From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4AE73C00140 for ; Wed, 24 Aug 2022 19:29:02 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 6818B940008; Wed, 24 Aug 2022 15:29:01 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 6315F940007; Wed, 24 Aug 2022 15:29:01 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4D29C940008; Wed, 24 Aug 2022 15:29:01 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 3BE7A940007 for ; Wed, 24 Aug 2022 15:29:01 -0400 (EDT) Received: from smtpin26.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 13318121493 for ; Wed, 24 Aug 2022 19:29:01 +0000 (UTC) X-FDA: 79835474082.26.9EA2063 Received: from mail-lj1-f176.google.com (mail-lj1-f176.google.com [209.85.208.176]) by imf27.hostedemail.com (Postfix) with ESMTP id B61D940053 for ; Wed, 24 Aug 2022 19:29:00 +0000 (UTC) Received: by mail-lj1-f176.google.com with SMTP id x10so17373567ljq.4 for ; Wed, 24 Aug 2022 12:29:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc; bh=ud6LSmJPhrEe1O3tH9bfACVlWJ+Fj1pwj346rUu8aFw=; b=Z2jM1L6bkJVPjP2DKAJljcsyrOOrVaGqJLAqzlKrZ639M1ou4W+gt6VEnZfM9GIMCF SeUBSTwTEy/ugCEIoJSMg5gpQiXV/YW8/zFDEiaz/lWm7DXElQFdhc17HKi9O+Y2CZkL LhgOKoPXstdnGWEeMhiyY+aOF3HfM663rHuZK+6w6NIL9v3qCSiPAEZX+aiF0FQg3jWf pv7cfJk+q0TMm2WecwsV5HTEjCEihc3UL8NuZ65x8xj93UAjZQQwIdmU3F/yvrkvP4aa azCkdsSTY4R3TVzoCkUDFq7dX8KwGtjjKyO7z02ZdXK1aG1zPFzRiwWJpd0Ss4+9b9BD INIw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc; bh=ud6LSmJPhrEe1O3tH9bfACVlWJ+Fj1pwj346rUu8aFw=; b=q4fcTKiL6wrtVZxyJ2gK7EoYeBM/qiEBYd/kn+RGntzGHkSiarO3G+OFCQYlp4JYhn iRZYzy6ko93JqVIc69NFgc6Y6OVfJoI2ObSuILS40Bpjs/U9Yo6xD0uZrKMcN5KkPGFd vFZIvbChg4FUBSqS+B1SeLVUdBezkeNCtjtj8Ym9CJWIp4o2o9mTnM8XDCwmr9gQNFqX 9Uez0yjRq3VbSK53wIiMmheGFdo8aK0pGlDf5lS8IT7sZ+6cZ4cKtlXXEdDsGmDboXOz gpHNqNP+NoMBvs/rfyAzxGV+NSon13V5Nhs0NblTwlWieHWhXE5XWd+zxdzCatEvOqd3 RowA== X-Gm-Message-State: ACgBeo2P7LohTaJxmXe9lS1o2Kl0JNrBk4i+b487ZUjK7CgWkeqcOFnA 1YpSH55s4P1WU8LdPV2ilGmFnk3S6JVE3pWIyOh1cg== X-Google-Smtp-Source: AA6agR6qzB+SDh82GOibU+ibPmxm9norlNaWBI74hZciCbfvsiOsZDachVztTY0d9cfRDTTu6O2cHU/LynXQAo0SUJw= X-Received: by 2002:a2e:9ad2:0:b0:261:cbdd:1746 with SMTP id p18-20020a2e9ad2000000b00261cbdd1746mr181526ljj.486.1661369338801; Wed, 24 Aug 2022 12:28:58 -0700 (PDT) MIME-Version: 1.0 References: <20220307213356.2797205-1-brijesh.singh@amd.com> <20220307213356.2797205-44-brijesh.singh@amd.com> In-Reply-To: From: Peter Gonda Date: Wed, 24 Aug 2022 13:28:47 -0600 Message-ID: Subject: Re: [PATCH v12 43/46] virt: Add SEV-SNP guest driver To: Dionna Amalie Glaze Cc: Brijesh Singh , "the arch/x86 maintainers" , LKML , "open list:X86 KVM CPUs" , linux-efi , platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, Linux Memory Management List , Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , "Kirill A . Shutemov" , Andi Kleen , "Dr . David Alan Gilbert" , brijesh.ksingh@gmail.com, Tony Luck , Marc Orr , Kuppuswamy Sathyanarayanan Content-Type: text/plain; charset="UTF-8" ARC-Authentication-Results: i=1; imf27.