From nobody Wed Oct 30 22:16:04 2024 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2070.outbound.protection.outlook.com [40.107.236.70]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4F89C14388E for ; Thu, 1 Aug 2024 19:14:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.236.70 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722539681; cv=fail; b=VfHIvtCvI1/c9XwXbpP3IFu3c+u2LKz5ZAmGdWiM2gih8dhDX8A427Y8OU0zm8foMunsphYJ4qi1dsWD2TEhpzzEqI+ujlKIkyLfy0AecLdR3qwP6BCmpf97JQnkjI5JB2U8ybm0dbohh9gMnjxBfbVdU7td5fq15VVDLZDB9KA= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722539681; c=relaxed/simple; bh=KMnNrU51AHoj7SypggOopSsUFQbVOXNKtOWQuOuQMvM=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=DhoPNrZTOqj2tku28/kblwg/7C4D1xU0vSNE8UupZl1zJzGdDf5VMsAuoUIr6933uDcNFdXHOrjCTdDjaW+3Q9Di//bJqbYlSH41K20QyBu8Xk3pxu2ZKdZut173uQrL5mEl7U8t0kRuW/L+oW1+N/3PTRD8LV25/WlPNXieegI= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=DbhSVUAA; arc=fail smtp.client-ip=40.107.236.70 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="DbhSVUAA" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=sNqZpPrrPCBBEtyN+pyAGQ0eB8OWfWnhjVgIrQcKGeMFXq3jAyetCfQymN6UYI9yMMAocE9GkiU11GuofcEiHoBd3SD3IaiPkJx5yiFm9Wl18Lyi3y6oEsq/Xjn5lLsWt7ppTul9rQdyUoKMSsDsnvG1zSxBGfRIzV8ssM5dlTMlWCmExFVFBRL5KLToioYSmYrDrNNAt84mKlRhZVPo6WE9QSQXXP10Rl7aoubhC8dBea4iTpD60I2Nn2XTZe7nWoDIn9dv95u1k/q2FYwoM0cJRSKy7AvmlOjW6aec5xWOFqMQwU7xeO8i6Hg6LuN0hwjuWEv7KFCQUJEDbxDPyg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=xAW6P1BTBJSfNIUvVl8FqTOvvJPB1XAot5xkWOzWcuA=; b=bYVAXrtjeGMpPHxLAE/9XeV8BxoImXElvSJpZnsaZVmzrj3+V4ssuskYcYTjqHtfCJWxgmGkvIRM26DtfZWxGhcNHVInSqJwF4BGx82zO1rWIoTYDL4uGGdWASI0J8fbVHot1Al8Uzjq40lZ9V2hqexvTWRyWU2Ra9UwjD+ymXRa/cFB0szPa765ac7ELq2ev+2dpWTb4flh/wY8Ar+IkIK5bSKXLSiqnZ5Q2uo+J7I7C9HizYajsPHdj3c7GHaKOYSzVJxU7izAdgBgMTl/ZJwQLqkl7fBzHxPefe/fbyQhtnlVTlMJWyOcYRtzItoosoyFuRZ9/y2RuWiIthqExg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=linux.intel.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xAW6P1BTBJSfNIUvVl8FqTOvvJPB1XAot5xkWOzWcuA=; b=DbhSVUAA5iZVPExsbW9GCZ/b3k5wqZ49zcOycJOQhev86axozgNpeCWzqRuf8sSYGJN3rgpigQWGMW1X/2Y4mmmRsyNCoNScZPPNlVOYXbiNMMVX42DsNGfwv0ZBNEtSdW63gv6BqzgPhHTPp7GvBI8lXKJEXLSrUeysdkEUK1Q= Received: from PH8PR07CA0022.namprd07.prod.outlook.com (2603:10b6:510:2cd::21) by SA1PR12MB8742.namprd12.prod.outlook.com (2603:10b6:806:373::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7807.28; Thu, 1 Aug 2024 19:14:29 +0000 Received: from MWH0EPF000989E7.namprd02.prod.outlook.com (2603:10b6:510:2cd:cafe::d7) by PH8PR07CA0022.outlook.office365.com (2603:10b6:510:2cd::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7784.32 via Frontend Transport; Thu, 1 Aug 2024 19:14:21 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MWH0EPF000989E7.mail.protection.outlook.com (10.167.241.134) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7828.19 via Frontend Transport; Thu, 1 Aug 2024 19:14:28 +0000 Received: from ethanolx7e2ehost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Thu, 1 Aug 2024 14:14:27 -0500 From: Ashish Kalra To: , , , , CC: , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v13 1/3] x86/boot: Skip video memory access in the decompressor for SEV-ES/SNP Date: Thu, 1 Aug 2024 19:14:17 +0000 Message-ID: <8a55ea86524c686e575d273311acbe57ce8cee23.1722520012.git.ashish.kalra@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: <20240614095904.1345461-1-kirill.shutemov@linux.intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MWH0EPF000989E7:EE_|SA1PR12MB8742:EE_ X-MS-Office365-Filtering-Correlation-Id: ea02eb2f-4ce4-4f09-63e1-08dcb25e2a89 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|82310400026|7416014|36860700013|1800799024; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?D8mwtMPTj1EnLMMRYv5Or3ZBVbrkTl7/oYo4Aqg7ddFSls+9U7l3dnTlSRhJ?= =?us-ascii?Q?hdTZAaqWf5mIKYWdSVYyZA8P+ulArBHopjP7eKFSj1atJwguowGlyQ8ySlqv?= =?us-ascii?Q?hiQE9soFQWyhDr+mFY5IEVT1FppxzI1yJHCCVXoP8xrqTggcwJUo3BChCxED?