Received: by 2002:a05:6a10:a852:0:0:0:0 with SMTP id d18csp1840591pxy; Thu, 6 May 2021 17:54:55 -0700 (PDT) X-Google-Smtp-Source: ABdhPJytxztp8Hu/l99NpgM/yYpERHexBDhG6nsjkvFqpZkwUN/gekJGkTgwOFSK0tiLw2AVQa+6 X-Received: by 2002:a50:fe04:: with SMTP id f4mr8277592edt.29.1620348895645; Thu, 06 May 2021 17:54:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1620348895; cv=none; d=google.com; s=arc-20160816; b=G1/L0ViuIyZNAORyshbyA1lW31uRKfEXbqgRpewpUZbasD1v/Fhl8QGXJazdsKaDBj tp4sdGGLk4rxoDOnRjxfwPHv1+MQ9C0Ij85nlDruapSsPgFbKJc2qZ0NUavo2zKFJH/p 6J6YhoLc1GleiCOQOkQcTpVwBZFrjTIY+ANrctXiPpYC1ZLp6O+2GT7AqIvGUENwhWCk M/H/wyBNiAEV+7OXMBuKfLS6ogWyzA65RFSfTnR1VPohjfc2qRRBO6QVAxiBbtTC76Ca 6KffUkmiUwGKaG/Uj5CAONopcGhFteVPZ35sXpNi0e69ITSeavkXieT18yx9lDvoNTjv Kd2w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=1ZJJpWnA5QBmwVYH3cUwpevDYWEenuEP/75drNSjJCY=; b=BS1YCecNa8iKnhzYMy4AaMEEUxAoOo2S5lWzS0PQEN+OULYQFC0Q0LnmxKYuyhX8QB 48HEQ83dqcNmo5RopONaBJUb/PpkwR5LywK42+GvY5KnBxvrwJXaOZDa8FGTQtxC2lYi Wj8kRnQimyxKiVWdAxizfphV0Ir6dBMlOD0tUfAl37im4IWVVg5wcCpsLJE9g08IuNqX JYehi5Uk85XE8UDBrF0+e6RSlDNTRtTs927FwVULe6pjWj2fLbaqSpjk+RiNZxd2Moqr 07LaRFyflcACkBjIVwtmLLZ5f/goXJTG/i5AzDtbFmcww8MLQDVJjjQgyZ1FoosqiQXo 3JMA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=S0+QLDIS; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id l25si3646908ejz.623.2021.05.06.17.54.17; Thu, 06 May 2021 17:54:55 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=S0+QLDIS; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233855AbhEFU1F (ORCPT + 99 others); Thu, 6 May 2021 16:27:05 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42848 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229965AbhEFU1E (ORCPT ); Thu, 6 May 2021 16:27:04 -0400 Received: from mail-lf1-x133.google.com (mail-lf1-x133.google.com [IPv6:2a00:1450:4864:20::133]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B3B16C061574 for ; Thu, 6 May 2021 13:26:04 -0700 (PDT) Received: by mail-lf1-x133.google.com with SMTP id c3so9609821lfs.7 for ; Thu, 06 May 2021 13:26:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=1ZJJpWnA5QBmwVYH3cUwpevDYWEenuEP/75drNSjJCY=; b=S0+QLDISnbSh1ONFqwJCL8w4tNmRaDfvMYrwRyDl6rYGCwzjNgv7bw4fuskxy8KcJr 6T25FNlnG3YLNrvUnnejT3wA+6r/ndayJgncOTb1W9pl3866LWC8EGinLtF1i1UdHZQJ +sfry1urEFO3iXViQogTaezEWwYDmJegWlkdW7Nxa1rh4dD5sbubhycdchTVT+LabKMR cU5PIdvMI7rXQvlvV/8ESxutbN8mk1ScYNPnxXYjG9PtrEPjUdm8DNapt/XYvFKatnpU L+0FI6FXZELFvotrgCkGwN5Yz+UWbTZ3NOCWcNh5k5q8FNDrxzWGrOj8w2hyhgSUIH65 yedA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=1ZJJpWnA5QBmwVYH3cUwpevDYWEenuEP/75drNSjJCY=; b=LbgIb2z1K9FUFCebLB6eHy3fvklMGCaYODHDdrzzltSRSa0D2ciAE9HSwzb8eSdSCv 6YAlB+xugoqkdRqCCYp+1K/ore2I+kLId67SCUHli5tIunDcTJvGV+BdbYo5QWivwXAJ xYdB0ElrIsuyIbBRNyIO0BkGG9+DU5/fhl9RRwq85INnZCyjbEHNNWhnDSWhTB2DtKUk oE6HM9E+0PbdB/jjzZQ/ZpydiWS1Zn1d6prUlfEaFsJmR4pttZwRnKczs0h+WpbnPjZe KUL/Gl98KJSaZ786HGajxpbXHokmGmCPcDzk1DzdwYrMUMTFGt1ULKw1/lN9XYxL56IV hK2w== X-Gm-Message-State: AOAM5319ELtNwZ2f76QF/njwhxNXuFySh+GUwYYtD/NP7zKF0y5R2pcz LbzwbKnSOOIUxuC4ZQzWthg82cxcI6W4SO0rmvjzZQlx76KR3w== X-Received: by 2002:a05:6512:130c:: with SMTP id x12mr4163234lfu.423.1620332762896; Thu, 06 May 2021 13:26:02 -0700 (PDT) MIME-Version: 1.0 References: <20210430123822.13825-1-brijesh.singh@amd.com> <20210430123822.13825-22-brijesh.singh@amd.com> In-Reply-To: <20210430123822.13825-22-brijesh.singh@amd.com> From: Peter Gonda Date: Thu, 6 May 2021 14:25:50 -0600 Message-ID: Subject: Re: [PATCH Part2 RFC v2 21/37] KVM: SVM: Add KVM_SNP_INIT command To: Brijesh Singh Cc: x86@kernel.org, linux-kernel@vger.kernel.org, kvm list , Thomas Gleixner , Borislav Petkov , jroedel@suse.de, "Lendacky, Thomas" , Paolo Bonzini , Ingo Molnar , Dave Hansen , David Rientjes , Sean Christopherson , peterz@infradead.org, "H. Peter Anvin" , tony.luck@intel.com Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Apr 30, 2021 at 6:44 AM Brijesh Singh wrote: > > The KVM_SNP_INIT command is used by the hypervisor to initialize the > SEV-SNP platform context. In a typical workflow, this command should be the > first command issued. When creating SEV-SNP guest, the VMM must use this > command instead of the KVM_SEV_INIT or KVM_SEV_ES_INIT. > > Signed-off-by: Brijesh Singh > --- > arch/x86/kvm/svm/sev.c | 18 ++++++++++++++++-- > include/uapi/linux/kvm.h | 3 +++ > 2 files changed, 19 insertions(+), 2 deletions(-) > > diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c > index 200d227f9232..ea74dd9e03d3 100644 > --- a/arch/x86/kvm/svm/sev.c > +++ b/arch/x86/kvm/svm/sev.c > @@ -230,8 +230,9 @@ static void sev_unbind_asid(struct kvm *kvm, unsigned int handle) > > static int sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp) > { > + bool es_active = (argp->id == KVM_SEV_ES_INIT || argp->id == KVM_SEV_SNP_INIT); > struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; > - bool es_active = argp->id == KVM_SEV_ES_INIT; > + bool snp_active = argp->id == KVM_SEV_SNP_INIT; > int asid, ret; > > if (kvm->created_vcpus) > @@ -242,12 +243,16 @@ static int sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp) > return ret; > > sev->es_active = es_active; > + sev->snp_active = snp_active; > asid = sev_asid_new(sev); > if (asid < 0) > goto e_no_asid; > sev->asid = asid; > > - ret = sev_platform_init(&argp->error); > + if (snp_active) > + ret = sev_snp_init(&argp->error); > + else > + ret = sev_platform_init(&argp->error); > if (ret) > goto e_free; > > @@ -583,6 +588,9 @@ static int sev_es_sync_vmsa(struct vcpu_svm *svm) > save->pkru = svm->vcpu.arch.pkru; > save->xss = svm->vcpu.arch.ia32_xss; > > + if (sev_snp_guest(svm->vcpu.kvm)) > + save->sev_features |= SVM_SEV_FEATURES_SNP_ACTIVE; > + > /* > * SEV-ES will use a VMSA that is pointed to by the VMCB, not > * the traditional VMSA that is part of the VMCB. Copy the > @@ -1525,6 +1533,12 @@ int svm_mem_enc_op(struct kvm *kvm, void __user *argp) > } > > switch (sev_cmd.id) { > + case KVM_SEV_SNP_INIT: > + if (!sev_snp_enabled) { > + r = -ENOTTY; > + goto out; > + } > + fallthrough; > case KVM_SEV_ES_INIT: > if (!sev_es_enabled) { > r = -ENOTTY; > diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h > index 3fd9a7e9d90c..aaa2d62f09b5 100644 > --- a/include/uapi/linux/kvm.h > +++ b/include/uapi/linux/kvm.h > @@ -1678,6 +1678,9 @@ enum sev_cmd_id { > /* Guest Migration Extension */ > KVM_SEV_SEND_CANCEL, > > + /* SNP specific commands */ > + KVM_SEV_SNP_INIT, > + Do you want to reserve some more enum values for SEV in case additional functionality is added, or is this very unlikely? > KVM_SEV_NR_MAX, > }; > > -- > 2.17.1 >