Received: by 2002:a05:6a10:144:0:0:0:0 with SMTP id 4csp153204pxw; Fri, 8 Apr 2022 04:05:22 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxEGYyi5r1hpNY4PhYMDLmyDEogXPv0rECaSJNZeP9I9+VkArlG6D87MpI5lvoesUimgkhp X-Received: by 2002:a17:907:9711:b0:6e8:4a3e:692c with SMTP id jg17-20020a170907971100b006e84a3e692cmr3060570ejc.296.1649415922489; Fri, 08 Apr 2022 04:05:22 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1649415922; cv=none; d=google.com; s=arc-20160816; b=x1JZ9BfDlfwXpSMFyNbH1w0wtjH5/wdu73Pqf36Zyr4b5QSytjWlj60MJxwh2/MY8H +AcGhYNQ/Vmya7DLzx5w0z/vbUE3reS6Lwv3ZGsK3+KxSHIaMlc8xlWvVsByojj4cngD tycvZc6rbRwyI5xIN98mkC8sPNmaxkzDaFB1mNNHXNZEtFeVHrQcqhySdNFV3yiGnITG VhQWdDCOv7yi/cdeOcSm/Aq2bfM0QsEdQ8yI+S4F1ewWRdnU1+Efyfh+YYQjNKhVw1Mr mPgoPGJ6nR7Ptg+gQOE5Eolr94gYptXWU+z1W9Ov+VSnYLwU/XJaJgybuqgdRkjNz19r d0sA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:robot-unsubscribe :robot-id:message-id:mime-version:references:in-reply-to:cc:subject :to:reply-to:sender:from:dkim-signature:dkim-signature:date; bh=CzPVVFUo8TuPgGereZMvL+A1ibQCd4jFEELtppx3i3Y=; b=SpoKyoLMoBfWEY4jjmWoc1WkZQiKDpi5llGiOrxBBP/VAiP8pE2dLFZMfmcquWuo6Q wKKJzzZcqhZNr2TQpCowTLdsGFt5pmCh5Wq+1/LKtW/lwrq69jENM8leJb/yZ5UG2Vh/ kAzdJuZC9a3+zUBOKsMF/OCqFtQOHSSsmWz2VXLyNcQm5K2SiuM79taa4KLgQMbru+GC zu5gMajOYjb23oUFvn/23UZpoJVWcxKl2cOHw/C9uf1YXGr9iMGq5NXux+zYpVz2vdpy zUcjRFn/Pu3PVnXGltEgdvLESBPpM43c+53LhinrxwydHInAnBIkMw26Z72NBUYC7Ih/ 7PZg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b=21La6cqM; dkim=neutral (no key) header.i=@linutronix.de header.s=2020e header.b=m+ZLk0DY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id x26-20020a170906135a00b006df76385e2dsi710438ejb.717.2022.04.08.04.04.36; Fri, 08 Apr 2022 04:05:22 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b=21La6cqM; dkim=neutral (no key) header.i=@linutronix.de header.s=2020e header.b=m+ZLk0DY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232810AbiDHJLU (ORCPT + 99 others); Fri, 8 Apr 2022 05:11:20 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34976 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232695AbiDHJKs (ORCPT ); Fri, 8 Apr 2022 05:10:48 -0400 Received: from galois.linutronix.de (Galois.linutronix.de [193.142.43.55]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1A6A7105AB2; Fri, 8 Apr 2022 02:08:44 -0700 (PDT) Date: Fri, 08 Apr 2022 09:08:41 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020; t=1649408922; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=CzPVVFUo8TuPgGereZMvL+A1ibQCd4jFEELtppx3i3Y=; b=21La6cqMZfUZOwJHZaOleMwx2UDfUHQ6zReqH6eOKlw4xPYnYtqhA9JslyZ+wEWt+1NsUl hgaAHZSOhtA9Ad+DrUVequxP4g6tOKPu9WghZ/i/QRQEqgS/avm3VP/v+OufnqPGx1FLGx j3Y8t1AIQIgF65lFDf40BYg7fyZOOEo+e/P3uQms9VtZ2nHfb4S6ky1RAhVz0+HG+Wy5E8 MMGA9k9VmWdEwhBkGRV58DtuCRsmKFKgBJwFWuASUJBiIy1Q1zu9zd3oocEB90KtvGrMs8 4A8qAjLHZyrJMjdyFLsNM5Y+0+4R/jOhuIndLM4mOcGFo9SCJoPxOQYLtfOPzA== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020e; t=1649408922; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=CzPVVFUo8TuPgGereZMvL+A1ibQCd4jFEELtppx3i3Y=; b=m+ZLk0DY3ZlSrTNGdOIppuMpSVOOVuLHh4fvyl13Yh55BMTDR6O+WT3BqumnDJG+8SupPW