19798adbcSSean Christopherson // SPDX-License-Identifier: GPL-2.0
29798adbcSSean Christopherson /* Copyright(c) 2021 Intel Corporation. */
38d20bd63SSean Christopherson #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
49798adbcSSean Christopherson
59798adbcSSean Christopherson #include <asm/sgx.h>
69798adbcSSean Christopherson
79798adbcSSean Christopherson #include "cpuid.h"
89798adbcSSean Christopherson #include "kvm_cache_regs.h"
972add915SSean Christopherson #include "nested.h"
109798adbcSSean Christopherson #include "sgx.h"
119798adbcSSean Christopherson #include "vmx.h"
129798adbcSSean Christopherson #include "x86.h"
139798adbcSSean Christopherson
1472add915SSean Christopherson bool __read_mostly enable_sgx = 1;
1572add915SSean Christopherson module_param_named(sgx, enable_sgx, bool, 0444);
169798adbcSSean Christopherson
178f102445SSean Christopherson /* Initial value of guest's virtual SGX_LEPUBKEYHASHn MSRs */
188f102445SSean Christopherson static u64 sgx_pubkey_hash[4] __ro_after_init;
198f102445SSean Christopherson
2070210c04SSean Christopherson /*
2170210c04SSean Christopherson * ENCLS's memory operands use a fixed segment (DS) and a fixed
2270210c04SSean Christopherson * address size based on the mode. Related prefixes are ignored.
2370210c04SSean Christopherson */
sgx_get_encls_gva(struct kvm_vcpu * vcpu,unsigned long offset,int size,int alignment,gva_t * gva)2470210c04SSean Christopherson static int sgx_get_encls_gva(struct kvm_vcpu *vcpu, unsigned long offset,
2570210c04SSean Christopherson int size, int alignment, gva_t *gva)
2670210c04SSean Christopherson {
2770210c04SSean Christopherson struct kvm_segment s;
2870210c04SSean Christopherson bool fault;
2970210c04SSean Christopherson
3070210c04SSean Christopherson /* Skip vmcs.GUEST_DS retrieval for 64-bit mode to avoid VMREADs. */
3170210c04SSean Christopherson *gva = offset;
32548bd274SBinbin Wu if (!is_64_bit_mode(vcpu)) {
3370210c04SSean Christopherson vmx_get_segment(vcpu, &s, VCPU_SREG_DS);
3470210c04SSean Christopherson *gva += s.base;
3570210c04SSean Christopherson }
3670210c04SSean Christopherson
3770210c04SSean Christopherson if (!IS_ALIGNED(*gva, alignment)) {
3870210c04SSean Christopherson fault = true;
39548bd274SBinbin Wu } else if (likely(is_64_bit_mode(vcpu))) {
4070210c04SSean Christopherson fault = is_noncanonical_address(*gva, vcpu);
4170210c04SSean Christopherson } else {
4270210c04SSean Christopherson *gva &= 0xffffffff;
4370210c04SSean Christopherson fault = (s.unusable) ||
4470210c04SSean Christopherson (s.type != 2 && s.type != 3) ||
4570210c04SSean Christopherson (*gva > s.limit) ||
4670210c04SSean Christopherson ((s.base != 0 || s.limit != 0xffffffff) &&
4770210c04SSean Christopherson (((u64)*gva + size - 1) > s.limit + 1));
4870210c04SSean Christopherson }
4970210c04SSean Christopherson if (fault)
5070210c04SSean Christopherson kvm_inject_gp(vcpu, 0);
5170210c04SSean Christopherson return fault ? -EINVAL : 0;
5270210c04SSean Christopherson }
5370210c04SSean Christopherson
sgx_handle_emulation_failure(struct kvm_vcpu * vcpu,u64 addr,unsigned int size)5470210c04SSean Christopherson static void sgx_handle_emulation_failure(struct kvm_vcpu *vcpu, u64 addr,
5570210c04SSean Christopherson unsigned int size)
