Received: by 2002:a05:6a10:1a4d:0:0:0:0 with SMTP id nk13csp2106880pxb; Wed, 9 Feb 2022 11:00:02 -0800 (PST) X-Google-Smtp-Source: ABdhPJxEAmc1Xrn/g01+3QkkeKgUNUmeHlWDtGxsaeEwqfm18+j4+xdYRwAAi+EZaoKH5TrfhcHa X-Received: by 2002:a63:804a:: with SMTP id j71mr3025411pgd.502.1644433202449; Wed, 09 Feb 2022 11:00:02 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1644433202; cv=pass; d=google.com; s=arc-20160816; b=uJEsfCdBMUtlfXyrHNSNinsSThiOZPmZQk3Wp/pgVC/snTa3vNYtn8PlTRPCc43pHb bhbVRdMiHOUgoskMUZU6lVzErJO2JCYzIe+ORON6NLUXEtE+4dXuQVdnqNJ6o4gvo4Bo lZEepS9k+Aej9et+1C9XWSAxpqXiY6ALlrjWRtWGqLj+Go8p+VVinZBOsVaVfo/xtzAI EFe4ZW0S5XzXzjajTW3mwksLXa8UkJBZxmEa6F4YG4mZ2e0zG7LY+pJKhWURrer4l8dq rIIab5IOsJDpazMIrzQmCxeRQk1NV97e6ATxW3fxra7mzt0JIDidU9iFE1zUFB4Aswvb FhPA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=fbYtPu/R4hZSC0fOc8BmZk5t0+Odd/LLecFlmc4pxCo=; b=oN3I0Z6nFQmakcVhWLb/rZ25aejlLVac8RSS6puYbpl3cewFfrPYkhVDa1aCdUHhQ6 Auqa0WnREUqWyN41m2UnmvQtSSDZDfoXYBDfSYeaHffsnmkkw1fErBLHCf0ELcCzLZyu ryEAZiMySkP+xirUJSd+0kgQqyDr9epRPcvuV8cn5DXBPuaLlk90vn5LmiM4n6UOKE/+ nL0qWaO0hHcmHgwb4knTmHXXpzNc3uPbTLRK+O2XTEqbVFTJTQhhGE2ReuIvWYqdIyWN Ar7NhLK6P4Q3pIDZPSg7AUZvrIZQvi29FovDVUb5rladeyNgxEhu4RDyXEMzZX3gemst iP/Q== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=0BtfVdjq; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [23.128.96.19]) by mx.google.com with ESMTPS id pj6si6328208pjb.41.2022.02.09.10.59.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Feb 2022 11:00:02 -0800 (PST) Received-SPF: softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) client-ip=23.128.96.19; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=0BtfVdjq; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 63296C03E911; Wed, 9 Feb 2022 10:59:46 -0800 (PST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239278AbiBISPM (ORCPT + 99 others); Wed, 9 Feb 2022 13:15:12 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60650 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239043AbiBISOq (ORCPT ); Wed, 9 Feb 2022 13:14:46 -0500 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2043.outbound.protection.outlook.com [40.107.93.43]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BDC3EC0302D4; Wed, 9 Feb 2022 10:12:33 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gT9WNwhzGd/RKowRWX6wPrvG1P3grX9LNlQoQc6iAx5LwRCncdf91fvqVjOGOgvQsJikVkX9aRAp896A1RWwDq3PMyLTV0bNxtvmCAYuQy21pB5uGVIoHVgZfPrwVQAUg2VI3sNWhTmxDREPVCBZt0ea0m3i+Tz8i2Of4bllKZK3+WirZ5N8yj3WEDZw1H4JMwSFE8BFiLulBb47YDVwlbcpC1sXNUBVbuXOrt7wPsR/70wDBLuK9F/5tSzmJYOyQmARUPe9KKWKGPbDv/WVWGY6yX02Gql79zrLSemgoOub71q6C33JgNYnGhrWZfd2JZZWKxqoxf2flAjN3/Mt5g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=fbYtPu/R4hZSC0fOc8BmZk5t0+Odd/LLecFlmc4pxCo=; b=gpHAKkRqVMJwSgYcDXZ6bAzK80muJwXrFf5RCvB+t0rxyliWkUvsLivDiyMTVUqFLpdNJ1rZoZH1JDaoecv7W2MNQ4Y9cFvySC7HumB1hBmW32FTP4jRQUxLrl7SiJcegzAC7JcvZHdz/sEA/Agl5rFMISLeiLwagjIwcT8EeqktW3Lpg9VVL3/oOd/HLQsPwunRx7PmOUnRhFtQpeeE+oTAMDjabah5Wtf9P50loxrE1cmb5e+goGyBEhVfHuIBk03XIpk6uFxEOH36CiksN6nA/SsDb2/l/Vk2psxca/M5iS5KdUni2HGi6UhUflQ2ck7ZYyz1cSobXKYHdqXR/Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=fbYtPu/R4hZSC0fOc8BmZk5t0+Odd/LLecFlmc4pxCo=; b=0BtfVdjqmGXYxmJc8ViXrzsofCdZ5cTeu5BFt7fR02n0UXrZCLxBrhNrl0TKVRdJ34AEflsARCvE4kQfYOxvJVCKImpR6Qy5rdnRSCifTzrpXaMFcMgCDGbl/jqLQBcfeQUNtbRuKBb4vV+6riibPzuHaKIOpCz6m2bDyia85rs= Received: from BN9P221CA0006.NAMP221.PROD.OUTLOOK.COM (2603:10b6:408:10a::33) by DM6PR12MB4170.namprd12.prod.outlook.com (2603:10b6:5:219::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4951.12; Wed, 9 Feb 2022 18:12:31 +0000 Received: from BN8NAM11FT034.eop-nam11.prod.protection.outlook.com (2603:10b6:408:10a:cafe::fd) by BN9P221CA0006.outlook.office365.com (2603:10b6:408:10a::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4951.12 via Frontend Transport; Wed, 9 Feb 2022 18:12:31 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; Received: from SATLEXMB04.amd.com (165.204.84.17) by BN8NAM11FT034.mail.protection.outlook.com (10.13.176.139) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4975.11 via Frontend Transport; Wed, 9 Feb 2022 18:12:31 +0000 Received: from sbrijesh-desktop.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.18; Wed, 9 Feb 2022 12:12:25 -0600 From: Brijesh Singh To: , , , , , , CC: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , "Vitaly Kuznetsov" , Jim Mattson , "Andy Lutomirski" , Dave Hansen , Sergio Lopez , Peter Gonda , "Peter Zijlstra" , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , "Kirill A . Shutemov" , Andi Kleen , "Dr . David Alan Gilbert" , , , , , Brijesh Singh Subject: [PATCH v10 35/45] x86/compressed: Use firmware-validated CPUID leaves for SEV-SNP guests Date: Wed, 9 Feb 2022 12:10:29 -0600 Message-ID: <20220209181039.1262882-36-brijesh.singh@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220209181039.1262882-1-brijesh.singh@amd.com> References: <20220209181039.1262882-1-brijesh.singh@amd.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 528ce6fb-126b-4724-00cc-08d9ebf7bd54 X-MS-TrafficTypeDiagnostic: DM6PR12MB4170:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8882; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 6chblWz1kig70EX7jWtJWT/UO55+8tZqDk5ZmOBr/+/P5P19n9UiD9FMLYprF8naOCAjEugxWKPZblHi/F9d1SRdWVhjJ9hwtAz6isEBGUpn+Bjm8qpD+88CoH+sLhWTrL6Xj086H0HJFtxEJ+eHrwPVzyVYLzCES66j8oHQZxo236eU4SYOP1EaivhUVtpzU0QUk7x44d6ZMISsHbk0046BUERiBHbkeY3Abh+zsnzDbhYY1xJeww1uBylvSLTgTDZp1PIxZPd+4E4TFTPUfAWlOsvjErjSqPEkZnncEHFeXXC3yBy+SFwXjt6bWrHrH/ULmf9/gtSGlzDYOWDITzynJqwn+LG6zhJga/UO/qNLJ5nLtahAgCEnzG4XobHSuBs/2GwVzh9KS/pm4xSl982Sf6GXeuUZDRXAWJmukGg8z9pMb70xb2dwXyt3/lAt9rgsJc0jlrLN8+W/RR3+of3YmpYgwiJ8eibdftCs7EsQeLBrtA7Kclgd0xZq8nPHP/uWo06wad4+7NeA97Pq6z0kklWLPJ+Ynoi2lbWdr7EE1RSuurjEw+4U6zVI5WA0Xpq4o9pyYDCbcfeKSYAXYkrDnj7kYEcyQ4P8QQr9fhfzF4hgpskTKmUKV4/62ShdMfX5gaJqbrIlzAYoxkz3/S1AyJ4QlafhYqtxu72JQl5d7WrKo1EfiL7Wmxinmzt4wsJn1swAvJzRzxwAAekSxFWKW4pwTp1HCu6WeSIznn0= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230001)(4636009)(40470700004)(36840700001)(46966006)(36860700001)(7406005)(82310400004)(86362001)(40460700003)(356005)(36756003)(81166007)(4326008)(8936002)(8676002)(7696005)(15650500001)(316002)(110136005)(44832011)(5660300002)(508600001)(7416002)(426003)(54906003)(70206006)(70586007)(336012)(47076005)(83380400001)(16526019)(186003)(1076003)(2616005)(26005)(2906002)(2101003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Feb 2022 18:12:31.4703 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 528ce6fb-126b-4724-00cc-08d9ebf7bd54 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT034.