From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752762AbdLEBLB (ORCPT ); Mon, 4 Dec 2017 20:11:01 -0500 Received: from mail-by2nam03on0083.outbound.protection.outlook.com ([104.47.42.83]:22016 "EHLO NAM03-BY2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1752431AbdLEBFq (ORCPT ); Mon, 4 Dec 2017 20:05:46 -0500 Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; From: Brijesh Singh To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org Cc: bp@alien8.de, Brijesh Singh , Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Joerg Roedel , Borislav Petkov , Tom Lendacky Subject: [Part2 PATCH v9 23/38] KVM: SVM: Add sev module_param Date: Mon, 4 Dec 2017 19:04:23 -0600 Message-Id: <20171205010438.5773-24-brijesh.singh@amd.com> X-Mailer: git-send-email 2.9.5 In-Reply-To: <20171205010438.5773-1-brijesh.singh@amd.com> References: <20171205010438.5773-1-brijesh.singh@amd.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: CY4PR0601CA0087.namprd06.prod.outlook.com (52.132.96.156) To CY1PR12MB0149.namprd12.prod.outlook.com (10.161.173.19) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 3c9125f1-e2c1-44be-a22d-08d53b7c3ebc X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(5600026)(4604075)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(48565401081)(2017052603286);SRVR:CY1PR12MB0149; X-Microsoft-Exchange-Diagnostics: 1;CY1PR12MB0149;3:kfABW3VnI7aIzvKA+JRgCMsxl6WIQ/LCtdRzJg/6aU9MOiz6lt/CTpxMbi8wXn4pt0RYzyeoZPVdVhDzqrby7mt2DH6isw6nKyuFpld8z07eQyC9uDYNX+bC59ETAFRUBM7rXWfdLV7RBmsRy7c2pAZOPmQ3mb3vSOWk38kqHh+YrH5onEKnt7BZj43lK+t9mL7IGm+0ABS5TXf1KsKGB7k9rnFzx2Xlq4SC+k68JVw06E9X6AYQ3o3PG2HySXl5;25:aCxpMAuMa5hphpuWAP512mumzgEu91fMcQw4oQtemrMNz8/mlUP84eu7XBq0RGBxuR7+7hmC4kc1LtL9MhjKd7hplXcfkdfiQlxTNYe/aWFCdZA12Ehl8aNzvQC+lwJarNk6v/0gsiG2hmK4PB04V7ZpCdBem5QTKfaWgWfbBVmcxBovNqzHNdLdlaqhkuUX2RUTS+cwlKbXJfbiYgbCTfTmCveHR5RA2WmzlWiU/dNWI57j7X1QlB7PPsVjjgzwU6bLnjCRWBtyql5xDzoJQt8FsiwDOfyDS2GQDuzApultOYgDBwjkJxSj0TAn3T4pny0WKM8kjPliI1qNVuYJyA==;31:I38d7/cy/HZsuGSiahZR6j1YfyM6wiqW9DlISS7HOT0joIn+uymdkpcIyKwX26Gb6X1GdTl8Mc63lhFqbtMrLDlbtJ3tEJ6EMCu1r21/2c8KjRfCYEAqv4Ueu+2IadF3wozI0sHnpbDvNtm4mOnQ4Ur5Qh8WYUsi892XRZqW+64ZS9jw3S0iLEjk3JOr5z1hJ8kIwCq83EYvcOzaGv5fS4DjIq7aiAIWCcwHslc19IY= X-MS-TrafficTypeDiagnostic: CY1PR12MB0149: X-Microsoft-Exchange-Diagnostics: 