* [PATCH v2 0/2] SEV-*: Cleanups
@ 2023-03-28 20:17 Borislav Petkov
2023-03-28 20:17 ` [PATCH v2 1/2] x86/coco: Mark cc_platform_has() and descendants noinstr Borislav Petkov
` (2 more replies)
0 siblings, 3 replies; 6+ messages in thread
From: Borislav Petkov @ 2023-03-28 20:17 UTC (permalink / raw)
To: Joerg Roedel, Tom Lendacky; +Cc: X86 ML, LKML
From: "Borislav Petkov (AMD)" <bp@alien8.de>
Hi,
here's v2.
tglx says it is better for cc_platform_has() and descendants to be
noinstr vs inlining it as the whole code is a bit bigger for that.
I've queued the export of cc_vendor already so that the parallel CPU
bringup stuff can use it:
https://git.kernel.org/tip/5ae57743f578725a5dadb6f31d7798ee55e6e967
Thx.
Borislav Petkov (AMD) (2):
x86/coco: Mark cc_platform_has() and descendants noinstr
x86/sev: Get rid of special sev_es_enable_key
arch/x86/coco/core.c | 8 ++++----
arch/x86/include/asm/sev.h | 11 +++++++----
arch/x86/kernel/sev.c | 5 -----
3 files changed, 11 insertions(+), 13 deletions(-)
--
2.35.1
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH v2 1/2] x86/coco: Mark cc_platform_has() and descendants noinstr
2023-03-28 20:17 [PATCH v2 0/2] SEV-*: Cleanups Borislav Petkov
@ 2023-03-28 20:17 ` Borislav Petkov
2023-05-09 10:58 ` [tip: x86/sev] " tip-bot2 for Borislav Petkov (AMD)
2023-03-28 20:17 ` [PATCH v2 2/2] x86/sev: Get rid of special sev_es_enable_key Borislav Petkov
2023-04-04 20:20 ` [PATCH v2 0/2] SEV-*: Cleanups Tom Lendacky
2 siblings, 1 reply; 6+ messages in thread
From: Borislav Petkov @ 2023-03-28 20:17 UTC (permalink / raw)
To: Joerg Roedel, Tom Lendacky; +Cc: X86 ML, LKML
From: "Borislav Petkov (AMD)" <bp@alien8.de>
Those will be used in code regions where instrumentation is not allowed
so mark them as such.
No functional changes.
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
---
arch/x86/coco/core.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/arch/x86/coco/core.c b/arch/x86/coco/core.c
index 73f83233d25d..df10e75be085 100644
--- a/arch/x86/coco/core.c
+++ b/arch/x86/coco/core.c
@@ -16,7 +16,7 @@
enum cc_vendor cc_vendor __ro_after_init;
static u64 cc_mask __ro_after_init;
-static bool intel_cc_platform_has(enum cc_attr attr)
+static bool noinstr intel_cc_platform_has(enum cc_attr attr)
{
switch (attr) {
case CC_ATTR_GUEST_UNROLL_STRING_IO:
@@ -34,7 +34,7 @@ static bool intel_cc_platform_has(enum cc_attr attr)
* the other levels of SME/SEV functionality, including C-bit
* based SEV-SNP, are not enabled.
*/
-static __maybe_unused bool amd_cc_platform_vtom(enum cc_attr attr)
+static __maybe_unused __always_inline bool amd_cc_platform_vtom(enum cc_attr attr)
{
switch (attr) {
case CC_ATTR_GUEST_MEM_ENCRYPT:
@@ -58,7 +58,7 @@ static __maybe_unused bool amd_cc_platform_vtom(enum cc_attr attr)
* the trampoline area must be encrypted.
*/
-static bool amd_cc_platform_has(enum cc_attr attr)
+static bool noinstr amd_cc_platform_has(enum cc_attr attr)
{
#ifdef CONFIG_AMD_MEM_ENCRYPT
@@ -97,7 +97,7 @@ static bool amd_cc_platform_has(enum cc_attr attr)
#endif
}
-bool cc_platform_has(enum cc_attr attr)
+bool noinstr cc_platform_has(enum cc_attr attr)
{
switch (cc_vendor) {
case CC_VENDOR_AMD:
--
2.35.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH v2 2/2] x86/sev: Get rid of special sev_es_enable_key
2023-03-28 20:17 [PATCH v2 0/2] SEV-*: Cleanups Borislav Petkov
2023-03-28 20:17 ` [PATCH v2 1/2] x86/coco: Mark cc_platform_has() and descendants noinstr Borislav Petkov
@ 2023-03-28 20:17 ` Borislav Petkov
2023-05-09 10:58 ` [tip: x86/sev] " tip-bot2 for Borislav Petkov (AMD)
2023-04-04 20:20 ` [PATCH v2 0/2] SEV-*: Cleanups Tom Lendacky
2 siblings, 1 reply; 6+ messages in thread
From: Borislav Petkov @ 2023-03-28 20:17 UTC (permalink / raw)
To: Joerg Roedel, Tom Lendacky; +Cc: X86 ML, LKML
From: "Borislav Petkov (AMD)" <bp@alien8.de>
A SEV-ES guest is active on AMD when CC_ATTR_GUEST_STATE_ENCRYPT is set.
I.e., MSR_AMD64_SEV, bit 1, SEV_ES_Enabled. So no need for a special
static key.
No functional changes.
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
---
arch/x86/include/asm/sev.h | 11 +++++++----
arch/x86/kernel/sev.c | 5 -----
2 files changed, 7 insertions(+), 9 deletions(-)
diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h
index 13dc2a9d23c1..f14060cbead2 100644
--- a/arch/x86/include/asm/sev.h
+++ b/arch/x86/include/asm/sev.h
@@ -14,6 +14,7 @@
#include <asm/insn.h>
#include <asm/sev-common.h>
#include <asm/bootparam.h>
+#include <asm/coco.h>
#define GHCB_PROTOCOL_MIN 1ULL
#define GHCB_PROTOCOL_MAX 2ULL
@@ -136,24 +137,26 @@ struct snp_secrets_page_layout {
} __packed;
#ifdef CONFIG_AMD_MEM_ENCRYPT
-extern struct static_key_false sev_es_enable_key;
extern void __sev_es_ist_enter(struct pt_regs *regs);
extern void __sev_es_ist_exit(void);
static __always_inline void sev_es_ist_enter(struct pt_regs *regs)
{
- if (static_branch_unlikely(&sev_es_enable_key))
+ if (cc_vendor == CC_VENDOR_AMD &&
+ cc_platform_has(CC_ATTR_GUEST_STATE_ENCRYPT))
__sev_es_ist_enter(regs);
}
static __always_inline void sev_es_ist_exit(void)
{
- if (static_branch_unlikely(&sev_es_enable_key))
+ if (cc_vendor == CC_VENDOR_AMD &&
+ cc_platform_has(CC_ATTR_GUEST_STATE_ENCRYPT))
__sev_es_ist_exit();
}
extern int sev_es_setup_ap_jump_table(struct real_mode_header *rmh);
extern void __sev_es_nmi_complete(void);
static __always_inline void sev_es_nmi_complete(void)
{
- if (static_branch_unlikely(&sev_es_enable_key))
+ if (cc_vendor == CC_VENDOR_AMD &&
+ cc_platform_has(CC_ATTR_GUEST_STATE_ENCRYPT))
__sev_es_nmi_complete();
}
extern int __init sev_es_efi_map_ghcbs(pgd_t *pgd);
diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c
index b031244d6d2d..0ec0d963b8b7 100644
--- a/arch/x86/kernel/sev.c
+++ b/arch/x86/kernel/sev.c
@@ -113,8 +113,6 @@ struct ghcb_state {
};
static DEFINE_PER_CPU(struct sev_es_runtime_data*, runtime_data);
-DEFINE_STATIC_KEY_FALSE(sev_es_enable_key);
-
static DEFINE_PER_CPU(struct sev_es_save_area *, sev_vmsa);
struct sev_config {
@@ -1395,9 +1393,6 @@ void __init sev_es_init_vc_handling(void)
sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SNP_UNSUPPORTED);
}
- /* Enable SEV-ES special handling */
- static_branch_enable(&sev_es_enable_key);
-
/* Initialize per-cpu GHCB pages */
for_each_possible_cpu(cpu) {
alloc_runtime_data(cpu);
--
2.35.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH v2 0/2] SEV-*: Cleanups
2023-03-28 20:17 [PATCH v2 0/2] SEV-*: Cleanups Borislav Petkov
2023-03-28 20:17 ` [PATCH v2 1/2] x86/coco: Mark cc_platform_has() and descendants noinstr Borislav Petkov
2023-03-28 20:17 ` [PATCH v2 2/2] x86/sev: Get rid of special sev_es_enable_key Borislav Petkov
@ 2023-04-04 20:20 ` Tom Lendacky
2 siblings, 0 replies; 6+ messages in thread
From: Tom Lendacky @ 2023-04-04 20:20 UTC (permalink / raw)
To: Borislav Petkov, Joerg Roedel; +Cc: X86 ML, LKML
On 3/28/23 15:17, Borislav Petkov wrote:
> From: "Borislav Petkov (AMD)" <bp@alien8.de>
>
> Hi,
>
> here's v2.
>
> tglx says it is better for cc_platform_has() and descendants to be
> noinstr vs inlining it as the whole code is a bit bigger for that.
>
> I've queued the export of cc_vendor already so that the parallel CPU
> bringup stuff can use it:
>
> https://git.kernel.org/tip/5ae57743f578725a5dadb6f31d7798ee55e6e967
>
> Thx.
For the series:
Acked-by: Tom Lendacky <thomas.lendacky@amd.com>
>
> Borislav Petkov (AMD) (2):
> x86/coco: Mark cc_platform_has() and descendants noinstr
> x86/sev: Get rid of special sev_es_enable_key
>
> arch/x86/coco/core.c | 8 ++++----
> arch/x86/include/asm/sev.h | 11 +++++++----
> arch/x86/kernel/sev.c | 5 -----
> 3 files changed, 11 insertions(+), 13 deletions(-)
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* [tip: x86/sev] x86/coco: Mark cc_platform_has() and descendants noinstr
2023-03-28 20:17 ` [PATCH v2 1/2] x86/coco: Mark cc_platform_has() and descendants noinstr Borislav Petkov
@ 2023-05-09 10:58 ` tip-bot2 for Borislav Petkov (AMD)
0 siblings, 0 replies; 6+ messages in thread
From: tip-bot2 for Borislav Petkov (AMD) @ 2023-05-09 10:58 UTC (permalink / raw)
To: linux-tip-commits; +Cc: Borislav Petkov (AMD), Tom Lendacky, x86, linux-kernel
The following commit has been merged into the x86/sev branch of tip:
Commit-ID: 1eaf282e2c7d062a946980758df013f09f934a54
Gitweb: https://git.kernel.org/tip/1eaf282e2c7d062a946980758df013f09f934a54
Author: Borislav Petkov (AMD) <bp@alien8.de>
AuthorDate: Tue, 28 Mar 2023 22:17:11 +02:00
Committer: Borislav Petkov (AMD) <bp@alien8.de>
CommitterDate: Mon, 08 May 2023 11:39:35 +02:00
x86/coco: Mark cc_platform_has() and descendants noinstr
Those will be used in code regions where instrumentation is not allowed
so mark them as such.
No functional changes.
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Acked-by: Tom Lendacky <thomas.lendacky@amd.com>
Link: https://lore.kernel.org/r/20230328201712.25852-2-bp@alien8.de
---
arch/x86/coco/core.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/arch/x86/coco/core.c b/arch/x86/coco/core.c
index 73f8323..df10e75 100644
--- a/arch/x86/coco/core.c
+++ b/arch/x86/coco/core.c
@@ -16,7 +16,7 @@
enum cc_vendor cc_vendor __ro_after_init;
static u64 cc_mask __ro_after_init;
-static bool intel_cc_platform_has(enum cc_attr attr)
+static bool noinstr intel_cc_platform_has(enum cc_attr attr)
{
switch (attr) {
case CC_ATTR_GUEST_UNROLL_STRING_IO:
@@ -34,7 +34,7 @@ static bool intel_cc_platform_has(enum cc_attr attr)
* the other levels of SME/SEV functionality, including C-bit
* based SEV-SNP, are not enabled.
*/
-static __maybe_unused bool amd_cc_platform_vtom(enum cc_attr attr)
+static __maybe_unused __always_inline bool amd_cc_platform_vtom(enum cc_attr attr)
{
switch (attr) {
case CC_ATTR_GUEST_MEM_ENCRYPT:
@@ -58,7 +58,7 @@ static __maybe_unused bool amd_cc_platform_vtom(enum cc_attr attr)
* the trampoline area must be encrypted.
*/
-static bool amd_cc_platform_has(enum cc_attr attr)
+static bool noinstr amd_cc_platform_has(enum cc_attr attr)
{
#ifdef CONFIG_AMD_MEM_ENCRYPT
@@ -97,7 +97,7 @@ static bool amd_cc_platform_has(enum cc_attr attr)
#endif
}
-bool cc_platform_has(enum cc_attr attr)
+bool noinstr cc_platform_has(enum cc_attr attr)
{
switch (cc_vendor) {
case CC_VENDOR_AMD:
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [tip: x86/sev] x86/sev: Get rid of special sev_es_enable_key
2023-03-28 20:17 ` [PATCH v2 2/2] x86/sev: Get rid of special sev_es_enable_key Borislav Petkov
@ 2023-05-09 10:58 ` tip-bot2 for Borislav Petkov (AMD)
0 siblings, 0 replies; 6+ messages in thread
From: tip-bot2 for Borislav Petkov (AMD) @ 2023-05-09 10:58 UTC (permalink / raw)
To: linux-tip-commits; +Cc: Borislav Petkov (AMD), Tom Lendacky, x86, linux-kernel
The following commit has been merged into the x86/sev branch of tip:
Commit-ID: f710ac5442f630a7b8dc25e30e25d30a4a38e796
Gitweb: https://git.kernel.org/tip/f710ac5442f630a7b8dc25e30e25d30a4a38e796
Author: Borislav Petkov (AMD) <bp@alien8.de>
AuthorDate: Tue, 28 Mar 2023 22:17:12 +02:00
Committer: Borislav Petkov (AMD) <bp@alien8.de>
CommitterDate: Mon, 08 May 2023 11:49:29 +02:00
x86/sev: Get rid of special sev_es_enable_key
A SEV-ES guest is active on AMD when CC_ATTR_GUEST_STATE_ENCRYPT is set.
