[RFC,04/31] Add GHCB allocations and helpers

Message ID	20250228093024.114983-5-Neeraj.Upadhyay@amd.com
State	New
Headers	show Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2047.outbound.protection.outlook.com [40.107.237.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F184C2586EF; Fri, 28 Feb 2025 09:38:21 +0000 (UTC) Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C From: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com> To: <kvm@vger.kernel.org>, <seanjc@google.com>, <pbonzini@redhat.com> CC: <linux-kernel@vger.kernel.org>, <Thomas.Lendacky@amd.com>, <nikunj@amd.com>, <Santosh.Shukla@amd.com>, <Vasant.Hegde@amd.com>, <Suravee.Suthikulpanit@amd.com>, <bp@alien8.de>, <David.Kaplan@amd.com>, <huibo.wang@amd.com>, <naveen.rao@amd.com>, <pgonda@google.com>, <linux-kselftest@vger.kernel.org>, <shuah@kernel.org> Subject: [RFC PATCH 04/31] Add GHCB allocations and helpers Date: Fri, 28 Feb 2025 14:59:57 +0530 Message-ID: <20250228093024.114983-5-Neeraj.Upadhyay@amd.com> In-Reply-To: <20250228093024.114983-1-Neeraj.Upadhyay@amd.com> References: <20250228093024.114983-1-Neeraj.Upadhyay@amd.com> Precedence: bulk MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain
Series	AMD: Add Secure AVIC KVM selftests \| expand [RFC,00/31] AMD: Add Secure AVIC KVM selftests [RFC,02/31] Add arch specific additional guest pages [RFC,04/31] Add GHCB allocations and helpers [RFC,06/31] Add ability for SEV-ES guests to use ucalls via GHCB [RFC,08/31] KVM: selftests: Make GHCB entry page size aligned [RFC,10/31] KVM: selftests: Add MSR VC handling support for SEV-ES VMs [RFC,12/31] KVM: selftests: Add instruction decoding support [RFC,14/31] KVM: selftests: Add MMIO VC exception handling for SEV-ES guests [RFC,16/31] KVM: selftests: Add SEV guests support in xapic_state_test [RFC,18/31] KVM: selftests: Add SEV VM support in xapic_ipi_test [RFC,20/31] KVM: selftests: Add unaccelerated APIC msrs #VC handling [RFC,22/31] KVM: selftests: Add args param to kvm_arch_vm_post_create() [RFC,24/31] KVM: selftests: Add Secure AVIC mode to xapic_ipi_test [RFC,26/31] KVM: selftests: Add test to verify APIC MSR accesses for SAVIC guest [RFC,28/31] KVM: selftests: Add IOAPIC tests for Secure AVIC [RFC,30/31] KVM: selftests: Add NMI test for SAVIC guests

Message ID

20250228093024.114983-5-Neeraj.Upadhyay@amd.com

State

New

Headers

Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C
From: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
To: <kvm@vger.kernel.org>, <seanjc@google.com>, <pbonzini@redhat.com>
CC: <linux-kernel@vger.kernel.org>, <Thomas.Lendacky@amd.com>,
	<nikunj@amd.com>, <Santosh.Shukla@amd.com>, <Vasant.Hegde@amd.com>,
	<Suravee.Suthikulpanit@amd.com>, <bp@alien8.de>, <David.Kaplan@amd.com>,
	<huibo.wang@amd.com>, <naveen.rao@amd.com>, <pgonda@google.com>,
	<linux-kselftest@vger.kernel.org>, <shuah@kernel.org>
Subject: [RFC PATCH 04/31] Add GHCB allocations and helpers
Date: Fri, 28 Feb 2025 14:59:57 +0530
Message-ID: <20250228093024.114983-5-Neeraj.Upadhyay@amd.com>
In-Reply-To: <20250228093024.114983-1-Neeraj.Upadhyay@amd.com>
References: <20250228093024.114983-1-Neeraj.Upadhyay@amd.com>
Precedence: bulk
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 28 Feb 2025 09:38:16.9158
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 f1554f4a-c9a6-45f0-f093-08dd57dba13e
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
	SJ5PEPF000001ED.namprd05.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB6134

Series

AMD: Add Secure AVIC KVM selftests | expand

Commit Message

Neeraj Upadhyay Feb. 28, 2025, 9:29 a.m. UTC

From: Peter Gonda <pgonda@google.com>

Add GHCB management functionality similar to the ucall management.
Allows for selftest vCPUs to acquire GHCBs for their usage.

Cc: Vishal Annapurve <vannapurve@google.com>
Cc: Ackerley Tng <ackerleytng@google.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Claudio Imbrenda <imbrenda@linux.ibm.com>
Cc: Sean Christopherson <seanjc@google.com>
Cc: Carlos Bilbao <carlos.bilbao@amd.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: kvm@vger.kernel.org
Cc: linux-kselftest@vger.kernel.org
Signed-off-by: Peter Gonda <pgonda@google.com>
Signed-off-by: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
---
 tools/testing/selftests/kvm/include/x86/sev.h |  1 +
 .../testing/selftests/kvm/lib/x86/processor.c |  9 +++
 tools/testing/selftests/kvm/lib/x86/sev.c     | 78 +++++++++++++++++++
 3 files changed, 88 insertions(+)

diff --git a/tools/testing/selftests/kvm/include/x86/sev.h b/tools/testing/selftests/kvm/include/x86/sev.h
index fd5d5261e10e..0b4411847cbf 100644
--- a/tools/testing/selftests/kvm/include/x86/sev.h
+++ b/tools/testing/selftests/kvm/include/x86/sev.h
@@ -43,6 +43,7 @@  enum sev_guest_state {
 bool is_sev_vm(struct kvm_vm *vm);
 bool is_sev_es_vm(struct kvm_vm *vm);
 bool is_sev_snp_vm(struct kvm_vm *vm);
+int ghcb_nr_pages_required(uint64_t page_size);
 
 void sev_vm_launch(struct kvm_vm *vm, uint32_t policy);
 void sev_vm_launch_measure(struct kvm_vm *vm, uint8_t *measurement);
diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testing/selftests/kvm/lib/x86/processor.c
index a92dc1dad085..7129dfb652c4 100644
--- a/tools/testing/selftests/kvm/lib/x86/processor.c
+++ b/tools/testing/selftests/kvm/lib/x86/processor.c
@@ -651,6 +651,15 @@  void kvm_arch_vm_post_create(struct kvm_vm *vm)
 	sync_global_to_guest(vm, guest_tsc_khz);
 }
 
+int kvm_arch_vm_additional_pages_required(struct vm_shape shape, uint64_t page_size)
+{
+	if (shape.type == KVM_X86_SEV_ES_VM ||
+	    shape.type == KVM_X86_SNP_VM)
+		return  ghcb_nr_pages_required(page_size);
+
+	return 0;
+}
+
 void vcpu_arch_set_entry_point(struct kvm_vcpu *vcpu, void *guest_code)
 {
 	struct kvm_regs regs;
diff --git a/tools/testing/selftests/kvm/lib/x86/sev.c b/tools/testing/selftests/kvm/lib/x86/sev.c
index 17d493e9907a..dd7ccf0324c5 100644
--- a/tools/testing/selftests/kvm/lib/x86/sev.c
+++ b/tools/testing/selftests/kvm/lib/x86/sev.c
@@ -3,6 +3,80 @@ 
 #include <stdbool.h>
 
 #include "sev.h"
+#include "linux/bitmap.h"
+#include "svm.h"
+#include "svm_util.h"
+
+struct ghcb_entry {
+	struct ghcb ghcb;
+
+	/* Guest physical address of this GHCB. */
+	void *gpa;
+
+	/* Host virtual address of this struct. */
+	struct ghcb_entry *hva;
+};
+
+struct ghcb_header {
+	struct ghcb_entry ghcbs[KVM_MAX_VCPUS];
+	DECLARE_BITMAP(in_use, KVM_MAX_VCPUS);
+};
+
+static struct ghcb_header *ghcb_pool;
+
+int ghcb_nr_pages_required(uint64_t page_size)
+{
+	return align_up(sizeof(struct ghcb_header), page_size) / page_size;
+}
+
+void ghcb_init(struct kvm_vm *vm)
+{
+	struct ghcb_header *hdr;
+	struct ghcb_entry *entry;
+	vm_vaddr_t vaddr;
+	int i;
+
+	vaddr = vm_vaddr_alloc_shared(vm, sizeof(*hdr), KVM_UTIL_MIN_VADDR,
+				      MEM_REGION_DATA);
+	hdr = (struct ghcb_header *)addr_gva2hva(vm, vaddr);
+	memset(hdr, 0, sizeof(*hdr));
+
+	for (i = 0; i < KVM_MAX_VCPUS; ++i) {
+		entry = &hdr->ghcbs[i];
+		entry->hva = entry;
+		entry->gpa = (void *)addr_hva2gpa(vm, &entry->ghcb);
+	}
+
+	write_guest_global(vm, ghcb_pool, (struct ghcb_header *)vaddr);
+}
+
+static struct ghcb_entry *ghcb_alloc(void)
+{
+	return &ghcb_pool->ghcbs[0];
+	struct ghcb_entry *entry;
+	int i;
+
+	if (!ghcb_pool)
+		goto ucall_failed;
+
+	for (i = 0; i < KVM_MAX_VCPUS; ++i) {
+		if (!test_and_set_bit(i, ghcb_pool->in_use)) {
+			entry = &ghcb_pool->ghcbs[i];
+			memset(&entry->ghcb, 0, sizeof(entry->ghcb));
+			return entry;
+		}
+	}
+
+ucall_failed:
+	return NULL;
+}
+
+static void ghcb_free(struct ghcb_entry *entry)
+{
+	/* Beware, here be pointer arithmetic.  */
+	clear_bit(entry - ghcb_pool->ghcbs, ghcb_pool->in_use);
+}
+
 
 bool is_sev_snp_vm(struct kvm_vm *vm)
 {
@@ -117,7 +191,11 @@  void sev_vm_launch(struct kvm_vm *vm, uint32_t policy)
 	struct kvm_sev_guest_status status;
 	int ctr;
 
+	if (is_sev_es_vm(vm))
+		ghcb_init(vm);
+
 	vm_sev_ioctl(vm, KVM_SEV_LAUNCH_START, &launch_start);
+
 	vm_sev_ioctl(vm, KVM_SEV_GUEST_STATUS, &status);
 
 	TEST_ASSERT_EQ(status.policy, policy);

[RFC,04/31] Add GHCB allocations and helpers

Commit Message

Patch