From patchwork Thu Jan 14 00:36:55 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12018159 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 15926C433DB for ; Thu, 14 Jan 2021 01:49:26 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id C5F9A235F8 for ; Thu, 14 Jan 2021 01:49:25 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728447AbhANBso (ORCPT ); Wed, 13 Jan 2021 20:48:44 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55694 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729928AbhANAi0 (ORCPT ); Wed, 13 Jan 2021 19:38:26 -0500 Received: from mail-qv1-xf4a.google.com (mail-qv1-xf4a.google.com [IPv6:2607:f8b0:4864:20::f4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 93BF2C06179F for ; Wed, 13 Jan 2021 16:37:37 -0800 (PST) Received: by mail-qv1-xf4a.google.com with SMTP id f7so2947251qvr.4 for ; Wed, 13 Jan 2021 16:37:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=+lfNaOH1CNuPDcxuYVHAHObVf+9wEEDIr0zVJxlAHxg=; b=gIjihO2I8gwcFheB4YOs8u4uVfZFwXse/1YgRjreNWQX/e2LFZ9vHhNU3O2UbMJppT hbZqpHYf8uNM9lVGC2jEABPKdK+55wkuZSf/POIfMsZ5LvFBacWcKJNaPDRCFWSRout+ uMFxXkDz0idqm68ZyJ+iooMcEsfRvxeGZcE3jvqoHKICY5e/jlJ/Ce3WTRib5aCm+2mn UAxR2lfbyXAMgnM+w0ZAZdihFN2j4rNDsAn9pUY2X9QzpGeBGYiPFnqtIdSFRglaIAJC iory/Ch11tHGh9uc9FOYACz9x3TLLUhe0ZhJRFn9WwPDIRkKFroNhMwGXCzZWhWHkV8f 7GRQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=+lfNaOH1CNuPDcxuYVHAHObVf+9wEEDIr0zVJxlAHxg=; b=l32vKdMwJ+UhSAZ7C0Ayr51RJ+53ff4+HmjBgmsmptmkIDjKiLvBZKb75w64WxzXZn 3jt9OdgL78+Wi9FZA/n3AAeC1R22DGwP8zfGayBNzXqBlJ+L6Z6bZoRJWQWAUY04ZnkL 2xL4gBClxyqiAdGim6AqZA9N0M8rRYU44yX/5O6swu43EqPL1AJm/tWyVzfroboXmNco DP5LB1wlRP1AwlgzdbRBAzBZhX+iyOyJObKK5qI5o0BSLpmZuTEeGhLxpASbOlmgHUlO agoCnDh29jR35PMpcOyDrzIGOWhfIQwYbqR1iJPb3P8+nF3Hwz+VVgrOgyhqoirHEb0y DGDQ== X-Gm-Message-State: AOAM5328ovgeqPZZXt7CYOe1Jvapx//IAyzJ14QiW7Z0nOUa/lqmmjgZ cUATG0IjvIEJb1Fqwf28shkbokGwrqE= X-Google-Smtp-Source: ABdhPJz6SZlx5VJJIc17Aooj99sknhXwjukqTwoNewwxv6DIs9ZCRWUkLmY0rTV2mz8FiqTixYZn5yW997c= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:1ea0:b8ff:fe73:50f5]) (user=seanjc job=sendgmr) by 2002:a25:8b:: with SMTP id 133mr7308631yba.513.1610584656762; Wed, 13 Jan 2021 16:37:36 -0800 (PST) Reply-To: Sean Christopherson Date: Wed, 13 Jan 2021 16:36:55 -0800 In-Reply-To: <20210114003708.3798992-1-seanjc@google.com> Message-Id: <20210114003708.3798992-2-seanjc@google.com> Mime-Version: 1.0 References: <20210114003708.3798992-1-seanjc@google.com> X-Mailer: git-send-email 2.30.0.284.gd98b1dd5eaa7-goog Subject: [PATCH v2 01/14] KVM: SVM: Zero out the VMCB array used to track SEV ASID association From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Borislav Petkov , Tom Lendacky , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Zero out the array of VMCB pointers so that pre_sev_run() won't see garbage when querying the array to detect when an SEV ASID is being associated with a new VMCB. In practice, reading random values is all but guaranteed to be benign as a false negative (which is extremely unlikely on its own) can only happen on CPU0 on the first VMRUN and would only cause KVM to skip the ASID flush. For anything bad to happen, a previous instance of KVM would have to exit without flushing the ASID, _and_ KVM would have to not flush the ASID at any time while building the new SEV guest. Cc: Borislav Petkov Cc: Tom Lendacky Cc: Brijesh Singh Fixes: 70cd94e60c73 ("KVM: SVM: VMRUN should use associated ASID when SEV is enabled") Signed-off-by: Sean Christopherson Reviewed-by: Tom Lendacky Reviewed-by: Brijesh Singh --- arch/x86/kvm/svm/svm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 7ef171790d02..ccf52c5531fb 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -573,7 +573,7 @@ static int svm_cpu_init(int cpu) if (svm_sev_enabled()) { sd->sev_vmcbs = kmalloc_array(max_sev_asid + 1, sizeof(void *), - GFP_KERNEL); + GFP_KERNEL | __GFP_ZERO); if (!sd->sev_vmcbs) goto free_save_area; } From patchwork Thu Jan 14 00:36:56 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12018019 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 498B1C433E0 for ; Thu, 14 Jan 2021 00:41:21 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 031BE23383 for ; Thu, 14 Jan 2021 00:41:20 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729933AbhANAlA (ORCPT ); Wed, 13 Jan 2021 19:41:00 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55896 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726983AbhANAjT (ORCPT ); Wed, 13 Jan 2021 19:39:19 -0500 Received: from mail-qt1-x84a.google.com (mail-qt1-x84a.google.com [IPv6:2607:f8b0:4864:20::84a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 43360C0617A3 for ; Wed, 13 Jan 2021 16:37:40 -0800 (PST) Received: by mail-qt1-x84a.google.com with SMTP id b24so2953982qtt.22 for ; Wed, 13 Jan 2021 16:37:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=wOBP2RkmQVjfNopz2sDe0MTwMLiCidw7C7eIsxIrYII=; b=d5HallwW2J+DLmealbbzCxFKbyAzfK0TCDbwfh2qMm5YWuuskaf+J+g2Y1HBZE/+36 t95u9GZ2O9AVZxH2zRkVsS7VzsiEpdru7b+em49iDS3EWnmJWFv90DQuBcHChZAf75rO VP02JzsqqznnSDOTDf0eonMszZ3vXgtU2vVaKV34p+gW5Et1K06G5mJhgBwoOaSNBEJl WbKXUOWXGBYjSyCP3bY9d4dFlimPm7F29OLixyGicfnLAl0aReI/0Gvy7tgrK+sDAAFj xIRu74vuI2atJgPvKzfBw2xjPcCGE2+1cuWIipDSZDTCcH9/n/vEm9zso27LK6FEu01I hFEg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=wOBP2RkmQVjfNopz2sDe0MTwMLiCidw7C7eIsxIrYII=; b=XSKO8Q1vTpXpxBCg6PNhFQ5Lcdbi1/iSTlXMa+lm4ZF6TvUy3CXE2rR7sl9lHVbotR QdKVIAy80j9hEZpy9mJB/AnG2Bj9CafboUHVbUWRSfp/dDTRD11Zy6Y16x4+l1NuIkw2 Xc+HI9OrXjIWqtdaPu5QbJ6MtyB8jpnKi5uPlRKQgFYXeSZX+4AMaCCdh6bznm6MygBF azgCzdiLMidg+vMJ2BGeZJ5/ZJKyeT3vXa76gX979mHs3y8m5ZKuhchmMS/v9lCDsX9R f3JSynxFjhtrbi0EWgLCN4x/Sa/TgrYQ+IoY+b1byWPglF5imY5pigYd1Da8Qhwqv/qs 5YMw== X-Gm-Message-State: AOAM530Cd+GcpjRiUmMeQSl664kKdn7red9oWw4IyXR/0UfTW+RE5NzF FptWvh6PvPLgaYxcRsR1ueAJBUBmBUc= X-Google-Smtp-Source: ABdhPJzroYZoNQxP6r2XJyTfpLb/UvCXqjUCC3lNQ7J4R0aAzyCK6+Qeih/+mF1Mqy1YwLwmgknKdkcu0kk= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:1ea0:b8ff:fe73:50f5]) (user=seanjc job=sendgmr) by 2002:a05:6214:58d:: with SMTP id bx13mr4647837qvb.61.1610584659417; Wed, 13 Jan 2021 16:37:39 -0800 (PST) Reply-To: Sean Christopherson Date: Wed, 13 Jan 2021 16:36:56 -0800 In-Reply-To: <20210114003708.3798992-1-seanjc@google.com> Message-Id: <20210114003708.3798992-3-seanjc@google.com> Mime-Version: 1.0 References: <20210114003708.3798992-1-seanjc@google.com> X-Mailer: git-send-email 2.30.0.284.gd98b1dd5eaa7-goog Subject: [PATCH v2 02/14] KVM: SVM: Free sev_asid_bitmap during init if SEV setup fails From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Borislav Petkov , Tom Lendacky , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Free sev_asid_bitmap if the reclaim bitmap allocation fails, othwerise KVM will unnecessarily keep the bitmap when SEV is not fully enabled. Freeing the page is also necessary to avoid introducing a bug when a future patch eliminates svm_sev_enabled() in favor of using the global 'sev' flag directly. While sev_hardware_enabled() checks max_sev_asid, which is true even if KVM setup fails, 'sev' will be true if and only if KVM setup fully succeeds. Fixes: 33af3a7ef9e6 ("KVM: SVM: Reduce WBINVD/DF_FLUSH invocations") Cc: Tom Lendacky Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/sev.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index c8ffdbc81709..0eeb6e1b803d 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -1274,8 +1274,10 @@ void __init sev_hardware_setup(void) goto out; sev_reclaim_asid_bitmap = bitmap_zalloc(max_sev_asid, GFP_KERNEL); - if (!sev_reclaim_asid_bitmap) + if (!sev_reclaim_asid_bitmap) { + bitmap_free(sev_asid_bitmap); goto out; + } pr_info("SEV supported: %u ASIDs\n", max_sev_asid - min_sev_asid + 1); sev_supported = true; From patchwork Thu Jan 14 00:36:57 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12018149 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9606EC433E9 for ; Thu, 14 Jan 2021 01:48:49 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 621422343B for ; Thu, 14 Jan 2021 01:48:49 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728372AbhANBsV (ORCPT ); Wed, 13 Jan 2021 20:48:21 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56028 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727222AbhANAjv (ORCPT ); Wed, 13 Jan 2021 19:39:51 -0500 Received: from mail-qt1-x84a.google.com (mail-qt1-x84a.google.com [IPv6:2607:f8b0:4864:20::84a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DAA31C0617A5 for ; Wed, 13 Jan 2021 16:37:42 -0800 (PST) Received: by mail-qt1-x84a.google.com with SMTP id b8so2961936qtr.18 for ; Wed, 13 Jan 2021 16:37:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=Yn6K+Al6keU4qwvbVZAct8COFyc60/5tuafg8uWsv9s=; b=GS6+9cj6bVKPfRttuQ0OZ/gu/AsdxWthI6birI03VxeJb329XZwukIQq4bqq7K4gJS j91y+ixUlBa+XlE8v7BJbEh3opw0dlXyeMZ1gAX0edJAlFapMSehK/ME8xkZrOE1bxEc 4LHRU4RdoHMq7krywcO/0tV5tsJIBWHXX+J/TSWdRUf6KwSb3QCz2L4EKvZ5r19Vvmlg 7cJxtmSqa/q2cFomiqcWZzaNpDI/BOzwCdqrtJEMx4QT6iA5ODADGquyUKIe1R+NVmq0 kMVppEH/pbzbWNzt7gTer5fwzh9t2qzV5HiXMaEO1s/zpPQBfoyf/nH4520yX7ychR6A vF3A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=Yn6K+Al6keU4qwvbVZAct8COFyc60/5tuafg8uWsv9s=; b=l0jfibOHEWUEk31wuEPZMci5o7gEDtzcALjn4qJFiGodbkn75BfNl/8zruIaXiB+EZ fUOKurg3RvMy2Epxjkk7FvKYO5BthbjEL9MnRU+bdykvp3iuN6iMM8fNvPMKdWuQmnnS C5NJAlQ6HaDyY/0oUhjAADIHzFWDyTjjEnxqkFR2cF28lOP7FoRGRZ/nUQ1VmYOM5gFE pvadlv4tI0dwiO7DKZDdZ8Ujt6eaLGIkMp0QEAUsM7ODFwXl80ANNjbPuPx8r3Lc9ZDw Ei31DwnYC7y+JpPqvpVYMU7ldxwNzRAa5dzM7+TWd3Kf7CToTQEnlOy77JUCQPcL5/Kr qLsg== X-Gm-Message-State: AOAM530KjBB63Vd/TuB5U9a1lwyL/j5bi1b8q8eXvst1ydeIzYkSf//j PsZ5TP+BddUYHF2qaFNecB3IQWgVef0= X-Google-Smtp-Source: ABdhPJwET5/FgHxggwO9NJkiIa/7tDnom5JB75FWqiMIu+CYa8J3rxhBsOEsUoDXlnwDytx02ooiXilB3kI= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:1ea0:b8ff:fe73:50f5]) (user=seanjc job=sendgmr) by 2002:a0c:8445:: with SMTP id l63mr4984501qva.60.1610584662011; Wed, 13 Jan 2021 16:37:42 -0800 (PST) Reply-To: Sean Christopherson Date: Wed, 13 Jan 2021 16:36:57 -0800 In-Reply-To: <20210114003708.3798992-1-seanjc@google.com> Message-Id: <20210114003708.3798992-4-seanjc@google.com> Mime-Version: 1.0 References: <20210114003708.3798992-1-seanjc@google.com> X-Mailer: git-send-email 2.30.0.284.gd98b1dd5eaa7-goog Subject: [PATCH v2 03/14] KVM: SVM: Move SEV module params/variables to sev.c From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Borislav Petkov , Tom Lendacky , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Unconditionally invoke sev_hardware_setup() when configuring SVM and handle clearing the module params/variable 'sev' and 'sev_es' in sev_hardware_setup(). This allows making said variables static within sev.c and reduces the odds of a collision with guest code, e.g. the guest side of things has already laid claim to 'sev_enabled'. Signed-off-by: Sean Christopherson Reviewed-by: Tom Lendacky Reviewed-by: Brijesh Singh --- arch/x86/kvm/svm/sev.c | 11 +++++++++++ arch/x86/kvm/svm/svm.c | 15 +-------------- arch/x86/kvm/svm/svm.h | 2 -- 3 files changed, 12 insertions(+), 16 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 0eeb6e1b803d..8ba93b8fa435 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -27,6 +27,14 @@ #define __ex(x) __kvm_handle_fault_on_reboot(x) +/* enable/disable SEV support */ +static int sev = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); +module_param(sev, int, 0444); + +/* enable/disable SEV-ES support */ +static int sev_es = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); +module_param(sev_es, int, 0444); + static u8 sev_enc_bit; static int sev_flush_asids(void); static DECLARE_RWSEM(sev_deactivate_lock); @@ -1249,6 +1257,9 @@ void __init sev_hardware_setup(void) bool sev_es_supported = false; bool sev_supported = false; + if (!IS_ENABLED(CONFIG_KVM_AMD_SEV) || !sev) + goto out; + /* Does the CPU support SEV? */ if (!boot_cpu_has(X86_FEATURE_SEV)) goto out; diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index ccf52c5531fb..f89f702b2a58 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -189,14 +189,6 @@ module_param(vls, int, 0444); static int vgif = true; module_param(vgif, int, 0444); -/* enable/disable SEV support */ -int sev = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); -module_param(sev, int, 0444); - -/* enable/disable SEV-ES support */ -int sev_es = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); -module_param(sev_es, int, 0444); - bool __read_mostly dump_invalid_vmcb; module_param(dump_invalid_vmcb, bool, 0644); @@ -976,12 +968,7 @@ static __init int svm_hardware_setup(void) kvm_enable_efer_bits(EFER_SVME | EFER_LMSLE); } - if (IS_ENABLED(CONFIG_KVM_AMD_SEV) && sev) { - sev_hardware_setup(); - } else { - sev = false; - sev_es = false; - } + sev_hardware_setup(); svm_adjust_mmio_mask(); diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 0fe874ae5498..8e169835f52a 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -408,8 +408,6 @@ static inline bool gif_set(struct vcpu_svm *svm) #define MSR_CR3_LONG_MBZ_MASK 0xfff0000000000000U #define MSR_INVALID 0xffffffffU -extern int sev; -extern int sev_es; extern bool dump_invalid_vmcb; u32 svm_msrpm_offset(u32 msr); From patchwork Thu Jan 14 00:36:58 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12018155 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E043FC4332B for ; Thu, 14 Jan 2021 01:48:49 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id BC8CD2343E for ; Thu, 14 Jan 2021 01:48:49 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728412AbhANBsX (ORCPT ); Wed, 13 Jan 2021 20:48:23 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56026 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727153AbhANAjv (ORCPT ); Wed, 13 Jan 2021 19:39:51 -0500 Received: from mail-qt1-x84a.google.com (mail-qt1-x84a.google.com [IPv6:2607:f8b0:4864:20::84a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 64A88C0617A7 for ; Wed, 13 Jan 2021 16:37:45 -0800 (PST) Received: by mail-qt1-x84a.google.com with SMTP id b11so2970418qtj.11 for ; Wed, 13 Jan 2021 16:37:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=Cnc0lgQscc6cmGJmpq+PiVOdWNnTD3AWpalFSPCSq8A=; b=mnGUuR+Af6UCiQ6G+/GYDXzP8oP63daouHXe/t8kMbvw5CZVl2w7nHmw3owPkq1xNT jHDQiY8Tk7m0+6Dmmrs2/8y3nBiIaRaMB316ZIzOEH+SXGVPMf93ZIFJGcIya6r4JHrc zLOkwgl30PWFNH1b9aOmUvWFi3LZudsqcenrAJTbw/nGyBrcg+U7nId1oCHBahtF44K7 dHh1pa9qYWmsHatiPKg8pcj+3/v6ortUA1Wl3uE0OIFEBFMJLgAt/m8AdK8JhVAE81E6 E3YXdfIP4d1Pxo3NkRfDz3xUU6bY4s2W1wpzndixX12OMw1ZXuD7ZwensYQ+Nz8asSQm bMRg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=Cnc0lgQscc6cmGJmpq+PiVOdWNnTD3AWpalFSPCSq8A=; b=cADrmuKOp/24NpISMrPoiC4HbVRhIYx1saiZ2H+cSQNhYuxW+2M+BjK5xmw3+NsuNv C01fCQKb9NuBORBiDtVmT2ofrG4IWOQ19aQXdjmjRngk0yRKyopghQYNyrfpI2DaMAUk 1Ts5R6ijqWg/xN/CZsuaNBExRi8hmVDPrjNHmiZraSI7496+uy4ZZT+j4k2hJuRiOfM0 f/zO5HbZQn30/7NbWSPkfQbYIcRLpCbQbMORsn0N4QAMHe51Z2PYYEdag+kY79G29vGT tBDyLq9xgxCTnGh6jKitT6dM8nHiA3C/p6vO2AIXGjz/kCy2bk4Y8pSpSeA1u0Y4J3Oa 20aw== X-Gm-Message-State: AOAM531WmSQgPlGZw7eN1dpVgYYhpD5tkZVmpRBFJ9b67CkmO93SE3TA AvBgMjKMO3nPbV9xFLkJxMXHFQDumj0= X-Google-Smtp-Source: ABdhPJzvYn9yd07lOsIKxR7vaVU8GYdd1cf2sY7HOxDK7dxEdofrZ5hL/NVXwtGmQASsTINeP7WDGrlE9ik= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:1ea0:b8ff:fe73:50f5]) (user=seanjc job=sendgmr) by 2002:a0c:fdec:: with SMTP id m12mr4701814qvu.11.1610584664451; Wed, 13 Jan 2021 16:37:44 -0800 (PST) Reply-To: Sean Christopherson Date: Wed, 13 Jan 2021 16:36:58 -0800 In-Reply-To: <20210114003708.3798992-1-seanjc@google.com> Message-Id: <20210114003708.3798992-5-seanjc@google.com> Mime-Version: 1.0 References: <20210114003708.3798992-1-seanjc@google.com> X-Mailer: git-send-email 2.30.0.284.gd98b1dd5eaa7-goog Subject: [PATCH v2 04/14] x86/cpufeatures: Assign dedicated feature word for AMD mem encryption From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Borislav Petkov , Tom Lendacky , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Collect the scattered SME/SEV related feature flags into a dedicated word. There are now five recognized features in CPUID.0x8000001F.EAX, with at least one more on the horizon (SEV-SNP). Using a dedicated word allows KVM to use its automagic CPUID adjustment logic when reporting the set of supported features to userspace. No functional change intended. Signed-off-by: Sean Christopherson Reviewed-by: Brijesh Singh --- arch/x86/include/asm/cpufeature.h | 7 +++++-- arch/x86/include/asm/cpufeatures.h | 17 +++++++++++------ arch/x86/include/asm/disabled-features.h | 3 ++- arch/x86/include/asm/required-features.h | 3 ++- arch/x86/kernel/cpu/common.c | 3 +++ arch/x86/kernel/cpu/scattered.c | 5 ----- tools/arch/x86/include/asm/disabled-features.h | 3 ++- tools/arch/x86/include/asm/required-features.h | 3 ++- 8 files changed, 27 insertions(+), 17 deletions(-) diff --git a/arch/x86/include/asm/cpufeature.h b/arch/x86/include/asm/cpufeature.h index 59bf91c57aa8..1728d4ce5730 100644 --- a/arch/x86/include/asm/cpufeature.h +++ b/arch/x86/include/asm/cpufeature.h @@ -30,6 +30,7 @@ enum cpuid_leafs CPUID_7_ECX, CPUID_8000_0007_EBX, CPUID_7_EDX, + CPUID_8000_001F_EAX, }; #ifdef CONFIG_X86_FEATURE_NAMES @@ -88,8 +89,9 @@ extern const char * const x86_bug_flags[NBUGINTS*32]; CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 16, feature_bit) || \ CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 17, feature_bit) || \ CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 18, feature_bit) || \ + CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 19, feature_bit) || \ REQUIRED_MASK_CHECK || \ - BUILD_BUG_ON_ZERO(NCAPINTS != 19)) + BUILD_BUG_ON_ZERO(NCAPINTS != 20)) #define DISABLED_MASK_BIT_SET(feature_bit) \ ( CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 0, feature_bit) || \ @@ -111,8 +113,9 @@ extern const char * const x86_bug_flags[NBUGINTS*32]; CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 16, feature_bit) || \ CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 17, feature_bit) || \ CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 18, feature_bit) || \ + CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 19, feature_bit) || \ DISABLED_MASK_CHECK || \ - BUILD_BUG_ON_ZERO(NCAPINTS != 19)) + BUILD_BUG_ON_ZERO(NCAPINTS != 20)) #define cpu_has(c, bit) \ (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h index 9f9e9511f7cd..7c0bb1a20050 100644 --- a/arch/x86/include/asm/cpufeatures.h +++ b/arch/x86/include/asm/cpufeatures.h @@ -13,7 +13,7 @@ /* * Defines x86 CPU feature bits */ -#define NCAPINTS 19 /* N 32-bit words worth of info */ +#define NCAPINTS 20 /* N 32-bit words worth of info */ #define NBUGINTS 1 /* N 32-bit bug flags */ /* @@ -96,7 +96,7 @@ #define X86_FEATURE_SYSCALL32 ( 3*32+14) /* "" syscall in IA32 userspace */ #define X86_FEATURE_SYSENTER32 ( 3*32+15) /* "" sysenter in IA32 userspace */ #define X86_FEATURE_REP_GOOD ( 3*32+16) /* REP microcode works well */ -#define X86_FEATURE_SME_COHERENT ( 3*32+17) /* "" AMD hardware-enforced cache coherency */ +/* FREE! ( 3*32+17) */ #define X86_FEATURE_LFENCE_RDTSC ( 3*32+18) /* "" LFENCE synchronizes RDTSC */ #define X86_FEATURE_ACC_POWER ( 3*32+19) /* AMD Accumulated Power Mechanism */ #define X86_FEATURE_NOPL ( 3*32+20) /* The NOPL (0F 1F) instructions */ @@ -201,7 +201,7 @@ #define X86_FEATURE_INVPCID_SINGLE ( 7*32+ 7) /* Effectively INVPCID && CR4.PCIDE=1 */ #define X86_FEATURE_HW_PSTATE ( 7*32+ 8) /* AMD HW-PState */ #define X86_FEATURE_PROC_FEEDBACK ( 7*32+ 9) /* AMD ProcFeedbackInterface */ -#define X86_FEATURE_SME ( 7*32+10) /* AMD Secure Memory Encryption */ +/* FREE! ( 7*32+10) */ #define X86_FEATURE_PTI ( 7*32+11) /* Kernel Page Table Isolation enabled */ #define X86_FEATURE_RETPOLINE ( 7*32+12) /* "" Generic Retpoline mitigation for Spectre variant 2 */ #define X86_FEATURE_RETPOLINE_AMD ( 7*32+13) /* "" AMD Retpoline mitigation for Spectre variant 2 */ @@ -211,7 +211,7 @@ #define X86_FEATURE_SSBD ( 7*32+17) /* Speculative Store Bypass Disable */ #define X86_FEATURE_MBA ( 7*32+18) /* Memory Bandwidth Allocation */ #define X86_FEATURE_RSB_CTXSW ( 7*32+19) /* "" Fill RSB on context switches */ -#define X86_FEATURE_SEV ( 7*32+20) /* AMD Secure Encrypted Virtualization */ +/* FREE! ( 7*32+20) */ #define X86_FEATURE_USE_IBPB ( 7*32+21) /* "" Indirect Branch Prediction Barrier enabled */ #define X86_FEATURE_USE_IBRS_FW ( 7*32+22) /* "" Use IBRS during runtime firmware calls */ #define X86_FEATURE_SPEC_STORE_BYPASS_DISABLE ( 7*32+23) /* "" Disable Speculative Store Bypass. */ @@ -236,8 +236,6 @@ #define X86_FEATURE_EPT_AD ( 8*32+17) /* Intel Extended Page Table access-dirty bit */ #define X86_FEATURE_VMCALL ( 8*32+18) /* "" Hypervisor supports the VMCALL instruction */ #define X86_FEATURE_VMW_VMMCALL ( 8*32+19) /* "" VMware prefers VMMCALL hypercall instruction */ -#define X86_FEATURE_SEV_ES ( 8*32+20) /* AMD Secure Encrypted Virtualization - Encrypted State */ -#define X86_FEATURE_VM_PAGE_FLUSH ( 8*32+21) /* "" VM Page Flush MSR is supported */ /* Intel-defined CPU features, CPUID level 0x00000007:0 (EBX), word 9 */ #define X86_FEATURE_FSGSBASE ( 9*32+ 0) /* RDFSBASE, WRFSBASE, RDGSBASE, WRGSBASE instructions*/ @@ -383,6 +381,13 @@ #define X86_FEATURE_CORE_CAPABILITIES (18*32+30) /* "" IA32_CORE_CAPABILITIES MSR */ #define X86_FEATURE_SPEC_CTRL_SSBD (18*32+31) /* "" Speculative Store Bypass Disable */ +/* AMD-defined memory encryption features, CPUID level 0x8000001f (EAX), word 19 */ +#define X86_FEATURE_SME (19*32+ 0) /* AMD Secure Memory Encryption */ +#define X86_FEATURE_SEV (19*32+ 1) /* AMD Secure Encrypted Virtualization */ +#define X86_FEATURE_VM_PAGE_FLUSH (19*32+ 2) /* "" VM Page Flush MSR is supported */ +#define X86_FEATURE_SEV_ES (19*32+ 3) /* AMD Secure Encrypted Virtualization - Encrypted State */ +#define X86_FEATURE_SME_COHERENT (19*32+10) /* "" AMD hardware-enforced cache coherency */ + /* * BUG word(s) */ diff --git a/arch/x86/include/asm/disabled-features.h b/arch/x86/include/asm/disabled-features.h index 5861d34f9771..2216077676c8 100644 --- a/arch/x86/include/asm/disabled-features.h +++ b/arch/x86/include/asm/disabled-features.h @@ -85,6 +85,7 @@ DISABLE_ENQCMD) #define DISABLED_MASK17 0 #define DISABLED_MASK18 0 -#define DISABLED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 19) +#define DISABLED_MASK19 0 +#define DISABLED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 20) #endif /* _ASM_X86_DISABLED_FEATURES_H */ diff --git a/arch/x86/include/asm/required-features.h b/arch/x86/include/asm/required-features.h index 3ff0d48469f2..b2d504f11937 100644 --- a/arch/x86/include/asm/required-features.h +++ b/arch/x86/include/asm/required-features.h @@ -101,6 +101,7 @@ #define REQUIRED_MASK16 0 #define REQUIRED_MASK17 0 #define REQUIRED_MASK18 0 -#define REQUIRED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 19) +#define REQUIRED_MASK19 0 +#define REQUIRED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 20) #endif /* _ASM_X86_REQUIRED_FEATURES_H */ diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index 35ad8480c464..9215b91bc044 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -960,6 +960,9 @@ void get_cpu_cap(struct cpuinfo_x86 *c) if (c->extended_cpuid_level >= 0x8000000a) c->x86_capability[CPUID_8000_000A_EDX] = cpuid_edx(0x8000000a); + if (c->extended_cpuid_level >= 0x8000001f) + c->x86_capability[CPUID_8000_001F_EAX] = cpuid_eax(0x8000001f); + init_scattered_cpuid_features(c); init_speculation_control(c); diff --git a/arch/x86/kernel/cpu/scattered.c b/arch/x86/kernel/cpu/scattered.c index 236924930bf0..972ec3bfa9c0 100644 --- a/arch/x86/kernel/cpu/scattered.c +++ b/arch/x86/kernel/cpu/scattered.c @@ -40,11 +40,6 @@ static const struct cpuid_bit cpuid_bits[] = { { X86_FEATURE_CPB, CPUID_EDX, 9, 0x80000007, 0 }, { X86_FEATURE_PROC_FEEDBACK, CPUID_EDX, 11, 0x80000007, 0 }, { X86_FEATURE_MBA, CPUID_EBX, 6, 0x80000008, 0 }, - { X86_FEATURE_SME, CPUID_EAX, 0, 0x8000001f, 0 }, - { X86_FEATURE_SEV, CPUID_EAX, 1, 0x8000001f, 0 }, - { X86_FEATURE_SEV_ES, CPUID_EAX, 3, 0x8000001f, 0 }, - { X86_FEATURE_SME_COHERENT, CPUID_EAX, 10, 0x8000001f, 0 }, - { X86_FEATURE_VM_PAGE_FLUSH, CPUID_EAX, 2, 0x8000001f, 0 }, { 0, 0, 0, 0, 0 } }; diff --git a/tools/arch/x86/include/asm/disabled-features.h b/tools/arch/x86/include/asm/disabled-features.h index 5861d34f9771..2216077676c8 100644 --- a/tools/arch/x86/include/asm/disabled-features.h +++ b/tools/arch/x86/include/asm/disabled-features.h @@ -85,6 +85,7 @@ DISABLE_ENQCMD) #define DISABLED_MASK17 0 #define DISABLED_MASK18 0 -#define DISABLED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 19) +#define DISABLED_MASK19 0 +#define DISABLED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 20) #endif /* _ASM_X86_DISABLED_FEATURES_H */ diff --git a/tools/arch/x86/include/asm/required-features.h b/tools/arch/x86/include/asm/required-features.h index 3ff0d48469f2..b2d504f11937 100644 --- a/tools/arch/x86/include/asm/required-features.h +++ b/tools/arch/x86/include/asm/required-features.h @@ -101,6 +101,7 @@ #define REQUIRED_MASK16 0 #define REQUIRED_MASK17 0 #define REQUIRED_MASK18 0 -#define REQUIRED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 19) +#define REQUIRED_MASK19 0 +#define REQUIRED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 20) #endif /* _ASM_X86_REQUIRED_FEATURES_H */ From patchwork Thu Jan 14 00:36:59 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12018153 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id AF7D0C43381 for ; Thu, 14 Jan 2021 01:48:49 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 848572343E for ; Thu, 14 Jan 2021 01:48:49 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728406AbhANBsW (ORCPT ); Wed, 13 Jan 2021 20:48:22 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56034 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727291AbhANAjv (ORCPT ); Wed, 13 Jan 2021 19:39:51 -0500 Received: from mail-qv1-xf49.google.com (mail-qv1-xf49.google.com [IPv6:2607:f8b0:4864:20::f49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E6026C0617B0 for ; Wed, 13 Jan 2021 16:37:47 -0800 (PST) Received: by mail-qv1-xf49.google.com with SMTP id t18so2950849qva.6 for ; Wed, 13 Jan 2021 16:37:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=6IjwYJ9nQQQ0VcUn254Dijwa+O3I16q70UCT60xMF6g=; b=CO4UFIoLHaCRpVB2MjOZf8UkbKvNnAkg+a0HFbJqY/bV7n5GCIPVyL3/wiX4o6EsFB UqlIyhryQEk16FL3egk36ZjVrvK02kg5Cg3+7NhDC6WdUUVNY2NtXQ7ZvK0hkrcwmImh pb7tGFWUarWoyf6QgqhP/vpYkLm+a+/dkiJz6B1eDLdUPrFIkQEJw/+XtZboQcA3Me3v ufXrBMtYm5C80Yk5OEaOSiVwx9UBzW6d+4MaQXQemOSVUWrbzPR31G3gFw8AIG96PPQ7 WfqUar0PVfuJUjUZ8bjP2BJvema0KPNvYaFWLi4EGlhy6Gdvl1vgYtkvFbQuBPbcWRGP oLjw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=6IjwYJ9nQQQ0VcUn254Dijwa+O3I16q70UCT60xMF6g=; b=FYitcNxkowo+iMt+rGx+gdnduIlc/xRxdZ3WbUZyKrLxOOkji2BIgrF1p9gYhb1ovY ezrJbvPtP8Li/7Zi0qzFZM2Cokyzs1qC1UH8m24u+XoKf9tUPliLOHgsUtEmrPfu4mOB irGr1xQ8gcHBFM61pSDZvjoiVEqUK3YhnUVD40UBLlMTrunGDl/vH7RWzhsNNm7Sc1tP 2W5iXJAI3KtOSYa24A+nhPhLb1L9Mjc7uNRto+nmiHgWOs3/kbvxVvkjH2kBCdC6Me6c 9OlyqICMLmyr0d0dS+wMjcX9p8WzeRuzKHXi2kiwF6unFHeJsETXM0P7gxK2pXh6jMgS AvfA== X-Gm-Message-State: AOAM532XTUXcMrchP7r7pIKxjDZdQr6WrFzf2bzuVXpkS6arcxUg97s4 l90XJqTM9LTfm6eJsUQH3QyDXa0LIGQ= X-Google-Smtp-Source: ABdhPJzmJiGQ2Jk2secJV5cIicU0Y2tSxcoH20LMR4/CzPqNn4te3nKLeCzKG255Qo5g47HTjNbiMwC2yDU= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:1ea0:b8ff:fe73:50f5]) (user=seanjc job=sendgmr) by 2002:a0c:bd9f:: with SMTP id n31mr4853531qvg.42.1610584667050; Wed, 13 Jan 2021 16:37:47 -0800 (PST) Reply-To: Sean Christopherson Date: Wed, 13 Jan 2021 16:36:59 -0800 In-Reply-To: <20210114003708.3798992-1-seanjc@google.com> Message-Id: <20210114003708.3798992-6-seanjc@google.com> Mime-Version: 1.0 References: <20210114003708.3798992-1-seanjc@google.com> X-Mailer: git-send-email 2.30.0.284.gd98b1dd5eaa7-goog Subject: [PATCH v2 05/14] KVM: x86: Override reported SME/SEV feature flags with host mask From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Borislav Petkov , Tom Lendacky , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Add a reverse-CPUID entry for the memory encryption word, 0x8000001F.EAX, and use it to override the supported CPUID flags reported to userspace. Masking the reported CPUID flags avoids over-reporting KVM support, e.g. without the mask a SEV-SNP capable CPU may incorrectly advertise SNP support to userspace. Cc: Brijesh Singh Cc: Tom Lendacky Signed-off-by: Sean Christopherson Reviewed-by: Brijesh Singh --- arch/x86/kvm/cpuid.c | 2 ++ arch/x86/kvm/cpuid.h | 1 + 2 files changed, 3 insertions(+) diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index 13036cf0b912..b7618cdd06b5 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c @@ -855,6 +855,8 @@ static inline int __do_cpuid_func(struct kvm_cpuid_array *array, u32 function) case 0x8000001F: if (!boot_cpu_has(X86_FEATURE_SEV)) entry->eax = entry->ebx = entry->ecx = entry->edx = 0; + else + cpuid_entry_override(entry, CPUID_8000_001F_EAX); break; /*Add support for Centaur's CPUID instruction*/ case 0xC0000000: diff --git a/arch/x86/kvm/cpuid.h b/arch/x86/kvm/cpuid.h index dc921d76e42e..8b6fc9bde248 100644 --- a/arch/x86/kvm/cpuid.h +++ b/arch/x86/kvm/cpuid.h @@ -63,6 +63,7 @@ static const struct cpuid_reg reverse_cpuid[] = { [CPUID_8000_0007_EBX] = {0x80000007, 0, CPUID_EBX}, [CPUID_7_EDX] = { 7, 0, CPUID_EDX}, [CPUID_7_1_EAX] = { 7, 1, CPUID_EAX}, + [CPUID_8000_001F_EAX] = {0x8000001f, 1, CPUID_EAX}, }; /* From patchwork Thu Jan 14 00:37:00 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12018033 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id B5C5DC433E0 for ; Thu, 14 Jan 2021 00:43:35 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 8E780233F6 for ; Thu, 14 Jan 2021 00:43:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729918AbhANAmF (ORCPT ); Wed, 13 Jan 2021 19:42:05 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56050 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727535AbhANAjy (ORCPT ); Wed, 13 Jan 2021 19:39:54 -0500 Received: from mail-qk1-x74a.google.com (mail-qk1-x74a.google.com [IPv6:2607:f8b0:4864:20::74a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B6A52C0617B9 for ; Wed, 13 Jan 2021 16:37:50 -0800 (PST) Received: by mail-qk1-x74a.google.com with SMTP id 189so3043706qko.1 for ; Wed, 13 Jan 2021 16:37:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=DDUHIUBA8SLHvStbYmjdJVTHYjMXIrwXrhEB8ai7MVY=; b=qkzN5/B31jy88ZpNpPR+BBPPcUB8nL0++4Spb8fCnQwaLGL/YbByi7M3SGS4Z/n0+s C1xB4mFr1fLgRi3PzFzYfk7OKY8HYlsFDgN9x/UfTJAOxU7O7mj8rnd1+B8tsBm5tpk1 qAH+JQRCZ7bpI06i1Cr5Se4FUewwXp3t+JkMnGESZFaV58c66zw2AXq5onH850wcGBBL nVYEQ06OYzdxeR6eWL7YgpStup3OB5WFL5coXbCvYhGP9u/Rfk+8ddoOsL2yL/gh5hW1 qXTYRfVA7vJuSxCKmAcq7AsJw1FEsZnU10U1JoTcyGS/ugOgRT5iwn73LcJK7BIV5PCE tm+Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=DDUHIUBA8SLHvStbYmjdJVTHYjMXIrwXrhEB8ai7MVY=; b=Pwams/ZABcVcGgYqGWlToTZt4qEm8VqTCUKzEn/HGylHwQP6PBpdlnpZolhex5VJ1F dfHsvmaINnCPwRxpyYQOl10ZqvHSdPR1o6AZFXOOm4vLtakAMRYq1cZ0J/TZW/j27sIp Xe8OyIVHKjYaivapEyaFJvt6AOlTTy7HnKhuLHcMWrceGoYaEzvuvkjKtCBV2XXZ2l4z uvpfZ/n9LTSfw8az7p+MStP4yuIUCoyXtsBkI5u9gsYlRISyDmge9r6Cn6pwrPg3NiHq axa+kz6LdhJwSph2TB/1rmVIqkf044EUw7/5TxTOWXPj/SywD4l61mDusz6gKLadBKhg viFQ== X-Gm-Message-State: AOAM530+hkkEfr4H5VlWvFWyTgPlfuOAKJWWJsaW2h8VQY/M6zhBRR33 m5DgwF0pXIh2wGgi0ptxvonTtmz5DCU= X-Google-Smtp-Source: ABdhPJxyDhm3M2JAmEWge+qYJWZw2joo4TnBbgEXhE0VgsY14p15rC2IBck+hLLI1HjzlM8vifZUP1PsJbU= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:1ea0:b8ff:fe73:50f5]) (user=seanjc job=sendgmr) by 2002:a5b:482:: with SMTP id n2mr6421468ybp.25.1610584669838; Wed, 13 Jan 2021 16:37:49 -0800 (PST) Reply-To: Sean Christopherson Date: Wed, 13 Jan 2021 16:37:00 -0800 In-Reply-To: <20210114003708.3798992-1-seanjc@google.com> Message-Id: <20210114003708.3798992-7-seanjc@google.com> Mime-Version: 1.0 References: <20210114003708.3798992-1-seanjc@google.com> X-Mailer: git-send-email 2.30.0.284.gd98b1dd5eaa7-goog Subject: [PATCH v2 06/14] x86/sev: Drop redundant and potentially misleading 'sev_enabled' From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Borislav Petkov , Tom Lendacky , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Drop the sev_enabled flag and switch its one user over to sev_active(). sev_enabled was made redundant with the introduction of sev_status in commit b57de6cd1639 ("x86/sev-es: Add SEV-ES Feature Detection"). sev_enabled and sev_active() are guaranteed to be equivalent, as each is true iff 'sev_status & MSR_AMD64_SEV_ENABLED' is true, and are only ever written in tandem (ignoring compressed boot's version of sev_status). Removing sev_enabled avoids confusion over whether it refers to the guest or the host, and will also allow KVM to usurp "sev_enabled" for its own purposes. No functional change intended. Signed-off-by: Sean Christopherson Reviewed-by: Tom Lendacky Reviewed-by: Brijesh Singh --- arch/x86/include/asm/mem_encrypt.h | 1 - arch/x86/mm/mem_encrypt.c | 12 +++++------- arch/x86/mm/mem_encrypt_identity.c | 1 - 3 files changed, 5 insertions(+), 9 deletions(-) diff --git a/arch/x86/include/asm/mem_encrypt.h b/arch/x86/include/asm/mem_encrypt.h index 2f62bbdd9d12..88d624499411 100644 --- a/arch/x86/include/asm/mem_encrypt.h +++ b/arch/x86/include/asm/mem_encrypt.h @@ -20,7 +20,6 @@ extern u64 sme_me_mask; extern u64 sev_status; -extern bool sev_enabled; void sme_encrypt_execute(unsigned long encrypted_kernel_vaddr, unsigned long decrypted_kernel_vaddr, diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c index bc0833713be9..b89bc03c63a2 100644 --- a/arch/x86/mm/mem_encrypt.c +++ b/arch/x86/mm/mem_encrypt.c @@ -44,8 +44,6 @@ EXPORT_SYMBOL(sme_me_mask); DEFINE_STATIC_KEY_FALSE(sev_enable_key); EXPORT_SYMBOL_GPL(sev_enable_key); -bool sev_enabled __section(".data"); - /* Buffer used for early in-place encryption by BSP, no locking needed */ static char sme_early_buffer[PAGE_SIZE] __initdata __aligned(PAGE_SIZE); @@ -342,16 +340,16 @@ int __init early_set_memory_encrypted(unsigned long vaddr, unsigned long size) * up under SME the trampoline area cannot be encrypted, whereas under SEV * the trampoline area must be encrypted. */ -bool sme_active(void) -{ - return sme_me_mask && !sev_enabled; -} - bool sev_active(void) { return sev_status & MSR_AMD64_SEV_ENABLED; } +bool sme_active(void) +{ + return sme_me_mask && !sev_active(); +} + /* Needs to be called from non-instrumentable code */ bool noinstr sev_es_active(void) { diff --git a/arch/x86/mm/mem_encrypt_identity.c b/arch/x86/mm/mem_encrypt_identity.c index 6c5eb6f3f14f..0c2759b7f03a 100644 --- a/arch/x86/mm/mem_encrypt_identity.c +++ b/arch/x86/mm/mem_encrypt_identity.c @@ -545,7 +545,6 @@ void __init sme_enable(struct boot_params *bp) /* SEV state cannot be controlled by a command