From: Michael Roth <michael.roth@amd.com> To: <kvm@vger.kernel.org> Cc: <linux-coco@lists.linux.dev>, <linux-mm@kvack.org>, <linux-crypto@vger.kernel.org>, <x86@kernel.org>, <linux-kernel@vger.kernel.org>, <tglx@linutronix.de>, <mingo@redhat.com>, <jroedel@suse.de>, <thomas.lendacky@amd.com>, <hpa@zytor.com>, <ardb@kernel.org>, <pbonzini@redhat.com>, <seanjc@google.com>, <vkuznets@redhat.com>, <jmattson@google.com>, <luto@kernel.org>, <dave.hansen@linux.intel.com>, <slp@redhat.com>, <pgonda@google.com>, <peterz@infradead.org>, <srinivas.pandruvada@linux.intel.com>, <rientjes@google.com>, <dovmurik@linux.ibm.com>, <tobin@ibm.com>, <bp@alien8.de>, <vbabka@suse.cz>, <kirill@shutemov.name>, <ak@linux.intel.com>, <tony.luck@intel.com>, <sathyanarayanan.kuppuswamy@linux.intel.com>, <alpergun@google.com>, <jarkko@kernel.org>, <ashish.kalra@amd.com>, <nikunj.dadhania@amd.com>, <pankaj.gupta@amd.com>, <liam.merwick@oracle.com>, Brijesh Singh <brijesh.singh@amd.com>, Harald Hoyer <harald@profian.com> Subject: [PATCH v12 12/29] KVM: SEV: Add KVM_SEV_SNP_LAUNCH_FINISH command Date: Fri, 29 Mar 2024 17:58:18 -0500 [thread overview] Message-ID: <20240329225835.400662-13-michael.roth@amd.com> (raw) In-Reply-To: <20240329225835.400662-1-michael.roth@amd.com> Add a KVM_SEV_SNP_LAUNCH_FINISH command to finalize the cryptographic launch digest and stores it as the measurement of the guest at launch time. Also extend the existing SNP firmware data structures to support enforcing the use of Version Loaded Endorsement Keys by guests as part of this command. While finalizing the launch flow, it also issues the LAUNCH_UPDATE SNP firmware commands to encrypt/measure the initial VMSA pages for each configured vCPU. This involves setting the RMP entries for those pages to provide, so also add handling to clean up the RMP entries for these pages whening free'ing vCPUs. Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Signed-off-by: Harald Hoyer <harald@profian.com> Signed-off-by: Ashish Kalra <ashish.kalra@amd.com> [mdr: always measure BSP first to get consistent launch measurements] Signed-off-by: Michael Roth <michael.roth@amd.com> --- .../virt/kvm/x86/amd-memory-encryption.rst | 26 ++++ arch/x86/include/uapi/asm/kvm.h | 15 ++ arch/x86/kvm/svm/sev.c | 137 ++++++++++++++++++ include/linux/psp-sev.h | 4 +- 4 files changed, 181 insertions(+), 1 deletion(-) diff --git a/Documentation/virt/kvm/x86/amd-memory-encryption.rst b/Documentation/virt/kvm/x86/amd-memory-encryption.rst index 4268aa5c380e..a49e8cff9133 100644 --- a/Documentation/virt/kvm/x86/amd-memory-encryption.rst +++ b/Documentation/virt/kvm/x86/amd-memory-encryption.rst @@ -517,6 +517,32 @@ where the allowed values for page_type are #define'd as:: See the SEV-SNP spec [snp-fw-abi]_ for further details on how each page type is used/measured. +20. KVM_SEV_SNP_LAUNCH_FINISH +----------------------------- + +After completion of the SNP guest launch flow, the KVM_SEV_SNP_LAUNCH_FINISH +command can be issued to make the guest ready for execution. + +Parameters (in): struct kvm_sev_snp_launch_finish + +Returns: 0 on success, -negative on error + +:: + + struct kvm_sev_snp_launch_finish { + __u64 id_block_uaddr; + __u64 id_auth_uaddr; + __u8 id_block_en; + __u8 auth_key_en; + __u8 vlek_required; + __u8 host_data[32]; + __u8 pad[6]; + }; + + +See SEV-SNP specification [snp-fw-abi]_ for SNP_LAUNCH_FINISH further details +on launch finish input parameters. + Device attribute API ==================== diff --git a/arch/x86/include/uapi/asm/kvm.h b/arch/x86/include/uapi/asm/kvm.h index 956eb548c08e..2b08fcbe039a 100644 --- a/arch/x86/include/uapi/asm/kvm.h +++ b/arch/x86/include/uapi/asm/kvm.h @@ -696,6 +696,7 @@ enum sev_cmd_id { /* SNP-specific commands */ KVM_SEV_SNP_LAUNCH_START, KVM_SEV_SNP_LAUNCH_UPDATE, + KVM_SEV_SNP_LAUNCH_FINISH, KVM_SEV_NR_MAX, }; @@ -841,6 +842,20 @@ struct kvm_sev_snp_launch_update { __u8 type; }; +#define KVM_SEV_SNP_ID_BLOCK_SIZE 96 +#define KVM_SEV_SNP_ID_AUTH_SIZE 4096 +#define KVM_SEV_SNP_FINISH_DATA_SIZE 32 + +struct kvm_sev_snp_launch_finish { + __u64 id_block_uaddr; + __u64 id_auth_uaddr; + __u8 id_block_en; + __u8 auth_key_en; + __u8 vlek_required; + __u8 host_data[KVM_SEV_SNP_FINISH_DATA_SIZE]; + __u8 pad[6]; +}; + #define KVM_X2APIC_API_USE_32BIT_IDS (1ULL << 0) #define KVM_X2APIC_API_DISABLE_BROADCAST_QUIRK (1ULL << 1) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index a8a8a285b4a4..3d6c030091c2 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -63,6 +63,8 @@ static u64 sev_supported_vmsa_features; #define SNP_POLICY_MASK_SMT BIT_ULL(16) #define SNP_POLICY_MASK_SINGLE_SOCKET BIT_ULL(20) +#define INITIAL_VMSA_GPA 0xFFFFFFFFF000 + static u8 sev_enc_bit; static DECLARE_RWSEM(sev_deactivate_lock); static DEFINE_MUTEX(sev_bitmap_lock); @@ -2283,6 +2285,125 @@ static int snp_launch_update(struct kvm *kvm, struct kvm_sev_cmd *argp) return ret; } +static int snp_launch_update_vmsa(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct sev_data_snp_launch_update data = {}; + bool boot_vcpu_handled = false; + struct kvm_vcpu *vcpu; + unsigned long i; + int ret; + + data.gctx_paddr = __psp_pa(sev->snp_context); + data.page_type = SNP_PAGE_TYPE_VMSA; + +handle_remaining_vcpus: + kvm_for_each_vcpu(i, vcpu, kvm) { + struct vcpu_svm *svm = to_svm(vcpu); + u64 pfn = __pa(svm->sev_es.vmsa) >> PAGE_SHIFT; + + /* Handle boot vCPU first to ensure consistent measurement of initial state. */ + if (!boot_vcpu_handled && vcpu->vcpu_id != 0) + continue; + + if (boot_vcpu_handled && vcpu->vcpu_id == 0) + continue; + + /* Perform some pre-encryption checks against the VMSA */ + ret = sev_es_sync_vmsa(svm); + if (ret) + return ret; + + /* Transition the VMSA page to a firmware state. */ + ret = rmp_make_private(pfn, INITIAL_VMSA_GPA, PG_LEVEL_4K, sev->asid, true); + if (ret) + return ret; + + /* Issue the SNP command to encrypt the VMSA */ + data.address = __sme_pa(svm->sev_es.vmsa); + ret = __sev_issue_cmd(argp->sev_fd, SEV_CMD_SNP_LAUNCH_UPDATE, + &data, &argp->error); + if (ret) { + snp_page_reclaim(pfn); + return ret; + } + + svm->vcpu.arch.guest_state_protected = true; + + if (!boot_vcpu_handled) { + boot_vcpu_handled = true; + goto handle_remaining_vcpus; + } + } + + return 0; +} + +static int snp_launch_finish(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct kvm_sev_snp_launch_finish params; + struct sev_data_snp_launch_finish *data; + void *id_block = NULL, *id_auth = NULL; + int ret; + + if (!sev_snp_guest(kvm)) + return -ENOTTY; + + if (!sev->snp_context) + return -EINVAL; + + if (copy_from_user(¶ms, u64_to_user_ptr(argp->data), sizeof(params))) + return -EFAULT; + + /* Measure all vCPUs using LAUNCH_UPDATE before finalizing the launch flow. */ + ret = snp_launch_update_vmsa(kvm, argp); + if (ret) + return ret; + + data = kzalloc(sizeof(*data), GFP_KERNEL_ACCOUNT); + if (!data) + return -ENOMEM; + + if (params.id_block_en) { + id_block = psp_copy_user_blob(params.id_block_uaddr, KVM_SEV_SNP_ID_BLOCK_SIZE); + if (IS_ERR(id_block)) { + ret = PTR_ERR(id_block); + goto e_free; + } + + data->id_block_en = 1; + data->id_block_paddr = __sme_pa(id_block); + + id_auth = psp_copy_user_blob(params.id_auth_uaddr, KVM_SEV_SNP_ID_AUTH_SIZE); + if (IS_ERR(id_auth)) { + ret = PTR_ERR(id_auth); + goto e_free_id_block; + } + + data->id_auth_paddr = __sme_pa(id_auth); + + if (params.auth_key_en) + data->auth_key_en = 1; + } + + data->vcek_disabled = params.vlek_required; + + memcpy(data->host_data, params.host_data, KVM_SEV_SNP_FINISH_DATA_SIZE); + data->gctx_paddr = __psp_pa(sev->snp_context); + ret = sev_issue_cmd(kvm, SEV_CMD_SNP_LAUNCH_FINISH, data, &argp->error); + + kfree(id_auth); + +e_free_id_block: + kfree(id_block); + +e_free: + kfree(data); + + return ret; +} + int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) { struct kvm_sev_cmd sev_cmd; @@ -2376,6 +2497,9 @@ int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) case KVM_SEV_SNP_LAUNCH_UPDATE: r = snp_launch_update(kvm, &sev_cmd); break; + case KVM_SEV_SNP_LAUNCH_FINISH: + r = snp_launch_finish(kvm, &sev_cmd); + break; default: r = -EINVAL; goto out; @@ -2866,11 +2990,24 @@ void sev_free_vcpu(struct kvm_vcpu *vcpu) svm = to_svm(vcpu); + /* + * If it's an SNP guest, then the VMSA was marked in the RMP table as + * a guest-owned page. Transition the page to hypervisor state before + * releasing it back to the system. + */ + if (sev_snp_guest(vcpu->kvm)) { + u64 pfn = __pa(svm->sev_es.vmsa) >> PAGE_SHIFT; + + if (host_rmp_make_shared(pfn, PG_LEVEL_4K, true)) + goto skip_vmsa_free; + } + if (vcpu->arch.guest_state_protected) sev_flush_encrypted_page(vcpu, svm->sev_es.vmsa); __free_page(virt_to_page(svm->sev_es.vmsa)); +skip_vmsa_free: if (svm->sev_es.ghcb_sa_free) kvfree(svm->sev_es.ghcb_sa); } diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index 3705c2044fc0..903ddfea8585 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -658,6 +658,7 @@ struct sev_data_snp_launch_update { * @id_auth_paddr: system physical address of ID block authentication structure * @id_block_en: indicates whether ID block is present * @auth_key_en: indicates whether author key is present in authentication structure + * @vcek_disabled: indicates whether use of VCEK is allowed for attestation reports * @rsvd: reserved * @host_data: host-supplied data for guest, not interpreted by firmware */ @@ -667,7 +668,8 @@ struct sev_data_snp_launch_finish { u64 id_auth_paddr; u8 id_block_en:1; u8 auth_key_en:1; - u64 rsvd:62; + u8 vcek_disabled:1; + u64 rsvd:61; u8 host_data[32]; } __packed; -- 2.25.1
WARNING: multiple messages have this Message-ID (diff)
From: Michael Roth <michael.roth@amd.com> To: <kvm@vger.kernel.org> Cc: <linux-coco@lists.linux.dev>, <linux-mm@kvack.org>, <linux-crypto@vger.kernel.org>, <x86@kernel.org>, <linux-kernel@vger.kernel.org>, <tglx@linutronix.de>, <mingo@redhat.com>, <jroedel@suse.de>, <thomas.lendacky@amd.com>, <hpa@zytor.com>, <ardb@kernel.org>, <pbonzini@redhat.com>, <seanjc@google.com>, <vkuznets@redhat.com>, <jmattson@google.com>, <luto@kernel.org>, <dave.hansen@linux.intel.com>, <slp@redhat.com>, <pgonda@google.com>, <peterz@infradead.org>, <srinivas.pandruvada@linux.intel.com>, <rientjes@google.com>, <dovmurik@linux.ibm.com>, <tobin@ibm.com>, <bp@alien8.de>, <vbabka@suse.cz>, <kirill@shutemov.name>, <ak@linux.intel.com>, <tony.luck@intel.com>, <sathyanarayanan.kuppuswamy@linux.intel.com>, <alpergun@google.com>, <jarkko@kernel.org>, <ashish.kalra@amd.com>, <nikunj.dadhania@amd.com>, <pankaj.gupta@amd.com>, <liam.merwick@oracle.com>, Brijesh Singh <brijesh.singh@amd.com>, Harald Hoyer <harald@profian.com> Subject: [PATCH v12 12/29] KVM: SEV: Add KVM_SEV_SNP_LAUNCH_FINISH command Date: Fri, 29 Mar 2024 17:58:18 -0500 [thread overview] Message-ID: <20240329225835.400662-13-michael.roth@amd.com> (raw) Message-ID: <20240329225818.391kUI3EiiFdjh0M34f8QXAdtSBbTlR2N7WLgeIvNMo@z> (raw) In-Reply-To: <20240329225835.400662-1-michael.roth@amd.com> Add a KVM_SEV_SNP_LAUNCH_FINISH command to finalize the cryptographic launch digest and stores it as the measurement of the guest at launch time. Also extend the existing SNP firmware data structures to support enforcing the use of Version Loaded Endorsement Keys by guests as part of this command. While finalizing the launch flow, it also issues the LAUNCH_UPDATE SNP firmware commands to encrypt/measure the initial VMSA pages for each configured vCPU. This involves setting the RMP entries for those pages to provide, so also add handling to clean up the RMP entries for these pages whening free'ing vCPUs. Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Signed-off-by: Harald Hoyer <harald@profian.com> Signed-off-by: Ashish Kalra <ashish.kalra@amd.com> [mdr: always measure BSP first to get consistent launch measurements] Signed-off-by: Michael Roth <michael.roth@amd.com> --- .../virt/kvm/x86/amd-memory-encryption.rst | 26 ++++ arch/x86/include/uapi/asm/kvm.h | 15 ++ arch/x86/kvm/svm/sev.c | 137 ++++++++++++++++++ include/linux/psp-sev.h | 4 +- 4 files changed, 181 insertions(+), 1 deletion(-) diff --git a/Documentation/virt/kvm/x86/amd-memory-encryption.rst b/Documentation/virt/kvm/x86/amd-memory-encryption.rst index 4268aa5c380e..a49e8cff9133 100644 --- a/Documentation/virt/kvm/x86/amd-memory-encryption.rst +++ b/Documentation/virt/kvm/x86/amd-memory-encryption.rst @@ -517,6 +517,32 @@ where the allowed values for page_type are #define'd as:: See the SEV-SNP spec [snp-fw-abi]_ for further details on how each page type is used/measured. +20. KVM_SEV_SNP_LAUNCH_FINISH +----------------------------- + +After completion of the SNP guest launch flow, the KVM_SEV_SNP_LAUNCH_FINISH +command can be issued to make the guest ready for execution. + +Parameters (in): struct kvm_sev_snp_launch_finish + +Returns: 0 on success, -negative on error + +:: + + struct kvm_sev_snp_launch_finish { + __u64 id_block_uaddr; + __u64 id_auth_uaddr; + __u8 id_block_en; + __u8 auth_key_en; + __u8 vlek_required; + __u8 host_data[32]; + __u8 pad[6]; + }; + + +See SEV-SNP specification [snp-fw-abi]_ for SNP_LAUNCH_FINISH further details +on launch finish input parameters. + Device attribute API ==================== diff --git a/arch/x86/include/uapi/asm/kvm.h b/arch/x86/include/uapi/asm/kvm.h index 956eb548c08e..2b08fcbe039a 100644 --- a/arch/x86/include/uapi/asm/kvm.h +++ b/arch/x86/include/uapi/asm/kvm.h @@ -696,6 +696,7 @@ enum sev_cmd_id { /* SNP-specific commands */ KVM_SEV_SNP_LAUNCH_START, KVM_SEV_SNP_LAUNCH_UPDATE, + KVM_SEV_SNP_LAUNCH_FINISH, KVM_SEV_NR_MAX, }; @@ -841,6 +842,20 @@ struct kvm_sev_snp_launch_update { __u8 type; }; +#define KVM_SEV_SNP_ID_BLOCK_SIZE 96 +#define KVM_SEV_SNP_ID_AUTH_SIZE 4096 +#define KVM_SEV_SNP_FINISH_DATA_SIZE 32 + +struct kvm_sev_snp_launch_finish { + __u64 id_block_uaddr; + __u64 id_auth_uaddr; + __u8 id_block_en; + __u8 auth_key_en; + __u8 vlek_required; + __u8 host_data[KVM_SEV_SNP_FINISH_DATA_SIZE]; + __u8 pad[6]; +}; + #define KVM_X2APIC_API_USE_32BIT_IDS (1ULL << 0) #define KVM_X2APIC_API_DISABLE_BROADCAST_QUIRK (1ULL << 1) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index a8a8a285b4a4..3d6c030091c2 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -63,6 +63,8 @@ static u64 sev_supported_vmsa_features; #define SNP_POLICY_MASK_SMT BIT_ULL(16) #define SNP_POLICY_MASK_SINGLE_SOCKET BIT_ULL(20) +#define INITIAL_VMSA_GPA 0xFFFFFFFFF000 + static u8 sev_enc_bit; static DECLARE_RWSEM(sev_deactivate_lock); static DEFINE_MUTEX(sev_bitmap_lock); @@ -2283,6 +2285,125 @@ static int snp_launch_update(struct kvm *kvm, struct kvm_sev_cmd *argp) return ret; } +static int snp_launch_update_vmsa(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct sev_data_snp_launch_update data = {}; + bool boot_vcpu_handled = false; + struct kvm_vcpu *vcpu; + unsigned long i; + int ret; + + data.gctx_paddr = __psp_pa(sev->snp_context); + data.page_type = SNP_PAGE_TYPE_VMSA; + +handle_remaining_vcpus: + kvm_for_each_vcpu(i, vcpu, kvm) { + struct vcpu_svm *svm = to_svm(vcpu); + u64 pfn = __pa(svm->sev_es.vmsa) >> PAGE_SHIFT; + + /* Handle boot vCPU first to ensure consistent measurement of initial state. */ + if (!boot_vcpu_handled && vcpu->vcpu_id != 0) + continue; + + if (boot_vcpu_handled && vcpu->vcpu_id == 0) + continue; + + /* Perform some pre-encryption checks against the VMSA */ + ret = sev_es_sync_vmsa(svm); + if (ret) + return ret; + + /* Transition the VMSA page to a firmware state. */ + ret = rmp_make_private(pfn, INITIAL_VMSA_GPA, PG_LEVEL_4K, sev->asid, true); + if (ret) + return ret; + + /* Issue the SNP command to encrypt the VMSA */ + data.address = __sme_pa(svm->sev_es.vmsa); + ret = __sev_issue_cmd(argp->sev_fd, SEV_CMD_SNP_LAUNCH_UPDATE, + &data, &argp->error); + if (ret) { + snp_page_reclaim(pfn); + return ret; + } + + svm->vcpu.arch.guest_state_protected = true; + + if (!boot_vcpu_handled) { + boot_vcpu_handled = true; + goto handle_remaining_vcpus; + } + } + + return 0; +} + +static int snp_launch_finish(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct kvm_sev_snp_launch_finish params; + struct sev_data_snp_launch_finish *data; + void *id_block = NULL, *id_auth = NULL; + int ret; + + if (!sev_snp_guest(kvm)) + return -ENOTTY; + + if (!sev->snp_context) + return -EINVAL; + + if (copy_from_user(¶ms, u64_to_user_ptr(argp->data), sizeof(params))) + return -EFAULT; + + /* Measure all vCPUs using LAUNCH_UPDATE before finalizing the launch flow. */ + ret = snp_launch_update_vmsa(kvm, argp); + if (ret) + return ret; + + data = kzalloc(sizeof(*data), GFP_KERNEL_ACCOUNT); + if (!data) + return -ENOMEM; + + if (params.id_block_en) { + id_block = psp_copy_user_blob(params.id_block_uaddr, KVM_SEV_SNP_ID_BLOCK_SIZE); + if (IS_ERR(id_block)) { + ret = PTR_ERR(id_block); + goto e_free; + } + + data->id_block_en = 1; + data->id_block_paddr = __sme_pa(id_block); + + id_auth = psp_copy_user_blob(params.id_auth_uaddr, KVM_SEV_SNP_ID_AUTH_SIZE); + if (IS_ERR(id_auth)) { + ret = PTR_ERR(id_auth); + goto e_free_id_block; + } + + data->id_auth_paddr = __sme_pa(id_auth); + + if (params.auth_key_en) + data->auth_key_en = 1; + } + + data->vcek_disabled = params.vlek_required; + + memcpy(data->host_data, params.host_data, KVM_SEV_SNP_FINISH_DATA_SIZE); + data->gctx_paddr = __psp_pa(sev->snp_context); + ret = sev_issue_cmd(kvm, SEV_CMD_SNP_LAUNCH_FINISH, data, &argp->error); + + kfree(id_auth); + +e_free_id_block: + kfree(id_block); + +e_free: + kfree(data); + + return ret; +} + int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) { struct kvm_sev_cmd sev_cmd; @@ -2376,6 +2497,9 @@ int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) case KVM_SEV_SNP_LAUNCH_UPDATE: r = snp_launch_update(kvm, &sev_cmd); break; + case KVM_SEV_SNP_LAUNCH_FINISH: + r = snp_launch_finish(kvm, &sev_cmd); + break; default: r = -EINVAL; goto out; @@ -2866,11 +2990,24 @@ void sev_free_vcpu(struct kvm_vcpu *vcpu) svm = to_svm(vcpu); + /* + * If it's an SNP guest, then the VMSA was marked in the RMP table as + * a guest-owned page. Transition the page to hypervisor state before + * releasing it back to the system. + */ + if (sev_snp_guest(vcpu->kvm)) { + u64 pfn = __pa(svm->sev_es.vmsa) >> PAGE_SHIFT; + + if (host_rmp_make_shared(pfn, PG_LEVEL_4K, true)) + goto skip_vmsa_free; + } + if (vcpu->arch.guest_state_protected) sev_flush_encrypted_page(vcpu, svm->sev_es.vmsa); __free_page(virt_to_page(svm->sev_es.vmsa)); +skip_vmsa_free: if (svm->sev_es.ghcb_sa_free) kvfree(svm->sev_es.ghcb_sa); } diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index 3705c2044fc0..903ddfea8585 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -658,6 +658,7 @@ struct sev_data_snp_launch_update { * @id_auth_paddr: system physical address of ID block authentication structure * @id_block_en: indicates whether ID block is present * @auth_key_en: indicates whether author key is present in authentication structure + * @vcek_disabled: indicates whether use of VCEK is allowed for attestation reports * @rsvd: reserved * @host_data: host-supplied data for guest, not interpreted by firmware */ @@ -667,7 +668,8 @@ struct sev_data_snp_launch_finish { u64 id_auth_paddr; u8 id_block_en:1; u8 auth_key_en:1; - u64 rsvd:62; + u8 vcek_disabled:1; + u64 rsvd:61; u8 host_data[32]; } __packed; -- 2.25.1 X-sender: <kvm+bounces-13116-martin.weber=secunet.com@vger.kernel.org> X-Receiver: <martin.weber@secunet.com> ORCPT=rfc822;martin.weber@secunet.com NOTIFY=NEVER; X-ExtendedProps=BQAVABYAAgAAAAUAFAARAJuYHy0vkvxLoOu7fW2WcxcPADUAAABNaWNyb3NvZnQuRXhjaGFuZ2UuVHJhbnNwb3J0LkRpcmVjdG9yeURhdGEuSXNSZXNvdXJjZQIAAAUAagAJAAEAAAAAAAAABQAWAAIAAAUAQwACAAAFAEYABwADAAAABQBHAAIAAAUAEgAPAF4AAAAvbz1zZWN1bmV0L291PUV4Y2hhbmdlIEFkbWluaXN0cmF0aXZlIEdyb3VwIChGWURJQk9IRjIzU1BETFQpL2NuPVJlY2lwaWVudHMvY249V2ViZXIgTWFydGluOTU1BQALABcAvgAAALMpUnVJ4+pPsL47FHo+lvtDTj1EQjIsQ049RGF0YWJhc2VzLENOPUV4Y2hhbmdlIEFkbWluaXN0cmF0aXZlIEdyb3VwIChGWURJQk9IRjIzU1BETFQpLENOPUFkbWluaXN0cmF0aXZlIEdyb3VwcyxDTj1zZWN1bmV0LENOPU1pY3Jvc29mdCBFeGNoYW5nZSxDTj1TZXJ2aWNlcyxDTj1Db25maWd1cmF0aW9uLERDPXNlY3VuZXQsREM9ZGUFAA4AEQBACf3SYEkDT461FZzDv+B7BQAdAA8ADAAAAG1ieC1lc3Nlbi0wMQUAPAACAAAPADYAAABNaWNyb3NvZnQuRXhjaGFuZ2UuVHJhbnNwb3J0Lk1haWxSZWNpcGllbnQuRGlzcGxheU5hbWUPAA0AAABXZWJlciwgTWFydGluBQAMAAIAAAUAbAACAAAFAFgAFwBGAAAAm5gfLS+S/Eug67t9bZZzF0NOPVdlYmVyIE1hcnRpbixPVT1Vc2VycyxPVT1NaWdyYXRpb24sREM9c2VjdW5ldCxEQz1kZQUAJgACAAEFACIADwAxAAAAQXV0b1Jlc3BvbnNlU3VwcHJlc3M6IDANClRyYW5zbWl0SGlzdG9yeTogRmFsc2UNCg8ALwAAAE1pY3Jvc29mdC5FeGNoYW5nZS5UcmFuc3BvcnQuRXhwYW5zaW9uR3JvdXBUeXBlDwAVAAAATWVtYmVyc0dyb3VwRXhwYW5zaW9uBQAjAAIAAQ== X-CreatedBy: MSExchange15 X-HeloDomain: b.mx.secunet.com X-ExtendedProps: BQBjAAoAm0mmlidQ3AgFAGEACAABAAAABQA3AAIAAA8APAAAAE1pY3Jvc29mdC5FeGNoYW5nZS5UcmFuc3BvcnQuTWFpbFJlY2lwaWVudC5Pcmdhbml6YXRpb25TY29wZREAAAAAAAAAAAAAAAAAAAAAAAUASQACAAEFAAQAFCABAAAAGAAAAG1hcnRpbi53ZWJlckBzZWN1bmV0LmNvbQUABgACAAEFACkAAgABDwAJAAAAQ0lBdWRpdGVkAgABBQACAAcAAQAAAAUAAwAHAAAAAAAFAAUAAgABBQBiAAoAFwAAAM6KAAAFAGQADwADAAAASHVi X-Source: SMTP:Default MBX-ESSEN-02 X-SourceIPAddress: 62.96.220.37 X-EndOfInjectedXHeaders: 31432 Received: from cas-essen-01.secunet.de (10.53.40.201) by mbx-essen-02.secunet.de (10.53.40.198) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.37; Sat, 30 Mar 2024 00:01:01 +0100 Received: from b.mx.secunet.com (62.96.220.37) by cas-essen-01.secunet.de (10.53.40.201) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35 via Frontend Transport; Sat, 30 Mar 2024 00:01:01 +0100 Received: from localhost (localhost [127.0.0.1]) by b.mx.secunet.com (Postfix) with ESMTP id 214F82032C for <martin.weber@secunet.com>; Sat, 30 Mar 2024 00:01:01 +0100 (CET) X-Virus-Scanned: by secunet X-Spam-Flag: NO X-Spam-Score: -2.85 X-Spam-Level: X-Spam-Status: No, score=-2.85 tagged_above=-999 required=2.1 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.099, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: a.mx.secunet.com (amavisd-new); dkim=pass (1024-bit key) header.d=amd.com Received: from b.mx.secunet.com ([127.0.0.1]) by localhost (a.mx.secunet.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DNJ6gDc25nHX for <martin.weber@secunet.com>; Sat, 30 Mar 2024 00:00:57 +0100 (CET) Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=147.75.80.249; helo=am.mirrors.kernel.org; envelope-from=kvm+bounces-13116-martin.weber=secunet.com@vger.kernel.org; receiver=martin.weber@secunet.com DKIM-Filter: OpenDKIM Filter v2.11.0 b.mx.secunet.com 6E0D2200BB Authentication-Results: b.mx.secunet.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="Xnn0YoyP" Received: from am.mirrors.kernel.org (am.mirrors.kernel.org [147.75.80.249]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by b.mx.secunet.com (Postfix) with ESMTPS id 6E0D2200BB for <martin.weber@secunet.com>; Sat, 30 Mar 2024 00:00:57 +0100 (CET) Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id EEAC71F25708 for <martin.weber@secunet.com>; Fri, 29 Mar 2024 23:00:56 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 91A0D13D240; Fri, 29 Mar 2024 23:00:30 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="Xnn0YoyP" X-Original-To: kvm@vger.kernel.org Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2062.outbound.protection.outlook.com [40.107.220.62]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 513D513E401; Fri, 29 Mar 2024 23:00:28 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.220.62 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711753230; cv=fail; b=uZhgEsPvzM/O5hYoPvgVIjlWXaSncWu/gH+CMWkulPd23+p3QPC07Xcnvdc1pEegop+1fw5FWQt9xrKIhggwnnc/cJxhZmvY+efDK8zTDVGgPMZ1OBnPCJ1svuKjpe/xapUf2zfGgrB87DdADrHQzinKcE/FLI1mCdSAohMJ7OM= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711753230; c=relaxed/simple; bh=q4vzPdo0+oii9a1ZolELIlylzfsIrazGRpbjD/k5aUY=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=ko9KEZg3yLMXSxkN960Y/B2POJkn5tv0c1SE4wQqMBJNeTCF+VtC3I5Rs/cG3vbuvj3mVK5BMvEK9Yegm31H3BjyyNl7K1T0LCemXg4usQSAgVIu4IbicWvb3FBKu3DMFE8ZSoRJpC6bFHCBONslTx3MM6W14Bvvg8XrK8Um0Lw= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=Xnn0YoyP; arc=fail smtp.client-ip=40.107.220.62 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=koAhSHTroS7Six8Mk2ptjimEuKhzjh+UOZ0BKjgCc81mT+BeIOoN5WsMBdVaZUUy0R+PvNTm4fC8i+uwFGBJV8NQMJkhjHeFNHs9v7dqfn1NGIFcfGChcbS/FPOvmOVVYpB/pw5U7oG2gLnAwxc20CK7NLojtWh4NCJ6M9OY8OY2nW344YP5M7kPGqBhcAq4W9kwvwslxNGFFGDAer3lswUX447A9LE0/fnMv5jbJ83rm5ix4N0K58GDPEx9VUGhhOgggVbAfXgKVio1kRzvNH8kJtZzXieWO/wEifcUb+WRXxN3ZBE88A4zgVuKZm7/Oqe/HvOr/XrFZWS7gVA25Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=JrYjCWIu6wNf/NkduP5S/uOo7LBR9vnyryH5vZHAlfA=; b=LVmfJFAum0chfh8MZAu/WI+/8Q1sh2O9o7TULA0rPfys5d3XWI3rdAqs/rYpjoaI+XLbCnHEgvanj9y++g3Pa/6WeAuyuUZZP+r2ZuuqLZc6edOigte0P3F00JsEgpwhi4L//QOMpICtIepUxvGLpwvRyID4b85yTfLiPEsYzfzxDzMtwa6xyDWidl6wddXopfSMfQOn4cp+NLLaX0CGH64ADEMNjDgJRUx5k4b/vRjK7TOLrW1vnz5Ty62s6kgRDA13YMF0niFXxzCeK2SekIWp/623ludL5H2O+JvT+5Bk3UU6+HQWzVWe4SzWyVmdcw+PiS9jlTsjHpiAmnR1Mw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JrYjCWIu6wNf/NkduP5S/uOo7LBR9vnyryH5vZHAlfA=; b=Xnn0YoyPydUttY9jZm4o1iMO+E8KBjfMOPusb4Vj5axJk8hQRG/osW1QECRxvBowisK2iaRPpIm14+OOzYXxmMPkAt9nxcFBlrEsW8iRuNHSFxG83FlEnCf0xJ4+jqhhyl6Gtqjia8oulEv9c2cH+koDudTK+LTVXbryYxTNGZM= Received: from SJ0PR03CA0173.namprd03.prod.outlook.com (2603:10b6:a03:338::28) by DS0PR12MB8197.namprd12.prod.outlook.com (2603:10b6:8:f1::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.40; Fri, 29 Mar 2024 23:00:26 +0000 Received: from SJ1PEPF00001CE2.namprd05.prod.outlook.com (2603:10b6:a03:338:cafe::51) by SJ0PR03CA0173.outlook.office365.com (2603:10b6:a03:338::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.41 via Frontend Transport; Fri, 29 Mar 2024 23:00:26 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SJ1PEPF00001CE2.mail.protection.outlook.com (10.167.242.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7409.10 via Frontend Transport; Fri, 29 Mar 2024 23:00:25 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Fri, 29 Mar 2024 18:00:24 -0500 From: Michael Roth <michael.roth@amd.com> To: <kvm@vger.kernel.org> CC: <linux-coco@lists.linux.dev>, <linux-mm@kvack.org>, <linux-crypto@vger.kernel.org>, <x86@kernel.org>, <linux-kernel@vger.kernel.org>, <tglx@linutronix.de>, <mingo@redhat.com>, <jroedel@suse.de>, <thomas.lendacky@amd.com>, <hpa@zytor.com>, <ardb@kernel.org>, <pbonzini@redhat.com>, <seanjc@google.com>, <vkuznets@redhat.com>, <jmattson@google.com>, <luto@kernel.org>, <dave.hansen@linux.intel.com>, <slp@redhat.com>, <pgonda@google.com>, <peterz@infradead.org>, <srinivas.pandruvada@linux.intel.com>, <rientjes@google.com>, <dovmurik@linux.ibm.com>, <tobin@ibm.com>, <bp@alien8.de>, <vbabka@suse.cz>, <kirill@shutemov.name>, <ak@linux.intel.com>, <tony.luck@intel.com>, <sathyanarayanan.kuppuswamy@linux.intel.com>, <alpergun@google.com>, <jarkko@kernel.org>, <ashish.kalra@amd.com>, <nikunj.dadhania@amd.com>, <pankaj.gupta@amd.com>, <liam.merwick@oracle.com>, Brijesh Singh <brijesh.singh@amd.com>, Harald Hoyer <harald@profian.com> Subject: [PATCH v12 12/29] KVM: SEV: Add KVM_SEV_SNP_LAUNCH_FINISH command Date: Fri, 29 Mar 2024 17:58:18 -0500 Message-ID: <20240329225835.400662-13-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240329225835.400662-1-michael.roth@amd.com> References: <20240329225835.400662-1-michael.roth@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: <kvm.vger.kernel.org> List-Subscribe: <mailto:kvm+subscribe@vger.kernel.org> List-Unsubscribe: <mailto:kvm+unsubscribe@vger.kernel.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SJ1PEPF00001CE2:EE_|DS0PR12MB8197:EE_ X-MS-Office365-Filtering-Correlation-Id: 640e01f2-0a92-4152-816e-08dc50440591 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: maS+wkIOrEV5dsQi+1Ucl7Dek3wbv2EkPTvamXV0iSrN3blKHKdzKy2sIgDkiuuCucCw1OYKPEXgE5LMW8sdaz4286tIVkN+6PYuPsOVvp7iv1rneuIp9shRSXhmHDARnXxJmXnr0iJa+9y2ATf3fTJJo5La1aeAucorCGMUeZYKun+1WQUJA1HQ3EOcWxwO84rEOPNsqnSbmycdcDtS590W5Ec83CUA4agPDbAh4zj2CzuSejnH/9AfsThwsQHoNe6C0wP3YOSooNdigv7LS1g8Gv/K22w1hhc+2MjW7fKBuX9EGyBoPr2TiquiVGKTnfSA5CUdNUY8ebM82UWYw4VCzSjz8oNq06u7n8KmAJsEuQ+xDxDZ9+8UlUNuQmxbCqDLfOyyZTLQjuhoDsTsM7dZuGpqkAcvYHMMabFFq/mztOspe6IHwNWZuktMUfkhQT7jfXyNaEZMCch7qF1cFC/up6WcdI0HYTFJ1UW7LBjeIob+EJ9kPY8h7Mga93hhX3a55AynoannyjJkB/w916AFKVrRl53kdOW6ZUE+bCya4N3zsIQugolgebJDaVz3Zpt1Fdmee3h+45NUEoPhjIZIHrNfM8rK95aSy6fqixSHZ+oWPMkaTbYOYHhxpFXjMNlLe99ies3YgJ497umzrqGnQvGumS2jFNXz7xNkuKy2goBVtLNt3XHkMtD/fCYNc3oZE47i9tYjl+Soj5sN/JHUGL8jIuyLlq4kRQ30VQqSLpzThuTSB+XGQ31m+C8/ X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(376005)(1800799015)(82310400014)(7416005)(36860700004);DIR:OUT;SFP:1101; X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Mar 2024 23:00:25.9312 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 640e01f2-0a92-4152-816e-08dc50440591 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SJ1PEPF00001CE2.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB8197 Return-Path: kvm+bounces-13116-martin.weber=secunet.com@vger.kernel.org X-MS-Exchange-Organization-OriginalArrivalTime: 29 Mar 2024 23:01:01.1638 (UTC) X-MS-Exchange-Organization-Network-Message-Id: a7f21cc1-bc8e-4458-4436-08dc50441a75 X-MS-Exchange-Organization-OriginalClientIPAddress: 62.96.220.37 X-MS-Exchange-Organization-OriginalServerIPAddress: 10.53.40.201 X-MS-Exchange-Organization-Cross-Premises-Headers-Processed: cas-essen-01.secunet.de X-MS-Exchange-Organization-OrderedPrecisionLatencyInProgress: LSRV=mbx-essen-02.secunet.de:TOTAL-HUB=0.203|SMR=0.132(SMRDE=0.006|SMRC=0.126(SMRCL=0.102|X-SMRCR=0.126))|CAT=0.070(CATOS=0.001 (CATSM=0.001)|CATRESL=0.028(CATRESLP2R=0.022)|CATORES=0.038(CATRS=0.038(CATRS-Index Routing Agent=0.036 )));2024-03-29T23:01:01.383Z X-MS-Exchange-Forest-ArrivalHubServer: mbx-essen-02.secunet.de X-MS-Exchange-Organization-AuthSource: cas-essen-01.secunet.de X-MS-Exchange-Organization-AuthAs: Anonymous X-MS-Exchange-Organization-FromEntityHeader: Internet X-MS-Exchange-Organization-OriginalSize: 21124 X-MS-Exchange-Organization-HygienePolicy: Standard X-MS-Exchange-Organization-MessageLatency: SRV=cas-essen-01.secunet.de:TOTAL-FE=0.016|SMR=0.005(SMRPI=0.003(SMRPI-FrontendProxyAgent=0.003))|SMS=0.011 X-MS-Exchange-Organization-Recipient-Limit-Verified: True X-MS-Exchange-Organization-TotalRecipientCount: 1 X-MS-Exchange-Organization-Rules-Execution-History: 0b0cf904-14ac-4724-8bdf-482ee6223cf2%%%fd34672d-751c-45ae-a963-ed177fcabe23%%%d8080257-b0c3-47b4-b0db-23bc0c8ddb3c%%%95e591a2-5d7d-4afa-b1d0-7573d6c0a5d9%%%f7d0f6bc-4dcc-4876-8c5d-b3d6ddbb3d55%%%16355082-c50b-4214-9c7d-d39575f9f79b X-MS-Exchange-Forest-RulesExecuted: mbx-essen-02 X-MS-Exchange-Organization-RulesExecuted: mbx-essen-02 X-MS-Exchange-Forest-IndexAgent-0: AQ0CZW4AAfkTAAAPAAADH4sIAAAAAAAEAMU6DXfTxpaSPxMTk/DRAo X2Dfv20CTYjuN84ITCqQluySGBvCTw2u3p0ZHlcayNbXklOZC+x7/d H7L33pmRJVl2oG/3rAmxNLr3zv3+GOW//9Zot5nJXr8/NE6a742TN0 fGQePdm71Xxk/7b/ZPXjHL6ffNQZv5DuvYA7Nn/8GZ3+XMci+HvnPm msOubRULPXM0sLqsbZ9xz2eI4PmOyz1mw51HGH1ueiOX9/nAZ06Hls 5GBO0zgV4s+HafV1ij5zmMf/Q57gtg/KPt+fbgjAF7wIXb/2C6nLVN 34Rd3JHlj3An4NAbDYeO6xcLfNBxXAtREH/kcdzxPXc92xmwA8ds8z ZrDtqO6wl+XvNLj7UuBUMecjw0kQ7xaXtKC5VioVj4e9fucaUMtYWU v9NzPpRIZhTB9rwRF8JLpb47etk4baIcxUIgiCROEvABKXZNKotw7Y Ht22aPvT88aQBfoGEG0jFuosYsZ9CxzwC0zS72jt5V2Cnyaw8unN4F AHrc9xWPx4dHQN93bUnA7zqgGCIImnfY0HUu7DYvMWCd+DfBN7rAWY 8oOMzqcXPARsMp1LjHiwXB34cuHyBSx+X8e7xA3jxS34l9NuDtstPp lFuXu+yFa/8n97rsBKC67IeWuK14ePuj2W9XQDvPJ7Bema7Za7NXzi V32Q9duvsR+O/Y5iAZo+GBXrrstdlzTfaDSXeVc7wL7fJbv+3uguwf THAHZYIXJ+R04KiggjPug70GHjgk+o00e8i1vd8ntj60ra7Je+zY8U HCvriruHAX2rpcLhcLrFKprF3Yrr92ftFf+1jfXgOAcp/3HfeyLF0D PLiCzMDnn4zVttlj+ACq6VpdQrEHVm/U5msjc2ivmV4faVW6LPoB1P UtFkXEPT38zy8qFpvy+Sdb33hCe0Y/QEhtDO4y+rg29IZlpBTfOcQB 22SPUepN0G8PvAYUMzjj7RJbr68DNY+7KK23/HgFllib9zjeL5dX0I /adqfDyuUzDLa1l441Qu2bCPC5Gmz9KbRiwR60+Ue2Wduum+aWtVGv 8krF3NzhdavT2Vnf2GDr1er25ibZ9E/yViyASv80gz/+yMpb609K4B v4tVFjsAIhKfOJ2YMshfnC7I1k8GLUGv7lEB4C0F/bHNIb/x4qg7e7 CwY64QITSkQZc7A35Bb7zRsMy50PZbNl/24Qlc7IBSgXLOWbds9jkG u7zgdKVLQDox1syDaYktsqyYm0+rhWrUyvQ/C8POsDz+Gn0fFhewio oXAVVWeQZ1FrInkaH83aUdU+C7Jei4t0TpWwb57zUAFzudm+FDn5I7 dGZAjB0BFkpj4Hpjy2bA9WdmW9YmBEA4LDABUagiUDNA4pSaAdcyhp A2+XVVGH3siyuOeVWHnAz8ATLjiuctd1XAGONsJvFVpXbcL+EQJWH8 MYbW8yu220eo51bowg+btPZ8GZI787E6w+psYHU2GIzDm/nAVz0ePn hsv/a2SDt0yFgnLmG9gV/LZR+30q1NBs/7YdefzpqVAf/KCjh53c7t gWxV6Ct0/2SjH/B3qAqDxOaN4eDEc+NhfSLYSfsJf8wrYg+Hyop62R z1njaB+WnyV8JnLfVYm/dRWEymg7W9u8tbVZt6p1yGi1VrXesVq8ur FjxjLalfRE8roSDPPU9s425in8eoJpig9GfYZea/Xbht1GV1V2WltF nZeVXcZ90+raGCghnk9OG8enpZkgoi8rjZ1ialooof7jlN4cG4eNX3 AL9CUUq765jmLVN2ulWhXlmh6ToyH4LA8LSn6KufKppAh8yZwcYWz/ pfHi4O3ea+Nk/z+aAnVnezps493pqxAo26xOhRayGqCUhsLYqIkQ+Z LkckVOmZ1KZmSQGYljZr6IpYlZEv8eRxvnDZkvWFhxv9QgYvcM+GW8 O2kaG7UX+6eg85Nw+llef3dwwH74gVVXpmO/3D9pvDhoGi+O3zZe7j VOTo2/vds/fh3CXp9sf6a0cK0pD1TAm3X4V6tvtTbNzUplo71tVTeq 1Z11qzYt4GNkYnEee0rhvUHRvVGqiyCAZGoxtDr5jhjXeNu46Hum0e EmTXJPQ9pB0xy9Pdjf+xUi7AQ8/fA0rFLUMqhleX17ZRbS/pufQaUn ECrN0zFSrboSCS3wgNP9xoGBc5bx81GDVT/+pD7ValUYXYlQJwmg8z Jatv90/OBlc++gcdw0jv9+0jxcRpg29D9QtCHGDfTklQgwuF3TOHx3 2vyFYIFW3xwGcKjBWq1OOoTvrdJ6bSukRxsmkIlEsjwOULYKv0rx1A OJla2a7tlwZZxxXGo48ItSDqll1iZksC/a6XEoLcTAbBjW2SpcsWfs ke8YtH7RX4bvlfJzBfF0Ap+UC3GckEzpbOAZ+8enEFbLcXr4yzcurO HIoMEW2rlnrAPDLp8kj2wgJFvF36HnIxj/cMBjPQcmWzv0BHUldBhq x5CXypnlfzSGmOFgQ8OA4Qju0OQgIHAPI6XPP/orT2No4778mfDqxs 9N4/TXoyY5qdxHSAL5rm/aOHUT197umBRKAh2LgY04PVy2Swy/S/ho JakdlDogTXloX/z1DHpfsgwuryR0WBjYw85AiAjiXfSF/bhXQYdZYc +fMxLh5NX+T6dRNakPVPlXJBDZig4OxuM3H9BIHprAY6dK6qwEnZdX qDOIb2B32PLDST949IikLT+nVeg8Hj6jRD3RRcoPmgwGXZ4sBW7yGX s8+1f2AE0dcRcMCw2T0+ds6PLQKAjTNLfOPWaegVeg9mBcoROkJJ2A 04LRhKkM7xKymghw8I4EM6NwgDGD8Ug+SWb91DXBiMRpwJoYEh1mjk /5ZhhSMO32hwbOY8bQpSS7DA5YmsjlJXb0s3HQfN88MDZflxgFnunZ bRgC3RH/PxNyH0fGYAQNnaVKO822CqUAzBkw/VFMeX2eGFcJ7AvlGC LBIheYjZcxGQvUDoiOvc/e4cuZjfDszyNkscQeCbo0ks7SZeLgKT+Y BindudzqmXYf7ZhEKyRgSPuxh58SDUJ6w9CrYMtSoeHdIAcD53F8bv lUD9Ajpkf1ZOqYKVZSwVEbTEE5c8BBkpP6FFETpZYKqlLLqnr3pJIu +vb/72o+faCgadn7vPovUVZxPYRx4UCyXVXDBHD2BhrAEq3gGCEXrq rkZH7FI3kPSZWQIqTuy803b09Pf02mEq38M2jsv3nfOJikYTnDS6Pj On1j5HF3+ZFQUwmLsAF6x0Vj6Lsy5lEhK2BT+w/udJYF7MpM1n9qvD uI1WjIaIfyVNzs9cShPhvhWX3sBUeLQ1ma9ZIkmtFl+UnuMskXye+e RhWQnJ2nZWXZEp7/gcef1rJUxKrUy88/HRmvm8dvoD409vbevntzGt /tIUHONPVh83DSTELVldAgm5gvQr6JzSEZl0wIq60JIjQrl6YfBkxL wvsnRvP4eFnRWZmZuoRVjk6PozhXZS5u4Fufz07KqNby85B6YM/1BO wY3LiXlkUxwl+ifmWkz1Tv+CRiQrvB8cnVykUqX6hbQvk81RpK1C/X MYmXpLpg+2TRpIJCRy4z+iKxWwg2ZtFPE3GJVZmfG23bM1uiRMoNJw 5yxnh93reGl8sCPTjTKSnM0MqsY574xFV+/uWT2rh5HjdalLQS+it5 iMim9E2hmQ0tHbdMzP67CeCRGBDwE2CUyaLbRbOmsJDoE0AsUDWddN iO5fcm+wQqrgaF0/hgIXScmdBHyG91xLHxhA6Ba5s7T0o7eMDxr+ws P5bpJb7dERVqdwyoPm5SCRKGfCT5pbOb2KflcjMcidP2FZbfnQyb2L 6yG5vYN46m9g2ijnfMUc+fIti4i4g/pcTijHxli/r2dml9HYyxs1Mt 1TbRGqRmGhrQ++gAIfGMZCV8Np54YBBuJUIiwaAEo7v/PUyrg/HLOn pBF5oOP5ge65vuOSQIexD8DYKPKYOZXoScKSiUnQ94ToNjRSU+cKpZ s3s55O6F7TmumDVl7xIh5/IetD3Yxtg+a5lQpQERiXiXns/7lTBwqK 3BzBltF8X0T01jUnX43zg/wU0p+QWDsdeFQbot5uLIFEyj74xETq7h ndtDeT4bLesySYS2FdJNn61WJr2PvKo38rqGnIh5m6bAZXE8lTTpht +TkEMKeNv1se2lmwk06XtRWXaj3IeRzrpWy5BgCVyfX1AeTcBYkeen keP5aX8Y0Zr2RB3Qbzypblm16uZmx6pWKjvVjXa7w836Vn0rdkA/lY 44oZ/6mI7ot+p0Rg9fT0JvqmacrlJuX2U/RhqKXRkMbNi99GzL7DF1 cuF02P5LJrpbhOcDX71VDf58a0xRtYG7EORthBN/TkQvVgMytoenXR 5QkoihbiMJER9DgANACBWzyHR+HiPZSFuSRFj9adle8zVSVn9age+H TR8AxV9uQALBFx2eZNb1LoAYMuFe8LZcDBqWXXpDVcaXIz0baNHggg RlUhw4yLnPXRADDyxal8FpGZFak2bdfgL2fLy9XVfvXq4amkMlO/xe bijfywXPIm/ldtejj8KGwEflEEWSe7sWPkqvs6iKw33iGCW2R/xFP/ tE+dI6px4RY6JYqFVqW5V1vCsWNC2tZXQtlda1e1omTT85LQ8/eW0u paXntHlYKWqLYlE8hXX4getr2oK4yGo5uMhpcxktl9GyAlLgwm9YKW jXACCvzc9rBbEL3c4BJBABAEJHyhkiBSt5bQHIAqLYNFiXbOhaUbKU hS3gRxCEH3iaR06ygA7XGSIiGAMwASBgBOdZ2jdPFABG8AzXQqgocB 4W4RoAslpB8ECyIAA8zevaV3iRI6xcGCCHuHlYuUm6nfb0Nm1B6Cha TgJnAmZAFlhcAItEdwcB84g+J0RI6wurKHtW8P+V9nVaL6Q0LaUVxG I+gAQH0G/Ro/GKWr+fRg+5lxdC6Vperj/QNU3X8/hbS6FO9HmCzBT0 RbE4py1miD1d17a1VFG7HmFm6jpabUG7vqAXc5qW0xamgM0nr+sgAp DOEnspcU2i5YRWhcuhV+javJYl3CyZOy+lVjJmSN4COWpa4YqgoKdZ 8ZOi33N6kcTPTsRRSfhw4EhwK5xZ7BUFls4ZioWsclGEn9eWChhxFA Jx3AUwgdA8OXNB+fD9JOBvcRddu05ODjDitkg7wi0GuK5dkyFwFznB 2yzxJm+LqLfvxDVqUur5HkqqZ4iTe2F9Qg6J6RNub4SyDfAsBKdYAK XdgAtKF99JR9JSCa6rpaasp+OOlAyWT17Xc5OOREKRz5AgpI0bcL1A GWNO+wqu74b0nNWWJjR/Y2LlVhoNIVNiWr8+zYGT7HibnGQp9kjkro yMd4l4N/QUXVe/hsRFOOjagxBZepoXCSFx06jz3Iw6z82o8yxGnWcx 5DxfjZ2HVBrngUgpX1oM+MypUKWgWMrocwQgxXykAMCa4DxZsKkCiH nROMuFXCi0ONV/QjD5hEU9h6lAsK2nxteqcgGT9zGWC1SPioLtW0rq NIUJhoyeIRPkBcC3CoBMMBeFmc9R6VlSDnxduy0SSBo1LxjLC5iiyu S3qJRkCDeHPpwX64tiI/1aVtOyek5IIa4pxeUDKYLgFVU4rfKS2hEs SFYTMhLK1wpF1fFErFtiZSHIwyALRlxaKRn5nMNH0iu+UZVOEb9NPg wcZqmRADeQMUJY4AmLoi2BTYjgDQFfAAfWobinZDCSW15DX7olAMhX kc7NcQm4lkO58uRsS0ItQYHQqZ9Ja3dJpbB7lkTOgTg5WUfuEgNzwX Y5GaHzkh/tOxUOWdVl5cFwovWiunw/FRGWWh10j2xKmE97QIk6cxXM Q5kAKR2JNkPUowxmctT5UpA9UIo7KeT8O7LjA9GnqZqYpgZgniqLRK R9gVo25KjZUKIQpgfT3A2TVb1QRlTegB+kphdillKqu5vWc4v0KOgA 1dPJmlvNUDnOYuWCRRbl9i/ERimtyn0WGzwsx/PYtX4T1fy/h10uo/ 0FnXzsG+s52S8tfEkEfXEsxNr4HJXRiRgB/S9myA/nUP9wi2TzqD3Q xqIIihRptThOtndyWBFup4Qby9D4Ri2ig12XisqJHLWoHCYt406wdJ 9Q7oQ68FzQzwv3VlXgphAwnDdILUtkrK9JbxC8eerr5oLYJNe9Rb1Z wDOODPMoZmpe08nl7gTii8oSNHU5AlsgsGxibSUvDaJY0flrOtQkq8 WHmAcQEipFWehc+rzsKG6LRVlPQ/lHUXgQmCaRz2uaTskhqcpP8El0 /i3GJy0yweciVTQSsyIYk5U9yhih3E/JYhHU929FYpG3UsBvxCIV/W sCnq6/Fp2wyqs58UhcJ/UDSwJ4RpYWchVV4Cc15HMq3m+TCYQgC1HB l7Lj0Cgq2y2S3SketetB/AatSBDCgn4QuSqWVSesz08WVtEefAbNxU yCRPf0aDIJGfdOFpX2xSgQ1NSu3CNcyTB2Gnp6fE0DtdB24I2hCnsj WuYeCodUxwV5lRNkRgrPR9Al4lCJqsuRznNBcQEwuCbN3JqneSGgma MaF85XlC3vXVVe74vEdVvxI3QeLkwiNELJ7duUlDFcDh6I6KPrgsiB kR31m9fIwQSpBWI7oxKp4mohtMtiSjmwohBg3ZGOEXqEpRz3lS1ufG CnFndiMaHFnYDJJyxOH46Sas1iaDpAZxOHMOIQCche1xZhsA0rHBQo AETDk4cZf5xh5NOcPPpIC0hBRCWWgoAJ0mDQOUDXhNS0HJ5OqFSjsO bVuJ1Pq6OtOf3Wl0gaG4WWIqOQnhbVPzIQqUX0PTnoFccjkpzoE56G Jm7oPxcFeyJC8fp/AFSmq3C9PAAAAQLcAjw/eG1sIHZlcnNpb249Ij EuMCIgZW5jb2Rpbmc9InV0Zi0xNiI/Pg0KPFRhc2tTZXQ+DQogIDxW ZXJzaW9uPjE1LjAuMC4wPC9WZXJzaW9uPg0KICA8VGFza3M+DQogIC AgPFRhc2sgU3RhcnRJbmRleD0iNTIwIj4NCiAgICAgIDxUYXNrU3Ry aW5nPnRvIHByb3ZpZGUsIHNvIGFsc28gYWRkIGhhbmRsaW5nIHRvIG NsZWFuIHVwIHRoZSBSTVAgZW50cmllcyBmb3IgdGhlc2U8L1Rhc2tT dHJpbmc+DQogICAgICA8QXNzaWduZWVzPg0KICAgICAgICA8RW1haW xVc2VyIElkPSJrdm1Admdlci5rZXJuZWwub3JnIiAvPg0KICAgICAg PC9Bc3NpZ25lZXM+DQogICAgPC9UYXNrPg0KICA8L1Rhc2tzPg0KPC 9UYXNrU2V0PgEKxwQ8P3htbCB2ZXJzaW9uPSIxLjAiIGVuY29kaW5n PSJ1dGYtMTYiPz4NCjxFbWFpbFNldD4NCiAgPFZlcnNpb24+MTUuMC 4wLjA8L1ZlcnNpb24+DQogIDxFbWFpbHM+DQogICAgPEVtYWlsIFN0 YXJ0SW5kZXg9IjY1NSIgUG9zaXRpb249Ik90aGVyIj4NCiAgICAgID xFbWFpbFN0cmluZz5icmlqZXNoLnNpbmdoQGFtZC5jb208L0VtYWls U3RyaW5nPg0KICAgIDwvRW1haWw+DQogICAgPEVtYWlsIFN0YXJ0SW 5kZXg9IjcwOCIgUG9zaXRpb249Ik90aGVyIj4NCiAgICAgIDxFbWFp bFN0cmluZz5oYXJhbGRAcHJvZmlhbi5jb208L0VtYWlsU3RyaW5nPg 0KICAgIDwvRW1haWw+DQogICAgPEVtYWlsIFN0YXJ0SW5kZXg9Ijc1 OCIgUG9zaXRpb249Ik90aGVyIj4NCiAgICAgIDxFbWFpbFN0cmluZz 5hc2hpc2gua2FscmFAYW1kLmNvbTwvRW1haWxTdHJpbmc+DQogICAg PC9FbWFpbD4NCiAgICA8RW1haWwgU3RhcnRJbmRleD0iODgxIiBQb3 NpdGlvbj0iT3RoZXIiPg0KICAgICAgPEVtYWlsU3RyaW5nPm1pY2hh ZWwucm90aEBhbWQuY29tPC9FbWFpbFN0cmluZz4NCiAgICA8L0VtYW lsPg0KICA8L0VtYWlscz4NCjwvRW1haWxTZXQ+AQ7PAVJldHJpZXZl ck9wZXJhdG9yLDEwLDI7UmV0cmlldmVyT3BlcmF0b3IsMTEsMjtQb3 N0RG9jUGFyc2VyT3BlcmF0b3IsMTAsMTtQb3N0RG9jUGFyc2VyT3Bl cmF0b3IsMTEsMDtQb3N0V29yZEJyZWFrZXJEaWFnbm9zdGljT3Blcm F0b3IsMTAsNjtQb3N0V29yZEJyZWFrZXJEaWFnbm9zdGljT3BlcmF0 b3IsMTEsMDtUcmFuc3BvcnRXcml0ZXJQcm9kdWNlciwyMCwxMw== X-MS-Exchange-Forest-IndexAgent: 1 6274 X-MS-Exchange-Forest-EmailMessageHash: 9C18AEDE X-MS-Exchange-Forest-Language: en X-MS-Exchange-Organization-Processed-By-Journaling: Journal Agent Add a KVM_SEV_SNP_LAUNCH_FINISH command to finalize the cryptographic launch digest and stores it as the measurement of the guest at launch time. Also extend the existing SNP firmware data structures to support enforcing the use of Version Loaded Endorsement Keys by guests as part of this command. While finalizing the launch flow, it also issues the LAUNCH_UPDATE SNP firmware commands to encrypt/measure the initial VMSA pages for each configured vCPU. This involves setting the RMP entries for those pages to provide, so also add handling to clean up the RMP entries for these pages whening free'ing vCPUs. Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Signed-off-by: Harald Hoyer <harald@profian.com> Signed-off-by: Ashish Kalra <ashish.kalra@amd.com> [mdr: always measure BSP first to get consistent launch measurements] Signed-off-by: Michael Roth <michael.roth@amd.com> --- .../virt/kvm/x86/amd-memory-encryption.rst | 26 ++++ arch/x86/include/uapi/asm/kvm.h | 15 ++ arch/x86/kvm/svm/sev.c | 137 ++++++++++++++++++ include/linux/psp-sev.h | 4 +- 4 files changed, 181 insertions(+), 1 deletion(-) diff --git a/Documentation/virt/kvm/x86/amd-memory-encryption.rst b/Documentation/virt/kvm/x86/amd-memory-encryption.rst index 4268aa5c380e..a49e8cff9133 100644 --- a/Documentation/virt/kvm/x86/amd-memory-encryption.rst +++ b/Documentation/virt/kvm/x86/amd-memory-encryption.rst @@ -517,6 +517,32 @@ where the allowed values for page_type are #define'd as:: See the SEV-SNP spec [snp-fw-abi]_ for further details on how each page type is used/measured. +20. KVM_SEV_SNP_LAUNCH_FINISH +----------------------------- + +After completion of the SNP guest launch flow, the KVM_SEV_SNP_LAUNCH_FINISH +command can be issued to make the guest ready for execution. + +Parameters (in): struct kvm_sev_snp_launch_finish + +Returns: 0 on success, -negative on error + +:: + + struct kvm_sev_snp_launch_finish { + __u64 id_block_uaddr; + __u64 id_auth_uaddr; + __u8 id_block_en; + __u8 auth_key_en; + __u8 vlek_required; + __u8 host_data[32]; + __u8 pad[6]; + }; + + +See SEV-SNP specification [snp-fw-abi]_ for SNP_LAUNCH_FINISH further details +on launch finish input parameters. + Device attribute API ==================== diff --git a/arch/x86/include/uapi/asm/kvm.h b/arch/x86/include/uapi/asm/kvm.h index 956eb548c08e..2b08fcbe039a 100644 --- a/arch/x86/include/uapi/asm/kvm.h +++ b/arch/x86/include/uapi/asm/kvm.h @@ -696,6 +696,7 @@ enum sev_cmd_id { /* SNP-specific commands */ KVM_SEV_SNP_LAUNCH_START, KVM_SEV_SNP_LAUNCH_UPDATE, + KVM_SEV_SNP_LAUNCH_FINISH, KVM_SEV_NR_MAX, }; @@ -841,6 +842,20 @@ struct kvm_sev_snp_launch_update { __u8 type; }; +#define KVM_SEV_SNP_ID_BLOCK_SIZE 96 +#define KVM_SEV_SNP_ID_AUTH_SIZE 4096 +#define KVM_SEV_SNP_FINISH_DATA_SIZE 32 + +struct kvm_sev_snp_launch_finish { + __u64 id_block_uaddr; + __u64 id_auth_uaddr; + __u8 id_block_en; + __u8 auth_key_en; + __u8 vlek_required; + __u8 host_data[KVM_SEV_SNP_FINISH_DATA_SIZE]; + __u8 pad[6]; +}; + #define KVM_X2APIC_API_USE_32BIT_IDS (1ULL << 0) #define KVM_X2APIC_API_DISABLE_BROADCAST_QUIRK (1ULL << 1) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index a8a8a285b4a4..3d6c030091c2 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -63,6 +63,8 @@ static u64 sev_supported_vmsa_features; #define SNP_POLICY_MASK_SMT BIT_ULL(16) #define SNP_POLICY_MASK_SINGLE_SOCKET BIT_ULL(20) +#define INITIAL_VMSA_GPA 0xFFFFFFFFF000 + static u8 sev_enc_bit; static DECLARE_RWSEM(sev_deactivate_lock); static DEFINE_MUTEX(sev_bitmap_lock); @@ -2283,6 +2285,125 @@ static int snp_launch_update(struct kvm *kvm, struct kvm_sev_cmd *argp) return ret; } +static int snp_launch_update_vmsa(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct sev_data_snp_launch_update data = {}; + bool boot_vcpu_handled = false; + struct kvm_vcpu *vcpu; + unsigned long i; + int ret; + + data.gctx_paddr = __psp_pa(sev->snp_context); + data.page_type = SNP_PAGE_TYPE_VMSA; + +handle_remaining_vcpus: + kvm_for_each_vcpu(i, vcpu, kvm) { + struct vcpu_svm *svm = to_svm(vcpu); + u64 pfn = __pa(svm->sev_es.vmsa) >> PAGE_SHIFT; + + /* Handle boot vCPU first to ensure consistent measurement of initial state. */ + if (!boot_vcpu_handled && vcpu->vcpu_id != 0) + continue; + + if (boot_vcpu_handled && vcpu->vcpu_id == 0) + continue; + + /* Perform some pre-encryption checks against the VMSA */ + ret = sev_es_sync_vmsa(svm); + if (ret) + return ret; + + /* Transition the VMSA page to a firmware state. */ + ret = rmp_make_private(pfn, INITIAL_VMSA_GPA, PG_LEVEL_4K, sev->asid, true); + if (ret) + return ret; + + /* Issue the SNP command to encrypt the VMSA */ + data.address = __sme_pa(svm->sev_es.vmsa); + ret = __sev_issue_cmd(argp->sev_fd, SEV_CMD_SNP_LAUNCH_UPDATE, + &data, &argp->error); + if (ret) { + snp_page_reclaim(pfn); + return ret; + } + + svm->vcpu.arch.guest_state_protected = true; + + if (!boot_vcpu_handled) { + boot_vcpu_handled = true; + goto handle_remaining_vcpus; + } + } + + return 0; +} + +static int snp_launch_finish(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct kvm_sev_snp_launch_finish params; + struct sev_data_snp_launch_finish *data; + void *id_block = NULL, *id_auth = NULL; + int ret; + + if (!sev_snp_guest(kvm)) + return -ENOTTY; + + if (!sev->snp_context) + return -EINVAL; + + if (copy_from_user(¶ms, u64_to_user_ptr(argp->data), sizeof(params))) + return -EFAULT; + + /* Measure all vCPUs using LAUNCH_UPDATE before finalizing the launch flow. */ + ret = snp_launch_update_vmsa(kvm, argp); + if (ret) + return ret; + + data = kzalloc(sizeof(*data), GFP_KERNEL_ACCOUNT); + if (!data) + return -ENOMEM; + + if (params.id_block_en) { + id_block = psp_copy_user_blob(params.id_block_uaddr, KVM_SEV_SNP_ID_BLOCK_SIZE); + if (IS_ERR(id_block)) { + ret = PTR_ERR(id_block); + goto e_free; + } + + data->id_block_en = 1; + data->id_block_paddr = __sme_pa(id_block); + + id_auth = psp_copy_user_blob(params.id_auth_uaddr, KVM_SEV_SNP_ID_AUTH_SIZE); + if (IS_ERR(id_auth)) { + ret = PTR_ERR(id_auth); + goto e_free_id_block; + } + + data->id_auth_paddr = __sme_pa(id_auth); + + if (params.auth_key_en) + data->auth_key_en = 1; + } + + data->vcek_disabled = params.vlek_required; + + memcpy(data->host_data, params.host_data, KVM_SEV_SNP_FINISH_DATA_SIZE); + data->gctx_paddr = __psp_pa(sev->snp_context); + ret = sev_issue_cmd(kvm, SEV_CMD_SNP_LAUNCH_FINISH, data, &argp->error); + + kfree(id_auth); + +e_free_id_block: + kfree(id_block); + +e_free: + kfree(data); + + return ret; +} + int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) { struct kvm_sev_cmd sev_cmd; @@ -2376,6 +2497,9 @@ int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) case KVM_SEV_SNP_LAUNCH_UPDATE: r = snp_launch_update(kvm, &sev_cmd); break; + case KVM_SEV_SNP_LAUNCH_FINISH: + r = snp_launch_finish(kvm, &sev_cmd); + break; default: r = -EINVAL; goto out; @@ -2866,11 +2990,24 @@ void sev_free_vcpu(struct kvm_vcpu *vcpu) svm = to_svm(vcpu); + /* + * If it's an SNP guest, then the VMSA was marked in the RMP table as + * a guest-owned page. Transition the page to hypervisor state before + * releasing it back to the system. + */ + if (sev_snp_guest(vcpu->kvm)) { + u64 pfn = __pa(svm->sev_es.vmsa) >> PAGE_SHIFT; + + if (host_rmp_make_shared(pfn, PG_LEVEL_4K, true)) + goto skip_vmsa_free; + } + if (vcpu->arch.guest_state_protected) sev_flush_encrypted_page(vcpu, svm->sev_es.vmsa); __free_page(virt_to_page(svm->sev_es.vmsa)); +skip_vmsa_free: if (svm->sev_es.ghcb_sa_free) kvfree(svm->sev_es.ghcb_sa); } diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index 3705c2044fc0..903ddfea8585 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -658,6 +658,7 @@ struct sev_data_snp_launch_update { * @id_auth_paddr: system physical address of ID block authentication structure * @id_block_en: indicates whether ID block is present * @auth_key_en: indicates whether author key is present in authentication structure + * @vcek_disabled: indicates whether use of VCEK is allowed for attestation reports * @rsvd: reserved * @host_data: host-supplied data for guest, not interpreted by firmware */ @@ -667,7 +668,8 @@ struct sev_data_snp_launch_finish { u64 id_auth_paddr; u8 id_block_en:1; u8 auth_key_en:1; - u64 rsvd:62; + u8 vcek_disabled:1; + u64 rsvd:61; u8 host_data[32]; } __packed; -- 2.25.1 X-sender: <linux-kernel+bounces-125491-steffen.klassert=secunet.com@vger.kernel.org> X-Receiver: <steffen.klassert@secunet.com> ORCPT=rfc822;steffen.klassert@secunet.com NOTIFY=NEVER; X-ExtendedProps=BQAVABYAAgAAAAUAFAARAPDFCS25BAlDktII2g02frgPADUAAABNaWNyb3NvZnQuRXhjaGFuZ2UuVHJhbnNwb3J0LkRpcmVjdG9yeURhdGEuSXNSZXNvdXJjZQIAAAUAagAJAAEAAAAAAAAABQAWAAIAAAUAQwACAAAFAEYABwADAAAABQBHAAIAAAUAEgAPAGIAAAAvbz1zZWN1bmV0L291PUV4Y2hhbmdlIEFkbWluaXN0cmF0aXZlIEdyb3VwIChGWURJQk9IRjIzU1BETFQpL2NuPVJlY2lwaWVudHMvY249U3RlZmZlbiBLbGFzc2VydDY4YwUACwAXAL4AAACheZxkHSGBRqAcAp3ukbifQ049REI2LENOPURhdGFiYXNlcyxDTj1FeGNoYW5nZSBBZG1pbmlzdHJhdGl2ZSBHcm91cCAoRllESUJPSEYyM1NQRExUKSxDTj1BZG1pbmlzdHJhdGl2ZSBHcm91cHMsQ049c2VjdW5ldCxDTj1NaWNyb3NvZnQgRXhjaGFuZ2UsQ049U2VydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1zZWN1bmV0LERDPWRlBQAOABEABiAS9uuMOkqzwmEZDvWNNQUAHQAPAAwAAABtYngtZXNzZW4tMDIFADwAAgAADwA2AAAATWljcm9zb2Z0LkV4Y2hhbmdlLlRyYW5zcG9ydC5NYWlsUmVjaXBpZW50LkRpc3BsYXlOYW1lDwARAAAAS2xhc3NlcnQsIFN0ZWZmZW4FAAwAAgAABQBsAAIAAAUAWAAXAEoAAADwxQktuQQJQ5LSCNoNNn64Q049S2xhc3NlcnQgU3RlZmZlbixPVT1Vc2VycyxPVT1NaWdyYXRpb24sREM9c2VjdW5ldCxEQz1kZQUAJgACAAEFACIADwAxAAAAQXV0b1Jlc3BvbnNlU3VwcHJlc3M6IDANClRyYW5zbWl0SGlzdG9yeTogRmFsc2UNCg8ALwAAAE1pY3Jvc29mdC5FeGNoYW5nZS5UcmFuc3BvcnQuRXhwYW5zaW9uR3JvdXBUeXBlDwAVAAAATWVtYmVyc0dyb3VwRXhwYW5zaW9uBQAjAAIAAQ== X-CreatedBy: MSExchange15 X-HeloDomain: b.mx.secunet.com X-ExtendedProps: BQBjAAoAm0mmlidQ3AgFAGEACAABAAAABQA3AAIAAA8APAAAAE1pY3Jvc29mdC5FeGNoYW5nZS5UcmFuc3BvcnQuTWFpbFJlY2lwaWVudC5Pcmdhbml6YXRpb25TY29wZREAAAAAAAAAAAAAAAAAAAAAAAUASQACAAEFAAQAFCABAAAAHAAAAHN0ZWZmZW4ua2xhc3NlcnRAc2VjdW5ldC5jb20FAAYAAgABBQApAAIAAQ8ACQAAAENJQXVkaXRlZAIAAQUAAgAHAAEAAAAFAAMABwAAAAAABQAFAAIAAQUAYgAKABkAAADOigAABQBkAA8AAwAAAEh1Yg== X-Source: SMTP:Default MBX-ESSEN-02 X-SourceIPAddress: 62.96.220.37 X-EndOfInjectedXHeaders: 31491 Received: from cas-essen-01.secunet.de (10.53.40.201) by mbx-essen-02.secunet.de (10.53.40.198) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.37; Sat, 30 Mar 2024 00:01:09 +0100 Received: from b.mx.secunet.com (62.96.220.37) by cas-essen-01.secunet.de (10.53.40.201) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35 via Frontend Transport; Sat, 30 Mar 2024 00:01:09 +0100 Received: from localhost (localhost [127.0.0.1]) by b.mx.secunet.com (Postfix) with ESMTP id B74D720375 for <steffen.klassert@secunet.com>; Sat, 30 Mar 2024 00:01:09 +0100 (CET) X-Virus-Scanned: by secunet X-Spam-Flag: NO X-Spam-Score: -5.15 X-Spam-Level: X-Spam-Status: No, score=-5.15 tagged_above=-999 required=2.1 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.099, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no Authentication-Results: a.mx.secunet.com (amavisd-new); dkim=pass (1024-bit key) header.d=amd.com Received: from b.mx.secunet.com ([127.0.0.1]) by localhost (a.mx.secunet.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2FRRxC-dgc2R for <steffen.klassert@secunet.com>; Sat, 30 Mar 2024 00:01:08 +0100 (CET) Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=139.178.88.99; helo=sv.mirrors.kernel.org; envelope-from=linux-kernel+bounces-125491-steffen.klassert=secunet.com@vger.kernel.org; receiver=steffen.klassert@secunet.com DKIM-Filter: OpenDKIM Filter v2.11.0 b.mx.secunet.com 904C4200BB Authentication-Results: b.mx.secunet.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="Xnn0YoyP" Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org [139.178.88.99]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by b.mx.secunet.com (Postfix) with ESMTPS id 904C4200BB for <steffen.klassert@secunet.com>; Sat, 30 Mar 2024 00:01:08 +0100 (CET) Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id CDBA3284466 for <steffen.klassert@secunet.com>; Fri, 29 Mar 2024 23:01:06 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 9CA0C13CFB6; Fri, 29 Mar 2024 23:00:34 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="Xnn0YoyP" Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2062.outbound.protection.outlook.com [40.107.220.62]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 513D513E401; Fri, 29 Mar 2024 23:00:28 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.220.62 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711753230; cv=fail; b=uZhgEsPvzM/O5hYoPvgVIjlWXaSncWu/gH+CMWkulPd23+p3QPC07Xcnvdc1pEegop+1fw5FWQt9xrKIhggwnnc/cJxhZmvY+efDK8zTDVGgPMZ1OBnPCJ1svuKjpe/xapUf2zfGgrB87DdADrHQzinKcE/FLI1mCdSAohMJ7OM= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711753230; c=relaxed/simple; bh=q4vzPdo0+oii9a1ZolELIlylzfsIrazGRpbjD/k5aUY=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=ko9KEZg3yLMXSxkN960Y/B2POJkn5tv0c1SE4wQqMBJNeTCF+VtC3I5Rs/cG3vbuvj3mVK5BMvEK9Yegm31H3BjyyNl7K1T0LCemXg4usQSAgVIu4IbicWvb3FBKu3DMFE8ZSoRJpC6bFHCBONslTx3MM6W14Bvvg8XrK8Um0Lw= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=Xnn0YoyP; arc=fail smtp.client-ip=40.107.220.62 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=koAhSHTroS7Six8Mk2ptjimEuKhzjh+UOZ0BKjgCc81mT+BeIOoN5WsMBdVaZUUy0R+PvNTm4fC8i+uwFGBJV8NQMJkhjHeFNHs9v7dqfn1NGIFcfGChcbS/FPOvmOVVYpB/pw5U7oG2gLnAwxc20CK7NLojtWh4NCJ6M9OY8OY2nW344YP5M7kPGqBhcAq4W9kwvwslxNGFFGDAer3lswUX447A9LE0/fnMv5jbJ83rm5ix4N0K58GDPEx9VUGhhOgggVbAfXgKVio1kRzvNH8kJtZzXieWO/wEifcUb+WRXxN3ZBE88A4zgVuKZm7/Oqe/HvOr/XrFZWS7gVA25Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=JrYjCWIu6wNf/NkduP5S/uOo7LBR9vnyryH5vZHAlfA=; b=LVmfJFAum0chfh8MZAu/WI+/8Q1sh2O9o7TULA0rPfys5d3XWI3rdAqs/rYpjoaI+XLbCnHEgvanj9y++g3Pa/6WeAuyuUZZP+r2ZuuqLZc6edOigte0P3F00JsEgpwhi4L//QOMpICtIepUxvGLpwvRyID4b85yTfLiPEsYzfzxDzMtwa6xyDWidl6wddXopfSMfQOn4cp+NLLaX0CGH64ADEMNjDgJRUx5k4b/vRjK7TOLrW1vnz5Ty62s6kgRDA13YMF0niFXxzCeK2SekIWp/623ludL5H2O+JvT+5Bk3UU6+HQWzVWe4SzWyVmdcw+PiS9jlTsjHpiAmnR1Mw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JrYjCWIu6wNf/NkduP5S/uOo7LBR9vnyryH5vZHAlfA=; b=Xnn0YoyPydUttY9jZm4o1iMO+E8KBjfMOPusb4Vj5axJk8hQRG/osW1QECRxvBowisK2iaRPpIm14+OOzYXxmMPkAt9nxcFBlrEsW8iRuNHSFxG83FlEnCf0xJ4+jqhhyl6Gtqjia8oulEv9c2cH+koDudTK+LTVXbryYxTNGZM= Received: from SJ0PR03CA0173.namprd03.prod.outlook.com (2603:10b6:a03:338::28) by DS0PR12MB8197.namprd12.prod.outlook.com (2603:10b6:8:f1::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.40; Fri, 29 Mar 2024 23:00:26 +0000 Received: from SJ1PEPF00001CE2.namprd05.prod.outlook.com (2603:10b6:a03:338:cafe::51) by SJ0PR03CA0173.outlook.office365.com (2603:10b6:a03:338::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.41 via Frontend Transport; Fri, 29 Mar 2024 23:00:26 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SJ1PEPF00001CE2.mail.protection.outlook.com (10.167.242.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7409.10 via Frontend Transport; Fri, 29 Mar 2024 23:00:25 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Fri, 29 Mar 2024 18:00:24 -0500 From: Michael Roth <michael.roth@amd.com> To: <kvm@vger.kernel.org> CC: <linux-coco@lists.linux.dev>, <linux-mm@kvack.org>, <linux-crypto@vger.kernel.org>, <x86@kernel.org>, <linux-kernel@vger.kernel.org>, <tglx@linutronix.de>, <mingo@redhat.com>, <jroedel@suse.de>, <thomas.lendacky@amd.com>, <hpa@zytor.com>, <ardb@kernel.org>, <pbonzini@redhat.com>, <seanjc@google.com>, <vkuznets@redhat.com>, <jmattson@google.com>, <luto@kernel.org>, <dave.hansen@linux.intel.com>, <slp@redhat.com>, <pgonda@google.com>, <peterz@infradead.org>, <srinivas.pandruvada@linux.intel.com>, <rientjes@google.com>, <dovmurik@linux.ibm.com>, <tobin@ibm.com>, <bp@alien8.de>, <vbabka@suse.cz>, <kirill@shutemov.name>, <ak@linux.intel.com>, <tony.luck@intel.com>, <sathyanarayanan.kuppuswamy@linux.intel.com>, <alpergun@google.com>, <jarkko@kernel.org>, <ashish.kalra@amd.com>, <nikunj.dadhania@amd.com>, <pankaj.gupta@amd.com>, <liam.merwick@oracle.com>, Brijesh Singh <brijesh.singh@amd.com>, Harald Hoyer <harald@profian.com> Subject: [PATCH v12 12/29] KVM: SEV: Add KVM_SEV_SNP_LAUNCH_FINISH command Date: Fri, 29 Mar 2024 17:58:18 -0500 Message-ID: <20240329225835.400662-13-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240329225835.400662-1-michael.roth@amd.com> References: <20240329225835.400662-1-michael.roth@amd.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: <linux-kernel.vger.kernel.org> List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org> List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SJ1PEPF00001CE2:EE_|DS0PR12MB8197:EE_ X-MS-Office365-Filtering-Correlation-Id: 640e01f2-0a92-4152-816e-08dc50440591 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: maS+wkIOrEV5dsQi+1Ucl7Dek3wbv2EkPTvamXV0iSrN3blKHKdzKy2sIgDkiuuCucCw1OYKPEXgE5LMW8sdaz4286tIVkN+6PYuPsOVvp7iv1rneuIp9shRSXhmHDARnXxJmXnr0iJa+9y2ATf3fTJJo5La1aeAucorCGMUeZYKun+1WQUJA1HQ3EOcWxwO84rEOPNsqnSbmycdcDtS590W5Ec83CUA4agPDbAh4zj2CzuSejnH/9AfsThwsQHoNe6C0wP3YOSooNdigv7LS1g8Gv/K22w1hhc+2MjW7fKBuX9EGyBoPr2TiquiVGKTnfSA5CUdNUY8ebM82UWYw4VCzSjz8oNq06u7n8KmAJsEuQ+xDxDZ9+8UlUNuQmxbCqDLfOyyZTLQjuhoDsTsM7dZuGpqkAcvYHMMabFFq/mztOspe6IHwNWZuktMUfkhQT7jfXyNaEZMCch7qF1cFC/up6WcdI0HYTFJ1UW7LBjeIob+EJ9kPY8h7Mga93hhX3a55AynoannyjJkB/w916AFKVrRl53kdOW6ZUE+bCya4N3zsIQugolgebJDaVz3Zpt1Fdmee3h+45NUEoPhjIZIHrNfM8rK95aSy6fqixSHZ+oWPMkaTbYOYHhxpFXjMNlLe99ies3YgJ497umzrqGnQvGumS2jFNXz7xNkuKy2goBVtLNt3XHkMtD/fCYNc3oZE47i9tYjl+Soj5sN/JHUGL8jIuyLlq4kRQ30VQqSLpzThuTSB+XGQ31m+C8/ X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(376005)(1800799015)(82310400014)(7416005)(36860700004);DIR:OUT;SFP:1101; X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Mar 2024 23:00:25.9312 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 640e01f2-0a92-4152-816e-08dc50440591 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SJ1PEPF00001CE2.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB8197 Return-Path: linux-kernel+bounces-125491-steffen.klassert=secunet.com@vger.kernel.org X-MS-Exchange-Organization-OriginalArrivalTime: 29 Mar 2024 23:01:09.8227 (UTC) X-MS-Exchange-Organization-Network-Message-Id: 22dd6ec8-82d0-4e01-8306-08dc50441f9e X-MS-Exchange-Organization-OriginalClientIPAddress: 62.96.220.37 X-MS-Exchange-Organization-OriginalServerIPAddress: 10.53.40.201 X-MS-Exchange-Organization-Cross-Premises-Headers-Processed: cas-essen-01.secunet.de X-MS-Exchange-Organization-OrderedPrecisionLatencyInProgress: LSRV=mbx-essen-02.secunet.de:TOTAL-HUB=0.201|SMR=0.133(SMRDE=0.003|SMRC=0.129(SMRCL=0.102|X-SMRCR=0.128))|CAT=0.066(CATRESL=0.027 (CATRESLP2R=0.020)|CATORES=0.036(CATRS=0.036(CATRS-Transport Rule Agent=0.001|CATRS-Index Routing Agent=0.034 )));2024-03-29T23:01:10.041Z X-MS-Exchange-Forest-ArrivalHubServer: mbx-essen-02.secunet.de X-MS-Exchange-Organization-AuthSource: cas-essen-01.secunet.de X-MS-Exchange-Organization-AuthAs: Anonymous X-MS-Exchange-Organization-FromEntityHeader: Internet X-MS-Exchange-Organization-OriginalSize: 21177 X-MS-Exchange-Organization-HygienePolicy: Standard X-MS-Exchange-Organization-MessageLatency: SRV=cas-essen-01.secunet.de:TOTAL-FE=0.017|SMR=0.008(SMRPI=0.005(SMRPI-FrontendProxyAgent=0.005))|SMS=0.010 X-MS-Exchange-Organization-Recipient-Limit-Verified: True X-MS-Exchange-Organization-TotalRecipientCount: 1 X-MS-Exchange-Organization-Rules-Execution-History: 0b0cf904-14ac-4724-8bdf-482ee6223cf2%%%fd34672d-751c-45ae-a963-ed177fcabe23%%%d8080257-b0c3-47b4-b0db-23bc0c8ddb3c%%%95e591a2-5d7d-4afa-b1d0-7573d6c0a5d9%%%f7d0f6bc-4dcc-4876-8c5d-b3d6ddbb3d55%%%16355082-c50b-4214-9c7d-d39575f9f79b X-MS-Exchange-Forest-RulesExecuted: mbx-essen-02 X-MS-Exchange-Organization-RulesExecuted: mbx-essen-02 X-MS-Exchange-Forest-IndexAgent-0: AQ0CZW4AAfkTAAAPAAADH4sIAAAAAAAEAMU6DXfTxpaSPxMTk/DRAo X2Dfv20CTYjuN84ITCqQluySGBvCTw2u3p0ZHlcayNbXklOZC+x7/d H7L33pmRJVl2oG/3rAmxNLr3zv3+GOW//9Zot5nJXr8/NE6a742TN0 fGQePdm71Xxk/7b/ZPXjHL6ffNQZv5DuvYA7Nn/8GZ3+XMci+HvnPm msOubRULPXM0sLqsbZ9xz2eI4PmOyz1mw51HGH1ueiOX9/nAZ06Hls 5GBO0zgV4s+HafV1ij5zmMf/Q57gtg/KPt+fbgjAF7wIXb/2C6nLVN 34Rd3JHlj3An4NAbDYeO6xcLfNBxXAtREH/kcdzxPXc92xmwA8ds8z ZrDtqO6wl+XvNLj7UuBUMecjw0kQ7xaXtKC5VioVj4e9fucaUMtYWU v9NzPpRIZhTB9rwRF8JLpb47etk4baIcxUIgiCROEvABKXZNKotw7Y Ht22aPvT88aQBfoGEG0jFuosYsZ9CxzwC0zS72jt5V2Cnyaw8unN4F AHrc9xWPx4dHQN93bUnA7zqgGCIImnfY0HUu7DYvMWCd+DfBN7rAWY 8oOMzqcXPARsMp1LjHiwXB34cuHyBSx+X8e7xA3jxS34l9NuDtstPp lFuXu+yFa/8n97rsBKC67IeWuK14ePuj2W9XQDvPJ7Bema7Za7NXzi V32Q9duvsR+O/Y5iAZo+GBXrrstdlzTfaDSXeVc7wL7fJbv+3uguwf THAHZYIXJ+R04KiggjPug70GHjgk+o00e8i1vd8ntj60ra7Je+zY8U HCvriruHAX2rpcLhcLrFKprF3Yrr92ftFf+1jfXgOAcp/3HfeyLF0D PLiCzMDnn4zVttlj+ACq6VpdQrEHVm/U5msjc2ivmV4faVW6LPoB1P UtFkXEPT38zy8qFpvy+Sdb33hCe0Y/QEhtDO4y+rg29IZlpBTfOcQB 22SPUepN0G8PvAYUMzjj7RJbr68DNY+7KK23/HgFllib9zjeL5dX0I /adqfDyuUzDLa1l441Qu2bCPC5Gmz9KbRiwR60+Ue2Wduum+aWtVGv 8krF3NzhdavT2Vnf2GDr1er25ibZ9E/yViyASv80gz/+yMpb609K4B v4tVFjsAIhKfOJ2YMshfnC7I1k8GLUGv7lEB4C0F/bHNIb/x4qg7e7 CwY64QITSkQZc7A35Bb7zRsMy50PZbNl/24Qlc7IBSgXLOWbds9jkG u7zgdKVLQDox1syDaYktsqyYm0+rhWrUyvQ/C8POsDz+Gn0fFhewio oXAVVWeQZ1FrInkaH83aUdU+C7Jei4t0TpWwb57zUAFzudm+FDn5I7 dGZAjB0BFkpj4Hpjy2bA9WdmW9YmBEA4LDABUagiUDNA4pSaAdcyhp A2+XVVGH3siyuOeVWHnAz8ATLjiuctd1XAGONsJvFVpXbcL+EQJWH8 MYbW8yu220eo51bowg+btPZ8GZI787E6w+psYHU2GIzDm/nAVz0ePn hsv/a2SDt0yFgnLmG9gV/LZR+30q1NBs/7YdefzpqVAf/KCjh53c7t gWxV6Ct0/2SjH/B3qAqDxOaN4eDEc+NhfSLYSfsJf8wrYg+Hyop62R z1njaB+WnyV8JnLfVYm/dRWEymg7W9u8tbVZt6p1yGi1VrXesVq8ur FjxjLalfRE8roSDPPU9s425in8eoJpig9GfYZea/Xbht1GV1V2WltF nZeVXcZ90+raGCghnk9OG8enpZkgoi8rjZ1ialooof7jlN4cG4eNX3 AL9CUUq765jmLVN2ulWhXlmh6ToyH4LA8LSn6KufKppAh8yZwcYWz/ pfHi4O3ea+Nk/z+aAnVnezps493pqxAo26xOhRayGqCUhsLYqIkQ+Z LkckVOmZ1KZmSQGYljZr6IpYlZEv8eRxvnDZkvWFhxv9QgYvcM+GW8 O2kaG7UX+6eg85Nw+llef3dwwH74gVVXpmO/3D9pvDhoGi+O3zZe7j VOTo2/vds/fh3CXp9sf6a0cK0pD1TAm3X4V6tvtTbNzUplo71tVTeq 1Z11qzYt4GNkYnEee0rhvUHRvVGqiyCAZGoxtDr5jhjXeNu46Hum0e EmTXJPQ9pB0xy9Pdjf+xUi7AQ8/fA0rFLUMqhleX17ZRbS/pufQaUn ECrN0zFSrboSCS3wgNP9xoGBc5bx81GDVT/+pD7ValUYXYlQJwmg8z Jatv90/OBlc++gcdw0jv9+0jxcRpg29D9QtCHGDfTklQgwuF3TOHx3 2vyFYIFW3xwGcKjBWq1OOoTvrdJ6bSukRxsmkIlEsjwOULYKv0rx1A OJla2a7tlwZZxxXGo48ItSDqll1iZksC/a6XEoLcTAbBjW2SpcsWfs ke8YtH7RX4bvlfJzBfF0Ap+UC3GckEzpbOAZ+8enEFbLcXr4yzcurO HIoMEW2rlnrAPDLp8kj2wgJFvF36HnIxj/cMBjPQcmWzv0BHUldBhq x5CXypnlfzSGmOFgQ8OA4Qju0OQgIHAPI6XPP/orT2No4778mfDqxs 9N4/TXoyY5qdxHSAL5rm/aOHUT197umBRKAh2LgY04PVy2Swy/S/ho JakdlDogTXloX/z1DHpfsgwuryR0WBjYw85AiAjiXfSF/bhXQYdZYc +fMxLh5NX+T6dRNakPVPlXJBDZig4OxuM3H9BIHprAY6dK6qwEnZdX qDOIb2B32PLDST949IikLT+nVeg8Hj6jRD3RRcoPmgwGXZ4sBW7yGX s8+1f2AE0dcRcMCw2T0+ds6PLQKAjTNLfOPWaegVeg9mBcoROkJJ2A 04LRhKkM7xKymghw8I4EM6NwgDGD8Ug+SWb91DXBiMRpwJoYEh1mjk /5ZhhSMO32hwbOY8bQpSS7DA5YmsjlJXb0s3HQfN88MDZflxgFnunZ bRgC3RH/PxNyH0fGYAQNnaVKO822CqUAzBkw/VFMeX2eGFcJ7AvlGC LBIheYjZcxGQvUDoiOvc/e4cuZjfDszyNkscQeCbo0ks7SZeLgKT+Y BindudzqmXYf7ZhEKyRgSPuxh58SDUJ6w9CrYMtSoeHdIAcD53F8bv lUD9Ajpkf1ZOqYKVZSwVEbTEE5c8BBkpP6FFETpZYKqlLLqnr3pJIu +vb/72o+faCgadn7vPovUVZxPYRx4UCyXVXDBHD2BhrAEq3gGCEXrq rkZH7FI3kPSZWQIqTuy803b09Pf02mEq38M2jsv3nfOJikYTnDS6Pj On1j5HF3+ZFQUwmLsAF6x0Vj6Lsy5lEhK2BT+w/udJYF7MpM1n9qvD uI1WjIaIfyVNzs9cShPhvhWX3sBUeLQ1ma9ZIkmtFl+UnuMskXye+e RhWQnJ2nZWXZEp7/gcef1rJUxKrUy88/HRmvm8dvoD409vbevntzGt /tIUHONPVh83DSTELVldAgm5gvQr6JzSEZl0wIq60JIjQrl6YfBkxL wvsnRvP4eFnRWZmZuoRVjk6PozhXZS5u4Fufz07KqNby85B6YM/1BO wY3LiXlkUxwl+ifmWkz1Tv+CRiQrvB8cnVykUqX6hbQvk81RpK1C/X MYmXpLpg+2TRpIJCRy4z+iKxWwg2ZtFPE3GJVZmfG23bM1uiRMoNJw 5yxnh93reGl8sCPTjTKSnM0MqsY574xFV+/uWT2rh5HjdalLQS+it5 iMim9E2hmQ0tHbdMzP67CeCRGBDwE2CUyaLbRbOmsJDoE0AsUDWddN iO5fcm+wQqrgaF0/hgIXScmdBHyG91xLHxhA6Ba5s7T0o7eMDxr+ws P5bpJb7dERVqdwyoPm5SCRKGfCT5pbOb2KflcjMcidP2FZbfnQyb2L 6yG5vYN46m9g2ijnfMUc+fIti4i4g/pcTijHxli/r2dml9HYyxs1Mt 1TbRGqRmGhrQ++gAIfGMZCV8Np54YBBuJUIiwaAEo7v/PUyrg/HLOn pBF5oOP5ge65vuOSQIexD8DYKPKYOZXoScKSiUnQ94ToNjRSU+cKpZ s3s55O6F7TmumDVl7xIh5/IetD3Yxtg+a5lQpQERiXiXns/7lTBwqK 3BzBltF8X0T01jUnX43zg/wU0p+QWDsdeFQbot5uLIFEyj74xETq7h ndtDeT4bLesySYS2FdJNn61WJr2PvKo38rqGnIh5m6bAZXE8lTTpht +TkEMKeNv1se2lmwk06XtRWXaj3IeRzrpWy5BgCVyfX1AeTcBYkeen keP5aX8Y0Zr2RB3Qbzypblm16uZmx6pWKjvVjXa7w836Vn0rdkA/lY 44oZ/6mI7ot+p0Rg9fT0JvqmacrlJuX2U/RhqKXRkMbNi99GzL7DF1 cuF02P5LJrpbhOcDX71VDf58a0xRtYG7EORthBN/TkQvVgMytoenXR 5QkoihbiMJER9DgANACBWzyHR+HiPZSFuSRFj9adle8zVSVn9age+H TR8AxV9uQALBFx2eZNb1LoAYMuFe8LZcDBqWXXpDVcaXIz0baNHggg RlUhw4yLnPXRADDyxal8FpGZFak2bdfgL2fLy9XVfvXq4amkMlO/xe bijfywXPIm/ldtejj8KGwEflEEWSe7sWPkqvs6iKw33iGCW2R/xFP/ tE+dI6px4RY6JYqFVqW5V1vCsWNC2tZXQtlda1e1omTT85LQ8/eW0u paXntHlYKWqLYlE8hXX4getr2oK4yGo5uMhpcxktl9GyAlLgwm9YKW jXACCvzc9rBbEL3c4BJBABAEJHyhkiBSt5bQHIAqLYNFiXbOhaUbKU hS3gRxCEH3iaR06ygA7XGSIiGAMwASBgBOdZ2jdPFABG8AzXQqgocB 4W4RoAslpB8ECyIAA8zevaV3iRI6xcGCCHuHlYuUm6nfb0Nm1B6Cha TgJnAmZAFlhcAItEdwcB84g+J0RI6wurKHtW8P+V9nVaL6Q0LaUVxG I+gAQH0G/Ro/GKWr+fRg+5lxdC6Vperj/QNU3X8/hbS6FO9HmCzBT0 RbE4py1miD1d17a1VFG7HmFm6jpabUG7vqAXc5qW0xamgM0nr+sgAp DOEnspcU2i5YRWhcuhV+javJYl3CyZOy+lVjJmSN4COWpa4YqgoKdZ 8ZOi33N6kcTPTsRRSfhw4EhwK5xZ7BUFls4ZioWsclGEn9eWChhxFA Jx3AUwgdA8OXNB+fD9JOBvcRddu05ODjDitkg7wi0GuK5dkyFwFznB 2yzxJm+LqLfvxDVqUur5HkqqZ4iTe2F9Qg6J6RNub4SyDfAsBKdYAK XdgAtKF99JR9JSCa6rpaasp+OOlAyWT17Xc5OOREKRz5AgpI0bcL1A GWNO+wqu74b0nNWWJjR/Y2LlVhoNIVNiWr8+zYGT7HibnGQp9kjkro yMd4l4N/QUXVe/hsRFOOjagxBZepoXCSFx06jz3Iw6z82o8yxGnWcx 5DxfjZ2HVBrngUgpX1oM+MypUKWgWMrocwQgxXykAMCa4DxZsKkCiH nROMuFXCi0ONV/QjD5hEU9h6lAsK2nxteqcgGT9zGWC1SPioLtW0rq NIUJhoyeIRPkBcC3CoBMMBeFmc9R6VlSDnxduy0SSBo1LxjLC5iiyu S3qJRkCDeHPpwX64tiI/1aVtOyek5IIa4pxeUDKYLgFVU4rfKS2hEs SFYTMhLK1wpF1fFErFtiZSHIwyALRlxaKRn5nMNH0iu+UZVOEb9NPg wcZqmRADeQMUJY4AmLoi2BTYjgDQFfAAfWobinZDCSW15DX7olAMhX kc7NcQm4lkO58uRsS0ItQYHQqZ9Ja3dJpbB7lkTOgTg5WUfuEgNzwX Y5GaHzkh/tOxUOWdVl5cFwovWiunw/FRGWWh10j2xKmE97QIk6cxXM Q5kAKR2JNkPUowxmctT5UpA9UIo7KeT8O7LjA9GnqZqYpgZgniqLRK R9gVo25KjZUKIQpgfT3A2TVb1QRlTegB+kphdillKqu5vWc4v0KOgA 1dPJmlvNUDnOYuWCRRbl9i/ERimtyn0WGzwsx/PYtX4T1fy/h10uo/ 0FnXzsG+s52S8tfEkEfXEsxNr4HJXRiRgB/S9myA/nUP9wi2TzqD3Q xqIIihRptThOtndyWBFup4Qby9D4Ri2ig12XisqJHLWoHCYt406wdJ 9Q7oQ68FzQzwv3VlXgphAwnDdILUtkrK9JbxC8eerr5oLYJNe9Rb1Z wDOODPMoZmpe08nl7gTii8oSNHU5AlsgsGxibSUvDaJY0flrOtQkq8 WHmAcQEipFWehc+rzsKG6LRVlPQ/lHUXgQmCaRz2uaTskhqcpP8El0 /i3GJy0yweciVTQSsyIYk5U9yhih3E/JYhHU929FYpG3UsBvxCIV/W sCnq6/Fp2wyqs58UhcJ/UDSwJ4RpYWchVV4Cc15HMq3m+TCYQgC1HB l7Lj0Cgq2y2S3SketetB/AatSBDCgn4QuSqWVSesz08WVtEefAbNxU yCRPf0aDIJGfdOFpX2xSgQ1NSu3CNcyTB2Gnp6fE0DtdB24I2hCnsj WuYeCodUxwV5lRNkRgrPR9Al4lCJqsuRznNBcQEwuCbN3JqneSGgma MaF85XlC3vXVVe74vEdVvxI3QeLkwiNELJ7duUlDFcDh6I6KPrgsiB kR31m9fIwQSpBWI7oxKp4mohtMtiSjmwohBg3ZGOEXqEpRz3lS1ufG CnFndiMaHFnYDJJyxOH46Sas1iaDpAZxOHMOIQCche1xZhsA0rHBQo AETDk4cZf5xh5NOcPPpIC0hBRCWWgoAJ0mDQOUDXhNS0HJ5OqFSjsO bVuJ1Pq6OtOf3Wl0gaG4WWIqOQnhbVPzIQqUX0PTnoFccjkpzoE56G Jm7oPxcFeyJC8fp/AFSmq3C9PAAAAQLcAjw/eG1sIHZlcnNpb249Ij EuMCIgZW5jb2Rpbmc9InV0Zi0xNiI/Pg0KPFRhc2tTZXQ+DQogIDxW ZXJzaW9uPjE1LjAuMC4wPC9WZXJzaW9uPg0KICA8VGFza3M+DQogIC AgPFRhc2sgU3RhcnRJbmRleD0iNTIwIj4NCiAgICAgIDxUYXNrU3Ry aW5nPnRvIHByb3ZpZGUsIHNvIGFsc28gYWRkIGhhbmRsaW5nIHRvIG NsZWFuIHVwIHRoZSBSTVAgZW50cmllcyBmb3IgdGhlc2U8L1Rhc2tT dHJpbmc+DQogICAgICA8QXNzaWduZWVzPg0KICAgICAgICA8RW1haW xVc2VyIElkPSJrdm1Admdlci5rZXJuZWwub3JnIiAvPg0KICAgICAg PC9Bc3NpZ25lZXM+DQogICAgPC9UYXNrPg0KICA8L1Rhc2tzPg0KPC 9UYXNrU2V0PgEKxwQ8P3htbCB2ZXJzaW9uPSIxLjAiIGVuY29kaW5n PSJ1dGYtMTYiPz4NCjxFbWFpbFNldD4NCiAgPFZlcnNpb24+MTUuMC 4wLjA8L1ZlcnNpb24+DQogIDxFbWFpbHM+DQogICAgPEVtYWlsIFN0 YXJ0SW5kZXg9IjY1NSIgUG9zaXRpb249Ik90aGVyIj4NCiAgICAgID xFbWFpbFN0cmluZz5icmlqZXNoLnNpbmdoQGFtZC5jb208L0VtYWls U3RyaW5nPg0KICAgIDwvRW1haWw+DQogICAgPEVtYWlsIFN0YXJ0SW 5kZXg9IjcwOCIgUG9zaXRpb249Ik90aGVyIj4NCiAgICAgIDxFbWFp bFN0cmluZz5oYXJhbGRAcHJvZmlhbi5jb208L0VtYWlsU3RyaW5nPg 0KICAgIDwvRW1haWw+DQogICAgPEVtYWlsIFN0YXJ0SW5kZXg9Ijc1 OCIgUG9zaXRpb249Ik90aGVyIj4NCiAgICAgIDxFbWFpbFN0cmluZz 5hc2hpc2gua2FscmFAYW1kLmNvbTwvRW1haWxTdHJpbmc+DQogICAg PC9FbWFpbD4NCiAgICA8RW1haWwgU3RhcnRJbmRleD0iODgxIiBQb3 NpdGlvbj0iT3RoZXIiPg0KICAgICAgPEVtYWlsU3RyaW5nPm1pY2hh ZWwucm90aEBhbWQuY29tPC9FbWFpbFN0cmluZz4NCiAgICA8L0VtYW lsPg0KICA8L0VtYWlscz4NCjwvRW1haWxTZXQ+AQ7PAVJldHJpZXZl ck9wZXJhdG9yLDEwLDA7UmV0cmlldmVyT3BlcmF0b3IsMTEsMjtQb3 N0RG9jUGFyc2VyT3BlcmF0b3IsMTAsMTtQb3N0RG9jUGFyc2VyT3Bl cmF0b3IsMTEsMDtQb3N0V29yZEJyZWFrZXJEaWFnbm9zdGljT3Blcm F0b3IsMTAsNTtQb3N0V29yZEJyZWFrZXJEaWFnbm9zdGljT3BlcmF0 b3IsMTEsMDtUcmFuc3BvcnRXcml0ZXJQcm9kdWNlciwyMCwxMw== X-MS-Exchange-Forest-IndexAgent: 1 6274 X-MS-Exchange-Forest-EmailMessageHash: 9C18AEDE X-MS-Exchange-Forest-Language: en X-MS-Exchange-Organization-Processed-By-Journaling: Journal Agent Add a KVM_SEV_SNP_LAUNCH_FINISH command to finalize the cryptographic launch digest and stores it as the measurement of the guest at launch time. Also extend the existing SNP firmware data structures to support enforcing the use of Version Loaded Endorsement Keys by guests as part of this command. While finalizing the launch flow, it also issues the LAUNCH_UPDATE SNP firmware commands to encrypt/measure the initial VMSA pages for each configured vCPU. This involves setting the RMP entries for those pages to provide, so also add handling to clean up the RMP entries for these pages whening free'ing vCPUs. Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Signed-off-by: Harald Hoyer <harald@profian.com> Signed-off-by: Ashish Kalra <ashish.kalra@amd.com> [mdr: always measure BSP first to get consistent launch measurements] Signed-off-by: Michael Roth <michael.roth@amd.com> --- .../virt/kvm/x86/amd-memory-encryption.rst | 26 ++++ arch/x86/include/uapi/asm/kvm.h | 15 ++ arch/x86/kvm/svm/sev.c | 137 ++++++++++++++++++ include/linux/psp-sev.h | 4 +- 4 files changed, 181 insertions(+), 1 deletion(-) diff --git a/Documentation/virt/kvm/x86/amd-memory-encryption.rst b/Documentation/virt/kvm/x86/amd-memory-encryption.rst index 4268aa5c380e..a49e8cff9133 100644 --- a/Documentation/virt/kvm/x86/amd-memory-encryption.rst +++ b/Documentation/virt/kvm/x86/amd-memory-encryption.rst @@ -517,6 +517,32 @@ where the allowed values for page_type are #define'd as:: See the SEV-SNP spec [snp-fw-abi]_ for further details on how each page type is used/measured. +20. KVM_SEV_SNP_LAUNCH_FINISH +----------------------------- + +After completion of the SNP guest launch flow, the KVM_SEV_SNP_LAUNCH_FINISH +command can be issued to make the guest ready for execution. + +Parameters (in): struct kvm_sev_snp_launch_finish + +Returns: 0 on success, -negative on error + +:: + + struct kvm_sev_snp_launch_finish { + __u64 id_block_uaddr; + __u64 id_auth_uaddr; + __u8 id_block_en; + __u8 auth_key_en; + __u8 vlek_required; + __u8 host_data[32]; + __u8 pad[6]; + }; + + +See SEV-SNP specification [snp-fw-abi]_ for SNP_LAUNCH_FINISH further details +on launch finish input parameters. + Device attribute API ==================== diff --git a/arch/x86/include/uapi/asm/kvm.h b/arch/x86/include/uapi/asm/kvm.h index 956eb548c08e..2b08fcbe039a 100644 --- a/arch/x86/include/uapi/asm/kvm.h +++ b/arch/x86/include/uapi/asm/kvm.h @@ -696,6 +696,7 @@ enum sev_cmd_id { /* SNP-specific commands */ KVM_SEV_SNP_LAUNCH_START, KVM_SEV_SNP_LAUNCH_UPDATE, + KVM_SEV_SNP_LAUNCH_FINISH, KVM_SEV_NR_MAX, }; @@ -841,6 +842,20 @@ struct kvm_sev_snp_launch_update { __u8 type; }; +#define KVM_SEV_SNP_ID_BLOCK_SIZE 96 +#define KVM_SEV_SNP_ID_AUTH_SIZE 4096 +#define KVM_SEV_SNP_FINISH_DATA_SIZE 32 + +struct kvm_sev_snp_launch_finish { + __u64 id_block_uaddr; + __u64 id_auth_uaddr; + __u8 id_block_en; + __u8 auth_key_en; + __u8 vlek_required; + __u8 host_data[KVM_SEV_SNP_FINISH_DATA_SIZE]; + __u8 pad[6]; +}; + #define KVM_X2APIC_API_USE_32BIT_IDS (1ULL << 0) #define KVM_X2APIC_API_DISABLE_BROADCAST_QUIRK (1ULL << 1) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index a8a8a285b4a4..3d6c030091c2 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -63,6 +63,8 @@ static u64 sev_supported_vmsa_features; #define SNP_POLICY_MASK_SMT BIT_ULL(16) #define SNP_POLICY_MASK_SINGLE_SOCKET BIT_ULL(20) +#define INITIAL_VMSA_GPA 0xFFFFFFFFF000 + static u8 sev_enc_bit; static DECLARE_RWSEM(sev_deactivate_lock); static DEFINE_MUTEX(sev_bitmap_lock); @@ -2283,6 +2285,125 @@ static int snp_launch_update(struct kvm *kvm, struct kvm_sev_cmd *argp) return ret; } +static int snp_launch_update_vmsa(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct sev_data_snp_launch_update data = {}; + bool boot_vcpu_handled = false; + struct kvm_vcpu *vcpu; + unsigned long i; + int ret; + + data.gctx_paddr = __psp_pa(sev->snp_context); + data.page_type = SNP_PAGE_TYPE_VMSA; + +handle_remaining_vcpus: + kvm_for_each_vcpu(i, vcpu, kvm) { + struct vcpu_svm *svm = to_svm(vcpu); + u64 pfn = __pa(svm->sev_es.vmsa) >> PAGE_SHIFT; + + /* Handle boot vCPU first to ensure consistent measurement of initial state. */ + if (!boot_vcpu_handled && vcpu->vcpu_id != 0) + continue; + + if (boot_vcpu_handled && vcpu->vcpu_id == 0) + continue; + + /* Perform some pre-encryption checks against the VMSA */ + ret = sev_es_sync_vmsa(svm); + if (ret) + return ret; + + /* Transition the VMSA page to a firmware state. */ + ret = rmp_make_private(pfn, INITIAL_VMSA_GPA, PG_LEVEL_4K, sev->asid, true); + if (ret) + return ret; + + /* Issue the SNP command to encrypt the VMSA */ + data.address = __sme_pa(svm->sev_es.vmsa); + ret = __sev_issue_cmd(argp->sev_fd, SEV_CMD_SNP_LAUNCH_UPDATE, + &data, &argp->error); + if (ret) { + snp_page_reclaim(pfn); + return ret; + } + + svm->vcpu.arch.guest_state_protected = true; + + if (!boot_vcpu_handled) { + boot_vcpu_handled = true; + goto handle_remaining_vcpus; + } + } + + return 0; +} + +static int snp_launch_finish(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct kvm_sev_snp_launch_finish params; + struct sev_data_snp_launch_finish *data; + void *id_block = NULL, *id_auth = NULL; + int ret; + + if (!sev_snp_guest(kvm)) + return -ENOTTY; + + if (!sev->snp_context) + return -EINVAL; + + if (copy_from_user(¶ms, u64_to_user_ptr(argp->data), sizeof(params))) + return -EFAULT; + + /* Measure all vCPUs using LAUNCH_UPDATE before finalizing the launch flow. */ + ret = snp_launch_update_vmsa(kvm, argp); + if (ret) + return ret; + + data = kzalloc(sizeof(*data), GFP_KERNEL_ACCOUNT); + if (!data) + return -ENOMEM; + + if (params.id_block_en) { + id_block = psp_copy_user_blob(params.id_block_uaddr, KVM_SEV_SNP_ID_BLOCK_SIZE); + if (IS_ERR(id_block)) { + ret = PTR_ERR(id_block); + goto e_free; + } + + data->id_block_en = 1; + data->id_block_paddr = __sme_pa(id_block); + + id_auth = psp_copy_user_blob(params.id_auth_uaddr, KVM_SEV_SNP_ID_AUTH_SIZE); + if (IS_ERR(id_auth)) { + ret = PTR_ERR(id_auth); + goto e_free_id_block; + } + + data->id_auth_paddr = __sme_pa(id_auth); + + if (params.auth_key_en) + data->auth_key_en = 1; + } + + data->vcek_disabled = params.vlek_required; + + memcpy(data->host_data, params.host_data, KVM_SEV_SNP_FINISH_DATA_SIZE); + data->gctx_paddr = __psp_pa(sev->snp_context); + ret = sev_issue_cmd(kvm, SEV_CMD_SNP_LAUNCH_FINISH, data, &argp->error); + + kfree(id_auth); + +e_free_id_block: + kfree(id_block); + +e_free: + kfree(data); + + return ret; +} + int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) { struct kvm_sev_cmd sev_cmd; @@ -2376,6 +2497,9 @@ int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) case KVM_SEV_SNP_LAUNCH_UPDATE: r = snp_launch_update(kvm, &sev_cmd); break; + case KVM_SEV_SNP_LAUNCH_FINISH: + r = snp_launch_finish(kvm, &sev_cmd); + break; default: r = -EINVAL; goto out; @@ -2866,11 +2990,24 @@ void sev_free_vcpu(struct kvm_vcpu *vcpu) svm = to_svm(vcpu); + /* + * If it's an SNP guest, then the VMSA was marked in the RMP table as + * a guest-owned page. Transition the page to hypervisor state before + * releasing it back to the system. + */ + if (sev_snp_guest(vcpu->kvm)) { + u64 pfn = __pa(svm->sev_es.vmsa) >> PAGE_SHIFT; + + if (host_rmp_make_shared(pfn, PG_LEVEL_4K, true)) + goto skip_vmsa_free; + } + if (vcpu->arch.guest_state_protected) sev_flush_encrypted_page(vcpu, svm->sev_es.vmsa); __free_page(virt_to_page(svm->sev_es.vmsa)); +skip_vmsa_free: if (svm->sev_es.ghcb_sa_free) kvfree(svm->sev_es.ghcb_sa); } diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index 3705c2044fc0..903ddfea8585 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -658,6 +658,7 @@ struct sev_data_snp_launch_update { * @id_auth_paddr: system physical address of ID block authentication structure * @id_block_en: indicates whether ID block is present * @auth_key_en: indicates whether author key is present in authentication structure + * @vcek_disabled: indicates whether use of VCEK is allowed for attestation reports * @rsvd: reserved * @host_data: host-supplied data for guest, not interpreted by firmware */ @@ -667,7 +668,8 @@ struct sev_data_snp_launch_finish { u64 id_auth_paddr; u8 id_block_en:1; u8 auth_key_en:1; - u64 rsvd:62; + u8 vcek_disabled:1; + u64 rsvd:61; u8 host_data[32]; } __packed; -- 2.25.1
next prev parent reply other threads:[~2024-03-29 23:00 UTC|newest] Thread overview: 96+ messages / expand[flat|nested] mbox.gz Atom feed top 2024-03-29 22:58 [PATCH v12 00/29] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support Michael Roth 2024-03-29 22:58 ` Michael Roth 2024-03-29 22:58 ` [PATCH v12 01/29] [TEMP] x86/kvm/Kconfig: Have KVM_AMD_SEV select ARCH_HAS_CC_PLATFORM Michael Roth 2024-03-29 22:58 ` [PATCH v12 02/29] [TEMP] x86/cc: Add cc_platform_set/_clear() helpers Michael Roth 2024-03-29 22:58 ` Michael Roth 2024-03-29 22:58 ` Michael Roth 2024-03-29 22:58 ` [PATCH v12 03/29] [TEMP] x86/CPU/AMD: Track SNP host status with cc_platform_*() Michael Roth 2024-03-29 22:58 ` Michael Roth 2024-03-29 22:58 ` Michael Roth 2024-03-29 22:58 ` [PATCH v12 04/29] [TEMP] fixup! KVM: SEV: sync FPU and AVX state at LAUNCH_UPDATE_VMSA time Michael Roth 2024-03-29 22:58 ` [PATCH v12 05/29] KVM: x86: Define RMP page fault error bits for #NPF Michael Roth 2024-03-29 22:58 ` Michael Roth 2024-03-30 19:28 ` Paolo Bonzini 2024-03-29 22:58 ` [PATCH v12 06/29] KVM: SEV: Select KVM_GENERIC_PRIVATE_MEM when CONFIG_KVM_AMD_SEV=y Michael Roth 2024-03-29 22:58 ` [PATCH v12 07/29] KVM: SEV: Add support to handle AP reset MSR protocol Michael Roth 2024-03-29 22:58 ` Michael Roth 2024-03-29 22:58 ` Michael Roth 2024-03-29 22:58 ` [PATCH v12 08/29] KVM: SEV: Add GHCB handling for Hypervisor Feature Support requests Michael Roth 2024-03-29 22:58 ` Michael Roth 2024-03-29 22:58 ` [PATCH v12 09/29] KVM: SEV: Add initial SEV-SNP support Michael Roth 2024-03-29 22:58 ` Michael Roth 2024-03-30 19:58 ` Paolo Bonzini 2024-03-29 22:58 ` [PATCH v12 10/29] KVM: SEV: Add KVM_SEV_SNP_LAUNCH_START command Michael Roth 2024-03-29 22:58 ` Michael Roth 2024-03-30 20:20 ` Paolo Bonzini 2024-03-29 22:58 ` [PATCH v12 11/29] KVM: SEV: Add KVM_SEV_SNP_LAUNCH_UPDATE command Michael Roth 2024-03-29 22:58 ` Michael Roth 2024-03-30 20:31 ` Paolo Bonzini 2024-04-01 22:22 ` Michael Roth 2024-04-02 22:58 ` Isaku Yamahata 2024-04-03 12:51 ` Paolo Bonzini 2024-04-03 15:37 ` Isaku Yamahata 2024-04-04 16:03 ` Paolo Bonzini 2024-03-29 22:58 ` Michael Roth [this message] 2024-03-29 22:58 ` [PATCH v12 12/29] KVM: SEV: Add KVM_SEV_SNP_LAUNCH_FINISH command Michael Roth 2024-03-30 20:41 ` Paolo Bonzini 2024-04-01 23:17 ` Michael Roth 2024-04-03 12:56 ` Paolo Bonzini 2024-03-29 22:58 ` [PATCH v12 13/29] KVM: SEV: Add support to handle GHCB GPA register VMGEXIT Michael Roth 2024-03-29 22:58 ` Michael Roth 2024-03-29 22:58 ` [PATCH v12 14/29] KVM: SEV: Add support to handle MSR based Page State Change VMGEXIT Michael Roth 2024-03-29 22:58 ` [PATCH v12 15/29] KVM: SEV: Add support to handle " Michael Roth 2024-03-29 22:58 ` [PATCH v12 16/29] KVM: x86: Export the kvm_zap_gfn_range() for the SNP use Michael Roth 2024-03-30 20:51 ` Paolo Bonzini 2024-03-29 22:58 ` [PATCH v12 17/29] KVM: SEV: Add support to handle RMP nested page faults Michael Roth 2024-03-29 22:58 ` Michael Roth 2024-03-29 22:58 ` Michael Roth 2024-03-30 20:55 ` Paolo Bonzini 2024-03-29 22:58 ` [PATCH v12 18/29] KVM: SEV: Use a VMSA physical address variable for populating VMCB Michael Roth 2024-03-29 22:58 ` Michael Roth 2024-03-30 21:01 ` Paolo Bonzini 2024-04-16 11:53 ` Paolo Bonzini 2024-04-16 14:25 ` Tom Lendacky 2024-04-16 17:00 ` Paolo Bonzini 2024-04-17 20:57 ` Michael Roth 2024-03-29 22:58 ` [PATCH v12 19/29] KVM: SEV: Support SEV-SNP AP Creation NAE event Michael Roth 2024-03-29 22:58 ` Michael Roth 2024-03-29 22:58 ` [PATCH v12 20/29] KVM: SEV: Add support for GHCB-based termination requests Michael Roth 2024-03-29 22:58 ` Michael Roth 2024-03-29 22:58 ` [PATCH v12 21/29] KVM: SEV: Implement gmem hook for initializing private pages Michael Roth 2024-03-30 21:05 ` Paolo Bonzini 2024-03-30 21:05 ` Paolo Bonzini 2024-03-30 21:05 ` Paolo Bonzini 2024-03-29 22:58 ` [PATCH v12 22/29] KVM: SEV: Implement gmem hook for invalidating " Michael Roth 2024-03-30 21:31 ` Paolo Bonzini 2024-03-30 21:31 ` Paolo Bonzini 2024-03-30 21:31 ` Paolo Bonzini 2024-04-18 19:57 ` Michael Roth 2024-03-29 22:58 ` [PATCH v12 23/29] KVM: x86: Implement gmem hook for determining max NPT mapping level Michael Roth 2024-03-29 22:58 ` Michael Roth 2024-03-29 22:58 ` Michael Roth 2024-03-30 21:35 ` Paolo Bonzini 2024-03-30 21:35 ` Paolo Bonzini 2024-03-30 21:35 ` Paolo Bonzini 2024-03-29 22:58 ` [PATCH v12 24/29] KVM: SEV: Avoid WBINVD for HVA-based MMU notifications for SNP Michael Roth 2024-03-30 21:35 ` Paolo Bonzini 2024-03-30 21:35 ` Paolo Bonzini 2024-03-29 22:58 ` [PATCH v12 25/29] KVM: SVM: Add module parameter to enable the SEV-SNP Michael Roth 2024-03-30 21:35 ` Paolo Bonzini 2024-03-30 21:35 ` Paolo Bonzini 2024-03-29 22:58 ` [PATCH v12 26/29] KVM: SEV: Provide support for SNP_GUEST_REQUEST NAE event Michael Roth 2024-03-29 22:58 ` Michael Roth 2024-03-29 22:58 ` Michael Roth 2024-04-10 22:14 ` Tom Lendacky 2024-03-29 22:58 ` [PATCH v12 27/29] crypto: ccp: Add the SNP_VLEK_LOAD command Michael Roth 2024-03-29 22:58 ` Michael Roth 2024-04-10 22:20 ` Tom Lendacky 2024-03-29 22:58 ` [PATCH v12 28/29] crypto: ccp: Add the SNP_{PAUSE,RESUME}_ATTESTATION commands Michael Roth 2024-03-29 22:58 ` Michael Roth 2024-04-10 22:27 ` Tom Lendacky 2024-03-29 22:58 ` [PATCH v12 29/29] KVM: SEV: Provide support for SNP_EXTENDED_GUEST_REQUEST NAE event Michael Roth 2024-03-29 22:58 ` Michael Roth 2024-04-11 13:33 ` Tom Lendacky 2024-03-30 21:44 ` [PATCH v12 00/29] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support Paolo Bonzini 2024-03-30 21:44 ` Paolo Bonzini 2024-03-30 21:44 ` Paolo Bonzini
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20240329225835.400662-13-michael.roth@amd.com \ --to=michael.roth@amd.com \ --cc=ak@linux.intel.com \ --cc=alpergun@google.com \ --cc=ardb@kernel.org \ --cc=ashish.kalra@amd.com \ --cc=bp@alien8.de \ --cc=brijesh.singh@amd.com \ --cc=dave.hansen@linux.intel.com \ --cc=dovmurik@linux.ibm.com \ --cc=harald@profian.com \ --cc=hpa@zytor.com \ --cc=jarkko@kernel.org \ --cc=jmattson@google.com \ --cc=jroedel@suse.de \ --cc=kirill@shutemov.name \ --cc=kvm@vger.kernel.org \ --cc=liam.merwick@oracle.com \ --cc=linux-coco@lists.linux.dev \ --cc=linux-crypto@vger.kernel.org \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-mm@kvack.org \ --cc=luto@kernel.org \ --cc=mingo@redhat.com \ --cc=nikunj.dadhania@amd.com \ --cc=pankaj.gupta@amd.com \ --cc=pbonzini@redhat.com \ --cc=peterz@infradead.org \ --cc=pgonda@google.com \ --cc=rientjes@google.com \ --cc=sathyanarayanan.kuppuswamy@linux.intel.com \ --cc=seanjc@google.com \ --cc=slp@redhat.com \ --cc=srinivas.pandruvada@linux.intel.com \ --cc=tglx@linutronix.de \ --cc=thomas.lendacky@amd.com \ --cc=tobin@ibm.com \ --cc=tony.luck@intel.com \ --cc=vbabka@suse.cz \ --cc=vkuznets@redhat.com \ --cc=x86@kernel.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.