From nobody Fri Apr  3 08:34:56 2026
Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org
 [10.30.226.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6085931691A;
	Tue, 24 Mar 2026 19:42:00 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=10.30.226.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1774381320; cv=none;
 b=CqYw6njqZkmTN1thMkvqNO7KI2yu1tBnJBKao2PLsCof0xT8OLceFXyU/MHb6H2NJw75KUCVy5nDfu0775ZmGNd29dTcerg8R/xmfmVLroxaqoX7QXyHP0mMBajUIgNDkT7Diyak1F6/UzBHVPCI/+GOyaP9B09E58C9bSDS7kw=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1774381320; c=relaxed/simple;
	bh=uSy52ecrsDgShw6jrs/tIu/591cJxNs1LYgkMzC/Poo=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version;
 b=DvxWDBBnFIYdaqR/+lXI0s/CKX4LYHYYta93jsz4i+9fxVdGhUr/uXnoRBPRb3o8B8LumrHR7JmRMY34McI3zRQgJWtv/SnCcJPh3rpaOYFZxoxIkg0OrfcB2h3x0WpfMeJu/wpKPF0Ly54iaxVnwAhtAzmdOQLTVGIJ1Ca+Ugk=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org
 header.b=J0ARYfPe; arc=none smtp.client-ip=10.30.226.201
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org
 header.b="J0ARYfPe"
Received: by smtp.kernel.org (Postfix) with ESMTPSA id BBA3FC2BC9E;
	Tue, 24 Mar 2026 19:41:57 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1774381320;
	bh=uSy52ecrsDgShw6jrs/tIu/591cJxNs1LYgkMzC/Poo=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=J0ARYfPeRqiCWFhOuCR+rL7WX6ci2gG+MOOBIlm36LY/j+00JDI/nuWjUz95zv+5V
	 z31zil8CWmEtrG3hU0KCL0/4da5fBlb7F2+zjc/SUhjweCew73XLV406lolQmlyElN
	 WX8xNpEcLcxchpkg/kwaUxWUgvpq57KGprjKARP9TcOCEEx1vzF09Kwd7RFo6j08Dy
	 A39UYNZH4Qw/xiGwYeabFVSriU1xW+OCxpeFOWJdHb6Nn+kb/L3JLMLz+KkRd3GiAV
	 vlxFZlzLn96+bfvRl8yeTfJDl3YMye6ymD8bvHS/trf0UrHDpHdZ1VWghSwb65e0lZ
	 6H9GuKTBiZchw==
From: Tycho Andersen <tycho@kernel.org>
To: Ashish Kalra <ashish.kalra@amd.com>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	John Allen <john.allen@amd.com>,
	Herbert Xu <herbert@gondor.apana.org.au>,
	"David S. Miller" <davem@davemloft.net>,
	Sean Christopherson <seanjc@google.com>,
	Paolo Bonzini <pbonzini@redhat.com>,
	Thomas Gleixner <tglx@kernel.org>,
	Ingo Molnar <mingo@redhat.com>,
	Borislav Petkov <bp@alien8.de>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	x86@kernel.org,
	"H. Peter Anvin" <hpa@zytor.com>,
	Shuah Khan <shuah@kernel.org>
Cc: linux-crypto@vger.kernel.org,
	linux-kernel@vger.kernel.org,
	Kim Phillips <kim.phillips@amd.com>,
	Alexey Kardashevskiy <aik@amd.com>,
	"Tycho Andersen (AMD)" <tycho@kernel.org>,
	Nikunj A Dadhania <nikunj@amd.com>,
	kvm@vger.kernel.org,
	linux-kselftest@vger.kernel.org
Subject: [PATCH v2 1/5] crypto/ccp: hoist kernel part of SNP_PLATFORM_STATUS
Date: Tue, 24 Mar 2026 13:40:30 -0600
Message-ID: <20260324194034.1442133-2-tycho@kernel.org>
X-Mailer: git-send-email 2.53.0
In-Reply-To: <20260324194034.1442133-1-tycho@kernel.org>
References: <20260324194034.1442133-1-tycho@kernel.org>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: "Tycho Andersen (AMD)" <tycho@kernel.org>

...to its own function. This way it can be used when the kernel needs
access to the platform status regardless of the INIT state of the firmware.

No functional change intended.