line option */ sme_me_mask = me_mask; - sev_enabled = true; physical_mask &= ~sme_me_mask; return; } From patchwork Thu Jan 14 00:37:01 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12018151 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 734AAC433E6 for ; Thu, 14 Jan 2021 01:48:49 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 3C64E2343F for ; Thu, 14 Jan 2021 01:48:49 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727677AbhANBsV (ORCPT ); Wed, 13 Jan 2021 20:48:21 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56052 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727558AbhANAjy (ORCPT ); Wed, 13 Jan 2021 19:39:54 -0500 Received: from mail-qv1-xf49.google.com (mail-qv1-xf49.google.com [IPv6:2607:f8b0:4864:20::f49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2AD2AC0617BA for ; Wed, 13 Jan 2021 16:37:53 -0800 (PST) Received: by mail-qv1-xf49.google.com with SMTP id v1so2955335qvb.2 for ; Wed, 13 Jan 2021 16:37:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=8hi5Ghzd+1VrsTwQyXoSKnwtmn+Mg6zWlEamMMT6obA=; b=Eq1H8fN0JB+G3ZiEqZS9aXQv0LLbUFqfJ8mzQwOWkpkYI9P5GtPZZOq/4tNnnCEBmh gB4OeUFxH6cGxp14mEDplRZkCql3lYXQIYv4u+1cfOa3Mw9XVASyW7FzpI6EqysthIXd UUQ/sSiPIjW7fhYfx3ILgu+5XwfWEmaj0MMWBCZG611PT6phOvedcZ4rhTpV0K6ov9Qd n4pi51/TsHY2nz7s9/hR+19iOMOVp9O7GPO7ZwEzLw8X/dIDwTJwbcAeJIJgh6HLCNhx xWYyExMoEZaJTHsYZyayNuuXAi/4fHAITl7adS+UbrgmzuAuPWKihGkzM0Wr5uSlCaB1 xm+A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=8hi5Ghzd+1VrsTwQyXoSKnwtmn+Mg6zWlEamMMT6obA=; b=gj6LX/zcnZN/SDFiA/DpaxbETSIAS8vfFG+C96faiQjTKbEEfWt7daCoDuFGODX4DV cIy8H+d1NLS/hamToOTOxxP3UzkE79jKb9gBFpitWGgAx3HgW42IPTdR/XNONzlfWjgN 22VAf/eVfuGpGEdRdvxh4l9MVLH7eqQc81/l0cSezzsT+yJOBXsL15C1m3OQ83HRnxOC EsYJeoiANixtVTtJzRdd6sphWEBNZVR8teuSBwp3gpZfSMo67MQ8OLC8b/7paU4t7F23 AsxGAmaBHaGCOpKJjQQMNhTIYFiVbs3xBYAqsaSGm56uO5/vVGJptO7AdbxyL+QwdRCb cxNg== X-Gm-Message-State: AOAM533M+p4igWrgRkVcP/Rde6c5Ztb5NbkdzIG7ImtIWi1P5GhfBfpH 5VjoD/AWuIjOMZF8g6FZESNTYPAC8hE= X-Google-Smtp-Source: ABdhPJxS6rh2CW7+DImyzzIl9MDcDr69k2UOIU/zNjlCPMX5snioRBw4oBxFDLObWsPqBbE15aAwisfiOI8= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:1ea0:b8ff:fe73:50f5]) (user=seanjc job=sendgmr) by 2002:a0c:ca13:: with SMTP id c19mr4896807qvk.21.1610584672335; Wed, 13 Jan 2021 16:37:52 -0800 (PST) Reply-To: Sean Christopherson Date: Wed, 13 Jan 2021 16:37:01 -0800 In-Reply-To: <20210114003708.3798992-1-seanjc@google.com> Message-Id: <20210114003708.3798992-8-seanjc@google.com> Mime-Version: 1.0 References: <20210114003708.3798992-1-seanjc@google.com> X-Mailer: git-send-email 2.30.0.284.gd98b1dd5eaa7-goog Subject: [PATCH v2 07/14] KVM: SVM: Append "_enabled" to module-scoped SEV/SEV-ES control variables From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Borislav Petkov , Tom Lendacky , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Rename sev and sev_es to sev_enabled and sev_es_enabled respectively to better align with other KVM terminology, and to avoid pseudo-shadowing when the variables are moved to sev.c in a future patch ('sev' is often used for local struct kvm_sev_info pointers. No functional change intended. Acked-by: Tom Lendacky Signed-off-by: Sean Christopherson Reviewed-by: Brijesh Singh --- arch/x86/kvm/svm/sev.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 8ba93b8fa435..a024edabaca5 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -28,12 +28,12 @@ #define __ex(x) __kvm_handle_fault_on_reboot(x) /* enable/disable SEV support */ -static int sev = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); -module_param(sev, int, 0444); +static bool sev_enabled = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); +module_param_named(sev, sev_enabled, bool, 0444); /* enable/disable SEV-ES support */ -static int sev_es = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); -module_param(sev_es, int, 0444); +static bool sev_es_enabled = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); +module_param_named(sev_es, sev_es_enabled, bool, 0444); static u8 sev_enc_bit; static int sev_flush_asids(void); @@ -213,7 +213,7 @@ static int sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp) static int sev_es_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp) { - if (!sev_es) + if (!sev_es_enabled) return -ENOTTY; to_kvm_svm(kvm)->sev_info.es_active = true; @@ -1052,7 +1052,7 @@ int svm_mem_enc_op(struct kvm *kvm, void __user *argp) struct kvm_sev_cmd sev_cmd; int r; - if (!svm_sev_enabled() || !sev) + if (!svm_sev_enabled() || !sev_enabled) return -ENOTTY; if (!argp) @@ -1257,7 +1257,7 @@ void __init sev_hardware_setup(void) bool sev_es_supported = false; bool sev_supported = false; - if (!IS_ENABLED(CONFIG_KVM_AMD_SEV) || !sev) + if (!IS_ENABLED(CONFIG_KVM_AMD_SEV) || !sev_enabled) goto out; /* Does the CPU support SEV? */ @@ -1294,7 +1294,7 @@ void __init sev_hardware_setup(void) sev_supported = true; /* SEV-ES support requested? */ - if (!sev_es) + if (!sev_es_enabled) goto out; /* Does the CPU support SEV-ES? */ @@ -1309,8 +1309,8 @@ void __init sev_hardware_setup(void) sev_es_supported = true; out: - sev = sev_supported; - sev_es = sev_es_supported; + sev_enabled = sev_supported; + sev_es_enabled = sev_es_supported; } void sev_hardware_teardown(void) From patchwork Thu Jan 14 00:37:02 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12018157 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5BA9BC43333 for ; Thu, 14 Jan 2021 01:48:50 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 29E872343B for ; Thu, 14 Jan 2021 01:48:50 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727953AbhANBsm (ORCPT ); Wed, 13 Jan 2021 20:48:42 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55896 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725875AbhANAjo (ORCPT ); Wed, 13 Jan 2021 19:39:44 -0500 Received: from mail-qk1-x74a.google.com (mail-qk1-x74a.google.com [IPv6:2607:f8b0:4864:20::74a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D0815C0617BC for ; Wed, 13 Jan 2021 16:37:55 -0800 (PST) Received: by mail-qk1-x74a.google.com with SMTP id y187so3017792qke.20 for ; Wed, 13 Jan 2021 16:37:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=Eex86gs96hXZoQkhC7w4R41A1RqEr+1bAqfy74t/uNE=; b=sNbbozuRHglAPmDNM3t2ZBQKhdBPsyzcxyC0flAsMj+J3jsbYRvq3Wr3TvUCV/XREN bMI3C+ufPzudYBYmTGBZ5/BZB6AHF9fms/jbQ7GEzHpXv61YjON5uHQ3VXpIY5OVaFZO sApoLda/kV4sTXxEIupOGGDN/gQ+AFqPpkSMFiMKVPN8SDfnntmbt60bjFPINYWX3PJD 560Gs4wOoNZwKAsh7FEI25Ydsk9TZvWvbE25DwB7ISB4QiazsN3C6oDq2f0JUuE4MG8v RkUIyuv5zH4M2OHZEDQqy9YS0VmvYcvW6zFvzoQUvQeFezEtltf9e8eOipjg2l3q+VEE FOxw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=Eex86gs96hXZoQkhC7w4R41A1RqEr+1bAqfy74t/uNE=; b=Ci/q9vQ9Loj+qmfWBi34mtHBCapFNC3mECXPJQFsyf4DiR1XGxETYyGcDraaHy8BZF Gg3rlr4vChpqI70jvCBcpOoSkHN8CHg2ExCIEP7IZeWhg13O03nJ+ozyev6RG4fOv7A5 YuWNaX6et+0u1aBOFfTHLX5H/n7B/fnkeVTmYFqJg5x8XDaNo7wryu1Xi6Ak3PAHUaCa zvt2WYFs2uJL5ESjun1Zm9Ffo30fxQ03jqsPnOes0StbQuepNGhX8g98gCXpzAqH3gni l8pV8vRCWToPHKdcsNMVKSFvpKVM5EQf+ekmuWX3Wbx98WTYax1xmPIPGdi3ObQOleMm /OQg== X-Gm-Message-State: AOAM533snTQoJRD6UX3JkDb1uI0S6ojMfxCTmOP8yrorV+MD+eGpkzXq SBK2YnOqIiB2BXihvHx2vRzFCkhW4e0= X-Google-Smtp-Source: ABdhPJwxLJFIcGZAW1SDEzJekpBS1zpkc/ptjpzUb3ZhOdP4HHSylaa/lyrgMl3PsCTZHSmE0euTzijUicw= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:1ea0:b8ff:fe73:50f5]) (user=seanjc job=sendgmr) by 2002:a25:500c:: with SMTP id e12mr7458603ybb.129.1610584675025; Wed, 13 Jan 2021 16:37:55 -0800 (PST) Reply-To: Sean Christopherson Date: Wed, 13 Jan 2021 16:37:02 -0800 In-Reply-To: <20210114003708.3798992-1-seanjc@google.com> Message-Id: <20210114003708.3798992-9-seanjc@google.com> Mime-Version: 1.0 References: <20210114003708.3798992-1-seanjc@google.com> X-Mailer: git-send-email 2.30.0.284.gd98b1dd5eaa7-goog Subject: [PATCH v2 08/14] KVM: SVM: Condition sev_enabled and sev_es_enabled on CONFIG_KVM_AMD_SEV=y From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Borislav Petkov , Tom Lendacky , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Define sev_enabled and sev_es_enabled as 'false' and explicitly #ifdef out all of sev_hardware_setup() if CONFIG_KVM_AMD_SEV=n. This kills three birds at once: - Makes sev_enabled and sev_es_enabled off by default if CONFIG_KVM_AMD_SEV=n. Previously, they could be on by default if CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT=y, regardless of KVM SEV support. - Hides the sev and sev_es module params when CONFIG_KVM_AMD_SEV=n. - Resolves a false positive -Wnonnull in __sev_recycle_asids() that is currently masked by the equivalent IS_ENABLED(CONFIG_KVM_AMD_SEV) check in svm_sev_enabled(), which will be dropped in a future patch. Cc: Tom Lendacky Signed-off-by: Sean Christopherson Reviewed-by: Brijesh Singh --- arch/x86/kvm/svm/sev.