From: Sean Christopherson <seanjc@google.com>
To: Peter Gonda <pgonda@google.com>
Cc: linux-kernel@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
Claudio Imbrenda <imbrenda@linux.ibm.com>,
Carlos Bilbao <carlos.bilbao@amd.com>,
Tom Lendacky <thomas.lendacky@amd.com>,
Michael Roth <michael.roth@amd.com>
Subject: Re: [PATCH 5/6] Add is_sev_enabled() helpers
Date: Tue, 23 Apr 2024 16:12:56 -0700 [thread overview]
Message-ID: <ZihAeH4PXSUtT4hM@google.com> (raw)
In-Reply-To: <20240409133959.2888018-6-pgonda@google.com>
On Tue, Apr 09, 2024, Peter Gonda wrote:
> Add helper functions for guest code to check the status of SEV and
> SEV-ES.
Why? The names are super ambiguous, e.g. they could just as easily mean "is SEV
enabled in KVM" or "is SEV enabled in CPUID". And if an assert fires because
is_sev_es_enabled() returns false, the user will get a _worse_ error message because
all they'll know is _something_ in is_sev_es_enabled() failed, not which MSR bit
came back 'bad.
> Cc: Paolo Bonzini <pbonzini@redhat.com>
> Cc: Claudio Imbrenda <imbrenda@linux.ibm.com>
> Cc: Sean Christopherson <seanjc@google.com>
> Cc: Carlos Bilbao <carlos.bilbao@amd.com>
> Cc: Tom Lendacky <thomas.lendacky@amd.com>
> Cc: Michael Roth <michael.roth@amd.com>
> Signed-off-by: Peter Gonda <pgonda@google.com>
> ---
> tools/testing/selftests/kvm/include/x86_64/sev.h | 3 +++
> tools/testing/selftests/kvm/lib/x86_64/sev.c | 11 +++++++++++
> tools/testing/selftests/kvm/x86_64/sev_smoke_test.c | 5 ++---
> 3 files changed, 16 insertions(+), 3 deletions(-)
>
> diff --git a/tools/testing/selftests/kvm/include/x86_64/sev.h b/tools/testing/selftests/kvm/include/x86_64/sev.h
> index bfd481707f67..691dc005e2a1 100644
> --- a/tools/testing/selftests/kvm/include/x86_64/sev.h
> +++ b/tools/testing/selftests/kvm/include/x86_64/sev.h
> @@ -106,4 +106,7 @@ static inline void sev_launch_update_data(struct kvm_vm *vm, vm_paddr_t gpa,
> vm_sev_ioctl(vm, KVM_SEV_LAUNCH_UPDATE_DATA, &update_data);
> }
>
> +bool is_sev_enabled(void);
> +bool is_sev_es_enabled(void);
> +
> #endif /* SELFTEST_KVM_SEV_H */
> diff --git a/tools/testing/selftests/kvm/lib/x86_64/sev.c b/tools/testing/selftests/kvm/lib/x86_64/sev.c
> index 27ae1d3b1355..5b3f0a8a931a 100644
> --- a/tools/testing/selftests/kvm/lib/x86_64/sev.c
> +++ b/tools/testing/selftests/kvm/lib/x86_64/sev.c
> @@ -189,3 +189,14 @@ struct kvm_vm *vm_sev_create_with_one_vcpu(uint32_t policy, void *guest_code,
>
> return vm;
> }
> +
> +bool is_sev_enabled(void)
> +{
> + return rdmsr(MSR_AMD64_SEV) & MSR_AMD64_SEV_ENABLED;
> +}
> +
> +bool is_sev_es_enabled(void)
> +{
> + return is_sev_enabled() &&
> + rdmsr(MSR_AMD64_SEV) & MSR_AMD64_SEV_ES_ENABLED;
> +}
> diff --git a/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c b/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c
> index 026779f3ed06..1d84e78e7ae2 100644
> --- a/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c
> +++ b/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c
> @@ -16,8 +16,7 @@
> static void guest_sev_es_code(void)
> {
> /* TODO: Check CPUID after GHCB-based hypercall support is added. */
> - GUEST_ASSERT(rdmsr(MSR_AMD64_SEV) & MSR_AMD64_SEV_ENABLED);
> - GUEST_ASSERT(rdmsr(MSR_AMD64_SEV) & MSR_AMD64_SEV_ES_ENABLED);
> + GUEST_ASSERT(is_sev_es_enabled());
>
> /*
> * TODO: Add GHCB and ucall support for SEV-ES guests. For now, simply
> @@ -30,7 +29,7 @@ static void guest_sev_es_code(void)
> static void guest_sev_code(void)
> {
> GUEST_ASSERT(this_cpu_has(X86_FEATURE_SEV));
> - GUEST_ASSERT(rdmsr(MSR_AMD64_SEV) & MSR_AMD64_SEV_ENABLED);
> + GUEST_ASSERT(is_sev_enabled());
>
> GUEST_DONE();
> }
> --
> 2.44.0.478.gd926399ef9-goog
>
next prev parent reply other threads:[~2024-04-23 23:12 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-09 13:39 [PATCH 0/6] Add initial GHCB support for SEV-ES selftests Peter Gonda
2024-04-09 13:39 ` [PATCH 1/6] Add GHCB with setters and getters Peter Gonda
2024-04-23 23:07 ` Sean Christopherson
2024-04-09 13:39 ` [PATCH 2/6] Add arch specific additional guest pages Peter Gonda
2024-04-09 13:39 ` [PATCH 3/6] Add vm_vaddr_alloc_pages_shared() Peter Gonda
2024-04-09 13:39 ` [PATCH 4/6] Add GHCB allocations and helpers Peter Gonda
2024-04-24 0:58 ` Sean Christopherson
2024-04-24 14:39 ` Sean Christopherson
2024-04-24 20:13 ` Sean Christopherson
2024-04-09 13:39 ` [PATCH 5/6] Add is_sev_enabled() helpers Peter Gonda
2024-04-23 23:12 ` Sean Christopherson [this message]
2024-04-09 13:39 ` [PATCH 6/6] Add ability for SEV-ES guests to use ucalls via GHCB Peter Gonda
2024-04-23 23:50 ` Sean Christopherson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZihAeH4PXSUtT4hM@google.com \
--to=seanjc@google.com \
--cc=carlos.bilbao@amd.com \
--cc=imbrenda@linux.ibm.com \
--cc=linux-kernel@vger.kernel.org \
--cc=michael.roth@amd.com \
--cc=pbonzini@redhat.com \
--cc=pgonda@google.com \
--cc=thomas.lendacky@amd.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.