Signed-off-by: Tycho Andersen (AMD) <tycho@kernel.org>
---
 drivers/crypto/ccp/sev-dev.c | 31 +++++++++++++++++++++++--------
 1 file changed, 23 insertions(+), 8 deletions(-)

diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index aebf4dad545e..64fc402f58df 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -2367,7 +2367,8 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_c=
md *argp, bool writable)
 	return ret;
 }
=20
-static int sev_ioctl_do_snp_platform_status(struct sev_issue_cmd *argp)
+static int __sev_do_snp_platform_status(struct sev_user_data_snp_status *s=
tatus,
+					int *error)
 {
 	struct sev_device *sev =3D psp_master->sev_data;
 	struct sev_data_snp_addr buf;
@@ -2375,9 +2376,6 @@ static int sev_ioctl_do_snp_platform_status(struct se=
v_issue_cmd *argp)
 	void *data;
 	int ret;
=20
-	if (!argp->data)
-		return -EINVAL;
-
 	status_page =3D alloc_page(GFP_KERNEL_ACCOUNT);
 	if (!status_page)
 		return -ENOMEM;
@@ -2400,7 +2398,7 @@ static int sev_ioctl_do_snp_platform_status(struct se=
v_issue_cmd *argp)
 	}
=20
 	buf.address =3D __psp_pa(data);
-	ret =3D __sev_do_cmd_locked(SEV_CMD_SNP_PLATFORM_STATUS, &buf, &argp->err=
or);
+	ret =3D __sev_do_cmd_locked(SEV_CMD_SNP_PLATFORM_STATUS, &buf, error);
=20
 	if (sev->snp_initialized) {
 		/*
@@ -2415,15 +2413,32 @@ static int sev_ioctl_do_snp_platform_status(struct =
sev_issue_cmd *argp)
 	if (ret)
 		goto cleanup;
=20
-	if (copy_to_user((void __user *)argp->data, data,
-			 sizeof(struct sev_user_data_snp_status)))
-		ret =3D -EFAULT;
+	memcpy(status, data, sizeof(*status));
=20
 cleanup:
 	__free_pages(status_page, 0);
 	return ret;
 }
=20
+static int sev_ioctl_do_snp_platform_status(struct sev_issue_cmd *argp)
+{
+	struct sev_user_data_snp_status status;
+	int ret;
+
+	if (!argp->data)
+		return -EINVAL;
+
+	ret =3D __sev_do_snp_platform_status(&status, &argp->error);
+	if (ret < 0)
+		return ret;
+
+	if (copy_to_user((void __user *)argp->data, &status,
+			 sizeof(struct sev_user_data_snp_status)))
+		ret =3D -EFAULT;
+
+	return ret;
+}
+
 static int sev_ioctl_do_snp_commit(struct sev_issue_cmd *argp)
 {
 	struct sev_device *sev =3D psp_master->sev_data;
--=20
2.53.0
From nobody Fri Apr  3 08:34:56 2026
Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org
 [10.30.226.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id DCD7731F9AE;
	Tue, 24 Mar 2026 19:42:02 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=10.30.226.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1774381322; cv=none;
