From: Dave Hansen <dave.hansen@intel.com>
To: Michael Roth <michael.roth@amd.com>
Cc: kvm@vger.kernel.org, linux-coco@lists.linux.dev,
linux-mm@kvack.org, linux-crypto@vger.kernel.org, x86@kernel.org,
linux-kernel@vger.kernel.org, tglx@linutronix.de,
mingo@redhat.com, jroedel@suse.de, thomas.lendacky@amd.com,
hpa@zytor.com, ardb@kernel.org, pbonzini@redhat.com,
seanjc@google.com, vkuznets@redhat.com, jmattson@google.com,
luto@kernel.org, dave.hansen@linux.intel.com, slp@redhat.com,
pgonda@google.com, peterz@infradead.org,
srinivas.pandruvada@linux.intel.com, rientjes@google.com,
dovmurik@linux.ibm.com, tobin@ibm.com, bp@alien8.de,
vbabka@suse.cz, kirill@shutemov.name, ak@linux.intel.com,
tony.luck@intel.com, marcorr@google.com,
sathyanarayanan.kuppuswamy@linux.intel.com, alpergun@google.com,
dgilbert@redhat.com, jarkko@kernel.org, ashish.kalra@amd.com,
nikunj.dadhania@amd.com, liam.merwick@oracle.com,
zhi.a.wang@intel.com, Brijesh Singh <brijesh.singh@amd.com>
Subject: Re: [PATCH RFC v9 09/51] x86/sev: Add RMP entry lookup helpers
Date: Fri, 30 Jun 2023 15:29:54 -0700 [thread overview]
Message-ID: <522b0954-749e-33be-59a7-4ce28e8c4d5c@intel.com> (raw)
In-Reply-To: <20230630215709.owobzb5cr2wtkqhd@amd.com>
On 6/30/23 14:57, Michael Roth wrote:
> On Mon, Jun 12, 2023 at 09:08:58AM -0700, Dave Hansen wrote:
>> On 6/11/23 21:25, Michael Roth wrote:
>>> +/*
>>> + * The RMP entry format is not architectural. The format is defined in PPR
>>> + * Family 19h Model 01h, Rev B1 processor.
>>> + */
>>> +struct rmpentry {
>>> + union {
>>> + struct {
>>> + u64 assigned : 1,
>>> + pagesize : 1,
>>> + immutable : 1,
>>> + rsvd1 : 9,
>>> + gpa : 39,
>>> + asid : 10,
>>> + vmsa : 1,
>>> + validated : 1,
>>> + rsvd2 : 1;
>>> + } info;
>>> + u64 low;
>>> + };
>>> + u64 high;
>>> +} __packed;
>>
>> What's 'high' used for? The PPR says it's reserved. Why not call it
>> reserved?
>>
>> It _looks_ like it's only used for a debugging pr_info(). It makes the
>> struct look kinda goofy. I'd much rather limit the goofiness to the
>> "dumping" code, like:
>>
>> u64 *__e = (void *)e;
>> ....
>> pr_info("RMPEntry paddr 0x%llx: [high=0x%016llx low=0x%016llx]\n",
>> pfn << PAGE_SHIFT, __e[0], __e[1]);
>>
>> BTW, why does it do any good to dump all these reserved fields?
>>
>
> The reserved bits sometimes contain information that can be useful to
> pass along to folks on the firmware side, so would definitely be helpful
> to provide the full raw contents of the RMP entry.
Ahh, OK. Could you include a comment to that effect, please?
> So maybe something like this better captures the intended usage:
>
> struct rmpentry {
> union {
> struct {
> u64 assigned : 1,
> pagesize : 1,
> immutable : 1,
> rsvd1 : 9,
> gpa : 39,
> asid : 10,
> vmsa : 1,
> validated : 1,
> rsvd2 : 1;
> u64 rsvd3;
> } info;
> u64 data[2];
> };
> } __packed;
>
> But dropping the union and casting to u64[] locally in the debug/dumping
> routine should work fine as well.
Yeah, I'd suggest doing the nasty casting in the debug function. That
makes it much more clear what the hardware is doing with the entries.
The hardware doesn't treat the struct as 2*u64's at all.
...
>>> + ret = rmptable_entry(paddr, entry);
>>> + if (ret)
>>> + return ret;
>>> +
>>> + /* Read a large RMP entry to get the correct page level used in RMP entry. */
>>> + ret = rmptable_entry(paddr & PMD_MASK, &large_entry);
>>> + if (ret)
>>> + return ret;
>>> +
>>> + *level = RMP_TO_X86_PG_LEVEL(rmpentry_pagesize(&large_entry));
>>> +
>>> + return 0;
>>> +}
>>
>> This is a bit weird. Should it say something like this?
>>
>> To do an 4k RMP lookup the hardware looks at two places in the RMP:
>
> I'd word this as:
>
> "To query all the relevant bit of an 4k RMP entry, the kernel must access
> 2 entries in the RMP table:"
>
> Because it's possible hardware only looks at the 2M entry for
> hardware-based lookups, depending on where the access is coming from, or
> how the memory at the PFN range is mapped.
>
> But otherwise it seems like an accurate description.
The wording you suggest is a bit imprecise. For a 2M-aligned 4k page,
there is only *one* location, *one* entry.
Also, we're not doing a lookup for an RMP entry. We're doing it for a
_pfn_ that results in an RMP entry.
How about this:
/*
* Find the authoritative RMP entry for a PFN. This can be either a 4k
* RMP entry or a special large RMP entry that is authoritative for a
* whole 2M area.
*/
...
>>> +#ifdef CONFIG_KVM_AMD_SEV
>>> +int snp_lookup_rmpentry(u64 pfn, bool *assigned, int *level);
>>> +#else
>>> +static inline int snp_lookup_rmpentry(u64 pfn, bool *assigned, int *level) { return 0; }
>>> +#endif
>>
>> Above, -ENXIO was returned when SEV-SNP was not supported. Here, 0 is
>> returned when it is compiled out. That inconsistent.
>>
>> Is snp_lookup_rmpentry() acceptable when SEV-SNP is in play? I'd like
>> to see consistency between when it is compiled out and when it is
>> compiled in but unsupported on the CPU.
>
> I really don't think anything in the kernel should be calling
> snp_lookup_rmpentry(), so I think it makes sense to adoption the -ENXIO
> convention here and in any other stubs where that applies.
Sounds good to me. Just please make them consistent.
next prev parent reply other threads:[~2023-06-30 22:30 UTC|newest]
Thread overview: 102+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-12 4:25 [PATCH RFC v9 00/51] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 01/51] KVM: x86: Add gmem hook for initializing private memory Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 02/51] KVM: x86: Add gmem hook for invalidating " Michael Roth
2023-06-12 10:49 ` Borislav Petkov
2023-06-19 13:39 ` Borislav Petkov
2023-06-12 4:25 ` [PATCH RFC v9 03/51] KVM: x86: Use full 64-bit error code for kvm_mmu_do_page_fault Michael Roth
2023-06-14 14:24 ` Isaku Yamahata
2023-06-12 4:25 ` [PATCH RFC v9 04/51] KVM: x86: Determine shared/private faults using a configurable mask Michael Roth
2023-06-14 16:47 ` Isaku Yamahata
2023-06-20 20:28 ` Michael Roth
2023-06-20 21:18 ` Isaku Yamahata
2023-06-21 23:00 ` Michael Roth
2023-06-22 8:01 ` Isaku Yamahata
2023-06-22 9:55 ` Huang, Kai
2023-06-22 15:32 ` Michael Roth
2023-06-22 22:31 ` Huang, Kai
2023-06-22 23:39 ` Isaku Yamahata
2023-06-22 23:52 ` Huang, Kai
2023-06-23 14:43 ` Isaku Yamahata
2023-06-19 16:27 ` Borislav Petkov
2023-06-20 20:36 ` Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 05/51] x86/coco: move CONFIG_HAS_CC_PLATFORM check down into coco/Makefile Michael Roth
2023-06-12 7:07 ` Kirill A . Shutemov
2023-06-20 12:09 ` Borislav Petkov
2023-06-20 20:43 ` Michael Roth
