[RFC FATCH] x86/Hyper-V: Add SEV negotiate protocol support in Isolation VM.

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Tianyu Lan <ltykernel@gmail.com>
To: kys@microsoft.com, haiyangz@microsoft.com,
	sthemmin@microsoft.com, wei.liu@kernel.org, decui@microsoft.com,
	tglx@linutronix.de, mingo@redhat.com, bp@alien8.de,
	dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com,
	brijesh.singh@amd.com, michael.roth@amd.com, jroedel@suse.de,
	Tianyu.Lan@microsoft.com, thomas.lendacky@amd.com,
	michael.h.kelley@microsoft.com
Cc: linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: [RFC FATCH] x86/Hyper-V: Add SEV negotiate protocol support in Isolation VM.
Date: Mon,  7 Feb 2022 11:09:28 -0500	[thread overview]
Message-ID: <20220207160928.111718-1-ltykernel@gmail.com> (raw)

From: Tianyu Lan <Tianyu.Lan@microsoft.com>

Hyper-V Isolation VM code uses sev_es_ghcb_hv_call() to read/write MSR
via ghcb page. The SEV-ES guest should call the sev_es_negotiate_protocol()
to negotiate the GHCB protocol version before establishing the GHCB. Call
sev_es_negotiate_protocol() in the hyperv_init_ghcb().

Signed-off-by: Tianyu Lan <Tianyu.Lan@microsoft.com>
---
This patch based on the "Add AMD Secure Nested Paging (SEV-SNP) Guest Support"
patchset. https://lore.kernel.org/lkml/20220128171804.569796-1-brijesh.singh@amd.com/

 arch/x86/hyperv/hv_init.c    | 6 ++++++
 arch/x86/include/asm/sev.h   | 2 ++
 arch/x86/kernel/sev-shared.c | 2 +-
 arch/x86/kernel/sev.c        | 4 ++--
 4 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/arch/x86/hyperv/hv_init.c b/arch/x86/hyperv/hv_init.c
index 24f4a06ac46a..a22303fccf02 100644
--- a/arch/x86/hyperv/hv_init.c
+++ b/arch/x86/hyperv/hv_init.c
@@ -28,6 +28,7 @@
 #include <linux/syscore_ops.h>
 #include <clocksource/hyperv_timer.h>
 #include <linux/highmem.h>
+#include <asm/sev.h>
 
 int hyperv_init_cpuhp;
 u64 hv_current_partition_id = ~0ull;
@@ -69,6 +70,11 @@ static int hyperv_init_ghcb(void)
 	ghcb_base = (void **)this_cpu_ptr(hv_ghcb_pg);
 	*ghcb_base = ghcb_va;
 
+	sev_es_negotiate_protocol();
+
+	/* Write ghcb page back after negotiating protocol. */
+	wrmsrl(MSR_AMD64_SEV_ES_GHCB, ghcb_gpa);
+	VMGEXIT();
 	return 0;
 }
 
diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h
index 7a5934af9d47..fc6b0c526492 100644
--- a/arch/x86/include/asm/sev.h
+++ b/arch/x86/include/asm/sev.h
@@ -120,6 +120,8 @@ extern enum es_result sev_es_ghcb_hv_call(struct ghcb *ghcb,
 					  struct es_em_ctxt *ctxt,
 					  u64 exit_code, u64 exit_info_1,
 					  u64 exit_info_2);
+extern bool sev_es_negotiate_protocol(void);
+
 static inline int rmpadjust(unsigned long vaddr, bool rmp_psize, unsigned long attrs)
 {
 	int rc;
diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c
index ce06cb7c8ed0..8b8af5a8d402 100644
--- a/arch/x86/kernel/sev-shared.c
+++ b/arch/x86/kernel/sev-shared.c
@@ -145,7 +145,7 @@ static void snp_register_ghcb_early(unsigned long paddr)
 		sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_REGISTER);
 }
 
-static bool sev_es_negotiate_protocol(void)
+bool sev_es_negotiate_protocol(void)
 {
 	u64 val;
 
diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c
index 3568b3303314..46c53c4885ee 100644
--- a/arch/x86/kernel/sev.c
+++ b/arch/x86/kernel/sev.c
@@ -167,12 +167,12 @@ void noinstr __sev_es_ist_exit(void)
 	this_cpu_write(cpu_tss_rw.x86_tss.ist[IST_INDEX_VC], *(unsigned long *)ist);
 }
 
-static inline u64 sev_es_rd_ghcb_msr(void)
+inline u64 sev_es_rd_ghcb_msr(void)
 {
 	return __rdmsr(MSR_AMD64_SEV_ES_GHCB);
 }
 
-static __always_inline void sev_es_wr_ghcb_msr(u64 val)
+__always_inline void sev_es_wr_ghcb_msr(u64 val)
 {
 	u32 low, high;
 
-- 
2.25.1

next             reply	other threads:[~2022-02-07 16:22 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-02-07 16:09 Tianyu Lan [this message]
2022-02-22 10:55 ` [RFC FATCH] x86/Hyper-V: Add SEV negotiate protocol support in Isolation VM Wei Liu
2022-02-25  5:12 ` Andrea Parri

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:24f4a06ac46 dfblob:a22303fccf0 dfblob:7a5934af9d4
dfblob:fc6b0c52649 dfblob:ce06cb7c8ed dfblob:8b8af5a8d40
dfblob:3568b330331 dfblob:46c53c4885e )
 OR (
bs:"[RFC FATCH] x86/Hyper-V: Add SEV negotiate protocol support in Isolation VM." )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220207160928.111718-1-ltykernel@gmail.com \
    --to=ltykernel@gmail.com \
    --cc=Tianyu.Lan@microsoft.com \
    --cc=bp@alien8.de \
    --cc=brijesh.singh@amd.com \
    --cc=dave.hansen@linux.intel.com \
    --cc=decui@microsoft.com \
    --cc=haiyangz@microsoft.com \
    --cc=hpa@zytor.com \
    --cc=jroedel@suse.de \
    --cc=kys@microsoft.com \
    --cc=linux-hyperv@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=michael.h.kelley@microsoft.com \
    --cc=michael.roth@amd.com \
    --cc=mingo@redhat.com \
    --cc=sthemmin@microsoft.com \
    --cc=tglx@linutronix.de \
    --cc=thomas.lendacky@amd.com \
    --cc=wei.liu@kernel.org \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.