Re: [PATCH 04/11] x86/sev: Use kernel provided SVSM Calling Areas

From: Tom Lendacky
Date: Sat Jan 27 2024 - 09:45:20 EST

Next message: Steven Rostedt: "Re: [PATCH] eventfs: Have inodes have unique inode numbers"
Previous message: Christian Marangi: "[net-next PATCH v2 5/5] net: phy: qcom: detach qca808x PHY driver from at803x"
In reply to: Dionna Amalie Glaze: "Re: [PATCH 04/11] x86/sev: Use kernel provided SVSM Calling Areas"
Next in thread: Tom Lendacky: "[PATCH 05/11] x86/sev: Perform PVALIDATE using the SVSM when not at VMPL0"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 1/26/24 18:45, Dionna Amalie Glaze wrote:

On Fri, Jan 26, 2024 at 2:17 PM Tom Lendacky <thomas.lendacky@xxxxxxx> wrote:

The SVSM Calling Area (CA) is used to communicate between Linux and the
SVSM. Since the firmware supplied CA for the BSP is likely to be in
reserved memory, switch off that CA to a kernel provided CA so that access
and use of the CA is available during boot. The CA switch is done using
the SVSM core protocol SVSM_CORE_REMAP_CAA call.

REMAP_CA, not CAA.

Will fix.

An SVSM call is executed by filling out the SVSM CA and setting the proper
register state as documented by the SVSM protocol. The SVSM is invoked by
by requesting the hypervisor to run VMPL0.

Once it is safe to allocate/reserve memory, allocate a CA for each CPU.
After allocating the new CAs, the BSP will switch from the boot CA to the
per-CPU CA. The CA for an AP is identified to the SVSM when creating the
VMSA in preparation for booting the AP.

Signed-off-by: Tom Lendacky <thomas.lendacky@xxxxxxx>
---
arch/x86/include/asm/sev-common.h | 13 ++
arch/x86/include/asm/sev.h | 32 +++++
arch/x86/include/uapi/asm/svm.h | 1 +
arch/x86/kernel/sev-shared.c | 94 +++++++++++++-
arch/x86/kernel/sev.c | 207 +++++++++++++++++++++++++-----
arch/x86/mm/mem_encrypt_amd.c | 8 +-
6 files changed, 320 insertions(+), 35 deletions(-)

diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h
index 68a8cdf6fd6a..71db5ba020b9 100644
--- a/arch/x86/include/asm/sev-common.h
+++ b/arch/x86/include/asm/sev-common.h

+
+#define SVSM_CORE_CALL(x) ((0ULL << 32) | (x))

Given that we should expect to see other SVSM protocols used in the
kernel, should we not have

#define SVSM_PROTOCOL_CALL(protocol, call) (((unsigned long)(protocol)
<< 32) | (call))
#define SVSM_CORE_PROTOCOL 0
#define SVSM_ATTESTATION_PROTOCOL 1
#define SVSM_VTPM_PROTOCOL 2

And then

#define SVSM_CORE_CALL(x) SVSM_PROTOCOL_CALL(SVSM_CORE_PROTOCOL, x)

or be cute and use symbol concatenation like

#define SVSM_PROTOCOL_ID(id) SVSM_##id##_PROTOCOL
#define SVSM_CALL(id, call) SVSM_PROTOCOL_CALL(SVSM_PROTOCOL_ID(id), call)

So you can just do SVSM_CALL(CORE, 0) ?

I thought about doing things along that line. You could do it any number of ways, but it really just comes down to preference. I decided with just the explicit SVSM_CORE_CALL() form.

Thanks,
Tom

Next message: Steven Rostedt: "Re: [PATCH] eventfs: Have inodes have unique inode numbers"
Previous message: Christian Marangi: "[net-next PATCH v2 5/5] net: phy: qcom: detach qca808x PHY driver from at803x"
In reply to: Dionna Amalie Glaze: "Re: [PATCH 04/11] x86/sev: Use kernel provided SVSM Calling Areas"
Next in thread: Tom Lendacky: "[PATCH 05/11] x86/sev: Perform PVALIDATE using the SVSM when not at VMPL0"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]