/aGny4i+K1wNy0f/jAKw0koNYwVVCAYqzvlaoEz0EdE1yVdKtIuo3C8AZLkvFofj t/EkxuL5shrv5m2UH99AXSF2eqQ1RW7dDGBZ9VTxKmoyT7T67zFQTgp17hvXv3yg12Ih 3PQQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :message-id:in-reply-to:subject:cc:to:from:date:dkim-signature; bh=sPNjOMWv5tH+y8DR9zRGwW8VovTIaVhSNxirxK4bRvw=; b=Ba+poNOTqORHwOuW2ZpeW/YALcffBqB6ctL+b4ysWCnuqbanMbDLYhrG0wJDSx/rdQ NKuyQeMGgNLj+RocsNbJMH9Lqeednsw7VfWsXfe8JnLKdo7de3D1uJ+ZwFajw0ToWswN s7DIPiTo9W9/WsG9/LH1SQWnLBLMUtpVP4WS/43EkfOgTYzi7RsIl+FQN0MKZAat1gNs Th/R7l4BgsZftsAv81C/6smEDcMe4lviO07SXCa1QNcvJ80bWP4ENWp6JQbxxyOSvmyK O3YyT8HURB52RVLnOkzPI1uNnIh5IvyCey+IzpT2E71+bTYEb02fkt2BX1/eyPqNnsCX vsdA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=qJm7mQBh; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s200si3135779oie.188.2020.03.20.14.17.16; Fri, 20 Mar 2020 14:17:29 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=qJm7mQBh; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727166AbgCTVQm (ORCPT + 99 others); Fri, 20 Mar 2020 17:16:42 -0400 Received: from mail-pf1-f195.google.com ([209.85.210.195]:46549 "EHLO mail-pf1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726851AbgCTVQm (ORCPT ); Fri, 20 Mar 2020 17:16:42 -0400 Received: by mail-pf1-f195.google.com with SMTP id c19so3922592pfo.13 for ; Fri, 20 Mar 2020 14:16:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:from:to:cc:subject:in-reply-to:message-id:references :user-agent:mime-version; bh=sPNjOMWv5tH+y8DR9zRGwW8VovTIaVhSNxirxK4bRvw=; b=qJm7mQBhow7miniq3pN1Q0zWjYozOumz39ILHSWw5JPNezgYzOMGhNX+L3gKPrP27d JCjmsCPRkVyEbcgRfYDdTRw756dZEeSiZm2bgGoOeHSwclYC/Q1n0YWq2oJIvhrqalQZ iIoxbXPSUZ+4hW1YimFiHj6PW1vVqP4J9uvDihDGDjsAIYnjHjkXGJoVDCNA/5mnRr08 2IT4AItr8pVs0MiF6TVuU/mdnwbZrK0lO1TCBzT/eaelPWrdDtLsUKkndAfY5GRdMkTD j9gYnTDx702HAwTyhozUabvs/Zwb/OMoq/7nXZfJc6BeTqYrX0fnwJWqQwZgOhA3KAww 5vtg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:in-reply-to:message-id :references:user-agent:mime-version; bh=sPNjOMWv5tH+y8DR9zRGwW8VovTIaVhSNxirxK4bRvw=; b=lqLPwORGRuOJEbCez3spJsriCNVqtyCQC0h/Pyb02M3/VoiJjBxeYwBz6Hcb9PGItv hq8GOKzrIZefUPoXrQxUlHHWzghUdxsy9JeNuY+/SGlp/pnQ21CobIPg53FPhEf8/m4M OLERNZE6R0PMCdbqvjy8mkcDUA91DntCqouTMXV/XSNvyTK+0n4UK3gkKs3I4lfslWSb jyj5oLVma09Cc4PSA1ZZCQ4p7G58sm/sBPa2dpH5n+i9l0dDFI7EGB4P5KZ/nY4eClCK cECCvG4gvnsMt5qQUm/8YXAkouQRckDd5UsORi0JY4YXn2OtepaBaXR4/DdDHmfFwMN3 6K9w== X-Gm-Message-State: ANhLgQ1fB5CYDBzZ6DKAh3nmaYlsJrMOXsHhwsTtsx3aPmrCpNx9DUqB r0qpvfYM7qHgAyZ0xmCZinHT+Q== X-Received: by 2002:a63:30c4:: with SMTP id w187mr10906683pgw.239.1584739000823; Fri, 20 Mar 2020 14:16:40 -0700 (PDT) Received: from [2620:15c:17:3:3a5:23a7:5e32:4598] ([2620:15c:17:3:3a5:23a7:5e32:4598]) by smtp.gmail.com with ESMTPSA id g14sm6323165pfb.131.2020.03.20.14.16.