Received: by 2002:a89:48b:0:b0:1f5:f2ab:c469 with SMTP id a11csp94025lqd; Tue, 23 Apr 2024 16:13:34 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCWah/ZTbY7MY3v30LePmm9+w/8eUsfDhY27YCTwNOyGgjqf2JBnHfFviKZcxMpDSeqS60CkIoy0y6sBPM3SQWppDPChuOtHzcKpw9r+Cw== X-Google-Smtp-Source: AGHT+IFuDyOfFRG6sbDaa80LN4YJ8mgAu+R7EE1Fkll5lc8UDL6DRD+S323GpWVpAwIC1bsUuDAn X-Received: by 2002:a05:6a00:194f:b0:6ed:21c0:986c with SMTP id s15-20020a056a00194f00b006ed21c0986cmr1229454pfk.24.1713914013894; Tue, 23 Apr 2024 16:13:33 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1713914013; cv=pass; d=google.com; s=arc-20160816; b=JI6Y9uevyKwtu/5DGoIk8XzZ141GnaAinzMRhq1JJc4RkZFx2aBQLNEvGp3yxv4BUI N6agSvVqfNTZenutgtT95OJVq8k+8LYTgaWiZAw0Kxn9wm3AD+uNFMEG1qJliBOaG5Gd CTV1e05BwHMuIFmZ5cV+slbWIaM2F+aUAuASvsU4hx52TC02MyYol0gjMxwvXKI8GfqD KjWDNgVqbUVQxDX43NqXpqJKeC4mNyOixSJX5howsW9eBlphkZ1lKDm9Pbw5kz0vicX/ GpHVIBfClbkGVKkUO/NyCdUG1ozhlltwqTFhV9rwlEEe57x76clSchcCX8pDVxLXgLMC 1Ygw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=cc:to:from:subject:message-id:references:mime-version :list-unsubscribe:list-subscribe:list-id:precedence:in-reply-to:date :dkim-signature; bh=Uezg6+/4AiQv/6erEn8oKEVi+a/EdVmsvmMSGq8YULU=; fh=nY5bXk717MDxRV8TE1aukVdfwE+MYoSnijlZRt1pyQo=; b=VFAayAfq7SKJXiidS4B/O8SykmeBrFQrz1wmn8tKscOZuiBN7Pz6pKZoeVZ0vfYo7I rqVTHuMm6tGsjRBJibxmmxenitHNtdPjsY21Db6Z474ZaOiPcURIcWWWEXwr7yeY/CBB 2m+SHonpodK2Q8S6+AkeNn5aS51S7rUV4LG3mt/gr3jckAn75+F6YJzEq4XjBsKDBvCv GqhyrdNHlpaYO9qiKPQxeM6HCB++7tO7+Oui9y5kulls2awEUoAqTMdrR712LkfpdsXK G8jrmED7M4dShNIoEVVRRS2PXb+Tkr8mnU+JOCVBrHhJ4eR7cszDCdP8+6RHSjnyttU/ GlRQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=SqSM9wpL; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-155993-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-155993-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id ei3-20020a056a0080c300b006eab1d8a23asi10321735pfb.172.2024.04.23.16.13.33 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 23 Apr 2024 16:13:33 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-155993-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=SqSM9wpL; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-155993-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-155993-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 0C991287F0C for ; Tue, 23 Apr 2024 23:13:07 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id BF60A36B11; Tue, 23 Apr 2024 23:13:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="SqSM9wpL" Received: from mail-pl1-f201.google.com (mail-pl1-f201.google.com [209.85.214.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 914E21C687 for ; Tue, 23 Apr 2024 23:12:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713913979; cv=none; b=ALtTioqnAfy45ZBIP+hWIutQrnJPJq+ukFUXx8yof2F5heHIsdxNV2rUFyvYvr1vO1CsiyLCeIoO+iM+5utgeJzhi0IDy5+NniQhq6CxH70n41OwL2OupULvgfvsIJCGaBNeitXsL64itFdLH0fBEhKOhG1S5T67wJhPywuZwVE= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713913979; c=relaxed/simple; bh=sCpL9Ppk/ORzgqDDGhuPamN44HwVbG4fiKQNU+9M14g=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=cXa3IQUAe90xQlbJUdFtUIW0zurwpKt1K0XZvy6kcGZqnHRaZP57u4lzF/mXVaA8o/ZX8wx40GfPvnAEutmMRFUhdovOeTRwzFISdTeGhGvyl0a70MyDIUGED/5A1TNuO/JcWbCc+NfR+Zdp6zwO9/h+VRmjtf/MuIM7jwuWYOY= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=SqSM9wpL; arc=none smtp.client-ip=209.85.214.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Received: by mail-pl1-f201.google.com with SMTP id d9443c01a7336-1e2a1619cfcso2781905ad.0 for ; Tue, 23 Apr 2024 16:12:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1713913978; x=1714518778; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=Uezg6+/4AiQv/6erEn8oKEVi+a/EdVmsvmMSGq8YULU=; b=SqSM9wpLd8s4WuzKJLGjc3Ddv7mzCh5PxYlt5cMRUWTpxifmimGqJwPpmp3YPtKW0I dNp0YMvl4TQdFBorRvtK47FAQxla23Xbpgzh+4Fx+ry9mJv7eTIws6oBIYhillmNTn99 8VrAbxHunf1EV/wY6xMCmb6c2zLZURMtdySy2Onp9n9as1bednrGNF2uWfX6oCBVcBmI kNKK2Ast3HBR/95ixbILYYhK25Y+Ssgd58sU6nVJ3B30K6+vcZGcLfC5ry9xvXUz9OwM Da/CPwaq77TCTBtjAAtVQcXIrHezolPOlMW0l5vABdruMsSIH1SLM5tg6uyzPLMa1Nk+ OT9w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1713913978; x=1714518778; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=Uezg6+/4AiQv/6erEn8oKEVi+a/EdVmsvmMSGq8YULU=; b=cb4EPVVMKZcVAOfCHNYqWLDwKySTdHBnwDXmLdVWkZ6ze07SglUqvQQB/zFW4QVOGJ BVgjlZKme52L4jfjgj8ZC7xvLpOAzB0UMpTFqNtYhDZ0D1HQAn45F5XR58GZmq7Medhg uKZgpbEENpUVjE8ye5f/1mtDVgnRKOhqt0Wtv6F6gnYqMBwczcDIZdrbVXKtV/3+NVMd CkBwlhNIGmmTBuVhqw8qgPQczdfs9acXjW97MASkx7T7wnGbDICtLPXuyOEBE7mBvvoe a6FlghZ/QVTUSB4jC/PMPMFmjvIBlBG8XPuspwGXZ1kz4mQbgY3gxnIzjYwbSAiWv0Xj Q0lA== X-Gm-Message-State: AOJu0YyV/gGBNu5EtSbRNWXzRuB3srqxFXLAw7bmzQTRLramG/vMv+wk ZHo3KrUuDZvjyY6G4IBjWvl8zS/LrAhuLNS6IJxqirv0EKXq6s2cElfhZw1S0r49X5+0NW1S61f PRQ== X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:902:e5cd:b0:1e5:5c69:fcd7 with SMTP id u13-20020a170902e5cd00b001e55c69fcd7mr65483plf.5.1713913977816; Tue, 23 Apr 2024 16:12:57 -0700 (PDT) Date: Tue, 23 Apr 2024 16:12:56 -0700 In-Reply-To: <20240409133959.2888018-6-pgonda@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240409133959.2888018-1-pgonda@google.com> <20240409133959.2888018-6-pgonda@google.com> Message-ID: Subject: Re: [PATCH 5/6] Add is_sev_enabled() helpers From: Sean Christopherson To: Peter Gonda Cc: linux-kernel@vger.kernel.org, Paolo Bonzini , Claudio Imbrenda , Carlos Bilbao , Tom Lendacky , Michael Roth Content-Type: text/plain; charset="us-ascii" On Tue, Apr 09, 2024, Peter Gonda wrote: > Add helper functions for guest code to check the status of SEV and > SEV-ES. Why? The names are super ambiguous, e.g. they could