Received: by 2002:a05:6a10:1a4d:0:0:0:0 with SMTP id nk13csp2102548pxb; Wed, 9 Feb 2022 10:53:29 -0800 (PST) X-Google-Smtp-Source: ABdhPJzJMn03GeCSr5Bdqf5o1UKVl9+wHeq+oKPlOqzPUEah1Iyh3JBIfMUQJ8wv71XShKQhpmNI X-Received: by 2002:aa7:d299:: with SMTP id w25mr4127174edq.21.1644432809258; Wed, 09 Feb 2022 10:53:29 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1644432809; cv=pass; d=google.com; s=arc-20160816; b=J8qjBeDZtZuUbzVzh3Xodwkp/cRPQuf5A/46255OThwJKPowWkF/4drN3495SqH5/F qpDVZDsuxGbb23B3U9r9K1QfanrQx2nSARnhHlvxvd5FJ/RK7G7pHz0BxtgxIUc+Dt/u tdzkr12MxWhDjdjH6+IGQDEGuS1dA2qiuj1RhmQwIKT8zVOaA6Uvq6O+j3Vf2vInfWVM jvtplo8BML7fUd0hVyQTGM5R/BrucqMXJgSAjCbGP0bp19xG8hmtcO4hPAUyPleNcAEg 1A5JxZ5xRqirtM6bSb74FUZb+FCe0ruoeZMPYRGJL60wwtoWaA8HFcUPqJb2YaXfWU8H p4dw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=dQ99cfpt0m7da6oqy/rXr/yW8LVwNmJ3ynuO/U1I9WU=; b=PdF6/iZkuzsfecU73odZ9pfEgNkn1n8j0HyNa2mak35/lkWRJ04nRnmHhOaVj7FJlV BYSoS2QGSHaTGOxZAHpT+8sREUDmuEBFk5kHdJxwBE0lg8Rvlw0zsGzCniGFG3Ee800s dQcs+wCB1O+kJhM26ApxVgUFUZHNMnX1gu6NsE/oZbNV3VAef0cy4ZOrrzpiR1zfLCzU euIm/K8KPu0JuAmyCCHRaJpSC4af4Vn3kuntN3swW34YI6noIHgcGIZBq89kuPgeN4XD 5PaWD8BfaiBUGPLKrouTIt4cB2duupjppVPmPH4Fw6rmiSjG9pVH+O9JX+yilsq+KMFR d1Eg== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=EcoUPo11; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id du16si11923493ejc.43.2022.02.09.10.53.03; Wed, 09 Feb 2022 10:53:29 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=EcoUPo11; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238933AbiBISNI (ORCPT + 99 others); Wed, 9 Feb 2022 13:13:08 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60574 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238921AbiBISMq (ORCPT ); Wed, 9 Feb 2022 13:12:46 -0500 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2049.outbound.protection.outlook.com [40.107.237.49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2147AC050CD9; Wed, 9 Feb 2022 10:11:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=m5EA4jr5J9NslnwR3WiK4R1tmHbsMv29jjMDxbLGVOfQ6Wm0aqNccxF48ljY+hKwpamctuar2aoIfcVUYm+RclY72u7xeQfiBRUBPkV0Pw03UwDeSMCz2f1eR59AMiwEFyfTpXhJMHHcKKB5Lhe0et4AVtdQbIqUd8xrYDgOJ9oX8gVhMWWs8UfepShg7a4cd0plmLGD2e+fL+2YbjS7Lr7nC0qBL3HfC6KRFMxCxIbvA5S5sktwZm5Teg9ycSnqu5G4aH3KTxU6eIOvb7j4SbJQR4k4n6gPyp7v582JHKqWq9eGFOcSipPZtkVZjEHWbZtQsb7yrrWDHIbvi1Ofdw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=dQ99cfpt0m7da6oqy/rXr/yW8LVwNmJ3ynuO/U1I9WU=; b=KqZ1651N0Lmi/hA9jbfmy62aLnMrIj8IhPxFjFpGjg1EZzCTrHDdkmocTRWs2tWLGU3rqy0luuiX2ihLDVDv59Amw3V8ERx89tL1kwm4m2emay7O+x2PaYjDh2s8IxR+3T9+myV9/JMBUPbrkXevZP+im7VsDf8imYGGhMprwOBdd0G1gwssq5/WCMvD3JdGW5dgHgvU+vrlJpeVlGc/Nc5CxR4vjXTufdvhtOUx3+CGY+1FN52qe6On6sMH/q3+gGZOm7M8rscxJHMv3w9sufJdCTgBWvzZI3v8+sBLG6TiEhkpRh4VvS2aN4OifyN1TcMg1yw07D/YsFVKFavsmQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dQ99cfpt0m7da6oqy/rXr/yW8LVwNmJ3ynuO/U1I9WU=; b=EcoUPo11m9PmvSiBU2H2DuObs8baJRxKhuEMqbC5WKhAt2Lc+j/P4NfgnU9Dftr1rBnT8jYGEFQjGQVcAKy6LNURXxfVXcS3LPczSVMz3BReB5GMV8Ux2IO738+DMj13dU+RHtm2Mf4zk6Lu4wf3F9QTbwtwbelr3GJfELevi5k= Received: from BN9PR03CA0347.namprd03.prod.outlook.com (2603:10b6:408:f6::22) by MN2PR12MB3440.namprd12.prod.outlook.com (2603:10b6:208:d0::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4951.11; Wed, 9 Feb 2022 18:11:54 +0000 Received: from BN8NAM11FT030.eop-nam11.prod.protection.outlook.com (2603:10b6:408:f6:cafe::f7) by BN9PR03CA0347.outlook.office365.com (2603:10b6:408:f6::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4951.12 via Frontend Transport; Wed, 9 Feb 2022 18:11:54 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; Received: from SATLEXMB04.amd.com (165.204.84.17) by BN8NAM11FT030.mail.protection.outlook.com (10.13.177.146) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4975.11 via Frontend Transport; Wed, 9 Feb 2022 18:11:54 +0000 Received: from sbrijesh-desktop.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.18; Wed, 9 Feb 2022 12:11:52 -0600 From: Brijesh Singh To: , , , , , , CC: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , "Vitaly Kuznetsov" , Jim Mattson , "Andy Lutomirski" , Dave Hansen , Sergio Lopez , Peter Gonda , "Peter Zijlstra" , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , "Kirill A . Shutemov" , Andi Kleen , "Dr . David Alan Gilbert" , , , , , Brijesh Singh , Venu Busireddy Subject: [PATCH v10 16/45] x86/compressed: Register GHCB memory when SEV-SNP is active Date: Wed, 9 Feb 2022 12:10:10 -0600 Message-ID: <20220209181039.1262882-17-brijesh.singh@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220209181039.1262882-1-brijesh.singh@amd.com> References: <20220209181039.1262882-1-brijesh.singh@amd.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: ac2413f1-a9df-45be-b2c7-08d9ebf7a770 X-MS-TrafficTypeDiagnostic: MN2PR12MB3440:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:6430; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: BVmfTp4cTe/vT9zyLrBSzlubY868HpHtwNMn5LdzbZ7+4xdYWbo/R3CAIj6lq2GR+xbxTdaT7Hq0YqgwjAYzUKELmZQNKdYdD7vveR3oXBOrY8fS1ZaFpewU71m7b+Y4ErJmuBQFQB23cwIZEnVv42pHBV9m00BjwZMCAO5gR33r4J/0/p+gmgAF0YqDSpgiqSdXP0dzB5JH7cAkRz10Sdo4y+OrV3Z2xR/rB+BFZWqlFX+wqMTMbmdRQV5rpMyYpI9E//fQGAfX8tiVu2a370GXhyHI2Es/JovNP+jbT2JhqEuZF5sPUyf9iOG9e0DCxiUyazhsT7nFFpCdegJBVpeHUS5KFKsIdIRAJtcp3QF5HJ/T+bUZ6+FE2VKvQCdoqdu0CdzmdhQexCqtjootgnPya+8/fVVl00eG/I/xrUMgm8IVjjof17Cyn9BsSWMox0/+w4wzucg/7dnQVGfGhAypqmsS7Esbarr2Ym9efrWB8PqWVmBfPa7sURwGrr9ADzAxYmaD5AcMVBYDujf0yubz/mHM3+gsgEyfzK3Eq6X3ZFx7ylBZXWhg/H51mNrhpXZaug69g/BPTtJll8gUQu5XB0gGL4nzoOPd4aAg+RnKEaeYUape8WE1sxXH+ohX08l9qyMP7TO4Yyum+h6bdUgEjYPP74FxdRfXLsNOaW4GZz9sL4LhTIwqU+ayNyQk9Dc2IFq1OODBXp5QYotko6rdIg93qhbVZjS11p5jEoE= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230001)(4636009)(40470700004)(46966006)(36840700001)(26005)(7406005)(36756003)(70586007)(336012)(44832011)(2906002)(7416002)(7696005)(5660300002)(426003)(508600001)(86362001)(4326008)(54906003)(47076005)(316002)(40460700003)(8936002)(82310400004)(8676002)(70206006)(36860700001)(81166007)(356005)(186003)(16526019)(1076003)(110136005)(6666004)(2616005)(36900700001)(2101003);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Feb 2022 18:11:54.7485 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: ac2413f1-a9df-45be-b2c7-08d9ebf7a770 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT030.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR12MB3440 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The SEV-SNP guest is required by the GHCB spec to register the GHCB's Guest Physical Address (GPA). This is because the hypervisor may prefer that a guest use a consistent and/or specific GPA for the GHCB associated with a vCPU. For more information, see the GHCB specification section "GHCB GPA Registration". If hypervisor can not work with the guest provided GPA then terminate the guest boot. Reviewed-by: Venu Busireddy Signed-off-by: Brijesh Singh --- arch/x86/boot/compressed/sev.c | 4 ++++ arch/x86/include/asm/sev-common.h | 13 +++++++++++++ arch/x86/kernel/sev-shared.c | 16 ++++++++++++++++ 3 files changed, 33 insertions(+) diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c index 23978d858297..485410a182b0 100644 --- a/arch/x86/boot/compressed/sev.c +++ b/arch/x86/boot/compressed/sev.c @@ -175,6 +175,10 @@ static bool early_setup_ghcb(void) /* Initialize lookup tables for the instruction decoder */ inat_init_tables(); + /* SNP guest requires the GHCB GPA must be registered */ + if (sev_snp_enabled()) + snp_register_ghcb_early(__pa(&boot_ghcb_page)); + return true; } diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index fe7fe16e5fd5..f077a6c95e67 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -57,6 +57,19 @@ #define GHCB_MSR_AP_RESET_HOLD_REQ 0x006 #define GHCB_MSR_AP_RESET_HOLD_RESP 0x007 +/* GHCB GPA Register */ +#define GHCB_MSR_REG_GPA_REQ 0x012 +#define GHCB_MSR_REG_GPA_REQ_VAL(v) \ + /* GHCBData[63:12] */ \ + (((u64)((v) & GENMASK_ULL(51, 0)) << 12) | \ + /* GHCBData[11:0] */ \ + GHCB_MSR_REG_GPA_REQ) + +#define GHCB_MSR_REG_GPA_RESP 0x013 +#define GHCB_MSR_REG_GPA_RESP_VAL(v) \ + /* GHCBData[63:12] */ \ + (((u64)(v) & GENMASK_ULL(63, 12)) >> 12) + /* * SNP Page State Change Operation * diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c index 4a876e684f67..e9ff13cd90b0 100644 --- a/arch/x86/kernel/sev-shared.c +++ b/arch/x86/kernel/sev-shared.c @@ -68,6 +68,22 @@ static u64 get_hv_features(void) return GHCB_MSR_HV_FT_RESP_VAL(val); } +static void __maybe_unused snp_register_ghcb_early(unsigned long paddr) +{ + unsigned long pfn = paddr >> PAGE_SHIFT; + u64 val; + + sev_es_wr_ghcb_msr(GHCB_MSR_REG_GPA_REQ_VAL(pfn)); + VMGEXIT(); + + val = sev_es_rd_ghcb_msr(); + + /* If the response GPA is not ours then abort the guest */ + if ((GHCB_RESP_CODE(val) != GHCB_MSR_REG_GPA_RESP) || + (GHCB_MSR_REG_GPA_RESP_VAL(val) != pfn)) + sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_REGISTER); +} + static bool sev_es_negotiate_protocol(void) { u64 val; -- 2.25.1