From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8234EC48297 for ; Tue, 6 Feb 2024 23:52:04 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 198AF6B007D; Tue, 6 Feb 2024 18:52:04 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 148E46B007E; Tue, 6 Feb 2024 18:52:04 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 010D26B0080; Tue, 6 Feb 2024 18:52:03 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id E63766B007D for ; Tue, 6 Feb 2024 18:52:03 -0500 (EST) Received: from smtpin04.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id 89967A031C for ; Tue, 6 Feb 2024 23:52:03 +0000 (UTC) X-FDA: 81763029726.04.BC84A3D Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by imf06.hostedemail.com (Postfix) with ESMTP id B57B318000C for ; Tue, 6 Feb 2024 23:52:00 +0000 (UTC) Authentication-Results: imf06.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=ZQHqbVuF; dmarc=pass (policy=none) header.from=redhat.com; spf=pass (imf06.hostedemail.com: domain of pbonzini@redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=pbonzini@redhat.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1707263520; a=rsa-sha256; cv=none; b=8hwBwXPY0MQ/HODPwf69CxAdQ1H6mxCy8mbQ4sGBzkAvgQ9sm2fWJOaGc9lPNs/qXvh6R2 m2kY6cWjsxh/4RB6WEHp0d9KOJKyyawjLNswapu7Xk2DF3vb2eOoSMgy/5JZLYJvyTVlSs 2uRN41DNvfhrNH4JpDPy8dttLHhDJnk= ARC-Authentication-Results: i=1; imf06.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=ZQHqbVuF; dmarc=pass (policy=none) header.from=redhat.com; spf=pass (imf06.hostedemail.com: domain of pbonzini@redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=pbonzini@redhat.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1707263520; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=QlaMHMv+OFsz29LUU+CREUFzhlwBZ5CupOOm81GfonI=; b=2kuLWUJEeLJtUFcu1gGwjeokspSanX++bQCG8JUgJkf/DJ5AMoNfkCcVClfIYt4aqeftuJ pvp5PrplLm+OlFSLL56UZbUSAFnjfbfjI/u4KbUZi6fM5u8dHjCNHRivRLfYNT15/0lvwE 88BhY7WvZW/qFjZ+YBflS9d7HZtQnfo= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1707263520; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=QlaMHMv+OFsz29LUU+CREUFzhlwBZ5CupOOm81GfonI=; b=ZQHqbVuFBm+W6Lk+Yh1MrlU3M9A93ijvrwiaqt/Af/WbUrUemDJJloaClZ0OrG3yLF9QTp hPpgxzTe1irlTE0moUIkbCmERCY9/vFO7GwRSF4C6SFBrcj8juOYmtP9lOo/B93c2akbXf 0HzcidcdLjbdLOIiNLt1OpbUaIPFLmg= Received: from mail-ua1-f69.google.com (mail-ua1-f69.google.com [209.85.222.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-641-OxK-bB3dMRyQlO0QzZyPuQ-1; Tue, 06 Feb 2024 18:51:58 -0500 X-MC-Unique: OxK-bB3dMRyQlO0QzZyPuQ-1 Received: by mail-ua1-f69.google.com with SMTP id a1e0cc1a2514c-7d2df8a3e4dso1594241.3 for ; Tue, 06 Feb 2024 15:51:58 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707263518; x=1707868318; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=QlaMHMv+OFsz29LUU+CREUFzhlwBZ5CupOOm81GfonI=; b=F7O3KyQCII41H6W4qM0soI5dwgyFUK0/0o9FVU6SJCfB3Xe8JmEfby8DrfFU0WVsTO CvbinNmUp6N8EX8L39ifA2FEJ/ya+qmousfOTmJP4AX35EfSI7wnoEfhqKY6N4odF1BN hI7rfav24IrepbWqnsr7iRWItZhmSiCtQ8KRjyVVGed+1R7EyVjj09yKtORBEEnmkoS0 EApwLElPS7OJx4+Y6GA+ZZP+OfRqStBf3uGQv1iqD57tzuY6Bp3czb8iAtJZTx5KJSAF 1JgYk1JFgXySIl7Lu0omyTQJYoiJHOzfmakxxcfxFtCAadrJQwF3RX9GTX7evmGJjzCc RVJg== X-Gm-Message-State: AOJu0Yy1dA1ymbL9drXzbCXXZACNiguiQI/NBwMEGBB9d2nHgd9qdmuu jQkqcZCi/nVyJ55EVRubFJoDfgD1/heLvlfPSFRJJiEUhksJBlKuLo6VpoQfsYHFuA3v9aNlcU6 69XgpYLvD0fJLW2IMEHwXWMI68kT42clS00XSHUnj4MZGgrUJhxEXItY6u7qe0+VaxFBvK5c6iQ Xd/ZgA8M+nteimLYhtAaixaRk= X-Received: by 2002:a05:6102:cf:b0:46c:fd63:bde1 with SMTP id u15-20020a05610200cf00b0046cfd63bde1mr1286403vsp.19.1707263518111; Tue, 06 Feb 2024 15:51:58 -0800 (PST) X-Google-Smtp-Source: AGHT+IF70k2IB6sfXGMG5DxBsPeJSyX4Z7lyvMyz2eIY0biSnZnIU+nH0ONxsk7eIwQOzejVn484uJrg8s77iTZynRo= X-Received: by 2002:a05:6102:cf:b0:46c:fd63:bde1 with SMTP id u15-20020a05610200cf00b0046cfd63bde1mr1286379vsp.19.1707263517863; Tue, 06 Feb 2024 15:51:57 -0800 (PST) MIME-Version: 1.0 References: <20231230172351.574091-1-michael.roth@amd.com> <20231230172351.574091-16-michael.roth@amd.com> In-Reply-To: <20231230172351.574091-16-michael.roth@amd.com> From: Paolo Bonzini Date: Wed, 7 Feb 2024 00:51:46 +0100 Message-ID: Subject: Re: [PATCH v11 15/35] KVM: SEV: Add KVM_SNP_INIT command To: Michael Roth Cc: kvm@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org, tglx@linutronix.de, mingo@redhat.com, jroedel@suse.de, thomas.lendacky@amd.com, hpa@zytor.com, ardb@kernel.org, seanjc@google.com, vkuznets@redhat.com, jmattson@google.com, luto@kernel.org, dave.hansen@linux.intel.com, slp@redhat.com, pgonda@google.com, peterz@infradead.org, srinivas.pandruvada@linux.intel.com, rientjes@google.com, dovmurik@linux.ibm.com, tobin@ibm.com, bp@alien8.de, vbabka@suse.cz, kirill@shutemov.name, ak@linux.intel.com, tony.luck@intel.com, sathyanarayanan.kuppuswamy@linux.intel.com, alpergun@google.com, jarkko@kernel.org, ashish.kalra@amd.com, nikunj.dadhania@amd.com, pankaj.gupta@amd.com, liam.merwick@oracle.com, zhi.a.wang@intel.com, Brijesh Singh , Pavan Kumar Paluri X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspam-User: X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: B57B318000C X-Stat-Signature: rsnnroifexi6q4tu4tdwbk86wf9dstrd X-HE-Tag: 1707263520-657812 X-HE-Meta: U2FsdGVkX1+VlyRqu5kIc+sgSG35Z12qO4P064VSeBF1dxxOzXDa75Z81eUTHnbheWxzrf+rxagpuhQ2ou3k7LAjUbkqhAEwTlp1WauqwXLVCpOimAAVOt5b3woyx1cS7AU97Q1qtqIGvIDqDSxAqMatAggMsfY8dYsbD1qvx5H+kOK8IXczDaBmX1FdZqDAC7/ITpz/4mChfDilfIatz0kUpZXMpNHyAgdCjNH+YZ3PhBi9+7jR0mpn0VFVkVgcUZMkMLpzMV/VrKxKNJWp72KPOqCvxm30Ya8Qxo3bp+0tpACd7pPNkTnh+6RlK/3yNjoSiPQeZZQUCqOR6GEWUseaSUUjXgbhBb4PYRWKkF3irEslOFKpNIRl3LjSLopXfT+vx0JJ++5gYuTgx4RuizOac45RdbbMZ0KSuKKoKP6Qp5gk455P9K4s1g5/pbJATyS6jOy5BZh8eCa2+cgz+HUzMcrevBrVslLeAD0of4dy38fyQKipDRse1TxvDB/4UJZ0SfLQNTRyhOhfL+Ix2NSZ7Aj4P4XBFBwOeCR39giGDDsJiReSdN0D2yOhKNX6bYX+Eroa1BTGIhWpCKvcaYR1pXcV8LcQn1J3RMRE3BnU1u5Cm07EikUWvP6x2fo9qGBxTmIPCwwYlbUdcuuYzjKI59atdUhMCLy4DHIocoaHTPMg9w48uBNlGyWpP0Pl4NqIeb/r4TAE5CIpG80atGmriK4YFsIPR8HSyX+OZa2Qx7oRxU6oiv5PRtlzmGc0X3xoWuWyuvD1Er6UE7sXlZ2AvF3LpfutH9uu/j1BBpQ9WGBEOysTdBEnEXqfXztSbu+0Gfg3fTO+miA8sRs3APMNVCVsNhXhO/LmO1SxkQWqCqkfF+rey1+dPuD5kcsGBcz7f3fVFGGFpwngs22nMSm5ds2CrXX3gbasOfVh3YAUcDConcRYr/6ICiPvjZItw7nkslb5756ZNzNJXTm yxV2SlFt Q6s/CI2762f1jMsrtQIXGrV6tNnr9oCVheIY4TA8TTSXyeMexCazdCcIQ9Q== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000273, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Sat, Dec 30, 2023 at 6:26=E2=80=AFPM Michael Roth = wrote: > > From: Brijesh Singh > > The KVM_SNP_INIT command is used by the hypervisor to initialize the > SEV-SNP platform context. In a typical workflow, this command should be > the first command issued. When creating SEV-SNP guest, the VMM must use > this command instead of the KVM_SEV_INIT or KVM_SEV_ES_INIT. > > The flags value must be zero, it will be extended in future SNP support > to communicate the optional features (such as restricted INT injection > etc). We have a (preexisting) problem in that KVM_SEV_INIT and KVM_SEV_ES_INIT are not flexible enough. debug_swap has broken measurements of the VMSA because it changed the contents of the VMSA under userspace's feet, therefore VMSA features need to be passed into the API somehow. It's preexisting but we need to fix it before the new KVM_SNP_INIT API makes it worse. I have started prototyping a change to move SEV-ES/SEV-SNP to KVM_CREATE_VM, and introduce a single KVM_SEV_INIT_VM operation that can be used for the PSP initialization. > +The flags bitmap is defined as:: > + > + /* enable the restricted injection */ > + #define KVM_SEV_SNP_RESTRICTED_INJET (1<<0) > + > + /* enable the restricted injection timer */ > + #define KVM_SEV_SNP_RESTRICTED_TIMER_INJET (1<<1) These are not yet supported, so they might as well not be documented. If you want to document them, you need to provide an API to query SEV_SNP_SUPPORTED_FLAGS. Let's do that later. > + if (params.flags & ~SEV_SNP_SUPPORTED_FLAGS) > + ret =3D -EOPNOTSUPP; > + > + params.flags =3D SEV_SNP_SUPPORTED_FLAGS; This assignment is not necessary. Paolo