2023-06-21 8:54 ` Borislav Petkov
2023-06-29 21:02 ` Michael Roth
2023-07-10 3:05 ` Sathyanarayanan Kuppuswamy
2023-07-10 13:11 ` Tom Lendacky
2023-06-12 4:25 ` [PATCH RFC v9 06/51] x86/cpufeatures: Add SEV-SNP CPU feature Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 07/51] x86/sev: Add the host SEV-SNP initialization support Michael Roth
2023-06-12 15:34 ` Dave Hansen
2023-06-21 9:15 ` Borislav Petkov
2023-06-21 14:31 ` Dave Hansen
2023-06-21 15:59 ` Borislav Petkov
2023-06-21 9:42 ` Borislav Petkov
2023-06-21 14:36 ` Tom Lendacky
2023-06-21 19:15 ` Kalra, Ashish
2023-08-09 13:03 ` Jeremi Piotrowski
2023-06-12 4:25 ` [PATCH RFC v9 08/51] x86/speculation: Do not enable Automatic IBRS if SEV SNP is enabled Michael Roth
2023-06-12 15:39 ` Dave Hansen
2023-07-18 22:34 ` Kim Phillips
2023-07-18 23:17 ` Dave Hansen
2023-07-20 19:11 ` Kim Phillips
2023-07-20 22:24 ` Dave Hansen
2023-07-21 16:56 ` Kim Phillips
2023-06-12 4:25 ` [PATCH RFC v9 09/51] x86/sev: Add RMP entry lookup helpers Michael Roth
2023-06-12 16:08 ` Dave Hansen
2023-06-30 21:57 ` Michael Roth
2023-06-30 22:29 ` Dave Hansen [this message]
2023-06-12 4:25 ` [PATCH RFC v9 10/51] x86/fault: Add helper for dumping RMP entries Michael Roth
2023-06-12 16:12 ` Dave Hansen
2023-06-12 4:25 ` [PATCH RFC v9 11/51] x86/traps: Define RMP violation #PF error code Michael Roth
2023-06-12 16:26 ` Dave Hansen
2023-06-12 4:25 ` [PATCH RFC v9 12/51] x86/fault: Report RMP page faults for kernel addresses Michael Roth
2023-06-12 16:30 ` Dave Hansen
2023-06-12 4:25 ` [PATCH RFC v9 13/51] x86/fault: Handle RMP page faults for user addresses Michael Roth
2023-06-12 16:40 ` Dave Hansen
2023-06-12 4:25 ` [PATCH RFC v9 14/51] x86/sev: Add helper functions for RMPUPDATE and PSMASH instruction Michael Roth
2023-06-12 17:00 ` Dave Hansen
2023-06-12 4:25 ` [PATCH RFC v9 15/51] x86/sev: Invalidate pages from the direct map when adding them to the RMP table Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 16/51] crypto: ccp: Define the SEV-SNP commands Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 17/51] crypto: ccp: Add support to initialize the AMD-SP for SEV-SNP Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 18/51] crypto: ccp: Provide API to issue SEV and SNP commands Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 19/51] x86/sev: Introduce snp leaked pages list Michael Roth
2023-08-09 12:46 ` Jeremi Piotrowski
2023-06-12 4:25 ` [PATCH RFC v9 20/51] crypto: ccp: Handle the legacy TMR allocation when SNP is enabled Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 21/51] crypto: ccp: Handle the legacy SEV command " Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 22/51] crypto: ccp: Add the SNP_PLATFORM_STATUS command Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 23/51] KVM: SEV: Select CONFIG_KVM_PROTECTED_VM when CONFIG_KVM_AMD_SEV=y Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 24/51] KVM: SVM: Add support to handle AP reset MSR protocol Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 25/51] KVM: SVM: Add GHCB handling for Hypervisor Feature Support requests Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 26/51] KVM: SVM: Make AVIC backing, VMSA and VMCB memory allocation SNP safe Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 27/51] KVM: SVM: Add initial SEV-SNP support Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 28/51] KVM: SVM: Add KVM_SNP_INIT command Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 29/51] KVM: SVM: Add KVM_SEV_SNP_LAUNCH_START command Michael Roth
2023-06-12 17:08 ` Peter Gonda
2023-06-12 4:25 ` [PATCH RFC v9 30/51] KVM: Add HVA range operator Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 31/51] KVM: Split out memory attribute xarray updates to helper function Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 32/51] KVM: SVM: Add KVM_SEV_SNP_LAUNCH_UPDATE command Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 33/51] KVM: SVM: Add KVM_SEV_SNP_LAUNCH_FINISH command Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 34/51] KVM: SVM: Add support to handle GHCB GPA register VMGEXIT Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 35/51] KVM: SVM: Add KVM_EXIT_VMGEXIT Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 36/51] KVM: SVM: Add support to handle MSR based Page State Change VMGEXIT Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 37/51] KVM: SVM: Add support to handle " Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 38/51] KVM: x86: Export the kvm_zap_gfn_range() for the SNP use Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 39/51] KVM: x86: Define RMP page fault error bits for #NPF Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 40/51] KVM: SVM: Add support to handle RMP nested page faults Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 41/51] KVM: SVM: Use a VMSA physical address variable for populating VMCB Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 42/51] KVM: SVM: Support SEV-SNP AP Creation NAE event Michael Roth
2023-08-15 16:00 ` Peter Gonda
2023-06-12 4:25 ` [PATCH RFC v9 43/51] KVM: SEV: Configure MMU to check for private fault flags Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 44/51] KVM: SEV: Implement gmem hook for initializing private pages Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 45/51] KVM: SEV: Implement gmem hook for invalidating " Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 46/51] KVM: SVM: Add module parameter to enable the SEV-SNP Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 47/51] iommu/amd: Add IOMMU_SNP_SHUTDOWN support Michael Roth
2023-09-07 10:31 ` Suthikulpanit, Suravee
2023-06-12 4:25 ` [PATCH RFC v9 48/51] crypto: ccp: Add the SNP_{SET,GET}_EXT_CONFIG command Michael Roth
2023-06-13 6:24 ` Alexey Kardashevskiy
2023-06-12 4:25 ` [PATCH RFC v9 49/51] x86/sev: Add KVM commands for per-instance certs Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 50/51] KVM: SVM: Provide support for SNP_GUEST_REQUEST NAE event Michael Roth
2023-06-12 4:25 ` [PATCH RFC v9 51/51] crypto: ccp: Add debug support for decrypting pages Michael Roth
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=522b0954-749e-33be-59a7-4ce28e8c4d5c@intel.com \
--to=dave.hansen@intel.com \
--cc=ak@linux.intel.com \
--cc=alpergun@google.com \
--cc=ardb@kernel.org \
--cc=ashish.kalra@amd.com \
--cc=bp@alien8.de \
--cc=brijesh.singh@amd.com \
--cc=dave.hansen@linux.intel.com \
--cc=dgilbert@redhat.com \
--cc=dovmurik@linux.ibm.com \
--cc=hpa@zytor.com \
--cc=jarkko@kernel.org \
--cc=jmattson@google.com \
--cc=jroedel@suse.de \
--cc=kirill@shutemov.name \
--cc=kvm@vger.kernel.org \
--cc=liam.merwick@oracle.com \
--cc=linux-coco@lists.linux.dev \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luto@kernel.org \
--cc=marcorr@google.com \
--cc=michael.roth@amd.com \
--cc=mingo@redhat.com \
--cc=nikunj.dadhania@amd.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=pgonda@google.com \
--cc=rientjes@google.com \
--cc=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=seanjc@google.com \
--cc=slp@redhat.com \
--cc=srinivas.pandruvada@linux.intel.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=tobin@ibm.com \
--cc=tony.luck@intel.com \
--cc=vbabka@suse.cz \
--cc=vkuznets@redhat.com \
--cc=x86@kernel.org \
--cc=zhi.a.wang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox