From bfb3981960403e61a36d0227ce386e6762a6c6ef Mon Sep 17 00:00:00 2001 From: hanliyang Date: Thu, 15 May 2025 16:19:39 +0800 Subject: [PATCH 1/2] anolis: KVM: SVM: The ASID range available for CSV2 guests vary across different firmware ANBZ: #21100 For firmware with a build ID < 1810, if CPUID_0x8000_001F_EDX.bits0-31 is 1, the ASID range available for CSV2 guests is [0, 0) (i.e., no ASIDs are available). Otherwise, the range is [1, CPUID_0x8000_001F_EDX.bits0-31). For firmware with a build ID >= 1810, the ASID range available for CSV2 guests is [1, CPUID_0x8000_001F_ECX.bits0-31]. Fixes: bfbaab03bf1b ("anolis: KVM: SVM: Fix the available ASID range for CSV2 guest") Signed-off-by: hanliyang --- arch/x86/kvm/svm/csv.h | 2 ++ arch/x86/kvm/svm/sev.c | 12 +++++++----- drivers/crypto/ccp/hygon/csv-dev.c | 1 + 3 files changed, 10 insertions(+), 5 deletions(-) diff --git a/arch/x86/kvm/svm/csv.h b/arch/x86/kvm/svm/csv.h index fca2c43374a8..0e7fa1347ffc 100644 --- a/arch/x86/kvm/svm/csv.h +++ b/arch/x86/kvm/svm/csv.h @@ -32,6 +32,8 @@ struct csv_ringbuf_infos { int num; }; +extern u32 hygon_csv_build; + #ifdef CONFIG_KVM_SUPPORTS_CSV_REUSE_ASID #define ASID_USERID_LENGTH 20 diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index b07cd8a54104..f8669b7d9739 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -164,10 +164,10 @@ static int sev_asid_new(struct kvm_sev_info *sev) int ret; /* - * No matter what the min_sev_asid is, all asids in range + * When the firmware is with build ID >= 1810, all asids in range * [1, max_sev_asid] can be used for CSV2 guest on Hygon CPUs. */ - if (boot_cpu_data.x86_vendor == X86_VENDOR_HYGON) + if (is_x86_vendor_hygon() && hygon_csv_build >= 1810) max_asid = max_sev_asid; if (min_asid > max_asid) @@ -2416,7 +2416,7 @@ void __init sev_hardware_setup(void) goto out; } - if (is_x86_vendor_hygon()) { + if (is_x86_vendor_hygon() && hygon_csv_build >= 1810) { /* * Ths ASIDs from 1 to max_sev_asid are available for hygon * CSV2 guest. @@ -2444,8 +2444,10 @@ void __init sev_hardware_setup(void) pr_info("%s %s (ASIDs %u - %u)\n", is_x86_vendor_hygon() ? "CSV2" : "SEV-ES", sev_es_supported ? "enabled" : "disabled", - is_x86_vendor_hygon() ? 1 : (min_sev_asid > 1 ? 1 : 0), - is_x86_vendor_hygon() ? max_sev_asid : min_sev_asid - 1); + (is_x86_vendor_hygon() && hygon_csv_build >= 1810) ? + 1 : (min_sev_asid > 1 ? 1 : 0), + (is_x86_vendor_hygon() && hygon_csv_build >= 1810) ? + max_sev_asid : min_sev_asid - 1); sev_enabled = sev_supported; sev_es_enabled = sev_es_supported; diff --git a/drivers/crypto/ccp/hygon/csv-dev.c b/drivers/crypto/ccp/hygon/csv-dev.c index 0bf832a29bcb..203dc6933864 100644 --- a/drivers/crypto/ccp/hygon/csv-dev.c +++ b/drivers/crypto/ccp/hygon/csv-dev.c @@ -29,6 +29,7 @@ * in AMD SEV. */ u32 hygon_csv_build; +EXPORT_SYMBOL_GPL(hygon_csv_build); int csv_comm_mode = CSV_COMM_MAILBOX_ON; -- Gitee From 4801a0ae892df7fd31dd53b5a360863d2c8b7c5a Mon Sep 17 00:00:00 2001 From: hanliyang Date: Thu, 15 May 2025 17:41:40 +0800 Subject: [PATCH 2/2] anolis: KVM: SVM: CSV is unsupported if both the firmware with a build ID < 1878 and SME is not in use ANBZ: #21100 For firmware with a build ID < 1878, the CSV guest cannot run if the host kernel is not using SME. Fixes: fc7cd1b5b017 ("anolis: KVM: SVM: Print Hygon CSV support info if support is detected") Signed-off-by: hanliyang --- arch/x86/kvm/svm/sev.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index f8669b7d9739..63b98c650157 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -2343,6 +2343,9 @@ void __init sev_hardware_setup(void) bool sev_es_supported = false; bool sev_supported = false; + if (is_x86_vendor_hygon() && hygon_csv_build < 1878 && !sme_me_mask) + goto out; + if (!sev_enabled || !npt_enabled || !nrips) goto out; -- Gitee