 b=Ybe/hpzDmKdQtMQxRE4rZdx0ie+3q6CHfvfxKL/kBJsddCZNILBkvHV0Jg6KVUk8EoBgYMYcfRGSBO8cjqQyRyx9wuV2ZGWLPKnHLrsM6oFvN+fED7rl58bJqxdopvPREMQcDx/Q7usIHl7TzPWyLzwB5oJ62KDbrgr8tNm87yU=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1774381322; c=relaxed/simple;
	bh=EDp2PqomJ7j/PaKC37IBr/64z9hRuHXco1IUNza/j7w=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version;
 b=CxlO5Vxc5HKcd0PojYSXBnIrBzFY9Q3q/32NYIcfNPM2cRFaxNmI4ScwGxgT1sQTjgn5wAQJlzDljlW0zHN/7rox9XITeQR+zMUVH5rt9dVP3ci+OcqPVPsMIKi47lexzGKYoYOqNa5sfQ25wENkr2YZM/z/NYnELmZGk1V7QNE=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org
 header.b=TBQwnK//; arc=none smtp.client-ip=10.30.226.201
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org
 header.b="TBQwnK//"
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 429DEC2BCB2;
	Tue, 24 Mar 2026 19:42:00 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1774381322;
	bh=EDp2PqomJ7j/PaKC37IBr/64z9hRuHXco1IUNza/j7w=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=TBQwnK//oM+RnXbrzeoFI5pONhC9XR2JG96K6YLtnwhKsbDsC+CHLnOEB+OqfLOsQ
	 lW0/VBvmyjDHNueFRwk00F+cWoJtsC4E8ZvM9lvegTcdUrXTV1Nu7HorYZxycARAU6
	 N5qfVR3ZG0HsV5laIJ5TJOc1nG+oMg/2bZ/p+OkJBsI6E6iwd6ZKkNW3v+Rxuz8gMo
	 DMORGJM4CqfHhQDkr8YlYaqVB00K1HmYfsIuh7k2njJnKxX7gsq8INN5QED16tST+4
	 X3CEptoWI4rks1MOy1fiEF8gkCcfyyOmWqr/qA4S2DmH7Ae9ch+9nUfMYpRg1Yc8+d
	 WZcFBs6S1IlqQ==
From: Tycho Andersen <tycho@kernel.org>
To: Ashish Kalra <ashish.kalra@amd.com>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	John Allen <john.allen@amd.com>,
	Herbert Xu <herbert@gondor.apana.org.au>,
	"David S. Miller" <davem@davemloft.net>,
	Sean Christopherson <seanjc@google.com>,
	Paolo Bonzini <pbonzini@redhat.com>,
	Thomas Gleixner <tglx@kernel.org>,
	Ingo Molnar <mingo@redhat.com>,
	Borislav Petkov <bp@alien8.de>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	x86@kernel.org,
	"H. Peter Anvin" <hpa@zytor.com>,
	Shuah Khan <shuah@kernel.org>
Cc: linux-crypto@vger.kernel.org,
	linux-kernel@vger.kernel.org,
	Kim Phillips <kim.phillips@amd.com>,
	Alexey Kardashevskiy <aik@amd.com>,
	"Tycho Andersen (AMD)" <tycho@kernel.org>,
	Nikunj A Dadhania <nikunj@amd.com>,
	kvm@vger.kernel.org,
	linux-kselftest@vger.kernel.org
Subject: [PATCH v2 2/5] crypto/ccp: export firmware supported vm types
Date: Tue, 24 Mar 2026 13:40:31 -0600
Message-ID: <20260324194034.1442133-3-tycho@kernel.org>
X-Mailer: git-send-email 2.53.0
In-Reply-To: <20260324194034.1442133-1-tycho@kernel.org>
References: <20260324194034.1442133-1-tycho@kernel.org>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: "Tycho Andersen (AMD)" <tycho@kernel.org>

