diff mbox series

[Part1,RFC,v2,06/20] x86/sev: Define SNP guest request NAE events

Message ID 20210430121616.2295-7-brijesh.singh@amd.com (mailing list archive)
State New, archived
Headers show
Series Add AMD Secure Nested Paging (SEV-SNP) Guest Support | expand

Commit Message

Brijesh Singh April 30, 2021, 12:16 p.m. UTC 
Version 2 of the GHCB specification added the support for SNP guest
request NAE events. The SEV-SNP guests will use this event to request
the attestation report. See the GHCB specification for more details.

Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
 arch/x86/include/uapi/asm/svm.h | 4 ++++
 1 file changed, 4 insertions(+)

Comments

Borislav Petkov May 18, 2021, 10:45 a.m. UTC | #1 
On Fri, Apr 30, 2021 at 07:16:02AM -0500, Brijesh Singh wrote:
> Version 2 of the GHCB specification added the support for SNP guest
> request NAE events. The SEV-SNP guests will use this event to request
> the attestation report. See the GHCB specification for more details.
> 
> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
> ---
>  arch/x86/include/uapi/asm/svm.h | 4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/arch/x86/include/uapi/asm/svm.h b/arch/x86/include/uapi/asm/svm.h
> index f7bf12cad58c..7a45aa284530 100644
> --- a/arch/x86/include/uapi/asm/svm.h
> +++ b/arch/x86/include/uapi/asm/svm.h
> @@ -109,6 +109,8 @@
>  #define SVM_VMGEXIT_SET_AP_JUMP_TABLE		0
>  #define SVM_VMGEXIT_GET_AP_JUMP_TABLE		1
>  #define SVM_VMGEXIT_SNP_PAGE_STATE_CHANGE	0x80000010
> +#define SVM_VMGEXIT_SNP_GUEST_REQUEST		0x80000011
> +#define SVM_VMGEXIT_SNP_EXT_GUEST_REQUEST	0x80000012

Why does this need the "VMGEXIT" *and* "SNP" prefixes?

Why not simply:

SVM_VMGEXIT_GUEST_REQ
SVM_VMGEXIT_EXT_GUEST_REQ

like the rest of the VMGEXIT defines in there?


>  #define SVM_VMGEXIT_HYPERVISOR_FEATURES		0x8000fffd
>  #define SVM_VMGEXIT_UNSUPPORTED_EVENT		0x8000ffff
>  
> @@ -218,6 +220,8 @@
>  	{ SVM_VMGEXIT_AP_HLT_LOOP,	"vmgexit_ap_hlt_loop" }, \
>  	{ SVM_VMGEXIT_AP_JUMP_TABLE,	"vmgexit_ap_jump_table" }, \
>  	{ SVM_VMGEXIT_SNP_PAGE_STATE_CHANGE,	"vmgexit_page_state_change" }, \
> +	{ SVM_VMGEXIT_SNP_GUEST_REQUEST,	"vmgexit_snp_guest_request" }, \
> +	{ SVM_VMGEXIT_SNP_EXT_GUEST_REQUEST,	"vmgexit_snp_extended_guest_request" }, \
>  	{ SVM_VMGEXIT_HYPERVISOR_FEATURES,	"vmgexit_hypervisor_feature" }, \
>  	{ SVM_EXIT_ERR,         "invalid_guest_state" }

Ditto.
Brijesh Singh May 18, 2021, 1:42 p.m. UTC | #2 
On 5/18/21 5:45 AM, Borislav Petkov wrote:
> On Fri, Apr 30, 2021 at 07:16:02AM -0500, Brijesh Singh wrote:
>> Version 2 of the GHCB specification added the support for SNP guest
>> request NAE events. The SEV-SNP guests will use this event to request
>> the attestation report. See the GHCB specification for more details.
>>
>> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
>> ---
>>  arch/x86/include/uapi/asm/svm.h | 4 ++++
>>  1 file changed, 4 insertions(+)
>>
>> diff --git a/arch/x86/include/uapi/asm/svm.h b/arch/x86/include/uapi/asm/svm.h
>> index f7bf12cad58c..7a45aa284530 100644
>> --- a/arch/x86/include/uapi/asm/svm.h
>> +++ b/arch/x86/include/uapi/asm/svm.h
>> @@ -109,6 +109,8 @@
>>  #define SVM_VMGEXIT_SET_AP_JUMP_TABLE		0
>>  #define SVM_VMGEXIT_GET_AP_JUMP_TABLE		1
>>  #define SVM_VMGEXIT_SNP_PAGE_STATE_CHANGE	0x80000010
>> +#define SVM_VMGEXIT_SNP_GUEST_REQUEST		0x80000011
>> +#define SVM_VMGEXIT_SNP_EXT_GUEST_REQUEST	0x80000012
> Why does this need the "VMGEXIT" *and* "SNP" prefixes?
>
> Why not simply:
>
> SVM_VMGEXIT_GUEST_REQ
> SVM_VMGEXIT_EXT_GUEST_REQ
>
> like the rest of the VMGEXIT defines in there?

This VMGEXIT is optional and is available only when the SNP feature is
advertised through HV_FEATURE VMGEXIT. The GHCB specification spells it
with the "SNP" prefix" to distinguish it from others. The other
"VMGEXIT's" defined in this file are available for both the SNP and ES
guests, so we don't need any prefixes.


>
>>  #define SVM_VMGEXIT_HYPERVISOR_FEATURES		0x8000fffd
>>  #define SVM_VMGEXIT_UNSUPPORTED_EVENT		0x8000ffff
>>  
>> @@ -218,6 +220,8 @@
>>  	{ SVM_VMGEXIT_AP_HLT_LOOP,	"vmgexit_ap_hlt_loop" }, \
>>  	{ SVM_VMGEXIT_AP_JUMP_TABLE,	"vmgexit_ap_jump_table" }, \
>>  	{ SVM_VMGEXIT_SNP_PAGE_STATE_CHANGE,	"vmgexit_page_state_change" }, \
>> +	{ SVM_VMGEXIT_SNP_GUEST_REQUEST,	"vmgexit_snp_guest_request" }, \
>> +	{ SVM_VMGEXIT_SNP_EXT_GUEST_REQUEST,	"vmgexit_snp_extended_guest_request" }, \
>>  	{ SVM_VMGEXIT_HYPERVISOR_FEATURES,	"vmgexit_hypervisor_feature" }, \
>>  	{ SVM_EXIT_ERR,         "invalid_guest_state" }
> Ditto.
>
Borislav Petkov May 18, 2021, 1:54 p.m. UTC | #3 
On Tue, May 18, 2021 at 08:42:44AM -0500, Brijesh Singh wrote:
> This VMGEXIT is optional and is available only when the SNP feature is
> advertised through HV_FEATURE VMGEXIT. The GHCB specification spells it
> with the "SNP" prefix" to distinguish it from others. The other
> "VMGEXIT's" defined in this file are available for both the SNP and ES
> guests, so we don't need any prefixes.

Sure but are there any other VMGEXIT guest requests besides those two?
If not, then they're unique so we can just as well drop the SNP prefix.
Bottom line is, I'd like the code to be short and readable at a glance.

Thx.
Brijesh Singh May 18, 2021, 2:13 p.m. UTC | #4 
On 5/18/21 8:54 AM, Borislav Petkov wrote:
> On Tue, May 18, 2021 at 08:42:44AM -0500, Brijesh Singh wrote:
>> This VMGEXIT is optional and is available only when the SNP feature is
>> advertised through HV_FEATURE VMGEXIT. The GHCB specification spells it
>> with the "SNP" prefix" to distinguish it from others. The other
>> "VMGEXIT's" defined in this file are available for both the SNP and ES
>> guests, so we don't need any prefixes.
> Sure but are there any other VMGEXIT guest requests besides those two?
> If not, then they're unique so we can just as well drop the SNP prefix.
> Bottom line is, I'd like the code to be short and readable at a glance.

There are total 7 SNP specific VMGEXIT. I can drop the "SNP" prefix if
that is preferred.


> Thx.
>
diff mbox series

Patch

diff --git a/arch/x86/include/uapi/asm/svm.h b/arch/x86/include/uapi/asm/svm.h
index f7bf12cad58c..7a45aa284530 100644
--- a/arch/x86/include/uapi/asm/svm.h
+++ b/arch/x86/include/uapi/asm/svm.h
@@ -109,6 +109,8 @@ 
 #define SVM_VMGEXIT_SET_AP_JUMP_TABLE		0
 #define SVM_VMGEXIT_GET_AP_JUMP_TABLE		1
 #define SVM_VMGEXIT_SNP_PAGE_STATE_CHANGE	0x80000010
+#define SVM_VMGEXIT_SNP_GUEST_REQUEST		0x80000011
+#define SVM_VMGEXIT_SNP_EXT_GUEST_REQUEST	0x80000012
 #define SVM_VMGEXIT_HYPERVISOR_FEATURES		0x8000fffd
 #define SVM_VMGEXIT_UNSUPPORTED_EVENT		0x8000ffff
 
@@ -218,6 +220,8 @@ 
 	{ SVM_VMGEXIT_AP_HLT_LOOP,	"vmgexit_ap_hlt_loop" }, \
 	{ SVM_VMGEXIT_AP_JUMP_TABLE,	"vmgexit_ap_jump_table" }, \
 	{ SVM_VMGEXIT_SNP_PAGE_STATE_CHANGE,	"vmgexit_page_state_change" }, \
+	{ SVM_VMGEXIT_SNP_GUEST_REQUEST,	"vmgexit_snp_guest_request" }, \
+	{ SVM_VMGEXIT_SNP_EXT_GUEST_REQUEST,	"vmgexit_snp_extended_guest_request" }, \
 	{ SVM_VMGEXIT_HYPERVISOR_FEATURES,	"vmgexit_hypervisor_feature" }, \
 	{ SVM_EXIT_ERR,         "invalid_guest_state" }