From: Michael Roth <michael.roth@amd.com>
To: Borislav Petkov <bp@alien8.de>
Cc: <x86@kernel.org>, <kvm@vger.kernel.org>,
<linux-coco@lists.linux.dev>, <linux-mm@kvack.org>,
<linux-crypto@vger.kernel.org>, <linux-kernel@vger.kernel.org>,
<tglx@linutronix.de>, <mingo@redhat.com>, <jroedel@suse.de>,
<thomas.lendacky@amd.com>, <hpa@zytor.com>, <ardb@kernel.org>,
<pbonzini@redhat.com>, <seanjc@google.com>, <vkuznets@redhat.com>,
<jmattson@google.com>, <luto@kernel.org>,
<dave.hansen@linux.intel.com>, <slp@redhat.com>,
<pgonda@google.com>, <peterz@infradead.org>,
<srinivas.pandruvada@linux.intel.com>, <rientjes@google.com>,
<tobin@ibm.com>, <vbabka@suse.cz>, <kirill@shutemov.name>,
<ak@linux.intel.com>, <tony.luck@intel.com>,
<sathyanarayanan.kuppuswamy@linux.intel.com>,
<alpergun@google.com>, <jarkko@kernel.org>,
<ashish.kalra@amd.com>, <nikunj.dadhania@amd.com>,
<pankaj.gupta@amd.com>,
"liam.merwick@oracle.com Brijesh Singh" <brijesh.singh@amd.com>,
Jarkko Sakkinen <jarkko@profian.com>
Subject: Re: [PATCH v1 13/26] crypto: ccp: Add support to initialize the AMD-SP for SEV-SNP
Date: Thu, 25 Jan 2024 20:48:34 -0600 [thread overview]
Message-ID: <20240126024834.asrwn67nhkt6jdtr@amd.com> (raw)
In-Reply-To: <20240115195334.GHZaWNPiqbTg82QS_A@fat_crate.local>
On Mon, Jan 15, 2024 at 08:53:46PM +0100, Borislav Petkov wrote:
> On Sat, Dec 30, 2023 at 10:19:41AM -0600, Michael Roth wrote:
> > From: Brijesh Singh <brijesh.singh@amd.com>
> >
> > Before SNP VMs can be launched, the platform must be appropriately
> > configured and initialized. Platform initialization is accomplished via
> > the SNP_INIT command. Make sure to do a WBINVD and issue DF_FLUSH
> > command to prepare for the first SNP guest launch after INIT.
> ^^^^^^
> Which "INIT"?
>
> Sounds like after hipervisor's init...
This is referring to the WBINVD/DF_FLUSH needs after SNP_INIT and before
launch of first SNP guest. I'd actually already removed this line from
the commit msg since it's explained in better detail in comments below
and it seemed out of place where it originally was.
-Mike
>
> > During the execution of SNP_INIT command, the firmware configures
> > and enables SNP security policy enforcement in many system components.
> > Some system components write to regions of memory reserved by early
> > x86 firmware (e.g. UEFI). Other system components write to regions
> > provided by the operation system, hypervisor, or x86 firmware.
> > Such system components can only write to HV-fixed pages or Default
> > pages. They will error when attempting to write to other page states
>
> "... to pages in other page states... "
>
> > after SNP_INIT enables their SNP enforcement.
>
> And yes, this version looks much better. Some text cleanups ontop:
>
> ---
> diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
> index 85634d4f8cfe..7942ec730525 100644
> --- a/drivers/crypto/ccp/sev-dev.c
> +++ b/drivers/crypto/ccp/sev-dev.c
> @@ -549,24 +549,22 @@ static int __sev_snp_init_locked(int *error)
> return 0;
> }
>
> - /*
> - * The SNP_INIT requires the MSR_VM_HSAVE_PA must be set to 0h
> - * across all cores.