= =?us-ascii?Q?HFfDtvbdNf5IEClAuInCSDfKcRb04ZmUYPUz8YEx5YmCMcjcXgGVsdXqnsqi?= =?us-ascii?Q?IoyVZetsNhtEHYEnd3RLzHMergU6xkQtxLlZgQQg+dkhZTOEOA6DVYAKbJ7Z?= =?us-ascii?Q?63p60IoBiabMzoNoIYvTWne6zzkF1guVmfxjoLVG7KuXFnUwOHARL4qmRdVV?= =?us-ascii?Q?n56NkoqGYH93lCgysLAiaiPzvdCrqtYsFJxd5N65Knsw4/6UfjhXMcJMbi7+?= =?us-ascii?Q?YDF77EzfAfJfe4o7GwExXGdFy6oIxPxD6WXc2CghleXWVvArBwHf4OEgciTY?= =?us-ascii?Q?dYkQh0vJWvySkuIWCAVB+DZUWVyGgP+iZjHir5962M6x2O53JKAj6WFNTC82?= =?us-ascii?Q?dKs0Dh80n0i+ov2EKJeFd/m8DfFWkSbGbJDy8PFIdlsE82Tv4GqvEWpENTM5?= =?us-ascii?Q?Z7W0AymOGY4H6my//zxDwJWaSQT/XXL10du6xetpWaCHjFFAanZ1yxzl60Y6?= =?us-ascii?Q?9qxQCdD3LU6ZL2lv+QG1gBYtXIcneKRq9X1dgJb9Y+EK9jQRuv7pvNsUZDRG?= =?us-ascii?Q?N3nzdsKxg72W75r31ctuTcXZWgRC32DFBd0eYwkKnjjijhClx8s3t7OrjJm5?= =?us-ascii?Q?NMZb/BKdSnTD7Si9vIeQcXRLF8ArqiaLgVMVtXCFTapa9MszdM/kmLKEAVaC?= =?us-ascii?Q?gB1qR0gGpkPGGdyFOXJyBjhxleb/LXOJ2A+Y2pdABkV/vqbQnTuWyq0d6me2?= =?us-ascii?Q?TuYUGkY+gajxTNg6fPj/zAkjzgjJh9jXQs2Vcb22iE+oJJfIb4oJiCHDX1fl?= =?us-ascii?Q?7UsZdm+PP6/Sh5F+bcf/jPNFJ3eXYphatjYbtRTwSdHal3cG+ISssmEf0WPr?= =?us-ascii?Q?/S4ln9Q6i8qWP93TLVw6ffCyOg++JFzZHPucNquQcqFe3fm5BuHLWdaaMJ0b?= =?us-ascii?Q?qzfYRDOyO6DpFBNlTRhy7TixFDwLnGnvEhZIBz+5sChFueYZgTPxvShanamx?= =?us-ascii?Q?B6kn+D+PYIySrqw3bWfd/HBsrIESgByTbR70FO59YvyIGqNfLYVM1esXGq18?= =?us-ascii?Q?cMqWKP9zDQYaK/YRMv6UK8oLdntqo8hkRZDryHCDUkQX/n4gg3Z0bzUxwPAX?= =?us-ascii?Q?2zs+agyeF0ruZrXntAvK6tPyJy8sizon3CBUnLZ4wBZqNOHSUwvvrNXzhDd2?= =?us-ascii?Q?5fdXoRse6T9nWn14HVH9Xh+Ls6Qt3IoSdPfl4HwJ7nWDRFojrmCc7WERSZA5?= =?us-ascii?Q?GsQIyPn6eiAgZ17Q0UqM8n9BR+tRZkinbMuDA7ryjE7A1zaKNues20Hq+Fwy?= =?us-ascii?Q?P2kvOC6AnnXfoaybt4XQB1oaSHcYCBNR?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(376014)(82310400026)(7416014)(36860700013)(1800799024);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 01 Aug 2024 19:14:28.8991 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: ea02eb2f-4ce4-4f09-63e1-08dcb25e2a89 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MWH0EPF000989E7.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR12MB8742 Content-Type: text/plain; charset="utf-8" From: Ashish Kalra Accessing guest video memory/RAM in the decompressor causes guest termination as the boot stage2 #VC handler for SEV-ES/SNP systems does not support MMIO handling. This issue is observed during a SEV-ES/SNP guest kexec as kexec -c adds screen_info to the boot parameters passed to the second kernel, which causes console output to be dumped to both video and serial. As the decompressor output gets cleared really fast, it is preferable to get the console output only on serial, hence, skip accessing the video RAM during decompressor stage to prevent guest termination. Serial console output during decompressor stage works as boot stage2 #VC handler already supports handling port I/O. [ bp: Massage. ] Suggested-by: Borislav Petkov (AMD) Suggested-by: Thomas Lendacky Signed-off-by: Ashish Kalra Signed-off-by: Borislav Petkov (AMD) Reviewed-by: Kuppuswamy Sathyanarayanan Reviewed-by: Tom Lendacky --- arch/x86/boot/compressed/misc.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/arch/x86/boot/compressed/misc.c b/arch/x86/boot/compressed/mis= c.c index 944454306ef4..826b4d5cb1f0 100644 --- a/arch/x86/boot/compressed/misc.c +++ b/arch/x86/boot/compressed/misc.c @@ -385,6 +385,19 @@ static void parse_mem_encrypt(struct setup_header *hdr) hdr->xloadflags |=3D XLF_MEM_ENCRYPTION; } =20 +static void early_sev_detect(void) +{ + /* + * Accessing video memory causes guest termination because + * the boot stage2 #VC handler of SEV-ES/SNP guests does not + * support MMIO handling and kexec -c adds screen_info to the + * boot parameters passed to the kexec kernel, which causes + * console output to be dumped to both video and serial. + */ + if (sev_status & MSR_AMD64_SEV_ES_ENABLED) + lines =3D cols =3D 0; +} + /* * The compressed kernel image (ZO), has been moved so that its position * is against the end of the buffer used to hold the uncompressed