Received: by 2002:a05:6a10:413:0:0:0:0 with SMTP id 19csp2247403pxp; Mon, 21 Mar 2022 14:55:22 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzAnTi8IgvpsYKgCJGNVj/IhYNzT9iH5HKlNLtyepmCwIuBDR5t0xNF/mFSMm+LlfiaTTNA X-Received: by 2002:a17:90b:4c11:b0:1c6:bf5e:1a48 with SMTP id na17-20020a17090b4c1100b001c6bf5e1a48mr1319120pjb.110.1647899721973; Mon, 21 Mar 2022 14:55:21 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1647899721; cv=none; d=google.com; s=arc-20160816; b=kO5qWcjsr+j5zdRud1hk9Imx/AiGVkK6kixOmOa2X/1gyT30xXw0WUO4KYKWV1schN XanFcAfP6PCOE7daucnbN/Nhzh0dp8WRfq72K/69TjjxkKGlH/zPN7wu5k9Spgk7m9LQ ae6AQEgR3w7zg3wnGOe1JwdrsWUl6BK6oxEjoTqDHbJRKcgbvcyyRXsAyckFhTvRA1c2 10RXRXM1sUXSe5m+Bs8ptJTaVCZzVVPgoxh1OdYPNV33FYVmpSdzs7Fgc6x7P3K1gtlI UfPOPRy9F9vst5X9IXZdHJbRHw8FcF08kqK4cCI3SJjglYMY2gdoVmKILlW9pbSYbMMo Mrnw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=fmeIv2QDOzsS4zlc06LTh9pZ1GK8X0LxwrhNTBduaNE=; b=fd9Dv47UPnTvqBCUOAqrzss1n6DUL8gZFiVHlxbuugRXKPzEDGKI882wkFxc6IPnlq SAQogH3VRVtjjZVuTZ85Mw0p+L1vJdlMM+tlxeKijaRf3PxVgyeGw/wGnCGzVRjp/4uA R/6HG19ASmYu4A12V+1tW+NbZqRwcLDohu9jg9FgdmQBLHIvFrtXTLSFuVJCm0zzYLYB VyBQsXfrYqjsLcPRIsRfUurDTAxqyR/CmEHaK5ujrbMoBEpU6UMq2hYgcZiksbOqI/KF C4DPbLo6T1lSoNB1K3asVL4ph8HmCJU56Cjqy4847Jt+AloNfxD9+AwAj4KUZdoON9+B Gusg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=Ht6jx+xV; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [2620:137:e000::1:18]) by mx.google.com with ESMTPS id b16-20020a170902b61000b00153b2d164a2si10880511pls.170.2022.03.21.14.55.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 21 Mar 2022 14:55:21 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) client-ip=2620:137:e000::1:18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=Ht6jx+xV; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 2F6762D5A38; Mon, 21 Mar 2022 14:22:07 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1351828AbiCUR1C (ORCPT + 99 others); Mon, 21 Mar 2022 13:27:02 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60662 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345862AbiCUR1A (ORCPT ); Mon, 21 Mar 2022 13:27:00 -0400 Received: from mail-oo1-xc2e.google.com (mail-oo1-xc2e.google.com [IPv6:2607:f8b0:4864:20::c2e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2D4CB183805 for ; Mon, 21 Mar 2022 10:25:35 -0700 (PDT) Received: by mail-oo1-xc2e.google.com with SMTP id q1-20020a4a7d41000000b003211b63eb7bso19961333ooe.6 for ; Mon, 21 Mar 2022 10:25:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=fmeIv2QDOzsS4zlc06LTh9pZ1GK8X0LxwrhNTBduaNE=; b=Ht6jx+xVr1kX1fn3bCqDejvCU3VXDWeBe8bNQskALug//Ri2sX9OThqeOZIA30pMVa aJWNsC0OZmC9yRDNN9uKgC/a5oWM3IMclnjP0GuPTSMg++dHdHHU1j1CN1FePWCbYgUI MpmFWOhO7XnThgsWfZyL5P++U+HBzMPzydUUaDOaSHOKv7hR76MByO0SNZTdT5XhNhXm +ypkONCBmSfYr3KSp/sVSGn59d/jcxg8j4DyVqjR89jMD80tNAX+EHyhxQnqttf84JOc MFRfcy19RtYm5Y/1sy2ScULSoYwMlIiov+Oya1AMJZEVFcDPvtLfOawzZ5CpZyMqCroG 7RJw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=fmeIv2QDOzsS4zlc06LTh9pZ1GK8X0LxwrhNTBduaNE=; b=CzlQsQ7fCkUqBiuEoNlfOGuL/dkLzZ8ZPZRdQJO3Cod3OpNlQRA4JWO9zfFxI2+iiD eZQjXPOFkU+fbzBbpxKqAGtHPIhz/oLk4ewSpS2D9G0G/6TquSC6nqylP3eUk/Ga6+Bz bTdblO6cBu4dZB7EEseCLuCFJhQFqAfcafHAY9sqbFzbO4/3Pc8YVxOKfAZXguTxFaxf BSbFUIFXCCFNN8pD/YRu53FR1hROB0AXEgQ30v5rSpq7g9XuU93yqMACQfQt21Qo963E bDJp4+70HIwsig17eXSFsq334pXDSLBdz6RBLDog/XnrJBmN5LhixS10TC/65F5EbkD9 dXCA== X-Gm-Message-State: AOAM530o+oTLKH0icjFwehrTxhCjXQtGg1vW4TICxPd5WmaXFUJxxIaO GZh7VYZr8A6geNqQtJY67rP2UCkhuH3yehwbtlkFeQ== X-Received: by 2002:a05:6870:40cc:b0:de:15e7:4df0 with SMTP id