From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id DD167C47DDB for ; Fri, 26 Jan 2024 04:13:26 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 6E9626B009C; Thu, 25 Jan 2024 23:13:26 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 697FC6B009D; Thu, 25 Jan 2024 23:13:26 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 539196B009E; Thu, 25 Jan 2024 23:13:26 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 3DF8E6B009C for ; Thu, 25 Jan 2024 23:13:26 -0500 (EST) Received: from smtpin11.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 1FBE1A2497 for ; Fri, 26 Jan 2024 04:13:26 +0000 (UTC) X-FDA: 81720142812.11.9523A56 Received: from NAM04-DM6-obe.outbound.protection.outlook.com (mail-dm6nam04on2045.outbound.protection.outlook.com [40.107.102.45]) by imf21.hostedemail.com (Postfix) with ESMTP id 378281C000D for ; Fri, 26 Jan 2024 04:13:22 +0000 (UTC) Authentication-Results: imf21.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=KaMyBT9W; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf21.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.102.45 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1706242403; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=30bqNEPSXx00DdyDHfErp0hXLeARwrgeWUSkeh5nqlw=; b=73HAD6chLFj6phTcdRhm4OZJla2dX8JSLKGOc8N4Kdi5LUcJgdu/CJ+MHX5M8FpFXVBya8 KpnGScBtIqBsyBKkLe1HkwrPi0di5K1FL1SfJOsEaxo1hoR477lHB18fK9K6vs4Cz3oeLi 1hBKiF3c0y1f44djtaYeYlY+KIRu0+E= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1706242403; a=rsa-sha256; cv=pass; b=UfmGY/q5FsTNe9pULKmIxO+2HonR5U2GyxuMcppeKaSVsURDouWXMmwEGpaAf6TIqoNvhu 9MbWxOnBNRd/5V6OV8peYirhZuniEn1JabVb7Qd8xy7J7clZu0ENsjDN2p6YPmzDHROgZe sy+Fz1b+oTLL285Kd5pyXqKIFO/EUoc= ARC-Authentication-Results: i=2; imf21.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=KaMyBT9W; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf21.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.102.45 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=n9dSoh2VujHke1Q7e7XYwv6p2DsYXEd6fihzUL5AEsb8HNbJeZFT0vCRIcroF7FqXWzV1RSOk3K0UmaZyliIQ6L2/tXl7V93PKleuCQJisHo4ZOK1+JItLKZKb5jWktGX11sRPkdpfAZ8OEMz4k55kE5huoHO8p5Ey9xzlU8kxImqar61D58IcvuFqZk8IJT5f0ER8rO4ek+Cb0HljHNg3aThtl8wT+4/s8eJZWh9ua91/rOD4JWaNyPrnCgENqgwrVjfA/XbSWZotVeWE7p9O7MH8l7ngFVWUBuAJ8tNhcVYeNWQEvI0ULidXmiv7tEkiorRER7CW7qHt/0i+REKg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=30bqNEPSXx00DdyDHfErp0hXLeARwrgeWUSkeh5nqlw=; b=KtSDrr5N8HmR5EhtkS5Q+LY9NI7KHWd3L8iN+QYNEjOOWj9o6BQaUOVv6VfE0OVt6pAN+4HXBPjoe853lI6gadeCYmZUA5g6EJUYmDbG+asvPmAKojtdorQpTBd06OerYaXfgeHKhEezTjFlW5ybTRscl4KCemlSm87G1rr7pXfXaWjX0ODlsSzz4cuiAr6Ic9IRkTxjtEj3/7xOK/Xb2kR0U6/AEZNMtXj9RqGdEsLeGssZWCuGV2Abw8QD2Ezi0iliZ6wziM3xCLZAuRE93rB8D/S8ABLhGB50MjKeBL3LCz1AYhahWT/w8r6L75cK0i1tB/z9hHW6awKN1xwQxA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=alien8.de smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=30bqNEPSXx00DdyDHfErp0hXLeARwrgeWUSkeh5nqlw=; b=KaMyBT9W7HHcjIQKLiSW5JyGteFr08Gyx4EJhIiAJsFSLi8gXlRVhdxwEL22GwurEtWdcixxeJ52gQ1wpttn/a50cjcN6U/I+eviJboNIwn9pA+xRY+A6IQvAcJLMDgSe15MufZRQ/6NCk3cHefDGFd4DvaV+ciImmOiF0TX/V8= Received: from SJ2PR07CA0017.namprd07.prod.outlook.com (2603:10b6:a03:505::17) by SA1PR12MB7222.namprd12.prod.outlook.com (2603:10b6:806:2bf::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.26; Fri, 26 Jan 2024 04:13:20 +0000 Received: from SJ1PEPF00001CDD.namprd05.prod.outlook.com (2603:10b6:a03:505:cafe::50) by SJ2PR07CA0017.outlook.office365.com (2603:10b6:a03:505::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.22 via Frontend Transport; Fri, 26 Jan 2024 04:13:19 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SJ1PEPF00001CDD.mail.protection.outlook.com (10.167.242.5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7202.16 via Frontend Transport; Fri, 26 Jan 2024 04:13:19 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Thu, 25 Jan 2024 22:13:17 -0600 Date: Thu, 25 Jan 2024 20:48:34 -0600 From: Michael Roth To: Borislav Petkov CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , "liam.merwick@oracle.com Brijesh Singh" , Jarkko Sakkinen Subject: Re: [PATCH v1 13/26] crypto: ccp: Add support to initialize the AMD-SP for SEV-SNP Message-ID: <20240126024834.asrwn67nhkt6jdtr@amd.com> References: <20231230161954.569267-1-michael.roth@amd.com> <20231230161954.569267-14-michael.roth@amd.com> <20240115195334.GHZaWNPiqbTg82QS_A@fat_crate.local> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Disposition: inline In-Reply-To: <20240115195334.GHZaWNPiqbTg82QS_A@fat_crate.local> X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SJ1PEPF00001CDD:EE_|SA1PR12MB7222:EE_ X-MS-Office365-Filtering-Correlation-Id: f9b80b06-85af-4fba-e451-08dc1e2520ed X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: aEOHZhsYxazF+oY+l9qlpZbYXHNUY2sw86FFPb5ReR/Zbt+ioVQlTeACL9msWdggzYV70k/aBHSWoxHoExxHL+sjDIn2z0O1DmmzCwuHxiLeqO7awWL+mGgTDqLn3w3QbcvBajNt1EiX17a/U58Lh4ExdmW3djP+MDrnPP+tmCmHzaBZHrSWvBEJoMdKS09QE5yqzljv4ls+ryWuZt6sEZtcsvdT3PpqeMzBy+Z1qOfr4vG8bhujcRCtWxYa/YUskWGnk1gJ21RWwajtDhks7sZRES5eii1PkgvRtuk8ZnmQ2ddck5FM4NNr5XZOHku27icjEgndQDn78ARuW+Hnc+dVUNSOe0rSsJmiwPahpKA4kRlTeL7VNl3yloweuqBqizRsrGYCQcxUHx78/bo/n5FUc+S46xwu2LxHcwVgGRAOZUxV5GFfVnObSL+VXEC25M7hZyRAVAfBfUJcEKxoaM8EyodsjSM3ZZmOPO9qSqZ1N3xuchhhpIYi2v2Qh+pqWBYbRB9fDoO9fVJuhzV4Tt/Fp1dngf7Q962zEGKpOo7975r+cu8R2yphW/qzQAoJkhcwCs7MkAzkbGX2iXeMQm/SB0di2Ng9DhV/QjdNSKPed3M1lMnNAPvh51yIPmvqRxmMYMaZiPGY8Qj5QuJRGFEHxgGfwzR8LAGehAEYkB95TleLW9pRC6N5UYU75hCcZDTpfdYKJS/td7kI/yMAPF/8PeEQW9vp9xwV7lQA4lrUFBGetENM2mTizp8HDEMe5lgEqkFE60C+SpOeau9mLw== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(346002)(396003)(39860400002)(136003)(376002)(230922051799003)(64100799003)(451199024)(1800799012)(82310400011)(186009)(36840700001)(46966006)(40470700004)(6666004)(82740400003)(36860700001)(5660300002)(7406005)(7416002)(81166007)(2906002)(44832011)(36756003)(356005)(41300700001)(336012)(4326008)(16526019)(26005)(426003)(8936002)(86362001)(966005)(47076005)(1076003)(2616005)(54906003)(8676002)(6916009)(83380400001)(478600001)(70586007)(316002)(70206006)(40480700001)(40460700003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Jan 2024 04:13:19.3602 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f9b80b06-85af-4fba-e451-08dc1e2520ed X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SJ1PEPF00001CDD.