Commit ce62118a authored by Tom Lendacky's avatar Tom Lendacky Committed by Sean Christopherson
Browse files

KVM: SEV: Consolidate the SEV policy bits in a single header file 



Consolidate SEV policy bit definitions into a single file. Use
include/linux/psp-sev.h to hold the definitions and remove the current
definitions from the arch/x86/kvm/svm/sev.c and arch/x86/include/svm.h
files.

No functional change intended.

Signed-off-by: default avatarTom Lendacky <thomas.lendacky@amd.com>
Link: https://patch.msgid.link/d9639f88a0b521a1a67aeac77cc609fdea1f90bd.1761593632.git.thomas.lendacky@amd.com


Signed-off-by: default avatarSean Christopherson <seanjc@google.com>
parent 9f4ce487

arch/x86/kvm/svm/sev.c

+4 −12
Original line number Diff line number Diff line
@@ -65,15 +65,7 @@ module_param_named(ciphertext_hiding_asids, nr_ciphertext_hiding_asids, uint, 04 
#define AP_RESET_HOLD_NAE_EVENT		1

#define AP_RESET_HOLD_MSR_PROTO		2



/* As defined by SEV-SNP Firmware ABI, under "Guest Policy". */

#define SNP_POLICY_MASK_API_MINOR	GENMASK_ULL(7, 0)

#define SNP_POLICY_MASK_API_MAJOR	GENMASK_ULL(15, 8)

#define SNP_POLICY_MASK_SMT		BIT_ULL(16)

#define SNP_POLICY_MASK_RSVD_MBO	BIT_ULL(17)

#define SNP_POLICY_MASK_DEBUG		BIT_ULL(19)

#define SNP_POLICY_MASK_SINGLE_SOCKET	BIT_ULL(20)



#define SNP_POLICY_MASK_VALID		(SNP_POLICY_MASK_API_MINOR	| \

#define KVM_SNP_POLICY_MASK_VALID	(SNP_POLICY_MASK_API_MINOR	| \

					 SNP_POLICY_MASK_API_MAJOR	| \

					 SNP_POLICY_MASK_SMT		| \

					 SNP_POLICY_MASK_RSVD_MBO	| \
@@ -2207,7 +2199,7 @@ static int snp_launch_start(struct kvm *kvm, struct kvm_sev_cmd *argp) 
	if (params.flags)

		return -EINVAL;



	if (params.policy & ~SNP_POLICY_MASK_VALID)

	if (params.policy & ~KVM_SNP_POLICY_MASK_VALID)

		return -EINVAL;



	/* Check for policy bits that must be set */
@@ -5085,10 +5077,10 @@ struct vmcb_save_area *sev_decrypt_vmsa(struct kvm_vcpu *vcpu) 


	/* Check if the SEV policy allows debugging */

	if (sev_snp_guest(vcpu->kvm)) {

		if (!(sev->policy & SNP_POLICY_DEBUG))

		if (!(sev->policy & SNP_POLICY_MASK_DEBUG))

			return NULL;

	} else {

		if (sev->policy & SEV_POLICY_NODBG)

		if (sev->policy & SEV_POLICY_MASK_NODBG)

			return NULL;

	}

arch/x86/kvm/svm/svm.h

+0 −3
Original line number Diff line number Diff line
@@ -117,9 +117,6 @@ struct kvm_sev_info { 
	cpumask_var_t have_run_cpus; /* CPUs that have done VMRUN for this VM. */

};



#define SEV_POLICY_NODBG	BIT_ULL(0)

#define SNP_POLICY_DEBUG	BIT_ULL(19)



struct kvm_svm {

	struct kvm kvm;

include/linux/psp-sev.h

+19 −0
Original line number Diff line number Diff line
@@ -14,6 +14,25 @@ 


#include <uapi/linux/psp-sev.h>



/* As defined by SEV API, under "Guest Policy". */

#define SEV_POLICY_MASK_NODBG			BIT(0)

#define SEV_POLICY_MASK_NOKS			BIT(1)

#define SEV_POLICY_MASK_ES			BIT(2)

#define SEV_POLICY_MASK_NOSEND			BIT(3)

#define SEV_POLICY_MASK_DOMAIN			BIT(4)

#define SEV_POLICY_MASK_SEV			BIT(5)

#define SEV_POLICY_MASK_API_MAJOR		GENMASK(23, 16)

#define SEV_POLICY_MASK_API_MINOR		GENMASK(31, 24)



/* As defined by SEV-SNP Firmware ABI, under "Guest Policy". */

#define SNP_POLICY_MASK_API_MINOR		GENMASK_ULL(7, 0)

#define SNP_POLICY_MASK_API_MAJOR		GENMASK_ULL(15, 8)

#define SNP_POLICY_MASK_SMT			BIT_ULL(16)

#define SNP_POLICY_MASK_RSVD_MBO		BIT_ULL(17)

#define SNP_POLICY_MASK_MIGRATE_MA		BIT_ULL(18)

#define SNP_POLICY_MASK_DEBUG			BIT_ULL(19)

#define SNP_POLICY_MASK_SINGLE_SOCKET		BIT_ULL(20)



#define SEV_FW_BLOB_MAX_SIZE	0x4000	/* 16KB */



/**