Commit f11dc54e authored by Xin Jiang's avatar Xin Jiang Committed by hanliyang
Browse files

KVM: SVM: CSV: Add KVM_CSV3_RECEIVE_ENCRYPT_CONTEXT command 

hygon inclusion
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/IAYGKY


CVE: NA

---------------------------

The command is used for copying the incoming context into the
CSV3 guest's private memory.

Signed-off-by: default avatarXin Jiang <jiangxin@hygon.cn>
Signed-off-by: default avatarhanliyang <hanliyang@hygon.cn>
parent 80ab300b

arch/x86/kvm/svm/csv.c

+147 −0
Original line number Diff line number Diff line
@@ -831,6 +831,10 @@ struct trans_paddr_block { 
	u64	trans_paddr[512];

};



struct vmcb_paddr_block {

	u64	vmcb_paddr[512];

};



enum csv3_pg_level {

	CSV3_PG_LEVEL_NONE,

	CSV3_PG_LEVEL_4K,
@@ -1734,6 +1738,146 @@ static int csv3_receive_encrypt_data(struct kvm *kvm, struct kvm_sev_cmd *argp) 
	return ret;

}



static int csv3_receive_encrypt_context(struct kvm *kvm, struct kvm_sev_cmd *argp)

{

	struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info;

	struct csv3_data_receive_encrypt_context data;

	struct kvm_csv3_receive_encrypt_context params;

	void *hdr;

	void *trans_data;

	struct trans_paddr_block *trans_block;

	struct vmcb_paddr_block *shadow_vmcb_block;

	struct vmcb_paddr_block *secure_vmcb_block;

	unsigned long pfn;

	u32 offset;

	int ret = 0;

	struct kvm_vcpu *vcpu;

	unsigned long i;



	if (!csv3_guest(kvm))

		return -ENOTTY;



	if (copy_from_user(&params, (void __user *)(uintptr_t)argp->data,

			   sizeof(params)))

		return -EFAULT;



	if (!params.trans_uaddr || !params.trans_len ||

	    !params.hdr_uaddr || !params.hdr_len)

		return -EINVAL;



	if (params.trans_len > ARRAY_SIZE(trans_block->trans_paddr) * PAGE_SIZE)

		return -EINVAL;



	/* allocate memory for header and transport buffer */

	hdr = kzalloc(params.hdr_len, GFP_KERNEL_ACCOUNT);

	if (!hdr) {

		ret = -ENOMEM;

		goto exit;

	}



	if (copy_from_user(hdr,

			   (void __user *)(uintptr_t)params.hdr_uaddr,

			   params.hdr_len)) {

		ret = -EFAULT;

		goto e_free_hdr;

	}



	trans_block = kzalloc(sizeof(*trans_block), GFP_KERNEL_ACCOUNT);

	if (!trans_block) {

		ret = -ENOMEM;

		goto e_free_hdr;

	}

	trans_data = vzalloc(params.trans_len);

	if (!trans_data) {

		ret = -ENOMEM;

		goto e_free_trans_block;

	}



	if (copy_from_user(trans_data,

			   (void __user *)(uintptr_t)params.trans_uaddr,

			   params.trans_len)) {

		ret = -EFAULT;

		goto e_free_trans_data;

	}



	for (offset = 0, i = 0; offset < params.trans_len; offset += PAGE_SIZE) {

		pfn = vmalloc_to_pfn(offset + trans_data);

		trans_block->trans_paddr[i] = __sme_set(pfn_to_hpa(pfn));

		i++;

	}



	secure_vmcb_block = kzalloc(sizeof(*secure_vmcb_block),

				    GFP_KERNEL_ACCOUNT);

	if (!secure_vmcb_block) {

		ret = -ENOMEM;

		goto e_free_trans_data;

	}



	shadow_vmcb_block = kzalloc(sizeof(*shadow_vmcb_block),

				    GFP_KERNEL_ACCOUNT);

	if (!shadow_vmcb_block) {

		ret = -ENOMEM;

		goto e_free_secure_vmcb_block;

	}



	memset(&data, 0, sizeof(data));



	kvm_for_each_vcpu(i, vcpu, kvm) {

		struct vcpu_svm *svm = to_svm(vcpu);



		if (i >= ARRAY_SIZE(shadow_vmcb_block->vmcb_paddr)) {

			ret = -EINVAL;

			goto e_free_shadow_vmcb_block;

		}

		shadow_vmcb_block->vmcb_paddr[i] = __sme_pa(svm->vmcb);

		data.vmcb_block_len += sizeof(shadow_vmcb_block->vmcb_paddr[0]);

	}



	data.hdr_address = __psp_pa(hdr);

	data.hdr_len = params.hdr_len;

	data.trans_block = __psp_pa(trans_block);

	data.trans_len = params.trans_len;

	data.shadow_vmcb_block = __psp_pa(shadow_vmcb_block);

	data.secure_vmcb_block = __psp_pa(secure_vmcb_block);

	data.handle = sev->handle;



	clflush_cache_range(hdr, params.hdr_len);

	clflush_cache_range(trans_data, params.trans_len);

	clflush_cache_range(trans_block, PAGE_SIZE);

	clflush_cache_range(shadow_vmcb_block, PAGE_SIZE);

	clflush_cache_range(secure_vmcb_block, PAGE_SIZE);



	ret = hygon_kvm_hooks.sev_issue_cmd(kvm, CSV3_CMD_RECEIVE_ENCRYPT_CONTEXT,

					    &data, &argp->error);

	if (ret)

		goto e_free_shadow_vmcb_block;



	kvm_for_each_vcpu(i, vcpu, kvm) {

		struct vcpu_svm *svm = to_svm(vcpu);



		if (i >= ARRAY_SIZE(secure_vmcb_block->vmcb_paddr)) {

			ret = -EINVAL;

			goto e_free_shadow_vmcb_block;

		}



		svm->current_vmcb->pa = secure_vmcb_block->vmcb_paddr[i];

		svm->vcpu.arch.guest_state_protected = true;

	}



e_free_shadow_vmcb_block:

	kfree(shadow_vmcb_block);

e_free_secure_vmcb_block:

	kfree(secure_vmcb_block);

e_free_trans_data:

	vfree(trans_data);

e_free_trans_block:

	kfree(trans_block);

e_free_hdr:

	kfree(hdr);

exit:

	return ret;

}



static void csv3_mark_page_dirty(struct kvm_vcpu *vcpu, gva_t gpa,

				 unsigned long npages)

{
@@ -2196,6 +2340,9 @@ static int csv_mem_enc_ioctl(struct kvm *kvm, void __user *argp) 
	case KVM_CSV3_RECEIVE_ENCRYPT_DATA:

		r = csv3_receive_encrypt_data(kvm, &sev_cmd);

		break;

	case KVM_CSV3_RECEIVE_ENCRYPT_CONTEXT:

		r = csv3_receive_encrypt_context(kvm, &sev_cmd);

		break;

	default:

		/*

		 * If the command is compatible between CSV and SEV, the

include/uapi/linux/kvm.h

+8 −0
Original line number Diff line number Diff line
@@ -2366,6 +2366,7 @@ enum csv3_cmd_id { 
	KVM_CSV3_SEND_ENCRYPT_DATA,

	KVM_CSV3_SEND_ENCRYPT_CONTEXT,

	KVM_CSV3_RECEIVE_ENCRYPT_DATA,

	KVM_CSV3_RECEIVE_ENCRYPT_CONTEXT,



	KVM_CSV3_NR_MAX,

};
@@ -2405,4 +2406,11 @@ struct kvm_csv3_receive_encrypt_data { 
	__u32 trans_len;

};



struct kvm_csv3_receive_encrypt_context {

	__u64 hdr_uaddr;

	__u32 hdr_len;

	__u64 trans_uaddr;

	__u32 trans_len;

};



#endif /* __LINUX_KVM_H */