| Message ID | 20240731150811.156771-1-nikunj@amd.com (mailing list archive) |
|---|---|
| Headers | show |
| Series | Add Secure TSC support for SNP guests | expand |
On 7/31/2024 8:37 PM, Nikunj A Dadhania wrote: > This patchset is also available at: > > https://github.com/AMDESE/linux-kvm/tree/sectsc-guest-latest > > and is based on v6.11-rc1 > > Overview > -------- > > Secure TSC allows guests to securely use RDTSC/RDTSCP instructions as the > parameters being used cannot be changed by hypervisor once the guest is > launched. More details in the AMD64 APM Vol 2, Section "Secure TSC". > > In order to enable secure TSC, SEV-SNP guests need to send TSC_INFO guest > message before the APs are booted. Details from the TSC_INFO response will > then be used to program the VMSA before the APs are brought up. See "SEV > Secure Nested Paging Firmware ABI Specification" document (currently at > https://www.amd.com/system/files/TechDocs/56860.pdf) section "TSC Info" > > SEV-guest driver has the implementation for guest and AMD Security > Processor communication. As the TSC_INFO needs to be initialized during > early boot before APs are started, move the guest messaging code from > sev-guest driver to sev/core.c and provide well defined APIs to the > sev-guest driver. > > Patches: > 01-04: sev-guest driver cleanup and enhancements > 05: Use AES GCM library > 06-07: SNP init error handling and cache secrets page address > 08-10: Preparatory patches for code movement > 11-12: Patches moving SNP guest messaging code from SEV guest driver to > SEV common code > 13-20: SecureTSC enablement patches. > > Testing SecureTSC > ----------------- > > SecureTSC hypervisor patches based on top of SEV-SNP Guest MEMFD series: > https://github.com/AMDESE/linux-kvm/tree/sectsc-host-latest > > QEMU changes: > https://github.com/nikunjad/qemu/tree/snp-securetsc-latest > > QEMU commandline SEV-SNP with SecureTSC: > > qemu-system-x86_64 -cpu EPYC-Milan-v2 -smp 4 \ > -object memory-backend-memfd,id=ram1,size=1G,share=true,prealloc=false,reserve=false \ > -object sev-snp-guest,id=sev0,cbitpos=51,reduced-phys-bits=1,secure-tsc=on \ > -machine q35,confidential-guest-support=sev0,memory-backend=ram1 \ > ... > > Changelog: > ---------- > v11: > * Rebased on top of v6.11-rc1 > * Added Acked-by/Reviewed-by > * Moved SEV Guest driver cleanups in the beginning of the series > * Commit message updates > * Enforced PAGE_SIZE constraints for snp_guest_msg > * After offline discussion with Boris, redesigned and exported > SEV guest messaging APIs to sev-guest driver > * Dropped VMPCK rework patches > * Make sure movement of SEV core routines does not break the SEV Guest > driver midway of the series. > A gentle reminder. Regards Nikunj
This patchset is also available at: https://github.com/AMDESE/linux-kvm/tree/sectsc-guest-latest and is based on v6.11-rc1 Overview -------- Secure TSC allows guests to securely use RDTSC/RDTSCP instructions as the parameters being used cannot be changed by hypervisor once the guest is launched. More details in the AMD64 APM Vol 2, Section "Secure TSC". In order to enable secure TSC, SEV-SNP guests need to send TSC_INFO guest message before the APs are booted. Details from the TSC_INFO response will then be used to program the VMSA before the APs are brought up. See "SEV Secure Nested Paging Firmware ABI Specification" document (currently at https://www.amd.com/system/files/TechDocs/56860.pdf) section "TSC Info" SEV-guest driver has the implementation for guest and AMD Security Processor communication. As the TSC_INFO needs to be initialized during early boot before APs are started, move the guest messaging code from sev-guest driver to sev/core.c and provide well defined APIs to the sev-guest driver. Patches: 01-04: sev-guest driver cleanup and enhancements 05: Use AES GCM library 06-07: SNP init error handling and cache secrets page address 08-10: Preparatory patches for code movement 11-12: Patches moving SNP guest messaging code from SEV guest driver to SEV common code 13-20: SecureTSC enablement patches. Testing SecureTSC ----------------- SecureTSC hypervisor patches based on top of SEV-SNP Guest MEMFD series: https://github.com/AMDESE/linux-kvm/tree/sectsc-host-latest QEMU changes: https://github.com/nikunjad/qemu/tree/snp-securetsc-latest QEMU commandline SEV-SNP with SecureTSC: qemu-system-x86_64 -cpu EPYC-Milan-v2 -smp 4 \ -object memory-backend-memfd,id=ram1,size=1G,share=true,prealloc=false,reserve=false \ -object sev-snp-guest,id=sev0,cbitpos=51,reduced-phys-bits=1,secure-tsc=on \ -machine q35,confidential-guest-support=sev0,memory-backend=ram1 \ ... Changelog: ---------- v11: * Rebased on top of v6.11-rc1 * Added Acked-by/Reviewed-by * Moved SEV Guest driver cleanups in the beginning of the series * Commit message updates * Enforced PAGE_SIZE constraints for snp_guest_msg * After offline discussion with Boris, redesigned and exported SEV guest messaging APIs to sev-guest driver * Dropped VMPCK rework patches * Make sure movement of SEV core routines does not break the SEV Guest driver midway of the series. v10: https://lore.kernel.org/lkml/20240621123903.2411843-1-nikunj@amd.com/ * Rebased on top of tip/x86/sev * Added Reviewed-by from Tom * Commit message updates * Change the condition for better readability in get_vmpck() * Make vmpck_id as u32 again and use VMPCK_MAX_NUM as the default value Nikunj A Dadhania (20): virt: sev-guest: Replace dev_dbg with pr_debug virt: sev-guest: Rename local guest message variables virt: sev-guest: Fix user-visible strings virt: sev-guest: Ensure the SNP guest messages do not exceed a page virt: sev-guest: Use AES GCM crypto library x86/sev: Handle failures from snp_init() x86/sev: Cache the secrets page address virt: sev-guest: Consolidate SNP guest messaging parameters to a struct virt: sev-guest: Reduce the scope of SNP command mutex virt: sev-guest: Carve out SNP message context structure x86/sev: Carve out and export SNP guest messaging init routines x86/sev: Relocate SNP guest messaging routines to common code x86/cc: Add CC_ATTR_GUEST_SECURE_TSC x86/sev: Add Secure TSC support for SNP guests x86/sev: Change TSC MSR behavior for Secure TSC enabled guests x86/sev: Prevent RDTSC/RDTSCP interception for Secure TSC enabled guests x86/sev: Allow Secure TSC feature for SNP guests x86/sev: Mark Secure TSC as reliable clocksource x86/kvmclock: Skip kvmclock when Secure TSC is available x86/cpu/amd: Do not print FW_BUG for Secure TSC arch/x86/include/asm/sev-common.h | 1 + arch/x86/include/asm/sev.h | 166 +++++- arch/x86/include/asm/svm.h | 6 +- include/linux/cc_platform.h | 8 + arch/x86/boot/compressed/sev.c | 3 +- arch/x86/coco/core.c | 3 + arch/x86/coco/sev/core.c | 590 ++++++++++++++++++-- arch/x86/coco/sev/shared.c | 10 + arch/x86/kernel/cpu/amd.c | 3 +- arch/x86/kernel/kvmclock.c | 2 +- arch/x86/mm/mem_encrypt.c | 4 + arch/x86/mm/mem_encrypt_amd.c | 4 + arch/x86/mm/mem_encrypt_identity.c | 7 + drivers/virt/coco/sev-guest/sev-guest.c | 695 +++--------------------- arch/x86/Kconfig | 1 + drivers/virt/coco/sev-guest/Kconfig | 3 - 16 files changed, 820 insertions(+), 686 deletions(-) base-commit: 8400291e289ee6b2bf9779ff1c83a291501f017b