From nobody Sat Nov 30 12:39:20 2024 Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on2073.outbound.protection.outlook.com [40.107.96.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 95DFF166F00; Tue, 10 Sep 2024 06:04:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.96.73 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725948281; cv=fail; b=DpmZUQ/NZy5snSIQ0zd6zOxE50yBMmr4wwfX76TH/x8QD+lZbpiNaE1q17P2Viww6KWlWvYF1vbCEfbO6lrmFMP6IpdqijAbnVBB4t2tUTF3WA6TZZyAx04/o1hUMhss4t3zSPokLSutp99yfpw+SpR6cAuTfL4YJOItg2KszKU= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725948281; c=relaxed/simple; bh=HM0Nw/nuSh4b4fFMRD90TjYXag3URCUYfwI0v0CRX0I=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=s5PqtPZAmtBRkQq6/v2EPX5Z9TKacTSl7DpwktJ/KRKnvi2RsLb4EXvNlnLQQOvYJ1ObyVA6d3JXVKcWQcKr5fcKN97chfvHDtZ/glXUbCH98tJCbQqsCLZaq8RCZmBYoy279ziHtyMbJe5CzcjWi0/QzWA/aDv7KddwyOx9Mh4= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=hNbBn+bR; arc=fail smtp.client-ip=40.107.96.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="hNbBn+bR" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=KNSUfX4kCaEY+vh33vGRcT/bbORy6xsvnnen2cFIuAah+Wb7cMKXgteKEn3kBsJHPqqnLdge/PtCkFIAqpUPSqf7tuZxBQX7eY2hlhb30jWj9gUMc8Ur+EqzHdFvgwRMsc5zVbsnPrybulVl6WVP6h4a9yBhq+BKvrWXBHbqd25vUPwwfR+cS36FreX1LR78SJQfqpYJArmstj7PrYA2ybB6RL+UkYNO0HeX2OB1GWzRlqxXjogDHeCgPIN+iLcO2h3T344M5AeR0NFy6nVYuqqtYwXCGHmtCKUtsk4x/uBTI9WUINT+kxjWTuC7jS+Zqp++R+r48HAeppU8VU7Yjw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ClOfLecC5uGwl0NQkTC/DUjjaa/7TNWCiWpJu3L8ajc=; b=YLRqnp+RAVe7XZVqpKiJkeTk9tSuJnn3XtlmBR1tNqzvOAmBj02ypTLtBwrXLOxTz8JLTn6n+VzOaDA8OJclLqjA350NpzG4+u5/9yLNFVPmA/EDS+JlFTCBqnxO9FUe+GjTmUBvEVutJt7hUVJeidif6gjXja6yPBV6eA4Wsi3hGShxmPRwuHkm255LyxZNz/mPfCS9WD5vG2t8+6gMTmG6tSJWDL8647gi9+BEVDelYAtzb94RFjoia/oZ/lK8XXPZnugsk5TFIpWA9ypxkd2jY6PYNcDZIAdorvHqqd1X64OhKCud4wkV5+URbpuxWODz7tQbaVgLYqthNvXtIQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ClOfLecC5uGwl0NQkTC/DUjjaa/7TNWCiWpJu3L8ajc=; b=hNbBn+bRCh3b9rWt+j2SXk5+iSrem+iqFuZYqFMm0atRSe2/1oAHmBQylFQQHarjJz2O2uoSk2mz68gYl0Xi25l5vq0t2IqOKZZpiDu1nazgEkB12h+jUer+7v+RR9t/lZsz8+MrN4irb/OxNUlycFxmONs9hyNzmGP8at2R9wU= Received: from BYAPR05CA0035.namprd05.prod.outlook.com (2603:10b6:a03:c0::48) by SJ2PR12MB8134.namprd12.prod.outlook.com (2603:10b6:a03:4fa::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7918.25; Tue, 10 Sep 2024 06:04:35 +0000 Received: from CO1PEPF000075F3.namprd03.prod.outlook.com (2603:10b6:a03:c0:cafe::5e) by BYAPR05CA0035.outlook.office365.com (2603:10b6:a03:c0::48) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7939.23 via Frontend Transport; Tue, 10 Sep 2024 06:04:35 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB03.amd.com; pr=C Received: from SATLEXMB03.amd.com (165.204.84.17) by CO1PEPF000075F3.mail.protection.outlook.com (10.167.249.42) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7918.13 via Frontend Transport; Tue, 10 Sep 2024 06:04:34 +0000 Received: from ruby-9130host.amd.com (10.180.168.240) by SATLEXMB03.amd.com (10.181.40.