Merge remote-tracking branch 'tip/x86/sev' into hyperv-next

      the return value.  General error numbers (-ENOMEM, -EINVAL)

      are not detailed, but errors with specific meanings are.

The guest ioctl should be issued on a file descriptor of the /dev/sev-guest device.

The ioctl accepts struct snp_user_guest_request. The input and output structure is

specified through the req_data and resp_data field respectively. If the ioctl fails

to execute due to a firmware error, then fw_err code will be set otherwise the

fw_err will be set to 0x00000000000000ff.

The guest ioctl should be issued on a file descriptor of the /dev/sev-guest

device.  The ioctl accepts struct snp_user_guest_request. The input and

output structure is specified through the req_data and resp_data field

respectively. If the ioctl fails to execute due to a firmware error, then

the fw_error code will be set, otherwise fw_error will be set to -1.

The firmware checks that the message sequence counter is one greater than

the guests message sequence counter. If guest driver fails to increment message

                __u64 req_data;

                __u64 resp_data;

                /* firmware error code on failure (see psp-sev.h) */

                __u64 fw_err;

                /* bits[63:32]: VMM error code, bits[31:0] firmware error code (see psp-sev.h) */

                union {

                        __u64 exitinfo2;

                        struct {

                                __u32 fw_error;

                                __u32 vmm_error;

                        };

                };

        };

2.1 SNP_GET_REPORT

#include <asm/coco.h>

#include <asm/processor.h>

static enum cc_vendor vendor __ro_after_init;

enum cc_vendor cc_vendor __ro_after_init;

static u64 cc_mask __ro_after_init;

static bool intel_cc_platform_has(enum cc_attr attr)

	}

}

/*

 * Handle the SEV-SNP vTOM case where sme_me_mask is zero, and

 * the other levels of SME/SEV functionality, including C-bit

 * based SEV-SNP, are not enabled.

 */

static __maybe_unused bool amd_cc_platform_vtom(enum cc_attr attr)

{

	switch (attr) {

	case CC_ATTR_GUEST_MEM_ENCRYPT:

	case CC_ATTR_MEM_ENCRYPT:

		return true;

	default:

		return false;

	}

}

/*

 * SME and SEV are very similar but they are not the same, so there are

 * times that the kernel will need to distinguish between SME and SEV. The

 * up under SME the trampoline area cannot be encrypted, whereas under SEV

 * the trampoline area must be encrypted.

 */

static bool amd_cc_platform_has(enum cc_attr attr)

{

#ifdef CONFIG_AMD_MEM_ENCRYPT

	if (sev_status & MSR_AMD64_SNP_VTOM)

		return amd_cc_platform_vtom(attr);

	switch (attr) {

	case CC_ATTR_MEM_ENCRYPT:

		return sme_me_mask;

#endif

}

static bool hyperv_cc_platform_has(enum cc_attr attr)

{

	return attr == CC_ATTR_GUEST_MEM_ENCRYPT;

}

bool cc_platform_has(enum cc_attr attr)

{

	switch (vendor) {

	switch (cc_vendor) {

	case CC_VENDOR_AMD:

		return amd_cc_platform_has(attr);

	case CC_VENDOR_INTEL:

		return intel_cc_platform_has(attr);

	case CC_VENDOR_HYPERV:

		return hyperv_cc_platform_has(attr);

	default:

		return false;

	}

	 * encryption status of the page.

	 *

	 * - for AMD, bit *set* means the page is encrypted

	 * - for Intel *clear* means encrypted.

	 * - for AMD with vTOM and for Intel, *clear* means encrypted

	 */

	switch (vendor) {

	switch (cc_vendor) {

	case CC_VENDOR_AMD:

		if (sev_status & MSR_AMD64_SNP_VTOM)

			return val & ~cc_mask;

		else

			return val | cc_mask;

	case CC_VENDOR_INTEL:

		return val & ~cc_mask;

u64 cc_mkdec(u64 val)

{

	/* See comment in cc_mkenc() */

	switch (vendor) {

	switch (cc_vendor) {

	case CC_VENDOR_AMD:

		if (sev_status & MSR_AMD64_SNP_VTOM)

			return val | cc_mask;

		else

			return val & ~cc_mask;

	case CC_VENDOR_INTEL:

		return val | cc_mask;

}

EXPORT_SYMBOL_GPL(cc_mkdec);

__init void cc_set_vendor(enum cc_vendor v)

{

	vendor = v;