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB4170 X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Michael Roth SEV-SNP guests will be provided the location of special 'secrets' 'CPUID' pages via the Confidential Computing blob. This blob is provided to the boot kernel either through an EFI config table entry, or via a setup_data structure as defined by the Linux Boot Protocol. Locate the Confidential Computing from these sources and, if found, use the provided CPUID page/table address to create a copy that the boot kernel will use when servicing cpuid instructions via a #VC CPUID handler. Signed-off-by: Michael Roth Signed-off-by: Brijesh Singh --- arch/x86/boot/compressed/sev.c | 46 ++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c index 9e281e89037a..42cc41c9cd86 100644 --- a/arch/x86/boot/compressed/sev.c +++ b/arch/x86/boot/compressed/sev.c @@ -408,6 +408,43 @@ static struct cc_blob_sev_info *find_cc_blob(struct boot_params *bp) return cc_info; } +/* + * Initialize the kernel's copy of the SNP CPUID table, and set up the + * pointer that will be used to access it. + * + * Maintaining a direct mapping of the SNP CPUID table used by firmware would + * be possible as an alternative, but the approach is brittle since the + * mapping needs to be updated in sync with all the changes to virtual memory + * layout and related mapping facilities throughout the boot process. + */ +static void setup_cpuid_table(const struct cc_blob_sev_info *cc_info) +{ + const struct snp_cpuid_table *cpuid_table_fw, *cpuid_table; + int i; + + if (!cc_info || !cc_info->cpuid_phys || cc_info->cpuid_len < PAGE_SIZE) + sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_CPUID); + + cpuid_table_fw = (const struct snp_cpuid_table *)cc_info->cpuid_phys; + if (!cpuid_table_fw->count || cpuid_table_fw->count > SNP_CPUID_COUNT_MAX) + sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_CPUID); + + cpuid_table = snp_cpuid_get_table(); + memcpy((void *)cpuid_table, cpuid_table_fw, sizeof(*cpuid_table)); + + /* Initialize CPUID ranges for range-checking. */ + for (i = 0; i < cpuid_table->count; i++) { + const struct snp_cpuid_fn *fn = &cpuid_table->fn[i]; + + if (fn->eax_in == 0x0) + cpuid_std_range_max = fn->eax; + else if (fn->eax_in == 0x40000000) + cpuid_hyp_range_max = fn->eax; + else if (fn->eax_in == 0x80000000) + cpuid_ext_range_max = fn->eax; + } +} + /* * Indicate SNP based on presence of SNP-specific CC blob. Subsequent checks * will verify the SNP CPUID/MSR bits. @@ -423,6 +460,15 @@ bool snp_init(struct boot_params *bp) if (!cc_info) return false; + /* + * If a SNP-specific Confidential Computing blob is present, then + * firmware/bootloader have indicated SNP support. Verifying this + * involves CPUID checks which will be more reliable if the SNP + * CPUID table is used. See comments over snp_setup_cpuid_table() for + * more details. + */ + setup_cpuid_table(cc_info); + /* * Pass run-time kernel a pointer to CC info via boot_params so EFI * config table doesn't need to be searched again during early startup -- 2.25.1