From patchwork Sat Mar 6 01:58:52 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12119663 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id A8237C433E6 for ; Sat, 6 Mar 2021 02:00:26 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 841B564E55 for ; Sat, 6 Mar 2021 02:00:26 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229978AbhCFB7k (ORCPT ); Fri, 5 Mar 2021 20:59:40 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41252 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229701AbhCFB7U (ORCPT ); Fri, 5 Mar 2021 20:59:20 -0500 Received: from mail-qv1-xf49.google.com (mail-qv1-xf49.google.com [IPv6:2607:f8b0:4864:20::f49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E221FC06175F for ; Fri, 5 Mar 2021 17:59:19 -0800 (PST) Received: by mail-qv1-xf49.google.com with SMTP id h10so2911645qvf.19 for ; Fri, 05 Mar 2021 17:59:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=y0THIMpkur6+/Bj9ZSP2+9NkkxbkY6p2tIHGIaTzjYc=; b=RR2ofdzqdDJEfpTGPYWFAR7FmrxgkujmTTyYhg52C+RbNDiSQzJ9/Oeb3G9OGauPfz N4kGHVOi3Bqz/6k7gjCL0LaoFw+APfHFKLdiuEnWWjADJb36zLj9VId0gTDMOiL4fXVl 6Ghu7Ij4ubMWSj/FlDEjAICmgKVn19fIxE2cJ+OTIgUPiUDTx9Q10ybvgKxzKVZHTP2p VGTY51Aqv9c57vA3IP0HxZOAFzw7FT/FsjRubwbpyh/Xe5C/nl+K47BncBiyqSIWFfnF 57ByUAWrmTAp+uQ8G24U91WjUK+3aKgKGQGLaFX+atulVwAZXqla6Yb99NZgZj2td2kp Kuqg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=y0THIMpkur6+/Bj9ZSP2+9NkkxbkY6p2tIHGIaTzjYc=; b=P74BfIdApr6mHO51W3VsR/6e41AMVvEFwtNF2a8SV3Lvi3TQqQJ+QHtOjZRPfDxfvm r3+wtKXruOh9dm42Zfk726jMerAgSyfgT3jp8iR5s7U9T1Wzydtb4KaqzVNXs4JPOn7r CpzKdMbfW1Den3sSbI8Pz/Gy2Q09whSyrX5PkrT7dge/iKOQflGmEOuIvLFuHdlExMne ZW0i8X6R3Pg9xnSKawf8iprvvdNEDtkdbeGdIqRKeir7qg+KMmH5ZN+sGqKocxwbVl/G GeK5ecg/tIoiuIiYYUVsBB5meikHH4RBIS51ysNHIP3hgiTVp7xy9oHWkkK4Mecr0jM1 YJCw== X-Gm-Message-State: AOAM531kD7LNeZDkLxO68i2z1vhTIYZALqeSFejcNODP4yZeog6xyWqv SgpTI8VHY8uPdWwCQpAA2gmLmUHjHZU= X-Google-Smtp-Source: ABdhPJy/04xIWQKM5doZWovlhW61e9m2oWCL5ySlbjt0CJz1yHoHULQZJBmHs8UshbQDP6IXBQNDFKyyYJE= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:fc04:f9df:1efb:bf0c]) (user=seanjc job=sendgmr) by 2002:a05:6214:1909:: with SMTP id er9mr11880770qvb.5.1614995959126; Fri, 05 Mar 2021 17:59:19 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 5 Mar 2021 17:58:52 -0800 In-Reply-To: <20210306015905.186698-1-seanjc@google.com> Message-Id: <20210306015905.186698-2-seanjc@google.com> Mime-Version: 1.0 References: <20210306015905.186698-1-seanjc@google.com> X-Mailer: git-send-email 2.30.1.766.gb4fecdf3b7-goog Subject: [PATCH v4 01/14] KVM: SVM: Zero out the VMCB array used to track SEV ASID association From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Borislav Petkov , Tom Lendacky , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Zero out the array of VMCB pointers so that pre_sev_run() won't see garbage when querying the array to detect when an SEV ASID is being associated with a new VMCB. In practice, reading random values is all but guaranteed to be benign as a false negative (which is extremely unlikely on its own) can only happen on CPU0 on the first VMRUN and would only cause KVM to skip the ASID flush. For anything bad to happen, a previous instance of KVM would have to exit without flushing the ASID, _and_ KVM would have to not flush the ASID at any time while building the new SEV guest. Cc: Borislav Petkov Reviewed-by: Tom Lendacky Reviewed-by: Brijesh Singh Fixes: 70cd94e60c73 ("KVM: SVM: VMRUN should use associated ASID when SEV is enabled") Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/svm.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index c636021b066b..01ce8ac77a07 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -568,9 +568,8 @@ static int svm_cpu_init(int cpu) clear_page(page_address(sd->save_area)); if (svm_sev_enabled()) { - sd->sev_vmcbs = kmalloc_array(max_sev_asid + 1, - sizeof(void *), - GFP_KERNEL); + sd->sev_vmcbs = kcalloc(max_sev_asid + 1, sizeof(void *), + GFP_KERNEL); if (!sd->sev_vmcbs) goto free_save_area; } From patchwork Sat Mar 6 01:58:53 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12119661 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id D77D3C43381 for ; Sat, 6 Mar 2021 02:00:26 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id AC98164E4E for ; Sat, 6 Mar 2021 02:00:26 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229992AbhCFB7l (ORCPT ); Fri, 5 Mar 2021 20:59:41 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41266 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229775AbhCFB7W (ORCPT ); Fri, 5 Mar 2021 20:59:22 -0500 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 665D9C06175F for ; Fri, 5 Mar 2021 17:59:22 -0800 (PST) Received: by mail-yb1-xb49.google.com with SMTP id p136so4604531ybc.21 for ; Fri, 05 Mar 2021 17:59:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=GYKlgQQb+tgxYyD6lWu46KFZO1gmh9XQODRE3jBWgGI=; b=PVxOjQAnAOyeuHVNTR7gC9ojxFYfgpZB7UJvC6WtTb9nkQPYxN5hpQICQUmLcpFWot YkGCGT8d6pGB24pFYonzrQ0xQhe25U6Oje4gbSUGVJIM48O3nmvCrJGm6Ngj4L7ovY61 R3eifXN5npvoTjRPqixNwpSC527yQVSaabnAxuJrOyEoFjJgYRXdYxH6alXOEpda39/j CXtswgLdGIZfj5T421PzaJs7nMsjBHpoIoqAEcNIsuPdKmG85+YESGSgFg6AB+OVN09y 4sMQa0hZ1xkRdZmlUmBAcZoDQXXNuXXcKb4myYRVpLslKX7FUWm2W7bNlXt1+f6p36WR edSg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=GYKlgQQb+tgxYyD6lWu46KFZO1gmh9XQODRE3jBWgGI=; b=eo+p0be1WhvV8yush+oJXJxTbEu74wNhdLPg+UU/g7A3/q6BT0UG63seKorFure+u0 237lI1kNQ1mRrCVkTmFlKjiFdxfir0X/gv8HjSpP7GjW0fWuEiGCgaLcIwuUqjsBJFsj M9Fk28qbspQDc3Fqz9R6nrkfFxsjiJiqBdUphFTgaKTCDjGiXPeGkX5etRu321zn57NZ Y27yp2O9QU3y0j9H9APYKIIekecoFbFY5XjAygnI1jF7JTsqck8/Fy8R77V7oIUmzpGG +KtcLgR7VkaxE6xadd1y/W/mxuIjmiKfZ0PiGFMH/UyztRPuilfNpd6beqQ29Lgpo9Go etnA== X-Gm-Message-State: AOAM533Qxche8WAsD19emOfW0Af9r9VtQbvFhuLCMZYDoL4jU6P/jdmt N2W6SF0YJpcdSx2MNQxUB4x0xOkS8w0= X-Google-Smtp-Source: ABdhPJw2mHHXiYmpH6YFA4t+9E7EC5CURGdf/90XCBO4sHBL9KjhQJMsD9SGIbB8ckqFeVS7N4tA6MDEQcY= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:fc04:f9df:1efb:bf0c]) (user=seanjc job=sendgmr) by 2002:a5b:847:: with SMTP id v7mr17865054ybq.354.1614995961684; Fri, 05 Mar 2021 17:59:21 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 5 Mar 2021 17:58:53 -0800 In-Reply-To: <20210306015905.186698-1-seanjc@google.com> Message-Id: <20210306015905.186698-3-seanjc@google.com> Mime-Version: 1.0 References: <20210306015905.186698-1-seanjc@google.com> X-Mailer: git-send-email 2.30.1.766.gb4fecdf3b7-goog Subject: [PATCH v4 02/14] KVM: SVM: Free sev_asid_bitmap during init if SEV setup fails From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Borislav Petkov , Tom Lendacky , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Free sev_asid_bitmap if the reclaim bitmap allocation fails, othwerise KVM will unnecessarily keep the bitmap when SEV is not fully enabled. Freeing the page is also necessary to avoid introducing a bug when a future patch eliminates svm_sev_enabled() in favor of using the global 'sev' flag directly. While sev_hardware_enabled() checks max_sev_asid, which is true even if KVM setup fails, 'sev' will be true if and only if KVM setup fully succeeds. Fixes: 33af3a7ef9e6 ("KVM: SVM: Reduce WBINVD/DF_FLUSH invocations") Cc: Tom Lendacky Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/sev.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 874ea309279f..5533f37ce50e 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -1349,8 +1349,11 @@ void __init sev_hardware_setup(void) goto out; sev_reclaim_asid_bitmap = bitmap_zalloc(max_sev_asid, GFP_KERNEL); - if (!sev_reclaim_asid_bitmap) + if (!sev_reclaim_asid_bitmap) { + bitmap_free(sev_asid_bitmap); + sev_asid_bitmap = NULL; goto out; + } pr_info("SEV supported: %u ASIDs\n", max_sev_asid - min_sev_asid + 1); sev_supported = true; From patchwork Sat Mar 6 01:58:54 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12119667 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id CC190C433E9 for ; Sat, 6 Mar 2021 02:00:26 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 9D2E164E4B for ; Sat, 6 Mar 2021 02:00:26 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230045AbhCFB7m (ORCPT ); Fri, 5 Mar 2021 20:59:42 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41276 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229821AbhCFB7Z (ORCPT ); Fri, 5 Mar 2021 20:59:25 -0500 Received: from mail-qt1-x84a.google.com (mail-qt1-x84a.google.com [IPv6:2607:f8b0:4864:20::84a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D4720C06175F for ; Fri, 5 Mar 2021 17:59:24 -0800 (PST) Received: by mail-qt1-x84a.google.com with SMTP id t5so3273500qti.5 for ; Fri, 05 Mar 2021 17:59:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=dbGf2sFPrKUPGT4uEZ+Wu4j2K44kxAvtE1nu1LazwmA=; b=FcTwOfg/HVrfBNyD7EtGEbhNNeD4nJ7B/nGn6bjTwPe1UreEwxF1Qvne5MI8RmMh+L XrInuTOe992oIWYNj95VOJNuskFeKjn8mT9W+MnYGvPb4IwFDZ8zNAVMEA2AK6sVW3Zx wtpHZB0+26JxLmREzihxKLrPgkLfyhNcJBDeTD4ZXd+AUuy8+C46xmiOCHq9Niw9TqPO OlaG94ugYcpy7eJ5AREom1hnkUfpNcVWIX628ASQp20jfiU3S89WBH1VxwR/s3wLnt9a ZS6vYEheFUjFG8D2s+AoTrHzZFqjEcaA7uUjHYNnkzh9c5ao6PNkUAvdaV7J0sNV2Sj1 G4zg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=dbGf2sFPrKUPGT4uEZ+Wu4j2K44kxAvtE1nu1LazwmA=; b=FfhVFeK9p4OVySHJb1wwXfGq4NO4yVTfskYspFJ43jIBzExeDtkd9IDSV/RMnJc6GF diMReenIhm94oH/XmHw6ueQCK44t0jTE+Ckr4FyZtJakmou9ZamEk89MEGiyepml4KDG 3AQXI8bRjGCS6vRKR5BFP/zZSfbHm0Rqnj1ERe38skDZW+DpYvRZpzlFMFxX/sLHU8bb NEtP6CE4ijqnqb2cKzLi6uvy6vgE9883U4d5Z6qYrhkdfnf4uGv+8xibgBZlAxEQbRlW fvX9AV9cHNSt3NKtPknal/WoL8p5w4Jb3L1wuWKwEPd/1fb/+G3CtKxU8EHdQ8CdHnKp cwVA== X-Gm-Message-State: AOAM533GZmDzZgRKNuQdp1Bg4tq5v7NgTtGX/E9Y+pGAxj4BZE4kNVho oScO9YxTQA9Cry9kMxIGbHVmgNIdDIs= X-Google-Smtp-Source: ABdhPJyp8HGmbS9rp7NhF11FjFbJffbQH5paiwL07hLttoCCGpctkJCJOSo75f5IiPWP4WcqZxi5q5NQbOw= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:fc04:f9df:1efb:bf0c]) (user=seanjc job=sendgmr) by 2002:a05:6214:180d:: with SMTP id o13mr11612431qvw.10.1614995964026; Fri, 05 Mar 2021 17:59:24 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 5 Mar 2021 17:58:54 -0800 In-Reply-To: <20210306015905.186698-1-seanjc@google.com> Message-Id: <20210306015905.186698-4-seanjc@google.com> Mime-Version: 1.0 References: <20210306015905.186698-1-seanjc@google.com> X-Mailer: git-send-email 2.30.1.766.gb4fecdf3b7-goog Subject: [PATCH v4 03/14] KVM: SVM: Move SEV module params/variables to sev.c From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Borislav Petkov , Tom Lendacky , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Unconditionally invoke sev_hardware_setup() when configuring SVM and handle clearing the module params/variable 'sev' and 'sev_es' in sev_hardware_setup(). This allows making said variables static within sev.c and reduces the odds of a collision with guest code, e.g. the guest side of things has already laid claim to 'sev_enabled'. Reviewed-by: Tom Lendacky Reviewed-by: Brijesh Singh Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/sev.c | 11 +++++++++++ arch/x86/kvm/svm/svm.c | 15 +-------------- arch/x86/kvm/svm/svm.h | 2 -- 3 files changed, 12 insertions(+), 16 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 5533f37ce50e..871e040aad16 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -28,6 +28,14 @@ #define __ex(x) __kvm_handle_fault_on_reboot(x) +/* enable/disable SEV support */ +static int sev = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); +module_param(sev, int, 0444); + +/* enable/disable SEV-ES support */ +static int sev_es = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); +module_param(sev_es, int, 0444); + static u8 sev_enc_bit; static int sev_flush_asids(void); static DECLARE_RWSEM(sev_deactivate_lock); @@ -1324,6 +1332,9 @@ void __init sev_hardware_setup(void) bool sev_es_supported = false; bool sev_supported = false; + if (!IS_ENABLED(CONFIG_KVM_AMD_SEV) || !sev) + goto out; + /* Does the CPU support SEV? */ if (!boot_cpu_has(X86_FEATURE_SEV)) goto out; diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 01ce8ac77a07..6dd8bcf3e8fa 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -190,14 +190,6 @@ module_param(vls, int, 0444); static int vgif = true; module_param(vgif, int, 0444); -/* enable/disable SEV support */ -int sev = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); -module_param(sev, int, 0444); - -/* enable/disable SEV-ES support */ -int sev_es = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); -module_param(sev_es, int, 0444); - bool __read_mostly dump_invalid_vmcb; module_param(dump_invalid_vmcb, bool, 0644); @@ -972,12 +964,7 @@ static __init int svm_hardware_setup(void) kvm_enable_efer_bits(EFER_SVME | EFER_LMSLE); } - if (IS_ENABLED(CONFIG_KVM_AMD_SEV) && sev) { - sev_hardware_setup(); - } else { - sev = false; - sev_es = false; - } + sev_hardware_setup(); svm_adjust_mmio_mask(); diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 39e071fdab0c..aec70f6cd243 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -387,8 +387,6 @@ static inline bool gif_set(struct vcpu_svm *svm) /* svm.c */ #define MSR_INVALID 0xffffffffU -extern int sev; -extern int sev_es; extern bool dump_invalid_vmcb; u32 svm_msrpm_offset(u32 msr); From patchwork Sat Mar 6 01:58:55 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12119665 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id EF2C7C4332B for ; Sat, 6 Mar 2021 02:00:26 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id D8A3464E4B for ; Sat, 6 Mar 2021 02:00:26 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230058AbhCFB7m (ORCPT ); Fri, 5 Mar 2021 20:59:42 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41286 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229854AbhCFB71 (ORCPT ); Fri, 5 Mar 2021 20:59:27 -0500 Received: from mail-qt1-x849.google.com (mail-qt1-x849.google.com [IPv6:2607:f8b0:4864:20::849]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 03B79C06175F for ; Fri, 5 Mar 2021 17:59:27 -0800 (PST) Received: by mail-qt1-x849.google.com with SMTP id o7so3263038qtw.7 for ; Fri, 05 Mar 2021 17:59:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=aLMlOWEZttp+WzQHkudkX6mdG2AM7wgPUhrApJPjk7c=; b=MQNx28BQ0KGA9ZFHN5O9mEIrlXkZw6u5GB8aVkvdAfBoezRb7G00sOAzUvFfnl0AGU 3U0xryA9xi+u1COvzxPRLHq+aQ3XroNyAwa3ZkfZI2pJ5iGTbO0o6VvqWJGqQjqtnj/h RgJzvIkY99FUGW18LxpV6RInOW+XLYWcwRgKShk6A3DuJfhNIAImA78K4z8xVChILnHS l8R99CmR/yejjFyn1WyIqg4L/EyEUBqaDnmjNEvz5AY615N1iRz9qwVt8WYULKKmIW4g En30wfpx1aM+ZzIEdQ7bHfbXpgpawSf1x+nCEjh5p4MllbJVfZeRLkdg5EeUkJRaOxA8 F3ig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=aLMlOWEZttp+WzQHkudkX6mdG2AM7wgPUhrApJPjk7c=; b=F0rglUG8ReAUamn6LIoZq+wTNP2hrXNyTeyKGTm1lmWg8qn77B2g34fFgI2o0MlAXR 8+k8tMmz9M5I8tuyRvmSPqzeoeB2kVmbYnUY9Fe3+lLmtSgrswGwVfeOExSaveV7kI2r 2VPnaJl8wbY3Tl7biCEIjcDyXsBk3XFmUHAjxICr8naRyXrlNYhGK7rZ7KqZ0cJthU98 8vLd91UPunsHAw8dOrtBh5h6TyNGoEDzmn2oa6RwFSM/kmSXWBncHSyHQfvVH/edacJf We7q26zZMXh6s6wMrm3vEzTSnVkXC1ajfHKRzBwae4JqZwKa3qBtQzb4oniDFLCIggP7 Vgsw== X-Gm-Message-State: AOAM530vAQqrozRIGS3SI/HthyR9QS/wG/r5PfimzcldpZcmEC8WvuDy XBPpZtUTrMKJjiSwDFQATOZeazgq1SA= X-Google-Smtp-Source: ABdhPJwcpw78iVfnFmNDXyD/mD0kLqfEQl4B4rcpnMaO6YIKKkhIT+/hDSqgKvEINd/iCAZrgdEV6P+jAsM= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:fc04:f9df:1efb:bf0c]) (user=seanjc job=sendgmr) by 2002:a0c:c248:: with SMTP id w8mr11883236qvh.58.1614995966156; Fri, 05 Mar 2021 17:59:26 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 5 Mar 2021 17:58:55 -0800 In-Reply-To: <20210306015905.186698-1-seanjc@google.com> Message-Id: <20210306015905.186698-5-seanjc@google.com> Mime-Version: 1.0 References: <20210306015905.186698-1-seanjc@google.com> X-Mailer: git-send-email 2.30.1.766.gb4fecdf3b7-goog Subject: [PATCH v4 04/14] KVM: x86: Do not advertise SME, VM_PAGE_FLUSH, or unknown features From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Borislav Petkov , Tom Lendacky , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Add a reverse-CPUID entry for the memory encryption word, 0x8000001F.EAX, and use it to override the supported CPUID flags reported to userspace. Masking the reported CPUID flags avoids over-reporting KVM support, e.g. without the mask a SEV-SNP capable CPU may incorrectly advertise SNP support to userspace. Explicitly omit SME and VM_PAGE_FLUSH, which are used by KVM, but not exposed to the guest, e.g. guest access to related MSRs will fault. Continue advertising SEV and SEV-ES, which guests of the associated type may expect to see present, as well as SME_COHERENT, which lets the guest know it can skip CLFLUSH operations. Cc: Tom Lendacky Cc: Brijesh Singh Signed-off-by: Sean Christopherson --- arch/x86/kvm/cpuid.c | 6 ++++++ arch/x86/kvm/cpuid.h | 1 + 2 files changed, 7 insertions(+) diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index 6bd2f8b830e4..45745c6c2161 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c @@ -514,6 +514,10 @@ void kvm_set_cpu_caps(void) */ kvm_cpu_cap_mask(CPUID_8000_000A_EDX, 0); + kvm_cpu_cap_mask(CPUID_8000_001F_EAX, + 0 /* SME */ | F(SEV) | 0 /* VM_PAGE_FLUSH */ | F(SEV_ES) | + F(SME_COHERENT)); + kvm_cpu_cap_mask(CPUID_C000_0001_EDX, F(XSTORE) | F(XSTORE_EN) | F(XCRYPT) | F(XCRYPT_EN) | F(ACE2) | F(ACE2_EN) | F(PHE) | F(PHE_EN) | @@ -871,6 +875,8 @@ static inline int __do_cpuid_func(struct kvm_cpuid_array *array, u32 function) case 0x8000001F: if (!boot_cpu_has(X86_FEATURE_SEV)) entry->eax = entry->ebx = entry->ecx = entry->edx = 0; + else + cpuid_entry_override(entry, CPUID_8000_001F_EAX); break; /*Add support for Centaur's CPUID instruction*/ case 0xC0000000: diff --git a/arch/x86/kvm/cpuid.h b/arch/x86/kvm/cpuid.h index 2a0c5064497f..b3042ac6b5dc 100644 --- a/arch/x86/kvm/cpuid.h +++ b/arch/x86/kvm/cpuid.h @@ -80,6 +80,7 @@ static const struct cpuid_reg reverse_cpuid[] = { [CPUID_8000_0007_EBX] = {0x80000007, 0, CPUID_EBX}, [CPUID_7_EDX] = { 7, 0, CPUID_EDX}, [CPUID_7_1_EAX] = { 7, 1, CPUID_EAX}, + [CPUID_8000_001F_EAX] = {0x8000001f, 1, CPUID_EAX}, }; /* From patchwork Sat Mar 6 01:58:56 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12119669 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 27B64C43332 for ; Sat, 6 Mar 2021 02:00:27 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 1168C64E4B for ; Sat, 6 Mar 2021 02:00:27 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230083AbhCFB7n (ORCPT ); Fri, 5 Mar 2021 20:59:43 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41306 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229904AbhCFB73 (ORCPT ); Fri, 5 Mar 2021 20:59:29 -0500 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6397BC061760 for ; Fri, 5 Mar 2021 17:59:29 -0800 (PST) Received: by mail-yb1-xb4a.google.com with SMTP id n10so4552207ybb.12 for ; Fri, 05 Mar 2021 17:59:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=erTc+Y0pENbjog4sK1UscwxpK+OyCX6EbKLiihdV5ms=; b=bdKAXPakwfpRG5gErpaS9lhAcAk5LKm7JnBzB0LPddluuRIapvesrGhOTlvx4I7Rcz dBwGlJQ4DGpRFJdOMm9CPdIyyfpmUOfU4H4AhhJx3eJdM7c0YU/EB0FXAHmKYM3hNeWd HQ4oRuP8D/eQrW2nDfZFDhTUhrN33GBCXxIdqDxIjhweyL8CsdNzQk0VczBrjC3JOtQd 1TncCLqdl5zwQXdJHh4fAAZESKeDoHt1w0kwQa4wVHCP8Q34LbjhaYq4kCAyjJoUOnZT L4mBWs5KLkuqWx6zjtQ6iUI2sFjKi4Ih5cT9elze+aRX6ImV2JpWnN4zjW8BG14a3yPc RJKA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=erTc+Y0pENbjog4sK1UscwxpK+OyCX6EbKLiihdV5ms=; b=WPgwGBuQOpbHwvhYM4c8oGH/VelMi/SymwQHmFU3iifl+kcb9DqNwWZ3L1aop/cmH/ n5ZHoNRdFdD1DThnvB8zH5MLWagps5eFGxn+3bipeyD9/n58a0Luh3gT75XWTZAZgDYz y5HGxrCvcoLBBtFQNmuYoRglboP0k7TEYdEck/4OUIq8MVk8eqtobbXMk9HVzLldFeG9 pfhaME8/He2qmmM1Z4s14bFWFVwPn9RAxiCBe/ExT+gK3MQlOPiPZQVLoi+oMy1UP6sI 00CGYg1r2Vb5Rc8PuDghWvDadxzc9iI7QYK4xFrdTgPvDkRUK4DbO2335dYuI4h9okLH g1vw== X-Gm-Message-State: AOAM531/ZAzmkIoVhI/noiCMJf8zqHPgwZ/nm/xLzt2gfRDB0Vp/bQqB UAPe3UbfivV89xV6dmJfLYya4c04His= X-Google-Smtp-Source: ABdhPJwcz3i6hvaLxWLUUYBOmhghhlsk2nbIlO81RY5plRGPB9FBvR77ZFDqPThk50G08KXZ3lV6FYwpnKk= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:fc04:f9df:1efb:bf0c]) (user=seanjc job=sendgmr) by 2002:a25:cc43:: with SMTP id l64mr18609790ybf.283.1614995968623; Fri, 05 Mar 2021 17:59:28 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 5 Mar 2021 17:58:56 -0800 In-Reply-To: <20210306015905.186698-1-seanjc@google.com> Message-Id: <20210306015905.186698-6-seanjc@google.com> Mime-Version: 1.0 References: <20210306015905.186698-1-seanjc@google.com> X-Mailer: git-send-email 2.30.1.766.gb4fecdf3b7-goog Subject: [PATCH v4 05/14] x86/sev: Drop redundant and potentially misleading 'sev_enabled' From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Borislav Petkov , Tom Lendacky , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Drop the sev_enabled flag and switch its one user over to sev_active(). sev_enabled was made redundant with the introduction of sev_status in commit b57de6cd1639 ("x86/sev-es: Add SEV-ES Feature Detection"). sev_enabled and sev_active() are guaranteed to be equivalent, as each is true iff 'sev_status & MSR_AMD64_SEV_ENABLED' is true, and are only ever written in tandem (ignoring compressed boot's version of sev_status). Removing sev_enabled avoids confusion over whether it refers to the guest or the host, and will also allow KVM to usurp "sev_enabled" for its own purposes. No functional change intended. Reviewed-by: Tom Lendacky Reviewed-by: Brijesh Singh Signed-off-by: Sean Christopherson --- arch/x86/include/asm/mem_encrypt.h | 1 - arch/x86/mm/mem_encrypt.c | 12 +++++------- arch/x86/mm/mem_encrypt_identity.c | 1 - 3 files changed, 5 insertions(+), 9 deletions(-) diff --git a/arch/x86/include/asm/mem_encrypt.h b/arch/x86/include/asm/mem_encrypt.h index 31c4df123aa0..9c80c68d75b5 100644 --- a/arch/x86/include/asm/mem_encrypt.h +++ b/arch/x86/include/asm/mem_encrypt.h @@ -20,7 +20,6 @@ extern u64 sme_me_mask; extern u64 sev_status; -extern bool sev_enabled; void sme_encrypt_execute(unsigned long encrypted_kernel_vaddr, unsigned long decrypted_kernel_vaddr, diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c index 4b01f7dbaf30..be384d8d0543 100644 --- a/arch/x86/mm/mem_encrypt.c +++ b/arch/x86/mm/mem_encrypt.c @@ -44,8 +44,6 @@ EXPORT_SYMBOL(sme_me_mask); DEFINE_STATIC_KEY_FALSE(sev_enable_key); EXPORT_SYMBOL_GPL(sev_enable_key); -bool sev_enabled __section(".data"); - /* Buffer used for early in-place encryption by BSP, no locking needed */ static char sme_early_buffer[PAGE_SIZE] __initdata __aligned(PAGE_SIZE); @@ -373,15 +371,15 @@ int __init early_set_memory_encrypted(unsigned long vaddr, unsigned long size) * up under SME the trampoline area cannot be encrypted, whereas under SEV * the trampoline area must be encrypted. */ -bool sme_active(void) -{ - return sme_me_mask && !sev_enabled; -} - bool sev_active(void) { return sev_status & MSR_AMD64_SEV_ENABLED; } + +bool sme_active(void) +{ + return sme_me_mask && !sev_active(); +} EXPORT_SYMBOL_GPL(sev_active); /* Needs to be called from non-instrumentable code */ diff --git a/arch/x86/mm/mem_encrypt_identity.c b/arch/x86/mm/mem_encrypt_identity.c index 6c5eb6f3f14f..0c2759b7f03a 100644 --- a/arch/x86/mm/mem_encrypt_identity.c +++ b/arch/x86/mm/mem_encrypt_identity.c @@ -545,7 +545,6 @@ void __init sme_enable(struct boot_params *bp) /* SEV state cannot be controlled by a command line option */ sme_me_mask = me_mask; - sev_enabled = true; physical_mask &= ~sme_me_mask; return; } From patchwork Sat Mar 6 01:58:57 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12119675 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id A2E6FC4321A for ; Sat, 6 Mar 2021 02:00:27 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 7DC3964E4E for ; Sat, 6 Mar 2021 02:00:27 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230107AbhCFB7o (ORCPT ); Fri, 5 Mar 2021 20:59:44 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41314 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229911AbhCFB7c (ORCPT ); Fri, 5 Mar 2021 20:59:32 -0500 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D8D06C06175F for ; Fri, 5 Mar 2021 17:59:31 -0800 (PST) Received: by mail-yb1-xb4a.google.com with SMTP id a186so4628380ybg.1 for ; Fri, 05 Mar 2021 17:59:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=5mX8Ozru9POHGSen+cT/TMfD88mH/rez7QuWZU4Qh+A=; b=ran5tY9Iu/tRFDanHhMFfXF0KwkxL7C0Vj8tETV9xqQbnI0sYGE7qhRy6kfiXE6MwR cg/Ude4WTT0EH2pZAHkmhLD4EFjdiIjXw2MH4fdCDXTLdBAZRk7iuV/r0fTe1+8SvC0y aZJnVnKOqjPQOIlqZXGOx/eaG4sQioEBwAq6oB9eCPtqQs+Wp90v6aU67p04DZ7qvhGe YyGvoGLLCt2vCItPDxzIHFbqZBuUE8pTflDjLQTkvUGoKYFCXtBz1hh1x7cvfahKmtRS lMfylUAnl2Fs6OijF57hV3uDPTiNcqffkztZ59aDGX08Hwz3dcVXJdxAeNQxgBUr+Cv6 V0VQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=5mX8Ozru9POHGSen+cT/TMfD88mH/rez7QuWZU4Qh+A=; b=juZg5ZqxyOs9T8kTwIh7x/3TC3uHAHw4yUYitslRQDqtRAbotl/zt3VqseMxEo3qS+ 9wZ8cCvaIngfNEnixR7o6mp1Y5BD8LAyyw2NghHdjhKrnRa01t7jVZ2gVs4kavL+d0x0 sTEub5XFDSF8EOpgCJa9l3RFBIcsNOGPMiDIFe//FKqSH5DtYuBd0mG2QYJHD4lPlKbi k0+sovkQAyrsUKG/k4yUDFpZFH45nRX4fpEsj76RwnK4bu3CKG8beD8PBTZ8zbHxVCVj ti5Bpb9nooE4Qm2KzOHJsowmRC/gn7I3GN0r0pjYDcjj+TRw0rMPOcAZWxJU4M45Y0qU LC1g== X-Gm-Message-State: AOAM532ujtJPePje11q1tl4VTt9AKhbfdDYbjbBxl5cOv9um5Ttci+9J Zr6kmaWcNxSgTFRsRAThgcQvd/nF1t0= X-Google-Smtp-Source: ABdhPJzvKublaBMwQf60DWO0PJ3pBuMeCoEpWFfotrgt7gXz49gC+ec88jdZeWgeBc/2biO7FRMH5/QbiZ0= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:fc04:f9df:1efb:bf0c]) (user=seanjc job=sendgmr) by 2002:a25:b09e:: with SMTP id f30mr18578139ybj.199.1614995971140; Fri, 05 Mar 2021 17:59:31 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 5 Mar 2021 17:58:57 -0800 In-Reply-To: <20210306015905.186698-1-seanjc@google.com> Message-Id: <20210306015905.186698-7-seanjc@google.com> Mime-Version: 1.0 References: <20210306015905.186698-1-seanjc@google.com> X-Mailer: git-send-email 2.30.1.766.gb4fecdf3b7-goog Subject: [PATCH v4 06/14] KVM: SVM: Append "_enabled" to module-scoped SEV/SEV-ES control variables From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Borislav Petkov , Tom Lendacky , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Rename sev and sev_es to sev_enabled and sev_es_enabled respectively to better align with other KVM terminology, and to avoid pseudo-shadowing when the variables are moved to sev.c in a future patch ('sev' is often used for local struct kvm_sev_info pointers). No functional change intended. Acked-by: Tom Lendacky Reviewed-by: Brijesh Singh Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/sev.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 871e040aad16..d6f069271e75 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -29,12 +29,12 @@ #define __ex(x) __kvm_handle_fault_on_reboot(x) /* enable/disable SEV support */ -static int sev = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); -module_param(sev, int, 0444); +static bool sev_enabled = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); +module_param_named(sev, sev_enabled, bool, 0444); /* enable/disable SEV-ES support */ -static int sev_es = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); -module_param(sev_es, int, 0444); +static bool sev_es_enabled = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); +module_param_named(sev_es, sev_es_enabled, bool, 0444); static u8 sev_enc_bit; static int sev_flush_asids(void); @@ -214,7 +214,7 @@ static int sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp) static int sev_es_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp) { - if (!sev_es) + if (!sev_es_enabled) return -ENOTTY; to_kvm_svm(kvm)->sev_info.es_active = true; @@ -1123,7 +1123,7 @@ int svm_mem_enc_op(struct kvm *kvm, void __user *argp) struct kvm_sev_cmd sev_cmd; int r; - if (!svm_sev_enabled() || !sev) + if (!svm_sev_enabled() || !sev_enabled) return -ENOTTY; if (!argp) @@ -1332,7 +1332,7 @@ void __init sev_hardware_setup(void) bool sev_es_supported = false; bool sev_supported = false; - if (!IS_ENABLED(CONFIG_KVM_AMD_SEV) || !sev) + if (!IS_ENABLED(CONFIG_KVM_AMD_SEV) || !sev_enabled) goto out; /* Does the CPU support SEV? */ @@ -1370,7 +1370,7 @@ void __init sev_hardware_setup(void) sev_supported = true; /* SEV-ES support requested? */ - if (!sev_es) + if (!sev_es_enabled) goto out; /* Does the CPU support SEV-ES? */ @@ -1385,8 +1385,8 @@ void __init sev_hardware_setup(void) sev_es_supported = true; out: - sev = sev_supported; - sev_es = sev_es_supported; + sev_enabled = sev_supported; + sev_es_enabled = sev_es_supported; } void sev_hardware_teardown(void) From patchwork Sat Mar 6 01:58:58 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12119673 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id BCEE3C43619 for ; Sat, 6 Mar 2021 02:00:27 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 9CA6D64E55 for ; Sat, 6 Mar 2021 02:00:27 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230124AbhCFB7p (ORCPT ); Fri, 5 Mar 2021 20:59:45 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41328 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229919AbhCFB7e (ORCPT ); Fri, 5 Mar 2021 20:59:34 -0500 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 42738C061760 for ; Fri, 5 Mar 2021 17:59:34 -0800 (PST) Received: by mail-yb1-xb49.google.com with SMTP id l3so4591438ybf.17 for ; Fri, 05 Mar 2021 17:59:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=vmcGmk+Vm9vhHjgz85v0IA+Ji7MKdjD0nsFKV7vXjsg=; b=B31csmYffTVH6zKEJ0h+k9QadOEhWoraBL922nym5drFDOMkkEKGwB0VOgTkCBOpPe OLLSHgWVUiAJCTJgnFYChZo/PMqCq02Gs0yyfg/16i1LMMkkFXNKUFydYrTUrTbYeww5 6lwDZts9BPaWno/IfLe1tT3HIOmT4fcCXrrIpi39eue33UIe5vP9tw9sMO4nT1jiGcWp 3qoIMCkVWq0pxh2EdvWuEdt8PmFwDltsbGnkHnFjL2N14UiC+f+3iFgDvo8Mm6C3B6Yt /AY/McFEDXTPOJ9v/fsKD2DHlYwXdkdLTTruOsUyTXx+WZf5c2jRNAgKTORmOTMDTQgM LUVQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=vmcGmk+Vm9vhHjgz85v0IA+Ji7MKdjD0nsFKV7vXjsg=; b=HPQIPPzLBy604+4sySbHnVfEgMDduPrwbGGeANvo8NnTC+jCyA9wUvjHptH546UMwm zwvYzQo6jqyfzyVWyKKaEV6DI4Sje8V85cxINhsH+mu1Lys13BRxfAIrNGsZspCP9O7B KiMbEvoypjZEfoNaayayFiSmKXsArLO5BL1bxOP61yK/h7LVXSI6nkJS7f/pOqgwHKSt blI84uiDDgMs1s8fcmkbV/ilL0M7A2PDsY4OHE19Ax4+iECkSSnLJrYedplSdeGy91Id KiEUwwio2ToH26ycbQJrIS43VaI1mvMhI5zqfJwttW3120N3baTG9QQwwa/BfkqvH09r 9AdA== X-Gm-Message-State: AOAM530oJ7PaGLLVX0751sfdXrrF0oi3x1rdpCtJuX5mzOnm2LiwWKDH cWlh3/1dsDi5ETTSLI2vUql41EWBf1c= X-Google-Smtp-Source: ABdhPJzviW7S6I0sWZAIN6tg2h63qb+o9JsWpM1EDtp4sQMgwTNzoxJzBPTJzJbK2HvjeII3f/9u6oMZq2Q= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:fc04:f9df:1efb:bf0c]) (user=seanjc job=sendgmr) by 2002:a25:3250:: with SMTP id y77mr17549656yby.154.1614995973476; Fri, 05 Mar 2021 17:59:33 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 5 Mar 2021 17:58:58 -0800 In-Reply-To: <20210306015905.186698-1-seanjc@google.com> Message-Id: <20210306015905.186698-8-seanjc@google.com> Mime-Version: 1.0 References: <20210306015905.186698-1-seanjc@google.com> X-Mailer: git-send-email 2.30.1.766.gb4fecdf3b7-goog Subject: [PATCH v4 07/14] KVM: SVM: Condition sev_enabled and sev_es_enabled on CONFIG_KVM_AMD_SEV=y From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Borislav Petkov , Tom Lendacky , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Define sev_enabled and sev_es_enabled as 'false' and explicitly #ifdef out all of sev_hardware_setup() if CONFIG_KVM_AMD_SEV=n. This kills three birds at once: - Makes sev_enabled and sev_es_enabled off by default if CONFIG_KVM_AMD_SEV=n. Previously, they could be on by default if CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT=y, regardless of KVM SEV support. - Hides the sev and sev_es modules params when CONFIG_KVM_AMD_SEV=n. - Resolves a false positive -Wnonnull in __sev_recycle_asids() that is currently masked by the equivalent IS_ENABLED(CONFIG_KVM_AMD_SEV) check in svm_sev_enabled(), which will be dropped in a future patch. Reviewed by: Tom Lendacky Reviewed-by: Brijesh Singh Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/sev.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index d6f069271e75..4b46bcd0efc5 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -28,6 +28,7 @@ #define __ex(x) __kvm_handle_fault_on_reboot(x) +#ifdef CONFIG_KVM_AMD_SEV /* enable/disable SEV support */ static bool sev_enabled = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); module_param_named(sev, sev_enabled, bool, 0444); @@ -35,6 +36,10 @@ module_param_named(sev, sev_enabled, bool, 0444); /* enable/disable SEV-ES support */ static bool sev_es_enabled = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); module_param_named(sev_es, sev_es_enabled, bool, 0444); +#else +#define sev_enabled false +#define sev_es_enabled false +#endif /* CONFIG_KVM_AMD_SEV */ static u8 sev_enc_bit; static int sev_flush_asids(void); @@ -1328,11 +1333,12 @@ void sev_vm_destroy(struct kvm *kvm) void __init sev_hardware_setup(void) { +#ifdef CONFIG_KVM_AMD_SEV unsigned int eax, ebx, ecx, edx; bool sev_es_supported = false; bool sev_supported = false; - if (!IS_ENABLED(CONFIG_KVM_AMD_SEV) || !sev_enabled) + if (!sev_enabled) goto out; /* Does the CPU support SEV? */ @@ -1387,6 +1393,7 @@ void __init sev_hardware_setup(void) out: sev_enabled = sev_supported; sev_es_enabled = sev_es_supported; +#endif } void sev_hardware_teardown(void) From patchwork Sat Mar 6 01:58:59 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12119677 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 77BBEC43603 for ; Sat, 6 Mar 2021 02:00:27 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 643F064E4B for ; Sat, 6 Mar 2021 02:00:27 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230134AbhCFB7p (ORCPT ); Fri, 5 Mar 2021 20:59:45 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41340 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229935AbhCFB7g (ORCPT ); Fri, 5 Mar 2021 20:59:36 -0500 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B213CC061760 for ; Fri, 5 Mar 2021 17:59:36 -0800 (PST) Received: by mail-yb1-xb4a.google.com with SMTP id n10so4552440ybb.12 for ; Fri, 05 Mar 2021 17:59:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=NWzT6+P7p4/sUIe9XHdasSuODaqOkSi2l3PNjG1rnfk=; b=kPfIiRtGt8cq6ra8u9ESs8+07GY2Q0m4XuKHrUAiwKH0P1X5UfvWdK7s4PdAcd7p8R WootahZCD7fSlJk7H6aqz/i9LtrS2CldioGtkKOmw47k43rG4rqFJrdctVpqJHP2AwkV eh4atL6Kvt9GRZ2AwvWpxX+2yZeSwBPPIicEJYhuZS5yOYsTlFXuqYXT5SmNppm4YnkK WEAVh4zM0iCc007Hw/gP8hTB7BVC7hngufYCXjJrM9FYIScdktBZmrX1se0w6zC6DblX rGmkRxMsUCmI2pv3JG2FiIIM9RUa325AqaXPFP6WIKa09cuJY4Ui82iWV6qun1gEvx5+ LT/A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=NWzT6+P7p4/sUIe9XHdasSuODaqOkSi2l3PNjG1rnfk=; b=ufSjT2r79wdeHFhOx6ibaMpRB9EHSNNmeGKAWDsCTqmaqOmVLH0Bz5QWaFmsQBAXEA 1ztacKPyIH7f+YzroDV5rE7NhGkEQS4ztkJFHOPBPdboYYFEbLV/bNv2Z+Y1bvv35KrY +U74/P4I8HWclHX350tHlR5IrFioaf7mbOn685R0pJ5b40M2n5AA/OlrH58VmTOfBpiQ yH0JJ2nNBUa7qdDF1FPP8szLyDXNCtZ/uoMGQ0u5B8alh2oaRfnBEOMMjQHdT8sFs91e lOTpHdbEVXDK7FLcgXXN0CT2qpaALxwvTMmkx2HX/oFJ4cL13ceCuQjU6p+HT0hXyRbf MlPg== X-Gm-Message-State: AOAM532hj8zvcwAoqu5NG5IVfc7BzJ2JHnoANu7S5eH1XPvvHYpCUMWS Eq2qyw5KldKyvN2+PEbh3oNTJ1Cqr5U= X-Google-Smtp-Source: ABdhPJwg6bBMBbtpuAbub7YVqqScV8UR0er/X4Sae/H9A0cZkKDujKTJ+wKTYmXwMB4x2TBl0GMf2HA9HrQ= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:fc04:f9df:1efb:bf0c]) (user=seanjc job=sendgmr) by 2002:a25:40d8:: with SMTP id n207mr17698269yba.3.1614995975964; Fri, 05 Mar 2021 17:59:35 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 5 Mar 2021 17:58:59 -0800 In-Reply-To: <20210306015905.186698-1-seanjc@google.com> Message-Id: <20210306015905.186698-9-seanjc@google.com> Mime-Version: 1.0 References: <20210306015905.186698-1-seanjc@google.com> X-Mailer: git-send-email 2.30.1.766.gb4fecdf3b7-goog Subject: [PATCH v4 08/14] KVM: SVM: Enable SEV/SEV-ES functionality by default (when supported) From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Borislav Petkov , Tom Lendacky , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Enable the 'sev' and 'sev_es' module params by default instead of having them conditioned on CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT. The extra Kconfig is pointless as KVM SEV/SEV-ES support is already controlled via CONFIG_KVM_AMD_SEV, and CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT has the unfortunate side effect of enabling all the SEV-ES _guest_ code due to it being dependent on CONFIG_AMD_MEM_ENCRYPT=y. Cc: Borislav Petkov Cc: Tom Lendacky Cc: Brijesh Singh Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/sev.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 4b46bcd0efc5..bed8fee6c549 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -30,11 +30,11 @@ #ifdef CONFIG_KVM_AMD_SEV /* enable/disable SEV support */ -static bool sev_enabled = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); +static bool sev_enabled = true; module_param_named(sev, sev_enabled, bool, 0444); /* enable/disable SEV-ES support */ -static bool sev_es_enabled = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); +static bool sev_es_enabled = true; module_param_named(sev_es, sev_es_enabled, bool, 0444); #else #define sev_enabled false From patchwork Sat Mar 6 01:59:00 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12119671 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 51134C43333 for ; Sat, 6 Mar 2021 02:00:27 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 3735B64E4B for ; Sat, 6 Mar 2021 02:00:27 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230144AbhCFB7q (ORCPT ); Fri, 5 Mar 2021 20:59:46 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41348 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229940AbhCFB7j (ORCPT ); Fri, 5 Mar 2021 20:59:39 -0500 Received: from mail-qk1-x74a.google.com (mail-qk1-x74a.google.com [IPv6:2607:f8b0:4864:20::74a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2A902C06175F for ; Fri, 5 Mar 2021 17:59:39 -0800 (PST) Received: by mail-qk1-x74a.google.com with SMTP id u5so3333078qkj.10 for ; Fri, 05 Mar 2021 17:59:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=OHqfOWYkCtBzN8FXFwQA9R+6Q0DqqewYBBW3KPBwe5g=; b=psTJv1f4CywsTAdd1fIlRBcihS8Cb6AY4HTXVMmkFkPC+dkc95AzdwBIZl/XDlzbRL 77kp0KaRC+aQGmlNhrI4BJH02PdohFffRpVbJKm7n16IYCt+qn36jaW6R3sIBhOuhfvE 3XhwueVUjgszky1vUlcDppVQnHcid17Js+cKODxAvWJ+ej7GWtIRP+UFbtDIYWe0WkXi qZdB2gy3DtXPJgD/wGTM86rp4CPvTYzSegjJ6jjgrBu0xEkGSBeO/76vCM7DdB637xu5 gwZDzWu7CvOh8vEQ93gigrsyk82XNXTjqNlaz34mjGqiHb8WBhT8SKg4YYhPbx/It1Jx Ig2g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=OHqfOWYkCtBzN8FXFwQA9R+6Q0DqqewYBBW3KPBwe5g=; b=WVY/DJklFleQh8yBdx9GCXEh+7It9CapQqqq1NNQGqeELSt5lYgD8snAgDT/BODR81 QF/gh9sgOm6fUv8N7qG/TiAtNfYec9w0w2RX0oUqUQwMtYp0yu11UT43MELYKuSIxIu6 kNDEF/o8PwkkU8dNF2iCGb++5Z55EatzAW2I9m0/drmvoQfPv9XHkmoEe72vklysl3jb C0qpdpuMsgWeTAlNGbi9SxhCmsHiZPY9whzBypG6MeCwb9gCyshLdXx7ayPzK9tQS87L naeVUvlo6q7SbKx2hxcRfn0BPH7w5RXyMi6wrQHhE34AuvJ8bBnGsRVduznlVloVH8ON tzzg== X-Gm-Message-State: AOAM533aoftzDlPmOiCww/m5eR+S9UDb3Ez+j94q1ftMcQPkcYQjf/DL 2akcJWj/z9n3mmJVLr+XMce+MjNbTz4= X-Google-Smtp-Source: ABdhPJx6XFmYG+uUHqHxs2+LLpbrJnLDEFG6hnsswkkeGsrb0wG9EY9eJVdimEHgEbj4V/DWb4k4Awc+BRY= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:fc04:f9df:1efb:bf0c]) (user=seanjc job=sendgmr) by 2002:ad4:5c4f:: with SMTP id a15mr11907990qva.41.1614995978243; Fri, 05 Mar 2021 17:59:38 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 5 Mar 2021 17:59:00 -0800 In-Reply-To: <20210306015905.186698-1-seanjc@google.com> Message-Id: <20210306015905.186698-10-seanjc@google.com> Mime-Version: 1.0 References: <20210306015905.186698-1-seanjc@google.com> X-Mailer: git-send-email 2.30.1.766.gb4fecdf3b7-goog Subject: [PATCH v4 09/14] KVM: SVM: Unconditionally invoke sev_hardware_teardown() From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Borislav Petkov , Tom Lendacky , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Remove the redundant svm_sev_enabled() check when calling sev_hardware_teardown(), the teardown helper itself does the check. Removing the check from svm.c will eventually allow dropping svm_sev_enabled() entirely. No functional change intended. Reviewed by: Tom Lendacky Reviewed-by: Brijesh Singh Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/svm.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 6dd8bcf3e8fa..0fa6c409b484 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -883,8 +883,7 @@ static void svm_hardware_teardown(void) { int cpu; - if (svm_sev_enabled()) - sev_hardware_teardown(); + sev_hardware_teardown(); for_each_possible_cpu(cpu) svm_cpu_uninit(cpu); From patchwork Sat Mar 6 01:59:01 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12119679 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id C996DC433DB for ; Sat, 6 Mar 2021 02:00:57 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id A023964E55 for ; Sat, 6 Mar 2021 02:00:57 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230260AbhCFCA0 (ORCPT ); Fri, 5 Mar 2021 21:00:26 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41366 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230013AbhCFB7l (ORCPT ); Fri, 5 Mar 2021 20:59:41 -0500 Received: from mail-qk1-x74a.google.com (mail-qk1-x74a.google.com [IPv6:2607:f8b0:4864:20::74a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 74A1AC06175F for ; Fri, 5 Mar 2021 17:59:41 -0800 (PST) Received: by mail-qk1-x74a.google.com with SMTP id g18so3326790qki.15 for ; Fri, 05 Mar 2021 17:59:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=EaNTtcaGPwfD+VvuXcCpuD7ywnV0eDg95uW62rbzM4A=; b=VbAvCNnxOrpQgDgNqdZCbbZakM4DkWtLewiQuIriORQXOPQXa8GlpOSnKcuATHccfx NrPffEFxsNsEpf945kX/DxwU1DAvqs2CoRpHAtXfkwCQmgg53jWZnWeq4hOaoI1dgu3h ntQuAcpjvLK3XQ5xO4TEd21SOpHEVB7b8ddpkjl0TN2VbC1c/aXJA1u8HWJKST6tWFrU Ie2kBOkZZ5dgA7AqdTkaQxSwnPba3VH2hYb66AqjdsYje21JGxrImqKGKRPASo0A9pCn owHR1k1Ea6yuY6jcQ1QBwSKIcEAyylM5ZdJoFksRVuAL/1CaK4f1HtTVmdAulQPUOXHm 3kFQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=EaNTtcaGPwfD+VvuXcCpuD7ywnV0eDg95uW62rbzM4A=; b=Pc/5PJDGkuG5rpkcEJP/AXQff0drznSf1qQwqixVy6bYPeNGaHwUZujRtLnw5tQNI3 R3l5fO1WCFN6iPU+R+ZcI5QOROUi5e3SQ+QBkYyX7dCi9l20bXi5wN51O1tyzM8bWEPU 1iKCSMKnNVRN/24pCNTeVvtXD0SV+tPWcBDkArQav505pfJSDWglrdn02aCctTKaGbFx Jlsc7AHhTjbi1T1QC7ygRF2SHXj/UTLfPAYDv0XWQlKnPC9RqPJzamR9vaeaMwvAvu0E /Wa+m+Faf/NaQ1u1M40VJmPmxObhjNyMQsOLSiY72NCE+PFHP1Mk2x5oYZSyCMMzJ5ZY Z/wA== X-Gm-Message-State: AOAM531zRCUW29/BQqh7v/kMnlT5fAHd2SJDwmS/X+RTLoq172NCf4xd /46FaH/0bZ8JtGofxJiGRG+9HecYD9M= X-Google-Smtp-Source: ABdhPJzw67+6peb/QWJcovBgcnMAP0xgjdGxtVaYuCp7pkvgXHk3IJLzU1Vg47gzveDVYHUNFEjKmbpZM+k= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:fc04:f9df:1efb:bf0c]) (user=seanjc job=sendgmr) by 2002:a0c:b7a1:: with SMTP id l33mr11544153qve.17.1614995980607; Fri, 05 Mar 2021 17:59:40 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 5 Mar 2021 17:59:01 -0800 In-Reply-To: <20210306015905.186698-1-seanjc@google.com> Message-Id: <20210306015905.186698-11-seanjc@google.com> Mime-Version: 1.0 References: <20210306015905.186698-1-seanjc@google.com> X-Mailer: git-send-email 2.30.1.766.gb4fecdf3b7-goog Subject: [PATCH v4 10/14] KVM: SVM: Explicitly check max SEV ASID during sev_hardware_setup() From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Borislav Petkov , Tom Lendacky , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Query max_sev_asid directly after setting it instead of bouncing through its wrapper, svm_sev_enabled(). Using the wrapper is unnecessary obfuscation. No functional change intended. Reviewed by: Tom Lendacky Reviewed-by: Brijesh Singh Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/sev.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index bed8fee6c549..63d4f624c742 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -1353,8 +1353,7 @@ void __init sev_hardware_setup(void) /* Maximum number of encrypted guests supported simultaneously */ max_sev_asid = ecx; - - if (!svm_sev_enabled()) + if (!max_sev_asid) goto out; /* Minimum ASID value that should be used for SEV guest */ From patchwork Sat Mar 6 01:59:02 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12119681 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id DAE3FC433E6 for ; Sat, 6 Mar 2021 02:00:57 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id AE30E64E4E for ; Sat, 6 Mar 2021 02:00:57 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230285AbhCFCA2 (ORCPT ); Fri, 5 Mar 2021 21:00:28 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41382 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230087AbhCFB7o (ORCPT ); Fri, 5 Mar 2021 20:59:44 -0500 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CBE1DC061760 for ; Fri, 5 Mar 2021 17:59:43 -0800 (PST) Received: by mail-yb1-xb4a.google.com with SMTP id b127so4577048ybc.13 for ; Fri, 05 Mar 2021 17:59:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=m5zu6dZTIYcYR66YPf0OYgk5GVdLD4L8koVwvit/KmE=; b=R5cpbSbNlA5o5FvKXYsU5KrvKUnJjS2E3uW/ohTrO2BIX6UTkLqME2XlTTFOUv+TPd Gs/v7eP3x81z8WyBs3QnUec8Iueufs1mz44izLeXGFNyeweKNJ5liSFsOeuBAZToD5y+ vtDWv5sXs/xobScXrHm49IBCY/iNnD/hRSRsC5pmXFoygIAUpNaiuQMe3v9swafmleac oLqcLS2RqIn7MAJOMT4nt/aDGKn9r2+VL4DES4g2ZYKQhXSpZ0LlCwTjf5bg+XZk8m2p g01xhLunOf+Z1FQ5ALJQUTPGaP5Yt0ygnjHWwWiD4erHGQfPZatIazJc/A1GrTGsPNtg Iazw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=m5zu6dZTIYcYR66YPf0OYgk5GVdLD4L8koVwvit/KmE=; b=bci12H1U1BFSP5oGaR0sT6dARSnXifozqGFg2quOa9iKRmTnUBvtH7BcOVK+aU6ILA XHCt9N3vw7aShzLRASFemsLNWbbv0e0k+2wRlDEI6QCvDDhI7sE6AhOYz5EnlsDKqMok O9eVb1ZdQEjCbZj5+sgJZo5jELamMDn8SK1ZZ0VFv6DlNOzbDMPIfbR2xEz540iox1Pf xptcYUUGRjDZuukzvLAMup0JQWKVsyy8qGNtjLmQEm0WB/Oxu52NGJIjgxlcYUDJj2JF 9Dd8+3VpHPzUHUKV+XWgx0jKERjC/qe0ewlOd5/8SHZe/T6A9uYzUyZpm3ulfZuL97iB xWJA== X-Gm-Message-State: AOAM5301H5dYDW28d5zPcWftzm7pb8dxG+DBsiXhWmtfbD8sy01MTFJn CqkegEoySIJEnyI/eAtD9h6CYbAuA5A= X-Google-Smtp-Source: ABdhPJwua8ZD9rmpU91xeZpkm5rktRwEN6Dy3Z9ZmZBLMz+z6tj+Xn6SVxBmXnMdbfG8E1xYCZBjjk/fLlk= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:fc04:f9df:1efb:bf0c]) (user=seanjc job=sendgmr) by 2002:a25:d091:: with SMTP id h139mr16206778ybg.437.1614995983056; Fri, 05 Mar 2021 17:59:43 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 5 Mar 2021 17:59:02 -0800 In-Reply-To: <20210306015905.186698-1-seanjc@google.com> Message-Id: <20210306015905.186698-12-seanjc@google.com> Mime-Version: 1.0 References: <20210306015905.186698-1-seanjc@google.com> X-Mailer: git-send-email 2.30.1.766.gb4fecdf3b7-goog Subject: [PATCH v4 11/14] KVM: SVM: Move SEV VMCB tracking allocation to sev.c From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Borislav Petkov , Tom Lendacky , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Move the allocation of the SEV VMCB array to sev.c to help pave the way toward encapsulating SEV enabling wholly within sev.c. No functional change intended. Reviewed by: Tom Lendacky Reviewed-by: Brijesh Singh Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/sev.c | 12 ++++++++++++ arch/x86/kvm/svm/svm.c | 16 ++++++++-------- arch/x86/kvm/svm/svm.h | 1 + 3 files changed, 21 insertions(+), 8 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 63d4f624c742..4685be80f551 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -1406,6 +1406,18 @@ void sev_hardware_teardown(void) sev_flush_asids(); } +int sev_cpu_init(struct svm_cpu_data *sd) +{ + if (!svm_sev_enabled()) + return 0; + + sd->sev_vmcbs = kcalloc(max_sev_asid + 1, sizeof(void *), GFP_KERNEL); + if (!sd->sev_vmcbs) + return -ENOMEM; + + return 0; +} + /* * Pages used by hardware to hold guest encrypted state must be flushed before * returning them to the system. diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 0fa6c409b484..51cea470d0bb 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -549,22 +549,22 @@ static void svm_cpu_uninit(int cpu) static int svm_cpu_init(int cpu) { struct svm_cpu_data *sd; + int ret; sd = kzalloc(sizeof(struct svm_cpu_data), GFP_KERNEL); if (!sd) return -ENOMEM; sd->cpu = cpu; sd->save_area = alloc_page(GFP_KERNEL); - if (!sd->save_area) + if (!sd->save_area) { + ret = -ENOMEM; goto free_cpu_data; + } clear_page(page_address(sd->save_area)); - if (svm_sev_enabled()) { - sd->sev_vmcbs = kcalloc(max_sev_asid + 1, sizeof(void *), - GFP_KERNEL); - if (!sd->sev_vmcbs) - goto free_save_area; - } + ret = sev_cpu_init(sd); + if (ret) + goto free_save_area; per_cpu(svm_data, cpu) = sd; @@ -574,7 +574,7 @@ static int svm_cpu_init(int cpu) __free_page(sd->save_area); free_cpu_data: kfree(sd); - return -ENOMEM; + return ret; } diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index aec70f6cd243..0953251232c8 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -562,6 +562,7 @@ int svm_unregister_enc_region(struct kvm *kvm, void pre_sev_run(struct vcpu_svm *svm, int cpu); void __init sev_hardware_setup(void); void sev_hardware_teardown(void); +int sev_cpu_init(struct svm_cpu_data *sd); void sev_free_vcpu(struct kvm_vcpu *vcpu); int sev_handle_vmgexit(struct vcpu_svm *svm); int sev_es_string_io(struct vcpu_svm *svm, int size, unsigned int port, int in); From patchwork Sat Mar 6 01:59:03 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12119685 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0D572C433E9 for ; Sat, 6 Mar 2021 02:00:58 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id DD38064E55 for ; Sat, 6 Mar 2021 02:00:57 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230289AbhCFCA2 (ORCPT ); Fri, 5 Mar 2021 21:00:28 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41392 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230148AbhCFB7q (ORCPT ); Fri, 5 Mar 2021 20:59:46 -0500 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 34506C06175F for ; Fri, 5 Mar 2021 17:59:46 -0800 (PST) Received: by mail-yb1-xb4a.google.com with SMTP id v62so4573862ybb.15 for ; Fri, 05 Mar 2021 17:59:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=UmwQQ/S7KcF1DBLXWAPSZiS9PiMxi8tI2OBIXEjWq68=; b=m7Fz8WwUmbR3fF5JyIInUPh79JvG/xSefO5l/jjX6PmWpjYc+1nzPz9SfVLn4s0CGW /nAp1QjG33onZ6tJElA3a4Wd5CwXnkW+GWYo/qBgU5pKppzDQdNapioeIRDSjqMMdPXN gAR4FVL/DKPT4vcfBnPTWymjjd7N7jGJsF6aj1LzX1Tz8kNK0knXjyxYxBzH4sn4GMKi 7HThD4nKQm34Z8sTLK0MH4egPR1UbLf4+03ubEus+hFDIHestveHyuwE4/+HrdZ/HOxJ +ZMSWqKpRVVEv3zUHnC/oiokRNvGigOnBESg1n0tYGOqeLn7PhoZCfCav61SvtemfHwF Lspw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=UmwQQ/S7KcF1DBLXWAPSZiS9PiMxi8tI2OBIXEjWq68=; b=qIDyn0reSX42PTacKtyp8yhSLpoKrFriS4yYds0ZSLNa8HhA6dInI3cvebjntQzCTP /3RLGKa6WjAbUEY0S/35l4tjr9BzntUcY5MxEOI7mqe/xrS0fflNCg3r8+vrxJvLndz2 UyMibvMOYOFZU4Eug/sCt4/A3yM0z/mLnSvhD+dmC3QWAaqI+ypHs0onQ4cEoklm0bJf Ft+FUld7vTh784EQFrTqDSv9uprstWhiUWSy5ftblcS/8kbqhSw2xodbpGdig95ZKdyx VcbtiIyhXsEXvDgVJHKEhL+hdrCIvgAJIsy0IttDaJY+iKJ3F42t0HO23XNFesYgXYoI hv1A== X-Gm-Message-State: AOAM531B5GBt0Qu6fJb6Q/teWs9Cz7BvexZJew6Bo/6MY2xHxbJVKdnF L/38wx5OERjZi8wTsNFvntdKObxOGlg= X-Google-Smtp-Source: ABdhPJyxAZtOQzcbN/L96f2uwopVXuYktoU72bCi7I50CrOJVbHyDYBZuQFEzxexN+SveYKNXkUYafl6o5o= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:fc04:f9df:1efb:bf0c]) (user=seanjc job=sendgmr) by 2002:a25:d017:: with SMTP id h23mr18602507ybg.267.1614995985445; Fri, 05 Mar 2021 17:59:45 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 5 Mar 2021 17:59:03 -0800 In-Reply-To: <20210306015905.186698-1-seanjc@google.com> Message-Id: <20210306015905.186698-13-seanjc@google.com> Mime-Version: 1.0 References: <20210306015905.186698-1-seanjc@google.com> X-Mailer: git-send-email 2.30.1.766.gb4fecdf3b7-goog Subject: [PATCH v4 12/14] KVM: SVM: Drop redundant svm_sev_enabled() helper From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Borislav Petkov , Tom Lendacky , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Replace calls to svm_sev_enabled() with direct checks on sev_enabled, or in the case of svm_mem_enc_op, simply drop the call to svm_sev_enabled(). This effectively replaces checks against a valid max_sev_asid with checks against sev_enabled. sev_enabled is forced off by sev_hardware_setup() if max_sev_asid is invalid, all call sites are guaranteed to run after sev_hardware_setup(), and all of the checks care about SEV being fully enabled (as opposed to intentionally handling the scenario where max_sev_asid is valid but SEV enabling fails due to OOM). Reviewed by: Tom Lendacky Reviewed-by: Brijesh Singh Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/sev.c | 6 +++--- arch/x86/kvm/svm/svm.h | 5 ----- 2 files changed, 3 insertions(+), 8 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 4685be80f551..9837fd753d88 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -1128,7 +1128,7 @@ int svm_mem_enc_op(struct kvm *kvm, void __user *argp) struct kvm_sev_cmd sev_cmd; int r; - if (!svm_sev_enabled() || !sev_enabled) + if (!sev_enabled) return -ENOTTY; if (!argp) @@ -1397,7 +1397,7 @@ void __init sev_hardware_setup(void) void sev_hardware_teardown(void) { - if (!svm_sev_enabled()) + if (!sev_enabled) return; bitmap_free(sev_asid_bitmap); @@ -1408,7 +1408,7 @@ void sev_hardware_teardown(void) int sev_cpu_init(struct svm_cpu_data *sd) { - if (!svm_sev_enabled()) + if (!sev_enabled) return 0; sd->sev_vmcbs = kcalloc(max_sev_asid + 1, sizeof(void *), GFP_KERNEL); diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 0953251232c8..8a52cbc2dee7 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -548,11 +548,6 @@ void svm_vcpu_unblocking(struct kvm_vcpu *vcpu); extern unsigned int max_sev_asid; -static inline bool svm_sev_enabled(void) -{ - return IS_ENABLED(CONFIG_KVM_AMD_SEV) ? max_sev_asid : 0; -} - void sev_vm_destroy(struct kvm *kvm); int svm_mem_enc_op(struct kvm *kvm, void __user *argp); int svm_register_enc_region(struct kvm *kvm, From patchwork Sat Mar 6 01:59:04 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12119683 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0F98AC43381 for ; Sat, 6 Mar 2021 02:00:58 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id EF85664E4E for ; Sat, 6 Mar 2021 02:00:57 