From: Tianyu Lan <ltykernel@gmail.com>
To: kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org,
decui@microsoft.com, tglx@linutronix.de, mingo@redhat.com,
bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org,
hpa@zytor.com, daniel.lezcano@linaro.org, arnd@arndb.de,
michael.h.kelley@microsoft.com
Cc: Tianyu Lan <tiala@microsoft.com>,
linux-arch@vger.kernel.org, linux-hyperv@vger.kernel.org,
linux-kernel@vger.kernel.org, vkuznets@redhat.com
Subject: [PATCH V2 0/9] x86/hyperv: Add AMD sev-snp enlightened guest support on hyperv
Date: Mon, 26 Jun 2023 23:22:38 -0400 [thread overview]
Message-ID: <20230627032248.2170007-1-ltykernel@gmail.com> (raw)
From: Tianyu Lan <tiala@microsoft.com>
Hyper-V provides two modes for running SEV-SNP VMs:
1) In vTOM mode with a paravisor (see Section 15.36.8 of [1])
2) In "fully enlightened" mode with normal "C" bit control
over page encryption, and no paravisor
For #1, the paravisor runs in VMPL 0, while Linux runs in VMPL 2
(see Section 15.36.7 of [1]). The paravisor is typically provided
by Hyper-V and handles most of the SNP-related functionality. As
such, most of the SNP functionality in the Linux guest is bypassed.
The guest operates in vTOM mode, where encryption is enabled by default.
The guest must still request page transitions between private and shared,
but there is relatively less SNP machinery required in the guest. Support
for this mode of operation first went upstream in the 5.15 kernel.
For #2, this patch set provides the initial support. The existing
SEV-SNP machinery in the kernel is fully used, but Hyper-V specific
updates are required to properly share Hyper-V communication pages
between the guest and host and to start APs at boot time.
In either mode, Hyper-V requires that the guest implement the SEV-SNP
Restricted Interrupt Injection feature (see Section 15.36.16 of [1],
and Section 5 of [2]). Without this feature, the guest is subject to
attack by a compromised hypervisor that can inject any exception at
any time, such as injecting an interrupt while the guest has interrupts
disabled. In vTOM mode, Restricted Interrupt Injection is implemented
by the paravisor, so no Linux guest changes are required. But in fully
enlightened mode, the Linux guest must provide the implementation.
This patch set is derived from an earlier patch set that includes both
the Hyper-V specific changes and Restricted Interrupt Injection support.[3]
But it is now limited to only the Hyper-V specific changes. The Restricted
Interrupt Injection support will come later in a separate patch set.
[1] https://www.amd.com/system/files/TechDocs/24593.pdf
[2] https://www.amd.com/system/files/TechDocs/56421-guest-hypervisor-communication-block-standardization.pdf
[3] https://lore.kernel.org/lkml/20230515165917.1306922-1-ltykernel@gmail.com/
Change since v1:
* vTOM case uses paravisor_present flag and
HV_ISOLATION_TYPE_SNP type.
* Rework some patches' change log
* Fix some comments in the patches
Tianyu Lan (9):
x86/hyperv: Add sev-snp enlightened guest static key
x86/hyperv: Set Virtual Trust Level in VMBus init message
x86/hyperv: Mark Hyper-V vp assist page unencrypted in SEV-SNP
enlightened guest
drivers: hv: Mark percpu hvcall input arg page unencrypted in SEV-SNP
enlightened guest
x86/hyperv: Use vmmcall to implement Hyper-V hypercall in sev-snp
enlightened guest
clocksource: hyper-v: Mark hyperv tsc page unencrypted in sev-snp
enlightened guest
x86/hyperv: Initialize cpu and memory for SEV-SNP enlightened guest
x86/hyperv: Add smp support for SEV-SNP guest
x86/hyperv: Add hyperv-specific handling for VMMCALL under SEV-ES
arch/x86/hyperv/hv_init.c | 52 +++++++-
arch/x86/hyperv/ivm.c | 199 +++++++++++++++++++++++++++++
arch/x86/include/asm/hyperv-tlfs.h | 7 +
arch/x86/include/asm/mshyperv.h | 73 +++++++++--
arch/x86/kernel/cpu/mshyperv.c | 42 +++++-
drivers/clocksource/hyperv_timer.c | 2 +-
drivers/hv/connection.c | 1 +
drivers/hv/hv.c | 57 ++++++++-
drivers/hv/hv_common.c | 19 +++
include/asm-generic/hyperv-tlfs.h | 1 +
include/asm-generic/mshyperv.h | 13 +-
include/linux/hyperv.h | 4 +-
12 files changed, 445 insertions(+), 25 deletions(-)
--
2.25.1
next reply other threads:[~2023-06-27 3:28 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-27 3:22 Tianyu Lan [this message]
2023-06-27 3:22 ` [PATCH V2 1/9] x86/hyperv: Add sev-snp enlightened guest static key Tianyu Lan
2023-07-04 14:17 ` Michael Kelley (LINUX)
2023-07-05 14:43 ` Tianyu Lan
2023-06-27 3:22 ` [PATCH V2 2/9] x86/hyperv: Set Virtual Trust Level in VMBus init message Tianyu Lan
2023-07-04 14:18 ` Michael Kelley (LINUX)
2023-07-07 9:07 ` [EXTERNAL] " Saurabh Singh Sengar
2023-08-07 4:48 ` Wei Liu
2023-08-10 16:22 ` Tianyu Lan
2023-08-11 2:55 ` Saurabh Singh Sengar
2023-06-27 3:22 ` [PATCH V2 3/9] x86/hyperv: Mark Hyper-V vp assist page unencrypted in SEV-SNP enlightened guest Tianyu Lan
2023-07-04 14:18 ` Michael Kelley (LINUX)
2023-06-27 3:22 ` [PATCH V2 4/9] drivers: hv: Mark percpu hvcall input arg " Tianyu Lan
2023-07-04 14:19 ` Michael Kelley (LINUX)
2023-06-27 3:22 ` [PATCH V2 5/9] x86/hyperv: Use vmmcall to implement Hyper-V hypercall in sev-snp " Tianyu Lan
2023-06-27 3:22 ` [PATCH V2 6/9] clocksource: hyper-v: Mark hyperv tsc page unencrypted " Tianyu Lan
2023-07-04 14:19 ` Michael Kelley (LINUX)
2023-06-27 3:22 ` [PATCH V2 7/9] x86/hyperv: Initialize cpu and memory for SEV-SNP " Tianyu Lan
2023-07-04 14:23 ` Michael Kelley (LINUX)
2023-06-27 3:22 ` [PATCH V2 8/9] x86/hyperv: Add smp support for SEV-SNP guest Tianyu Lan
2023-07-04 14:24 ` Michael Kelley (LINUX)
2023-06-27 3:22 ` [PATCH V2 9/9] x86/hyperv: Add hyperv-specific handling for VMMCALL under SEV-ES Tianyu Lan
2023-07-04 14:25 ` Michael Kelley (LINUX)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230627032248.2170007-1-ltykernel@gmail.com \
--to=ltykernel@gmail.com \
--cc=arnd@arndb.de \
--cc=bp@alien8.de \
--cc=daniel.lezcano@linaro.org \
--cc=dave.hansen@linux.intel.com \
--cc=decui@microsoft.com \
--cc=haiyangz@microsoft.com \
--cc=hpa@zytor.com \
--cc=kys@microsoft.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-hyperv@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=michael.h.kelley@microsoft.com \
--cc=mingo@redhat.com \
--cc=tglx@linutronix.de \
--cc=tiala@microsoft.com \
--cc=vkuznets@redhat.com \
--cc=wei.liu@kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).