lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4acd17bc-bdb0-c4cc-97af-8842f8836c8e@amd.com>
Date:   Fri, 27 Aug 2021 13:07:59 -0500
From:   Brijesh Singh <brijesh.singh@....com>
To:     Borislav Petkov <bp@...en8.de>
Cc:     x86@...nel.org, linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
        linux-efi@...r.kernel.org, platform-driver-x86@...r.kernel.org,
        linux-coco@...ts.linux.dev, linux-mm@...ck.org,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Joerg Roedel <jroedel@...e.de>,
        Tom Lendacky <thomas.lendacky@....com>,
        "H. Peter Anvin" <hpa@...or.com>, Ard Biesheuvel <ardb@...nel.org>,
        Paolo Bonzini <pbonzini@...hat.com>,
        Sean Christopherson <seanjc@...gle.com>,
        Vitaly Kuznetsov <vkuznets@...hat.com>,
        Wanpeng Li <wanpengli@...cent.com>,
        Jim Mattson <jmattson@...gle.com>,
        Andy Lutomirski <luto@...nel.org>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        Sergio Lopez <slp@...hat.com>, Peter Gonda <pgonda@...gle.com>,
        Peter Zijlstra <peterz@...radead.org>,
        Srinivas Pandruvada <srinivas.pandruvada@...ux.intel.com>,
        David Rientjes <rientjes@...gle.com>,
        Dov Murik <dovmurik@...ux.ibm.com>,
        Tobin Feldman-Fitzthum <tobin@....com>,
        Michael Roth <michael.roth@....com>,
        Vlastimil Babka <vbabka@...e.cz>,
        "Kirill A . Shutemov" <kirill@...temov.name>,
        Andi Kleen <ak@...ux.intel.com>, tony.luck@...el.com,
        marcorr@...gle.com, sathyanarayanan.kuppuswamy@...ux.intel.com
Subject: Re: [PATCH Part1 v5 33/38] x86/sev: Provide support for SNP guest
 request NAEs


On 8/27/21 12:44 PM, Borislav Petkov wrote:
> On Fri, Aug 20, 2021 at 10:19:28AM -0500, Brijesh Singh wrote:
>> +int snp_issue_guest_request(int type, struct snp_guest_request_data *input, unsigned long *fw_err)
>> +{
>> +	struct ghcb_state state;
>> +	unsigned long id, flags;
>> +	struct ghcb *ghcb;
>> +	int ret;
>> +
>> +	if (!sev_feature_enabled(SEV_SNP))
>> +		return -ENODEV;
>> +
>> +	local_irq_save(flags);
>> +
>> +	ghcb = __sev_get_ghcb(&state);
>> +	if (!ghcb) {
>> +		ret = -EIO;
>> +		goto e_restore_irq;
>> +	}
>> +
>> +	vc_ghcb_invalidate(ghcb);
>> +
>> +	if (type == GUEST_REQUEST) {
>> +		id = SVM_VMGEXIT_GUEST_REQUEST;
>> +	} else if (type == EXT_GUEST_REQUEST) {
>> +		id = SVM_VMGEXIT_EXT_GUEST_REQUEST;
>> +		ghcb_set_rax(ghcb, input->data_gpa);
>> +		ghcb_set_rbx(ghcb, input->data_npages);
> Hmmm, now I'm not sure. We did enum psc_op where you simply pass in the
> op directly to the hardware because the enum uses the same numbers as
> the actual command.
>
> But here that @type thing is simply used to translate to the SVM_VMGEXIT
> thing. So maybe you don't need it here and you can hand in the exit_code
> directly:
>
> int snp_issue_guest_request(u64 exit_code, struct snp_guest_request_data *input,
> 			    unsigned long *fw_err)
>
> which you then pass in directly to...


Okay, works for me. The main reason why I choose the enum was to not
expose the GHCB exit code to the driver but I guess that attestation
driver need to know which VMGEXIT need to be called, so, its okay to
have it pass the VMGEXIT number instead of enum.

>> +	} else {
>> +		ret = -EINVAL;
>> +		goto e_put;
>> +	}
>> +
>> +	ret = sev_es_ghcb_hv_call(ghcb, NULL, id, input->req_gpa, input->resp_gpa);
> ... this guy here:
>
> 	ret = sev_es_ghcb_hv_call(ghcb, NULL, exit_code, input->req_gpa, input->resp_gpa);
>
>> +	if (ret)
>> +		goto e_put;
>> +
>> +	if (ghcb->save.sw_exit_info_2) {
>> +		/* Number of expected pages are returned in RBX */
>> +		if (id == EXT_GUEST_REQUEST &&
>> +		    ghcb->save.sw_exit_info_2 == SNP_GUEST_REQ_INVALID_LEN)
>> +			input->data_npages = ghcb_get_rbx(ghcb);
>> +
>> +		if (fw_err)
>> +			*fw_err = ghcb->save.sw_exit_info_2;
>> +
>> +		ret = -EIO;
>> +	}
>> +
>> +e_put:
>> +	__sev_put_ghcb(&state);
>> +e_restore_irq:
>> +	local_irq_restore(flags);
>> +
>> +	return ret;
>> +}
>> +EXPORT_SYMBOL_GPL(snp_issue_guest_request);
>> diff --git a/include/linux/sev-guest.h b/include/linux/sev-guest.h
> Why is this a separate header in the include/linux/ namespace?
>
> Is SNP available on something which is !x86, all of a sudden?


So far most of the changes were in x86 specific files. However, the
attestation service is available through a driver to the userspace. The
driver needs to use the VMGEXIT routines provides by the x86 core. I
created the said header file so that driver does not need to include
<asm/sev.h/sev-common.h> etc and will compile for !x86.


>> new file mode 100644
>> index 000000000000..24dd17507789
>> --- /dev/null
>> +++ b/include/linux/sev-guest.h
>> @@ -0,0 +1,48 @@
>> +/* SPDX-License-Identifier: GPL-2.0-only */
>> +/*
>> + * AMD Secure Encrypted Virtualization (SEV) guest driver interface
>> + *
>> + * Copyright (C) 2021 Advanced Micro Devices, Inc.
>> + *
>> + * Author: Brijesh Singh <brijesh.singh@....com>
>> + *
>> + */
>> +
>> +#ifndef __LINUX_SEV_GUEST_H_
>> +#define __LINUX_SEV_GUEST_H_
>> +
>> +#include <linux/types.h>
>> +
>> +enum vmgexit_type {
>> +	GUEST_REQUEST,
>> +	EXT_GUEST_REQUEST,
>> +
>> +	GUEST_REQUEST_MAX
>> +};
>> +
>> +/*
>> + * The error code when the data_npages is too small. The error code
>> + * is defined in the GHCB specification.
>> + */
>> +#define SNP_GUEST_REQ_INVALID_LEN	0x100000000ULL
> so basically
>
> BIT_ULL(32)

Noted.


>
>> +
>> +struct snp_guest_request_data {
> "snp_req_data" I guess is shorter. And having "guest" in there is
> probably not needed because snp is always guest-related anyway.

Noted.


>> +	unsigned long req_gpa;
>> +	unsigned long resp_gpa;
>> +	unsigned long data_gpa;
>> +	unsigned int data_npages;
>> +};
>> +
>> +#ifdef CONFIG_AMD_MEM_ENCRYPT
>> +int snp_issue_guest_request(int vmgexit_type, struct snp_guest_request_data *input,
>> +			    unsigned long *fw_err);
>> +#else
>> +
>> +static inline int snp_issue_guest_request(int type, struct snp_guest_request_data *input,
>> +					  unsigned long *fw_err)
>> +{
>> +	return -ENODEV;
>> +}
>> +
>> +#endif /* CONFIG_AMD_MEM_ENCRYPT */
>> +#endif /* __LINUX_SEV_GUEST_H__ */
>> -- 
>> 2.17.1
>>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