From: Tom Lendacky <thomas.lendacky@amd.com>
To: Borislav Petkov <bp@alien8.de>
Cc: linux-kernel@vger.kernel.org, x86@kernel.org,
linux-coco@lists.linux.dev, svsm-devel@coconut-svsm.dev,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>,
Dave Hansen <dave.hansen@linux.intel.com>,
"H. Peter Anvin" <hpa@zytor.com>,
Andy Lutomirski <luto@kernel.org>,
Peter Zijlstra <peterz@infradead.org>,
Dan Williams <dan.j.williams@intel.com>,
Michael Roth <michael.roth@amd.com>,
Ashish Kalra <ashish.kalra@amd.com>
Subject: Re: [PATCH v3 03/14] x86/sev: Check for the presence of an SVSM in the SNP Secrets page
Date: Thu, 18 Apr 2024 16:17:36 -0500 [thread overview]
Message-ID: <d525f2ef-d8f0-a694-401f-8cb964dcdaed@amd.com> (raw)
In-Reply-To: <20240417204030.GIZiAzvuLG6qcFFMyT@fat_crate.local>
On 4/17/24 15:40, Borislav Petkov wrote:
> On Mon, Mar 25, 2024 at 05:26:22PM -0500, Tom Lendacky wrote:
>> During early boot phases, check for the presence of an SVSM when running
>> as an SEV-SNP guest.
>>
>> An SVSM is present if the 64-bit value at offset 0x148 into the secrets
>> page is non-zero. If an SVSM is present, save the SVSM Calling Area
>> address (CAA), located at offset 0x150 into the secrets page, and set
>> the VMPL level of the guest, which should be non-zero, to indicate the
>> presence of an SVSM.
>
> Where are we pointing to the SVSM spec?
>
> This is in the 0th message
>
> https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/58019.pdf
>
> but pls add it to our documentation here:
>
> Documentation/arch/x86/amd-memory-encryption.rst
Do you want it added as a in this patch or in a documentation patch at the
end of the series?
>
>> Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
>> ---
>> arch/x86/boot/compressed/sev.c | 35 ++++++++---------
>> arch/x86/include/asm/sev-common.h | 4 ++
>> arch/x86/include/asm/sev.h | 25 +++++++++++-
>> arch/x86/kernel/sev-shared.c | 64 +++++++++++++++++++++++++++++++
>> arch/x86/kernel/sev.c | 16 ++++++++
>> 5 files changed, 125 insertions(+), 19 deletions(-)
>>
>> diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c
>> index 49dc9661176d..fe61ff630c7e 100644
>> --- a/arch/x86/boot/compressed/sev.c
>> +++ b/arch/x86/boot/compressed/sev.c
>> @@ -12,6 +12,7 @@
>> */
>> #include "misc.h"
>>
>> +#include <linux/mm.h>
>> #include <asm/bootparam.h>
>> #include <asm/pgtable_types.h>
>> #include <asm/sev.h>
>> @@ -29,6 +30,15 @@
>> static struct ghcb boot_ghcb_page __aligned(PAGE_SIZE);
>> struct ghcb *boot_ghcb;
>>
>> +/*
>> + * SVSM related information:
>> + * When running under an SVSM, the VMPL that Linux is executing at must be
>> + * non-zero. The VMPL is therefore used to indicate the presence of an SVSM.
>> + */
>> +static u8 vmpl __section(".data");
>> +static u64 boot_svsm_caa_pa __section(".data");
>> +static struct svsm_ca *boot_svsm_caa __section(".data");
>
> Explain what those last 2 are in comments above it pls.
Will do.
>
>> /*
>> * SNP_FEATURES_IMPL_REQ is the mask of SNP features that will need
>> * guest side implementation for proper functioning of the guest. If any
>> @@ -480,6 +472,13 @@ static bool early_snp_init(struct boot_params *bp)
>> */
>> setup_cpuid_table(cc_info);
>>
>> + /*
>> + * Record the SVSM Calling Area address (CAA) if the guest is not
>
> Calling Area (CA) address
>
>> + * running at VMPL0. The CA will be used to communicate with the
>
> and then you can use "CA" here.
Will do.
>
>> + * SVSM to perform the SVSM services.
>> + */
>> + setup_svsm_ca(cc_info);
>> +
>> /*
>> * Pass run-time kernel a pointer to CC info via boot_params so EFI
>> * config table doesn't need to be searched again during early startup
>> diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h
>> index b463fcbd4b90..68a8cdf6fd6a 100644
>> --- a/arch/x86/include/asm/sev-common.h
>> +++ b/arch/x86/include/asm/sev-common.h
>> @@ -159,6 +159,10 @@ struct snp_psc_desc {
>> #define GHCB_TERM_NOT_VMPL0 3 /* SNP guest is not running at VMPL-0 */
>> #define GHCB_TERM_CPUID 4 /* CPUID-validation failure */
>> #define GHCB_TERM_CPUID_HV 5 /* CPUID failure during hypervisor fallback */
>> +#define GHCB_TERM_SECRETS_PAGE 6 /* Secrets page failure */
>> +#define GHCB_TERM_NO_SVSM 7 /* SVSM is not advertised in the secrets page */
>> +#define GHCB_TERM_SVSM_VMPL0 8 /* SVSM is present but has set VMPL to 0 */
>> +#define GHCB_TERM_SVSM_CAA 9 /* SVSM is present but the CA is not page aligned */
>
> "CAA" in the comment I guess. :)
Will do.
>
>> +/*
>> + * Maintain the GPA of the SVSM Calling Area (CA) in order to utilize the SVSM
>> + * services needed when not running in VMPL0.
>> + */
>> +static void __head setup_svsm_ca(const struct cc_blob_sev_info *cc_info)
>> +{
>> + struct snp_secrets_page_layout *secrets_page;
>
> Why was that thing ever called "_layout" and not simply
> snp_secrets_page?
>
> Fix it?
Sure, I can change that as a pre-patch to the series.
>
>> + u64 caa;
>> +
>> + BUILD_BUG_ON(sizeof(*secrets_page) != PAGE_SIZE);
>
> Put it in the header under the struct definition I guess.
It can't stand on it's own in the header file. I'd have to put it in a
#define or an inline function and then use that in some code. So it's
probably best to keep it here.
>
>> + /*
>> + * Use __pa() since this routine is running identity mapped when
>> + * called, both by the decompressor code and the early kernel code.
>> + */
>> + if (running_at_vmpl0((void *)__pa(&boot_ghcb_page)))
>> + return;
>> +
>> + /*
>> + * Not running at VMPL0, ensure everything has been properly supplied
>> + * for running under an SVSM.
>> + */
>> + if (!cc_info || !cc_info->secrets_phys || cc_info->secrets_len != PAGE_SIZE)
>> + sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_SECRETS_PAGE);
>> +
>> + secrets_page = (struct snp_secrets_page_layout *)cc_info->secrets_phys;
>> + if (!secrets_page->svsm_size)
>> + sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_NO_SVSM);
>> +
>> + if (!secrets_page->svsm_guest_vmpl)
>> + sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_SVSM_VMPL0);
>> +
>> + vmpl = secrets_page->svsm_guest_vmpl;
>> +
>> + caa = secrets_page->svsm_caa;
>> + if (!PAGE_ALIGNED(caa))
>> + sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_SVSM_CAA);
>> +
>> + /*
>> + * The CA is identity mapped when this routine is called, both by the
>> + * decompressor code and the early kernel code.
>> + */
>> + boot_svsm_caa = (struct svsm_ca *)caa;
>> + boot_svsm_caa_pa = caa;
>> +}
>> diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c
>> index b59b09c2f284..64799a04feb4 100644
>> --- a/arch/x86/kernel/sev.c
>> +++ b/arch/x86/kernel/sev.c
>> @@ -135,6 +135,15 @@ struct ghcb_state {
>> static DEFINE_PER_CPU(struct sev_es_runtime_data*, runtime_data);
>> static DEFINE_PER_CPU(struct sev_es_save_area *, sev_vmsa);
>>
>> +/*
>> + * SVSM related information:
>> + * When running under an SVSM, the VMPL that Linux is executing at must be
>> + * non-zero. The VMPL is therefore used to indicate the presence of an SVSM.
>> + */
>> +static u8 vmpl __ro_after_init;
>> +static struct svsm_ca *boot_svsm_caa __ro_after_init;
>> +static u64 boot_svsm_caa_pa __ro_after_init;
>
> Uff, duplication.
>
> Let's put them in sev-shared.c pls and avoid that.
Ok, but it will require moving some functions after the inclusion of
sev-shared.c and then (later) adding some advance function declarations.
Thanks,
Tom
>
> Thx.
>
next prev parent reply other threads:[~2024-04-18 21:17 UTC|newest]
Thread overview: 61+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-25 22:26 [PATCH v3 00/14] Provide SEV-SNP support for running under an SVSM Tom Lendacky
2024-03-25 22:26 ` [PATCH v3 01/14] x86/sev: Rename snp_init() in the boot/compressed/sev.c file Tom Lendacky
2024-04-09 17:09 ` Borislav Petkov
2024-04-09 17:44 ` Tom Lendacky
2024-04-09 17:57 ` Borislav Petkov
2024-04-12 16:19 ` Gupta, Pankaj
2024-03-25 22:26 ` [PATCH v3 02/14] x86/sev: Make the VMPL0 checking function more generic Tom Lendacky
2024-04-12 16:41 ` Gupta, Pankaj
2024-04-17 11:46 ` Borislav Petkov
2024-04-17 20:35 ` Tom Lendacky
2024-04-17 20:50 ` Borislav Petkov
2024-04-18 18:38 ` Tom Lendacky
2024-04-21 7:12 ` Borislav Petkov
2024-03-25 22:26 ` [PATCH v3 03/14] x86/sev: Check for the presence of an SVSM in the SNP Secrets page Tom Lendacky
2024-04-12 17:03 ` Gupta, Pankaj
2024-04-17 20:40 ` Borislav Petkov
2024-04-18 21:17 ` Tom Lendacky [this message]
2024-04-22 22:07 ` Borislav Petkov
2024-03-25 22:26 ` [PATCH v3 04/14] x86/sev: Use kernel provided SVSM Calling Areas Tom Lendacky
2024-04-12 16:04 ` Gupta, Pankaj
2024-03-25 22:26 ` [PATCH v3 05/14] x86/sev: Perform PVALIDATE using the SVSM when not at VMPL0 Tom Lendacky
2024-03-25 22:26 ` [PATCH v3 06/14] x86/sev: Use the SVSM to create a vCPU when not in VMPL0 Tom Lendacky
2024-04-12 15:28 ` Gupta, Pankaj
2024-03-25 22:26 ` [PATCH v3 07/14] x86/sev: Provide SVSM discovery support Tom Lendacky
2024-04-15 16:12 ` Gupta, Pankaj
2024-03-25 22:26 ` [PATCH v3 08/14] x86/sev: Provide guest VMPL level to userspace Tom Lendacky
2024-03-25 22:26 ` [PATCH v3 09/14] virt: sev-guest: Choose the VMPCK key based on executing VMPL Tom Lendacky
2024-04-16 4:54 ` Dan Williams
2024-04-16 15:17 ` Tom Lendacky
2024-04-16 15:47 ` Dan Williams
2024-03-25 22:26 ` [PATCH v3 10/14] configfs-tsm: Allow the privlevel_floor attribute to be updated Tom Lendacky
2024-04-16 4:55 ` Dan Williams
2024-04-16 15:23 ` Tom Lendacky
2024-04-16 15:57 ` Dan Williams
2024-04-16 16:17 ` Tom Lendacky
2024-03-25 22:26 ` [PATCH v3 11/14] x86/sev: Extend the config-fs attestation support for an SVSM Tom Lendacky
2024-04-16 5:37 ` Dan Williams
2024-04-16 15:53 ` Tom Lendacky
2024-04-16 16:19 ` Dan Williams
2024-03-25 22:26 ` [PATCH v3 12/14] fs/configfs: Add a callback to determine attribute visibility Tom Lendacky
2024-04-16 5:46 ` Dan Williams
2024-04-16 16:01 ` Tom Lendacky
2024-04-16 18:25 ` Dan Williams
2024-04-16 19:54 ` Tom Lendacky
2024-04-16 20:03 ` Dan Williams
2024-03-25 22:26 ` [PATCH v3 13/14] x86/sev: Hide SVSM attestation entries if not running under an SVSM Tom Lendacky
2024-04-09 18:12 ` Kuppuswamy Sathyanarayanan
2024-04-12 15:52 ` Tom Lendacky
2024-04-15 19:16 ` Tom Lendacky
2024-04-15 19:48 ` Kuppuswamy Sathyanarayanan
2024-04-15 20:13 ` Tom Lendacky
2024-04-15 21:50 ` Kuppuswamy Sathyanarayanan
2024-04-15 22:03 ` Tom Lendacky
2024-04-16 6:09 ` Dan Williams
2024-04-16 6:08 ` Dan Williams
2024-04-16 6:05 ` Dan Williams
2024-04-16 5:47 ` Dan Williams
2024-04-16 16:07 ` Tom Lendacky
2024-04-16 6:03 ` Dan Williams
2024-04-16 16:10 ` Tom Lendacky
2024-03-25 22:26 ` [PATCH v3 14/14] x86/sev: Allow non-VMPL0 execution when an SVSM is present Tom Lendacky
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d525f2ef-d8f0-a694-401f-8cb964dcdaed@amd.com \
--to=thomas.lendacky@amd.com \
--cc=ashish.kalra@amd.com \
--cc=bp@alien8.de \
--cc=dan.j.williams@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=linux-coco@lists.linux.dev \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=michael.roth@amd.com \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
--cc=svsm-devel@coconut-svsm.dev \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.