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index a024edabaca5..02a66008e9b9 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -28,12 +28,17 @@ #define __ex(x) __kvm_handle_fault_on_reboot(x) /* enable/disable SEV support */ +#ifdef CONFIG_KVM_AMD_SEV static bool sev_enabled = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); module_param_named(sev, sev_enabled, bool, 0444); /* enable/disable SEV-ES support */ static bool sev_es_enabled = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); module_param_named(sev_es, sev_es_enabled, bool, 0444); +#else +#define sev_enabled false +#define sev_es_enabled false +#endif /* CONFIG_KVM_AMD_SEV */ static u8 sev_enc_bit; static int sev_flush_asids(void); @@ -1253,11 +1258,12 @@ void sev_vm_destroy(struct kvm *kvm) void __init sev_hardware_setup(void) { +#ifdef CONFIG_KVM_AMD_SEV unsigned int eax, ebx, ecx, edx; bool sev_es_supported = false; bool sev_supported = false; - if (!IS_ENABLED(CONFIG_KVM_AMD_SEV) || !sev_enabled) + if (!sev_enabled) goto out; /* Does the CPU support SEV? */ @@ -1311,6 +1317,7 @@ void __init sev_hardware_setup(void) out: sev_enabled = sev_supported; sev_es_enabled = sev_es_supported; +#endif } void sev_hardware_teardown(void) From patchwork Thu Jan 14 00:37:03 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12018145 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 499CDC43331 for ; Thu, 14 Jan 2021 01:48:13 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 0A6C02343F for ; Thu, 14 Jan 2021 01:48:13 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727681AbhANBsF (ORCPT ); Wed, 13 Jan 2021 20:48:05 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55896 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727973AbhANAlN (ORCPT ); Wed, 13 Jan 2021 19:41:13 -0500 Received: from mail-qk1-x74a.google.com (mail-qk1-x74a.google.com [IPv6:2607:f8b0:4864:20::74a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7BCB9C0617BF for ; Wed, 13 Jan 2021 16:37:58 -0800 (PST) Received: by mail-qk1-x74a.google.com with SMTP id k126so3029201qkf.8 for ; Wed, 13 Jan 2021 16:37:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=292fZgTlFSUh9sat6hWygwmIzdDrAIVyQe5fuEoV9fw=; b=IcnYna8K4DS03EhbgmYafZnVxDj379RLm8bCjdpPDUE9RyoriLUT1HlUkpeB4Xnm+Y uRsGRyTafPvmq9f+bxeNYJ8wTzt2p0huhmLkwIIudgJLxrKcJ0cwNAobv3oyBotjrtN+ DHQkb9OV94+iiGgGAZ2rvgE83CvCDySov1H1GoFCamGFuaPf6BQNYrZ7mdnnTrEYKxRP kpbr6GlX5QWL8HmlXEQyw6w9kQjBTM9WWrnSyKI9fRJ/eN4zt1BjvEjmyyGxFbITjkzt wMozgFrOvdqNTfksYrxC//KWRM1SVy5VQT+WQuYlZ8bXXYbUasKhvdt0zuE4pDXcwNti JteA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=292fZgTlFSUh9sat6hWygwmIzdDrAIVyQe5fuEoV9fw=; b=c1huSOH/YWk69TmEvKhlO2SwGImf7hSsWHMQMcSk61V64DnRmiNybO4+a13fnLX8Co cSEu5qmSzU+b5yuSDyZByI6C7qLlSsvV603nF9AjI/iNZSIdv6aWCdj2UwPZduuNoWl6 cTycsgnc8Pz+C9+vw+XCsloikbKpi/k4m55tazbkYbpAiWoeZxG7/g9LOmQ4qId2K5Fk sWqDxCmCIH6mNJcKwMK6Dtz4aRdar7TsWriv+NhKDYquad938zxWqgANT5gK9UK0cn3H j2xjW/lQfhmreRp6nvMsq3rK6W38+CoKu9f+NCMx15Vcw/11EUYQDCqx+ydgcPOBPKOU wrdA== X-Gm-Message-State: AOAM532emcjryFyiiEP603LXYBUNNfPbJFRz798WVQ/R7QHnUxtWLfik EELr5Gt85U9W5Fy1U6xUBoHK0rqzPSs= X-Google-Smtp-Source: ABdhPJw8pliD7Fv+cR+neB6QIex3TgFqy4yftORPPzVF5RRo7A7OcaTceN4RXvu9BIfaKZhy9GpC6zHMRZg= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:1ea0:b8ff:fe73:50f5]) (user=seanjc job=sendgmr) by 2002:a25:2f91:: with SMTP id v139mr7283714ybv.491.1610584677671; Wed, 13 Jan 2021 16:37:57 -0800 (PST) Reply-To: Sean Christopherson Date: Wed, 13 Jan 2021 16:37:03 -0800 In-Reply-To: <20210114003708.3798992-1-seanjc@google.com> Message-Id: <20210114003708.3798992-10-seanjc@google.com> Mime-Version: 1.0 References: <20210114003708.3798992-1-seanjc@google.com> X-Mailer: git-send-email 2.30.0.284.gd98b1dd5eaa7-goog Subject: [PATCH v2 09/14] KVM: SVM: Unconditionally invoke sev_hardware_teardown() From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Borislav Petkov , Tom Lendacky , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Remove the redundant svm_sev_enabled() check when calling sev_hardware_teardown(), the teardown helper itself does the check. Removing the check from svm.c will eventually allow dropping svm_sev_enabled() entirely. No functional change intended. Signed-off-by: Sean Christopherson Reviewed-by: Tom Lendacky Reviewed-by: Brijesh Singh --- arch/x86/kvm/svm/svm.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index f89f702b2a58..bb7b99743bea 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -887,8 +887,7 @@ static void svm_hardware_teardown(void) { int cpu; - if (svm_sev_enabled()) - sev_hardware_teardown(); + sev_hardware_teardown(); for_each_possible_cpu(cpu) svm_cpu_uninit(cpu); From patchwork Thu Jan 14 00:37:04 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12018143 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 26118C4332B for ; Thu, 14 Jan 2021 01:48:13 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id DE4E823441 for ; Thu, 14 Jan 2021 01:48:12 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728349AbhANBsG (ORCPT ); Wed, 13 Jan 2021 20:48:06 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56036 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727718AbhANAlN (ORCPT ); Wed, 13 Jan 2021 19:41:13 -0500 Received: from mail-qk1-x74a.google.com (mail-qk1-x74a.google.com [IPv6:2607:f8b0:4864:20::74a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E56B8C061381 for ; Wed, 13 Jan 2021 16:38:00 -0800 (PST) Received: by mail-qk1-x74a.google.com with SMTP id e25so3043572qka.3 for ; Wed, 13 Jan 2021 16:38:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=7jIh1raiC9mO2UBk7zBiXhk5cwJa5TOTQds8hm2NQdk=; b=qtwFb998ztfYpmQr3CIF3rvF2R+lxZy565kY7B2uTRHEhFfLPVFp9P89AVqEuRAQQj q1OghinpAd8nAhvyY55P8ygwTwvn0obM4KGRZ6SrZTQgCNxXFc+0JAMFGilg2zC7hgpg LeJe6DeHhg6XC2VBCRfFA5HYq+Vr7ItQGEBsKYZov6T3UX/hjNTPxdiQXKaslX/UB672 kqyFuZ3oN8m2xqMajhsk7M8hx6z94OnGC9ZR22b143v0UuSKTr0ohSGmpVe7/hnc/i+3 WRt8xWjT2T1owedVP0MSymp0i6bc1nwmlE0saysjLAMJwE2uXrxpo5IMZGkwUwg1hL23 EwNQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=7jIh1raiC9mO2UBk7zBiXhk5cwJa5TOTQds8hm2NQdk=; b=AS00ytM3bOjpFiUxMKmlUKnLpeRb1kqxAEiHO3dWFKqjZLGUbxFLTcObKffyzEOWt/ qihTe3Tx5n3abv0k/yaSzctEiouDYsgQJ55qZCqeM/MRugSoUiG71Pzmns0Nn1TiNjfN HOAc58za/KIBlZwMI/0cQTrAtwLDn2PL3Q7nFIY4ie2sdbrHWxWew01vMPgdQsHBQ5Kr TdxkWr1DvTsFUOfayv0l8Ph+WRET6s3kkhUWadfUnJM/qjmE5OKwcbPvrs0YEebWAK4H 96ggr+GNsw1GyTtjx+litaPc6YCAwpuTrhCjw4v/3GDBymtEwjMY2PNh1vObEVNpU0fW VT6Q== X-Gm-Message-State: AOAM5335B2Soedjtvuey0bYPhbGcXW3NWdsdMypkiYkh2RwNeT7wcTqj xqWpEFNeM8byl71+5oaHGGOsjr8M5Kw= X-Google-Smtp-Source: ABdhPJwlFbgrnSd6hVheUa0zIrYw1CBlvVSvihz8a6WeLJjzSKyzg/jGZrY+FPB6rF4lUwZ62mF/pFYvNWg= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:1ea0:b8ff:fe73:50f5]) (user=seanjc job=sendgmr) by 2002:a0c:ffa2:: with SMTP id d2mr4906288qvv.62.1610584680140; Wed, 13 Jan 2021 16:38:00 -0800 (PST) Reply-To: Sean Christopherson Date: Wed, 13 Jan 2021 16:37:04 -0800 In-Reply-To: <20210114003708.3798992-1-seanjc@google.com> Message-Id: <20210114003708.3798992-11-seanjc@google.com> Mime-Version: 1.0 References: <20210114003708.3798992-1-seanjc@google.com> X-Mailer: git-send-email 2.30.0.284.gd98b1dd5eaa7-goog Subject: [PATCH v2 10/14] KVM: SVM: Explicitly check max SEV ASID during sev_hardware_setup() From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Borislav Petkov , Tom Lendacky , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Query max_sev_asid directly after setting it instead of bouncing through its wrapper, svm_sev_enabled(). Using the wrapper is unnecessary obfuscation. No functional change intended. Signed-off-by: Sean Christopherson Reviewed-by: Brijesh Singh Reviewed-by: Tom Lendacky --- arch/x86/kvm/svm/sev.