Received: by 2002:a05:6a10:17d3:0:0:0:0 with SMTP id hz19csp2564936pxb; Tue, 13 Apr 2021 05:12:08 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxddlvUbymETf5YnforOW23DoDm3ZuYS+6KbBlOIHMjZ/tAJxjJCff9pMwFJvk0Se0kPR8w X-Received: by 2002:a50:9b18:: with SMTP id o24mr34492476edi.227.1618315927893; Tue, 13 Apr 2021 05:12:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1618315927; cv=none; d=google.com; s=arc-20160816; b=PFmwUvcJXLZqIeS9wosi27uMzBPPX+i7oHXOhzDepHj5etffSIpYDCHemuX/XiyR89 3MF1ziDhc55xB/p6X5Cv443h0zzIgv8VFsrgKH4ujG3ywNbMhxPGAVTuA4SjZURck4qp auVj9tRC0HIpkj3bCAqJbULeq0z0Ra88rbM2HehZb5Y5VE6b//OGYQbyswWRHKfUEGN4 uLPZphz+dwLID1jnLUt5aOYP79twzCRQtu/3JCxXIZfJTt84oSktFsV3TxaAie3HGj8u MphCvbo7PL7FPlAN25+HlUT7duCd5Q8CJnZUoL7/j0h9vyTkmulFoue+D/n6iJQ5ec5l q2rg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=0LHGvHg7f1yY9SQLZf9g/SjH/0KBxQpbACFdVuWiVJk=; b=uNm/Xvz+icVoFbVz61aPjN98Dp3e2nypFKktxc3QgmIb2FhUMUudy0nFfyyL3NqXtW p3aMRvUcwe4sVg8gX8z89QFylbjW0TAD7EC86s1PtavbgyWfYK15AP4XFZwoJtoiBVBc EI6CiqDn56S3OC7grlp/2JjRG+Yzv7lndjAKDmagQvONUD2wxxFTU8FAcg4wl+sjLu73 EqsmiE5+mtJn7YUVjBtI4nyNcmhNF84Rb0gASXo4wYCGpqrgOaWbE9pxw6rXTTmaj5Cq FQaJIfYPFt5o3QlmFut2ABFvYu2ug3Y6DqK3kTMjKch10LBvz9ydPCJONLTiMYJ5Cg8L gEyQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=gxvuj0xQ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id s7si9411859edd.589.2021.04.13.05.11.44; Tue, 13 Apr 2021 05:12:07 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=gxvuj0xQ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1344233AbhDMAFq (ORCPT + 99 others); Mon, 12 Apr 2021 20:05:46 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40196 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1344237AbhDMAFp (ORCPT ); Mon, 12 Apr 2021 20:05:45 -0400 Received: from mail-io1-xd32.google.com (mail-io1-xd32.google.com [IPv6:2607:f8b0:4864:20::d32]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A9C72C061756 for ; Mon, 12 Apr 2021 17:05:25 -0700 (PDT) Received: by mail-io1-xd32.google.com with SMTP id x16so15311602iob.1 for ; Mon, 12 Apr 2021 17:05:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=0LHGvHg7f1yY9SQLZf9g/SjH/0KBxQpbACFdVuWiVJk=; b=gxvuj0xQRawU0ll9Tqkh3cOg5wHPF8BQC/61rs2L+QxNOC/gexHp3uUWHwnlaS3lAy G5yjSQypob7FWz0uBjDdFDACTJtT8TzkZLefWRVuKaqzprqrteQEkXG9Jl8WEROVlFY6 8GctLZNamfSMeXyTXBVksS/YNiFCpm6QU50i9K2YTWKJHZYEIBZbsBDxZxILv/tdXM3H Af88q4IN8SMLNUQA2qUNFr5KP3OaL9elKIGJqxibX2wKghF0fN4eEK3bXfHjE3uMLids jceAc1vBxvuBqdcR6zV3o/IpelroKlC1ZWfcDC8WlRSJv2L7y61Jq+hx0SM07HJ1AxyC WoYQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=0LHGvHg7f1yY9SQLZf9g/SjH/0KBxQpbACFdVuWiVJk=; b=VFAUJRowIGnKcusjP25J5sZkDgEH69vbRHXCGk8VpcwWrJMgUjuoW/Pj2D1Hb8zerI OZtUp/MOJfh1judnLotuReiZtt9Nx9AHu3DVETUnIFUqQ2UGBmjLMcP06brgT4QRuozb Hs4EHosfypSUdbA0hNacI9bq+TQ/e3I4c5kqM6wx8Vc3nGr3b059T6F4hESv1HS6rAdA /SdBsM24xPWC54SyebJccjFFrAnUGVrkkGddedAh0hSGgqzM3ZtFvW+3gLYWK+tpJ3nx eRal8wxOla312oE5rZMn5qXxbBspc5Gij2vHNct30P5Y2e/P5hwsvIHLgtXAhFo2Q6Yx cNYQ== X-Gm-Message-State: AOAM53104lrVcDDUOZeuUzflIjwqAVmE+9hCJbM1xC8e7zVwg9c0x56I dvp/CqoASetdp14HQO5jYW20h3oBerrjKrDRuQBqmA== X-Received: by 2002:a02:9a0a:: with SMTP id b10mr31044347jal.132.1618272324963; Mon, 12 Apr 2021 17:05:24 -0700 (PDT) MIME-Version: 1.0 References: <93d7f2c2888315adc48905722574d89699edde33.1618254007.git.ashish.kalra@amd.com> In-Reply-To: <93d7f2c2888315adc48905722574d89699edde33.1618254007.git.ashish.kalra@amd.com> From: Steve Rutherford Date: Mon, 12 Apr 2021 17:04:49 -0700 Message-ID: Subject: Re: [PATCH v12 08/13] KVM: X86: Introduce KVM_HC_PAGE_ENC_STATUS hypercall To: Ashish Kalra Cc: Paolo Bonzini , Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Joerg Roedel , Borislav Petkov , Tom Lendacky , X86 ML , KVM list , LKML , Sean Christopherson , Venu Busireddy , Brijesh Singh Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Apr 12, 2021 at 12:45 PM Ashish Kalra wrote: > > From: Ashish Kalra > > This hypercall is used by the SEV guest to notify a change in the page > encryption status to the hypervisor. The hypercall should be invoked > only when the encryption attribute is changed from encrypted -> decrypted > and vice versa. By default all guest pages are considered encrypted. > > The hypercall exits to userspace to manage the guest shared regions and > integrate with the userspace VMM's migration code. > > Cc: Thomas Gleixner > Cc: Ingo Molnar > Cc: "H. Peter Anvin" > Cc: Paolo Bonzini > Cc: Joerg Roedel > Cc: Borislav Petkov > Cc: Tom Lendacky > Cc: x86@kernel.org > Cc: kvm@vger.kernel.org > Cc: linux-kernel@vger.kernel.org > Signed-off-by: Brijesh Singh > Signed-off-by: Ashish Kalra > Co-developed-by: Sean Christopherson > Signed-off-by: Sean Christopherson > --- > Documentation/virt/kvm/hypercalls.rst | 15 ++++++++++++++ > arch/x86/include/asm/kvm_host.h | 2 ++ > arch/x86/kvm/svm/sev.c | 1 + > arch/x86/kvm/x86.c | 29 +++++++++++++++++++++++++++ > include/uapi/linux/kvm_para.h | 1 + > 5 files changed, 48 insertions(+) > > diff --git a/Documentation/virt/kvm/hypercalls.rst b/Documentation/virt/kvm/hypercalls.rst > index ed4fddd364ea..7aff0cebab7c 100644 > --- a/Documentation/virt/kvm/hypercalls.rst > +++ b/Documentation/virt/kvm/hypercalls.rst > @@ -169,3 +169,18 @@ a0: destination APIC ID > > :Usage example: When sending a call-function IPI-many to vCPUs, yield if > any of the IPI target vCPUs was preempted. > + > + > +8. KVM_HC_PAGE_ENC_STATUS > +------------------------- > +:Architecture: x86 > +:Status: active > +:Purpose: Notify the encryption status changes in guest page table (SEV guest) > + > +a0: the guest physical address of the start page > +a1: the number of pages > +a2: encryption attribute > + > + Where: > + * 1: Encryption attribute is set > + * 0: Encryption attribute is cleared > diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h > index 3768819693e5..42eb0fe3df5d 100644 > --- a/arch/x86/include/asm/kvm_host.h > +++ b/arch/x86/include/asm/kvm_host.h > @@ -1050,6 +1050,8 @@ struct kvm_arch { > > bool bus_lock_detection_enabled; > > + bool page_enc_hc_enable; > + > /* Deflect RDMSR and WRMSR to user space when they trigger a #GP */ > u32 user_space_msr_mask; > struct kvm_x86_msr_filter __rcu *msr_filter; > diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c > index c9795a22e502..5184a0c0131a 100644 > --- a/arch/x86/kvm/svm/sev.c > +++ b/arch/x86/kvm/svm/sev.c > @@ -197,6 +197,7 @@ static int sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp) > sev->active = true; > sev->asid = asid; > INIT_LIST_HEAD(&sev->regions_list); > + kvm->arch.page_enc_hc_enable = true; > > return 0; > > diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c > index f7d12fca397b..e8986478b653 100644 > --- a/arch/x86/kvm/x86.c > +++ b/arch/x86/kvm/x86.c > @@ -8208,6 +8208,13 @@ static void kvm_sched_yield(struct kvm *kvm, unsigned long dest_id) > kvm_vcpu_yield_to(target); > } > > +static int complete_hypercall_exit(struct kvm_vcpu *vcpu) > +{ > + kvm_rax_write(vcpu, vcpu->run->hypercall.ret); > + ++vcpu->stat.hypercalls; > + return kvm_skip_emulated_instruction(vcpu); > +} > + > int kvm_emulate_hypercall(struct kvm_vcpu *vcpu) > { > unsigned long nr, a0, a1, a2, a3, ret; > @@ -8273,6 +8280,28 @@ int kvm_emulate_hypercall(struct kvm_vcpu *vcpu) > kvm_sched_yield(vcpu->kvm, a0); > ret = 0; > break; > + case KVM_HC_PAGE_ENC_STATUS: { > + u64 gpa = a0, npages = a1, enc = a2; > + > + ret = -KVM_ENOSYS; > + if (!vcpu->kvm->arch.page_enc_hc_enable) > + break; > + > + if (!PAGE_ALIGNED(gpa) || !npages || > + gpa_to_gfn(gpa) + npages <= gpa_to_gfn(gpa)) { > + ret = -EINVAL; > + break; > + } > + > + vcpu->run->exit_reason = KVM_EXIT_HYPERCALL; > + vcpu->run->hypercall.nr = KVM_HC_PAGE_ENC_STATUS; > + vcpu->run->hypercall.args[0] = gpa; > + vcpu->run->hypercall.args[1] = npages; > + vcpu->run->hypercall.args[2] = enc; > + vcpu->run->hypercall.longmode = op_64_bit; > + vcpu->arch.complete_userspace_io = complete_hypercall_exit; > + return 0; > + } > default: > ret = -KVM_ENOSYS; > break; > diff --git a/include/uapi/linux/kvm_para.h b/include/uapi/linux/kvm_para.h > index 8b86609849b9..847b83b75dc8 100644 > --- a/include/uapi/linux/kvm_para.h > +++ b/include/uapi/linux/kvm_para.h > @@ -29,6 +29,7 @@ > #define KVM_HC_CLOCK_PAIRING 9 > #define KVM_HC_SEND_IPI 10 > #define KVM_HC_SCHED_YIELD 11 > +#define KVM_HC_PAGE_ENC_STATUS 12 > > /* > * hypercalls use architecture specific > -- > 2.17.1 > Reviewed-by: Steve Rutherford