From: Jeremi Piotrowski <jpiotrowski@linux.microsoft.com>
To: linux-kernel@vger.kernel.org
Cc: Jeremi Piotrowski <jpiotrowski@linux.microsoft.com>,
Wei Liu <wei.liu@kernel.org>, Dexuan Cui <decui@microsoft.com>,
Tianyu Lan <Tianyu.Lan@microsoft.com>,
Michael Kelley <mikelley@microsoft.com>,
linux-hyperv@vger.kernel.org,
Brijesh Singh <brijesh.singh@amd.com>,
Michael Roth <michael.roth@amd.com>,
Ashish Kalra <ashish.kalra@amd.com>,
Tom Lendacky <thomas.lendacky@amd.com>,
linux-crypto@vger.kernel.org
Subject: [RFC PATCH v1 6/6] crypto: ccp - Introduce quirk to always reclaim pages after SEV-legacy commands
Date: Mon, 23 Jan 2023 16:51:28 +0000 [thread overview]
Message-ID: <20230123165128.28185-7-jpiotrowski@linux.microsoft.com> (raw)
In-Reply-To: <20230123165128.28185-1-jpiotrowski@linux.microsoft.com>
On Hyper-V, the rmp_mark_pages_shared() call after a SEV_PLATFORM_STATUS
fails with return code 2 (FAIL_PERMISSION) due to the page having the
immutable bit set in the RMP (SNP has been initialized). The comment
above this spot mentions that firmware automatically clears the
immutable bit, but I can't find any mention of this behavior in the SNP
Firmware ABI Spec.
Introduce a quirk to always attempt the page reclaim and set it for the
platform PSP. It would be possible to make this behavior unconditional
as the firmware spec defines that page reclaim results in success if the
page does not have the immutable bit set.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@linux.microsoft.com>
---
drivers/crypto/ccp/sev-dev.c | 6 +++++-
drivers/crypto/ccp/sp-dev.h | 4 ++++
drivers/crypto/ccp/sp-platform.c | 1 +
3 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index 6c4fdcaed72b..4719c0cafa28 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -658,8 +658,12 @@ static int __snp_cmd_buf_copy(int cmd, void *cmd_buf, bool to_fw, int fw_err)
* no not need to reclaim the page.
*/
if (from_fw && sev_legacy_cmd_buf_writable(cmd)) {
- if (rmp_mark_pages_shared(__pa(cmd_buf), 1))
+ if (psp_master->vdata->quirks & PSP_QUIRK_ALWAYS_RECLAIM) {
+ if (snp_reclaim_pages(__pa(cmd_buf), 1, true))
+ return -EFAULT;
+ } else if (rmp_mark_pages_shared(__pa(cmd_buf), 1)) {
return -EFAULT;
+ }
/* No need to go further if firmware failed to execute command. */
if (fw_err)
diff --git a/drivers/crypto/ccp/sp-dev.h b/drivers/crypto/ccp/sp-dev.h
index 083e57652c7b..6fb065a7d1fd 100644
--- a/drivers/crypto/ccp/sp-dev.h
+++ b/drivers/crypto/ccp/sp-dev.h
@@ -28,6 +28,9 @@
#define CACHE_NONE 0x00
#define CACHE_WB_NO_ALLOC 0xb7
+/* PSP requires a reclaim after every firmware command */
+#define PSP_QUIRK_ALWAYS_RECLAIM BIT(0)
+
/* Structure to hold CCP device data */
struct ccp_device;
struct ccp_vdata {
@@ -59,6 +62,7 @@ struct psp_vdata {
unsigned int feature_reg;
unsigned int inten_reg;
unsigned int intsts_reg;
+ unsigned int quirks;
};
/* Structure to hold SP device data */
diff --git a/drivers/crypto/ccp/sp-platform.c b/drivers/crypto/ccp/sp-platform.c
index d56b34255b97..cae3e7e8f289 100644
--- a/drivers/crypto/ccp/sp-platform.c
+++ b/drivers/crypto/ccp/sp-platform.c
@@ -43,6 +43,7 @@ static struct psp_vdata psp_platform = {
.feature_reg = -1,
.inten_reg = -1,
.intsts_reg = -1,
+ .quirks = PSP_QUIRK_ALWAYS_RECLAIM,
};
#endif
--
2.25.1
prev parent reply other threads:[~2023-01-23 16:52 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-23 16:51 [RFC PATCH v1 0/6] Support nested SNP KVM guests on Hyper-V Jeremi Piotrowski
2023-01-23 16:51 ` [RFC PATCH v1 1/6] x86/hyperv: Allocate RMP table during boot Jeremi Piotrowski
2023-01-28 19:26 ` Michael Kelley (LINUX)
2023-01-30 15:03 ` Jeremi Piotrowski
2023-01-23 16:51 ` [RFC PATCH v1 2/6] x86/sev: Add support for NestedVirtSnpMsr Jeremi Piotrowski
2023-01-28 19:48 ` Michael Kelley (LINUX)
2023-01-30 15:25 ` Jeremi Piotrowski
2023-01-30 15:39 ` Michael Kelley (LINUX)
2023-01-23 16:51 ` [RFC PATCH v1 3/6] x86/sev: Maintain shadow rmptable on Hyper-V Jeremi Piotrowski
2023-01-29 4:37 ` Michael Kelley (LINUX)
2023-01-30 16:51 ` Jeremi Piotrowski
2023-01-23 16:51 ` [RFC PATCH v1 4/6] x86/amd: Configure necessary MSRs for SNP during CPU init when running as a guest Jeremi Piotrowski
2023-01-29 4:44 ` Michael Kelley (LINUX)
2023-01-30 17:25 ` Jeremi Piotrowski
2023-01-23 16:51 ` [RFC PATCH v1 5/6] iommu/amd: Don't fail snp_enable when running virtualized Jeremi Piotrowski
2023-01-23 16:51 ` Jeremi Piotrowski [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230123165128.28185-7-jpiotrowski@linux.microsoft.com \
--to=jpiotrowski@linux.microsoft.com \
--cc=Tianyu.Lan@microsoft.com \
--cc=ashish.kalra@amd.com \
--cc=brijesh.singh@amd.com \
--cc=decui@microsoft.com \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-hyperv@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=michael.roth@amd.com \
--cc=mikelley@microsoft.com \
--cc=thomas.lendacky@amd.com \
--cc=wei.liu@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).