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 02a66008e9b9..1a143340103e 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -1278,8 +1278,7 @@ void __init sev_hardware_setup(void) /* Maximum number of encrypted guests supported simultaneously */ max_sev_asid = ecx; - - if (!svm_sev_enabled()) + if (!max_sev_asid) goto out; /* Minimum ASID value that should be used for SEV guest */ From patchwork Thu Jan 14 00:37:05 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12018101 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id AC8A2C4332E for ; Thu, 14 Jan 2021 01:47:42 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 708972343B for ; Thu, 14 Jan 2021 01:47:42 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727730AbhANAo1 (ORCPT ); Wed, 13 Jan 2021 19:44:27 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55898 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727755AbhANAlN (ORCPT ); Wed, 13 Jan 2021 19:41:13 -0500 Received: from mail-qv1-xf49.google.com (mail-qv1-xf49.google.com [IPv6:2607:f8b0:4864:20::f49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5A0B5C061383 for ; Wed, 13 Jan 2021 16:38:03 -0800 (PST) Received: by mail-qv1-xf49.google.com with SMTP id j5so2920283qvu.22 for ; Wed, 13 Jan 2021 16:38:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=wfHrcWUtyBJw1gyqCm4iA8No6UqJQy8LqS3DFdxjf1o=; b=HQcPGOI7Db0VVKoav9UyrxXIH0+RuZkH0BGjFW/CceiS2y3B796raWTZAx8Ck3Cxqi PTgjzMpZ/CIKEFGxox36/SlX4hxlX1/rPh4Cs/Rj/8IiJspHi7vqNZfF96Y8ZcG0JbYY d3WZIX9+6/Om+jIl0pjKrS0DOPIGC55Ji1DTHBBGg1bycEQbBU5uuyz2W/H9Wx+yRmus NjInis52puVHDuR2Aac9iIUKIE2t3tA+HFjyuSSBkgdbMdPBrW7sdxjXXFe0J+d1Vzac gxpoR1tralza4fjRGmvarfURSNHSoq6lHpBSUAHAKY2l3J+vJ/pDMMsZusyiBmvMM3t8 1TIA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=wfHrcWUtyBJw1gyqCm4iA8No6UqJQy8LqS3DFdxjf1o=; b=CjdiL7C9d7eFmo7GSBFmxrI8KubWM2/5C34i0JYPYqX7Skz1K1c0sQZUSRjuNxYQdV zuHIhC4OflVf9QB6dGp8UqhMKIfIQIggQUhVGg8gVreghqtGoCNx+pcSzDldDL6eWmsJ x1WrfIEQi0Fckp0Wc9EQKx0CdHh7no0HGUOwVd/vqUlEnZX7LwbgX9L24aCqKX3wpoRY 4x68YRCime2Et6rn6AtAUs8SYPA6+yMbXM64qcq3DAEzOjmBc6WWtipJIjSYbFwIPT9v gGL4NGxO9cDayOf5H6yqnshsznJgM3t/hmcO+W4GsVupiyNjLOKZFwQu5HGVi0MdqD3f 7EuA== X-Gm-Message-State: AOAM5326umWemZHJRxFfyZKDOyjmm6qXbKiHR38mPt9NISKoB4ZMBZxN fz9UYHo7Vi7o4cllVrSv3Y378Il5Q6U= X-Google-Smtp-Source: ABdhPJyBExKuKdicarMZn03VYv+ivyUWyIEFxxeFnpiLCdo4K9XigddOuHUaf7HqtqJJ3O3LqKiJllMVZpU= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:1ea0:b8ff:fe73:50f5]) (user=seanjc job=sendgmr) by 2002:a25:bb8f:: with SMTP id y15mr7044676ybg.139.1610584682516; Wed, 13 Jan 2021 16:38:02 -0800 (PST) Reply-To: Sean Christopherson Date: Wed, 13 Jan 2021 16:37:05 -0800 In-Reply-To: <20210114003708.3798992-1-seanjc@google.com> Message-Id: <20210114003708.3798992-12-seanjc@google.com> Mime-Version: 1.0 References: <20210114003708.3798992-1-seanjc@google.com> X-Mailer: git-send-email 2.30.0.284.gd98b1dd5eaa7-goog Subject: [PATCH v2 11/14] KVM: SVM: Move SEV VMCB tracking allocation to sev.c From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Borislav Petkov , Tom Lendacky , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Move the allocation of the SEV VMCB array to sev.c to help pave the way toward encapsulating SEV enabling wholly within sev.c. No functional change intended. Signed-off-by: Sean Christopherson Reviewed-by: Brijesh Singh Reviewed-by: Tom Lendacky --- arch/x86/kvm/svm/sev.c | 13 +++++++++++++ arch/x86/kvm/svm/svm.c | 17 ++++++++--------- arch/x86/kvm/svm/svm.h | 1 + 3 files changed, 22 insertions(+), 9 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 1a143340103e..a2c3e2d42a7f 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -1330,6 +1330,19 @@ void sev_hardware_teardown(void) sev_flush_asids(); } +int sev_cpu_init(struct svm_cpu_data *sd) +{ + if (!svm_sev_enabled()) + return 0; + + sd->sev_vmcbs = kmalloc_array(max_sev_asid + 1, sizeof(void *), + GFP_KERNEL | __GFP_ZERO); + if (!sd->sev_vmcbs) + return -ENOMEM; + + return 0; +} + /* * Pages used by hardware to hold guest encrypted state must be flushed before * returning them to the system. diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index bb7b99743bea..89b95fb87a0c 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -552,23 +552,22 @@ static void svm_cpu_uninit(int cpu) static int svm_cpu_init(int cpu) { struct svm_cpu_data *sd; + int ret; sd = kzalloc(sizeof(struct svm_cpu_data), GFP_KERNEL); if (!sd) return -ENOMEM; sd->cpu = cpu; sd->save_area = alloc_page(GFP_KERNEL); - if (!sd->save_area) + if (!sd->save_area) { + ret = -ENOMEM; goto free_cpu_data; + } clear_page(page_address(sd->save_area)); - if (svm_sev_enabled()) { - sd->sev_vmcbs = kmalloc_array(max_sev_asid + 1, - sizeof(void *), - GFP_KERNEL | __GFP_ZERO); - if (!sd->sev_vmcbs) - goto free_save_area; - } + ret = sev_cpu_init(sd); + if (ret) + goto free_save_area; per_cpu(svm_data, cpu) = sd; @@ -578,7 +577,7 @@ static int svm_cpu_init(int cpu) __free_page(sd->save_area); free_cpu_data: kfree(sd); - return -ENOMEM; + return ret; } diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 8e169835f52a..4eb4bab0ca3e 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -583,6 +583,7 @@ int svm_unregister_enc_region(struct kvm *kvm, void pre_sev_run(struct vcpu_svm *svm, int cpu); void __init sev_hardware_setup(void); void sev_hardware_teardown(void); +int sev_cpu_init(struct svm_cpu_data *sd); void sev_free_vcpu(struct kvm_vcpu *vcpu); int sev_handle_vmgexit(struct vcpu_svm *svm); int sev_es_string_io(struct vcpu_svm *svm, int size, unsigned int port, int in); From patchwork Thu Jan 14 00:37:06 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12018139 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 944D8C433E9 for ; Thu, 14 Jan 2021 01:48:12 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 554A82343F for ; Thu, 14 Jan 2021 01:48:12 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727684AbhANBrq (ORCPT ); Wed, 13 Jan 2021 20:47:46 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56242 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729858AbhANAlU (ORCPT ); Wed, 13 Jan 2021 19:41:20 -0500 Received: from mail-qk1-x74a.google.com (mail-qk1-x74a.google.com [IPv6:2607:f8b0:4864:20::74a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1DB75C061385 for ; Wed, 13 Jan 2021 16:38:06 -0800 (PST) Received: by mail-qk1-x74a.google.com with SMTP id x74so3023463qkb.12 for ; Wed, 13 Jan 2021 16:38:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=1PXhge3fECdAHH1859vG2tx3fWnGqtvpPe5jLHhEzH0=; b=m/Ob1h5k8Qcn86h2CKm17uiLwwi+HcZXFYLNsmav/IO+yAOVm4uctiGgBzR3fFQx5K DfwlDq10Nkdk+egN+XlxbksR9Z/EOa1wPysaHHw+4sqE48t+L86B/gmuPVeiEL0d/bdp YUGsJB0JZngM9egxtaZhbzTCu9RQEZ1C5FOgf1i4J+gI5W9Tf2h6w2qOWJEnWLMuUtM4 X4aBhzZNbFhNiM6cpN7Ql9UZno4f78T7+e4bHhtS8TIY6FaqV3sDXuf/oK083JRCEXSk /gPAaVUoEMUek+EPjy05vninvqA/yCkFWJumuxkQBdPyH6Kl4DibF4V+vDkTR2Yg1AI/ i26Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=1PXhge3fECdAHH1859vG2tx3fWnGqtvpPe5jLHhEzH0=; b=QwZ7rFILeJkpx4diEW6BO0+N8Cnels2raCPhzJB8+LIpURBYgWXRlzuDMqbO5v2zDB STZIZAXXP7IxexGvbR08vngWT4I3QSeHmktGxb6diAuP8ql70hATq1X9ClDwouxGg0Vl tZsPfc6aRuI1TpH5y2R49Vjbj8QL9pk0+Mqpp1cX/FdKMmE+TMJxP4VthnuAgwK5D+5j cU0Z8hFlfTzPMlBpgWy9gUukZ2eXf7B6scK9KpGWWX6xfxS0tCYl9LFKUo8e0GCvNz8S Zmze7wohb/owtkVAms3DJNI8rRIh0SM6i1rjgUWihxQHy9yqKEc8cKen2zTs4E0X7eqX 27kw== X-Gm-Message-State: AOAM5326q0Ws7NUBrAKP0X/MCNxac2RUTuDHaNphnAUhRBxn1q7uYdLh riNS2rfR7v3ROkmuo91NWBk8x56RMwM= X-Google-Smtp-Source: ABdhPJyaHN/uRUEixUUzBfLUNzNajPFT6fTPHGFQhOtZ0Wj/MkKbdgGOUNA4ftqsQr5uUW5rcKsLralN/lU= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:1ea0:b8ff:fe73:50f5]) (user=seanjc job=sendgmr) by 2002:a25:1b05:: with SMTP id b5mr7079991ybb.298.1610584685242; Wed, 13 Jan 2021 16:38:05 -0800 (PST) Reply-To: Sean Christopherson Date: Wed, 13 Jan 2021 16:37:06 -0800 In-Reply-To: <20210114003708.3798992-1-seanjc@google.com> Message-Id: <20210114003708.3798992-13-seanjc@google.com> Mime-Version: 1.0 References: <20210114003708.3798992-1-seanjc@google.com> X-Mailer: git-send-email 2.30.0.284.gd98b1dd5eaa7-goog Subject: [PATCH v2 12/14] KVM: SVM: Drop redundant svm_sev_enabled() helper From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Borislav Petkov , Tom Lendacky , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Replace calls to svm_sev_enabled() with direct checks on sev_enabled, or in the case of svm_mem_enc_op, simply drop the call to svm_sev_enabled(). This effectively replaces checks against a valid max_sev_asid with checks against sev_enabled. sev_enabled is forced off by sev_hardware_setup() if max_sev_asid is invalid, all call sites are guaranteed to run after sev_hardware_setup(), and all of the checks care about SEV being fully enabled (as opposed to intentionally handling the scenario where max_sev_asid is valid but SEV enabling fails due to OOM). Signed-off-by: Sean Christopherson Reviewed-by: Brijesh Singh Reviewed-by: Tom Lendacky --- arch/x86/kvm/svm/sev.c | 6 +++--- arch/x86/kvm/svm/svm.h | 5 ----- 2 files changed, 3 insertions(+), 8 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index a2c3e2d42a7f..7e14514dd083 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -1057,7 +1057,7 @@ int svm_mem_enc_op(struct kvm *kvm, void __user *argp) struct kvm_sev_cmd sev_cmd; int r; - if (!svm_sev_enabled() || !sev_enabled) + if (!sev_enabled) return -ENOTTY; if (!argp) @@ -1321,7 +1321,7 @@ void __init sev_hardware_setup(void) void sev_hardware_teardown(void) { - if (!svm_sev_enabled()) + if (!sev_enabled) return; bitmap_free(sev_asid_bitmap); @@ -1332,7 +1332,7 @@ void sev_hardware_teardown(void) int sev_cpu_init(struct svm_cpu_data *sd) { - if (!svm_sev_enabled()) + if (!sev_enabled) return 0; sd->sev_vmcbs = kmalloc_array(max_sev_asid + 1, sizeof(void *), diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 4eb4bab0ca3e..8cb4395b58a0 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -569,11 +569,6 @@ void svm_vcpu_unblocking(struct kvm_vcpu *vcpu); extern unsigned int max_sev_asid; -static inline bool svm_sev_enabled(void) -{ - return IS_ENABLED(CONFIG_KVM_AMD_SEV) ? max_sev_asid : 0; -} - void sev_vm_destroy(struct kvm *kvm); int svm_mem_enc_op(struct kvm *kvm, void __user *argp); int svm_register_enc_region(struct kvm *kvm, From patchwork Thu Jan 14 00:37:07 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12018141 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id BF5C6C4332D for ; Thu, 14 Jan 2021 01:48:12 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 9E84A23442 for ; Thu, 14 Jan 2021 01:48:12 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727660AbhANBrp (ORCPT ); Wed, 13 Jan 2021 20:47:45 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56252 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729898AbhANAlU (ORCPT ); Wed, 13 Jan 2021 19:41:20 -0500 Received: from mail-qv1-xf49.google.com (mail-qv1-xf49.google.com [IPv6:2607:f8b0:4864:20::f49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9BAA1C061387 for ; Wed, 13 Jan 2021 16:38:08 -0800 (PST) Received: by mail-qv1-xf49.google.com with SMTP id u8so2951054qvm.5 for ; Wed, 13 Jan 2021 16:38:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=l/iDpsm25breulTeHkzmVCt4ItjsCNTncC7g6D70D8s=; b=f69wpP78P0lUaUxEJJ++xmXO45xclAjIiQxB6+OkFqqvhlufR3vdrkro3md2YN7wTb EUO8GJGOd6dfLzAuITHr5BpKmjbkOppinE9c21FETRMCtGvcj2k6AOwxEdwP2rLhejqm ch+1LKkLQwtcEkZSulxmBK5u/IZYFexqvMpvH0themolqJGsaGn2ZLrNcb8S8tDSoF9l mgSVT2RmltY6N2cYdXJoZKv6IC1Tx7onks0AADpPFwstuEwsREOqse+cCyuemBCh9A3o ZWwwRfiMWamH3at5aSrfNXyQAmtKxNiUc+M3Is8d99ctxdz7qsQrKdK+ffbwutc9hlf/ B/5g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=l/iDpsm25breulTeHkzmVCt4ItjsCNTncC7g6D70D8s=; b=Db3Lo+7lTDcEl8Vknj6e+OzxRRwCcAyt1KFgUQGDgUwdNkxian99Ug5/zUG3e5PM0K cekS/ojPXc4PThEbTMZDWdYwVQLiwKbzSQlwUoCZE8TVRW+GzWS/+dkTkYdRrg+TJsq3 jY2vLqyaFSa8TDzPgXs7LWhzhR3SvUSIPKwXgPuSL21tf1TTOI5NCH329Lm7A66p0IvF m+9WPeAH+/ZhtpC0zqRsbhsv+Uwu8HJHY2OykOsUNDHv7uL9f4g2+OnF1EyHKCgh9spl Maly9XTttLXw/KMiKnZbMNya3AhCdXMpTLmIRMXUQjyPcuENiKyWWf70bULntuhk1rde gxKQ== X-Gm-Message-State: AOAM531JdKze4eAcGqtfQr+Zs+Ld6/lRbuYmYRw1bGf4LU75Ed5m8LIY ILk46Razxe77qqNc8D+TK882Qfmg3Dk= X-Google-Smtp-Source: ABdhPJy6vZ+RTWIy0mpPr0BIyY9odFFL0OMXXoVWvHABdyjnk1NjPrVKbipaB5MAkXUr02/KEWpntrNbsY4= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:1ea0:b8ff:fe73:50f5]) (user=seanjc job=sendgmr) by 2002:a05:6214:2b2:: with SMTP id m18mr4780555qvv.40.1610584687809; Wed, 13 Jan 2021 16:38:07 -0800 (PST) Reply-To: Sean Christopherson Date: Wed, 13 Jan 2021 16:37:07 -0800 In-Reply-To: <20210114003708.3798992-1-seanjc@google.com> Message-Id: <20210114003708.3798992-14-seanjc@google.com> Mime-Version: 1.0 References: <20210114003708.3798992-1-seanjc@google.com> X-Mailer: git-send-email 2.30.0.284.gd98b1dd5eaa7-goog Subject: [PATCH v2 13/14] KVM: SVM: Remove an unnecessary prototype declaration of sev_flush_asids() From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Borislav Petkov , Tom Lendacky , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Remove the forward declaration of sev_flush_asids(), which is only a few lines above the function itself. No functional change intended. Signed-off-by: Sean Christopherson Reviewed-by: Brijesh Singh Reviewed-by: Tom Lendacky --- arch/x86/kvm/svm/sev.c | 1 - 1 file changed, 1 deletion(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 7e14514dd083..23a4bead4a82 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -41,7 +41,6 @@ module_param_named(sev_es, sev_es_enabled, bool, 0444); #endif /* CONFIG_KVM_AMD_SEV */ static u8 sev_enc_bit; -static int sev_flush_asids(void); static DECLARE_RWSEM(sev_deactivate_lock); static DEFINE_MUTEX(sev_bitmap_lock); unsigned int max_sev_asid; From patchwork Thu Jan 14 00:37:08 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12018147 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3AA4EC433E0 for ; Thu, 14 Jan 2021 01:48:49 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id D788E2343B for ; Thu, 14 Jan 2021 01:48:48 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728366AbhANBsN (ORCPT ); Wed, 13 Jan 2021 20:48:13 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56032 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729698AbhANAlN (ORCPT ); Wed, 13 Jan 2021 19:41:13 -0500 Received: from mail-qt1-x84a.google.com (mail-qt1-x84a.google.com [IPv6:2607:f8b0:4864:20::84a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 450D1C061389 for ; Wed, 13 Jan 2021 16:38:11 -0800 (PST) Received: by mail-qt1-x84a.google.com with SMTP id e14so2973877qtr.8 for ; Wed, 13 Jan 2021 16:38:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=GWAuLMH7Ls1Ey0iR5g9WiKswv9AMybZldn+rr0xf6ac=; b=EA5dGny0b2252/x6CNsCPKBTA7REUvSuQY/vkBnPivTVuhM8e9yuI+i12+7oOOBfFs Odc8VO6oCuwkhgHeMO+Kxl6qhi2hPsfF3AMD/AelinGodE7PUAjSE2Hbn6mYPuzD+w4d LW+nnVBmYuL7Q9TFywnfbudkkng1w4GhDAzXOBhadAtiu9hGgckJrjPvsivW2pFpifvX h6E0oo6T0I6oQ0JDleuIMT5bTm+bToe6ZTjz8pFVJZzaiJJwRGcqDwuTYFwkyCcriWBq RRUBgVnbMg3apSIZ/HOwOt7LW/AeIm7+/suFXahOMBLws5n4KwAcBrIv8PxRySYRViTF k6Bw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=GWAuLMH7Ls1Ey0iR5g9WiKswv9AMybZldn+rr0xf6ac=; b=HABQokuQez8XvMNdQoUIwfZjGNjpsdy6ROCqygbx+hUKOQ2fni19TZxL7gACn/4687 8fMh86hwssMZ7DVPqyKOM0Q6fFjnNJ0LHjMddlAYfVzYA4XGsuOGDCTdexFvSB0Q1ySu fe7lTDV1XUGIg8k9DAY3BNrdGIxZF7Os/2brPqv8AI3OigSCs3hE8KdZj2jh8r5IF9BS yCVKRYbtx66lNvTHgS36PXO2YQH+CJz3SDV7A88+2DgcuhyRD2smx+QduovoonC5m02C O8VeX9jkfEoEIcYnVxnObIR4mKjQpPre+qVPyyrmUZDMIqfVtZSReZXva7djY+ouQmao 6w/A== X-Gm-Message-State: AOAM5306Nbf9MGOCgFMavMz56bSHHcYHA2MW4CcbJgjKXioMTPStkA+5 LUpUnQ1/h7ikbVqqNukYCJouNgKNTdE= X-Google-Smtp-Source: ABdhPJxd26knuMip8++7sqtHgt8IOL56+LllnVUDn9Zy+jMdU8upn1suW+wnmfnhT20jDRW580FRWd3GuJ0= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:1ea0:b8ff:fe73:50f5]) (user=seanjc job=sendgmr) by 2002:a25:cf08:: with SMTP id f8mr7105191ybg.210.1610584690440; Wed, 13 Jan 2021 16:38:10 -0800 (PST) Reply-To: Sean Christopherson Date: Wed, 13 Jan 2021 16:37:08 -0800 In-Reply-To: <20210114003708.3798992-1-seanjc@google.com> Message-Id: <20210114003708.3798992-15-seanjc@google.com> Mime-Version: 1.0 References: <20210114003708.3798992-1-seanjc@google.com> X-Mailer: git-send-email 2.30.0.284.gd98b1dd5eaa7-goog Subject: [PATCH v2 14/14] KVM: SVM: Skip SEV cache flush if no ASIDs have been used From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Borislav Petkov , Tom Lendacky , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Skip SEV's expensive WBINVD and DF_FLUSH if there are no SEV ASIDs waiting to be reclaimed, e.g. if SEV was never used. This "fixes" an issue where the DF_FLUSH fails during hardware teardown if the original SEV_INIT failed. Ideally, SEV wouldn't be marked as enabled in KVM if SEV_INIT fails, but that's a problem for another day. Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/sev.c | 22 ++++++++++------------ 1 file changed, 10 insertions(+), 12 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 23a4bead4a82..e71bc742d8da 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -56,9 +56,14 @@ struct enc_region { unsigned long size; }; -static int sev_flush_asids(void) +static int sev_flush_asids(int min_asid, int max_asid) { - int ret, error = 0; + int ret, pos, error = 0; + + /* Check if there are any ASIDs to reclaim before performing a flush */ + pos = find_next_bit(sev_reclaim_asid_bitmap, max_sev_asid, min_asid); + if (pos >= max_asid) + return -EBUSY; /* * DEACTIVATE will clear the WBINVD indicator causing DF_FLUSH to fail, @@ -80,14 +85,7 @@ static int sev_flush_asids(void) /* Must be called with the sev_bitmap_lock held */ static bool __sev_recycle_asids(int min_asid, int max_asid) { - int pos; - - /* Check if there are any ASIDs to reclaim before performing a flush */ - pos = find_next_bit(sev_reclaim_asid_bitmap, max_sev_asid, min_asid); - if (pos >= max_asid) - return false; - - if (sev_flush_asids()) + if (sev_flush_asids(min_asid, max_asid)) return false; /* The flush process will flush all reclaimable SEV and SEV-ES ASIDs */ @@ -1323,10 +1321,10 @@ void sev_hardware_teardown(void) if (!sev_enabled) return; + sev_flush_asids(0, max_sev_asid); + bitmap_free(sev_asid_bitmap); bitmap_free(sev_reclaim_asid_bitmap); - - sev_flush_asids(); } int sev_cpu_init(struct svm_cpu_data *sd)