[RFC PATCH 23/31] KVM: selftests: Add SAVIC GPA notification GHCB call

Neeraj Upadhyay <Neeraj.Upadhyay@xxxxxxx> · Fri, 28 Feb 2025 15:00:16 +0530

Add GHCB call to register Secure AVIC guest APIC backing page
GPA with the hyperversior. This call ensures that guest APIC
backing page is pinned in NPT while vCPU is running.

Signed-off-by: Neeraj Upadhyay <Neeraj.Upadhyay@xxxxxxx>
---
 tools/testing/selftests/kvm/include/x86/sev.h |  1 +
 tools/testing/selftests/kvm/lib/x86/savic.c   |  1 +
 tools/testing/selftests/kvm/lib/x86/sev.c     | 25 ++++++++++++++++++-
 3 files changed, 26 insertions(+), 1 deletion(-)

diff --git a/tools/testing/selftests/kvm/include/x86/sev.h b/tools/testing/selftests/kvm/include/x86/sev.h
index ffb5ded0a35a..81ee79f63b7f 100644
--- a/tools/testing/selftests/kvm/include/x86/sev.h
+++ b/tools/testing/selftests/kvm/include/x86/sev.h
@@ -159,4 +159,5 @@ void sev_es_ucall_port_write(uint32_t port, uint64_t data);
 void sev_es_vc_handler(struct ex_regs *regs);
 void sev_es_pv_msr_rw(uint64_t msr, uint64_t *data, bool write);
 void sev_es_pv_mmio_rw(uint32_t *reg_gpa, uint32_t *data, bool write);
+void sev_es_savic_notify_gpa(uint64_t gpa);
 #endif /* SELFTEST_KVM_SEV_H */
diff --git a/tools/testing/selftests/kvm/lib/x86/savic.c b/tools/testing/selftests/kvm/lib/x86/savic.c
index 8259f7521e73..ae48978479bf 100644
--- a/tools/testing/selftests/kvm/lib/x86/savic.c
+++ b/tools/testing/selftests/kvm/lib/x86/savic.c
@@ -204,6 +204,7 @@ void savic_enable(void)
 	apic_page = &apic_page_pool->guest_apic_page[apic_id];
 
 	savic_init_backing_page(apic_page, apic_id);
+	sev_es_savic_notify_gpa(apic_page->gpa);
 	set_savic_control_msr(apic_page, true, true);
 	savic_ctrl_msr_val = rdmsr(MSR_AMD64_SECURE_AVIC_CONTROL);
 	exp_msr_val = apic_page->gpa | BIT_ULL(MSR_AMD64_SECURE_AVIC_EN_BIT) |
diff --git a/tools/testing/selftests/kvm/lib/x86/sev.c b/tools/testing/selftests/kvm/lib/x86/sev.c
index 7675950efe56..24a2a29a575b 100644
--- a/tools/testing/selftests/kvm/lib/x86/sev.c
+++ b/tools/testing/selftests/kvm/lib/x86/sev.c
@@ -8,6 +8,7 @@
 #include "linux/bitmap.h"
 #include "svm.h"
 #include "svm_util.h"
+#include "savic.h"
 
 #define IOIO_TYPE_STR (1 << 2)
 #define IOIO_SEG_DS (1 << 11 | 1 << 10)
@@ -17,7 +18,8 @@
 #define SW_EXIT_CODE_IOIO	0x7b
 #define SW_EXIT_CODE_MSR	0x7c
 #define SVM_VMGEXIT_MMIO_READ		   0x80000001
-#define SVM_VMGEXIT_MMIO_WRITE		  0x80000002
+#define SVM_VMGEXIT_MMIO_WRITE		   0x80000002
+#define SVM_VMGEXIT_SECURE_AVIC	   0x8000001a
 
 struct ghcb_entry {
 	struct ghcb ghcb;
@@ -775,3 +777,24 @@ void sev_es_vc_handler(struct ex_regs *regs)
 		__GUEST_ASSERT(0, "No VC handler\n");
 	}
 }
+
+void sev_es_savic_notify_gpa(uint64_t gpa)
+{
+	struct ghcb_entry *entry;
+	struct ghcb *ghcb;
+	int ret;
+
+	entry = ghcb_alloc();
+	ghcb = &entry->ghcb;
+
+	register_ghcb_page(entry->gpa);
+	ghcb_set_sw_exit_code(ghcb, SVM_VMGEXIT_SECURE_AVIC);
+	ghcb_set_rax(ghcb, -1ULL);
+	ghcb_set_rbx(ghcb, gpa);
+	ghcb_set_sw_exit_info_1(ghcb, 0);
+	ghcb_set_sw_exit_info_2(ghcb, 0);
+	do_vmg_exit(entry->gpa);
+	ret = ghcb->save.sw_exit_info_1 & 0xffffffff;
+	__GUEST_ASSERT(!ret, "Secure AVIC GPA notification failed, ret: %d", ret);
+	ghcb_free(entry);
+}
-- 
2.34.1








