From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 351EBC4345F for ; Sun, 21 Apr 2024 18:07:26 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id C25066B00A6; Sun, 21 Apr 2024 14:07:25 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id BD5B96B00A7; Sun, 21 Apr 2024 14:07:25 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id A28FC6B00A8; Sun, 21 Apr 2024 14:07:25 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 847686B00A6 for ; Sun, 21 Apr 2024 14:07:25 -0400 (EDT) Received: from smtpin15.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id 4F7B7A01E4 for ; Sun, 21 Apr 2024 18:07:25 +0000 (UTC) X-FDA: 82034321250.15.6B8AE6B Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2082.outbound.protection.outlook.com [40.107.92.82]) by imf04.hostedemail.com (Postfix) with ESMTP id 6A58740002 for ; Sun, 21 Apr 2024 18:07:22 +0000 (UTC) Authentication-Results: imf04.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=uflDKhja; spf=pass (imf04.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.92.82 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1713722842; a=rsa-sha256; cv=pass; b=ELg0s0SUYhbWP3AQvySY8mtLLrljhKxhe15VPxXCmEKUaG+lYzxpDZq76C3k5F3tGjKkmq T9FmWUPxOzU2ioH5pkrWXUfZXJb6mqmEACbRFtZknIxDP0NkmA9sJJzSUIVu7xfuoB+iwf fPTwHzs7Qcjqd8IOPSzbZvc07O7n4Y0= ARC-Authentication-Results: i=2; imf04.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=uflDKhja; spf=pass (imf04.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.92.82 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713722842; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=Bus4TEffan/BVjoh4Oajo39KRfhFAGiDquSIGK1ZPI0=; b=GDBZ7l1S7P/9CbWGll3s90az+AF8koUf400kVrkB7rpBYoD4GhC94jmRkdq6xZmVRvHVe+ vEeYnvWkBk4aLoKzEPHlhm4W0HfInfPxsLGTcA/cEHLzIKH+HCiiOUVG38RvhCpSAqZ45A HRp0VTOFl684B/mEdvhSOItFRKLiZ7s= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=O2DiXqKwXp5SHUvmgO4g7QDjkDxn2tacapMU7zlvDaar1+eqkIonR+WlgGsHB5xDq1yCFwSEG3zNVCvyS9xxYAUOHVCSnW18Xjbme1fxJC+rTJVNsODQHifPaD1UiMiaGdB5r7JIPuhU3FSMnFoQwalQp8VTmEKbLTQB+yOfUYY9lvjsb0FfZgbMn5ya36J0DIEJked1JNJCmb/qKMzNZRIA4ai1Sn8HPOCBQwuBUcauZClQgIY7cwveEh7iQAOCGdDtTQ05Alm6U1xKraps3jhk1zqoUp2TXFGs90yM3w5pjmDehSnMXiC4S1FRViXvqdqD7d8NQcDzD2sYMC3/xw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Bus4TEffan/BVjoh4Oajo39KRfhFAGiDquSIGK1ZPI0=; b=XXPD0qrvpI11XFwFWc59TiJe/4R0PmwhTuoz36d054dKVE+Z+Xt39QXmEdX9KSIsuw7AjMBLIFDe3xrbmGdisi0KdfbHP45ahd7w90OfXXtGbW5MSdtS25u8GaJfHIc1wHLx/9G4QQz8qEk+KLLkD+P6OUAEFdcPjZZpYS3EgeABEiqlU+WN3r+2F/9rQnbsWpoVzXq5G9/2IVL2a0xyrviRPxSdEz1YqQ3Aojan63s9Il3Sns/wuBk5WPSw0iw9E+XRADLHiOes3e+SQ7/XlyD20KSIPb8FPqBfvPDF01QyjrqsFwXt7XoaFb2l+2s36vAHLSO+cKYJ0clHXrM10w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Bus4TEffan/BVjoh4Oajo39KRfhFAGiDquSIGK1ZPI0=; b=uflDKhjae0QSo5LCT472jzygfyQB6L0mZqAkIYv1AhsU6GuD1vO4PjaAJuHmTn+z3KyeCT2u1MPia/j7oRtKGNDn3ZtqKOBuGousE76jJC+jaJUTZda3FYI2wNB26TOwWEutXMvXf3tGBgyn/sjyZJDJNDZjdmqUXT0yRa7R/NQ= Received: from BL1PR13CA0112.namprd13.prod.outlook.com (2603:10b6:208:2b9::27) by DM6PR12MB4171.namprd12.prod.outlook.com (2603:10b6:5:21f::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Sun, 21 Apr 2024 18:07:16 +0000 Received: from MN1PEPF0000ECDB.namprd02.prod.outlook.com (2603:10b6:208:2b9:cafe::a7) by BL1PR13CA0112.outlook.office365.com (2603:10b6:208:2b9::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7519.20 via Frontend Transport; Sun, 21 Apr 2024 18:07:16 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000ECDB.mail.protection.outlook.com (10.167.242.139) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7519.19 via Frontend Transport; Sun, 21 Apr 2024 18:07:16 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Sun, 21 Apr 2024 13:07:16 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh , Alexey Kardashevskiy Subject: [PATCH v14 19/22] KVM: SEV: Provide support for SNP_GUEST_REQUEST NAE event Date: Sun, 21 Apr 2024 13:01:19 -0500 Message-ID: <20240421180122.1650812-20-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240421180122.1650812-1-michael.roth@amd.com> References: <20240421180122.1650812-1-michael.roth@amd.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000ECDB:EE_|DM6PR12MB4171:EE_ X-MS-Office365-Filtering-Correlation-Id: 9d79f16c-498d-4a62-79a9-08dc622de0f1 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?eCAG4AUg6Q6qW+/fzfhYTs3Ve+OfZUYy7xyWWHPiVB950i2vJOYwMnHL1KF8?= =?us-ascii?Q?7dx3qQMZTMmHQ9TStuZ+dgglm/MPAqXrG7mZfcn6JmHDblGy1Ew+M4ZA/9h/?= =?us-ascii?Q?aoz7a8TBxYE+svARcIHxU9gYbn7kj4tEXl8VF80UE7qX4+v3Fq+1/+AzgPxo?= =?us-ascii?Q?w4kn+vfvWgSotNbTVieFlFCWb79xn8BPCwQ0wefIdOOJJGAvNoIiPlFzFyZp?= =?us-ascii?Q?uHr/ZCo+wVe5bbFRMUVvr1B4utMxgtRqzlZkbmFLo/a4MhS1t51TQ/SHFaDe?= =?us-ascii?Q?gTbvzrBcrRnR8IxKoZhhIdVzXYtVfqRVKvPfXsRi+7BzYXcSnzS7WeRQV+vI?= =?us-ascii?Q?nf+xX1R5ek2Dmpjrh3GCrFBv1fXW+Qebk9TwiYVtanqGjxClm667YEdqpEd3?= =?us-ascii?Q?Py+yrWYdXe2WKQFJ7fdmkFyc6sLpevMCg1HdrS/E6+EFtDHzTvgWmqShsI5q?= =?us-ascii?Q?j75pOmlOY7F+tMUy9/Z4hvJRBhmwYGwzjNIJJn3mhDIJZiM5FxwY/T36x0LO?= =?us-ascii?Q?fIxPN91BEau7OAobro/jOSTioQtDABWDCWIX5cruzDTkvDDq/DManVh5y04N?= =?us-ascii?Q?ZFNEPpa3CV6v87JFLcmLaXnDLzO898sdncM/EylI3qmZlEyPN6p0uZzz0Yfn?= =?us-ascii?Q?8x6cf6qARLqHlDMoDZrCpjB6dK6zDvQz83XZEMKoJYCr5AcNaW4fdQxi/MaF?= =?us-ascii?Q?PMRSlWag6URx2oSzf36YTtHO7smMb2GzoNwjDuWX2N1ZLcypKzDe2Ir5pvSZ?= =?us-ascii?Q?Z85qxDTAiYkwbOanw6zAB6H9Mnu+UhIndb12ouVgbmS392OBLVw4GxLHXlXl?= =?us-ascii?Q?EBYt5y2pXAS33CH78aRJx6i6DurKnmeAecxFG6kNyEKFuG2SrF7+jP+R0yG1?= =?us-ascii?Q?o4t87PiBp/OhVPbCXOlvzOzGfuZEI1L/bCsjeiZVeRRZ4TAnAmRCpHBXb5q2?= =?us-ascii?Q?ZrGxmD4MgMNR7FUgGhvKdNoxSSEskdbOyH4LoMHcPZRUYsn6QLKqU+k4xAeT?= =?us-ascii?Q?qoVJXzR4lGIP91kRPtQQwwwnNo4yiUZWIKSxhpdiMq+T/nEGNxS63xoXgoBo?= =?us-ascii?Q?Sx5CL4sC8DFcULo7LRLASy7yzetSWvqSPEhFZ+Sb9thQtmtzllCOk2kuxtem?= =?us-ascii?Q?r+3DEoYXpCEUrYwob2CfmRdWlb+RV3bCzI0/hJwtIufNSTnnuZmwOpdrlUoy?= =?us-ascii?Q?X9UzG1h3VExG8M2kL65sHcjKAbRLrTn8CAcxlnGD5bBRUq+6d5XndGmkJ6AP?= =?us-ascii?Q?narOfu7o+K0C8ktJWuhsNz2CstHWNrBSYhRp4zzksioUhYmSCIdL4lRqnXnm?= =?us-ascii?Q?uZUDbFANtv2NhVMT8sj4etihekThoWdkOijTqa+aQ3zF/xpOLUqf3bqXzVqX?= =?us-ascii?Q?TAutWBQj8uxfKCRC8yydl7nHA77I?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(1800799015)(82310400014)(7416005)(376005)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Apr 2024 18:07:16.6114 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 9d79f16c-498d-4a62-79a9-08dc622de0f1 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000ECDB.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB4171 X-Rspamd-Server: rspam03 X-Rspamd-Queue-Id: 6A58740002 X-Stat-Signature: auh69ftsyxu59qjy6eunmruu6nban9o8 X-Rspam-User: X-HE-Tag: 1713722842-780707 X-HE-Meta: U2FsdGVkX18t2vRi+phghlJju05NNaVSGhnaOWISe+N7ooqOBNNkF2YBjRlxwXzqGCPU+uc+csebgdfddGwmUy+4dLxDQcchUrVhg3IUsgoOaMcsVEyM6ht0iPZ3atylmDNLoCVHplWESw/SyNvLrZm/KlqEaPf4Nw0cu9mMr/GjY9hSNMAy2ISIrN6SOqeC+Qa79F6dzjq0bnAQ4nEOSppmdITqW05poxh4gI2v19fb2RnLDTtM4U+EbsAs7EMXZhcBOxKGruH8Mw7GKUa0yuAdYoUWpy8WCFgvDTfqdcmRy5TaxblJn7aqGfq2FShOp4BUiFOBE1XadKD3aYABtpY/7QK51rQvlWyosRAt0W+E7SQDlkAGE3PeUC1cSJuC2oxj5ZBK8xqz29qGVJbmJW6VXS9z0Q7vQes99KvekMLsTIBAf0CkS6xxd+yB9UmqHM/xcbammkareadWnrr+XcUIKBC+udN0u4x+7RmGMnmjkr5ZsHlM5Cq13MNdxZM0r35Q1C8gB8q9SSo+/DTB6xt8I+Y1l2RnB4NcsfsY/qm2V5WMUUvGNaMn1dOMwgiq64rXycns17f0u/tHzejomj7tNwiEP4g+eHq7f6OOP8Ax4XOSqGrAVKE/V+L4H0DyLIvumoutdHeraxKiSHjw4jAbxGHzYGLKBBhuLgRxGpJDbx7wSG2UeMzDueJL1HVqm4GDf5mnBbag6VXX3UL9d/YlKpW2UNa3lqD6roY2HK9Dv84q3e+/KYrGjVQawC+c5qyO8q5c5iTgWOnN10GGHcEGS+9C+GFc4zu1sFgu1EO0xplPZcCFNNSypuovkYLrnUNGtdDAjDbxIQWrdlnLhEZsX6faIgfdfYGT29GwW4h+biYPt/q6dXPQpwdSu1trW/ByvVueWyk9x0uyf8ZNLFCGqnh4CDM96k3FFJI3Bz68h1yce8TYRKanU3lk1KkAtpkmOD42aXVhJs11bjQ GgoHaS6e YxPBeaj6eCWs/Vf3VqQduvp1D4Hmp0adbxWVUcfYSABz6xPuA70rbvZd7el39BbOLOz4oqXyvyiBUQ/n0wo4YA2alupDnoqWVduhIiVh41dMCpNFH49v5FmVX/eYIQ0FqDiQ4A3KeAjuMpvqEC//KyvTdGQyF1Yt0mKqdbzAq9irXbuLC8AjXihgH+Dih7KQDXM2oMuBFNRA9rTSX8ty9GAIbDEXiKRzM4+vcW9dVFgA1iWTacswSHzsIB8d+XAnSS/24UkKF47KnMjVVtCzOVSaQNdL43C0uGZ4yMeMhy997POtGlmVyNlXrrJXQ7WgC6eW0u6MbvPfNup8Vl6BsH0bUCBo6mCvr9WyBxi1b+H6IkTavh46M1IPql5YG7lX41T9P X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Brijesh Singh Version 2 of GHCB specification added support for the SNP Guest Request Message NAE event. The event allows for an SEV-SNP guest to make requests to the SEV-SNP firmware through hypervisor using the SNP_GUEST_REQUEST API defined in the SEV-SNP firmware specification. This is used by guests primarily to request attestation reports from firmware. There are other request types are available as well, but the specifics of what guest requests are being made are opaque to the hypervisor, which only serves as a proxy for the guest requests and firmware responses. Implement handling for these events. Signed-off-by: Brijesh Singh Co-developed-by: Alexey Kardashevskiy Signed-off-by: Alexey Kardashevskiy Co-developed-by: Ashish Kalra Signed-off-by: Ashish Kalra Reviewed-by: Tom Lendacky [mdr: ensure FW command failures are indicated to guest, drop extended request handling to be re-written as separate patch, massage commit] Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 83 ++++++++++++++++++++++++++++++++++ include/uapi/linux/sev-guest.h | 9 ++++ 2 files changed, 92 insertions(+) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index c354aca721e5..68db390b19d0 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -19,6 +19,7 @@ #include #include #include +#include #include #include @@ -3290,6 +3291,7 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) case SVM_VMGEXIT_HV_FEATURES: case SVM_VMGEXIT_PSC: case SVM_VMGEXIT_TERM_REQUEST: + case SVM_VMGEXIT_GUEST_REQUEST: break; default: reason = GHCB_ERR_INVALID_EVENT; @@ -3733,6 +3735,83 @@ static int sev_snp_ap_creation(struct vcpu_svm *svm) return ret; } +static bool snp_setup_guest_buf(struct kvm *kvm, struct sev_data_snp_guest_request *data, + gpa_t req_gpa, gpa_t resp_gpa) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + kvm_pfn_t req_pfn, resp_pfn; + + if (!PAGE_ALIGNED(req_gpa) || !PAGE_ALIGNED(resp_gpa)) + return false; + + req_pfn = gfn_to_pfn(kvm, gpa_to_gfn(req_gpa)); + if (is_error_noslot_pfn(req_pfn)) + return false; + + resp_pfn = gfn_to_pfn(kvm, gpa_to_gfn(resp_gpa)); + if (is_error_noslot_pfn(resp_pfn)) + return false; + + if (rmp_make_private(resp_pfn, 0, PG_LEVEL_4K, 0, true)) + return false; + + data->gctx_paddr = __psp_pa(sev->snp_context); + data->req_paddr = __sme_set(req_pfn << PAGE_SHIFT); + data->res_paddr = __sme_set(resp_pfn << PAGE_SHIFT); + + return true; +} + +static bool snp_cleanup_guest_buf(struct sev_data_snp_guest_request *data) +{ + u64 pfn = __sme_clr(data->res_paddr) >> PAGE_SHIFT; + + if (snp_page_reclaim(pfn)) + return false; + + if (rmp_make_shared(pfn, PG_LEVEL_4K)) + return false; + + return true; +} + +static bool __snp_handle_guest_req(struct kvm *kvm, gpa_t req_gpa, gpa_t resp_gpa, + sev_ret_code *fw_err) +{ + struct sev_data_snp_guest_request data = {0}; + struct kvm_sev_info *sev; + bool ret = true; + + if (!sev_snp_guest(kvm)) + return false; + + sev = &to_kvm_svm(kvm)->sev_info; + + if (!snp_setup_guest_buf(kvm, &data, req_gpa, resp_gpa)) + return false; + + if (sev_issue_cmd(kvm, SEV_CMD_SNP_GUEST_REQUEST, &data, fw_err)) + ret = false; + + if (!snp_cleanup_guest_buf(&data)) + ret = false; + + return ret; +} + +static void snp_handle_guest_req(struct vcpu_svm *svm, gpa_t req_gpa, gpa_t resp_gpa) +{ + struct kvm_vcpu *vcpu = &svm->vcpu; + struct kvm *kvm = vcpu->kvm; + sev_ret_code fw_err = 0; + int vmm_ret = 0; + + if (!__snp_handle_guest_req(kvm, req_gpa, resp_gpa, &fw_err)) + vmm_ret = SNP_GUEST_VMM_ERR_GENERIC; + + ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, SNP_GUEST_ERR(vmm_ret, fw_err)); +} + static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) { struct vmcb_control_area *control = &svm->vmcb->control; @@ -3993,6 +4072,10 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) vcpu->run->system_event.ndata = 1; vcpu->run->system_event.data[0] = control->ghcb_gpa; break; + case SVM_VMGEXIT_GUEST_REQUEST: + snp_handle_guest_req(svm, control->exit_info_1, control->exit_info_2); + ret = 1; + break; case SVM_VMGEXIT_UNSUPPORTED_EVENT: vcpu_unimpl(vcpu, "vmgexit: unsupported event - exit_info_1=%#llx, exit_info_2=%#llx\n", diff --git a/include/uapi/linux/sev-guest.h b/include/uapi/linux/sev-guest.h index 154a87a1eca9..7bd78e258569 100644 --- a/include/uapi/linux/sev-guest.h +++ b/include/uapi/linux/sev-guest.h @@ -89,8 +89,17 @@ struct snp_ext_report_req { #define SNP_GUEST_FW_ERR_MASK GENMASK_ULL(31, 0) #define SNP_GUEST_VMM_ERR_SHIFT 32 #define SNP_GUEST_VMM_ERR(x) (((u64)x) << SNP_GUEST_VMM_ERR_SHIFT) +#define SNP_GUEST_FW_ERR(x) ((x) & SNP_GUEST_FW_ERR_MASK) +#define SNP_GUEST_ERR(vmm_err, fw_err) (SNP_GUEST_VMM_ERR(vmm_err) | \ + SNP_GUEST_FW_ERR(fw_err)) +/* + * The GHCB spec only formally defines INVALID_LEN/BUSY VMM errors, but define + * a GENERIC error code such that it won't ever conflict with GHCB-defined + * errors if any get added in the future. + */ #define SNP_GUEST_VMM_ERR_INVALID_LEN 1 #define SNP_GUEST_VMM_ERR_BUSY 2 +#define SNP_GUEST_VMM_ERR_GENERIC BIT(31) #endif /* __UAPI_LINUX_SEV_GUEST_H_ */ -- 2.25.1