mirror of
				git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
				synced 2025-09-04 20:19:47 +08:00 
			
		
		
		
	KVM: SEV: Add KVM_SEV_SNP_LAUNCH_START command
KVM_SEV_SNP_LAUNCH_START begins the launch process for an SEV-SNP guest. The command initializes a cryptographic digest context used to construct the measurement of the guest. Other commands can then at that point be used to load/encrypt data into the guest's initial launch image. For more information see the SEV-SNP specification. Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Co-developed-by: Michael Roth <michael.roth@amd.com> Signed-off-by: Michael Roth <michael.roth@amd.com> Signed-off-by: Ashish Kalra <ashish.kalra@amd.com> Message-ID: <20240501085210.2213060-6-michael.roth@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This commit is contained in:
		
							parent
							
								
									1dfe571c12
								
							
						
					
					
						commit
						136d8bc931
					
				| @ -466,6 +466,30 @@ issued by the hypervisor to make the guest ready for execution. | |||||||
| 
 | 
 | ||||||
| Returns: 0 on success, -negative on error | Returns: 0 on success, -negative on error | ||||||
| 
 | 
 | ||||||
|  | 18. KVM_SEV_SNP_LAUNCH_START | ||||||
|  | ---------------------------- | ||||||
|  | 
 | ||||||
|  | The KVM_SNP_LAUNCH_START command is used for creating the memory encryption | ||||||
|  | context for the SEV-SNP guest. It must be called prior to issuing | ||||||
|  | KVM_SEV_SNP_LAUNCH_UPDATE or KVM_SEV_SNP_LAUNCH_FINISH; | ||||||
|  | 
 | ||||||
|  | Parameters (in): struct  kvm_sev_snp_launch_start | ||||||
|  | 
 | ||||||
|  | Returns: 0 on success, -negative on error | ||||||
|  | 
 | ||||||
|  | :: | ||||||
|  | 
 | ||||||
|  |         struct kvm_sev_snp_launch_start { | ||||||
|  |                 __u64 policy;           /* Guest policy to use. */ | ||||||
|  |                 __u8 gosvw[16];         /* Guest OS visible workarounds. */ | ||||||
|  |                 __u16 flags;            /* Must be zero. */ | ||||||
|  |                 __u8 pad0[6]; | ||||||
|  |                 __u64 pad1[4]; | ||||||
|  |         }; | ||||||
|  | 
 | ||||||
|  | See SNP_LAUNCH_START in the SEV-SNP specification [snp-fw-abi]_ for further | ||||||
|  | details on the input parameters in ``struct kvm_sev_snp_launch_start``. | ||||||
|  | 
 | ||||||
| Device attribute API | Device attribute API | ||||||
| ==================== | ==================== | ||||||
| 
 | 
 | ||||||
| @ -497,9 +521,11 @@ References | |||||||
| ========== | ========== | ||||||
| 
 | 
 | ||||||
| 
 | 
 | ||||||
| See [white-paper]_, [api-spec]_, [amd-apm]_ and [kvm-forum]_ for more info. | See [white-paper]_, [api-spec]_, [amd-apm]_, [kvm-forum]_, and [snp-fw-abi]_ | ||||||
|  | for more info. | ||||||
| 
 | 
 | ||||||
| .. [white-paper] https://developer.amd.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf | .. [white-paper] https://developer.amd.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf | ||||||
| .. [api-spec] https://support.amd.com/TechDocs/55766_SEV-KM_API_Specification.pdf | .. [api-spec] https://support.amd.com/TechDocs/55766_SEV-KM_API_Specification.pdf | ||||||
| .. [amd-apm] https://support.amd.com/TechDocs/24593.pdf (section 15.34) | .. [amd-apm] https://support.amd.com/TechDocs/24593.pdf (section 15.34) | ||||||
| .. [kvm-forum]  https://www.linux-kvm.org/images/7/74/02x08A-Thomas_Lendacky-AMDs_Virtualizatoin_Memory_Encryption_Technology.pdf | .. [kvm-forum]  https://www.linux-kvm.org/images/7/74/02x08A-Thomas_Lendacky-AMDs_Virtualizatoin_Memory_Encryption_Technology.pdf | ||||||
|  | .. [snp-fw-abi] https://www.amd.com/system/files/TechDocs/56860.pdf | ||||||
|  | |||||||
| @ -697,6 +697,9 @@ enum sev_cmd_id { | |||||||
| 	/* Second time is the charm; improved versions of the above ioctls.  */ | 	/* Second time is the charm; improved versions of the above ioctls.  */ | ||||||
| 	KVM_SEV_INIT2, | 	KVM_SEV_INIT2, | ||||||
| 
 | 
 | ||||||
|  | 	/* SNP-specific commands */ | ||||||
|  | 	KVM_SEV_SNP_LAUNCH_START = 100, | ||||||
|  | 
 | ||||||
| 	KVM_SEV_NR_MAX, | 	KVM_SEV_NR_MAX, | ||||||
| }; | }; | ||||||
| 
 | 
 | ||||||
| @ -824,6 +827,14 @@ struct kvm_sev_receive_update_data { | |||||||
| 	__u32 pad2; | 	__u32 pad2; | ||||||
| }; | }; | ||||||
| 
 | 
 | ||||||
|  | struct kvm_sev_snp_launch_start { | ||||||
|  | 	__u64 policy; | ||||||
|  | 	__u8 gosvw[16]; | ||||||
|  | 	__u16 flags; | ||||||
|  | 	__u8 pad0[6]; | ||||||
|  | 	__u64 pad1[4]; | ||||||
|  | }; | ||||||
|  | 
 | ||||||
| #define KVM_X2APIC_API_USE_32BIT_IDS            (1ULL << 0) | #define KVM_X2APIC_API_USE_32BIT_IDS            (1ULL << 0) | ||||||
| #define KVM_X2APIC_API_DISABLE_BROADCAST_QUIRK  (1ULL << 1) | #define KVM_X2APIC_API_DISABLE_BROADCAST_QUIRK  (1ULL << 1) | ||||||
| 
 | 
 | ||||||
|  | |||||||
| @ -25,6 +25,7 @@ | |||||||
| #include <asm/fpu/xcr.h> | #include <asm/fpu/xcr.h> | ||||||
| #include <asm/fpu/xstate.h> | #include <asm/fpu/xstate.h> | ||||||
| #include <asm/debugreg.h> | #include <asm/debugreg.h> | ||||||
|  | #include <asm/sev.h> | ||||||
| 
 | 
 | ||||||
| #include "mmu.h" | #include "mmu.h" | ||||||
| #include "x86.h" | #include "x86.h" | ||||||
| @ -59,6 +60,21 @@ static u64 sev_supported_vmsa_features; | |||||||
| #define AP_RESET_HOLD_NAE_EVENT		1 | #define AP_RESET_HOLD_NAE_EVENT		1 | ||||||
| #define AP_RESET_HOLD_MSR_PROTO		2 | #define AP_RESET_HOLD_MSR_PROTO		2 | ||||||
| 
 | 
 | ||||||
|  | /* As defined by SEV-SNP Firmware ABI, under "Guest Policy". */ | ||||||
|  | #define SNP_POLICY_MASK_API_MINOR	GENMASK_ULL(7, 0) | ||||||
|  | #define SNP_POLICY_MASK_API_MAJOR	GENMASK_ULL(15, 8) | ||||||
|  | #define SNP_POLICY_MASK_SMT		BIT_ULL(16) | ||||||
|  | #define SNP_POLICY_MASK_RSVD_MBO	BIT_ULL(17) | ||||||
|  | #define SNP_POLICY_MASK_DEBUG		BIT_ULL(19) | ||||||
|  | #define SNP_POLICY_MASK_SINGLE_SOCKET	BIT_ULL(20) | ||||||
|  | 
 | ||||||
|  | #define SNP_POLICY_MASK_VALID		(SNP_POLICY_MASK_API_MINOR	| \ | ||||||
|  | 					 SNP_POLICY_MASK_API_MAJOR	| \ | ||||||
|  | 					 SNP_POLICY_MASK_SMT		| \ | ||||||
|  | 					 SNP_POLICY_MASK_RSVD_MBO	| \ | ||||||
|  | 					 SNP_POLICY_MASK_DEBUG		| \ | ||||||
|  | 					 SNP_POLICY_MASK_SINGLE_SOCKET) | ||||||
|  | 
 | ||||||
| static u8 sev_enc_bit; | static u8 sev_enc_bit; | ||||||
| static DECLARE_RWSEM(sev_deactivate_lock); | static DECLARE_RWSEM(sev_deactivate_lock); | ||||||
| static DEFINE_MUTEX(sev_bitmap_lock); | static DEFINE_MUTEX(sev_bitmap_lock); | ||||||
| @ -69,6 +85,8 @@ static unsigned int nr_asids; | |||||||
| static unsigned long *sev_asid_bitmap; | static unsigned long *sev_asid_bitmap; | ||||||
| static unsigned long *sev_reclaim_asid_bitmap; | static unsigned long *sev_reclaim_asid_bitmap; | ||||||
| 
 | 
 | ||||||
|  | static int snp_decommission_context(struct kvm *kvm); | ||||||
|  | 
 | ||||||
| struct enc_region { | struct enc_region { | ||||||
| 	struct list_head list; | 	struct list_head list; | ||||||
| 	unsigned long npages; | 	unsigned long npages; | ||||||
| @ -95,12 +113,17 @@ static int sev_flush_asids(unsigned int min_asid, unsigned int max_asid) | |||||||
| 	down_write(&sev_deactivate_lock); | 	down_write(&sev_deactivate_lock); | ||||||
| 
 | 
 | ||||||
| 	wbinvd_on_all_cpus(); | 	wbinvd_on_all_cpus(); | ||||||
|  | 
 | ||||||
|  | 	if (sev_snp_enabled) | ||||||
|  | 		ret = sev_do_cmd(SEV_CMD_SNP_DF_FLUSH, NULL, &error); | ||||||
|  | 	else | ||||||
| 		ret = sev_guest_df_flush(&error); | 		ret = sev_guest_df_flush(&error); | ||||||
| 
 | 
 | ||||||
| 	up_write(&sev_deactivate_lock); | 	up_write(&sev_deactivate_lock); | ||||||
| 
 | 
 | ||||||
| 	if (ret) | 	if (ret) | ||||||
| 		pr_err("SEV: DF_FLUSH failed, ret=%d, error=%#x\n", ret, error); | 		pr_err("SEV%s: DF_FLUSH failed, ret=%d, error=%#x\n", | ||||||
|  | 		       sev_snp_enabled ? "-SNP" : "", ret, error); | ||||||
| 
 | 
 | ||||||
| 	return ret; | 	return ret; | ||||||
| } | } | ||||||
| @ -1998,6 +2021,106 @@ int sev_dev_get_attr(u32 group, u64 attr, u64 *val) | |||||||
| 	} | 	} | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
|  | /*
 | ||||||
|  |  * The guest context contains all the information, keys and metadata | ||||||
|  |  * associated with the guest that the firmware tracks to implement SEV | ||||||
|  |  * and SNP features. The firmware stores the guest context in hypervisor | ||||||
|  |  * provide page via the SNP_GCTX_CREATE command. | ||||||
|  |  */ | ||||||
|  | static void *snp_context_create(struct kvm *kvm, struct kvm_sev_cmd *argp) | ||||||
|  | { | ||||||
|  | 	struct sev_data_snp_addr data = {}; | ||||||
|  | 	void *context; | ||||||
|  | 	int rc; | ||||||
|  | 
 | ||||||
|  | 	/* Allocate memory for context page */ | ||||||
|  | 	context = snp_alloc_firmware_page(GFP_KERNEL_ACCOUNT); | ||||||
|  | 	if (!context) | ||||||
|  | 		return NULL; | ||||||
|  | 
 | ||||||
|  | 	data.address = __psp_pa(context); | ||||||
|  | 	rc = __sev_issue_cmd(argp->sev_fd, SEV_CMD_SNP_GCTX_CREATE, &data, &argp->error); | ||||||
|  | 	if (rc) { | ||||||
|  | 		pr_warn("Failed to create SEV-SNP context, rc %d fw_error %d", | ||||||
|  | 			rc, argp->error); | ||||||
|  | 		snp_free_firmware_page(context); | ||||||
|  | 		return NULL; | ||||||
|  | 	} | ||||||
|  | 
 | ||||||
|  | 	return context; | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | static int snp_bind_asid(struct kvm *kvm, int *error) | ||||||
|  | { | ||||||
|  | 	struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; | ||||||
|  | 	struct sev_data_snp_activate data = {0}; | ||||||
|  | 
 | ||||||
|  | 	data.gctx_paddr = __psp_pa(sev->snp_context); | ||||||
|  | 	data.asid = sev_get_asid(kvm); | ||||||
|  | 	return sev_issue_cmd(kvm, SEV_CMD_SNP_ACTIVATE, &data, error); | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | static int snp_launch_start(struct kvm *kvm, struct kvm_sev_cmd *argp) | ||||||
|  | { | ||||||
|  | 	struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; | ||||||
|  | 	struct sev_data_snp_launch_start start = {0}; | ||||||
|  | 	struct kvm_sev_snp_launch_start params; | ||||||
|  | 	int rc; | ||||||
|  | 
 | ||||||
|  | 	if (!sev_snp_guest(kvm)) | ||||||
|  | 		return -ENOTTY; | ||||||
|  | 
 | ||||||
|  | 	if (copy_from_user(¶ms, u64_to_user_ptr(argp->data), sizeof(params))) | ||||||
|  | 		return -EFAULT; | ||||||
|  | 
 | ||||||
|  | 	/* Don't allow userspace to allocate memory for more than 1 SNP context. */ | ||||||
|  | 	if (sev->snp_context) | ||||||
|  | 		return -EINVAL; | ||||||
|  | 
 | ||||||
|  | 	sev->snp_context = snp_context_create(kvm, argp); | ||||||
|  | 	if (!sev->snp_context) | ||||||
|  | 		return -ENOTTY; | ||||||
|  | 
 | ||||||
|  | 	if (params.flags) | ||||||
|  | 		return -EINVAL; | ||||||
|  | 
 | ||||||
|  | 	if (params.policy & ~SNP_POLICY_MASK_VALID) | ||||||
|  | 		return -EINVAL; | ||||||
|  | 
 | ||||||
|  | 	/* Check for policy bits that must be set */ | ||||||
|  | 	if (!(params.policy & SNP_POLICY_MASK_RSVD_MBO) || | ||||||
|  | 	    !(params.policy & SNP_POLICY_MASK_SMT)) | ||||||
|  | 		return -EINVAL; | ||||||
|  | 
 | ||||||
|  | 	if (params.policy & SNP_POLICY_MASK_SINGLE_SOCKET) | ||||||
|  | 		return -EINVAL; | ||||||
|  | 
 | ||||||
|  | 	start.gctx_paddr = __psp_pa(sev->snp_context); | ||||||
|  | 	start.policy = params.policy; | ||||||
|  | 	memcpy(start.gosvw, params.gosvw, sizeof(params.gosvw)); | ||||||
|  | 	rc = __sev_issue_cmd(argp->sev_fd, SEV_CMD_SNP_LAUNCH_START, &start, &argp->error); | ||||||
|  | 	if (rc) { | ||||||
|  | 		pr_debug("%s: SEV_CMD_SNP_LAUNCH_START firmware command failed, rc %d\n", | ||||||
|  | 			 __func__, rc); | ||||||
|  | 		goto e_free_context; | ||||||
|  | 	} | ||||||
|  | 
 | ||||||
|  | 	sev->fd = argp->sev_fd; | ||||||
|  | 	rc = snp_bind_asid(kvm, &argp->error); | ||||||
|  | 	if (rc) { | ||||||
|  | 		pr_debug("%s: Failed to bind ASID to SEV-SNP context, rc %d\n", | ||||||
|  | 			 __func__, rc); | ||||||
|  | 		goto e_free_context; | ||||||
|  | 	} | ||||||
|  | 
 | ||||||
|  | 	return 0; | ||||||
|  | 
 | ||||||
|  | e_free_context: | ||||||
|  | 	snp_decommission_context(kvm); | ||||||
|  | 
 | ||||||
|  | 	return rc; | ||||||
|  | } | ||||||
|  | 
 | ||||||
| int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) | int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) | ||||||
| { | { | ||||||
| 	struct kvm_sev_cmd sev_cmd; | 	struct kvm_sev_cmd sev_cmd; | ||||||
| @ -2021,6 +2144,15 @@ int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) | |||||||
| 		goto out; | 		goto out; | ||||||
| 	} | 	} | ||||||
| 
 | 
 | ||||||
|  | 	/*
 | ||||||
|  | 	 * Once KVM_SEV_INIT2 initializes a KVM instance as an SNP guest, only | ||||||
|  | 	 * allow the use of SNP-specific commands. | ||||||
|  | 	 */ | ||||||
|  | 	if (sev_snp_guest(kvm) && sev_cmd.id < KVM_SEV_SNP_LAUNCH_START) { | ||||||
|  | 		r = -EPERM; | ||||||
|  | 		goto out; | ||||||
|  | 	} | ||||||
|  | 
 | ||||||
| 	switch (sev_cmd.id) { | 	switch (sev_cmd.id) { | ||||||
| 	case KVM_SEV_ES_INIT: | 	case KVM_SEV_ES_INIT: | ||||||
| 		if (!sev_es_enabled) { | 		if (!sev_es_enabled) { | ||||||
| @ -2085,6 +2217,9 @@ int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) | |||||||
| 	case KVM_SEV_RECEIVE_FINISH: | 	case KVM_SEV_RECEIVE_FINISH: | ||||||
| 		r = sev_receive_finish(kvm, &sev_cmd); | 		r = sev_receive_finish(kvm, &sev_cmd); | ||||||
| 		break; | 		break; | ||||||
|  | 	case KVM_SEV_SNP_LAUNCH_START: | ||||||
|  | 		r = snp_launch_start(kvm, &sev_cmd); | ||||||
|  | 		break; | ||||||
| 	default: | 	default: | ||||||
| 		r = -EINVAL; | 		r = -EINVAL; | ||||||
| 		goto out; | 		goto out; | ||||||
| @ -2280,6 +2415,31 @@ e_source_fput: | |||||||
| 	return ret; | 	return ret; | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
|  | static int snp_decommission_context(struct kvm *kvm) | ||||||
|  | { | ||||||
|  | 	struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; | ||||||
|  | 	struct sev_data_snp_addr data = {}; | ||||||
|  | 	int ret; | ||||||
|  | 
 | ||||||
|  | 	/* If context is not created then do nothing */ | ||||||
|  | 	if (!sev->snp_context) | ||||||
|  | 		return 0; | ||||||
|  | 
 | ||||||
|  | 	/* Do the decommision, which will unbind the ASID from the SNP context */ | ||||||
|  | 	data.address = __sme_pa(sev->snp_context); | ||||||
|  | 	down_write(&sev_deactivate_lock); | ||||||
|  | 	ret = sev_do_cmd(SEV_CMD_SNP_DECOMMISSION, &data, NULL); | ||||||
|  | 	up_write(&sev_deactivate_lock); | ||||||
|  | 
 | ||||||
|  | 	if (WARN_ONCE(ret, "Failed to release guest context, ret %d", ret)) | ||||||
|  | 		return ret; | ||||||
|  | 
 | ||||||
|  | 	snp_free_firmware_page(sev->snp_context); | ||||||
|  | 	sev->snp_context = NULL; | ||||||
|  | 
 | ||||||
|  | 	return 0; | ||||||
|  | } | ||||||
|  | 
 | ||||||
| void sev_vm_destroy(struct kvm *kvm) | void sev_vm_destroy(struct kvm *kvm) | ||||||
| { | { | ||||||
| 	struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; | 	struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; | ||||||
| @ -2321,7 +2481,17 @@ void sev_vm_destroy(struct kvm *kvm) | |||||||
| 		} | 		} | ||||||
| 	} | 	} | ||||||
| 
 | 
 | ||||||
|  | 	if (sev_snp_guest(kvm)) { | ||||||
|  | 		/*
 | ||||||
|  | 		 * Decomission handles unbinding of the ASID. If it fails for | ||||||
|  | 		 * some unexpected reason, just leak the ASID. | ||||||
|  | 		 */ | ||||||
|  | 		if (snp_decommission_context(kvm)) | ||||||
|  | 			return; | ||||||
|  | 	} else { | ||||||
| 		sev_unbind_asid(kvm, sev->handle); | 		sev_unbind_asid(kvm, sev->handle); | ||||||
|  | 	} | ||||||
|  | 
 | ||||||
| 	sev_asid_free(sev); | 	sev_asid_free(sev); | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
|  | |||||||
| @ -93,6 +93,7 @@ struct kvm_sev_info { | |||||||
| 	struct list_head mirror_entry; /* Use as a list entry of mirrors */ | 	struct list_head mirror_entry; /* Use as a list entry of mirrors */ | ||||||
| 	struct misc_cg *misc_cg; /* For misc cgroup accounting */ | 	struct misc_cg *misc_cg; /* For misc cgroup accounting */ | ||||||
| 	atomic_t migration_in_progress; | 	atomic_t migration_in_progress; | ||||||
|  | 	void *snp_context;      /* SNP guest context page */ | ||||||
| }; | }; | ||||||
| 
 | 
 | ||||||
| struct kvm_svm { | struct kvm_svm { | ||||||
|  | |||||||
		Loading…
	
		Reference in New Issue
	
	Block a user
	 Brijesh Singh
						Brijesh Singh