From nobody Wed Dec 17 20:55:20 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7B30BC25B74 for ; Wed, 16 Aug 2023 16:00:11 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1344577AbjHPP7q (ORCPT ); Wed, 16 Aug 2023 11:59:46 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57066 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1344501AbjHPP7P (ORCPT ); Wed, 16 Aug 2023 11:59:15 -0400 Received: from mail-pl1-x633.google.com (mail-pl1-x633.google.com [IPv6:2607:f8b0:4864:20::633]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C3A1B2711; Wed, 16 Aug 2023 08:58:55 -0700 (PDT) Received: by mail-pl1-x633.google.com with SMTP id d9443c01a7336-1bdc243d62bso31031335ad.3; Wed, 16 Aug 2023 08:58:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1692201535; x=1692806335; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=5OiDRKOFgpns5hcMj/5h29PmrGKgZp4X/9SUFpx9MBE=; b=SdqsGneBj3G1xPoWgDrAnZsMLGIJcGkhd0mTMNej6blVFuqGqAf1YMjQZ5J1Zta4hr RjRpVGUta1l2pWshLaxG1R6WxN4rXxyHrMP31LVs0uUYrgFIhAsV/hCy2rMYOWFcZn46 oaCuRVyfkJZcqfaVrski3DVBS8PA8kWqAaniYxKS9ijLXj9cRerCDT9za4uSF/Fca8Ur g1oObQQX2D0hQARnh5xChYDCepfaUUv8hMrLFUNWtdY2V1bdh97qeA6w30x/bkZDRrUc LzIlwnDMhasI8KobGMFW3e2BZyrJOJ6RROQowk2AE26mfi9yVOaJ8ZvHwqLDoucjxbzy L97g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1692201535; x=1692806335; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=5OiDRKOFgpns5hcMj/5h29PmrGKgZp4X/9SUFpx9MBE=; b=A9xOmAIPELv/A14Q9TEChPFqqhoZMEsB6zv/2wymzg26mWnEx8zHdMXRCBLpEe7s/I 2vU2cJZwVQ2GAFd+irJuzkNVH+pYf3ko1hdjZtTXDlPBzkoLwBUKDPjmRaqLXoPSEvp0 JWBN0lwIi5B56fVdX8aJOItW9iBqAaOs+PHosCp/KtVEQbyXRLb59t9n2Cjq/7YBVOW3 IQfy4YQReLdfAKejYKxFMoDhqEmC+1zZpV9RURjDkfPJNmP8Y5pfkSF3bKHWMbbYRpdw 0JMIxN+a/8qsroHYpIsKzDJe1SAlO2RSef8HfNH5V59MzQlSyDhFT5zwdlW+QeJflGDc GXzw== X-Gm-Message-State: AOJu0YyJwUO1aZDhOdN8Pq8fwiprkKJBDlxSO3l96qERzZ4pLORfyhNx LEutdNSgGE4afPZdsvg01ec= X-Google-Smtp-Source: AGHT+IGAEgApPQ+eN/CGqM/GObThdVRZoRaNbYAsVB4MNpIbAOfo2/VbqKxriRw/Uw/n9T4Iriqnmg== X-Received: by 2002:a17:902:eccf:b0:1be:c879:6e71 with SMTP id a15-20020a170902eccf00b001bec8796e71mr2298635plh.63.1692201535104; Wed, 16 Aug 2023 08:58:55 -0700 (PDT) Received: from ubuntu-Virtual-Machine.corp.microsoft.com ([2001:4898:80e8:0:e588:8d80:9ae5:5adc]) by smtp.gmail.com with ESMTPSA id h17-20020a170902f7d100b001bc930d4517sm13366973plw.42.2023.08.16.08.58.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 16 Aug 2023 08:58:54 -0700 (PDT) From: Tianyu Lan To: kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, decui@microsoft.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, daniel.lezcano@linaro.org, arnd@arndb.de, michael.h.kelley@microsoft.com Cc: Tianyu Lan , linux-arch@vger.kernel.org, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, vkuznets@redhat.com, Michael Kelley Subject: [PATCH v6 1/8] x86/hyperv: Add sev-snp enlightened guest static key Date: Wed, 16 Aug 2023 11:58:42 -0400 Message-Id: <20230816155850.1216996-2-ltykernel@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230816155850.1216996-1-ltykernel@gmail.com> References: <20230816155850.1216996-1-ltykernel@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Tianyu Lan Introduce static key isolation_type_en_snp for enlightened sev-snp guest check. Reviewed-by: Michael Kelley Signed-off-by: Tianyu Lan Reviewed-by: Dexuan Cui --- arch/x86/hyperv/ivm.c | 11 +++++++++++ arch/x86/include/asm/mshyperv.h | 2 ++ arch/x86/kernel/cpu/mshyperv.c | 9 +++++++-- drivers/hv/hv_common.c | 6 ++++++ include/asm-generic/mshyperv.h | 13 ++++++++++--- 5 files changed, 36 insertions(+), 5 deletions(-) diff --git a/arch/x86/hyperv/ivm.c b/arch/x86/hyperv/ivm.c index 14f46ad2ca64..b2b5cb19fac9 100644 --- a/arch/x86/hyperv/ivm.c +++ b/arch/x86/hyperv/ivm.c @@ -413,3 +413,14 @@ bool hv_isolation_type_snp(void) { return static_branch_unlikely(&isolation_type_snp); } + +DEFINE_STATIC_KEY_FALSE(isolation_type_en_snp); +/* + * hv_isolation_type_en_snp - Check system runs in the AMD SEV-SNP based + * isolation enlightened VM. + */ +bool hv_isolation_type_en_snp(void) +{ + return static_branch_unlikely(&isolation_type_en_snp); +} + diff --git a/arch/x86/include/asm/mshyperv.h b/arch/x86/include/asm/mshyper= v.h index 88d9ef98e087..9f11f0495950 100644 --- a/arch/x86/include/asm/mshyperv.h +++ b/arch/x86/include/asm/mshyperv.h @@ -26,6 +26,7 @@ union hv_ghcb; =20 DECLARE_STATIC_KEY_FALSE(isolation_type_snp); +DECLARE_STATIC_KEY_FALSE(isolation_type_en_snp); =20 typedef int (*hyperv_fill_flush_list_func)( struct hv_guest_mapping_flush_list *flush, @@ -239,6 +240,7 @@ static inline void hv_vtom_init(void) {} #endif =20 extern bool hv_isolation_type_snp(void); +extern bool hv_isolation_type_en_snp(void); =20 static inline bool hv_is_synic_reg(unsigned int reg) { diff --git a/arch/x86/kernel/cpu/mshyperv.c b/arch/x86/kernel/cpu/mshyperv.c index c7969e806c64..5398fb2f4d39 100644 --- a/arch/x86/kernel/cpu/mshyperv.c +++ b/arch/x86/kernel/cpu/mshyperv.c @@ -402,8 +402,12 @@ static void __init ms_hyperv_init_platform(void) pr_info("Hyper-V: Isolation Config: Group A 0x%x, Group B 0x%x\n", ms_hyperv.isolation_config_a, ms_hyperv.isolation_config_b); =20 - if (hv_get_isolation_type() =3D=3D HV_ISOLATION_TYPE_SNP) + + if (cc_platform_has(CC_ATTR_GUEST_SEV_SNP)) { + static_branch_enable(&isolation_type_en_snp); + } else if (hv_get_isolation_type() =3D=3D HV_ISOLATION_TYPE_SNP) { static_branch_enable(&isolation_type_snp); + } } =20 if (hv_max_functions_eax >=3D HYPERV_CPUID_NESTED_FEATURES) { @@ -473,7 +477,8 @@ static void __init ms_hyperv_init_platform(void) =20 #if IS_ENABLED(CONFIG_HYPERV) if ((hv_get_isolation_type() =3D=3D HV_ISOLATION_TYPE_VBS) || - (hv_get_isolation_type() =3D=3D HV_ISOLATION_TYPE_SNP)) + ((hv_get_isolation_type() =3D=3D HV_ISOLATION_TYPE_SNP) && + ms_hyperv.paravisor_present)) hv_vtom_init(); /* * Setup the hook to get control post apic initialization. diff --git a/drivers/hv/hv_common.c b/drivers/hv/hv_common.c index 542a1d53b303..4b4aa53c34c2 100644 --- a/drivers/hv/hv_common.c +++ b/drivers/hv/hv_common.c @@ -502,6 +502,12 @@ bool __weak hv_isolation_type_snp(void) } EXPORT_SYMBOL_GPL(hv_isolation_type_snp); =20 +bool __weak hv_isolation_type_en_snp(void) +{ + return false; +} +EXPORT_SYMBOL_GPL(hv_isolation_type_en_snp); + void __weak hv_setup_vmbus_handler(void (*handler)(void)) { } diff --git a/include/asm-generic/mshyperv.h b/include/asm-generic/mshyperv.h index 402a8c1c202d..580c766958de 100644 --- a/include/asm-generic/mshyperv.h +++ b/include/asm-generic/mshyperv.h @@ -36,15 +36,21 @@ struct ms_hyperv_info { u32 nested_features; u32 max_vp_index; u32 max_lp_index; - u32 isolation_config_a; + union { + u32 isolation_config_a; + struct { + u32 paravisor_present : 1; + u32 reserved_a1 : 31; + }; + }; union { u32 isolation_config_b; struct { u32 cvm_type : 4; - u32 reserved1 : 1; + u32 reserved_b1 : 1; u32 shared_gpa_boundary_active : 1; u32 shared_gpa_boundary_bits : 6; - u32 reserved2 : 20; + u32 reserved_b2 : 20; }; }; u64 shared_gpa_boundary; @@ -58,6 +64,7 @@ extern void * __percpu *hyperv_pcpu_output_arg; extern u64 hv_do_hypercall(u64 control, void *inputaddr, void *outputaddr); extern u64 hv_do_fast_hypercall8(u16 control, u64 input8); extern bool hv_isolation_type_snp(void); +extern bool hv_isolation_type_en_snp(void); =20 /* Helper functions that provide a consistent pattern for checking Hyper-V= hypercall status. */ static inline int hv_result(u64 status) --=20 2.25.1 From nobody Wed Dec 17 20:55:20 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D6ABEC25B4F for ; Wed, 16 Aug 2023 16:00:10 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1344489AbjHPP7i (ORCPT ); Wed, 16 Aug 2023 11:59:38 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57080 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1344503AbjHPP7P (ORCPT ); Wed, 16 Aug 2023 11:59:15 -0400 Received: from mail-pl1-x62a.google.com (mail-pl1-x62a.google.com [IPv6:2607:f8b0:4864:20::62a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 549202721; Wed, 16 Aug 2023 08:58:57 -0700 (PDT) Received: by mail-pl1-x62a.google.com with SMTP id d9443c01a7336-1bddac1b7bfso24160345ad.0; Wed, 16 Aug 2023 08:58:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1692201537; x=1692806337; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=mIa9hlZihJbLP1IdtCyi8AC3PEY7CTpUX8AI8533Wno=; b=jcNXz17ieHr1V3YRMX+WnHPa2ndIuq+OLSMhV7ejDYLJ+j2iRbi39GfFhYe/RgVE/C 3JXRFkvzdAbSKmBd1HAj03pJ4qkFz28H0vhY9aG7c8h7RbA34xH/nf+XT5uKg/lY4MM9 M0rdyt8F+s7nER71+5tzOkDUuFReYgReT8OSZf+Ub6LvUddMiSROOPeugZcfI2xVB89C 7zF+Kp15dKiYBIzX5XEPacEWq2IeEjVK/RQKgkE7HhWUYZ7PV2g6MtFnLaeR5X0SuvPw uB7EuwrUcJJoR8ZVpckh8UoD7ceNJayXfLZWJuCGBCSkNLN5PNIGzHOZU36ubHRsBwGq aM2A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1692201537; x=1692806337; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=mIa9hlZihJbLP1IdtCyi8AC3PEY7CTpUX8AI8533Wno=; b=DVR+omOljAfWAlqNS1TgiQ81bYHytO6ZqGCczUK7UeTtcD4sjUFTE9BOqYvHAOe+He RZob9VFcP+0Vgn3vyxakK3vXyFXzoaNsHuNDuA1bX2Tx42UTrsBy11bNneDAF4ktRR6A p0XKeUhI6YDUnXiWpWSa9BBECYSmQ4iJCUDv6NMhT0cLMEGavjkn1XCgakSC5f3FApoi Lj+4coX74Es5gKDEmd5ypnWgz3LO/MiY3ywOxvvyKv8tf/sX+z+x9oA4Ivtijp645JT3 YBx6Xwbnb6cp56ZoxABSZpV10NNWADsnTtG3KT9Ka6Ol0Opcp5tgN1QRc6vpDw5Edzib tINA== X-Gm-Message-State: AOJu0YxaCbmDKC7rNgy6CS6sYZhdkFZHip0sutNJ46VYquUD5ObsYQe2 imxG2SQFC6JaouqAdEWXKeENbMj7s+e5fA== X-Google-Smtp-Source: AGHT+IHTndPNCpglHs+vb+MWtMNEPGLnTLPm2AMXo6dTjku8EHqpgmxgVNSSKxmbJ6194lzEPH+UMQ== X-Received: by 2002:a17:902:dac3:b0:1b5:674d:2aa5 with SMTP id q3-20020a170902dac300b001b5674d2aa5mr24330plx.13.1692201536731; Wed, 16 Aug 2023 08:58:56 -0700 (PDT) Received: from ubuntu-Virtual-Machine.corp.microsoft.com ([2001:4898:80e8:0:e588:8d80:9ae5:5adc]) by smtp.gmail.com with ESMTPSA id h17-20020a170902f7d100b001bc930d4517sm13366973plw.42.2023.08.16.08.58.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 16 Aug 2023 08:58:56 -0700 (PDT) From: Tianyu Lan To: kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, decui@microsoft.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, daniel.lezcano@linaro.org, arnd@arndb.de, michael.h.kelley@microsoft.com Cc: Tianyu Lan , linux-arch@vger.kernel.org, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, vkuznets@redhat.com, Michael Kelley Subject: [PATCH v6 2/8] x86/hyperv: Set Virtual Trust Level in VMBus init message Date: Wed, 16 Aug 2023 11:58:43 -0400 Message-Id: <20230816155850.1216996-3-ltykernel@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230816155850.1216996-1-ltykernel@gmail.com> References: <20230816155850.1216996-1-ltykernel@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Tianyu Lan SEV-SNP guests on Hyper-V can run at multiple Virtual Trust Levels (VTL). During boot, get the VTL at which we're running using the GET_VP_REGISTERs hypercall, and save the value for future use. Then during VMBus initialization, set the VTL with the saved value as required in the VMBus init message. Reviewed-by: Michael Kelley Signed-off-by: Tianyu Lan Reviewed-by: Dexuan Cui --- * Change since v5: Remove hvcall input parameter page check * Change since v3: Call get_vtl() when SEV-SNP is available and set vtl to 0 by default if fail to get VTL from Hyper-V. * Change since v2: Update the change log. --- arch/x86/hyperv/hv_init.c | 34 ++++++++++++++++++++++++++++++ arch/x86/include/asm/hyperv-tlfs.h | 7 ++++++ drivers/hv/connection.c | 1 + include/asm-generic/mshyperv.h | 1 + include/linux/hyperv.h | 4 ++-- 5 files changed, 45 insertions(+), 2 deletions(-) diff --git a/arch/x86/hyperv/hv_init.c b/arch/x86/hyperv/hv_init.c index 6c04b52f139b..f62ca3f6e9b2 100644 --- a/arch/x86/hyperv/hv_init.c +++ b/arch/x86/hyperv/hv_init.c @@ -378,6 +378,36 @@ static void __init hv_get_partition_id(void) local_irq_restore(flags); } =20 +static u8 __init get_vtl(void) +{ + u64 control =3D HV_HYPERCALL_REP_COMP_1 | HVCALL_GET_VP_REGISTERS; + struct hv_get_vp_registers_input *input; + struct hv_get_vp_registers_output *output; + unsigned long flags; + u64 ret =3D 0; + + local_irq_save(flags); + input =3D *this_cpu_ptr(hyperv_pcpu_input_arg); + output =3D (struct hv_get_vp_registers_output *)input; + + memset(input, 0, struct_size(input, element, 1)); + input->header.partitionid =3D HV_PARTITION_ID_SELF; + input->header.vpindex =3D HV_VP_INDEX_SELF; + input->header.inputvtl =3D 0; + input->element[0].name0 =3D HV_X64_REGISTER_VSM_VP_STATUS; + + ret =3D hv_do_hypercall(control, input, output); + if (hv_result_success(ret)) { + ret =3D output->as64.low & HV_X64_VTL_MASK; + } else { + pr_err("Failed to get VTL(%lld) and set VTL to zero by default.