From nobody Sat Oct  4 05:01:23 2025
Received: from mail-pf1-f201.google.com (mail-pf1-f201.google.com
 [209.85.210.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 32B582749D7
	for <linux-kernel@vger.kernel.org>; Tue, 19 Aug 2025 23:48:42 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.210.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1755647323; cv=none;
 b=M3wsrQi79VSY3PjyP9F8IHdLys0k2kIijIyNPs7+RtRJmd3EN1C1EVWbr0n0qFb/Rf1eXqrjDTkXuKt56BfZEkLT6u7RgX8AbuNyS2s3rjCzNJ+9Mc/+ecGyeuDm6UGxvXF5KWMlJF1YdldRHYg0cZbRphqCDlzyNikfwcJM258=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1755647323; c=relaxed/simple;
	bh=adx+8BVJXD6hnpBoSfGexmnW5fT1Mhc9heYL8oa7iek=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=UQP4zKL4vH9jKJsKaAKDuPTtZKnuTKdrNINR7iFxvgWYH9ikReIugklPulhMMTokTUWNk+jBj2UdqGhyl0k8Ym5Y6Zps1mja3p/kBuxNmXIl4Wz7Vouw0EASIh1aO4wbfreQPUKAa7AXJpsSAn5hPhhfedOTvGEGxWUPYmkYk2E=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=tuEIR0bH; arc=none smtp.client-ip=209.85.210.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="tuEIR0bH"
Received: by mail-pf1-f201.google.com with SMTP id
 d2e1a72fcca58-76e2e9a98b4so333629b3a.1
        for <linux-kernel@vger.kernel.org>;
 Tue, 19 Aug 2025 16:48:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1755647321; x=1756252121;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=7/h4Lzi5fzI0qBE6eX0TONREqZIKaotMYznXSY25UL4=;
        b=tuEIR0bHsvYEvXhsTVqmoZ4BrBDhuYyb3V/966NSZyvhrbUNa+AU5UDJwuzF0fmT43
         SofyKHc4lAJQIxYqb/Z6L31Hju+CJxMhi3kgqaL92nhCPrXUqHQZ0yniH4DjKmQVJvhb
         lUvok0eRZw77MEQ8SmLdJJZ/E9P5wWUIQoahoVFShYSra3BS3pRNEZ9ftdN+v2Xd/Co9
         Lm99INfoRzO9D7jhLty1mJdTGJIGclUn/GbcjuOKrGcDnYZmBQYvNfRRHkOuWgj74nnt
         IowtIzZrBXgQcnY1/IjQIvW1hvXAg/7l3asamFGooPeacuOZs22CxJobuUujmV95iIVn
         gEWA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1755647321; x=1756252121;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=7/h4Lzi5fzI0qBE6eX0TONREqZIKaotMYznXSY25UL4=;
        b=Ycc8e0yOoMzYLEp3ZGl2uKlJDvzQzkRVRehMsGAh6TEFXubDg5bnM83lx0E2Upo7kk
         zE4Czsm1D7OgetWyo3KFhHGVfr9xsD4zz5sLhS0c1NBOXBTdU4OupzEHQi2Ofr8pCg/8
         hdsJ4CjewbTSwQnmwgBzkMomFmIVdLV6Sy+vqgGXt+vnqZWbGnJrI50ss3zH35si2la6
         YWmkL1sSepA3tVrrgb/1bi3AtT+xq46ajw2ZdmkjRMN7VZL9vl9aC/eutzxUYCOJJqs9
         KBY1xiI4K1bbU8HcpQ1LShfQxL3T4DOC2HH7ucGZtpQ6rtGJi438KRzTeHOVgdsoJbo5
         Wr8w==
X-Forwarded-Encrypted: i=1;
 AJvYcCVHHAXEn1a87pqs2coInnrOA8N5IPQahCGdy0b9Q36Njk5gyeNcEHgWQSSrrO+M//jd/gaH88LXaJud4/o=@vger.kernel.org
X-Gm-Message-State: AOJu0YyJBgToRkd5xJvLk9iVOObldXAW9QhkeU48M6rXzou28eQ8C6M3
	CaEDx67FGFGoIBy6APUOX1+isSdZxoJ2JfP+gjLNyFftosFrPDj4+8GUzBl0KIKU5okSNeD/c/B
	D/H08qg==
X-Google-Smtp-Source: 
 AGHT+IGsqRabeQMqnGpLC270nNFX58626EJ3YMIELyl5iaczf7AIU8BO4Ll9FDhsNkRVMfrkARD0dI/rJ8Q=
X-Received: from pflr27.prod.google.com ([2002:aa7:989b:0:b0:748:fc2e:e489])
 (user=seanjc job=prod-delivery.src-stubby-dispatcher) by
 2002:aa7:8893:0:b0:748:a0b9:f873
 with SMTP id d2e1a72fcca58-76e8d7a3ba9mr1464991b3a.9.1755647321323; Tue, 19
 Aug 2025 16:48:41 -0700 (PDT)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Tue, 19 Aug 2025 16:48:26 -0700
In-Reply-To: <20250819234833.3080255-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250819234833.3080255-1-seanjc@google.com>
X-Mailer: git-send-email 2.51.0.rc1.167.g924127e9c0-goog
Message-ID: <20250819234833.3080255-2-seanjc@google.com>
Subject: [PATCH v11 1/8] KVM: SEV: Drop GHCB_VERSION_DEFAULT and open code it
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
	Thomas Lendacky <thomas.lendacky@amd.com>,
 Michael Roth <michael.roth@amd.com>,
	Nikunj A Dadhania <nikunj@amd.com>, Borislav Petkov <bp@alien8.de>,
	Vaishali Thakkar <vaishali.thakkar@suse.com>,
 Ketan Chaturvedi <Ketan.Chaturvedi@amd.com>,
	Kai Huang <kai.huang@intel.com>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Nikunj A Dadhania <nikunj@amd.com>

Remove the GHCB_VERSION_DEFAULT macro and open code it with '2'. The macro
is used conditionally and is not a true default. KVM ABI does not
advertise/emumerates the default GHCB version. Any future change to this
macro would silently alter the ABI and potentially break existing
deployments that rely on the current behavior.

Additionally, move the GHCB version assignment earlier in the code flow and
update the comment to clarify that KVM_SEV_INIT2 defaults to version 2,
while KVM_SEV_INIT forces version 1.

No functional change intended.

Cc: Thomas Lendacky <thomas.lendacky@amd.com>
Cc: Michael Roth <michael.roth@amd.com>
Suggested-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Nikunj A Dadhania <nikunj@amd.com>
Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 arch/x86/kvm/svm/sev.c | 17 ++++++++---------
 1 file changed, 8 insertions(+), 9 deletions(-)

