Received: by 2002:a25:6193:0:0:0:0:0 with SMTP id v141csp1194721ybb;
        Fri, 20 Mar 2020 15:20:03 -0700 (PDT)
X-Google-Smtp-Source: ADFU+vsaomBZXMqDtLaitgPPu0+yiYd4fFo5caE83+XgUuqjqoUPCj3n7BV1fFIvCAMZJP73awpS
X-Received: by 2002:a9d:469d:: with SMTP id z29mr8824119ote.320.1584742803124;
        Fri, 20 Mar 2020 15:20:03 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1584742803; cv=none;
        d=google.com; s=arc-20160816;
        b=0rnmcAarGBCeV6Ri+JTB3PYSk83fQ+Rg2wsoladsMqMqZT+XC09sHzjwa89GUNr5qp
         W7pY/Zo/gxzh5r9sm+49lJwkfxGOk82tSw4Glyu5qae24b3sHdDJrnpmAubl6gOSbzXn
         8UOmSnBkeoD12ktVnfQUjXDAAKFNKXufGiqndlVc1MxHyO0BQde2UrSa3EBAtbKMf0nE
         IR13CflaB4+RoBVwg+qFXuh6iuttBePkyt4zQk5hCZ58roS6oePuBHR7S3zDXRRAMWQg
         VFZZ8f8bCS30RDbQCPCFRexq4cHH6ieqmas1W4ardkjrcxeSaRBN0iv78b9m9YkyvmJP
         IEBQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date;
        bh=25pJL7xhCJw//Xr3lgF1Xay16LU3dAjoJCFTUee9ldA=;
        b=0MagFRI4nnQ+SuTFggYbSjFvNO130CfPKNWhmh8QRjI9bxPPnurwTXVGEjGhQc4yPR
         dRrFRh2iDkUvMq8kSGpJQ0+ZYC/2OAZIocB0fTbOPxAuYMuj+0LmQJOknbIJD75+PYb4
         abKT8wJUTV+WhdCt8jPfT0alYV712hDCjspLg0N9kAB5cVnyO5rg+5pCfN2wx2m9hLvo
         BBzoSQdL1GTZ1MKcoLbGWIhJegRqD3/Rfyk9VRkwc87s3Uhdbc2PFK/QBwXCdjzO2dzG
         lpz/dwZCAfcqs7EWJsiNEGBBgYmvbRYSagnz8Be2cyDlzHem/9PFI7KWdh+mx66suiaZ
         5lMQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=8bytes.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id l129si3727061oif.15.2020.03.20.15.19.50;
        Fri, 20 Mar 2020 15:20:03 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=8bytes.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727383AbgCTWT0 (ORCPT <rfc822;linuxbirdgao@gmail.com>
        + 99 others); Fri, 20 Mar 2020 18:19:26 -0400
Received: from 8bytes.org ([81.169.241.247]:54714 "EHLO theia.8bytes.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726666AbgCTWT0 (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 20 Mar 2020 18:19:26 -0400
Received: by theia.8bytes.org (Postfix, from userid 1000)
        id 87BB24CA; Fri, 20 Mar 2020 23:19:24 +0100 (CET)
Date:   Fri, 20 Mar 2020 23:19:23 +0100
From:   Joerg Roedel <joro@8bytes.org>
To:     David Rientjes <rientjes@google.com>
Cc:     erdemaktas@google.com, x86@kernel.org, hpa@zytor.com,
        Andy Lutomirski <luto@kernel.org>,
        Dave Hansen <dave.hansen@linux.intel.com>,
        Peter Zijlstra <peterz@infradead.org>,
        Thomas Hellstrom <thellstrom@vmware.com>,
        Jiri Slaby <jslaby@suse.cz>,
        Dan Williams <dan.j.williams@intel.com>,
        Tom Lendacky <thomas.lendacky@amd.com>,
        Juergen Gross <jgross@suse.com>,
        Kees Cook <keescook@chromium.org>,
        linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
        virtualization@lists.linux-foundation.org,
        Joerg Roedel <jroedel@suse.de>
Subject: Re: [PATCH 18/70] x86/boot/compressed/64: Add stage1 #VC handler
Message-ID: <20200320221923.GL5122@8bytes.org>
References: <20200319091407.1481-1-joro@8bytes.org>
 <20200319091407.1481-19-joro@8bytes.org>
 <alpine.DEB.2.21.2003201413010.205664@chino.kir.corp.google.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <alpine.DEB.2.21.2003201413010.205664@chino.kir.corp.google.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, Mar 20, 2020 at 02:16:39PM -0700, David Rientjes wrote:
> On Thu, 19 Mar 2020, Joerg Roedel wrote:
> > +#define	GHCB_SEV_GHCB_RESP_CODE(v)	((v) & 0xfff)
> > +#define	VMGEXIT()			{ asm volatile("rep; vmmcall\n\r"); }
> 
> Since preemption and irqs should be disabled before updating the GHCB and 
> its MSR and until the contents have been accessed following VMGEXIT, 
> should there be checks in place to ensure that's always the case?

Good point, some checking is certainly helpful. Currently it is the
case, because the GHCB is accessed and used only:

	1) At boot when only the boot CPU is running

	2) In the #VC handler, which does not enable interrupts

	3) In the NMI handler, which is also not preemptible

I can also add code to sev_es_get/put_ghcb to make sure these conditions
are met. All this does not prevent the preemption by NMIs, which could
cause another nested #VC exception, but that is handled separatly.


Regards,

	Joerg