From: Tom Lendacky <thomas.lendacky@amd.com>
To: Michael Kelley <mikelley@microsoft.com>,
hpa@zytor.com, kys@microsoft.com, haiyangz@microsoft.com,
wei.liu@kernel.org, decui@microsoft.com, luto@kernel.org,
peterz@infradead.org, davem@davemloft.net, edumazet@google.com,
kuba@kernel.org, pabeni@redhat.com, lpieralisi@kernel.org,
robh@kernel.org, kw@linux.com, bhelgaas@google.com,
arnd@arndb.de, hch@infradead.org, m.szyprowski@samsung.com,
robin.murphy@arm.com, brijesh.singh@amd.com, tglx@linutronix.de,
mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com,
Tianyu.Lan@microsoft.com, kirill.shutemov@linux.intel.com,
sathyanarayanan.kuppuswamy@linux.intel.com, ak@linux.intel.com,
isaku.yamahata@intel.com, dan.j.williams@intel.com,
jane.chu@oracle.com, seanjc@google.com, tony.luck@intel.com,
x86@kernel.org, linux-kernel@vger.kernel.org,
linux-hyperv@vger.kernel.org, netdev@vger.kernel.org,
linux-pci@vger.kernel.org, linux-arch@vger.kernel.org,
iommu@lists.linux.dev
Subject: Re: [PATCH v2 05/12] x86/hyperv: Change vTOM handling to use standard coco mechanisms
Date: Fri, 11 Nov 2022 12:49:50 -0600 [thread overview]
Message-ID: <177144ce-aa63-58f9-d3ea-dec9cde482a5@amd.com> (raw)
In-Reply-To: <1668147701-4583-6-git-send-email-mikelley@microsoft.com>
On 11/11/22 00:21, Michael Kelley wrote:
> Hyper-V guests on AMD SEV-SNP hardware have the option of using the
> "virtual Top Of Memory" (vTOM) feature specified by the SEV-SNP
> architecture. With vTOM, shared vs. private memory accesses are
> controlled by splitting the guest physical address space into two
> halves. vTOM is the dividing line where the uppermost bit of the
> physical address space is set; e.g., with 47 bits of guest physical
> address space, vTOM is 0x40000000000 (bit 46 is set). Guest phyiscal
> memory is accessible at two parallel physical addresses -- one below
> vTOM and one above vTOM. Accesses below vTOM are private (encrypted)
> while accesses above vTOM are shared (decrypted). In this sense, vTOM
> is like the GPA.SHARED bit in Intel TDX.
>
> Support for Hyper-V guests using vTOM was added to the Linux kernel in
> two patch sets[1][2]. This support treats the vTOM bit as part of
> the physical address. For accessing shared (decrypted) memory, these
> patch sets create a second kernel virtual mapping that maps to physical
> addresses above vTOM.
>
> A better approach is to treat the vTOM bit as a protection flag, not
> as part of the physical address. This new approach is like the approach
> for the GPA.SHARED bit in Intel TDX. Rather than creating a second kernel
> virtual mapping, the existing mapping is updated using recently added
> coco mechanisms. When memory is changed between private and shared using
> set_memory_decrypted() and set_memory_encrypted(), the PTEs for the
> existing kernel mapping are changed to add or remove the vTOM bit
> in the guest physical address, just as with TDX. The hypercalls to
> change the memory status on the host side are made using the existing
> callback mechanism. Everything just works, with a minor tweak to map
> the I/O APIC to use private accesses.
>
> To accomplish the switch in approach, the following must be done in
> in this single patch:
>
> * Update Hyper-V initialization to set the cc _mask based on vTOM
> and do other coco initialization.
>
> * Update physical_mask so the vTOM bit is no longer treated as part
> of the physical address
>
> * Update cc_mkenc() and cc_mkdec() to be active for Hyper-V guests.
> This makes the vTOM bit part of the protection flags.
>
> * Code already exists to make hypercalls to inform Hyper-V about pages
> changing between shared and private. Update this code to run as a
> callback from __set_memory_enc_pgtable().
>
> * Remove the Hyper-V special case from __set_memory_enc_dec(), and
> make the normal case active for Hyper-V VMs, which have
> CC_ATTR_GUEST_MEM_ENCRYPT, but not CC_ATTR_MEM_ENCRYPT.
>
> [1] https://lore.kernel.org/all/20211025122116.264793-1-ltykernel@gmail.com/
> [2] https://lore.kernel.org/all/20211213071407.314309-1-ltykernel@gmail.com/
>
> Signed-off-by: Michael Kelley <mikelley@microsoft.com>
> Reviewed-by: Tianyu Lan <Tianyu.Lan@microsoft.com>
> ---
> arch/x86/coco/core.c | 10 ++++++++-
> arch/x86/hyperv/ivm.c | 45 +++++++++++++++++++++++++++++++----------
> arch/x86/include/asm/mshyperv.h | 8 ++------
> arch/x86/kernel/cpu/mshyperv.c | 15 +++++++-------
> arch/x86/mm/pat/set_memory.c | 6 ++----
> 5 files changed, 54 insertions(+), 30 deletions(-)
>
> diff --git a/arch/x86/mm/pat/set_memory.c b/arch/x86/mm/pat/set_memory.c
> index 06eb8910..024fbf4 100644
> --- a/arch/x86/mm/pat/set_memory.c
> +++ b/arch/x86/mm/pat/set_memory.c
> @@ -2126,10 +2126,8 @@ static int __set_memory_enc_pgtable(unsigned long addr, int numpages, bool enc)
>
> static int __set_memory_enc_dec(unsigned long addr, int numpages, bool enc)
> {
> - if (hv_is_isolation_supported())
> - return hv_set_mem_host_visibility(addr, numpages, !enc);
> -
> - if (cc_platform_has(CC_ATTR_MEM_ENCRYPT))
> + if (cc_platform_has(CC_ATTR_MEM_ENCRYPT) ||
> + cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT))
This seems kind of strange since CC_ATTR_MEM_ENCRYPT is supposed to mean
either HOST or GUEST memory encryption, but then you check for GUEST
memory encryption directly. Can your cc_platform_has() support be setup to
handle the CC_ATTR_MEM_ENCRYPT attribute in some way?
Thanks,
Tom
> return __set_memory_enc_pgtable(addr, numpages, enc);
>
> return 0;
next prev parent reply other threads:[~2022-11-11 18:50 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-11 6:21 [PATCH v2 00/12] Drivers: hv: Add PCI pass-thru support to Hyper-V Confidential VMs Michael Kelley
2022-11-11 6:21 ` [PATCH v2 01/12] x86/ioremap: Fix page aligned size calculation in __ioremap_caller() Michael Kelley
2022-11-12 0:11 ` Dave Hansen
2022-11-12 4:31 ` Michael Kelley (LINUX)
2022-11-14 16:40 ` Dave Hansen
2022-11-14 16:53 ` Michael Kelley (LINUX)
2022-11-14 16:57 ` Dave Hansen
2022-11-14 17:25 ` Michael Kelley (LINUX)
2022-11-11 6:21 ` [PATCH v2 02/12] x86/ioapic: Gate decrypted mapping on cc_platform_has() attribute Michael Kelley
2022-11-12 0:21 ` Dave Hansen
2022-11-12 4:48 ` Michael Kelley (LINUX)
2022-11-14 16:23 ` Dave Hansen
2022-11-14 16:54 ` Michael Kelley (LINUX)
2022-11-11 6:21 ` [PATCH v2 03/12] x86/hyperv: Reorder code in prep for subsequent patch Michael Kelley
2022-11-11 6:21 ` [PATCH v2 04/12] Drivers: hv: Explicitly request decrypted in vmap_pfn() calls Michael Kelley
2022-11-11 6:21 ` [PATCH v2 05/12] x86/hyperv: Change vTOM handling to use standard coco mechanisms Michael Kelley
2022-11-11 18:49 ` Tom Lendacky [this message]
2022-11-13 16:01 ` Michael Kelley (LINUX)
2022-11-16 16:38 ` Tom Lendacky
2022-11-11 6:21 ` [PATCH v2 06/12] swiotlb: Remove bounce buffer remapping for Hyper-V Michael Kelley
2022-11-11 6:21 ` [PATCH v2 07/12] Drivers: hv: vmbus: Remove second mapping of VMBus monitor pages Michael Kelley
2022-11-11 6:21 ` [PATCH v2 08/12] Drivers: hv: vmbus: Remove second way of mapping ring buffers Michael Kelley
2022-11-11 6:21 ` [PATCH v2 09/12] hv_netvsc: Remove second mapping of send and recv buffers Michael Kelley
2022-11-11 6:21 ` [PATCH v2 10/12] Drivers: hv: Don't remap addresses that are above shared_gpa_boundary Michael Kelley
2022-11-11 6:21 ` [PATCH v2 11/12] PCI: hv: Add hypercalls to read/write MMIO space Michael Kelley
2022-11-11 6:21 ` [PATCH v2 12/12] PCI: hv: Enable PCI pass-thru devices in Confidential VMs Michael Kelley
2022-11-11 16:44 ` [PATCH v2 00/12] Drivers: hv: Add PCI pass-thru support to Hyper-V " Wei Liu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=177144ce-aa63-58f9-d3ea-dec9cde482a5@amd.com \
--to=thomas.lendacky@amd.com \
--cc=Tianyu.Lan@microsoft.com \
--cc=ak@linux.intel.com \
--cc=arnd@arndb.de \
--cc=bhelgaas@google.com \
--cc=bp@alien8.de \
--cc=brijesh.singh@amd.com \
--cc=dan.j.williams@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=davem@davemloft.net \
--cc=decui@microsoft.com \
--cc=edumazet@google.com \
--cc=haiyangz@microsoft.com \
--cc=hch@infradead.org \
--cc=hpa@zytor.com \
--cc=iommu@lists.linux.dev \
--cc=isaku.yamahata@intel.com \
--cc=jane.chu@oracle.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=kuba@kernel.org \
--cc=kw@linux.com \
--cc=kys@microsoft.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-hyperv@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=lpieralisi@kernel.org \
--cc=luto@kernel.org \
--cc=m.szyprowski@samsung.com \
--cc=mikelley@microsoft.com \
--cc=mingo@redhat.com \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=peterz@infradead.org \
--cc=robh@kernel.org \
--cc=robin.murphy@arm.com \
--cc=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=tony.luck@intel.com \
--cc=wei.liu@kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox