From patchwork Mon Dec 13 17:33:53 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 12674451 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 97C7FC433EF for ; Mon, 13 Dec 2021 17:34:51 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241447AbhLMRes (ORCPT ); Mon, 13 Dec 2021 12:34:48 -0500 Received: from mail-dm3nam07on2087.outbound.protection.outlook.com ([40.107.95.87]:65346 "EHLO NAM02-DM3-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S241382AbhLMRem (ORCPT ); Mon, 13 Dec 2021 12:34:42 -0500 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=UWGmM2eWYF+VETi5iZgaxVcJKpbdG+5YZ8Hp9DX+pmNhTqIxhv07Wh9OAldtsAWyzQnkOPk+99kww1+5OHmZmyD7+0j8Kuzt6RDkc+M53f8m5NO5ahloGiblRJgCyzFjCagjyeQt7FM6gXZJygsH6wRXEDHmj6hFmZ1LvSNyw6BNCZgob1bu6TOn75qELoJlQQRn+XNi/bKjTln+N3HogJ1AANJnI6cMrkf5+CCq8E7xSKyJL0A32oD9kgH9ifhuHKRO9/ByQBINSRAsDxHV9+el04IRzq4GJED1mYuxlrJ9mLQpWPIMdJX7bHktLPb0B3ukuXErYT4aMLpnErMC+A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=HJXErsaXiq4AnBOKz0oGHD19aEPeb9FSLcZ4oZfBSQU=; b=WhQQ3Emm7rY4uLF+FA8hQQ/zxEDuhMZlgTPeJDAXs7UBBYcR8eHLT+YvGAAtlBDkgO+up0AudgqnMTQEYFKRGzbKweQC4pTLhcvfxThlEwNOL6WbqPyIfp0GysZWeQjc+EmVUqFWeTGLM3fJTQ1Kf1kpsq64/4sOcW31lVaGWyiKtbwhQy+fv9JoFXe1ah1VjG7KIuo0mwsUmNR37Vh678QEo2vE6srgGq2oUGcA/4vHwwyQ3o7vObYGQcWOIT2JY8g3onvdrEIxaQ8EEuVUokWn5nDsepzq2kp5SOhB6rR8nRKBiHaRGqB9/fc+7oSzU0+A3MQxoHI3APjpqWz1/Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=HJXErsaXiq4AnBOKz0oGHD19aEPeb9FSLcZ4oZfBSQU=; b=G0qtNVuDaB2VFoABOXz8qXGZGOoAGbVJ3Co7Qo9x7vIPjPEsIkrN6sNAGkFg2cXsKLTBdZw5VaYzTU6SzgOWKjX82l+202XqIh1bw2KAvlw4kIo7ZYkRHJdn+OlnmFIJk9NOoiVxjrAzo51qAcaiA+++GZMfNISHokB7le6/78o= Received: from BN6PR17CA0033.namprd17.prod.outlook.com (2603:10b6:405:75::22) by BYAPR12MB2710.namprd12.prod.outlook.com (2603:10b6:a03:68::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4755.22; Mon, 13 Dec 2021 17:34:34 +0000 Received: from BN8NAM11FT010.eop-nam11.prod.protection.outlook.com (2603:10b6:405:75:cafe::46) by BN6PR17CA0033.outlook.office365.com (2603:10b6:405:75::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4778.11 via Frontend Transport; Mon, 13 Dec 2021 17:34:34 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB03.amd.com; Received: from SATLEXMB03.amd.com (165.204.84.17) by BN8NAM11FT010.mail.protection.outlook.com (10.13.177.53) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4778.13 via Frontend Transport; Mon, 13 Dec 2021 17:34:33 +0000 Received: from sbrijesh-desktop.amd.com (10.180.168.240) by SATLEXMB03.amd.com (10.181.40.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.17; Mon, 13 Dec 2021 11:34:24 -0600 From: Brijesh Singh To: CC: , , Ingo Molnar , Joerg Roedel , Tom Lendacky , Paolo Bonzini , "Sean Christopherson" , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , "Andy Lutomirski" , Dave Hansen , David Rientjes , Peter Gonda , Borislav Petkov , , , Brijesh Singh Subject: [PATCH 1/4] KVM: SVM: Define sev_features and vmpl field in the VMSA Date: Mon, 13 Dec 2021 11:33:53 -0600 Message-ID: <20211213173356.138726-2-brijesh.singh@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211213173356.138726-1-brijesh.singh@amd.com> References: <20211213173356.138726-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB03.amd.com (10.181.40.144) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 928da4e3-23db-4b20-87df-08d9be5ed3d6 X-MS-TrafficTypeDiagnostic: BYAPR12MB2710:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:6790; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: PWeWm58TB0pwviRZOVgwIukW1vxVnjHuJZAzanxcCZ61m6W3xwLDuiE5sLW/cfGHlHbFystn0ZDwXVl13qsDZaBchiQ4kQ9sV1qLBeuBVIdoW/cAWDRnZzahiEJr76SNZUBiSfv8fVnBEqPwH5ahBWzIL1qOHBaFlh82m88loVXBPJdZ7h/Hy8sJaAuWcwuO5OKgBhhXkesGLrKkO7KrHbIapeLVI44DTFmq7/Mum6MeJlyQdRawzVoJI7B5u5k4fbxTcZEbjivK/iQ03CGGkriv4Cs56B8NjFgrYGtO6mpENPk46EIikl6Ci/33HNckY1M7pTPWYyuLzQszGazdalcRkJx1WkZT73WemDMGU3qKE3Dled71+U1YnSJLHamqjfCHSXxuSttpWeNDAoyub7wP9xfptU6kqHeebDfZnn2EFS1LDGBmoutLfYxcqZlw0ikRMfLcvjv6qDaIFzm/soy+qUtx+v4t3dO7hnx7A5aBN9xSYAuDB04RN6HiPEkDbEg8qRvoWnHxE8tJRDRJCaSCWScz4UAEK5fziFOosS0gINqJ8nUf9Ww1PC/BpyZzO58EzAV/fdycDYT9G9XW9JOdRJOSh+PjK7VSXd5ThE8IpN5lWuEtft65dYfgNwiigyC+43RfZ/cW/v0uMyDlitvP6pBdAJeVxerHnkIWIBMTceioO8Azv7IMAkpJM7ebXZrySEMQiZM7+QdVLviFPKWzRU8Bj+WbXxKjZJOWRcMKEDiy+0l1efwjswDsFO4Rn+30jxM4OpCZ++FklgxGqiBd7HcfqgQ6KKWGvChCocg= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB03.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(4636009)(36840700001)(46966006)(40470700001)(70206006)(26005)(36756003)(356005)(2616005)(336012)(186003)(5660300002)(316002)(16526019)(2906002)(44832011)(426003)(4326008)(7416002)(54906003)(70586007)(6666004)(40460700001)(36860700001)(508600001)(1076003)(8936002)(8676002)(47076005)(6916009)(82310400004)(7696005)(86362001)(81166007)(83380400001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 Dec 2021 17:34:33.9451 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 928da4e3-23db-4b20-87df-08d9be5ed3d6 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB03.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT010.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR12MB2710 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org The hypervisor uses the sev_features field (offset 3B0h) in the Save State Area to control the SEV-SNP guest features such as SNPActive, vTOM, ReflectVC etc. An SEV-SNP guest can read the SEV_FEATURES fields through the SEV_STATUS MSR. While at it, update the dump_vmcb() to log the VMPL level. See APM2 Table 15-34 and B-4 for more details. Signed-off-by: Brijesh Singh --- arch/x86/include/asm/svm.h | 6 ++++-- arch/x86/kvm/svm/svm.c | 4 ++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h index b00dbc5fac2b..7c9cf4f3c164 100644 --- a/arch/x86/include/asm/svm.h +++ b/arch/x86/include/asm/svm.h @@ -238,7 +238,8 @@ struct vmcb_save_area { struct vmcb_seg ldtr; struct vmcb_seg idtr; struct vmcb_seg tr; - u8 reserved_1[43]; + u8 reserved_1[42]; + u8 vmpl; u8 cpl; u8 reserved_2[4]; u64 efer; @@ -303,7 +304,8 @@ struct vmcb_save_area { u64 sw_exit_info_1; u64 sw_exit_info_2; u64 sw_scratch; - u8 reserved_11[56]; + u64 sev_features; + u8 reserved_11[48]; u64 xcr0; u8 valid_bitmap[16]; u64 x87_state_gpa; diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index e57e6857e063..d785a69c083d 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -3066,8 +3066,8 @@ static void dump_vmcb(struct kvm_vcpu *vcpu) "tr:", save01->tr.selector, save01->tr.attrib, save01->tr.limit, save01->tr.base); - pr_err("cpl: %d efer: %016llx\n", - save->cpl, save->efer); + pr_err("vmpl: %d cpl: %d efer: %016llx\n", + save->vmpl, save->cpl, save->efer); pr_err("%-15s %016llx %-13s %016llx\n", "cr0:", save->cr0, "cr2:", save->cr2); pr_err("%-15s %016llx %-13s %016llx\n", From patchwork Mon Dec 13 17:33:54 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 12674445 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D9DCEC433F5 for ; Mon, 13 Dec 2021 17:34:41 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241364AbhLMRek (ORCPT ); Mon, 13 Dec 2021 12:34:40 -0500 Received: from mail-dm6nam10on2087.outbound.protection.outlook.com ([40.107.93.87]:52864 "EHLO NAM10-DM6-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S235736AbhLMRei (ORCPT ); Mon, 13 Dec 2021 12:34:38 -0500 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hAW5wSFUf62jPmiLrMN0gUI5UYIrjHB6wD+l4bmJv+8NyTm8PniN9pNUbO8URGasn1+4NaO2GZd0iV2Ug9OJ9nRZ74F9L9tRIa+kIxGGOiULGlyyJRa36EKdkcXBx2a9RJHKlHeSepb2oy3jmB/yLsxG+WrVnYvyA7fF4cogGFc6/D++EkzKI7d+tksIGZgKNrbD3prFGAYFvoe9GiJdtB8S70iP8qNEjU8HLgghTHisGWfqQFElHAS33iwykwipXcbv/3R6FaWojz/TR9EbDmwg4K0Ck/McomavMZpHWnqibhjedMK63qzkpIyAubpr+WGT+wdnMg2si6x0bgrh3g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=iaH7YlHQEbNRCtT2xWBnDxe2GbR3iPgmIpIDLW9LG0I=; b=ZTkAv3vT+Nzu0rlUmLo3CgMqFJYXNtuIfLAiZ+hjcCPQF7/RW8kgDjqUJ6RPNHYMUkNxoAiyrJ65mHs77f+g0rqK8LOjJ9fOYpcOr7l9uz9SkajqmWSPO+R08OvMjMFCJhH+P1OZqOnfmzlrODD1boq+EO6QvxVgm0n6u8ZOeizWvd9oXlSPAQAJe4OV1hRMUWW3fhEa5lPVMuFsnnz4IRPqQ01zF01M3IzRiBXS9otfdMe1QO3/IQiGQZVSMbeMMYjMLBnpjeke/dL8gsF54NjGRMWZIg+x2wMwrxqEWVfrjdGRQojyNLlZr+QOzLEev0x1t2EHVdzgnMAuj+fRIQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=iaH7YlHQEbNRCtT2xWBnDxe2GbR3iPgmIpIDLW9LG0I=; b=Z0wpv3bQml0GhpqdkV9DOLeXTRumrRXCBSpEgqvDxp+ZRVj5lZaDv1HLGe1+5AIjJBRhUrzfWanblf/RASpi+YSw6/PJe6KrbJg1phrfvctXwtZUSnfUm/iShzGJFGh/aZN/u7rd3nfMyg3LhwxxE1RMqLpu3UXiXPTglQ/OFc4= Received: from BN6PR17CA0028.namprd17.prod.outlook.com (2603:10b6:405:75::17) by SJ0PR12MB5456.namprd12.prod.outlook.com (2603:10b6:a03:3ae::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4778.17; Mon, 13 Dec 2021 17:34:34 +0000 Received: from BN8NAM11FT010.eop-nam11.prod.protection.outlook.com (2603:10b6:405:75:cafe::68) by BN6PR17CA0028.outlook.office365.com (2603:10b6:405:75::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4778.13 via Frontend Transport; Mon, 13 Dec 2021 17:34:34 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB03.amd.com; Received: from SATLEXMB03.amd.com (165.204.84.17) by BN8NAM11FT010.mail.protection.outlook.com (10.13.177.53) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4778.13 via Frontend Transport; Mon, 13 Dec 2021 17:34:34 +0000 Received: from sbrijesh-desktop.amd.com (10.180.168.240) by SATLEXMB03.amd.com (10.181.40.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.17; Mon, 13 Dec 2021 11:34:26 -0600 From: Brijesh Singh To: CC: , , Ingo Molnar , Joerg Roedel , Tom Lendacky , Paolo Bonzini , "Sean Christopherson" , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , "Andy Lutomirski" , Dave Hansen , David Rientjes , Peter Gonda , Borislav Petkov , , , Brijesh Singh Subject: [PATCH 2/4] KVM: SVM: Create a separate mapping for the SEV-ES save area Date: Mon, 13 Dec 2021 11:33:54 -0600 Message-ID: <20211213173356.138726-3-brijesh.singh@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211213173356.138726-1-brijesh.singh@amd.com> References: <20211213173356.138726-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB03.amd.com (10.181.40.144) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 2151fe4c-3541-4837-2fe5-08d9be5ed426 X-MS-TrafficTypeDiagnostic: SJ0PR12MB5456:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8882; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 3WZvcoduvxempN0wdyKobUZPk8ZAOFCRCy1xw5/G+zbIOmBlYfWC+VTNOKwdnB+iqOKs7P1Xkgh+ToC8eESoSos0cZirvyS2TPxDly50jN0aBHjOmiIyIRApaZZgU18BG+k4TnlaHrZhNpupuNpU2N7UDGR3LqIx8Qw5YFfY2C5M/MIdJia7Na5FkicI2Z0uewozjcWHuMONFtIruWwf9wu+2EAcoxfG3sWOA3TA4deEqaz0c92VxExOuRGeRhfoextwQ8SXD86MbvSFYYpLi2xEsXvxCxzNLFtv0gJJ1gSSv5sAKFWiM5JmYrxqvbQjN8lor4Lgo/d+vylZjuAC+rtP1Ewd9NLi/i8epElVvJtSglxD68YhqVMGijtv6vCaVPim/ClwUHpoQ7rHNEQmfPze9yqkwbE8qyXU3+97Y0w+ugTu1vPlPZEB+YwcaRKu2mMCYBBZILHJrTcCdj6CIBRNqIlz6bfphF8zOKGxfdNlCfVolelOIPsmG5/3czRBW9QurJe0s4wxx7lYL0SQxSwCz3gHPMF0+9jj9YGtqHrcu/jczOtos7p3SZzufOLlYWAw+lfrTbyO0f8mb+WZ+pADGJD1h+TdQg42l1brDfCO1XxpR8P4gCGVJFGym09aRrw8eK0Tq0iJrouJYCc4Jub8dhEtls1y0CCh26upzy9qiNIPwXY6BFk6JBwh2Ey1A+ZSs3OtaJ10YmO6IYw0tjzKOdkNcY0SloYIDWp+eCmnh8QqCmNxVuwMvpxQFxq2N6zDZbB/pRzVzbI/o3e8OMH3qfTv3aAp+xHKMXj8Vgc= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB03.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(4636009)(46966006)(36840700001)(40470700001)(16526019)(2616005)(186003)(86362001)(82310400004)(54906003)(336012)(81166007)(83380400001)(6916009)(8676002)(426003)(47076005)(508600001)(8936002)(356005)(26005)(6666004)(7696005)(70206006)(70586007)(5660300002)(36860700001)(316002)(40460700001)(2906002)(36756003)(44832011)(4326008)(1076003)(7416002)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 Dec 2021 17:34:34.4667 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 2151fe4c-3541-4837-2fe5-08d9be5ed426 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB03.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT010.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR12MB5456 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org From: Tom Lendacky The save area for SEV-ES/SEV-SNP guests, as used by the hardware, is different from the save area of a non SEV-ES/SEV-SNP guest. This is the first step in defining the multiple save areas to keep them separate and ensuring proper operation amongst the different types of guests. Create an SEV-ES/SEV-SNP save area and adjust usage to the new save area definition where needed. Signed-off-by: Tom Lendacky Signed-off-by: Brijesh Singh --- arch/x86/include/asm/svm.h | 87 +++++++++++++++++++++++++++++--------- arch/x86/kvm/svm/sev.c | 24 +++++------ arch/x86/kvm/svm/svm.h | 2 +- 3 files changed, 80 insertions(+), 33 deletions(-) diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h index 7c9cf4f3c164..3ce2e575a2de 100644 --- a/arch/x86/include/asm/svm.h +++ b/arch/x86/include/asm/svm.h @@ -227,6 +227,7 @@ struct vmcb_seg { u64 base; } __packed; +/* Save area definition for legacy and SEV-MEM guests */ struct vmcb_save_area { struct vmcb_seg es; struct vmcb_seg cs; @@ -243,8 +244,58 @@ struct vmcb_save_area { u8 cpl; u8 reserved_2[4]; u64 efer; + u8 reserved_3[112]; + u64 cr4; + u64 cr3; + u64 cr0; + u64 dr7; + u64 dr6; + u64 rflags; + u64 rip; + u8 reserved_4[88]; + u64 rsp; + u64 s_cet; + u64 ssp; + u64 isst_addr; + u64 rax; + u64 star; + u64 lstar; + u64 cstar; + u64 sfmask; + u64 kernel_gs_base; + u64 sysenter_cs; + u64 sysenter_esp; + u64 sysenter_eip; + u64 cr2; + u8 reserved_5[32]; + u64 g_pat; + u64 dbgctl; + u64 br_from; + u64 br_to; + u64 last_excp_from; + u64 last_excp_to; + u8 reserved_6[72]; + u32 spec_ctrl; /* Guest version of SPEC_CTRL at 0x2E0 */ +} __packed; + +/* Save area definition for SEV-ES and SEV-SNP guests */ +struct sev_es_save_area { + struct vmcb_seg es; + struct vmcb_seg cs; + struct vmcb_seg ss; + struct vmcb_seg ds; + struct vmcb_seg fs; + struct vmcb_seg gs; + struct vmcb_seg gdtr; + struct vmcb_seg ldtr; + struct vmcb_seg idtr; + struct vmcb_seg tr; + u8 reserved_1[43]; + u8 cpl; + u8 reserved_2[4]; + u64 efer; u8 reserved_3[104]; - u64 xss; /* Valid for SEV-ES only */ + u64 xss; u64 cr4; u64 cr3; u64 cr0; @@ -272,22 +323,14 @@ struct vmcb_save_area { u64 br_to; u64 last_excp_from; u64 last_excp_to; - - /* - * The following part of the save area is valid only for - * SEV-ES guests when referenced through the GHCB or for - * saving to the host save area. - */ - u8 reserved_7[72]; - u32 spec_ctrl; /* Guest version of SPEC_CTRL at 0x2E0 */ - u8 reserved_7b[4]; + u8 reserved_7[80]; u32 pkru; - u8 reserved_7a[20]; - u64 reserved_8; /* rax already available at 0x01f8 */ + u8 reserved_9[20]; + u64 reserved_10; /* rax already available at 0x01f8 */ u64 rcx; u64 rdx; u64 rbx; - u64 reserved_9; /* rsp already available at 0x01d8 */ + u64 reserved_11; /* rsp already available at 0x01d8 */ u64 rbp; u64 rsi; u64 rdi; @@ -299,23 +342,25 @@ struct vmcb_save_area { u64 r13; u64 r14; u64 r15; - u8 reserved_10[16]; + u8 reserved_12[16]; u64 sw_exit_code; u64 sw_exit_info_1; u64 sw_exit_info_2; u64 sw_scratch; u64 sev_features; - u8 reserved_11[48]; + u8 reserved_13[48]; u64 xcr0; u8 valid_bitmap[16]; u64 x87_state_gpa; } __packed; +#define GHCB_SHARED_BUF_SIZE 2032 + struct ghcb { - struct vmcb_save_area save; - u8 reserved_save[2048 - sizeof(struct vmcb_save_area)]; + struct sev_es_save_area save; + u8 reserved_save[2048 - sizeof(struct sev_es_save_area)]; - u8 shared_buffer[2032]; + u8 shared_buffer[GHCB_SHARED_BUF_SIZE]; u8 reserved_1[10]; u16 protocol_version; /* negotiated SEV-ES/GHCB protocol version */ @@ -323,13 +368,15 @@ struct ghcb { } __packed; -#define EXPECTED_VMCB_SAVE_AREA_SIZE 1032 +#define EXPECTED_VMCB_SAVE_AREA_SIZE 740 +#define EXPECTED_SEV_ES_SAVE_AREA_SIZE 1032 #define EXPECTED_VMCB_CONTROL_AREA_SIZE 1024 #define EXPECTED_GHCB_SIZE PAGE_SIZE static inline void __unused_size_checks(void) { BUILD_BUG_ON(sizeof(struct vmcb_save_area) != EXPECTED_VMCB_SAVE_AREA_SIZE); + BUILD_BUG_ON(sizeof(struct sev_es_save_area) != EXPECTED_SEV_ES_SAVE_AREA_SIZE); BUILD_BUG_ON(sizeof(struct vmcb_control_area) != EXPECTED_VMCB_CONTROL_AREA_SIZE); BUILD_BUG_ON(sizeof(struct ghcb) != EXPECTED_GHCB_SIZE); } @@ -399,7 +446,7 @@ struct vmcb { /* GHCB Accessor functions */ #define GHCB_BITMAP_IDX(field) \ - (offsetof(struct vmcb_save_area, field) / sizeof(u64)) + (offsetof(struct sev_es_save_area, field) / sizeof(u64)) #define DEFINE_GHCB_ACCESSORS(field) \ static inline bool ghcb_##field##_is_valid(const struct ghcb *ghcb) \ diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 322553322202..c79da6af40b6 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -558,12 +558,20 @@ static int sev_launch_update_data(struct kvm *kvm, struct kvm_sev_cmd *argp) static int sev_es_sync_vmsa(struct vcpu_svm *svm) { - struct vmcb_save_area *save = &svm->vmcb->save; + struct sev_es_save_area *save = svm->sev_es.vmsa; /* Check some debug related fields before encrypting the VMSA */ - if (svm->vcpu.guest_debug || (save->dr7 & ~DR7_FIXED_1)) + if (svm->vcpu.guest_debug || (svm->vmcb->save.dr7 & ~DR7_FIXED_1)) return -EINVAL; + /* + * SEV-ES will use a VMSA that is pointed to by the VMCB, not + * the traditional VMSA that is part of the VMCB. Copy the + * traditional VMSA as it has been built so far (in prep + * for LAUNCH_UPDATE_VMSA) to be the initial SEV-ES state. + */ + memcpy(save, &svm->vmcb->save, sizeof(svm->vmcb->save)); + /* Sync registgers */ save->rax = svm->vcpu.arch.regs[VCPU_REGS_RAX]; save->rbx = svm->vcpu.arch.regs[VCPU_REGS_RBX]; @@ -591,14 +599,6 @@ static int sev_es_sync_vmsa(struct vcpu_svm *svm) save->xss = svm->vcpu.arch.ia32_xss; save->dr6 = svm->vcpu.arch.dr6; - /* - * SEV-ES will use a VMSA that is pointed to by the VMCB, not - * the traditional VMSA that is part of the VMCB. Copy the - * traditional VMSA as it has been built so far (in prep - * for LAUNCH_UPDATE_VMSA) to be the initial SEV-ES state. - */ - memcpy(svm->sev_es.vmsa, save, sizeof(*save)); - return 0; } @@ -2905,7 +2905,7 @@ void sev_es_vcpu_reset(struct vcpu_svm *svm) void sev_es_prepare_guest_switch(struct vcpu_svm *svm, unsigned int cpu) { struct svm_cpu_data *sd = per_cpu(svm_data, cpu); - struct vmcb_save_area *hostsa; + struct sev_es_save_area *hostsa; /* * As an SEV-ES guest, hardware will restore the host state on VMEXIT, @@ -2915,7 +2915,7 @@ void sev_es_prepare_guest_switch(struct vcpu_svm *svm, unsigned int cpu) vmsave(__sme_page_pa(sd->save_area)); /* XCR0 is restored on VMEXIT, save the current host value */ - hostsa = (struct vmcb_save_area *)(page_address(sd->save_area) + 0x400); + hostsa = (struct sev_es_save_area *)(page_address(sd->save_area) + 0x400); hostsa->xcr0 = xgetbv(XCR_XFEATURE_ENABLED_MASK); /* PKRU is restored on VMEXIT, save the current host value */ diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index daa8ca84afcc..d383d477bb29 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -168,7 +168,7 @@ struct svm_nested_state { struct vcpu_sev_es_state { /* SEV-ES support */ - struct vmcb_save_area *vmsa; + struct sev_es_save_area *vmsa; struct ghcb *ghcb; struct kvm_host_map ghcb_map; bool received_first_sipi; From patchwork Mon Dec 13 17:33:55 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 12674449 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2BCA1C433F5 for ; Mon, 13 Dec 2021 17:34:51 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241405AbhLMRep (ORCPT ); Mon, 13 Dec 2021 12:34:45 -0500 Received: from mail-dm3nam07on2087.outbound.protection.outlook.com ([40.107.95.87]:65346 "EHLO NAM02-DM3-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S241360AbhLMRek (ORCPT ); Mon, 13 Dec 2021 12:34:40 -0500 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=HzpMO9fT1l+zSUSkrfD6XJ7QMmt4wB9lwXNuB36+dEb22XVZCDVaB9A0k8dJVVv2vpQtFGAN7btfLNWXNV64+FPRbM6lxeHf+ty7leSwslbsF2o8OIZxq2CVC4OeJkrSHkBn5jaDS2Ah3wQeDSu3pKccL2WnyCD3P1OgsXXpRdZcKdn+O0zNj3LMCEsGGK+XD6aErhM1+ERfgWp6btdmFyhgvy9PJRpEskt7kLmoP0uOb2tCdi8ez/1al6IG6pNOYcMBguFGAyxXLf72V+4ZX+R2ifMvj5l8XCkBMSmEGiiWIcXbf9Kfk4aMaVqKQbnuGaqBE2kVySBQ3OPEFa4B7g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=WWdTGxes1QVQwa15EBnHEnXYqoT2r+wHLhrsR9xj5z4=; b=jnYv8ZQ62ZFWhT5MEpBeqrAu4JXMV6r68du5W9RLvp2OqaFyhsqKj/EZr2R4Wd8kipZYbOmdk2V8QsWqOZCJmF4p7haMzgfxJ8j7ZyJd3TnKtiC27cvs79qyIYGeN+y2iFl7gNtEK+Jg9lcsla/2c0a1oPnLwtUGjlBeR+UliVP4nmIimkwRAxFntvQXHGj2lAzX4HpEp6nXkvJbddr6u6Vbnok9P+8eWdB5M4XQND86TEzhSQ9l5mJekodvQoXC54IVvbH6mhdOfn9E+z/Nuy8moX4+ftlpsUJDK6wZt/2QmiTHhrz3FXTe5DPwgaS8Zw8Oe361xzm95aERt2fIOg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=WWdTGxes1QVQwa15EBnHEnXYqoT2r+wHLhrsR9xj5z4=; b=n0MPp7vfNolCjt7oU/E+MdauLSakoXj3p/70cv86Yn8fnzrHW6giwiMORlnAneL9j4o33/SR9TKUAl4odbvjvzpDZPveuBpBO16iFTx18jWL24XmGUWSRJa230U3gdMt3oQT54zg7qjA5KEJpsvbA7q27ZTOtviAO/FO04LfZm4= Received: from BN6PR17CA0033.namprd17.prod.outlook.com (2603:10b6:405:75::22) by BYAPR12MB2710.namprd12.prod.outlook.com (2603:10b6:a03:68::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4755.22; Mon, 13 Dec 2021 17:34:35 +0000 Received: from BN8NAM11FT010.eop-nam11.prod.protection.outlook.com (2603:10b6:405:75:cafe::a8) by BN6PR17CA0033.outlook.office365.com (2603:10b6:405:75::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4778.11 via Frontend Transport; Mon, 13 Dec 2021 17:34:35 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB03.amd.com; Received: from SATLEXMB03.amd.com (165.204.84.17) by BN8NAM11FT010.mail.protection.outlook.com (10.13.177.53) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4778.13 via Frontend Transport; Mon, 13 Dec 2021 17:34:35 +0000 Received: from sbrijesh-desktop.amd.com (10.180.168.240) by SATLEXMB03.amd.com (10.181.40.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.17; Mon, 13 Dec 2021 11:34:27 -0600 From: Brijesh Singh To: CC: , , Ingo Molnar , Joerg Roedel , Tom Lendacky , Paolo Bonzini , "Sean Christopherson" , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , "Andy Lutomirski" , Dave Hansen , David Rientjes , Peter Gonda , Borislav Petkov , , , Brijesh Singh Subject: [PATCH 3/4] KVM: SVM: Create a separate mapping for the GHCB save area Date: Mon, 13 Dec 2021 11:33:55 -0600 Message-ID: <20211213173356.138726-4-brijesh.singh@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211213173356.138726-1-brijesh.singh@amd.com> References: <20211213173356.138726-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB03.amd.com (10.181.40.144) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 2873742c-f714-47bd-974d-08d9be5ed47f X-MS-TrafficTypeDiagnostic: BYAPR12MB2710:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:5797; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: ae5ebNvGZ+6Gp7qv+mTO3olRO91uMIfzsDVI1y/0II0eLJwlXJAtlcDFqoG3x2lRMf+7Ij0+iZ6nsvkcAPZWISx366JqfRXK6rpSSeXzRM31Jqu8DhZQdYoaKWiiCGQ3hwElgbRz6yQIXgR/qQA1gDt/BP1V50cRUOvWcwb7nebNMOfiBGQlVm97rhf4/mekJ1sU3UbY39WZaFJE3MMfUt6YO1gYAGlX6Hp3cp36O7xYxHhGiH4IUTcdOLHAgGKvVe1gX+wlvbCRlGvDIDk43gqbqUtb62wY9UGYNTBI7vH1S5n/8MO1oVliTtRs4hBhQ8fku5HDNCSSUMPs4cLSmdA1TBSL/IxOOYOflLoX5e7CKiZRnkqeiNwf5mhFNzXcCKQk4ZInibVy4IO4I2QZHPtBEoSTsklrEYOejnCQtTaO5dkun7oiQLbDeLq0ucwmGCCxGc4qdHJJ1ncvZNhVqsSaJCyDxHTsTTtImFstVWh9xR9sTxelIORx97PwfkDAEJLAgWl+1SEqpS0F/n9jpJAdVrJwnMgjlI957uEKzkE0qYT0xKz8NgR26RfuhUubg56ZncnX1kEKUe1/SXYNHw/3VKG4KLspUWwCUSGccDs6FtCzLyqgDCn4YwmR5IQct4vo7M8NiTtC3wtLaYpS9WyltKGqVck75xnNtUMxHpWkhaxRiJDxt75oFicnyWuY6bOcqU+JdW6XLlpGbNGUyLfLGVED3FnfXFfVPJtxw/nkmM2eg636MGBRvGafl38W0kUEDDPs53P0Jd6eQQivO07IInKCBuwQSAOoRRPwmVQ= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB03.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(4636009)(36840700001)(46966006)(40470700001)(70206006)(26005)(36756003)(356005)(2616005)(336012)(186003)(5660300002)(316002)(16526019)(2906002)(44832011)(426003)(4326008)(7416002)(54906003)(70586007)(6666004)(40460700001)(36860700001)(508600001)(1076003)(8936002)(8676002)(47076005)(6916009)(82310400004)(7696005)(86362001)(81166007)(83380400001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 Dec 2021 17:34:35.0541 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 2873742c-f714-47bd-974d-08d9be5ed47f X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB03.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT010.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR12MB2710 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org From: Tom Lendacky The initial implementation of the GHCB spec was based on trying to keep the register state offsets the same relative to the VM save area. However, the save area for SEV-ES has changed within the hardware causing the relation between the SEV-ES save area to change relative to the GHCB save area. This is the second step in defining the multiple save areas to keep them separate and ensuring proper operation amongst the different types of guests. Create a GHCB save area that matches the GHCB specification. Signed-off-by: Tom Lendacky Signed-off-by: Brijesh Singh --- arch/x86/include/asm/svm.h | 48 +++++++++++++++++++++++++++++++++++--- 1 file changed, 45 insertions(+), 3 deletions(-) diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h index 3ce2e575a2de..5ff1fa364a31 100644 --- a/arch/x86/include/asm/svm.h +++ b/arch/x86/include/asm/svm.h @@ -354,11 +354,51 @@ struct sev_es_save_area { u64 x87_state_gpa; } __packed; +struct ghcb_save_area { + u8 reserved_1[203]; + u8 cpl; + u8 reserved_2[116]; + u64 xss; + u8 reserved_3[24]; + u64 dr7; + u8 reserved_4[16]; + u64 rip; + u8 reserved_5[88]; + u64 rsp; + u8 reserved_6[24]; + u64 rax; + u8 reserved_7[264]; + u64 rcx; + u64 rdx; + u64 rbx; + u8 reserved_8[8]; + u64 rbp; + u64 rsi; + u64 rdi; + u64 r8; + u64 r9; + u64 r10; + u64 r11; + u64 r12; + u64 r13; + u64 r14; + u64 r15; + u8 reserved_9[16]; + u64 sw_exit_code; + u64 sw_exit_info_1; + u64 sw_exit_info_2; + u64 sw_scratch; + u8 reserved_10[56]; + u64 xcr0; + u8 valid_bitmap[16]; + u64 x87_state_gpa; +} __packed; + #define GHCB_SHARED_BUF_SIZE 2032 struct ghcb { - struct sev_es_save_area save; - u8 reserved_save[2048 - sizeof(struct sev_es_save_area)]; + struct ghcb_save_area save; + u8 reserved_save[2048 - sizeof(struct ghcb_save_area)]; u8 shared_buffer[GHCB_SHARED_BUF_SIZE]; @@ -369,6 +409,7 @@ struct ghcb { #define EXPECTED_VMCB_SAVE_AREA_SIZE 740 +#define EXPECTED_GHCB_SAVE_AREA_SIZE 1032 #define EXPECTED_SEV_ES_SAVE_AREA_SIZE 1032 #define EXPECTED_VMCB_CONTROL_AREA_SIZE 1024 #define EXPECTED_GHCB_SIZE PAGE_SIZE @@ -376,6 +417,7 @@ struct ghcb { static inline void __unused_size_checks(void) { BUILD_BUG_ON(sizeof(struct vmcb_save_area) != EXPECTED_VMCB_SAVE_AREA_SIZE); + BUILD_BUG_ON(sizeof(struct ghcb_save_area) != EXPECTED_GHCB_SAVE_AREA_SIZE); BUILD_BUG_ON(sizeof(struct sev_es_save_area) != EXPECTED_SEV_ES_SAVE_AREA_SIZE); BUILD_BUG_ON(sizeof(struct vmcb_control_area) != EXPECTED_VMCB_CONTROL_AREA_SIZE); BUILD_BUG_ON(sizeof(struct ghcb) != EXPECTED_GHCB_SIZE); @@ -446,7 +488,7 @@ struct vmcb { /* GHCB Accessor functions */ #define GHCB_BITMAP_IDX(field) \ - (offsetof(struct sev_es_save_area, field) / sizeof(u64)) + (offsetof(struct ghcb_save_area, field) / sizeof(u64)) #define DEFINE_GHCB_ACCESSORS(field) \ static inline bool ghcb_##field##_is_valid(const struct ghcb *ghcb) \ From patchwork Mon Dec 13 17:33:56 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 12674447 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D29C0C433F5 for ; Mon, 13 Dec 2021 17:34:44 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241379AbhLMRen (ORCPT ); Mon, 13 Dec 2021 12:34:43 -0500 Received: from mail-sn1anam02on2087.outbound.protection.outlook.com ([40.107.96.87]:6090 "EHLO NAM02-SN1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S241342AbhLMRei (ORCPT ); Mon, 13 Dec 2021 12:34:38 -0500 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YaFOvLHoi5WIzJ8NL4cnCC6nev3azZa3lWYV48Idq7Co3JlFe3chlEknZRXed9h1uIzzFrfahfXRDmKJzzFIEZwdxe05U6euaDcuGH6FFawpuqoklzJmCV95sEx0Wj+o+CmOPgeu9B6fxRr+58PcdsI4SL+tnsIxqPm7Dd7NINM7lrAngh5Gk0PNxCSW6nc942taVaH2582lkOZfM/RJYJVkw082A8ulvBO2qznRmjCNGYmDoTGTnuBp1eRFNuOGBaRLLMeRYgIQn53Mm6Dz2xWc/dTal+v3vDt7JQ9knqDnc+auRP0ue4Zgi8aST0PL4utj8+qSpa7rna+AH/Scbg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=5yYGZkXYbkKsCZF4e6t1+n+SfDJC4kr8FCySTr9HpfQ=; b=mgOltfLtcoIs10aIEeIxoJ6xlcpaSo9Znei3BHhokLlAkkHJ2HdGIk5/OeWeljZEyr7QkH0kAQExuUBIWZRKtD74s5/p0H1u2JZmE6qSTzMbuOcKzHzSVXdaZM+BZ7l/vsBC5E9tiLU5SpnlLxdOCALGYsi080kh+6DlkAkUgkzmjqM0Zzvzv6/axJ3PcLefDD5jR6Zrh6GuNi4/3UZd7n8kZIteJKGfW1uNOa/DofOo2Pml0oUr188axDUc1+WsB5DZmxG5rs9Rr6KoP9AxXhvKNAoYPqrrOdpcsA7aioBylAeFyos0zOT9RMhVM3SGEHVZCVapr/przSo4B9QKgQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=5yYGZkXYbkKsCZF4e6t1+n+SfDJC4kr8FCySTr9HpfQ=; b=riFp3xe0HbusN6MBMfJvxiLP8gDVQb11HGZhifOQgGjw0no6pf1sqT+LMtmkkslNPoOkFy+TgWhex62ztb/EZ738/ZgQ39XUHG7UuS+5KbgFVUMAYg8Dd3eWEmKWi6UbUaULxO63aIygahwZd7jDo+zwKkcbhDPNVRtnMPOg7WY= Received: from BN6PR17CA0030.namprd17.prod.outlook.com (2603:10b6:405:75::19) by MWHPR12MB1661.namprd12.prod.outlook.com (2603:10b6:301:3::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4778.15; Mon, 13 Dec 2021 17:34:35 +0000 Received: from BN8NAM11FT010.eop-nam11.prod.protection.outlook.com (2603:10b6:405:75:cafe::ae) by BN6PR17CA0030.outlook.office365.com (2603:10b6:405:75::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4778.14 via Frontend Transport; Mon, 13 Dec 2021 17:34:35 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB03.amd.com; Received: from SATLEXMB03.amd.com (165.204.84.17) by BN8NAM11FT010.mail.protection.outlook.com (10.13.177.53) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4778.13 via Frontend Transport; Mon, 13 Dec 2021 17:34:35 +0000 Received: from sbrijesh-desktop.amd.com (10.180.168.240) by SATLEXMB03.amd.com (10.181.40.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.17; Mon, 13 Dec 2021 11:34:28 -0600 From: Brijesh Singh To: CC: , , Ingo Molnar , Joerg Roedel , Tom Lendacky , Paolo Bonzini , "Sean Christopherson" , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , "Andy Lutomirski" , Dave Hansen , David Rientjes , Peter Gonda , Borislav Petkov , , , Brijesh Singh Subject: [PATCH 4/4] KVM: SVM: Update the SEV-ES save area mapping Date: Mon, 13 Dec 2021 11:33:56 -0600 Message-ID: <20211213173356.138726-5-brijesh.singh@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211213173356.138726-1-brijesh.singh@amd.com> References: <20211213173356.138726-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB03.amd.com (10.181.40.144) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 65c8d692-2b9b-4801-1a78-08d9be5ed4e5 X-MS-TrafficTypeDiagnostic: MWHPR12MB1661:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:5236; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: h/7LWDso+8jowsHRrFDgVXtmOxyRbHUyzVe/5ANWTiCiKTFAMGeKR6J60MfxGJ0+XaN2R1jtQTmuwAWzEVBlxvgWXGbNLfDeAiCNJeprSy1p8cUNlh/ERPD9lxQVzuZJjHLKwCR1FPdCTxz9gNZ1EsJ780x7MX7r0fxdLt/4gRQpAMDvw32iBihILALmOmZ5y/W7PsbRoa4GZLU+9yaUb/C5FYyuf3gZ/OVezsPR2/Ol2byhK5drY183ILVR0prCsB6AWTdttex+cLoxfPgIII8vknVoY8kDv8U0+rGTp7ygmdSyUPhxIp0bU2nZmQBhZwx7Fz+Sn/+laxv4uPFvGEuLoPZAMJ9Gg+dTzz1JvBPMrz+VS/bVltxy9HSEiQiwldbnbpycbvojjtsjZVH82d7cLSgNpCD6c4kG+jsDUNrIya9j8+PzOhQALO6kYNaniK5Vh81F9EgXFTkH+FFRsm1I2wHZAMnY+tFsVKGilIpj5R8LYhkBP+hDIJI8TPkBuslKyyzOJ+NAk6L9PMlMOhfAKW0QbvgGuMNDYKOIhrEKNuUTos4VwYdxLfGaybwhVNGgi8eE18W31UcQRgbG3ABiU+1BUKDcALyLwxVGdohsQLy4CRhUURQagh8xhitzL+K8lOwRIxgZrly72ClSzjEndmYr3Bv3DIQ5oh07hzYoWhJsvBWJKtx3Artrfvryq69iTfcxRZWJyvMF5s0Yzv1anFl6Hst6JBSmLjPX7F8bxZ1TZRztakYtaUHuDEd5xrzYFZVmhSsNS8rWKs7sDuP+pvQ4yPZIPMy6t4A64QE= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB03.