From patchwork Thu Apr 22 20:54:36 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kalra, Ashish" X-Patchwork-Id: 12219183 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-13.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH, MAILING_LIST_MULTI,MSGID_FROM_MTA_HEADER,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8D33CC433B4 for ; Thu, 22 Apr 2021 20:54:54 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 50FB9613B0 for ; Thu, 22 Apr 2021 20:54:54 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237018AbhDVUz2 (ORCPT ); Thu, 22 Apr 2021 16:55:28 -0400 Received: from mail-eopbgr770054.outbound.protection.outlook.com ([40.107.77.54]:11278 "EHLO NAM02-SN1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S236851AbhDVUz0 (ORCPT ); Thu, 22 Apr 2021 16:55:26 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jcFECfJX8u29eSIwpyJQCPJY6Zncu2By/HVCqdiorrjBsuAZ/oKf9dYrYmzj4+6decN4VrwiUuWLTBocyN2rLLsyuIkLj9nwLq+wjV5OinQRepkwYVAm+O77CYGsnfM4BfqIiCTgwoKPwASKept9D0Xlxcy48Q/C4xfj6dzBrDHAO0gt4Tbvz51L9ChsRcK6LjLpx4rigSLD5yns5KT1/mAAontgvdNzAn6JdUaKPmP0txB5aonVs8apoOfbxc0QqkBxCmP6Q2huiDliV7E75nXfSd/NQcfEZfEdQDDpqqRsGex7W4wdu4itqjIULofWb8ZHFq6PHhhccMf1jBioXw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tCeDn5PWshW/vrJfRIg9rDxwpkgYUZwIlTStmHkw8rs=; b=Ghv1KtmDhsimy69UQvjiG1FtbnMDYY2ix4MwDxqF6DjNjcVCx2y0nS1o7fVsA7tismnNdGzq5VYcIxRQARu2C+rEG2O3NnZalVl2BcaWQciyBt5ftjU+1fCOzQ/zI0KJVKV3q0QmvH33AW1SBq24Ufd6mJQqdvA4RjeHeVTySNp9nWcRSEc3KjmqCENK8Z7KU+A1ogst++wHj6S4Jjxw4z3Iwt82DYD7/RjfD0buie4DNhmcq4ujKzhQReFHieb/nrgTeNPgzZ9irdNPKF6wZ0CH6UJ8RMevGKHFrSjbu3tEA1GyaP6/7o+rljpD7R9EPiQcpoRqZ5AOsq+xgwX18w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tCeDn5PWshW/vrJfRIg9rDxwpkgYUZwIlTStmHkw8rs=; b=x/OIQ/glhOpMJegdIMtDy93Ew/VYD2u7CuOM7/Vz/7aXBPoXbeNn05lj4+GJgR7YDHsrY0mfRKvXn9WjlJXGEg2CJb3t5rlaVGpEW0TX6Jseq32eNoxJibgyBy58lNiJWi+tpJJFlmzyxX5xArOnw3xDhMja96a8WbokyAyB6/o= Authentication-Results: redhat.com; dkim=none (message not signed) header.d=none;redhat.com; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2767.namprd12.prod.outlook.com (2603:10b6:805:75::23) by SN6PR12MB2767.namprd12.prod.outlook.com (2603:10b6:805:75::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4065.21; Thu, 22 Apr 2021 20:54:46 +0000 Received: from SN6PR12MB2767.namprd12.prod.outlook.com ([fe80::1fb:7d59:2c24:615e]) by SN6PR12MB2767.namprd12.prod.outlook.com ([fe80::1fb:7d59:2c24:615e%7]) with mapi id 15.20.4065.021; Thu, 22 Apr 2021 20:54:46 +0000 From: Ashish Kalra To: pbonzini@redhat.com Cc: tglx@linutronix.de, mingo@redhat.com, hpa@zytor.com, joro@8bytes.org, bp@suse.de, thomas.lendacky@amd.com, x86@kernel.org, kvm@vger.kernel.org, linux-kernel@vger.kernel.org, srutherford@google.com, seanjc@google.com, venu.busireddy@oracle.com, brijesh.singh@amd.com Subject: [PATCH 0/4] Add guest support for SEV live migration. Date: Thu, 22 Apr 2021 20:54:36 +0000 Message-Id: X-Mailer: git-send-email 2.17.1 X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SN1PR12CA0086.namprd12.prod.outlook.com (2603:10b6:802:21::21) To SN6PR12MB2767.namprd12.prod.outlook.com (2603:10b6:805:75::23) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from ashkalra_ubuntu_server.amd.com (165.204.77.1) by SN1PR12CA0086.namprd12.prod.outlook.com (2603:10b6:802:21::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4065.20 via Frontend Transport; Thu, 22 Apr 2021 20:54:45 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 526ff01d-e79b-4e6f-393d-08d905d0dc94 X-MS-TrafficTypeDiagnostic: SN6PR12MB2767: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8882; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: PHZa1gOuz5WzdCXEGLY8GfnxMkyG3qoVDP/5M06DMvc2TIiNdvIpawyEy5nZYD69MLxfb3M4CZ2CYcHd3SGpaUOLQ3Ngb9zZ3qinBMiVPKC5+SbmtNihyCLWnDVLKi0oRmWX5pTlmUC54RHsp1skWBBdiSm9RTloumPOhVy748YIS7VNYpVqrWo8lSYWAQpywOy07gkg2+K09vJfEHBsZ3DOjYYa8HNSjfcwUum2GAQDcYx9L3bZ8+q6jMbaAk9vaqHqG9grb7xXF55kMv+VSRfxHhpBnaRvH/3UyRQBX4RW4ffTTxV9gW2E8PZ/e5Z6gP8aXV0pKRDH0BGcPv2/4lK66+ohmGGCpc+GuTDr2EtRdbpv51Y9WCIY0SR1rORRtI8VsrMwrryk3Kdw0HwolyuyNRKDGS84hAVEP2R1cokAdhOYKd/2InqbyggA49BJMeJVO/qp90m2fHfdCe8y1Oxmru5FPuQtJrtIaNmKY/22UD9SBVzld+7RvHKAoUM0iNn0fsFJL/0CK6E5NqC/v8F81cBiajmCAGPi9JmYLx5IT4AMK4aScljjG6mAkUrp3fhNBOTXk4auC1qO9fQ0UpxQuD2lsW4hP4BziGOwUgBdoyKc38QTjLUz+ViD89yIvcxoufaOdoDmnUItkHgbBQ== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR12MB2767.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(366004)(346002)(136003)(396003)(376002)(39860400002)(6916009)(86362001)(83380400001)(7696005)(6666004)(7416002)(5660300002)(26005)(66476007)(316002)(36756003)(186003)(956004)(8676002)(4326008)(52116002)(66556008)(38350700002)(66946007)(16526019)(6486002)(38100700002)(478600001)(8936002)(2616005)(2906002);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData: =?utf-8?q?Rb/qu/U848ZtuZaaG0GfFpEx+MeI0Y?= =?utf-8?q?OBFH6uDI2atdka+FyXdztKk3d0B7PcbHjm9We+kSE4KAz7l/Jm/7KtHmb7AHzaVLB?= =?utf-8?q?IDEpp4g8UxQmwbLCRlAep7rPWJIUdXWTqfGgBZn9OSPd4On+6ZWI2NdqDjUhT35B1?= =?utf-8?q?JrMVkr1kC6dxXs8kGw84drmuHcs/9fJ0PewYj+ftjahaH8OyhPR0vqFGsevVg106H?= =?utf-8?q?huI7M5BdWwCtGZVgms0BR7ndR1Uma5+FHCoX4jvFwma9JwfVOvvwoj/J2zOpGYc/S?= =?utf-8?q?ls3qJ9xbRlIZub1dAA65MnXMKDI/OpDpu6qnEKMRoyF2KwFPMRqhLRq+aW0Ty2uuH?= =?utf-8?q?PQNC36WR2vtzEJsAeEAsAFMK+TtegB2JjclZS+Il/d2kZcpwoqwRTMlXSW+t8vbfj?= =?utf-8?q?jaL9rJl//Eg0USwlAdqPnXTeJ1vUmis7/NBOcigYhzrw2CKNRNSoD+yjnBK5jJ0a4?= =?utf-8?q?il/bl9xJsaayEKyH4ugX7bhOD4VIyi0oQ7e2h1FAd/HVGTgFh3d02zdiUH+FEJBHN?= =?utf-8?q?PrjwHlvFfSTO0k0y+pdXTsXY/nISP3LSup7eiDiFHMXZiBnaxA9xBAxgrfXz/KVRv?= =?utf-8?q?yCeuCfzPu1TyK7KcxoYsEm4KWSmN+hDY5vpemHrJz/yS7E0cFxM03HkbJwRHNO6Kl?= =?utf-8?q?sWUapaj2ngyDQCvqOR0QLw9vucYgvy3evllQAPGFDHn0OYkTTVXpwEYO+bnNgLd8j?= =?utf-8?q?GmagMtK5f2pum0NPxyDT3DBwMR+/JWwSGueRxSkbNCU07TJwftliteQyQmPneBo5Q?