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Tue, 10 Sep 2024 01:04:33 -0500 From: Melody Wang To: , , CC: Sean Christopherson , Paolo Bonzini , Tom Lendacky , Ashish Kalra , Michael Roth , Melody Wang Subject: [PATCH v2 2/6] KVM: SVM: Add support for the SEV-SNP #HV doorbell page NAE event Date: Tue, 10 Sep 2024 06:03:32 +0000 Message-ID: <7a04e3f07965a09d79bbcc067ed943ea0a4c7b7c.1725945912.git.huibo.wang@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB03.amd.com (10.181.40.144) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF000075F3:EE_|SJ2PR12MB8134:EE_ X-MS-Office365-Filtering-Correlation-Id: 89b76146-8f53-4e75-bf2a-08dcd15e7217 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|36860700013|82310400026|1800799024|376014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?6d0Num+t3+vY0KHSM8NzBMPkncCyd7qxQbLr7jqljEnoTDrcha1t1AUq9Y+q?= =?us-ascii?Q?Iq9kQTKG/IHfZP8teW2+eYha6bhz9uVne0SJlo/cJwDpZDAiW6qnrmUs9A0l?= =?us-ascii?Q?1qjyBlivTczQ5GvXVw4KCTk86Sx2q9/zG83pvDKEU7Bt3oibb3HHC19bzPOH?= =?us-ascii?Q?YGBgCupOu+Z6JRuZ89vZ9ascqfWg46i/Hga22SlfAY/Yxm3NY6dkVuwRKW3G?= =?us-ascii?Q?0+hxifxxZ4lzOkzm2pL2dSPWdVWEeVYDe6vzGxIacszi3i7atd95r/RF7LHO?= =?us-ascii?Q?nWeV0Y+57nqg5ZhuLMlHh7fwjVSh7kbLCoHOxf190pVA+U4rX2d9t4M6t51y?= =?us-ascii?Q?3h4WZthf8TlXk4dk1qs2a+t3rFM81Yqnh+neTj2H2J3opG02UcWQqcj3kxPD?= =?us-ascii?Q?bNGvlBFSXIojG4SYm5QnWJdj3H07is2pPxZYObmPG4bwb+p7rMpXL/EGq6JM?= =?us-ascii?Q?UZpKW9RpDqzkopeaa5cHt2M771EjCU2JQfjsyQQkfoflU4Qw0VulzOdc777F?= =?us-ascii?Q?bO8seZfblWzWyy/nqC52Qd2pS54z+yp117AXq3kcpo4L1QAWPRr66GZsBIJK?= =?us-ascii?Q?9sV3vC8GG63rtNCxtFp6ZV8x3eI6YN6hTsDdDe0NaU7yJEfYNWxVoKJUCWLd?= =?us-ascii?Q?5wAtOfkOmJMIlmMrldCSv6s/AZWw5dY99Xk1RZ9yCC4b434qUnE0saJERxgX?= =?us-ascii?Q?fwGNCpTy7cjg/OWJVqL1/C0qdb5C4touRVuIlDWjs3kz/x26WkYErXpkg10v?= =?us-ascii?Q?R+xLZRxaS1Qojlyk/PkYKW7B2HEurvF5QAQVKwwu3Dpu4GXVItiHlSWzTDMU?= =?us-ascii?Q?T9XfLzfwBwravdn4T8lg5Z4NfrX1oMRSHz3Nl9RP3s+lN7l1MNLpDOXmskQR?= =?us-ascii?Q?pQmXLmiCIUHvtupk/gLfRsMvFBJcoWQa8MY++6ADqCr7un/n2FoRBpQu2kJh?= =?us-ascii?Q?oSW6cG22BS8Dlmw7rSVj9Pw+lRdiOsXuMQWvVFu1NvTwa/d02me8MljEeibC?= =?us-ascii?Q?XoAxO/xzQrOknhg3kF3tiaTLShQMoZ5b8GX+7m05Etkr+0hqE4p21wsSBxL1?= =?us-ascii?Q?vXmcuzB6iXuQIEUnm3F2gndxf+WDZE6nuFEl76othgEpXowFG8PsiFi8jz30?= =?us-ascii?Q?8MHeIv9iPdnsdsybqpz6eaOvYgHCu2nX9tINseCAMI0NfF23LUL1Gp60u434?= =?us-ascii?Q?2LMhwH4ibw9HOKtYvLBWlRGxGhOHdhK1mcNk+dflIQH/1XfVUCysbTSFoZEG?= =?us-ascii?Q?lPkZ/g6++e5EOk1W+iSx8MIpMV5qH4xfYDv4pNpxMMcxTXzHuYPGjEbDNgF/?= =?us-ascii?Q?8qWm6ecDAM5la6tqTxv0nqO/CM63E2khso7wBcYdrDDHPUYAgz5OhcF9xkjs?= =?us-ascii?Q?B6Ax6tNUKtVyEDnx+iXI6AsF47KxOu6efiy8R4ZYJ4K+fyIhkenBtv3ZPivn?= =?us-ascii?Q?iST3TZyfLmsGpVeKFDJ9CEK+gnLX7qtx?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB03.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(36860700013)(82310400026)(1800799024)(376014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Sep 2024 06:04:34.9338 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 89b76146-8f53-4e75-bf2a-08dcd15e7217 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB03.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000075F3.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ2PR12MB8134 Content-Type: text/plain; charset="utf-8" To support the SEV-SNP Restricted Injection feature, the SEV-SNP guest must register a #HV doorbell page for use with the #HV. The #HV doorbell page NAE event allows the guest to register a #HV doorbell page. The NAE event consists of four actions: GET_PREFERRED, SET, QUERY, CL= EAR. Implement the NAE event as per GHCB specification. Co-developed-by: Thomas Lendacky Signed-off-by: Thomas Lendacky Signed-off-by: Melody Wang --- arch/x86/include/uapi/asm/svm.h | 5 +++ arch/x86/kvm/svm/sev.c | 73 +++++++++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.h | 2 + 3 files changed, 80 insertions(+) diff --git a/arch/x86/include/uapi/asm/svm.h b/arch/x86/include/uapi/asm/sv= m.h index 1814b413fd57..7905c9be44d1 100644 --- a/arch/x86/include/uapi/asm/svm.h +++ b/arch/x86/include/uapi/asm/svm.h @@ -115,6 +115,11 @@ #define SVM_VMGEXIT_AP_CREATE_ON_INIT 0 #define SVM_VMGEXIT_AP_CREATE 1 #define SVM_VMGEXIT_AP_DESTROY 2 +#define SVM_VMGEXIT_HVDB_PAGE 0x80000014 +#define SVM_VMGEXIT_HVDB_GET_PREFERRED 0 +#define SVM_VMGEXIT_HVDB_SET 1 +#define SVM_VMGEXIT_HVDB_QUERY 2 +#define SVM_VMGEXIT_HVDB_CLEAR 3 #define SVM_VMGEXIT_SNP_RUN_VMPL 0x80000018 #define SVM_VMGEXIT_HV_FEATURES 0x8000fffd #define SVM_VMGEXIT_TERM_REQUEST 0x8000fffe diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 714c517dd4b7..e65867ea768d 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3410,6 +3410,10 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *= svm) control->exit_info_1 =3D=3D control->exit_info_2) goto vmgexit_err; break; + case SVM_VMGEXIT_HVDB_PAGE: + if (!sev_snp_guest(vcpu->kvm)) + goto vmgexit_err; + break; default: reason =3D GHCB_ERR_INVALID_EVENT; goto vmgexit_err; @@ -4125,6 +4129,66 @@ static int snp_handle_ext_guest_req(struct vcpu_svm = *svm, gpa_t req_gpa, gpa_t r return 1; /* resume guest */ } =20 +static int sev_snp_hv_doorbell_page(struct vcpu_svm *svm) +{ + struct kvm_vcpu *vcpu =3D &svm->vcpu; + struct kvm_host_map hvdb_map; + gpa_t hvdb_gpa; + u64 