[PATCH v8 35/40] x86/sev: use firmware-validated CPUID for SEV-SNP guests

[PATCH v8 00/40] Add AMD Secure Nested Paging (SEV-SNP) Guest Support · Brijesh Singh <hidden> · 2021-12-10
[PATCH v8 01/40] x86/compressed/64: detect/setup SEV/SME features earlier in boot · Brijesh Singh <hidden> · 2021-12-10
Re: [PATCH v8 01/40] x86/compressed/64: detect/setup SEV/SME features earlier in boot · Dave Hansen <hidden> · 2021-12-10
Re: [PATCH v8 01/40] x86/compressed/64: detect/setup SEV/SME features earlier in boot · Venu Busireddy <hidden> · 2021-12-13
Re: [PATCH v8 01/40] x86/compressed/64: detect/setup SEV/SME features earlier in boot · Borislav Petkov <bp@alien8.de> · 2021-12-13
Re: [PATCH v8 01/40] x86/compressed/64: detect/setup SEV/SME features earlier in boot · Venu Busireddy <hidden> · 2021-12-14
[PATCH v8 02/40] x86/sev: detect/setup SEV/SME features earlier in boot · Brijesh Singh <hidden> · 2021-12-10
Re: [PATCH v8 02/40] x86/sev: detect/setup SEV/SME features earlier in boot · Venu Busireddy <hidden> · 2021-12-13
[PATCH v8 05/40] x86/sev: Save the negotiated GHCB version · Brijesh Singh <hidden> · 2021-12-10
Re: [PATCH v8 05/40] x86/sev: Save the negotiated GHCB version · Venu Busireddy <hidden> · 2021-12-14
[PATCH v8 04/40] x86/sev: Define the Linux specific guest termination reasons · Brijesh Singh <hidden> · 2021-12-10
Re: [PATCH v8 04/40] x86/sev: Define the Linux specific guest termination reasons · Venu Busireddy <hidden> · 2021-12-14
[PATCH v8 09/40] x86/compressed: Add helper for validating pages in the decompression stage · Brijesh Singh <hidden> · 2021-12-10
Re: [PATCH v8 09/40] x86/compressed: Add helper for validating pages in the decompression stage · Venu Busireddy <hidden> · 2021-12-17
Re: [PATCH v8 09/40] x86/compressed: Add helper for validating pages in the decompression stage · Brijesh Singh <hidden> · 2021-12-17
Re: [PATCH v8 09/40] x86/compressed: Add helper for validating pages in the decompression stage · Venu Busireddy <hidden> · 2022-01-03
[PATCH v8 15/40] x86/mm: Add support to validate memory when changing C-bit · Brijesh Singh <hidden> · 2021-12-10
Re: [PATCH v8 15/40] x86/mm: Add support to validate memory when changing C-bit · Venu Busireddy <hidden> · 2022-01-04
[PATCH v8 16/40] KVM: SVM: Define sev_features and vmpl field in the VMSA · Brijesh Singh <hidden> · 2021-12-10
Re: [PATCH v8 16/40] KVM: SVM: Define sev_features and vmpl field in the VMSA · Venu Busireddy <hidden> · 2022-01-04
[PATCH v8 17/40] KVM: SVM: Create a separate mapping for the SEV-ES save area · Brijesh Singh <hidden> · 2021-12-10
Re: [PATCH v8 17/40] KVM: SVM: Create a separate mapping for the SEV-ES save area · Venu Busireddy <hidden> · 2022-01-05
[PATCH v8 13/40] x86/kernel: Make the bss.decrypted section shared in RMP table · Brijesh Singh <hidden> · 2021-12-10
Re: [PATCH v8 13/40] x86/kernel: Make the bss.decrypted section shared in RMP table · Venu Busireddy <hidden> · 2022-01-04
Re: [PATCH v8 13/40] x86/kernel: Make the bss.decrypted section shared in RMP table · Brijesh Singh <hidden> · 2022-01-05
Re: [PATCH v8 13/40] x86/kernel: Make the bss.decrypted section shared in RMP table · Dave Hansen <hidden> · 2022-01-05
Re: [PATCH v8 13/40] x86/kernel: Make the bss.decrypted section shared in RMP table · Brijesh Singh <hidden> · 2022-01-05
Re: [PATCH v8 13/40] x86/kernel: Make the bss.decrypted section shared in RMP table · Venu Busireddy <hidden> · 2022-01-06
Re: [PATCH v8 13/40] x86/kernel: Make the bss.decrypted section shared in RMP table · Tom Lendacky <thomas.lendacky@amd.com> · 2022-01-06
Re: [PATCH v8 13/40] x86/kernel: Make the bss.decrypted section shared in RMP table · Venu Busireddy <hidden> · 2022-01-06
Re: [PATCH v8 13/40] x86/kernel: Make the bss.decrypted section shared in RMP table · Tom Lendacky <thomas.lendacky@amd.com> · 2022-01-06
[PATCH v8 14/40] x86/kernel: Validate rom memory before accessing when SEV-SNP is active · Brijesh Singh <hidden> · 2021-12-10
[PATCH v8 19/40] KVM: SVM: Update the SEV-ES save area mapping · Brijesh Singh <hidden> · 2021-12-10
Re: [PATCH v8 19/40] KVM: SVM: Update the SEV-ES save area mapping · Venu Busireddy <hidden> · 2022-01-05
[PATCH v8 22/40] x86/sev: move MSR-based VMGEXITs for CPUID to helper · Brijesh Singh <hidden> · 2021-12-10
Re: [PATCH v8 22/40] x86/sev: move MSR-based VMGEXITs for CPUID to helper · Sean Christopherson <seanjc@google.com> · 2021-12-30
Re: [PATCH v8 22/40] x86/sev: move MSR-based VMGEXITs for CPUID to helper · Borislav Petkov <bp@alien8.de> · 2022-01-04
Re: [PATCH v8 22/40] x86/sev: move MSR-based VMGEXITs for CPUID to helper · Michael Roth <hidden> · 2022-01-04
Re: [PATCH v8 22/40] x86/sev: move MSR-based VMGEXITs for CPUID to helper · Venu Busireddy <hidden> · 2022-01-06
Re: [PATCH v8 22/40] x86/sev: move MSR-based VMGEXITs for CPUID to helper · Michael Roth <hidden> · 2022-01-06
Re: [PATCH v8 22/40] x86/sev: move MSR-based VMGEXITs for CPUID to helper · Venu Busireddy <hidden> · 2022-01-06
[PATCH v8 20/40] x86/sev: Use SEV-SNP AP creation to start secondary CPUs · Brijesh Singh <hidden> · 2021-12-10
Re: [PATCH v8 20/40] x86/sev: Use SEV-SNP AP creation to start secondary CPUs · Dave Hansen <hidden> · 2021-12-10
Re: [PATCH v8 20/40] x86/sev: Use SEV-SNP AP creation to start secondary CPUs · Brijesh Singh <hidden> · 2022-01-12
Re: [PATCH v8 20/40] x86/sev: Use SEV-SNP AP creation to start secondary CPUs · Borislav Petkov <bp@alien8.de> · 2021-12-31
Re: [PATCH v8 20/40] x86/sev: Use SEV-SNP AP creation to start secondary CPUs · Vlastimil Babka <hidden> · 2022-01-03
Re: [PATCH v8 20/40] x86/sev: Use SEV-SNP AP creation to start secondary CPUs · Brijesh Singh <hidden> · 2022-01-12
Re: [PATCH v8 20/40] x86/sev: Use SEV-SNP AP creation to start secondary CPUs · Tom Lendacky <thomas.lendacky@amd.com> · 2022-01-12
[PATCH v8 24/40] x86/compressed/acpi: move EFI system table lookup to helper · Brijesh Singh <hidden> · 2021-12-10
Re: [PATCH v8 24/40] x86/compressed/acpi: move EFI system table lookup to helper · Dave Hansen <hidden> · 2021-12-10
Re: [PATCH v8 24/40] x86/compressed/acpi: move EFI system table lookup to helper · Michael Roth <hidden> · 2021-12-13
Re: [PATCH v8 24/40] x86/compressed/acpi: move EFI system table lookup to helper · Dave Hansen <hidden> · 2021-12-13
Re: [PATCH v8 24/40] x86/compressed/acpi: move EFI system table lookup to helper · Michael Roth <hidden> · 2021-12-13
Re: [PATCH v8 24/40] x86/compressed/acpi: move EFI system table lookup to helper · Venu Busireddy <hidden> · 2022-01-06
[PATCH v8 23/40] KVM: x86: move lookup of indexed CPUID leafs to helper · Brijesh Singh <hidden> · 2021-12-10
Re: [PATCH v8 23/40] KVM: x86: move lookup of indexed CPUID leafs to helper · Venu Busireddy <hidden> · 2022-01-06
[PATCH v8 21/40] x86/head: re-enable stack protection for 32/64-bit builds · Brijesh Singh <hidden> · 2021-12-10
[PATCH v8 18/40] KVM: SVM: Create a separate mapping for the GHCB save area · Brijesh Singh <hidden> · 2021-12-10
Re: [PATCH v8 18/40] KVM: SVM: Create a separate mapping for the GHCB save area · Venu Busireddy <hidden> · 2022-01-05
[PATCH v8 27/40] x86/boot: Add Confidential Computing type to setup_data · Brijesh Singh <hidden> · 2021-12-10
Re: [PATCH v8 27/40] x86/boot: Add Confidential Computing type to setup_data · Dave Hansen <hidden> · 2021-12-10
Re: [PATCH v8 27/40] x86/boot: Add Confidential Computing type to setup_data · Venu Busireddy <hidden> · 2022-01-06
[PATCH v8 28/40] KVM: SEV: Add documentation for SEV-SNP CPUID Enforcement · Brijesh Singh <hidden> · 2021-12-10
[PATCH v8 26/40] x86/compressed/acpi: move EFI vendor table lookup to helper · Brijesh Singh <hidden> · 2021-12-10
Re: [PATCH v8 26/40] x86/compressed/acpi: move EFI vendor table lookup to helper · Venu Busireddy <hidden> · 2022-01-06
[PATCH v8 12/40] x86/sev: Add helper for validating pages in early enc attribute changes · Brijesh Singh <hidden> · 2021-12-10
Re: [PATCH v8 12/40] x86/sev: Add helper for validating pages in early enc attribute changes · Venu Busireddy <hidden> · 2022-01-03
Re: [PATCH v8 12/40] x86/sev: Add helper for validating pages in early enc attribute changes · Brijesh Singh <hidden> · 2022-01-11
Re: [PATCH v8 12/40] x86/sev: Add helper for validating pages in early enc attribute changes · Venu Busireddy <hidden> · 2022-01-11
Re: [PATCH v8 12/40] x86/sev: Add helper for validating pages in early enc attribute changes · Brijesh Singh <hidden> · 2022-01-11
Re: [PATCH v8 12/40] x86/sev: Add helper for validating pages in early enc attribute changes · Venu Busireddy <hidden> · 2022-01-11
[PATCH v8 30/40] x86/boot: add a pointer to Confidential Computing blob in bootparams · Brijesh Singh <hidden> · 2021-12-10
[PATCH v8 29/40] x86/compressed/64: add support for SEV-SNP CPUID table in #VC handlers · Brijesh Singh <hidden> · 2021-12-10
[PATCH v8 25/40] x86/compressed/acpi: move EFI config table lookup to helper · Brijesh Singh <hidden> · 2021-12-10
Re: [PATCH v8 25/40] x86/compressed/acpi: move EFI config table lookup to helper · Venu Busireddy <hidden> · 2022-01-06
[PATCH v8 31/40] x86/compressed: add SEV-SNP feature detection/setup · Brijesh Singh <hidden> · 2021-12-10
[PATCH v8 11/40] x86/sev: Register GHCB memory when SEV-SNP is active · Brijesh Singh <hidden> · 2021-12-10
Re: [PATCH v8 11/40] x86/sev: Register GHCB memory when SEV-SNP is active · Venu Busireddy <hidden> · 2022-01-03
[PATCH v8 33/40] x86/compressed/64: add identity mapping for Confidential Computing blob · Brijesh Singh <hidden> · 2021-12-10
Re: [PATCH v8 33/40] x86/compressed/64: add identity mapping for Confidential Computing blob · Dave Hansen <hidden> · 2021-12-10
Re: [PATCH v8 33/40] x86/compressed/64: add identity mapping for Confidential Computing blob · Michael Roth <hidden> · 2021-12-13
[PATCH v8 38/40] virt: Add SEV-SNP guest driver · Brijesh Singh <hidden> · 2021-12-10
[PATCH v8 37/40] x86/sev: Register SNP guest request platform device · Brijesh Singh <hidden> · 2021-12-10
[PATCH v8 40/40] virt: sevguest: Add support to get extended report · Brijesh Singh <hidden> · 2021-12-10
[PATCH v8 39/40] virt: sevguest: Add support to derive key · Brijesh Singh <hidden> · 2021-12-10
Re: [PATCH v8 39/40] virt: sevguest: Add support to derive key · Liam Merwick <hidden> · 2021-12-10
[PATCH v8 36/40] x86/sev: Provide support for SNP guest request NAEs · Brijesh Singh <hidden> · 2021-12-10
[PATCH v8 35/40] x86/sev: use firmware-validated CPUID for SEV-SNP guests · Brijesh Singh <hidden> · 2021-12-10
[PATCH v8 32/40] x86/compressed: use firmware-validated CPUID for SEV-SNP guests · Brijesh Singh <hidden> · 2021-12-10
Re: [PATCH v8 32/40] x86/compressed: use firmware-validated CPUID for SEV-SNP guests · Borislav Petkov <bp@alien8.de> · 2022-01-20
[PATCH v8 34/40] x86/sev: add SEV-SNP feature detection/setup · Brijesh Singh <hidden> · 2021-12-10
[PATCH v8 03/40] x86/mm: Extend cc_attr to include AMD SEV-SNP · Brijesh Singh <hidden> · 2021-12-10
Re: [PATCH v8 03/40] x86/mm: Extend cc_attr to include AMD SEV-SNP · Venu Busireddy <hidden> · 2021-12-13
[PATCH v8 10/40] x86/compressed: Register GHCB memory when SEV-SNP is active · Brijesh Singh <hidden> · 2021-12-10
Re: [PATCH v8 10/40] x86/compressed: Register GHCB memory when SEV-SNP is active · Venu Busireddy <hidden> · 2022-01-03
[PATCH v8 08/40] x86/sev: Check the vmpl level · Brijesh Singh <hidden> · 2021-12-10
Re: [PATCH v8 08/40] x86/sev: Check the vmpl level · Venu Busireddy <hidden> · 2021-12-16
Re: [PATCH v8 08/40] x86/sev: Check the vmpl level · Mikolaj Lisik <hidden> · 2021-12-16
Re: [PATCH v8 08/40] x86/sev: Check the vmpl level · Brijesh Singh <hidden> · 2021-12-17
Re: [PATCH v8 08/40] x86/sev: Check the vmpl level · Tom Lendacky <thomas.lendacky@amd.com> · 2021-12-17
[PATCH v8 07/40] x86/sev: Add a helper for the PVALIDATE instruction · Brijesh Singh <hidden> · 2021-12-10
Re: [PATCH v8 07/40] x86/sev: Add a helper for the PVALIDATE instruction · Venu Busireddy <hidden> · 2021-12-16
[PATCH v8 06/40] x86/sev: Check SEV-SNP features support · Brijesh Singh <hidden> · 2021-12-10
Re: [PATCH v8 06/40] x86/sev: Check SEV-SNP features support · Borislav Petkov <bp@alien8.de> · 2021-12-16
Re: [PATCH v8 06/40] x86/sev: Check SEV-SNP features support · Brijesh Singh <hidden> · 2021-12-16
Re: [PATCH v8 06/40] x86/sev: Check SEV-SNP features support · Borislav Petkov <bp@alien8.de> · 2021-12-16
Re: [PATCH v8 06/40] x86/sev: Check SEV-SNP features support · Venu Busireddy <hidden> · 2021-12-16
Re: [PATCH v8 00/40] Add AMD Secure Nested Paging (SEV-SNP) Guest Support · Dave Hansen <hidden> · 2021-12-10

STALE1583d

Revisions (9)

2021-07-07 v4 [diff vs current]
2021-08-20 v5 [diff vs current]
2021-10-08 v6 [diff vs current]
2021-11-10 v7 [diff vs current]
2021-12-10 v8 current
2022-01-28 v9 [diff vs current]
2022-02-09 v10 [diff vs current]
2022-02-24 v11 [diff vs current]
2022-03-07 v12 [diff vs current]

From: Brijesh Singh <hidden>
Date: 2021-12-10 15:46:44
Also in: kvm, linux-coco, linux-efi, lkml, platform-driver-x86
Subsystem: the rest, x86 architecture (32-bit and 64-bit) · Maintainers: Linus Torvalds, Thomas Gleixner, Ingo Molnar, Borislav Petkov, Dave Hansen

From: Michael Roth <redacted>

SEV-SNP guests will be provided the location of special 'secrets' and
'CPUID' pages via the Confidential Computing blob. This blob is
provided to the run-time kernel either through bootparams field that
was initialized by the boot/compressed kernel, or via a setup_data
structure as defined by the Linux Boot Protocol.

Locate the Confidential Computing from these sources and, if found,
use the provided CPUID page/table address to create a copy that the
run-time kernel will use when servicing cpuid instructions via a #VC
handler.

Signed-off-by: Michael Roth <redacted>
Signed-off-by: Brijesh Singh <redacted>
---
 arch/x86/include/asm/sev.h   | 10 ----------
 arch/x86/kernel/sev-shared.c |  2 +-
 arch/x86/kernel/sev.c        | 37 ++++++++++++++++++++++++++++++++++++
 3 files changed, 38 insertions(+), 11 deletions(-)

diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h
index 4d32af1348ed..76a208fd451b 100644
--- a/arch/x86/include/asm/sev.h
+++ b/arch/x86/include/asm/sev.h

@@ -148,16 +148,6 @@ void snp_set_memory_private(unsigned long vaddr, unsigned int npages);
 void snp_set_wakeup_secondary_cpu(void);
 bool snp_init(struct boot_params *bp);
 void snp_abort(void);
-/*
- * TODO: These are exported only temporarily while boot/compressed/sev.c is
- * the only user. This is to avoid unused function warnings for kernel/sev.c
- * during the build of kernel proper.
- *
- * Once the code is added to consume these in kernel proper these functions
- * can be moved back to being statically-scoped to units that pull in
- * sev-shared.c via #include and these declarations can be dropped.
- */
-void snp_cpuid_info_create(const struct cc_blob_sev_info *cc_info);
 #else
 static inline void sev_es_ist_enter(struct pt_regs *regs) { }
 static inline void sev_es_ist_exit(void) { }

diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c
index 72836abcdbe2..7bc7e297f88c 100644
--- a/arch/x86/kernel/sev-shared.c
+++ b/arch/x86/kernel/sev-shared.c

@@ -995,7 +995,7 @@ snp_find_cc_blob_setup_data(struct boot_params *bp)
  * mapping needs to be updated in sync with all the changes to virtual memory
  * layout and related mapping facilities throughout the boot process.
  */
-void __init snp_cpuid_info_create(const struct cc_blob_sev_info *cc_info)
+static void __init snp_cpuid_info_create(const struct cc_blob_sev_info *cc_info)
 {
 	const struct snp_cpuid_info *cpuid_info_fw, *cpuid_info;

diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c
index 0e5c45eacc77..70e18b98bb68 100644
--- a/arch/x86/kernel/sev.c
+++ b/arch/x86/kernel/sev.c

@@ -2001,6 +2001,12 @@ bool __init snp_init(struct boot_params *bp)
 	if (!cc_info)
 		return false;
 
+	snp_cpuid_info_create(cc_info);
+
+	/* SEV-SNP CPUID table is set up now. Do some sanity checks. */
+	if (!snp_cpuid_active())
+		sev_es_terminate(1, GHCB_TERM_CPUID);
+
 	/*
 	 * The CC blob will be used later to access the secrets page. Cache
 	 * it here like the boot kernel does.

@@ -2014,3 +2020,34 @@ void __init snp_abort(void)
 {
 	sev_es_terminate(1, GHCB_SNP_UNSUPPORTED);
 }
+
+/*
+ * It is useful from an auditing/testing perspective to provide an easy way
+ * for the guest owner to know that the CPUID table has been initialized as
+ * expected, but that initialization happens too early in boot to print any
+ * sort of indicator, and there's not really any other good place to do it. So
+ * do it here, and while at it, go ahead and re-verify that nothing strange has
+ * happened between early boot and now.
+ */
+static int __init snp_cpuid_check_status(void)
+{
+	const struct snp_cpuid_info *cpuid_info = snp_cpuid_info_get_ptr();
+
+	if (!cc_platform_has(CC_ATTR_SEV_SNP)) {
+		/* Firmware should not have advertised the feature. */
+		if (snp_cpuid_active())
+			panic("Invalid use of SEV-SNP CPUID table.");
+		return 0;
+	}
+
+	/* CPUID table should always be available when SEV-SNP is enabled. */
+	if (!snp_cpuid_active())
+		sev_es_terminate(1, GHCB_TERM_CPUID);
+
+	pr_info("Using SEV-SNP CPUID table, %d entries present.\n",
+		cpuid_info->count);
+
+	return 0;
+}
+
+arch_initcall(snp_cpuid_check_status);

-- 
2.25.1

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help