}

__init void cc_set_mask(u64 mask)

{

	cc_mask = mask;

#include <linux/syscore_ops.h>

#include <clocksource/hyperv_timer.h>

#include <linux/highmem.h>

#include <linux/swiotlb.h>

int hyperv_init_cpuhp;

u64 hv_current_partition_id = ~0ull;

	/* Query the VMs extended capability once, so that it can be cached. */

	hv_query_ext_cap(0);

#ifdef CONFIG_SWIOTLB

	/*

	 * Swiotlb bounce buffer needs to be mapped in extra address

	 * space. Map function doesn't work in the early place and so

	 * call swiotlb_update_mem_attributes() here.

	 */

	if (hv_is_isolation_supported())

		swiotlb_update_mem_attributes();

#endif

	return;

clean_guest_os_id:

#include <asm/svm.h>

#include <asm/sev.h>

#include <asm/io.h>

#include <asm/coco.h>

#include <asm/mem_encrypt.h>

#include <asm/mshyperv.h>

#include <asm/hypervisor.h>

	local_irq_restore(flags);

}

EXPORT_SYMBOL_GPL(hv_ghcb_msr_read);

#endif

enum hv_isolation_type hv_get_isolation_type(void)

{

	if (!(ms_hyperv.priv_high & HV_ISOLATION))

		return HV_ISOLATION_TYPE_NONE;

	return FIELD_GET(HV_ISOLATION_TYPE, ms_hyperv.isolation_config_b);

}

EXPORT_SYMBOL_GPL(hv_get_isolation_type);

/*

 * hv_is_isolation_supported - Check system runs in the Hyper-V

 * isolation VM.

 */

bool hv_is_isolation_supported(void)

{

	if (!cpu_feature_enabled(X86_FEATURE_HYPERVISOR))

		return false;

	if (!hypervisor_is_type(X86_HYPER_MS_HYPERV))

		return false;

	return hv_get_isolation_type() != HV_ISOLATION_TYPE_NONE;

}

DEFINE_STATIC_KEY_FALSE(isolation_type_snp);

/*

 * hv_isolation_type_snp - Check system runs in the AMD SEV-SNP based

 * isolation VM.

 */

bool hv_isolation_type_snp(void)

{

	return static_branch_unlikely(&isolation_type_snp);

}

/*

 * hv_mark_gpa_visibility - Set pages visible to host via hvcall.

}

/*

 * hv_set_mem_host_visibility - Set specified memory visible to host.

 * hv_vtom_set_host_visibility - Set specified memory visible to host.

 *

 * In Isolation VM, all guest memory is encrypted from host and guest

 * needs to set memory visible to host via hvcall before sharing memory

 * with host. This function works as wrap of hv_mark_gpa_visibility()

 * with memory base and size.

 */

int hv_set_mem_host_visibility(unsigned long kbuffer, int pagecount, bool visible)

static bool hv_vtom_set_host_visibility(unsigned long kbuffer, int pagecount, bool enc)

{

	enum hv_mem_host_visibility visibility = visible ?

			VMBUS_PAGE_VISIBLE_READ_WRITE : VMBUS_PAGE_NOT_VISIBLE;

	enum hv_mem_host_visibility visibility = enc ?

			VMBUS_PAGE_NOT_VISIBLE : VMBUS_PAGE_VISIBLE_READ_WRITE;

	u64 *pfn_array;

	int ret = 0;

	bool result = true;

	int i, pfn;

	if (!hv_is_isolation_supported() || !hv_hypercall_pg)

		return 0;

	pfn_array = kmalloc(HV_HYP_PAGE_SIZE, GFP_KERNEL);

	if (!pfn_array)

		return -ENOMEM;

		return false;

	for (i = 0, pfn = 0; i < pagecount; i++) {

		pfn_array[pfn] = virt_to_hvpfn((void *)kbuffer + i * HV_HYP_PAGE_SIZE);

		if (pfn == HV_MAX_MODIFY_GPA_REP_COUNT || i == pagecount - 1) {

			ret = hv_mark_gpa_visibility(pfn, pfn_array,

						     visibility);

			if (ret)

			if (ret) {

				result = false;

				goto err_free_pfn_array;

			}

			pfn = 0;

		}

	}

 err_free_pfn_array:

	kfree(pfn_array);

	return ret;

	return result;

}

static bool hv_vtom_tlb_flush_required(bool private)

{

	return true;

}

static bool hv_vtom_cache_flush_required(void)

{

	return false;

}

static bool hv_is_private_mmio(u64 addr)

{

	/*

	 * Hyper-V always provides a single IO-APIC in a guest VM.

