[RFC 2/3] x86: Expose SEV capabilities in sysfs

From: Alejandro Jimenez
Date: Wed Mar 09 2022 - 17:12:20 EST

Next message: Yazen Ghannam: "Re: [PATCH v4 10/24] EDAC/amd64: Define function to get Interleave Address Bit"
Previous message: Alejandro Jimenez: "[RFC 0/3] Expose Confidential Computing capabilities on sysfs"
In reply to: Alejandro Jimenez: "[RFC 1/3] x86: Expose Secure Memory Encryption capabilities in sysfs"
Next in thread: Dave Hansen: "Re: [RFC 0/3] Expose Confidential Computing capabilities on sysfs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Expose the state of the SEV feature via the new sysfs interface. Document
the new ABI.

Signed-off-by: Alejandro Jimenez <alejandro.j.jimenez@xxxxxxxxxx>
Reviewed-by: Darren Kenny <darren.kenny@xxxxxxxxxx>
---
.../ABI/testing/sysfs-kernel-mm-mem-encrypt | 31 +++++
arch/x86/mm/mem_encrypt_amd.c | 106 ++++++++++++++++--
2 files changed, 129 insertions(+), 8 deletions(-)

diff --git a/Documentation/ABI/testing/sysfs-kernel-mm-mem-encrypt b/Documentation/ABI/testing/sysfs-kernel-mm-mem-encrypt
index a53f87f28704..68a932d4540b 100644
--- a/Documentation/ABI/testing/sysfs-kernel-mm-mem-encrypt
+++ b/Documentation/ABI/testing/sysfs-kernel-mm-mem-encrypt
@@ -29,3 +29,34 @@ Description: (Host only) Expose status of SME feature. Valid values are:
inactive: Secure Memory Encryption is supported, enabled, but
the kernel is not applying encryption bit to page table entries
(SME mask in kernel is zero).
+
+What: /sys/kernel/mm/mem_encrypt/sev/status
+Date: March 2022
+KernelVersion: 5.17
+Description: Expose status of sev feature. Valid values are:
+
+ unsupported: Secure Encrypted Virtualization capability is not
+ supported by the processor.
+
+ enabled (Host only): Hypervisor host capable of running SEV
+ guests.
+
+ disabled (Host only): Memory encryption has been disabled by
+ System-Configuration Register (SYSCFG) MemEncryptionModeEn bit.
+
+ active (Guest only): Running in virtual machine with encrypted
+ code and data.
+
+ inactive (Guest only): Running in unencrypted virtual machine.
+
+What: /sys/kernel/mm/mem_encrypt/sev/nr_asid_available
+Date: March 2022
+KernelVersion: 5.17
+Description: (Host only) Total number of ASIDs available for encrypted
+ guests. Number of encrypted guests supported simultaneously.
+
+What: /sys/kernel/mm/mem_encrypt/sev/nr_sev_asid
+Date: March 2022
+KernelVersion: 5.17
+Description: (Host only) Number of ASIDs available for SEV guests with
+ SEV-ES disabled.
diff --git a/arch/x86/mm/mem_encrypt_amd.c b/arch/x86/mm/mem_encrypt_amd.c
index ccd6448042fe..86979e0e26c7 100644
--- a/arch/x86/mm/mem_encrypt_amd.c
+++ b/arch/x86/mm/mem_encrypt_amd.c
@@ -38,6 +38,7 @@
#define AMD_CPUID_ENCRYPTED_MEM 0x8000001f

#define AMD_SME_BIT BIT(0)
+#define AMD_SEV_BIT BIT(1)

#define CC_ATTR_RO(_name) \
static struct kobj_attribute _name##_attr = __ATTR_RO(_name)
@@ -78,6 +79,8 @@ static char sme_early_buffer[PAGE_SIZE] __initdata __aligned(PAGE_SIZE);

static u8 cbit_pos;
static u32 sec_encrypt_support_mask;
+static u32 max_sev_asid;
+static u32 min_sev_asid;

static inline bool is_vm(void)
{
@@ -95,7 +98,10 @@ static void encrypted_mem_caps_init(void)
cpuid(AMD_CPUID_ENCRYPTED_MEM, &eax, &ebx, &ecx, &edx);

cbit_pos = ebx & 0x3f;
- sec_encrypt_support_mask = eax & AMD_SME_BIT;
+ sec_encrypt_support_mask = eax & (AMD_SME_BIT | AMD_SEV_BIT);
+
+ max_sev_asid = ecx;
+ min_sev_asid = edx;
}

/* Verify that memory encryption capabilities are supported */
@@ -104,13 +110,7 @@ static inline bool mem_encrypt_feat_supported(u32 feat_bit)
return !!(sec_encrypt_support_mask & feat_bit);
}

