Received: by 2002:a6b:fb09:0:0:0:0:0 with SMTP id h9csp4246067iog; Tue, 28 Jun 2022 12:01:36 -0700 (PDT) X-Google-Smtp-Source: AGRyM1vvoMEZ2yX9J3aJZ0t0ai07r3o2Os3yueuF+RTX4ppp0v917a7IyyLyMH5kQjSHTJ0CLhe3 X-Received: by 2002:a05:6402:3224:b0:435:80fd:333 with SMTP id g36-20020a056402322400b0043580fd0333mr25360477eda.76.1656442896730; Tue, 28 Jun 2022 12:01:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1656442896; cv=none; d=google.com; s=arc-20160816; b=p5N258J6tVLqpCctItLPVsfogLFR8wIpjcBCl3hFJzaRsn+fffjbJM1PPQJcdMLTMg ogAYEk3pq4eYIDgrvPekHvV6p2IzYHcSdHhCVomH+Z/6D7P1GfxINGeSTy8Valax3DSl 940Kcc3s4SmxW5A4gukTn3oxcF/0mVQSH8GUhmnyJQ4zJZMHY5bEk3mcyELEZdeFCcZT omkvrZUZAEDSprsFn26cCuXGB6W+DQRKCMeVy8kt0GxvjZoSrXgLr5WiCvtK48cQIxbI fL25q13PjOFgh4bqAJveCJW9UBygg/vKEj8bTYzPJ/QdtDIXeAfgEBWapMkqS1tV2aBn PMVA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :dkim-signature; bh=2lf7QwNhxdo+quqMTGK7aQY+8Wzt942aQ0JT7PbSYKk=; b=mTZZxJRya4FKZnB9a8WmguvaVLpRFCxPhnML+ujIAO7dR8L9CwV7UBGk+nGRLT8jgV t2xzNKCvNj3nuBt0CDC7wgy3Um2BKEztTwbmY9WpWr7a6KAhbVu7z0qChVceu091LHcm DhDpvLcI1IV+ZkwTHOM2vfO6QKbbRyLkuNNVlZyFT4VbmJpI+ytIOUPHHB4tXbi7NnEB f6UrkIa7wRTDkfgET2O8wuySG7y7dcnI/pQutm5wiLmcZI7XWlr4Zk60E8OUYVULdXBV GXcRH61KZVbx5oRtSIOMW6fPaplyGCc08scZXtyVYJ5vOOJEGzatbchJCeWcSegjmUBa HXAw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=MXSIJWST; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id dz11-20020a0564021d4b00b004376b600290si15668256edb.350.2022.06.28.12.00.58; Tue, 28 Jun 2022 12:01:36 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=MXSIJWST; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234455AbiF1S6j (ORCPT + 99 others); Tue, 28 Jun 2022 14:58:39 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56258 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233073AbiF1S6a (ORCPT ); Tue, 28 Jun 2022 14:58:30 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id C4D421156 for ; Tue, 28 Jun 2022 11:58:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1656442702; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=2lf7QwNhxdo+quqMTGK7aQY+8Wzt942aQ0JT7PbSYKk=; b=MXSIJWSTJ2Zzjp3qqraBUAbQD7rRJj3KZdpGGi4hsK6xv5bPbkACX1OT83+SBUvA9Fg30M BSLt6O4zOsiubHxjhA01LcZGRW2me5nqLKtYTloFSuN9ddgOMkECkkgaWLv/uYKPHCVLUY NCprf8pMAPRNpbyJhkXU6VXrTO7SqOA= Received: from mail-wm1-f69.google.com (mail-wm1-f69.google.com [209.85.128.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-60-eODekABrN9OOpLfOBOFNaQ-1; Tue, 28 Jun 2022 14:58:21 -0400 X-MC-Unique: eODekABrN9OOpLfOBOFNaQ-1 Received: by mail-wm1-f69.google.com with SMTP id az40-20020a05600c602800b003a048edf007so3078868wmb.5 for ; Tue, 28 Jun 2022 11:58:20 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=2lf7QwNhxdo+quqMTGK7aQY+8Wzt942aQ0JT7PbSYKk=; b=Hutw8KzPToRAkNT2gVE1t/l8XUHph8gLFzAn3aUw3estBtt528Q0c4AU4/24Gn9qJv IMZR+Ry/kfgU7jPykMsczxlwcOhCeQTqUVvPLCEq8kCOTs/EQzIgiDwYfoSmZPwZDSOd JFWKRaVmfM36gDfzeok1Y7YBK9BmNup07kti+Rr9KMxgU5ZZyCwtWULBiON1Dguepsb+ ZMeZ1rcVVRePTeaFtav7xiK1Kq595JrD/IZpwhZRrDky9OnwMLA0hFU7uHccxdqPO2XW UwfnfIIZEkhYW3g5nLH/i6LqgvxvX9Cb8+r+ysKMKLtGDCE5e4SAT9OuXEXHSMT26ViQ rp6Q== X-Gm-Message-State: AJIora/Da9os6F/YSczAleVyqkljB9rQvn/hT6aF83uJgvJOZ3/gje58 7gZQKwVNFhppG0wBbcEyL24r911yqcsmE2hkmGQtCB1e1047vmoSr52+CHORBetWvpXOtOrEIeC bL7mnzr0/YZP8G480zrm9ygVS