kvm.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Nikunj A Dadhania <nikunj@amd.com>
To: <linux-kernel@vger.kernel.org>, <thomas.lendacky@amd.com>,
	<x86@kernel.org>, <kvm@vger.kernel.org>
Cc: <bp@alien8.de>, <mingo@redhat.com>, <tglx@linutronix.de>,
	<dave.hansen@linux.intel.com>, <dionnaglaze@google.com>,
	<pgonda@google.com>, <seanjc@google.com>, <pbonzini@redhat.com>,
	<nikunj@amd.com>
Subject: [PATCH v7 06/16] virt: sev-guest: Move SNP Guest command mutex
Date: Wed, 20 Dec 2023 20:43:48 +0530	[thread overview]
Message-ID: <20231220151358.2147066-7-nikunj@amd.com> (raw)
In-Reply-To: <20231220151358.2147066-1-nikunj@amd.com>

SNP command mutex is used to serialize the shared buffer access, command
handling and message sequence number races. Move the SNP guest command
mutex out of the sev guest driver and provide accessors to sev-guest
driver. Remove multiple lockdep check in sev-guest driver, next patch adds
a single lockdep check in snp_send_guest_request().

Signed-off-by: Nikunj A Dadhania <nikunj@amd.com>
---
 arch/x86/include/asm/sev-guest.h        |  3 +++
 arch/x86/kernel/sev.c                   | 21 +++++++++++++++++++++
 drivers/virt/coco/sev-guest/sev-guest.c | 23 +++++++----------------
 3 files changed, 31 insertions(+), 16 deletions(-)

diff --git a/arch/x86/include/asm/sev-guest.h b/arch/x86/include/asm/sev-guest.h
index 27cc15ad6131..2f3cceb88396 100644
--- a/arch/x86/include/asm/sev-guest.h
+++ b/arch/x86/include/asm/sev-guest.h
@@ -81,4 +81,7 @@ struct snp_guest_req {
 
 int snp_issue_guest_request(struct snp_guest_req *req, struct snp_req_data *input,
 			    struct snp_guest_request_ioctl *rio);
+void snp_guest_cmd_lock(void);
+void snp_guest_cmd_unlock(void);
+
 #endif /* __VIRT_SEVGUEST_H__ */
diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c
index 6aa0bdf8a7a0..191193924b22 100644
--- a/arch/x86/kernel/sev.c
+++ b/arch/x86/kernel/sev.c
@@ -941,6 +941,21 @@ static void snp_cleanup_vmsa(struct sev_es_save_area *vmsa)
 		free_page((unsigned long)vmsa);
 }
 
+/*  SNP Guest command mutex to serialize the shared buffer access and command handling. */
+static struct mutex snp_guest_cmd_mutex;
+
+void snp_guest_cmd_lock(void)
+{
+	mutex_lock(&snp_guest_cmd_mutex);
+}
+EXPORT_SYMBOL_GPL(snp_guest_cmd_lock);
+
+void snp_guest_cmd_unlock(void)
+{
+	mutex_unlock(&snp_guest_cmd_mutex);
+}
+EXPORT_SYMBOL_GPL(snp_guest_cmd_unlock);
+
 static int wakeup_cpu_via_vmgexit(u32 apic_id, unsigned long start_ip)
 {
 	struct sev_es_save_area *cur_vmsa, *vmsa;
@@ -2240,6 +2255,12 @@ static int __init snp_init_platform_device(void)
 		return -ENODEV;
 	}
 
+	/*
+	 * Initialize snp command mutex that is used to serialize the shared
+	 * buffer access and use of the vmpck and message sequence number
+	 */
+	mutex_init(&snp_guest_cmd_mutex);
+
 	data.secrets_gpa = secrets_pa;
 	if (platform_device_add_data(&sev_guest_device, &data, sizeof(data)))
 		return -ENODEV;
diff --git a/drivers/virt/coco/sev-guest/sev-guest.c b/drivers/virt/coco/sev-guest/sev-guest.c
index 9c0ff69a16da..bd30a9ff82c1 100644
--- a/drivers/virt/coco/sev-guest/sev-guest.c
+++ b/drivers/virt/coco/sev-guest/sev-guest.c
@@ -63,9 +63,6 @@ static u32 vmpck_id;
 module_param(vmpck_id, uint, 0444);
 MODULE_PARM_DESC(vmpck_id, "The VMPCK ID to use when communicating with the PSP.");
 