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index 2fbdebf79fbb..212f790eedd4 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -37,7 +37,6 @@
 #include "trace.h"
=20
 #define GHCB_VERSION_MAX	2ULL
-#define GHCB_VERSION_DEFAULT	2ULL
 #define GHCB_VERSION_MIN	1ULL
=20
 #define GHCB_HV_FT_SUPPORTED	(GHCB_HV_FT_SNP | GHCB_HV_FT_SNP_AP_CREATION)
@@ -421,6 +420,14 @@ static int __sev_guest_init(struct kvm *kvm, struct kv=
m_sev_cmd *argp,
 	if (data->ghcb_version > GHCB_VERSION_MAX || (!es_active && data->ghcb_ve=
rsion))
 		return -EINVAL;
=20
+	/*
+	 * KVM supports the full range of mandatory features defined by version
+	 * 2 of the GHCB protocol, so default to that for SEV-ES guests created
+	 * via KVM_SEV_INIT2 (KVM_SEV_INIT forces version 1).
+	 */
+	if (es_active && !data->ghcb_version)
+		data->ghcb_version =3D 2;
+
 	if (unlikely(sev->active))
 		return -EINVAL;
=20
@@ -429,14 +436,6 @@ static int __sev_guest_init(struct kvm *kvm, struct kv=
m_sev_cmd *argp,
 	sev->vmsa_features =3D data->vmsa_features;
 	sev->ghcb_version =3D data->ghcb_version;
=20
-	/*
-	 * Currently KVM supports the full range of mandatory features defined
-	 * by version 2 of the GHCB protocol, so default to that for SEV-ES
-	 * guests created via KVM_SEV_INIT2.
-	 */
-	if (sev->es_active && !sev->ghcb_version)
-		sev->ghcb_version =3D GHCB_VERSION_DEFAULT;
-
 	if (vm_type =3D=3D KVM_X86_SNP_VM)
 		sev->vmsa_features |=3D SVM_SEV_FEAT_SNP_ACTIVE;
=20
--=20
2.51.0.rc1.167.g924127e9c0-goog
From nobody Sat Oct  4 05:01:23 2025
Received: from mail-pl1-f202.google.com (mail-pl1-f202.google.com
 [209.85.214.202])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id DA4A4275AFA
	for <linux-kernel@vger.kernel.org>; Tue, 19 Aug 2025 23:48:43 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.214.202
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1755647325; cv=none;
 b=R6Tc0oa1dtoimuW7pcxJA6aocRajexGcBhIpOy6SI77t8sKSC7uwUQSHEdVinEQ1PNFiNq0azrAwNY8biZOLUZSNLeqcpSEqVn4FNsWDgnCKuRGxY7IuhlpBAQWTYPiv7Ebx/aXDlGg7pCJaO11UBWRucrXxFzcYAv3Q394eBoI=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1755647325; c=relaxed/simple;
	bh=mmU8zygcUZCUXFONTWyt6rEvP+1h9unYkwdpbTDHFbs=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=cQ/sWu8Y3ligNK7HFyqUsTwomLma+Y9hPsWDKM74d1v3Qq9wGUYPem6alCChUjPbHPPL10ZVibj9Svt/F0vN/8I7CuFu9/7otp5GELLvMiZoe64zDZU5WhEmVrHfDS2o06JKidt1qJZAr574b5TxM8eZVsGHBrQcQEeECsGAGdI=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=SwyH85sN; arc=none smtp.client-ip=209.85.214.202
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="SwyH85sN"
Received: by mail-pl1-f202.google.com with SMTP id
 d9443c01a7336-244581953b8so71036245ad.2
        for <linux-kernel@vger.kernel.org>;
 Tue, 19 Aug 2025 16:48:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1755647323; x=1756252123;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=VoTBCaXY3tsMquNWLPxjI77aenMDU1kT0Y5i5aPfTX4=;
        b=SwyH85sNjLNGVm9VmrA9pQzN4nAeA/VJtlN+T1tnj4DE62muGfH5gXY4an1pwXaIY1
         TdDfikjQs/5oA/w3aWU/kGCH9qeQ7E51ziqbzWxKIhMZOGhBfpjivsO9uQ5RnGM17Z0f
         whv2mO8KlwNbMIbvT7LJ8UVzilLriWw41z+40WmgbqAyln/aL7kkz02dVyBouca5XbZC
         FqVEP34ItNPTCZkMbAHM0sEgF1QFjlFsWSgYD/WnkHf7eWamIJnaWucqERpI1J1d36W0
         9zt4Nnfn0JZlDfyDgY7G7ZEVoBLb4lzNpSVS2DkEjgZwAgAs51As4ywM8TF0oG1pmmPi
         xewA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1755647323; x=1756252123;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=VoTBCaXY3tsMquNWLPxjI77aenMDU1kT0Y5i5aPfTX4=;
        b=AV79vLn9JSzXz5sJqnakXzHZY94NlJ69RxFnli4Smuq9kfSDsyw8qphw4fTy+aR8sZ
         OSCslyqjBDfskrh8s5Rg7eU8s74IhVpEBu1A9Ru17ntP8cYVnWQdM4t/XS/yysunH37P
         aQN617/OXTh1yieRjwVbKAvSwuWZYM3aTJVL9R+liX1usGUQAHXj+ItoJFP4InmnwmJ0
         cqiXSr43RyV2nKPAJmUfzMPxoSzBWqiyalui3g+PpcXN9//LdUu9UucV8iyOskf1I57J
         GgsgatiRm+ws7G6MQYWpBi6U4/ChcJJbh023gj31FHZf+6aOfCbzwZEtmN66JuUXlhwa
         MKGQ==
X-Forwarded-Encrypted: i=1;
 AJvYcCUaktqdx0M+/6JfJnalvbrU2DNITuCLoc2xjKLUjp7XfTyEGcGHoJvv/K3E/aQC1Ch7C0AN1nFLDeDHpqw=@vger.kernel.org
X-Gm-Message-State: AOJu0YwbZdrsowfu+yKTb+OWVYM2s0dAbSkbDWUfwgHlz4zRgBvyy9Qw
	2TONdYMT0VihOiaYwqp6sVUAngtCBRu03yJ5NmujLxOGCSjIT2EBjCmZpyNp58vA2xEhY2hIOV9
	ct4Vx1w==
X-Google-Smtp-Source: 
 AGHT+IHz6Nf29rgTStJH3LOOvkrvfJrg7KYd0YUyoNhZKV5AL3xY0E8ZF53ljkG7owqmAXeO9+/vk7Qe/eA=
X-Received: from plbma16.prod.google.com ([2002:a17:903:950:b0:242:fe5c:e0f])
 (user=seanjc job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:902:ccce:b0:240:2e93:8a9a
 with SMTP id d9443c01a7336-245ef269392mr7253585ad.42.1755647323253; Tue, 19
 Aug 2025 16:48:43 -0700 (PDT)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Tue, 19 Aug 2025 16:48:27 -0700
In-Reply-To: <20250819234833.3080255-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250819234833.3080255-1-seanjc@google.com>
X-Mailer: git-send-email 2.51.0.rc1.167.g924127e9c0-goog
Message-ID: <20250819234833.3080255-3-seanjc@google.com>
Subject: [PATCH v11 2/8] KVM: SEV: Enforce minimum GHCB version requirement
 for SEV-SNP guests
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
	Thomas Lendacky <thomas.lendacky@amd.com>,
 Michael Roth <michael.roth@amd.com>,
	Nikunj A Dadhania <nikunj@amd.com>, Borislav Petkov <bp@alien8.de>,
	Vaishali Thakkar <vaishali.thakkar@suse.com>,
 Ketan Chaturvedi <Ketan.Chaturvedi@amd.com>,
	Kai Huang <kai.huang@intel.com>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Nikunj A Dadhania <nikunj@amd.com>

Require a minimum GHCB version of 2 when starting SEV-SNP guests through
KVM_SEV_INIT2. When a VMM attempts to start an SEV-SNP guest with an
incompatible GHCB version (less than 2), reject the request early rather
than allowing the guest kernel to start with an incorrect protocol version
and fail later with GHCB_SNP_UNSUPPORTED guest termination.

Not enforcing the minimum version typically causes the guest to request
termination with GHCB_SNP_UNSUPPORTED error code:

  kvm_amd: SEV-ES guest requested termination: 0x0:0x2

Fixes: 4af663c2f64a ("KVM: SEV: Allow per-guest configuration of GHCB proto=
col version")
Cc: Thomas Lendacky <thomas.lendacky@amd.com>
Cc: Sean Christopherson <seanjc@google.com>
Cc: Michael Roth <michael.roth@amd.com>
Signed-off-by: Nikunj A Dadhania <nikunj@amd.com>
Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 arch/x86/kvm/svm/sev.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index 212f790eedd4..e88dce598785 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -405,6 +405,7 @@ static int __sev_guest_init(struct kvm *kvm, struct kvm=
_sev_cmd *argp,
 	struct kvm_sev_info *sev =3D to_kvm_sev_info(kvm);
 	struct sev_platform_init_args init_args =3D {0};
 	bool es_active =3D vm_type !=3D KVM_X86_SEV_VM;
+	bool snp_active =3D vm_type =3D=3D KVM_X86_SNP_VM;
 	u64 valid_vmsa_features =3D es_active ? sev_supported_vmsa_features : 0;
 	int ret;
=20
@@ -428,6 +429,9 @@ static int __sev_guest_init(struct kvm *kvm, struct kvm=
_sev_cmd *argp,
 	if (es_active && !data->ghcb_version)
 		data->ghcb_version =3D 2;
=20
+	if (snp_active && data->ghcb_version < 2)
+		return -EINVAL;
+
 	if (unlikely(sev->active))
 		return -EINVAL;
=20
@@ -436,7 +440,7 @@ static int __sev_guest_init(struct kvm *kvm, struct kvm=
_sev_cmd *argp,
 	sev->vmsa_features =3D data->vmsa_features;
 	sev->ghcb_version =3D data->ghcb_version;
=20
-	if (vm_type =3D=3D KVM_X86_SNP_VM)
+	if (snp_active)
 		sev->vmsa_features |=3D SVM_SEV_FEAT_SNP_ACTIVE;
=20
 	ret =3D sev_asid_new(sev);
@@ -454,7 +458,7 @@ static int __sev_guest_init(struct kvm *kvm, struct kvm=
_sev_cmd *argp,
 	}
=20
 	/* This needs to happen after SEV/SNP firmware initialization. */
-	if (vm_type =3D=3D KVM_X86_SNP_VM) {
+	if (snp_active) {
 		ret =3D snp_guest_req_init(kvm);
 		if (ret)
 			goto e_free;
--=20
2.51.0.rc1.167.g924127e9c0-goog
From nobody Sat Oct  4 05:01:23 2025
Received: from mail-pl1-f202.google.com (mail-pl1-f202.google.com
 [209.85.214.202])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6F36F2773EC
	for <linux-kernel@vger.kernel.org>; Tue, 19 Aug 2025 23:48:45 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.214.202
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1755647326; cv=none;
 b=Ux818i9pOGHzj+9FbfIwS7WNGfzW2lh3l6chPJU/nKFX77Ek9a/y56O89u6tvJc4kSSU8zH7taJXRBuWo2RfiSF0CGGg/d7KEyOED3cSgMSgc8sFV/Qk4c+TJ7orBZYZcaNE9lL1exfTO+gOlz/VZJpjGdXIjlekeTuhmU6ALuI=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1755647326; c=relaxed/simple;
	bh=iAOlnEDBm9bLP06d6OktV3PZy0wjZl1YCX04dPNJ5Z8=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=CZBVrfPuXmJsZ5TH4He9zk0+uG9CYzm4j+niyAf50n6h+XqNDCw9MxqPS/mwCoOJjpPkiEGpXliwiQ3JyLzMHj/1SCOTgfriryYCHZhXene1Xwn4sx86cXUjbXjXnICgOP4sbyArLc8s2I92Fj35WpdxxWm0HulcUeeEHI0p6DQ=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=bBirvKg3; arc=none smtp.client-ip=209.85.214.202
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="bBirvKg3"
Received: by mail-pl1-f202.google.com with SMTP id
 d9443c01a7336-244581950a1so67131725ad.2
        for <linux-kernel@vger.kernel.org>;
 Tue, 19 Aug 2025 16:48:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1755647325; x=1756252125;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=Sz+7s9SOsOItMaiZYOE1v1CBb6Dp1ei0pOw+46xMBUo=;
        b=bBirvKg3eg9VVDAIPS7bXEh4qIEOnFDifgCZTPtvWEBXoBhgRZowLaJmjhAhmLoXy8
         mMuoaj8zbTQkRUAwPQZP/XPDOGiyJgOVnV7uCm4NtgncBg0YZmYh3fpmrEIprc8kBadC
         vj3B11y8nFYCSTHjLhQh1mdlMdn4e/xzFbBLEbjAVR8Nn958oHPWyCB6QEw4CoboC2g5
         qC/TQ2lSCqsJKTtJD2mnYJjwmL+bdaRexpmRvvPpYGfT1WfL4hXYxolAe4w4MrTgB5p/
         PDhurbDPVFzxvSvn3Im/FY17nmFbTOdZcFUuDKQATeXsvIZlLzdnLyL/fQtbthz+zcgr
         ysAw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1755647325; x=1756252125;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=Sz+7s9SOsOItMaiZYOE1v1CBb6Dp1ei0pOw+46xMBUo=;
        b=XA5x4sYHzQ+m6VlTw++C3pOo57H5FVSMgJtB4bzmvHA9C4R/07yYdYltnSGMFAJ8Eg
         eSl3EyJySE25ms7eT4y+qODqdMmcnFcsRqVfSgDG4raudtEQ3sQ0fXp6i3YhIs2UjO+A
         yHY5aKPeKwKRUWGcRUpoiE4T0OzUe/fZGxmnHu/YVWYVOXDPE+7z6IUTiHYxFnuF7p+A
         e300G6n4a189VxJ88u23KBsdwbjkdStwm/3Rbm1oMHlNa1r0LCGbcTMcmW0pbXWN5JWT
         R6ei3HhXKlY2Z/cGBMkRfP8sW/iLeBh6ScsITu1H2hlSZhCtT8O4cO/5dyEMtDL2Cyir
         QySw==
X-Forwarded-Encrypted: i=1;
 AJvYcCWesb5Zuf8lJCjJGWXF4WtJQM48IK7VR54jrSQBwMk0nA/NJq+UwUMQ2O/cxY/IM1HhrqHGwJ8WFY2+gQM=@vger.kernel.org
X-Gm-Message-State: AOJu0Yyah3+ER0zIo3lkVqIVnUBMqL6+hMlkN4hHrGxnJ5jAHXfxEI/7
	ncuwtre7vnLVRAvQenPMCQedQ1Yil5bl0HQ4zW9NoctED/g5cv+710GNvsN93u5HXqDI92A+usp
	Gia73Hg==
X-Google-Smtp-Source: 
 AGHT+IHqJWCaN8uj3DCl8ZvW4nfBJELdUJz19xicpjBd0k390UEqs4teZPxYyhTqf/4qK1wvPcaz/cEj3PI=
X-Received: from pjl11.prod.google.com ([2002:a17:90b:2f8b:b0:313:551:ac2])
 (user=seanjc job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:903:1c8:b0:243:7cf:9bca
 with SMTP id d9443c01a7336-245ef292632mr7796995ad.55.1755647324793; Tue, 19
 Aug 2025 16:48:44 -0700 (PDT)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Tue, 19 Aug 2025 16:48:28 -0700
In-Reply-To: <20250819234833.3080255-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250819234833.3080255-1-seanjc@google.com>
X-Mailer: git-send-email 2.51.0.rc1.167.g924127e9c0-goog
Message-ID: <20250819234833.3080255-4-seanjc@google.com>
Subject: [PATCH v11 3/8] x86/cpufeatures: Add SNP Secure TSC
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
	Thomas Lendacky <thomas.lendacky@amd.com>,
 Michael Roth <michael.roth@amd.com>,
	Nikunj A Dadhania <nikunj@amd.com>, Borislav Petkov <bp@alien8.de>,
	Vaishali Thakkar <vaishali.thakkar@suse.com>,
 Ketan Chaturvedi <Ketan.Chaturvedi@amd.com>,
	Kai Huang <kai.huang@intel.com>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Nikunj A Dadhania <nikunj@amd.com>

