From: Michael Roth <michael.roth@amd.com>
To: <kvm@vger.kernel.org>
Cc: <linux-coco@lists.linux.dev>, <linux-mm@kvack.org>,
<linux-crypto@vger.kernel.org>, <x86@kernel.org>,
<linux-kernel@vger.kernel.org>, <tglx@linutronix.de>,
<mingo@redhat.com>, <jroedel@suse.de>, <thomas.lendacky@amd.com>,
<hpa@zytor.com>, <ardb@kernel.org>, <pbonzini@redhat.com>,
<seanjc@google.com>, <vkuznets@redhat.com>, <jmattson@google.com>,
<luto@kernel.org>, <dave.hansen@linux.intel.com>,
<slp@redhat.com>, <pgonda@google.com>, <peterz@infradead.org>,
<srinivas.pandruvada@linux.intel.com>, <rientjes@google.com>,
<dovmurik@linux.ibm.com>, <tobin@ibm.com>, <bp@alien8.de>,
<vbabka@suse.cz>, <kirill@shutemov.name>, <ak@linux.intel.com>,
<tony.luck@intel.com>,
<sathyanarayanan.kuppuswamy@linux.intel.com>,
<alpergun@google.com>, <jarkko@kernel.org>,
<ashish.kalra@amd.com>, <nikunj.dadhania@amd.com>,
<pankaj.gupta@amd.com>, <liam.merwick@oracle.com>
Subject: [PATCH v13 02/26] [TEMP] x86/cc: Add cc_platform_set/_clear() helpers
Date: Thu, 18 Apr 2024 14:41:09 -0500 [thread overview]
Message-ID: <20240418194133.1452059-3-michael.roth@amd.com> (raw)
In-Reply-To: <20240418194133.1452059-1-michael.roth@amd.com>
From: "Borislav Petkov (AMD)" <bp@alien8.de>
Add functionality to set and/or clear different attributes of the
machine as a confidential computing platform. Add the first one too:
whether the machine is running as a host for SEV-SNP guests.
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Signed-off-by: Michael Roth <michael.roth@amd.com>
---
arch/x86/coco/core.c | 52 +++++++++++++++++++++++++++++++++++++
include/linux/cc_platform.h | 12 +++++++++
2 files changed, 64 insertions(+)
diff --git a/arch/x86/coco/core.c b/arch/x86/coco/core.c
index d07be9d05cd0..8c3fae23d3c6 100644
--- a/arch/x86/coco/core.c
+++ b/arch/x86/coco/core.c
@@ -16,6 +16,11 @@
enum cc_vendor cc_vendor __ro_after_init = CC_VENDOR_NONE;
u64 cc_mask __ro_after_init;
+static struct cc_attr_flags {
+ __u64 host_sev_snp : 1,
+ __resv : 63;
+} cc_flags;
+
static bool noinstr intel_cc_platform_has(enum cc_attr attr)
{
switch (attr) {
@@ -89,6 +94,9 @@ static bool noinstr amd_cc_platform_has(enum cc_attr attr)
case CC_ATTR_GUEST_SEV_SNP:
return sev_status & MSR_AMD64_SEV_SNP_ENABLED;
+ case CC_ATTR_HOST_SEV_SNP:
+ return cc_flags.host_sev_snp;
+
default:
return false;
}
@@ -148,3 +156,47 @@ u64 cc_mkdec(u64 val)
}
}
EXPORT_SYMBOL_GPL(cc_mkdec);
+
+static void amd_cc_platform_clear(enum cc_attr attr)
+{
+ switch (attr) {
+ case CC_ATTR_HOST_SEV_SNP:
+ cc_flags.host_sev_snp = 0;
+ break;
+ default:
+ break;
+ }
+}
+
+void cc_platform_clear(enum cc_attr attr)
+{
+ switch (cc_vendor) {
+ case CC_VENDOR_AMD:
+ amd_cc_platform_clear(attr);
+ break;
+ default:
+ break;
+ }
+}
+
+static void amd_cc_platform_set(enum cc_attr attr)
+{
+ switch (attr) {
+ case CC_ATTR_HOST_SEV_SNP:
+ cc_flags.host_sev_snp = 1;
+ break;
+ default:
+ break;
+ }
+}
+
+void cc_platform_set(enum cc_attr attr)
+{
+ switch (cc_vendor) {
+ case CC_VENDOR_AMD:
+ amd_cc_platform_set(attr);
+ break;
+ default:
+ break;
+ }
+}
diff --git a/include/linux/cc_platform.h b/include/linux/cc_platform.h
index cb0d6cd1c12f..60693a145894 100644
--- a/include/linux/cc_platform.h
+++ b/include/linux/cc_platform.h
@@ -90,6 +90,14 @@ enum cc_attr {
* Examples include TDX Guest.