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(4636009)(46966006)(36840700001)(40470700001)(186003)(508600001)(2616005)(54906003)(8676002)(44832011)(47076005)(5660300002)(2906002)(26005)(15650500001)(356005)(70586007)(8936002)(7416002)(16526019)(83380400001)(4326008)(6666004)(40460700001)(7696005)(81166007)(316002)(6916009)(82310400004)(1076003)(36860700001)(86362001)(426003)(36756003)(70206006)(336012)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 Dec 2021 17:34:35.7194 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 65c8d692-2b9b-4801-1a78-08d9be5ed4e5 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB03.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT010.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR12MB1661 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org From: Tom Lendacky This is the final step in defining the multiple save areas to keep them separate and ensuring proper operation amongst the different types of guests. Update the SEV-ES/SEV-SNP save area to match the APM. This save area will be used for the upcoming SEV-SNP AP Creation NAE event support. Signed-off-by: Tom Lendacky Signed-off-by: Brijesh Singh --- arch/x86/include/asm/svm.h | 66 +++++++++++++++++++++++++++++--------- 1 file changed, 50 insertions(+), 16 deletions(-) diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h index 5ff1fa364a31..7d90321e7775 100644 --- a/arch/x86/include/asm/svm.h +++ b/arch/x86/include/asm/svm.h @@ -290,7 +290,13 @@ struct sev_es_save_area { struct vmcb_seg ldtr; struct vmcb_seg idtr; struct vmcb_seg tr; - u8 reserved_1[43]; + u64 vmpl0_ssp; + u64 vmpl1_ssp; + u64 vmpl2_ssp; + u64 vmpl3_ssp; + u64 u_cet; + u8 reserved_1[2]; + u8 vmpl; u8 cpl; u8 reserved_2[4]; u64 efer; @@ -303,9 +309,19 @@ struct sev_es_save_area { u64 dr6; u64 rflags; u64 rip; - u8 reserved_4[88]; + u64 dr0; + u64 dr1; + u64 dr2; + u64 dr3; + u64 dr0_addr_mask; + u64 dr1_addr_mask; + u64 dr2_addr_mask; + u64 dr3_addr_mask; + u8 reserved_4[24]; u64 rsp; - u8 reserved_5[24]; + u64 s_cet; + u64 ssp; + u64 isst_addr; u64 rax; u64 star; u64 lstar; @@ -316,7 +332,7 @@ struct sev_es_save_area { u64 sysenter_esp; u64 sysenter_eip; u64 cr2; - u8 reserved_6[32]; + u8 reserved_5[32]; u64 g_pat; u64 dbgctl; u64 br_from; @@ -325,12 +341,12 @@ struct sev_es_save_area { u64 last_excp_to; u8 reserved_7[80]; u32 pkru; - u8 reserved_9[20]; - u64 reserved_10; /* rax already available at 0x01f8 */ + u8 reserved_8[20]; + u64 reserved_9; /* rax already available at 0x01f8 */ u64 rcx; u64 rdx; u64 rbx; - u64 reserved_11; /* rsp already available at 0x01d8 */ + u64 reserved_10; /* rsp already available at 0x01d8 */ u64 rbp; u64 rsi; u64 rdi; @@ -342,16 +358,34 @@ struct sev_es_save_area { u64 r13; u64 r14; u64 r15; - u8 reserved_12[16]; - u64 sw_exit_code; - u64 sw_exit_info_1; - u64 sw_exit_info_2; - u64 sw_scratch; + u8 reserved_11[16]; + u64 guest_exit_info_1; + u64 guest_exit_info_2; + u64 guest_exit_int_info; + u64 guest_nrip; u64 sev_features; - u8 reserved_13[48]; + u64 vintr_ctrl; + u64 guest_exit_code; + u64 virtual_tom; + u64 tlb_id; + u64 pcpu_id; + u64 event_inj; u64 xcr0; - u8 valid_bitmap[16]; - u64 x87_state_gpa; + u8 reserved_12[16]; + + /* Floating point area */ + u64 x87_dp; + u32 mxcsr; + u16 x87_ftw; + u16 x87_fsw; + u16 x87_fcw; + u16 x87_fop; + u16 x87_ds; + u16 x87_cs; + u64 x87_rip; + u8 fpreg_x87[80]; + u8 fpreg_xmm[256]; + u8 fpreg_ymm[256]; } __packed; struct ghcb_save_area { @@ -410,7 +444,7 @@ struct ghcb { #define EXPECTED_VMCB_SAVE_AREA_SIZE 740 #define EXPECTED_GHCB_SAVE_AREA_SIZE 1032 -#define EXPECTED_SEV_ES_SAVE_AREA_SIZE 1032 +#define EXPECTED_SEV_ES_SAVE_AREA_SIZE 1648 #define EXPECTED_VMCB_CONTROL_AREA_SIZE 1024 #define EXPECTED_GHCB_SIZE PAGE_SIZE