x86/sev-es: Add support for handling IOIO exceptions

Add support for decoding and handling #VC exceptions for IOIO events.

[ jroedel@suse.de: Adapted code to #VC handling framework ]
Co-developed-by: Joerg Roedel <jroedel@suse.de>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Joerg Roedel <jroedel@suse.de>
Signed-off-by: Borislav Petkov <bp@suse.de>
Link: https://lkml.kernel.org/r/20200907131613.12703-26-joro@8bytes.org

diff --git a/arch/x86/boot/compressed/sev-es.c b/arch/x86/boot/compressed/sev-es.c
index 1e1fab5..61504eb 100644 (file)
--- a/arch/x86/boot/compressed/sev-es.c
+++ b/arch/x86/boot/compressed/sev-es.c
@@ -24,6 +24,35 @@
 struct ghcb boot_ghcb_page __aligned(PAGE_SIZE);
 struct ghcb *boot_ghcb;
 
+/*
+ * Copy a version of this function here - insn-eval.c can't be used in
+ * pre-decompression code.
+ */
+static bool insn_has_rep_prefix(struct insn *insn)
+{
+       int i;
+
+       insn_get_prefixes(insn);
+
+       for (i = 0; i < insn->prefixes.nbytes; i++) {
+               insn_byte_t p = insn->prefixes.bytes[i];
+
+               if (p == 0xf2 || p == 0xf3)
+                       return true;
+       }
+
+       return false;
+}
+
+/*
+ * Only a dummy for insn_get_seg_base() - Early boot-code is 64bit only and
+ * doesn't use segments.
+ */
+static unsigned long insn_get_seg_base(struct pt_regs *regs, int seg_reg_idx)
+{
+       return 0UL;
+}
+
 static inline u64 sev_es_rd_ghcb_msr(void)
 {
        unsigned long low, high;
@@ -151,6 +180,9 @@ void do_boot_stage2_vc(struct pt_regs *regs, unsigned long exit_code)
                goto finish;
 
        switch (exit_code) {
+       case SVM_EXIT_IOIO:
+               result = vc_handle_ioio(boot_ghcb, &ctxt);
+               break;
        default:
                result = ES_UNSUPPORTED;
                break;

diff --git a/arch/x86/kernel/sev-es-shared.c b/arch/x86/kernel/sev-es-shared.c
index 7ac6e6b..bae7cf2 100644 (file)
--- a/arch/x86/kernel/sev-es-shared.c
+++ b/arch/x86/kernel/sev-es-shared.c
@@ -218,3 +218,217 @@ static enum es_result vc_insn_string_write(struct es_em_ctxt *ctxt,
 
        return ret;
 }
+
+#define IOIO_TYPE_STR  BIT(2)
+#define IOIO_TYPE_IN   1
+#define IOIO_TYPE_INS  (IOIO_TYPE_IN | IOIO_TYPE_STR)
+#define IOIO_TYPE_OUT  0
+#define IOIO_TYPE_OUTS (IOIO_TYPE_OUT | IOIO_TYPE_STR)
+
+#define IOIO_REP       BIT(3)
+
+#define IOIO_ADDR_64   BIT(9)
+#define IOIO_ADDR_32   BIT(8)
+#define IOIO_ADDR_16   BIT(7)
+
+#define IOIO_DATA_32   BIT(6)
+#define IOIO_DATA_16   BIT(5)
+#define IOIO_DATA_8    BIT(4)
+
+#define IOIO_SEG_ES    (0 << 10)
+#define IOIO_SEG_DS    (3 << 10)
+
+static enum es_result vc_ioio_exitinfo(struct es_em_ctxt *ctxt, u64 *exitinfo)
+{
+       struct insn *insn = &ctxt->insn;
+       *exitinfo = 0;
+
+       switch (insn->opcode.bytes[0]) {
+       /* INS opcodes */
+       case 0x6c:
+       case 0x6d:
+               *exitinfo |= IOIO_TYPE_INS;
+               *exitinfo |= IOIO_SEG_ES;
+               *exitinfo |= (ctxt->regs->dx & 0xffff) << 16;
+               break;
+
+       /* OUTS opcodes */
+       case 0x6e:
+       case 0x6f:
+               *exitinfo |= IOIO_TYPE_OUTS;
+               *exitinfo |= IOIO_SEG_DS;
+               *exitinfo |= (ctxt->regs->dx & 0xffff) << 16;
+               break;
+
+       /* IN immediate opcodes */
+       case 0xe4:
+       case 0xe5:
+               *exitinfo |= IOIO_TYPE_IN;
+               *exitinfo |= (u64)insn->immediate.value << 16;
+               break;
+
+       /* OUT immediate opcodes */
+       case 0xe6:
+       case 0xe7:
+               *exitinfo |= IOIO_TYPE_OUT;
+               *exitinfo |= (u64)insn->immediate.value << 16;
+               break;
+
+       /* IN register opcodes */
+       case 0xec:
+       case 0xed:
+               *exitinfo |= IOIO_TYPE_IN;
+               *exitinfo |= (ctxt->regs->dx & 0xffff) << 16;
+               break;
+
+       /* OUT register opcodes */
+       case 0xee:
+       case 0xef:
+               *exitinfo |= IOIO_TYPE_OUT;
+               *exitinfo |= (ctxt->regs->dx & 0xffff) << 16;
+               break;
+
+       default:
+               return ES_DECODE_FAILED;
+       }
+
+       switch (insn->opcode.bytes[0]) {
+       case 0x6c:
+       case 0x6e:
+       case 0xe4:
+       case 0xe6:
+       case 0xec:
+       case 0xee:
+               /* Single byte opcodes */
+               *exitinfo |= IOIO_DATA_8;
+               break;
+       default:
+               /* Length determined by instruction parsing */
+               *exitinfo |= (insn->opnd_bytes == 2) ? IOIO_DATA_16
+                                                    : IOIO_DATA_32;
+       }
+       switch (insn->addr_bytes) {
+       case 2:
+               *exitinfo |= IOIO_ADDR_16;
+               break;
+       case 4:
+               *exitinfo |= IOIO_ADDR_32;
+               break;
+       case 8:
+               *exitinfo |= IOIO_ADDR_64;
+               break;
+       }
+
+       if (insn_has_rep_prefix(insn))
+               *exitinfo |= IOIO_REP;
+
+       return ES_OK;
+}
+
+static enum es_result vc_handle_ioio(struct ghcb *ghcb, struct es_em_ctxt *ctxt)
+{
+       struct pt_regs *regs = ctxt->regs;
+       u64 exit_info_1, exit_info_2;
+       enum es_result ret;
+
+       ret = vc_ioio_exitinfo(ctxt, &exit_info_1);
+       if (ret != ES_OK)
+               return ret;
+
+       if (exit_info_1 & IOIO_TYPE_STR) {
+
+               /* (REP) INS/OUTS */
+
+               bool df = ((regs->flags & X86_EFLAGS_DF) == X86_EFLAGS_DF);
+               unsigned int io_bytes, exit_bytes;
+               unsigned int ghcb_count, op_count;
+               unsigned long es_base;
+               u64 sw_scratch;
+
+               /*
+                * For the string variants with rep prefix the amount of in/out
+                * operations per #VC exception is limited so that the kernel
+                * has a chance to take interrupts and re-schedule while the
+                * instruction is emulated.
+                */
+               io_bytes   = (exit_info_1 >> 4) & 0x7;
+               ghcb_count = sizeof(ghcb->shared_buffer) / io_bytes;
+
+               op_count    = (exit_info_1 & IOIO_REP) ? regs->cx : 1;
+               exit_info_2 = min(op_count, ghcb_count);
+               exit_bytes  = exit_info_2 * io_bytes;
+
+               es_base = insn_get_seg_base(ctxt->regs, INAT_SEG_REG_ES);
+
+               /* Read bytes of OUTS into the shared buffer */
+               if (!(exit_info_1 & IOIO_TYPE_IN)) {
+                       ret = vc_insn_string_read(ctxt,
+                                              (void *)(es_base + regs->si),
+                                              ghcb->shared_buffer, io_bytes,
+                                              exit_info_2, df);
+                       if (ret)
+                               return ret;
+               }
+
+               /*
+                * Issue an VMGEXIT to the HV to consume the bytes from the
+                * shared buffer or to have it write them into the shared buffer
+                * depending on the instruction: OUTS or INS.
+                */
+               sw_scratch = __pa(ghcb) + offsetof(struct ghcb, shared_buffer);
+               ghcb_set_sw_scratch(ghcb, sw_scratch);
+               ret = sev_es_ghcb_hv_call(ghcb, ctxt, SVM_EXIT_IOIO,
+                                         exit_info_1, exit_info_2);
+               if (ret != ES_OK)
+                       return ret;
+
+               /* Read bytes from shared buffer into the guest's destination. */
+               if (exit_info_1 & IOIO_TYPE_IN) {
+                       ret = vc_insn_string_write(ctxt,
+                                                  (void *)(es_base + regs->di),
+                                                  ghcb->shared_buffer, io_bytes,
+                                                  exit_info_2, df);
+                       if (ret)
+                               return ret;
+
+                       if (df)
+                               regs->di -= exit_bytes;
+                       else
+                               regs->di += exit_bytes;
+               } else {
+                       if (df)
+                               regs->si -= exit_bytes;
+                       else
+                               regs->si += exit_bytes;
+               }
+
+               if (exit_info_1 & IOIO_REP)
+                       regs->cx -= exit_info_2;
+
+               ret = regs->cx ? ES_RETRY : ES_OK;
+
+       } else {
+
+               /* IN/OUT into/from rAX */
+
+               int bits = (exit_info_1 & 0x70) >> 1;
+               u64 rax = 0;
+
+               if (!(exit_info_1 & IOIO_TYPE_IN))
+                       rax = lower_bits(regs->ax, bits);
+
+               ghcb_set_rax(ghcb, rax);
+
+               ret = sev_es_ghcb_hv_call(ghcb, ctxt, SVM_EXIT_IOIO, exit_info_1, 0);
+               if (ret != ES_OK)
+                       return ret;
+
+               if (exit_info_1 & IOIO_TYPE_IN) {
+                       if (!ghcb_rax_is_valid(ghcb))
+                               return ES_VMM_ERROR;
+                       regs->ax = lower_bits(ghcb->save.rax, bits);
+               }
+       }
+
+       return ret;
+}