	 * When a paravisor is used, it is emulated by the paravisor

	 * in the guest context and must be mapped private.

	 */

	if (addr >= HV_IOAPIC_BASE_ADDRESS &&

	    addr < (HV_IOAPIC_BASE_ADDRESS + PAGE_SIZE))

		return true;

	/* Same with a vTPM */

	if (addr >= VTPM_BASE_ADDRESS &&

	    addr < (VTPM_BASE_ADDRESS + PAGE_SIZE))

		return true;

	return false;

}

void __init hv_vtom_init(void)

{

	/*

	 * By design, a VM using vTOM doesn't see the SEV setting,

	 * so SEV initialization is bypassed and sev_status isn't set.

	 * Set it here to indicate a vTOM VM.

	 */

	sev_status = MSR_AMD64_SNP_VTOM;

	cc_set_vendor(CC_VENDOR_AMD);

	cc_set_mask(ms_hyperv.shared_gpa_boundary);

	physical_mask &= ms_hyperv.shared_gpa_boundary - 1;

	x86_platform.hyper.is_private_mmio = hv_is_private_mmio;

	x86_platform.guest.enc_cache_flush_required = hv_vtom_cache_flush_required;

	x86_platform.guest.enc_tlb_flush_required = hv_vtom_tlb_flush_required;

	x86_platform.guest.enc_status_change_finish = hv_vtom_set_host_visibility;

}

#endif /* CONFIG_AMD_MEM_ENCRYPT */

/*

 * hv_map_memory - map memory to extra space in the AMD SEV-SNP Isolation VM.

 */

		pfns[i] = vmalloc_to_pfn(addr + i * PAGE_SIZE) +

			(ms_hyperv.shared_gpa_boundary >> PAGE_SHIFT);

	vaddr = vmap_pfn(pfns, size / PAGE_SIZE, PAGE_KERNEL_IO);

	vaddr = vmap_pfn(pfns, size / PAGE_SIZE, pgprot_decrypted(PAGE_KERNEL));

	kfree(pfns);

	return vaddr;

{

	vunmap(addr);

}

enum hv_isolation_type hv_get_isolation_type(void)

{

	if (!(ms_hyperv.priv_high & HV_ISOLATION))

		return HV_ISOLATION_TYPE_NONE;

	return FIELD_GET(HV_ISOLATION_TYPE, ms_hyperv.isolation_config_b);

}

EXPORT_SYMBOL_GPL(hv_get_isolation_type);

/*

 * hv_is_isolation_supported - Check system runs in the Hyper-V

 * isolation VM.

 */

bool hv_is_isolation_supported(void)

{

	if (!cpu_feature_enabled(X86_FEATURE_HYPERVISOR))

		return false;

	if (!hypervisor_is_type(X86_HYPER_MS_HYPERV))

		return false;

	return hv_get_isolation_type() != HV_ISOLATION_TYPE_NONE;

}

DEFINE_STATIC_KEY_FALSE(isolation_type_snp);

/*

 * hv_isolation_type_snp - Check system runs in the AMD SEV-SNP based

 * isolation VM.

 */

bool hv_isolation_type_snp(void)

{

	return static_branch_unlikely(&isolation_type_snp);

}

enum cc_vendor {

	CC_VENDOR_NONE,

	CC_VENDOR_AMD,

	CC_VENDOR_HYPERV,

	CC_VENDOR_INTEL,

};

void cc_set_vendor(enum cc_vendor v);

void cc_set_mask(u64 mask);

#ifdef CONFIG_ARCH_HAS_CC_PLATFORM

extern enum cc_vendor cc_vendor;

static inline enum cc_vendor cc_get_vendor(void)

{

	return cc_vendor;

}

static inline void cc_set_vendor(enum cc_vendor vendor)

{

	cc_vendor = vendor;

}

void cc_set_mask(u64 mask);

u64 cc_mkenc(u64 val);

u64 cc_mkdec(u64 val);

#else

static inline enum cc_vendor cc_get_vendor(void)

{

	return CC_VENDOR_NONE;

}

static inline void cc_set_vendor(enum cc_vendor vendor) { }

static inline u64 cc_mkenc(u64 val)

{

	return val;