| Message ID | 20210324164424.28124-6-brijesh.singh@amd.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | Add AMD Secure Nested Paging (SEV-SNP) Guest Support | expand |
On Wed, Mar 24, 2021 at 11:44:16AM -0500, Brijesh Singh wrote: > The sev_es_terminate() and sev_es_{wr,rd}_ghcb_msr() helper functions > in a common file so that it can be used by both the SEV-ES and SEV-SNP. > > Cc: Thomas Gleixner <tglx@linutronix.de> > Cc: Ingo Molnar <mingo@redhat.com> > Cc: Borislav Petkov <bp@alien8.de> > Cc: Joerg Roedel <jroedel@suse.de> > Cc: "H. Peter Anvin" <hpa@zytor.com> > Cc: Tony Luck <tony.luck@intel.com> > Cc: Dave Hansen <dave.hansen@intel.com> > Cc: "Peter Zijlstra (Intel)" <peterz@infradead.org> > Cc: Paolo Bonzini <pbonzini@redhat.com> > Cc: Tom Lendacky <thomas.lendacky@amd.com> > Cc: David Rientjes <rientjes@google.com> > Cc: Sean Christopherson <seanjc@google.com> > Cc: x86@kernel.org > Cc: kvm@vger.kernel.org > Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> > --- > arch/x86/boot/compressed/sev-common.c | 32 +++++++++++++++++++++++++++ > arch/x86/boot/compressed/sev-es.c | 22 ++---------------- > arch/x86/kernel/sev-common-shared.c | 31 ++++++++++++++++++++++++++ > arch/x86/kernel/sev-es-shared.c | 21 +++--------------- > 4 files changed, 68 insertions(+), 38 deletions(-) > create mode 100644 arch/x86/boot/compressed/sev-common.c > create mode 100644 arch/x86/kernel/sev-common-shared.c Yeah, once you merge it all into sev.c and sev-shared.c, that patch is not needed anymore. Thx.
On 4/2/21 2:27 PM, Borislav Petkov wrote: > On Wed, Mar 24, 2021 at 11:44:16AM -0500, Brijesh Singh wrote: >> The sev_es_terminate() and sev_es_{wr,rd}_ghcb_msr() helper functions >> in a common file so that it can be used by both the SEV-ES and SEV-SNP. >> >> Cc: Thomas Gleixner <tglx@linutronix.de> >> Cc: Ingo Molnar <mingo@redhat.com> >> Cc: Borislav Petkov <bp@alien8.de> >> Cc: Joerg Roedel <jroedel@suse.de> >> Cc: "H. Peter Anvin" <hpa@zytor.com> >> Cc: Tony Luck <tony.luck@intel.com> >> Cc: Dave Hansen <dave.hansen@intel.com> >> Cc: "Peter Zijlstra (Intel)" <peterz@infradead.org> >> Cc: Paolo Bonzini <pbonzini@redhat.com> >> Cc: Tom Lendacky <thomas.lendacky@amd.com> >> Cc: David Rientjes <rientjes@google.com> >> Cc: Sean Christopherson <seanjc@google.com> >> Cc: x86@kernel.org >> Cc: kvm@vger.kernel.org >> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> >> --- >> arch/x86/boot/compressed/sev-common.c | 32 +++++++++++++++++++++++++++ >> arch/x86/boot/compressed/sev-es.c | 22 ++---------------- >> arch/x86/kernel/sev-common-shared.c | 31 ++++++++++++++++++++++++++ >> arch/x86/kernel/sev-es-shared.c | 21 +++--------------- >> 4 files changed, 68 insertions(+), 38 deletions(-) >> create mode 100644 arch/x86/boot/compressed/sev-common.c >> create mode 100644 arch/x86/kernel/sev-common-shared.c > Yeah, once you merge it all into sev.c and sev-shared.c, that patch is > not needed anymore. Agreed. Renaming the sev-es.{c,h} -> sev.{c,h} will certainly help. Additionally, I noticed that GHCB MSR helper macro's are duplicated between the arch/x86/include/asm/sev-es.h and arch/x86/kvm/svm/svm.h. I am creating a new file (arch/x86/include/asm/sev-common.h) that will consolidate all the helper macro common between the guest and the hypervisor. > > Thx. >
diff --git a/arch/x86/boot/compressed/sev-common.c b/arch/x86/boot/compressed/sev-common.c new file mode 100644 index 000000000000..d81ff7a3a67d --- /dev/null +++ b/arch/x86/boot/compressed/sev-common.c @@ -0,0 +1,32 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * AMD Encrypted Register State Support + * + * Author: Brijesh Singh <brijesh.singh@amd.com> + * + * Copyright (C) 2021 Advanced Micro Devices, Inc. + * + * This file is not compiled stand-alone. It is includes directly in the + * sev-es.c and sev-snp.c. + */ + +static inline u64 sev_es_rd_ghcb_msr(void) +{ + unsigned long low, high; + + asm volatile("rdmsr" : "=a" (low), "=d" (high) : + "c" (MSR_AMD64_SEV_ES_GHCB)); + + return ((high << 32) | low); +} + +static inline void sev_es_wr_ghcb_msr(u64 val) +{ + u32 low, high; + + low = val & 0xffffffffUL; + high = val >> 32; + + asm volatile("wrmsr" : : "c" (MSR_AMD64_SEV_ES_GHCB), + "a"(low), "d" (high) : "memory"); +} diff --git a/arch/x86/boot/compressed/sev-es.c b/arch/x86/boot/compressed/sev-es.c index 27826c265aab..58b15b7c1aa7 100644 --- a/arch/x86/boot/compressed/sev-es.c +++ b/arch/x86/boot/compressed/sev-es.c @@ -54,26 +54,8 @@ static unsigned long insn_get_seg_base(struct pt_regs *regs, int seg_reg_idx) return 0UL; } -static inline u64 sev_es_rd_ghcb_msr(void) -{ - unsigned long low, high; - - asm volatile("rdmsr" : "=a" (low), "=d" (high) : - "c" (MSR_AMD64_SEV_ES_GHCB)); - - return ((high << 32) | low); -} - -static inline void sev_es_wr_ghcb_msr(u64 val) -{ - u32 low, high; - - low = val & 0xffffffffUL; - high = val >> 32; - - asm volatile("wrmsr" : : "c" (MSR_AMD64_SEV_ES_GHCB), - "a"(low), "d" (high) : "memory"); -} +/* Provides sev_es_{wr,rd}_ghcb_msr() */ +#include "sev-common.c" static enum es_result vc_decode_insn(struct es_em_ctxt *ctxt) { diff --git a/arch/x86/kernel/sev-common-shared.c b/arch/x86/kernel/sev-common-shared.c new file mode 100644 index 000000000000..6229566add6f --- /dev/null +++ b/arch/x86/kernel/sev-common-shared.c @@ -0,0 +1,31 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * AMD Encrypted Register State Support + * + * Author: Brijesh Singh <brijesh.singh@amd.com> + * + * Copyright (C) 2021 Advanced Micro Devices, Inc. + * + * This file is not compiled stand-alone. It contains code shared + * between the pre-decompression boot code and the running Linux kernel + * and is included directly into both code-bases. + */ + +static void sev_es_terminate(unsigned int reason) +{ + u64 val = GHCB_SEV_TERMINATE; + + /* + * Tell the hypervisor what went wrong - only reason-set 0 is + * currently supported. + */ + val |= GHCB_SEV_TERMINATE_REASON(0, reason); + + /* Request Guest Termination from Hypvervisor */ + sev_es_wr_ghcb_msr(val); + VMGEXIT(); + + while (true) + asm volatile("hlt\n" : : : "memory"); +} + diff --git a/arch/x86/kernel/sev-es-shared.c b/arch/x86/kernel/sev-es-shared.c index cdc04d091242..669e15678387 100644 --- a/arch/x86/kernel/sev-es-shared.c +++ b/arch/x86/kernel/sev-es-shared.c @@ -14,6 +14,9 @@ #define has_cpuflag(f) boot_cpu_has(f) #endif +/* Provides sev_es_terminate() */ +#include "sev-common-shared.c" + static bool __init sev_es_check_cpu_features(void) { if (!has_cpuflag(X86_FEATURE_RDRAND)) { @@ -24,24 +27,6 @@ static bool __init sev_es_check_cpu_features(void) return true; } -static void sev_es_terminate(unsigned int reason) -{ - u64 val = GHCB_SEV_TERMINATE; - - /* - * Tell the hypervisor what went wrong - only reason-set 0 is - * currently supported. - */ - val |= GHCB_SEV_TERMINATE_REASON(0, reason); - - /* Request Guest Termination from Hypvervisor */ - sev_es_wr_ghcb_msr(val); - VMGEXIT(); - - while (true) - asm volatile("hlt\n" : : : "memory"); -} - static bool sev_es_negotiate_protocol(void) { u64 val;
The sev_es_terminate() and sev_es_{wr,rd}_ghcb_msr() helper functions in a common file so that it can be used by both the SEV-ES and SEV-SNP. Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Ingo Molnar <mingo@redhat.com> Cc: Borislav Petkov <bp@alien8.de> Cc: Joerg Roedel <jroedel@suse.de> Cc: "H. Peter Anvin" <hpa@zytor.com> Cc: Tony Luck <tony.luck@intel.com> Cc: Dave Hansen <dave.hansen@intel.com> Cc: "Peter Zijlstra (Intel)" <peterz@infradead.org> Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: David Rientjes <rientjes@google.com> Cc: Sean Christopherson <seanjc@google.com> Cc: x86@kernel.org Cc: kvm@vger.kernel.org Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> --- arch/x86/boot/compressed/sev-common.c | 32 +++++++++++++++++++++++++++ arch/x86/boot/compressed/sev-es.c | 22 ++---------------- arch/x86/kernel/sev-common-shared.c | 31 ++++++++++++++++++++++++++ arch/x86/kernel/sev-es-shared.c | 21 +++--------------- 4 files changed, 68 insertions(+), 38 deletions(-) create mode 100644 arch/x86/boot/compressed/sev-common.c create mode 100644 arch/x86/kernel/sev-common-shared.c