-/*
- * sysfs interface for SME/SEV.
- * Expose whether the various memory encryption capabilities are
- * supported/enabled/active.
- */
-static ssize_t status_show(struct kobject *kobj,
- struct kobj_attribute *attr, char *buf)
+static inline ssize_t sme_status_show(char *buf)
{
if (!mem_encrypt_feat_supported(AMD_SME_BIT))
return sysfs_emit(buf, "%s\n", "unsupported");
@@ -129,7 +129,58 @@ static ssize_t status_show(struct kobject *kobj,
return sysfs_emit(buf, "%s\n",
!!cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT) ?
"active" : "inactive");
+}
+
+static inline ssize_t sev_status_show(u32 feat_bit, u32 feat_cap,
+ enum cc_attr encrypt_attr, char *buf)
+{
+ if (!mem_encrypt_feat_supported(feat_bit))
+ return sysfs_emit(buf, "%s\n", "unsupported");
+
+ if (!is_vm()) {
+ /*
+ * When in a host, we can avoid reading MSR_AMD64_SYSCFG MSR to
+ * check for MemEncryptionModeEn (bit 23) since an earlier call
+ * to early_detect_mem_encrypt() clears the feature from the
+ * CPU caps if the bit is not set. So it is sufficient to check
+ * the CPU caps here.
+ */
+ return sysfs_emit(buf, "%s\n", !!boot_cpu_has(feat_cap) ?
+ "enabled" : "disabled");
+ } else {
+ /*
+ * When in a guest, we cannot check MemEncryptionModeEn(bit 23)
+ * since KVM currently masks off MSR_AMD64_SYSCFG. Use the
+ * cc_platform_has() API which uses the SEV_STATUS MSR to
+ * determine if the feature is active.
+ */
+ return sysfs_emit(buf, "%s\n",
+ !!cc_platform_has(encrypt_attr) ?
+ "active" : "inactive");
+ }
+}
+
+/*
+ * sysfs interface for SME/SEV.
+ * Expose whether the various memory encryption capabilities are
+ * supported/enabled/active.
+ */
+static ssize_t status_show(struct kobject *kobj,
+ struct kobj_attribute *attr, char *buf)
+{
+ if (!strcmp(kobj->name, "sme")) {
+ return sme_status_show(buf);
+
+ } else if (!strcmp(kobj->name, "sev")) {
+ return sev_status_show(AMD_SEV_BIT, X86_FEATURE_SEV,
+ CC_ATTR_GUEST_MEM_ENCRYPT, buf);
+ }

+ /*
+ * The checks above must cover all of the possible CoCo features that
+ * have the status attribute.
+ */
+ return -1;
}
CC_ATTR_RO(status);

@@ -140,6 +191,25 @@ static ssize_t c_bit_position_show(struct kobject *kobj,
}
CC_ATTR_RO(c_bit_position);

+static ssize_t nr_asid_available_show(struct kobject *kobj,
+ struct kobj_attribute *attr, char *buf)
+{
+ return sysfs_emit(buf, "%u\n", max_sev_asid);
+}
+CC_ATTR_RO(nr_asid_available);
+
+static ssize_t nr_sev_asid_show(struct kobject *kobj,
+ struct kobj_attribute *attr, char *buf)
+{
+ u32 nr_sev_asid = 0;
+
+ if (max_sev_asid)
+ nr_sev_asid = max_sev_asid - min_sev_asid + 1;
+
+ return sysfs_emit(buf, "%u\n", nr_sev_asid);
+}
+CC_ATTR_RO(nr_sev_asid);
+
static struct attribute *sme_attrs[] = {
&status_attr.attr,
NULL,
@@ -148,14 +218,34 @@ static const struct attribute_group sme_attr_group = {
.attrs = sme_attrs,
};

+static struct attribute *sev_host_attrs[] = {
+ &status_attr.attr,
+ &nr_asid_available_attr.attr,
+ &nr_sev_asid_attr.attr,
+ NULL,
+};
+static const struct attribute_group sev_host_attr_group = {
+ .attrs = sev_host_attrs,
+};
+
+static struct attribute *sev_guest_attrs[] = {
+ &status_attr.attr,
+ NULL,
+};
+static const struct attribute_group sev_guest_attr_group = {
+ .attrs = sev_guest_attrs,
+};
+
/* List of features to be exposed when running as hypervisor host */
static struct amd_cc_feature host_cc_feat_list[] = {
AMD_CC_FEATURE("sme", sme_attr_group, NULL),
+ AMD_CC_FEATURE("sev", sev_host_attr_group, NULL),
{},
};

/* List of features to be exposed when running as guest */
static struct amd_cc_feature guest_cc_feat_list[] = {
+ AMD_CC_FEATURE("sev", sev_guest_attr_group, NULL),
{},
};

--
2.34.1

Next message: Yazen Ghannam: "Re: [PATCH v4 10/24] EDAC/amd64: Define function to get Interleave Address Bit"
Previous message: Alejandro Jimenez: "[RFC 0/3] Expose Confidential Computing capabilities on sysfs"
In reply to: Alejandro Jimenez: "[RFC 1/3] x86: Expose Secure Memory Encryption capabilities in sysfs"
Next in thread: Dave Hansen: "Re: [RFC 0/3] Expose Confidential Computing capabilities on sysfs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]