Received: by 2002:a05:6a10:17d3:0:0:0:0 with SMTP id hz19csp2402256pxb; Tue, 13 Apr 2021 00:36:40 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwGsUqp/m5IkD9Rn15B/w79UdWvniRnicSmtoYRCbvkk8UfabjRghsDXM7rte7Ok3hX7PpS X-Received: by 2002:a17:906:32da:: with SMTP id k26mr30640129ejk.483.1618299400667; Tue, 13 Apr 2021 00:36:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1618299400; cv=none; d=google.com; s=arc-20160816; b=iW8ZT5tfDOoSYNrqesMSAlK2KbzwJKzeDN0XvbR3LhhKMJzXtjpyjWDVT3o7tQj5WD COtK+xrTz64GVRaM14c6iKENs+Edyc0LO3Q2R0IWhcuSoBhRfAuF9U31cL3/VVIT6fSP lNyGKKLYrgrR9bqVUnScuE+jO5I/DBKDeNqlGkpa0iF+IqK+cHZAS82M5N9Y5GQy3SCR TYreJK9fk3cJxgPtVGwFerEroT0F86U+1SCW9TLZjbQrudPbbB8ndpeUtEdzR2kNrTzw +1fibNFggEojPWK0utrMtB/7FDXWbUZoDsXevodp+fWznR39Vfq8hexfQfx9ZDuyvGK8 e70Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=+OQdtZxsQyvO3nm0SGxHYUM1RYw+EQP6aqSBPHNZGl0=; b=UQ+Nri90IVCUhrxDMf0w9s1AsfObookbbRiPLSJoEL0S0HMXl1orgfLmedYZkSDctZ PKfhiKpRaKTJs+U6vFPjWpZ5ZeAnGaqpU5FlAbD6Y9moNpwf/wB57V3ZNwGYEwn2x8J8 qtW9EXk3UzaOwCDsiailRQ5UuTN3n00NneYfkerhR49xpfbPUmV8PfvOARtEkH7mlDro jI9Ki7WSAjcmADdqCtzpTgm43LkzFohahV5aTCwVsAyJMFAu5OvEp/ZuG1KfYYo7dBd7 1ERGTYt4lWG+jXyVaaxkWiC+TwfGY3e4+HtFEljG72sIvIFapc8WTG3yFE6iFZdsV7mW 72hg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=eDaQLfyq; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id t4si9425118ejs.517.2021.04.13.00.36.16; Tue, 13 Apr 2021 00:36:40 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=eDaQLfyq; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1344227AbhDMAFA (ORCPT + 99 others); Mon, 12 Apr 2021 20:05:00 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40004 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1344222AbhDMAE7 (ORCPT ); Mon, 12 Apr 2021 20:04:59 -0400 Received: from mail-il1-x12d.google.com (mail-il1-x12d.google.com [IPv6:2607:f8b0:4864:20::12d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9B4B5C061574 for ; Mon, 12 Apr 2021 17:04:40 -0700 (PDT) Received: by mail-il1-x12d.google.com with SMTP id c15so12632730ilj.1 for ; Mon, 12 Apr 2021 17:04:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=+OQdtZxsQyvO3nm0SGxHYUM1RYw+EQP6aqSBPHNZGl0=; b=eDaQLfyq81OEGi82RdxLfq8BWq/m46x7z/phYKQJzVD8aAEsOqYW9b/chAWdXaNqVy q60N8L2763d3RuzIMnSdERgep7oJPuUofXlCUiEZwzrl7eCL2yJPZmfB+qxPUuscisA9 6N5zXajDte3yIgV6Udih6TaKkDwjjGMBrPvSH6OZTK/LeGdVKsgco2uzdlUTzhTZkBRi KDBCYUD2GMdfQk3IOwlLn37keA7LmBuyta+jDgbHNSdI/h0QDRGU5Pj+Z2OCZM+IatKP OmR0wbUXdy+QGC3SlA55AZAKiTj/uLNdQt5uKfKMJLHNOJxlqHSkKkNEOpmFg13WXh0a +BDw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=+OQdtZxsQyvO3nm0SGxHYUM1RYw+EQP6aqSBPHNZGl0=; b=BRYkgqbrc+N3UzS45EfjvY8uUpsI0BFNYbthw8dH+XrDhwVNrKMlKBUKh9HWBHPe8S +kBk1DYgzvHIFH52xrC+IZnCKRvVtDfiGUkaKxu1fJKzmG90O6d2AJhNqOVIwxVY/HJB 2NA1haBtMWXVRqN4jQY3DUl2BA8oUR4DAs55BT+SS7LaIi17mNv0GAHRL/dXVK+dThqg 0dea6LjX2Y0DiR69988QomsgCkeCEGFbgozIxKnj0n2YaGre4MEvChO3BDVch9yxWY2Y XYL4ygr3BLRHQ99DprbdXtgqaZC4nliHGAR+dz9u7qeR4mj7aj/hx8G1E6R324O4ug8J