From: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
To: <linux-kernel@vger.kernel.org>
Cc: <bp@alien8.de>, <tglx@linutronix.de>, <mingo@redhat.com>,
<dave.hansen@linux.intel.com>, <Thomas.Lendacky@amd.com>,
<nikunj@amd.com>, <Santosh.Shukla@amd.com>,
<Vasant.Hegde@amd.com>, <Suravee.Suthikulpanit@amd.com>,
<David.Kaplan@amd.com>, <x86@kernel.org>, <hpa@zytor.com>,
<peterz@infradead.org>, <seanjc@google.com>,
<pbonzini@redhat.com>, <kvm@vger.kernel.org>,
<huibo.wang@amd.com>, <naveen.rao@amd.com>,
<francescolavra.fl@gmail.com>, <tiala@microsoft.com>
Subject: [PATCH v10 17/18] x86/sev: Prevent SECURE_AVIC_CONTROL MSR interception for Secure AVIC guests
Date: Thu, 28 Aug 2025 17:01:19 +0530 [thread overview]
Message-ID: <20250828113119.209135-1-Neeraj.Upadhyay@amd.com> (raw)
In-Reply-To: <20250828070334.208401-1-Neeraj.Upadhyay@amd.com>
The SECURE_AVIC_CONTROL MSR holds the GPA of the guest APIC backing
page and bitfields to control enablement of Secure AVIC and whether
the guest allows NMIis to be injected by the hypervisor. This MSR is
populated by the guest and can be read by the guest to get the GPA
of the APIC backing page. The MSR can only be accessed in Secure AVIC
mode. Any attempt to access it when not in Secure AVIC mode results
in #GP. So, the hypervisor should not intercept it. A #VC exception
will be generated otherwise. If this occurs and Secure AVIC is enabled,
terminate the guest execution.
Reviewed-by: Tianyu Lan <tiala@microsoft.com>
Signed-off-by: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
---
Changes since v9:
- Update commit log to explain why SECURE_AVIC_CONTROL MSR
should not be intercepted by the hypervisor.
arch/x86/coco/sev/vc-handle.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/arch/x86/coco/sev/vc-handle.c b/arch/x86/coco/sev/vc-handle.c
index c1aa10ce9d54..0fd94b7ce191 100644
--- a/arch/x86/coco/sev/vc-handle.c
+++ b/arch/x86/coco/sev/vc-handle.c
@@ -415,6 +415,15 @@ enum es_result sev_es_ghcb_handle_msr(struct ghcb *ghcb, struct es_em_ctxt *ctxt
if (sev_status & MSR_AMD64_SNP_SECURE_TSC)
return __vc_handle_secure_tsc_msrs(ctxt, write);
break;
+ case MSR_AMD64_SAVIC_CONTROL:
+ /*
+ * AMD64_SAVIC_CONTROL should not be intercepted when
+ * Secure AVIC is enabled. Terminate the Secure AVIC guest
+ * if the interception is enabled.
+ */
+ if (cc_platform_has(CC_ATTR_SNP_SECURE_AVIC))
+ return ES_VMM_ERROR;
+ break;
default:
break;
}
--
2.34.1
next prev parent reply other threads:[~2025-08-28 11:31 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-08-28 7:03 [PATCH v10 00/18] AMD: Add Secure AVIC Guest Support Neeraj Upadhyay
2025-08-28 7:03 ` [PATCH v10 01/18] x86/apic: Add new driver for Secure AVIC Neeraj Upadhyay
2025-08-28 7:03 ` [PATCH v10 02/18] x86/apic: Initialize Secure AVIC APIC backing page Neeraj Upadhyay
2025-08-28 11:02 ` [PATCH v10 03/18] x86/apic: Populate .read()/.write() callbacks of Secure AVIC driver Neeraj Upadhyay
2025-08-28 11:02 ` [PATCH v10 04/18] x86/apic: Initialize APIC ID for Secure AVIC Neeraj Upadhyay
2025-08-28 11:02 ` [PATCH v10 05/18] x86/apic: Add update_vector() callback for APIC drivers Neeraj Upadhyay
2025-08-28 11:02 ` [PATCH v10 06/18] x86/apic: Add update_vector() callback for Secure AVIC Neeraj Upadhyay
2025-08-28 11:08 ` [PATCH v10 07/18] x86/apic: Add support to send IPI " Neeraj Upadhyay
2025-08-28 11:09 ` [PATCH v10 08/18] x86/apic: Support LAPIC timer " Neeraj Upadhyay
2025-08-28 11:11 ` [PATCH v10 09/18] x86/sev: Initialize VGIF for secondary vCPUs " Neeraj Upadhyay
2025-08-28 11:12 ` [PATCH v10 10/18] x86/apic: Add support to send NMI IPI " Neeraj Upadhyay
2025-08-28 11:12 ` [PATCH v10 11/18] x86/apic: Allow NMI to be injected from hypervisor " Neeraj Upadhyay
2025-08-28 11:13 ` [PATCH v10 12/18] x86/sev: Enable NMI support " Neeraj Upadhyay
2025-08-28 11:13 ` [PATCH v10 13/18] x86/apic: Read and write LVT* APIC registers from HV for SAVIC guests Neeraj Upadhyay
2025-08-28 11:16 ` [PATCH v10 14/18] x86/apic: Handle EOI writes for Secure AVIC guests Neeraj Upadhyay
2025-08-28 11:20 ` [PATCH v10 15/18] x86/apic: Add kexec support for Secure AVIC Neeraj Upadhyay
2025-08-28 11:21 ` [PATCH v10 16/18] x86/apic: Enable Secure AVIC in Control MSR Neeraj Upadhyay
2025-08-28 11:31 ` Neeraj Upadhyay [this message]
2025-08-28 11:32 ` [PATCH v10 18/18] x86/sev: Indicate SEV-SNP guest supports Secure AVIC Neeraj Upadhyay
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250828113119.209135-1-Neeraj.Upadhyay@amd.com \
--to=neeraj.upadhyay@amd.com \
--cc=David.Kaplan@amd.com \
--cc=Santosh.Shukla@amd.com \
--cc=Suravee.Suthikulpanit@amd.com \
--cc=Thomas.Lendacky@amd.com \
--cc=Vasant.Hegde@amd.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=francescolavra.fl@gmail.com \
--cc=hpa@zytor.com \
--cc=huibo.wang@amd.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=naveen.rao@amd.com \
--cc=nikunj@amd.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=tiala@microsoft.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).