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR12MB7222 X-Stat-Signature: n8tz5iys7whurzkznxcyype3syr4d853 X-Rspamd-Server: rspam10 X-Rspamd-Queue-Id: 378281C000D X-Rspam-User: X-HE-Tag: 1706242402-666921 X-HE-Meta: U2FsdGVkX19vziHu368tSNR4u2Qnhy1p0GDrB0GPee+it+M7HppHCjpUJFM4gMMEGVpimM88b529HPGv2xrAr/5hp0iRxp+djKVeRtzrnZExDQpoXabORe1jdtFkeoiz6iD9aVc+TCHqWoZuTyS/3BmdWllR0wg3tBKO7724xfZkvGhB8OxsKVdkCrHOIcx7nitJYIPplLy1vQR1LbtjFADfyC14QaTLP1a68sGP/IqJNgRd5lfCZRdkKgzBupCKCmm4Oeu+lFVFSnXwLglAOHEPSb3NJwgUKYKQ+Rbe3vjMGpBa+7PVbLW2s2NAmLntUiMgS/qiUdVne4x51DfAvYkBY+i+rUZzOPoLwlqOkMKigvJBtrZX8l7uk302L/6tS+H41se36aawgsxowRKJtVL8o4L1+QlfL8U9EQbXbMzoKXVt+z8gKfgi5fwpEIKU4u5pmrpcW/gXsQtyhwmaH2oYxWJtgTF/EGr2HGV5tkQHfQcD8yYzXYIO4e+L0Yv79uNm+aSsXXu3wXuEoEAdf/cJMqGLm6lF91cRmYnZ+ElWKDeebZlhSjO/nPu8hXr90Qs0STyrPQQxNdhiaSsDRzlKBvhoUNAR3nnpRijN/fvjq2nyshXlhAkt+U2MvthVEyLlnAj3yc+gBcnB2xuwFfc31FIdIA+yZlHjHdqllpX/ne8qUDlzlbqsWUzkYDHUx8Go4r15UVx5ZLXBRLgMiOF2DZO+yTKEU254XsJnMwjekcP9lZF0MsCfwjgdoN0HX1YApf3+pbNjdZRj3123fUmTnrU/ttgibHSCX/AYUPqn8hiNgvprzpNmAk/F6Xe55A5VFzYA/DuAfDAyEPOFV/+ge9B4yzEBPM3GHacKrKaimRcyn2VyzGt0PlO+BzLNc06ApgbiXK6RbAaCiusBZPWpgFC4T9GC/eyTarcXhErSJSRo77PMngLk4AcV3LVzdXQ94emtlosh/bJcvTF tGO4bCXG 5HR4gxKX/jymMa0547U/NhcYUBTnkVOAGbtr16EvUswbDlI+kunNKVclYKMB5WGRFjE9zN+bA0VQWqcRTqyovNHVKWw+WwI/wku/R4aRc54IS87akM3R4/2rqTPa/gWG2rnevwN85sP6ICNl1o1X1pdE91X+asT2hdlBgkEzA2sV1y2m/1hKuVIwaRj8DhuP2KL19SbOrm5BbRRBHxUvG8zSm+oLYY5CID5YMFjvKEBrwrHgfGiTp0bUg4KX6FD470e5SQRyuP5532Hyp6YExlZdKtNRIbyIUDSMpNOQLB8R/ydQkj6ru8xBccbcY+EtOUN8YnMmn6WXJbi/OP9RHZnkbyJU2e/C05CqdVIfY0Ck2Ghek4PB8XkJNRLGutDFhc099a4hjLe6kpMG6C94qWihSJA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Mon, Jan 15, 2024 at 08:53:46PM +0100, Borislav Petkov wrote: > On Sat, Dec 30, 2023 at 10:19:41AM -0600, Michael Roth wrote: > > From: Brijesh Singh > > > > Before SNP VMs can be launched, the platform must be appropriately > > configured and initialized. Platform initialization is accomplished via > > the SNP_INIT command. Make sure to do a WBINVD and issue DF_FLUSH > > command to prepare for the first SNP guest launch after INIT. > ^^^^^^ > Which "INIT"? > > Sounds like after hipervisor's init... This is referring to the WBINVD/DF_FLUSH needs after SNP_INIT and before launch of first SNP guest. I'd actually already removed this line from the commit msg since it's explained in better detail in comments below and it seemed out of place where it originally was. -Mike > > > During the execution of SNP_INIT command, the firmware configures > > and enables SNP security policy enforcement in many system components. > > Some system components write to regions of memory reserved by early > > x86 firmware (e.g. UEFI). Other system components write to regions > > provided by the operation system, hypervisor, or x86 firmware. > > Such system components can only write to HV-fixed pages or Default > > pages. They will error when attempting to write to other page states > > "... to pages in other page states... " > > > after SNP_INIT enables their SNP enforcement. > > And yes, this version looks much better. Some text cleanups ontop: > > --- > diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c > index 85634d4f8cfe..7942ec730525 100644 > --- a/drivers/crypto/ccp/sev-dev.c > +++ b/drivers/crypto/ccp/sev-dev.c > @@ -549,24 +549,22 @@ static int __sev_snp_init_locked(int *error) > return 0; > } > > - /* > - * The SNP_INIT requires the MSR_VM_HSAVE_PA must be set to 0h > - * across all cores. > - */ > + /* SNP_INIT requires MSR_VM_HSAVE_PA to be cleared on all CPUs. */ > on_each_cpu(snp_set_hsave_pa, NULL, 1); > > /* > - * Starting in SNP firmware v1.52, the SNP_INIT_EX command takes a list of > - * system physical address ranges to convert into the HV-fixed page states > - * during the RMP initialization. For instance, the memory that UEFI > - * reserves should be included in the range list. This allows system > + * Starting in SNP firmware v1.52, the SNP_INIT_EX command takes a list > + * of system physical address ranges to convert into HV-fixed page > + * states during the RMP initialization. For instance, the memory that > + * UEFI reserves should be included in the that list. This allows system > * components that occasionally write to memory (e.g. logging to UEFI > - * reserved regions) to not fail due to RMP initialization and SNP enablement. > + * reserved regions) to not fail due to RMP initialization and SNP > + * enablement. > */ > if (sev_version_greater_or_equal(SNP_MIN_API_MAJOR, 52)) { > /* > * Firmware checks that the pages containing the ranges enumerated > - * in the RANGES structure are either in the Default page state or in the > + * in the RANGES structure are either in the default page state or in the > * firmware page state. > */ > snp_range_list = kzalloc(PAGE_SIZE, GFP_KERNEL); > @@ -577,7 +575,7 @@ static int __sev_snp_init_locked(int *error) > } > > /* > - * Retrieve all reserved memory regions setup by UEFI from the e820 memory map > + * Retrieve all reserved memory regions from the e820 memory map > * to be setup as HV-fixed pages. > */ > rc = walk_iomem_res_desc(IORES_DESC_NONE, IORESOURCE_MEM, 0, ~0, > @@ -599,14 +597,13 @@ static int __sev_snp_init_locked(int *error) > } > > /* > - * The following sequence must be issued before launching the > - * first SNP guest to ensure all dirty cache lines are flushed, > - * including from updates to the RMP table itself via RMPUPDATE > - * instructions: > + * The following sequence must be issued before launching the first SNP > + * guest to ensure all dirty cache lines are flushed, including from > + * updates to the RMP table itself via the RMPUPDATE instruction: > * > - * - WBINDV on all running CPUs > + * - WBINVD on all running CPUs > * - SEV_CMD_SNP_INIT[_EX] firmware command > - * - WBINDV on all running CPUs > + * - WBINVD on all running CPUs > * - SEV_CMD_SNP_DF_FLUSH firmware command > */ > wbinvd_on_all_cpus(); > > > > -- > Regards/Gruss, > Boris. > > https://people.kernel.org/tglx/notes-about-netiquette >