The Secure TSC feature for SEV-SNP allows guests to securely use the RDTSC
and RDTSCP instructions, ensuring that the parameters used cannot be
altered by the hypervisor once the guest is launched. For more details,
refer to the AMD64 APM Vol 2, Section "Secure TSC".

Acked-by: Borislav Petkov (AMD) <bp@alien8.de>
Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
Tested-by: Vaishali Thakkar <vaishali.thakkar@suse.com>
Signed-off-by: Nikunj A Dadhania <nikunj@amd.com>
Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 arch/x86/include/asm/cpufeatures.h | 1 +
 1 file changed, 1 insertion(+)

diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpuf=
eatures.h
index 06fc0479a23f..f53d4943ea63 100644
--- a/arch/x86/include/asm/cpufeatures.h
+++ b/arch/x86/include/asm/cpufeatures.h
@@ -444,6 +444,7 @@
 #define X86_FEATURE_VM_PAGE_FLUSH	(19*32+ 2) /* VM Page Flush MSR is suppo=
rted */
 #define X86_FEATURE_SEV_ES		(19*32+ 3) /* "sev_es" Secure Encrypted Virtua=
lization - Encrypted State */
 #define X86_FEATURE_SEV_SNP		(19*32+ 4) /* "sev_snp" Secure Encrypted Virt=
ualization - Secure Nested Paging */
+#define X86_FEATURE_SNP_SECURE_TSC	(19*32+ 8) /* SEV-SNP Secure TSC */
 #define X86_FEATURE_V_TSC_AUX		(19*32+ 9) /* Virtual TSC_AUX */
 #define X86_FEATURE_SME_COHERENT	(19*32+10) /* hardware-enforced cache coh=
erency */
 #define X86_FEATURE_DEBUG_SWAP		(19*32+14) /* "debug_swap" SEV-ES full deb=
ug state swap support */
--=20
2.51.0.rc1.167.g924127e9c0-goog
From nobody Sat Oct  4 05:01:23 2025
Received: from mail-pg1-f202.google.com (mail-pg1-f202.google.com
 [209.85.215.202])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5A20D2797A5
	for <linux-kernel@vger.kernel.org>; Tue, 19 Aug 2025 23:48:47 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.215.202
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1755647328; cv=none;
 b=ObGlYTVuxhdss2l2MWlJKZJzQkthSuHsSrWozSDLDrFe7Up2yHmIeLx0ntIekM83zyOAlbotU7inrNq/ityMe5Qm4GEMoOf8gT/HiJuSQEdxVVVLEIze4dwEO8WUjZLAhn6yxbdZouwsCRv2sTV13z0yNmF0K06uIsOUnUl66Fc=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1755647328; c=relaxed/simple;
	bh=FcPluKbn7fbsxoTnpSjMwpR1vYDT755WKrxGXE5OKaQ=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=s0EnbQIUfS2xh7icMQ6pYTUrCuRSNVt4sedeRyf3m6SA2YqNhkP2yiTnattLE7ntMNi666wJF/hja6B48QxJznokgeRQJia8rkYelgeOzBIyvMyD0ZDwO2h+rM7cTh+2Cg2juNc0mDGsNrMc9LjQabdwCrk6e9VH7zYr1IjzFsY=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=FcffRgsz; arc=none smtp.client-ip=209.85.215.202
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="FcffRgsz"
Received: by mail-pg1-f202.google.com with SMTP id
 41be03b00d2f7-b47174bdce2so4640583a12.2
        for <linux-kernel@vger.kernel.org>;
 Tue, 19 Aug 2025 16:48:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1755647327; x=1756252127;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=RyFFXzjyaGXIBNs3lRsoNkbIXJxIWQhPU5BqdbH25nY=;
        b=FcffRgszXhmH2/L8uKXK1pLbZoEHzgV8cS8Ib0tiJpfVNmiQGwcDe2dcHdyDz7oL3K
         Ffm7UlV+vSrfB55iSVQ634sJGdYXpyGSd6bJH/lJbMqf9OvFhF7hcUL3dKzJ/5UQRNb5
         YRQlr+9w305LUQxfx37m0ZCc3MxHJiytkC8VcdcYvjooPeQvklEOhT776BJjY/avV9gv
         YAd6yABFxMuS5+zzcph3YygCyJSLxTDe8ouxU3qVX6RDgaiQuQ6SVvG4ECIp3y511eCf
         bGO014IcselqdJitoOv6gbiVytyGlJrztsLh62/Jly84/7DfZp0VMNfR/qlydN6QLiR7
         fAOg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1755647327; x=1756252127;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=RyFFXzjyaGXIBNs3lRsoNkbIXJxIWQhPU5BqdbH25nY=;
        b=WoEr3FrGcfiyJ4TytxG1ynyYyDbGfsbkw0pKOT8Pu1CN6DvzJf3oMVgQKp8roY+lTl
         PifkW+VHltNnS2+PidT/h3nANLENg+xyVvNjjuA2XOh/1uAxmwnwspFQVd85Gb7ObWql
         ICrRqwMnVhSrCsp7G+IlNPE9zzUHCb8/v2levktoSO3sGoyTMo1S/J4uxE2Lj6bYBqPE
         pojSt4I8Dx6Aa0eJzxe8uLQpmg/jVkKLLFGIiXC10lrof7yOMVao7YuXL/l01yP/dDKH
         gJIjtYlZTGBlLVe9USyudli4kHrZ/ySMACA7/zC22zPnIPm6PhGyBpbEyVzYzAVjymhL
         chBw==
X-Forwarded-Encrypted: i=1;
 AJvYcCXsrRiyf6+Vz4BpyoQlCqTCWaknX/s+it+D/SQMI57mCMeKvZN5x+Onmd8nWsZf+xJz7o2ACR0wykz6gso=@vger.kernel.org
X-Gm-Message-State: AOJu0YwjGjRPx5vEpnhnzYKdnHJdULMAxr0/FyKu1EyQ8R44mMnnVtdM
	nIY58Yraxg+g52pjdqhLMeRqjfZd8GA2s4rv9HKU1Dqin/WWUPGCwQk9SYJ1lT43Ky38VKeDbMG
	thnPZgA==
X-Google-Smtp-Source: 
 AGHT+IFYpU4aAvlqItL2NqzM8skEfb72jEGzRkIYvz4Z1AKAx5CtELrkMcEA+p2nRap26yA76sYIVwDDfks=
X-Received: from pgah12.prod.google.com
 ([2002:a05:6a02:4e8c:b0:b42:8b90:cffa])
 (user=seanjc job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6a20:4322:b0:240:3ebe:ea34
 with SMTP id adf61e73a8af0-2431b99355fmr1758843637.33.1755647326685; Tue, 19
 Aug 2025 16:48:46 -0700 (PDT)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Tue, 19 Aug 2025 16:48:29 -0700
In-Reply-To: <20250819234833.3080255-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250819234833.3080255-1-seanjc@google.com>
X-Mailer: git-send-email 2.51.0.rc1.167.g924127e9c0-goog
Message-ID: <20250819234833.3080255-5-seanjc@google.com>
Subject: [PATCH v11 4/8] KVM: SVM: Move SEV-ES VMSA allocation to a dedicated
 sev_vcpu_create() helper
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
	Thomas Lendacky <thomas.lendacky@amd.com>,
 Michael Roth <michael.roth@amd.com>,
	Nikunj A Dadhania <nikunj@amd.com>, Borislav Petkov <bp@alien8.de>,
	Vaishali Thakkar <vaishali.thakkar@suse.com>,
 Ketan Chaturvedi <Ketan.Chaturvedi@amd.com>,
	Kai Huang <kai.huang@intel.com>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Add a dedicated sev_vcpu_create() helper to allocate the VMSA page for
SEV-ES+ vCPUs, and to allow for consolidating a variety of related SEV+
code in the near future.