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Mar 2020 14:16:39 -0700 (PDT) Date: Fri, 20 Mar 2020 14:16:39 -0700 (PDT) From: David Rientjes X-X-Sender: rientjes@chino.kir.corp.google.com To: Joerg Roedel , erdemaktas@google.com cc: x86@kernel.org, hpa@zytor.com, Andy Lutomirski , Dave Hansen , Peter Zijlstra , Thomas Hellstrom , Jiri Slaby , Dan Williams , Tom Lendacky , Juergen Gross , Kees Cook , linux-kernel@vger.kernel.org, kvm@vger.kernel.org, virtualization@lists.linux-foundation.org, Joerg Roedel Subject: Re: [PATCH 18/70] x86/boot/compressed/64: Add stage1 #VC handler In-Reply-To: <20200319091407.1481-19-joro@8bytes.org> Message-ID: References: <20200319091407.1481-1-joro@8bytes.org> <20200319091407.1481-19-joro@8bytes.org> User-Agent: Alpine 2.21 (DEB 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, 19 Mar 2020, Joerg Roedel wrote: > diff --git a/arch/x86/include/asm/sev-es.h b/arch/x86/include/asm/sev-es.h > new file mode 100644 > index 000000000000..f524b40aef07 > --- /dev/null > +++ b/arch/x86/include/asm/sev-es.h > @@ -0,0 +1,45 @@ > +/* SPDX-License-Identifier: GPL-2.0 */ > +/* > + * AMD Encrypted Register State Support > + * > + * Author: Joerg Roedel > + */ > + > +#ifndef __ASM_ENCRYPTED_STATE_H > +#define __ASM_ENCRYPTED_STATE_H > + > +#include > + > +#define GHCB_SEV_CPUID_REQ 0x004UL > +#define GHCB_CPUID_REQ_EAX 0 > +#define GHCB_CPUID_REQ_EBX 1 > +#define GHCB_CPUID_REQ_ECX 2 > +#define GHCB_CPUID_REQ_EDX 3 > +#define GHCB_CPUID_REQ(fn, reg) (GHCB_SEV_CPUID_REQ | \ > + (((unsigned long)reg & 3) << 30) | \ > + (((unsigned long)fn) << 32)) > + > +#define GHCB_SEV_CPUID_RESP 0x005UL > +#define GHCB_SEV_TERMINATE 0x100UL > + > +#define GHCB_SEV_GHCB_RESP_CODE(v) ((v) & 0xfff) > +#define VMGEXIT() { asm volatile("rep; vmmcall\n\r"); } Since preemption and irqs should be disabled before updating the GHCB and its MSR and until the contents have been accessed following VMGEXIT, should there be checks in place to ensure that's always the case? > + > +static inline u64 lower_bits(u64 val, unsigned int bits) > +{ > + u64 mask = (1ULL << bits) - 1; > + > + return (val & mask); > +} > + > +static inline u64 copy_lower_bits(u64 out, u64 in, unsigned int bits) > +{ > + u64 mask = (1ULL << bits) - 1; > + > + out &= ~mask; > + out |= lower_bits(in, bits); > + > + return out; > +} > + > +#endif > diff --git a/arch/x86/include/asm/trap_defs.h