Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp2925556rwd; Mon, 22 May 2023 06:25:19 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ4mYZsw69QLVTXPuzIf9J6aZlj6pbvbZSmKl0QbV4VqhYZUZqJ0gzxAdoUxN6Z6TjazZtCX X-Received: by 2002:a05:6a00:99c:b0:63d:5de3:b3f2 with SMTP id u28-20020a056a00099c00b0063d5de3b3f2mr15660331pfg.18.1684761919007; Mon, 22 May 2023 06:25:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1684761918; cv=none; d=google.com; s=arc-20160816; b=Jizn+Rz9R97GSL1iyvbzsfPVU22t21/Dy+rupITZfxSQwJaxK3PJDb2uOakBAU9Z9g yLmVYqhW19GYpdWl4PZVel5aUwiVDCjrPD52e0GFYuXnigfWwF3B7CJXul797WNuBvOl FTUbM/8vgT74QlmcEIHdh10F1cOZL9paw131Eazt6orpa3MhLvHz5r9stxk3+axOvHJj WjwNn3M+10aAF0YJaOyp9r/4qqS/nVQV8vlIL20iisC8SqdGwR0M+QJWCGkZtzss7kwT S152yf/OhaoMg9cz4fN3maJefY76VOxKTIhcWhgkzdoofJ6/5Pk/YUg0SqlH92zoY40J bxXQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature :dkim-signature; bh=lEvi79Gxxvx/sIBVBrhlm6IyM6SGPlhsdaMWWu+eBGw=; b=P8Kq/AKb6DQinnK49rQijABJuClM07zr+QhvrpJgYG6s9l2z2zzwTi7tH+daa++jJQ y6j4FRfh+eTeVpHksCXs8aA4WWlelnMWcbdXhy2fiASjMM48auDJwoEw0lKvqFHwCSGE qM38CsEHLYoAkiGM3A9JVo7NrSHDAQ8tpjUka5itmQKrLJfa/gl9BFe5L8MvKmREP82I Q8ai3bCfQfDG8Q7gawh/h2df8FRdU+ga+ob171403dmzX/KL7QOBi0rPhnNrY7XyCAf/ iNUn/hvCbv35ZSXSDR4d6sOzATl/R9gUV/MOJ1l/jyro21Z7YuWYToKpnazovz0Ja/C/ ybug== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=j5n2JGLl; dkim=neutral (no key) header.i=@suse.de; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=suse.de Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id v27-20020a637a1b000000b00534876e123dsi4840410pgc.144.2023.05.22.06.25.04; Mon, 22 May 2023 06:25:18 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=j5n2JGLl; dkim=neutral (no key) header.i=@suse.de; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=suse.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233420AbjEVMtB (ORCPT + 99 others); Mon, 22 May 2023 08:49:01 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50696 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231547AbjEVMs7 (ORCPT ); Mon, 22 May 2023 08:48:59 -0400 Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.220.29]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9B5DFAA; Mon, 22 May 2023 05:48:47 -0700 (PDT) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id 392E31FEE4; Mon, 22 May 2023 12:48:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1684759726; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=lEvi79Gxxvx/sIBVBrhlm6IyM6SGPlhsdaMWWu+eBGw=; b=j5n2JGLl2PokKhR7aCRJKHIjtIlTZ2AExnbbXGFj6BAI7B2aJa2Pwd9TYM5znONq5vf7Y8 YJKv+8P3luHLpKEQigD/Pk4oS/zNRmO8syCZwUcbfxtoPBARcNFrsFd2noo/0jX4M3fpse XywmrAl58ETlkzBpDeo902xCLk2fggw= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1684759726; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=lEvi79Gxxvx/sIBVBrhlm6IyM6SGPlhsdaMWWu+eBGw=; b=2zvpZoK09aSf2WjE+Bxc8gE4PdywUgtYSUO+KYGuOBjxI2EZGVjWKCKVOoIJacsCFyGcji jROBhmgFLOx7fUDA== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id A315D13776; Mon, 22 May 2023 12:48:45 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id 2vlZJq1ka2QJZAAAMHmgww (envelope-from ); Mon, 22 May 2023 12:48:45 +0000 Date: Mon, 22 May 2023 14:48:44 +0200 From: Joerg Roedel To: Tom Lendacky Cc: Ard Biesheuvel , linux-efi@vger.kernel.org, linux-kernel@vger.kernel.org, Evgeniy Baskov , Borislav Petkov , Andy Lutomirski , Dave Hansen , Ingo Molnar , Peter Zijlstra , Thomas Gleixner , Alexey Khoroshilov , Peter Jones , Gerd Hoffmann , Dave Young , Mario Limonciello , Kees Cook , "Kirill A . Shutemov" , Linus Torvalds Subject: Re: [PATCH v2 17/20] x86: efistub: Check SEV/SNP support while running in the firmware Message-ID: References: <20230508070330.582131-1-ardb@kernel.org> <20230508070330.582131-18-ardb@kernel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, May 19, 2023 at 09:04:46AM -0500, Tom Lendacky wrote: > Deferring the checks is probably the safest thing to do, since that would > match the way things are done today and known to work. I'm not sure what > other things might pop up if we stay with this approach, for example, page > state change calls using the GHCB MSR protocol that also don't save/restore > the MSR value. > > It is possible to audit these areas and stay with this approach, but I'm > wondering if that wouldn't be better done as a separate patch series. > > Adding @Joerg for any additional thoughts he might have around this area, too. If I got it correctly the patch actually moves two things before ExitBootServices: 1) SEV features check 2) SEV initialization I think it makes a lot of sense to have 1) before ExitBootServices. It allows to soft-fail in case the kernel does not support all required SEV-SNP features and move on to a kernel which does. This check also only needs the SEV_STATUS MSR and not any GHCB calls. The problem is the GHCB protocol negotiation with the HV, but the GHCB protocol is downward-compatible, so an older kernel can work with a newer HV. But 2) needs to stay after ExitBootServices, as it needs resources owned by UEFI, e.g. the GHCB MSR and potentially the configured GHCB itself. Fiddling around with the GHCB MSR while it is still owned by UEFI will bite us in one or the other way (e.g. UEFI, before ExitBootServices, is free to take IRQs with handlers that rely on the GHCB MSR content). Regards, Joerg