From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756376AbdGXTOn (ORCPT ); Mon, 24 Jul 2017 15:14:43 -0400 Received: from mail-sn1nam01on0067.outbound.protection.outlook.com ([104.47.32.67]:44920 "EHLO NAM01-SN1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1756655AbdGXTMT (ORCPT ); Mon, 24 Jul 2017 15:12:19 -0400 Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; From: Brijesh Singh To: linux-kernel@vger.kernel.org, x86@kernel.org, linux-efi@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, kvm@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , "H . Peter Anvin" , Borislav Petkov , Andy Lutomirski , Tony Luck , Piotr Luc , Tom Lendacky , Fenghua Yu , Lu Baolu , Reza Arbab , David Howells , Matt Fleming , "Kirill A . Shutemov" , Laura Abbott , Ard Biesheuvel , Andrew Morton , Eric Biederman , Benjamin Herrenschmidt , Paul Mackerras , Konrad Rzeszutek Wilk , Jonathan Corbet , Dave Airlie , Kees Cook , Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Arnd Bergmann , Tejun Heo , Christoph Lameter , Brijesh Singh Subject: [RFC Part1 PATCH v3 17/17] X86/KVM: Clear encryption attribute when SEV is active Date: Mon, 24 Jul 2017 14:07:57 -0500 Message-Id: <20170724190757.11278-18-brijesh.singh@amd.com> X-Mailer: git-send-email 2.9.4 In-Reply-To: <20170724190757.11278-1-brijesh.singh@amd.com> References: <20170724190757.11278-1-brijesh.singh@amd.com> MIME-Version: 1.0 Content-Type: text/plain X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: CY4PR04CA0049.namprd04.prod.outlook.com (10.171.243.142) To CY1PR12MB0150.namprd12.prod.outlook.com (10.161.173.20) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 690af31f-0990-43a4-7b08-08d4d2c76880 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(48565401081)(300000503095)(300135400095)(201703131423075)(201703031133081)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095);SRVR:CY1PR12MB0150; X-Microsoft-Exchange-Diagnostics: 1;CY1PR12MB0150;3:voky+/pSoEKEY1Tol8YxcnUW3bElhQMNzVEJsHeUdSh7zsKqg1uDlWOP8LstwYkOXpFzPAp+qbcJmOYXaQyKYMuKdtTbJZYoWmHaKrVkdojRIGxUAYD6XxfdS58zkwpbUbLNNCOgqfW1xS4uwzIK6oVMyU2FnGjaNKRQn5jta/L5kgvr2CAYAsnZ0HfTM0tMa6hxPW9u3SCkE5VW5pfbEpQJYiIUBENUf6Xnv+aTb+hvAFWmbk0gOqmQ0MWejDwcAxalmlM+0R7I3xnQimcdUe9K24fJJ6OEFwva+lWUGI7uaKsWktutEenNl4DembT+qqaOdJdbqeQvR4msRqHd55PKAwHY/jceIMv4OMiqiHWdom1bLmZCgUVBWUZTcs+x1ycUMJdTUgbiMOmSAaWHQ3llz9R/9d2qJIsBLHuI0LGMkqlAMwLrOjXd85qHROS/K7O4056NyFF2581ZBq2omFunEfOmPfRYnH2OWLO+PAJG59eickpojLpK/IlU4RKwqOjrFHtWvuazjJuyLveectK+1x12WpInygZ3ZjB5riqK3PmOsGRS9PketKehjex7XzZ9wxfb4gPf5/kDQs0v0Jw5S9th4DhgaMWACRZQoOKbYAFS6IzhjB9Hw5M7raIMEjeIG9F4ycOb/XQyOim28W4hSmmvF7z+LZpsthm44FyTfWigeSb1EecZnPxpstpGCs1vTS4AofkU9JyBiJ2XvLCPacba+rGgyQEUPyH4Dw2V2OTuAHTqysrwnm5+MYmFtQSH/tSKQ4c1Bvfyha58wg== X-MS-TrafficTypeDiagnostic: CY1PR12MB0150: X-Microsoft-Exchange-Diagnostics: 1;CY1PR12MB0150;25:EffaSaCqm2NTTbMvrlTNElwvmlHfeBDFtEF5ePexO+ptwp3BO5qlp7JCCWRIXs8RWa1DVeBAlOnmE3guFdxW98PxPnQL/lfYtsl7bP1a/vDh1WFLpi+HOTPxECSYxwizeynkc9XviNZSnEhW2e31OfZo8dft5ByWB3sADLclf64s4izsItculyvJ3NdXVJYwh9aRLzd8VWrTst+gYQCSiIByN4RCGSCVTBl7fd/splzjJM+K/f+UZYgIcvGcoYN17JwQxB9l1rKPfZE/NlHqexId/yGD+szh35UWN5IrqvxDfwWK+ZFnUpW7qIlziSj+LXKwmNTPDx+0iZ586ZQ3oe9i8+CcMLyzMEaF2yh++nBbK/wLs+747/4GMwW8pL1hevVahAe+3Hgp7CtOzUPMemkLRYqa9qkcKfs+Ggrl9ewa4dbhbBzTCEwdXT1AGdOTvsEKJHLeY3VXfe2uRvFlaKtB649NYI/Y7BDPlREV9bu3gqSSAchl00pmqeDs/V4jwXLnS2Iitvbxj3i28a4ie5HAZdTUo8XIqdjLZBSWiUH1MvkRoy2kkfTJfETF38UHyy55hEVhbBfEumIYh1olSqkfu4+hTHiyy0aKgWo+ucadaMWzBtJjfSj6NIZFu93AaD3dTWymMlUaNxwsoEfF6JfInMR/fmA60dfhmDQz88tyRwM3jHeHmk/vyDArJBFcQDbmi3yR7r4yZCUHEClTAZzrLMLuheANtWeZ4e1/DakaQKwSx6UOff1R80eNKcnXdjGZxcw74hQg9PHpdMZC9qzGa+3MeDkJrt9Zzdy1HbheHO320Fh0J4E2uLINFS3zOK5Qc35UJK2mJq4YNsqXl9hxXqo7wCToKQbVc+gsb6CI9zkM0/wZXiijOVFAC+44iW6mvBm1V0myUKEZhQ8OkgwQp8XRcVty2oHbbaN06uM= X-Microsoft-Exchange-Diagnostics: 1;CY1PR12MB0150;31:ldmJV+SNgSxSheJhq5JLfk7ysYInTGv8hKI8RKfpwIyIUhMkBOn3MhLKKLjjO1XUji6EKBA7OpPShLeN0ZlkxjY1XNUPUNrQ6W6UQcKNSSvDO7mjnxox1RHt9wW6RqAGjXPQHNHdaP5z/g5CHpu0vzCIc153GcE+wptkoenhCRmYKVcfA5kYndhHf123+c5ylJ3SfhTRwlyyLeDLDN9p5LlHTkyedLVgBOIM+Zg2vKlP44PjbZKZ0AZgDOtdk/w3YB5tfhvZou2Uv863HLd9EZ8iCn6hbJG2lEQ9m9TBdSvdltPuZWCnIIKFulO313aKLZpbxjZtFwlfbbTNqHTWEP5ziMYVdEjrmMxM1ZKzqVNhlKrsFrlVRUtXVGkVNzn3YuD9yU80YKAGf8OAl0tiBxNmBe3xiuCJPEIBuomgqPGxH/GRhiPqcqT0LMOMJPP30S/UqGw5juFXNcwjD8zxUS10+L9+D70QjsL6OUqVGYIxO93ZhahuQVqgem/YoN4CfAb1N57O8LjmsUvjjDhHjcDhLNtk73aCcPsrMVt71ZQk0sVhmWM9N0451BCSSuEq1DL81xm0g/ssLULi1V0n7MnjoEiaWFpSkTNsinvieZB3VGAZP0+dsAhKzr1TH8UvXi8Y+6VcHn8OJcks56qMS7hVbTuJmlYsvd1ma2sRYN4= X-Microsoft-Exchange-Diagnostics: 1;CY1PR12MB0150;20:HH5L5xKzvaf9tu2OBsb49+Nr7el5w9Oa71qNtWDgKz6DEq+rZwApFRHNBYLNOa0OyTOezOkI3WT1wUweXYV7ew5X4XPPLvAzddPzRBmKJRvFFEUHAR6X8H96SQXMWSv0MTX6dRIB8Yb/mXHfwUe+zsr464/K84u2UxQoCPBM7hPBBKLJ5GIj9AH/5bO1MzE7LST4ORlZNMw9JIA+tyXbYS58PUJYgtEqYOCB9sx1X6DP/EEpfY+lKaCPM/giG6dynRgyegBR9/9MFN56VeW4c1MYbXjQYGG78qRR1q3i0+9APc7uhUmogkcwsbcs+g3OqfuZUNLXO14CFkqh2O22rXiH/K5PRG3H/6AfryhbnEwTxesb3QU17TtX2OnL2vEGYuq0i7xez4NYtjEE7BAaK5ftabUhK8i7thWcOckDBdgdQv/oZWeUpbieh/Fi75BGCtPWCieSZjlR8VLAtemzrr9yEZbFALRRpTLCSzxOVz0W83pEvqjHrSDIJjkWhlfM X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(601004)(2401047)(8121501046)(5005006)(93006095)(93001095)(10201501046)(100000703101)(100105400095)(3002001)(6055026)(6041248)(20161123564025)(20161123555025)(20161123560025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123558100)(20161123562025)(6072148)(100000704101)(100105200095)(100000705101)(100105500095);SRVR:CY1PR12MB0150;BCL:0;PCL:0;RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095);SRVR:CY1PR12MB0150; X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1;CY1PR12MB0150;4:AZnJwo4WkkFHrwoXtWSywTtbZTwjmf0eDWsD41VhoZ?= =?us-ascii?Q?1H2Jv5RhTRsjK5oywyvqu7ESzuk4FXKSMtY3DyDmQpR0vX1rASJcg2FDaE91?= =?us-ascii?Q?6dpRbkDSWqrlyLBcO8rnk7AdfJCwusM+T7Fr5h0X3gZ/96Jb+1qjVtkYjgWO?= =?us-ascii?Q?nQOuqD/XHzAQEoTkVorBmYtENyB64HcGzLUfG9cf8/VE5Rb16zClhWGIjkv4?= =?us-ascii?Q?R8l2CP0F2LAADSdtBS9ypKe4oqKfy/Q8tG07JDIL8Kg0Ggqfrx3h2ow1V/+k?= =?us-ascii?Q?q3moXqilPx/cii6vSLNWOgCR3fQ0ZQ5DuWVDznwjAk0hyVncYvAA4Hsw13kN?= =?us-ascii?Q?SY0aWFpTJVzGpNfa6cX/xllo5FiM8WOdrsiGpME1p2TLoKyD42/2f0HXfnzT?= =?us-ascii?Q?25QVR/XRRKL9tQ/XKR1YzKeSFDVKw6ufreDVV/Lr2as/b2GfoXRKHlRjrvon?= =?us-ascii?Q?LFLX76VvBcLLGtaMVyzIALxZ/eu1ChslTU8EOKKNEDVIO75ZAUuR+SjSijL0?= =?us-ascii?Q?gqbSvEsxivYfiMcRA2YXK29cDS4kL+gNwBFo+d9cLgXXlwAAxxulj3yBHFFG?= =?us-ascii?Q?iWi/gH6MVp1+aj2hehHRxPXc77/eeMsp3GromE/e3vcVoOURsc4jJD2Q010n?= =?us-ascii?Q?fdbBe7RriTrvBAk0LebFFhtReRONpVhKZfLm7vR2Rq9wqX9CLXGIkwIRk96r?= =?us-ascii?Q?HzMEJO4f8e7YHUMBelpKVLHk5uZNfnDzrKvLhyi8qjHAebXCyNLeHiWYaPqJ?= =?us-ascii?Q?bOioYeREBvqFotn9Pg14ObIbLoJS6Yxo2dZcPSj5XsPB8lsqPJCvKr9EKEEg?= =?us-ascii?Q?ZcK6q7XoIz1BUzQRKTAVXf/BrqxHCeBfawZ8U/l4agHB+euRK8QT3mBVRshn?= =?us-ascii?Q?x0Ay3QQ3YAwdLSO9XHylbSle1dsLgB0uuNkxffZjkZdJErljL6h2+08/x718?= =?us-ascii?Q?ceVbaYvCuOHuKjtrr747F0SnWQ/ebtMBU97G1wGmDypEaonQj0H2l+PKrxB6?= =?us-ascii?Q?Ke6eFqs7CrPXBKYdd141V3lXdFP9EZuzFIjszULLzzGB7t31tkOjn4jasY2r?= =?us-ascii?Q?YEb2CiGM3sEIKtd2qz/E0yDtOHqlGdisAN0pt/h1ByktN0zkPL7eYFmPS+Sa?= =?us-ascii?Q?0W5dDnpCRhM9wwL4DryTndkGMfsckn6g0CvpOKBwsO1WNpK1n9BnlbdhLhsT?= =?us-ascii?Q?n9B2qlRf23yrxnB6w89KavcUw/xqZtNfmB?= X-Forefront-PRVS: 0378F1E47A X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(4630300001)(7370300001)(6009001)(39840400002)(39850400002)(39450400003)(39400400002)(39410400002)(39860400002)(199003)(189002)(4326008)(81156014)(7350300001)(81166006)(50226002)(50466002)(68736007)(36756003)(38730400002)(1076002)(110136004)(53936002)(6116002)(25786009)(48376002)(8676002)(86362001)(305945005)(54906002)(7736002)(2950100002)(6666003)(50986999)(101416001)(47776003)(105586002)(5660300001)(5003940100001)(7416002)(33646002)(106356001)(66066001)(6486002)(7406005)(97736004)(189998001)(3846002)(76176999)(2906002)(53416004)(42186005)(478600001);DIR:OUT;SFP:1101;SCL:1;SRVR:CY1PR12MB0150;H:ubuntu-010236106000.amd.com;FPR:;SPF:None;PTR:InfoNoRecords;A:1;MX:1;LANG:en; X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1;CY1PR12MB0150;23:Xyv0d+QTU+oSBV2W7QZCgbDYzPr3y+u3jffnWZIh5?= =?us-ascii?Q?jsGeN/zo4kSk4x+2JJFiQ9kz7hAEnm/gtVMXY/3atsAnWenWVkkc8AFxDyr/?= =?us-ascii?Q?BRbJeqRTu0r6BI1+yrveQQAToaF6GsAFncoXd2aPTr5ohyx7lsDDqjZHEMeG?= =?us-ascii?Q?UxFbMWT1iJKC/1wmFzW2g8KIv9UkoGiHqM2q6conBplvECpzJpsotDmM2/zO?= =?us-ascii?Q?uQRK1DcUZ8RYZLs7aAyPKmQxs2IBnZpWbueTaHXj73Pzt2TRQ6iOy7hJFp6M?= =?us-ascii?Q?NitS1NK3e6c33Vd96Tx8LalfPJ1b9cFlIqbDxMwBa7hIe1b5n1VOpDd/hbrK?= =?us-ascii?Q?ZSiUYSL5NXqhx5uaYe2AOy2MGDwDZwpvhGjNELLzXlF1zUgi7sjFIA8WPITX?= =?us-ascii?Q?Oa+hDe9FsM/Tw2S7pOOSZOgFVV1l9v1Q8Mt3rxuyTq9OcK8M1rbRE3HEOr5E?= =?us-ascii?Q?uA7VT8EYm8ppszUOQaqtzLF4hBuJZGHNno6hPbHyvm+KwK1XjGfGY8EZXamr?= =?us-ascii?Q?lWppsDsy7cJh+PJi4MQCf2XfiNuzAE5FlAB7GbZ2eEQbU3oIjWLEwpyQBYiL?= =?us-ascii?Q?ojxpwK7ulRb3uMBEjUn7dfxovaVgusbGtXRvnbBRtj5Wxww6PZSXgIcBU6Hg?= =?us-ascii?Q?RmFcp8zU9e1ChsA5m73j42KocP7ZPwYhWk2naYeKdQbsZBg7aev62fAf747I?= =?us-ascii?Q?FJvHzXBMOyw7CzNlT2KAI2wNkalwmpW/XR3M5/wPaQ3q/Bw4rjILcpws9B7y?= =?us-ascii?Q?OEEY9i9rbRgofiz9XRiv+cl5Px2wNxiZUbcxProZbFiKrwJSAYkEcnJAjLbU?= =?us-ascii?Q?Cz4ntkA0qBv5C4yj/RYtewK9qpntDXOsziWxiXCcJ9bq5fRqLHB1r4VqNFkN?= =?us-ascii?Q?jbnQDG/QRBpfSHei+TvS2sTahQsSjz0yy9+Sf/q2D9g4fMd/Q15f8FW+7PyQ?= =?us-ascii?Q?v7VMKbJAETS9aKUtfqN4rqDGPm4S2WqCqvmBe70wC7ueTlNn/kmGtqonswzg?= =?us-ascii?Q?Q/cGidw2P+tyZoF9HBMO3w15FQ4Iybjem0cPxcPDH6UcEwwAvMtGUiqVLrWn?= =?us-ascii?Q?AYzzFiUbEmDMa0N+dtjcuZ2Q+9CDo7/bUlE9MzrwYjWmIPkj+pAeyP9QxIQH?= =?us-ascii?Q?qHis74AWjji+0kus0Wq0rkUmgMYVA52yB0Orr2VvaHXrkjH+JtqFuXoaW+xF?= =?us-ascii?Q?GlpitomxnNQewNwoyFWa9/9qb5B6ibvAbbw8AFeemWqy39lXrypuyusxtf5z?= =?us-ascii?Q?ziYWTca4m4FvUyKEV5HwZIRFR79mSkyuTOTAC4oUFLRgsI0yFb+PxcbVY3b9?= =?us-ascii?Q?Np4EiZvkM89goE8KnvmBjc=3D?= X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1;CY1PR12MB0150;6:hRCeWOpYey53dpuv7gBwHlkszTwtshIwraWxBFkpGz?= =?us-ascii?Q?v5LnSiQGXuX1GX5HSdiwnjPqDS5SjSoTKiGIvDzVq90S+n7+AX05qMyfRdfb?= =?us-ascii?Q?T2L8e67bHxJ8XQ6ghTw3gwm37r26h50oLUGyvXexe6oqcKAdHHCfCZ0omlgh?= =?us-ascii?Q?E2jwTzoxCGesJQOU3ZqQj0hKiM11cOyeq0wh8neg+/13YFw91EPD7ELexccj?= =?us-ascii?Q?l84zJgvwcnV5FU06s+/fGGkWEF6L+ZPA+EyRvtZYeI9VTL3+zJEOVElHM4Dm?= =?us-ascii?Q?imVcvwguzDYMbyv1xWMqvHv518NOGqURosAIyuNGtPi6MSnCkX+mO0+IuI+z?= =?us-ascii?Q?EEQGqAq8/gY565yXAnTTeM6W3uQYiSZTv2peyZzgXDznsWyHcficr1nSJaU2?= =?us-ascii?Q?5F/L+L/t5pwbU5dlLclgkf69nPPWwNVm0d0111mF9/HWi+qxYxNARSVvOYGI?= =?us-ascii?Q?Ivq6LlyIXAKRdmfXmeCfz53NJmzjokbnWy3CrRAI9NPVPxLvd9gPAhTvlxRV?= =?us-ascii?Q?iGjI/8fnlmhjnY/IvUKzV2sVlqKG4aV3lyhIoiyUAEcbOfsoSGG4LP8APerp?= =?us-ascii?Q?7aA3p+RgypHfsU/4DgaldRAU2c4zRMXsSr9dsT4wx2mKwtwnk++sFKtG8Am+?= =?us-ascii?Q?AeC6jeduCGHXeV1xl7P8wZPD1nZBvpmj9Y0zT0Gv5SDZwUCcJ+/Ibo7iv46V?= =?us-ascii?Q?c6Zdb3ug7pHR7m+qbsdhaU8lChDPLY23hboSVKAh0ye7W8hdZDtw3PGUxwwe?= =?us-ascii?Q?y6GyzJySISud5iRsDr8T0uG4jw5ELLmL0mhVXdG+K+SZYfziLo3BN1apG/p4?= =?us-ascii?Q?RLuV9HLHDGBFIZS95u3oik2GkTS8rXkh3ULccyIKg9Sn9Ac8s/i8vjKRdoG9?= =?us-ascii?Q?sZ9UsnMNVY/rDXIHAIc2omjP7MzTS/qD6iOThXzunf7fdBs8uSV2/Uk/fE+8?= =?us-ascii?Q?dsQTzdQ6NTLlAUaO4/J4fXDpsm29hzY6TvMZjxthbgOVo+jepuy/wM7Mv5lU?= =?us-ascii?Q?X3iGPZVeQ23UekGARJq4v7?= X-Microsoft-Exchange-Diagnostics: 1;CY1PR12MB0150;5:JerR3xJ3EKZjO1hOG0p4rM01lgvpTHH5HQyAmONCSWI90oGSAF8VO5YQNesO55cqjRK0T2swdR5f2PfJDd7X2Nf7teKV/xD9hLGCKfjd2nBmA3CgvJXStkNC+u3I5VajM03CQ441XwYo3/kLafn1Ve5vCnSlzCedrpQQ0NX9adJ+00N4QLPujsV25hiXxwlKgM/qBi4asug58ZVA2f9lmeb+QgKhp3hOXo/pAGuUuyElOgvcc8vuZlUcQED2Fw6zq/NjSq7ufr5hO2BhJBN8hfNq0QxOyEHWwjxSoScskT3uYh3yl9jtQ73+t6d780/LpDCL+n61WlH1yeXIK6TwYbDsJ2p6ezFc3CC3AlN5O+ngCx674dQrBOfNu79ZmVzrHqg/XMeqTjhatlh4f81LKzPONuvbrlqcG4ORWye9mTIpfoSWUZWkvrOq08MmEPIHkeEbc/6ZmwrKpLRMjyvSyDOkxYtOmx9c8ZIJhpGhiXanSMyOaSokOBdbZmAl6Mmr;24:1hnSWnN4YbUFE6K72bPMoPeugOmv1bhLWQcrHwdKP410+uw/jAlObptZWYkSs3OOTDeDgBK04ZCmXCy5ryWJk18wHtxl4JO2JldIPc68rP4= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;CY1PR12MB0150;7:V3Qy06KtarLXPheydLmTRQ1wOrXHnkqTNIZipAwLjI36yvv5FiGbfH17/yBa41js5dL9vu3fpp5NhJtIczgC9VQlkNnLPE9mRvZfszbLYQJcTjqS98RMR9jPMyEng6H97HyjEqYPgQnzxUVaSWu1XVT7JHA9+i5af9yhNWnlPQwpGNrZiYRZi721U6BGoKk0P/f6/51UH0AyOhOgk05HsnxhhNV+Gmq7eo03VkhV/EonS2clzvVBavDdNB6C0j5JdZSaxMMuEqtwIqihcvW5x94YCFzbjuNiTG8Ib36CO9VmUTkFbEkhBkcO36u+eFDo0UHtnaWbrqVmXSW2jxFa4LUvmv0YJZkBbmMRjVwTlURoGKOC8ChQqcHQfHx2/3FOoBntS7ZSO0kvRbbcCeN5hXI4w6y/QNDZ2xX8I8zppuRiISj8xVEX375/vjw9mLqOMZKNiTiGDHAAQKBi8ooTcZl1d7xJv7sjmJBamIormvVBSZUQnHwD6LI5lgzx07qX1XMio1A8tOPJ1znOCOs+m7rKgsUnE/Lox3hjq1l2DuUbCB6aXqpVj0DhyYuWcgpWbgWwDjP1+rwmogGo0jbMdnF0JE34v6i6biFIxkG0C+YU9O61bLRDH0YXcTv/ifbJ4/ukLTxYx+LXUWIDLsgTct63g1jV0TgFEwLhXplclcln/zIUWBvknQ14shC4Im7ZENptywxr7Cn4WUZjS181RjOIHQsnjnMbstaG/mIKzw610hggcymkGG2+fOJn0gliFHIyqtPt4tzSNoftTl2bRI984MMs2HqQxJNgiBQnsWc= X-Microsoft-Exchange-Diagnostics: 1;CY1PR12MB0150;20:+/yxf+MprYy1A99SyOr9Wtnww3LD6PL7A0kDYwcI4yNjherAPYzjCGwstmaZVnkCN2UHPe/PAM82nu3j1sEz6RH+9HbiYlaafG5A8q6UwK3V6X8j+QHnT1me+CIYC2FuCzg9xjJE0PUfYyG81OujAwlTh8xLn8eS2y/GWtBtkf8fu3Ba4TTRezB+xmA1wv2vkENH+QlE3QCJJxRStul7yniH2sALquO51ZN1z/PgSmgHen4GyegMLvdQUXapJnUU X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 24 Jul 2017 19:08:44.4814 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR12MB0150 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The guest physical memory area holding the struct pvclock_wall_clock and struct pvclock_vcpu_time_info are shared with the hypervisor. Hypervisor periodically updates the contents of the memory. When SEV is active, we must clear the encryption attributes from the shared memory pages so that both hypervisor and guest can access the data. Signed-off-by: Brijesh Singh --- arch/x86/entry/vdso/vma.c | 5 ++-- arch/x86/kernel/kvmclock.c | 64 +++++++++++++++++++++++++++++++++++++++------- 2 files changed, 58 insertions(+), 11 deletions(-) diff --git a/arch/x86/entry/vdso/vma.c b/arch/x86/entry/vdso/vma.c index 726355c..ff50251 100644 --- a/arch/x86/entry/vdso/vma.c +++ b/arch/x86/entry/vdso/vma.c @@ -114,10 +114,11 @@ static int vvar_fault(const struct vm_special_mapping *sm, struct pvclock_vsyscall_time_info *pvti = pvclock_pvti_cpu0_va(); if (pvti && vclock_was_used(VCLOCK_PVCLOCK)) { - ret = vm_insert_pfn( + ret = vm_insert_pfn_prot( vma, vmf->address, - __pa(pvti) >> PAGE_SHIFT); + __pa(pvti) >> PAGE_SHIFT, + pgprot_decrypted(vma->vm_page_prot)); } } else if (sym_offset == image->sym_hvclock_page) { struct ms_hyperv_tsc_page *tsc_pg = hv_get_tsc_page(); diff --git a/arch/x86/kernel/kvmclock.c b/arch/x86/kernel/kvmclock.c index d889676..f3a8101 100644 --- a/arch/x86/kernel/kvmclock.c +++ b/arch/x86/kernel/kvmclock.c @@ -27,6 +27,7 @@ #include #include +#include #include #include #include @@ -45,7 +46,7 @@ early_param("no-kvmclock", parse_no_kvmclock); /* The hypervisor will put information about time periodically here */ static struct pvclock_vsyscall_time_info *hv_clock; -static struct pvclock_wall_clock wall_clock; +static struct pvclock_wall_clock *wall_clock; struct pvclock_vsyscall_time_info *pvclock_pvti_cpu0_va(void) { @@ -64,15 +65,18 @@ static void kvm_get_wallclock(struct timespec *now) int low, high; int cpu; - low = (int)__pa_symbol(&wall_clock); - high = ((u64)__pa_symbol(&wall_clock) >> 32); + if (!wall_clock) + return; + + low = (int)slow_virt_to_phys(wall_clock); + high = ((u64)slow_virt_to_phys(wall_clock) >> 32); native_write_msr(msr_kvm_wall_clock, low, high); cpu = get_cpu(); vcpu_time = &hv_clock[cpu].pvti; - pvclock_read_wallclock(&wall_clock, vcpu_time, now); + pvclock_read_wallclock(wall_clock, vcpu_time, now); put_cpu(); } @@ -249,11 +253,39 @@ static void kvm_shutdown(void) native_machine_shutdown(); } +static phys_addr_t __init kvm_memblock_alloc(phys_addr_t size, + phys_addr_t align) +{ + phys_addr_t mem; + + mem = memblock_alloc(size, align); + if (!mem) + return 0; + + if (sev_active()) { + if (early_set_memory_decrypted(mem, size)) + goto e_free; + } + + return mem; +e_free: + memblock_free(mem, size); + return 0; +} + +static void __init kvm_memblock_free(phys_addr_t addr, phys_addr_t size) +{ + if (sev_active()) + early_set_memory_encrypted(addr, size); + + memblock_free(addr, size); +} + void __init kvmclock_init(void) { struct pvclock_vcpu_time_info *vcpu_time; - unsigned long mem; - int size, cpu; + unsigned long mem, mem_wall_clock; + int size, cpu, wall_clock_size; u8 flags; size = PAGE_ALIGN(sizeof(struct pvclock_vsyscall_time_info)*NR_CPUS); @@ -270,15 +302,29 @@ void __init kvmclock_init(void) printk(KERN_INFO "kvm-clock: Using msrs %x and %x", msr_kvm_system_time, msr_kvm_wall_clock); - mem = memblock_alloc(size, PAGE_SIZE); - if (!mem) + wall_clock_size = PAGE_ALIGN(sizeof(struct pvclock_wall_clock)); + mem_wall_clock = kvm_memblock_alloc(wall_clock_size, PAGE_SIZE); + if (!mem_wall_clock) return; + + wall_clock = __va(mem_wall_clock); + memset(wall_clock, 0, wall_clock_size); + + mem = kvm_memblock_alloc(size, PAGE_SIZE); + if (!mem) { + kvm_memblock_free(mem_wall_clock, wall_clock_size); + wall_clock = NULL; + return; + } + hv_clock = __va(mem); memset(hv_clock, 0, size); if (kvm_register_clock("primary cpu clock")) { hv_clock = NULL; - memblock_free(mem, size); + kvm_memblock_free(mem, size); + kvm_memblock_free(mem_wall_clock, wall_clock_size); + wall_clock = NULL; return; } -- 2.9.4 From mboxrd@z Thu Jan 1 00:00:00 1970 From: Brijesh Singh Subject: [RFC Part1 PATCH v3 17/17] X86/KVM: Clear encryption attribute when SEV is active Date: Mon, 24 Jul 2017 14:07:57 -0500 Message-ID: <20170724190757.11278-18-brijesh.singh@amd.com> References: <20170724190757.11278-1-brijesh.singh@amd.com> Mime-Version: 1.0 Content-Type: text/plain Return-path: In-Reply-To: <20170724190757.11278-1-brijesh.singh-5C7GfCeVMHo@public.gmane.org> Sender: linux-efi-owner-u79uwXL29TY76Z2rM5mHXA@public.gmane.org To: linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, x86-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org, linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, linuxppc-dev-uLR06cmDAlY/bJ5BZ2RsiQ@public.gmane.org, kvm-u79uwXL29TY76Z2rM5mHXA@public.gmane.org Cc: Thomas Gleixner , Ingo Molnar , "H . Peter Anvin" , Borislav Petkov , Andy Lutomirski , Tony Luck , Piotr Luc , Tom Lendacky , Fenghua Yu , Lu Baolu , Reza Arbab , David Howells , Matt Fleming , "Kirill A . Shutemov" , Laura Abbott , Ard Biesheuvel , Andrew Morton , Eric Biederman , Benjamin Herrenschmidt Paul Mackerras

List-Id: linux-efi@vger.kernel.org The guest physical memory area holding the struct pvclock_wall_clock and struct pvclock_vcpu_time_info are shared with the hypervisor. Hypervisor periodically updates the contents of the memory. When SEV is active, we must clear the encryption attributes from the shared memory pages so that both hypervisor and guest can access the data. Signed-off-by: Brijesh Singh --- arch/x86/entry/vdso/vma.c | 5 ++-- arch/x86/kernel/kvmclock.c | 64 +++++++++++++++++++++++++++++++++++++++------- 2 files changed, 58 insertions(+), 11 deletions(-) diff --git a/arch/x86/entry/vdso/vma.c b/arch/x86/entry/vdso/vma.c index 726355c..ff50251 100644 --- a/arch/x86/entry/vdso/vma.c +++ b/arch/x86/entry/vdso/vma.c @@ -114,10 +114,11 @@ static int vvar_fault(const struct vm_special_mapping *sm, struct pvclock_vsyscall_time_info *pvti = pvclock_pvti_cpu0_va(); if (pvti && vclock_was_used(VCLOCK_PVCLOCK)) { - ret = vm_insert_pfn( + ret = vm_insert_pfn_prot( vma, vmf->address, - __pa(pvti) >> PAGE_SHIFT); + __pa(pvti) >> PAGE_SHIFT, + pgprot_decrypted(vma->vm_page_prot)); } } else if (sym_offset == image->sym_hvclock_page) { struct ms_hyperv_tsc_page *tsc_pg = hv_get_tsc_page(); diff --git a/arch/x86/kernel/kvmclock.c b/arch/x86/kernel/kvmclock.c index d889676..f3a8101 100644 --- a/arch/x86/kernel/kvmclock.c +++ b/arch/x86/kernel/kvmclock.c @@ -27,6 +27,7 @@ #include #include +#include #include #include #include @@ -45,7 +46,7 @@ early_param("no-kvmclock", parse_no_kvmclock); /* The hypervisor will put information about time periodically here */ static struct pvclock_vsyscall_time_info *hv_clock; -static struct pvclock_wall_clock wall_clock; +static struct pvclock_wall_clock *wall_clock; struct pvclock_vsyscall_time_info *pvclock_pvti_cpu0_va(void) { @@ -64,15 +65,18 @@ static void kvm_get_wallclock(struct timespec *now) int low, high; int cpu; - low = (int)__pa_symbol(&wall_clock); - high = ((u64)__pa_symbol(&wall_clock) >> 32); + if (!wall_clock) + return; + + low = (int)slow_virt_to_phys(wall_clock); + high = ((u64)slow_virt_to_phys(wall_clock) >> 32); native_write_msr(msr_kvm_wall_clock, low, high); cpu = get_cpu(); vcpu_time = &hv_clock[cpu].pvti; - pvclock_read_wallclock(&wall_clock, vcpu_time, now); + pvclock_read_wallclock(wall_clock, vcpu_time, now); put_cpu(); } @@ -249,11 +253,39 @@ static void kvm_shutdown(void) native_machine_shutdown(); } +static phys_addr_t __init kvm_memblock_alloc(phys_addr_t size, + phys_addr_t align) +{ + phys_addr_t mem; + + mem = memblock_alloc(size, align); + if (!mem) + return 0; + + if (sev_active()) { + if (early_set_memory_decrypted(mem, size)) + goto e_free; + } + + return mem; +e_free: + memblock_free(mem, size); + return 0; +} + +static void __init kvm_memblock_free(phys_addr_t addr, phys_addr_t size) +{ + if (sev_active()) + early_set_memory_encrypted(addr, size); + + memblock_free(addr, size); +} + void __init kvmclock_init(void) { struct pvclock_vcpu_time_info *vcpu_time; - unsigned long mem; - int size, cpu; + unsigned long mem, mem_wall_clock; + int size, cpu, wall_clock_size; u8 flags; size = PAGE_ALIGN(sizeof(struct pvclock_vsyscall_time_info)*NR_CPUS); @@ -270,15 +302,29 @@ void __init kvmclock_init(void) printk(KERN_INFO "kvm-clock: Using msrs %x and %x", msr_kvm_system_time, msr_kvm_wall_clock); - mem = memblock_alloc(size, PAGE_SIZE); - if (!mem) + wall_clock_size = PAGE_ALIGN(sizeof(struct pvclock_wall_clock)); + mem_wall_clock = kvm_memblock_alloc(wall_clock_size, PAGE_SIZE); + if (!mem_wall_clock) return; + + wall_clock = __va(mem_wall_clock); + memset(wall_clock, 0, wall_clock_size); + + mem = kvm_memblock_alloc(size, PAGE_SIZE); + if (!mem) { + kvm_memblock_free(mem_wall_clock, wall_clock_size); + wall_clock = NULL; + return; + } + hv_clock = __va(mem); memset(hv_clock, 0, size); if (kvm_register_clock("primary cpu clock")) { hv_clock = NULL; - memblock_free(mem, size); + kvm_memblock_free(mem, size); + kvm_memblock_free(mem_wall_clock, wall_clock_size); + wall_clock = NULL; return; } -- 2.9.4 From mboxrd@z Thu Jan 1 00:00:00 1970 From: Brijesh Singh Subject: [RFC Part1 PATCH v3 17/17] X86/KVM: Clear encryption attribute when SEV is active Date: Mon, 24 Jul 2017 14:07:57 -0500 Message-ID: <20170724190757.11278-18-brijesh.singh@amd.com> References: <20170724190757.11278-1-brijesh.singh@amd.com> Mime-Version: 1.0 Content-Type: text/plain Cc: Thomas Gleixner , Ingo Molnar , "H . Peter Anvin" , Borislav Petkov , Andy Lutomirski , Tony Luck , Piotr Luc , Tom Lendacky , Fenghua Yu , Lu Baolu , Reza Arbab , David Howells , Matt Fleming , "Kirill A . Shutemov" , Laura Abbott , Ard Biesheuvel , Andrew Morton , Eric Biederman , Benjamin Herrenschmidt , Paul Mackerras

In-Reply-To: <20170724190757.11278-1-brijesh.singh-5C7GfCeVMHo@public.gmane.org> Sender: linux-efi-owner-u79uwXL29TY76Z2rM5mHXA@public.gmane.org List-Id: kvm.vger.kernel.org The guest physical memory area holding the struct pvclock_wall_clock and struct pvclock_vcpu_time_info are shared with the hypervisor. Hypervisor periodically updates the contents of the memory. When SEV is active, we must clear the encryption attributes from the shared memory pages so that both hypervisor and guest can access the data. Signed-off-by: Brijesh Singh --- arch/x86/entry/vdso/vma.c | 5 ++-- arch/x86/kernel/kvmclock.c | 64 +++++++++++++++++++++++++++++++++++++++------- 2 files changed, 58 insertions(+), 11 deletions(-) diff --git a/arch/x86/entry/vdso/vma.c b/arch/x86/entry/vdso/vma.c index 726355c..ff50251 100644 --- a/arch/x86/entry/vdso/vma.c +++ b/arch/x86/entry/vdso/vma.c @@ -114,10 +114,11 @@ static int vvar_fault(const struct vm_special_mapping *sm, struct pvclock_vsyscall_time_info *pvti = pvclock_pvti_cpu0_va(); if (pvti && vclock_was_used(VCLOCK_PVCLOCK)) { - ret = vm_insert_pfn( + ret = vm_insert_pfn_prot( vma, vmf->address, - __pa(pvti) >> PAGE_SHIFT); + __pa(pvti) >> PAGE_SHIFT, + pgprot_decrypted(vma->vm_page_prot)); } } else if (sym_offset == image->sym_hvclock_page) { struct ms_hyperv_tsc_page *tsc_pg = hv_get_tsc_page(); diff --git a/arch/x86/kernel/kvmclock.c b/arch/x86/kernel/kvmclock.c index d889676..f3a8101 100644 --- a/arch/x86/kernel/kvmclock.c +++ b/arch/x86/kernel/kvmclock.c @@ -27,6 +27,7 @@ #include #include +#include #include #include #include @@ -45,7 +46,7 @@ early_param("no-kvmclock", parse_no_kvmclock); /* The hypervisor will put information about time periodically here */ static struct pvclock_vsyscall_time_info *hv_clock; -static struct pvclock_wall_clock wall_clock; +static struct pvclock_wall_clock *wall_clock; struct pvclock_vsyscall_time_info *pvclock_pvti_cpu0_va(void) { @@ -64,15 +65,18 @@ static void kvm_get_wallclock(struct timespec *now) int low, high; int cpu; - low = (int)__pa_symbol(&wall_clock); - high = ((u64)__pa_symbol(&wall_clock) >> 32); + if (!wall_clock) + return; + + low = (int)slow_virt_to_phys(wall_clock); + high = ((u64)slow_virt_to_phys(wall_clock) >> 32); native_write_msr(msr_kvm_wall_clock, low, high); cpu = get_cpu(); vcpu_time = &hv_clock[cpu].pvti; - pvclock_read_wallclock(&wall_clock, vcpu_time, now); + pvclock_read_wallclock(wall_clock, vcpu_time, now); put_cpu(); } @@ -249,11 +253,39 @@ static void kvm_shutdown(void) native_machine_shutdown(); } +static phys_addr_t __init kvm_memblock_alloc(phys_addr_t size, + phys_addr_t align) +{ + phys_addr_t mem; + + mem = memblock_alloc(size, align); + if (!mem) + return 0; + + if (sev_active()) { + if (early_set_memory_decrypted(mem, size)) + goto e_free; + } + + return mem; +e_free: + memblock_free(mem, size); + return 0; +} + +static void __init kvm_memblock_free(phys_addr_t addr, phys_addr_t size) +{ + if (sev_active()) + early_set_memory_encrypted(addr, size); + + memblock_free(addr, size); +} + void __init kvmclock_init(void) { struct pvclock_vcpu_time_info *vcpu_time; - unsigned long mem; - int size, cpu; + unsigned long mem, mem_wall_clock; + int size, cpu, wall_clock_size; u8 flags; size = PAGE_ALIGN(sizeof(struct pvclock_vsyscall_time_info)*NR_CPUS); @@ -270,15 +302,29 @@ void __init kvmclock_init(void) printk(KERN_INFO "kvm-clock: Using msrs %x and %x", msr_kvm_system_time, msr_kvm_wall_clock); - mem = memblock_alloc(size, PAGE_SIZE); - if (!mem) + wall_clock_size = PAGE_ALIGN(sizeof(struct pvclock_wall_clock)); + mem_wall_clock = kvm_memblock_alloc(wall_clock_size, PAGE_SIZE); + if (!mem_wall_clock) return; + + wall_clock = __va(mem_wall_clock); + memset(wall_clock, 0, wall_clock_size); + + mem = kvm_memblock_alloc(size, PAGE_SIZE); + if (!mem) { + kvm_memblock_free(mem_wall_clock, wall_clock_size); + wall_clock = NULL; + return; + } + hv_clock = __va(mem); memset(hv_clock, 0, size); if (kvm_register_clock("primary cpu clock")) { hv_clock = NULL; - memblock_free(mem, size); + kvm_memblock_free(mem, size); + kvm_memblock_free(mem_wall_clock, wall_clock_size); + wall_clock = NULL; return; } -- 2.9.4