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b=Z2jM1L6b; spf=pass (imf27.hostedemail.com: domain of pgonda@google.com designates 209.85.208.176 as permitted sender) smtp.mailfrom=pgonda@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1661369340; a=rsa-sha256; cv=none; b=Cv6ghxGeBJzPzhope+pIIKe5QpuMVZmdBmARAfaSgStsuYy4Rk/RpzLfUHf3uRkb7ucgaf iuloyCZmx4Q8LFKIqJbDDb4MaoETDNfUGnuTv1w0Hjq7WkwL5YQS0abh1LPbgYMvk0dnvu jkcc1NXaZFr793bj9vfU9s4vFwvgNlw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1661369340; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=ud6LSmJPhrEe1O3tH9bfACVlWJ+Fj1pwj346rUu8aFw=; b=08I6gC3IBmDhVHlq5lwVKAz6/gNWrprdgopYO3IXOYzs1KPWSDUkBguL8CA6vWqPgN7Am2 LHz17MSM9hbADYbDUv53tlxbTdQHze+B3/+zhYjfInoUh+7oVL0yy/GK3k+bcc/Y1y8733 Ile4QWnWaJmRkvJBsm/EOi/6P4beWrs= Authentication-Results: imf27.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b=Z2jM1L6b; spf=pass (imf27.hostedemail.com: domain of pgonda@google.com designates 209.85.208.176 as permitted sender) smtp.mailfrom=pgonda@google.com; dmarc=pass (policy=reject) header.from=google.com X-Rspam-User: X-Rspamd-Server: rspam11 X-Rspamd-Queue-Id: B61D940053 X-Stat-Signature: 1t184d1dezi97195dmxfrwio7qhtg3im X-HE-Tag: 1661369340-266577 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Wed, Aug 24, 2022 at 12:01 PM Dionna Amalie Glaze wrote: > > Apologies for the necropost, but I noticed strange behavior testing my > own Golang-based wrapper around the /dev/sev-guest driver. > > > + > > +static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, int msg_ver, > > + u8 type, void *req_buf, size_t req_sz, void *resp_buf, > > + u32 resp_sz, __u64 *fw_err) > > +{ > > + unsigned long err; > > + u64 seqno; > > + int rc; > > + > > + /* Get message sequence and verify that its a non-zero */ > > + seqno = snp_get_msg_seqno(snp_dev); > > + if (!seqno) > > + return -EIO; > > + > > + memset(snp_dev->response, 0, sizeof(struct snp_guest_msg)); > > + > > + /* Encrypt the userspace provided payload */ > > + rc = enc_payload(snp_dev, seqno, msg_ver, type, req_buf, req_sz); > > + if (rc) > > + return rc; > > + > > + /* Call firmware to process the request */ > > + rc = snp_issue_guest_request(exit_code, &snp_dev->input, &err); > > + if (fw_err) > > + *fw_err = err; > > + > > + if (rc) > > + return rc; > > + > > The fw_err is written back regardless of rc, so since err is > uninitialized, you can end up with garbage written back. I've worked > around this by only caring about fw_err when the result is -EIO, but > thought that I should bring this up. I also noticed that we use a u64 in snp_guest_request_ioctl.fw_err and u32 in sev_issue_cmd.error when these should be errors from the sev_ret_code enum IIUC. We can fix snp_issue_guest_request() to set |fw_err| to zero when it returns 0 but what should we return to userspace if we encounter an error that prevents the FW from even being called? In ` crypto: ccp - Ensure psp_ret is always init'd in __sev_platform_init_locked()` we set the return to -1 so we could continue that convection here and better codify it in the sev_ret_code enum. > > -- > -Dionna Glaze, PhD (she/her)