l12-20020a05687040cc00b000de15e74df0mr89545oal.110.1647883534190; Mon, 21 Mar 2022 10:25:34 -0700 (PDT) MIME-Version: 1.0 References: <20220321150214.1895231-1-pgonda@google.com> In-Reply-To: <20220321150214.1895231-1-pgonda@google.com> From: Marc Orr Date: Mon, 21 Mar 2022 10:25:22 -0700 Message-ID: Subject: Re: [PATCH] Add KVM_EXIT_SHUTDOWN metadata for SEV-ES To: Peter Gonda Cc: kvm list , Borislav Petkov , Tom Lendacky , Brijesh Singh , Joerg Roedel , Sean Christopherson , LKML Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-9.5 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Mar 21, 2022 at 8:02 AM Peter Gonda wrote: > > SEV-ES guests can request termination using the GHCB's MSR protocol. See > AMD's GHCB spec section '4.1.13 Termination Request'. Currently when a > guest does this the userspace VMM sees an KVM_EXIT_UNKNOWN (-EVINAL) > return code from KVM_RUN. By adding a KVM_EXIT_SHUTDOWN_ENTRY to kvm_run > struct the userspace VMM can clearly see the guest has requested a SEV-ES > termination including the termination reason code set and reason code. > > Signed-off-by: Peter Gonda > Cc: Borislav Petkov > Cc: Tom Lendacky > Cc: Brijesh Singh > Cc: Joerg Roedel > Cc: Marc Orr > Cc: Sean Christopherson > Cc: kvm@vger.kernel.org > Cc: linux-kernel@vger.kernel.org > > --- > > Tested by making an SEV-ES guest call sev_es_terminate() with hardcoded > reason code set and reason code and then observing the codes from the > userspace VMM in the kvm_run.shutdown.data fields. > > --- > arch/x86/kvm/svm/sev.c | 9 +++++++-- > include/uapi/linux/kvm.h | 12 ++++++++++++ > 2 files changed, 19 insertions(+), 2 deletions(-) > > diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c > index 75fa6dd268f0..5f9d37dd3f6f 100644 > --- a/arch/x86/kvm/svm/sev.c > +++ b/arch/x86/kvm/svm/sev.c > @@ -2735,8 +2735,13 @@ static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) > pr_info("SEV-ES guest requested termination: %#llx:%#llx\n", > reason_set, reason_code); > > - ret = -EINVAL; > - break; > + vcpu->run->exit_reason = KVM_EXIT_SHUTDOWN; > + vcpu->run->shutdown.reason = KVM_SHUTDOWN_SEV_TERM; > + vcpu->run->shutdown.ndata = 2; > + vcpu->run->shutdown.data[0] = reason_set; > + vcpu->run->shutdown.data[1] = reason_code; > + > + return 0; Maybe I'm missing something, but don't we want to keep returning an error? rationale: Current behavior: return -EINVAL to userpsace, but userpsace cannot infer where the -EINVAL came from. After this patch: We should still return -EINVAL to userspace, but now userspace can parse this new info in the KVM run struct to properly terminate. > } > default: > /* Error, keep GHCB MSR value as-is */ > diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h > index 8616af85dc5d..12138b8f290c 100644 > --- a/include/uapi/linux/kvm.h > +++ b/include/uapi/linux/kvm.h > @@ -271,6 +271,12 @@ struct kvm_xen_exit { > #define KVM_EXIT_XEN 34 > #define KVM_EXIT_RISCV_SBI 35 > > +/* For KVM_EXIT_SHUTDOWN */ > +/* Standard VM shutdown request. No additional metadata provided. */ > +#define KVM_SHUTDOWN_REQ 0 > +/* SEV-ES termination request */ > +#define KVM_SHUTDOWN_SEV_TERM 1 > + > /* For KVM_EXIT_INTERNAL_ERROR */ > /* Emulate instruction failed. */ > #define KVM_INTERNAL_ERROR_EMULATION 1 > @@ -311,6 +317,12 @@ struct kvm_run { > struct { > __u64 hardware_exit_reason; > } hw; > + /* KVM_EXIT_SHUTDOWN_ENTRY */ > + struct { > + __u64 reason; > + __u32 ndata; > + __u64 data[16]; > + } shutdown; > /* KVM_EXIT_FAIL_ENTRY */ > struct { > __u64 hardware_entry_failure_reason; > -- > 2.35.1.894.gb6a874cedc-goog >