Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp4971628pxu; Thu, 10 Dec 2020 09:43:37 -0800 (PST) X-Google-Smtp-Source: ABdhPJznf9DQhY7tZ/zdJyi4a/JYRyKjQw4KGiNSsH81zl6bQu52fgNi5w5hHQKHncOApTaviysi X-Received: by 2002:a17:906:ce21:: with SMTP id sd1mr7257362ejb.396.1607622216947; Thu, 10 Dec 2020 09:43:36 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1607622216; cv=pass; d=google.com; s=arc-20160816; b=DSVqHBQo19PHAvRHmOaSxVLcq8ICndPRwVyrxULzmHCTrTvz5zXf95Dik4xiBbMfvX 7OB8jQ3oC37YgRmMrrVwuoLOWarFniqYxjnMWKwTfG9259KwzjwfZvbOPw9i+akcBzdJ AeyRsP0/hpZ2Z7gPh6+ElLcz5mz2A/AlsRooGxqRckGVRwY3Ra9twqZaYS0ZrywILWQH oZkqsDxidbzea3GTYEWl9kMYiMpNHUglVpGwIyHGkth8QsQQ8/u4IK1bKuXfxy7Vx+rR T/pwiIvBrN+oaxlebeTT9n1HpjEgqbst9epduU+BCtk6IzKA1vRX3QkdmE74wdkrrpE5 EilQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:content-transfer-encoding :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=+00cw+QMyVxnB5QrqLlEnbzUtHpRkANbvDvwE4cRFzo=; b=YKcPElusEz6MeAv+Uov5bggpsYosjj9DAvCwR8c3x4FVCBbBa0Yl+3wonAph3wbvWI 4UlwuWY1f3quYYhjarEdA5/vtNBnAGZIajEHZLG3ErF9YGgD6kpS3fpR+NEzHAyd7wz2 9HL7FCQkkmixlHjpwbmmEj+EZ8ZdzR44rG0Sv7K2HlEXn9ssrmwvcFWSruFPkfaAGr9N sFUQ888MSyoNPu2HzgukS+lmI2CMm505nNp0U5EkB9BxRjDC0VdGcTPOekw9YSHTidwT QkYTkNJs9VuKp527iumA2Xxwx5dn+EY+tOOc1KGe7FiIupSe9FB1oYgF7WIm/tU/p0tu sh0Q== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amdcloud.onmicrosoft.com header.s=selector2-amdcloud-onmicrosoft-com header.b="NN/3tJys"; arc=pass (i=1 spf=pass spfdomain=amd.com dkim=pass dkdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=amd.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id o59si3408800edd.460.2020.12.10.09.43.11; Thu, 10 Dec 2020 09:43:36 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@amdcloud.onmicrosoft.com header.s=selector2-amdcloud-onmicrosoft-com header.b="NN/3tJys"; arc=pass (i=1 spf=pass spfdomain=amd.com dkim=pass dkdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2392844AbgLJRgQ (ORCPT + 99 others); Thu, 10 Dec 2020 12:36:16 -0500 Received: from mail-bn7nam10on2082.outbound.protection.outlook.com ([40.107.92.82]:61760 "EHLO NAM10-BN7-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S2404102AbgLJRPq (ORCPT ); Thu, 10 Dec 2020 12:15:46 -0500 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WXExcYyE0UQW6+9bw45q/oFkdf4H17l/IB7CXEiZbYNYuQiXBpfOzCs6LMwF5E1BBwNRZjqufwZSuoKuXvI38xtOgR1/MTBZi+tz1x+xttYroKmbIMaNI9IbSw3s9xJaLahnjI8rN2dsZeTGi8fFOmeXBcfx4rc6J3UJCauL6Uj+fE5k3xY6t1/fBq+p+ZvA4AHWYa6SuTypkBypojDJvoWD0Sa82JDrfu8pWdgTSp7Pd7fARu7T4XPwePuGu8T1V52Z+Kyh7PNrWsypHRaLnmYW/LtHEyXyFcYoJhpfwBTI4BeEHaiNeCl/oesNAAi8aWN4z/Ox/ZlrDocCvgg5yA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+00cw+QMyVxnB5QrqLlEnbzUtHpRkANbvDvwE4cRFzo=; b=UkLXrU3KONesxB5rirNtjCOIKOflpkoNM5SNCXPVEBwDryhIHp68aYnDPkUNY9HyBxCp2tSQzn+wF7F26qXYlkRcIkY+MPRec1b8n7YAuY0oC/m8X1KaSM6Eljrh+AzVIqOVunHun1WwvapUbUofiqMBj/prO70wy+x45eDW7aAEhA+L2Sn+obBeOknBCJxodtubqxkyoF1SFE9lO3zIfRVC3jVf33Eax7qwWsM03FHSPUjpEQilSaYEL4GDQX3QlL9eZQoyn7VpOXeoSsQMxoxAurfEg2Snj7ypMJs1ThPXsV1TrJ85eSdkx7aI7sjgpJgtNJUbpgUaq/mNXQcWVw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector2-amdcloud-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+00cw+QMyVxnB5QrqLlEnbzUtHpRkANbvDvwE4cRFzo=; b=NN/3tJys8q8LzLfApX7bSxw9deW0PgvzUmk0O7GuVxNu058ZyXUuKd2HFoREOBqrnh8NiFI1jEqPmeE2hgQvUgUUEi0Orp+7d2ZR6JvAQRduQNrbreyUzleko+RCERvBHVWi7pLOW0hMlo0HKdTvzvj6NsOYEpy79wEcMDlF8nM= Authentication-Results: vger.kernel.org; dkim=none (message not signed) header.d=none;vger.kernel.org; dmarc=none action=none header.from=amd.com; Received: from CY4PR12MB1352.namprd12.prod.outlook.com (2603:10b6:903:3a::13) by CY4PR12MB1350.namprd12.prod.outlook.com (2603:10b6:903:41::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3632.20; Thu, 10 Dec 2020 17:14:40 +0000 Received: from CY4PR12MB1352.namprd12.prod.outlook.com ([fe80::a10a:295e:908d:550d]) by CY4PR12MB1352.namprd12.prod.outlook.com ([fe80::a10a:295e:908d:550d%8]) with mapi id 15.20.3632.021; Thu, 10 Dec 2020 17:14:40 +0000 From: Tom Lendacky To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org Cc: Paolo Bonzini , Jim Mattson , Joerg Roedel , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Borislav Petkov , Ingo Molnar , Thomas Gleixner , Brijesh Singh Subject: [PATCH v5 29/34] KVM: SVM: Set the encryption mask for the SVM host save area Date: Thu, 10 Dec 2020 11:10:04 -0600 Message-Id: X-Mailer: git-send-email 2.28.0 In-Reply-To: References: Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: CH2PR05CA0049.namprd05.prod.outlook.com (2603:10b6:610:38::26) To CY4PR12MB1352.namprd12.prod.outlook.com (2603:10b6:903:3a::13) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from tlendack-t1.amd.com (165.204.77.1) by CH2PR05CA0049.namprd05.prod.outlook.com (2603:10b6:610:38::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3654.7 via Frontend Transport; Thu, 10 Dec 2020 17:14:39 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: f58d56bd-a3e4-4919-fa0a-08d89d2f1476 X-MS-TrafficTypeDiagnostic: CY4PR12MB1350: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:1091; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: LWi1LrvGja/gOFMVSHQRAvjSnIZ1enzgQ5DlOk5j6bFHKF0yeGUFt+SiTQdlyXVwdHTY/0LWYiiazHs2uHTHP1i9Jltd9FFpHtw1rytuGue370f4jPNay44hBdXAWFgd0yEfIO629LYcnGRJssompNNfSHHhK3kdidIbLHVT10IXzh9z0C7o00iaVcES8XfX5PAEfC0yNBPjVEfyXyONIk8TGEz08AkWHIGpOZVSvO9q28vRG61S0MA7WVWROdwjoyUC7gG1nhWrxagS1PRG5I9Gjyl48KkhJrUIOppkq946JtKb5xQ4mdmRCaG6FH54tcU+I8IaXXktaClO5yVywmMZQPhtWOqvJEYG0UYHdwGC9zU3OAtNB6mNXEXxEuWA X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:CY4PR12MB1352.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(376002)(366004)(346002)(136003)(6486002)(8936002)(16526019)(2906002)(2616005)(54906003)(508600001)(86362001)(52116002)(66946007)(36756003)(6666004)(8676002)(7696005)(83380400001)(4326008)(34490700003)(956004)(26005)(66556008)(66476007)(7416002)(5660300002)(186003);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData: =?us-ascii?Q?wSsC15pZMY3fwB76Vb15yeygVkw/MViI1FxCO/2Y55bOib1MYQq3rdTEnJsg?= =?us-ascii?Q?IeVjCu35ovaXkIu5aW2ede3it2ZFjauEa0DRUL5px0WDKneoo7x/rCPIM98j?= =?us-ascii?Q?5b+NVOAlKf/nIvu7V11L3qhFq2UGrjlpWuGwON6Ji2abLs95jVLqL8DmCu87?= =?us-ascii?Q?NTMa3r95iLsn9p9Dsh3wsO3WwFG74gQaOuBU5I+ShFAN92JZxazpcnPDSj6f?= =?us-ascii?Q?FTdu4dHI5fzjcrOzvyxn6+p51m7VzriYcCY+Asi0qweVvznvlz7oARIG+Kqq?= =?us-ascii?Q?JA7nnP4/1hkPDXdMoTSND5saEKVj9NdL3DA1TxSfj8EOWgq9XJZKYJo1q/pV?