I.e., MSR_AMD64_SEV, bit 1, SEV_ES_Enabled. So no need for a special
static key.
No functional changes.
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Acked-by: Tom Lendacky <thomas.lendacky@amd.com>
Link: https://lore.kernel.org/r/20230328201712.25852-3-bp@alien8.de
---
arch/x86/include/asm/sev.h | 11 +++++++----
arch/x86/kernel/sev.c | 5 -----
2 files changed, 7 insertions(+), 9 deletions(-)
diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h
index 13dc2a9..f14060c 100644
--- a/arch/x86/include/asm/sev.h
+++ b/arch/x86/include/asm/sev.h
@@ -14,6 +14,7 @@
#include <asm/insn.h>
#include <asm/sev-common.h>
#include <asm/bootparam.h>
+#include <asm/coco.h>
#define GHCB_PROTOCOL_MIN 1ULL
#define GHCB_PROTOCOL_MAX 2ULL
@@ -136,24 +137,26 @@ struct snp_secrets_page_layout {
} __packed;
#ifdef CONFIG_AMD_MEM_ENCRYPT
-extern struct static_key_false sev_es_enable_key;
extern void __sev_es_ist_enter(struct pt_regs *regs);
extern void __sev_es_ist_exit(void);
static __always_inline void sev_es_ist_enter(struct pt_regs *regs)
{
- if (static_branch_unlikely(&sev_es_enable_key))
+ if (cc_vendor == CC_VENDOR_AMD &&
+ cc_platform_has(CC_ATTR_GUEST_STATE_ENCRYPT))
__sev_es_ist_enter(regs);
}
static __always_inline void sev_es_ist_exit(void)
{
- if (static_branch_unlikely(&sev_es_enable_key))
+ if (cc_vendor == CC_VENDOR_AMD &&
+ cc_platform_has(CC_ATTR_GUEST_STATE_ENCRYPT))
__sev_es_ist_exit();
}
extern int sev_es_setup_ap_jump_table(struct real_mode_header *rmh);
extern void __sev_es_nmi_complete(void);
static __always_inline void sev_es_nmi_complete(void)
{
- if (static_branch_unlikely(&sev_es_enable_key))
+ if (cc_vendor == CC_VENDOR_AMD &&
+ cc_platform_has(CC_ATTR_GUEST_STATE_ENCRYPT))
__sev_es_nmi_complete();
}
extern int __init sev_es_efi_map_ghcbs(pgd_t *pgd);
diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c
index b031244..0ec0d96 100644
--- a/arch/x86/kernel/sev.c
+++ b/arch/x86/kernel/sev.c
@@ -113,8 +113,6 @@ struct ghcb_state {
};
static DEFINE_PER_CPU(struct sev_es_runtime_data*, runtime_data);
-DEFINE_STATIC_KEY_FALSE(sev_es_enable_key);
-
static DEFINE_PER_CPU(struct sev_es_save_area *, sev_vmsa);
struct sev_config {
@@ -1395,9 +1393,6 @@ void __init sev_es_init_vc_handling(void)
sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SNP_UNSUPPORTED);
}
- /* Enable SEV-ES special handling */
- static_branch_enable(&sev_es_enable_key);
-
/* Initialize per-cpu GHCB pages */
for_each_possible_cpu(cpu) {
alloc_runtime_data(cpu);
^ permalink raw reply related [flat|nested] 6+ messages in thread
end of thread, other threads:[~2023-05-09 10:58 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-03-28 20:17 [PATCH v2 0/2] SEV-*: Cleanups Borislav Petkov
2023-03-28 20:17 ` [PATCH v2 1/2] x86/coco: Mark cc_platform_has() and descendants noinstr Borislav Petkov
2023-05-09 10:58 ` [tip: x86/sev] " tip-bot2 for Borislav Petkov (AMD)
2023-03-28 20:17 ` [PATCH v2 2/2] x86/sev: Get rid of special sev_es_enable_key Borislav Petkov
2023-05-09 10:58 ` [tip: x86/sev] " tip-bot2 for Borislav Petkov (AMD)
2023-04-04 20:20 ` [PATCH v2 0/2] SEV-*: Cleanups Tom Lendacky
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.