No functional change intended.

Signed-off-by: Sean Christopherson <seanjc@google.com>
Reviewed-by: Nikunj A Dadhania <nikunj@amd.com>
---
 arch/x86/kvm/svm/sev.c | 20 ++++++++++++++++++++
 arch/x86/kvm/svm/svm.c | 25 +++++++------------------
 arch/x86/kvm/svm/svm.h |  2 ++
 3 files changed, 29 insertions(+), 18 deletions(-)

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index e88dce598785..c17cc4eb0fe1 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -4561,6 +4561,26 @@ void sev_init_vmcb(struct vcpu_svm *svm)
 		sev_es_init_vmcb(svm);
 }
=20
+int sev_vcpu_create(struct kvm_vcpu *vcpu)
+{
+	struct vcpu_svm *svm =3D to_svm(vcpu);
+	struct page *vmsa_page;
+
+	if (!sev_es_guest(vcpu->kvm))
+		return 0;
+
+	/*
+	 * SEV-ES guests require a separate (from the VMCB) VMSA page used to
+	 * contain the encrypted register state of the guest.
+	 */
+	vmsa_page =3D snp_safe_alloc_page();
+	if (!vmsa_page)
+		return -ENOMEM;
+
+	svm->sev_es.vmsa =3D page_address(vmsa_page);
+	return 0;
+}
+
 void sev_es_vcpu_reset(struct vcpu_svm *svm)
 {
 	struct kvm_vcpu *vcpu =3D &svm->vcpu;
diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index d9931c6c4bc6..3d4c14e0244f 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -1275,7 +1275,6 @@ static int svm_vcpu_create(struct kvm_vcpu *vcpu)
 {
 	struct vcpu_svm *svm;
 	struct page *vmcb01_page;
-	struct page *vmsa_page =3D NULL;
 	int err;
=20
 	BUILD_BUG_ON(offsetof(struct vcpu_svm, vcpu) !=3D 0);
@@ -1286,24 +1285,18 @@ static int svm_vcpu_create(struct kvm_vcpu *vcpu)
 	if (!vmcb01_page)
 		goto out;
=20
-	if (sev_es_guest(vcpu->kvm)) {
-		/*
-		 * SEV-ES guests require a separate VMSA page used to contain
-		 * the encrypted register state of the guest.
-		 */
-		vmsa_page =3D snp_safe_alloc_page();
-		if (!vmsa_page)
-			goto error_free_vmcb_page;
-	}
+	err =3D sev_vcpu_create(vcpu);
+	if (err)
+		goto error_free_vmcb_page;
=20
 	err =3D avic_init_vcpu(svm);
 	if (err)
-		goto error_free_vmsa_page;
+		goto error_free_sev;
=20
 	svm->msrpm =3D svm_vcpu_alloc_msrpm();
 	if (!svm->msrpm) {
 		err =3D -ENOMEM;
-		goto error_free_vmsa_page;
+		goto error_free_sev;
 	}
=20
 	svm->x2avic_msrs_intercepted =3D true;
@@ -1312,16 +1305,12 @@ static int svm_vcpu_create(struct kvm_vcpu *vcpu)
 	svm->vmcb01.pa =3D __sme_set(page_to_pfn(vmcb01_page) << PAGE_SHIFT);
 	svm_switch_vmcb(svm, &svm->vmcb01);
=20
-	if (vmsa_page)
-		svm->sev_es.vmsa =3D page_address(vmsa_page);
-
 	svm->guest_state_loaded =3D false;
=20
 	return 0;
=20
-error_free_vmsa_page:
-	if (vmsa_page)
-		__free_page(vmsa_page);
+error_free_sev:
+	sev_free_vcpu(vcpu);
 error_free_vmcb_page:
 	__free_page(vmcb01_page);
 out:
diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h
index 58b9d168e0c8..cf2569b5451a 100644
--- a/arch/x86/kvm/svm/svm.h
+++ b/arch/x86/kvm/svm/svm.h
@@ -854,6 +854,7 @@ static inline struct page *snp_safe_alloc_page(void)
 	return snp_safe_alloc_page_node(numa_node_id(), GFP_KERNEL_ACCOUNT);
 }
=20
+int sev_vcpu_create(struct kvm_vcpu *vcpu);
 void sev_free_vcpu(struct kvm_vcpu *vcpu);
 void sev_vm_destroy(struct kvm *kvm);
 void __init sev_set_cpu_caps(void);
@@ -880,6 +881,7 @@ static inline struct page *snp_safe_alloc_page(void)
 	return snp_safe_alloc_page_node(numa_node_id(), GFP_KERNEL_ACCOUNT);
 }
=20
+static inline int sev_vcpu_create(struct kvm_vcpu *vcpu) { return 0; }
 static inline void sev_free_vcpu(struct kvm_vcpu *vcpu) {}
 static inline void sev_vm_destroy(struct kvm *kvm) {}
 static inline void __init sev_set_cpu_caps(void) {}
--=20
2.51.0.rc1.167.g924127e9c0-goog
From nobody Sat Oct  4 05:01:23 2025
Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com
 [209.85.216.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id D148E27AC45
	for <linux-kernel@vger.kernel.org>; Tue, 19 Aug 2025 23:48:48 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.216.74
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1755647330; cv=none;
 b=T8LLZAENJEpnaqjejeq3AUTd00H35Tt5QAiX2/w7HWOXIbPRYlAn/caG1KOCNDs6pTulgDALrOWWJe5iZeIiBpzrREQZBdh90QAKHzj0oqWwiXgnps4GHkPGXoxTxszl/b1uj8/Bj2xOGoaDTBmjiIVJ4HJx1Ry5crp9rG6f8/k=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1755647330; c=relaxed/simple;
	bh=EywICGUylQc6Vx3L+k+EDArBXsERNV8zdROCn6YGSyw=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=txljFmA3bGkV8ExoQiVnTrBDJudAgWrle9q0veAnfmtQ5eYyBbCrW9nhO4cH8nSpnSkLrSqx+QlIqcOMPvaOQ9fZiNvXfI+UOcq2GMYprd6uFuOCMC/j0aJr66hPrzTNTNrZ8ou4jluZV/pvYTZdC0w4V3nslSiM0K62pZfFIIA=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=BgcrTpX0; arc=none smtp.client-ip=209.85.216.74
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="BgcrTpX0"
Received: by mail-pj1-f74.google.com with SMTP id
 98e67ed59e1d1-32326779c67so5538458a91.1
        for <linux-kernel@vger.kernel.org>;
 Tue, 19 Aug 2025 16:48:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1755647328; x=1756252128;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=Gc+PJ2TL4og8c4D8zgdGDVCY0nC24ymJBTxxSCoCyM0=;
        b=BgcrTpX0xzBcHf3+1YSiWfPsxmacSdQrfZcnI+gVyQV7XeCsZH1YZc1YO1UTY256D5
         Ruk/OwWXzoyAvtsfLwNP4cx6wR8OAP1tX79/IH+11Wo2NXvxr5BbthbiIdYjAGzJlzF+
         gsJQwetdh0TA/dzfiEAT8hhRvbWYFbpQQwrgM8ZWBiK9UlLffckYSGm8HEYbBd2uKRqK
         XDc3JLZ31YT5w2azhGN6nGz/GMnFUPWFs9rGs3I1OPsMFD/XP5E5TM6Eg5yzlqyIHqAX
         QTReE5GW/fNvARSe7kUgmIqUKMl4Ez7wjzamir3Z3sF+EmehPWzNmHSEtZBQSYS8RSeI
         rv7A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1755647328; x=1756252128;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=Gc+PJ2TL4og8c4D8zgdGDVCY0nC24ymJBTxxSCoCyM0=;
        b=l0uRZ/3ZmEMGEwviEtlHFjLF9ZK7M0yQc02oGX/PVYRE5HGxMRe0x/60EJvEL/IQPV
         P4ujl4ib0owTVPhg2ctdtGwazpOvgL1GoVGES4l8LIiv3BH2mZKy/7ZFDmC8+QpDCCzk
         e4AGduNYJmRSOrsTEDLN48Kim5/oKIXw8aa4cxH6nXAr8qrknc5QUW73qWavhw7ZC2yl
         ChTT2DMrdGMdPafWlODjIMt3csoEiywDXjF4QvTb/Z9xgM0gadHeQLE90Q2/r27XybEN
         wyp5O4JfIeBcQgnnquVcuM/WcUx6syS+MWF1dgepLzr70cfHNVfGhYr46NVgmk15qMAp
         U4qg==
X-Forwarded-Encrypted: i=1;
 AJvYcCXlmPBfmVKC8ptafagP6nE4ykDsceVU8gWE7jxrru51NDjeOAqxbLBXM0NbhgFNSKQtda0belkk5pd7ln4=@vger.kernel.org
X-Gm-Message-State: AOJu0YwdePWWVUVALq1GNYsj1APFdq+ehppsAAo3fPMhnTxGlAxq3sAY
	5SXbniFH72iSxEoVNGJilu3gBBLpE0VweqYJxR6QXhWq/rGGbXMo40m5ILc9zvGy+S48uiDRgOj
	I3sXndw==
X-Google-Smtp-Source: 
 AGHT+IHW1ygu3pYsGGdMogdP1e8xi12WayvOnvCgFyKAjVx+2ZZdG+2QlKIahd2x1rrgUx1t4UTRdMaVuZQ=
X-Received: from plnd8.prod.google.com ([2002:a17:903:1988:b0:23c:7695:dcc5])
 (user=seanjc job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:903:946:b0:225:abd2:5e4b
 with SMTP id d9443c01a7336-245ef15b32bmr7515015ad.16.1755647328280; Tue, 19
 Aug 2025 16:48:48 -0700 (PDT)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Tue, 19 Aug 2025 16:48:30 -0700
In-Reply-To: <20250819234833.3080255-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250819234833.3080255-1-seanjc@google.com>
X-Mailer: git-send-email 2.51.0.rc1.167.g924127e9c0-goog
Message-ID: <20250819234833.3080255-6-seanjc@google.com>
Subject: [PATCH v11 5/8] KVM: SEV: Move init of SNP guest state into
 sev_init_vmcb()
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
	Thomas Lendacky <thomas.lendacky@amd.com>,
 Michael Roth <michael.roth@amd.com>,
	Nikunj A Dadhania <nikunj@amd.com>, Borislav Petkov <bp@alien8.de>,
	Vaishali Thakkar <vaishali.thakkar@suse.com>,
 Ketan Chaturvedi <Ketan.Chaturvedi@amd.com>,
	Kai Huang <kai.huang@intel.com>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Move the initialization of SNP guest state from svm_vcpu_reset() into
sev_init_vmcb() to reduce the number of paths that deal with INIT/RESET
for SEV+ vCPUs from 4+ to 1.  Plumb in @init_event as necessary.