In some configurations, the firmware does not support all VM types. The SEV
firmware has an entry in the TCB_VERSION structure referred to as the
Security Version Number in the SEV-SNP firmware specification and referred
to as the "SPL" in SEV firmware release notes. The SEV firmware release
notes say:

    On every SEV firmware release where a security mitigation has been
    added, the SNP SPL gets increased by 1. This is to let users know that
    it is important to update to this version.

The SEV firmware release that fixed CVE-2025-48514 by disabling SEV-ES
support on vulnerable platforms has this SVN increased to reflect the fix.
The SVN is platform-specific, as is the structure of TCB_VERSION.

Check CURRENT_TCB instead of REPORTED_TCB, since the firmware behaves with
the CURRENT_TCB SVN level and will reject SEV-ES VMs accordingly.

Parse the SVN, and mask off the SEV_ES supported VM type from the list of
supported types if it is above the per-platform threshold for the relevant
platforms.

Signed-off-by: Tycho Andersen (AMD) <tycho@kernel.org>
---
 drivers/crypto/ccp/sev-dev.c | 70 ++++++++++++++++++++++++++++++++++++
 include/linux/psp-sev.h      | 37 +++++++++++++++++++
 2 files changed, 107 insertions(+)

diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index 64fc402f58df..1e3286c048fe 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -2940,3 +2940,73 @@ void sev_pci_exit(void)
=20
 	sev_firmware_shutdown(sev);
 }
+
+static int get_v1_svn(struct sev_device *sev)
+{
+	struct sev_snp_tcb_version_genoa_milan *tcb;
+	struct sev_user_data_snp_status status;
+	int ret, error =3D 0;
+
+	mutex_lock(&sev_cmd_mutex);
+	ret =3D __sev_do_snp_platform_status(&status, &error);
+	mutex_unlock(&sev_cmd_mutex);
+	if (ret < 0)
+		return ret;
+
+	tcb =3D (struct sev_snp_tcb_version_genoa_milan *)&status
+		      .current_tcb_version;
+	return tcb->snp;
+}
+
+static int get_v2_svn(struct sev_device *sev)
+{
+	struct sev_user_data_snp_status status;
+	struct sev_snp_tcb_version_turin *tcb;
+	int ret, error =3D 0;
+
+	mutex_lock(&sev_cmd_mutex);
+	ret =3D __sev_do_snp_platform_status(&status, &error);
+	mutex_unlock(&sev_cmd_mutex);
+	if (ret < 0)
+		return ret;
+
+	tcb =3D (struct sev_snp_tcb_version_turin *)&status
+		      .current_tcb_version;
+	return tcb->snp;
+}
+
+static bool sev_firmware_allows_es(struct sev_device *sev)
+{
+	/* Documented in AMD-SB-3023 */
+	if (boot_cpu_has(X86_FEATURE_ZEN4) || boot_cpu_has(X86_FEATURE_ZEN3))
+		return get_v1_svn(sev) < 0x1b;
+	else if (boot_cpu_has(X86_FEATURE_ZEN5))
+		return get_v2_svn(sev) < 0x4;
+	else
+		return true;
+}
+
+int sev_firmware_supported_vm_types(void)
+{
+	int supported_vm_types =3D 0;
+	struct sev_device *sev;
+
+	if (!psp_master || !psp_master->sev_data)
+		return supported_vm_types;
+	sev =3D psp_master->sev_data;
+
+	supported_vm_types |=3D BIT(KVM_X86_SEV_VM);
+	supported_vm_types |=3D BIT(KVM_X86_SEV_ES_VM);
+
+	if (!sev->snp_initialized)
+		return supported_vm_types;
+
+	supported_vm_types |=3D BIT(KVM_X86_SNP_VM);
+
+	if (!sev_firmware_allows_es(sev))
+		supported_vm_types &=3D ~BIT(KVM_X86_SEV_ES_VM);
+
+	return supported_vm_types;
+
+}
+EXPORT_SYMBOL_FOR_MODULES(sev_firmware_supported_vm_types, "kvm-amd");
diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h
index 69ffa4b4d1fa..383a682e94fd 100644
--- a/include/linux/psp-sev.h
+++ b/include/linux/psp-sev.h
@@ -899,6 +899,42 @@ struct snp_feature_info {
 /* Feature bits in EBX */
 #define SNP_SEV_TIO_SUPPORTED			BIT(1)
=20
+/**
+ * struct sev_snp_tcb_version_genoa_milan
+ *
+ * @boot_loader: SVN of PSP bootloader
+ * @tee: SVN of PSP operating system
+ * @reserved: reserved
+ * @snp: SVN of SNP firmware
+ * @microcode: Lowest current patch level of all cores
+ */