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230320AbhCFCA3 (ORCPT ); Fri, 5 Mar 2021 21:00:29 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41404 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230194AbhCFB7s (ORCPT ); Fri, 5 Mar 2021 20:59:48 -0500 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 99F35C06175F for ; Fri, 5 Mar 2021 17:59:48 -0800 (PST) Received: by mail-yb1-xb49.google.com with SMTP id v6so4600737ybk.9 for ; Fri, 05 Mar 2021 17:59:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=YKINTCGltrVyp3fTfK7Bwe6l6hsuKz4Q8fib2ZV0sdc=; b=Cr2RbPYyHNoYJrGOPNCVD/QXx5wxFfULpNrwYW6zQ+p6Hs3EaETj+41Bc0iKvaO6Ge iwSpg73F7ba2C3MaTrQ4ofl3ZhLCp81Y4Hwv2Ml8JHsrcUSGw2sfA0pUHBBlCJFM2Vjc JgXc3MboYC+lOCSCMv9L00Rqra+TaYYaV3yK7yyEDY3I8zXbr4Pd2MR1LAwunDEb2s6N Z+he7sdMYL+RCXI/QAqq5vvTU7bhYMt+oCyk4n3YbDjL5NsIC+jtZppDApz3PorIB8EE vZXgsCmgUTfYIriQtTv6GLUR7aMFIOW7bcYWuQcegj8LavB7LEl1mreKtHtQmIuzeWIs AUaw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=YKINTCGltrVyp3fTfK7Bwe6l6hsuKz4Q8fib2ZV0sdc=; b=qlnxwDNajPYe2jWxD/qeonNpnjEoQSsISTC+sY3VSa7m99Ne8rn65160Bbw5gq76WS +pTynwNCxSDefzMdErANzpdiilFwXHkwfcchZy7e5iH43SjLz4upZZXD7auUDlZgKBie iXWy4yv9ajYuXDxXkziX0Z/DXuxb5mqHMl2ONK724YwtxBemY8JtJSkbdovsXl4ccgFh OTLgA9MY00pPa9bMy+Ei22pWTv/cQTgiOax6HclPnnV7ZjivGO5vVBAK1t2/v7UpUSxa dJUDf4nfHtt9Z/ZIHGC/UDylzdgCctjckdOdkTe8LqdakSyTxspW6xwTTsfbz4EgJNoG ZufA== X-Gm-Message-State: AOAM530quI4B46olUTf7Nn7W28XO5GOOzOb40ECYMm2LcRUmOvcsZsEf Xy/gRoHRzv6s9chGdcFkC2rgnzTeSvE= X-Google-Smtp-Source: ABdhPJwi+YJGESeOsryzEjL2L33OGG+L5KOJO4dby4/YXu3Yv91JPoKIqEdMHwkwTnn93s/I0WA3zfKIWGA= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:fc04:f9df:1efb:bf0c]) (user=seanjc job=sendgmr) by 2002:a25:ab29:: with SMTP id u38mr17013369ybi.327.1614995987876; Fri, 05 Mar 2021 17:59:47 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 5 Mar 2021 17:59:04 -0800 In-Reply-To: <20210306015905.186698-1-seanjc@google.com> Message-Id: <20210306015905.186698-14-seanjc@google.com> Mime-Version: 1.0 References: <20210306015905.186698-1-seanjc@google.com> X-Mailer: git-send-email 2.30.1.766.gb4fecdf3b7-goog Subject: [PATCH v4 13/14] KVM: SVM: Remove an unnecessary prototype declaration of sev_flush_asids() From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Borislav Petkov , Tom Lendacky , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Remove the forward declaration of sev_flush_asids(), which is only a few lines above the function itself. No functional change intended. Reviewed by: Tom Lendacky Reviewed-by: Brijesh Singh Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/sev.c | 1 - 1 file changed, 1 deletion(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 9837fd753d88..3bf04a697723 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -42,7 +42,6 @@ module_param_named(sev_es, sev_es_enabled, bool, 0444); #endif /* CONFIG_KVM_AMD_SEV */ static u8 sev_enc_bit; -static int sev_flush_asids(void); static DECLARE_RWSEM(sev_deactivate_lock); static DEFINE_MUTEX(sev_bitmap_lock); unsigned int max_sev_asid; From patchwork Sat Mar 6 01:59:05 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12119687 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 95BC0C4332D for ; Sat, 6 Mar 2021 02:00:58 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 6646664E55 for ; Sat, 6 Mar 2021 02:00:58 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230329AbhCFCAa (ORCPT ); Fri, 5 Mar 2021 21:00:30 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41418 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230222AbhCFB7v (ORCPT ); Fri, 5 Mar 2021 20:59:51 -0500 Received: from mail-qv1-xf4a.google.com (mail-qv1-xf4a.google.com [IPv6:2607:f8b0:4864:20::f4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 29314C061760 for ; Fri, 5 Mar 2021 17:59:51 -0800 (PST) Received: by mail-qv1-xf4a.google.com with SMTP id e9so2908546qvf.21 for ; Fri, 05 Mar 2021 17:59:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=RGBGjRYcLpzZKmmikFQwZLPbNnCzmLhMB1ZnNSdMI9Q=; b=B2slHV0TDG3kCxdpO6MqS6MEA29EPE00hM4j4eEMMirvy2nvf7tYOlXFK4t7AKTH61 nMDnUJOW7I1l8Vktzb0QZJu3TyjCcXTPS5+FI/IciWJiQKIUtzK6jYZvQUL1DmegzDqp +vhGN2JmcZQhDvROioiZ/J4XABwioYcsMJdMNXC3/0kGW0EQWkY7se41i+AYVxOGfpvY dYa/j2sfIWGAm4yaAIOXGN+DOtXzBMbi1QmKGymC5+IdFHQtq99lMKP+GfKE53N1Gnp2 RSDvByxJoeXjiLlLKqv4CUQS6shOb5RyQsnCZPgsgqwdgSLgy2KL5veo0QwI2SMUitD4 cGlw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=RGBGjRYcLpzZKmmikFQwZLPbNnCzmLhMB1ZnNSdMI9Q=; b=IuWrq+jbSSQLPs+Po05Zk7ryOcKPXNo8OHR3iP5kkPyHP7hb0tt/dILjZniVWNQV+0 Nr52eycuPaWYDDjPCEhUvT8FneytcI6+rD2c1gxkBQGr61z+RvsSS/wbiHC9qI4xv2Ap 1SCYub6/HNcOOqJS3YBqesDNRNPevmHXCGX2IW/goODEUsdG02C1MmgOYSeZyXT+8n7b z1pB1QmVb0xjHvcv6s5sM5h6OnNjr0WA3H89HMuJFNFS0QbXEj/v+aPtKL5V0+iLp1Yf NippSRD2j0V8rqTD0kszB0jPMhKc4k+M8z0mU5b7sBDWrLvmV2d+TkVOd/pRjCx3Kwjq Clkg== X-Gm-Message-State: AOAM533aC5wABMMIPCXV/qU85Rh0tElxbYlrOE4sgDw630dxwxr32UG2 SpB7aLsgXAB213nwRQaK62sgSPOAlUI= X-Google-Smtp-Source: ABdhPJwSoKByoD4fhMYtVv7nTAckUzrERAauGnDMgwYEfWPsbSLGyNIuvE+yfkt8C2ng8lyhOS/O+n+WuEA= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:fc04:f9df:1efb:bf0c]) (user=seanjc job=sendgmr) by 2002:a05:6214:1085:: with SMTP id o5mr11740761qvr.5.1614995990308; Fri, 05 Mar 2021 17:59:50 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 5 Mar 2021 17:59:05 -0800 In-Reply-To: <20210306015905.186698-1-seanjc@google.com> Message-Id: <20210306015905.186698-15-seanjc@google.com> Mime-Version: 1.0 References: <20210306015905.186698-1-seanjc@google.com> X-Mailer: git-send-email 2.30.1.766.gb4fecdf3b7-goog Subject: [PATCH v4 14/14] KVM: SVM: Skip SEV cache flush if no ASIDs have been used From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Borislav Petkov , Tom Lendacky , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Skip SEV's expensive WBINVD and DF_FLUSH if there are no SEV ASIDs waiting to be reclaimed, e.g. if SEV was never used. This "fixes" an issue where the DF_FLUSH fails during hardware teardown if the original SEV_INIT failed. Ideally, SEV wouldn't be marked as enabled in KVM if SEV_INIT fails, but that's a problem for another day. Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/sev.c | 23 +++++++++++------------ 1 file changed, 11 insertions(+), 12 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 3bf04a697723..f8ebda7c365a 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -57,9 +57,14 @@ struct enc_region { unsigned long size; }; -static int sev_flush_asids(void) +static int sev_flush_asids(int min_asid, int max_asid) { - int ret, error = 0; + int ret, pos, error = 0; + + /* Check if there are any ASIDs to reclaim before performing a flush */ + pos = find_next_bit(sev_reclaim_asid_bitmap, max_sev_asid, min_asid); + if (pos >= max_asid) + return -EBUSY; /* * DEACTIVATE will clear the WBINVD indicator causing DF_FLUSH to fail, @@ -81,14 +86,7 @@ static int sev_flush_asids(void) /* Must be called with the sev_bitmap_lock held */ static bool __sev_recycle_asids(int min_asid, int max_asid) { - int pos; - - /* Check if there are any ASIDs to reclaim before performing a flush */ - pos = find_next_bit(sev_reclaim_asid_bitmap, max_sev_asid, min_asid); - if (pos >= max_asid) - return false; - - if (sev_flush_asids()) + if (sev_flush_asids(min_asid, max_asid)) return false; /* The flush process will flush all reclaimable SEV and SEV-ES ASIDs */ @@ -1399,10 +1397,11 @@ void sev_hardware_teardown(void) if (!sev_enabled) return; + /* No need to take sev_bitmap_lock, all VMs have been destroyed. */ + sev_flush_asids(0, max_sev_asid); + bitmap_free(sev_asid_bitmap); bitmap_free(sev_reclaim_asid_bitmap); - - sev_flush_asids(); } int sev_cpu_init(struct svm_cpu_data *sd)