Opportunistically check for an SNP guest outside of
sev_snp_init_protected_guest_state() so that sev_init_vmcb() is consistent
with respect to checking for SEV-ES+ and SNP+ guests.

No functional change intended.

Signed-off-by: Sean Christopherson <seanjc@google.com>
Reviewed-by: Nikunj A Dadhania <nikunj@amd.com>
---
 arch/x86/kvm/svm/sev.c | 16 +++++++++-------
 arch/x86/kvm/svm/svm.c |  9 +++------
 arch/x86/kvm/svm/svm.h |  4 +---
 3 files changed, 13 insertions(+), 16 deletions(-)

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index c17cc4eb0fe1..c5726b091680 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -1975,7 +1975,7 @@ static void sev_migrate_from(struct kvm *dst_kvm, str=
uct kvm *src_kvm)
 	kvm_for_each_vcpu(i, dst_vcpu, dst_kvm) {
 		dst_svm =3D to_svm(dst_vcpu);
=20
-		sev_init_vmcb(dst_svm);
+		sev_init_vmcb(dst_svm, false);
=20
 		if (!dst->es_active)
 			continue;
@@ -3887,7 +3887,7 @@ static int snp_begin_psc(struct vcpu_svm *svm, struct=
 psc_buffer *psc)
 /*
  * Invoked as part of svm_vcpu_reset() processing of an init event.
  */
-void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu)
+static void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu)
 {
 	struct vcpu_svm *svm =3D to_svm(vcpu);
 	struct kvm_memory_slot *slot;
@@ -3895,9 +3895,6 @@ void sev_snp_init_protected_guest_state(struct kvm_vc=
pu *vcpu)
 	kvm_pfn_t pfn;
 	gfn_t gfn;
=20
-	if (!sev_snp_guest(vcpu->kvm))
-		return;
-
 	guard(mutex)(&svm->sev_es.snp_vmsa_mutex);
=20
 	if (!svm->sev_es.snp_ap_waiting_for_reset)
@@ -4546,8 +4543,10 @@ static void sev_es_init_vmcb(struct vcpu_svm *svm)
 	svm_clr_intercept(svm, INTERCEPT_XSETBV);
 }
=20
-void sev_init_vmcb(struct vcpu_svm *svm)
+void sev_init_vmcb(struct vcpu_svm *svm, bool init_event)
 {
+	struct kvm_vcpu *vcpu =3D &svm->vcpu;
+
 	svm->vmcb->control.nested_ctl |=3D SVM_NESTED_CTL_SEV_ENABLE;
 	clr_exception_intercept(svm, UD_VECTOR);
=20
@@ -4557,7 +4556,10 @@ void sev_init_vmcb(struct vcpu_svm *svm)
 	 */
 	clr_exception_intercept(svm, GP_VECTOR);
=20
-	if (sev_es_guest(svm->vcpu.kvm))
+	if (init_event && sev_snp_guest(vcpu->kvm))
+		sev_snp_init_protected_guest_state(vcpu);
+
+	if (sev_es_guest(vcpu->kvm))
 		sev_es_init_vmcb(svm);
 }
=20
diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index 3d4c14e0244f..8ed135dbd649 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -1083,7 +1083,7 @@ static void svm_recalc_intercepts_after_set_cpuid(str=
uct kvm_vcpu *vcpu)
 	svm_recalc_msr_intercepts(vcpu);
 }
=20
-static void init_vmcb(struct kvm_vcpu *vcpu)
+static void init_vmcb(struct kvm_vcpu *vcpu, bool init_event)
 {
 	struct vcpu_svm *svm =3D to_svm(vcpu);
 	struct vmcb *vmcb =3D svm->vmcb01.ptr;
@@ -1221,7 +1221,7 @@ static void init_vmcb(struct kvm_vcpu *vcpu)
 		svm_set_intercept(svm, INTERCEPT_BUSLOCK);
=20
 	if (sev_guest(vcpu->kvm))
-		sev_init_vmcb(svm);
+		sev_init_vmcb(svm, init_event);
=20
 	svm_hv_init_vmcb(vmcb);
=20
@@ -1256,10 +1256,7 @@ static void svm_vcpu_reset(struct kvm_vcpu *vcpu, bo=
ol init_event)
 	svm->spec_ctrl =3D 0;
 	svm->virt_spec_ctrl =3D 0;
=20
-	if (init_event)
-		sev_snp_init_protected_guest_state(vcpu);
-
-	init_vmcb(vcpu);
+	init_vmcb(vcpu, init_event);
=20
 	if (!init_event)
 		__svm_vcpu_reset(vcpu);
diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h
index cf2569b5451a..321480ebe62f 100644
--- a/arch/x86/kvm/svm/svm.h
+++ b/arch/x86/kvm/svm/svm.h
@@ -826,7 +826,7 @@ void avic_refresh_virtual_apic_mode(struct kvm_vcpu *vc=
pu);
 /* sev.c */
=20
 int pre_sev_run(struct vcpu_svm *svm, int cpu);
-void sev_init_vmcb(struct vcpu_svm *svm);
+void sev_init_vmcb(struct vcpu_svm *svm, bool init_event);
 void sev_vcpu_after_set_cpuid(struct vcpu_svm *svm);
 int sev_es_string_io(struct vcpu_svm *svm, int size, unsigned int port, in=
t in);
 void sev_es_vcpu_reset(struct vcpu_svm *svm);
@@ -864,7 +864,6 @@ int sev_cpu_init(struct svm_cpu_data *sd);
 int sev_dev_get_attr(u32 group, u64 attr, u64 *val);
 extern unsigned int max_sev_asid;
 void sev_handle_rmp_fault(struct kvm_vcpu *vcpu, gpa_t gpa, u64 error_code=
);
-void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu);
 int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_or=
der);
 void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end);
 int sev_private_max_mapping_level(struct kvm *kvm, kvm_pfn_t pfn);
@@ -891,7 +890,6 @@ static inline int sev_cpu_init(struct svm_cpu_data *sd)=
 { return 0; }
 static inline int sev_dev_get_attr(u32 group, u64 attr, u64 *val) { return=
 -ENXIO; }
 #define max_sev_asid 0
 static inline void sev_handle_rmp_fault(struct kvm_vcpu *vcpu, gpa_t gpa, =
u64 error_code) {}
-static inline void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcp=
u) {}
 static inline int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t g=
fn, int max_order)
 {
 	return 0;
--=20
2.51.0.rc1.167.g924127e9c0-goog
From nobody Sat Oct  4 05:01:23 2025
Received: from mail-pg1-f202.google.com (mail-pg1-f202.google.com
 [209.85.215.202])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id A4DD82D24BD
	for <linux-kernel@vger.kernel.org>; Tue, 19 Aug 2025 23:48:50 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.215.202
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1755647332; cv=none;
 b=T797yD3RejaRNxROEzdXss/rUf7CJZ4JIH2jOSU6wm2YAjmDvDz0Rs28lkvb/VDCYJft+dKQl2VwYlUGok6og09cBlO1XZpneNxzT5BhO8SaTDh08/pFwmmwSqdLv5OGSIbOk16bzd/qIo0Dhwy6wwoGoVJZWN78Ly6uCpTXEtU=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1755647332; c=relaxed/simple;
	bh=9fPRpXTZO2yXI/PNnKA2idpDZL7e+fha1bGtzAVD6Bg=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=Scs6mGCudCOXpMGHCrzO+7onAdozzlkTvQW80vTpCSiQOE9ZaCxcjEsLG199N59GFtTatH+WJTYaTF0W8mS/GwMYaxPJzDCYLrvxIL5zqXUAOf0Lb6amO6BjSrxNl0SRKu6u0bMkIjJ0xpzVV+DZHaL/AWEoXSOw6aBrp7b0lRw=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=WskXFAIp; arc=none smtp.client-ip=209.85.215.202
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="WskXFAIp"
Received: by mail-pg1-f202.google.com with SMTP id
 41be03b00d2f7-b4731a95beeso8003132a12.0
        for <linux-kernel@vger.kernel.org>;
 Tue, 19 Aug 2025 16:48:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1755647330; x=1756252130;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=OqVMINvdACt4jkEJXLjx81Yg3Bj21o74SrPjsSKAbyI=;
        b=WskXFAIpcZIidH8t1+uKWjlSKaeFvKr+veR5oVSQTzg+/iPLlPU39sxfBsGIM+JeId
         ezFpwwHxfXfMOdcNyh0MO/2q7U+IHCz1gEvLUrjllHDkMjUsCKB6cEKZ0b6GWtuOpv8b
         vkKgl0nizb27JRrq8yQC92z81Aw9yjpQKa5UDx8QySfSixyAV+qIovgW3t/lFDEj4LUD
         beuxKd0lVhpjdfAa2spsFIT2n3NYoNsEetg9SwaRM8OZ+TsEVy+XHv+SA+C1Ki38Pmkn
         m7nh/lbWqybEUf4CksMZhqhDjHJ1DfQbDMt9Lszgrl8b/f4KZfLhfVPTF/UbI4OQzPnb
         MDAA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1755647330; x=1756252130;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=OqVMINvdACt4jkEJXLjx81Yg3Bj21o74SrPjsSKAbyI=;
        b=qMjXbFa9wRk/UlxDX7CobgHOyA02K97S6rl2Pz7iZ8J6Po1b1z/Ft2+MhmLS2sj0p0
         oKb3/IZDxNpMiGkoAgdyGlqliTqy74XHenmArqpLlTpeisWhdetVFp0ZDhPB+7aKE/Kq
         rk5zIyrSjScrBkmsDT+rjiThnsWHrt42tOtV7huE2dDlWOjEoYExtpzcyXQb/rJ0d33g
         rsUUA3AFD1yBYq43l76nqnUwN27p9HWBOyq5uGhBWrRgrjWv9NWbC2T2Ace/hy+xSVsu
         A/pf1g3nWdLgrCdUDNwQJwgINrvIY0KPpaR7kx53kJYuikxw+Lqz99aNIL3x6INIqF/7
         Z+2w==
X-Forwarded-Encrypted: i=1;
 AJvYcCWzKS1SinX3eDYIOd4YN4G8hTY+MtZI26uAruMZRKKb5Kb+VnygVr+kpORHOGGlWrnv8EresQdiQDFLUQ4=@vger.kernel.org
X-Gm-Message-State: AOJu0YxuE4jgaDToJuKaKih6YjFRT+zJXuPR1Mdmg1Bn5BVuB96DnfXW
	O7ECjTcevW4wBRutA8Iwua82igKlXUqoGXCuya3ag6/WEBcYOsYJpXmSXHhzwCBn6I6iX6BzrVQ
	IPzhJbQ==
X-Google-Smtp-Source: 
 AGHT+IGQLMLAQAF+dGlRQvB0Wi/p9jHlXdkYZZaSC9+PUwdFXqoFYw8S9ETM/e2VYLS2EJ9MurtjnbpHAaA=
X-Received: from pgou3.prod.google.com ([2002:a63:b543:0:b0:b2f:1e09:528b])
 (user=seanjc job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6a20:748a:b0:240:eb5:77c6
 with SMTP id adf61e73a8af0-2431b9036d5mr1616895637.26.1755647330047; Tue, 19
 Aug 2025 16:48:50 -0700 (PDT)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Tue, 19 Aug 2025 16:48:31 -0700
In-Reply-To: <20250819234833.3080255-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250819234833.3080255-1-seanjc@google.com>
X-Mailer: git-send-email 2.51.0.rc1.167.g924127e9c0-goog
Message-ID: <20250819234833.3080255-7-seanjc@google.com>
Subject: [PATCH v11 6/8] KVM: SEV: Set RESET GHCB MSR value during
 sev_es_init_vmcb()
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
	Thomas Lendacky <thomas.lendacky@amd.com>,
 Michael Roth <michael.roth@amd.com>,
	Nikunj A Dadhania <nikunj@amd.com>, Borislav Petkov <bp@alien8.de>,
	Vaishali Thakkar <vaishali.thakkar@suse.com>,
 Ketan Chaturvedi <Ketan.Chaturvedi@amd.com>,
	Kai Huang <kai.huang@intel.com>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Set the RESET value for the GHCB "MSR" during sev_es_init_vmcb() instead
of sev_es_vcpu_reset() to allow for dropping sev_es_vcpu_reset() entirely.

Note, the call to sev_init_vmcb() from sev_migrate_from() also kinda sorta
emulates a RESET, but sev_migrate_from() immediate overwrites ghcb_gpa
with the source's current value, so whether or not stuffing the GHCB
version is correct/desirable is moot.

No functional change intended.

Signed-off-by: Sean Christopherson <seanjc@google.com>
Reviewed-by: Nikunj A Dadhania <nikunj@amd.com>
---
 arch/x86/kvm/svm/sev.c | 24 +++++++++++-------------
 1 file changed, 11 insertions(+), 13 deletions(-)

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index c5726b091680..ee7a05843548 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -4480,7 +4480,7 @@ void sev_vcpu_after_set_cpuid(struct vcpu_svm *svm)
 		vcpu->arch.reserved_gpa_bits &=3D ~(1UL << (best->ebx & 0x3f));
 }
=20
-static void sev_es_init_vmcb(struct vcpu_svm *svm)
+static void sev_es_init_vmcb(struct vcpu_svm *svm, bool init_event)
 {
 	struct kvm_sev_info *sev =3D to_kvm_sev_info(svm->vcpu.kvm);
 	struct vmcb *vmcb =3D svm->vmcb01.ptr;
@@ -4541,6 +4541,15 @@ static void sev_es_init_vmcb(struct vcpu_svm *svm)
=20
 	/* Can't intercept XSETBV, HV can't modify XCR0 directly */
 	svm_clr_intercept(svm, INTERCEPT_XSETBV);
+
+	/*
+	 * Set the GHCB MSR value as per the GHCB specification when emulating
+	 * vCPU RESET for an SEV-ES guest.
+	 */
+	if (!init_event)
+		set_ghcb_msr(svm, GHCB_MSR_SEV_INFO((__u64)sev->ghcb_version,
+						    GHCB_VERSION_MIN,
+						    sev_enc_bit));
 }
=20
 void sev_init_vmcb(struct vcpu_svm *svm, bool init_event)
@@ -4560,7 +4569,7 @@ void sev_init_vmcb(struct vcpu_svm *svm, bool init_ev=
ent)
 		sev_snp_init_protected_guest_state(vcpu);
=20
 	if (sev_es_guest(vcpu->kvm))
-		sev_es_init_vmcb(svm);
+		sev_es_init_vmcb(svm, init_event);
 }
=20
 int sev_vcpu_create(struct kvm_vcpu *vcpu)
@@ -4585,17 +4594,6 @@ int sev_vcpu_create(struct kvm_vcpu *vcpu)
=20
 void sev_es_vcpu_reset(struct vcpu_svm *svm)
 {
-	struct kvm_vcpu *vcpu =3D &svm->vcpu;
-	struct kvm_sev_info *sev =3D to_kvm_sev_info(vcpu->kvm);
-
-	/*
-	 * Set the GHCB MSR value as per the GHCB specification when emulating
-	 * vCPU RESET for an SEV-ES guest.
-	 */
-	set_ghcb_msr(svm, GHCB_MSR_SEV_INFO((__u64)sev->ghcb_version,
-					    GHCB_VERSION_MIN,
-					    sev_enc_bit));
-
 	mutex_init(&svm->sev_es.snp_vmsa_mutex);
 }
=20
--=20
2.51.0.rc1.167.g924127e9c0-goog
From nobody Sat Oct  4 05:01:23 2025
Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com
 [209.85.216.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5D2623054E3
	for <linux-kernel@vger.kernel.org>; Tue, 19 Aug 2025 23:48:52 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.216.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1755647333; cv=none;
 b=q1O3EgdAwr67rXRbYdmgjWX0LczaMmZOGlU9mTHaicEvzDB9yixHoj+81pmv7bBM6vv2w/X+eF09qfYZ2C27OjNxa1xz2uNM4vzjL0zv0R82s0WjUzI18rDXfNEOHeIw87X6BoJWZSOLONK3o2g9k5rk5KuVDdDmuQ8GeRCS08o=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1755647333; c=relaxed/simple;
	bh=lITnaRkjBJqY+s4uyQTehv1KV2HCpxGls0cZ6YtYGyw=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=tcjLVbdEy79BhOP5YTAeBmxrAKGQQF4m+dIyGn1HnTwuPU95wdL4/acKFvNQjkEh3XunPQJcqQoWBrxbpmI9vV2yV5WwoIJyycwx/AtSHlsg4R+hDNtLSd58/hJBTkdqTCs1C8ShSQ24UyQ9bJWy1azls/cqPnwLJqvPt3ckszU=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=S+LQvu5T; arc=none smtp.client-ip=209.85.216.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="S+LQvu5T"
Received: by mail-pj1-f73.google.com with SMTP id
 98e67ed59e1d1-32326e017eeso5743558a91.3
        for <linux-kernel@vger.kernel.org>;
 Tue, 19 Aug 2025 16:48:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1755647332; x=1756252132;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=Tth4gC5ORJ8LF8jN+rSvkEDxOuRgeyGlIIpPyPLGE3o=;
        b=S+LQvu5TEJaXSX9VzthtuWnAkoXsiLDWxX2XZQ3LVx+fRlJfePzvqWCR3BIkElBkGE
         oHLvY9iqDNWEZjE9MKb0uLVcXmiVqjJmj8WaLmAYSot0emU/aEZhXY6sgGtn+h0gqqxw
         yZ5vgid8yqEFizcmL/E9fYMAALpMgWXecxU6XTSm3KaMCqRDr/x+YVp6LfcihuV833dd
         OZ0JXFV+UTjfcpU/lQ3gYPw7rk8ll5ipZmpQ4dXJvcC7OiIDKFFWY0Uh0elRGWWXRd4A
         /80415ACmunSuPu6/GpU7W0xEUKzb4WL/+EkSLc7yqkRDOSyfSZDRC2HgvLwcyEqCkha
         DI9Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1755647332; x=1756252132;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=Tth4gC5ORJ8LF8jN+rSvkEDxOuRgeyGlIIpPyPLGE3o=;
        b=XolaajHBT1NxKx4+RA5N0AOfx7ByAqeG2cBTtR+CsxNI70SKux298o6QeC8Lzs6MQP
         Pf6CaEKZ/8qJyv+TFMQSaIk3F2hPsXv7YXRpE0Jy+xKkjlebloD/dzWW+T9sJe57bzZz
         AATZB72Xc59N2nS8AmRZY7lIUX1/WTrzFBkcKsRBlAMW2JA3B+y8zoTp5uTgxG+30Lrv
         BkD7iDQTLYyOIbcXZ2TaMu3hpdax0+YiBx1e9H3QD151lbjSQjrrOeA2FB2yX4BDQn0F
         JyY8aHbt6RUMIKqFqFNDsY9Pxye5qF7dCy3TY+XxFjbK1T9Cn9yP9fKEeGBR2P5hlgMJ
         7m2w==
X-Forwarded-Encrypted: i=1;
 AJvYcCXdN8ZJ44BaPV6HOI6kn7NsAOldfobeRK6tIwADqFtEK51vbc5Qzhgk5WWz7cxBPzVbK4+Ysn6FvssZ65o=@vger.kernel.org
X-Gm-Message-State: AOJu0Yyv7kz+h7AkuBytG9iGbfpfnuFVjJMGYDrglZPXqszf1S/gplZt
	JpserMJYBJ9d3UHN3lsybZmlCVk11V3Jp9xnoOuufZqYrZ/PBtVzNwHoIIb3aE4mLqSOsEKDiDl
	3JQmbmg==
X-Google-Smtp-Source: 
 AGHT+IG2cqgU08PbgqqndLfgFE9jwo7bEi262vS+JQXh7SdNHWZB2+dLGBX8Ek0J2Jlc79qXI/pkZvdeMdY=
X-Received: from pjbnc7.prod.google.com ([2002:a17:90b:37c7:b0:313:274d:3007])
 (user=seanjc job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:90b:584b:b0:31f:12d:ee4f
 with SMTP id 98e67ed59e1d1-324e1423ef4mr1131948a91.23.1755647331805; Tue, 19
 Aug 2025 16:48:51 -0700 (PDT)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Tue, 19 Aug 2025 16:48:32 -0700
In-Reply-To: <20250819234833.3080255-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250819234833.3080255-1-seanjc@google.com>
X-Mailer: git-send-email 2.51.0.rc1.167.g924127e9c0-goog
Message-ID: <20250819234833.3080255-8-seanjc@google.com>
Subject: [PATCH v11 7/8] KVM: SEV: Fold sev_es_vcpu_reset() into
 sev_vcpu_create()
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
	Thomas Lendacky <thomas.lendacky@amd.com>,
 Michael Roth <michael.roth@amd.com>,
	Nikunj A Dadhania <nikunj@amd.com>, Borislav Petkov <bp@alien8.de>,
	Vaishali Thakkar <vaishali.thakkar@suse.com>,
 Ketan Chaturvedi <Ketan.Chaturvedi@amd.com>,
	Kai Huang <kai.huang@intel.com>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Fold the remaining line of sev_es_vcpu_reset() into sev_vcpu_create() as
