On Thu, Apr 04, 2024 at 08:13:15AM -0400,
Paolo Bonzini <pbonzini@xxxxxxxxxx> wrote:
> Compute the set of features to be stored in the VMSA when KVM is
> initialized; move it from there into kvm_sev_info when SEV is initialized,
> and then into the initial VMSA.
>
> The new variable can then be used to return the set of supported features
> to userspace, via the KVM_GET_DEVICE_ATTR ioctl.
>
> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx>
> ---
> .../virt/kvm/x86/amd-memory-encryption.rst | 12 ++++++++++
> arch/x86/include/uapi/asm/kvm.h | 9 +++++--
> arch/x86/kvm/svm/sev.c | 24 +++++++++++++++++--
> arch/x86/kvm/svm/svm.c | 1 +
> arch/x86/kvm/svm/svm.h | 2 ++
> 5 files changed, 44 insertions(+), 4 deletions(-)
>
> diff --git a/Documentation/virt/kvm/x86/amd-memory-encryption.rst b/Documentation/virt/kvm/x86/amd-memory-encryption.rst
> index 84335d119ff1..2ea648e4c97a 100644
> --- a/Documentation/virt/kvm/x86/amd-memory-encryption.rst
> +++ b/Documentation/virt/kvm/x86/amd-memory-encryption.rst
> @@ -425,6 +425,18 @@ issued by the hypervisor to make the guest ready for execution.
>
> Returns: 0 on success, -negative on error
>
> +Device attribute API
> +====================
> +
> +Attributes of the SEV implementation can be retrieved through the
> +``KVM_HAS_DEVICE_ATTR`` and ``KVM_GET_DEVICE_ATTR`` ioctls on the ``/dev/kvm``
> +device node, using group ``KVM_X86_GRP_SEV``.
> +
> +Currently only one attribute is implemented:
> +
> +* ``KVM_X86_SEV_VMSA_FEATURES``: return the set of all bits that
> + are accepted in the ``vmsa_features`` of ``KVM_SEV_INIT2``.
> +
> Firmware Management
> ===================
>
> diff --git a/arch/x86/include/uapi/asm/kvm.h b/arch/x86/include/uapi/asm/kvm.h
> index ef11aa4cab42..b7dc515f4c27 100644
> --- a/arch/x86/include/uapi/asm/kvm.h
> +++ b/arch/x86/include/uapi/asm/kvm.h
> @@ -457,8 +457,13 @@ struct kvm_sync_regs {
>
> #define KVM_STATE_VMX_PREEMPTION_TIMER_DEADLINE 0x00000001
>
> -/* attributes for system fd (group 0) */
> -#define KVM_X86_XCOMP_GUEST_SUPP 0
> +/* vendor-independent attributes for system fd (group 0) */
> +#define KVM_X86_GRP_SYSTEM 0
> +# define KVM_X86_XCOMP_GUEST_SUPP 0
> +
> +/* vendor-specific groups and attributes for system fd */
> +#define KVM_X86_GRP_SEV 1
> +# define KVM_X86_SEV_VMSA_FEATURES 0
>
> struct kvm_vmx_nested_state_data {
> __u8 vmcs12[KVM_STATE_NESTED_VMX_VMCS_SIZE];
Thank you for updating those. Only for constat and document part.
Reviewed-by: Isaku Yamahata <isaku.yamahata@xxxxxxxxx>
--
Isaku Yamahata <isaku.yamahata@xxxxxxxxx>