just as easily mean "is SEV enabled in KVM" or "is SEV enabled in CPUID". And if an assert fires because is_sev_es_enabled() returns false, the user will get a _worse_ error message because all they'll know is _something_ in is_sev_es_enabled() failed, not which MSR bit came back 'bad. > Cc: Paolo Bonzini > Cc: Claudio Imbrenda > Cc: Sean Christopherson > Cc: Carlos Bilbao > Cc: Tom Lendacky > Cc: Michael Roth > Signed-off-by: Peter Gonda > --- > tools/testing/selftests/kvm/include/x86_64/sev.h | 3 +++ > tools/testing/selftests/kvm/lib/x86_64/sev.c | 11 +++++++++++ > tools/testing/selftests/kvm/x86_64/sev_smoke_test.c | 5 ++--- > 3 files changed, 16 insertions(+), 3 deletions(-) > > diff --git a/tools/testing/selftests/kvm/include/x86_64/sev.h b/tools/testing/selftests/kvm/include/x86_64/sev.h > index bfd481707f67..691dc005e2a1 100644 > --- a/tools/testing/selftests/kvm/include/x86_64/sev.h > +++ b/tools/testing/selftests/kvm/include/x86_64/sev.h > @@ -106,4 +106,7 @@ static inline void sev_launch_update_data(struct kvm_vm *vm, vm_paddr_t gpa, > vm_sev_ioctl(vm, KVM_SEV_LAUNCH_UPDATE_DATA, &update_data); > } > > +bool is_sev_enabled(void); > +bool is_sev_es_enabled(void); > + > #endif /* SELFTEST_KVM_SEV_H */ > diff --git a/tools/testing/selftests/kvm/lib/x86_64/sev.c b/tools/testing/selftests/kvm/lib/x86_64/sev.c > index 27ae1d3b1355..5b3f0a8a931a 100644 > --- a/tools/testing/selftests/kvm/lib/x86_64/sev.c > +++ b/tools/testing/selftests/kvm/lib/x86_64/sev.c > @@ -189,3 +189,14 @@ struct kvm_vm *vm_sev_create_with_one_vcpu(uint32_t policy, void *guest_code, > > return vm; > } > + > +bool is_sev_enabled(void) > +{ > + return rdmsr(MSR_AMD64_SEV) & MSR_AMD64_SEV_ENABLED; > +} > + > +bool is_sev_es_enabled(void) > +{ > + return is_sev_enabled() && > + rdmsr(MSR_AMD64_SEV) & MSR_AMD64_SEV_ES_ENABLED; > +} > diff --git a/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c b/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c > index 026779f3ed06..1d84e78e7ae2 100644 > --- a/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c > +++ b/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c > @@ -16,8 +16,7 @@ > static void guest_sev_es_code(void) > { > /* TODO: Check CPUID after GHCB-based hypercall support is added. */ > - GUEST_ASSERT(rdmsr(MSR_AMD64_SEV) & MSR_AMD64_SEV_ENABLED); > - GUEST_ASSERT(rdmsr(MSR_AMD64_SEV) & MSR_AMD64_SEV_ES_ENABLED); > + GUEST_ASSERT(is_sev_es_enabled()); > > /* > * TODO: Add GHCB and ucall support for SEV-ES guests. For now, simply > @@ -30,7 +29,7 @@ static void guest_sev_es_code(void) > static void guest_sev_code(void) > { > GUEST_ASSERT(this_cpu_has(X86_FEATURE_SEV)); > - GUEST_ASSERT(rdmsr(MSR_AMD64_SEV) & MSR_AMD64_SEV_ENABLED); > + GUEST_ASSERT(is_sev_enabled()); > > GUEST_DONE(); > } > -- > 2.44.0.478.gd926399ef9-goog >