5670210c04SSean Christopherson {
570d7d8449SDavid Edmondson uint64_t data[2] = { addr, size };
580d7d8449SDavid Edmondson
590d7d8449SDavid Edmondson __kvm_prepare_emulation_failure_exit(vcpu, data, ARRAY_SIZE(data));
6070210c04SSean Christopherson }
6170210c04SSean Christopherson
sgx_read_hva(struct kvm_vcpu * vcpu,unsigned long hva,void * data,unsigned int size)6270210c04SSean Christopherson static int sgx_read_hva(struct kvm_vcpu *vcpu, unsigned long hva, void *data,
6370210c04SSean Christopherson unsigned int size)
6470210c04SSean Christopherson {
6570210c04SSean Christopherson if (__copy_from_user(data, (void __user *)hva, size)) {
6670210c04SSean Christopherson sgx_handle_emulation_failure(vcpu, hva, size);
6770210c04SSean Christopherson return -EFAULT;
6870210c04SSean Christopherson }
6970210c04SSean Christopherson
7070210c04SSean Christopherson return 0;
7170210c04SSean Christopherson }
7270210c04SSean Christopherson
sgx_gva_to_gpa(struct kvm_vcpu * vcpu,gva_t gva,bool write,gpa_t * gpa)7370210c04SSean Christopherson static int sgx_gva_to_gpa(struct kvm_vcpu *vcpu, gva_t gva, bool write,
7470210c04SSean Christopherson gpa_t *gpa)
7570210c04SSean Christopherson {
7670210c04SSean Christopherson struct x86_exception ex;
7770210c04SSean Christopherson
7870210c04SSean Christopherson if (write)
7970210c04SSean Christopherson *gpa = kvm_mmu_gva_to_gpa_write(vcpu, gva, &ex);
8070210c04SSean Christopherson else
8170210c04SSean Christopherson *gpa = kvm_mmu_gva_to_gpa_read(vcpu, gva, &ex);
8270210c04SSean Christopherson
836e1d2a3fSHou Wenlong if (*gpa == INVALID_GPA) {
8470210c04SSean Christopherson kvm_inject_emulated_page_fault(vcpu, &ex);
8570210c04SSean Christopherson return -EFAULT;
8670210c04SSean Christopherson }
8770210c04SSean Christopherson
8870210c04SSean Christopherson return 0;
8970210c04SSean Christopherson }
9070210c04SSean Christopherson
sgx_gpa_to_hva(struct kvm_vcpu * vcpu,gpa_t gpa,unsigned long * hva)9170210c04SSean Christopherson static int sgx_gpa_to_hva(struct kvm_vcpu *vcpu, gpa_t gpa, unsigned long *hva)
9270210c04SSean Christopherson {
9370210c04SSean Christopherson *hva = kvm_vcpu_gfn_to_hva(vcpu, PFN_DOWN(gpa));
9470210c04SSean Christopherson if (kvm_is_error_hva(*hva)) {
9570210c04SSean Christopherson sgx_handle_emulation_failure(vcpu, gpa, 1);
9670210c04SSean Christopherson return -EFAULT;
9770210c04SSean Christopherson }
9870210c04SSean Christopherson
9970210c04SSean Christopherson *hva |= gpa & ~PAGE_MASK;
10070210c04SSean Christopherson
10170210c04SSean Christopherson return 0;
10270210c04SSean Christopherson }
10370210c04SSean Christopherson
sgx_inject_fault(struct kvm_vcpu * vcpu,gva_t gva,int trapnr)10470210c04SSean Christopherson static int sgx_inject_fault(struct kvm_vcpu *vcpu, gva_t gva, int trapnr)
10570210c04SSean Christopherson {
10670210c04SSean Christopherson struct x86_exception ex;
10770210c04SSean Christopherson
10870210c04SSean Christopherson /*
10970210c04SSean Christopherson * A non-EPCM #PF indicates a bad userspace HVA. This *should* check
11070210c04SSean Christopherson * for PFEC.SGX and not assume any #PF on SGX2 originated in the EPC,
11170210c04SSean Christopherson * but the error code isn't (yet) plumbed through the ENCLS helpers.
11270210c04SSean Christopherson */
11370210c04SSean Christopherson if (trapnr == PF_VECTOR && !boot_cpu_has(X86_FEATURE_SGX2)) {
1140d7d8449SDavid Edmondson kvm_prepare_emulation_failure_exit(vcpu);
11570210c04SSean Christopherson return 0;
11670210c04SSean Christopherson }
11770210c04SSean Christopherson
11870210c04SSean Christopherson /*
11970210c04SSean Christopherson * If the guest thinks it's running on SGX2 hardware, inject an SGX
12070210c04SSean Christopherson * #PF if the fault matches an EPCM fault signature (#GP on SGX1,
12170210c04SSean Christopherson * #PF on SGX2). The assumption is that EPCM faults are much more
12270210c04SSean Christopherson * likely than a bad userspace address.
12370210c04SSean Christopherson */
12470210c04SSean Christopherson if ((trapnr == PF_VECTOR || !boot_cpu_has(X86_FEATURE_SGX2)) &&
12570210c04SSean Christopherson guest_cpuid_has(vcpu, X86_FEATURE_SGX2)) {
12670210c04SSean Christopherson memset(&ex, 0, sizeof(ex));
12770210c04SSean Christopherson ex.vector = PF_VECTOR;
12870210c04SSean Christopherson ex.error_code = PFERR_PRESENT_MASK | PFERR_WRITE_MASK |
12970210c04SSean Christopherson PFERR_SGX_MASK;
13070210c04SSean Christopherson ex.address = gva;
13170210c04SSean Christopherson ex.error_code_valid = true;
13270210c04SSean Christopherson ex.nested_page_fault = false;
133bfcb08a0SSean Christopherson kvm_inject_emulated_page_fault(vcpu, &ex);
13470210c04SSean Christopherson } else {
13570210c04SSean Christopherson kvm_inject_gp(vcpu, 0);
13670210c04SSean Christopherson }
13770210c04SSean Christopherson return 1;
13870210c04SSean Christopherson }
13970210c04SSean Christopherson
__handle_encls_ecreate(struct kvm_vcpu * vcpu,struct sgx_pageinfo * pageinfo,unsigned long secs_hva,gva_t secs_gva)14070210c04SSean Christopherson static int __handle_encls_ecreate(struct kvm_vcpu *vcpu,
14170210c04SSean Christopherson struct sgx_pageinfo *pageinfo,
14270210c04SSean Christopherson unsigned long secs_hva,
14370210c04SSean Christopherson gva_t secs_gva)
14470210c04SSean Christopherson {
14570210c04SSean Christopherson struct sgx_secs *contents = (struct sgx_secs *)pageinfo->contents;
14670210c04SSean Christopherson struct kvm_cpuid_entry2 *sgx_12_0, *sgx_12_1;
14770210c04SSean Christopherson u64 attributes, xfrm, size;
14870210c04SSean Christopherson u32 miscselect;
14970210c04SSean Christopherson u8 max_size_log2;
15070210c04SSean Christopherson int trapnr, ret;
15170210c04SSean Christopherson
152277ad7d5SSean Christopherson sgx_12_0 = kvm_find_cpuid_entry_index(vcpu, 0x12, 0);
153277ad7d5SSean Christopherson sgx_12_1 = kvm_find_cpuid_entry_index(vcpu, 0x12, 1);
15470210c04SSean Christopherson if (!sgx_12_0 || !sgx_12_1) {
1550d7d8449SDavid Edmondson kvm_prepare_emulation_failure_exit(vcpu);
15670210c04SSean Christopherson return 0;
15770210c04SSean Christopherson }
15870210c04SSean Christopherson
15970210c04SSean Christopherson miscselect = contents->miscselect;
16070210c04SSean Christopherson attributes = contents->attributes;
16170210c04SSean Christopherson xfrm = contents->xfrm;
16270210c04SSean Christopherson size = contents->size;
16370210c04SSean Christopherson
16470210c04SSean Christopherson /* Enforce restriction of access to the PROVISIONKEY. */
16570210c04SSean Christopherson if (!vcpu->kvm->arch.sgx_provisioning_allowed &&
16670210c04SSean Christopherson (attributes & SGX_ATTR_PROVISIONKEY)) {
16770210c04SSean Christopherson if (sgx_12_1->eax & SGX_ATTR_PROVISIONKEY)
1688d20bd63SSean Christopherson pr_warn_once("SGX PROVISIONKEY advertised but not allowed\n");
16970210c04SSean Christopherson kvm_inject_gp(vcpu, 0);
17070210c04SSean Christopherson return 1;
17170210c04SSean Christopherson }
17270210c04SSean Christopherson
173*ad45413dSSean Christopherson /*
174*ad45413dSSean Christopherson * Enforce CPUID restrictions on MISCSELECT, ATTRIBUTES and XFRM. Note
175*ad45413dSSean Christopherson * that the allowed XFRM (XFeature Request Mask) isn't strictly bound
176*ad45413dSSean Christopherson * by the supported XCR0. FP+SSE *must* be set in XFRM, even if XSAVE
177*ad45413dSSean Christopherson * is unsupported, i.e. even if XCR0 itself is completely unsupported.
178*ad45413dSSean Christopherson */
17970210c04SSean Christopherson if ((u32)miscselect & ~sgx_12_0->ebx ||
18070210c04SSean Christopherson (u32)attributes & ~sgx_12_1->eax ||
18170210c04SSean Christopherson (u32)(attributes >> 32) & ~sgx_12_1->ebx ||
18270210c04SSean Christopherson (u32)xfrm & ~sgx_12_1->ecx ||
183*ad45413dSSean Christopherson (u32)(xfrm >> 32) & ~sgx_12_1->edx ||
184*ad45413dSSean Christopherson xfrm & ~(vcpu->arch.guest_supported_xcr0 | XFEATURE_MASK_FPSSE) ||
185*ad45413dSSean Christopherson (xfrm & XFEATURE_MASK_FPSSE) != XFEATURE_MASK_FPSSE) {
18670210c04SSean Christopherson kvm_inject_gp(vcpu, 0);
18770210c04SSean Christopherson return 1;
18870210c04SSean Christopherson }
18970210c04SSean Christopherson
19070210c04SSean Christopherson /* Enforce CPUID restriction on max enclave size. */
19170210c04SSean Christopherson max_size_log2 = (attributes & SGX_ATTR_MODE64BIT) ? sgx_12_0->edx >> 8 :
19270210c04SSean Christopherson sgx_12_0->edx;
193eb3992e8SSean Christopherson if (size >= BIT_ULL(max_size_log2)) {
19470210c04SSean Christopherson kvm_inject_gp(vcpu, 0);
195eb3992e8SSean Christopherson return 1;
196eb3992e8SSean Christopherson }
19770210c04SSean Christopherson
19870210c04SSean Christopherson /*
19970210c04SSean Christopherson * sgx_virt_ecreate() returns:
20070210c04SSean Christopherson * 1) 0: ECREATE was successful
20170210c04SSean Christopherson * 2) -EFAULT: ECREATE was run but faulted, and trapnr was set to the
20270210c04SSean Christopherson * exception number.
20370210c04SSean Christopherson * 3) -EINVAL: access_ok() on @secs_hva failed. This should never
20470210c04SSean Christopherson * happen as KVM checks host addresses at memslot creation.
20570210c04SSean Christopherson * sgx_virt_ecreate() has already warned in this case.