kernel @@ -440,6 +453,8 @@ asmlinkage __visible void *extract_kernel(void *rmode, = unsigned char *output) */ early_tdx_detect(); =20 + early_sev_detect(); + console_init(); =20 /* --=20 2.34.1 From nobody Wed Oct 30 22:16:04 2024 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2065.outbound.protection.outlook.com [40.107.93.65]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BFFE914A0A8 for ; Thu, 1 Aug 2024 19:14:52 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.93.65 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722539694; cv=fail; b=oRGl+jYi4q5fAXAK3nc0cLlJFNkQMMC5BsN2hEupUYoROqjFHyI0Vd8XTGWuyHgsDv1EynUvj1fme5H0Fz+Vk79uNHR++sR4V7O6eAvllRT6P3bn1TSVDWSaPT237pGSrz19jKWkDv2bYnpxvVNVu0DZYgVu5Co7MQZ+i7HfLoU= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722539694; c=relaxed/simple; bh=IpEEkTWazmLUDVqTT44TaeBp5qf6bI1N7qj4CZTt7g8=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=UODnnkIv9ahmQHUpP9cMDiotIVzMIus1pXZpyCjZRqHDXi/G2DSIBaYUdllje8U+eT/2TbwtMZwmICiCWHdk4j3SjfWwTYEMIH8FX+wiq4q3JjOFU8gAlqxS5drIwpu57dBa7ruYRZvOwydJ6Aj9LWvxhmlU6ClpFpO/bjZgbH0= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=RZscJf+H; arc=fail smtp.client-ip=40.107.93.65 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="RZscJf+H" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=aLXVXNCxwmWUKwhBiL2ks8zK6dLGuc02XB6Pbw2LGLKr5fVBWTcxuEYTjZvR1vDmPtzkWFbYndhHvZBPAIgpIZ8DKlD32H2xplxoISSzoxOJTSG6QO4LYNXGWTlt/XBwAK8dahye4SNuEq8U1Zn7fRbjxufxCdgAN+XdAwYRlGajoyOJ/0XqdCXotdBxrB/FeoM3CVsdQBywcCe2Z3JbDbEJMl2fOQSU886N/L09bngeCsnBrQ1oN+YKg5Ubz2+SfdlQMsiqH1aLEvcjjecAjOfIi8+FLnHCZgW84V6HCNJX87pPhAIxnHbJeZtWCjVtF51Rzx/OJUfUff7IGuDE/w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=gQaKzSYc2yfLaDGSs6b5vdGPA/OVbJtMVKfdMV3omlM=; b=cClsDUyRo4Q5r4wM/+nyQ9KM99+JkT5yyCxl2khq++bzBM9DrUV3i2UY8daplne+X2TvAt+TTFOPbXDJUIQys4f9IwuDY3WXgqRBiEFAb5IHtVmYzqXXX47/ldXn/RUTKqhADgie1yTSseG42qj6J/0dwTFUOR0weDoTWwEKeOCCL+Ly5iKdNoBgkji3voSgis+KTJRjm83LtCuDCffRQsqUjimRp5dcYMi8Qsud6DY9VY90fCeSast3G6bgshZhpq3/O1wOsm1xdT7QxAvLqCW5fJIQwSSKXHuWzjjKm8B7ewUEE0DR2eS8TxK6Ygc2cAYU4gCd8xIW1TEyGZ5kNw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=linux.intel.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gQaKzSYc2yfLaDGSs6b5vdGPA/OVbJtMVKfdMV3omlM=; b=RZscJf+HHrn5OTRpiYyPYTdfd1PsLfgjHyi5PBtjmdufRp/IC30zclJfO5dmVQ7A9reK5k5BUy3UELpx3bcBhQ5qZCyradhviFUByaZjo9i0TkrXSfkXxcmbWMHN13cS4XO7agpOGEmQjPe5LLVBReoqlrpgBZxCM2l8sPLZFo0= Received: from SJ0PR13CA0182.namprd13.prod.outlook.com (2603:10b6:a03:2c3::7) by CH2PR12MB4277.namprd12.prod.outlook.com (2603:10b6:610:ae::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7828.22; Thu, 1 Aug 2024 19:14:46 +0000 Received: from MWH0EPF000989EB.namprd02.prod.outlook.com (2603:10b6:a03:2c3:cafe::d3) by SJ0PR13CA0182.outlook.office365.com (2603:10b6:a03:2c3::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7849.6 via Frontend Transport; Thu, 1 Aug 2024 19:14:45 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MWH0EPF000989EB.mail.protection.outlook.com (10.167.241.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7828.19 via Frontend Transport; Thu, 1 Aug 2024 19:14:45 +0000 Received: from ethanolx7e2ehost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Thu, 1 Aug 2024 14:14:43 -0500 From: Ashish Kalra To: , , , , CC: , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v13 2/3] x86/mm: refactor __set_clr_pte_enc() Date: Thu, 1 Aug 2024 19:14:34 +0000 Message-ID: <5df4aa450447f28294d1c5a890e27b63ed4ded36.1722520012.git.ashish.kalra@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: <20240614095904.1345461-1-kirill.shutemov@linux.intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MWH0EPF000989EB:EE_|CH2PR12MB4277:EE_ X-MS-Office365-Filtering-Correlation-Id: c1d2f426-4e22-4d3a-d8c1-08dcb25e3471 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|36860700013|82310400026|1800799024|7416014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?GqZ2L+Bp1LyfHOEN9vgDsy52i7NyWvD2cXZ9HHsol5ByvL4BYAt9H6/RYXI+?= =?us-ascii?Q?yeSUL7fpnUlqjpQQsCyqm0suIqvaZRcEikmCGn3z6uKawSHwnpqXAk+Makb9?= =?us-ascii?Q?Wx1qT9fvgnHWUlaGifGhk72Dv4qm187+FmYAttZnIf5RRfXPUr06m3tMpQFB?= =?us-ascii?Q?NLky1he+Kw9v4aPHLjHJGknJSYl24Mg/rXMLj6BW4Z8Sk/xD7DHuxsVeT5rh?= =?us-ascii?Q?0+LDhs0CRAu14uBRpGVTJV7aQY6KPFmhOm+etftogyusJtuWASV00UbasroK?= =?us-ascii?Q?WglQWXKeXQv8YjFVPcaQ1FQlh1xyh0tHwtY1ncyorwAbdhjisXi5BQbzskRJ?= =?us-ascii?Q?i3+C1Rjeiwc1PAyO0wvJ13GblsEuE6EXAbKcdkdBQCJWoIB9TEWQ1qnj1I/J?= =?us-ascii?Q?KVRcPe6lDYpUiZKCVPApAK+29jOiCZl4B8sgLuWHLYgpgj5AqqkZvybta+la?= =?us-ascii?Q?r6LKn4sNbukic3FTTd0o7zDOstSxDtBf4hDolI93yu6Pmq5k/hhMtL+XHfIH?= =?us-ascii?Q?ffKmt9JKAWuBc0IK3N6N86w6tUB6eUk8/w8qxH1jGQv2sLyLjTP9crHgqp+Y?= =?us-ascii?Q?uC0i2cMUniF0v9yA16NVSv8OodhXhjkxWrogNBiO9Gig+Q6MH7NCi6mXWd0Q?= =?us-ascii?Q?BqdowrpWQ1XFnCGWgKOGLZiErqRV3yXlbulsgyNROQtqxSN6Dc2bof9ffuhr?= =?us-ascii?Q?pKEdg2ijouE13EuAclg3SzRG9X5+YzrfLOQE0ApNBwfGKvY3CsCZ8wMjlAKx?= =?us-ascii?Q?kaIchQ65b/bnMfktgKNHtbdA9OpTXlbUa53eZD0hEz9xPxDablZcWj0EM+wi?= =?us-ascii?Q?jFzQHIsDOaFGFIYWqXIXAkLBTLS3Y0ErQO2/QhvnYIsS6w/lwwmAwcicO6Tl?= =?us-ascii?Q?rCZPQkOgSp/ezdJXsSwbc0eOwQHfiCBetlWpXmT0Jveft0EED2LySDaM2KQd?= =?us-ascii?Q?BF7FkH1YOYzrLhrzGM3wWHdEFVBrH+pM18AKWm3pEyguJkUoWnQCrYEh49B5?= =?us-ascii?Q?bTOwHksSIOZZIY8a9BqJf/VcrQOOJdL0wbhXDJE2tljdVJPhu+RAID78vkQl?= =?us-ascii?Q?jwDUa9Jiq6Z1X2bJ836sD4IiVnXzxdnVThLiMNiGlJewrsPDuO098cW7wlLl?= =?us-ascii?Q?i5AtydJJ7fDc9FWqLyAd3/gwb9ahuR8SSpAqfCoJTNxc+QndxTcVjdtNeErY?= =?us-ascii?Q?at7nur80874bPmt5BTLAfjRtoYAOG+hBPBsqNWS6srVu2Lr0EBsBAg/uo9uR?= =?us-ascii?Q?i9ICoZvPJzPB9/z+YUuubvcuuTfEs0edm67pm6DFCEOJcz12A9ry5SDeSIhh?= =?us-ascii?Q?1PezpG2ebaDlCQiQE9jdblQ0LhdzEBJXM3fslz+LRCBB8AZe6jezDymoXHzo?= =?us-ascii?Q?L7SL/26TzcXbxLmi8azNtxg3hD+dA+fMpM2dzX1vq+vXQj57JwKWpw5HanX2?= =?us-ascii?Q?u0MYBdpxQMUO2kcFrOmdke4VSP9vWTPo?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(376014)(36860700013)(82310400026)(1800799024)(7416014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 01 Aug 2024 19:14:45.5220 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: c1d2f426-4e22-4d3a-d8c1-08dcb25e3471 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MWH0EPF000989EB.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB4277 Content-Type: text/plain; charset="utf-8" From: Ashish Kalra Refactor __set_clr_pte_enc() and add two new helper functions to set/clear PTE C-bit from early SEV/SNP initialization code and later during shutdown/kexec especially when all CPUs are stopped and interrupts are disabled and set_memory_xx() interfaces can't be used. Co-developed-by: Borislav Petkov (AMD) Signed-off-by: Borislav Petkov (AMD) Signed-off-by: Ashish Kalra Reviewed-by: Tom Lendacky --- arch/x86/include/asm/sev.h | 20 ++++++++++ arch/x86/mm/mem_encrypt_amd.c | 75 +++++++++++++++++++++++------------ 2 files changed, 69 insertions(+), 26 deletions(-) diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 79bbe2be900e..61684d0a64c0 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -285,6 +285,22 @@ struct svsm_attest_call { u8 rsvd[4]; }; =20 +/* PTE descriptor used for the prepare_pte_enc() operations. */ +struct pte_enc_desc { + pte_t *kpte; + int pte_level; + bool encrypt; + /* pfn of the kpte above */ + unsigned long pfn; + /* physical address of @pfn */ + unsigned long pa; + /* virtual address of @pfn */ + void *va; + /* memory covered by the pte */ + unsigned long size; + pgprot_t new_pgprot; +}; + /* * SVSM protocol structure */ @@ -399,6 +415,8 @@ u64 snp_get_unsupported_features(u64 status); u64 sev_get_status(void); void sev_show_status(void); void snp_update_svsm_ca(void); +int prepare_pte_enc(struct pte_enc_desc *d); +void set_pte_enc_mask(pte_t *kpte, unsigned long pfn, pgprot_t new_prot); =20 #else /* !CONFIG_AMD_MEM_ENCRYPT */ =20 @@ -435,6 +453,8 @@ static inline u64 snp_get_unsupported_features(u64 stat= us) { return 0; } static inline u64 sev_get_status(void) { return 0; } static inline void sev_show_status(void) { } static inline void snp_update_svsm_ca(void) { } +static inline int prepare_pte_enc(struct pte_enc_desc *d) { return 0; } +static inline void set_pte_enc_mask(pte_t *kpte, unsigned long pfn, pgprot= _t new_prot) { } =20 #endif /* CONFIG_AMD_MEM_ENCRYPT */ =20 diff --git a/arch/x86/mm/mem_encrypt_amd.c b/arch/x86/mm/mem_encrypt_amd.c index 86a476a426c2..f4be81db72ee 100644 --- a/arch/x86/mm/mem_encrypt_amd.c +++ b/arch/x86/mm/mem_encrypt_amd.c @@ -311,59 +311,82 @@ static int amd_enc_status_change_finish(unsigned long= vaddr, int npages, bool en return 0; } =20 -static void __init __set_clr_pte_enc(pte_t *kpte, int level, bool enc) +int prepare_pte_enc(struct pte_enc_desc *d) { - pgprot_t old_prot, new_prot; - unsigned long pfn, pa, size; - pte_t new_pte; + pgprot_t old_prot; =20 - pfn =3D pg_level_to_pfn(level, kpte, &old_prot); - if (!pfn) - return; + d->pfn =3D pg_level_to_pfn(d->pte_level, d->kpte, &old_prot); + if (!d->pfn) + return 1; =20 - new_prot =3D old_prot; - if (enc) - pgprot_val(new_prot) |=3D _PAGE_ENC; + d->new_pgprot =3D old_prot; + if (d->encrypt) + pgprot_val(d->new_pgprot) |=3D _PAGE_ENC; else - pgprot_val(new_prot) &=3D ~_PAGE_ENC; + pgprot_val(d->new_pgprot) &=3D ~_PAGE_ENC; =20 /* If prot is same then do nothing. */ - if (pgprot_val(old_prot) =3D=3D pgprot_val(new_prot)) - return; + if (pgprot_val(old_prot) =3D=3D pgprot_val(d->new_pgprot)) + return 1; =20 - pa =3D pfn << PAGE_SHIFT; - size =3D page_level_size(level); + d->pa =3D d->pfn << PAGE_SHIFT; + d->size =3D page_level_size(d->pte_level); =20 /* - * We are going to perform in-place en-/decryption and change the - * physical page attribute from C=3D1 to C=3D0 or vice versa. Flush the - * caches to ensure that data gets accessed with the correct C-bit. + * In-place en-/decryption and physical page attribute change + * from C=3D1 to C=3D0 or vice versa will be performed. Flush the + * caches to ensure that data gets accessed with the correct + * C-bit. */ - clflush_cache_range(__va(pa), size); + if (d->va) + clflush_cache_range(d->va, d->size); + else + clflush_cache_range(__va(d->pa), d->size); + + return 0; +} + +void set_pte_enc_mask(pte_t *kpte, unsigned long pfn, pgprot_t new_prot) +{ + pte_t new_pte; + + /* Change the page encryption mask. */ + new_pte =3D pfn_pte(pfn, new_prot); + set_pte_atomic(kpte, new_pte); +} + +static void __init __set_clr_pte_enc(pte_t *kpte, int level, bool enc) +{ + struct pte_enc_desc d =3D { + .kpte =3D kpte, + .pte_level =3D level, + .encrypt =3D enc + }; + + if (prepare_pte_enc(&d)) + return; =20 /* Encrypt/decrypt the contents in-place */ if (enc) { - sme_early_encrypt(pa, size); + sme_early_encrypt(d.pa, d.size); } else { - sme_early_decrypt(pa, size); + sme_early_decrypt(d.pa, d.size); =20 /* * ON SNP, the page state in the RMP table must happen * before the page table updates. */ - early_snp_set_memory_shared((unsigned long)__va(pa), pa, 1); + early_snp_set_memory_shared((unsigned long)__va(d.pa), d.pa, 1); } =20 - /* Change the page encryption mask. */ - new_pte =3D pfn_pte(pfn, new_prot); - set_pte_atomic(kpte, new_pte); + set_pte_enc_mask(kpte, d.pfn, d.new_pgprot); =20 /* * If page is set encrypted in the page table, then update the RMP table = to * add this page as private. */ if (enc) - early_snp_set_memory_private((unsigned long)__va(pa), pa, 1); + early_snp_set_memory_private((unsigned long)__va(d.pa), d.pa, 1); } =20 static int __init early_set_memory_enc_dec(unsigned long vaddr, --=20 2.34.1 From nobody Wed Oct 30 22:16:04 2024 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2041.outbound.protection.outlook.com [40.107.243.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4FC6914B949 for ; Thu, 1 Aug 2024 19:15:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.243.41 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722539707; cv=fail; b=FBcqJwNktXcyOQMENKru27gS/6k6VLmv5t/RZN2bWJZOhI24adEsknnuZI/NDpstTpKNBAGEoMlQO8KdwVRtQSatxmkd0dirXoLWeM0wVwmGcPICH20vEUQM88zdfpv2XMx7+RDIsWn+vu8bwMuNoY5jfqRGQTG2eRdJiYc2UMc= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722539707; c=relaxed/simple; bh=93uZkUb0DL7eNXowrsisSVGzT4+QFGkLqWdCL8BeV/I=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=kWNeVePEm28IesUEtrAJqxp1eT1QVfugl3kDZPvOIsat67LlnFh0OvlU3fCMNn2GcjDyPfxc+gCqJMb69IsElz7mzdMyWkRA/Mj2y+VNMpDgDz2NBaUbPjA2JPzEWGnlklDon7AHIlAShWmVSTj5Z4Bxf7v7utQDesI8zT2A1kE= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=vCVEhehw; arc=fail smtp.client-ip=40.107.243.41 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="vCVEhehw" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=tN2MbK1OKiXRhBm/OTICZQwJ/8kciII3mfou29JXR2hwlMMQ2QviF4rdaBjrESSxe6tBLeSaFNpDJfJippvJOSE4FKbddgSL6/2l7x9MgvWSkiwLUM+N4rpJ2bxE3qrscH30mlo93RK1pUqZbwYJKmf4GvFN+uA5/W0/T378IhWGaF4L5GQdLISHjHHDn+QVPZmk35uL6Zgceq9/3lmh7ueZP4lUANz68EQDz+81OrEcyI5ogdCStFbUA+7B7Z10/gKqTmsaLOa28xF3y2LjVNMwOlirk2SN4weu/llEipQuXrg6ncVkf8/3CmsyDckAXh3YhctZ2UqWrFJz/7QNuQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ZLP0FomrHtsGSnSJn8eiIg+JCCUERRnJezuYuuOYxIY=; b=UPNR+fgyF5bSHlxmhjiuclTLJ+TZ2wnL8qYPg2PbT9FAW9Si6nVv0OK046KEphA6yXCHIvAC1w4lM7fxZQu0lG/qTbtL0rpJrLZ1E6XgWxh6suNwIwI4Vq6a8qXONmM/r2Xe8TZhGIRML5M84Im+nWGD8/g0+7sN3udlNqXQ9MjLLk+yvLL+Wtnn10Ur5lDKpaQjryUfDVH5vP+FcnU7KBl93bNOAJJpU8hKKxIDF8O0t7IaRT3DASrlbOoRlfQxdozMGo+t3OKkJPSIorg6vmtFJLeKPdIBG1fUC+HYe1QGqyOLhEPFyMLJcv3+jPgZxxtOCoqC0Ub9iliwoo3pGA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=linux.intel.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZLP0FomrHtsGSnSJn8eiIg+JCCUERRnJezuYuuOYxIY=; b=vCVEhehw5s4WTzY5oKxGjCPRSM1QZ7UmHng3R06ZR18swW8m3mCVYXjTpw3z+ScbiCj24J22ytJMILBOVfuWXmXsyTkZTO2jdxgXAWBtsJyYSZX4U6JDqkQ6MEd3ME2HUXf6BeS/hjDWYozHOuFEl2UTi0FCp/+6P5cDQB0Sq3A= Received: from BYAPR08CA0007.namprd08.prod.outlook.com (2603:10b6:a03:100::20) by IA1PR12MB6282.namprd12.prod.outlook.com (2603:10b6:208:3e6::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7828.23; Thu, 1 Aug 2024 19:15:02 +0000 Received: from MWH0EPF000989EA.namprd02.prod.outlook.com (2603:10b6:a03:100:cafe::60) by BYAPR08CA0007.outlook.office365.com (2603:10b6:a03:100::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7828.22 via Frontend Transport; Thu, 1 Aug 2024 19:15:01 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MWH0EPF000989EA.mail.protection.outlook.com (10.167.241.137) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7828.19 via Frontend Transport; Thu, 1 Aug 2024 19:15:01 +0000 Received: from ethanolx7e2ehost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Thu, 1 Aug 2024 14:14:59 -0500 From: Ashish Kalra To: , , , , CC: , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v13 3/3] x86/snp: Convert shared memory back to private on kexec Date: Thu, 1 Aug 2024 19:14:50 +0000 Message-ID: <05a8c15fb665dbb062b04a8cb3d592a63f235937.1722520012.git.ashish.kalra@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: <20240614095904.1345461-1-kirill.shutemov@linux.intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MWH0EPF000989EA:EE_|IA1PR12MB6282:EE_ X-MS-Office365-Filtering-Correlation-Id: b0bdc6d0-5368-4d95-44e3-08dcb25e3e0d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|36860700013|376014|7416014|82310400026; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?KDXgRAGcEm4LFIrTAv7lwej7uypwgMQU43UJMQIiSYA7w3czvqNgV3JRJPAF?= =?us-ascii?Q?mpSWPazvTzqbz/XZIZdFfcWr8yuHoRZqd8z+tPdlq0D7cexWe7W/jQt9mdjV?= =?us-ascii?Q?2QD1ifodppfF8VX7Tzl/GfBrzjtgzBx0hSpuPy42HKQKSP9K3lbszyYLCkcv?= =?us-ascii?Q?eJ8U7LqFVmeVbDSO8Mc58Ne01olOGVnYEHX0W6fHtQs3KdSUsZPXjy2AUKmr?= =?us-ascii?Q?RAn30TcnVz10pS7tZeM9omExQNY/2MyJFjm4KEE8Jae9qP+M9xsHFPW4MJG3?= =?us-ascii?Q?tyQZ0Xlbr/7jl7I5bxvuY4pgB7eTo0gEUDu7JC4P3jfC36AamP7dH511Zcoj?= =?us-ascii?Q?EOTv/9aeGqyOsBAQ8Pga/Kgd1aWCVsC4yGYJPJqALnLzFBn//xtpOJd2Qq0h?= =?us-ascii?Q?iMPYuf1tPARAq3kXYqbAvzWRgpsu5zTl6oz6JuH2itG9BpwVeLP2nm26JbaL?= =?us-ascii?Q?6g6fHlfRMty/Ho9BaHKXRSgW6lSq0hafZOBs4L17oRMlQN9Ye26/Y4KA/bzC?= =?us-ascii?Q?G9vc76qQ7nLlQhHzYS/pcym44A+Pp2j3k1uGOB3I519BmYf65gNWMbtirWF8?= =?us-ascii?Q?CbJ49XIxqAx/lHRzzuYBE4yxLPQykmVy1toPew+fFPQu+4Reda1Zz6nomHKU?= =?us-ascii?Q?ZkXvZxPhDUGz6GrrIHoVSRrEMxfoU83sySxg5jiK6yjJHBq/i2x266ZdzTno?= =?us-ascii?Q?MFou25DxBZLmFi2yKvUjjXWYdq8ifXd5pNLuW3BraQjshWwdVrTc5Kz9nVt+?= =?us-ascii?Q?CCmqA0c2g7NmSRLbVfi+QftnwtMasUlBzyVRbHGdk4+wm1rgdc8EGyDQ/C/v?= =?us-ascii?Q?3rVNB0tVWrtJ7DKEVJq7kypYswVK54hxQ+x9tC1XfMlAHQND+SKTVi+/42in?= =?us-ascii?Q?TsBhrlf/vBe9g/mWm/7x7jAn2lUvfvNl4KeIzhii/nmpuH3YDzEXkjkMhUkJ?= =?us-ascii?Q?peSDc9KTxP3shJ1R/QAMUafgo9UCkk70rXZ53wE1we39qKAWB2pHDL8MZiUm?= =?us-ascii?Q?r1jXJFX0WdFSsYJrp4Gf9qXZsRMJxH3dLaQ2+pSXGxD5j6WUUtAKXiG1n+n5?= =?us-ascii?Q?vxgTYbGyCfoulTz8FYMpv3Y5S3OMrUyBkrkNebzJ3LaPZopGVzRNmRPWgypF?= =?us-ascii?Q?LfKxVrzzemZkrXKJes5p/YPHBbnGHXLzOPPNOlnDXajWK8tLCmLkEj08qRmL?= =?us-ascii?Q?tAvukvJu3kzUxjHzBftwGZPkI6R/mDH2lNVKWYLX6KMlzuBg6DU8H5as2zMx?= =?us-ascii?Q?SxPEuonH26cBe6CPIszd2XUKb/evX/G1JqFvTYsQJaz0BEnSImrRFfJ8cnhl?= =?us-ascii?Q?Aed7x56JnuMypSGMXdV1RU1AuCivG575RgUB4GlqZP1Q3qjF21jWcEn3D0aw?= =?us-ascii?Q?ZySpDqtF7G3UtVaIccPXoqAOn2qIE+FZlyBZK4zMxtG8lKrffktHDKc6CIT/?= =?us-ascii?Q?1sU1gOUv0URS4+P0LiX2hBflTiIODEWa?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(1800799024)(36860700013)(376014)(7416014)(82310400026);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 01 Aug 2024 19:15:01.6400 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: b0bdc6d0-5368-4d95-44e3-08dcb25e3e0d X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MWH0EPF000989EA.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA1PR12MB6282 Content-Type: text/plain; charset="utf-8" From: Ashish Kalra SNP guests allocate shared buffers to perform I/O. It is done by allocating pages normally from the buddy allocator and converting them to shared with set_memory_decrypted(). The second, kexec-ed, kernel has no idea what memory is converted this way. It only sees E820_TYPE_RAM. Accessing shared memory via private mapping will cause unrecoverable RMP page-faults. On kexec walk direct mapping and convert all shared memory back to private. It makes all RAM private again and second kernel may use it normally. Additionally for SNP guests convert all bss decrypted section pages back to private. The conversion occurs in two steps: stopping new conversions and unsharing all memory. In the case of normal kexec, the stopping of conversions takes place while scheduling is still functioning. This allows for waiting until any ongoing conversions are finished. The second step is carried out when all CPUs except one are inactive and interrupts are disabled. This prevents any conflicts with code that may access shared memory. Co-developed-by: Borislav Petkov (AMD) Signed-off-by: Borislav Petkov (AMD) Reviewed-by: Tom Lendacky Signed-off-by: Ashish Kalra --- arch/x86/coco/sev/core.c | 132 ++++++++++++++++++++++++++++++++++ arch/x86/include/asm/sev.h | 4 ++ arch/x86/mm/mem_encrypt_amd.c | 2 + 3 files changed, 138 insertions(+) diff --git a/arch/x86/coco/sev/core.c b/arch/x86/coco/sev/core.c index de1df0cb45da..4278cdbee3a5 100644 --- a/arch/x86/coco/sev/core.c +++ b/arch/x86/coco/sev/core.c @@ -1010,6 +1010,138 @@ void snp_accept_memory(phys_addr_t start, phys_addr= _t end) set_pages_state(vaddr, npages, SNP_PAGE_STATE_PRIVATE); } =20 +static void set_pte_enc(pte_t *kpte, int level, void *va) +{ + struct pte_enc_desc d =3D { + .kpte =3D kpte, + .pte_level =3D level, + .va =3D va, + .encrypt =3D true + }; + + prepare_pte_enc(&d); + set_pte_enc_mask(kpte, d.pfn, d.new_pgprot); +} + +static void unshare_all_memory(void) +{ + unsigned long addr, end, size, ghcb; + struct sev_es_runtime_data *data; + unsigned int npages, level; + bool skipped_addr; + pte_t *pte; + int cpu; + + /* Unshare the direct mapping. */ + addr =3D PAGE_OFFSET; + end =3D PAGE_OFFSET + get_max_mapped(); + + while (addr < end) { + pte =3D lookup_address(addr, &level); + size =3D page_level_size(level); + npages =3D size / PAGE_SIZE; + skipped_addr =3D false; + + if (!pte || !pte_decrypted(*pte) || pte_none(*pte)) { + addr +=3D size; + continue; + } + + /* + * Ensure that all the per-cpu GHCBs are made private at the + * end of unsharing loop so that the switch to the slower MSR + * protocol happens last. + */ + for_each_possible_cpu(cpu) { + data =3D per_cpu(runtime_data, cpu); + ghcb =3D (unsigned long)&data->ghcb_page; + + if (addr <=3D ghcb && ghcb <=3D addr + size) { + skipped_addr =3D true; + break; + } + } + + if (!skipped_addr) { + set_pte_enc(pte, level, (void *)addr); + snp_set_memory_private(addr, npages); + } + addr +=3D size; + } + + /* Unshare all bss decrypted memory. */ + addr =3D (unsigned long)__start_bss_decrypted; + end =3D (unsigned long)__start_bss_decrypted_unused; + npages =3D (end - addr) >> PAGE_SHIFT; + + for (; addr < end; addr +=3D PAGE_SIZE) { + pte =3D lookup_address(addr, &level); + if (!pte || !pte_decrypted(*pte) || pte_none(*pte)) + continue; + + set_pte_enc(pte, level, (void *)addr); + } + addr =3D (unsigned long)__start_bss_decrypted; + snp_set_memory_private(addr, npages); + + __flush_tlb_all(); +} + +/* Stop new private<->shared conversions */ +void snp_kexec_begin(void) +{ + if (!cc_platform_has(CC_ATTR_GUEST_SEV_SNP)) + return; + + if (!IS_ENABLED(CONFIG_KEXEC_CORE)) + return; + + /* + * Crash kernel ends up here with interrupts disabled: can't wait for + * conversions to finish. + * + * If race happened, just report and proceed. + */ + if (!set_memory_enc_stop_conversion()) + pr_warn("Failed to stop shared<->private conversions\n"); +} + +void snp_kexec_finish(void) +{ + struct sev_es_runtime_data *data; + unsigned int level, cpu; + unsigned long size; + struct ghcb *ghcb; + pte_t *pte; + + if (!cc_platform_has(CC_ATTR_GUEST_SEV_SNP)) + return; + + if (!IS_ENABLED(CONFIG_KEXEC_CORE)) + return; + + unshare_all_memory(); + + /* + * Switch to using the MSR protocol to change per-cpu + * GHCBs to private. + * All the per-cpu GHCBs have been switched back to private, + * so can't do any more GHCB calls to the hypervisor beyond + * this point till the kexec kernel starts running. + */ + boot_ghcb =3D NULL; + sev_cfg.ghcbs_initialized =3D false; + + for_each_possible_cpu(cpu) { + data =3D per_cpu(runtime_data, cpu); + ghcb =3D &data->ghcb_page; + pte =3D lookup_address((unsigned long)ghcb, &level); + size =3D page_level_size(level); + set_pte_enc(pte, level, (void *)ghcb); + snp_set_memory_private((unsigned long)ghcb, (size / PAGE_SIZE)); + } +} + static int snp_set_vmsa(void *va, void *caa, int apic_id, bool make_vmsa) { int ret; diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 61684d0a64c0..733448e72a9b 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -417,6 +417,8 @@ void sev_show_status(void); void snp_update_svsm_ca(void); int prepare_pte_enc(struct pte_enc_desc *d); void set_pte_enc_mask(pte_t *kpte, unsigned long pfn, pgprot_t new_prot); +void snp_kexec_finish(void); +void snp_kexec_begin(void); =20 #else /* !CONFIG_AMD_MEM_ENCRYPT */ =20 @@ -455,6 +457,8 @@ static inline void sev_show_status(void) { } static inline void snp_update_svsm_ca(void) { } static inline int prepare_pte_enc(struct pte_enc_desc *d) { return 0; } static inline void set_pte_enc_mask(pte_t *kpte, unsigned long pfn, pgprot= _t new_prot) { } +static inline void snp_kexec_finish(void) { } +static inline void snp_kexec_begin(void) { } =20 #endif /* CONFIG_AMD_MEM_ENCRYPT */ =20 diff --git a/arch/x86/mm/mem_encrypt_amd.c b/arch/x86/mm/mem_encrypt_amd.c index f4be81db72ee..774f9677458f 100644 --- a/arch/x86/mm/mem_encrypt_amd.c +++ b/arch/x86/mm/mem_encrypt_amd.c @@ -490,6 +490,8 @@ void __init sme_early_init(void) x86_platform.guest.enc_status_change_finish =3D amd_enc_status_change_fi= nish; x86_platform.guest.enc_tlb_flush_required =3D amd_enc_tlb_flush_requir= ed; x86_platform.guest.enc_cache_flush_required =3D amd_enc_cache_flush_requ= ired; + x86_platform.guest.enc_kexec_begin =3D snp_kexec_begin; + x86_platform.guest.enc_kexec_finish =3D snp_kexec_finish; =20 /* * AMD-SEV-ES intercepts the RDMSR to read the X2APIC ID in the --=20 2.34.1