[PATCH 1/2] KVM: SVM: Set "released" on INIT-SIPI iff SEV-ES vCPU was in AP reset hold

From: Sean Christopherson
Date: Wed Oct 20 2021 - 12:46:16 EST

Next message: Andrew Cooper: "Re: [PATCH v2 08/14] x86/retpoline: Create a retpoline thunk array"
Previous message: Sathyanarayanan Kuppuswamy: "Re: [PATCH v5 06/16] x86/tdx: Make DMA pages shared"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Set ghcb->sw_exit_info_2 when releasing a vCPU from an AP reset hold if
and only if the vCPU is actually in a reset hold. Move the handling to
INIT (was SIPI) so that KVM can check the current MP state; when SIPI is
received, the vCPU will be in INIT_RECEIVED and will have lost track of
whether or not the vCPU was in a reset hold.

Drop the received_first_sipi flag, which was a hack to workaround the
fact that KVM lost track of whether or not the vCPU was in a reset hold.

Signed-off-by: Sean Christopherson <seanjc@xxxxxxxxxx>
---
arch/x86/kvm/svm/sev.c | 34 ++++++++++++----------------------
arch/x86/kvm/svm/svm.c | 13 ++++++++-----
arch/x86/kvm/svm/svm.h | 4 +---
3 files changed, 21 insertions(+), 30 deletions(-)

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index 9afa71cb36e6..f8dfa88993b8 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -2637,8 +2637,19 @@ void sev_es_init_vmcb(struct vcpu_svm *svm)
set_msr_interception(vcpu, svm->msrpm, MSR_IA32_LASTINTTOIP, 1, 1);
}

-void sev_es_vcpu_reset(struct vcpu_svm *svm)
+void sev_es_vcpu_reset(struct vcpu_svm *svm, bool init_event)
{
+ if (init_event) {
+ /*
+ * If the vCPU is in a "reset" hold, signal via SW_EXIT_INFO_2
+ * that, assuming it receives a SIPI, the vCPU was "released".
+ */
+ if (svm->vcpu.arch.mp_state == KVM_MP_STATE_AP_RESET_HOLD &&
+ svm->ghcb)
+ ghcb_set_sw_exit_info_2(svm->ghcb, 1);
+ return;
+ }
+
/*
* Set the GHCB MSR value as per the GHCB specification when emulating
* vCPU RESET for an SEV-ES guest.
@@ -2668,24 +2679,3 @@ void sev_es_prepare_guest_switch(struct vcpu_svm *svm, unsigned int cpu)
/* MSR_IA32_XSS is restored on VMEXIT, save the currnet host value */
hostsa->xss = host_xss;
}
-
-void sev_vcpu_deliver_sipi_vector(struct kvm_vcpu *vcpu, u8 vector)
-{
- struct vcpu_svm *svm = to_svm(vcpu);
-
- /* First SIPI: Use the values as initially set by the VMM */
- if (!svm->received_first_sipi) {
- svm->received_first_sipi = true;
- return;
- }
-
- /*
- * Subsequent SIPI: Return from an AP Reset Hold VMGEXIT, where
- * the guest will set the CS and RIP. Set SW_EXIT_INFO_2 to a
- * non-zero value.
- */
- if (!svm->ghcb)
- return;
-
- ghcb_set_sw_exit_info_2(svm->ghcb, 1);
-}
diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index 89077160d463..0497066a91fb 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -1372,9 +1372,6 @@ static void __svm_vcpu_reset(struct kvm_vcpu *vcpu)
svm_init_osvw(vcpu);
vcpu->arch.microcode_version = 0x01000065;
svm->tsc_ratio_msr = kvm_default_tsc_scaling_ratio;
-
- if (sev_es_guest(vcpu->kvm))
- sev_es_vcpu_reset(svm);
}

static void svm_vcpu_reset(struct kvm_vcpu *vcpu, bool init_event)
@@ -1388,6 +1385,9 @@ static void svm_vcpu_reset(struct kvm_vcpu *vcpu, bool init_event)

if (!init_event)
__svm_vcpu_reset(vcpu);
+
+ if (sev_es_guest(vcpu->kvm))
+ sev_es_vcpu_reset(svm, init_event);
}

void svm_switch_vmcb(struct vcpu_svm *svm, struct kvm_vmcb_info *target_vmcb)
@@ -4553,10 +4553,13 @@ static bool svm_apic_init_signal_blocked(struct kvm_vcpu *vcpu)

static void svm_vcpu_deliver_sipi_vector(struct kvm_vcpu *vcpu, u8 vector)
{
+ /*
+ * SEV-ES (and later derivatives) use INIT-SIPI to bring up APs, but
+ * the guest is responsible for transitioning to Real Mode and setting
+ * CS:RIP, GPRs, etc... KVM just needs to make the vCPU runnable.
+ */
if (!sev_es_guest(vcpu->kvm))
return kvm_vcpu_deliver_sipi_vector(vcpu, vector);
-
- sev_vcpu_deliver_sipi_vector(vcpu, vector);
}

static void svm_vm_destroy(struct kvm *kvm)
diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h
index 68e5f16a0554..c1f3685db2e1 100644
--- a/arch/x86/kvm/svm/svm.h
+++ b/arch/x86/kvm/svm/svm.h
@@ -190,7 +190,6 @@ struct vcpu_svm {
struct vmcb_save_area *vmsa;
struct ghcb *ghcb;
struct kvm_host_map ghcb_map;
- bool received_first_sipi;

/* SEV-ES scratch area support */
void *ghcb_sa;
@@ -562,8 +561,7 @@ void sev_free_vcpu(struct kvm_vcpu *vcpu);
int sev_handle_vmgexit(struct kvm_vcpu *vcpu);
int sev_es_string_io(struct vcpu_svm *svm, int size, unsigned int port, int in);
void sev_es_init_vmcb(struct vcpu_svm *svm);
-void sev_es_vcpu_reset(struct vcpu_svm *svm);
-void sev_vcpu_deliver_sipi_vector(struct kvm_vcpu *vcpu, u8 vector);
+void sev_es_vcpu_reset(struct vcpu_svm *svm, bool init_event);
void sev_es_prepare_guest_switch(struct vcpu_svm *svm, unsigned int cpu);
void sev_es_unmap_ghcb(struct vcpu_svm *svm);

--
2.33.0.1079.g6e70778dc9-goog

--0SdBen1GVMUEx1O4
Content-Type: text/x-diff; charset=us-ascii
Content-Disposition: attachment;
filename="0002-KVM-SVM-Add-support-to-handle-AP-reset-MSR-protocol.patch"

Next message: Andrew Cooper: "Re: [PATCH v2 08/14] x86/retpoline: Create a retpoline thunk array"
Previous message: Sathyanarayanan Kuppuswamy: "Re: [PATCH v5 06/16] x86/tdx: Make DMA pages shared"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]