20670210c04SSean Christopherson */
20770210c04SSean Christopherson ret = sgx_virt_ecreate(pageinfo, (void __user *)secs_hva, &trapnr);
20870210c04SSean Christopherson if (!ret)
20970210c04SSean Christopherson return kvm_skip_emulated_instruction(vcpu);
21070210c04SSean Christopherson if (ret == -EFAULT)
21170210c04SSean Christopherson return sgx_inject_fault(vcpu, secs_gva, trapnr);
21270210c04SSean Christopherson
21370210c04SSean Christopherson return ret;
21470210c04SSean Christopherson }
21570210c04SSean Christopherson
handle_encls_ecreate(struct kvm_vcpu * vcpu)21670210c04SSean Christopherson static int handle_encls_ecreate(struct kvm_vcpu *vcpu)
21770210c04SSean Christopherson {
21870210c04SSean Christopherson gva_t pageinfo_gva, secs_gva;
21970210c04SSean Christopherson gva_t metadata_gva, contents_gva;
22070210c04SSean Christopherson gpa_t metadata_gpa, contents_gpa, secs_gpa;
22170210c04SSean Christopherson unsigned long metadata_hva, contents_hva, secs_hva;
22270210c04SSean Christopherson struct sgx_pageinfo pageinfo;
22370210c04SSean Christopherson struct sgx_secs *contents;
22470210c04SSean Christopherson struct x86_exception ex;
22570210c04SSean Christopherson int r;
22670210c04SSean Christopherson
22770210c04SSean Christopherson if (sgx_get_encls_gva(vcpu, kvm_rbx_read(vcpu), 32, 32, &pageinfo_gva) ||
22870210c04SSean Christopherson sgx_get_encls_gva(vcpu, kvm_rcx_read(vcpu), 4096, 4096, &secs_gva))
22970210c04SSean Christopherson return 1;
23070210c04SSean Christopherson
23170210c04SSean Christopherson /*
23270210c04SSean Christopherson * Copy the PAGEINFO to local memory, its pointers need to be
23370210c04SSean Christopherson * translated, i.e. we need to do a deep copy/translate.
23470210c04SSean Christopherson */
23570210c04SSean Christopherson r = kvm_read_guest_virt(vcpu, pageinfo_gva, &pageinfo,
23670210c04SSean Christopherson sizeof(pageinfo), &ex);
23770210c04SSean Christopherson if (r == X86EMUL_PROPAGATE_FAULT) {
23870210c04SSean Christopherson kvm_inject_emulated_page_fault(vcpu, &ex);
23970210c04SSean Christopherson return 1;
24070210c04SSean Christopherson } else if (r != X86EMUL_CONTINUE) {
24170210c04SSean Christopherson sgx_handle_emulation_failure(vcpu, pageinfo_gva,
24270210c04SSean Christopherson sizeof(pageinfo));
24370210c04SSean Christopherson return 0;
24470210c04SSean Christopherson }
24570210c04SSean Christopherson
24670210c04SSean Christopherson if (sgx_get_encls_gva(vcpu, pageinfo.metadata, 64, 64, &metadata_gva) ||
24770210c04SSean Christopherson sgx_get_encls_gva(vcpu, pageinfo.contents, 4096, 4096,
24870210c04SSean Christopherson &contents_gva))
24970210c04SSean Christopherson return 1;
25070210c04SSean Christopherson
25170210c04SSean Christopherson /*
25270210c04SSean Christopherson * Translate the SECINFO, SOURCE and SECS pointers from GVA to GPA.
25370210c04SSean Christopherson * Resume the guest on failure to inject a #PF.
25470210c04SSean Christopherson */
25570210c04SSean Christopherson if (sgx_gva_to_gpa(vcpu, metadata_gva, false, &metadata_gpa) ||
25670210c04SSean Christopherson sgx_gva_to_gpa(vcpu, contents_gva, false, &contents_gpa) ||
25770210c04SSean Christopherson sgx_gva_to_gpa(vcpu, secs_gva, true, &secs_gpa))
25870210c04SSean Christopherson return 1;
25970210c04SSean Christopherson
26070210c04SSean Christopherson /*
26170210c04SSean Christopherson * ...and then to HVA. The order of accesses isn't architectural, i.e.