request; + + if (!sev_snp_guest(vcpu->kvm)) + return -EINVAL; + + request =3D svm->vmcb->control.exit_info_1; + hvdb_gpa =3D svm->vmcb->control.exit_info_2; + + switch (request) { + case SVM_VMGEXIT_HVDB_GET_PREFERRED: + ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, ~0ULL); + break; + case SVM_VMGEXIT_HVDB_SET: + svm->sev_es.hvdb_gpa =3D INVALID_PAGE; + + if (!PAGE_ALIGNED(hvdb_gpa)) { + vcpu_unimpl(vcpu, "vmgexit: unaligned #HV doorbell page address [%#llx]= from guest\n", + hvdb_gpa); + return -EINVAL; + } + + if (!page_address_valid(vcpu, hvdb_gpa)) { + vcpu_unimpl(vcpu, "vmgexit: invalid #HV doorbell page address [%#llx] f= rom guest\n", + hvdb_gpa); + return -EINVAL; + } + + /* Map and unmap the GPA just to be sure the GPA is valid */ + if (kvm_vcpu_map(vcpu, gpa_to_gfn(hvdb_gpa), &hvdb_map)) { + /* Unable to map #HV doorbell page from guest */ + vcpu_unimpl(vcpu, "vmgexit: error mapping #HV doorbell page [%#llx] fro= m guest\n", + hvdb_gpa); + return -EINVAL; + } + kvm_vcpu_unmap(vcpu, &hvdb_map, true); + + svm->sev_es.hvdb_gpa =3D hvdb_gpa; + fallthrough; + case SVM_VMGEXIT_HVDB_QUERY: + ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, svm->sev_es.hvdb_gpa); + break; + case SVM_VMGEXIT_HVDB_CLEAR: + svm->sev_es.hvdb_gpa =3D INVALID_PAGE; + break; + default: + svm->sev_es.hvdb_gpa =3D INVALID_PAGE; + + vcpu_unimpl(vcpu, "vmgexit: invalid #HV doorbell page request [%#llx] fr= om guest\n", + request); + return -EINVAL; + } + + return 0; +} + static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) { struct vmcb_control_area *control =3D &svm->vmcb->control; @@ -4405,6 +4469,14 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) case SVM_VMGEXIT_EXT_GUEST_REQUEST: ret =3D snp_handle_ext_guest_req(svm, control->exit_info_1, control->exi= t_info_2); break; + case SVM_VMGEXIT_HVDB_PAGE: + if (sev_snp_hv_doorbell_page(svm)) { + ghcb_set_sw_exit_info_1(svm->sev_es.ghcb, 2); + ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, GHCB_ERR_INVALID_INPUT); + } + + ret =3D 1; + break; case SVM_VMGEXIT_UNSUPPORTED_EVENT: vcpu_unimpl(vcpu, "vmgexit: unsupported event - exit_info_1=3D%#llx, exit_info_2=3D%#= llx\n", @@ -4572,6 +4644,7 @@ void sev_es_vcpu_reset(struct vcpu_svm *svm) sev_enc_bit)); =20 mutex_init(&svm->sev_es.snp_vmsa_mutex); + svm->sev_es.hvdb_gpa =3D INVALID_PAGE; } =20 void sev_es_prepare_switch_to_guest(struct vcpu_svm *svm, struct sev_es_sa= ve_area *hostsa) diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 76107c7d0595..f0f14801e122 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -225,6 +225,8 @@ struct vcpu_sev_es_state { gpa_t snp_vmsa_gpa; bool snp_ap_waiting_for_reset; bool snp_has_guest_vmsa; + + gpa_t hvdb_gpa; }; =20 struct vcpu_svm { --=20 2.34.1