Commit a05a98fe authored by xiongmengbiao's avatar xiongmengbiao
Browse files

drivers/crypto/ccp: Eliminate dependence of the kvm module on the ccp module 

hygon inclusion
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I9C3AM


CVE: NA

---------------------------

Because the KVM module calls certain interfaces from the ccp module,
such as vpsp_try_do_cmd, it is necessary to load the ccp module
before loading kvm.

However, on CPUs other than Hygon, the ccp module might not be loaded,
which would prevent the kvm module from loading.

Therefore, we use function hooks to call functions from the ccp module.
Now the module dependencies are as follows:

[root@centos-7-8 ~]# lsmod | grep kvm
kvm_amd               200704  0
kvm                  1339392  1 kvm_amd
ccp                   352256  1 kvm_amd
irqbypass              12288  2 vfio_pci_core,kvm

Signed-off-by: default avatarxiongmengbiao <xiongmengbiao@hygon.cn>
parent ba53f95c

arch/x86/include/asm/kvm_host.h

+3 −2
Original line number Diff line number Diff line
@@ -2170,8 +2170,9 @@ void kvm_vcpu_reset(struct kvm_vcpu *vcpu, bool init_event); 
int kvm_pv_send_ipi(struct kvm *kvm, unsigned long ipi_bitmap_low,

		    unsigned long ipi_bitmap_high, u32 min,

		    unsigned long icr, int op_64_bit);

int kvm_pv_psp_op(struct kvm *kvm, int cmd, gpa_t data_gpa,

		gpa_t psp_ret_gpa, gpa_t table_gpa);



void kvm_arch_hypercall_init(void *func);

void kvm_arch_hypercall_exit(void);



int kvm_add_user_return_msr(u32 msr);

int kvm_find_user_return_msr(u32 msr);

arch/x86/kvm/Makefile

+1 −1
Original line number Diff line number Diff line
@@ -12,7 +12,7 @@ include $(srctree)/virt/kvm/Makefile.kvm 
kvm-y			+= x86.o emulate.o i8259.o irq.o lapic.o \

			   i8254.o ioapic.o irq_comm.o cpuid.o pmu.o mtrr.o \

			   hyperv.o debugfs.o mmu/mmu.o mmu/page_track.o \

			   mmu/spte.o psp.o

			   mmu/spte.o



ifdef CONFIG_HYPERV

kvm-y			+= kvm_onhyperv.o

arch/x86/kvm/svm/svm.c

+27 −0
Original line number Diff line number Diff line
@@ -22,6 +22,7 @@ 
#include <linux/hashtable.h>

#include <linux/objtool.h>

#include <linux/psp-sev.h>

#include <linux/psp-hygon.h>

#include <linux/file.h>

#include <linux/pagemap.h>

#include <linux/swap.h>
@@ -1140,6 +1141,9 @@ static void svm_hardware_unsetup(void) 
	__free_pages(pfn_to_page(iopm_base >> PAGE_SHIFT),

	get_order(IOPM_SIZE));

	iopm_base = 0;



	if (boot_cpu_data.x86_vendor == X86_VENDOR_HYGON)

		kvm_arch_hypercall_exit();

}



static void init_seg(struct vmcb_seg *seg)
@@ -5205,6 +5209,26 @@ static __init void svm_set_cpu_caps(void) 
	sev_set_cpu_caps();

}



static int kvm_hygon_arch_hypercall(struct kvm *kvm, u64 nr, u64 a0, u64 a1, u64 a2, u64 a3)

{

	int ret = 0;

	struct kvm_vpsp vpsp = {

		.kvm = kvm,

		.write_guest = kvm_write_guest,

		.read_guest = kvm_read_guest

	};

	switch (nr) {

	case KVM_HC_PSP_OP:

		ret = kvm_pv_psp_op(&vpsp, a0, a1, a2, a3);

		break;



	default:

		ret = -KVM_ENOSYS;

		break;

	}

	return ret;

}



static __init int svm_hardware_setup(void)

{

	int cpu;
@@ -5373,6 +5397,9 @@ static __init int svm_hardware_setup(void) 
	 */

	allow_smaller_maxphyaddr = !npt_enabled;



	if (boot_cpu_data.x86_vendor == X86_VENDOR_HYGON)

		kvm_arch_hypercall_init(kvm_hygon_arch_hypercall);



	return 0;



err:

arch/x86/kvm/x86.c

+17 −1
Original line number Diff line number Diff line
@@ -367,6 +367,8 @@ u64 __read_mostly host_xcr0; 


static struct kmem_cache *x86_emulator_cache;



static int (*kvm_arch_hypercall)(struct kvm *kvm, u64 nr, u64 a0, u64 a1, u64 a2, u64 a3);



/*

 * When called, it means the previous get/set msr reached an invalid msr.

 * Return true if we want to ignore/silent this failed msr access.
@@ -10008,7 +10010,9 @@ int kvm_emulate_hypercall(struct kvm_vcpu *vcpu) 
		ret = 0;

		break;

	case KVM_HC_PSP_OP:

		ret = kvm_pv_psp_op(vcpu->kvm, a0, a1, a2, a3);

		ret = -KVM_ENOSYS;

		if (kvm_arch_hypercall)

			ret = kvm_arch_hypercall(vcpu->kvm, nr, a0, a1, a2, a3);

		break;

	case KVM_HC_MAP_GPA_RANGE: {

		u64 gpa = a0, npages = a1, attrs = a2;
@@ -13809,6 +13813,18 @@ void kvm_arch_vcpu_stat_reset(struct kvm_vcpu_stat *vcpu_stat) 
}

#endif



void kvm_arch_hypercall_init(void *func)

{

	kvm_arch_hypercall = func;

}

EXPORT_SYMBOL_GPL(kvm_arch_hypercall_init);



void kvm_arch_hypercall_exit(void)

{

	kvm_arch_hypercall = NULL;

}

EXPORT_SYMBOL_GPL(kvm_arch_hypercall_exit);



EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_entry);

EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_exit);

EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_fast_mmio);

drivers/crypto/ccp/Makefile

+2 −1
Original line number Diff line number Diff line
@@ -16,7 +16,8 @@ ccp-$(CONFIG_CRYPTO_DEV_SP_PSP) += psp-dev.o \ 
                                   dbc.o \

                                   hygon/psp-dev.o \

                                   hygon/csv-dev.o \

                                   hygon/ring-buffer.o

                                   hygon/ring-buffer.o \

                                   hygon/vpsp.o



ccp-$(CONFIG_TDM_DEV_HYGON) += hygon/tdm-dev.o