> - */
> + /* SNP_INIT requires MSR_VM_HSAVE_PA to be cleared on all CPUs. */
> on_each_cpu(snp_set_hsave_pa, NULL, 1);
>
> /*
> - * Starting in SNP firmware v1.52, the SNP_INIT_EX command takes a list of
> - * system physical address ranges to convert into the HV-fixed page states
> - * during the RMP initialization. For instance, the memory that UEFI
> - * reserves should be included in the range list. This allows system
> + * Starting in SNP firmware v1.52, the SNP_INIT_EX command takes a list
> + * of system physical address ranges to convert into HV-fixed page
> + * states during the RMP initialization. For instance, the memory that
> + * UEFI reserves should be included in the that list. This allows system
> * components that occasionally write to memory (e.g. logging to UEFI
> - * reserved regions) to not fail due to RMP initialization and SNP enablement.
> + * reserved regions) to not fail due to RMP initialization and SNP
> + * enablement.
> */
> if (sev_version_greater_or_equal(SNP_MIN_API_MAJOR, 52)) {
> /*
> * Firmware checks that the pages containing the ranges enumerated
> - * in the RANGES structure are either in the Default page state or in the
> + * in the RANGES structure are either in the default page state or in the
> * firmware page state.
> */
> snp_range_list = kzalloc(PAGE_SIZE, GFP_KERNEL);
> @@ -577,7 +575,7 @@ static int __sev_snp_init_locked(int *error)
> }
>
> /*
> - * Retrieve all reserved memory regions setup by UEFI from the e820 memory map
> + * Retrieve all reserved memory regions from the e820 memory map
> * to be setup as HV-fixed pages.
> */
> rc = walk_iomem_res_desc(IORES_DESC_NONE, IORESOURCE_MEM, 0, ~0,
> @@ -599,14 +597,13 @@ static int __sev_snp_init_locked(int *error)
> }
>
> /*
> - * The following sequence must be issued before launching the
> - * first SNP guest to ensure all dirty cache lines are flushed,
> - * including from updates to the RMP table itself via RMPUPDATE
> - * instructions:
> + * The following sequence must be issued before launching the first SNP
> + * guest to ensure all dirty cache lines are flushed, including from
> + * updates to the RMP table itself via the RMPUPDATE instruction:
> *
> - * - WBINDV on all running CPUs
> + * - WBINVD on all running CPUs
> * - SEV_CMD_SNP_INIT[_EX] firmware command
> - * - WBINDV on all running CPUs
> + * - WBINVD on all running CPUs
> * - SEV_CMD_SNP_DF_FLUSH firmware command
> */
> wbinvd_on_all_cpus();
>
>
>
> --
> Regards/Gruss,
> Boris.
>
> https://people.kernel.org/tglx/notes-about-netiquette
>
next prev parent reply other threads:[~2024-01-26 4:13 UTC|newest]
Thread overview: 101+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-12-30 16:19 [PATCH v1 00/26] Add AMD Secure Nested Paging (SEV-SNP) Initialization Support Michael Roth
2023-12-30 16:19 ` [PATCH v1 01/26] x86/cpufeatures: Add SEV-SNP CPU feature Michael Roth
2023-12-31 11:50 ` Borislav Petkov
2023-12-31 16:44 ` Michael Roth
2023-12-30 16:19 ` [PATCH v1 02/26] x86/speculation: Do not enable Automatic IBRS if SEV SNP is enabled Michael Roth
2023-12-30 16:19 ` [PATCH v1 03/26] iommu/amd: Don't rely on external callers to enable IOMMU SNP support Michael Roth
2024-01-04 10:30 ` Borislav Petkov
2024-01-04 10:58 ` Joerg Roedel
2023-12-30 16:19 ` [PATCH v1 04/26] x86/sev: Add the host SEV-SNP initialization support Michael Roth
2024-01-04 11:05 ` Jeremi Piotrowski
2024-01-05 16:09 ` Borislav Petkov
2024-01-05 16:21 ` Borislav Petkov
2024-01-08 16:49 ` Jeremi Piotrowski
2024-01-08 17:04 ` Borislav Petkov
2024-01-09 11:56 ` Jeremi Piotrowski
2024-01-09 12:29 ` Borislav Petkov
2024-01-09 12:44 ` Borislav Petkov
2024-02-14 16:56 ` Jeremi Piotrowski
2024-01-04 11:16 ` Borislav Petkov
2024-01-04 14:42 ` Borislav Petkov
2024-01-05 19:19 ` Borislav Petkov
2024-01-05 21:27 ` Borislav Petkov
2023-12-30 16:19 ` [PATCH v1 05/26] x86/mtrr: Don't print errors if MtrrFixDramModEn is set when SNP enabled Michael Roth
2023-12-30 16:19 ` [PATCH v1 06/26] x86/sev: Add RMP entry lookup helpers Michael Roth
2023-12-30 16:19 ` [PATCH v1 07/26] x86/fault: Add helper for dumping RMP entries Michael Roth
2024-01-10 9:59 ` Borislav Petkov
2024-01-10 20:18 ` Jarkko Sakkinen
2024-01-10 22:14 ` Borislav Petkov
2024-01-10 11:13 ` Borislav Petkov
2024-01-10 15:20 ` Tom Lendacky
2024-01-10 15:27 ` Borislav Petkov
2024-01-10 15:51 ` Tom Lendacky
2024-01-10 15:55 ` Borislav Petkov
2024-01-10 15:10 ` Tom Lendacky
2023-12-30 16:19 ` [PATCH v1 08/26] x86/traps: Define RMP violation #PF error code Michael Roth
2023-12-30 16:19 ` [PATCH v1 09/26] x86/fault: Dump RMP table information when RMP page faults occur Michael Roth
2023-12-30 16:19 ` [PATCH v1 10/26] x86/sev: Add helper functions for RMPUPDATE and PSMASH instruction Michael Roth
2024-01-12 14:49 ` Borislav Petkov
2023-12-30 16:19 ` [PATCH v1 11/26] x86/sev: Invalidate pages from the direct map when adding them to the RMP table Michael Roth
2024-01-12 19:48 ` Borislav Petkov
2024-01-12 20:00 ` Dave Hansen
2024-01-12 20:07 ` Borislav Petkov
2024-01-12 20:27 ` Vlastimil Babka
2024-01-15 9:06 ` Borislav Petkov
2024-01-15 9:14 ` Vlastimil Babka
2024-01-15 9:16 ` Mike Rapoport
2024-01-15 9:20 ` Borislav Petkov
2024-01-12 20:28 ` Tom Lendacky
2024-01-12 20:37 ` Dave Hansen
2024-01-15 9:23 ` Vlastimil Babka
2024-01-16 16:19 ` Michael Roth
2024-01-16 16:50 ` Michael Roth
[not found] ` <ZabjKpCqx9np0SEI@kernel.org>
2024-01-26 1:49 ` Michael Roth
2024-01-16 18:22 ` Borislav Petkov
2024-01-16 20:22 ` Dave Hansen
2024-01-26 1:35 ` Michael Roth
2024-01-15 9:09 ` Borislav Petkov
2024-01-16 16:21 ` Dave Hansen
2024-01-17 9:34 ` Borislav Petkov
2024-01-15 9:01 ` Borislav Petkov
2023-12-30 16:19 ` [PATCH v1 12/26] crypto: ccp: Define the SEV-SNP commands Michael Roth
2024-01-15 9:41 ` Borislav Petkov
2024-01-26 1:56 ` Michael Roth
2023-12-30 16:19 ` [PATCH v1 13/26] crypto: ccp: Add support to initialize the AMD-SP for SEV-SNP Michael Roth
2024-01-15 11:19 ` Borislav Petkov
2024-01-15 19:53 ` Borislav Petkov
2024-01-26 2:48 ` Michael Roth [this message]
2023-12-30 16:19 ` [PATCH v1 14/26] crypto: ccp: Provide API to issue SEV and SNP commands Michael Roth
2024-01-17 9:48 ` Borislav Petkov
2023-12-30 16:19 ` [PATCH v1 15/26] x86/sev: Introduce snp leaked pages list Michael Roth
2024-01-08 10:45 ` Vlastimil Babka
2024-01-09 22:19 ` Kalra, Ashish
2024-01-10 8:59 ` Vlastimil Babka
2023-12-30 16:19 ` [PATCH v1 16/26] crypto: ccp: Handle the legacy TMR allocation when SNP is enabled Michael Roth
2023-12-30 16:19 ` [PATCH v1 17/26] crypto: ccp: Handle non-volatile INIT_EX data " Michael Roth
2024-01-18 14:03 ` Borislav Petkov
2023-12-30 16:19 ` [PATCH v1 18/26] crypto: ccp: Handle legacy SEV commands " Michael Roth
2024-01-19 17:18 ` Borislav Petkov
2024-01-19 17:36 ` Tom Lendacky
2024-01-19 17:48 ` Borislav Petkov
2024-01-26 13:29 ` Michael Roth
2023-12-30 16:19 ` [PATCH v1 19/26] iommu/amd: Clean up RMP entries for IOMMU pages during SNP shutdown Michael Roth
2023-12-30 16:19 ` [PATCH v1 20/26] crypto: ccp: Add debug support for decrypting pages Michael Roth
2024-01-10 14:59 ` Sean Christopherson
2024-01-11 0:50 ` Michael Roth
2023-12-30 16:19 ` [PATCH v1 21/26] crypto: ccp: Add panic notifier for SEV/SNP firmware shutdown on kdump Michael Roth
2024-01-21 11:49 ` Borislav Petkov
2024-01-26 3:03 ` Kalra, Ashish
2024-01-26 13:38 ` Michael Roth
2023-12-30 16:19 ` [PATCH v1 22/26] KVM: SEV: Make AVIC backing, VMSA and VMCB memory allocation SNP safe Michael Roth
2024-01-21 11:51 ` Borislav Petkov
2024-01-26 3:44 ` Michael Roth
2023-12-30 16:19 ` [PATCH v1 23/26] x86/cpufeatures: Enable/unmask SEV-SNP CPU feature Michael Roth
2023-12-30 16:19 ` [PATCH v1 24/26] crypto: ccp: Add the SNP_PLATFORM_STATUS command Michael Roth
2024-01-21 12:29 ` Borislav Petkov
2024-01-26 3:32 ` Michael Roth
2023-12-30 16:19 ` [PATCH v1 25/26] crypto: ccp: Add the SNP_COMMIT command Michael Roth
2024-01-21 12:35 ` Borislav Petkov
2023-12-30 16:19 ` [PATCH v1 26/26] crypto: ccp: Add the SNP_SET_CONFIG command Michael Roth
2024-01-21 12:41 ` Borislav Petkov
2024-01-26 13:30 ` Michael Roth
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240126024834.asrwn67nhkt6jdtr@amd.com \
--to=michael.roth@amd.com \
--cc=ak@linux.intel.com \
--cc=alpergun@google.com \
--cc=ardb@kernel.org \
--cc=ashish.kalra@amd.com \
--cc=bp@alien8.de \
--cc=brijesh.singh@amd.com \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=jarkko@kernel.org \
--cc=jarkko@profian.com \
--cc=jmattson@google.com \
--cc=jroedel@suse.de \
--cc=kirill@shutemov.name \
--cc=kvm@vger.kernel.org \
--cc=linux-coco@lists.linux.dev \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=nikunj.dadhania@amd.com \
--cc=pankaj.gupta@amd.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=pgonda@google.com \
--cc=rientjes@google.com \
--cc=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=seanjc@google.com \
--cc=slp@redhat.com \
--cc=srinivas.pandruvada@linux.intel.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=tobin@ibm.com \
--cc=tony.luck@intel.com \
--cc=vbabka@suse.cz \
--cc=vkuznets@redhat.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox