From d6e2d652443751e290b2edb70173ec3c22f78fbe Mon Sep 17 00:00:00 2001 From: Tianyu Lan Date: Fri, 18 Aug 2023 06:29:11 -0400 Subject: x86/hyperv: Add sev-snp enlightened guest static key Introduce static key isolation_type_en_snp for enlightened sev-snp guest check. Reviewed-by: Dexuan Cui Reviewed-by: Michael Kelley Signed-off-by: Tianyu Lan Signed-off-by: Wei Liu Link: https://lore.kernel.org/r/20230818102919.1318039-2-ltykernel@gmail.com --- include/asm-generic/mshyperv.h | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) (limited to 'include/asm-generic') diff --git a/include/asm-generic/mshyperv.h b/include/asm-generic/mshyperv.h index 402a8c1c202d..580c766958de 100644 --- a/include/asm-generic/mshyperv.h +++ b/include/asm-generic/mshyperv.h @@ -36,15 +36,21 @@ struct ms_hyperv_info { u32 nested_features; u32 max_vp_index; u32 max_lp_index; - u32 isolation_config_a; + union { + u32 isolation_config_a; + struct { + u32 paravisor_present : 1; + u32 reserved_a1 : 31; + }; + }; union { u32 isolation_config_b; struct { u32 cvm_type : 4; - u32 reserved1 : 1; + u32 reserved_b1 : 1; u32 shared_gpa_boundary_active : 1; u32 shared_gpa_boundary_bits : 6; - u32 reserved2 : 20; + u32 reserved_b2 : 20; }; }; u64 shared_gpa_boundary; @@ -58,6 +64,7 @@ extern void * __percpu *hyperv_pcpu_output_arg; extern u64 hv_do_hypercall(u64 control, void *inputaddr, void *outputaddr); extern u64 hv_do_fast_hypercall8(u16 control, u64 input8); extern bool hv_isolation_type_snp(void); +extern bool hv_isolation_type_en_snp(void); /* Helper functions that provide a consistent pattern for checking Hyper-V hypercall status. */ static inline int hv_result(u64 status) -- cgit v1.2.3 From 8387ce06d70bbbb97a0c168a52b68268ae0da075 Mon Sep 17 00:00:00 2001 From: Tianyu Lan Date: Fri, 18 Aug 2023 06:29:12 -0400 Subject: x86/hyperv: Set Virtual Trust Level in VMBus init message SEV-SNP guests on Hyper-V can run at multiple Virtual Trust Levels (VTL). During boot, get the VTL at which we're running using the GET_VP_REGISTERs hypercall, and save the value for future use. Then during VMBus initialization, set the VTL with the saved value as required in the VMBus init message. Reviewed-by: Dexuan Cui Reviewed-by: Michael Kelley Signed-off-by: Tianyu Lan Signed-off-by: Wei Liu Link: https://lore.kernel.org/r/20230818102919.1318039-3-ltykernel@gmail.com --- include/asm-generic/mshyperv.h | 1 + 1 file changed, 1 insertion(+) (limited to 'include/asm-generic') diff --git a/include/asm-generic/mshyperv.h b/include/asm-generic/mshyperv.h index 580c766958de..efd0d2aedad3 100644 --- a/include/asm-generic/mshyperv.h +++ b/include/asm-generic/mshyperv.h @@ -54,6 +54,7 @@ struct ms_hyperv_info { }; }; u64 shared_gpa_boundary; + u8 vtl; }; extern struct ms_hyperv_info ms_hyperv; extern bool hv_nested; -- cgit v1.2.3 From 44676bb9d566ce2bfbd132f9745eb7eb2d784476 Mon Sep 17 00:00:00 2001 From: Tianyu Lan Date: Fri, 18 Aug 2023 06:29:17 -0400 Subject: x86/hyperv: Add smp support for SEV-SNP guest In the AMD SEV-SNP guest, AP needs to be started up via sev es save area and Hyper-V requires to call HVCALL_START_VP hypercall to pass the gpa of sev es save area with AP's vp index and VTL(Virtual trust level) parameters. Override wakeup_secondary_cpu_64 callback with hv_snp_boot_ap. Reviewed-by: Dexuan Cui Reviewed-by: Michael Kelley Signed-off-by: Tianyu Lan Signed-off-by: Wei Liu Link: https://lore.kernel.org/r/20230818102919.1318039-8-ltykernel@gmail.com --- include/asm-generic/hyperv-tlfs.h | 1 + 1 file changed, 1 insertion(+) (limited to 'include/asm-generic') diff --git a/include/asm-generic/hyperv-tlfs.h b/include/asm-generic/hyperv-tlfs.h index f4e4cc4f965f..fdac4a1714ec 100644 --- a/include/asm-generic/hyperv-tlfs.h +++ b/include/asm-generic/hyperv-tlfs.h @@ -223,6 +223,7 @@ enum HV_GENERIC_SET_FORMAT { #define HV_STATUS_INVALID_PORT_ID 17 #define HV_STATUS_INVALID_CONNECTION_ID 18 #define HV_STATUS_INSUFFICIENT_BUFFERS 19 +#define HV_STATUS_TIME_OUT 120 #define HV_STATUS_VTL_ALREADY_ENABLED 134 /* -- cgit v1.2.3 From 08e9d12077fcc7c4c4579d7dcd8093b59b01369e Mon Sep 17 00:00:00 2001 From: Dexuan Cui Date: Thu, 24 Aug 2023 01:07:03 -0700 Subject: x86/hyperv: Add hv_isolation_type_tdx() to detect TDX guests No logic change to SNP/VBS guests. hv_isolation_type_tdx() will be used to instruct a TDX guest on Hyper-V to do some TDX-specific operations, e.g. for a fully enlightened TDX guest (i.e. without the paravisor), hv_do_hypercall() should use __tdx_hypercall() and such a guest on Hyper-V should handle the Hyper-V Event/Message/Monitor pages specially. Reviewed-by: Michael Kelley Reviewed-by: Tianyu Lan Signed-off-by: Dexuan Cui Signed-off-by: Wei Liu Link: https://lore.kernel.org/r/20230824080712.30327-2-decui@microsoft.com --- include/asm-generic/mshyperv.h | 1 + 1 file changed, 1 insertion(+) (limited to 'include/asm-generic') diff --git a/include/asm-generic/mshyperv.h b/include/asm-generic/mshyperv.h index efd0d2aedad3..82eba2d5fc4c 100644 --- a/include/asm-generic/mshyperv.h +++ b/include/asm-generic/mshyperv.h @@ -66,6 +66,7 @@ extern u64 hv_do_hypercall(u64 control, void *inputaddr, void *outputaddr); extern u64 hv_do_fast_hypercall8(u16 control, u64 input8); extern bool hv_isolation_type_snp(void); extern bool hv_isolation_type_en_snp(void); +bool hv_isolation_type_tdx(void); /* Helper functions that provide a consistent pattern for checking Hyper-V hypercall status. */ static inline int hv_result(u64 status) -- cgit v1.2.3 From d6e0228d265f29348a01780ff306321c399d8b95 Mon Sep 17 00:00:00 2001 From: Dexuan Cui Date: Thu, 24 Aug 2023 01:07:04 -0700 Subject: x86/hyperv: Support hypercalls for fully enlightened TDX guests A fully enlightened TDX guest on Hyper-V (i.e. without the paravisor) only uses the GHCI call rather than hv_hypercall_pg. Do not initialize hypercall_pg for such a guest. In hv_common_cpu_init(), the hyperv_pcpu_input_arg page needs to be decrypted in such a guest. Reviewed-by: Kuppuswamy Sathyanarayanan Reviewed-by: Michael Kelley Reviewed-by: Tianyu Lan Signed-off-by: Dexuan Cui Signed-off-by: Wei Liu Link: https://lore.kernel.org/r/20230824080712.30327-3-decui@microsoft.com --- include/asm-generic/mshyperv.h | 1 + 1 file changed, 1 insertion(+) (limited to 'include/asm-generic') diff --git a/include/asm-generic/mshyperv.h b/include/asm-generic/mshyperv.h index 82eba2d5fc4c..f577eff58ea0 100644 --- a/include/asm-generic/mshyperv.h +++ b/include/asm-generic/mshyperv.h @@ -283,6 +283,7 @@ enum hv_isolation_type hv_get_isolation_type(void); bool hv_is_isolation_supported(void); bool hv_isolation_type_snp(void); u64 hv_ghcb_hypercall(u64 control, void *input, void *output, u32 input_size); +u64 hv_tdx_hypercall(u64 control, u64 param1, u64 param2); void hyperv_cleanup(void); bool hv_query_ext_cap(u64 cap_query); void hv_setup_dma_ops(struct device *dev, bool coherent); -- cgit v1.2.3 From e3131f1c81448a87e08dffd21867312a5ce563d9 Mon Sep 17 00:00:00 2001 From: Dexuan Cui Date: Thu, 24 Aug 2023 01:07:11 -0700 Subject: x86/hyperv: Remove hv_isolation_type_en_snp In ms_hyperv_init_platform(), do not distinguish between a SNP VM with the paravisor and a SNP VM without the paravisor. Replace hv_isolation_type_en_snp() with !ms_hyperv.paravisor_present && hv_isolation_type_snp(). The hv_isolation_type_en_snp() in drivers/hv/hv.c and drivers/hv/hv_common.c can be changed to hv_isolation_type_snp() since we know !ms_hyperv.paravisor_present is true there. Signed-off-by: Dexuan Cui Reviewed-by: Michael Kelley Reviewed-by: Tianyu Lan Signed-off-by: Wei Liu Link: https://lore.kernel.org/r/20230824080712.30327-10-decui@microsoft.com --- include/asm-generic/mshyperv.h | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'include/asm-generic') diff --git a/include/asm-generic/mshyperv.h b/include/asm-generic/mshyperv.h index f577eff58ea0..e7ecf03f675e 100644 --- a/include/asm-generic/mshyperv.h +++ b/include/asm-generic/mshyperv.h @@ -64,8 +64,7 @@ extern void * __percpu *hyperv_pcpu_output_arg; extern u64 hv_do_hypercall(u64 control, void *inputaddr, void *outputaddr); extern u64 hv_do_fast_hypercall8(u16 control, u64 input8); -extern bool hv_isolation_type_snp(void); -extern bool hv_isolation_type_en_snp(void); +bool hv_isolation_type_snp(void); bool hv_isolation_type_tdx(void); /* Helper functions that provide a consistent pattern for checking Hyper-V hypercall status. */ -- cgit v1.2.3