From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933773AbdKAWEL (ORCPT ); Wed, 1 Nov 2017 18:04:11 -0400 Received: from mail-bn3nam01on0043.outbound.protection.outlook.com ([104.47.33.43]:12256 "EHLO NAM01-BN3-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S933524AbdKAVRP (ORCPT ); Wed, 1 Nov 2017 17:17:15 -0400 Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; From: Brijesh Singh To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: bp@alien8.de, Brijesh Singh , Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Joerg Roedel , Borislav Petkov , Tom Lendacky , x86@kernel.org Subject: [Part2 PATCH v7 23/38] KVM: SVM: Reserve ASID range for SEV guest Date: Wed, 1 Nov 2017 16:16:08 -0500 Message-Id: <20171101211623.71496-24-brijesh.singh@amd.com> X-Mailer: git-send-email 2.9.5 In-Reply-To: <20171101211623.71496-1-brijesh.singh@amd.com> References: <20171101211623.71496-1-brijesh.singh@amd.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: DM5PR06CA0064.namprd06.prod.outlook.com (2603:10b6:3:37::26) To DM2PR12MB0155.namprd12.prod.outlook.com (2a01:111:e400:50ce::18) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 6ec8a701-9baa-43e8-e12d-08d5216ddf27 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001)(48565401081)(4534020)(4602075)(2017052603199);SRVR:DM2PR12MB0155; X-Microsoft-Exchange-Diagnostics: 1;DM2PR12MB0155;3:6lS6wFRY2udzv/8Bdr5+g/VM2pYto8wxnu5umyed/XYw9zN4+6yFYT6VmhRxZt8vlMljObsD1FnlWmzPx44rxs1gLoXRP0m6Sf0vuPQNupiG7aIbxyDMzJPlBHwcUlTMMuj7JaeM4oDF5Mg9CqPKA5LRf3jDPzOOfxiuO1k4qN0eokjm2ybloUE0yVYPJjHM9kQy5bDFPu74HgPegita484sg6+9EBNncFjr6niOBgFzvwWV/t+CiemhLl3k7voK;25:0S/ciR11TucxpfRa9rX4cPy4k45XETG6jzbzLUIOS/TekZwFTh/FPMOWScXUfLl4nHhMG1TaBSO9LfpixLJ4Jzi/UUvZYJ3UxRfuUG780yG9ekfXSG6dNqrR1vgDaITD7qACOmh0xXCKjl9Jim1OkvWHR004Ya4014YkmXDkKOxeCC6CGKSn7Fvcumk1odzDI01ofUN6nKD/g/2cQSuAkbiDCWtcd1Xy1Bc+Oj+3dV2nEZR1J/KXs+Nqh6ud7B5aGc0kbMtW8C6H/fO9c5epQ0osvcB656P9d/vHpIW4KHM0VZPQ8P9i5L8q/nPDY0y0R4lhA5YhFjXzv6AyW0mMZg==;31:CzMOxBWFKlWIJSNosy4gx0f4XA/kIFEe9Dz6QSZ4aNgJF0Pfjo2AlJcBTeTBI1sFbEFgVf4tazPNXtkfpobgWluhxS8ACE8EFX2L27ZJxUSWlx6brBUJlQtBbGkjFDxtWJFzvQ6B6Ajx9Tx1ZXsHfB7brO8FtpxwfpnlDQgyYzuIXLwUJQ+IZDGQ7mt9oqaR+7XYBqtJ5qe4ZS+PJfIAHJKkmIxKMlyQr9A1whooc7A= X-MS-TrafficTypeDiagnostic: DM2PR12MB0155: X-Microsoft-Exchange-Diagnostics: 1;DM2PR12MB0155;20:4aJ9GC5bPFetWGovwdpQCOLeR9UQJQBYNjc5tSEwWyjKbpiNU/ug7XTWQlQKjIINHjlJIlj+M3ZTtAthqeh0z7NTo1Oh+iP31u0luEWpxw7QA8vkbmyCmq+Io8kGJ/vjpnH+9kpbcnzYtCiOzLOVMBpY9dzB8bVbcoU17luaOTEtxMdm3OIbzTPtzA6EHtHQ4KTl4eDbJD5he3tBXb1eldXn2kYER9tCRHRhnC0PrSLZ4VMjS4aS6v3ZAsm8L818nFusRmvpTy+9y5WRSs9dyN9GAZGMPuHAMd0lghUtl4W7WCIL/kXiRxqMMIYR/rgjXR9K1Hdz0hMYAWAQNYNT48SZm7CMD+f8aXOB/n7KAdp44pY0cItFake+AJPJGDVUsjLz8e9th7B2oliG4NvkPxJ8P8bulMLUECUj4vmGq8Y0HXo2bXpXuX8VO3PPU31JX53kBUqSDM/btzhlDjn0PteJpx4KSXwDxcg8BNBhb5hlYfGUFrMgVC2S44B04qU8;4:yLQJ7YLgZnBEw0QYlDObmsp9PhqzArXe7uTsBWZJu9o52tKOnIM/ifzsKGQ27gebUQ1U38cmxUQ7qMj57BygDlcJEYrhfkgtzZZdY451pSvCjeqSTk9wuxYiUQRuWTy9kX7Ir6xPlAl+Y4HRRbrB+au975/LfJMOeEpHySv7Ymehxnh9wJGQooqSUMYX7oH3EgAPRCQObvL+ilRMT6WK+yGp95SYkp5M994c9ffAC0qC41HVuH1EjrvL5TTFioRzIhtLzbEkOESJ/u/rvneoOkZKMGaJvRkvRt7j+B6EAPwTLj+f61ikmcqqdldF6CHhbBvZnEGabp+AO++oveuuAw== X-Exchange-Antispam-Report-Test: UriScan:(9452136761055)(767451399110); X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(100000703101)(100105400095)(3231020)(10201501046)(93006095)(93001095)(3002001)(6055026)(6041248)(20161123560025)(20161123555025)(20161123564025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123562025)(20161123558100)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095);SRVR:DM2PR12MB0155;BCL:0;PCL:0;RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095);SRVR:DM2PR12MB0155; X-Forefront-PRVS: 0478C23FE0 X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(6009001)(39860400002)(376002)(346002)(189002)(199003)(1076002)(6116002)(97736004)(66066001)(50466002)(3846002)(25786009)(4326008)(54906003)(316002)(8676002)(47776003)(36756003)(23676003)(50986999)(478600001)(7416002)(81156014)(81166006)(105586002)(53416004)(53936002)(189998001)(106356001)(2906002)(16526018)(2870700001)(76176999)(33646002)(305945005)(7736002)(86362001)(5660300001)(6486002)(101416001)(50226002)(68736007)(8936002)(2950100002)(6666003);DIR:OUT;SFP:1101;SCL:1;SRVR:DM2PR12MB0155;H:wsp141597wss.amd.com;FPR:;SPF:None;PTR:InfoNoRecords;MX:1;A:1;LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtETTJQUjEyTUIwMTU1OzIzOnlkRjN0Zk5ieHJiZEZqMGtTQy9hMTcvbHN3?= =?utf-8?B?VVh6dHpWcEdKRjB5dVhXbm1EVHhrNTl0dG94RXpwdHlVUzg0NTZuVWt0bSs1?= =?utf-8?B?a1FPdXplV2pkRVRGTmhrTW0xc2RDUCtGaVZZZlY2SVA4MlFRWEVOVU9WdkVW?= =?utf-8?B?YWRmekhTQUZjS2RmWUVtUW8yMHZlR0lZc250USt1VkxVLzJQc2FqcFljMXhi?= =?utf-8?B?TzR1MGoxMERNT2dJbzZNR2RaRUFQU2xuZ0V0UVdKcmZoRU8xb0Rmc2JpRFd0?= =?utf-8?B?eXZxRGVjditUVnJyOGhkbks5byswd2g5cVZxUnloUkNkbHdCaC8wWWR6STFZ?= =?utf-8?B?dW92Umc5Vi9KUGlBcEpXS2liRXdJSkltY2drSDZyR3h0VmNrTTFsUjRrb0NQ?= =?utf-8?B?ZldmN05scEJaVUdQcFNKeTlnMm9qaUFMSmdKR0lNK0ZUcDNPZmdKZFBUL1R2?= =?utf-8?B?dEU3Yjd0Mk1aaDJKelIvRDRCeWRrMnVGQmtia2tLU0s3S3pubmE3aHNOU0Vs?= =?utf-8?B?bDZwQmZuWStZSjBtajQ1OXFZK3hIWlRtTWdZOWU2eEhLb2NYY0dvTUNWcklw?= =?utf-8?B?OEo2L3kvUTFHUzVRVWg2OXNva0ZhZTAxMFVmK2ZPMHoyZWVYTzNrSHhTMlRL?= =?utf-8?B?a3pxOTh3dnpTYWk2ZmYrMFdYY3BGSVkrSVNUQ2hTckpyRGFhYlNJL2FadHBl?= =?utf-8?B?OWtwMW1BU3dxdU8wZXJHSFFqUVg1azg1cDczUWlibmZUOHFLZDhuSi9ZLzM4?= =?utf-8?B?VjdPQ1JYOW5kaWh4NDhHVkJ6dytBY2RidWNtdHBNZWlWYWxSbjVOaHNPUFVQ?= =?utf-8?B?OE5PSjJFN1JjWlA5dWEzTUJxREc0bmVBMTNoaXNIQ3RxclA1bmMwOFVaTEFy?= =?utf-8?B?SVdSOFlqTlhDbUoyQTNoNGFRVnk2bkNiQ3YzQS9ua3J5QzlkRkQrSnRjTjNo?= =?utf-8?B?WmcyMzE4dytiR3h3YlFzNFRUOVpaZkhBYi9HVzY2QVB5dWVucWVhcDJWL0FC?= =?utf-8?B?bnVGcnZ2RTRJTHpEaVAxSzhlcjgzbnEzR2ZvWGg0dGp1QkRuWDk1akhTY3lq?= =?utf-8?B?bThWOVlaN1RneXJ3TTlQeUxvNXFqT0lhRi9vRGRqa3BzenJzWkNFWWtxNUxF?= =?utf-8?B?U09INTZRYmFNSnFJVnh3bFBZMTFjSm05YXI0WHN5YmZSeUEzaUltem5iVHdY?= =?utf-8?B?R1ZWN05xTWsxck5EMzk5YXBpRWRnUFM3RXMvUlJUR2VnZ3hHL24wajhYZ2tP?= =?utf-8?B?bDVEajRiOUpMaDltNC9aM1F2YW5BWnRlVUloQW53YjBqMHRYK1hSZlI5STI3?= =?utf-8?B?SmhyZGQ2YXQwVW5KeUJuQ0Q1UzE0aVlzYUNVTk4zTUJBQlJaeXlURkhGQ0xO?= =?utf-8?B?OGQ5eVJ6bTMvdVFSeE92Z0hLYkkyRkQrUEpEQnhTUnJZSUk3NjFab2hzc2VE?= =?utf-8?Q?umRAejSnYix96HnILtGpWiP76M9?= X-Microsoft-Exchange-Diagnostics: 1;DM2PR12MB0155;6:FjnRE1feVeiZtfp1wi2gLFXTBWWo/ZAVqAoIMEzjZDZMWjfY+iFaRxaADnaJGKKyGk7KZGYz+ClIYYFkca9UexSegIn8EcMe0/l419zvmWOZ/3Q/SvZXGmqrqL62ehcERbrvOnG+BU4D3Birq/H3lCK5+IiA5j8/onw8qVNRgB8T/1nPGXuB2wJvnv89Vof6iV9/16411FSVO37KaW+vX4nUrMedvO1JIuQ81S7BT5MX7N3h/GokGd37pKSmjaPs+k+p7C5NW0ABL6fODx/BdALTdU7J6QmG7zXfKk2qZMuypTwVf7E4ZtvctUbND9EU4dEVw0Q8P7wfqUdtntTt0owLa4ubGtWtaewQfDYvZ3s=;5:aCX5ERKs00j/acX0i8WthXqeEU3jgyeZplPs3nxeCLZzK60tl6FyjrjAX2/59WU08vj7n8JrDGzde1ibZP1HaTPp0Pgz+NRyMf0cROYpmATzqtap+yCAS9GLgHWuuXQidQn8yAa5LIWfO9Nyx5DD227xHCIyAvwQwsErfSx2dx4=;24:PHsys1fw6K0Jg4X0An1IJmBhT3lkISwkDNIukifcPMeQqgvPpYXPLbEpJ3QgeNkuIk6diqGohvCh3xIS6Un6HfMZ+tFZALt/tptm8D8nO7Y=;7:BmOA+tx8ryUx/+dkn1qkI9EEZXg0Pn+QptVCsY3SMPs1gVJ+ZjJlhTGEowgpocZcrpAcThABXYewCDCrEQ5o4nFXc63Whhr7CJUBgE7GKaG6ejowK3T9ohuAAvOIz1DK/H4ID1afp6xtHNygObJam+X/PTlGXV4DLp8JC48dbYfcoOds146Oh+3jvrOfDXibo2D9AOUWKASlgaM5WMc4ikjQThSVendobdJz7z2+DMu1ADgA1mQZi439juU3jin1 SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;DM2PR12MB0155;20:dmcLU/3+SUVxAobWQZ+ZkOGVOp7mUETvoBZbovhhy8EigTq0JHHSpB3feOzxgdOJgL2CEnIccV/MTBblyvKqjTLYsrxJAQa2Pd9PWlBaJSL2txfeYDlJjytblgpcb9PbRbVdfZSGvMISzvhKQ3FuhVpGznHQzU6bsPnJ+1rCLboLKLXkVDvnp4NKdmgoykb8zekk55TIWEA45uS6yG97Ui4Mu926q63x+KxBOixE6r7nVIl+R6LdUbitg8W53BQH X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 01 Nov 2017 21:16:51.7971 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 6ec8a701-9baa-43e8-e12d-08d5216ddf27 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR12MB0155 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org A SEV-enabled guest must use ASIDs from the defined subset, while non-SEV guests can use the remaining ASID range. The range of allowed SEV guest ASIDs is [1 - CPUID_8000_001F[ECX][31:0]]. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel Cc: Borislav Petkov Cc: Tom Lendacky Cc: x86@kernel.org Cc: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org Improvements-by: Borislav Petkov Signed-off-by: Brijesh Singh Reviewed-by: Borislav Petkov --- arch/x86/kvm/svm.c | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c index be2e98c01b22..d4b62536e305 100644 --- a/arch/x86/kvm/svm.c +++ b/arch/x86/kvm/svm.c @@ -323,6 +323,8 @@ enum { #define VMCB_AVIC_APIC_BAR_MASK 0xFFFFFFFFFF000ULL +static unsigned int max_sev_asid; + static inline void mark_all_dirty(struct vmcb *vmcb) { vmcb->control.clean = 0; @@ -787,7 +789,7 @@ static int svm_hardware_enable(void) sd->asid_generation = 1; sd->max_asid = cpuid_ebx(SVM_CPUID_FUNC) - 1; sd->next_asid = sd->max_asid + 1; - sd->min_asid = 1; + sd->min_asid = max_sev_asid + 1; gdt = get_current_gdt_rw(); sd->tss_desc = (struct kvm_ldttss_desc *)(gdt + GDT_ENTRY_TSS); @@ -1054,6 +1056,15 @@ static int avic_ga_log_notifier(u32 ga_tag) return 0; } +/* + * Get the maximum number of encrypted guests: + * Fn8001_001F[ECX][31:0]: Number of supported guests. + */ +static __init void sev_hardware_setup(void) +{ + max_sev_asid = cpuid_ecx(0x8000001F); +} + static __init int svm_hardware_setup(void) { int cpu; @@ -1084,6 +1095,16 @@ static __init int svm_hardware_setup(void) kvm_tsc_scaling_ratio_frac_bits = 32; } + if (sev) { + if (boot_cpu_has(X86_FEATURE_SEV) && + IS_ENABLED(CONFIG_KVM_AMD_SEV)) { + sev_hardware_setup(); + pr_info("SEV supported\n"); + } else { + sev = false; + } + } + if (nested) { printk(KERN_INFO "kvm: Nested Virtualization enabled\n"); kvm_enable_efer_bits(EFER_SVME | EFER_LMSLE); -- 2.9.5