Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp2439064pxk; Mon, 14 Sep 2020 13:25:23 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxkoG7dbf0OsGMRv1c66B2jKrrl6NC3DQPH0UA9fBHjyFA8VBYe/zGbH78+32hQuZ9B4rAn X-Received: by 2002:a17:906:c191:: with SMTP id g17mr8879821ejz.117.1600115123481; Mon, 14 Sep 2020 13:25:23 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1600115123; cv=pass; d=google.com; s=arc-20160816; b=gapQwzPM/XqmTa67EKdSk6ou8Y1+OT+0osiGL3vpIjYmXg7rUqV+evgvbChFdGIDDA cOieaeQeubRSlsLtdNo7SmkhfG3KZrkXjqwmIu9aXon3h4AIbrk1SdLuhWqtzYaphkWY NOQL76PLbyEN6BeS1SzDgOZBDuP3hJJ07Df9Uzi6OaZndP0wsQAIP4x7E8ULTEiVIxW3 Ml6TuM1oiXgrI4+a7HBE9x7ixIqg1S49deA4Vapeho48W95O2R3KC4Uwj9U2U9tqLN92 FcEm+3ZZrMlDDK0yMllGKEfiXOl1tMzgYTB/McKh+QTOFYsfub2IqsTO7T8y04SvuJL9 rmUQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:content-transfer-encoding :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=aPr/lAmGTL1wS8lhn+JlZSk/MssLMcw1C3gPjIcD8Mo=; b=BMLcFAND/H9Ff1gHmPyoQPY4St4fQfdQJ+AJAVy5ftHAUsKJ8JJKyx4/5cyURabgoA cdTw7yuLfEB186/olBC9PvhKcOxw7LSQNdpgJd8CnwgP2MKdNBq+KN5Q+T+tbdi+3uCc W78OdwikOSJrOsslKcowhfVN8cO+eotWRshx3QHvvIDd3pi4cbHrQg/CDR9TrbQ0vzg5 /TEFYMqE/k2QznklqgcVV5LNQF5EJ8sCFGQNf95BFE0wWlgLax2RDoW9a1DOFCSo/E47 cVw7ubxx8fqoo/8M+9Xc6S5blNLwA0pBAcLnJLlgbx48kW6774P5vJX1u8Fv3OLfCNie 1GJQ== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amdcloud.onmicrosoft.com header.s=selector2-amdcloud-onmicrosoft-com header.b=vFIYQUUc; arc=pass (i=1 spf=pass spfdomain=amd.com dkim=pass dkdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id h21si8843203edj.244.2020.09.14.13.25.00; Mon, 14 Sep 2020 13:25:23 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@amdcloud.onmicrosoft.com header.s=selector2-amdcloud-onmicrosoft-com header.b=vFIYQUUc; arc=pass (i=1 spf=pass spfdomain=amd.com dkim=pass dkdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726161AbgINUXS (ORCPT + 99 others); Mon, 14 Sep 2020 16:23:18 -0400 Received: from mail-bn8nam12on2068.outbound.protection.outlook.com ([40.107.237.68]:3544 "EHLO NAM12-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726093AbgINUVy (ORCPT ); Mon, 14 Sep 2020 16:21:54 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dqSvjgC7Q/JnDcpdykHqCJE8WFdXPvuqFNLD4+3buP1DutC2ChswqaGhqDRymq4GjfdsfNX9IqfrQ1W/KZ8nmnNRlYOaOQkG3mUVn3fSibY3eEJs3EKaULnAe9aN+su4Uq9clgaQ6NGvF2c2EkwJHEkMK1ZBXiRTruumEYz55QLx9x30xIJ/FHKOvlKXU9wPqerQ3uFrDVyroaEu6Ck2km2uUYm/dF5y5pDXY4+YN9x6azRdV3QQluJXgbzbvv9FpAE0OfffNnSmNd3SBCRdjLE9q66Zo/RVCVFIHBrilr6Z8x64R7nSt7jmepiSDMAfEvDndzd81PX0eRGdANk6lw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=aPr/lAmGTL1wS8lhn+JlZSk/MssLMcw1C3gPjIcD8Mo=; b=KMJylNJqrT8xarTbarB8uIDFowwgAFy3kpapScIMlzHqE5FADGfkaY25bxeefcaWP7lZyGkmG+tZkCDnJ06quZfRAJTz/WZ2r1FASFxXCAGQpphuA3u0k8oIiarjo09Xj+nazxjGM5Hmoz7+VPg7kuDNkTJdgxfoWe7tv1yBYEykvAQuXkyPcJn5OLnob0EYZGSkf5eT5hX0VhFRUxzqySOU7NMKp4U2/l40pwWOo8yLQW8T1pTy4WpKUqHzwGCtfPVXtwREd+dy8WtzNlZ61VBuRpQRgzclOeFGq0lLEpRhbkR1d1gxch232g2lsRgCfNGTqWuPXs2hrpBfvPg91g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector2-amdcloud-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=aPr/lAmGTL1wS8lhn+JlZSk/MssLMcw1C3gPjIcD8Mo=; b=vFIYQUUcPiGnCaccrQN0qF9NKZCcV339VTNkigFycp/BLD5lYn1v80kgQOtAukJndojo+JXy8JTmxhKJe0w6iOiE4paFrSv0iR4KF+DFw9n7IAsQtR8jpZZRGTg8LczZyxh4VaiJWJJU1qzyvV7UiR/1ayem9CZwLXzP//LmYI0= Authentication-Results: vger.kernel.org; dkim=none (message not signed) header.d=none;vger.kernel.org; dmarc=none action=none header.from=amd.com; Received: from DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) by DM6PR12MB2988.namprd12.prod.outlook.com (2603:10b6:5:3d::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3370.16; Mon, 14 Sep 2020 20:20:16 +0000 Received: from DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::299a:8ed2:23fc:6346]) by DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::299a:8ed2:23fc:6346%3]) with mapi id 15.20.3370.019; Mon, 14 Sep 2020 20:20:16 +0000 From: Tom Lendacky To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org Cc: Paolo Bonzini , Jim Mattson , Joerg Roedel , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Borislav Petkov , Ingo Molnar , Thomas Gleixner , Brijesh Singh Subject: [RFC PATCH 32/35] KVM: SVM: Provide support for SEV-ES vCPU creation/loading Date: Mon, 14 Sep 2020 15:15:46 -0500 Message-Id: <1a1d0acfd879c11e567ac757656e6c5f03832472.1600114548.git.thomas.lendacky@amd.com> X-Mailer: git-send-email 2.28.0 In-Reply-To: References: Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-ClientProxiedBy: DM5PR16CA0044.namprd16.prod.outlook.com (2603:10b6:4:15::30) To DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from tlendack-t1.amd.com (165.204.77.1) by DM5PR16CA0044.namprd16.prod.outlook.com (2603:10b6:4:15::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3370.16 via Frontend Transport; Mon, 14 Sep 2020 20:20:15 +0000 X-Mailer: git-send-email 2.28.0 X-Originating-IP: [165.204.77.1] X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: bb458691-0b41-4b74-f5bf-08d858eb97f4 X-MS-TrafficTypeDiagnostic: DM6PR12MB2988: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8882; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Jq4a7uWhmOMHt6h+laSK9g5mrJyvSMGlvnNRukf7u/tQyxKAgdIVJESJDlkD6EyMi+JkYWsa4L4uxKsY2XqSmcjNO2joOovCpyQxS1xYxn8SojaT7zuytPcrWX/6z2uicl3tvqzgDIbxIAIMSMCXtss8JGrsyc/w7K76BozTem85nk79GtR4uMcpBIRDT2yyce+iIR3qAjx0CmHjwPPBkFLhpd3OO/VcG9BlACtqI9mVobWrYWnHKXjOd6SqbNwKgXw/PgQ8zLpaasM833c2AcH9XEhpS78G2e089GqwfkHcYy+Xlcf04b15G7S2seF/Ao7n3etMYe5QDk44tyfnIrSpziy0RutE/gcHUThgeQ6lkM1pbMNH9a4Zl4fTCxAJ X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM5PR12MB1355.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(376002)(39860400002)(346002)(396003)(136003)(366004)(8936002)(36756003)(316002)(478600001)(5660300002)(2616005)(956004)(66556008)(66946007)(186003)(4326008)(26005)(54906003)(2906002)(16526019)(66476007)(6666004)(8676002)(83380400001)(86362001)(52116002)(7696005)(7416002)(6486002)(309714004);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData: OviLfGZDOdjMz6VghcKn//BtwFwMkF3iEVkQprQVCPmImWnKqPpR/+2aMXZM0xuZPA62vFGfjNacj2WpVP6iME849Rhms3w2SPQI7Z2W1admODpbM3UpeXRtBWSsfNF4Gn3G/NEt8XIPjbeWoyelvfXlkErC5Uv7IUM4YZ9ehJ2CWT/ZCfIbqd/4yXA5u7WxeBajoSA2k1SPvhSlyf2vuKy44u8oBP4G6eOJKAx0AjtZnB+k8viBnOO0UEc246mwi/ZTTQWt8gar5ohw22Lh9f6ApSQ/TNuW+3pkEFfibHBMJSSO33Mqu4oNnDkk6xFKepdylJo8qhA18xmeohQwXp1xSBPL7WDmgEXn3maeVkpHhw6u6RGgsWqXHKY30Y3XA8aXbK5Hbx9Hb2bgYsqQS5vNY1a1+0gmQEI9Ma+wbV2SaW9B7Hkf0QBBPTQ+DS8a+SDXsv5/OibRnSPeqgvLwgp5fiXzcVvp+JJo/+9He40AjazfwdSsqWSb7EdWFRBZLEhmS/zL1tLkzwWw0icIYhHcVVJ+/XpLkKhj1nm08nCzkOSc/Vgwj4dE3c1ZioCH+T2K5gA1Vl9vvfcgdiDRB5Kw0LHfdntj4VPDW7os+UifEdkyG1Qc3AYmbwgh8wImxL8seeeDbN0tfYjH/SBKYA== X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: bb458691-0b41-4b74-f5bf-08d858eb97f4 X-MS-Exchange-CrossTenant-AuthSource: DM5PR12MB1355.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 14 Sep 2020 20:20:16.5116 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: cKPsGcxOxqA7RATUcvl/2imK5fNrLhWxkLsY51z6n+MIojEES2/kU2BXzTSNDTSxJVqpFuJ9JGfZLQn4/oOaVg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB2988 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Tom Lendacky An SEV-ES vCPU requires additional VMCB initialization requirements for vCPU creation and vCPU load/put requirements. This includes: General VMCB initialization changes: - Set a VMCB control bit to enable SEV-ES support on the vCPU. - Set the VMCB encrypted VM save area address. - CRx registers are part of the encrypted register state and cannot be updated. Remove CRx the register read and write intercepts and replace them with CRx register write traps to track the CRx register values. - Certain MSR values are part of the encrypted register state and cannot be updated. Remove certain MSR intercepts (EFER, CR_PAT, etc.). - Remove the #GP intercept (no support for "enable_vmware_backdoor"). - Remove the XSETBV intercept since the hypervisor cannot modify XCR0. General vCPU creation changes: - Set the initial GHCB gpa value as per the GHCB specification. General vCPU load changes: - SEV-ES hardware will restore certain registers on VMEXIT, but not save them on VMRUN (see Table B-3 and Table B-4 of the AMD64 APM Volume 2). During vCPU loading, perform a VMSAVE to the per-CPU SVM save area and save the current value of XCR0 to the per-CPU SVM save area. Signed-off-by: Tom Lendacky --- arch/x86/include/asm/svm.h | 15 ++++++++++- arch/x86/kvm/svm/sev.c | 54 ++++++++++++++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.c | 19 +++++++++++--- arch/x86/kvm/svm/svm.h | 3 +++ 4 files changed, 87 insertions(+), 4 deletions(-) diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h index 07b4ac1e7179..06bb3a83edce 100644 --- a/arch/x86/include/asm/svm.h +++ b/arch/x86/include/asm/svm.h @@ -53,6 +53,16 @@ enum { INTERCEPT_MWAIT_COND, INTERCEPT_XSETBV, INTERCEPT_RDPRU, + TRAP_EFER_WRITE, + TRAP_CR0_WRITE, + TRAP_CR1_WRITE, + TRAP_CR2_WRITE, + TRAP_CR3_WRITE, + TRAP_CR4_WRITE, + TRAP_CR5_WRITE, + TRAP_CR6_WRITE, + TRAP_CR7_WRITE, + TRAP_CR8_WRITE, }; @@ -96,6 +106,8 @@ struct __attribute__ ((__packed__)) vmcb_control_area { u8 reserved_6[8]; /* Offset 0xe8 */ u64 avic_logical_id; /* Offset 0xf0 */ u64 avic_physical_id; /* Offset 0xf8 */ + u8 reserved_7[8]; + u64 