[v3,13/15] KVM: SEV: define VM types for SEV and SEV-ES

Message ID	20240226190344.787149-14-pbonzini@redhat.com (mailing list archive)
State	New, archived
Headers	show Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3FFE812FF67 for <kvm@vger.kernel.org>; Mon, 26 Feb 2024 19:03:53 +0000 (UTC) From: Paolo Bonzini <pbonzini@redhat.com> To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: seanjc@google.com, michael.roth@amd.com, aik@amd.com Subject: [PATCH v3 13/15] KVM: SEV: define VM types for SEV and SEV-ES Date: Mon, 26 Feb 2024 14:03:42 -0500 Message-Id: <20240226190344.787149-14-pbonzini@redhat.com> In-Reply-To: <20240226190344.787149-1-pbonzini@redhat.com> References: <20240226190344.787149-1-pbonzini@redhat.com> Precedence: bulk MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 8bit
Series	KVM: SEV: allow customizing VMSA features \| expand [v3,00/15] KVM: SEV: allow customizing VMSA features [v3,01/15] KVM: SEV: fix compat ABI for KVM_MEMORY_ENCRYPT_OP [v3,02/15] KVM: x86: use u64_to_user_addr() [v3,03/15] KVM: SVM: Invert handling of SEV and SEV_ES feature flags [v3,04/15] KVM: SVM: Compile sev.c if and only if CONFIG_KVM_AMD_SEV=y [v3,05/15] Documentation: kvm/sev: separate description of firmware [v3,06/15] KVM: introduce new vendor op for KVM_GET_DEVICE_ATTR [v3,07/15] KVM: SEV: publish supported VMSA features [v3,08/15] KVM: SEV: store VMSA features in kvm_sev_info [v3,09/15] KVM: SEV: disable DEBUG_SWAP by default [v3,10/15] KVM: x86: add fields to struct kvm_arch for CoCo features [v3,11/15] KVM: x86: Add supported_vm_types to kvm_caps [v3,12/15] KVM: SEV: introduce to_kvm_sev_info [v3,13/15] KVM: SEV: define VM types for SEV and SEV-ES [v3,14/15] KVM: SEV: introduce KVM_SEV_INIT2 operation [v3,15/15] selftests: kvm: add tests for KVM_SEV_INIT2

Message ID

20240226190344.787149-14-pbonzini@redhat.com (mailing list archive)

State

New, archived

Headers

From: Paolo Bonzini <pbonzini@redhat.com>
To: linux-kernel@vger.kernel.org,
	kvm@vger.kernel.org
Cc: seanjc@google.com,
	michael.roth@amd.com,
	aik@amd.com
Subject: [PATCH v3 13/15] KVM: SEV: define VM types for SEV and SEV-ES
Date: Mon, 26 Feb 2024 14:03:42 -0500
Message-Id: <20240226190344.787149-14-pbonzini@redhat.com>
In-Reply-To: <20240226190344.787149-1-pbonzini@redhat.com>
References: <20240226190344.787149-1-pbonzini@redhat.com>
Precedence: bulk
MIME-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 8bit

Series

KVM: SEV: allow customizing VMSA features | expand

Commit Message

Paolo Bonzini Feb. 26, 2024, 7:03 p.m. UTC

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
 Documentation/virt/kvm/api.rst  |  2 ++
 arch/x86/include/uapi/asm/kvm.h |  2 ++
 arch/x86/kvm/svm/sev.c          | 16 +++++++++++++---
 arch/x86/kvm/svm/svm.c          |  7 +++++++
 arch/x86/kvm/svm/svm.h          |  1 +
 arch/x86/kvm/x86.c              |  2 ++
 6 files changed, 27 insertions(+), 3 deletions(-)

Comments

Isaku Yamahata Feb. 28, 2024, 1 a.m. UTC | #1

On Mon, Feb 26, 2024 at 02:03:42PM -0500,
Paolo Bonzini <pbonzini@redhat.com> wrote:

> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> ---
>  Documentation/virt/kvm/api.rst  |  2 ++
>  arch/x86/include/uapi/asm/kvm.h |  2 ++
>  arch/x86/kvm/svm/sev.c          | 16 +++++++++++++---
>  arch/x86/kvm/svm/svm.c          |  7 +++++++
>  arch/x86/kvm/svm/svm.h          |  1 +
>  arch/x86/kvm/x86.c              |  2 ++
>  6 files changed, 27 insertions(+), 3 deletions(-)
> 
> diff --git a/Documentation/virt/kvm/api.rst b/Documentation/virt/kvm/api.rst
> index 0b5a33ee71ee..f0b76ff5030d 100644
> --- a/Documentation/virt/kvm/api.rst
> +++ b/Documentation/virt/kvm/api.rst
> @@ -8819,6 +8819,8 @@ means the VM type with value @n is supported.  Possible values of @n are::
>  
>    #define KVM_X86_DEFAULT_VM	0
>    #define KVM_X86_SW_PROTECTED_VM	1
> +  #define KVM_X86_SEV_VM	2
> +  #define KVM_X86_SEV_ES_VM	3
>  
>  Note, KVM_X86_SW_PROTECTED_VM is currently only for development and testing.
>  Do not use KVM_X86_SW_PROTECTED_VM for "real" VMs, and especially not in
> diff --git a/arch/x86/include/uapi/asm/kvm.h b/arch/x86/include/uapi/asm/kvm.h
> index d0c1b459f7e9..9d950b0b64c9 100644
> --- a/arch/x86/include/uapi/asm/kvm.h
> +++ b/arch/x86/include/uapi/asm/kvm.h
> @@ -857,5 +857,7 @@ struct kvm_hyperv_eventfd {
>  
>  #define KVM_X86_DEFAULT_VM	0
>  #define KVM_X86_SW_PROTECTED_VM	1
> +#define KVM_X86_SEV_VM		2
> +#define KVM_X86_SEV_ES_VM	3
>  
>  #endif /* _ASM_X86_KVM_H */
> diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
> index 2549a539a686..1248ccf433e8 100644
> --- a/arch/x86/kvm/svm/sev.c
> +++ b/arch/x86/kvm/svm/sev.c
> @@ -247,6 +247,9 @@ static int sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp)
>  	if (kvm->created_vcpus)
>  		return -EINVAL;
>  
> +	if (kvm->arch.vm_type != KVM_X86_DEFAULT_VM)
> +		return -EINVAL;
> +
>  	if (unlikely(sev->active))
>  		return -EINVAL;
>  
> @@ -264,6 +267,7 @@ static int sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp)
>  
>  	INIT_LIST_HEAD(&sev->regions_list);
>  	INIT_LIST_HEAD(&sev->mirror_vms);
> +	sev->need_init = false;
>  
>  	kvm_set_apicv_inhibit(kvm, APICV_INHIBIT_REASON_SEV);
>  
> @@ -1799,7 +1803,8 @@ int sev_vm_move_enc_context_from(struct kvm *kvm, unsigned int source_fd)
>  	if (ret)
>  		goto out_fput;
>  
> -	if (sev_guest(kvm) || !sev_guest(source_kvm)) {
> +	if (kvm->arch.vm_type != source_kvm->arch.vm_type ||
> +	    sev_guest(kvm) || !sev_guest(source_kvm)) {
>  		ret = -EINVAL;
>  		goto out_unlock;
>  	}