= =?utf-8?q?6j+a7AENT9xT2G+/dG9xMFNgxQWWlbtadpAh06dQHn/Go1dbRVgts/3yJuzYqv0/+?= =?utf-8?q?zzxwl9SqhxIJiF5QJunowG80SM32vHzGPY891cfHMKepPx2HE+XZ8pkrQUF1wX/c6?= =?utf-8?q?lbbON0n9KwAYD+gcp3JMtfrlRmDvRG6aUGCb2GOi1Hn0/e2DBXIu3eY9GgDO69A/P?= =?utf-8?q?8stOmf1nPOkzusqwi464MCnO6t+YlmHQhYRcdNP2UWCKNAsseQvfu8hEcDhZj9L/L?= =?utf-8?q?VvDWj41ijdue5kXvT9KzJNxSPjrGG5IxHSV0+RKq9jD2tvN6JtSnzJgloonONa0wH?= =?utf-8?q?Uuz0xfhB3UKhRLruUEwMJGe2Fu5GQgmba/6gepW0KljqVscqSXbRj8QaB/weOTs4Z?= =?utf-8?q?uqbtmFEfb502+1y/5EO81gPLcd/x75VlcaTG22kUwdfy2Hqy9bF+ID7EqDRlbXrCq?= =?utf-8?q?9aMRGOhoZXZJPbpZdXt/U4jSj0ar7Xbpzu72WIpTKOBha+HenPbi8wX6EBwhzG3BQ?= =?utf-8?q?27EkbPfbOWrzkT?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 526ff01d-e79b-4e6f-393d-08d905d0dc94 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2767.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Apr 2021 20:54:46.3162 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: vF1UmE7xRL+i82ecQEEpCqppuT7cNeaWJqaYGxBUxjLkfjm5PzOsYvILkyOlN9mqObJP1dCYphdYxS6qqXCNIQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR12MB2767 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org From: Ashish Kalra The series adds guest support for SEV live migration. The patch series introduces a new hypercall. The guest OS can use this hypercall to notify the page encryption status. If the page is encrypted with guest specific-key then we use SEV command during the migration. If page is not encrypted then fallback to default. This section descibes how the SEV live migration feature is negotiated between the host and guest, the host indicates this feature support via KVM_FEATURE_CPUID. The guest firmware (OVMF) detects this feature and sets a UEFI enviroment variable indicating OVMF support for live migration, the guest kernel also detects the host support for this feature via cpuid and in case of an EFI boot verifies if OVMF also supports this feature by getting the UEFI enviroment variable and if it set then enables live migration feature on host by writing to a custom MSR, if not booted under EFI, then it simply enables the feature by again writing to the custom MSR. Ashish Kalra (2): EFI: Introduce the new AMD Memory Encryption GUID. x86/kvm: Add guest support for detecting and enabling SEV Live Migration feature. Brijesh Singh (2): KVM: x86: Add AMD SEV specific Hypercall3 mm: x86: Invoke hypercall when page encryption status is changed arch/x86/include/asm/kvm_para.h | 12 +++ arch/x86/include/asm/mem_encrypt.h | 4 + arch/x86/include/asm/paravirt.h | 6 ++ arch/x86/include/asm/paravirt_types.h | 2 + arch/x86/include/asm/set_memory.h | 2 + arch/x86/kernel/kvm.c | 106 ++++++++++++++++++++++++++ arch/x86/kernel/paravirt.c | 1 + arch/x86/mm/mem_encrypt.c | 72 ++++++++++++++--- arch/x86/mm/pat/set_memory.c | 7 ++ include/linux/efi.h | 1 + 10 files changed, 204 insertions(+), 9 deletions(-)