| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2772390d-09c1-80c1-082f-225f32eae4aa@gmail.com>
Date: Mon, 18 Oct 2021 20:19:30 +0800
From: Tianyu Lan <ltykernel@...il.com>
To: Borislav Petkov <bp@...en8.de>
Cc: Tom Lendacky <thomas.lendacky@....com>, linux-arch@...r.kernel.org,
linux-hyperv@...r.kernel.org, linux-kernel@...r.kernel.org,
netdev@...r.kernel.org, vkuznets@...hat.com,
konrad.wilk@...cle.com, hch@....de, robin.murphy@....com,
joro@...tes.org, parri.andrea@...il.com, dave.hansen@...el.com,
Hikys@...rosoft.com, haiyangz@...rosoft.com,
sthemmin@...rosoft.com, wei.liu@...nel.org, decui@...rosoft.com,
tglx@...utronix.de, mingo@...hat.com, x86@...nel.org,
hpa@...or.com, dave.hansen@...ux.intel.com, luto@...nel.org,
peterz@...radead.org, davem@...emloft.net, kuba@...nel.org,
gregkh@...uxfoundation.org, arnd@...db.de, jroedel@...e.de,
brijesh.singh@....com, Tianyu.Lan@...rosoft.com, pgonda@...gle.com,
akpm@...ux-foundation.org, kirill.shutemov@...ux.intel.com,
rppt@...nel.org, tj@...nel.org, aneesh.kumar@...ux.ibm.com,
saravanand@...com, hannes@...xchg.org, rientjes@...gle.com,
michael.h.kelley@...rosoft.com
Subject: Re: [PATCH V7 5/9] x86/sev-es: Expose __sev_es_ghcb_hv_call() to call
ghcb hv call out of sev code
Gentle Ping.
On 10/13/2021 10:24 PM, Tianyu Lan wrote:
> On 10/12/2021 1:22 AM, Borislav Petkov wrote:
>> On Mon, Oct 11, 2021 at 10:42:18PM +0800, Tianyu Lan wrote:
>>> Hi @Tom and Borislav:
>>> Please have a look at this patch. If it's ok, could you give
>>> your ack.
>>
>> I needed to do some cleanups in that area first:
>>
>> https://lore.kernel.org/r/YWRwxImd9Qcls/Yy@zn.tnic
>>
>> Can you redo yours ontop so that you can show what exactly you need
>> exported for HyperV?
>>
>> Thx.
>
> Hi Borislav :
> Please check whether the following change based on you patch is
> ok for you.
> ---
> x86/sev-es: Expose __sev_es_ghcb_hv_call() to call ghcb hv call out of
> sev code
>
> Hyper-V also needs to call ghcb hv call to write/read MSR in
> Isolation VM.
> So expose __sev_es_ghcb_hv_call() to call it in the Hyper-V code.
>
> Signed-off-by: Tianyu Lan <Tianyu.Lan@...rosoft.com>
>
> diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h
> index fa5cd05d3b5b..295c847c3cd4 100644
> --- a/arch/x86/include/asm/sev.h
> +++ b/arch/x86/include/asm/sev.h
> @@ -81,12 +81,23 @@ static __always_inline void sev_es_nmi_complete(void)
> __sev_es_nmi_complete();
> }
> extern int __init sev_es_efi_map_ghcbs(pgd_t *pgd);
> +extern enum es_result __sev_es_ghcb_hv_call(struct ghcb *ghcb,
> + struct es_em_ctxt *ctxt,
> + u64 exit_code, u64 exit_info_1,
> + u64 exit_info_2);
> #else
> static inline void sev_es_ist_enter(struct pt_regs *regs) { }
> static inline void sev_es_ist_exit(void) { }
> static inline int sev_es_setup_ap_jump_table(struct real_mode_header
> *rmh) { return 0; }
> static inline void sev_es_nmi_complete(void) { }
> static inline int sev_es_efi_map_ghcbs(pgd_t *pgd) { return 0; }
> +static inline enum es_result
> +__sev_es_ghcb_hv_call(struct ghcb *ghcb,
> + u64 exit_code, u64 exit_info_1,
> + u64 exit_info_2)
> +{
> + return ES_VMM_ERROR;
> +}
> #endif
>
> #endif
> diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c
> index ea9abd69237e..08c97cb057fa 100644
> --- a/arch/x86/kernel/sev-shared.c
> +++ b/arch/x86/kernel/sev-shared.c
> @@ -124,10 +124,14 @@ static enum es_result verify_exception_info(struct
> ghcb *ghcb, struct es_em_ctxt
> return ES_VMM_ERROR;
> }
>
> -static enum es_result sev_es_ghcb_hv_call(struct ghcb *ghcb,
> - struct es_em_ctxt *ctxt,
> - u64 exit_code, u64 exit_info_1,
> - u64 exit_info_2)
> +/*
> + * __sev_es_ghcb_hv_call() is also used in the other platform code(e.g
> + * Hyper-V).
> + */
> +enum es_result __sev_es_ghcb_hv_call(struct ghcb *ghcb,
> + struct es_em_ctxt *ctxt,
> + u64 exit_code, u64 exit_info_1,
> + u64 exit_info_2)
> {
> /* Fill in protocol and format specifiers */
> ghcb->protocol_version = GHCB_PROTOCOL_MAX;
> @@ -137,12 +141,22 @@ static enum es_result sev_es_ghcb_hv_call(struct
> ghcb *ghcb,
> ghcb_set_sw_exit_info_1(ghcb, exit_info_1);
> ghcb_set_sw_exit_info_2(ghcb, exit_info_2);
>
> - sev_es_wr_ghcb_msr(__pa(ghcb));
> VMGEXIT();
>
> return verify_exception_info(ghcb, ctxt);
> }
>
> +static enum es_result sev_es_ghcb_hv_call(struct ghcb *ghcb,
> + struct es_em_ctxt *ctxt,
> + u64 exit_code, u64 exit_info_1,
> + u64 exit_info_2)
> +{
> + sev_es_wr_ghcb_msr(__pa(ghcb));
> +
> + return __sev_es_ghcb_hv_call(ghcb, ctxt, exit_code, exit_info_1,
> + exit_info_2);
> +}
> +
> /*
> * Boot VC Handler - This is the first VC handler during boot, there
> is no GHCB
> * page yet, so it only supports the MSR based communication with the
> (END)
>
>
> Thanks.
>
>
Powered by blists - more mailing lists