X-Received: by 2002:a05:600c:5022:b0:39c:7f6c:ab44 with SMTP id n34-20020a05600c502200b0039c7f6cab44mr1136479wmr.97.1656442699824; Tue, 28 Jun 2022 11:58:19 -0700 (PDT) X-Received: by 2002:a05:600c:5022:b0:39c:7f6c:ab44 with SMTP id n34-20020a05600c502200b0039c7f6cab44mr1136417wmr.97.1656442699439; Tue, 28 Jun 2022 11:58:19 -0700 (PDT) Received: from work-vm (cpc109025-salf6-2-0-cust480.10-2.cable.virginm.net. [82.30.61.225]) by smtp.gmail.com with ESMTPSA id s2-20020adfea82000000b0021b90d7b2c9sm14365759wrm.24.2022.06.28.11.58.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 28 Jun 2022 11:58:18 -0700 (PDT) Date: Tue, 28 Jun 2022 19:58:15 +0100 From: "Dr. David Alan Gilbert" To: "Kalra, Ashish" Cc: "x86@kernel.org" , "linux-kernel@vger.kernel.org" , "kvm@vger.kernel.org" , "linux-coco@lists.linux.dev" , "linux-mm@kvack.org" , "linux-crypto@vger.kernel.org" , "tglx@linutronix.de" , "mingo@redhat.com" , "jroedel@suse.de" , "Lendacky, Thomas" , "hpa@zytor.com" , "ardb@kernel.org" , "pbonzini@redhat.com" , "seanjc@google.com" , "vkuznets@redhat.com" , "jmattson@google.com" , "luto@kernel.org" , "dave.hansen@linux.intel.com" , "slp@redhat.com" , "pgonda@google.com" , "peterz@infradead.org" , "srinivas.pandruvada@linux.intel.com" , "rientjes@google.com" , "dovmurik@linux.ibm.com" , "tobin@ibm.com" , "bp@alien8.de" , "Roth, Michael" , "vbabka@suse.cz" , "kirill@shutemov.name" , "ak@linux.intel.com" , "tony.luck@intel.com" , "marcorr@google.com" , "sathyanarayanan.kuppuswamy@linux.intel.com" , "alpergun@google.com" , "jarkko@kernel.org" Subject: Re: [PATCH Part2 v6 06/49] x86/sev: Add helper functions for RMPUPDATE and PSMASH instruction Message-ID: References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/2.2.6 (2022-06-05) X-Spam-Status: No, score=-2.5 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org * Kalra, Ashish (Ashish.Kalra@amd.com) wrote: > [AMD Official Use Only - General] > > Hello Dave, > > -----Original Message----- > From: Dr. David Alan Gilbert > Sent: Tuesday, June 28, 2022 5:51 AM > To: Kalra, Ashish > Cc: x86@kernel.org; linux-kernel@vger.kernel.org; kvm@vger.kernel.org; linux-coco@lists.linux.dev; linux-mm@kvack.org; linux-crypto@vger.kernel.org; tglx@linutronix.de; mingo@redhat.com; jroedel@suse.de; Lendacky, Thomas ; hpa@zytor.com; ardb@kernel.org; pbonzini@redhat.com; seanjc@google.com; vkuznets@redhat.com; jmattson@google.com; luto@kernel.org; dave.hansen@linux.intel.com; slp@redhat.com; pgonda@google.com; peterz@infradead.org; srinivas.pandruvada@linux.intel.com; rientjes@google.com; dovmurik@linux.ibm.com; tobin@ibm.com; bp@alien8.de; Roth, Michael ; vbabka@suse.cz; kirill@shutemov.name; ak@linux.intel.com; tony.luck@intel.com; marcorr@google.com; sathyanarayanan.kuppuswamy@linux.intel.com; alpergun@google.com; jarkko@kernel.org > Subject: Re: [PATCH Part2 v6 06/49] x86/sev: Add helper functions for RMPUPDATE and PSMASH instruction > > * Kalra, Ashish (Ashish.Kalra@amd.com) wrote: > > [AMD Official Use Only - General] > > > > >>> /* > > >>> * The RMP entry format is not architectural. The format is > > >>> defined in PPR @@ -126,6 +128,15 @@ struct snp_guest_platform_data { > > >>> u64 secrets_gpa; > > >>> }; > > >>> > > >>> +struct rmpupdate { > > >>> + u64 gpa; > > >>> + u8 assigned; > > >>> + u8 pagesize; > > >>> + u8 immutable; > > >>> + u8 rsvd; > > >>> + u32 asid; > > >>> +} __packed; > > > > >>I see above it says the RMP entry format isn't architectural; is this 'rmpupdate' structure? If not how is this going to get handled when we have a couple >of SNP capable CPUs with different layouts? > > > > >Architectural implies that it is defined in the APM and shouldn't change in such a way as to not be backward compatible. > > >I probably think the wording here should be architecture independent or more precisely platform independent. > > > > Some more clarity on this: > > > > Actually, the PPR for family 19h Model 01h, Rev B1 defines the RMP entry format as below: > > > > 2.1.4.2 RMP Entry Format > > Architecturally the format of RMP entries are not specified in APM. In order to assist software, the following table specifies select portions of the RMP entry format for this specific product. Each RMP entry is 16B in size and is formatted as follows. Software should not rely on any field definitions not specified in this table and the format of an RMP entry may change in future processors. > > > > Architectural implies that it is defined in the APM and shouldn't change in such a way as to not be backward compatible. So non-architectural in this context means that it is only defined in our PPR. > > > > So actually this RPM entry definition is platform dependent and will need to be changed for different AMD processors and that change has to be handled correspondingly in the dump_rmpentry() code. > > > You'll need a way to make that fail cleanly when run on a newer CPU with different layout, and a way to build kernels that can handle more than one layout. > > Yes, I will be adding a check for CPU family/model as following : > > static int __init snp_rmptable_init(void) > { > + int family, model; > > if (!boot_cpu_has(X86_FEATURE_SEV_SNP)) > return 0; > > + family = boot_cpu_data.x86; > + model = boot_cpu_data.x86_model; > > + /* > + * RMP table entry format is not architectural and it can vary by processor and > + * is defined by the per-processor PPR. Restrict SNP support on the known CPU > + * model and family for which the RMP table entry format is currently defined for. > + */ > + if (family != 0x19 || model > 0xaf) > + goto nosnp; please add a print there to say why you're not enabling SNP. It would be great if your firmware could give you an 'rmpentry version'; and then if a new model came out that happened to have the same layout everything would just carryon working by checking that rather than the actual family/model. > + > > This way SNP will only be enabled specifically on the platforms for which this RMP entry > format is defined in those processor's PPR. This will work for Milan and Genoa as of now. > > Additionally as per Sean's suggestion, I will be moving the RMP structure definition to sev.c, > which will make it a private structure and not exposed to other parts of the kernel. > > Also in the future we will have an architectural interface to read the RMP table entry, > we will first check for it's availability and if not available fall back to the RMP table > entry structure definition. Dave > Thanks, > Ashish > -- Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK