Received: by 2002:a05:7412:31a9:b0:e2:908c:2ebd with SMTP id et41csp4078019rdb;
        Thu, 14 Sep 2023 11:03:33 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IHHYcEg9XTY18qLRsu3ptp0+CT0ykYSy1ALp03H4WXLQ0SsUGa4BQfKbXB/Ss1CAQZZdQjA
X-Received: by 2002:a17:90a:bc82:b0:274:9121:382 with SMTP id x2-20020a17090abc8200b0027491210382mr521187pjr.22.1694714613362;
        Thu, 14 Sep 2023 11:03:33 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1694714613; cv=none;
        d=google.com; s=arc-20160816;
        b=0O9Sr1ZVSqpiwMIDqrHZBJucjjjMryva4HRfxR1Vu6y7vj4TsWyhUwLjb9kY2yqmot
         jyXWusmZbZiAIHdv+QG3aBZzhwamMZWYCRxX+S1pAU7QCzPgFFAHWqS8M5vLSd4/dfCA
         M56hRBblQPnFAwnTd9QCjmREEXWxxqCfEUn8ko0MMR+CHgWsMvocCG2TJOpp6jTyugd5
         pwqBNwEd0wMR3Lq/WIZHZWFl0BEQejt9+qnfy1GUzlQCJyO+t8R2xDYiAvbO8XWdQL2e
         Q7qQjCZY9TrEZvVR92GaW1HSFDjQuXz3uU0F7IRaxgnz5+qQKzg/XJes5flLd31BZuhr
         rD+g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=TtoXZ/pQNkEqCBXMtNXgksrcX+5MWi30v+keLPXJCD4=;
        fh=jQqUhNQZPAXcZ44u72Wu3jv2pQizzn2Be2T8mkd1RwU=;
        b=BNY8/vmfzWU8Mk6wWcAYLir9qwT4MRvsebOhyfpBnALx7ur++NSATNuNlwOkxuUUNU
         Jj2/gQekZNDeqwZSKn6WcKtLD+cIaXlnEhSWhU80bEFyM/SmswooDe3z0xebdDHkkDqq
         I3CRRfl8S3/PdNoH2AdsWHasMiuax0R1cI2ATnBPg6F2cpofXvqfmtsJNKjW0bTGKPRn
         8dIw3UX15erc0WpBSowlAL/QfAaCSEEk43PyTAoN4sVH05lXz9ixa3/cWGsdQojOSxyO
         sBeiMI4xWwZe0Dv5KUz6EHRSIeUbcTWJq9FZ9++C2FskSE4ec0IMvfNLO4+EoRe6e8PS
         49tw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=RTNOUhVP;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from howler.vger.email (howler.vger.email. [2620:137:e000::3:4])
        by mx.google.com with ESMTPS id p26-20020a63741a000000b005653e3f6d58si1838805pgc.748.2023.09.14.11.03.26
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 14 Sep 2023 11:03:33 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) client-ip=2620:137:e000::3:4;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=RTNOUhVP;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by howler.vger.email (Postfix) with ESMTP id DB5028283A65;
	Thu, 14 Sep 2023 02:39:30 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at howler.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S237518AbjINJj1 (ORCPT <rfc822;benbjiang@gmail.com> + 99 others);
        Thu, 14 Sep 2023 05:39:27 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49956 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S237415AbjINJi2 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 14 Sep 2023 05:38:28 -0400
Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.88])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 611C61FD6;
        Thu, 14 Sep 2023 02:38:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1694684303; x=1726220303;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=FIh7tQ4a/6RDY7CSVW6DQiHz8WUvFOSxCbxKQrBiXtw=;
  b=RTNOUhVPT+fzWnrT8nSyUgNgjU6ZmZz5xlZKATnOpd9HbQUz6JO8zHRi
   B86Buypd0R6nvRSyznsc9AFGWdzltMlcAwhqEzrdqemZHiE4xESYzhTbD
   0kQoqUtTiUPT4JRXJ+pKomTEPggB54eAGCMKBr5YDpD+u+5E2vmCmjgz3
   3ENOIYD7rGrcwPgPR3kMO5fM1bq811YaD7RJX34RYPR1Hr78k1Wa6aXnF
   S/1BqvtIs38XDcmjtdvuYxxf4KXuEYj8JjHmlSlReRoj4M0ByH3QuPuir
   lnheiA0m/ynSuzU58g1Irru35LGBZ5h4viOUIiv8S0ZtUsgYLMKMqq49i
   Q==;
X-IronPort-AV: E=McAfee;i="6600,9927,10832"; a="409857421"
X-IronPort-AV: E=Sophos;i="6.02,145,1688454000"; 
   d="scan'208";a="409857421"
Received: from fmsmga007.fm.intel.com ([10.253.24.52])
  by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Sep 2023 02:38:23 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10832"; a="747656287"
X-IronPort-AV: E=Sophos;i="6.02,145,1688454000"; 
   d="scan'208";a="747656287"
Received: from embargo.jf.intel.com ([10.165.9.183])
  by fmsmga007-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Sep 2023 02:38:22 -0700
From:   Yang Weijiang <weijiang.yang@intel.com>
To:     seanjc@google.com, pbonzini@redhat.com, kvm@vger.kernel.org,
        linux-kernel@vger.kernel.org
Cc:     dave.hansen@intel.com, peterz@infradead.org, chao.gao@intel.com,
        rick.p.edgecombe@intel.com, weijiang.yang@intel.com,
        john.allen@amd.com
Subject: [PATCH v6 20/25] KVM: x86: Save and reload SSP to/from SMRAM
Date:   Thu, 14 Sep 2023 02:33:20 -0400
Message-Id: <20230914063325.85503-21-weijiang.yang@intel.com>
X-Mailer: git-send-email 2.27.0
In-Reply-To: <20230914063325.85503-1-weijiang.yang@intel.com>
References: <20230914063325.85503-1-weijiang.yang@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (howler.vger.email [0.0.0.0]); Thu, 14 Sep 2023 02:39:31 -0700 (PDT)

Save CET SSP to SMRAM on SMI and reload it on RSM. KVM emulates HW arch
behavior when guest enters/leaves SMM mode,i.e., save registers to SMRAM
at the entry of SMM and reload them at the exit to SMM. Per SDM, SSP is
one of such registers on 64bit Arch, so add the support for SSP.

Suggested-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Yang Weijiang <weijiang.yang@intel.com>
---
 arch/x86/kvm/smm.c | 8 ++++++++
 arch/x86/kvm/smm.h | 2 +-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kvm/smm.c b/arch/x86/kvm/smm.c
index b42111a24cc2..235fca95f103 100644
--- a/arch/x86/kvm/smm.c
+++ b/arch/x86/kvm/smm.c
@@ -275,6 +275,10 @@ static void enter_smm_save_state_64(struct kvm_vcpu *vcpu,
 	enter_smm_save_seg_64(vcpu, &smram->gs, VCPU_SREG_GS);
 
 	smram->int_shadow = static_call(kvm_x86_get_interrupt_shadow)(vcpu);
+
+	if (guest_can_use(vcpu, X86_FEATURE_SHSTK))
+		KVM_BUG_ON(kvm_msr_read(vcpu, MSR_KVM_SSP, &smram->ssp),
+			   vcpu->kvm);
 }
 #endif
 
@@ -565,6 +569,10 @@ static int rsm_load_state_64(struct x86_emulate_ctxt *ctxt,
 	static_call(kvm_x86_set_interrupt_shadow)(vcpu, 0);
 	ctxt->interruptibility = (u8)smstate->int_shadow;
 
+	if (guest_can_use(vcpu, X86_FEATURE_SHSTK))
+		KVM_BUG_ON(kvm_msr_write(vcpu, MSR_KVM_SSP, smstate->ssp),
+			   vcpu->kvm);
+
 	return X86EMUL_CONTINUE;
 }
 #endif
diff --git a/arch/x86/kvm/smm.h b/arch/x86/kvm/smm.h
index a1cf2ac5bd78..1e2a3e18207f 100644
--- a/arch/x86/kvm/smm.h
+++ b/arch/x86/kvm/smm.h
@@ -116,8 +116,8 @@ struct kvm_smram_state_64 {
 	u32 smbase;
 	u32 reserved4[5];
 
-	/* ssp and svm_* fields below are not implemented by KVM */
 	u64 ssp;
+	/* svm_* fields below are not implemented by KVM */
 	u64 svm_guest_pat;
 	u64 svm_host_efer;
 	u64 svm_host_cr4;
-- 
2.27.0