> @@ -2118,6 +2123,7 @@ int sev_vm_copy_enc_context_from(struct kvm *kvm, unsigned int source_fd)
>  	mirror_sev->asid = source_sev->asid;
>  	mirror_sev->fd = source_sev->fd;
>  	mirror_sev->es_active = source_sev->es_active;
> +	mirror_sev->need_init = false;
>  	mirror_sev->handle = source_sev->handle;
>  	INIT_LIST_HEAD(&mirror_sev->regions_list);
>  	INIT_LIST_HEAD(&mirror_sev->mirror_vms);
> @@ -2183,10 +2189,14 @@ void sev_vm_destroy(struct kvm *kvm)
>  
>  void __init sev_set_cpu_caps(void)
>  {
> -	if (sev_enabled)
> +	if (sev_enabled) {
>  		kvm_cpu_cap_set(X86_FEATURE_SEV);
> -	if (sev_es_enabled)
> +		kvm_caps.supported_vm_types |= BIT(KVM_X86_SEV_VM);
> +	}
> +	if (sev_es_enabled) {
>  		kvm_cpu_cap_set(X86_FEATURE_SEV_ES);
> +		kvm_caps.supported_vm_types |= BIT(KVM_X86_SEV_ES_VM);
> +	}
>  }
>  
>  void __init sev_hardware_setup(void)
> diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
> index 1cf9e5f1fd02..f4a750426b24 100644
> --- a/arch/x86/kvm/svm/svm.c
> +++ b/arch/x86/kvm/svm/svm.c
> @@ -4089,6 +4089,9 @@ static void svm_cancel_injection(struct kvm_vcpu *vcpu)
>  
>  static int svm_vcpu_pre_run(struct kvm_vcpu *vcpu)
>  {
> +	if (to_kvm_sev_info(vcpu->kvm)->need_init)
> +		return -EINVAL;
> +
>  	return 1;
>  }
>  
> @@ -4890,6 +4893,10 @@ static void svm_vm_destroy(struct kvm *kvm)
>  
>  static int svm_vm_init(struct kvm *kvm)
>  {
> +	if (kvm->arch.vm_type != KVM_X86_DEFAULT_VM &&
> +	    kvm->arch.vm_type != KVM_X86_SW_PROTECTED_VM)
> +		to_kvm_sev_info(kvm)->need_init = true;
> +
>  	if (!pause_filter_count || !pause_filter_thresh)
>  		kvm->arch.pause_in_guest = true;
>  
> diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h
> index ebf2160bf0c6..7a921acc534f 100644
> --- a/arch/x86/kvm/svm/svm.h
> +++ b/arch/x86/kvm/svm/svm.h
> @@ -79,6 +79,7 @@ enum {
>  struct kvm_sev_info {
>  	bool active;		/* SEV enabled guest */
>  	bool es_active;		/* SEV-ES enabled guest */
> +	bool need_init;		/* waiting for SEV_INIT2 */
>  	unsigned int asid;	/* ASID used for this guest */
>  	unsigned int handle;	/* SEV firmware handle */
>  	int fd;			/* SEV device fd */
> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> index 3b87e65904ae..b9dfe3179332 100644
> --- a/arch/x86/kvm/x86.c
> +++ b/arch/x86/kvm/x86.c
> @@ -12576,6 +12576,8 @@ int kvm_arch_init_vm(struct kvm *kvm, unsigned long type)
>  	kvm->arch.vm_type = type;
>  	kvm->arch.has_private_mem =
>  		(type == KVM_X86_SW_PROTECTED_VM);
> +	kvm->arch.has_protected_state =
> +		(type == KVM_X86_SEV_ES_VM);

