From patchwork Fri Oct 13 16:58:21 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Borislav Petkov X-Patchwork-Id: 10005345 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 2C2F660230 for ; Fri, 13 Oct 2017 16:58:48 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 14F9F2900E for ; Fri, 13 Oct 2017 16:58:48 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 04920290F8; Fri, 13 Oct 2017 16:58:48 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A26E729100 for ; Fri, 13 Oct 2017 16:58:47 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751901AbdJMQ6g (ORCPT ); Fri, 13 Oct 2017 12:58:36 -0400 Received: from mail.skyhub.de ([5.9.137.197]:60460 "EHLO mail.skyhub.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750973AbdJMQ6e (ORCPT ); Fri, 13 Oct 2017 12:58:34 -0400 X-Virus-Scanned: Nedap ESD1 at mail.skyhub.de Received: from mail.skyhub.de ([127.0.0.1]) by localhost (blast.alien8.de [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id XGO9_9SgCcju; Fri, 13 Oct 2017 18:58:33 +0200 (CEST) Received: from pd.tnic (p2003008C2F21850095B7F9536650F1E9.dip0.t-ipconnect.de [IPv6:2003:8c:2f21:8500:95b7:f953:6650:f1e9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 587251EC0476; Fri, 13 Oct 2017 18:58:33 +0200 (CEST) Date: Fri, 13 Oct 2017 18:58:21 +0200 From: Borislav Petkov To: Brijesh Singh Cc: x86@kernel.org, kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Paolo Bonzini , Radim =?utf-8?B?S3LEjW3DocWZ?= , Joerg Roedel , Tom Lendacky Subject: Re: [Part2 PATCH v5 15/31] KVM: SVM: Reserve ASID range for SEV guest Message-ID: <20171013165821.bc35vhoiiy33xkju@pd.tnic> References: <20171004131412.13038-1-brijesh.singh@amd.com> <20171004131412.13038-16-brijesh.singh@amd.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20171004131412.13038-16-brijesh.singh@amd.com> User-Agent: NeoMutt/20170113 (1.7.2) Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP On Wed, Oct 04, 2017 at 08:13:56AM -0500, Brijesh Singh wrote: > A SEV-enabled guest must use ASIDs from the defined subset, while non-SEV > guests can use the remaining ASID range. The range of allowed SEV guest > ASIDs is [1 - CPUID_8000_001F[ECX][31:0]]. > > Cc: Thomas Gleixner > Cc: Ingo Molnar > Cc: "H. Peter Anvin" > Cc: Paolo Bonzini > Cc: "Radim Krčmář" > Cc: Joerg Roedel > Cc: Borislav Petkov > Cc: Tom Lendacky > Cc: x86@kernel.org > Cc: kvm@vger.kernel.org > Cc: linux-kernel@vger.kernel.org > Signed-off-by: Brijesh Singh > --- > arch/x86/kvm/svm.c | 23 ++++++++++++++++++++++- > 1 file changed, 22 insertions(+), 1 deletion(-) > > diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c > index be2e98c01b22..3244b8f88010 100644 > --- a/arch/x86/kvm/svm.c > +++ b/arch/x86/kvm/svm.c > @@ -323,6 +323,8 @@ enum { > > #define VMCB_AVIC_APIC_BAR_MASK 0xFFFFFFFFFF000ULL > > +static unsigned int max_sev_asid; > + > static inline void mark_all_dirty(struct vmcb *vmcb) > { > vmcb->control.clean = 0; > @@ -787,7 +789,7 @@ static int svm_hardware_enable(void) > sd->asid_generation = 1; > sd->max_asid = cpuid_ebx(SVM_CPUID_FUNC) - 1; > sd->next_asid = sd->max_asid + 1; > - sd->min_asid = 1; > + sd->min_asid = max_sev_asid + 1; > > gdt = get_current_gdt_rw(); > sd->tss_desc = (struct kvm_ldttss_desc *)(gdt + GDT_ENTRY_TSS); > @@ -1054,6 +1056,15 @@ static int avic_ga_log_notifier(u32 ga_tag) > return 0; > } > > +/* > + * Get maximum number of encrypted guest supported: Fn8001_001F[ECX]. > + * [31:0]: Number of supported guest > + */ > +static __init void sev_hardware_setup(void) > +{ > + max_sev_asid = cpuid_ecx(0x8000001F); > +} > + > static __init int svm_hardware_setup(void) > { > int cpu; > @@ -1084,6 +1095,16 @@ static __init int svm_hardware_setup(void) > kvm_tsc_scaling_ratio_frac_bits = 32; > } > > + if (sev) { > + if (!boot_cpu_has(X86_FEATURE_SEV) || > + !IS_ENABLED(CONFIG_KVM_AMD_SEV)) { > + sev = false; > + } else { > + sev_hardware_setup(); > + pr_info("SEV supported\n"); > + } > + } Flip that logic: diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c index 3244b8f88010..d4b62536e305 100644 --- a/arch/x86/kvm/svm.c +++ b/arch/x86/kvm/svm.c @@ -1057,8 +1057,8 @@ static int avic_ga_log_notifier(u32 ga_tag) } /* - * Get maximum number of encrypted guest supported: Fn8001_001F[ECX]. - * [31:0]: Number of supported guest + * Get the maximum number of encrypted guests: + * Fn8001_001F[ECX][31:0]: Number of supported guests. */ static __init void sev_hardware_setup(void) { @@ -1096,12 +1096,12 @@ static __init int svm_hardware_setup(void) } if (sev) { - if (!boot_cpu_has(X86_FEATURE_SEV) || - !IS_ENABLED(CONFIG_KVM_AMD_SEV)) { - sev = false; - } else { + if (boot_cpu_has(X86_FEATURE_SEV) && + IS_ENABLED(CONFIG_KVM_AMD_SEV)) { sev_hardware_setup(); pr_info("SEV supported\n"); + } else { + sev = false; } }