On Fri, Aug 13, 2021 at 08:13:20AM -0500, Brijesh Singh wrote:
> During the firmware initialization the PSP requires that the VMPLEn is
> set. See SNP firmware spec [1] section 8.6. To run the SNP guest you
> *must* specify a VMPL level during the vCPU creation.
Yes, that's why I said "implicit VMPL level 0"! When you don't specify
it, it should implied as 0.
Right now that "enable" bit is useless as it is *forced* to be enabled.
I sincerely hope querying the VMPL level is going to be made
straight-forwaed in future versions.
> I should not say its optional when we know from the SEV-SNP spec that
> VMPLEn must be set to launch SEV-SNP guest. I will fix the description.
It probably wasn't required when that bit was invented - why would you
call it "enable" otherwise - but some decision later made it required,
I'd guess.
> There is no easy way for a guest to query its VMPL level.
Yes, and there should be.
> The VMPL level is set during the vCPU creation. The boot cpu is
> created by the HV and thus its VMPL level is set by the HV. If HV
> chooses a lower VMPL level for the boot CPU then Linux guest will
> not be able to validate its memory because the PVALIDATE instruction
> will cause #GP when the vCPU is running at !VMPL0. The patch tries to
> detect the boot CPU VMPL level and terminate the boot.
I figured as much. All I don't like is the VMPL checking method.
> If guest is not running at VMPL0 then step #2 will cause #GP. The check
> is prevent the #GP and terminate the boot early.
Yah, Tom helped me understand the design of the permission masks in the
RMP on IRC.
Thx.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