vmsa_pa; /* Used for an SEV-ES guest */ }; @@ -150,6 +162,7 @@ struct __attribute__ ((__packed__)) vmcb_control_area { #define SVM_NESTED_CTL_NP_ENABLE BIT(0) #define SVM_NESTED_CTL_SEV_ENABLE BIT(1) +#define SVM_NESTED_CTL_SEV_ES_ENABLE BIT(2) struct vmcb_seg { u16 selector; @@ -249,7 +262,7 @@ struct ghcb { static inline void __unused_size_checks(void) { BUILD_BUG_ON(sizeof(struct vmcb_save_area) != 1032); - BUILD_BUG_ON(sizeof(struct vmcb_control_area) != 256); + BUILD_BUG_ON(sizeof(struct vmcb_control_area) != 272); BUILD_BUG_ON(sizeof(struct ghcb) != 4096); } diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 73d2a3f6c83c..7ed88f2e8d93 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -1545,3 +1545,57 @@ void sev_vcpu_deliver_sipi_vector(struct kvm_vcpu *vcpu, u8 vector) ghcb_set_sw_exit_info_2(svm->ghcb, 1); svm->ap_hlt_loop = false; } + +void sev_es_init_vmcb(struct vcpu_svm *svm) +{ + svm->vmcb->control.nested_ctl |= SVM_NESTED_CTL_SEV_ES_ENABLE; + svm->vmcb->control.virt_ext |= LBR_CTL_ENABLE_MASK; + + /* + * An SEV-ES guest requires a VMSA area that is a separate from the + * VMCB page. Do not include the encryption mask on the VMSA physical + * address since hardware will access it using the guest key. + */ + svm->vmcb->control.vmsa_pa = __pa(svm->vmsa); + + /* Can't intercept CR register access, HV can't modify CR registers */ + clr_cr_intercept(svm, INTERCEPT_CR0_READ); + clr_cr_intercept(svm, INTERCEPT_CR4_READ); + clr_cr_intercept(svm, INTERCEPT_CR8_READ); + clr_cr_intercept(svm, INTERCEPT_CR0_WRITE); + clr_cr_intercept(svm, INTERCEPT_CR4_WRITE); + clr_cr_intercept(svm, INTERCEPT_CR8_WRITE); + + svm_clr_intercept(svm, INTERCEPT_SELECTIVE_CR0); + + /* Track EFER/CR register changes */ + svm_set_intercept(svm, TRAP_EFER_WRITE); + svm_set_intercept(svm, TRAP_CR0_WRITE); + svm_set_intercept(svm, TRAP_CR4_WRITE); + svm_set_intercept(svm, TRAP_CR8_WRITE); + + /* No support for enable_vmware_backdoor */ + clr_exception_intercept(svm, GP_VECTOR); + + /* Can't intercept XSETBV, HV can't modify XCR0 directly */ + svm_clr_intercept(svm, INTERCEPT_XSETBV); + + /* Clear intercepts on selected MSRs */ + set_msr_interception(svm->msrpm, MSR_EFER, 1, 1); + set_msr_interception(svm->msrpm, MSR_IA32_CR_PAT, 1, 1); + set_msr_interception(svm->msrpm, MSR_IA32_LASTBRANCHFROMIP, 1, 1); + set_msr_interception(svm->msrpm, MSR_IA32_LASTBRANCHTOIP, 1, 1); + set_msr_interception(svm->msrpm, MSR_IA32_LASTINTFROMIP, 1, 1); + set_msr_interception(svm->msrpm, MSR_IA32_LASTINTTOIP, 1, 1); +} + +void sev_es_create_vcpu(struct vcpu_svm *svm) +{ + /* + * Set the GHCB MSR value as per the GHCB specification when creating + * a vCPU for an SEV-ES guest. + */ + set_ghcb_msr(svm, GHCB_MSR_SEV_INFO(GHCB_VERSION_MAX, + GHCB_VERSION_MIN, + sev_enc_bit)); +} diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index fcb59d0b3c52..cb9b1d281adb 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -91,7 +91,7 @@ static DEFINE_PER_CPU(u64, current_tsc_ratio); static const struct svm_direct_access_msrs { u32 index; /* Index of the MSR */ - bool always; /* True if intercept is always on */ + bool always; /* True if intercept is initially cleared */ } direct_access_msrs[] = { { .index = MSR_STAR, .always = true }, { .index = MSR_IA32_SYSENTER_CS, .always = true }, @@ -109,6 +109,9 @@ static const struct svm_direct_access_msrs { { .index = MSR_IA32_LASTBRANCHTOIP, .always = false }, { .index = MSR_IA32_LASTINTFROMIP, .always = false }, { .index = MSR_IA32_LASTINTTOIP, .always = false }, + { .index = MSR_EFER, .always = false }, + { .index = MSR_IA32_CR_PAT, .always = false }, + { .index = MSR_AMD64_SEV_ES_GHCB, .always = true }, { .index = MSR_INVALID, .always = false }, }; @@ -598,8 +601,7 @@ static bool msr_write_intercepted(struct kvm_vcpu *vcpu, unsigned msr) return !!test_bit(bit_write, &tmp); } -static void set_msr_interception(u32 *msrpm, unsigned msr, - int read, int write) +void set_msr_interception(u32 *msrpm, unsigned int msr, int read, int write) { u8 bit_read, bit_write; unsigned long tmp; @@ -1147,6 +1149,11 @@ static void init_vmcb(struct vcpu_svm *svm) if (sev_guest(svm->vcpu.kvm)) { svm->vmcb->control.nested_ctl |= SVM_NESTED_CTL_SEV_ENABLE; clr_exception_intercept(svm, UD_VECTOR); + + if (sev_es_guest(svm->vcpu.kvm)) { + /* Perform SEV-ES specific VMCB updates */ + sev_es_init_vmcb(svm); + } } vmcb_mark_all_dirty(svm->vmcb); @@ -1253,6 +1260,10 @@ static int svm_create_vcpu(struct kvm_vcpu *vcpu) svm_init_osvw(vcpu); vcpu->arch.microcode_version = 0x01000065; + if (sev_es_guest(svm->vcpu.kvm)) + /* Perform SEV-ES specific VMCB creation updates */ + sev_es_create_vcpu(svm); + return 0; free_page5: @@ -1375,6 +1386,7 @@ static void svm_vcpu_put(struct kvm_vcpu *vcpu) loadsegment(gs, svm->host.gs); #endif #endif + for (i = 0; i < NR_HOST_SAVE_USER_MSRS; i++) wrmsrl(host_save_user_msrs[i], svm->host_user_msrs[i]); } @@ -3039,6 +3051,7 @@ static void dump_vmcb(struct kvm_vcpu *vcpu) pr_err("%-20s%016llx\n", "avic_backing_page:", control->avic_backing_page); pr_err("%-20s%016llx\n", "avic_logical_id:", control->avic_logical_id); pr_err("%-20s%016llx\n", "avic_physical_id:", control->avic_physical_id); + pr_err("%-20s%016llx\n", "vmsa_pa:", control->vmsa_pa); pr_err("VMCB State Save Area:\n"); pr_err("%-5s s: %04x a: %04x l: %08x b: %016llx\n", "es:", diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index e3b4b0368bd8..465e14a7146f 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -412,6 +412,7 @@ bool svm_nmi_blocked(struct kvm_vcpu *vcpu); bool svm_interrupt_blocked(struct kvm_vcpu *vcpu); void svm_set_gif(struct vcpu_svm *svm, bool value); int svm_invoke_exit_handler(struct vcpu_svm *svm, u64 exit_code); +void set_msr_interception(u32 *msrpm, unsigned int msr, int read, int write); /* nested.c */ @@ -570,6 +571,8 @@ void sev_hardware_teardown(void); int sev_handle_vmgexit(struct vcpu_svm *svm); int sev_es_string_io(struct vcpu_svm *svm, int size, unsigned int port, int in); void sev_vcpu_deliver_sipi_vector(struct kvm_vcpu *vcpu, u8 vector); +void sev_es_init_vmcb(struct vcpu_svm *svm); +void sev_es_create_vcpu(struct vcpu_svm *svm); /* VMSA Accessor functions */ -- 2.28.0