b/arch/x86/include/asm/trap_defs.h > index 488f82ac36da..af45d65f0458 100644 > --- a/arch/x86/include/asm/trap_defs.h > +++ b/arch/x86/include/asm/trap_defs.h > @@ -24,6 +24,7 @@ enum { > X86_TRAP_AC, /* 17, Alignment Check */ > X86_TRAP_MC, /* 18, Machine Check */ > X86_TRAP_XF, /* 19, SIMD Floating-Point Exception */ > + X86_TRAP_VC = 29, /* 29, VMM Communication Exception */ > X86_TRAP_IRET = 32, /* 32, IRET Exception */ > }; > > diff --git a/arch/x86/kernel/sev-es-shared.c b/arch/x86/kernel/sev-es-shared.c > new file mode 100644 > index 000000000000..e963b48d3e86 > --- /dev/null > +++ b/arch/x86/kernel/sev-es-shared.c > @@ -0,0 +1,65 @@ > +// SPDX-License-Identifier: GPL-2.0 > +/* > + * AMD Encrypted Register State Support > + * > + * Author: Joerg Roedel > + * > + * This file is not compiled stand-alone. It contains code shared > + * between the pre-decompression boot code and the running Linux kernel > + * and is included directly into both code-bases. > + */ > + > +/* > + * Boot VC Handler - This is the first VC handler during boot, there is no GHCB > + * page yet, so it only supports the MSR based communication with the > + * hypervisor and only the CPUID exit-code. > + */ > +void __init vc_no_ghcb_handler(struct pt_regs *regs, unsigned long exit_code) > +{ > + unsigned int fn = lower_bits(regs->ax, 32); > + unsigned long val; > + > + /* Only CPUID is supported via MSR protocol */ > + if (exit_code != SVM_EXIT_CPUID) > + goto fail; > + > + sev_es_wr_ghcb_msr(GHCB_CPUID_REQ(fn, GHCB_CPUID_REQ_EAX)); > + VMGEXIT(); > + val = sev_es_rd_ghcb_msr(); > + if (GHCB_SEV_GHCB_RESP_CODE(val) != GHCB_SEV_CPUID_RESP) > + goto fail; > + regs->ax = val >> 32; > + > + sev_es_wr_ghcb_msr(GHCB_CPUID_REQ(fn, GHCB_CPUID_REQ_EBX)); > + VMGEXIT(); > + val = sev_es_rd_ghcb_msr(); > + if (GHCB_SEV_GHCB_RESP_CODE(val) != GHCB_SEV_CPUID_RESP) > + goto fail; > + regs->bx = val >> 32; > + > + sev_es_wr_ghcb_msr(GHCB_CPUID_REQ(fn, GHCB_CPUID_REQ_ECX)); > + VMGEXIT(); > + val = sev_es_rd_ghcb_msr(); > + if (GHCB_SEV_GHCB_RESP_CODE(val) != GHCB_SEV_CPUID_RESP) > + goto fail; > + regs->cx = val >> 32; > + > + sev_es_wr_ghcb_msr(GHCB_CPUID_REQ(fn, GHCB_CPUID_REQ_EDX)); > + VMGEXIT(); > + val = sev_es_rd_ghcb_msr(); > + if (GHCB_SEV_GHCB_RESP_CODE(val) != GHCB_SEV_CPUID_RESP) > + goto fail; > + regs->dx = val >> 32; > + > + regs->ip += 2; > + > + return; > + > +fail: > + sev_es_wr_ghcb_msr(GHCB_SEV_TERMINATE); > + VMGEXIT(); > + > + /* Shouldn't get here - if we do halt the machine */ > + while (true) > + asm volatile("hlt\n"); > +} > -- > 2.17.1 > >