pDvvn/Mw8rPLcLDw== From: "tip-bot2 for Brijesh Singh" Sender: tip-bot2@linutronix.de Reply-to: linux-kernel@vger.kernel.org To: linux-tip-commits@vger.kernel.org Subject: [tip: x86/sev] x86/sev: Provide support for SNP guest request NAEs Cc: Brijesh Singh , Borislav Petkov , x86@kernel.org, linux-kernel@vger.kernel.org In-Reply-To: <20220307213356.2797205-42-brijesh.singh@amd.com> References: <20220307213356.2797205-42-brijesh.singh@amd.com> MIME-Version: 1.0 Message-ID: <164940892163.389.17769861371376066698.tip-bot2@tip-bot2> Robot-ID: Robot-Unsubscribe: Contact to get blacklisted from these emails Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The following commit has been merged into the x86/sev branch of tip: Commit-ID: d5af44dde5461d125d1602ac913ab5c6bdf09b8b Gitweb: https://git.kernel.org/tip/d5af44dde5461d125d1602ac913ab5c6bdf09b8b Author: Brijesh Singh AuthorDate: Mon, 07 Mar 2022 15:33:51 -06:00 Committer: Borislav Petkov CommitterDate: Thu, 07 Apr 2022 16:47:12 +02:00 x86/sev: Provide support for SNP guest request NAEs Version 2 of GHCB specification provides SNP_GUEST_REQUEST and SNP_EXT_GUEST_REQUEST NAE that can be used by the SNP guest to communicate with the PSP. While at it, add a snp_issue_guest_request() helper that will be used by driver or other subsystem to issue the request to PSP. See SEV-SNP firmware and GHCB spec for more details. Signed-off-by: Brijesh Singh Signed-off-by: Borislav Petkov Link: https://lore.kernel.org/r/20220307213356.2797205-42-brijesh.singh@amd.com --- arch/x86/include/asm/sev-common.h | 3 ++- arch/x86/include/asm/sev.h | 14 +++++++- arch/x86/include/uapi/asm/svm.h | 4 ++- arch/x86/kernel/sev.c | 57 ++++++++++++++++++++++++++++++- 4 files changed, 78 insertions(+) diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index 0759af9..b8357d6 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -128,6 +128,9 @@ struct snp_psc_desc { struct psc_entry entries[VMGEXIT_PSC_MAX_ENTRY]; } __packed; +/* Guest message request error code */ +#define SNP_GUEST_REQ_INVALID_LEN BIT_ULL(32) + #define GHCB_MSR_TERM_REQ 0x100 #define GHCB_MSR_TERM_REASON_SET_POS 12 #define GHCB_MSR_TERM_REASON_SET_MASK 0xf diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 84d3d51..c63a1d4 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -87,6 +87,14 @@ extern bool handle_vc_boot_ghcb(struct pt_regs *regs); #define RMPADJUST_VMSA_PAGE_BIT BIT(16) +/* SNP Guest message request */ +struct snp_req_data { + unsigned long req_gpa; + unsigned long resp_gpa; + unsigned long data_gpa; + unsigned int data_npages; +}; + #ifdef CONFIG_AMD_MEM_ENCRYPT extern struct static_key_false sev_es_enable_key; extern void __sev_es_ist_enter(struct pt_regs *regs); @@ -154,6 +162,7 @@ void snp_set_memory_private(unsigned long vaddr, unsigned int npages); void snp_set_wakeup_secondary_cpu(void); bool snp_init(struct boot_params *bp); void snp_abort(void); +int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, unsigned