xref: /linux/arch/x86/include/asm/sev-common.h (revision 364eeb79a213fcf9164208b53764223ad522d6b3)
1 /* SPDX-License-Identifier: GPL-2.0 */
2 /*
3  * AMD SEV header common between the guest and the hypervisor.
4  *
5  * Author: Brijesh Singh <brijesh.singh@amd.com>
6  */
7 
8 #ifndef __ASM_X86_SEV_COMMON_H
9 #define __ASM_X86_SEV_COMMON_H
10 
11 #define GHCB_MSR_INFO_POS		0
12 #define GHCB_DATA_LOW			12
13 #define GHCB_MSR_INFO_MASK		(BIT_ULL(GHCB_DATA_LOW) - 1)
14 
15 #define GHCB_DATA(v)			\
16 	(((unsigned long)(v) & ~GHCB_MSR_INFO_MASK) >> GHCB_DATA_LOW)
17 
18 /* SEV Information Request/Response */
19 #define GHCB_MSR_SEV_INFO_RESP		0x001
20 #define GHCB_MSR_SEV_INFO_REQ		0x002
21 
22 #define GHCB_MSR_SEV_INFO(_max, _min, _cbit)	\
23 	/* GHCBData[63:48] */			\
24 	((((_max) & 0xffff) << 48) |		\
25 	 /* GHCBData[47:32] */			\
26 	 (((_min) & 0xffff) << 32) |		\
27 	 /* GHCBData[31:24] */			\
28 	 (((_cbit) & 0xff)  << 24) |		\
29 	 GHCB_MSR_SEV_INFO_RESP)
30 
31 #define GHCB_MSR_INFO(v)		((v) & 0xfffUL)
32 #define GHCB_MSR_PROTO_MAX(v)		(((v) >> 48) & 0xffff)
33 #define GHCB_MSR_PROTO_MIN(v)		(((v) >> 32) & 0xffff)
34 
35 /* CPUID Request/Response */
36 #define GHCB_MSR_CPUID_REQ		0x004
37 #define GHCB_MSR_CPUID_RESP		0x005
38 #define GHCB_MSR_CPUID_FUNC_POS		32
39 #define GHCB_MSR_CPUID_FUNC_MASK	0xffffffff
40 #define GHCB_MSR_CPUID_VALUE_POS	32
41 #define GHCB_MSR_CPUID_VALUE_MASK	0xffffffff
42 #define GHCB_MSR_CPUID_REG_POS		30
43 #define GHCB_MSR_CPUID_REG_MASK		0x3
44 #define GHCB_CPUID_REQ_EAX		0
45 #define GHCB_CPUID_REQ_EBX		1
46 #define GHCB_CPUID_REQ_ECX		2
47 #define GHCB_CPUID_REQ_EDX		3
48 #define GHCB_CPUID_REQ(fn, reg)				\
49 	/* GHCBData[11:0] */				\
50 	(GHCB_MSR_CPUID_REQ |				\
51 	/* GHCBData[31:12] */				\
52 	(((unsigned long)(reg) & 0x3) << 30) |		\
53 	/* GHCBData[63:32] */				\
54 	(((unsigned long)fn) << 32))
55 
56 /* AP Reset Hold */
57 #define GHCB_MSR_AP_RESET_HOLD_REQ		0x006
58 #define GHCB_MSR_AP_RESET_HOLD_RESP		0x007
59 #define GHCB_MSR_AP_RESET_HOLD_RESULT_POS	12
60 #define GHCB_MSR_AP_RESET_HOLD_RESULT_MASK	GENMASK_ULL(51, 0)
61 
62 /* Preferred GHCB GPA Request */
63 #define GHCB_MSR_PREF_GPA_REQ		0x010
64 #define GHCB_MSR_GPA_VALUE_POS		12
65 #define GHCB_MSR_GPA_VALUE_MASK		GENMASK_ULL(51, 0)
66 
67 #define GHCB_MSR_PREF_GPA_RESP		0x011
68 #define GHCB_MSR_PREF_GPA_NONE		0xfffffffffffff
69 
70 /* GHCB GPA Register */
71 #define GHCB_MSR_REG_GPA_REQ		0x012
72 #define GHCB_MSR_REG_GPA_REQ_VAL(v)			\
73 	/* GHCBData[63:12] */				\
74 	(((u64)((v) & GENMASK_ULL(51, 0)) << 12) |	\
75 	/* GHCBData[11:0] */				\
76 	GHCB_MSR_REG_GPA_REQ)
77 
78 #define GHCB_MSR_REG_GPA_RESP		0x013
79 #define GHCB_MSR_REG_GPA_RESP_VAL(v)			\
80 	/* GHCBData[63:12] */				\
81 	(((u64)(v) & GENMASK_ULL(63, 12)) >> 12)
82 
83 /*
84  * SNP Page State Change Operation
85  *
86  * GHCBData[55:52] - Page operation:
87  *   0x0001	Page assignment, Private
88  *   0x0002	Page assignment, Shared
89  */
90 enum psc_op {
91 	SNP_PAGE_STATE_PRIVATE = 1,
92 	SNP_PAGE_STATE_SHARED,
93 };
94 
95 #define GHCB_MSR_PSC_REQ		0x014
96 #define GHCB_MSR_PSC_REQ_GFN(gfn, op)			\
97 	/* GHCBData[55:52] */				\
98 	(((u64)((op) & 0xf) << 52) |			\
99 	/* GHCBData[51:12] */				\
100 	((u64)((gfn) & GENMASK_ULL(39, 0)) << 12) |	\
101 	/* GHCBData[11:0] */				\
102 	GHCB_MSR_PSC_REQ)
103 
104 #define GHCB_MSR_PSC_REQ_TO_GFN(msr) (((msr) & GENMASK_ULL(51, 12)) >> 12)
105 #define GHCB_MSR_PSC_REQ_TO_OP(msr) (((msr) & GENMASK_ULL(55, 52)) >> 52)
106 
107 #define GHCB_MSR_PSC_RESP		0x015
108 #define GHCB_MSR_PSC_RESP_VAL(val)			\
109 	/* GHCBData[63:32] */				\
110 	(((u64)(val) & GENMASK_ULL(63, 32)) >> 32)
111 
112 /* Set highest bit as a generic error response */
113 #define GHCB_MSR_PSC_RESP_ERROR (BIT_ULL(63) | GHCB_MSR_PSC_RESP)
114 
115 /* GHCB Run at VMPL Request/Response */
116 #define GHCB_MSR_VMPL_REQ		0x016
117 #define GHCB_MSR_VMPL_REQ_LEVEL(v)			\
118 	/* GHCBData[39:32] */				\
119 	(((u64)(v) & GENMASK_ULL(7, 0) << 32) |		\
120 	/* GHCBDdata[11:0] */				\
121 	GHCB_MSR_VMPL_REQ)
122 
123 #define GHCB_MSR_VMPL_RESP		0x017
124 #define GHCB_MSR_VMPL_RESP_VAL(v)			\
125 	/* GHCBData[63:32] */				\
126 	(((u64)(v) & GENMASK_ULL(63, 32)) >> 32)
127 
128 /* GHCB Hypervisor Feature Request/Response */
129 #define GHCB_MSR_HV_FT_REQ		0x080
130 #define GHCB_MSR_HV_FT_RESP		0x081
131 #define GHCB_MSR_HV_FT_POS		12
132 #define GHCB_MSR_HV_FT_MASK		GENMASK_ULL(51, 0)
133 #define GHCB_MSR_HV_FT_RESP_VAL(v)			\
134 	/* GHCBData[63:12] */				\
135 	(((u64)(v) & GENMASK_ULL(63, 12)) >> 12)
136 
137 #define GHCB_HV_FT_SNP			BIT_ULL(0)
138 #define GHCB_HV_FT_SNP_AP_CREATION	BIT_ULL(1)
139 #define GHCB_HV_FT_SNP_MULTI_VMPL	BIT_ULL(5)
140 
141 /*
142  * SNP Page State Change NAE event
143  *   The VMGEXIT_PSC_MAX_ENTRY determines the size of the PSC structure, which
144  *   is a local stack variable in set_pages_state(). Do not increase this value
145  *   without evaluating the impact to stack usage.
146  *
147  *   Use VMGEXIT_PSC_MAX_COUNT in cases where the actual GHCB-defined max value
148  *   is needed, such as when processing GHCB requests on the hypervisor side.
149  */
150 #define VMGEXIT_PSC_MAX_ENTRY		64
151 #define VMGEXIT_PSC_MAX_COUNT		253
152 
153 #define VMGEXIT_PSC_ERROR_GENERIC	(0x100UL << 32)
154 #define VMGEXIT_PSC_ERROR_INVALID_HDR	((1UL << 32) | 1)
155 #define VMGEXIT_PSC_ERROR_INVALID_ENTRY	((1UL << 32) | 2)
156 
157 #define VMGEXIT_PSC_OP_PRIVATE		1
158 #define VMGEXIT_PSC_OP_SHARED		2
159 
160 struct psc_hdr {
161 	u16 cur_entry;
162 	u16 end_entry;
163 	u32 reserved;
164 } __packed;
165 
166 struct psc_entry {
167 	u64	cur_page	: 12,
168 		gfn		: 40,
169 		operation	: 4,
170 		pagesize	: 1,
171 		reserved	: 7;
172 } __packed;
173 
174 struct snp_psc_desc {
175 	struct psc_hdr hdr;
176 	struct psc_entry entries[VMGEXIT_PSC_MAX_ENTRY];
177 } __packed;
178 
179 #define GHCB_MSR_TERM_REQ		0x100
180 #define GHCB_MSR_TERM_REASON_SET_POS	12
181 #define GHCB_MSR_TERM_REASON_SET_MASK	0xf
182 #define GHCB_MSR_TERM_REASON_POS	16
183 #define GHCB_MSR_TERM_REASON_MASK	0xff
184 
185 #define GHCB_SEV_TERM_REASON(reason_set, reason_val)	\
186 	/* GHCBData[15:12] */				\
187 	(((((u64)reason_set) &  0xf) << 12) |		\
188 	 /* GHCBData[23:16] */				\
189 	((((u64)reason_val) & 0xff) << 16))
190 
191 /* Error codes from reason set 0 */
192 #define SEV_TERM_SET_GEN		0
193 #define GHCB_SEV_ES_GEN_REQ		0
194 #define GHCB_SEV_ES_PROT_UNSUPPORTED	1
195 #define GHCB_SNP_UNSUPPORTED		2
196 
197 /* Linux-specific reason codes (used with reason set 1) */
198 #define SEV_TERM_SET_LINUX		1
199 #define GHCB_TERM_REGISTER		0	/* GHCB GPA registration failure */
200 #define GHCB_TERM_PSC			1	/* Page State Change failure */
201 #define GHCB_TERM_PVALIDATE		2	/* Pvalidate failure */
202 #define GHCB_TERM_NOT_VMPL0		3	/* SNP guest is not running at VMPL-0 */
203 #define GHCB_TERM_CPUID			4	/* CPUID-validation failure */
204 #define GHCB_TERM_CPUID_HV		5	/* CPUID failure during hypervisor fallback */
205 #define GHCB_TERM_SECRETS_PAGE		6	/* Secrets page failure */
206 #define GHCB_TERM_NO_SVSM		7	/* SVSM is not advertised in the secrets page */
207 #define GHCB_TERM_SVSM_VMPL0		8	/* SVSM is present but has set VMPL to 0 */
208 #define GHCB_TERM_SVSM_CAA		9	/* SVSM is present but CAA is not page aligned */
209 
210 #define GHCB_RESP_CODE(v)		((v) & GHCB_MSR_INFO_MASK)
211 
212 /*
213  * Error codes related to GHCB input that can be communicated back to the guest
214  * by setting the lower 32-bits of the GHCB SW_EXITINFO1 field to 2.
215  */
216 #define GHCB_ERR_NOT_REGISTERED		1
217 #define GHCB_ERR_INVALID_USAGE		2
218 #define GHCB_ERR_INVALID_SCRATCH_AREA	3
219 #define GHCB_ERR_MISSING_INPUT		4
220 #define GHCB_ERR_INVALID_INPUT		5
221 #define GHCB_ERR_INVALID_EVENT		6
222 
223 struct sev_config {
224 	__u64 debug		: 1,
225 
226 	      /*
227 	       * Indicates when the per-CPU GHCB has been created and registered
228 	       * and thus can be used by the BSP instead of the early boot GHCB.
229 	       *
230 	       * For APs, the per-CPU GHCB is created before they are started
231 	       * and registered upon startup, so this flag can be used globally
232 	       * for the BSP and APs.
233 	       */
234 	      ghcbs_initialized	: 1,
235 
236 	      /*
237 	       * Indicates when the per-CPU SVSM CA is to be used instead of the
238 	       * boot SVSM CA.
239 	       *
240 	       * For APs, the per-CPU SVSM CA is created as part of the AP
241 	       * bringup, so this flag can be used globally for the BSP and APs.
242 	       */
243 	      use_cas		: 1,
244 
245 	      __reserved	: 61;
246 };
247 
248 extern struct sev_config sev_cfg;
249 
250 #endif
251