+struct sev_snp_tcb_version_genoa_milan {
+	u8 boot_loader;
+	u8 tee;
+	u8 reserved[4];
+	u8 snp;
+	u8 microcode;
+};
+
+/**
+ * struct sev_snp_tcb_version_turin
+ *
+ * @fmc: SVN of FMC firmware
+ * @boot_loader: SVN of PSP bootloader
+ * @tee: SVN of PSP operating system
+ * @snp: SVN of SNP firmware
+ * @reserved: reserved
+ * @microcode: Lowest current patch level of all cores
+ */
+struct sev_snp_tcb_version_turin {
+	u8 fmc;
+	u8 boot_loader;
+	u8 tee;
+	u8 snp;
+	u8 reserved[3];
+	u8 microcode;
+};
+
 #ifdef CONFIG_CRYPTO_DEV_SP_PSP
=20
 /**
@@ -1045,6 +1081,7 @@ void snp_free_firmware_page(void *addr);
 void sev_platform_shutdown(void);
 bool sev_is_snp_ciphertext_hiding_supported(void);
 u64 sev_get_snp_policy_bits(void);
+int sev_firmware_supported_vm_types(void);
=20
 #else	/* !CONFIG_CRYPTO_DEV_SP_PSP */
=20
--=20
2.53.0
From nobody Fri Apr  3 08:34:56 2026
Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org
 [10.30.226.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 668AE346784;
	Tue, 24 Mar 2026 19:42:05 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=10.30.226.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1774381325; cv=none;
 b=EvvOSf1NHSZC/m9wu6cVVTU+h9YP6N7WAIDYYjawG3N23UYNp4AytEWwbdwvKemltEgYUwZSyY4azv/Rj85W4pC+JbD7aI2bNCL8Cu9GdOOgfJkepju1IIHiGqEPdsvSPtCtWymLcbJeMV4nUzZyYbB/coLGY5uBf0cv3lw4wXc=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1774381325; c=relaxed/simple;
	bh=kzgfzvHh+9A5FdZ6vIUzenAJ6yzpP4p/WINlc2zceaA=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version;
 b=oe+bWRBWXaCNMRuwopj7b+giKdvemhZHej74pYbZHFgr4fi4phgJIDI5Gkv6Byv1cwEsDwEPq+J3AtlTCM5um04gcFdUoZtuJB6k9KZoueCJaJu+79sqNhl8b0X6nAjHNZCLWPf1LbBTDoLbfAmG+AD4TU6lpo4oxf3xiT4Qp7M=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org
 header.b=Q7hIS6bN; arc=none smtp.client-ip=10.30.226.201
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org
 header.b="Q7hIS6bN"
Received: by smtp.kernel.org (Postfix) with ESMTPSA id BCD78C4AF0B;
	Tue, 24 Mar 2026 19:42:02 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1774381325;
	bh=kzgfzvHh+9A5FdZ6vIUzenAJ6yzpP4p/WINlc2zceaA=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=Q7hIS6bNAPjLQGsy/ETROyZ+6UbmaXwCor2Nj9zj7jxrf2jqw4La6J4irt9CsLth2
	 HxUMxeqrHsuT2QyP0yzTaViTIJdmrUfrjjcRDlfyXfiDd28CHDnzF0VQ267XFtF+xp
	 fKsPax++nSxCeg56dfuoye7A5RpYKgKxX46jknQUqkPg0bKLKm2U/9oxNPep1U8ML7
	 LX1f610arSJrl7npBJ7CNFT7D/dRvGEXNkxh/T7iCc/eljt/xHrEacOuil3gFeSApO
	 fmPVspoRXE45TjoNLPe2sLOgur3pWPZjtVe3jy7z1Nocd5saa0A1Pq1A3iCO+YLM3U
	 k2hr2koQjYxhA==
From: Tycho Andersen <tycho@kernel.org>
To: Ashish Kalra <ashish.kalra@amd.com>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	John Allen <john.allen@amd.com>,
	Herbert Xu <herbert@gondor.apana.org.au>,
	"David S. Miller" <davem@davemloft.net>,
	Sean Christopherson <seanjc@google.com>,
	Paolo Bonzini <pbonzini@redhat.com>,
	Thomas Gleixner <tglx@kernel.org>,
	Ingo Molnar <mingo@redhat.com>,
	Borislav Petkov <bp@alien8.de>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	x86@kernel.org,
	"H. Peter Anvin" <hpa@zytor.com>,
	Shuah Khan <shuah@kernel.org>
Cc: linux-crypto@vger.kernel.org,
	linux-kernel@vger.kernel.org,
	Kim Phillips <kim.phillips@amd.com>,
	Alexey Kardashevskiy <aik@amd.com>,
	"Tycho Andersen (AMD)" <tycho@kernel.org>,
	Nikunj A Dadhania <nikunj@amd.com>,
	kvm@vger.kernel.org,
	linux-kselftest@vger.kernel.org
Subject: [PATCH v2 3/5] KVM: SEV: don't expose unusable VM types
Date: Tue, 24 Mar 2026 13:40:32 -0600
Message-ID: <20260324194034.1442133-4-tycho@kernel.org>
X-Mailer: git-send-email 2.53.0
In-Reply-To: <20260324194034.1442133-1-tycho@kernel.org>
References: <20260324194034.1442133-1-tycho@kernel.org>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: "Tycho Andersen (AMD)" <tycho@kernel.org>

Commit 0aa6b90ef9d7 ("KVM: SVM: Add support for allowing zero SEV ASIDs")
made it possible to make it impossible to use SEV VMs by not allocating
them any ASIDs.

Commit 6c7c620585c6 ("KVM: SEV: Add SEV-SNP CipherTextHiding support") did
the same thing for SEV-ES.

Do not export KVM_X86_SEV(_ES)_VM as supported types if in either of these
situations, so that userspace can use them to determine what is actually
supported by the current kernel configuration.

Also move the buildup to a local variable so it is easier to add additional
masking in future patches.

Link: https://lore.kernel.org/all/aZyLIWtffvEnmtYh@google.com/
Suggested-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Tycho Andersen (AMD) <tycho@kernel.org>
---
 arch/x86/kvm/svm/sev.c | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index 3f9c1aa39a0a..37490803f2e8 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -2957,18 +2957,26 @@ void sev_vm_destroy(struct kvm *kvm)
=20
 void __init sev_set_cpu_caps(void)
 {
+	u32 supported_vm_types =3D 0;
+
 	if (sev_enabled) {
 		kvm_cpu_cap_set(X86_FEATURE_SEV);
-		kvm_caps.supported_vm_types |=3D BIT(KVM_X86_SEV_VM);
+
+		if (min_sev_asid <=3D max_sev_asid)
+			supported_vm_types |=3D BIT(KVM_X86_SEV_VM);
 	}
 	if (sev_es_enabled) {
 		kvm_cpu_cap_set(X86_FEATURE_SEV_ES);
-		kvm_caps.supported_vm_types |=3D BIT(KVM_X86_SEV_ES_VM);
+
+		if (min_sev_es_asid <=3D max_sev_es_asid)
+			supported_vm_types |=3D BIT(KVM_X86_SEV_ES_VM);
 	}
 	if (sev_snp_enabled) {
 		kvm_cpu_cap_set(X86_FEATURE_SEV_SNP);
-		kvm_caps.supported_vm_types |=3D BIT(KVM_X86_SNP_VM);
+		supported_vm_types |=3D BIT(KVM_X86_SNP_VM);
 	}
+
+	kvm_caps.supported_vm_types |=3D supported_vm_types;
 }
=20
 static bool is_sev_snp_initialized(void)
--=20
2.53.0
From nobody Fri Apr  3 08:34:56 2026
Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org
 [10.30.226.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 991BB314D06;
	Tue, 24 Mar 2026 19:42:07 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=10.30.226.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1774381327; cv=none;
 b=MSYrTOIN0yI7v3IiGeGS8MN4qmWOW27PdR+/axCoPMRe2ciNa5ZgeFyGNPC+myj6ISinopQQiFKSnQNaIUV2gzHXm5ZnliTT5B/nYaHB9pAVFxgaqJSynt2LMbfNktEBEv3oAsyNpJXDIrVagPNiqxHMHyZeUuOJOpCZgSdGEoc=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1774381327; c=relaxed/simple;
	bh=QV7DEFMMm2/evrynUJH6jPfaDQuuOY7hg6GbMEoafZg=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version;
 b=aj+gvLfe4SiyDoITIflNYPBqICa2EKOoGVLecUA/h7xmUTQZ+r2tQQUrUJv0AOVuSVYZBDbBdJ3quXc5/q/z55yvv6hgu22HfUWGM8C9Brk0mkkI00zxjjr9hOivKLD2EFzJ4ViJvWrRz4pigRv15yrdjfnLGmJK+d+9HJ2OC74=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org
 header.b=WfZa7qBp; arc=none smtp.client-ip=10.30.226.201
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org
 header.b="WfZa7qBp"
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 450AAC2BC9E;
	Tue, 24 Mar 2026 19:42:05 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1774381327;
	bh=QV7DEFMMm2/evrynUJH6jPfaDQuuOY7hg6GbMEoafZg=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=WfZa7qBpeZZCPtJVheGFG5kyQj5vHF2KDFbQ4kesoPI6WAQ+38tUX/K7yc0J9O5bq
	 BCihssjDE4SUl1EaR4NYSqn/+WMKZ+0cNHnPVEhBN4WzFPPHAc3Kyw36TZTP4y4NfY
	 IL7x7JKNUiu1dhsKgjgf11hSJyvVUBOEi0rDweAQgOOKQKF0oSvM8qtm30oR6AFa32
	 sBnOwPqFP7PobS0xeI4yZWs5SNich0Mc/uUoH9ht+ygq7uXJynOFBnWK4OLnzox66d
	 hb7A9drCo37A5QV/CNKAZ+reC/0UORKShIsEoh/dx/uRGmUxRYf41eJ3xOhVajYik5
	 0YIzrBBqLXeGA==
From: Tycho Andersen <tycho@kernel.org>
To: Ashish Kalra <ashish.kalra@amd.com>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	John Allen <john.allen@amd.com>,
	Herbert Xu <herbert@gondor.apana.org.au>,
	"David S. Miller" <davem@davemloft.net>,
	Sean Christopherson <seanjc@google.com>,
	Paolo Bonzini <pbonzini@redhat.com>,
	Thomas Gleixner <tglx@kernel.org>,
	Ingo Molnar <mingo@redhat.com>,
	Borislav Petkov <bp@alien8.de>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	x86@kernel.org,
	"H. Peter Anvin" <hpa@zytor.com>,
	Shuah Khan <shuah@kernel.org>
Cc: linux-crypto@vger.kernel.org,
	linux-kernel@vger.kernel.org,
	Kim Phillips <kim.phillips@amd.com>,
	Alexey Kardashevskiy <aik@amd.com>,
	"Tycho Andersen (AMD)" <tycho@kernel.org>,
	Nikunj A Dadhania <nikunj@amd.com>,
	kvm@vger.kernel.org,
	linux-kselftest@vger.kernel.org
Subject: [PATCH v2 4/5] KVM: SEV: mask off firmware unsupported vm types
Date: Tue, 24 Mar 2026 13:40:33 -0600
Message-ID: <20260324194034.1442133-5-tycho@kernel.org>
X-Mailer: git-send-email 2.53.0
In-Reply-To: <20260324194034.1442133-1-tycho@kernel.org>
References: <20260324194034.1442133-1-tycho@kernel.org>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: "Tycho Andersen (AMD)" <tycho@kernel.org>

In some configurations not all VM types are supported by the firmware.
Reflect this information in the supported_vm_types that KVM exports.

Link: https://lore.kernel.org/all/aZyLIWtffvEnmtYh@google.com/
Suggested-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Tycho Andersen (AMD) <tycho@kernel.org>
---
 arch/x86/kvm/svm/sev.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index 37490803f2e8..0fe9515db1e7 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -2976,7 +2976,8 @@ void __init sev_set_cpu_caps(void)
 		supported_vm_types |=3D BIT(KVM_X86_SNP_VM);
 	}
=20
-	kvm_caps.supported_vm_types |=3D supported_vm_types;
+	kvm_caps.supported_vm_types |=3D (supported_vm_types &
+					sev_firmware_supported_vm_types());
 }
=20
 static bool is_sev_snp_initialized(void)
--=20
2.53.0
From nobody Fri Apr  3 08:34:56 2026
Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org
 [10.30.226.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1F892318EF4;
	Tue, 24 Mar 2026 19:42:10 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=10.30.226.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1774381330; cv=none;
 b=ceu+bE7G6Pu+iGextSthh0WlSfsDT8Wu2AjxCK74lvOrsUxJ42wI3J1N18Er82Tn1gQQSqOCusBIOEYZeBu1mKqWOUnJs7+OfG8pYVtvIpq0xU4fwySOYD51f+uAQtGTFDg+E/g7vXsMyqYItEkwmC7SLJ0Ju8Kv8QMJ2Aoruhs=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1774381330; c=relaxed/simple;
	bh=aGw//K9x2xoCMLobIBr5Yc9BK3PcrQ5aUsk1vfFDBHY=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version;
 b=kWXwdsWggxAoQ9rNoIhFFiUonsWlNqqIQDTYEYMJ5i6vp2vigzZhkcxOQbQhZTKjUI0kAYGnWo1mWSRu3eC+POo/S8DLXikQcS+wx7x39gi9/FihGlBHK8e4uGRajxb9Pt9WPeyr5DAsylVvY0yWqU0oCv1MMXKAm5GjfvTr1/Q=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org
 header.b=Em76d80s; arc=none smtp.client-ip=10.30.226.201
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org
 header.b="Em76d80s"
Received: by smtp.kernel.org (Postfix) with ESMTPSA id C0A1CC2BCB6;
	Tue, 24 Mar 2026 19:42:07 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1774381330;
	bh=aGw//K9x2xoCMLobIBr5Yc9BK3PcrQ5aUsk1vfFDBHY=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=Em76d80s2RhXJUhAqehyLEWOAxQsjLqrKCu3wUn5oTcSqdgPmAKYOu49ymTstVlh2
	 8mTrfDQu49119jN+qq3HkyT/1eJZ3tQD9ZY/fU3vvo3rWuJX3i1aSzfWuunBI9Xvpz
	 Zng/smzZbo4aR1Tbs7MfXR8AGwOYiv2D/ElT2A/0pKkAPvgijo87930KZfdN3pC3Mj
	 mePoyeSKMQ8QtWg3nIK7IrJxOCgok2hFjhfh9+x/gFMC0m/IuMo/LgA5YDnbHb8viG
	 TiIVRw1/tyJkzNFGfPDiTryu8cpNGHZDpD0l93/S76HXptmLNfY/S0sGrUSAcsjvIF
	 mZZFTlC628Vvg==
From: Tycho Andersen <tycho@kernel.org>
To: Ashish Kalra <ashish.kalra@amd.com>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	John Allen <john.allen@amd.com>,
	Herbert Xu <herbert@gondor.apana.org.au>,
	"David S. Miller" <davem@davemloft.net>,
	Sean Christopherson <seanjc@google.com>,
	Paolo Bonzini <pbonzini@redhat.com>,
	Thomas Gleixner <tglx@kernel.org>,
	Ingo Molnar <mingo@redhat.com>,
	Borislav Petkov <bp@alien8.de>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	x86@kernel.org,
	"H. Peter Anvin" <hpa@zytor.com>,
	Shuah Khan <shuah@kernel.org>
Cc: linux-crypto@vger.kernel.org,
	linux-kernel@vger.kernel.org,
	Kim Phillips <kim.phillips@amd.com>,
	Alexey Kardashevskiy <aik@amd.com>,
	"Tycho Andersen (AMD)" <tycho@kernel.org>,
	Nikunj A Dadhania <nikunj@amd.com>,
	kvm@vger.kernel.org,
	linux-kselftest@vger.kernel.org
Subject: [PATCH v2 5/5] KVM: selftests: teach sev_*_test about revoking VM
 types
Date: Tue, 24 Mar 2026 13:40:34 -0600
Message-ID: <20260324194034.1442133-6-tycho@kernel.org>
X-Mailer: git-send-email 2.53.0
In-Reply-To: <20260324194034.1442133-1-tycho@kernel.org>
References: <20260324194034.1442133-1-tycho@kernel.org>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: "Tycho Andersen (AMD)" <tycho@kernel.org>

Instead of using CPUID, use the VM type bit to determine support, since
those now reflect the correct status of support by the kernel and firmware
configurations.