long *fw_err); #else static inline void sev_es_ist_enter(struct pt_regs *regs) { } static inline void sev_es_ist_exit(void) { } @@ -173,6 +182,11 @@ static inline void snp_set_memory_private(unsigned long vaddr, unsigned int npag static inline void snp_set_wakeup_secondary_cpu(void) { } static inline bool snp_init(struct boot_params *bp) { return false; } static inline void snp_abort(void) { } +static inline int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, + unsigned long *fw_err) +{ + return -ENOTTY; +} #endif #endif diff --git a/arch/x86/include/uapi/asm/svm.h b/arch/x86/include/uapi/asm/svm.h index cfea5e8..f69c168 100644 --- a/arch/x86/include/uapi/asm/svm.h +++ b/arch/x86/include/uapi/asm/svm.h @@ -109,6 +109,8 @@ #define SVM_VMGEXIT_SET_AP_JUMP_TABLE 0 #define SVM_VMGEXIT_GET_AP_JUMP_TABLE 1 #define SVM_VMGEXIT_PSC 0x80000010 +#define SVM_VMGEXIT_GUEST_REQUEST 0x80000011 +#define SVM_VMGEXIT_EXT_GUEST_REQUEST 0x80000012 #define SVM_VMGEXIT_AP_CREATION 0x80000013 #define SVM_VMGEXIT_AP_CREATE_ON_INIT 0 #define SVM_VMGEXIT_AP_CREATE 1 @@ -225,6 +227,8 @@ { SVM_VMGEXIT_AP_HLT_LOOP, "vmgexit_ap_hlt_loop" }, \ { SVM_VMGEXIT_AP_JUMP_TABLE, "vmgexit_ap_jump_table" }, \ { SVM_VMGEXIT_PSC, "vmgexit_page_state_change" }, \ + { SVM_VMGEXIT_GUEST_REQUEST, "vmgexit_guest_request" }, \ + { SVM_VMGEXIT_EXT_GUEST_REQUEST, "vmgexit_ext_guest_request" }, \ { SVM_VMGEXIT_AP_CREATION, "vmgexit_ap_creation" }, \ { SVM_VMGEXIT_HV_FEATURES, "vmgexit_hypervisor_feature" }, \ { SVM_EXIT_ERR, "invalid_guest_state" } diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index 70ecc6e..7237b41 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -2106,3 +2106,60 @@ static int __init init_sev_config(char *str) return 1; } __setup("sev=", init_sev_config); + +int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, unsigned long *fw_err) +{ + struct ghcb_state state; + struct es_em_ctxt ctxt; + unsigned long flags; + struct ghcb *ghcb; + int ret; + + if (!cc_platform_has(CC_ATTR_GUEST_SEV_SNP)) + return -ENODEV; + + if (!fw_err) + return -EINVAL; + + /* + * __sev_get_ghcb() needs to run with IRQs disabled because it is using + * a per-CPU GHCB. + */ + local_irq_save(flags); + + ghcb = __sev_get_ghcb(&state); + if (!ghcb) { + ret = -EIO; + goto e_restore_irq; + } + + vc_ghcb_invalidate(ghcb); + + if (exit_code == SVM_VMGEXIT_EXT_GUEST_REQUEST) { + ghcb_set_rax(ghcb, input->data_gpa); + ghcb_set_rbx(ghcb, input->data_npages); + } + + ret = sev_es_ghcb_hv_call(ghcb, true, &ctxt, exit_code, input->req_gpa, input->resp_gpa); + if (ret) + goto e_put; + + if (ghcb->save.sw_exit_info_2) { + /* Number of expected pages are returned in RBX */ + if (exit_code == SVM_VMGEXIT_EXT_GUEST_REQUEST && + ghcb->save.sw_exit_info_2 == SNP_GUEST_REQ_INVALID_LEN) + input->data_npages = ghcb_get_rbx(ghcb); + + *fw_err = ghcb->save.sw_exit_info_2; + + ret = -EIO; + } + +e_put: + __sev_put_ghcb(&state); +e_restore_irq: + local_irq_restore(flags); + + return ret; +} +EXPORT_SYMBOL_GPL(snp_issue_guest_request);