From: Paolo Bonzini <pbonzini@redhat.com>
To: Michael Roth <michael.roth@amd.com>
Cc: kvm@vger.kernel.org, linux-coco@lists.linux.dev,
linux-mm@kvack.org, linux-crypto@vger.kernel.org,
x86@kernel.org, linux-kernel@vger.kernel.org,
tglx@linutronix.de, mingo@redhat.com, jroedel@suse.de,
thomas.lendacky@amd.com, hpa@zytor.com, ardb@kernel.org,
seanjc@google.com, vkuznets@redhat.com, jmattson@google.com,
luto@kernel.org, dave.hansen@linux.intel.com, slp@redhat.com,
pgonda@google.com, peterz@infradead.org,
srinivas.pandruvada@linux.intel.com, rientjes@google.com,
dovmurik@linux.ibm.com, tobin@ibm.com, bp@alien8.de,
vbabka@suse.cz, kirill@shutemov.name, ak@linux.intel.com,
tony.luck@intel.com, sathyanarayanan.kuppuswamy@linux.intel.com,
alpergun@google.com, jarkko@kernel.org, ashish.kalra@amd.com,
nikunj.dadhania@amd.com, pankaj.gupta@amd.com,
liam.merwick@oracle.com, Brijesh Singh <brijesh.singh@amd.com>
Subject: Re: [PATCH v13 08/26] KVM: SEV: Add initial SEV-SNP support
Date: Fri, 19 Apr 2024 13:58:07 +0200 [thread overview]
Message-ID: <CABgObfbNd2Z85o3Wb-yr5qYSWYTadxZGuh6PP=r-5dNpa06ErA@mail.gmail.com> (raw)
In-Reply-To: <20240418194133.1452059-9-michael.roth@amd.com>
On Thu, Apr 18, 2024 at 9:51 PM Michael Roth <michael.roth@amd.com> wrote:
> diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
> index 535018f152a3..d31404953bf1 100644
> --- a/arch/x86/kvm/svm/svm.c
> +++ b/arch/x86/kvm/svm/svm.c
> @@ -4899,7 +4899,8 @@ static int svm_vm_init(struct kvm *kvm)
>
> if (type != KVM_X86_DEFAULT_VM &&
> type != KVM_X86_SW_PROTECTED_VM) {
> - kvm->arch.has_protected_state = (type == KVM_X86_SEV_ES_VM);
> + kvm->arch.has_protected_state =
> + (type == KVM_X86_SEV_ES_VM || type == KVM_X86_SNP_VM);
I'd rather set has_private_mem here too, rather than in x86.c
Also this patch is the place to have
diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index d31404953bf1..6209f70ab11a 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -2056,6 +2056,9 @@ static int npf_interception(struct kvm_vcpu *vcpu)
if (WARN_ON_ONCE(error_code & PFERR_SYNTHETIC_MASK))
error_code &= ~PFERR_SYNTHETIC_MASK;
+ if (sev_snp_guest(vcpu) && (error_code & PFERR_GUEST_ENC_MASK))
+ error_code |= PFERR_PRIVATE_ACCESS;
+
trace_kvm_page_fault(vcpu, fault_address, error_code);
return kvm_mmu_page_fault(vcpu, fault_address, error_code,
static_cpu_has(X86_FEATURE_DECODEASSISTS) ?
for the final shape of the MMU changes.
Paolo
> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> index 83b8260443a3..9923921904a2 100644
> --- a/arch/x86/kvm/x86.c
> +++ b/arch/x86/kvm/x86.c
> @@ -12598,7 +12598,7 @@ int kvm_arch_init_vm(struct kvm *kvm, unsigned long type)
>
> kvm->arch.vm_type = type;
> kvm->arch.has_private_mem =
> - (type == KVM_X86_SW_PROTECTED_VM);
> + (type == KVM_X86_SW_PROTECTED_VM || type == KVM_X86_SNP_VM);
>
> ret = kvm_page_track_init(kvm);
> if (ret)
> --
> 2.25.1
>
next prev parent reply other threads:[~2024-04-19 11:58 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-18 19:41 [PATCH v13 00/26] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support Michael Roth
2024-04-18 19:41 ` [PATCH v13 01/26] [TEMP] x86/kvm/Kconfig: Have KVM_AMD_SEV select ARCH_HAS_CC_PLATFORM Michael Roth
2024-04-18 19:41 ` [PATCH v13 02/26] [TEMP] x86/cc: Add cc_platform_set/_clear() helpers Michael Roth
2024-04-18 19:41 ` [PATCH v13 03/26] [TEMP] x86/CPU/AMD: Track SNP host status with cc_platform_*() Michael Roth
2024-04-18 19:41 ` [PATCH v13 04/26] KVM: guest_memfd: Fix PTR_ERR() handling in __kvm_gmem_get_pfn() Michael Roth
2024-04-19 12:58 ` David Hildenbrand
2024-04-19 15:11 ` Michael Roth
2024-04-19 16:17 ` Paolo Bonzini
2024-04-18 19:41 ` [PATCH v13 05/26] KVM: SEV: Select KVM_GENERIC_PRIVATE_MEM when CONFIG_KVM_AMD_SEV=y Michael Roth
2024-04-18 19:41 ` [PATCH v13 06/26] KVM: SEV: Add support to handle AP reset MSR protocol Michael Roth
2024-04-18 19:41 ` [PATCH v13 07/26] KVM: SEV: Add GHCB handling for Hypervisor Feature Support requests Michael Roth
2024-04-18 19:41 ` [PATCH v13 08/26] KVM: SEV: Add initial SEV-SNP support Michael Roth
2024-04-19 11:58 ` Paolo Bonzini [this message]
2024-04-18 19:41 ` [PATCH v13 09/26] KVM: SEV: Add KVM_SEV_SNP_LAUNCH_START command Michael Roth
2024-04-19 11:52 ` Paolo Bonzini
2024-04-19 14:19 ` Michael Roth
2024-04-19 16:13 ` Paolo Bonzini
2024-04-24 21:40 ` Sean Christopherson
2024-04-18 19:41 ` [PATCH v13 10/26] KVM: SEV: Add KVM_SEV_SNP_LAUNCH_UPDATE command Michael Roth
2024-04-19 11:56 ` Paolo Bonzini
2024-04-19 16:12 ` Paolo Bonzini
2024-04-21 17:52 ` Michael Roth
2024-04-18 19:41 ` [PATCH v13 11/26] KVM: SEV: Add KVM_SEV_SNP_LAUNCH_FINISH command Michael Roth
2024-04-18 19:41 ` [PATCH v13 12/26] KVM: SEV: Add support to handle GHCB GPA register VMGEXIT Michael Roth
2024-04-18 19:41 ` [PATCH v13 13/26] KVM: SEV: Add support to handle MSR based Page State Change VMGEXIT Michael Roth
2024-04-18 19:41 ` [PATCH v13 14/26] KVM: SEV: Add support to handle " Michael Roth
2024-04-18 19:41 ` [PATCH v13 15/26] KVM: SEV: Add support to handle RMP nested page faults Michael Roth
2024-04-18 19:41 ` [PATCH v13 16/26] KVM: SEV: Support SEV-SNP AP Creation NAE event Michael Roth
2024-04-19 12:01 ` Paolo Bonzini
2024-04-18 19:41 ` [PATCH v13 17/26] KVM: SEV: Add support for GHCB-based termination requests Michael Roth
2024-04-18 19:41 ` [PATCH v13 18/26] KVM: SEV: Implement gmem hook for initializing private pages Michael Roth
2024-04-18 19:41 ` [PATCH v13 19/26] KVM: SEV: Implement gmem hook for invalidating " Michael Roth
2024-04-18 19:41 ` [PATCH v13 20/26] KVM: x86: Implement gmem hook for determining max NPT mapping level Michael Roth
2024-04-18 19:41 ` [PATCH v13 21/26] KVM: SEV: Avoid WBINVD for HVA-based MMU notifications for SNP Michael Roth
2024-04-18 19:41 ` [PATCH v13 22/26] KVM: SVM: Add module parameter to enable SEV-SNP Michael Roth
2024-04-18 19:41 ` [PATCH v13 23/26] KVM: SEV: Provide support for SNP_GUEST_REQUEST NAE event Michael Roth
2024-04-18 19:41 ` [PATCH v13 24/26] crypto: ccp: Add the SNP_VLEK_LOAD command Michael Roth
2024-04-18 19:41 ` [PATCH v13 25/26] crypto: ccp: Add the SNP_{PAUSE,RESUME}_ATTESTATION commands Michael Roth
2024-04-18 19:41 ` [PATCH v13 26/26] KVM: SEV: Provide support for SNP_EXTENDED_GUEST_REQUEST NAE event Michael Roth
2024-04-19 12:04 ` [PATCH v13 00/26] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support Paolo Bonzini
2024-04-21 18:00 ` Michael Roth
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CABgObfbNd2Z85o3Wb-yr5qYSWYTadxZGuh6PP=r-5dNpa06ErA@mail.gmail.com' \
--to=pbonzini@redhat.com \
--cc=ak@linux.intel.com \
--cc=alpergun@google.com \
--cc=ardb@kernel.org \
--cc=ashish.kalra@amd.com \
--cc=bp@alien8.de \
--cc=brijesh.singh@amd.com \
--cc=dave.hansen@linux.intel.com \
--cc=dovmurik@linux.ibm.com \
--cc=hpa@zytor.com \
--cc=jarkko@kernel.org \
--cc=jmattson@google.com \
--cc=jroedel@suse.de \
--cc=kirill@shutemov.name \
--cc=kvm@vger.kernel.org \
--cc=liam.merwick@oracle.com \
--cc=linux-coco@lists.linux.dev \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luto@kernel.org \
--cc=michael.roth@amd.com \
--cc=mingo@redhat.com \
--cc=nikunj.dadhania@amd.com \
--cc=pankaj.gupta@amd.com \
--cc=peterz@infradead.org \
--cc=pgonda@google.com \
--cc=rientjes@google.com \
--cc=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=seanjc@google.com \
--cc=slp@redhat.com \
--cc=srinivas.pandruvada@linux.intel.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=tobin@ibm.com \
--cc=tony.luck@intel.com \
--cc=vbabka@suse.cz \
--cc=vkuznets@redhat.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox