On 10/12/2021 1:22 AM, Borislav Petkov wrote:

quoted

On Mon, Oct 11, 2021 at 10:42:18PM +0800, Tianyu Lan wrote:

quoted

Hi @Tom and Borislav:
      Please have a look at this patch. If it's ok, could you give 
your ack.

I needed to do some cleanups in that area first:

https://lore.kernel.org/r/YWRwxImd9Qcls/Yy@zn.tnic

Can you redo yours ontop so that you can show what exactly you need
exported for HyperV?

Thx.

Hi Borislav :
     Please check whether the following change based on you patch is
ok for you.
---
x86/sev-es: Expose __sev_es_ghcb_hv_call() to call ghcb hv call out of 
sev code

     Hyper-V also needs to call ghcb hv call to write/read MSR in 
Isolation VM.
     So expose __sev_es_ghcb_hv_call() to call it in the Hyper-V code.

     Signed-off-by: Tianyu Lan [off-list ref]

diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h
index fa5cd05d3b5b..295c847c3cd4 100644
--- a/arch/x86/include/asm/sev.h
+++ b/arch/x86/include/asm/sev.h

@@ -81,12 +81,23 @@ static __always_inline void sev_es_nmi_complete(void)
                 __sev_es_nmi_complete();
  }
  extern int __init sev_es_efi_map_ghcbs(pgd_t *pgd);
+extern enum es_result __sev_es_ghcb_hv_call(struct ghcb *ghcb,
+                                           struct es_em_ctxt *ctxt,
+                                           u64 exit_code, u64 exit_info_1,
+                                           u64 exit_info_2);
  #else
  static inline void sev_es_ist_enter(struct pt_regs *regs) { }
  static inline void sev_es_ist_exit(void) { }
  static inline int sev_es_setup_ap_jump_table(struct real_mode_header 

*rmh) { return 0; }
  static inline void sev_es_nmi_complete(void) { }
  static inline int sev_es_efi_map_ghcbs(pgd_t *pgd) { return 0; }
+static inline enum es_result
+__sev_es_ghcb_hv_call(struct ghcb *ghcb,
+                     u64 exit_code, u64 exit_info_1,
+                     u64 exit_info_2)
+{
+       return ES_VMM_ERROR;
+}
  #endif

  #endif

diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c
index ea9abd69237e..08c97cb057fa 100644
--- a/arch/x86/kernel/sev-shared.c
+++ b/arch/x86/kernel/sev-shared.c

@@ -124,10 +124,14 @@ static enum es_result verify_exception_info(struct 

ghcb *ghcb, struct es_em_ctxt
         return ES_VMM_ERROR;
  }

-static enum es_result sev_es_ghcb_hv_call(struct ghcb *ghcb,
-                                         struct es_em_ctxt *ctxt,
-                                         u64 exit_code, u64 exit_info_1,
-                                         u64 exit_info_2)
+/*
+ * __sev_es_ghcb_hv_call() is also used in the other platform code(e.g
+ * Hyper-V).
+ */
+enum es_result __sev_es_ghcb_hv_call(struct ghcb *ghcb,
+                                    struct es_em_ctxt *ctxt,
+                                    u64 exit_code, u64 exit_info_1,
+                                    u64 exit_info_2)
  {
         /* Fill in protocol and format specifiers */
         ghcb->protocol_version = GHCB_PROTOCOL_MAX;

@@ -137,12 +141,22 @@ static enum es_result sev_es_ghcb_hv_call(struct 

ghcb *ghcb,
         ghcb_set_sw_exit_info_1(ghcb, exit_info_1);
         ghcb_set_sw_exit_info_2(ghcb, exit_info_2);

-       sev_es_wr_ghcb_msr(__pa(ghcb));
         VMGEXIT();

         return verify_exception_info(ghcb, ctxt);
  }

+static enum es_result sev_es_ghcb_hv_call(struct ghcb *ghcb,
+                                         struct es_em_ctxt *ctxt,
+                                         u64 exit_code, u64 exit_info_1,
+                                         u64 exit_info_2)
+{
+       sev_es_wr_ghcb_msr(__pa(ghcb));
+
+       return __sev_es_ghcb_hv_call(ghcb, ctxt, exit_code, exit_info_1,
+                                    exit_info_2);
+}
+
  /*
   * Boot VC Handler - This is the first VC handler during boot, there 
is no GHCB
   * page yet, so it only supports the MSR based communication with the
(END)


Thanks.