26270210c04SSean Christopherson * KVM doesn't have to fully process one address at a time. Exit to
26370210c04SSean Christopherson * userspace if a GPA is invalid.
26470210c04SSean Christopherson */
26570210c04SSean Christopherson if (sgx_gpa_to_hva(vcpu, metadata_gpa, &metadata_hva) ||
26670210c04SSean Christopherson sgx_gpa_to_hva(vcpu, contents_gpa, &contents_hva) ||
26770210c04SSean Christopherson sgx_gpa_to_hva(vcpu, secs_gpa, &secs_hva))
26870210c04SSean Christopherson return 0;
26970210c04SSean Christopherson
27070210c04SSean Christopherson /*
27170210c04SSean Christopherson * Copy contents into kernel memory to prevent TOCTOU attack. E.g. the
27270210c04SSean Christopherson * guest could do ECREATE w/ SECS.SGX_ATTR_PROVISIONKEY=0, and
27370210c04SSean Christopherson * simultaneously set SGX_ATTR_PROVISIONKEY to bypass the check to
27470210c04SSean Christopherson * enforce restriction of access to the PROVISIONKEY.
27570210c04SSean Christopherson */
27670210c04SSean Christopherson contents = (struct sgx_secs *)__get_free_page(GFP_KERNEL_ACCOUNT);
27770210c04SSean Christopherson if (!contents)
27870210c04SSean Christopherson return -ENOMEM;
27970210c04SSean Christopherson
28070210c04SSean Christopherson /* Exit to userspace if copying from a host userspace address fails. */
28170210c04SSean Christopherson if (sgx_read_hva(vcpu, contents_hva, (void *)contents, PAGE_SIZE)) {
28270210c04SSean Christopherson free_page((unsigned long)contents);
28370210c04SSean Christopherson return 0;
28470210c04SSean Christopherson }
28570210c04SSean Christopherson
28670210c04SSean Christopherson pageinfo.metadata = metadata_hva;
28770210c04SSean Christopherson pageinfo.contents = (u64)contents;
28870210c04SSean Christopherson
28970210c04SSean Christopherson r = __handle_encls_ecreate(vcpu, &pageinfo, secs_hva, secs_gva);
29070210c04SSean Christopherson
29170210c04SSean Christopherson free_page((unsigned long)contents);
29270210c04SSean Christopherson
29370210c04SSean Christopherson return r;
29470210c04SSean Christopherson }
29570210c04SSean Christopherson
handle_encls_einit(struct kvm_vcpu * vcpu)296b6f084caSSean Christopherson static int handle_encls_einit(struct kvm_vcpu *vcpu)
297b6f084caSSean Christopherson {
298b6f084caSSean Christopherson unsigned long sig_hva, secs_hva, token_hva, rflags;
299b6f084caSSean Christopherson struct vcpu_vmx *vmx = to_vmx(vcpu);
300b6f084caSSean Christopherson gva_t sig_gva, secs_gva, token_gva;
301b6f084caSSean Christopherson gpa_t sig_gpa, secs_gpa, token_gpa;
302b6f084caSSean Christopherson int ret, trapnr;
303b6f084caSSean Christopherson
304b6f084caSSean Christopherson if (sgx_get_encls_gva(vcpu, kvm_rbx_read(vcpu), 1808, 4096, &sig_gva) ||
305b6f084caSSean Christopherson sgx_get_encls_gva(vcpu, kvm_rcx_read(vcpu), 4096, 4096, &secs_gva) ||
306b6f084caSSean Christopherson sgx_get_encls_gva(vcpu, kvm_rdx_read(vcpu), 304, 512, &token_gva))
307b6f084caSSean Christopherson return 1;
308b6f084caSSean Christopherson
309b6f084caSSean Christopherson /*
310b6f084caSSean Christopherson * Translate the SIGSTRUCT, SECS and TOKEN pointers from GVA to GPA.
