| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ab6f85a2-f254-5479-bec0-fc111f65f469@redhat.com>
Date: Tue, 15 Dec 2020 18:42:09 +0100
From: Paolo Bonzini <pbonzini@...hat.com>
To: Tom Lendacky <thomas.lendacky@....com>, kvm@...r.kernel.org,
linux-kernel@...r.kernel.org, x86@...nel.org
Cc: Jim Mattson <jmattson@...gle.com>, Joerg Roedel <joro@...tes.org>,
Sean Christopherson <seanjc@...gle.com>,
Vitaly Kuznetsov <vkuznets@...hat.com>,
Wanpeng Li <wanpengli@...cent.com>,
Borislav Petkov <bp@...en8.de>, Ingo Molnar <mingo@...hat.com>,
Thomas Gleixner <tglx@...utronix.de>,
Brijesh Singh <brijesh.singh@....com>
Subject: Re: [PATCH v5 00/34] SEV-ES hypervisor support
On 15/12/20 17:46, Tom Lendacky wrote:
> KVM: SVM: Add AP_JUMP_TABLE support in prep for AP booting
Great, thanks!
Paolo
> From: Tom Lendacky<thomas.lendacky@....com>
>
> The GHCB specification requires the hypervisor to save the address of an
> AP Jump Table so that, for example, vCPUs that have been parked by UEFI
> can be started by the OS. Provide support for the AP Jump Table set/get
> exit code.
>
> Signed-off-by: Tom Lendacky<thomas.lendacky@....com>
> ---
> arch/x86/kvm/svm/sev.c | 28 ++++++++++++++++++++++++++++
> arch/x86/kvm/svm/svm.h | 1 +
> 2 files changed, 29 insertions(+)
>
> diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
> index 6eb097714d43..8b5ef0fe4490 100644
> --- a/arch/x86/kvm/svm/sev.c
> +++ b/arch/x86/kvm/svm/sev.c
> @@ -18,6 +18,8 @@
> #include <linux/trace_events.h>
> #include <asm/fpu/internal.h>
>
> +#include <asm/trapnr.h>
> +
> #include "x86.h"
> #include "svm.h"
> #include "cpuid.h"
> @@ -1559,6 +1561,7 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm)
> goto vmgexit_err;
> break;
> case SVM_VMGEXIT_NMI_COMPLETE:
> + case SVM_VMGEXIT_AP_JUMP_TABLE:
> case SVM_VMGEXIT_UNSUPPORTED_EVENT:
> break;
> default:
> @@ -1883,6 +1886,31 @@ int sev_handle_vmgexit(struct vcpu_svm *svm)
> case SVM_VMGEXIT_NMI_COMPLETE:
> ret = svm_invoke_exit_handler(svm, SVM_EXIT_IRET);
> break;
> + case SVM_VMGEXIT_AP_JUMP_TABLE: {
> + struct kvm_sev_info *sev = &to_kvm_svm(svm->vcpu.kvm)->sev_info;
> +
> + switch (control->exit_info_1) {
> + case 0:
> + /* Set AP jump table address */
> + sev->ap_jump_table = control->exit_info_2;
> + break;
> + case 1:
> + /* Get AP jump table address */
> + ghcb_set_sw_exit_info_2(ghcb, sev->ap_jump_table);
> + break;
> + default:
> + pr_err("svm: vmgexit: unsupported AP jump table request - exit_info_1=%#llx\n",
> + control->exit_info_1);
> + ghcb_set_sw_exit_info_1(ghcb, 1);
> + ghcb_set_sw_exit_info_2(ghcb,
> + X86_TRAP_UD |
> + SVM_EVTINJ_TYPE_EXEPT |
> + SVM_EVTINJ_VALID);
> + }
> +
> + ret = 1;
> + break;
> + }
> case SVM_VMGEXIT_UNSUPPORTED_EVENT:
> vcpu_unimpl(&svm->vcpu,
> "vmgexit: unsupported event - exit_info_1=%#llx, exit_info_2=%#llx\n",
> diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h
> index a5067f776ce0..5431e6335e2e 100644
> --- a/arch/x86/kvm/svm/svm.h
> +++ b/arch/x86/kvm/svm/svm.h
> @@ -78,6 +78,7 @@ struct kvm_sev_info {
> int fd; /* SEV device fd */
> unsigned long pages_locked; /* Number of pages locked */
> struct list_head regions_list; /* List of registered regions */
> + u64 ap_jump_table; /* SEV-ES AP Jump Table address */
> };
>
> struct kvm_svm {
>
Powered by blists - more mailing lists