From: Paolo Bonzini <pbonzini@redhat.com>
To: Michael Roth <michael.roth@amd.com>, kvm@vger.kernel.org
Cc: linux-coco@lists.linux.dev, linux-mm@kvack.org,
linux-crypto@vger.kernel.org, x86@kernel.org,
linux-kernel@vger.kernel.org, tglx@linutronix.de,
mingo@redhat.com, jroedel@suse.de, thomas.lendacky@amd.com,
hpa@zytor.com, ardb@kernel.org, seanjc@google.com,
vkuznets@redhat.com, jmattson@google.com, luto@kernel.org,
dave.hansen@linux.intel.com, slp@redhat.com, pgonda@google.com,
peterz@infradead.org, srinivas.pandruvada@linux.intel.com,
rientjes@google.com, dovmurik@linux.ibm.com, tobin@ibm.com,
bp@alien8.de, vbabka@suse.cz, kirill@shutemov.name,
ak@linux.intel.com, tony.luck@intel.com,
sathyanarayanan.kuppuswamy@linux.intel.com, alpergun@google.com,
jarkko@kernel.org, ashish.kalra@amd.com, nikunj.dadhania@amd.com,
pankaj.gupta@amd.com, liam.merwick@oracle.com,
Brijesh Singh <brijesh.singh@amd.com>
Subject: Re: [PATCH v12 09/29] KVM: SEV: Add initial SEV-SNP support
Date: Sat, 30 Mar 2024 20:58:43 +0100 [thread overview]
Message-ID: <1296cfd8-3986-4c2f-be94-771ae3fb84f2@redhat.com> (raw)
In-Reply-To: <20240329225835.400662-10-michael.roth@amd.com>
On 3/29/24 23:58, Michael Roth wrote:
> SEV-SNP builds upon existing SEV and SEV-ES functionality while adding
> new hardware-based security protection. SEV-SNP adds strong memory
> encryption and integrity protection to help prevent malicious
> hypervisor-based attacks such as data replay, memory re-mapping, and
> more, to create an isolated execution environment.
>
> Define a new KVM_X86_SNP_VM type which makes use of these capabilities
> and extend the KVM_SEV_INIT2 ioctl to support it. Also add a basic
> helper to check whether SNP is enabled.
>
> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
> Signed-off-by: Ashish Kalra <ashish.kalra@amd.com>
> [mdr: commit fixups, use similar ASID reporting as with SEV/SEV-ES]
> Signed-off-by: Michael Roth <michael.roth@amd.com>
> ---
> arch/x86/include/asm/svm.h | 3 ++-
> arch/x86/include/uapi/asm/kvm.h | 1 +
> arch/x86/kvm/svm/sev.c | 21 ++++++++++++++++++++-
> arch/x86/kvm/svm/svm.c | 3 ++-
> arch/x86/kvm/svm/svm.h | 12 ++++++++++++
> arch/x86/kvm/x86.c | 2 +-
> 6 files changed, 38 insertions(+), 4 deletions(-)
>
> diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h
> index 728c98175b9c..544a43c1cf11 100644
> --- a/arch/x86/include/asm/svm.h
> +++ b/arch/x86/include/asm/svm.h
> @@ -285,7 +285,8 @@ static_assert((X2AVIC_MAX_PHYSICAL_ID & AVIC_PHYSICAL_MAX_INDEX_MASK) == X2AVIC_
>
> #define AVIC_HPA_MASK ~((0xFFFULL << 52) | 0xFFF)
>
> -#define SVM_SEV_FEAT_DEBUG_SWAP BIT(5)
> +#define SVM_SEV_FEAT_SNP_ACTIVE BIT(0)
> +#define SVM_SEV_FEAT_DEBUG_SWAP BIT(5)
>
> struct vmcb_seg {
> u16 selector;
> diff --git a/arch/x86/include/uapi/asm/kvm.h b/arch/x86/include/uapi/asm/kvm.h
> index 51b13080ed4b..725b75cfe9ff 100644
> --- a/arch/x86/include/uapi/asm/kvm.h
> +++ b/arch/x86/include/uapi/asm/kvm.h
> @@ -868,5 +868,6 @@ struct kvm_hyperv_eventfd {
> #define KVM_X86_SW_PROTECTED_VM 1
> #define KVM_X86_SEV_VM 2
> #define KVM_X86_SEV_ES_VM 3
> +#define KVM_X86_SNP_VM 4
>
> #endif /* _ASM_X86_KVM_H */
> diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
> index 1e65f5634ad3..3d9771163562 100644
> --- a/arch/x86/kvm/svm/sev.c
> +++ b/arch/x86/kvm/svm/sev.c
> @@ -46,6 +46,9 @@ module_param_named(sev, sev_enabled, bool, 0444);
> static bool sev_es_enabled = true;
> module_param_named(sev_es, sev_es_enabled, bool, 0444);
>
> +/* enable/disable SEV-SNP support */
> +static bool sev_snp_enabled;
> +
> /* enable/disable SEV-ES DebugSwap support */
> static bool sev_es_debug_swap_enabled = true;
> module_param_named(debug_swap, sev_es_debug_swap_enabled, bool, 0444);
> @@ -275,6 +278,9 @@ static int __sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp,
> sev->es_active = es_active;
> sev->vmsa_features = data->vmsa_features;
>
> + if (vm_type == KVM_X86_SNP_VM)
> + sev->vmsa_features |= SVM_SEV_FEAT_SNP_ACTIVE;
> +
> ret = sev_asid_new(sev);
> if (ret)
> goto e_no_asid;
> @@ -326,7 +332,8 @@ static int sev_guest_init2(struct kvm *kvm, struct kvm_sev_cmd *argp)
> return -EINVAL;
>
> if (kvm->arch.vm_type != KVM_X86_SEV_VM &&
> - kvm->arch.vm_type != KVM_X86_SEV_ES_VM)
> + kvm->arch.vm_type != KVM_X86_SEV_ES_VM &&
> + kvm->arch.vm_type != KVM_X86_SNP_VM)
> return -EINVAL;
>
> if (copy_from_user(&data, u64_to_user_ptr(argp->data), sizeof(data)))
> @@ -2297,11 +2304,16 @@ void __init sev_set_cpu_caps(void)
> kvm_cpu_cap_set(X86_FEATURE_SEV_ES);
> kvm_caps.supported_vm_types |= BIT(KVM_X86_SEV_ES_VM);
> }
> + if (sev_snp_enabled) {
> + kvm_cpu_cap_set(X86_FEATURE_SEV_SNP);
> + kvm_caps.supported_vm_types |= BIT(KVM_X86_SNP_VM);
> + }
> }
>
> void __init sev_hardware_setup(void)
> {
> unsigned int eax, ebx, ecx, edx, sev_asid_count, sev_es_asid_count;
> + bool sev_snp_supported = false;
> bool sev_es_supported = false;
> bool sev_supported = false;
>
> @@ -2382,6 +2394,7 @@ void __init sev_hardware_setup(void)
> sev_es_asid_count = min_sev_asid - 1;
> WARN_ON_ONCE(misc_cg_set_capacity(MISC_CG_RES_SEV_ES, sev_es_asid_count));
> sev_es_supported = true;
> + sev_snp_supported = sev_snp_enabled && cc_platform_has(CC_ATTR_HOST_SEV_SNP);
>
> out:
> if (boot_cpu_has(X86_FEATURE_SEV))
> @@ -2394,9 +2407,15 @@ void __init sev_hardware_setup(void)
> pr_info("SEV-ES %s (ASIDs %u - %u)\n",
> sev_es_supported ? "enabled" : "disabled",
> min_sev_asid > 1 ? 1 : 0, min_sev_asid - 1);
> + if (boot_cpu_has(X86_FEATURE_SEV_SNP))
> + pr_info("SEV-SNP %s (ASIDs %u - %u)\n",
> + sev_snp_supported ? "enabled" : "disabled",
> + min_sev_asid > 1 ? 1 : 0, min_sev_asid - 1);
>
> sev_enabled = sev_supported;
> sev_es_enabled = sev_es_supported;
> + sev_snp_enabled = sev_snp_supported;
> +
> if (!sev_es_enabled || !cpu_feature_enabled(X86_FEATURE_DEBUG_SWAP) ||
> !cpu_feature_enabled(X86_FEATURE_NO_NESTED_DATA_BP))
> sev_es_debug_swap_enabled = false;
> diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
> index 0f3b59da0d4a..2c162f6a1d78 100644
> --- a/arch/x86/kvm/svm/svm.c
> +++ b/arch/x86/kvm/svm/svm.c
> @@ -4890,7 +4890,8 @@ static int svm_vm_init(struct kvm *kvm)
>
> if (type != KVM_X86_DEFAULT_VM &&
> type != KVM_X86_SW_PROTECTED_VM) {
> - kvm->arch.has_protected_state = (type == KVM_X86_SEV_ES_VM);
> + kvm->arch.has_protected_state =
> + (type == KVM_X86_SEV_ES_VM || type == KVM_X86_SNP_VM);
> to_kvm_sev_info(kvm)->need_init = true;
> }
>
> diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h
> index 157eb3f65269..4a01a81dd9b9 100644
> --- a/arch/x86/kvm/svm/svm.h
> +++ b/arch/x86/kvm/svm/svm.h
> @@ -348,6 +348,18 @@ static __always_inline bool sev_es_guest(struct kvm *kvm)
> #endif
> }
>
> +static __always_inline bool sev_snp_guest(struct kvm *kvm)
> +{
> +#ifdef CONFIG_KVM_AMD_SEV
> + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info;
> +
> + return (sev->vmsa_features & SVM_SEV_FEAT_SNP_ACTIVE) &&
> + !WARN_ON_ONCE(!sev_es_guest(kvm));
> +#else
> + return false;
> +#endif
> +}
> +
> static inline void vmcb_mark_all_dirty(struct vmcb *vmcb)
> {
> vmcb->control.clean = 0;
> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> index 64eda7949f09..f85735b6235d 100644
> --- a/arch/x86/kvm/x86.c
> +++ b/arch/x86/kvm/x86.c
> @@ -12603,7 +12603,7 @@ int kvm_arch_init_vm(struct kvm *kvm, unsigned long type)
>
> kvm->arch.vm_type = type;
> kvm->arch.has_private_mem =
> - (type == KVM_X86_SW_PROTECTED_VM);
> + (type == KVM_X86_SW_PROTECTED_VM || type == KVM_X86_SNP_VM);
>
> ret = kvm_page_track_init(kvm);
> if (ret)
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo
next prev parent reply other threads:[~2024-03-30 19:58 UTC|newest]
Thread overview: 96+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-29 22:58 [PATCH v12 00/29] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support Michael Roth
2024-03-29 22:58 ` Michael Roth
2024-03-29 22:58 ` [PATCH v12 01/29] [TEMP] x86/kvm/Kconfig: Have KVM_AMD_SEV select ARCH_HAS_CC_PLATFORM Michael Roth
2024-03-29 22:58 ` [PATCH v12 02/29] [TEMP] x86/cc: Add cc_platform_set/_clear() helpers Michael Roth
2024-03-29 22:58 ` Michael Roth
2024-03-29 22:58 ` Michael Roth
2024-03-29 22:58 ` [PATCH v12 03/29] [TEMP] x86/CPU/AMD: Track SNP host status with cc_platform_*() Michael Roth
2024-03-29 22:58 ` Michael Roth
2024-03-29 22:58 ` Michael Roth
2024-03-29 22:58 ` [PATCH v12 04/29] [TEMP] fixup! KVM: SEV: sync FPU and AVX state at LAUNCH_UPDATE_VMSA time Michael Roth
2024-03-29 22:58 ` [PATCH v12 05/29] KVM: x86: Define RMP page fault error bits for #NPF Michael Roth
2024-03-29 22:58 ` Michael Roth
2024-03-30 19:28 ` Paolo Bonzini
2024-03-29 22:58 ` [PATCH v12 06/29] KVM: SEV: Select KVM_GENERIC_PRIVATE_MEM when CONFIG_KVM_AMD_SEV=y Michael Roth
2024-03-29 22:58 ` [PATCH v12 07/29] KVM: SEV: Add support to handle AP reset MSR protocol Michael Roth
2024-03-29 22:58 ` Michael Roth
2024-03-29 22:58 ` Michael Roth
2024-03-29 22:58 ` [PATCH v12 08/29] KVM: SEV: Add GHCB handling for Hypervisor Feature Support requests Michael Roth
2024-03-29 22:58 ` Michael Roth
2024-03-29 22:58 ` [PATCH v12 09/29] KVM: SEV: Add initial SEV-SNP support Michael Roth
2024-03-29 22:58 ` Michael Roth
2024-03-30 19:58 ` Paolo Bonzini [this message]
2024-03-29 22:58 ` [PATCH v12 10/29] KVM: SEV: Add KVM_SEV_SNP_LAUNCH_START command Michael Roth
2024-03-29 22:58 ` Michael Roth
2024-03-30 20:20 ` Paolo Bonzini
2024-03-29 22:58 ` [PATCH v12 11/29] KVM: SEV: Add KVM_SEV_SNP_LAUNCH_UPDATE command Michael Roth
2024-03-29 22:58 ` Michael Roth
2024-03-30 20:31 ` Paolo Bonzini
2024-04-01 22:22 ` Michael Roth
2024-04-02 22:58 ` Isaku Yamahata
2024-04-03 12:51 ` Paolo Bonzini
2024-04-03 15:37 ` Isaku Yamahata
2024-04-04 16:03 ` Paolo Bonzini
2024-03-29 22:58 ` [PATCH v12 12/29] KVM: SEV: Add KVM_SEV_SNP_LAUNCH_FINISH command Michael Roth
2024-03-29 22:58 ` Michael Roth
2024-03-30 20:41 ` Paolo Bonzini
2024-04-01 23:17 ` Michael Roth
2024-04-03 12:56 ` Paolo Bonzini
2024-03-29 22:58 ` [PATCH v12 13/29] KVM: SEV: Add support to handle GHCB GPA register VMGEXIT Michael Roth
2024-03-29 22:58 ` Michael Roth
2024-03-29 22:58 ` [PATCH v12 14/29] KVM: SEV: Add support to handle MSR based Page State Change VMGEXIT Michael Roth
2024-03-29 22:58 ` [PATCH v12 15/29] KVM: SEV: Add support to handle " Michael Roth
2024-03-29 22:58 ` [PATCH v12 16/29] KVM: x86: Export the kvm_zap_gfn_range() for the SNP use Michael Roth
2024-03-30 20:51 ` Paolo Bonzini
2024-03-29 22:58 ` [PATCH v12 17/29] KVM: SEV: Add support to handle RMP nested page faults Michael Roth
2024-03-29 22:58 ` Michael Roth
2024-03-29 22:58 ` Michael Roth
2024-03-30 20:55 ` Paolo Bonzini
2024-03-29 22:58 ` [PATCH v12 18/29] KVM: SEV: Use a VMSA physical address variable for populating VMCB Michael Roth
2024-03-29 22:58 ` Michael Roth
2024-03-30 21:01 ` Paolo Bonzini
2024-04-16 11:53 ` Paolo Bonzini
2024-04-16 14:25 ` Tom Lendacky
2024-04-16 17:00 ` Paolo Bonzini
2024-04-17 20:57 ` Michael Roth
2024-03-29 22:58 ` [PATCH v12 19/29] KVM: SEV: Support SEV-SNP AP Creation NAE event Michael Roth
2024-03-29 22:58 ` Michael Roth
2024-03-29 22:58 ` [PATCH v12 20/29] KVM: SEV: Add support for GHCB-based termination requests Michael Roth
2024-03-29 22:58 ` Michael Roth
2024-03-29 22:58 ` [PATCH v12 21/29] KVM: SEV: Implement gmem hook for initializing private pages Michael Roth
2024-03-30 21:05 ` Paolo Bonzini
2024-03-30 21:05 ` Paolo Bonzini
2024-03-30 21:05 ` Paolo Bonzini
2024-03-29 22:58 ` [PATCH v12 22/29] KVM: SEV: Implement gmem hook for invalidating " Michael Roth
2024-03-30 21:31 ` Paolo Bonzini
2024-03-30 21:31 ` Paolo Bonzini
2024-03-30 21:31 ` Paolo Bonzini
2024-04-18 19:57 ` Michael Roth
2024-03-29 22:58 ` [PATCH v12 23/29] KVM: x86: Implement gmem hook for determining max NPT mapping level Michael Roth
2024-03-29 22:58 ` Michael Roth
2024-03-29 22:58 ` Michael Roth
2024-03-30 21:35 ` Paolo Bonzini
2024-03-30 21:35 ` Paolo Bonzini
2024-03-30 21:35 ` Paolo Bonzini
2024-03-29 22:58 ` [PATCH v12 24/29] KVM: SEV: Avoid WBINVD for HVA-based MMU notifications for SNP Michael Roth
2024-03-30 21:35 ` Paolo Bonzini
2024-03-30 21:35 ` Paolo Bonzini
2024-03-29 22:58 ` [PATCH v12 25/29] KVM: SVM: Add module parameter to enable the SEV-SNP Michael Roth
2024-03-30 21:35 ` Paolo Bonzini
2024-03-30 21:35 ` Paolo Bonzini
2024-03-29 22:58 ` [PATCH v12 26/29] KVM: SEV: Provide support for SNP_GUEST_REQUEST NAE event Michael Roth
2024-03-29 22:58 ` Michael Roth
2024-03-29 22:58 ` Michael Roth
2024-04-10 22:14 ` Tom Lendacky
2024-03-29 22:58 ` [PATCH v12 27/29] crypto: ccp: Add the SNP_VLEK_LOAD command Michael Roth
2024-03-29 22:58 ` Michael Roth
2024-04-10 22:20 ` Tom Lendacky
2024-03-29 22:58 ` [PATCH v12 28/29] crypto: ccp: Add the SNP_{PAUSE,RESUME}_ATTESTATION commands Michael Roth
2024-03-29 22:58 ` Michael Roth
2024-04-10 22:27 ` Tom Lendacky
2024-03-29 22:58 ` [PATCH v12 29/29] KVM: SEV: Provide support for SNP_EXTENDED_GUEST_REQUEST NAE event Michael Roth
2024-03-29 22:58 ` Michael Roth
2024-04-11 13:33 ` Tom Lendacky
2024-03-30 21:44 ` [PATCH v12 00/29] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support Paolo Bonzini
2024-03-30 21:44 ` Paolo Bonzini
2024-03-30 21:44 ` Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1296cfd8-3986-4c2f-be94-771ae3fb84f2@redhat.com \
--to=pbonzini@redhat.com \
--cc=ak@linux.intel.com \
--cc=alpergun@google.com \
--cc=ardb@kernel.org \
--cc=ashish.kalra@amd.com \
--cc=bp@alien8.de \
--cc=brijesh.singh@amd.com \
--cc=dave.hansen@linux.intel.com \
--cc=dovmurik@linux.ibm.com \
--cc=hpa@zytor.com \
--cc=jarkko@kernel.org \
--cc=jmattson@google.com \
--cc=jroedel@suse.de \
--cc=kirill@shutemov.name \
--cc=kvm@vger.kernel.org \
--cc=liam.merwick@oracle.com \
--cc=linux-coco@lists.linux.dev \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luto@kernel.org \
--cc=michael.roth@amd.com \
--cc=mingo@redhat.com \
--cc=nikunj.dadhania@amd.com \
--cc=pankaj.gupta@amd.com \
--cc=peterz@infradead.org \
--cc=pgonda@google.com \
--cc=rientjes@google.com \
--cc=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=seanjc@google.com \
--cc=slp@redhat.com \
--cc=srinivas.pandruvada@linux.intel.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=tobin@ibm.com \
--cc=tony.luck@intel.com \
--cc=vbabka@suse.cz \
--cc=vkuznets@redhat.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.