\n", ret); + ret =3D 0; + } + + local_irq_restore(flags); + return ret; +} + /* * This function is to be invoked early in the boot sequence after the * hypervisor has been detected. @@ -506,6 +536,10 @@ void __init hyperv_init(void) /* Query the VMs extended capability once, so that it can be cached. */ hv_query_ext_cap(0); =20 + /* Find the VTL */ + if (hv_isolation_type_en_snp()) + ms_hyperv.vtl =3D get_vtl(); + return; =20 clean_guest_os_id: diff --git a/arch/x86/include/asm/hyperv-tlfs.h b/arch/x86/include/asm/hype= rv-tlfs.h index cea95dcd27c2..4bf0b315b0ce 100644 --- a/arch/x86/include/asm/hyperv-tlfs.h +++ b/arch/x86/include/asm/hyperv-tlfs.h @@ -301,6 +301,13 @@ enum hv_isolation_type { #define HV_X64_MSR_TIME_REF_COUNT HV_REGISTER_TIME_REF_COUNT #define HV_X64_MSR_REFERENCE_TSC HV_REGISTER_REFERENCE_TSC =20 +/* + * Registers are only accessible via HVCALL_GET_VP_REGISTERS hvcall and + * there is not associated MSR address. + */ +#define HV_X64_REGISTER_VSM_VP_STATUS 0x000D0003 +#define HV_X64_VTL_MASK GENMASK(3, 0) + /* Hyper-V memory host visibility */ enum hv_mem_host_visibility { VMBUS_PAGE_NOT_VISIBLE =3D 0, diff --git a/drivers/hv/connection.c b/drivers/hv/connection.c index 5978e9dbc286..02b54f85dc60 100644 --- a/drivers/hv/connection.c +++ b/drivers/hv/connection.c @@ -98,6 +98,7 @@ int vmbus_negotiate_version(struct vmbus_channel_msginfo = *msginfo, u32 version) */ if (version >=3D VERSION_WIN10_V5) { msg->msg_sint =3D VMBUS_MESSAGE_SINT; + msg->msg_vtl =3D ms_hyperv.vtl; vmbus_connection.msg_conn_id =3D VMBUS_MESSAGE_CONNECTION_ID_4; } else { msg->interrupt_page =3D virt_to_phys(vmbus_connection.int_page); diff --git a/include/asm-generic/mshyperv.h b/include/asm-generic/mshyperv.h index 580c766958de..efd0d2aedad3 100644 --- a/include/asm-generic/mshyperv.h +++ b/include/asm-generic/mshyperv.h @@ -54,6 +54,7 @@ struct ms_hyperv_info { }; }; u64 shared_gpa_boundary; + u8 vtl; }; extern struct ms_hyperv_info ms_hyperv; extern bool hv_nested; diff --git a/include/linux/hyperv.h b/include/linux/hyperv.h index bfbc37ce223b..1f2bfec4abde 100644 --- a/include/linux/hyperv.h +++ b/include/linux/hyperv.h @@ -665,8 +665,8 @@ struct vmbus_channel_initiate_contact { u64 interrupt_page; struct { u8 msg_sint; - u8 padding1[3]; - u32 padding2; + u8 msg_vtl; + u8 reserved[6]; }; }; u64 monitor_page1; --=20 2.25.1 From nobody Wed Dec 17 20:55:20 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 06143C19F4F for ; Wed, 16 Aug 2023 16:00:11 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1344523AbjHPP7k (ORCPT ); Wed, 16 Aug 2023 11:59:40 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57094 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1344505AbjHPP7Q (ORCPT ); Wed, 16 Aug 2023 11:59:16 -0400 Received: from mail-pl1-x633.google.com (mail-pl1-x633.google.com [IPv6:2607:f8b0:4864:20::633]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B5CC42717; Wed, 16 Aug 2023 08:58:58 -0700 (PDT) Received: by mail-pl1-x633.google.com with SMTP id d9443c01a7336-1bdc19b782aso32872805ad.0; Wed, 16 Aug 2023 08:58:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1692201538; x=1692806338; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=D8Cow/VKryneABUkqxkXvlZxe3G46QYofSoSSKW5bFM=; b=G7eKQh7xtXM62LiAqJASQfZoG5jSgumdfXMWnAhtVxmpFZ2wPLkfCw0k+uwQJB+k0G c7A1Ysek1A+pM2SS2a0AWEqX50LyFYsUqrgVIBS6tCjfXJsNwGQ1i3m2PSzDyoy05Fm/ /ZsvDdP/LJ76o/v5Db4Kg0E+L2HaW7zf8Wzy8Z8p9pS//Hdp6dxTOuGKRTfes5fIpy9s I4PyBkVfb7WweUKSPFcRag+Tah9Ry2+B7mpz8aSc2QH/PD9n4rk4LO9WhA/8V+JCCd7a DbLDpGEaeCsyzG8tTfSIe0wFlsXeV9EFVQNf9H0oGRaIYj/RfqX/D9puFEkI4K06qfLc 1wlA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1692201538; x=1692806338; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=D8Cow/VKryneABUkqxkXvlZxe3G46QYofSoSSKW5bFM=; b=Am/2FXimYAn1+4M6+mr/i7FFilvzgN7USnBYEgdQnSpKzt+ZAToYVQa6aLyH3fSK1R l2EF/g4aXf5Fr5+6ItWjkpIqaLdOonOFouGRz75HbkGG7LJpCIY89VJ8IcwbFT4QRe9W SAfgQW0/4lqVRLQ4ZSalKYXU+8UJ4oeUuUynviwdi5zBP5EIOzFeXNE8CCwJKzSLvUj7 fm+6buYeRcZTbmmuoUKo61y9POHXfvL2acOpJyyUfIZi4GGYvlKjcTjqQYLW+jh7gCJE irhMqMmN4t1BMTZWwpN7hwyAtouqPLy+om5gE3fV50iwMpRcLqX9KB7ZAKPPM1h/uMvS Ieqw== X-Gm-Message-State: AOJu0Yx8XZOE9npb6L3+AqoyWwVU+4OQ6GyAMaB83ALKvBxMXVp28OJV 9+nbuESm01gdltAqlwURaeg= X-Google-Smtp-Source: AGHT+IHQNILK0hkTXfdKdRQ4CH96ZFM1SSHRHGFyyr3VKQSehqNh/sgzWEn/bB/JZSCgOxFInLmLdg== X-Received: by 2002:a17:902:ec8f:b0:1bd:f378:b1a8 with SMTP id x15-20020a170902ec8f00b001bdf378b1a8mr2449747plg.11.1692201538138; Wed, 16 Aug 2023 08:58:58 -0700 (PDT) Received: from ubuntu-Virtual-Machine.corp.microsoft.com ([2001:4898:80e8:0:e588:8d80:9ae5:5adc]) by smtp.gmail.com with ESMTPSA id h17-20020a170902f7d100b001bc930d4517sm13366973plw.42.2023.08.16.08.58.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 16 Aug 2023 08:58:57 -0700 (PDT) From: Tianyu Lan To: kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, decui@microsoft.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, daniel.lezcano@linaro.org, arnd@arndb.de, michael.h.kelley@microsoft.com Cc: Tianyu Lan , linux-arch@vger.kernel.org, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, vkuznets@redhat.com, Michael Kelley Subject: [PATCH v6 3/8] x86/hyperv: Mark Hyper-V vp assist page unencrypted in SEV-SNP enlightened guest Date: Wed, 16 Aug 2023 11:58:44 -0400 Message-Id: <20230816155850.1216996-4-ltykernel@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230816155850.1216996-1-ltykernel@gmail.com> References: <20230816155850.1216996-1-ltykernel@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Tianyu Lan hv vp assist page needs to be shared between SEV-SNP guest and Hyper-V. So mark the page unencrypted in the SEV-SNP guest. Reviewed-by: Michael Kelley Signed-off-by: Tianyu Lan Reviewed-by: Dexuan Cui --- arch/x86/hyperv/hv_init.c | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/arch/x86/hyperv/hv_init.c b/arch/x86/hyperv/hv_init.c index f62ca3f6e9b2..8bd2603c5fc1 100644 --- a/arch/x86/hyperv/hv_init.c +++ b/arch/x86/hyperv/hv_init.c @@ -18,6 +18,7 @@ #include #include #include +#include #include #include #include @@ -106,8 +107,21 @@ static int hv_cpu_init(unsigned int cpu) * in hv_cpu_die(), otherwise a CPU may not be stopped in the * case of CPU offlining and the VM will hang. */ - if (!*hvp) + if (!*hvp) { *hvp =3D __vmalloc(PAGE_SIZE, GFP_KERNEL | __GFP_ZERO); + + /* + * Hyper-V should never specify a VM that is a Confidential + * VM and also running in the root partition. Root partition + * is blocked to run in Confidential VM. So only decrypt assist + * page in non-root partition here. + */ + if (*hvp && hv_isolation_type_en_snp()) { + WARN_ON_ONCE(set_memory_decrypted((unsigned long)(*hvp), 1)); + memset(*hvp, 0, PAGE_SIZE); + } + } + if (*hvp) msr.pfn =3D vmalloc_to_pfn(*hvp); =20 --=20 2.25.1 From nobody Wed Dec 17 20:55:20 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3606AC41513 for ; Wed, 16 Aug 2023 16:00:11 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1344549AbjHPP7n (ORCPT ); Wed, 16 Aug 2023 11:59:43 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57110 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1344506AbjHPP7Q (ORCPT ); Wed, 16 Aug 2023 11:59:16 -0400 Received: from mail-ot1-x335.google.com (mail-ot1-x335.google.com [IPv6:2607:f8b0:4864:20::335]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4792510C1; Wed, 16 Aug 2023 08:59:00 -0700 (PDT) Received: by mail-ot1-x335.google.com with SMTP id 46e09a7af769-6bb07d274feso5744583a34.0; Wed, 16 Aug 2023 08:59:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1692201539; x=1692806339; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=0mqb14LBzHQf18FY7xszQiIf830qOZYbv6/JECgr54c=; b=L/ADAfh6ag6T9iVpqT5XCZeRNaG8z9sSejMuM+x/sxqOt8gL2ro9ZYPYlToIOOcoUc NQdadBJIyvWTD5rP2wQIZFeBU2FFCXBJaj4I63kT4EzeMLLhBxc9er7Cuig6XvO1BcW6 f1VmwG3YyCfBatc9ldQGesOIUUTzJLMmqKm7+vCGyzCx5QXsJIK0R8MzA0wCKjnjtQ8R O32JtOqYKWHSa15KJefq+4uV34JBH852EID4/BJ0VDMa6pQb5206LbWPRhCzvKVAZV25 wEepuI8os+mEc064WtSX2SQ046urlnH+igCifR5xCAO+N3gKq5xlxvsbAIrS+iJGz7sw uv4w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1692201539; x=1692806339; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=0mqb14LBzHQf18FY7xszQiIf830qOZYbv6/JECgr54c=; b=R4xlD0qAlT6ySbaKNX7GAHHGc6FKbUNQIL626wJH350cIZ64+wHEqCVEBPgE+x9d2o /kiN37ggaM+pAwWVHsrJ501Q2LKgh23Yhm3JhDXOnXeailgNIXLZ7y1mrYVxhdH9ZfVA 3t0D/uFWZiSLIt6Jx0/uJB5XRjmFsD69ZY9R4GEPTo47stVoYBXYNGKZQBk9+QJwlFfO ncNgbeOfnUXzl6BtRYsntpj+n6VCSM3+M25ZexkeopcbHMnHvMlwS4r1xyPHqjEi6Qub CEMo1LZf0TmL1vLaZZYo3ZSGf8IluTIIrXXS8G4cfjmKl3Y02JCnk8MuorD6FW4AibcX /O9A== X-Gm-Message-State: AOJu0YxEjNHfKQ/jy57iyJ9eNdc93GofGxI/dh6uHY4Rl48CsCLtpOnZ wXAUK7f8zMAyT3N6b66wp7agwPl69Tbcjg== X-Google-Smtp-Source: AGHT+IE+JpQI3UVlRMS/Qz6Srd7rheF6LiD5cGbRndQNamPhbuoeEiL6bF1OjbgvUUR5eSoArmcZXA== X-Received: by 2002:a05:6870:73c9:b0:1be:dbd9:dd2b with SMTP id a9-20020a05687073c900b001bedbd9dd2bmr3145850oan.54.1692201539567; Wed, 16 Aug 2023 08:58:59 -0700 (PDT) Received: from ubuntu-Virtual-Machine.corp.microsoft.com ([2001:4898:80e8:0:e588:8d80:9ae5:5adc]) by smtp.gmail.com with ESMTPSA id h17-20020a170902f7d100b001bc930d4517sm13366973plw.42.2023.08.16.08.58.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 16 Aug 2023 08:58:59 -0700 (PDT) From: Tianyu Lan To: kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, decui@microsoft.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, daniel.lezcano@linaro.org, arnd@arndb.de, michael.h.kelley@microsoft.com Cc: Tianyu Lan , linux-arch@vger.kernel.org, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, vkuznets@redhat.com, Michael Kelley Subject: [PATCH v6 4/8] drivers: hv: Mark percpu hvcall input arg page unencrypted in SEV-SNP enlightened guest Date: Wed, 16 Aug 2023 11:58:45 -0400 Message-Id: <20230816155850.1216996-5-ltykernel@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230816155850.1216996-1-ltykernel@gmail.com> References: <20230816155850.1216996-1-ltykernel@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Tianyu Lan Hypervisor needs to access input arg, VMBus synic event and message pages. Mark these pages unencrypted in the SEV-SNP guest and free them only if they have been marked encrypted successfully. Reviewed-by: Michael Kelley Signed-off-by: Tianyu Lan Reviewed-by: Dexuan Cui --- drivers/hv/hv.c | 57 +++++++++++++++++++++++++++++++++++++++--- drivers/hv/hv_common.c | 13 ++++++++++ 2 files changed, 67 insertions(+), 3 deletions(-) diff --git a/drivers/hv/hv.c b/drivers/hv/hv.c index de6708dbe0df..ec6e35a0d9bf 100644 --- a/drivers/hv/hv.c +++ b/drivers/hv/hv.c @@ -20,6 +20,7 @@ #include #include #include +#include #include "hyperv_vmbus.h" =20 /* The one and only */ @@ -78,7 +79,7 @@ int hv_post_message(union hv_connection_id connection_id, =20 int hv_synic_alloc(void) { - int cpu; + int cpu, ret =3D -ENOMEM; struct hv_per_cpu_context *hv_cpu; =20 /* @@ -123,26 +124,76 @@ int hv_synic_alloc(void) goto err; } } + + if (hv_isolation_type_en_snp()) { + ret =3D set_memory_decrypted((unsigned long) + hv_cpu->synic_message_page, 1); + if (ret) { + pr_err("Failed to decrypt SYNIC msg page: %d\n", ret); + hv_cpu->synic_message_page =3D NULL; + + /* + * Free the event page here so that hv_synic_free() + * won't later try to re-encrypt it. + */ + free_page((unsigned long)hv_cpu->synic_event_page); + hv_cpu->synic_event_page =3D NULL; + goto err; + } + + ret =3D set_memory_decrypted((unsigned long) + hv_cpu->synic_event_page, 1); + if (ret) { + pr_err("Failed to decrypt SYNIC event page: %d\n", ret); + hv_cpu->synic_event_page =3D NULL; + goto err; + } + + memset(hv_cpu->synic_message_page, 0, PAGE_SIZE); + memset(hv_cpu->synic_event_page, 0, PAGE_SIZE); + } } =20 return 0; + err: /* * Any memory allocations that succeeded will be freed when * the caller cleans up by calling hv_synic_free() */ - return -ENOMEM; + return ret; } =20 =20 void hv_synic_free(void) { - int cpu; + int cpu, ret; =20 for_each_present_cpu(cpu) { struct hv_per_cpu_context *hv_cpu =3D per_cpu_ptr(hv_context.cpu_context, cpu); =20 + /* It's better to leak the page if the encryption fails. */ + if (hv_isolation_type_en_snp()) { + if (hv_cpu->synic_message_page) { + ret =3D set_memory_encrypted((unsigned long) + hv_cpu->synic_message_page, 1); + if (ret) { + pr_err("Failed to encrypt SYNIC msg page: %d\n", ret); + hv_cpu->synic_message_page =3D NULL; + } + } + + if (hv_cpu->synic_event_page) { + ret =3D set_memory_encrypted((unsigned long) + hv_cpu->synic_event_page, 1); + if (ret) { + pr_err("Failed to encrypt SYNIC event page: %d\n", ret); + hv_cpu->synic_event_page =3D NULL; + } + } + } + free_page((unsigned long)hv_cpu->synic_event_page); free_page((unsigned long)hv_cpu->synic_message_page); } diff --git a/drivers/hv/hv_common.c b/drivers/hv/hv_common.c index 4b4aa53c34c2..2d43ba2bc925 100644 --- a/drivers/hv/hv_common.c +++ b/drivers/hv/hv_common.c @@ -24,6 +24,7 @@ #include #include #include +#include #include #include =20 @@ -359,6 +360,7 @@ int hv_common_cpu_init(unsigned int cpu) u64 msr_vp_index; gfp_t flags; int pgcount =3D hv_root_partition ? 2 : 1; + int ret; =20 /* hv_cpu_init() can be called with IRQs disabled from hv_resume() */ flags =3D irqs_disabled() ? GFP_ATOMIC : GFP_KERNEL; @@ -378,6 +380,17 @@ int hv_common_cpu_init(unsigned int cpu) outputarg =3D (void **)this_cpu_ptr(hyperv_pcpu_output_arg); *outputarg =3D (char *)(*inputarg) + HV_HYP_PAGE_SIZE; } + + if (hv_isolation_type_en_snp()) { + ret =3D set_memory_decrypted((unsigned long)*inputarg, pgcount); + if (ret) { + kfree(*inputarg); + *inputarg =3D NULL; + return ret; + } + + memset(*inputarg, 0x00, pgcount * PAGE_SIZE); + } } =20 msr_vp_index =3D hv_get_register(HV_REGISTER_VP_INDEX); --=20 2.25.1 From nobody Wed Dec 17 20:55:20 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8C512C25B73 for ; Wed, 16 Aug 2023 16:00:11 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1344588AbjHPP7r (ORCPT ); Wed, 16 Aug 2023 11:59:47 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57104 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1344507AbjHPP7Q (ORCPT ); Wed, 16 Aug 2023 11:59:16 -0400 Received: from mail-pf1-x42e.google.com (mail-pf1-x42e.google.com [IPv6:2607:f8b0:4864:20::42e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2FD46270D; Wed, 16 Aug 2023 08:59:01 -0700 (PDT) Received: by mail-pf1-x42e.google.com with SMTP id d2e1a72fcca58-68842ebdcf7so2452567b3a.0; Wed, 16 Aug 2023 08:59:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1692201540; x=1692806340; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=1q0ExsI3pZAGsklMym6d7DNNYHY+idgg1apdYHwk6a0=; b=rXITgZZp0o9Vtlah42WjNzegYa/NV+nMDhC8/tGI4GJ2/SWRTYJaATXHEWUC4TVcZK fH+15DAe986d0wiHXKEYCeICXp7I6MkN7AiuBHLCdQ9brbNEGWPn+Wkk+H4xSzLM2PEH 2Vz01nx3MUPRcpGB4IBPyysVE3CTQ7pLoehdeB11/I9gtL9rD5C5zwhUX+qpCbavTasZ uZXk4syi+0HJCuJpxXBzhGjqq2N8L6/R6tapr9WPQY3ROoE8ZBI6kwtafvR0TSCfSJfV W4YYxeTgAKKc+K16HV3i2OBKzmS6gg4AdX4luGVpw59rhQdmkK4LhMWtjZ+C/+ukHzJP sA+A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1692201540; x=1692806340; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=1q0ExsI3pZAGsklMym6d7DNNYHY+idgg1apdYHwk6a0=; b=CseTweX1Ebm8pJn0FenfA+uEdQWT9NhYVR48zqc4zCa21paj2w9vDl998HExrbXCA7 cz2+61Mte70mVxWXjnf631YNFDo6VMte8qlRHKsGKilYxvs6Wz7rZxsK87qfPCMxJU6w tDcdTFpcHHSzUqVVumNuGVzrQ0vHUBwANC7F3LahtUfbGZ7oc95/Ab9aPxOrUUXyEaPh 2VqzWLpNaDKxkWUIcVSMgFo8LpqHidCAeul9K6k1NWSj8N5T4a1M7qA/PFzuzyTDSbwE 1dlvc8OCBox7DfsqkuSq4ZA6fKBLXGx0Wd7fJcrFZAVSZNFvVrFJd7U9gakIF2t++XdR +QoA== X-Gm-Message-State: AOJu0Yw5bpzIxEJuBJiJtfj32vu05oQsUwRqPBzFAjgKoUTDula883aW UoTalFMedXLsziwB1VbPGy4= X-Google-Smtp-Source: AGHT+IFMRgL+51v/aLD/m+oquII/+B1z41Re83qM9wvj9kFOX6vM5jTEeCJcwIUyGQo0dE8GyvxSvQ== X-Received: by 2002:a05:6a20:ce91:b0:13e:a442:c899 with SMTP id if17-20020a056a20ce9100b0013ea442c899mr2639372pzb.37.1692201540591; Wed, 16 Aug 2023 08:59:00 -0700 (PDT) Received: from ubuntu-Virtual-Machine.corp.microsoft.com ([2001:4898:80e8:0:e588:8d80:9ae5:5adc]) by smtp.gmail.com with ESMTPSA id h17-20020a170902f7d100b001bc930d4517sm13366973plw.42.2023.08.16.08.58.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 16 Aug 2023 08:59:00 -0700 (PDT) From: Tianyu Lan To: kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, decui@microsoft.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, daniel.lezcano@linaro.org, arnd@arndb.de, michael.h.kelley@microsoft.com Cc: Tianyu Lan , linux-arch@vger.kernel.org, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, vkuznets@redhat.com Subject: [PATCH v6 5/8] x86/hyperv: Use vmmcall to implement Hyper-V hypercall in sev-snp enlightened guest Date: Wed, 16 Aug 2023 11:58:46 -0400 Message-Id: <20230816155850.1216996-6-ltykernel@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230816155850.1216996-1-ltykernel@gmail.com> References: <20230816155850.1216996-1-ltykernel@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Tianyu Lan In sev-snp enlightened guest, Hyper-V hypercall needs to use vmmcall to trigger vmexit and notify hypervisor to handle hypercall request. Signed-off-by: Tianyu Lan --- arch/x86/include/asm/mshyperv.h | 44 ++++++++++++++++++++++++--------- 1 file changed, 33 insertions(+), 11 deletions(-) diff --git a/arch/x86/include/asm/mshyperv.h b/arch/x86/include/asm/mshyper= v.h index 9f11f0495950..8479626cd7cb 100644 --- a/arch/x86/include/asm/mshyperv.h +++ b/arch/x86/include/asm/mshyperv.h @@ -59,16 +59,25 @@ static inline u64 hv_do_hypercall(u64 control, void *in= put, void *output) u64 hv_status; =20 #ifdef CONFIG_X86_64 - if (!hv_hypercall_pg) - return U64_MAX; + if (hv_isolation_type_en_snp()) { + __asm__ __volatile__("mov %4, %%r8\n" + "vmmcall" + : "=3Da" (hv_status), ASM_CALL_CONSTRAINT, + "+c" (control), "+d" (input_address) + : "r" (output_address) + : "cc", "memory", "r8", "r9", "r10", "r11"); + } else { + if (!hv_hypercall_pg) + return U64_MAX; =20 - __asm__ __volatile__("mov %4, %%r8\n" - CALL_NOSPEC - : "=3Da" (hv_status), ASM_CALL_CONSTRAINT, - "+c" (control), "+d" (input_address) - : "r" (output_address), - THUNK_TARGET(hv_hypercall_pg) - : "cc", "memory", "r8", "r9", "r10", "r11"); + __asm__ __volatile__("mov %4, %%r8\n" + CALL_NOSPEC + : "=3Da" (hv_status), ASM_CALL_CONSTRAINT, + "+c" (control), "+d" (input_address) + : "r" (output_address), + THUNK_TARGET(hv_hypercall_pg) + : "cc", "memory", "r8", "r9", "r10", "r11"); + } #else u32 input_address_hi =3D upper_32_bits(input_address); u32 input_address_lo =3D lower_32_bits(input_address); @@ -102,7 +111,13 @@ static inline u64 _hv_do_fast_hypercall8(u64 control, = u64 input1) u64 hv_status; =20 #ifdef CONFIG_X86_64 - { + if (hv_isolation_type_en_snp()) { + __asm__ __volatile__( + "vmmcall" + : "=3Da" (hv_status), ASM_CALL_CONSTRAINT, + "+c" (control), "+d" (input1) + :: "cc", "r8", "r9", "r10", "r11"); + } else { __asm__ __volatile__(CALL_NOSPEC : "=3Da" (hv_status), ASM_CALL_CONSTRAINT, "+c" (control), "+d" (input1) @@ -147,7 +162,14 @@ static inline u64 _hv_do_fast_hypercall16(u64 control,= u64 input1, u64 input2) u64 hv_status; =20 #ifdef CONFIG_X86_64 - { + if (hv_isolation_type_en_snp()) { + __asm__ __volatile__("mov %4, %%r8\n" + "vmmcall" + : "=3Da" (hv_status), ASM_CALL_CONSTRAINT, + "+c" (control), "+d" (input1) + : "r" (input2) + : "cc", "r8", "r9", "r10", "r11"); + } else { __asm__ __volatile__("mov %4, %%r8\n" CALL_NOSPEC : "=3Da" (hv_status), ASM_CALL_CONSTRAINT, --=20 2.25.1 From nobody Wed Dec 17 20:55:20 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1A291C25B5E for ; Wed, 16 Aug 2023 16:00:11 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1344539AbjHPP7m (ORCPT ); Wed, 16 Aug 2023 11:59:42 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57134 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1344509AbjHPP7R (ORCPT ); Wed, 16 Aug 2023 11:59:17 -0400 Received: from mail-pl1-x635.google.com (mail-pl1-x635.google.com [IPv6:2607:f8b0:4864:20::635]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 84FFB2D48; Wed, 16 Aug 2023 08:59:02 -0700 (PDT) Received: by mail-pl1-x635.google.com with SMTP id d9443c01a7336-1bdc19b782aso32873365ad.0; Wed, 16 Aug 2023 08:59:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1692201542; x=1692806342; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=lxyPRx65GPTmM7WIGpMjts/akUWiTXqh+ZFAndUPdXI=; b=PC0/lR53+VCicJ9H0/SQ3Bei+7+HxUxknUVy7UJmPjgmjLSDquQ65V6tGIcPRaKQCO QDZb09dimioLQkIkBApGvGGvk3eZXiaAPVjBZwpII0VC74gluV0vg4+X2SJ94a80rc7G NjEW1utnzuowK+lcRO/310nYDeh3K0dVL2lpCz47eW0PjmFyEU2aiRfxxDFBVwiAFyoz RRDic5t6n7tqZCsAG/vU5bQZ7ebgA4Wega15/5HM5eNNurSLt22hucbNTpkkWSkKhxno N2d0Pou79KaxzT9OU6Zd3PhsnF81/cxtu+kNFwUUX1oeDruVtcFnA9Lj1EsZVyz/mojc bhWg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1692201542; x=1692806342; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=lxyPRx65GPTmM7WIGpMjts/akUWiTXqh+ZFAndUPdXI=; b=B9HIhvw+WmElbvytRNYJsZXPyH9jhZy6NYm3T1PcwgxTspBNNfoln7kXSdzT+72b0z mfc5bzEK8f6A3MoEgYtFKTjyyJuajDQSr9XUcCDnkdVvk209rh/L7vP7G7W0b3+aR+ug t0Y9HzlMIoBJzoUszsx09IBEmfoNstvVRZ0zo0ZIHzQvfNCNbhmb56df5DokFnaUdTl1 IUF3yi+iea9IpdEBFWB51a5FNqn+fzxw6KEbfNK86aLA3LUPpbS4QXNaarv+85Nf/5hC xECT1dy9gWH9conzES0fH3uR+VGEZ+UvnzDgeTcKPOyPwv+6PTyy/IL2hZrHphxOQjgj Twtw== X-Gm-Message-State: AOJu0Ywbb5Kl07v1m5MIbEiIs0n4Fm0eFbYQa17iyGUU1sqSy27ZgPOn 3duF1szf8kntIMVe3a2Cz9c= X-Google-Smtp-Source: AGHT+IFyowF8kY/XG+zGsI3RvPoJeXwJ7mX+0CbWQJkqmr7Arxd7sKHrnFy+Y5qLuMR6bsgIZX76ZA== X-Received: by 2002:a17:902:d481:b0:1b8:a3a0:d9b3 with SMTP id c1-20020a170902d48100b001b8a3a0d9b3mr2107724plg.47.1692201541988; Wed, 16 Aug 2023 08:59:01 -0700 (PDT) Received: from ubuntu-Virtual-Machine.corp.microsoft.com ([2001:4898:80e8:0:e588:8d80:9ae5:5adc]) by smtp.gmail.com with ESMTPSA id h17-20020a170902f7d100b001bc930d4517sm13366973plw.42.2023.08.16.08.59.01 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 16 Aug 2023 08:59:01 -0700 (PDT) From: Tianyu Lan To: kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, decui@microsoft.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, daniel.lezcano@linaro.org, arnd@arndb.de, michael.h.kelley@microsoft.com Cc: Tianyu Lan , linux-arch@vger.kernel.org, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, vkuznets@redhat.com, Michael Kelley Subject: [PATCH v6 6/8] clocksource: hyper-v: Mark hyperv tsc page unencrypted in sev-snp enlightened guest Date: Wed, 16 Aug 2023 11:58:47 -0400 Message-Id: <20230816155850.1216996-7-ltykernel@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230816155850.1216996-1-ltykernel@gmail.com> References: <20230816155850.1216996-1-ltykernel@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Tianyu Lan Hyper-V tsc page is shared with hypervisor and mark the page unencrypted in sev-snp enlightened guest when it's used. Reviewed-by: Michael Kelley Signed-off-by: Tianyu Lan Reviewed-by: Dexuan Cui --- drivers/clocksource/hyperv_timer.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/clocksource/hyperv_timer.c b/drivers/clocksource/hyper= v_timer.c index e56307a81f4d..8ff7cd4e20bb 100644 --- a/drivers/clocksource/hyperv_timer.c +++ b/drivers/clocksource/hyperv_timer.c @@ -390,7 +390,7 @@ static __always_inline u64 read_hv_clock_msr(void) static union { struct ms_hyperv_tsc_page page; u8 reserved[PAGE_SIZE]; -} tsc_pg __aligned(PAGE_SIZE); +} tsc_pg __bss_decrypted __aligned(PAGE_SIZE); =20 static struct ms_hyperv_tsc_page *tsc_page =3D &tsc_pg.page; static unsigned long tsc_pfn; --=20 2.25.1 From nobody Wed Dec 17 20:55:20 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6AF7AC25B5F for ; Wed, 16 Aug 2023 16:00:11 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1344571AbjHPP7p (ORCPT ); Wed, 16 Aug 2023 11:59:45 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57232 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1344520AbjHPP7T (ORCPT ); Wed, 16 Aug 2023 11:59:19 -0400 Received: from mail-pl1-x630.google.com (mail-pl1-x630.google.com [IPv6:2607:f8b0:4864:20::630]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E3ED52D4A; Wed, 16 Aug 2023 08:59:03 -0700 (PDT) Received: by mail-pl1-x630.google.com with SMTP id d9443c01a7336-1bba48b0bd2so45251965ad.3; Wed, 16 Aug 2023 08:59:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1692201543; x=1692806343; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=edyxZlMDBy/hWpSdjMir1/zkWMoNQWbVpCyIxteeHYI=; b=YKeAX1vL4TvgQsAac85iqiUqLaffd3zpfGC7TdlWAw/eaIXmp7C/H3+RXTIRL5woN6 0jUJEk48sgGbixnL72/i3iftb7h1V102p2jg53Zcmuy32Tenew7Sze6UY8w4PipyJHtZ mdH4fRJJyWCZ603KVWAsDLB1PMw/oMgT9sLLEH655OgpglcA9fAG1c0CrWPOESXvISm9 dYzv6W1lUdmsko43ghC6vNRANBwmzwqpst41wDUg18d2jrjkgHvA7IFgGnCCGxVnv5OD 2mWXtf8+jKR2+zRdVADy2pXJCtHjHIF9Qi3C4YL+cbNyxDAbTb9g/47+YHJbLOaXTmPA 4HqA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1692201543; x=1692806343; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=edyxZlMDBy/hWpSdjMir1/zkWMoNQWbVpCyIxteeHYI=; b=BWf/hg76c6htVdMrOZkCWQNkNY0++hLu6EXy3wXh4SAWvBiO1KgHgQ4TQYJCKiN2eD 4xuEBo93Skwwm9HW1/uTyb3wRld9BHoPRamS2is4H1fzlSI0Llq8bvIS9l5SlStqFMKY yJvdkUgPIeUneoZNIP6U42m9zSVWn4C53OCsvbTPmAUweY/BJRiD87h4Y5K1l2sdU9QJ 97EcrgRcY9n+c2BMoyLsBkgiQ9btPUlZ5CfrXP/MFMNZCZ6gvxvPbhmTvUEunJfhUl3I wNsIPQV5V9w1xQrfjr9vIfIJxA2/d4lKN1G63SIExPoY77RPohiChpTBJz5v3WH4IdPp jKgw== X-Gm-Message-State: AOJu0Yz5DswGcYJ1r9USLeYcrFIDMDY1ZpfOY4Krc/TfCIzEh17Nvfy3 bxUTWP/Oivc5yTCcRNyColA= X-Google-Smtp-Source: AGHT+IFWl8O1V8EvLbaSYODw78xAGUkzHlb6dvUUrtcZn2Le04EZ1qs22r5iGZQhpXO5A3fVKJIwpQ== X-Received: by 2002:a17:902:ec8f:b0:1bd:f378:b1a8 with SMTP id x15-20020a170902ec8f00b001bdf378b1a8mr2449973plg.11.1692201543400; Wed, 16 Aug 2023 08:59:03 -0700 (PDT) Received: from ubuntu-Virtual-Machine.corp.microsoft.com ([2001:4898:80e8:0:e588:8d80:9ae5:5adc]) by smtp.gmail.com with ESMTPSA id h17-20020a170902f7d100b001bc930d4517sm13366973plw.42.2023.08.16.08.59.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 16 Aug 2023 08:59:03 -0700 (PDT) From: Tianyu Lan To: kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, decui@microsoft.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, daniel.lezcano@linaro.org, arnd@arndb.de, michael.h.kelley@microsoft.com Cc: Tianyu Lan , linux-arch@vger.kernel.org, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, vkuznets@redhat.com, Michael Kelley Subject: [PATCH v6 7/8] x86/hyperv: Add smp support for SEV-SNP guest Date: Wed, 16 Aug 2023 11:58:48 -0400 Message-Id: <20230816155850.1216996-8-ltykernel@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230816155850.1216996-1-ltykernel@gmail.com> References: <20230816155850.1216996-1-ltykernel@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Tianyu Lan In the AMD SEV-SNP guest, AP needs to be started up via sev es save area and Hyper-V requires to call HVCALL_START_VP hypercall to pass the gpa of sev es save area with AP's vp index and VTL(Virtual trust level) parameters. Override wakeup_secondary_cpu_64 callback with hv_snp_boot_ap. Reviewed-by: Michael Kelley Signed-off-by: Tianyu Lan --- arch/x86/hyperv/ivm.c | 138 ++++++++++++++++++++++++++++++ arch/x86/include/asm/mshyperv.h | 9 ++ arch/x86/kernel/cpu/mshyperv.c | 13 ++- include/asm-generic/hyperv-tlfs.h | 1 + 4 files changed, 159 insertions(+), 2 deletions(-) diff --git a/arch/x86/hyperv/ivm.c b/arch/x86/hyperv/ivm.c index b2b5cb19fac9..cbbd3af4c3da 100644 --- a/arch/x86/hyperv/ivm.c +++ b/arch/x86/hyperv/ivm.c @@ -18,11 +18,20 @@ #include #include #include +#include +#include +#include +#include +#include +#include =20 #ifdef CONFIG_AMD_MEM_ENCRYPT =20 #define GHCB_USAGE_HYPERV_CALL 1 =20 +static u8 ap_start_input_arg[PAGE_SIZE] __bss_decrypted __aligned(PAGE_SIZ= E); +static u8 ap_start_stack[PAGE_SIZE] __aligned(PAGE_SIZE); + union hv_ghcb { struct ghcb ghcb; struct { @@ -56,6 +65,8 @@ union hv_ghcb { } hypercall; } __packed __aligned(HV_HYP_PAGE_SIZE); =20 +static DEFINE_PER_CPU(struct sev_es_save_area *, hv_sev_vmsa); + static u16 hv_ghcb_version __ro_after_init; =20 u64 hv_ghcb_hypercall(u64 control, void *input, void *output, u32 input_si= ze) @@ -357,6 +368,133 @@ static bool hv_is_private_mmio(u64 addr) return false; } =20 +#define hv_populate_vmcb_seg(seg, gdtr_base) \ +do { \ + if (seg.selector) { \ + seg.base =3D 0; \ + seg.limit =3D HV_AP_SEGMENT_LIMIT; \ + seg.attrib =3D *(u16 *)(gdtr_base + seg.selector + 5); \ + seg.attrib =3D (seg.attrib & 0xFF) | ((seg.attrib >> 4) & 0xF00); \ + } \ +} while (0) \ + +static int snp_set_vmsa(void *va, bool vmsa) +{ + u64 attrs; + + /* + * Running at VMPL0 allows the kernel to change the VMSA bit for a page + * using the RMPADJUST instruction. However, for the instruction to + * succeed it must target the permissions of a lesser privileged + * (higher numbered) VMPL level, so use VMPL1 (refer to the RMPADJUST + * instruction in the AMD64 APM Volume 3). + */ + attrs =3D 1; + if (vmsa) + attrs |=3D RMPADJUST_VMSA_PAGE_BIT; + + return rmpadjust((unsigned long)va, RMP_PG_SIZE_4K, attrs); +} + +static void snp_cleanup_vmsa(struct sev_es_save_area *vmsa) +{ + int err; + + err =3D snp_set_vmsa(vmsa, false); + if (err) + pr_err("clear VMSA page failed (%u), leaking page\n", err); + else + free_page((unsigned long)vmsa); +} + +int hv_snp_boot_ap(int cpu, unsigned long start_ip) +{ + struct sev_es_save_area *vmsa =3D (struct sev_es_save_area *) + __get_free_page(GFP_KERNEL | __GFP_ZERO); + struct sev_es_save_area *cur_vmsa; + struct desc_ptr gdtr; + u64 ret, retry =3D 5; + struct hv_enable_vp_vtl *start_vp_input; + unsigned long flags; + + if (!vmsa) + return -ENOMEM; + + native_store_gdt(&gdtr); + + vmsa->gdtr.base =3D gdtr.address; + vmsa->gdtr.limit =3D gdtr.size; + + asm volatile("movl %%es, %%eax;" : "=3Da" (vmsa->es.selector)); + hv_populate_vmcb_seg(vmsa->es, vmsa->gdtr.base); + + asm volatile("movl %%cs, %%eax;" : "=3Da" (vmsa->cs.selector)); + hv_populate_vmcb_seg(vmsa->cs, vmsa->gdtr.base); + + asm volatile("movl %%ss, %%eax;" : "=3Da" (vmsa->ss.selector)); + hv_populate_vmcb_seg(vmsa->ss, vmsa->gdtr.base); + + asm volatile("movl %%ds, %%eax;" : "=3Da" (vmsa->ds.selector)); + hv_populate_vmcb_seg(vmsa->ds, vmsa->gdtr.base); + + vmsa->efer =3D native_read_msr(MSR_EFER); + + asm volatile("movq %%cr4, %%rax;" : "=3Da" (vmsa->cr4)); + asm volatile("movq %%cr3, %%rax;" : "=3Da" (vmsa->cr3)); + asm volatile("movq %%cr0, %%rax;" : "=3Da" (vmsa->cr0)); + + vmsa->xcr0 =3D 1; + vmsa->g_pat =3D HV_AP_INIT_GPAT_DEFAULT; + vmsa->rip =3D (u64)secondary_startup_64_no_verify; + vmsa->rsp =3D (u64)&ap_start_stack[PAGE_SIZE]; + + /* + * Set the SNP-specific fields for this VMSA: + * VMPL level + * SEV_FEATURES (matches the SEV STATUS MSR right shifted 2 bits) + */ + vmsa->vmpl =3D 0; + vmsa->sev_features =3D sev_status >> 2; + + ret =3D snp_set_vmsa(vmsa, true); + if (!ret) { + pr_err("RMPADJUST(%llx) failed: %llx\n", (u64)vmsa, ret); + free_page((u64)vmsa); + return ret; + } + + local_irq_save(flags); + start_vp_input =3D (struct hv_enable_vp_vtl *)ap_start_input_arg; + memset(start_vp_input, 0, sizeof(*start_vp_input)); + start_vp_input->partition_id =3D -1; + start_vp_input->vp_index =3D cpu; + start_vp_input->target_vtl.target_vtl =3D ms_hyperv.vtl; + *(u64 *)&start_vp_input->vp_context =3D __pa(vmsa) | 1; + + do { + ret =3D hv_do_hypercall(HVCALL_START_VP, + start_vp_input, NULL); + } while (hv_result(ret) =3D=3D HV_STATUS_TIME_OUT && retry--); + + local_irq_restore(flags); + + if (!hv_result_success(ret)) { + pr_err("HvCallStartVirtualProcessor failed: %llx\n", ret); + snp_cleanup_vmsa(vmsa); + vmsa =3D NULL; + } + + cur_vmsa =3D per_cpu(hv_sev_vmsa, cpu); + /* Free up any previous VMSA page */ + if (cur_vmsa) + snp_cleanup_vmsa(cur_vmsa); + + /* Record the current VMSA page */ + per_cpu(hv_sev_vmsa, cpu) =3D vmsa; + + return ret; +} + void __init hv_vtom_init(void) { /* diff --git a/arch/x86/include/asm/mshyperv.h b/arch/x86/include/asm/mshyper= v.h index 8479626cd7cb..ffc419409db7 100644 --- a/arch/x86/include/asm/mshyperv.h +++ b/arch/x86/include/asm/mshyperv.h @@ -48,6 +48,13 @@ extern u64 hv_current_partition_id; =20 extern union hv_ghcb * __percpu *hv_ghcb_pg; =20 +/* + * DEFAULT INIT GPAT and SEGMENT LIMIT value in struct VMSA + * to start AP in enlightened SEV guest. + */ +#define HV_AP_INIT_GPAT_DEFAULT 0x0007040600070406ULL +#define HV_AP_SEGMENT_LIMIT 0xffffffff + int hv_call_deposit_pages(int node, u64 partition_id, u32 num_pages); int hv_call_add_logical_proc(int node, u32 lp_index, u32 acpi_id); int hv_call_create_vp(int node, u64 partition_id, u32 vp_index, u32 flags); @@ -253,12 +260,14 @@ void hv_ghcb_msr_read(u64 msr, u64 *value); bool hv_ghcb_negotiate_protocol(void); void __noreturn hv_ghcb_terminate(unsigned int set, unsigned int reason); void hv_vtom_init(void); +int hv_snp_boot_ap(int cpu, unsigned long start_ip); #else static inline void hv_ghcb_msr_write(u64 msr, u64 value) {} static inline void hv_ghcb_msr_read(u64 msr, u64 *value) {} static inline bool hv_ghcb_negotiate_protocol(void) { return false; } static inline void hv_ghcb_terminate(unsigned int set, unsigned int reason= ) {} static inline void hv_vtom_init(void) {} +static int hv_snp_boot_ap(int cpu, unsigned long start_ip) { return 0; } #endif =20 extern bool hv_isolation_type_snp(void); diff --git a/arch/x86/kernel/cpu/mshyperv.c b/arch/x86/kernel/cpu/mshyperv.c index 5398fb2f4d39..c2ccb49b49c2 100644 --- a/arch/x86/kernel/cpu/mshyperv.c +++ b/arch/x86/kernel/cpu/mshyperv.c @@ -295,6 +295,16 @@ static void __init hv_smp_prepare_cpus(unsigned int ma= x_cpus) =20 native_smp_prepare_cpus(max_cpus); =20 + /* + * Override wakeup_secondary_cpu_64 callback for SEV-SNP + * enlightened guest. + */ + if (hv_isolation_type_en_snp()) + apic->wakeup_secondary_cpu_64 =3D hv_snp_boot_ap; + + if (!hv_root_partition) + return; + #ifdef CONFIG_X86_64 for_each_present_cpu(i) { if (i =3D=3D 0) @@ -502,8 +512,7 @@ static void __init ms_hyperv_init_platform(void) =20 # ifdef CONFIG_SMP smp_ops.smp_prepare_boot_cpu =3D hv_smp_prepare_boot_cpu; - if (hv_root_partition) - smp_ops.smp_prepare_cpus =3D hv_smp_prepare_cpus; + smp_ops.smp_prepare_cpus =3D hv_smp_prepare_cpus; # endif =20 /* diff --git a/include/asm-generic/hyperv-tlfs.h b/include/asm-generic/hyperv= -tlfs.h index f4e4cc4f965f..fdac4a1714ec 100644 --- a/include/asm-generic/hyperv-tlfs.h +++ b/include/asm-generic/hyperv-tlfs.h @@ -223,6 +223,7 @@ enum HV_GENERIC_SET_FORMAT { #define HV_STATUS_INVALID_PORT_ID 17 #define HV_STATUS_INVALID_CONNECTION_ID 18 #define HV_STATUS_INSUFFICIENT_BUFFERS 19 +#define HV_STATUS_TIME_OUT 120 #define HV_STATUS_VTL_ALREADY_ENABLED 134 =20 /* --=20 2.25.1 From nobody Wed Dec 17 20:55:20 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id E92D1C25B5C for ; Wed, 16 Aug 2023 16:00:10 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1344511AbjHPP7j (ORCPT ); Wed, 16 Aug 2023 11:59:39 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57220 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1344518AbjHPP7S (ORCPT ); Wed, 16 Aug 2023 11:59:18 -0400 Received: from mail-pl1-x62f.google.com (mail-pl1-x62f.google.com [IPv6:2607:f8b0:4864:20::62f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3C0E72D4B; Wed, 16 Aug 2023 08:59:05 -0700 (PDT) Received: by mail-pl1-x62f.google.com with SMTP id d9443c01a7336-1bf078d5f33so2084575ad.3; Wed, 16 Aug 2023 08:59:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1692201544; x=1692806344; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Oyq9KI3NurUC1G8S0DuY90VVqt2QiudPjei5bx+xe8I=; b=fn+7szNFLJ7B2fCHmXj5A4B26YXulifd8l00n5xECuLXlR17RuT0pUyQCeu+hgdOyZ mSr8sqlY8jlKb8nfNMQsuodtAhmfxO6kcc1SQhj07kOEO/rXiJGyCb6fBuIflmXAAHlp 1fJo36kOa1d4EliCgoanxELBXZiPJWQQCQ3jrVRAM0gGdusUlbENb2punRgWE9M6kead j96dhPuTzsgk7ip81LZo1j6LKAx+5vbNLBzpOy/ygQccZDnmw9dyqYWI7tjjXGUG648A JaRJvIInTc/1nohyw0NEn9lur76Aharvhk8tA3m5vPFhkskPbsioSTFmxuGW+ZmU8lAg Q7zw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1692201544; x=1692806344; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Oyq9KI3NurUC1G8S0DuY90VVqt2QiudPjei5bx+xe8I=; b=ckEhQGDO1Mx0KiOy2ZkQTaR1Wz6dQS6+0p3F0vdQYKx9YvJg4jkuLCO0yeUVt6kWIP Mp5kk5sw1AtSzIRDUEaWk8zmA+Z1rA2Jl3R1CIIS4NMkd2TcCMZwSm9kPZOBgg1fsYO+ Iwm/q49jqg5sqYzANARtOd6MOa3MwPCcRpbp1iZJub55iItGGisFTy/OEt0jdKeFPJv9 j/dIgZFzlyATOQ2CrhuJRQOnrkzQ6s58PKFZ99M1RqA6zr+H6NPUSVAAr2rvBQwsoQ5h +G1uTkh7XBsNzljLh2SzCcUPoPpuZFgi3TaP4lDvIEvbwPlEvFW/Yq6iBnajaR4cpP6U r62A== X-Gm-Message-State: AOJu0YwNesamHm/eSgiOJZ60kFZEhrd/Gx0DX/gv8dS7Pg6BDLrcuxMt 5MMTjIqR5CeIKiWQaMANwso= X-Google-Smtp-Source: AGHT+IGPm8/54I+WSetL6xPW3f3htkirKcOG2+oU3Oqcm4g01axknIbIaWIbfIb1hwrIskZZicQ0qw== X-Received: by 2002:a17:902:bd89:b0:1bb:77a2:edda with SMTP id q9-20020a170902bd8900b001bb77a2eddamr2150365pls.36.1692201544645; Wed, 16 Aug 2023 08:59:04 -0700 (PDT) Received: from ubuntu-Virtual-Machine.corp.microsoft.com ([2001:4898:80e8:0:e588:8d80:9ae5:5adc]) by smtp.gmail.com with ESMTPSA id h17-20020a170902f7d100b001bc930d4517sm13366973plw.42.2023.08.16.08.59.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 16 Aug 2023 08:59:04 -0700 (PDT) From: Tianyu Lan To: kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, decui@microsoft.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, daniel.lezcano@linaro.org, arnd@arndb.de, michael.h.kelley@microsoft.com Cc: Tianyu Lan , linux-arch@vger.kernel.org, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, vkuznets@redhat.com, Michael Kelley Subject: [PATCH v6 8/8] x86/hyperv: Add hyperv-specific handling for VMMCALL under SEV-ES Date: Wed, 16 Aug 2023 11:58:49 -0400 Message-Id: <20230816155850.1216996-9-ltykernel@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230816155850.1216996-1-ltykernel@gmail.com> References: <20230816155850.1216996-1-ltykernel@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Tianyu Lan Add Hyperv-specific handling for faults caused by VMMCALL instructions. Reviewed-by: Michael Kelley Signed-off-by: Tianyu Lan Reviewed-by: Dexuan Cui --- arch/x86/kernel/cpu/mshyperv.c | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/arch/x86/kernel/cpu/mshyperv.c b/arch/x86/kernel/cpu/mshyperv.c index c2ccb49b49c2..b7d73f3107c6 100644 --- a/arch/x86/kernel/cpu/mshyperv.c +++ b/arch/x86/kernel/cpu/mshyperv.c @@ -32,6 +32,7 @@ #include #include #include +#include =20 /* Is Linux running as the root partition? */ bool hv_root_partition; @@ -574,6 +575,22 @@ static bool __init ms_hyperv_msi_ext_dest_id(void) return eax & HYPERV_VS_PROPERTIES_EAX_EXTENDED_IOAPIC_RTE; } =20 +#ifdef CONFIG_AMD_MEM_ENCRYPT +static void hv_sev_es_hcall_prepare(struct ghcb *ghcb, struct pt_regs *reg= s) +{ + /* RAX and CPL are already in the GHCB */ + ghcb_set_rcx(ghcb, regs->cx); + ghcb_set_rdx(ghcb, regs->dx); + ghcb_set_r8(ghcb, regs->r8); +} + +static bool hv_sev_es_hcall_finish(struct ghcb *ghcb, struct pt_regs *regs) +{ + /* No checking of the return state needed */ + return true; +} +#endif + const __initconst struct hypervisor_x86 x86_hyper_ms_hyperv =3D { .name =3D "Microsoft Hyper-V", .detect =3D ms_hyperv_platform, @@ -581,4 +598,8 @@ const __initconst struct hypervisor_x86 x86_hyper_ms_hy= perv =3D { .init.x2apic_available =3D ms_hyperv_x2apic_available, .init.msi_ext_dest_id =3D ms_hyperv_msi_ext_dest_id, .init.init_platform =3D ms_hyperv_init_platform, +#ifdef CONFIG_AMD_MEM_ENCRYPT + .runtime.sev_es_hcall_prepare =3D hv_sev_es_hcall_prepare, + .runtime.sev_es_hcall_finish =3D hv_sev_es_hcall_finish, +#endif }; --=20 2.25.1