From patchwork Mon Feb 3 22:31:57 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Pratik R. Sampat" X-Patchwork-Id: 13958321 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2046.outbound.protection.outlook.com [40.107.220.46]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C99AC1FF7B4; Mon, 3 Feb 2025 22:32:34 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.220.46 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738621956; cv=fail; b=KVnqTZBPCGkLLvZLvlusZLi33a3k9rDlGYbH5OnY0qoxhiTsqMD3Ts9D5qcjzsLAeqr7fJf6Gy2XANEnIWHBmTr14JAtjawwDm1+AYN3RNp+QyquTd1/T1lWYiRIeyHkF7IqQLiEMIPbQHACcEVtUtcMr4Q/u8QRD2NvECxrnw0= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738621956; c=relaxed/simple; bh=R0wWoETAu/rG/sVt8eKTjdHmtOVoBleYgNCRl6Eekuc=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=GCJ4OCkbXlP23j7IWQAe7kE4cV2+5SqqksW3a3o5zSjEx4EQH1sfDCY4ITF+IZ0q+SojDCLWquCwvWEAdZSy65e9p4vr2K44OKb5atnweG+P4Te9WE8Gk/MDECReCNBL9KyiTm4zYVZgh1/k/juIZ0xZxvX9gQ1n/Mu9Lgrke5U= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=KAaOZkT2; arc=fail smtp.client-ip=40.107.220.46 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="KAaOZkT2" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=M69jcw8dOI6Hp5VC27e01qEtjCUL/uQYD4cj2U9VTo2KibSNn2mD4x9FeDAKCxPsiymK7JRuVAoHfuyu4fIcBsaOTNePzN0xLeCKuAj5RMzKrlyhAAta3jvCVc3Qk3CRm2KgDPUKHyenfLQ92/f2GHpwd6qm+kZVpwN3jQbtSk1DkK2iXjE10J9wfZhzIG6ruoyaK4KEiNnN1ftMcM/K2YN6Igy4qIh1kOtVOtROHGqN+tNMwExiKG3Pa7vJ5Rx/BNwfSxXmfsh+K9kEZer2Bpon4qiJJH1ohuzv73IWNtxYrbV8MFoZt4fkRLv5CKK0IhQVKIOXiLlwqPN45WXaKQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=8k+fsTkWW+QLt8Ur3ZzC8OGpQYWHzq3HmAuL/6QstE0=; b=uafnOiAHpMzRwK1kuwiDoAT0t7MUG6hStc1I0DEeC8dLvKj/EQn1oXbu6osDLzVKRE54EBwZSCd7PyQ/ae7y7CDeDPIuK2l9WvIQ1aZkyKZqu0wK0ee3niVXBBK9VhqI/QiLtefOil8wV8SWc7dXbkemYHmoyeDcPOOGoTi0eT/S5Qzd36bs4RFindKAvEbR0VvznfOlgI+adIdV2nZo+dbVEaB2FXXr9ARpi1HlMD1RqTT2P49cWZz37Kv+JN/6c5UVsUqrZL7/JGFgiSxK/qqT0x9o7+6VwdDaRaHisdK60BozzuMZLSda7ye2IyFfhLKGPUqQy+gnDBFAXGmuqA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8k+fsTkWW+QLt8Ur3ZzC8OGpQYWHzq3HmAuL/6QstE0=; b=KAaOZkT2JCGd00YzcOTZ6quiMKKDdulL+zZkvAw+e2ktb7zZW3Ghl8Eeiyv2w/cIjfYxFwzOyIjUrnESALmo6pbMmbBIEBpEfBH7J0tmzBvqBMxo/CKTyxholblseKfmQ1LRNLZpP3kDfNT++JS3XbQb9Kv8K1ElyMuf5YDQKM0= Received: from SJ0PR03CA0189.namprd03.prod.outlook.com (2603:10b6:a03:2ef::14) by DS0PR12MB6440.namprd12.prod.outlook.com (2603:10b6:8:c8::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8398.20; Mon, 3 Feb 2025 22:32:30 +0000 Received: from SN1PEPF0002BA4D.namprd03.prod.outlook.com (2603:10b6:a03:2ef:cafe::de) by SJ0PR03CA0189.outlook.office365.com (2603:10b6:a03:2ef::14) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8356.22 via Frontend Transport; Mon, 3 Feb 2025 22:32:30 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF0002BA4D.mail.protection.outlook.com (10.167.242.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8398.14 via Frontend Transport; Mon, 3 Feb 2025 22:32:29 +0000 Received: from sampat-dell.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Mon, 3 Feb 2025 16:32:28 -0600 From: "Pratik R. Sampat" To: , , , , CC: , , , , , , , , , , , , , , Subject: [PATCH v6 1/9] KVM: SEV: Disable SEV-SNP on FW validation failure Date: Mon, 3 Feb 2025 16:31:57 -0600 Message-ID: <20250203223205.36121-2-prsampat@amd.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250203223205.36121-1-prsampat@amd.com> References: <20250203223205.36121-1-prsampat@amd.com> Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF0002BA4D:EE_|DS0PR12MB6440:EE_ X-MS-Office365-Filtering-Correlation-Id: 4e9e4046-a3fb-46c9-1b6e-08dd44a2a4ba X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|7416014|376014|36860700013|82310400026; X-Microsoft-Antispam-Message-Info: ihRIAb+1MF29PDj+FSi7Mge/ppGhymaAG6X6g6Z7Yylq/UDqCfei7MBFQo1OEWCnDZziwBCpV92wC39x6e1bvQFvyXs5KSspO/pNQMzez3+u+f1D11xo7NhQxUigv7pjRqnW6HkNOVAAsXefY9JEH5LPUgremX3mUL8J5wtH/BnOmLnhhJFpFiM+cqU06JyFcqKj/XBs4WjlSOFzk8MwfHM3CqI2Ycb31oZITXu5tAYakzflS4S6uuCV5HxZedEeVO8Auz0ty0f5s6aVdbtvmT4+ppbTdiMfS22dcrA4HcJjUhO0v4e8Xn7rsnrANKfAuEIfPopUGvZeql8Oyjm2QE4TqEPm1/a3AURJRjH7kyMp/u5u/Z0k39D9RAwz7CWsJRy5ovgP1Iz+p6DzB8YbfL4uHtMvTaPR/PSdGBqUp7Xm9J1sF+k+Zt4BytP0JGYMPzOsWuq1J74p2QxbLp+Lso5PzT2GchJHUSUD1ZYf8ra8Rzal9VQfU9fW3pfTPbaQYH7ZR1vDTEALCe5TrBncIo1ySf3zBgDiAkI3lLO7KlTcvrbmWSuiqVhodH5NsKuLSA7hlVhm3A+qnK9FQXDzf6KfSzg8UITicOawM7l1rHZWNmPLQnSztx4/S0nRnRUP59atkLwIMl/J/k+v9y6jKGiRfsGQ/I/Z8R8wPL1EGzZdFdlI1W3Ixk602e/PYSaHTBaHVRno6Tg0ckPKg+kGbnJjHixYkXSe/GcTyLLEe5F0xE4X3TuOgFoYNc/nM2NV3GstsMrgZkRa5mQ6S9ysOLIaa73Aqx7Krx2clF9xEqeLRhQ7P2H1SErNXZ6zI7f/tiVQEnD9Blga+uBQf7EDeETuIVa9ZJ7nSb8HfZcad625OEKKUUo3/cwIwEwO+tdmYOmWkA86/PJZWGYrt6IQLK0CwcPnavEiNyVe+xaiL++WAlonPAKeskHL3QUrU6QS/o5oypzRXnhFRtsNWauNJF2YfEWICRd7k7mNAre4R1tEIU7EY0S/1gn+56/B23FOITrphQ+7WfitOVcFeN5GeOcyNaDxWdDnWAm4LO60hkRnLHYyexpFFxzLKifzjRClU30Mv9ONao5BFpOrV+T00BEtAIfSinOiC78DsTMjMg4DC23X/P/peFxWFkGvB5c9g/k4c3X0KKUmDSGVBoOtS5216PXw+iC4ZDETjp+Z9d8MYcpl7CiS00Z9No4Zd/kXhUrkSjYnki/r4NCRUWeP8DyQwYp9yXzH8uufzyI2gAGQQpbg/nvY97GfVop6Zin5joW2MGwQjclFEPVHtn4I2z0IriKIS79tYGr9q+YfbjKlamTN2PpfT7QfHy8kOvsCRusR8w83j+p6kUVOWOdrOpXoYJJltS8pBJ69/e981DAZajH6P7rwBVOsT97KaO9ZzwJDPeCo/hhauFoYbIbpTF3GkAzueyRNPh6r1FctbUD4QtsAN1DmahdyR/aO12YPc8+59j7Xr/gAlOXoEvqetzZexxGDMy1gCP/e6IrbQ4o= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(1800799024)(7416014)(376014)(36860700013)(82310400026);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Feb 2025 22:32:29.4123 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 4e9e4046-a3fb-46c9-1b6e-08dd44a2a4ba X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF0002BA4D.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB6440 On incompatible firmware versions, SEV-SNP support is pulled and the setup is not performed. However, the platform and subsequently the KVM capability may continue to advertise support for it. Disable support for SEV-SNP if the FW version validation fails. Fixes: 1dfe571c12cf ("KVM: SEV: Add initial SEV-SNP support") Suggested-by: Sean Christopherson Reviewed-by: Nikunj A Dadhania Tested-by: Srikanth Aithal Signed-off-by: Pratik R. Sampat --- v5..v6: * Collected tags from Nikunj and Srikanth. --- arch/x86/kvm/svm/sev.c | 4 +++- drivers/crypto/ccp/sev-dev.c | 6 ++++++ include/linux/psp-sev.h | 3 +++ 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 0f04f365885c..b709c2f0945c 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3040,7 +3040,9 @@ void __init sev_hardware_setup(void) sev_es_asid_count = min_sev_asid - 1; WARN_ON_ONCE(misc_cg_set_capacity(MISC_CG_RES_SEV_ES, sev_es_asid_count)); sev_es_supported = true; - sev_snp_supported = sev_snp_enabled && cc_platform_has(CC_ATTR_HOST_SEV_SNP); + sev_snp_supported = (sev_snp_enabled && + cc_platform_has(CC_ATTR_HOST_SEV_SNP) && + snp_fw_valid()); out: if (boot_cpu_has(X86_FEATURE_SEV)) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index af018afd9cd7..b45cd60c19b0 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -122,6 +122,12 @@ static inline bool sev_version_greater_or_equal(u8 maj, u8 min) return false; } +bool snp_fw_valid(void) +{ + return sev_version_greater_or_equal(SNP_MIN_API_MAJOR, SNP_MIN_API_MINOR); +} +EXPORT_SYMBOL_GPL(snp_fw_valid); + static void sev_irq_handler(int irq, void *data, unsigned int status) { struct sev_device *sev = data; diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index 903ddfea8585..e841a8fbbb15 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -945,6 +945,7 @@ int sev_do_cmd(int cmd, void *data, int *psp_ret); void *psp_copy_user_blob(u64 uaddr, u32 len); void *snp_alloc_firmware_page(gfp_t mask); void snp_free_firmware_page(void *addr); +bool snp_fw_valid(void); #else /* !CONFIG_CRYPTO_DEV_SP_PSP */ @@ -979,6 +980,8 @@ static inline void *snp_alloc_firmware_page(gfp_t mask) static inline void snp_free_firmware_page(void *addr) { } +static inline bool snp_fw_valid(void) { return false; } + #endif /* CONFIG_CRYPTO_DEV_SP_PSP */ #endif /* __PSP_SEV_H__ */ From patchwork Mon Feb 3 22:31:58 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Pratik R. Sampat" X-Patchwork-Id: 13958322 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2054.outbound.protection.outlook.com [40.107.94.54]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4F61020A5C7; Mon, 3 Feb 2025 22:32:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.94.54 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738621972; cv=fail; b=tDwBmH8Ks/zABy7J0dg33cVWhCLhHMl6BXHd+pjaQqn804Zh0BRyuD/6v7h5EB+B4jn62YkKKmN591Of1apMFsB8NtDMYT1BysMLF5vwYDbHbAa4pRKgjNtgcS/hOxdVv/jQ9t84VzVg+rzIH2VCwRYtD78SBjoCEkna5X8B1Tc= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738621972; c=relaxed/simple; bh=SAgHb+w8s0Cx/tQ+BIasVcOybs03Xt0KB1rHp17EQ+Y=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=Z5u2rb468hSUYWDJejCVRwzoKnUEWFGcC3otmn1LmBxlFdspm2egYkTdCdM+9oPZDKIPwuQwBOk68zvxDQhs+3u545JxmHYO6EpNWhXe5A2RuLWnxIDzzRqy+CfOyniDEeGuxrfouezKdKfuPZPhQmEWYON0WhXHL8KIiMMy8Q4= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=YX3v200V; arc=fail smtp.client-ip=40.107.94.54 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="YX3v200V" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=slZ+NDrOpUokUdnFs636hC7y7xd+TT41KGKr0JqoU8HotXNKnbv8u8hm3L7ltSXKNrWZrA1VuTID51/4Pxe7MfmXDafGEzaI8mKvzb7qFGt5WM+SbF0+ZHsfEifJIc//97Tk38cMUEX1t9kVNF6VRKJUDkC4EwtBmRgN3LC07zGhtbEikDzzSu1vMQ9bHb+S/IvPqEg7gna4jahvJBYXdnO9JOQmMYj4ATfYyl48wQs+Sl2WQbk0wKDMI8jehCctB98cqivXJiLzT74A2w6+T4i2BGMi1ASKv1bt1cu3MEH159TWEv5N0NE4kH+oacubmuQW9n82Wo3y3kH3PsByGA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=qfAS1e2bE3hJdMmPqPf/CguUbzLMoCqv3MVBJ+76no4=; b=saZh5pd3zoYTKmXqTTz9ZpCFsa/94arL506AzJ4KsPJfzFYf3qKtXPiwdws7TnQmj2v2669JdPO7DIxIK7qDgSduPzzHo0Y1ykdZdRLwZhHHh7QGQbCLuKx1AXdduRo7KDVPdHGP6Fspzy6dsskMs3sXE/D9xGvPARO3GDGq+ea6iHDlPDkpRXR2Swhgb7VAO88QLZaFMTRmIkIrsUHJerG3/G+J9Mt6Hx/Sjllbb84dv+rDFFMD2PpNCMQrKy6bWGj1fr4Iq12m4Zbef7sdgCeVBOVy+/7wHxtASJU1kN3d1vNXD0KiLXvQQgpQPmT/84L6yjo6MblKaKVdGuiScw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=qfAS1e2bE3hJdMmPqPf/CguUbzLMoCqv3MVBJ+76no4=; b=YX3v200VMKYt0H5cLxlH6iIijpoxazCdXiNfSgKCRRH7VdFD4V8TRF1gW20iYRhkv1/U9CDWZYxaw4uRC15uyfuVmPk2NzH2G96W85N7pn0M6ZNIxp4fvsC9YkAEBVVwbxaCX7ZuERgEqUE19Cm7IDnGZrekyN9hgZ+YQUtq+aI= Received: from SN4PR0501CA0117.namprd05.prod.outlook.com (2603:10b6:803:42::34) by MN2PR12MB4318.namprd12.prod.outlook.com (2603:10b6:208:1d8::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8398.21; Mon, 3 Feb 2025 22:32:46 +0000 Received: from SN1PEPF0002BA4B.namprd03.prod.outlook.com (2603:10b6:803:42:cafe::2b) by SN4PR0501CA0117.outlook.office365.com (2603:10b6:803:42::34) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8251.10 via Frontend Transport; Mon, 3 Feb 2025 22:32:46 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF0002BA4B.mail.protection.outlook.com (10.167.242.68) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8398.14 via Frontend Transport; Mon, 3 Feb 2025 22:32:45 +0000 Received: from sampat-dell.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Mon, 3 Feb 2025 16:32:44 -0600 From: "Pratik R. Sampat" To: , , , , CC: , , , , , , , , , , , , , , Subject: [PATCH v6 2/9] KVM: SEV: Disable SEV on platform init failure Date: Mon, 3 Feb 2025 16:31:58 -0600 Message-ID: <20250203223205.36121-3-prsampat@amd.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250203223205.36121-1-prsampat@amd.com> References: <20250203223205.36121-1-prsampat@amd.com> Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF0002BA4B:EE_|MN2PR12MB4318:EE_ X-MS-Office365-Filtering-Correlation-Id: 602bab0e-45aa-4413-a6cb-08dd44a2ae8d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|7416014|376014|36860700013|1800799024|82310400026; X-Microsoft-Antispam-Message-Info: h+t1Z2HoeQsgDKVRbAMTTA9kSGOUhfDiN3VN8/T3vpPpM5G4/Anf0xNNb7nNMlhiI8QHpcwreCtqWf4iNch0scF+xhJn1Ncd59ECp0bMCLRkJGDOmqVIQE7UOI+LAtIUIawn2W4LUqVm/GfXGjtzwSBzygQ6ywnxf4QijbdXLbH4mOBfX/LMrMn/tFjEiaAb18LCeXsNP3IFM0+ZnyXDsOc+btMeFKAvY2yx2Zugjp/B6jJylzLiynuCg43MMxrz97Htp+HhIO4qdm4Ur2nuk9nzGles/FpCM+iCphx3Qv50oDsHLzEV69bpuetytN91VVMDdLLf/7GkDiruQlOtbAJZ7UmJ57uDjYMOjIiYlE29vnBja339kPa8FbWgxnyXuyEJfEAnE2eSZxF1a1zDw7gsc6pvuIQr2CfGsZH0ARTvI62sL2SqZ1XK09emFRrBjJ40mXC2JmzoaLlx45iTCg4e+wQbv62YslC3sPScLXoUM3OVdZn980YRHQI3Eau5EZtnhJltgHtD8eKK1Nkvll3bMcnWrqA1PZu+d6SUSg1Q9SAvBdt5w/u4prkeD4aIO5BxffZaTzB2VyicdRwsPGZsDMgCkL0fnYVaR2SpEonCEdY7gf4u59EmFm7icxvhwHRjllUaHW22HvEq39qOAI/dlvZbO4aDW5mm0SD51DYANhmPHIEEhz3f8MWLjSbxUJUeuAPH1M20/jqP+pYUuuf82Yhv6DthjWIFjFzpdfZfXsuz6ajFKrYaWm9iin5CBFXcXxjd3FOrI6/DO6vX64ZwF7vgC90pHuLhsDtWgybLK1NFR+rsVpkCqk5AWi8GiVsOmj7dIx1OVy0LUx4ivAMP48nCLNOQqRmNGL78RurGyOjrK9Rtb3iEGLkhNzArAnR1EGliR0bh7+3SJ0BiLRE/R3Qva7D/eAs3Lp5xiO7CmZ5F4iUaok4SrRLIbMbhj1dhSPNVQ5u4zeVLZ27CrNogIe14Ma64+t0CFJKmR0Hyw+Cqqhh0nO5pvtiCE5T8zk/XlghHa2Rx0rRic17PEz+06jHWj2k8PX3q8sRvfMHGodaw+qP+C1NlJM6wQ2DC8WPWHrP4h7/MM5kkvwE81/AjKchpUjIPLgpDNcak3F7dLLNTw8pXeGsKtIAZ/yJm4+FFICBkay/6qJVPMhGXI/71/u520cOt/5alq2CaCCihc+7S20N1M5WyPmES7laRheVEqGPyaa5sD4463JAUJ/ahM7vtdqtymck8Q+i54+W6RCF9fsY2iFXo8+uyUG0svUIshvy4cHjeWgSsOmFvcaen1NV9Id39ckA1jnB2znFmjQULiSF4DJnDn2rTeKnX87wU3Kv5VZJWiRIZnYPRrAYtO8r9qvhCdVy0gHkQfErJJItaADFKXN1J06Yt96QmnJ2SjxrZVY8If+diudy2XFAlT4gZ4ACEe0J058O6R75W/rsA86OIMfAU5ZM7WxWfKWLS++pCPiHl7uKzMVhaLh5USuL6XV14h48VHzwz9SI= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(7416014)(376014)(36860700013)(1800799024)(82310400026);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Feb 2025 22:32:45.9606 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 602bab0e-45aa-4413-a6cb-08dd44a2ae8d X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF0002BA4B.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR12MB4318 If the platform initialization sev_platform_init() fails, SEV cannot be set up and a secure VM cannot be spawned. Therefore, in this case, ensure that KVM does not set up, nor advertise support for SEV, SEV-ES, and SEV-SNP. Suggested-by: Nikunj A Dadhania Tested-by: Srikanth Aithal Signed-off-by: Pratik R. Sampat --- v5..v6: * Rename is_sev_platform_init to sev_fw_initialized (Nikunj) * Collected tags from Srikanth. --- arch/x86/kvm/svm/sev.c | 2 +- drivers/crypto/ccp/sev-dev.c | 10 ++++++++++ include/linux/psp-sev.h | 3 +++ 3 files changed, 14 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index b709c2f0945c..42d1309f8a54 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -2957,7 +2957,7 @@ void __init sev_hardware_setup(void) bool sev_es_supported = false; bool sev_supported = false; - if (!sev_enabled || !npt_enabled || !nrips) + if (!sev_fw_initialized() || !sev_enabled || !npt_enabled || !nrips) goto out; /* diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index b45cd60c19b0..bd166b997ac9 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -81,6 +81,8 @@ MODULE_FIRMWARE("amd/amd_sev_fam19h_model1xh.sbin"); /* 4th gen EPYC */ static bool psp_dead; static int psp_timeout; +static bool platform_init; + /* Trusted Memory Region (TMR): * The TMR is a 1MB area that must be 1MB aligned. Use the page allocator * to allocate the memory, which will return aligned memory for the specified @@ -1358,6 +1360,12 @@ int sev_platform_init(struct sev_platform_init_args *args) } EXPORT_SYMBOL_GPL(sev_platform_init); +bool sev_fw_initialized(void) +{ + return platform_init; +} +EXPORT_SYMBOL_GPL(sev_fw_initialized); + static int __sev_platform_shutdown_locked(int *error) { struct psp_device *psp = psp_master; @@ -2427,6 +2435,8 @@ void sev_pci_init(void) if (rc) dev_err(sev->dev, "SEV: failed to INIT error %#x, rc %d\n", args.error, rc); + else + platform_init = true; dev_info(sev->dev, "SEV%s API:%d.%d build:%d\n", sev->snp_initialized ? "-SNP" : "", sev->api_major, sev->api_minor, sev->build); diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index e841a8fbbb15..55ef473953e3 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -946,6 +946,7 @@ void *psp_copy_user_blob(u64 uaddr, u32 len); void *snp_alloc_firmware_page(gfp_t mask); void snp_free_firmware_page(void *addr); bool snp_fw_valid(void); +bool sev_fw_initialized(void); #else /* !CONFIG_CRYPTO_DEV_SP_PSP */ @@ -982,6 +983,8 @@ static inline void snp_free_firmware_page(void *addr) { } static inline bool snp_fw_valid(void) { return false; } +static inline bool sev_fw_initialized(void) { return false; } + #endif /* CONFIG_CRYPTO_DEV_SP_PSP */ #endif /* __PSP_SEV_H__ */ From patchwork Mon Feb 3 22:31:59 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Pratik R. Sampat" X-Patchwork-Id: 13958323 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2056.outbound.protection.outlook.com [40.107.244.56]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4E8DE2101B5; Mon, 3 Feb 2025 22:33:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.244.56 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738621984; cv=fail; b=sIz+UvIVe7ocnc/0pEYoh6A8UjFPud0qyG74DhXr3dce7KMu3ldprZdh35y3Er2twZlYt+UEvukvQBY50D0J5w1tPyo3Dr/ktqq+ykrjI7WcRRigndioqo/6ssvr4g3bxZYFulEjOs9m2DjFnaWv8BMJ/NriYkvb6BY0Kj4ZPXU= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738621984; c=relaxed/simple; bh=s/PrqXq00RidLQB6LHBb1xbgEvaNdJnxQ7kOudeIQ0c=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=c3sMFUwP8E4h3k7UdXTYZFg/gsZQu5W0L3U8pIAosa1S5NGJSt6dg1lWBCQUhnXPZNf87ML37qxVlWk/Y+auuPgfFjdPaAPjDP/AjDueBofJBuMNg4guAexT+QLhoA+Qlyzs5Un/vjMZG7T2dVLMIoxmdnD/Sel2DSk3xGy8PlE= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=XvDAK9nJ; arc=fail smtp.client-ip=40.107.244.56 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="XvDAK9nJ" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=XEKhybZyVFPa8czJWjz2eth9HCKXQmmJmN67jKsQbFRNs9MqWR/e6YG8R3edwYL76WQPSjrGemTgWxuQ6HseCmflniAKG5cs9oB7deEcZUHJIiDLMVyBN7R/0Mz1ZyHiCruP1UW7UdfBtJvVmNOQsC0qePLfMsp94WI1b/+BaNwO5ZWSgUQo0bnEYjYSa+XU2y9inymxjn+QXX5pWATEzr4FO0pvQZrIJhXe1fXBIR1WyhFuCwea9oGlyHTaew6HB2nCYMeMTphNVgLjQu/+J5/XNlUCCl3Cv9HsBTR3X/o/h5wWiyVaaybI1Bqz/jrePSyan/TA9x+oaRbkD+8Q9g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=WFSna/fvG1qE63VV7ANa4hnSuKMcfPjlvuaFiK81GEQ=; b=lugsSYGlG+kSizjmCnZ87dm9QogRWk1yHk2J1d/GeQkgaFqUzx8RgiSlcoRpVvye3vTKUfzLbSKpW+VR2P7See8naSUsROWNWYFT1pbFRUlsksfSp4uBqh9tVJc4+t0feRVrsE2FDx865zZrtRmD7Uazx47FIYu7U32ubZCFHbK2KBBbN74Itaw9gmZRK0/33/ODWFnYaY/Aaq00LmZoiXFyQr42nH9JZOgzRSLlS8jPja9UUlmzxMUWE8qq7FDDCTgtvl0hklg10fuJoWvFRsm9cK1N2ltwGhVGZ9FyVpJeHltkERgA+G6YcHQQdExOT223BDPWRzr7qJILys9/mw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=WFSna/fvG1qE63VV7ANa4hnSuKMcfPjlvuaFiK81GEQ=; b=XvDAK9nJCUPHLBa29VefZUJUlqOFuP+cizG8qROD4ipOee/A5tgG7q5cDS9ujWwFZuZ85E/Fm0LjYwjJfNUTWtuWLtugcEPZvIY+FQbhzKLYxmrhj5vUaoRsC6zKInaoxKEWP2gZu6+ceY9V6gjAZuHMEAk0/mGczP1MT1wZt4U= Received: from SA1P222CA0135.NAMP222.PROD.OUTLOOK.COM (2603:10b6:806:3c2::13) by IA1PR12MB7565.namprd12.prod.outlook.com (2603:10b6:208:42f::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8398.25; Mon, 3 Feb 2025 22:32:58 +0000 Received: from SN1PEPF0002BA4C.namprd03.prod.outlook.com (2603:10b6:806:3c2:cafe::51) by SA1P222CA0135.outlook.office365.com (2603:10b6:806:3c2::13) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8398.24 via Frontend Transport; Mon, 3 Feb 2025 22:32:57 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF0002BA4C.mail.protection.outlook.com (10.167.242.69) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8398.14 via Frontend Transport; Mon, 3 Feb 2025 22:32:57 +0000 Received: from sampat-dell.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Mon, 3 Feb 2025 16:32:56 -0600 From: "Pratik R. Sampat" To: , , , , CC: , , , , , , , , , , , , , , Subject: [PATCH v6 3/9] KVM: selftests: SEV-SNP test for KVM_SEV_INIT2 Date: Mon, 3 Feb 2025 16:31:59 -0600 Message-ID: <20250203223205.36121-4-prsampat@amd.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250203223205.36121-1-prsampat@amd.com> References: <20250203223205.36121-1-prsampat@amd.com> Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF0002BA4C:EE_|IA1PR12MB7565:EE_ X-MS-Office365-Filtering-Correlation-Id: 6af52d96-23d2-42c2-9848-08dd44a2b58a X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|36860700013|7416014|376014|82310400026; X-Microsoft-Antispam-Message-Info: RTWiHJL6fep3bJXDdNZvMmTEQzj8wr8Ofn7O2s3QuvGrRXo4MzINzEL7Fu4rbCFADQBkGVlnbhUo9VNiy5kROcmgJt/y+2TJHvr3EAGJpJWpasctxek4nn/koU/hE24xrW6aMC2zvAb3KfD7Za2csqGzzqIy1zExuFC/VHlevcjCbO0ozq0ti3lttZ/GGXRIPztdrC9EV3HvRIdh8DqxbNLdoe+c4Gx8JxKI/fYnMI7g6iOXjPhlpATEt/wR96C8ap5MB0RoMxaqsWsO1k/ZBokwxQwpg8ox8/z4pdH+KGOs7Rw14kPgrm3IvCyZkvMCUsH3iy6t+/uwY9G0n1sHFERuYeeg7p9V0c5+Hkm0/Odax1HlxXOfJDuZ9JRzo2R/yDDiKjLQpf87rCYK5KHCAZPfDd1x3o6bMU14dj9I9Q74AR+eaVEjtfeiuSkMUxJlsTtvNytx/QU9CB3druv/g8bsCPC66VzRpVCUg9kyEhDooDpi6R8B9pQq41s80A8HFm1A+acBHn2+Mj2pW/p4kcuUdnyKG4w+3vmdT8ky/cHJg80B5zOqss0zdc6/Ci2YmgTXx5JglXh/Vjb0uZ5nUhbQWQ/1KQ/s2VAcOeiLVX2jjqNRqMdd49z8AxVVOec58+072fVW3R67Ud1PFmhBKiEWj0XaeyF7NyZi3X7GLgKPm96VQzCMWU6hwV/WR2XMRASZUyqg8kq/YR3nbmj2iSzWcePE4RPU9LOA2YVf+mO0Sluv7WR6v0dT3SLCRJYUarZDzSzawKXY896h+tJn/Jhrx1OBDJj3w9l/cHnZIgWa0Q11FtTaZFL3elJgsN/8ZMtVMT6rAmb3Pbtx7mO2pbWN0HwguK7hNq+t9AuGebHof1QChA6FiJeBUK7Fs25jJ3lo4B/rnfVnmwWtI039dtun62VjXi40H/y1cQ9Z6802p6YEme+poGQSOBRJVKOQMDxDAPRyoRzeNMTgR+FtiGm6X+BghRvDL9fs6zpCse+S4DbKuSA0qJErp7/igxScSov0SCa5/PzQk54OCpa2RHKwtwzilRWmJKgMHy9/cf8mX1zpCyxnBuDRvjUcO2912hy/vAWsOm8n1gkpl6djxYqCL8sQB14Yuje4WjtNK+DlVm+V5q9WTSS16fN+1zUYqJ8OID8+9QU+T0ayXraLz+N9nuOdzKqcDz1bcV/6nlXogZFboiCF6E9xCCvIlc/HcTrfD5JTjDW1QGeegrVL8pRpg/YD5EGyFjyxG7qLb9EXoJApIVEQAQ0dMm0qm6wtWG39WVoxc5ajjtv1S7MHDfCP5depoEqpaQ9F/EbkOZQUs+AvjvKtHEWfw+ibUbjwvdSd3REfSlgbV1zEba+zCi2EXGjnaHG9opeQ4CxWPN9nThCjzqlvdXfwgiiAY2k84tLrYNTD2USnKQirZUadjaO3qIsnmLAl22WDPkpM58EQo1GtKyDiTbgqYH3Plv5qCD7LMD+BIVfgDvgpRn459AHsbpL8c+8dqfnbsAouVX8= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(1800799024)(36860700013)(7416014)(376014)(82310400026);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Feb 2025 22:32:57.6846 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 6af52d96-23d2-42c2-9848-08dd44a2b58a X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF0002BA4C.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA1PR12MB7565 Add the X86_FEATURE_SEV_SNP CPU feature to the architectural definition for the SEV-SNP VM type to exercise the KVM_SEV_INIT2 call. Ensure that the SNP test is skipped in scenarios where CPUID supports it but KVM does not, preventing reporting of failure in such cases. Reviewed-by: Nikunj A Dadhania Tested-by: Srikanth Aithal Signed-off-by: Pratik R. Sampat --- v5..v6: * Rename KVM CPU feature X86_FEATURE_SNP to X86_FEATURE_SEV_SNP (Nikunj) * Collected tags from Nikunj and Srikanth. --- tools/testing/selftests/kvm/include/x86/processor.h | 1 + tools/testing/selftests/kvm/x86/sev_init2_tests.c | 13 +++++++++++++ 2 files changed, 14 insertions(+) diff --git a/tools/testing/selftests/kvm/include/x86/processor.h b/tools/testing/selftests/kvm/include/x86/processor.h index d60da8966772..6f63fd10bbc6 100644 --- a/tools/testing/selftests/kvm/include/x86/processor.h +++ b/tools/testing/selftests/kvm/include/x86/processor.h @@ -199,6 +199,7 @@ struct kvm_x86_cpu_feature { #define X86_FEATURE_VGIF KVM_X86_CPU_FEATURE(0x8000000A, 0, EDX, 16) #define X86_FEATURE_SEV KVM_X86_CPU_FEATURE(0x8000001F, 0, EAX, 1) #define X86_FEATURE_SEV_ES KVM_X86_CPU_FEATURE(0x8000001F, 0, EAX, 3) +#define X86_FEATURE_SEV_SNP KVM_X86_CPU_FEATURE(0x8000001F, 0, EAX, 4) /* * KVM defined paravirt features. diff --git a/tools/testing/selftests/kvm/x86/sev_init2_tests.c b/tools/testing/selftests/kvm/x86/sev_init2_tests.c index 3fb967f40c6a..ab3dd11ac163 100644 --- a/tools/testing/selftests/kvm/x86/sev_init2_tests.c +++ b/tools/testing/selftests/kvm/x86/sev_init2_tests.c @@ -28,6 +28,7 @@ int kvm_fd; u64 supported_vmsa_features; bool have_sev_es; +bool have_snp; static int __sev_ioctl(int vm_fd, int cmd_id, void *data) { @@ -83,6 +84,9 @@ void test_vm_types(void) if (have_sev_es) test_init2(KVM_X86_SEV_ES_VM, &(struct kvm_sev_init){}); + if (have_snp) + test_init2(KVM_X86_SNP_VM, &(struct kvm_sev_init){}); + test_init2_invalid(0, &(struct kvm_sev_init){}, "VM type is KVM_X86_DEFAULT_VM"); if (kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_SW_PROTECTED_VM)) @@ -138,15 +142,24 @@ int main(int argc, char *argv[]) "sev-es: KVM_CAP_VM_TYPES (%x) does not match cpuid (checking %x)", kvm_check_cap(KVM_CAP_VM_TYPES), 1 << KVM_X86_SEV_ES_VM); + have_snp = kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_SNP_VM); + TEST_ASSERT(!have_snp || kvm_cpu_has(X86_FEATURE_SEV_SNP), + "sev-snp: KVM_CAP_VM_TYPES (%x) indicates SNP support (bit %d), but CPUID does not", + kvm_check_cap(KVM_CAP_VM_TYPES), KVM_X86_SNP_VM); + test_vm_types(); test_flags(KVM_X86_SEV_VM); if (have_sev_es) test_flags(KVM_X86_SEV_ES_VM); + if (have_snp) + test_flags(KVM_X86_SNP_VM); test_features(KVM_X86_SEV_VM, 0); if (have_sev_es) test_features(KVM_X86_SEV_ES_VM, supported_vmsa_features); + if (have_snp) + test_features(KVM_X86_SNP_VM, supported_vmsa_features); return 0; } From patchwork Mon Feb 3 22:32:00 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Pratik R. Sampat" X-Patchwork-Id: 13958324 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2059.outbound.protection.outlook.com [40.107.92.59]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DDDD91FF5EF; Mon, 3 Feb 2025 22:33:17 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.92.59 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738621999; cv=fail; b=nlI7kbLb44PBHkhFO+wrLHlsVyXL2vWYa60f2Ot/toCu1AvG0DRtgAVcMHJexXuen6NkL3HDoHwTmKk0B9wzoGgzArR62O1n2F8wdoQJ48763XH1DREtWE2Y4d4OERiu6dFFtP794C9TauOtAoBC7ECdLotE0nHZyWPBIRkw+/A= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738621999; c=relaxed/simple; bh=A0BwxVGPZJVQNRvk+DEwAG6GriwqEHIVvaJRtAiHOdk=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=OABOiFnU4d184oYCyEY2burVuHti6rFa/bMAtC6bocYMtI6DGe0c4MhZgAzM/ihRTwpWT3TDSBUaAB4UyPEnupQ9LPtvByUMcIS2ufV2ifFxYLDpKvEKc/wAEjMhm4LJsCVBUSJy49NZEPP+ryfkBiH/LvLcAyIX/mRWv4Z+i7E= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=Tc1a6pNq; arc=fail smtp.client-ip=40.107.92.59 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="Tc1a6pNq" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=fgUREeK5yc9yIe/6eFd4/HUTSZnvWefbQ0j0EXwlasMQp4+SdWwbCTG7cYPZOTqrjHfP+79y24iNwpb+TfMggyOJ/3diJc7M8o/sGCYm+KzSRWQsUr8/hqcG9GE0cfLes3LBGVo+FwzjRNoPvzwB15ZxvhG5M4BN4FaDTQUUiliil8i31lR73q+UnIn+aCn0acLkFfeDpevi8PAjrW4aCFpNtTNr1RR84E1I/js5vpGdc3Ph5cSrHdmQXsZqqMpna9Le3e0rBKnZ6ZEQYD21P56BKOYTJ7FwIqVM8owzhxMMvVPZpCqOoAfydiYFEwipssB5Dprc6XJKQdMgOZ2LhA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=bbUS11oFN3vmEn/o7Bg/Dfl3ndwdJDqk8EGT/s2BjnE=; b=yxMJlVbIAHS9lBcRXmBEGGZ86Ylnj4dZuuIGeVWQ/ZrsPXBPW4lXNvtWWYDDQY8FyX80D15R3zwj3/3swCpvFmr8HGg8rlvqgpT8CVGIxH1LsKnxFzzQnByVM25Ol/gR2eIvrCgNfmyEx+aS7qQnuWbn91IqPALKgTukT3diGfekp0hjvhKK95afZLNdfnxZpMFOomHn206AAynkze0LjFzuNNgLRtBy6kzxlI3tWJmo7Chb73iMjoZm5vZL3M2oJeFF5LuzKMFE3e6e9KbB/JnY2D+cYIAiejpoG1Itx30qtKMym40tOshpKpQjhNs1B7nYvgsBJpY+8jP4BfaXmQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=bbUS11oFN3vmEn/o7Bg/Dfl3ndwdJDqk8EGT/s2BjnE=; b=Tc1a6pNqQGR94kClKxjbq3lhlhM/LpGBnB//GmIkz+troPHwkKAuBr9Z6rUfOfo4rbbzVJAphnhpK8YElnBV8CHxxtcpUXwGEeI3ZCDtAoohsSXFkanGrX+SXmyVVCNIlHPd3WEx6X4NewQxFkAU+QS8XhkPUMGz/eXIz71Yg0U= Received: from SJ0PR03CA0194.namprd03.prod.outlook.com (2603:10b6:a03:2ef::19) by IA1PR12MB8190.namprd12.prod.outlook.com (2603:10b6:208:3f2::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8398.26; Mon, 3 Feb 2025 22:33:14 +0000 Received: from SN1PEPF0002BA4D.namprd03.prod.outlook.com (2603:10b6:a03:2ef:cafe::cf) by SJ0PR03CA0194.outlook.office365.com (2603:10b6:a03:2ef::19) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8398.24 via Frontend Transport; Mon, 3 Feb 2025 22:33:14 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF0002BA4D.mail.protection.outlook.com (10.167.242.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8398.14 via Frontend Transport; Mon, 3 Feb 2025 22:33:14 +0000 Received: from sampat-dell.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Mon, 3 Feb 2025 16:33:12 -0600 From: "Pratik R. Sampat" To: , , , , CC: , , , , , , , , , , , , , , Subject: [PATCH v6 4/9] KVM: selftests: Add VMGEXIT helper Date: Mon, 3 Feb 2025 16:32:00 -0600 Message-ID: <20250203223205.36121-5-prsampat@amd.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250203223205.36121-1-prsampat@amd.com> References: <20250203223205.36121-1-prsampat@amd.com> Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF0002BA4D:EE_|IA1PR12MB8190:EE_ X-MS-Office365-Filtering-Correlation-Id: de6441ca-37f5-4b6c-3a92-08dd44a2bf58 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|36860700013|7416014|82310400026|1800799024|376014; X-Microsoft-Antispam-Message-Info: /JeP27+SKozfGe1xOvwUDBfXaofRRUHC2ujnZ6EngNdXsxkgdBFctJxfwa1EgbNWF43LcxT/yw2Jtj9lNX5PmjvXOZNEgkvsBkFyYnChb1A93o3lJSQvmrq1KUq1HUfh2KYLhtMvTuB+GTGk/Wg1uP9jPUAPtySafH7Cc6ud/NGIgj7nRwCn5ixztgcbj9S5kGE9xovLibX2SkuJ094MZW5v9Gn1BQjLCuoQW/RcdYTRDG+S1lsRrWdOFfJib6S4/6Y/IeNjvzW5XNflt6dqFiXB+VaQpbRY/2A3MYbVpsH9G1eDzJVbQKyKJVCa/gqNiBzW+MQGac+1sxp5oXqGqrromVvOxBhg9DZIlT0LbUChwSJtg3ZSffPoN2cUL83JqssFeQRJlASUzpMSUzrukMZjObSbV/FRoycJHGvA3j0f6Ttljt1eUSGt5jx5y+eJhcVOCrcmwehvL3nQhcvWRxl7pWoSAT632FRKuWIu865ge3DpzSeNQGEmWBdkblHiHm5U5g3NV5mhPW52d9A5bkWgeDj/sFv1dmKdzkT4YFJNcBpa03Ys7KkmrJ5SDPHpd2sI6EHg13M+/B4k1UV4FMYg8q2vcVPpBschnJMESR5LoIzvLNtdwRYbPKfk6SDLfsOMxk7UfRezqi3yA+q6D1suwqWTcpGuREV85Ljr4TVHBJtEFK7CsVqEcUJJKCFB5ysg8kjnGHSHMS7YQHlLSoVfBV1VY8352jXbwzSSTbioMY9P/CM2OAtzC8RRIhEeU0XgiTtuQOYZH3xS9Flg75AIrEFX3oFhdYcWXJFBbA/NKRBhhSSueC+ccvTpjaflDP75GCAwj+LjV1IBenBRwhhMugkBiTuRsp5jVuSM2d8GNz17rPIw9qsvKJAXA+9P8p7PetGa9PSjA6uR1jeWQGpoJBmXIYLovhCE1ojuYECzX7TnCCHnQ1+Vv164QXzAWVP1iTTQjjTPQpcOzhRqh78D0wvk2Fgh2sUNF6bDJtFV5KhbZLP5tloqG2Jz/WGddy3UFbdyRYUGpV2OgdwbyYf6sA2EEIvlWWKBG6psZ9gnklu0GWvZ0HElbXdGzZDgaDWgHP83snYZKUOIrDl1+QTsMGYrm419MzNcqX2ehMvihgQIBUUD9yuIe5oYrRh2/FOlIPiqsqK7kav8yOMeoo7swNhb0PoikxLZS9yLOFURaDcQUiXveKW2Xxg4hN04vYzBNIjDJaQv570mGJPzEso4SuWCFqDSZ5o6QEjNxORWEOCrlu+I6Hbjwl0q+Los018viYQo5vVT4b/f7Jq9ADsGQzqdp1z4cz8bh5L2xfsGh+lNQitGkHnahLcPi6/MixZSc2ibUHzvswMvdKtpeiwE+kjAtjSB/O8zvKPAhptcwqoMbGn5pd3D7cXLhzzhWXmzpJpZTC+CxAhm7lVA0YJ0fPcqJxaHiJnP8/oDGDNeVNtfeYqhPe26zLELgYB6BtakTI88YYRNDmx9gsFMIVAXP7qaJhvAe0dKR/LFWRk= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(36860700013)(7416014)(82310400026)(1800799024)(376014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Feb 2025 22:33:14.1318 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: de6441ca-37f5-4b6c-3a92-08dd44a2bf58 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF0002BA4D.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA1PR12MB8190 Abstract rep vmmcall coded into the VMGEXIT helper for the sev library. No functional change intended. Reviewed-by: Pankaj Gupta Tested-by: Srikanth Aithal Signed-off-by: Pratik R. Sampat --- v5..v6: * Collected tags from Pankaj and Srikanth. --- tools/testing/selftests/kvm/include/x86/sev.h | 2 ++ tools/testing/selftests/kvm/x86/sev_smoke_test.c | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/kvm/include/x86/sev.h b/tools/testing/selftests/kvm/include/x86/sev.h index 82c11c81a956..e7df5d0987f6 100644 --- a/tools/testing/selftests/kvm/include/x86/sev.h +++ b/tools/testing/selftests/kvm/include/x86/sev.h @@ -27,6 +27,8 @@ enum sev_guest_state { #define GHCB_MSR_TERM_REQ 0x100 +#define VMGEXIT() { __asm__ __volatile__("rep; vmmcall"); } + void sev_vm_launch(struct kvm_vm *vm, uint32_t policy); void sev_vm_launch_measure(struct kvm_vm *vm, uint8_t *measurement); void sev_vm_launch_finish(struct kvm_vm *vm); diff --git a/tools/testing/selftests/kvm/x86/sev_smoke_test.c b/tools/testing/selftests/kvm/x86/sev_smoke_test.c index a1a688e75266..38f647fe55d2 100644 --- a/tools/testing/selftests/kvm/x86/sev_smoke_test.c +++ b/tools/testing/selftests/kvm/x86/sev_smoke_test.c @@ -27,7 +27,7 @@ static void guest_sev_es_code(void) * force "termination" to signal "done" via the GHCB MSR protocol. */ wrmsr(MSR_AMD64_SEV_ES_GHCB, GHCB_MSR_TERM_REQ); - __asm__ __volatile__("rep; vmmcall"); + VMGEXIT(); } static void guest_sev_code(void) From patchwork Mon Feb 3 22:32:01 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Pratik R. Sampat" X-Patchwork-Id: 13958325 Received: from NAM04-DM6-obe.outbound.protection.outlook.com (mail-dm6nam04on2067.outbound.protection.outlook.com [40.107.102.67]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CCF58211471; Mon, 3 Feb 2025 22:33:28 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.102.67 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738622010; cv=fail; b=BQFuvUqNG0frzRn7/xh4s9Sy+eWc8KjRii/DmLX1e5bOeaVJZoOvaZEkGPHgbQboSV7EBBYLWrm1fLDMl+v7aNsbCop5Sll8ZC23eCQwEP1pY8pxN2cTa1MhNNbsAk8t8SdytF91yeeKY3J4vdUi1UnvpLM8ElxdaSdlyY4mWtI= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738622010; c=relaxed/simple; bh=aI/XFdPV8tR1zsYy3w3XWHy1nZWjMMWjUpzn7DEhq6w=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=C/32CfmeU60GUTR2lXnqRcyXwWMZKmWn7o5noFBvTGePS1rredTwlhtFUf0YSg65CpYVzNUc5fIF0NPjF7BPPCQenRMt6tNwSygrgyYqSElFgKJjWS2aAOI7UG05dHwB9dmF7clmtwZyjMoENGAYNC4kLwCNgnu2cGNwdvstMLg= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=wgQaf2za; arc=fail smtp.client-ip=40.107.102.67 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="wgQaf2za" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=Fv+x9FDgoKzI4Dbw12Je0Bml0fWeexCZVD1pXbsi7jgAHeCErvlmcFL8kv8uFiqB1sD/7m7+1aQ1Qc0Rt9b2Bj05INuDggNCU7PIbYMfGKJ/ktLTTPaChixQxLdk6KeepVpltAJM55XyPx1zgrG0+MJI332etpM+t1Zdo8Et4xxZn2QmgRLHfuf20NelepODmLBll9adM9zqzUkZSJgU3SyC1080tbj03jlJmXTwVKvDCrrsSUP0nH7JJD+fWVxmFZtzxEXQJca5dNqgWqsZZx5/iMirVV7/ou8N9LCuI7/gqKyJNkWC8IOsljPHMpMU4or4OjitVrI7zuy3qq5TBA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=JB+m17vZRaIn9rhyDe8cjTnD1OxYa+bgZE1uuh+UL9M=; b=CSy2pE8luUZj0hj6+dnB2T+x+4pRsG/ZB3b7B+AOZVB0OzD065oNSWgzJAXbEBflixklrOtNA1RwS7OIBNTMSErozJsdZ/SOxJNLV70Q+bzdSNLeCntrLR2W/zfsDtuVTNN7DA+YirA6AybX5dwB9f15jVpL+q+j/nbqvBnB4e0Bm4CIgkXVr9+LtgkFI3op5W97TMholkjoErhlL3qrVtkawuwCk5aTgrpReNttfGib+H5OE2rkXbBMdNFZP5WnQBU8Jd9SoxHTjVIw6ex1BCoojITbJhXMm0lTONImNDlGvopCdbGNk0EA6NpVJJXPNH4/B9cOe3nHeInBkShP0w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JB+m17vZRaIn9rhyDe8cjTnD1OxYa+bgZE1uuh+UL9M=; b=wgQaf2zaRk8g4gpQMkkD6//0JkUJP8KzEOVgtf+zpnLQXCDImhZjLXu2TeuQ0yzof7fQYJ9O9FXMaMQOF6h0kuKVmb62qc76GpNx1fNrHouok7RjE1/nBTLx5DmPcobwnN5uoeCVMeQGPzOVxg4Y6A3KH5Tnv7YliJ2v+aOUWIo= Received: from SA1P222CA0130.NAMP222.PROD.OUTLOOK.COM (2603:10b6:806:3c2::21) by PH8PR12MB7182.namprd12.prod.outlook.com (2603:10b6:510:229::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8398.23; Mon, 3 Feb 2025 22:33:26 +0000 Received: from SN1PEPF0002BA4C.namprd03.prod.outlook.com (2603:10b6:806:3c2:cafe::9b) by SA1P222CA0130.outlook.office365.com (2603:10b6:806:3c2::21) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8398.24 via Frontend Transport; Mon, 3 Feb 2025 22:33:25 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF0002BA4C.mail.protection.outlook.com (10.167.242.69) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8398.14 via Frontend Transport; Mon, 3 Feb 2025 22:33:25 +0000 Received: from sampat-dell.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Mon, 3 Feb 2025 16:33:24 -0600 From: "Pratik R. Sampat" To: , , , , CC: , , , , , , , , , , , , , , Subject: [PATCH v6 5/9] KVM: selftests: Introduce SEV VM type check Date: Mon, 3 Feb 2025 16:32:01 -0600 Message-ID: <20250203223205.36121-6-prsampat@amd.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250203223205.36121-1-prsampat@amd.com> References: <20250203223205.36121-1-prsampat@amd.com> Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF0002BA4C:EE_|PH8PR12MB7182:EE_ X-MS-Office365-Filtering-Correlation-Id: 4e738582-04af-465c-bab9-08dd44a2c657 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|7416014|36860700013|82310400026|1800799024; X-Microsoft-Antispam-Message-Info: CmKQNP81LGgYbtbpCzGCEfufVtQ+cULd4vIcWV7RIG5+kPXGqPUg5uwBDvhULw9LAG78g32bn8ObuUjcSl4hdXtYLN8TOAwMHZS0PWBgm4r2GZZ573n3lES/NbCQBGIjBmKY49xVmtACz+7yie1TAUhdW+x4gtnMIF/HGxhymYC9/+kGcvA3H/MQRJ9o5J/QHsjLa3ZbFXml3lgaTtiEyGcX93Wk87TwKObXyy962Rim9XDrW29571HKT8mejtb+psYUolSnbuKbhUIEO+B5gi1l5ZfV08ofj68EC2BrpYa6dF7SjJXv8m2Az/JLWK3ONkYWx1zNIr9LUep7joXYnKARsOIuIRtyOT0IiNl5jvElTG3ebnGmPpbwDG7ntgpW/O1ZEkDn24e4a5R2EpLZ5VRdMM29SN65d5Nvuf6kbeKJ69CA4WHxvaqB+Ek1QN7aDqWgf5kgx8rOiYs0oev/UqffOvU9lgPw3xAoFigEPXBWsbElYjRf9fSjYXECHCEC7EtNoGZfps+gJ+Z2kNROvG1Ty8dU8pzSPLrW2/7Sz2TZc5VLcXQrfwua04hzxLIGu+h4Mor3wfrO+x/47FqVvqOzR32ERnYSDfxXXuZDGA7IrGCAF1+/5s6f4t8GYvyUM8MeijYtyJKK5LDocJYbEcgdvi972l4jwLcRchMrW1DuR6k2kkF7y2WyjaBI/3rAkxsEYhNH8zAPQtTb7DSrAO4PSELtcNKGd7Pr5CiMzu1rdubp3/sDpRtuJLisnI5OFBWznnzROgb984C8E4Q1/nu3o0PN8nFdeRs8BUuo06tmfmGWJocrMi//6igsHPFeuGTua+WA//rv5DxL4180vvN3Rxc1aMleQg/rX9Uvkw0zUT/ahQCPQP1myUBLckLQJNLsS04NFcfmU+nNpPs6dd1monOPaouzO4XPuYNc9L6/6Qy/w76jW/sbTyI+bFZA2ZvxmDCIdLeZQ2DHqfe4PhObW1osdML/7eO71mJjId9JzTipCG8tJFPyH1Lj2ckYnC3T321nK/LME5o5Iaf3A8LY7ZUjRNouQFIeR5k82Rz9rENnbt02xPN6Dz1iuYe8CQU3hiVPymfobJEg/34FgyFa+7JmEvm+ADU9ksXmHj8sr3rgLM4JfGR6W8qRXPHxq9J/cKWAlW+PYQpN4U5pt6LZoA+dDk7VJmP7E6qnTCrP1z9G+irfQh1GbYGrw4T2HfQTuICEEHyIx1U1fmbFAvr0lMN0cHJo9kw2u0ILhBlSI+PrNE20Vt1naljkdpcbrrzPRgnSrHlqrHD9wG24mZIK6X+7xMiZhCudt93TE9ZrYKyIQWZxCPD6wesMyBPi552saQj15HOkKHLfUnmA+QUGfUXJAiuQcZfJS5wbHzmn6UJRDCIaPY1XmQjnuwTvBBGj+9G2AJDS8GproR3DcFyorshbwtuW+DKg7nDRaXAOzafhZsFv6TGlV71SlcD7ISdOe4Q7ZzJ/nS1s71RLpN1i6E/r0trzXrico9vIl7A= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(376014)(7416014)(36860700013)(82310400026)(1800799024);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Feb 2025 22:33:25.8726 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 4e738582-04af-465c-bab9-08dd44a2c657 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF0002BA4C.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH8PR12MB7182 In preparation for SNP, declutter the vm type check by introducing a SEV-SNP VM type check as well as a transitive set of helper functions. The SNP VM type is the subset of SEV-ES. Similarly, the SEV-ES and SNP types are subset of the SEV VM type check. Tested-by: Srikanth Aithal Signed-off-by: Pratik R. Sampat --- v5..v6: * Commit message grammar * Collected tags from Srikanth. --- tools/testing/selftests/kvm/include/x86/sev.h | 4 ++++ tools/testing/selftests/kvm/lib/x86/processor.c | 4 ++-- tools/testing/selftests/kvm/lib/x86/sev.c | 17 +++++++++++++++++ .../testing/selftests/kvm/x86/sev_smoke_test.c | 2 +- 4 files changed, 24 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/kvm/include/x86/sev.h b/tools/testing/selftests/kvm/include/x86/sev.h index e7df5d0987f6..faed91435963 100644 --- a/tools/testing/selftests/kvm/include/x86/sev.h +++ b/tools/testing/selftests/kvm/include/x86/sev.h @@ -29,6 +29,10 @@ enum sev_guest_state { #define VMGEXIT() { __asm__ __volatile__("rep; vmmcall"); } +bool is_sev_vm(struct kvm_vm *vm); +bool is_sev_es_vm(struct kvm_vm *vm); +bool is_sev_snp_vm(struct kvm_vm *vm); + void sev_vm_launch(struct kvm_vm *vm, uint32_t policy); void sev_vm_launch_measure(struct kvm_vm *vm, uint8_t *measurement); void sev_vm_launch_finish(struct kvm_vm *vm); diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testing/selftests/kvm/lib/x86/processor.c index bd5a802fa7a5..a92dc1dad085 100644 --- a/tools/testing/selftests/kvm/lib/x86/processor.c +++ b/tools/testing/selftests/kvm/lib/x86/processor.c @@ -639,7 +639,7 @@ void kvm_arch_vm_post_create(struct kvm_vm *vm) sync_global_to_guest(vm, host_cpu_is_amd); sync_global_to_guest(vm, is_forced_emulation_enabled); - if (vm->type == KVM_X86_SEV_VM || vm->type == KVM_X86_SEV_ES_VM) { + if (is_sev_vm(vm)) { struct kvm_sev_init init = { 0 }; vm_sev_ioctl(vm, KVM_SEV_INIT2, &init); @@ -1156,7 +1156,7 @@ void kvm_get_cpu_address_width(unsigned int *pa_bits, unsigned int *va_bits) void kvm_init_vm_address_properties(struct kvm_vm *vm) { - if (vm->type == KVM_X86_SEV_VM || vm->type == KVM_X86_SEV_ES_VM) { + if (is_sev_vm(vm)) { vm->arch.sev_fd = open_sev_dev_path_or_exit(); vm->arch.c_bit = BIT_ULL(this_cpu_property(X86_PROPERTY_SEV_C_BIT)); vm->gpa_tag_mask = vm->arch.c_bit; diff --git a/tools/testing/selftests/kvm/lib/x86/sev.c b/tools/testing/selftests/kvm/lib/x86/sev.c index e9535ee20b7f..280ec42e281b 100644 --- a/tools/testing/selftests/kvm/lib/x86/sev.c +++ b/tools/testing/selftests/kvm/lib/x86/sev.c @@ -4,6 +4,23 @@ #include "sev.h" +bool is_sev_snp_vm(struct kvm_vm *vm) +{ + return vm->type == KVM_X86_SNP_VM; +} + +/* A SNP VM is also a SEV-ES VM */ +bool is_sev_es_vm(struct kvm_vm *vm) +{ + return is_sev_snp_vm(vm) || vm->type == KVM_X86_SEV_ES_VM; +} + +/* A SEV-ES and SNP VM is also a SEV VM */ +bool is_sev_vm(struct kvm_vm *vm) +{ + return is_sev_es_vm(vm) || vm->type == KVM_X86_SEV_VM; +} + /* * sparsebit_next_clear() can return 0 if [x, 2**64-1] are all set, and the * -1 would then cause an underflow back to 2**64 - 1. This is expected and diff --git a/tools/testing/selftests/kvm/x86/sev_smoke_test.c b/tools/testing/selftests/kvm/x86/sev_smoke_test.c index 38f647fe55d2..b18c78314d5b 100644 --- a/tools/testing/selftests/kvm/x86/sev_smoke_test.c +++ b/tools/testing/selftests/kvm/x86/sev_smoke_test.c @@ -123,7 +123,7 @@ static void test_sev(void *guest_code, uint64_t policy) for (;;) { vcpu_run(vcpu); - if (policy & SEV_POLICY_ES) { + if (is_sev_es_vm(vm)) { TEST_ASSERT(vcpu->run->exit_reason == KVM_EXIT_SYSTEM_EVENT, "Wanted SYSTEM_EVENT, got %s", exit_reason_str(vcpu->run->exit_reason)); From patchwork Mon Feb 3 22:32:02 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Pratik R. Sampat" X-Patchwork-Id: 13958326 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2061.outbound.protection.outlook.com [40.107.93.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1A97A211471; Mon, 3 Feb 2025 22:33:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.93.61 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738622021; cv=fail; b=HZy1nTu7PyzvgYQt3DMRHnxyIxSrHJZgfBYt3cpam1Xqf9WKz96OWViYX7B/IS+iEK8ea9UnjBgBAl+1vO1Rk55s/ZFahTzqyCD5ozbQXXAbkQmOJbVrAarHbg4iBi8ii0Rhl5i2s5Ya8A+2VH7VkqgzcIicvEGQUoA4aD1fl7U= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738622021; c=relaxed/simple; bh=NCE3S6EPDny2AwJQItQMRPIy96NGMIj2w1WxZ1aAm5o=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=LlqACprBIjAu+GXtepBLM/0PyvHWQxOKENg3CxCCNvMNd9i33bJI1xQOnbPKkEY5Zec9h6e2X+rIqP7G2D8Nsj8YS/3mX43+W/S4pnVbmjzrb8Bc2qyT/Xd0OVHT7Xg30ksOuH179kQgqsGGkYcIsAC4fSoW9j41S3ZcSVSS/iw= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=o8MEgKXi; arc=fail smtp.client-ip=40.107.93.61 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="o8MEgKXi" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=V3gUV7H2HtHLVXU0DHmTS96Yc8u5vOwpMkVL75BOiB59I2sZceiKU32jP1EFhRhAvpl8m04f27pt4tf6rLJ5yMFjY03/8FMjr5DC6rgiT1CifwuOg0hQV76wOcKnFxNHdbHRo5Vq1oim0u8ufczhH4i+a0h4mBst39IfJvdlD44vkS3jxHHKvUz5eaph7RfABsT/pfz6j2+sRM6OrVD5h+Umc+TyB+0Y/xQXpqGsFcKn7jmq4YBp8m5wB/Iz1f8TCt1t3giL1G5Ura1WYq7s0sgp/aecIOCPVuWqstkEmQCi6vz5vgPwcsCKIWav0H3vP8IeLAw9++jVMGAYus7G8Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=scG/YWKkmWSWmBdktSKvge4tOfw/hd/lidIATv3qGPo=; b=J+BaYGATdwxzdTI5KzIX/vK/aUKNqYrPyQFSlMYjbM4Q5iz/VcEAvTnj0CUQrvFb7lpxNlJff6JGzTc0hMuImmVt0mn2+so9UpOkqA98kI908hLgxsxuwrltRJHrcQBkrosGo1bKOOXE3cbfgCG9R+vVVlnzoyV8hd9YR3FNp7e/bYARU2fDUCMu8H4+SDIkp0Dr2K7UXS7nC82QFCH1zgzwpmBsxvXfLpizRaUlxjv3pQS3ZKmDAUj8gyjSM6IPvN/7WLcW7qV2IQ8i8NKkAt4niJca7jW/Oi6OsztH6j7ZMKZdE8behC1V63SXPdNi4hglPLvrlVcoTnC929WDYg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=scG/YWKkmWSWmBdktSKvge4tOfw/hd/lidIATv3qGPo=; b=o8MEgKXiEYj29qNkGXCj2T/tYuE8zCgr/oHMbkqZvxbA+w+F5iE9fRtrk1GpMtp43nyK11U5M9e42UgH2NOjrnaIRbW/Sdli8kk4pMaATFeGnte/8NmlyLW8EMZZ53LSbEIx9poNIi5s3vmEB14tO6zuPTpy4H0qajfmA9jmrs0= Received: from SN4PR0501CA0115.namprd05.prod.outlook.com (2603:10b6:803:42::32) by SA0PR12MB7092.namprd12.prod.outlook.com (2603:10b6:806:2d5::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8398.25; Mon, 3 Feb 2025 22:33:37 +0000 Received: from SN1PEPF0002BA4B.namprd03.prod.outlook.com (2603:10b6:803:42:cafe::2e) by SN4PR0501CA0115.outlook.office365.com (2603:10b6:803:42::32) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8230.8 via Frontend Transport; Mon, 3 Feb 2025 22:33:37 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF0002BA4B.mail.protection.outlook.com (10.167.242.68) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8398.14 via Frontend Transport; Mon, 3 Feb 2025 22:33:37 +0000 Received: from sampat-dell.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Mon, 3 Feb 2025 16:33:36 -0600 From: "Pratik R. Sampat" To: , , , , CC: , , , , , , , , , , , , , , Subject: [PATCH v6 6/9] KVM: selftests: Add library support for interacting with SNP Date: Mon, 3 Feb 2025 16:32:02 -0600 Message-ID: <20250203223205.36121-7-prsampat@amd.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250203223205.36121-1-prsampat@amd.com> References: <20250203223205.36121-1-prsampat@amd.com> Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF0002BA4B:EE_|SA0PR12MB7092:EE_ X-MS-Office365-Filtering-Correlation-Id: e8af336e-a134-4bae-1d0a-08dd44a2cd47 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|36860700013|1800799024|376014|82310400026|7416014; X-Microsoft-Antispam-Message-Info: +XnQjTctRoSiXU7m0ZVUVssdRRkPpqXzbTAly5TvtFhBGPcQApZnbRgcnZrArjF4Zc7yDQEyaBoSXxP9Zy+C3qZNgxOgYZmEwMzTXxo/aJyhtfqjmFuSJC99vNEZxwDm9hzlpaiZWDteu0dQVee9J7xDHXqmZtY635LnwYkIIVJLhFe2fRV8gsAR5Tq67t7NalhZm9z7VT9y8i46O/GfgcAeR7Qp993LjujnJgJvle1Nb4jzsehYFyx8z309leAc4qUVJGzF3mKTfoRVpPQm7thiDCU2K8geQDuTda7hBCqHbSudEvyAOoqF5jLKKftiVB4+V79WHXP8TIiaKtH+RJ53WEtPfhwy+H0GAxarO8/K/WR2KS6P+j9LEFvwscHXD9fh2zA3l8GKC+FBZT1iD1DSJTfKMhHwx6mEQdKoGjcFEc9y7LA2mlmtkZ6f2vmOMVWFA4khSU9hwhVpCTilRsBNg21FgEpgSp6qkZDXbCPelFplnwbJEzDI+rgw8MXkwiJp6y6vlGiF7lnRwOYNQl3QAaZ7NeFj62u3lCCIVaXJVcBBDciP6hTsS+jjQF636RS10mMD5qKFzhglGKHng3boW2n6K5Mwypq04lqjf2oGQLyv0ShIh1aGwXXBwdQb4RjEHaUphXiz3KnuSYl1+/BjBXq6QaVADn255Bl2f3d6ENTAqCh2PAXC7PK4Lz34xxyg6GTIMd8PbAiTaYfSRgjFVN4LN7jE4+mxs+9Gko3FJq3l0Y4cVT5hmCazF1hBP7Qk/3hb/TbXEC1QHT/uC+HYLuXuSxK2EbdjBspYTQ90uMmXWjXjTdEDs/st/oSEI+T3A2K370toMEY4cnzDSJDE+yDRG7kzL+OMlHAHrDfEB+WRASDIwkW4Z+lDxotV6XX/JTp1QWhM6pdaPUhW3SlVlcSU3Xu4f6yarqLCV8ou0ffXJJxcwkntsjhzg9eMHgiK/oSNP+1KwkXlHfz8y7e8ZfFUMP6DrnYhi9XSJKnjGY2GNb3t21puboNpdsElYpGYKsqjTIt9mfJp7HFYmouKWjjxo5S6EEv2dasc/n+BZktlsbfDEZu2zpRxQUwVcXY5crCfARHDdT8lTlcDGEcy4v/TSYqd6GhcqmZ3ur15ZSwjw0OucUlc+udnSmzSbbcRJ6x1XfgWboXHdqGyyZQbxH4MSVQRdVV8nepuSF6hFcmI4UYTp5DwGMiGhjwtH9aNKcqY3xhDJicBIJrMz9+c4jMO0HAAHKR4K+5C/RsNotkT3kKM0Jdtl/+BT11XOF5deaYKKB/63JTCAQbpKtuiI1DFiVIJinUWBIx6AtmBwo1X4zRoeBdPTN9Zrtpu3V8UbNGv8O2rn4+g/leVfnTLiRN9dtmXMYn46tOyXj1LmP0scxCA4cvyqL816fR4b5CiInlNyB44j5DsBhXUn2CDfxHGLYVBc6QOOo3WaBMbyJCdnfQ0B5SpGlYIIXtcBb3/iBO+2knkKm0kVQKRJwm+ALEJxzAcjk2qCmldhQk= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(36860700013)(1800799024)(376014)(82310400026)(7416014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Feb 2025 22:33:37.4921 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: e8af336e-a134-4bae-1d0a-08dd44a2cd47 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF0002BA4B.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB7092 Extend the SEV library to include support for SNP ioctl() wrappers, which aid in launching and interacting with a SEV-SNP guest. Tested-by: Srikanth Aithal Signed-off-by: Pratik R. Sampat --- v5..v6: * Collected tags from Srikanth. --- tools/testing/selftests/kvm/include/x86/sev.h | 49 ++++++++++- tools/testing/selftests/kvm/lib/x86/sev.c | 82 +++++++++++++++++-- 2 files changed, 125 insertions(+), 6 deletions(-) diff --git a/tools/testing/selftests/kvm/include/x86/sev.h b/tools/testing/selftests/kvm/include/x86/sev.h index faed91435963..fd5d5261e10e 100644 --- a/tools/testing/selftests/kvm/include/x86/sev.h +++ b/tools/testing/selftests/kvm/include/x86/sev.h @@ -22,9 +22,20 @@ enum sev_guest_state { SEV_GUEST_STATE_RUNNING, }; +/* Minimum firmware version required for the SEV-SNP support */ +#define SNP_MIN_API_MAJOR 1 +#define SNP_MIN_API_MINOR 51 + #define SEV_POLICY_NO_DBG (1UL << 0) #define SEV_POLICY_ES (1UL << 2) +#define SNP_POLICY_SMT (1ULL << 16) +#define SNP_POLICY_RSVD_MBO (1ULL << 17) +#define SNP_POLICY_DBG (1ULL << 19) + +#define SNP_FW_VER_MINOR(min) ((uint8_t)(min) << 0) +#define SNP_FW_VER_MAJOR(maj) ((uint8_t)(maj) << 8) + #define GHCB_MSR_TERM_REQ 0x100 #define VMGEXIT() { __asm__ __volatile__("rep; vmmcall"); } @@ -36,13 +47,35 @@ bool is_sev_snp_vm(struct kvm_vm *vm); void sev_vm_launch(struct kvm_vm *vm, uint32_t policy); void sev_vm_launch_measure(struct kvm_vm *vm, uint8_t *measurement); void sev_vm_launch_finish(struct kvm_vm *vm); +void snp_vm_launch_start(struct kvm_vm *vm, uint64_t policy); +void snp_vm_launch_update(struct kvm_vm *vm); +void snp_vm_launch_finish(struct kvm_vm *vm); struct kvm_vm *vm_sev_create_with_one_vcpu(uint32_t type, void *guest_code, struct kvm_vcpu **cpu); -void vm_sev_launch(struct kvm_vm *vm, uint32_t policy, uint8_t *measurement); +void vm_sev_launch(struct kvm_vm *vm, uint64_t policy, uint8_t *measurement); kvm_static_assert(SEV_RET_SUCCESS == 0); +/* + * A SEV-SNP VM requires the policy reserved bit to always be set. + * The SMT policy bit is also required to be set based on SMT being + * available and active on the system. + */ +static inline u64 snp_default_policy(void) +{ + bool smt_active = false; + FILE *f; + + f = fopen("/sys/devices/system/cpu/smt/active", "r"); + if (f) { + smt_active = fgetc(f) - '0'; + fclose(f); + } + + return SNP_POLICY_RSVD_MBO | (smt_active ? SNP_POLICY_SMT : 0); +} + /* * The KVM_MEMORY_ENCRYPT_OP uAPI is utter garbage and takes an "unsigned long" * instead of a proper struct. The size of the parameter is embedded in the @@ -76,6 +109,7 @@ kvm_static_assert(SEV_RET_SUCCESS == 0); void sev_vm_init(struct