Re: [PATCH v7 09/45] x86/sev: Save the negotiated GHCB version

[PATCH v7 00/45] Add AMD Secure Nested Paging (SEV-SNP) Guest Support · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 01/45] x86/compressed/64: detect/setup SEV/SME features earlier in boot · Brijesh Singh <hidden> · 2021-11-10
Re: [PATCH v7 01/45] x86/compressed/64: detect/setup SEV/SME features earlier in boot · Borislav Petkov <bp@alien8.de> · 2021-11-12
Re: [PATCH v7 01/45] x86/compressed/64: detect/setup SEV/SME features earlier in boot · Michael Roth <hidden> · 2021-11-12
Re: [PATCH v7 01/45] x86/compressed/64: detect/setup SEV/SME features earlier in boot · Venu Busireddy <hidden> · 2021-11-23
[PATCH v7 02/45] x86/sev: detect/setup SEV/SME features earlier in boot · Brijesh Singh <hidden> · 2021-11-10
Re: [PATCH v7 02/45] x86/sev: detect/setup SEV/SME features earlier in boot · Borislav Petkov <bp@alien8.de> · 2021-11-16
Re: [PATCH v7 02/45] x86/sev: detect/setup SEV/SME features earlier in boot · Michael Roth <hidden> · 2021-11-16
Re: [PATCH v7 02/45] x86/sev: detect/setup SEV/SME features earlier in boot · Borislav Petkov <bp@alien8.de> · 2021-11-17
Re: [PATCH v7 02/45] x86/sev: detect/setup SEV/SME features earlier in boot · Venu Busireddy <hidden> · 2021-12-06
[PATCH v7 03/45] x86/mm: Extend cc_attr to include AMD SEV-SNP · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 05/45] x86/sev: Get rid of excessive use of defines · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 04/45] x86/sev: Shorten GHCB terminate macro names · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 06/45] x86/head64: Carve out the guest encryption postprocessing into a helper · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 07/45] x86/sev: Remove do_early_exception() forward declarations · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 08/45] x86/sev: Define the Linux specific guest termination reasons · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 10/45] x86/sev: Add support for hypervisor feature VMGEXIT · Brijesh Singh <hidden> · 2021-11-10
Re: [PATCH v7 10/45] x86/sev: Add support for hypervisor feature VMGEXIT · Borislav Petkov <bp@alien8.de> · 2021-12-02
Re: [PATCH v7 10/45] x86/sev: Add support for hypervisor feature VMGEXIT · Brijesh Singh <hidden> · 2021-12-06
[PATCH v7 12/45] x86/sev: Add a helper for the PVALIDATE instruction · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 11/45] x86/sev: Check SEV-SNP features support · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 18/45] x86/kernel: Make the bss.decrypted section shared in RMP table · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 14/45] x86/compressed: Add helper for validating pages in the decompression stage · Brijesh Singh <hidden> · 2021-11-10
Re: [PATCH v7 14/45] x86/compressed: Add helper for validating pages in the decompression stage · Borislav Petkov <bp@alien8.de> · 2021-12-07
Re: [PATCH v7 14/45] x86/compressed: Add helper for validating pages in the decompression stage · Brijesh Singh <hidden> · 2021-12-07
[PATCH v7 23/45] KVM: SVM: Create a separate mapping for the GHCB save area · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 22/45] KVM: SVM: Create a separate mapping for the SEV-ES save area · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 26/45] x86/head: re-enable stack protection for 32/64-bit builds · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 29/45] x86/compressed/acpi: move EFI system table lookup to helper · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 27/45] x86/sev: move MSR-based VMGEXITs for CPUID to helper · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 25/45] x86/sev: Use SEV-SNP AP creation to start secondary CPUs · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 28/45] KVM: x86: move lookup of indexed CPUID leafs to helper · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 24/45] KVM: SVM: Update the SEV-ES save area mapping · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 21/45] KVM: SVM: Define sev_features and vmpl field in the VMSA · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 20/45] x86/mm: Add support to validate memory when changing C-bit · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 15/45] x86/compressed: Register GHCB memory when SEV-SNP is active · Brijesh Singh <hidden> · 2021-11-10
Re: [PATCH v7 15/45] x86/compressed: Register GHCB memory when SEV-SNP is active · Jörg Rödel <joro@8bytes.org> · 2021-11-15
[PATCH v7 19/45] x86/kernel: Validate rom memory before accessing when SEV-SNP is active · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 09/45] x86/sev: Save the negotiated GHCB version · Brijesh Singh <hidden> · 2021-11-10
Re: [PATCH v7 09/45] x86/sev: Save the negotiated GHCB version · Tianyu Lan <hidden> · 2021-12-07
Re: [PATCH v7 09/45] x86/sev: Save the negotiated GHCB version · Borislav Petkov <bp@alien8.de> · 2021-12-07
Re: [PATCH v7 09/45] x86/sev: Save the negotiated GHCB version · Brijesh Singh <hidden> · 2021-12-07
[PATCH v7 16/45] x86/sev: Register GHCB memory when SEV-SNP is active · Brijesh Singh <hidden> · 2021-11-10
Re: [PATCH v7 16/45] x86/sev: Register GHCB memory when SEV-SNP is active · Borislav Petkov <bp@alien8.de> · 2021-12-08
[PATCH v7 13/45] x86/sev: Check the vmpl level · Brijesh Singh <hidden> · 2021-11-10
Re: [PATCH v7 13/45] x86/sev: Check the vmpl level · Borislav Petkov <bp@alien8.de> · 2021-12-06
[PATCH v7 17/45] x86/sev: Add helper for validating pages in early enc attribute changes · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 31/45] x86/compressed/acpi: move EFI vendor table lookup to helper · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 32/45] x86/boot: Add Confidential Computing type to setup_data · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 38/45] x86/compressed/64: add identity mapping for Confidential Computing blob · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 40/45] x86/sev: use firmware-validated CPUID for SEV-SNP guests · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 35/45] x86/boot: add a pointer to Confidential Computing blob in bootparams · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 39/45] x86/sev: add SEV-SNP feature detection/setup · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 30/45] x86/compressed/acpi: move EFI config table lookup to helper · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 37/45] x86/compressed: use firmware-validated CPUID for SEV-SNP guests · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 42/45] x86/sev: Register SNP guest request platform device · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 34/45] x86/compressed/64: add support for SEV-SNP CPUID table in #VC handlers · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 41/45] x86/sev: Provide support for SNP guest request NAEs · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 43/45] virt: Add SEV-SNP guest driver · Brijesh Singh <hidden> · 2021-11-10
Re: [PATCH v7 43/45] virt: Add SEV-SNP guest driver · Randy Dunlap <hidden> · 2021-11-10
Re: [PATCH v7 43/45] virt: Add SEV-SNP guest driver · Brijesh Singh <hidden> · 2021-11-11
Re: [PATCH v7 43/45] virt: Add SEV-SNP guest driver · Randy Dunlap <hidden> · 2021-11-11
Re: [PATCH v7 43/45] virt: Add SEV-SNP guest driver · Peter Gonda <hidden> · 2021-11-17
Re: [PATCH v7 43/45] virt: Add SEV-SNP guest driver · Peter Gonda <hidden> · 2021-11-18
Re: [PATCH v7 43/45] virt: Add SEV-SNP guest driver · Brijesh Singh <hidden> · 2021-11-18
Re: [PATCH v7 43/45] virt: Add SEV-SNP guest driver · Peter Gonda <hidden> · 2021-11-19
Re: [PATCH v7 43/45] virt: Add SEV-SNP guest driver · Brijesh Singh <hidden> · 2021-11-20
[PATCH v7 33/45] KVM: SEV: Add documentation for SEV-SNP CPUID Enforcement · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 36/45] x86/compressed: add SEV-SNP feature detection/setup · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 45/45] virt: sevguest: Add support to get extended report · Brijesh Singh <hidden> · 2021-11-10
[PATCH v7 44/45] virt: sevguest: Add support to derive key · Brijesh Singh <hidden> · 2021-11-10
Re: [PATCH v7 44/45] virt: sevguest: Add support to derive key · Peter Gonda <hidden> · 2021-11-18
Re: [PATCH v7 44/45] virt: sevguest: Add support to derive key · Brijesh Singh <hidden> · 2021-11-18
Re: [PATCH v7 00/45] Add AMD Secure Nested Paging (SEV-SNP) Guest Support · Venu Busireddy <hidden> · 2021-11-15
Re: [PATCH v7 00/45] Add AMD Secure Nested Paging (SEV-SNP) Guest Support · Brijesh Singh <hidden> · 2021-11-15
Re: [PATCH v7 00/45] Add AMD Secure Nested Paging (SEV-SNP) Guest Support · Venu Busireddy <hidden> · 2021-11-15
Re: [PATCH v7 00/45] Add AMD Secure Nested Paging (SEV-SNP) Guest Support · Brijesh Singh <hidden> · 2021-11-15
Re: [PATCH v7 00/45] Add AMD Secure Nested Paging (SEV-SNP) Guest Support · Venu Busireddy <hidden> · 2021-11-15
Re: [PATCH v7 00/45] Add AMD Secure Nested Paging (SEV-SNP) Guest Support · Venu Busireddy <hidden> · 2021-11-16
Re: [PATCH v7 00/45] Add AMD Secure Nested Paging (SEV-SNP) Guest Support · Brijesh Singh <hidden> · 2021-11-16

From: Borislav Petkov <bp@alien8.de>
Date: 2021-12-07 13:17:39
Also in: kvm, linux-efi, lkml, platform-driver-x86

On Tue, Dec 07, 2021 at 08:51:53PM +0800, Tianyu Lan wrote:

Hi Brijesh:

Do me a favor please and learn not to top-post on a public mailing list.
Also, take the time to read Documentation/process/ before you send
upstream patches and how to work with the community in general.

We find this patch breaks AMD SEV support in the Hyper-V Isolation
VM. Hyper-V code also uses sev_es_ghcb_hv_call() to read or write msr
value. The sev_es_check_cpu_features() isn't called in the Hyper-V
code and so the ghcb_version is always 0.

If hyperv is going to expose hypervisor features, then it better report
GHCB v2. If not, then I guess < 2 or 1 or so, depending on how this is
defined.

Could you add a new parameter ghcb_version for sev_es_ghcb_hv_call()
and then caller may input ghcb_version?

No, your hypervisor needs to adhere to the spec and report proper ghcb
version. We won't be doing any accomodate-hyperv hacks.

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help