From patchwork Fri Sep 13 11:37:02 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Neeraj Upadhyay X-Patchwork-Id: 13803305 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2072.outbound.protection.outlook.com [40.107.93.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 557C21BD4E4; Fri, 13 Sep 2024 11:40:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.93.72 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1726227649; cv=fail; b=F0NJVyV+h88LVumReSekX8koHzq3AEnbYDwitXsQ4RrK2b0wnFz1mN0Q13CSrjARDphEWRoOOI2/XpkXrG0reA9o8/IBdKvfPO8MpOBiU2ADiEICZ5c9sy4jk+fAYd3xB7HOP6LUy4Hk7JLg/XDK0hAli554irDZkz8VRe7H0GY= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1726227649; c=relaxed/simple; bh=D0B79X5HcChX+2P2MP4NS3uAqFEbg0hh1+PxKNfi/e4=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=le+0ifxAPjhzscXt2o3xgxSZGQNqg1OCLgVXHVq08fc1xayyZKWU4jrbK1fAPHCJHft3BUI+P8ebemRbLVNKBH/MavtULfFBrdeEk1FBTyfRkEBQQgkuVVmr4TSJn3HHu6WjOZByCgoHb7ivyBtaIyqfIyAwJMF7fQDBBuPSYpA= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=UnpmaMC9; arc=fail smtp.client-ip=40.107.93.72 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="UnpmaMC9" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=cvIur5uuvhRTT5muKHfAULmxucdKAIdAtNe9oG8X5RsXxPy5sFkMLyy8DzyEORDZwRoiRkvPMDq7THVnDQNU0RouA04CDSxrbvVx58KVZzCuZEFnVF7fOaIUIABblBoxq+bBsWXdfdVqSuMXDjOwRe0p5wyh8WmY7g0pc19fDGsOoYPugctziMO9x+YxNfs9W950PwG0ztgKqdXcML7yOsq1qZyZqTLb/2LzIlHWGs2J6hs3nDLATLUZHQzAio52ad30Qk8JLlXPi/ky6/ldfasbTxiObCPSi+x4DhZE0T1pMiuBJoPLhita/h92IYBXtFKzTEgXl7pEhEqzNadqIQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=67n+BTqwxp57PDdD+mi5AMGlWG9UFY7IcjDKz73TOAE=; b=md/69RtgeE4WGF7KSXNpqULfVde3pqQhnUlf+wGPdMv/NpJC1DynHby3lFFR//4HuhJJjL7G7YDydmZJQpROu5j0tXYUkynRumL6j98+xS0S64NKi8lLt0kGdxN6v10nGPj6g4cPddQNNpvtimBvFhmQLu/joAn/XT3yW8zFO48Rq1ZB57ECItRnQxexSnGSRXrkGS9VKw0Vm7iAR06zw5NgLf2wM0FSDSMpp6Vpwl6+MLPTV2eJ4dmWj/bxYQNwPPxEE+3nJUuJcIO8/rtKtfL+w5y4FWzuoz9OOyviwf359KSR8sS/b6RbkqidRzOyzJ1R3lx3BHJwIPfpHwuEEw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=67n+BTqwxp57PDdD+mi5AMGlWG9UFY7IcjDKz73TOAE=; b=UnpmaMC9obmpYhTO/ymzq5KPEn5VivLCiTdMw0Lo14vF6td3q+nHKUuQ44QrM7mWFue0DmO2ZtX3u3OvgOZIjubd5KtsUHx9OtgxAWtWm3ZBP/MuAMfhNi+hl2TKymTsevr9KRBvb1JENm877F8j5YEiGgXAiQBMtvTv5oc8luA= Received: from DS7PR03CA0192.namprd03.prod.outlook.com (2603:10b6:5:3b6::17) by IA0PR12MB7603.namprd12.prod.outlook.com (2603:10b6:208:439::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7962.17; Fri, 13 Sep 2024 11:40:44 +0000 Received: from DS3PEPF000099DF.namprd04.prod.outlook.com (2603:10b6:5:3b6:cafe::d9) by DS7PR03CA0192.outlook.office365.com (2603:10b6:5:3b6::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7939.24 via Frontend Transport; Fri, 13 Sep 2024 11:40:44 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DS3PEPF000099DF.mail.protection.outlook.com (10.167.17.202) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7918.13 via Frontend Transport; Fri, 13 Sep 2024 11:40:44 +0000 Received: from BLR-L-NUPADHYA.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Fri, 13 Sep 2024 06:40:38 -0500 From: Neeraj Upadhyay To: CC: , , , , , , , , , , , , , , , Subject: [RFC 11/14] x86/apic: Allow NMI to be injected from hypervisor for Secure AVIC Date: Fri, 13 Sep 2024 17:07:02 +0530 Message-ID: <20240913113705.419146-12-Neeraj.Upadhyay@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240913113705.419146-1-Neeraj.Upadhyay@amd.com> References: <20240913113705.419146-1-Neeraj.Upadhyay@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS3PEPF000099DF:EE_|IA0PR12MB7603:EE_ X-MS-Office365-Filtering-Correlation-Id: 47fc3429-54d5-4a7f-2233-08dcd3e8e74e X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|1800799024|82310400026|7416014|36860700013; X-Microsoft-Antispam-Message-Info: qAHoYYZDBayc8O6N3Zet5+jOPdigtJmP8o6JqnglR3kzm+qa+08pHLb+tx3RTJbKbsQEGF5XDWs/x+h0cMy8sZd5bcH8ELTpq4J1iApArk3becVrzCaGdJ7o3gfLNcBlBDOqQEaEHjYwPvHkRzqGWwQ9mIcGxyf54Wl0dOPP36LDm53on0vLdx6u83HeIuowIxekr+UHQjBbl5ONzqNDh3Nva/+n/lUK/0SlRD75/yID4457LozbCJ9lDNlmcvtghsxd/8aoWABApVnCM2ZbPTTEpy2rA0GVncIiv6B3vRGq7fXGPyqSazHD2UFvYnwrYPdqnpTqgn0BKg23arX1FtUE0ORlf6EBdrIuZ37JJ6In+l+PWJvMUOdqjWwXB3KS/TiLQFHaO4pvDW+AIzwe/3SxOdrGJBkRaMD6CbtFc+qQqCaL/9dMw8jtKVo4NHOEwvMma8yyiFmhWbDQUgjGnXpMNGIj+1uZwTacsut7dxckZNFKplF8doBFPclsGlKc2nPWAOyQVrVC8r1Sf/FmaZO4C8i4PtrLo3QuuJciqeO+/hRYkgMuBFKBmj1fpS7+WyITNT00ln+jG+U+V9gRO9C6q2iBad8ha2WNvvQpDX6eBzTfpS+q1tFPa+ygMWCqmtS/cdrZaD5YbNZaihcpeofstuXk3BwxMcyz6Q/+8BM/VOqlvRrIVX1q5WWQ510MSb4oV/xZEGExf0MNWXPJYi1rdeEAUwPaQym780ITMo2bTdJDC/h1R9macHf43m6Xm8p1LvbYWqJjevM1jRPR/9u3d/RoeM1tvCAZubUWUa8qpA1EZx2wbMRtfE9SvMj6/PHmY+5hpiy/KtUXmtoOmqbG0K3nkpeuMRynD4dmWfpBfU5Adnf8GB5SJmITKpNveHqtnm23DX2j6LFteNunW6IP5moLv0MDaXbIrhBCPRlzEpbgeDZcI128M1HKT7xmqbUgfsD/KylOPycozyP0SDI1+22SvWsX71lQddqmEhGSa78S8L3v0VS/seCa6CQc4O+bXXiuP8JZrmaimk91V4pma5NfYuUmZF+5cOXMBWjoK/73q40fR9lcEpT2BF4dYTArBahQ2cK8WZJJXEzbxdiAqXIpybaI2gn/IpNE2ep65Dkjvld6AAq5yv4S2kmvVle6/sm2hHnD1y9ig0BadmTtynZkCqp+NsksvPWh9lj8A0CU84EkrubTAoDffx5ROTog7HZ6ErLmFiiGQOI1ju8vre8w7kctlY0vGmaBaSXRe2ROkZ3LlLux2PZCKqf2JdvuePoxBBBOJesyWLzx5Q1RmPXfJsJQITQ1SsHXok2rXl9EUGMXbQiYIGC0pApJZZRPL4MsNmjfDQvBJZD+tIypMRI3kZO4d6Sz6dFLHg8MOZiuVX+s79GgPTGQrVkR6Ee7r80Cxe6HrB8zEaGTLqJI4VGHa+OVHGTSoX7g7yC/tC0kkiM+ysfCGK3DAJ7m X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(376014)(1800799024)(82310400026)(7416014)(36860700013);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 Sep 2024 11:40:44.5204 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 47fc3429-54d5-4a7f-2233-08dcd3e8e74e X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS3PEPF000099DF.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA0PR12MB7603 From: Kishon Vijay Abraham I Secure AVIC requires "AllowedNmi" bit in the Secure AVIC Control MSR to be set for NMI to be injected from hypervisor. Set "AllowedNmi" bit in Secure AVIC Control MSR here to allow NMI interrupts to be injected from hypervisor. While at that, also propagate APIC_LVT0 and APIC_LVT1 register values to the hypervisor required for injecting NMI interrupts from hypervisor. Signed-off-by: Kishon Vijay Abraham I Signed-off-by: Neeraj Upadhyay --- arch/x86/include/asm/msr-index.h | 5 +++++ arch/x86/kernel/apic/x2apic_savic.c | 10 ++++++++-- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-index.h index d0583619c978..0b7454ed7b39 100644 --- a/arch/x86/include/asm/msr-index.h +++ b/arch/x86/include/asm/msr-index.h @@ -662,6 +662,11 @@ #define MSR_AMD64_SNP_SECURE_AVIC_ENABLED BIT_ULL(MSR_AMD64_SNP_SECURE_AVIC_BIT) #define MSR_AMD64_SNP_RESV_BIT 19 #define MSR_AMD64_SNP_RESERVED_MASK GENMASK_ULL(63, MSR_AMD64_SNP_RESV_BIT) +#define MSR_AMD64_SECURE_AVIC_CONTROL 0xc0010138 +#define MSR_AMD64_SECURE_AVIC_EN_BIT 0 +#define MSR_AMD64_SECURE_AVIC_EN BIT_ULL(MSR_AMD64_SECURE_AVIC_EN_BIT) +#define MSR_AMD64_SECURE_AVIC_ALLOWEDNMI_BIT 1 +#define MSR_AMD64_SECURE_AVIC_ALLOWEDNMI BIT_ULL(MSR_AMD64_SECURE_AVIC_ALLOWEDNMI_BIT) #define MSR_AMD64_VIRT_SPEC_CTRL 0xc001011f diff --git a/arch/x86/kernel/apic/x2apic_savic.c b/arch/x86/kernel/apic/x2apic_savic.c index 5502a828a795..321b3678e26f 100644 --- a/arch/x86/kernel/apic/x2apic_savic.c +++ b/arch/x86/kernel/apic/x2apic_savic.c @@ -38,6 +38,11 @@ enum lapic_lvt_entry { #define APIC_LVTx(x) (APIC_LVTT + 0x10 * (x)) +static inline void savic_wr_control_msr(u64 val) +{ + native_wrmsr(MSR_AMD64_SECURE_AVIC_CONTROL, lower_32_bits(val), upper_32_bits(val)); +} + static int x2apic_savic_acpi_madt_oem_check(char *oem_id, char *oem_table_id) { return x2apic_enabled() && cc_platform_has(CC_ATTR_SNP_SECURE_AVIC); @@ -143,12 +148,12 @@ static void x2apic_savic_write(u32 reg, u32 data) switch (reg) { case APIC_LVTT: + case APIC_LVT0: + case APIC_LVT1: case APIC_TMICT: case APIC_TDCR: write_msr_to_hv(reg, data); break; - case APIC_LVT0: - case APIC_LVT1: /* APIC_ID is writable and configured by guest for Secure AVIC */ case APIC_ID: case APIC_TASKPRI: @@ -401,6 +406,7 @@ static void x2apic_savic_setup(void) ret = sev_notify_savic_gpa(gpa); if (ret != ES_OK) snp_abort(); + savic_wr_control_msr(gpa | MSR_AMD64_SECURE_AVIC_ALLOWEDNMI); this_cpu_write(savic_setup_done, true); }