Re: [PATCH v5] x86/sev: Add SEV-SNP guest feature negotiation support
From: Nikunj A. Dadhania
Date: Mon Jan 16 2023 - 06:44:22 EST
On 16/01/23 17:09, Zhi Wang wrote:
> On Mon, 16 Jan 2023 13:53:56 +0530
> "Nikunj A. Dadhania" <nikunj@xxxxxxx> wrote:
>
>> On 13/01/23 17:23, Zhi Wang wrote:
>>> On Thu, 12 Jan 2023 14:11:39 +0530
>>> Nikunj A Dadhania <nikunj@xxxxxxx> wrote:
>>>
>>
>>>> diff --git a/Documentation/x86/amd-memory-encryption.rst
>>>> b/Documentation/x86/amd-memory-encryption.rst index
>>>> a1940ebe7be5..b3adc39d7735 100644 ---
>>>> a/Documentation/x86/amd-memory-encryption.rst +++
>>>> b/Documentation/x86/amd-memory-encryption.rst @@ -95,3 +95,39 @@ by
>>>> supplying mem_encrypt=on on the kernel command line. However, if BIOS
>>>> does not enable SME, then Linux will not be able to activate memory
>>>> encryption, even if configured to do so by default or the mem_encrypt=on
>>>> command line parameter is specified. +
>>>> +Secure Nested Paging (SNP)
>>>> +==========================
>>>> +
>>>> +SEV-SNP introduces new features (SEV_FEATURES[1:63]) which can be
>>>> enabled +by the hypervisor for security enhancements. Some of these
>>>> features need +guest side implementation to function correctly. The
>>>> below table lists the +expected guest behavior with various possible
>>>> scenarios of guest/hypervisor +SNP feature support.
>>>> +
>>
>>> "guest needs implementation" seems a little bit confusing. I suppose it
>>> means the feature is mandatory for the guest.
>>
>> That is not correct. None of these features are mandatory for the guest.
>> The hypervisor can enable this feature without the knowledge of guest
>> kernel support. So there should be a mechanism in the guest to detect this
>> and fail the boot if needed.
>>
>>> If so, on the second row
>>> guest can boot without it. Some explanation?
>>
>> In the first and second row, HV has not enabled the feature, so the
>> guest should boot fine irrespective of "Guest needs implementation".
>>
>
> Feel free to educate me if I understand correctly or not:
>
> There are two kinds of features in SEV_FEATURES:
>
> 1. Features that HV can freely enable/disable and they won't distrub the guest.
>
> HV | Guest needs impl | Guest has impl | Result
> Y/N N X (not necessary) Boot
>
> 2. Features that a guest has to be aware of and handle when HV enables them.
>
> HV | Guest needs impl | Guest has impl | Result
> N Y X (Dont care) Boot
> Y Y N Fail
> Y Y Y Boot
Yes, that is correct understanding.
Regards
Nikunj