Re: [PATCH] x86/sev-es: Expose __sev_es_ghcb_hv_call() to call ghcb hv call out of sev code

[Tianyu Lan <ltykernel@xxxxxxxxx>]

On 10/20/2021 9:56 PM, Tom Lendacky wrote:
> On 10/20/21 8:39 AM, Borislav Petkov wrote:
> > On Wed, Oct 20, 2021 at 08:39:59PM +0800, Tianyu Lan wrote:
> > > Hyper-V runs paravisor in guest VMPL0 which emulates some functions
> > > (e.g, timer, tsc, serial console and so on) via handling VC exception.
> > > GHCB pages are allocated and set up by the paravisor and report to Linux
> > > guest via MSR register.Hyper-V SEV implementation is unenlightened guest
> > > case which doesn't Linux doesn't handle VC and paravisor in the VMPL0
> > > handle it.
> >
> > Aha, unenlightened.
> >
> > So why don't you export the original function by doing this (only
> > partial diff to show intent only):

This follows Joreg's previous comment and I implemented similar version 
in the V! patchset([PATCH 05/13] HV: Add Write/Read MSR registers via 
ghcb page https://lkml.org/lkml/2021/7/28/668).
"Instead, factor out a helper function which contains what Hyper-V needs 
and use that in sev_es_ghcb_hv_call() and Hyper-V code."

https://lkml.org/lkml/2021/8/2/375

> > ---
> > diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c
> > index f1d513897baf..bfe82f58508f 100644
> > --- a/arch/x86/kernel/sev-shared.c
> > +++ b/arch/x86/kernel/sev-shared.c
> > @@ -125,7 +125,7 @@ static enum es_result verify_exception_info(struct 
> > ghcb *ghcb, struct es_em_ctxt
> >       return ES_VMM_ERROR;
> >   }
> > -static enum es_result sev_es_ghcb_hv_call(struct ghcb *ghcb,
> > +static enum es_result sev_es_ghcb_hv_call(struct ghcb *ghcb, bool 
> > set_ghcb_msr,
> >                         struct es_em_ctxt *ctxt,
> >                         u64 exit_code, u64 exit_info_1,
> >                         u64 exit_info_2)
> > @@ -138,7 +138,14 @@ static enum es_result sev_es_ghcb_hv_call(struct 
> > ghcb *ghcb,
> >       ghcb_set_sw_exit_info_1(ghcb, exit_info_1);
> >       ghcb_set_sw_exit_info_2(ghcb, exit_info_2);
> > -    sev_es_wr_ghcb_msr(__pa(ghcb));
> > +    /*
> > +     * Hyper-V unenlightened guests use a paravisor for communicating 
> > and
> > +     * GHCB pages are being allocated by that paravisor which uses a
> > +     * different MSR and protocol.
>
> Just to clarify the comment, the paravisor uses the same GHCB MSR and 
> GHCB protocol, it just can't use __pa() to get the address of the GHCB. 
> So I expect that the Hyper-V support sets the address properly before 
> calling this function.
>
> Thanks,
> Tom
>
> > +     */
> > +    if (set_ghcb_msr)
> > +        sev_es_wr_ghcb_msr(__pa(ghcb));
> > +
> >       VMGEXIT();
> >       return verify_exception_info(ghcb, ctxt);