there's no need for a dedicated RESET hook just to init a mutex, and the
mutex should be initialized as early as possible anyways.

No functional change intended.

Signed-off-by: Sean Christopherson <seanjc@google.com>
Reviewed-by: Nikunj A Dadhania <nikunj@amd.com>
---
 arch/x86/kvm/svm/sev.c | 7 ++-----
 arch/x86/kvm/svm/svm.c | 3 ---
 arch/x86/kvm/svm/svm.h | 1 -
 3 files changed, 2 insertions(+), 9 deletions(-)

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index ee7a05843548..7d1d34e45310 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -4577,6 +4577,8 @@ int sev_vcpu_create(struct kvm_vcpu *vcpu)
 	struct vcpu_svm *svm =3D to_svm(vcpu);
 	struct page *vmsa_page;
=20
+	mutex_init(&svm->sev_es.snp_vmsa_mutex);
+
 	if (!sev_es_guest(vcpu->kvm))
 		return 0;
=20
@@ -4592,11 +4594,6 @@ int sev_vcpu_create(struct kvm_vcpu *vcpu)
 	return 0;
 }
=20
-void sev_es_vcpu_reset(struct vcpu_svm *svm)
-{
-	mutex_init(&svm->sev_es.snp_vmsa_mutex);
-}
-
 void sev_es_prepare_switch_to_guest(struct vcpu_svm *svm, struct sev_es_sa=
ve_area *hostsa)
 {
 	struct kvm *kvm =3D svm->vcpu.kvm;
diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index 8ed135dbd649..b237b4081c91 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -1244,9 +1244,6 @@ static void __svm_vcpu_reset(struct kvm_vcpu *vcpu)
=20
 	svm->nmi_masked =3D false;
 	svm->awaiting_iret_completion =3D false;
-
-	if (sev_es_guest(vcpu->kvm))
-		sev_es_vcpu_reset(svm);
 }
=20
 static void svm_vcpu_reset(struct kvm_vcpu *vcpu, bool init_event)
diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h
index 321480ebe62f..3c7f208b7935 100644
--- a/arch/x86/kvm/svm/svm.h
+++ b/arch/x86/kvm/svm/svm.h
@@ -829,7 +829,6 @@ int pre_sev_run(struct vcpu_svm *svm, int cpu);
 void sev_init_vmcb(struct vcpu_svm *svm, bool init_event);
 void sev_vcpu_after_set_cpuid(struct vcpu_svm *svm);
 int sev_es_string_io(struct vcpu_svm *svm, int size, unsigned int port, in=
t in);
-void sev_es_vcpu_reset(struct vcpu_svm *svm);
 void sev_es_recalc_msr_intercepts(struct kvm_vcpu *vcpu);
 void sev_vcpu_deliver_sipi_vector(struct kvm_vcpu *vcpu, u8 vector);
 void sev_es_prepare_switch_to_guest(struct vcpu_svm *svm, struct sev_es_sa=
ve_area *hostsa);
--=20
2.51.0.rc1.167.g924127e9c0-goog
From nobody Sat Oct  4 05:01:23 2025
Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com
 [209.85.216.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 42C6F30F521
	for <linux-kernel@vger.kernel.org>; Tue, 19 Aug 2025 23:48:54 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.216.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1755647335; cv=none;
 b=Rp2s06pwAD1wC/5lavcpfJmn3xj77GYqYR84zUY/2RjtMmvP7zd8kpVgTwivXnyeyafUTyoecLO3w4texRm0Oo605dfrTgWVrQIPss+kcXohiDC+558bjkGtBPUscTTFy5tD4ljAYzGrpBFW6hms7ulqOxO73d2oLNpKtQZnIOs=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1755647335; c=relaxed/simple;
	bh=twOwK2WrMvvYRZdg1YXAvXtBMzKrKLhmH7ohC2epAFE=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=nqYIM4aF74oypSnQhbDyc51/02P9JKN9sVwYw1gbkNxfyB2LVP7LT99zkoOD7nQvj6ZAb4GS7VibzpGSGCHazeTDSWB7GDEf3PpZXNL93HhEeQftttC6nlszldubRVaOxxbj2wh9KdeJhzCLdHhdtrTWfSKz7dObag5rx0J8bYg=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=o5cr8Y8a; arc=none smtp.client-ip=209.85.216.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="o5cr8Y8a"
Received: by mail-pj1-f73.google.com with SMTP id
 98e67ed59e1d1-32326789e09so11338723a91.1
        for <linux-kernel@vger.kernel.org>;
 Tue, 19 Aug 2025 16:48:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1755647333; x=1756252133;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=Ij5DACOGoAwmy0AYvRq4D0pO+0Fvo5ANXQA3bigBH6g=;
        b=o5cr8Y8acbh+aXc8piT6Gj4A7WQPm1rKd0akPfqo+DTqlxeS+4fytVW93TstwZ32tG
         RudCXiJWjUOhbGLdmqw6MLsSDxhOF55EdnfBv8TykyAk0JZe2tC6X6p8bgQsbnXCLuyk
         nvJg7m84gXTQMaxbNGZyOYvNqGyWOxVmtwJlGwmkebq7+4q+mG5jDF09YssdBx41kHyf
         JKVeXODIIhhGA0LpjQ+5U2sPjK530svTaBt+luQcWhGL4YXfvoTcrhu0Feh7izV+PXIv
         1oZR0NW2+d2wnWIIoZ30R9CDeQr2Y9b2BACx/MLDIf6e4073x/rPOEljrm1/rV2Ddmwz
         8x3A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1755647333; x=1756252133;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=Ij5DACOGoAwmy0AYvRq4D0pO+0Fvo5ANXQA3bigBH6g=;
        b=M9PjCEGTp9KZ0KRBr1RLrgfFjLVJ/YuS2FqsShtr/M+NFDLwg7nKoY9b5ROrtLKyxl
         uFWe/tI2hv0GYALb4gY3Yfp4Zc9wzRnw1hH1VnqSMwgFEppKC4ZKQy2IarRZljDH03ab
         R8QF+oibKg5a8U1uuPif8fMyWkuzHOs0PmrBZiZB6BIpcfQHfJKVHLV9cfDt+C2GZZ0O
         QyRlSkilyR9t6wcG+PZz/H6iGQtQAtUX0GTLqJsTvZL4/1YP3knGgviJKRP3QFps6xGk
         jDexKkoYGpyAel2JN8huXc1Yq9jxtQVardiEl2vr7MChzRGC8YqwZkl33vul1pRQ+kQ+
         kixQ==
X-Forwarded-Encrypted: i=1;
 AJvYcCUL/iSJez2cPd/N7bQ5UCDkuO33z18++jjUFsQqRY3I3XieRWFBTFO4PQvA4Df1AOiJ61ZA9KjEM8DJJE8=@vger.kernel.org
X-Gm-Message-State: AOJu0Yznsi9ompsyB0BppMtCRYiSqXtVEyfoixDwgz6V5UfaOO7rFhdk
	ZHnVc4aZAy7Oo6cjU2kmGXNDp0uvkb7UKyNreTaKRQ1l8W0QMXYQGOgxMqoONWHuhSjMZ+DY8Rp
	6WS7lmA==
X-Google-Smtp-Source: 
 AGHT+IHA4xx30YG+v08EWU8ccyD5t2BPTbFqLPfGoQIR6NxJO+YK9vs+uA2AKxNs93apEGIUcNMDkCqZGzA=
X-Received: from pjbta11.prod.google.com ([2002:a17:90b:4ecb:b0:31f:a0:fad4])
 (user=seanjc job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:90a:e710:b0:321:87fa:e1ec
 with SMTP id 98e67ed59e1d1-324e1488418mr1044517a91.34.1755647333624; Tue, 19
 Aug 2025 16:48:53 -0700 (PDT)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Tue, 19 Aug 2025 16:48:33 -0700
In-Reply-To: <20250819234833.3080255-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250819234833.3080255-1-seanjc@google.com>
X-Mailer: git-send-email 2.51.0.rc1.167.g924127e9c0-goog
Message-ID: <20250819234833.3080255-9-seanjc@google.com>
Subject: [PATCH v11 8/8] KVM: SVM: Enable Secure TSC for SNP guests
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
	Thomas Lendacky <thomas.lendacky@amd.com>,
 Michael Roth <michael.roth@amd.com>,
	Nikunj A Dadhania <nikunj@amd.com>, Borislav Petkov <bp@alien8.de>,
	Vaishali Thakkar <vaishali.thakkar@suse.com>,
 Ketan Chaturvedi <Ketan.Chaturvedi@amd.com>,
	Kai Huang <kai.huang@intel.com>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Nikunj A Dadhania <nikunj@amd.com>