Suggested-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Tycho Andersen (AMD) <tycho@kernel.org>
---
 tools/testing/selftests/kvm/x86/sev_init2_tests.c  | 14 ++++++--------
 .../testing/selftests/kvm/x86/sev_migrate_tests.c  |  2 +-
 tools/testing/selftests/kvm/x86/sev_smoke_test.c   |  4 ++--
 3 files changed, 9 insertions(+), 11 deletions(-)

diff --git a/tools/testing/selftests/kvm/x86/sev_init2_tests.c b/tools/test=
ing/selftests/kvm/x86/sev_init2_tests.c
index b238615196ad..97bd036b4f1c 100644
--- a/tools/testing/selftests/kvm/x86/sev_init2_tests.c
+++ b/tools/testing/selftests/kvm/x86/sev_init2_tests.c
@@ -136,16 +136,14 @@ int main(int argc, char *argv[])
 		    kvm_check_cap(KVM_CAP_VM_TYPES), 1 << KVM_X86_SEV_VM);
=20
 	TEST_REQUIRE(kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_SEV_VM));
-	have_sev_es =3D kvm_cpu_has(X86_FEATURE_SEV_ES);
+	have_sev_es =3D kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_SEV_ES_VM);
=20
-	TEST_ASSERT(have_sev_es =3D=3D !!(kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(K=
VM_X86_SEV_ES_VM)),
-		    "sev-es: KVM_CAP_VM_TYPES (%x) does not match cpuid (checking %x)",
-		    kvm_check_cap(KVM_CAP_VM_TYPES), 1 << KVM_X86_SEV_ES_VM);
+	TEST_ASSERT(!have_sev_es || kvm_cpu_has(X86_FEATURE_SEV_ES),
+		    "sev-es: SEV_ES_VM supported without SEV_ES in CPUID");
=20
-	have_snp =3D kvm_cpu_has(X86_FEATURE_SEV_SNP);
-	TEST_ASSERT(have_snp =3D=3D !!(kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_=
X86_SNP_VM)),
-		    "sev-snp: KVM_CAP_VM_TYPES (%x) indicates SNP support (bit %d), but =
CPUID does not",
-		    kvm_check_cap(KVM_CAP_VM_TYPES), KVM_X86_SNP_VM);
+	have_snp =3D kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_SNP_VM);
+	TEST_ASSERT(!have_snp || kvm_cpu_has(X86_FEATURE_SEV_SNP),
+		    "sev-snp: SNP_VM supported without SEV_SNP in CPUID");
=20
 	test_vm_types();
=20
diff --git a/tools/testing/selftests/kvm/x86/sev_migrate_tests.c b/tools/te=
sting/selftests/kvm/x86/sev_migrate_tests.c
index 0a6dfba3905b..3f2c3b00e3bc 100644
--- a/tools/testing/selftests/kvm/x86/sev_migrate_tests.c
+++ b/tools/testing/selftests/kvm/x86/sev_migrate_tests.c
@@ -376,7 +376,7 @@ int main(int argc, char *argv[])
=20
 	TEST_REQUIRE(kvm_cpu_has(X86_FEATURE_SEV));
=20
-	have_sev_es =3D kvm_cpu_has(X86_FEATURE_SEV_ES);
+	have_sev_es =3D kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_SEV_ES_VM);
=20
 	if (kvm_has_cap(KVM_CAP_VM_MOVE_ENC_CONTEXT_FROM)) {
 		test_sev_migrate_from(/* es=3D */ false);
diff --git a/tools/testing/selftests/kvm/x86/sev_smoke_test.c b/tools/testi=
ng/selftests/kvm/x86/sev_smoke_test.c
index 8bd37a476f15..f3c39335ff39 100644
--- a/tools/testing/selftests/kvm/x86/sev_smoke_test.c
+++ b/tools/testing/selftests/kvm/x86/sev_smoke_test.c
@@ -249,10 +249,10 @@ int main(int argc, char *argv[])
=20
 	test_sev_smoke(guest_sev_code, KVM_X86_SEV_VM, 0);
=20
-	if (kvm_cpu_has(X86_FEATURE_SEV_ES))
+	if (kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_SEV_ES_VM))
 		test_sev_smoke(guest_sev_es_code, KVM_X86_SEV_ES_VM, SEV_POLICY_ES);
=20
-	if (kvm_cpu_has(X86_FEATURE_SEV_SNP))
+	if (kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_SNP_VM))
 		test_sev_smoke(guest_snp_code, KVM_X86_SNP_VM, snp_default_policy());
=20
 	return 0;
--=20
2.53.0