The behavior of the SEV-legacy commands is altered when the SNP firmware is in the INIT state. When SNP is in INIT state, all the SEV-legacy commands that cause the firmware to write to memory must be in the firmware state before issuing the command.. See SEV-SNP spec section 5.3.7 for more detail. Cc: Thomas Gleixner <tglx@xxxxxxxxxxxxx> Cc: Ingo Molnar <mingo@xxxxxxxxxx> Cc: Borislav Petkov <bp@xxxxxxxxx> Cc: Joerg Roedel <jroedel@xxxxxxx> Cc: "H. Peter Anvin" <hpa@xxxxxxxxx> Cc: Tony Luck <tony.luck@xxxxxxxxx> Cc: Dave Hansen <dave.hansen@xxxxxxxxx> Cc: "Peter Zijlstra (Intel)" <peterz@xxxxxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Tom Lendacky <thomas.lendacky@xxxxxxx> Cc: David Rientjes <rientjes@xxxxxxxxxx> Cc: Sean Christopherson <seanjc@xxxxxxxxxx> Cc: x86@xxxxxxxxxx Cc: kvm@xxxxxxxxxxxxxxx Signed-off-by: Brijesh Singh <brijesh.singh@xxxxxxx> --- drivers/crypto/ccp/sev-dev.c | 90 +++++++++++++++++++++++++++++++++--- drivers/crypto/ccp/sev-dev.h | 1 + 2 files changed, 85 insertions(+), 6 deletions(-) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 242c4775eb56..4aa9d4505d71 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -148,12 +148,35 @@ static int sev_cmd_buffer_len(int cmd) return 0; } +static bool sev_legacy_cmd_buf_writable(int cmd) +{ + switch (cmd) { + case SEV_CMD_PLATFORM_STATUS: + case SEV_CMD_GUEST_STATUS: + case SEV_CMD_LAUNCH_START: + case SEV_CMD_RECEIVE_START: + case SEV_CMD_LAUNCH_MEASURE: + case SEV_CMD_SEND_START: + case SEV_CMD_SEND_UPDATE_DATA: + case SEV_CMD_SEND_UPDATE_VMSA: + case SEV_CMD_PEK_CSR: + case SEV_CMD_PDH_CERT_EXPORT: + case SEV_CMD_GET_ID: + return true; + default: + return false; + } +} + static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret) { + size_t cmd_buf_len = sev_cmd_buffer_len(cmd); struct psp_device *psp = psp_master; struct sev_device *sev; unsigned int phys_lsb, phys_msb; unsigned int reg, ret = 0; + struct page *cmd_page = NULL; + struct rmpupdate e = {}; if (!psp || !psp->sev_data) return -ENODEV; @@ -163,15 +186,47 @@ static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret) sev = psp->sev_data; + /* + * Check If SNP is initialized and we are asked to execute a legacy + * command that requires write by the firmware in the command buffer. + * In that case use an intermediate command buffer page to complete the + * operation. + * + * NOTE: If the command buffer contains a pointer which will be modified + * by the firmware then caller must take care of it. + */ + if (sev->snp_inited && sev_legacy_cmd_buf_writable(cmd)) { + cmd_page = alloc_page(GFP_KERNEL_ACCOUNT | __GFP_ZERO); + if (!cmd_page) + return -ENOMEM; + + memcpy(page_address(cmd_page), data, cmd_buf_len); + + /* make it as a firmware page */ + e.immutable = true; + e.assigned = true; + ret = rmptable_rmpupdate(cmd_page, &e); + if (ret) { + dev_err(sev->dev, "sev cmd id %#x, failed to change to firmware state (spa 0x%lx ret %d).\n", + cmd, page_to_pfn(cmd_page) << PAGE_SHIFT, ret); + goto e_free; + } + } + /* Get the physical address of the command buffer */ - phys_lsb = data ? lower_32_bits(__psp_pa(data)) : 0; - phys_msb = data ? upper_32_bits(__psp_pa(data)) : 0; + if (cmd_page) { + phys_lsb = data ? lower_32_bits(__sme_page_pa(cmd_page)) : 0; + phys_msb = data ? upper_32_bits(__sme_page_pa(cmd_page)) : 0; + } else { + phys_lsb = data ? lower_32_bits(__psp_pa(data)) : 0; + phys_msb = data ? upper_32_bits(__psp_pa(data)) : 0; + } dev_dbg(sev->dev, "sev command id %#x buffer 0x%08x%08x timeout %us\n", cmd, phys_msb, phys_lsb, psp_timeout); print_hex_dump_debug("(in): ", DUMP_PREFIX_OFFSET, 16, 2, data, - sev_cmd_buffer_len(cmd), false); + cmd_buf_len, false); iowrite32(phys_lsb, sev->io_regs + sev->vdata->cmdbuff_addr_lo_reg); iowrite32(phys_msb, sev->io_regs + sev->vdata->cmdbuff_addr_hi_reg); @@ -185,6 +240,24 @@ static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret) /* wait for command completion */ ret = sev_wait_cmd_ioc(sev, ®, psp_timeout); + + /* if an intermediate page is used then copy the data back to original. */ + if (cmd_page) { + int rc; + + /* make it as a hypervisor page */ + memset(&e, 0, sizeof(struct rmpupdate)); + rc = rmptable_rmpupdate(cmd_page, &e); + if (rc) { + dev_err(sev->dev, "sev cmd id %#x, failed to change to hypervisor state ret=%d.\n", + cmd, rc); + /* Set the command page to NULL so that the page is leaked. */ + cmd_page = NULL; + } else { + memcpy(data, page_address(cmd_page), cmd_buf_len); + } + } + if (ret) { if (psp_ret) *psp_ret = 0; @@ -192,7 +265,7 @@ static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret) dev_err(sev->dev, "sev command %#x timed out, disabling PSP\n", cmd); psp_dead = true; - return ret; + goto e_free; } psp_timeout = psp_cmd_timeout; @@ -207,8 +280,11 @@ static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret) } print_hex_dump_debug("(out): ", DUMP_PREFIX_OFFSET, 16, 2, data, - sev_cmd_buffer_len(cmd), false); + cmd_buf_len, false); +e_free: + if (cmd_page) + __free_page(cmd_page); return ret; } @@ -234,7 +310,7 @@ static int __sev_platform_init_locked(int *error) sev = psp->sev_data; - if (sev->state == SEV_STATE_INIT) + if (sev->legacy_inited && (sev->state == SEV_STATE_INIT)) return 0; if (sev_es_tmr) { @@ -255,6 +331,7 @@ static int __sev_platform_init_locked(int *error) if (rc) return rc; + sev->legacy_inited = true; sev->state = SEV_STATE_INIT; /* Prepare for first SEV guest launch after INIT */ @@ -289,6 +366,7 @@ static int __sev_platform_shutdown_locked(int *error) if (ret) return ret; + sev->legacy_inited = false; sev->state = SEV_STATE_UNINIT; dev_dbg(sev->dev, "SEV firmware shutdown\n"); diff --git a/drivers/crypto/ccp/sev-dev.h b/drivers/crypto/ccp/sev-dev.h index 18b116a817ff..2ee9665a901d 100644 --- a/drivers/crypto/ccp/sev-dev.h +++ b/drivers/crypto/ccp/sev-dev.h @@ -54,6 +54,7 @@ struct sev_device { u8 build; bool snp_inited; + bool legacy_inited; }; int sev_dev_init(struct psp_device *psp); -- 2.17.1