*/
CC_ATTR_HOTPLUG_DISABLED,
+
+ /**
+ * @CC_ATTR_HOST_SEV_SNP: AMD SNP enabled on the host.
+ *
+ * The host kernel is running with the necessary features
+ * enabled to run SEV-SNP guests.
+ */
+ CC_ATTR_HOST_SEV_SNP,
};
#ifdef CONFIG_ARCH_HAS_CC_PLATFORM
@@ -107,10 +115,14 @@ enum cc_attr {
* * FALSE - Specified Confidential Computing attribute is not active
*/
bool cc_platform_has(enum cc_attr attr);
+void cc_platform_set(enum cc_attr attr);
+void cc_platform_clear(enum cc_attr attr);
#else /* !CONFIG_ARCH_HAS_CC_PLATFORM */
static inline bool cc_platform_has(enum cc_attr attr) { return false; }
+static inline void cc_platform_set(enum cc_attr attr) { }
+static inline void cc_platform_clear(enum cc_attr attr) { }
#endif /* CONFIG_ARCH_HAS_CC_PLATFORM */
--
2.25.1
next prev parent reply other threads:[~2024-04-18 19:49 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-18 19:41 [PATCH v13 00/26] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support Michael Roth
2024-04-18 19:41 ` [PATCH v13 01/26] [TEMP] x86/kvm/Kconfig: Have KVM_AMD_SEV select ARCH_HAS_CC_PLATFORM Michael Roth
2024-04-18 19:41 ` Michael Roth [this message]
2024-04-18 19:41 ` [PATCH v13 03/26] [TEMP] x86/CPU/AMD: Track SNP host status with cc_platform_*() Michael Roth
2024-04-18 19:41 ` [PATCH v13 04/26] KVM: guest_memfd: Fix PTR_ERR() handling in __kvm_gmem_get_pfn() Michael Roth
2024-04-19 12:58 ` David Hildenbrand
2024-04-19 15:11 ` Michael Roth
2024-04-19 16:17 ` Paolo Bonzini
2024-04-18 19:41 ` [PATCH v13 05/26] KVM: SEV: Select KVM_GENERIC_PRIVATE_MEM when CONFIG_KVM_AMD_SEV=y Michael Roth
2024-04-18 19:41 ` [PATCH v13 06/26] KVM: SEV: Add support to handle AP reset MSR protocol Michael Roth
2024-04-18 19:41 ` [PATCH v13 07/26] KVM: SEV: Add GHCB handling for Hypervisor Feature Support requests Michael Roth
2024-04-18 19:41 ` [PATCH v13 08/26] KVM: SEV: Add initial SEV-SNP support Michael Roth
2024-04-19 11:58 ` Paolo Bonzini
2024-04-18 19:41 ` [PATCH v13 09/26] KVM: SEV: Add KVM_SEV_SNP_LAUNCH_START command Michael Roth
2024-04-19 11:52 ` Paolo Bonzini
2024-04-19 14:19 ` Michael Roth
2024-04-19 16:13 ` Paolo Bonzini
2024-04-24 21:40 ` Sean Christopherson
2024-04-18 19:41 ` [PATCH v13 10/26] KVM: SEV: Add KVM_SEV_SNP_LAUNCH_UPDATE command Michael Roth
2024-04-19 11:56 ` Paolo Bonzini
2024-04-19 16:12 ` Paolo Bonzini
2024-04-21 17:52 ` Michael Roth
2024-04-18 19:41 ` [PATCH v13 11/26] KVM: SEV: Add KVM_SEV_SNP_LAUNCH_FINISH command Michael Roth
2024-04-18 19:41 ` [PATCH v13 12/26] KVM: SEV: Add support to handle GHCB GPA register VMGEXIT Michael Roth
2024-04-18 19:41 ` [PATCH v13 13/26] KVM: SEV: Add support to handle MSR based Page State Change VMGEXIT Michael Roth
2024-04-18 19:41 ` [PATCH v13 14/26] KVM: SEV: Add support to handle " Michael Roth
2024-04-18 19:41 ` [PATCH v13 15/26] KVM: SEV: Add support to handle RMP nested page faults Michael Roth
2024-04-18 19:41 ` [PATCH v13 16/26] KVM: SEV: Support SEV-SNP AP Creation NAE event Michael Roth
2024-04-19 12:01 ` Paolo Bonzini
2024-04-18 19:41 ` [PATCH v13 17/26] KVM: SEV: Add support for GHCB-based termination requests Michael Roth
2024-04-18 19:41 ` [PATCH v13 18/26] KVM: SEV: Implement gmem hook for initializing private pages Michael Roth
2024-04-18 19:41 ` [PATCH v13 19/26] KVM: SEV: Implement gmem hook for invalidating " Michael Roth
2024-04-18 19:41 ` [PATCH v13 20/26] KVM: x86: Implement gmem hook for determining max NPT mapping level Michael Roth
2024-04-18 19:41 ` [PATCH v13 21/26] KVM: SEV: Avoid WBINVD for HVA-based MMU notifications for SNP Michael Roth
2024-04-18 19:41 ` [PATCH v13 22/26] KVM: SVM: Add module parameter to enable SEV-SNP Michael Roth
2024-04-18 19:41 ` [PATCH v13 23/26] KVM: SEV: Provide support for SNP_GUEST_REQUEST NAE event Michael Roth
2024-04-18 19:41 ` [PATCH v13 24/26] crypto: ccp: Add the SNP_VLEK_LOAD command Michael Roth
2024-04-18 19:41 ` [PATCH v13 25/26] crypto: ccp: Add the SNP_{PAUSE,RESUME}_ATTESTATION commands Michael Roth
2024-04-18 19:41 ` [PATCH v13 26/26] KVM: SEV: Provide support for SNP_EXTENDED_GUEST_REQUEST NAE event Michael Roth
2024-04-19 12:04 ` [PATCH v13 00/26] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support Paolo Bonzini
2024-04-21 18:00 ` Michael Roth
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240418194133.1452059-3-michael.roth@amd.com \
--to=michael.roth@amd.com \
--cc=ak@linux.intel.com \
--cc=alpergun@google.com \
--cc=ardb@kernel.org \
--cc=ashish.kalra@amd.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=dovmurik@linux.ibm.com \
--cc=hpa@zytor.com \
--cc=jarkko@kernel.org \
--cc=jmattson@google.com \
--cc=jroedel@suse.de \
--cc=kirill@shutemov.name \
--cc=kvm@vger.kernel.org \
--cc=liam.merwick@oracle.com \
--cc=linux-coco@lists.linux.dev \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=nikunj.dadhania@amd.com \
--cc=pankaj.gupta@amd.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=pgonda@google.com \
--cc=rientjes@google.com \
--cc=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=seanjc@google.com \
--cc=slp@redhat.com \
--cc=srinivas.pandruvada@linux.intel.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=tobin@ibm.com \
--cc=tony.luck@intel.com \
--cc=vbabka@suse.cz \
--cc=vkuznets@redhat.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox