[resending in plain/text, sorry for double sending]
It seems to me that the kvm_sev_es_hcall_prepare is leaking more
information than it is needed. Is this an expected behavior?
-Erdem
>
> On Thu, Sep 10, 2020 at 2:39 AM tip-bot2 for Tom Lendacky <tip-bot2@xxxxxxxxxxxxx> wrote:
>>
>> The following commit has been merged into the x86/seves branch of tip:
>>
>> Commit-ID: 99419b251e5427b89dbfae103d8a2f469efaa4b2
>> Gitweb: https://git.kernel.org/tip/99419b251e5427b89dbfae103d8a2f469efaa4b2
>> Author: Tom Lendacky <thomas.lendacky@xxxxxxx>
>> AuthorDate: Mon, 07 Sep 2020 15:16:04 +02:00
>> Committer: Borislav Petkov <bp@xxxxxxx>
>> CommitterDate: Wed, 09 Sep 2020 11:33:20 +02:00
>>
>> x86/kvm: Add KVM-specific VMMCALL handling under SEV-ES
>>
>> Implement the callbacks to copy the processor state required by KVM to
>> the GHCB.
>>
>> Signed-off-by: Tom Lendacky <thomas.lendacky@xxxxxxx>
>> [ jroedel@xxxxxxx: - Split out of a larger patch
>> - Adapt to different callback functions ]
>> Co-developed-by: Joerg Roedel <jroedel@xxxxxxx>
>> Signed-off-by: Joerg Roedel <jroedel@xxxxxxx>
>> Signed-off-by: Borislav Petkov <bp@xxxxxxx>
>> Link: https://lkml.kernel.org/r/20200907131613.12703-64-joro@xxxxxxxxxx
>> ---
>> arch/x86/kernel/kvm.c | 35 +++++++++++++++++++++++++++++------
>> 1 file changed, 29 insertions(+), 6 deletions(-)
>>
>> diff --git a/arch/x86/kernel/kvm.c b/arch/x86/kernel/kvm.c
>> index 08320b0..0f95972 100644
>> --- a/arch/x86/kernel/kvm.c
>> +++ b/arch/x86/kernel/kvm.c
>> @@ -36,6 +36,8 @@
>> #include <asm/hypervisor.h>
>> #include <asm/tlb.h>
>> #include <asm/cpuidle_haltpoll.h>
>> +#include <asm/ptrace.h>
>> +#include <asm/svm.h>
>>
>> DEFINE_STATIC_KEY_FALSE(kvm_async_pf_enabled);
>>
>> @@ -746,13 +748,34 @@ static void __init kvm_init_platform(void)
>> x86_platform.apic_post_init = kvm_apic_init;
>> }
>>
>> +#if defined(CONFIG_AMD_MEM_ENCRYPT)
>> +static void kvm_sev_es_hcall_prepare(struct ghcb *ghcb, struct pt_regs *regs)
>> +{
>> + /* RAX and CPL are already in the GHCB */
>> + ghcb_set_rbx(ghcb, regs->bx);
>> + ghcb_set_rcx(ghcb, regs->cx);
>> + ghcb_set_rdx(ghcb, regs->dx);
>> + ghcb_set_rsi(ghcb, regs->si);
>> +}
>> +
>> +static bool kvm_sev_es_hcall_finish(struct ghcb *ghcb, struct pt_regs *regs)
>> +{
>> + /* No checking of the return state needed */
>> + return true;
>> +}
>> +#endif
>> +
>> const __initconst struct hypervisor_x86 x86_hyper_kvm = {
>> - .name = "KVM",
>> - .detect = kvm_detect,
>> - .type = X86_HYPER_KVM,
>> - .init.guest_late_init = kvm_guest_init,
>> - .init.x2apic_available = kvm_para_available,
>> - .init.init_platform = kvm_init_platform,
>> + .name = "KVM",
>> + .detect = kvm_detect,
>> + .type = X86_HYPER_KVM,
>> + .init.guest_late_init = kvm_guest_init,
>> + .init.x2apic_available = kvm_para_available,
>> + .init.init_platform = kvm_init_platform,
>> +#if defined(CONFIG_AMD_MEM_ENCRYPT)
>> + .runtime.sev_es_hcall_prepare = kvm_sev_es_hcall_prepare,
>> + .runtime.sev_es_hcall_finish = kvm_sev_es_hcall_finish,
>> +#endif
>> };
>>
>> static __init int activate_jump_labels(void)
|