UC4Q== X-Gm-Message-State: AOAM533AZWDF8hQgk/sVSihxPOra3WVUPNODs+/jw3QiYFuhThzWV0+9 ixZp3izACHcl0u+tBI7ZhqnpX33dB7WjDz/QL7dmCA== X-Received: by 2002:a05:6e02:1c07:: with SMTP id l7mr18267543ilh.110.1618272279969; Mon, 12 Apr 2021 17:04:39 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Steve Rutherford Date: Mon, 12 Apr 2021 17:04:03 -0700 Message-ID: Subject: Re: [PATCH v12 05/13] KVM: SVM: Add KVM_SEV_RECEIVE_UPDATE_DATA command To: Ashish Kalra Cc: Paolo Bonzini , Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Joerg Roedel , Borislav Petkov , Tom Lendacky , X86 ML , KVM list , LKML , Sean Christopherson , Venu Busireddy , Brijesh Singh Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Apr 12, 2021 at 12:44 PM Ashish Kalra wrote: > > From: Brijesh Singh > > The command is used for copying the incoming buffer into the > SEV guest memory space. > > Cc: Thomas Gleixner > Cc: Ingo Molnar > Cc: "H. Peter Anvin" > Cc: Paolo Bonzini > Cc: Joerg Roedel > Cc: Borislav Petkov > Cc: Tom Lendacky > Cc: x86@kernel.org > Cc: kvm@vger.kernel.org > Cc: linux-kernel@vger.kernel.org > Signed-off-by: Brijesh Singh > Signed-off-by: Ashish Kalra > --- > .../virt/kvm/amd-memory-encryption.rst | 24 ++++++ > arch/x86/kvm/svm/sev.c | 79 +++++++++++++++++++ > include/uapi/linux/kvm.h | 9 +++ > 3 files changed, 112 insertions(+) > > diff --git a/Documentation/virt/kvm/amd-memory-encryption.rst b/Documentation/virt/kvm/amd-memory-encryption.rst > index c86c1ded8dd8..c6ed5b26d841 100644 > --- a/Documentation/virt/kvm/amd-memory-encryption.rst > +++ b/Documentation/virt/kvm/amd-memory-encryption.rst > @@ -372,6 +372,30 @@ On success, the 'handle' field contains a new handle and on error, a negative va > > For more details, see SEV spec Section 6.12. > > +14. KVM_SEV_RECEIVE_UPDATE_DATA > +---------------------------- > + > +The KVM_SEV_RECEIVE_UPDATE_DATA command can be used by the hypervisor to copy > +the incoming buffers into the guest memory region with encryption context > +created during the KVM_SEV_RECEIVE_START. > + > +Parameters (in): struct kvm_sev_receive_update_data > + > +Returns: 0 on success, -negative on error > + > +:: > + > + struct kvm_sev_launch_receive_update_data { > + __u64 hdr_uaddr; /* userspace address containing the packet header */ > + __u32 hdr_len; > + > + __u64 guest_uaddr; /* the destination guest memory region */ > + __u32 guest_len; > + > + __u64 trans_uaddr; /* the incoming buffer memory region */ > + __u32 trans_len; > + }; > + > References > ========== > > diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c > index e530c2b34b5e..2c95657cc9bf 100644 > --- a/arch/x86/kvm/svm/sev.c > +++ b/arch/x86/kvm/svm/sev.c > @@ -1448,6 +1448,82 @@ static int sev_receive_start(struct kvm *kvm, struct kvm_sev_cmd *argp) > return ret; > } > > +static int sev_receive_update_data(struct kvm *kvm, struct kvm_sev_cmd *argp) > +{ > + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; > + struct