1;CY1PR12MB0149;20:hezx60O1tV0aDno9OxXv7Yu6YaPgOCWB1xOcAsR710WeevGeev0EcwGXrIvt3v5RcqIaVsUUA9TwuwGCdG1bvMEz9bVgA6Xo6GJLzSjtKTxPLM1QUWIK/XgyQZj1jeGZMyHk5DMSlDCnRHrFBOQ2CtL7DJW3+zBAF5P/oSKAEHGVDGuBDRABixMX2jYyzxrYaMDZ6QgRobE2Mu6fcCJan6tOuhtDcR+k0EFCGpqjCn266zG5ATIMWiXPjatCD8VrWRwPFbDM4/dIjK935ZZKXenZy2fmXa1KeR/JnTUN4FSRTFvcayshbuHcXWxtPGKZfIwHct46MtKSb35AvvFn3Mho+VwgwQqPezkwNBSIXlb18ltO4mlPyAYHDiNVAnqeCH6884QKwFH64dAdCPv3Hw9auLLlmIgCrDZmckQa3ObbqBc8u/Jgd0IcfQr4oGHEpwykNTqsplWixmBTwj6ddjExMpSvqp+bXkraH1cjIwekltl9RBHnC8QtDHDJi1Zd;4:imCTxJgQ+LRvp+NKkkCobfYLoGSsCRNjKyGgnh7hfIl1aEeXbzRyIiaOPViu0P5cBBE78NG2GcOSfqXWVu6Q0sNfipzSG97zujs9YtHPxJeaJRX8pj/VpUZ329kPsGlA4JB5uZEuvZtQD4ub6ZvDxCxgqEKxQ0gSr0u6EIttNTUvwV4ej+rNXIE1m05CBmqQBHwGjV18ystTzr72IoEjbHzUnm9bba3CgTGZuO1U7dhxFAoGRTkzA6kiDSxE20UMKhxn5KxvZARdOA0Iopo/eLqROhl9eufSlBSjXBoK/gCMQUncDV+nh/SB2ZIuShdeA83lBksHw3DIgkibjldazA== X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(9452136761055)(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040450)(2401047)(5005006)(8121501046)(93006095)(93001095)(10201501046)(3002001)(3231022)(6055026)(6041248)(20161123558100)(20161123555025)(20161123562025)(20161123564025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(6072148)(201708071742011);SRVR:CY1PR12MB0149;BCL:0;PCL:0;RULEID:(100000803101)(100110400095);SRVR:CY1PR12MB0149; X-Forefront-PRVS: 0512CC5201 X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(6009001)(366004)(39860400002)(346002)(376002)(189002)(199003)(16526018)(189998001)(106356001)(478600001)(7416002)(2870700001)(101416001)(23676004)(52116002)(97736004)(86362001)(7696005)(33646002)(54906003)(25786009)(105586002)(76176011)(316002)(2950100002)(6666003)(7736002)(2906002)(6486002)(50226002)(81166006)(81156014)(8936002)(53936002)(8676002)(4326008)(1076002)(305945005)(66066001)(6116002)(53416004)(5660300001)(47776003)(68736007)(3846002)(50466002)(36756003);DIR:OUT;SFP:1101;SCL:1;SRVR:CY1PR12MB0149;H:wsp141597wss.amd.com;FPR:;SPF:None;PTR:InfoNoRecords;MX:1;A:1;LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtDWTFQUjEyTUIwMTQ5OzIzOllYKzVXYWFIK1ZvRnJDSmYrR01OS0pPSEFi?= =?utf-8?B?R2M5dlpFRkd1MzJxbnRVYWg0Mk14Y3Bvb2gyVzdUbnpJL3EzdG5KSnNKRUts?= =?utf-8?B?dHdCc1FtOHd2bStaajA3UWpvMlJpSEZtVVQ2dCtQZG5pNFNtVWppWFpxaDdl?= =?utf-8?B?L2ZIbnRUR1VSUENCRmhqTmJyNGhuVTJSTlF5ZHBJSzVKMitDOVV1dFNWbmRU?= =?utf-8?B?czRSWll1MHpJWDNtUWFkanpjN1ZYNEZ2elZacEloQk4xMEJCNnBkdFZBUTJz?= =?utf-8?B?UFNycXF3bTVpendheDl4NlFKWTBBaWZDc3BGN2RBc2VPTzNoT0FGT0Y1VVYy?= =?utf-8?B?VkdJOGo3d2loSjRxclJqTndKQ2JIN2Q5YnRyV0krOTVRMTZkRm90V1lSaTI3?= =?utf-8?B?RVJheVJrcU9zeTZFNUptY3JVbHkwVU1zVmdmQktSSnFQQnpOYTZYdHBaTTdp?= =?utf-8?B?Q1VuRDhZVXRWbnViM3pyT2V3cWExNTZLcGdmaWE0WENRUEQzb21CQmlOUTRD?= =?utf-8?B?OVVHUG53aVEvZ2xRWmlwd3l4dm84ZDgxSUV0Zk44bHdva0NIYkJxeGtlbExG?= =?utf-8?B?L3lZRExWSitUK0Y0eDNRNzU0cnpqcEZ3dEt6V1JpU012Q29tY3ozMGR4bG9V?= =?utf-8?B?Z29vWko0L21FU0ZtRzUvUW5pQ3p4U2pGaDlqU3RWZGZyT0lzMFNzT21hK0Vm?= =?utf-8?B?TzFETHd4cE5RUDBSZUwxSkVYOHVaMnNVSDUxZmtmSmZDaG9aTnc3Ym9UWFU0?= =?utf-8?B?cDE5YVBuemFLbkV6SEIxS1ZVUGlNalIyUzh6aDdIUEszaXpvNFlNaGplODYv?= =?utf-8?B?cXlCWW1ZUDRKY0cwUGRaL3hUWThxUzlYck5VbGNLNnI0QWRpemtJbytuWjF4?= =?utf-8?B?cGZWZEdKTE1rRExMS2hMQVpUYnE3VXRkVGVrUmxpeWFyNUlNQUhqYVE0M0hI?= =?utf-8?B?NmcrbFN5dGk4SGF3UnpRRmcydXJWTXdoTUE5dEhVMFRTMyswejJ4WFZTZmoy?= =?utf-8?B?aFVrQnF2cDAzcnd0QkZzNWFrTUowNnhMSXhuOXhHVTUwQ3FsZjZGVHBxSEZV?= =?utf-8?B?NFUwRGdnSVdHbzVUQTBXTUw5dnhKT1ZpdjVkNDZDQ0VpN2wwcTJjNnpyV2Mw?= =?utf-8?B?YmlNbTBVT2VlWjg5WlV3UHlxdUFYOWQrOUNsRzdIZUJ5Yy9DbEpoNGJJeWVE?= =?utf-8?B?Z2F3a2FkR3g1UitpZ010Q1hJcklTSGVFUmV1TXpNOWc0MDJjdVlsUjFaTERu?= =?utf-8?B?WTNOL1hWeEY2Um1raE41dzZ4cjBuZFFlZFJqREV4cXE4eWwzM3BGYjkvQ1Bt?= =?utf-8?B?WVVyV29Gb2ZpUjljblROcjc3c1FhL2t6cHpadVh3YkxuUjdWUytpbHBjTFJx?= =?utf-8?B?eDRqTXpTeW5XeWxkQk5hV3IwMDRFR3laS2M0WXRvc1NNZk83VDRWeGNjL0hz?= =?utf-8?B?N3dLa25XcGZLbEVWY21SaW5qOVdHNTVLa1VOSlZFeUFLaHQwc21oMjhhdlQz?= =?utf-8?Q?lj+beOFzZddlJW7tNDmMOgz4Y=3D?= X-Microsoft-Exchange-Diagnostics: 1;CY1PR12MB0149;6:wNecMn5n7ufyj63jQTtyKRVxbGZk2g60X33Z3IEXgkXgUZjL79mapsrA35lORw+g76eeQO9JA4FRwPorfBV0VZnvo/S8B2WrRuw9XXjFmoaZSLvwFahRGpCF0jPEdtlo+R8ONVtt8emPcqAIJw/GM0fZaXDCFDPjPlicO5rIvq3zoOJN9OoDj12FEprmHG2nqI67hCjRVFovU0vJWGRJ2Y5Tznr6g9lGw1+AZB/PjGVqTzPqkwP7Jl6KzXedDeQzaDNk41xBOXRgirVyYVd9U0YUt/hPFi5Z4Jn8N20Fb6hDbZpGTPF5w54GCkLb4ydA661lObV0+2Hsx0e6neMDA/RQYG95pR+ar+ASPir1Bn8=;5:hahvuuPJhEnRbv9GZGkLQcB5cI55EaRSlISadUdfsNeeyU0QYq9OnYg7o+wHwnFxJkkOy0R3se0U3jo+r43BQ+MmfddDnyfgIIvmITwP0YRxApXHnshO/mXFZ7dFRZZd/AP5w2igSHh1NYg7QPIAPQPTRLwjLuzz7KlmC10Jfyg=;24:4j3ZRMU9aD8OXvW3qnlO1McbA7Ei2Aeuw9wwduKkQ00qZJELbPrKJ+zmfX4KIUOvcWfg+Q9OD/EfXG+seU5lI4JJcDZIlUtfTZu9aRSwQtg=;7:F+X/XX6z4NjSD8NR6ejDYUG8oMuGa0Hrmt4OQOILPsfzRUU+O0MuaUa1egk2IBUNYJuxSWNvj4gzfrb+CG4Tidu7Ok5H78H5lcJTxP9Ok6Zi7oxZMg+9f91pulgnUgAbYlqxrFj5BZVG07hWmn3Sr6fuwWLzZgccSdFvd/qDaBWB3yS0XeIb5kVHTyDp5GwHLuLIybTnrugNNwFtZMMXy4Z7A8JVptTVEF9CAoRTAKqByDC6DtjSC0ZLG96La5ec SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;CY1PR12MB0149;20:V6F0ptl22GC16l0OPpJbN2+AlJCfmRsXm0/Efx5dOl6hflbTSjYBFQ3JPGuNYi1gxhoQ30Qk408FaJtXJgHz5uiF4Lr2/huSrA0GBR5LL7tad97iE8yUl0oLJOy2LzpTtSI3tfWMKi6FZM9lGIGMoidrjbDnifmVgcBPcXqVLcBe9W4EmsUMKCYnBjBgllcPQ5+AF5VIs1WfgbK7sKAZVdg4NI+FjngPS3DyUGGl0ScE0UEY18YON5thReQw8gBS X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Dec 2017 01:05:15.1389 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 3c9125f1-e2c1-44be-a22d-08d53b7c3ebc X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR12MB0149 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The module parameter can be used to control the SEV feature support. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel Cc: Borislav Petkov Cc: Tom Lendacky Cc: x86@kernel.org Cc: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: Brijesh Singh Reviewed-by: Borislav Petkov --- arch/x86/kvm/svm.c | 49 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c index bff7ce727a78..ca63642517a7 100644 --- a/arch/x86/kvm/svm.c +++ b/arch/x86/kvm/svm.c @@ -37,6 +37,7 @@ #include #include #include +#include #include #include @@ -284,6 +285,10 @@ module_param(vls, int, 0444); static int vgif = true; module_param(vgif, int, 0444); +/* enable/disable SEV support */ +static int sev = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); +module_param(sev, int, 0444); + static void svm_set_cr0(struct kvm_vcpu *vcpu, unsigned long cr0); static void svm_flush_tlb(struct kvm_vcpu *vcpu); static void svm_complete_interrupts(struct vcpu_svm *svm); @@ -1049,6 +1054,39 @@ static int avic_ga_log_notifier(u32 ga_tag) return 0; } +static __init int sev_hardware_setup(void) +{ + struct sev_user_data_status *status; + int rc; + + /* Maximum number of encrypted guests supported simultaneously */ + max_sev_asid = cpuid_ecx(0x8000001F); + + if (!max_sev_asid) + return 1; + + status = kmalloc(sizeof(*status), GFP_KERNEL); + if (!status) + return 1; + + /* + * Check SEV platform status. + * + * PLATFORM_STATUS can be called in any state, if we failed to query + * the PLATFORM status then either PSP firmware does not support SEV + * feature or SEV firmware is dead. + */ + rc = sev_platform_status(status, NULL); + if (rc) + goto err; + + pr_info("SEV supported\n"); + +err: + kfree(status); + return rc; +} + static __init int svm_hardware_setup(void) { int cpu; @@ -1084,6 +1122,17 @@ static __init int svm_hardware_setup(void) kvm_enable_efer_bits(EFER_SVME | EFER_LMSLE); } + if (sev) { + if (boot_cpu_has(X86_FEATURE_SEV) && + IS_ENABLED(CONFIG_KVM_AMD_SEV)) { + r = sev_hardware_setup(); + if (r) + sev = false; + } else { + sev = false; + } + } + for_each_possible_cpu(cpu) { r = svm_cpu_init(cpu); if (r) -- 2.9.5