kvm_vm *vm); void sev_es_vm_init(struct kvm_vm *vm); +void snp_vm_init(struct kvm_vm *vm); static inline void sev_register_encrypted_memory(struct kvm_vm *vm, struct userspace_mem_region *region) @@ -99,4 +133,17 @@ static inline void sev_launch_update_data(struct kvm_vm *vm, vm_paddr_t gpa, vm_sev_ioctl(vm, KVM_SEV_LAUNCH_UPDATE_DATA, &update_data); } +static inline void snp_launch_update_data(struct kvm_vm *vm, vm_paddr_t gpa, + uint64_t hva, uint64_t size, uint8_t type) +{ + struct kvm_sev_snp_launch_update update_data = { + .uaddr = hva, + .gfn_start = gpa >> PAGE_SHIFT, + .len = size, + .type = type, + }; + + vm_sev_ioctl(vm, KVM_SEV_SNP_LAUNCH_UPDATE, &update_data); +} + #endif /* SELFTEST_KVM_SEV_H */ diff --git a/tools/testing/selftests/kvm/lib/x86/sev.c b/tools/testing/selftests/kvm/lib/x86/sev.c index 280ec42e281b..17d493e9907a 100644 --- a/tools/testing/selftests/kvm/lib/x86/sev.c +++ b/tools/testing/selftests/kvm/lib/x86/sev.c @@ -31,7 +31,8 @@ bool is_sev_vm(struct kvm_vm *vm) * and find the first range, but that's correct because the condition * expression would cause us to quit the loop. */ -static void encrypt_region(struct kvm_vm *vm, struct userspace_mem_region *region) +static void encrypt_region(struct kvm_vm *vm, struct userspace_mem_region *region, + uint8_t page_type) { const struct sparsebit *protected_phy_pages = region->protected_phy_pages; const vm_paddr_t gpa_base = region->region.guest_phys_addr; @@ -41,13 +42,35 @@ static void encrypt_region(struct kvm_vm *vm, struct userspace_mem_region *regio if (!sparsebit_any_set(protected_phy_pages)) return; - sev_register_encrypted_memory(vm, region); + if (!is_sev_snp_vm(vm)) + sev_register_encrypted_memory(vm, region); sparsebit_for_each_set_range(protected_phy_pages, i, j) { const uint64_t size = (j - i + 1) * vm->page_size; const uint64_t offset = (i - lowest_page_in_region) * vm->page_size; - sev_launch_update_data(vm, gpa_base + offset, size); + if (is_sev_snp_vm(vm)) { + snp_launch_update_data(vm, gpa_base + offset, + (uint64_t)addr_gpa2hva(vm, gpa_base + offset), + size, page_type); + } else { + sev_launch_update_data(vm, gpa_base + offset, size); + } + } +} + +static void privatize_region(struct kvm_vm *vm, struct userspace_mem_region *region) +{ + const struct sparsebit *protected_phy_pages = region->protected_phy_pages; + const vm_paddr_t gpa_base = region->region.guest_phys_addr; + const sparsebit_idx_t lowest_page_in_region = gpa_base >> vm->page_shift; + sparsebit_idx_t i, j; + + sparsebit_for_each_set_range(protected_phy_pages, i, j) { + const uint64_t size = (j - i + 1) * vm->page_size; + const uint64_t offset = (i - lowest_page_in_region) * vm->page_size; + + vm_mem_set_private(vm, gpa_base + offset, size); } } @@ -77,6 +100,14 @@ void sev_es_vm_init(struct kvm_vm *vm) } } +void snp_vm_init(struct kvm_vm *vm) +{ + struct kvm_sev_init init = { 0 }; + + assert(vm->type == KVM_X86_SNP_VM); + vm_sev_ioctl(vm, KVM_SEV_INIT2, &init); +} + void sev_vm_launch(struct kvm_vm *vm, uint32_t policy) { struct kvm_sev_launch_start launch_start = { @@ -93,7 +124,7 @@ void sev_vm_launch(struct kvm_vm *vm, uint32_t policy) TEST_ASSERT_EQ(status.state, SEV_GUEST_STATE_LAUNCH_UPDATE); hash_for_each(vm->regions.slot_hash, ctr, region, slot_node) - encrypt_region(vm, region); + encrypt_region(vm, region, 0); if (policy & SEV_POLICY_ES) vm_sev_ioctl(vm, KVM_SEV_LAUNCH_UPDATE_VMSA, NULL); @@ -129,6 +160,35 @@ void sev_vm_launch_finish(struct kvm_vm *vm) TEST_ASSERT_EQ(status.state, SEV_GUEST_STATE_RUNNING); } +void snp_vm_launch_start(struct kvm_vm *vm, uint64_t policy) +{ + struct kvm_sev_snp_launch_start launch_start = { + .policy = policy, + }; + + vm_sev_ioctl(vm, KVM_SEV_SNP_LAUNCH_START, &launch_start); +} + +void snp_vm_launch_update(struct kvm_vm *vm) +{ + struct userspace_mem_region *region; + int ctr; + + hash_for_each(vm->regions.slot_hash, ctr, region, slot_node) { + privatize_region(vm, region); + encrypt_region(vm, region, KVM_SEV_SNP_PAGE_TYPE_NORMAL); + } + + vm->arch.is_pt_protected = true; +} + +void snp_vm_launch_finish(struct kvm_vm *vm) +{ + struct kvm_sev_snp_launch_finish launch_finish = { 0 }; + + vm_sev_ioctl(vm, KVM_SEV_SNP_LAUNCH_FINISH, &launch_finish); +} + struct kvm_vm *vm_sev_create_with_one_vcpu(uint32_t type, void *guest_code, struct kvm_vcpu **cpu) { @@ -145,8 +205,20 @@ struct kvm_vm *vm_sev_create_with_one_vcpu(uint32_t type, void *guest_code, return vm; } -void vm_sev_launch(struct kvm_vm *vm, uint32_t policy, uint8_t *measurement) +void vm_sev_launch(struct kvm_vm *vm, uint64_t policy, uint8_t *measurement) { + if (is_sev_snp_vm(vm)) { + vm_enable_cap(vm, KVM_CAP_EXIT_HYPERCALL, (1 << KVM_HC_MAP_GPA_RANGE)); + + snp_vm_launch_start(vm, policy); + + snp_vm_launch_update(vm); + + snp_vm_launch_finish(vm); + + return; + } + sev_vm_launch(vm, policy); if (!measurement) From patchwork Mon Feb 3 22:32:03 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Pratik R. Sampat" X-Patchwork-Id: 13958327 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2080.outbound.protection.outlook.com [40.107.220.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 42A62212B09; Mon, 3 Feb 2025 22:33:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.220.80 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738622032; cv=fail; b=uUXWcq2V8eU7UnkLVBVteNefwukmQVDvAZyAuNDsA7z9uDCnafQCz5afUm92jED0/kJ97KJmHmFmXxEbo6xuvq5nTlZrUMjs2am1eHICnvW5xUf6YCJcptvCFnd4DuGZndp/0Rgkfm54/2wmbUBaejpRKzG9yoGG1av3exQOCe4= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738622032; c=relaxed/simple; bh=tyrSnNQj7m2pgzsnTmT60Iq30+aK0VbmX2qUnHYg0Do=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=isKn8x+H1B6f5123SM0rHvXtsHU2pZ/U40xlzCf9C0XMJpA5KL5YeKOF4IU+36/qKr2HdqEcLtow4CzudNmZdzAERceleejcsjqLRaRyh8u7qovwIQPyC7mMyaJ7cgBleNDcI7CYitX5yeuUPLhOpYBbOL/jHNLYSd/+i7YaMJI= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=IIPRU8mE; arc=fail smtp.client-ip=40.107.220.80 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="IIPRU8mE" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=dZ7xWb6SFnYo9LUH8UfeteiYXEJuQL2NU4r/oDhs0LlTMrh6eDrz5FZphQnl1EL9+WxA5jizH3Zx3CmrId0HLlPW+eq/bLL1Xc2rV1Affla9ybjl5OBZfES5FUvSsXLkBRzV9APblfak+dh8mp8jPeozXA0278YrIsYco0NmC1vudjxakq7m5fOhfoxi6YC/MP8+oON/f6flPGdlHjKV/SruNfF3vGTu8Qqu9WqQZgZC8KvTdhyJLldFt2Ysz7ACdrf9WBrkDiDoS9P7Sk3IyZNRTJeVisNiISqfjrH1XZIGEJmFX+CC9lF7BGIVixZIkiIllZA3OQE26VFgPpL2bw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=t9F2IFI91GFTPbJm2q7dCmQ8NcfczfdPaIYq3U6eKNg=; b=TSoVksV3mAxjXMAWlyreYSGMYvcps/3oCARwt1ZvKa/EKc0hH6EPVC/mR/jhHfFEHf2Z8bCaSbPzJPUx5P+8abiGvHCrHEZX+C01R92YevcBk+7OIPcg4+1QiP4mHzK+6/7JdN+fg/iOxpLZnimcLHA+uiheCqi29yOkOpIXUx5TXOkTFojaqG6clewX+OxiVCzIRsKw0lGlvh9BgnYvNfiGXb+5AzCK+Qr+/2PlYeJsURBdWuP56tVDuVh/ViRPCWdwGZKXHHlnFrkwtPGgLaNFfWWgaLlcyWBhhN8GqohOfoM55HrvIf7h0Qvz3Cqr6PY7+XqcgE2orhS142xkkA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=t9F2IFI91GFTPbJm2q7dCmQ8NcfczfdPaIYq3U6eKNg=; b=IIPRU8mE7+xiCMch4qSU5OwiewAM1Smy6SW0E5OSS+aEPwKLT9pZCCx/XxycmpARW8tIsZ23wx/tiI0Q0j0flX3Z0rBA5sdGtiNck6jCVsmBMEw6QEWHiMtwchYG6SLOQ4r8vXffpre8gQQYYloYkuZaNEbmDGXXI8GwBRFJeCs= Received: from SN6PR08CA0014.namprd08.prod.outlook.com (2603:10b6:805:66::27) by CYYPR12MB8750.namprd12.prod.outlook.com (2603:10b6:930:be::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8398.24; Mon, 3 Feb 2025 22:33:49 +0000 Received: from SN1PEPF0002BA4D.namprd03.prod.outlook.com (2603:10b6:805:66:cafe::99) by SN6PR08CA0014.outlook.office365.com (2603:10b6:805:66::27) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8398.24 via Frontend Transport; Mon, 3 Feb 2025 22:33:49 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF0002BA4D.mail.protection.outlook.com (10.167.242.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8398.14 via Frontend Transport; Mon, 3 Feb 2025 22:33:48 +0000 Received: from sampat-dell.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Mon, 3 Feb 2025 16:33:47 -0600 From: "Pratik R. Sampat" To: , , , , CC: , , , , , , , , , , , , , , Subject: [PATCH v6 7/9] KVM: selftests: Force GUEST_MEMFD flag for SNP VM type Date: Mon, 3 Feb 2025 16:32:03 -0600 Message-ID: <20250203223205.36121-8-prsampat@amd.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250203223205.36121-1-prsampat@amd.com> References: <20250203223205.36121-1-prsampat@amd.com> Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF0002BA4D:EE_|CYYPR12MB8750:EE_ X-MS-Office365-Filtering-Correlation-Id: d94e016b-fefd-41f1-0e6f-08dd44a2d41d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|82310400026|7416014|1800799024|36860700013|376014; X-Microsoft-Antispam-Message-Info: YI328HS5YJ6334dh6r9c3zQ5dUnpFIjp5quQr/xMhDB/YOuVo7127F9EGCp3BW8MdXugLG/N0FdK3q04pKcLROJNNmQAXKFfyJDf+MB0a6yBIAb8q2OgZQ4lssUbF8+74bOiX++cU29bIeto2SFOlHYfW/45QBhzUSd26m7X9slojijYdFDV1yikFaRxr8Jmdyex3KfB7z0BDJtp1LOql6p5yHgXX8RyuuiIY7YSxecCAe2GPbsjGsJiG1Mcsxpi3DJ4gJe0009gFaTvnaSz3JvGkxDtntuKQdCYpBZ9f4JcdKAT6ZIur/iJIEd1C09XbYmdwfZs58n5lAJBddgV8gUSMQNQeciMomYdhFKOSLIT7fCHguZ06AhBFyXC9pwnOyWKv0Qbze0rV556KBRnek6OVz5lvI/bX/bJ0JTtUWS8JFkc0QMTvU72g70o6TjY9DM2rKkQ9oZRDE8veNWr1nMc+F4IzlEe2kG7u3Usv8sqmuNynga6i8UnrndUyuM8nUIFa9Hod+9GKLw4cyBnTx8DaxVHzj7ShnBRYChuVmIWICsEbOmqQcPuimGmtDSH15a4BiAgxUuPbAonMWjPDBC0VJMZ3EXsunilvSRxvNf1b+6bNJqzKsl+t9Cv6meq1eM02C2LVKHlhx/UYeAWsCefpySeKq/nvObnPoJQ1CwWPxR5M4xZDJoBeUGcMeonoYmZIM96Zoc0auGYyQuHmyk7kXDHxbchuzgKqTxMa2sYyw5yEmnGORom/pb9RQpLpgCRFW7Xny7KVayHZciABt7BbtAN32AoopUy7aLjLR3QQ3H8SfCPLrgFyYexa03Wrj2L+oabot73B0FX50d2lPUBPTopFimtKICp5BptH4lq8FmzYa0EjFzO2GmHilhTnJvAAdOdbfrd8GP4UxK9oRAlVCOtDxIdqHFUYBKcHqadkUIyMEJC3PljVtRnmddd53XEN37eEWNHI6X7BXcC0K+1vkV7zXwWomC3Ic5LwwesWFTyxmvvMJJXFjCr+nbub6opPM6veUS4ma1afj7Mpoux7Kgn5K153Q5a2pr6VnkP7pamXnIbi1BbFFf3zURllGc7Sh5qWhAiCQUAMWPy8jJadp9Ksn/WNbihZFkRd9+no9ImKDLix2LhTtj6M2Vf0tnQqeLBjsHCV+2aEFRdwLl3vTgR4TmaYBJiuIW4uRFQMpx8YNLNK9RTQdDHPLIHldBkJXKsF7m63WAMI0sdYEgST2054LSIvSg4zJkbN4vg3cPJO4ziayIlOdPfwt0PyAhUIl5fbu96TvO7SJ2ZChdOqUvhzAUjSowFJng0v115//szqXp6xBq84tod1MkrVsEoBWRqx1rZ4TihXoPeeBwhYzwsXg0OzECmKDunnZvBoyBeZJ3r5Eam7cudlPF0qqVznKGJ4aL6XsDmiaJ85DrASlrVSJxXHf+v5M0ky8Xs/pjiKG/B3p75jJRvqXuPzOa/L6J9fuwRZOtuDL2Aig28g0F6xxxKKb+1923/htc= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(82310400026)(7416014)(1800799024)(36860700013)(376014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Feb 2025 22:33:48.9761 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: d94e016b-fefd-41f1-0e6f-08dd44a2d41d X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF0002BA4D.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CYYPR12MB8750 Force the SEV-SNP VM type to set the KVM_MEM_GUEST_MEMFD flag for the creation of private memslots. Tested-by: Srikanth Aithal Signed-off-by: Pratik R. Sampat --- v5..v6: * Collected tags from Srikanth. --- tools/testing/selftests/kvm/lib/kvm_util.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index 33fefeb3ca44..089488e2eaf6 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -413,14 +413,17 @@ struct kvm_vm *__vm_create(struct vm_shape shape, uint32_t nr_runnable_vcpus, nr_extra_pages); struct userspace_mem_region *slot0; struct kvm_vm *vm; - int i; + int i, flags = 0; pr_debug("%s: mode='%s' type='%d', pages='%ld'\n", __func__, vm_guest_mode_string(shape.mode), shape.type, nr_pages); vm = ____vm_create(shape); - vm_userspace_mem_region_add(vm, VM_MEM_SRC_ANONYMOUS, 0, 0, nr_pages, 0); + if (shape.type == KVM_X86_SNP_VM) + flags |= KVM_MEM_GUEST_MEMFD; + + vm_userspace_mem_region_add(vm, VM_MEM_SRC_ANONYMOUS, 0, 0, nr_pages, flags); for (i = 0; i < NR_MEM_REGIONS; i++) vm->memslots[i] = 0; From patchwork Mon Feb 3 22:32:04 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Pratik R. Sampat" X-Patchwork-Id: 13958328 Received: from NAM02-DM3-obe.outbound.protection.outlook.com (mail-dm3nam02on2057.outbound.protection.outlook.com [40.107.95.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 035EA21127A; Mon, 3 Feb 2025 22:34:05 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.95.57 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738622047; cv=fail; b=UZHoSBuI+ssQ7GvAAqgOB0ngnwDJq/UU8h6to13IveIOmsoPbSHUa+mWWP8HRXPjMA5zmALgUXZGiYk6TpYQSIwa5bZFBnl6iHggbil9ifSw677dlmGsWV5s5gJ8W40Tgh3i+OlLtVKwjMxsP5cc9p7H1cmD8ynqrjnNZNWTFfI= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738622047; c=relaxed/simple; bh=gjF6RwvFM3+AxLkfdzH5nG84Xlmb7qkJUly30/YWM+w=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=hdjQdPeI1+vCCEq53VAr4O7GTCDk3gsDjt87doWzfv+Yqoamp4J2noqi8N515DYdF8RiI5g7ih6/QtO+FRzrVfPduzEauQIvA0rS6bc59g0uR+PRgIpq/DT/6LPrSpir2wfxJVLeUhXamL2UeiiDKVo31o132VihR2g1d6SOk7E= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=hS3U7/vb; arc=fail smtp.client-ip=40.107.95.57 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="hS3U7/vb" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=ZjQufW9N4TRPh8lpEhYuZ2XanJ4xYvGbFDWV87YrZiz4/+VVKgydjGbku9f+MEJ1ruXqH4UvOWOyxEkalZDFpKGJxdvCf6PBpXf6MeswVnT2SghSXXajUG255GDd4bPJOfLpkp7wGrEZ80kNhsc2Cnp4x2uduCAN+MI+D0DU2aT5DqaVuDJ/irahZYqPcr7Nfw0wLU4NPknUJV9d1MUTVSYI7L2g9pB4O6jEPQAg7+ETdXlRjI+KsAmN1hfmsI43p55UiAgqe2DGbVQEZH94hJtoOXBf9btgjYDDYNi26/MEnWR7iUcX2Tv/PKb/D7AGQ4AK0rohTU2Jd5Z+JNEfvw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=L8rOb7xOLAnHjqTXAMw0UrPPaw8BFnYRv+6NKczzBfU=; b=EdvEYzeDnZLipFtyT1c6ZXemxw4yLGDUXzHjarw4cF2s9tWNEQ2Y+YE9rGbie/a7tDJwhghGJF6sazQngDAxDiGlgQ+N3G3RBhOnQaRChaZBNWvCerqeuisrcmVdNW0Dy/fmvv4frm4D4hkqJSufpiBkJet+kC/+0MdpXs3B3m9ZxjEaIS+OUGFQCk3lY2WWfC1g4Aqwc0ccNrpxqmuUxxOc5iq1WCq8ns5PNRiLahe/gzRM9nPFV+r/Hsez6EDFfULmjbiUy/+97vM/6Y0eiHyGS/f10e84McRpKlW0gkhKX8lUo90AHHI7Mh258byh0xK6agVHKZESrEND565F2Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=L8rOb7xOLAnHjqTXAMw0UrPPaw8BFnYRv+6NKczzBfU=; b=hS3U7/vbQ8pBhLiCqF9CqNZV3GGNMTC9AJcZBw/qyv6u3O0y+AAwaW0YKSywf5+a/XP14J7YhhBpvTmPm4iv8/dYEAWc7KyWOrrvrZJ3ioLjCpFQev2Ri80ZRj5/uzES5djDXPEeAIU/Eb1nZT1meM31K+z/2F6B742ZIEqU6m8= Received: from SA9PR13CA0076.namprd13.prod.outlook.com (2603:10b6:806:23::21) by IA0PR12MB8349.namprd12.prod.outlook.com (2603:10b6:208:407::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8398.25; Mon, 3 Feb 2025 22:34:01 +0000 Received: from SN1PEPF0002BA51.namprd03.prod.outlook.com (2603:10b6:806:23:cafe::e6) by SA9PR13CA0076.outlook.office365.com (2603:10b6:806:23::21) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8398.23 via Frontend Transport; Mon, 3 Feb 2025 22:34:01 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF0002BA51.mail.protection.outlook.com (10.167.242.74) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8398.14 via Frontend Transport; Mon, 3 Feb 2025 22:34:00 +0000 Received: from sampat-dell.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Mon, 3 Feb 2025 16:33:59 -0600 From: "Pratik R. Sampat" To: , , , , CC: , , , , , , , , , , , , , , Subject: [PATCH v6 8/9] KVM: selftests: Abstractions for SEV to decouple policy from type Date: Mon, 3 Feb 2025 16:32:04 -0600 Message-ID: <20250203223205.36121-9-prsampat@amd.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250203223205.36121-1-prsampat@amd.com> References: <20250203223205.36121-1-prsampat@amd.com> Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF0002BA51:EE_|IA0PR12MB8349:EE_ X-MS-Office365-Filtering-Correlation-Id: cdfc476d-459a-4882-b5e0-08dd44a2db11 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|376014|82310400026|7416014|36860700013; X-Microsoft-Antispam-Message-Info: 8VfVHTL3s7KN6ZRoo6pX6jWIojH549pUeLK0BlSDUc2dkuuTBxJtlaqt1oDTi3OGcmUGPXKDhsAdkB9z1jR69u2XLPXgDtC6b2/VeBLK0mOhRm46sXFRLoVfgQj6W/zEI3NOXue0ecftrmO8U6mc3g521ocHN0i806FOQ1bqBwLE3M+vZ3vZuEMKEx4vQqz1S0kDrkYlAiG/NS/fYmpiEp7UmavNTjU2sqNy3XRaFkqMn1QBPUvPITOQs1RxDtbL+goZAYVk6XPTAAiwERkQ0SAfhz2cdljx5fU5jhe7cLSgbkqF+Ea/XaeT46TNyOR0Um6rNP9V4lZf+nZVbKb0VXI98DBUDH/Rl9FzuMWeYMMTr+8tWDSC2ccG7ws3kA1cdhbmgj+HQ62VaYqUayAuDSO/vOCYGycQl2hcmXUCdZoriOoIrtbtkmAZDpgT4s5itbDVdh5odo5AtLXQLzF1tJ76Q5kbspbATvHo8YeMlU0JRN1wA1PK1CtGrhCG5NEIECjDB5Q4hbUOhLs/CdkzlqLzY/Sx0ldmGSMQIufGIV65PiKTSQsEO6pkkeg+/Pp/v0vuu5tXMzsRHDO+MZT9FF6NRW7Lg2qZ6PcXDo3MtUtabIk48f9NeHjDiWya5rY2YFAW7L2xSQB8gLfpj0XgP4ErTy14S6j6rrx1Uha4MIWH9lMDv8P7joDBOGQKt4xEuukkcB7opxUqRHYVCdjFkpd0zE0P/FM8RqycYaXLGIVdsRWj48sBGI5TYnYhS4pEooxayVUzjvZuzvG0g8cwz30X7+SeZgFxgf8cIvixRww2QbagtDZIiAt4xqh+0MeSxMxt7LY8eaEFAMI3hoJU4eFtnMlRk3QOiN0+jqxqzKIOcJZXKmY5hYBeC5aYG//eawgOqa6VzcEa99U+xBlFCWTQqaL/9NRBXH8FCbHgLD1Q9RT/Wg5A8zlLLGfqtfC4U9CAY8npLMfFvtQi6x6LvD6XEw6KeS4wNap7hqz0wvs8DkzEJbSIWrYx10PbH+8927DDnhGlitD5KCj9/Ti3SGnqnWHT+a0arKsRhxf8jV7HxYgp6zfUeXj9rYXcGMQVM0W7IiiDx+8HJCXY3hhec95upGymj7NB38pK9h/xVffp4kyaXFnu870TRs9VSAQA0hNMH8J8tFDx5RkIk8YoMo7ZMK5pYJ44YIkQeCjCZh2H3vWJjD0xEU0ENJDjdSCBMZRlPoPAM/B8uhbqt+c0DCuYd72ZMzfyVH+HBm5stJYnoKnFaEKFb7livwxI/hyTe7WWop6oiy2pb+wxWZN5n+bg2RGpICbkdCHP6HhF2Azj/yb6Rxz40eqmReuiJvPnFnCWpydgvyTJ3pi4+d6uOVPbpw7hawRboxGVwyiO7ECGaxo28x23+fLDNTdBmr8rF8DaqnDMtVMGSmklGc/NGIkKQfdu6PgGOVyAh39CfAWUK0c8rN4Fbwn95GbMRNrzmILLz4+yCcpa6tTXV+3ooTqtiRuqf8ihGhhKJBjQ+44= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(1800799024)(376014)(82310400026)(7416014)(36860700013);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Feb 2025 22:34:00.6302 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: cdfc476d-459a-4882-b5e0-08dd44a2db11 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF0002BA51.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA0PR12MB8349 In preparation for SNP, cleanup the smoke test to decouple deriving type from policy. Introduce, wrappers for SEV and SEV-ES types to abstract the parametrized launch tests calls and reduce verbosity. No functional change intended. Tested-by: Srikanth Aithal Signed-off-by: Pratik R. Sampat --- v5..v6: * Collected tags from Srikanth. --- .../selftests/kvm/x86/sev_smoke_test.c | 50 ++++++++++++------- 1 file changed, 33 insertions(+), 17 deletions(-) diff --git a/tools/testing/selftests/kvm/x86/sev_smoke_test.c b/tools/testing/selftests/kvm/x86/sev_smoke_test.c index b18c78314d5b..3a36cd3ca151 100644 --- a/tools/testing/selftests/kvm/x86/sev_smoke_test.c +++ b/tools/testing/selftests/kvm/x86/sev_smoke_test.c @@ -61,7 +61,7 @@ static void compare_xsave(u8 *from_host, u8 *from_guest) abort(); } -static void test_sync_vmsa(uint32_t policy) +static void __test_sync_vmsa(uint32_t type, uint64_t policy) { struct kvm_vcpu *vcpu; struct kvm_vm *vm; @@ -71,7 +71,7 @@ static void test_sync_vmsa(uint32_t policy) double x87val = M_PI; struct kvm_xsave __attribute__((aligned(64))) xsave = { 0 }; - vm = vm_sev_create_with_one_vcpu(KVM_X86_SEV_ES_VM, guest_code_xsave, &vcpu); + vm = vm_sev_create_with_one_vcpu(type, guest_code_xsave, &vcpu); gva = vm_vaddr_alloc_shared(vm, PAGE_SIZE, KVM_UTIL_MIN_VADDR, MEM_REGION_TEST_DATA); hva = addr_gva2hva(vm, gva); @@ -88,7 +88,7 @@ static void test_sync_vmsa(uint32_t policy) : "ymm4", "st", "st(1)", "st(2)", "st(3)", "st(4)", "st(5)", "st(6)", "st(7)"); vcpu_xsave_set(vcpu, &xsave); - vm_sev_launch(vm, SEV_POLICY_ES | policy, NULL); + vm_sev_launch(vm, policy, NULL); /* This page is shared, so make it decrypted. */ memset(hva, 0, 4096); @@ -107,14 +107,12 @@ static void test_sync_vmsa(uint32_t policy) kvm_vm_free(vm); } -static void test_sev(void *guest_code, uint64_t policy) +static void __test_sev(void *guest_code, uint32_t type, uint64_t policy) { struct kvm_vcpu *vcpu; struct kvm_vm *vm; struct ucall uc; - uint32_t type = policy & SEV_POLICY_ES ? KVM_X86_SEV_ES_VM : KVM_X86_SEV_VM; - vm = vm_sev_create_with_one_vcpu(type, guest_code, &vcpu); /* TODO: Validate the measurement is as expected. */ @@ -149,6 +147,21 @@ static void test_sev(void *guest_code, uint64_t policy) kvm_vm_free(vm); } +static void test_sev(uint64_t policy) +{ + __test_sev(guest_sev_code, KVM_X86_SEV_VM, policy); +} + +static void test_sev_es(uint64_t policy) +{ + __test_sev(guest_sev_es_code, KVM_X86_SEV_ES_VM, policy); +} + +static void test_sync_vmsa_sev_es(uint64_t policy) +{ + __test_sync_vmsa(KVM_X86_SEV_ES_VM, policy); +} + static void guest_shutdown_code(void) { struct desc_ptr idt; @@ -160,16 +173,14 @@ static void guest_shutdown_code(void) __asm__ __volatile__("ud2"); } -static void test_sev_es_shutdown(void) +static void __test_sev_shutdown(uint32_t type, uint64_t policy) { struct kvm_vcpu *vcpu; struct kvm_vm *vm; - uint32_t type = KVM_X86_SEV_ES_VM; - vm = vm_sev_create_with_one_vcpu(type, guest_shutdown_code, &vcpu); - vm_sev_launch(vm, SEV_POLICY_ES, NULL); + vm_sev_launch(vm, policy, NULL); vcpu_run(vcpu); TEST_ASSERT(vcpu->run->exit_reason == KVM_EXIT_SHUTDOWN, @@ -179,25 +190,30 @@ static void test_sev_es_shutdown(void) kvm_vm_free(vm); } +static void test_sev_es_shutdown(uint64_t policy) +{ + __test_sev_shutdown(KVM_X86_SEV_ES_VM, SEV_POLICY_ES); +} + int main(int argc, char *argv[]) { const u64 xf_mask = XFEATURE_MASK_X87_AVX; TEST_REQUIRE(kvm_cpu_has(X86_FEATURE_SEV)); - test_sev(guest_sev_code, SEV_POLICY_NO_DBG); - test_sev(guest_sev_code, 0); + test_sev(SEV_POLICY_NO_DBG); + test_sev(0); if (kvm_cpu_has(X86_FEATURE_SEV_ES)) { - test_sev(guest_sev_es_code, SEV_POLICY_ES | SEV_POLICY_NO_DBG); - test_sev(guest_sev_es_code, SEV_POLICY_ES); + test_sev_es(SEV_POLICY_ES | SEV_POLICY_NO_DBG); + test_sev_es(SEV_POLICY_ES); - test_sev_es_shutdown(); + test_sev_es_shutdown(SEV_POLICY_ES); if (kvm_has_cap(KVM_CAP_XCRS) && (xgetbv(0) & kvm_cpu_supported_xcr0() & xf_mask) == xf_mask) { - test_sync_vmsa(0); - test_sync_vmsa(SEV_POLICY_NO_DBG); + test_sync_vmsa_sev_es(SEV_POLICY_ES); + test_sync_vmsa_sev_es(SEV_POLICY_NO_DBG | SEV_POLICY_ES); } } From patchwork Mon Feb 3 22:32:05 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Pratik R. Sampat" X-Patchwork-Id: 13958329 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2044.outbound.protection.outlook.com [40.107.223.44]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BD76720FA9D; Mon, 3 Feb 2025 22:34:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.223.44 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738622058; cv=fail; b=Dvx+OCB8G34EpxIT8dV6jvmJ2Aw4a6xwfe9SPsCYbzJAkRZnTN5b3pdliayRO/Cw5ByqolfWqA8jH4/HdjD4KueNSBWRzPVb5R17+pzHLoanUGYadeOKg+0YgR+TvVFZ4cLH+j74V1jhRsuPs5kVkaqAa5iC8qbqBhOGFgTy2II= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738622058; c=relaxed/simple; bh=9MgVYFLYY4ec9JxQTapimjL+0DXZVB6JSMMKAI32RLA=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=mX2arxG7p/8VRiSku7DXsgQzKicsBX1YqK354g0qn3g2uNKF+KDaYGatetfDE3HZGoI+hYCL/bS5vpPyQ6KrSWV3ZZmAs8U7qLt3Dmw4HKXUvzH8x97hEiSenWCy4Q3als8G8sBEjbDbIMNhw7aErRhyE0Pr+sJTY0FZ4TMhDXo= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=cbC4Ndm5; arc=fail smtp.client-ip=40.107.223.44 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="cbC4Ndm5" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=KBb7AWiiYiqmi+d4xRWucoSl6SLb6NwrNNayw2YVMyvsRBhb3NgBoG4KloZhJ3nNrT5R1FiTmnV1zd3oQNzSPwZDmL126h9lWNVhbnkkPALv68ys3gozpy6KNlSgaTx73+KKOdsrV8db8S5MkxBKgOpl/UBXy8svtpJGsTutR9GPNO2cp06Tr9a7uusvTYyOSYFgV74x+CcNLOBuGAH6Pm04d/lSt1lMPjtECEyga4qYggWKMSNU+zmRPC2flM/jc41hnMx5s9p2E4C7Kr3eSihxqLWC25hsjV3u3TwJWS+MyCqQPBJ+byM68Bdj7fkcqLAk2vbK+0do4AAwtNzF8A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=AMonE8Jnl1T77qB+HYCpOlYadKOE73Jwtdt+alX6DUI=; b=qDfYspILVXUj48JOkoSdhP6JS+x5gurLCCeccIwWu5IZAb4cI52nU5JjZC3M2ufOcX+PtHbasiuyqVRRP8e0gHYYBkvwRAqxzhRtmqnkaTfcQ26S7SEG/HG5pShQ7SI01jxrl7Nb497016k7R5+iLlIeVxxPENJ5+oIkSxnIFWBGGLtr7obUNCr/1Rj0EvPMgXkD9IjJDQChOboWUshWDbveeN5FwGb/MdQL+2lWMuEmnc0d8fq3KOgqmKmw8ExEdlX6NLGvIfGcGqOZjsuTkImqq9KxU9fD/Ja13KBJ/wcdoLmoPSYIy5b9xg42lUeRHAw2pHl07fJ97NQwQH09RQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=AMonE8Jnl1T77qB+HYCpOlYadKOE73Jwtdt+alX6DUI=; b=cbC4Ndm5FMar6RT+XQ08V8J6g4Fg0upDfu18PiEf67P5yXp3H0tHlsCvju+QHGwnBhKE8SxBXGoH3gTIUzk1J0FzaSsURDBaU+vGbvE3788jmfbscspc+OFbZZJ50nf1lsa/92zL006v58KC9LqWF5jXCetmG1LBpfOf75Z4hd0= Received: from BYAPR06CA0061.namprd06.prod.outlook.com (2603:10b6:a03:14b::38) by MW5PR12MB5599.namprd12.prod.outlook.com (2603:10b6:303:194::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8398.24; Mon, 3 Feb 2025 22:34:12 +0000 Received: from SN1PEPF0002BA52.namprd03.prod.outlook.com (2603:10b6:a03:14b:cafe::5e) by BYAPR06CA0061.outlook.office365.com (2603:10b6:a03:14b::38) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8398.25 via Frontend Transport; Mon, 3 Feb 2025 22:34:12 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF0002BA52.mail.protection.outlook.com (10.167.242.75) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8398.14 via Frontend Transport; Mon, 3 Feb 2025 22:34:12 +0000 Received: from sampat-dell.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Mon, 3 Feb 2025 16:34:10 -0600 From: "Pratik R. Sampat" To: , , , , CC: , , , , , , , , , , , , , , Subject: [PATCH v6 9/9] KVM: selftests: Add a basic SEV-SNP smoke test Date: Mon, 3 Feb 2025 16:32:05 -0600 Message-ID: <20250203223205.36121-10-prsampat@amd.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250203223205.36121-1-prsampat@amd.com> References: <20250203223205.36121-1-prsampat@amd.com> Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF0002BA52:EE_|MW5PR12MB5599:EE_ X-MS-Office365-Filtering-Correlation-Id: 9c1566f9-3a56-4293-b237-08dd44a2e1ee X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|82310400026|7416014|376014|1800799024|36860700013; X-Microsoft-Antispam-Message-Info: +xiATD8DH8VnUlLZQy2uhFLJxLlxBXD3nUCnra4qGkLPoPtVo76abBAR/Y4ik7oqXmmHXUMbkDmtwWYr18qMm7RTno/r/g4QnQBSuM8MeF3l/5+v9MPe4Raz02AUuncQx2uM4V+V71h+Fgpr9cBxAjWQa5o2w6To0qPWW6Vr4DxjYwo+VoqeiWthr7kf0IxgG4RJXg000qaxav4TXw7MhXi5IXIli2hJgPpLVFgqkwqmXg+RcOL8TD0MmqR16XFxiXa6mDBTr9MZOo5aypKsqk9MBVYgJEyHFzOxloHuIHWxfRaIPHtowIPWkqArjIj7T+8NDqmtW/NORlsVNazw9C01jB3RBMZzLW/2hQ1WFkoR062A0MalkprIPI3Qc/AFyniqesITHsGIHfUpTzFVqfPM/yvFmWEFi5iFcAUUMBmRU2yXkyVMmoPm0agr+sNt0AC+z/avygGankJQMW6B/GqAPnV4PLSovBDviish3glK6cgliNPPNpEvhfu/fCMkJn6qy7KKXSsUU7gjm6SxmAQHSyl/M9WX8kMMU8u7fTgQ7xlCOX8EzWmDeiiZsZ8YayUPEIVL9PKh/2UZ3hWW5szc+VJUVLoFYuj9ySZeKd0bMGOhZ02PiUqX6tJazIGDfrhLrRjYg9pmoImZXVg59oiOqdUKxMG4G7tqsxe1ClNu3D1G4zS5u6lgT6uxkuZrrQ7vr50Ck+NzyyXYJ9I3+ocDbSAeibQnThUl/hSxBLeS9IWKZvoFU4hFtBT4hjFbAJsd+1e2pFm92vvZZrCaq6pVLer7pJxDvUf9/aNgJfeJDyGHZScMzA8Hcohwytl67fmWpTXKdJvY7B79T3iiBAw3MTNT646XtRXYYdI3DvtwQJPhMTPWzJDsBr7F1ftNBdSAQU5mUB1P1WICcWR64nfZwmaech6AhADPJoeRRaGqV3BrNA5WLBjeRTd27Um6D0/RS9bE4AO1F/J4SYnAE2yQWpaxFsQs7K/DbGFXzohTopSnhqUnaLWj9BGQNp29Jg+FgICkeASvccZ8ol3KenYa0c5loSeG1SOreN1Tb++D6Z5RWHZNyUqB5wUqMhRqshOdk/rm5oK156WIaDWAueQfm+0tbX4oK9rRfMYYr9p8kvzQTPn0DxgX4zDO3qny5C2b1XqIHfBV3D2xn6bTjzmqgeZt82w+cai52JkRP+yBLJzt3vKv/jIW3szQxEN30BxLbxdm05BtMv/MMPpz0VCJcFQxs2XRBvu0FwHZG8h3JD2ZgrcpsrCMzJyik+VJ6wk84owW4mLuXlJy4UQVKkSnbKO9sH5/AAJZ2nVdcIB1Ii2CCvtzpPnGaRT/iAc2wsxCGsACyvU9ONhf95KRt5c5XWWmaS/MN9N3gYxhV3fAiSY/M2qh3rJZVWXAsx1tPa5qPFPL93ZA7TlN5r1jLQJMxPt4zNnh167oEGLjGCVWUCYtfOeYXM2D1qcCfdB1IwA/uEG963HptsWu/fky3zxXIHeogScUj+iuUVmHTj0= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(82310400026)(7416014)(376014)(1800799024)(36860700013);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Feb 2025 22:34:12.1604 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 9c1566f9-3a56-4293-b237-08dd44a2e1ee X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF0002BA52.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW5PR12MB5599 Extend sev_smoke_test to also run a minimal SEV-SNP smoke test that initializes and sets up private memory regions required to run a simple SEV-SNP guest. Similar to its SEV-ES smoke test counterpart, this also does not support GHCB and ucall yet and uses the GHCB MSR protocol to trigger an exit of the type KVM_EXIT_SYSTEM_EVENT. Tested-by: Srikanth Aithal Signed-off-by: Pratik R. Sampat --- v5..v6: * Rename KVM CPU feature X86_FEATURE_SNP to X86_FEATURE_SEV_SNP (Nikunj) * Collected tags from Srikanth. --- .../selftests/kvm/x86/sev_smoke_test.c | 42 +++++++++++++++++++ 1 file changed, 42 insertions(+) diff --git a/tools/testing/selftests/kvm/x86/sev_smoke_test.c b/tools/testing/selftests/kvm/x86/sev_smoke_test.c index 3a36cd3ca151..3336550152c0 100644 --- a/tools/testing/selftests/kvm/x86/sev_smoke_test.c +++ b/tools/testing/selftests/kvm/x86/sev_smoke_test.c @@ -16,6 +16,18 @@ #define XFEATURE_MASK_X87_AVX (XFEATURE_MASK_FP | XFEATURE_MASK_SSE | XFEATURE_MASK_YMM) +static void guest_snp_code(void) +{ + uint64_t sev_msr = rdmsr(MSR_AMD64_SEV); + + GUEST_ASSERT(sev_msr & MSR_AMD64_SEV_ENABLED); + GUEST_ASSERT(sev_msr & MSR_AMD64_SEV_ES_ENABLED); + GUEST_ASSERT(sev_msr & MSR_AMD64_SEV_SNP_ENABLED); + + wrmsr(MSR_AMD64_SEV_ES_GHCB, GHCB_MSR_TERM_REQ); + VMGEXIT(); +} + static void guest_sev_es_code(void) { /* TODO: Check CPUID after GHCB-based hypercall support is added. */ @@ -157,11 +169,21 @@ static void test_sev_es(uint64_t policy) __test_sev(guest_sev_es_code, KVM_X86_SEV_ES_VM, policy); } +static void test_snp(uint64_t policy) +{ + __test_sev(guest_snp_code, KVM_X86_SNP_VM, policy); +} + static void test_sync_vmsa_sev_es(uint64_t policy) { __test_sync_vmsa(KVM_X86_SEV_ES_VM, policy); } +static void test_sync_vmsa_snp(uint64_t policy) +{ + __test_sync_vmsa(KVM_X86_SNP_VM, policy); +} + static void guest_shutdown_code(void) { struct desc_ptr idt; @@ -195,6 +217,11 @@ static void test_sev_es_shutdown(uint64_t policy) __test_sev_shutdown(KVM_X86_SEV_ES_VM, SEV_POLICY_ES); } +static void test_snp_shutdown(uint64_t policy) +{ + __test_sev_shutdown(KVM_X86_SNP_VM, policy); +} + int main(int argc, char *argv[]) { const u64 xf_mask = XFEATURE_MASK_X87_AVX; @@ -217,5 +244,20 @@ int main(int argc, char *argv[]) } } + if (kvm_cpu_has(X86_FEATURE_SEV_SNP)) { + uint64_t snp_policy = snp_default_policy(); + + test_snp(snp_policy); + /* Test minimum firmware level */ + test_snp(snp_policy | SNP_FW_VER_MAJOR(SNP_MIN_API_MAJOR) | + SNP_FW_VER_MINOR(SNP_MIN_API_MINOR)); + + test_snp_shutdown(snp_policy); + + if (kvm_has_cap(KVM_CAP_XCRS) && + (xgetbv(0) & kvm_cpu_supported_xcr0() & xf_mask) == xf_mask) + test_sync_vmsa_snp(snp_policy); + } + return 0; }