Can we push it down into init_vm() op? I hesitate to add TDX check here.
kvm_page_track_init() and kvm_mmu_init_vm() wouldn't depend on it.


diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index f4a750426b24..a083873b9057 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -4893,6 +4893,9 @@ static void svm_vm_destroy(struct kvm *kvm)
 
 static int svm_vm_init(struct kvm *kvm)
 {
+       if (kvm->arch.vm_type == KVM_X86_SEV_ES_VM)
+               kvm->arch.has_protected_state = true;
+
        if (kvm->arch.vm_type != KVM_X86_DEFAULT_VM &&
            kvm->arch.vm_type != KVM_X86_SW_PROTECTED_VM)
                to_kvm_sev_info(kvm)->need_init = true;
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index b9dfe3179332..3b87e65904ae 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -12576,8 +12576,6 @@ int kvm_arch_init_vm(struct kvm *kvm, unsigned long type)
        kvm->arch.vm_type = type;
        kvm->arch.has_private_mem =
                (type == KVM_X86_SW_PROTECTED_VM);
-       kvm->arch.has_protected_state =
-               (type == KVM_X86_SEV_ES_VM);
 
        ret = kvm_page_track_init(kvm);
        if (ret)

Xu Yilun March 4, 2024, 3:32 p.m. UTC | #2

On Mon, Feb 26, 2024 at 02:03:42PM -0500, Paolo Bonzini wrote:
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> ---
>  Documentation/virt/kvm/api.rst  |  2 ++
>  arch/x86/include/uapi/asm/kvm.h |  2 ++
>  arch/x86/kvm/svm/sev.c          | 16 +++++++++++++---
>  arch/x86/kvm/svm/svm.c          |  7 +++++++
>  arch/x86/kvm/svm/svm.h          |  1 +
>  arch/x86/kvm/x86.c              |  2 ++
>  6 files changed, 27 insertions(+), 3 deletions(-)
> 
> diff --git a/Documentation/virt/kvm/api.rst b/Documentation/virt/kvm/api.rst
> index 0b5a33ee71ee..f0b76ff5030d 100644
> --- a/Documentation/virt/kvm/api.rst
> +++ b/Documentation/virt/kvm/api.rst
> @@ -8819,6 +8819,8 @@ means the VM type with value @n is supported.  Possible values of @n are::
>  
>    #define KVM_X86_DEFAULT_VM	0
>    #define KVM_X86_SW_PROTECTED_VM	1
> +  #define KVM_X86_SEV_VM	2
> +  #define KVM_X86_SEV_ES_VM	3
>  
>  Note, KVM_X86_SW_PROTECTED_VM is currently only for development and testing.
>  Do not use KVM_X86_SW_PROTECTED_VM for "real" VMs, and especially not in
> diff --git a/arch/x86/include/uapi/asm/kvm.h b/arch/x86/include/uapi/asm/kvm.h
> index d0c1b459f7e9..9d950b0b64c9 100644
> --- a/arch/x86/include/uapi/asm/kvm.h
> +++ b/arch/x86/include/uapi/asm/kvm.h
> @@ -857,5 +857,7 @@ struct kvm_hyperv_eventfd {
>  
>  #define KVM_X86_DEFAULT_VM	0
>  #define KVM_X86_SW_PROTECTED_VM	1
> +#define KVM_X86_SEV_VM		2
> +#define KVM_X86_SEV_ES_VM	3
>  
>  #endif /* _ASM_X86_KVM_H */
> diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
> index 2549a539a686..1248ccf433e8 100644
> --- a/arch/x86/kvm/svm/sev.c
> +++ b/arch/x86/kvm/svm/sev.c
> @@ -247,6 +247,9 @@ static int sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp)
>  	if (kvm->created_vcpus)
>  		return -EINVAL;
>  
> +	if (kvm->arch.vm_type != KVM_X86_DEFAULT_VM)
                                 ^

IIUC it should be KVM_X86_SEV_VM?

> +		return -EINVAL;
> +
>  	if (unlikely(sev->active))
>  		return -EINVAL;
>  
> @@ -264,6 +267,7 @@ static int sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp)
>  
>  	INIT_LIST_HEAD(&sev->regions_list);
>  	INIT_LIST_HEAD(&sev->mirror_vms);
> +	sev->need_init = false;
>  
>  	kvm_set_apicv_inhibit(kvm, APICV_INHIBIT_REASON_SEV);
>  
> @@ -1799,7 +1803,8 @@ int sev_vm_move_enc_context_from(struct kvm *kvm, unsigned int source_fd)
>  	if (ret)
>  		goto out_fput;
>  
> -	if (sev_guest(kvm) || !sev_guest(source_kvm)) {
> +	if (kvm->arch.vm_type != source_kvm->arch.vm_type ||
> +	    sev_guest(kvm) || !sev_guest(source_kvm)) {
>  		ret = -EINVAL;
>  		goto out_unlock;
>  	}
> @@ -2118,6 +2123,7 @@ int sev_vm_copy_enc_context_from(struct kvm *kvm, unsigned int source_fd)
>  	mirror_sev->asid = source_sev->asid;
>  	mirror_sev->fd = source_sev->fd;
>  	mirror_sev->es_active = source_sev->es_active;
> +	mirror_sev->need_init = false;
>  	mirror_sev->handle = source_sev->handle;
>  	INIT_LIST_HEAD(&mirror_sev->regions_list);
>  	INIT_LIST_HEAD(&mirror_sev->mirror_vms);
> @@ -2183,10 +2189,14 @@ void sev_vm_destroy(struct kvm *kvm)
>  
>  void __init sev_set_cpu_caps(void)
>  {
> -	if (sev_enabled)
> +	if (sev_enabled) {
>  		kvm_cpu_cap_set(X86_FEATURE_SEV);
> -	if (sev_es_enabled)
> +		kvm_caps.supported_vm_types |= BIT(KVM_X86_SEV_VM);
> +	}
> +	if (sev_es_enabled) {
>  		kvm_cpu_cap_set(X86_FEATURE_SEV_ES);
> +		kvm_caps.supported_vm_types |= BIT(KVM_X86_SEV_ES_VM);
> +	}
>  }
>  
>  void __init sev_hardware_setup(void)
> diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
> index 1cf9e5f1fd02..f4a750426b24 100644
> --- a/arch/x86/kvm/svm/svm.c
> +++ b/arch/x86/kvm/svm/svm.c
> @@ -4089,6 +4089,9 @@ static void svm_cancel_injection(struct kvm_vcpu *vcpu)
>  
>  static int svm_vcpu_pre_run(struct kvm_vcpu *vcpu)
>  {
> +	if (to_kvm_sev_info(vcpu->kvm)->need_init)
> +		return -EINVAL;
> +
>  	return 1;
>  }
>  
> @@ -4890,6 +4893,10 @@ static void svm_vm_destroy(struct kvm *kvm)
>  
>  static int svm_vm_init(struct kvm *kvm)
>  {
> +	if (kvm->arch.vm_type != KVM_X86_DEFAULT_VM &&
> +	    kvm->arch.vm_type != KVM_X86_SW_PROTECTED_VM)
> +		to_kvm_sev_info(kvm)->need_init = true;
> +
>  	if (!pause_filter_count || !pause_filter_thresh)
>  		kvm->arch.pause_in_guest = true;
>  
> diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h
> index ebf2160bf0c6..7a921acc534f 100644
> --- a/arch/x86/kvm/svm/svm.h
> +++ b/arch/x86/kvm/svm/svm.h
> @@ -79,6 +79,7 @@ enum {
>  struct kvm_sev_info {
>  	bool active;		/* SEV enabled guest */
>  	bool es_active;		/* SEV-ES enabled guest */
> +	bool need_init;		/* waiting for SEV_INIT2 */
>  	unsigned int asid;	/* ASID used for this guest */
>  	unsigned int handle;	/* SEV firmware handle */
>  	int fd;			/* SEV device fd */
> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> index 3b87e65904ae..b9dfe3179332 100644
> --- a/arch/x86/kvm/x86.c
> +++ b/arch/x86/kvm/x86.c
> @@ -12576,6 +12576,8 @@ int kvm_arch_init_vm(struct kvm *kvm, unsigned long type)
>  	kvm->arch.vm_type = type;
>  	kvm->arch.has_private_mem =
>  		(type == KVM_X86_SW_PROTECTED_VM);
> +	kvm->arch.has_protected_state =
> +		(type == KVM_X86_SEV_ES_VM);
>  
>  	ret = kvm_page_track_init(kvm);
>  	if (ret)
> -- 
> 2.39.1
> 
> 
>

Sean Christopherson March 4, 2024, 4:37 p.m. UTC | #3

On Mon, Mar 04, 2024, Xu Yilun wrote:
> On Mon, Feb 26, 2024 at 02:03:42PM -0500, Paolo Bonzini wrote:
> > Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> > ---
> > diff --git a/arch/x86/include/uapi/asm/kvm.h b/arch/x86/include/uapi/asm/kvm.h
> > index d0c1b459f7e9..9d950b0b64c9 100644
> > --- a/arch/x86/include/uapi/asm/kvm.h
> > +++ b/arch/x86/include/uapi/asm/kvm.h
> > @@ -857,5 +857,7 @@ struct kvm_hyperv_eventfd {
> >  
> >  #define KVM_X86_DEFAULT_VM	0
> >  #define KVM_X86_SW_PROTECTED_VM	1
> > +#define KVM_X86_SEV_VM		2
> > +#define KVM_X86_SEV_ES_VM	3
> >  
> >  #endif /* _ASM_X86_KVM_H */
> > diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
> > index 2549a539a686..1248ccf433e8 100644
> > --- a/arch/x86/kvm/svm/sev.c
> > +++ b/arch/x86/kvm/svm/sev.c
> > @@ -247,6 +247,9 @@ static int sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp)
> >  	if (kvm->created_vcpus)
> >  		return -EINVAL;
> >  
> > +	if (kvm->arch.vm_type != KVM_X86_DEFAULT_VM)
> 
> IIUC it should be KVM_X86_SEV_VM?

No, this is for the KVM_SEV_INIT version 1, which is restricted to "default" VMs.
The idea is that KVM_X86_SEV_VM and KVM_X86_SEV_ES_VM guests must be initialized
via KVM_SEV_INIT2.

Paolo Bonzini March 5, 2024, 1:34 p.m. UTC | #4

On 3/4/24 16:32, Xu Yilun wrote:
>> @@ -247,6 +247,9 @@ static int sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp)
>>   	if (kvm->created_vcpus)
>>   		return -EINVAL;
>>   
>> +	if (kvm->arch.vm_type != KVM_X86_DEFAULT_VM)
>                                   ^
> 
> IIUC it should be KVM_X86_SEV_VM?

No, this is the legacy ioctl that only works with default-type VMs.

Paolo

diff --git a/Documentation/virt/kvm/api.rst b/Documentation/virt/kvm/api.rst
index 0b5a33ee71ee..f0b76ff5030d 100644
--- a/Documentation/virt/kvm/api.rst
+++ b/Documentation/virt/kvm/api.rst
@@ -8819,6 +8819,8 @@  means the VM type with value @n is supported.  Possible values of @n are::
 
   #define KVM_X86_DEFAULT_VM	0
   #define KVM_X86_SW_PROTECTED_VM	1
+  #define KVM_X86_SEV_VM	2
+  #define KVM_X86_SEV_ES_VM	3
 
 Note, KVM_X86_SW_PROTECTED_VM is currently only for development and testing.
 Do not use KVM_X86_SW_PROTECTED_VM for "real" VMs, and especially not in
diff --git a/arch/x86/include/uapi/asm/kvm.h b/arch/x86/include/uapi/asm/kvm.h
index d0c1b459f7e9..9d950b0b64c9 100644
--- a/arch/x86/include/uapi/asm/kvm.h
+++ b/arch/x86/include/uapi/asm/kvm.h
@@ -857,5 +857,7 @@  struct kvm_hyperv_eventfd {
 
 #define KVM_X86_DEFAULT_VM	0
 #define KVM_X86_SW_PROTECTED_VM	1
+#define KVM_X86_SEV_VM		2
+#define KVM_X86_SEV_ES_VM	3
 
 #endif /* _ASM_X86_KVM_H */
diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index 2549a539a686..1248ccf433e8 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -247,6 +247,9 @@  static int sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp)
 	if (kvm->created_vcpus)
 		return -EINVAL;
 
+	if (kvm->arch.vm_type != KVM_X86_DEFAULT_VM)
+		return -EINVAL;
+
 	if (unlikely(sev->active))
 		return -EINVAL;
 
@@ -264,6 +267,7 @@  static int sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp)
 
 	INIT_LIST_HEAD(&sev->regions_list);
 	INIT_LIST_HEAD(&sev->mirror_vms);
+	sev->need_init = false;
 
 	kvm_set_apicv_inhibit(kvm, APICV_INHIBIT_REASON_SEV);
 
@@ -1799,7 +1803,8 @@  int sev_vm_move_enc_context_from(struct kvm *kvm, unsigned int source_fd)
 	if (ret)
 		goto out_fput;
 
-	if (sev_guest(kvm) || !sev_guest(source_kvm)) {
+	if (kvm->arch.vm_type != source_kvm->arch.vm_type ||
+	    sev_guest(kvm) || !sev_guest(source_kvm)) {
 		ret = -EINVAL;
 		goto out_unlock;
 	}
@@ -2118,6 +2123,7 @@  int sev_vm_copy_enc_context_from(struct kvm *kvm, unsigned int source_fd)
 	mirror_sev->asid = source_sev->asid;
 	mirror_sev->fd = source_sev->fd;
 	mirror_sev->es_active = source_sev->es_active;
+	mirror_sev->need_init = false;
 	mirror_sev->handle = source_sev->handle;
 	INIT_LIST_HEAD(&mirror_sev->regions_list);
 	INIT_LIST_HEAD(&mirror_sev->mirror_vms);
@@ -2183,10 +2189,14 @@  void sev_vm_destroy(struct kvm *kvm)
 
 void __init sev_set_cpu_caps(void)
 {
-	if (sev_enabled)
+	if (sev_enabled) {
 		kvm_cpu_cap_set(X86_FEATURE_SEV);
-	if (sev_es_enabled)
+		kvm_caps.supported_vm_types |= BIT(KVM_X86_SEV_VM);
+	}
+	if (sev_es_enabled) {
 		kvm_cpu_cap_set(X86_FEATURE_SEV_ES);
+		kvm_caps.supported_vm_types |= BIT(KVM_X86_SEV_ES_VM);
+	}
 }
 
 void __init sev_hardware_setup(void)
diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index 1cf9e5f1fd02..f4a750426b24 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -4089,6 +4089,9 @@  static void svm_cancel_injection(struct kvm_vcpu *vcpu)
 
 static int svm_vcpu_pre_run(struct kvm_vcpu *vcpu)
 {
+	if (to_kvm_sev_info(vcpu->kvm)->need_init)
+		return -EINVAL;
+
 	return 1;
 }
 
@@ -4890,6 +4893,10 @@  static void svm_vm_destroy(struct kvm *kvm)
 
 static int svm_vm_init(struct kvm *kvm)
 {
+	if (kvm->arch.vm_type != KVM_X86_DEFAULT_VM &&
+	    kvm->arch.vm_type != KVM_X86_SW_PROTECTED_VM)
+		to_kvm_sev_info(kvm)->need_init = true;
+
 	if (!pause_filter_count || !pause_filter_thresh)
 		kvm->arch.pause_in_guest = true;
 
diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h
index ebf2160bf0c6..7a921acc534f 100644
--- a/arch/x86/kvm/svm/svm.h
+++ b/arch/x86/kvm/svm/svm.h
@@ -79,6 +79,7 @@  enum {
 struct kvm_sev_info {
 	bool active;		/* SEV enabled guest */
 	bool es_active;		/* SEV-ES enabled guest */
+	bool need_init;		/* waiting for SEV_INIT2 */
 	unsigned int asid;	/* ASID used for this guest */
 	unsigned int handle;	/* SEV firmware handle */
 	int fd;			/* SEV device fd */
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 3b87e65904ae..b9dfe3179332 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -12576,6 +12576,8 @@  int kvm_arch_init_vm(struct kvm *kvm, unsigned long type)
 	kvm->arch.vm_type = type;
 	kvm->arch.has_private_mem =
 		(type == KVM_X86_SW_PROTECTED_VM);
+	kvm->arch.has_protected_state =
+		(type == KVM_X86_SEV_ES_VM);
 
 	ret = kvm_page_track_init(kvm);
 	if (ret)

[v3,13/15] KVM: SEV: define VM types for SEV and SEV-ES

Commit Message

Comments

Patch