lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250306003806.1048517-1-kim.phillips@amd.com>
Date: Wed, 5 Mar 2025 18:38:03 -0600
From: Kim Phillips <kim.phillips@....com>
To: <kvm@...r.kernel.org>, <linux-coco@...ts.linux.dev>,
	<linux-kernel@...r.kernel.org>
CC: Tom Lendacky <thomas.lendacky@....com>, Michael Roth
	<michael.roth@....com>, Ashish Kalra <ashish.kalra@....com>, "Nikunj A .
 Dadhania" <nikunj@....com>, Borislav Petkov <bp@...en8.de>, Dave Hansen
	<dave.hansen@...ux.intel.com>, Sean Christopherson <seanjc@...gle.com>,
	"Paolo Bonzini" <pbonzini@...hat.com>, Ingo Molnar <mingo@...hat.com>, "H.
 Peter Anvin" <hpa@...or.com>, Thomas Gleixner <tglx@...utronix.de>
Subject: [PATCH v4 0/2] KVM: SEV: Add support for the ALLOWED_SEV_FEATURES feature

AMD EPYC 5th generation processors have introduced a feature that allows
the hypervisor to control the SEV_FEATURES that are set for, or by, a
guest [1].  ALLOWED_SEV_FEATURES can be used by the hypervisor to enforce
that SEV-ES and SEV-SNP guests cannot enable features that the
hypervisor does not want to be enabled.

Patch 1/2 adds support to detect the feature.

Patch 2/2 configures the ALLOWED_SEV_FEATURES field in the VMCB
according to the features the hypervisor supports.

Tested SNP by setting random feature bits to the sev_features
assignment in wakeup_cpu_via_vmgexit() (but not its ghcb_set_rax).

Tested SEV-ES by manipulating the save->sev_features assignment
in sev_es_sync_vmsa().  Note that SEV-ES "allows" operation only
works on features available in SEV-ES, i.e., it ignores SNP-only
features.  Zen5 SEV-ES features are DEBUG_SWAP, PREVENT_HOST_IBS,
VMGEXIT_PARAMETER, PMC_VIRTUALIZATION, and IBS_VIRTUALIZATION.

Based on x86-kvm/next.

[1] Section 15.36.20 "Allowed SEV Features", AMD64 Architecture
    Programmer's Manual, Pub. 24593 Rev. 3.42 - March 2024:
    https://bugzilla.kernel.org/attachment.cgi?id=306250

v4:
 - Revert the user-opt in (Sean, sorry for the misunderstanding)
 - this basically undoes v3 uAPI changes and makes the feature
   always-on, if available
 - rebased on top of x86-kvm/next

v3: https://lore.kernel.org/kvm/20250207233410.130813-1-kim.phillips@amd.com/
 - Assign allowed_sev_features based on user-provided vmsa_features mask (Sean)
 - Users now have to explicitly opt-in with a qemu "allowed-sev-features=on" switch.
 - Rebased on top of 6.14-rc1 and reworked authorship chain (tglx)

v2: https://lore.kernel.org/lkml/20240822221938.2192109-1-kim.phillips@amd.com/
 - Added some SEV_FEATURES require to be explicitly allowed by
   ALLOWED_SEV_FEATURES wording (Sean).
 - Added Nikunj's Reviewed-by.

v1: https://lore.kernel.org/lkml/20240802015732.3192877-3-kim.phillips@amd.com/

Kim Phillips (1):
  KVM: SEV: Configure "ALLOWED_SEV_FEATURES" VMCB Field

Kishon Vijay Abraham I (1):
  x86/cpufeatures: Add "Allowed SEV Features" Feature

 arch/x86/include/asm/cpufeatures.h |  1 +
 arch/x86/include/asm/svm.h         |  7 ++++++-
 arch/x86/kvm/svm/sev.c             | 13 +++++++++++++
 3 files changed, 20 insertions(+), 1 deletion(-)


base-commit: 7d2154117a02832ab3643fe2da4cdc9d2090dcb2
-- 
2.43.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