-/* Mutex to serialize the shared buffer access and command handling. */
-static DEFINE_MUTEX(snp_cmd_mutex);
-
 static inline u8 *snp_get_vmpck(struct snp_guest_dev *snp_dev)
 {
 	return snp_dev->layout->vmpck0 + snp_dev->vmpck_id * VMPCK_KEY_LEN;
@@ -115,8 +112,6 @@ static inline u64 __snp_get_msg_seqno(struct snp_guest_dev *snp_dev)
 	u32 *os_area_msg_seqno = snp_get_os_area_msg_seqno(snp_dev);
 	u64 count;
 
-	lockdep_assert_held(&snp_cmd_mutex);
-
 	/* Read the current message sequence counter from secrets pages */
 	count = *os_area_msg_seqno;
 
@@ -409,8 +404,6 @@ static int get_report(struct snp_guest_dev *snp_dev, struct snp_guest_request_io
 	struct snp_report_resp *resp;
 	int rc, resp_len;
 
-	lockdep_assert_held(&snp_cmd_mutex);
-
 	if (!arg->req_data || !arg->resp_data)
 		return -EINVAL;
 
@@ -457,8 +450,6 @@ static int get_derived_key(struct snp_guest_dev *snp_dev, struct snp_guest_reque
 	/* Response data is 64 bytes and max authsize for GCM is 16 bytes. */
 	u8 buf[64 + 16];
 
-	lockdep_assert_held(&snp_cmd_mutex);
-
 	if (!arg->req_data || !arg->resp_data)
 		return -EINVAL;
 
@@ -507,8 +498,6 @@ static int get_ext_report(struct snp_guest_dev *snp_dev, struct snp_guest_reques
 	sockptr_t certs_address;
 	int ret, resp_len;
 
-	lockdep_assert_held(&snp_cmd_mutex);
-
 	if (sockptr_is_null(io->req_data) || sockptr_is_null(io->resp_data))
 		return -EINVAL;
 
@@ -604,12 +593,12 @@ static long snp_guest_ioctl(struct file *file, unsigned int ioctl, unsigned long
 	if (!input.msg_version)
 		return -EINVAL;
 
-	mutex_lock(&snp_cmd_mutex);
+	snp_guest_cmd_lock();
 
 	/* Check if the VMPCK is not empty */
 	if (snp_is_vmpck_empty(snp_dev)) {
 		dev_err_ratelimited(snp_dev->dev, "VMPCK is disabled\n");
-		mutex_unlock(&snp_cmd_mutex);
+		snp_guest_cmd_unlock();
 		return -ENOTTY;
 	}
 
@@ -634,7 +623,7 @@ static long snp_guest_ioctl(struct file *file, unsigned int ioctl, unsigned long
 		break;
 	}
 
-	mutex_unlock(&snp_cmd_mutex);
+	snp_guest_cmd_unlock();
 
 	if (input.exitinfo2 && copy_to_user(argp, &input, sizeof(input)))
 		return -EFAULT;
@@ -724,14 +713,14 @@ static int sev_report_new(struct tsm_report *report, void *data)
 	if (!buf)
 		return -ENOMEM;
 
-	guard(mutex)(&snp_cmd_mutex);
-
 	/* Check if the VMPCK is not empty */
 	if (snp_is_vmpck_empty(snp_dev)) {
 		dev_err_ratelimited(snp_dev->dev, "VMPCK is disabled\n");
 		return -ENOTTY;
 	}
 
+	snp_guest_cmd_lock();
+
 	cert_table = buf + report_size;
 	struct snp_ext_report_req ext_req = {
 		.data = { .vmpl = desc->privlevel },
@@ -752,6 +741,8 @@ static int sev_report_new(struct tsm_report *report, void *data)
 	};
 
 	ret = get_ext_report(snp_dev, &input, &io);
+	snp_guest_cmd_unlock();
+
 	if (ret)
 		return ret;
 
-- 
2.34.1


  parent reply	other threads:[~2023-12-20 15:15 UTC|newest]

Thread overview: 38+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-12-20 15:13 [PATCH v7 00/16] Add Secure TSC support for SNP guests Nikunj A Dadhania
2023-12-20 15:13 ` [PATCH v7 01/16] virt: sev-guest: Use AES GCM crypto library Nikunj A Dadhania
2024-01-25 10:36   ` Borislav Petkov
2024-01-27  3:54     ` Nikunj A. Dadhania
2023-12-20 15:13 ` [PATCH v7 02/16] virt: sev-guest: Replace dev_dbg with pr_debug Nikunj A Dadhania
2023-12-20 15:13 ` [PATCH v7 03/16] virt: sev-guest: Add SNP guest request structure Nikunj A Dadhania
2024-01-25 11:59   ` Borislav Petkov
2024-01-27  4:01     ` Nikunj A. Dadhania
2024-01-31 13:58     ` Nikunj A. Dadhania
2024-02-01 10:29       ` Borislav Petkov
2024-02-01 11:10         ` Nikunj A. Dadhania
2024-02-01 14:07           ` Borislav Petkov
2024-02-02  3:50             ` Nikunj A. Dadhania
2024-02-02 16:14               ` Borislav Petkov
2024-02-05  9:23                 ` Nikunj A. Dadhania
2024-02-06 10:04                   ` Borislav Petkov
2024-01-26 21:16   ` Tom Lendacky
2024-01-27  4:05     ` Nikunj A. Dadhania
2023-12-20 15:13 ` [PATCH v7 04/16] virt: sev-guest: Add vmpck_id to snp_guest_dev struct Nikunj A Dadhania
2023-12-20 15:13 ` [PATCH v7 05/16] x86/sev: Cache the secrets page address Nikunj A Dadhania
2023-12-20 15:13 ` Nikunj A Dadhania [this message]
2024-01-26 22:11   ` [PATCH v7 06/16] virt: sev-guest: Move SNP Guest command mutex Tom Lendacky
2024-01-27  4:06     ` Nikunj A. Dadhania
2023-12-20 15:13 ` [PATCH v7 07/16] x86/sev: Move and reorganize sev guest request api Nikunj A Dadhania
2023-12-20 15:13 ` [PATCH v7 08/16] x86/mm: Add generic guest initialization hook Nikunj A Dadhania
2023-12-20 15:13 ` [PATCH v7 09/16] x86/cpufeatures: Add synthetic Secure TSC bit Nikunj A Dadhania
2023-12-20 15:13 ` [PATCH v7 10/16] x86/sev: Add Secure TSC support for SNP guests Nikunj A Dadhania
2024-02-01 15:46   ` Paolo Bonzini
2024-02-01 15:48     ` Paolo Bonzini
2023-12-20 15:13 ` [PATCH v7 11/16] x86/sev: Change TSC MSR behavior for Secure TSC enabled guests Nikunj A Dadhania
2023-12-20 15:13 ` [PATCH v7 12/16] x86/sev: Prevent RDTSC/RDTSCP interception " Nikunj A Dadhania
2023-12-20 15:13 ` [PATCH v7 13/16] x86/kvmclock: Skip kvmclock when Secure TSC is available Nikunj A Dadhania
2023-12-20 15:13 ` [PATCH v7 14/16] x86/sev: Mark Secure TSC as reliable Nikunj A Dadhania
2023-12-20 15:13 ` [PATCH v7 15/16] x86/cpu/amd: Do not print FW_BUG for Secure TSC Nikunj A Dadhania
2023-12-20 15:13 ` [PATCH v7 16/16] x86/sev: Enable Secure TSC for SNP guests Nikunj A Dadhania
2024-01-25  6:08 ` [PATCH v7 00/16] Add Secure TSC support " Nikunj A. Dadhania
2024-01-26  1:00   ` Dionna Amalie Glaze
2024-01-27  4:10     ` Nikunj A. Dadhania

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20231220151358.2147066-7-nikunj@amd.com \
    --to=nikunj@amd.com \
    --cc=bp@alien8.de \
    --cc=dave.hansen@linux.intel.com \
    --cc=dionnaglaze@google.com \
    --cc=kvm@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mingo@redhat.com \
    --cc=pbonzini@redhat.com \
    --cc=pgonda@google.com \
    --cc=seanjc@google.com \
    --cc=tglx@linutronix.de \
    --cc=thomas.lendacky@amd.com \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).