[RFC Part2 PATCH 12/30] crypto ccp: handle the legacy SEV command when SNP is enabled

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The behavior of the SEV-legacy commands is altered when the SNP firmware
is in the INIT state. When SNP is in INIT state, all the SEV-legacy
commands that cause the firmware to write to memory must be in the
firmware state before issuing the command..

See SEV-SNP spec section 5.3.7 for more detail.

Cc: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
Cc: Ingo Molnar <mingo@xxxxxxxxxx>
Cc: Borislav Petkov <bp@xxxxxxxxx>
Cc: Joerg Roedel <jroedel@xxxxxxx>
Cc: "H. Peter Anvin" <hpa@xxxxxxxxx>
Cc: Tony Luck <tony.luck@xxxxxxxxx>
Cc: Dave Hansen <dave.hansen@xxxxxxxxx>
Cc: "Peter Zijlstra (Intel)" <peterz@xxxxxxxxxxxxx>
Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx>
Cc: Tom Lendacky <thomas.lendacky@xxxxxxx>
Cc: David Rientjes <rientjes@xxxxxxxxxx>
Cc: Sean Christopherson <seanjc@xxxxxxxxxx>
Cc: x86@xxxxxxxxxx
Cc: kvm@xxxxxxxxxxxxxxx
Signed-off-by: Brijesh Singh <brijesh.singh@xxxxxxx>
---
 drivers/crypto/ccp/sev-dev.c | 90 +++++++++++++++++++++++++++++++++---
 drivers/crypto/ccp/sev-dev.h |  1 +
 2 files changed, 85 insertions(+), 6 deletions(-)

diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index 242c4775eb56..4aa9d4505d71 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -148,12 +148,35 @@ static int sev_cmd_buffer_len(int cmd)
 	return 0;
 }
 
+static bool sev_legacy_cmd_buf_writable(int cmd)
+{
+	switch (cmd) {
+	case SEV_CMD_PLATFORM_STATUS:
+	case SEV_CMD_GUEST_STATUS:
+	case SEV_CMD_LAUNCH_START:
+	case SEV_CMD_RECEIVE_START:
+	case SEV_CMD_LAUNCH_MEASURE:
+	case SEV_CMD_SEND_START:
+	case SEV_CMD_SEND_UPDATE_DATA:
+	case SEV_CMD_SEND_UPDATE_VMSA:
+	case SEV_CMD_PEK_CSR:
+	case SEV_CMD_PDH_CERT_EXPORT:
+	case SEV_CMD_GET_ID:
+		return true;
+	default:
+		return false;
+	}
+}
+
 static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret)
 {
+	size_t cmd_buf_len = sev_cmd_buffer_len(cmd);
 	struct psp_device *psp = psp_master;
 	struct sev_device *sev;
 	unsigned int phys_lsb, phys_msb;
 	unsigned int reg, ret = 0;
+	struct page *cmd_page = NULL;
+	struct rmpupdate e = {};
 
 	if (!psp || !psp->sev_data)
 		return -ENODEV;
@@ -163,15 +186,47 @@ static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret)
 
 	sev = psp->sev_data;
 
+	/*
+	 * Check If SNP is initialized and we are asked to execute a legacy
+	 * command that requires write by the firmware in the command buffer.
+	 * In that case use an intermediate command buffer page to complete the
+	 * operation.
+	 *
+	 * NOTE: If the command buffer contains a pointer which will be modified
+	 * by the firmware then caller must take care of it.
+	 */
+	if (sev->snp_inited && sev_legacy_cmd_buf_writable(cmd)) {
+		cmd_page = alloc_page(GFP_KERNEL_ACCOUNT | __GFP_ZERO);
+		if (!cmd_page)
+			return -ENOMEM;
+
+		memcpy(page_address(cmd_page), data, cmd_buf_len);
+
+		/* make it as a firmware page */
+		e.immutable = true;
+		e.assigned = true;
+		ret = rmptable_rmpupdate(cmd_page, &e);
+		if (ret) {
+			dev_err(sev->dev, "sev cmd id %#x, failed to change to firmware state (spa 0x%lx ret %d).\n",
+				cmd, page_to_pfn(cmd_page) << PAGE_SHIFT, ret);
+			goto e_free;
+		}
+	}
+
 	/* Get the physical address of the command buffer */
-	phys_lsb = data ? lower_32_bits(__psp_pa(data)) : 0;
-	phys_msb = data ? upper_32_bits(__psp_pa(data)) : 0;
+	if (cmd_page) {
+		phys_lsb = data ? lower_32_bits(__sme_page_pa(cmd_page)) : 0;
+		phys_msb = data ? upper_32_bits(__sme_page_pa(cmd_page)) : 0;
+	} else {
+		phys_lsb = data ? lower_32_bits(__psp_pa(data)) : 0;
+		phys_msb = data ? upper_32_bits(__psp_pa(data)) : 0;
+	}
 
 	dev_dbg(sev->dev, "sev command id %#x buffer 0x%08x%08x timeout %us\n",
 		cmd, phys_msb, phys_lsb, psp_timeout);
 
 	print_hex_dump_debug("(in):  ", DUMP_PREFIX_OFFSET, 16, 2, data,
-			     sev_cmd_buffer_len(cmd), false);
+			     cmd_buf_len, false);
 
 	iowrite32(phys_lsb, sev->io_regs + sev->vdata->cmdbuff_addr_lo_reg);
 	iowrite32(phys_msb, sev->io_regs + sev->vdata->cmdbuff_addr_hi_reg);
@@ -185,6 +240,24 @@ static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret)
 
 	/* wait for command completion */
 	ret = sev_wait_cmd_ioc(sev, &reg, psp_timeout);
+
+	/* if an intermediate page is used then copy the data back to original. */
+	if (cmd_page) {
+		int rc;
+
+		/* make it as a hypervisor page */
+		memset(&e, 0, sizeof(struct rmpupdate));
+		rc = rmptable_rmpupdate(cmd_page, &e);
+		if (rc) {
+			dev_err(sev->dev, "sev cmd id %#x, failed to change to hypervisor state ret=%d.\n",
+				cmd, rc);
+			/* Set the command page to NULL so that the page is leaked. */
+			cmd_page = NULL;
+		} else {
+			memcpy(data, page_address(cmd_page), cmd_buf_len);
+		}
+	}
+
 	if (ret) {
 		if (psp_ret)
 			*psp_ret = 0;
@@ -192,7 +265,7 @@ static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret)
 		dev_err(sev->dev, "sev command %#x timed out, disabling PSP\n", cmd);
 		psp_dead = true;
 
-		return ret;
+		goto e_free;
 	}
 
 	psp_timeout = psp_cmd_timeout;
@@ -207,8 +280,11 @@ static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret)
 	}
 
 	print_hex_dump_debug("(out): ", DUMP_PREFIX_OFFSET, 16, 2, data,
-			     sev_cmd_buffer_len(cmd), false);
+			     cmd_buf_len, false);
 
+e_free:
+	if (cmd_page)
+		__free_page(cmd_page);
 	return ret;
 }
 
@@ -234,7 +310,7 @@ static int __sev_platform_init_locked(int *error)
 
 	sev = psp->sev_data;
 
-	if (sev->state == SEV_STATE_INIT)
+	if (sev->legacy_inited && (sev->state == SEV_STATE_INIT))
 		return 0;
 
 	if (sev_es_tmr) {
@@ -255,6 +331,7 @@ static int __sev_platform_init_locked(int *error)
 	if (rc)
 		return rc;
 
+	sev->legacy_inited = true;
 	sev->state = SEV_STATE_INIT;
 
 	/* Prepare for first SEV guest launch after INIT */
@@ -289,6 +366,7 @@ static int __sev_platform_shutdown_locked(int *error)
 	if (ret)
 		return ret;
 
+	sev->legacy_inited = false;
 	sev->state = SEV_STATE_UNINIT;
 	dev_dbg(sev->dev, "SEV firmware shutdown\n");
 
diff --git a/drivers/crypto/ccp/sev-dev.h b/drivers/crypto/ccp/sev-dev.h
index 18b116a817ff..2ee9665a901d 100644
--- a/drivers/crypto/ccp/sev-dev.h
+++ b/drivers/crypto/ccp/sev-dev.h
@@ -54,6 +54,7 @@ struct sev_device {
 	u8 build;
 
 	bool snp_inited;
+	bool legacy_inited;
 };
 
 int sev_dev_init(struct psp_device *psp);
-- 
2.17.1




[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux