Received: by 2002:a05:6500:2018:b0:1fb:9675:f89d with SMTP id t24csp502772lqh; Fri, 31 May 2024 07:54:57 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCX8CoNrxXIGsiYbpbFPQd7+fLOeKRoNYmwQqbWMkSyNnG5UBMyd1gP1QFm61QG0wzrb4ikgvfNJmnq30tf7CswD34jVyx6XYX6+1Ya8Zg== X-Google-Smtp-Source: AGHT+IESDzLnY65hxagixWPcE61uXCc6is14hYVOU30yPWUHXw+shX9Y0IbcO7wELyBM1vx9XErl X-Received: by 2002:a17:902:ce8e:b0:1f2:fee2:82ed with SMTP id d9443c01a7336-1f635a89c31mr29972275ad.30.1717167297470; Fri, 31 May 2024 07:54:57 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1717167297; cv=pass; d=google.com; s=arc-20160816; b=ELURq1P/PoJkOITJ2fU6t0DKvz7ZdFkqPxSsrMxukuztRuaaN+AYglnW+UJdEkQdTy 1pi5hloaiC5m8ixaNq+hnWQeX7Jwy1gsDADQbLeWT/qK70Gjou0e1+0PfDgNwzOERlGH o0AwutZCnS+BWf+eZT1y8F8fifmK73734hI0zUe0iBmUCfjk6+nEHqpbgTZBQrZ7X+Jm APQVJuQ6OvgJpos+KmbVD7PCfSPX9j9VFoCs6/OB55/6+lP5YsWhi5H4W37lVs21VVev ZzEl4Xj1dFoqM9uGTX3IC9c3iazxI/bqoG/ggSE0YNfpBMjQAhiUnH+/pljqO6BPaYhv lW7g== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=58EpTMbYkdabimCKAYW9OCshcGz6t3rQsUDOZo5HP9E=; fh=yOXSm0E/8tOfmRnhk0JfE6MKLQieMwDr2DHng9Fw+Y4=; b=ezrWuTmZn37LCHt5KWxcwpVpPRjsVAVm+WuKdNM0aSK/lg6yzsJ0z9Lnk8Zt7hYmXb ZeQGkSCIwuaFozGXRzm8uZ/grlnR2jD2kMi55X78EpptbuYYl9JV3y8+X+S8Zn7Ypout d/yLifb0WeITQne0DpwH9T5QRgoIJAu25tWUOLZkbvAlUkODnDDg89LNVLWnbec3DsGi lCwRDdqugiAsU1OH+ARE83TDFMMS/RPxuOmYStdbZQhMWckuCsbIKVTC10NaC2d6qvSl TwmGqtk/OHIADyfYoI5FtnIFKCyNl/xCqEYjsMLAYR1TLJrY9CYhl4fsaNye8Cd2CKaE tTxg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@alien8.de header.s=alien8 header.b=W0I6x00J; arc=pass (i=1 spf=pass spfdomain=alien8.de dkim=pass dkdomain=alien8.de dmarc=pass fromdomain=alien8.de); spf=pass (google.com: domain of linux-kernel+bounces-197015-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-197015-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id d9443c01a7336-1f63b63c3b3si11269725ad.554.2024.05.31.07.54.57 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 31 May 2024 07:54:57 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-197015-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@alien8.de header.s=alien8 header.b=W0I6x00J; arc=pass (i=1 spf=pass spfdomain=alien8.de dkim=pass dkdomain=alien8.de dmarc=pass fromdomain=alien8.de); spf=pass (google.com: domain of linux-kernel+bounces-197015-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-197015-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id D023128BF67 for ; Fri, 31 May 2024 14:54:56 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 1CD3F57CAC; Fri, 31 May 2024 14:54:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (4096-bit key) header.d=alien8.de header.i=@alien8.de header.b="W0I6x00J" Received: from mail.alien8.de (mail.alien8.de [65.109.113.108]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 842EF54656 for ; Fri, 31 May 2024 14:54:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=65.109.113.108 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717167290; cv=none; b=On4QGM2Zevxskx2t2Jn4mUP4Dj1hKjwBtgl6apr5RwaQgcjs1FfoAeN+w03DyNvRFM/XHREUw4YvwEl5Db3Qc5m3cknhrocWnmQj6ZskhDhfMDDBmL3ngzYrihn8jpjdPOGCJDrSATwBoFGWTs0BfkmgEjhgvwmaBc+SL+3QcqM= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717167290; c=relaxed/simple; bh=nE6E5FLTG/e2GjVjjRLiE2nCKGeY5JRM73xX44CiF2I=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=ok+X3lbnpjl8HZwhek8iR9v30ZCayiaeg6ykUmIDKf+l215dY2tuiHm/0V7CqoXDOwfg4IJzNJScDVI1I/0wzkX+ev7PIKrx9eaamIzlDBZjR2q27KJ3Fxg7TznlIo5s5sNfPzM+Q9fPVONWKY9zvQgbUIfUQm9FfIbyHqnGniE= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=alien8.de; spf=pass smtp.mailfrom=alien8.de; dkim=pass (4096-bit key) header.d=alien8.de header.i=@alien8.de header.b=W0I6x00J; arc=none smtp.client-ip=65.109.113.108 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=alien8.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=alien8.de Received: from localhost (localhost.localdomain [127.0.0.1]) by mail.alien8.de (SuperMail on ZX Spectrum 128k) with ESMTP id 60BC340E0192; Fri, 31 May 2024 14:54:46 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at mail.alien8.de Authentication-Results: mail.alien8.de (amavisd-new); dkim=pass (4096-bit key) header.d=alien8.de Received: from mail.alien8.de ([127.0.0.1]) by localhost (mail.alien8.de [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id qvqEUXbV9wpc; Fri, 31 May 2024 14:54:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=alien8; t=1717167283; bh=58EpTMbYkdabimCKAYW9OCshcGz6t3rQsUDOZo5HP9E=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=W0I6x00J/49wxEJY5mcGi+Ee/7ux9OkCg8FKdonfy6EHM4jhdUVuzdONymdlpKvoa GC8SiOP7VGH+GsJb9WHz3jJAhEYw24DoZ3L8lc3oS1SEna9SpKZV0cl8AQ3qLKGRBH pblskE9F1L3aHhMiNkV23IRI16CfGEMtMXzgXWsQaSozT/QEzI2BUOXdfqeP3Hef/b yYlqImxFw692YnUyWCX34dNyJlQSGj9+LpJdleiNjzYjmuSiF+eDD2p6V0w4rFEXZR QtUFUvPOxesHvbFgsKtQkq1BVEQdpash+aQUG4CB31lNGuG/g14OVNzrgNZZ35PIGv TRtfkm5uNgHXVhmFGokaTjZpTpeJfijDwgWQcITARdycPmJpfZXcXYeUjsqvpGUcY7 ChmllTTE/rw3uLw9e3Bla1reamgTVCTBmj7Hia3f+FR2C2NcVtWklys1aK5QX1ddiR 5pKL6DuP/fHP08iXsMEZXYExJu9jieS4Gig6F+vSqbDuPvgclVwANMax9xrUSHPmy4 NW4zWpYjcl0dOiBYF3xfKFxiOlcoHUyMgm+aXcMPfTrigItdAYfzL+R/TjVodZD8X+ wCf/UJJDCSPfgKzzDcXtAxrurLzqETi3D1fzENYGR2p46Tw3f1MT9tzVJDow/ivMV3 yor/Ui+B20oEvb7+cOgWJMaU= Received: from zn.tnic (p5de8ee85.dip0.t-ipconnect.de [93.232.238.133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail.alien8.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id EB2BC40E01E8; Fri, 31 May 2024 14:54:28 +0000 (UTC) Date: Fri, 31 May 2024 16:54:23 +0200 From: Borislav Petkov To: Tom Lendacky Cc: linux-kernel@vger.kernel.org, x86@kernel.org, linux-coco@lists.linux.dev, svsm-devel@coconut-svsm.dev, Thomas Gleixner , Ingo Molnar , Dave Hansen , "H. Peter Anvin" , Andy Lutomirski , Peter Zijlstra , Dan Williams , Michael Roth , Ashish Kalra Subject: Re: [PATCH v4 15/15] x86/sev: Allow non-VMPL0 execution when an SVSM is present Message-ID: <20240531145423.GLZlnkn4JHSyh4-G8P@fat_crate.local> References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: On Wed, Apr 24, 2024 at 10:58:11AM -0500, Tom Lendacky wrote: > @@ -624,8 +626,12 @@ void sev_enable(struct boot_params *bp) > * modifies permission bits, it is still ok to do so currently because Linux > * SNP guests running at VMPL0 only run at VMPL0, so VMPL1 or higher > * permission mask changes are a don't-care. > + * > + * Running at VMPL0 is not required if an SVSM is present and the hypervisor > + * supports the required SVSM GHCB events. > */ > - if (rmpadjust((unsigned long)&boot_ghcb_page, RMP_PG_SIZE_4K, 1)) > + if (rmpadjust((unsigned long)&boot_ghcb_page, RMP_PG_SIZE_4K, 1) && > + !(vmpl && (hv_features & GHCB_HV_FT_SNP_MULTI_VMPL))) > sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_NOT_VMPL0); > } Let's make that more readable: diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c index fb1e60165cd1..157f749faba0 100644 --- a/arch/x86/boot/compressed/sev.c +++ b/arch/x86/boot/compressed/sev.c @@ -610,8 +610,10 @@ void sev_enable(struct boot_params *bp) * features. */ if (sev_status & MSR_AMD64_SEV_SNP_ENABLED) { - u64 hv_features = get_hv_features(); + u64 hv_features; + int rmpadj_ret; + hv_features = get_hv_features(); if (!(hv_features & GHCB_HV_FT_SNP)) sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SNP_UNSUPPORTED); @@ -626,11 +628,15 @@ void sev_enable(struct boot_params *bp) * modifies permission bits, it is still ok to do so currently because Linux * SNP guests running at VMPL0 only run at VMPL0, so VMPL1 or higher * permission mask changes are a don't-care. - * + */ + rmpadj_ret = rmpadjust((unsigned long)&boot_ghcb_page, RMP_PG_SIZE_4K, 1); + + /* * Running at VMPL0 is not required if an SVSM is present and the hypervisor * supports the required SVSM GHCB events. */ - if (rmpadjust((unsigned long)&boot_ghcb_page, RMP_PG_SIZE_4K, 1) && + + if (rmpadj_ret && !(vmpl && (hv_features & GHCB_HV_FT_SNP_MULTI_VMPL))) sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_NOT_VMPL0); } > -static int __init report_cpuid_table(void) > +static void __init report_cpuid_table(void) > { > const struct snp_cpuid_table *cpuid_table = snp_cpuid_get_table(); > > if (!cpuid_table->count) > - return 0; > + return; > > pr_info("Using SNP CPUID table, %d entries present.\n", > cpuid_table->count); > > if (sev_cfg.debug) > dump_cpuid_table(); > +} > + > +static void __init report_vmpl_level(void) > +{ > + if (!cc_platform_has(CC_ATTR_GUEST_SEV_SNP)) > + return; > + > + pr_info("SNP running at VMPL%u.\n", vmpl); > +} > + > +static int __init report_snp_info(void) > +{ > + report_vmpl_level(); > + report_cpuid_table(); > > return 0; > } > -arch_initcall(report_cpuid_table); > +arch_initcall(report_snp_info); Zap one more silly helper: diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index 7955c024d5d7..ff5a32b0b21c 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -2356,32 +2356,23 @@ static void dump_cpuid_table(void) * sort of indicator, and there's not really any other good place to do it, * so do it here. */ -static void __init report_cpuid_table(void) +static int __init report_snp_info(void) { const struct snp_cpuid_table *cpuid_table = snp_cpuid_get_table(); if (!cpuid_table->count) - return; + return 0; pr_info("Using SNP CPUID table, %d entries present.\n", cpuid_table->count); if (sev_cfg.debug) dump_cpuid_table(); -} -static void __init report_vmpl_level(void) -{ if (!cc_platform_has(CC_ATTR_GUEST_SEV_SNP)) - return; + return 0; pr_info("SNP running at VMPL%u.\n", vmpl); -} - -static int __init report_snp_info(void) -{ - report_vmpl_level(); - report_cpuid_table(); return 0; } -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette