Re: [PATCH v4 6/9] target/i386: SEV: Add support for enabling debug-swap SEV feature

[Markus Armbruster <armbru@redhat.com>]

"Naveen N Rao (AMD)" <naveen@kernel.org> writes:

> Add support for enabling debug-swap VMSA SEV feature in SEV-ES and
> SEV-SNP guests through a new "debug-swap" boolean property on SEV guest
> objects. Though the boolean property is available for plain SEV guests,
> check_sev_features() has a check that rejects attempts to enable any SEV
> feature for a plain SEV guest.

Why does it make sense to add the property to objects where it's not
supported?

> Though this SEV feature is called "Debug virtualization" in the APM, KVM
> calls this "debug swap" so use the same name for consistency.

Thanks for explaining this.

> Sample command-line:
>   -machine q35,confidential-guest-support=sev0 \
>   -object sev-snp-guest,id=sev0,cbitpos=51,reduced-phys-bits=1,debug-swap=on
>
> Restrict debug-swap to SEV-SNP guests at this time due to a
> compatibility issue with SEV-ES pflash devices.

What are these issues?

> Signed-off-by: Naveen N Rao (AMD) <naveen@kernel.org>
> ---
>  target/i386/sev.h |  1 +
>  target/i386/sev.c | 26 ++++++++++++++++++++++++++
>  qapi/qom.json     |  7 ++++++-
>  3 files changed, 33 insertions(+), 1 deletion(-)
>
> diff --git a/target/i386/sev.h b/target/i386/sev.h
> index b84ca3ce0b67..d19a39669747 100644
> --- a/target/i386/sev.h
> +++ b/target/i386/sev.h
> @@ -47,6 +47,7 @@ bool sev_snp_enabled(void);
>  #define SEV_SNP_POLICY_DBG      0x80000
>  
>  #define SVM_SEV_FEAT_SNP_ACTIVE     BIT(0)
> +#define SVM_SEV_FEAT_DEBUG_SWAP     BIT(5)
>  
>  typedef struct SevKernelLoaderContext {
>      char *setup_data;
> diff --git a/target/i386/sev.c b/target/i386/sev.c
> index 4553fe4d6e4a..4532b1b6a484 100644
> --- a/target/i386/sev.c
> +++ b/target/i386/sev.c
> @@ -328,6 +328,11 @@ sev_set_guest_state(SevCommonState *sev_common, SevState new_state)
>      sev_common->state = new_state;
>  }
>  
> +static bool is_sev_feature_set(SevCommonState *sev_common, uint64_t feature)
> +{
> +    return !!(sev_common->sev_features & feature);
> +}
> +
>  static void sev_set_feature(SevCommonState *sev_common, uint64_t feature, bool set)
>  {
>      if (set) {
> @@ -527,6 +532,12 @@ static int check_sev_features(SevCommonState *sev_common, uint64_t sev_features,
>              __func__);
>          return -1;
>      }
> +    if (sev_features && sev_es_enabled() && !sev_snp_enabled()) {
> +        error_setg(errp,
> +                   "%s: SEV features are not supported with SEV-ES at this time",
> +                   __func__);

Once again, I'm confused about SEV.  Remind me: what kinds of SEV guests
exist?  The commit message suggests "plain", "ES", "SNP".  What do
sev_es_enabled() and sev_snp_enabled() return for each of these?

What are the "SEV features"?  Can we expect users to know?  I suspect
they need to know to fix the problem!

Are they exactly debug-swap?

__func__ in an error message meant for users is an anti-pattern.  Not an
objection to this patch; it matches existing errors around here.

> +        return -1;
> +    }
>      if (sev_features && !sev_es_enabled()) {
>          error_setg(errp,
>                     "%s: SEV features require either SEV-ES or SEV-SNP to be enabled",
> @@ -2800,6 +2811,16 @@ static int cgs_set_guest_policy(ConfidentialGuestPolicyType policy_type,
>      return 0;
>  }
>  
> +static bool sev_common_get_debug_swap(Object *obj, Error **errp)
> +{
> +    return is_sev_feature_set(SEV_COMMON(obj), SVM_SEV_FEAT_DEBUG_SWAP);
> +}
> +
> +static void sev_common_set_debug_swap(Object *obj, bool value, Error **errp)
> +{
> +    sev_set_feature(SEV_COMMON(obj), SVM_SEV_FEAT_DEBUG_SWAP, value);
> +}
> +
>  static void
>  sev_common_class_init(ObjectClass *oc, const void *data)
>  {
> @@ -2825,6 +2846,11 @@ sev_common_class_init(ObjectClass *oc, const void *data)
>                                     sev_common_set_kernel_hashes);
>      object_class_property_set_description(oc, "kernel-hashes",
>              "add kernel hashes to guest firmware for measured Linux boot");
> +    object_class_property_add_bool(oc, "debug-swap",
> +                                   sev_common_get_debug_swap,
> +                                   sev_common_set_debug_swap);
> +    object_class_property_set_description(oc, "debug-swap",
> +            "enable virtualization of debug registers");
>  }
>  
>  static void
> diff --git a/qapi/qom.json b/qapi/qom.json
> index dd45ac1087c3..e2bb716b603e 100644
> --- a/qapi/qom.json
> +++ b/qapi/qom.json
> @@ -1017,6 +1017,10 @@
>  #     designated guest firmware page for measured boot with -kernel
>  #     (default: false) (since 6.2)
>  #
> +# @debug-swap: enable virtualization of debug registers,
> +#     only supported on SEV-ES and SEV-SNP guests
> +#     (default: false) (since 11.1)
> +#
>  # Features:
>  #
>  # @confidential-guest-reset: If present, the hypervisor supports
> @@ -1028,7 +1032,8 @@
>    'data': { '*sev-device': 'str',
>              '*cbitpos': 'uint32',
>              'reduced-phys-bits': 'uint32',
> -            '*kernel-hashes': 'bool' },
> +            '*kernel-hashes': 'bool',
> +            '*debug-swap': 'bool' },
>    'features': ['confidential-guest-reset']}
>  
>  ##

This is SevCommonProperties, the common base type of SevGuestProperties
(configuration for sev-guest QOM objects) and SevSnpGuestProperties
(sev-snp-guest objects).

So, all SEV objects have property @debug-swap.  I figure the check you
add to check_sev_features() rejects it for certain SEV objects.  I don't
quite understand for which ones.