Add support for Secure TSC, allowing userspace to configure the Secure TSC
feature for SNP guests. Use the SNP specification's desired TSC frequency
parameter during the SNP_LAUNCH_START command to set the mean TSC
frequency in KHz for Secure TSC enabled guests.

Always use kvm->arch.arch.default_tsc_khz as the TSC frequency that is
passed to SNP guests in the SNP_LAUNCH_START command.  The default value
is the host TSC frequency.  The userspace can optionally change the TSC
frequency via the KVM_SET_TSC_KHZ ioctl before calling the
SNP_LAUNCH_START ioctl.

Introduce the read-only MSR GUEST_TSC_FREQ (0xc0010134) that returns
guest's effective frequency in MHZ when Secure TSC is enabled for SNP
guests. Disable interception of this MSR when Secure TSC is enabled. Note
that GUEST_TSC_FREQ MSR is accessible only to the guest and not from the
hypervisor context.

Co-developed-by: Ketan Chaturvedi <Ketan.Chaturvedi@amd.com>
Signed-off-by: Ketan Chaturvedi <Ketan.Chaturvedi@amd.com>
Reviewed-by: Kai Huang <kai.huang@intel.com>
Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Nikunj A Dadhania <nikunj@amd.com>
[sean: contain Secure TSC to sev.c]
Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 arch/x86/include/asm/svm.h |  1 +
 arch/x86/kvm/svm/sev.c     | 26 ++++++++++++++++++++++++++
 2 files changed, 27 insertions(+)

diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h
index ffc27f676243..17f6c3fedeee 100644
--- a/arch/x86/include/asm/svm.h
+++ b/arch/x86/include/asm/svm.h
@@ -299,6 +299,7 @@ static_assert((X2AVIC_MAX_PHYSICAL_ID & AVIC_PHYSICAL_M=
AX_INDEX_MASK) =3D=3D X2AVIC_
 #define SVM_SEV_FEAT_RESTRICTED_INJECTION		BIT(3)
 #define SVM_SEV_FEAT_ALTERNATE_INJECTION		BIT(4)
 #define SVM_SEV_FEAT_DEBUG_SWAP				BIT(5)
+#define SVM_SEV_FEAT_SECURE_TSC				BIT(9)
=20
 #define VMCB_ALLOWED_SEV_FEATURES_VALID			BIT_ULL(63)
=20
diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index 7d1d34e45310..fb45a96e0159 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -146,6 +146,14 @@ static bool sev_vcpu_has_debug_swap(struct vcpu_svm *s=
vm)
 	return sev->vmsa_features & SVM_SEV_FEAT_DEBUG_SWAP;
 }
=20
+static bool snp_is_secure_tsc_enabled(struct kvm *kvm)
+{
+	struct kvm_sev_info *sev =3D to_kvm_sev_info(kvm);
+
+	return (sev->vmsa_features & SVM_SEV_FEAT_SECURE_TSC) &&
+	       !WARN_ON_ONCE(!sev_snp_guest(kvm));
+}
+
 /* Must be called with the sev_bitmap_lock held */
 static bool __sev_recycle_asids(unsigned int min_asid, unsigned int max_as=
id)
 {
@@ -415,6 +423,9 @@ static int __sev_guest_init(struct kvm *kvm, struct kvm=
_sev_cmd *argp,
 	if (data->flags)
 		return -EINVAL;
=20
+	if (!snp_active)
+		valid_vmsa_features &=3D ~SVM_SEV_FEAT_SECURE_TSC;
+
 	if (data->vmsa_features & ~valid_vmsa_features)
 		return -EINVAL;
=20
@@ -2195,6 +2206,12 @@ static int snp_launch_start(struct kvm *kvm, struct =
kvm_sev_cmd *argp)
=20
 	start.gctx_paddr =3D __psp_pa(sev->snp_context);
 	start.policy =3D params.policy;
+
+	if (snp_is_secure_tsc_enabled(kvm)) {
+		WARN_ON_ONCE(!kvm->arch.default_tsc_khz);
+		start.desired_tsc_khz =3D kvm->arch.default_tsc_khz;
+	}
+
 	memcpy(start.gosvw, params.gosvw, sizeof(params.gosvw));
 	rc =3D __sev_issue_cmd(argp->sev_fd, SEV_CMD_SNP_LAUNCH_START, &start, &a=
rgp->error);
 	if (rc) {
@@ -3085,6 +3102,9 @@ void __init sev_hardware_setup(void)
 	sev_supported_vmsa_features =3D 0;
 	if (sev_es_debug_swap_enabled)
 		sev_supported_vmsa_features |=3D SVM_SEV_FEAT_DEBUG_SWAP;
+
+	if (sev_snp_enabled && tsc_khz && cpu_feature_enabled(X86_FEATURE_SNP_SEC=
URE_TSC))
+		sev_supported_vmsa_features |=3D SVM_SEV_FEAT_SECURE_TSC;
 }
=20
 void sev_hardware_unsetup(void)
@@ -4452,6 +4472,9 @@ void sev_es_recalc_msr_intercepts(struct kvm_vcpu *vc=
pu)
 					  !guest_cpu_cap_has(vcpu, X86_FEATURE_RDTSCP) &&
 					  !guest_cpu_cap_has(vcpu, X86_FEATURE_RDPID));
=20
+	svm_set_intercept_for_msr(vcpu, MSR_AMD64_GUEST_TSC_FREQ, MSR_TYPE_R,
+				  !snp_is_secure_tsc_enabled(vcpu->kvm));
+
 	/*
 	 * For SEV-ES, accesses to MSR_IA32_XSS should not be intercepted if
 	 * the host/guest supports its use.
@@ -4591,6 +4614,9 @@ int sev_vcpu_create(struct kvm_vcpu *vcpu)
 		return -ENOMEM;
=20
 	svm->sev_es.vmsa =3D page_address(vmsa_page);
+
+	vcpu->arch.guest_tsc_protected =3D snp_is_secure_tsc_enabled(vcpu->kvm);
+
 	return 0;
 }
=20
--=20
2.51.0.rc1.167.g924127e9c0-goog