From: Shirong Hao <shirong@linux.alibaba.com>
To: pbonzini@redhat.com, seanjc@google.com, vkuznets@redhat.com,
wanpengli@tencent.com, jmattson@google.com, joro@8bytes.org,
tglx@linutronix.de, mingo@redhat.co, bp@alien8.de,
dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com,
brijesh.singh@amd.com, thomas.lendacky@amd.com,
john.allen@amd.com, herbert@gondor.apana.org.au,
davem@davemloft.net, srutherford@google.com,
ashish.kalra@amd.com, natet@google.com
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-crypto@vger.kernel.org, zhang.jia@linux.alibaba.com,
Shirong Hao <shirong@linux.alibaba.com>
Subject: [PATCH 1/3] KVM: X86: Introduce KVM_HC_VM_HANDLE hypercall
Date: Mon, 10 Jan 2022 14:04:43 +0800 [thread overview]
Message-ID: <20220110060445.549800-2-shirong@linux.alibaba.com> (raw)
In-Reply-To: <20220110060445.549800-1-shirong@linux.alibaba.com>
This hypercall is used by the SEV guest to get the firmware handle.
Signed-off-by: Shirong Hao <shirong@linux.alibaba.com>
---
arch/x86/include/asm/kvm_host.h | 1 +
arch/x86/kvm/svm/svm.c | 11 +++++++++++
arch/x86/kvm/x86.c | 7 ++++++-
include/uapi/linux/kvm_para.h | 1 +
4 files changed, 19 insertions(+), 1 deletion(-)
diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
index 2164b9f4c7b0..fe745f4e6954 100644
--- a/arch/x86/include/asm/kvm_host.h
+++ b/arch/x86/include/asm/kvm_host.h
@@ -1493,6 +1493,7 @@ struct kvm_x86_ops {
int (*complete_emulated_msr)(struct kvm_vcpu *vcpu, int err);
void (*vcpu_deliver_sipi_vector)(struct kvm_vcpu *vcpu, u8 vector);
+ int (*vm_handle)(struct kvm *kvm);
};
struct kvm_x86_nested_ops {
diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index d0f68d11ec70..c0eb310cb4c3 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -4576,6 +4576,16 @@ static int svm_vm_init(struct kvm *kvm)
return 0;
}
+static int sev_vm_handle(struct kvm *kvm)
+{
+ struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info;
+
+ if (!sev_guest(kvm))
+ return -ENOTTY;
+
+ return sev->handle;
+}
+
static struct kvm_x86_ops svm_x86_ops __initdata = {
.name = "kvm_amd",
@@ -4705,6 +4715,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata = {
.complete_emulated_msr = svm_complete_emulated_msr,
.vcpu_deliver_sipi_vector = svm_vcpu_deliver_sipi_vector,
+ .vm_handle = sev_vm_handle,
};
static struct kvm_x86_init_ops svm_init_ops __initdata = {
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 0cf1082455df..24acf0f2a539 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -8906,7 +8906,7 @@ int kvm_emulate_hypercall(struct kvm_vcpu *vcpu)
a3 &= 0xFFFFFFFF;
}
- if (static_call(kvm_x86_get_cpl)(vcpu) != 0) {
+ if (static_call(kvm_x86_get_cpl)(vcpu) != 0 && nr != KVM_HC_VM_HANDLE) {
ret = -KVM_EPERM;
goto out;
}
@@ -8965,6 +8965,11 @@ int kvm_emulate_hypercall(struct kvm_vcpu *vcpu)
vcpu->arch.complete_userspace_io = complete_hypercall_exit;
return 0;
}
+ case KVM_HC_VM_HANDLE:
+ ret = -KVM_ENOSYS;
+ if (kvm_x86_ops.vm_handle)
+ ret = kvm_x86_ops.vm_handle(vcpu->kvm);
+ break;
default:
ret = -KVM_ENOSYS;
break;
diff --git a/include/uapi/linux/kvm_para.h b/include/uapi/linux/kvm_para.h
index 960c7e93d1a9..b64469a12707 100644
--- a/include/uapi/linux/kvm_para.h
+++ b/include/uapi/linux/kvm_para.h
@@ -30,6 +30,7 @@
#define KVM_HC_SEND_IPI 10
#define KVM_HC_SCHED_YIELD 11
#define KVM_HC_MAP_GPA_RANGE 12
+#define KVM_HC_VM_HANDLE 13
/*
* hypercalls use architecture specific
--
2.27.0
next prev parent reply other threads:[~2022-01-10 6:05 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-10 6:04 [PATCH 0/3] Allow guest to query AMD SEV(-ES) runtime attestation evidence Shirong Hao
2022-01-10 6:04 ` Shirong Hao [this message]
2022-01-11 1:05 ` [PATCH 1/3] KVM: X86: Introduce KVM_HC_VM_HANDLE hypercall Sean Christopherson
2022-01-10 6:04 ` [PATCH 2/3] KVM/SVM: move the implementation of sev_get_attestation_report to ccp driver Shirong Hao
2022-01-10 6:04 ` [PATCH 3/3] crypto: ccp: Implement SEV_GET_REPORT ioctl command Shirong Hao
2022-01-10 16:35 ` [PATCH 0/3] Allow guest to query AMD SEV(-ES) runtime attestation evidence Brijesh Singh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220110060445.549800-2-shirong@linux.alibaba.com \
--to=shirong@linux.alibaba.com \
--cc=ashish.kalra@amd.com \
--cc=bp@alien8.de \
--cc=brijesh.singh@amd.com \
--cc=dave.hansen@linux.intel.com \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=hpa@zytor.com \
--cc=jmattson@google.com \
--cc=john.allen@amd.com \
--cc=joro@8bytes.org \
--cc=kvm@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.co \
--cc=natet@google.com \
--cc=pbonzini@redhat.com \
--cc=seanjc@google.com \
--cc=srutherford@google.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=vkuznets@redhat.com \
--cc=wanpengli@tencent.com \
--cc=x86@kernel.org \
--cc=zhang.jia@linux.alibaba.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.