= =?us-ascii?Q?gEsrnCfDuc/4xOsOR8QJvSqF8pZ1pDoHUsZYtJP6jtsa1wW8ifJIKY+CjHha?= =?us-ascii?Q?6awa6er8ZSf3CKhtQnCMeZmUs3H85YpDbX/jAW1fJUMW7pCEzGNOn2cwde3r?= =?us-ascii?Q?56Xm+XF5xkt3sirvrCqcMw8Wvk2lAHfiWVI8Yw3zQbIQFFzhVGN9xqzi1ELT?= =?us-ascii?Q?E3n6OHyMzHYkfjaP0BukCrK+pqw24mNKiO1/GEgPaMMrD+a7Q2Qka7YhX2N7?= =?us-ascii?Q?TlyRgELH3vebr4fMWLrKiG6+68RlzN5f5HAYUlXQYj9ZCP4sJhjDUUyyuBBB?= =?us-ascii?Q?0pPMTv7UrUzGZ2KSYInvgTJM0k24dnOvitNxrfJy3zUmYxdO7Qov9+6lia28?= =?us-ascii?Q?gRRXvGgNNU1qKBcOa3kYa4Jb3D+seL7a8dvt7iTI7of8rQGHizVJlaQ2w0cE?= =?us-ascii?Q?FPyKc1INWK1B32tkmY3qERixyXfPDQIvLdrn6y0uS2AmLKAdswWkBHOR4jhD?= =?us-ascii?Q?HLxUjInhEpqYldX1fV4Hs0Nt631oWfLbDLqyJ0t2bXZCgl6HIhVs10kOryQo?= =?us-ascii?Q?CKgpMMqDMznO3poMnpatb0mwjm+r1IDMgwh9O0Zy149+tZBsZPZEdTOx9Rw1?= =?us-ascii?Q?kvTpSmDc2fJaJa79meIeIePYCzS3PdRpLcwUD931I30Czfr8j49ZShKTZEDE?= =?us-ascii?Q?FX2N?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-AuthSource: CY4PR12MB1352.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Dec 2020 17:14:40.4101 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-Network-Message-Id: f58d56bd-a3e4-4919-fa0a-08d89d2f1476 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: oUDqBFBtIPjfy2XB5qbyl0H6TOBymT9cyRpOHE/0OIW4ZZAZ0aF/Pv7dIu/MZp5BJPtWLovt2X5vCdiVcX5w4w== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR12MB1350 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Tom Lendacky The SVM host save area is used to restore some host state on VMEXIT of an SEV-ES guest. After allocating the save area, clear it and add the encryption mask to the SVM host save area physical address that is programmed into the VM_HSAVE_PA MSR. Signed-off-by: Tom Lendacky --- arch/x86/kvm/svm/sev.c | 1 - arch/x86/kvm/svm/svm.c | 3 ++- arch/x86/kvm/svm/svm.h | 2 ++ 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 486c5609fa25..4797a6768eaf 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -32,7 +32,6 @@ unsigned int max_sev_asid; static unsigned int min_sev_asid; static unsigned long *sev_asid_bitmap; static unsigned long *sev_reclaim_asid_bitmap; -#define __sme_page_pa(x) __sme_set(page_to_pfn(x) << PAGE_SHIFT) struct enc_region { struct list_head list; diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 16746bc6a1fa..d8217ba6791f 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -498,7 +498,7 @@ static int svm_hardware_enable(void) wrmsrl(MSR_EFER, efer | EFER_SVME); - wrmsrl(MSR_VM_HSAVE_PA, page_to_pfn(sd->save_area) << PAGE_SHIFT); + wrmsrl(MSR_VM_HSAVE_PA, __sme_page_pa(sd->save_area)); if (static_cpu_has(X86_FEATURE_TSCRATEMSR)) { wrmsrl(MSR_AMD64_TSC_RATIO, TSC_RATIO_DEFAULT); @@ -566,6 +566,7 @@ static int svm_cpu_init(int cpu) sd->save_area = alloc_page(GFP_KERNEL); if (!sd->save_area) goto free_cpu_data; + clear_page(page_address(sd->save_area)); if (svm_sev_enabled()) { sd->sev_vmcbs = kmalloc_array(max_sev_asid + 1, diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 5d570d5a6a2c..313cfb733f7e 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -21,6 +21,8 @@ #include +#define __sme_page_pa(x) __sme_set(page_to_pfn(x) << PAGE_SHIFT) + static const u32 host_save_user_msrs[] = { #ifdef CONFIG_X86_64 MSR_STAR, MSR_LSTAR, MSR_CSTAR, MSR_SYSCALL_MASK, MSR_KERNEL_GS_BASE, -- 2.28.0