kvm_sev_receive_update_data params; > + struct sev_data_receive_update_data *data; > + void *hdr = NULL, *trans = NULL; > + struct page **guest_page; > + unsigned long n; > + int ret, offset; > + > + if (!sev_guest(kvm)) > + return -EINVAL; > + > + if (copy_from_user(¶ms, (void __user *)(uintptr_t)argp->data, > + sizeof(struct kvm_sev_receive_update_data))) > + return -EFAULT; > + > + if (!params.hdr_uaddr || !params.hdr_len || > + !params.guest_uaddr || !params.guest_len || > + !params.trans_uaddr || !params.trans_len) > + return -EINVAL; > + > + /* Check if we are crossing the page boundary */ > + offset = params.guest_uaddr & (PAGE_SIZE - 1); > + if ((params.guest_len + offset > PAGE_SIZE)) > + return -EINVAL; > + > + hdr = psp_copy_user_blob(params.hdr_uaddr, params.hdr_len); > + if (IS_ERR(hdr)) > + return PTR_ERR(hdr); > + > + trans = psp_copy_user_blob(params.trans_uaddr, params.trans_len); > + if (IS_ERR(trans)) { > + ret = PTR_ERR(trans); > + goto e_free_hdr; > + } > + > + ret = -ENOMEM; > + data = kzalloc(sizeof(*data), GFP_KERNEL); > + if (!data) > + goto e_free_trans; > + > + data->hdr_address = __psp_pa(hdr); > + data->hdr_len = params.hdr_len; > + data->trans_address = __psp_pa(trans); > + data->trans_len = params.trans_len; > + > + /* Pin guest memory */ > + ret = -EFAULT; > + guest_page = sev_pin_memory(kvm, params.guest_uaddr & PAGE_MASK, > + PAGE_SIZE, &n, 0); > + if (!guest_page) > + goto e_free; > + > + /* The RECEIVE_UPDATE_DATA command requires C-bit to be always set. */ > + data->guest_address = (page_to_pfn(guest_page[0]) << PAGE_SHIFT) + > + offset; > + data->guest_address |= sev_me_mask; > + data->guest_len = params.guest_len; > + data->handle = sev->handle; > + > + ret = sev_issue_cmd(kvm, SEV_CMD_RECEIVE_UPDATE_DATA, data, > + &argp->error); > + > + sev_unpin_memory(kvm, guest_page, n); > + > +e_free: > + kfree(data); > +e_free_trans: > + kfree(trans); > +e_free_hdr: > + kfree(hdr); > + > + return ret; > +} > + > int svm_mem_enc_op(struct kvm *kvm, void __user *argp) > { > struct kvm_sev_cmd sev_cmd; > @@ -1513,6 +1589,9 @@ int svm_mem_enc_op(struct kvm *kvm, void __user *argp) > case KVM_SEV_RECEIVE_START: > r = sev_receive_start(kvm, &sev_cmd); > break; > + case KVM_SEV_RECEIVE_UPDATE_DATA: > + r = sev_receive_update_data(kvm, &sev_cmd); > + break; > default: > r = -EINVAL; > goto out; > diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h > index 29c25e641a0c..3a656d43fc6c 100644 > --- a/include/uapi/linux/kvm.h > +++ b/include/uapi/linux/kvm.h > @@ -1759,6 +1759,15 @@ struct kvm_sev_receive_start { > __u32 session_len; > }; > > +struct kvm_sev_receive_update_data { > + __u64 hdr_uaddr; > + __u32 hdr_len; > + __u64 guest_uaddr; > + __u32 guest_len; > + __u64 trans_uaddr; > + __u32 trans_len; > +}; > + > #define KVM_DEV_ASSIGN_ENABLE_IOMMU (1 << 0) > #define KVM_DEV_ASSIGN_PCI_2_3 (1 << 1) > #define KVM_DEV_ASSIGN_MASK_INTX (1 << 2) > -- > 2.17.1 > Reviewed-by: Steve Rutherford