311b6f084caSSean Christopherson * Resume the guest on failure to inject a #PF.
312b6f084caSSean Christopherson */
313b6f084caSSean Christopherson if (sgx_gva_to_gpa(vcpu, sig_gva, false, &sig_gpa) ||
314b6f084caSSean Christopherson sgx_gva_to_gpa(vcpu, secs_gva, true, &secs_gpa) ||
315b6f084caSSean Christopherson sgx_gva_to_gpa(vcpu, token_gva, false, &token_gpa))
316b6f084caSSean Christopherson return 1;
317b6f084caSSean Christopherson
318b6f084caSSean Christopherson /*
319b6f084caSSean Christopherson * ...and then to HVA. The order of accesses isn't architectural, i.e.
320b6f084caSSean Christopherson * KVM doesn't have to fully process one address at a time. Exit to
321b6f084caSSean Christopherson * userspace if a GPA is invalid. Note, all structures are aligned and
322b6f084caSSean Christopherson * cannot split pages.
323b6f084caSSean Christopherson */
324b6f084caSSean Christopherson if (sgx_gpa_to_hva(vcpu, sig_gpa, &sig_hva) ||
325b6f084caSSean Christopherson sgx_gpa_to_hva(vcpu, secs_gpa, &secs_hva) ||
326b6f084caSSean Christopherson sgx_gpa_to_hva(vcpu, token_gpa, &token_hva))
327b6f084caSSean Christopherson return 0;
328b6f084caSSean Christopherson
329b6f084caSSean Christopherson ret = sgx_virt_einit((void __user *)sig_hva, (void __user *)token_hva,
330b6f084caSSean Christopherson (void __user *)secs_hva,
331b6f084caSSean Christopherson vmx->msr_ia32_sgxlepubkeyhash, &trapnr);
332b6f084caSSean Christopherson
333b6f084caSSean Christopherson if (ret == -EFAULT)
334b6f084caSSean Christopherson return sgx_inject_fault(vcpu, secs_gva, trapnr);
335b6f084caSSean Christopherson
336b6f084caSSean Christopherson /*
337b6f084caSSean Christopherson * sgx_virt_einit() returns -EINVAL when access_ok() fails on @sig_hva,
338b6f084caSSean Christopherson * @token_hva or @secs_hva. This should never happen as KVM checks host
339b6f084caSSean Christopherson * addresses at memslot creation. sgx_virt_einit() has already warned
340b6f084caSSean Christopherson * in this case, so just return.
341b6f084caSSean Christopherson */
342b6f084caSSean Christopherson if (ret < 0)
343b6f084caSSean Christopherson return ret;
344b6f084caSSean Christopherson
345b6f084caSSean Christopherson rflags = vmx_get_rflags(vcpu) & ~(X86_EFLAGS_CF | X86_EFLAGS_PF |
346b6f084caSSean Christopherson X86_EFLAGS_AF | X86_EFLAGS_SF |
347b6f084caSSean Christopherson X86_EFLAGS_OF);
348b6f084caSSean Christopherson if (ret)
349b6f084caSSean Christopherson rflags |= X86_EFLAGS_ZF;
350b6f084caSSean Christopherson else
351b6f084caSSean Christopherson rflags &= ~X86_EFLAGS_ZF;
352b6f084caSSean Christopherson vmx_set_rflags(vcpu, rflags);
353b6f084caSSean Christopherson
354b6f084caSSean Christopherson kvm_rax_write(vcpu, ret);
355b6f084caSSean Christopherson return kvm_skip_emulated_instruction(vcpu);
356b6f084caSSean Christopherson }
357b6f084caSSean Christopherson
encls_leaf_enabled_in_guest(struct kvm_vcpu * vcpu,u32 leaf)3589798adbcSSean Christopherson static inline bool encls_leaf_enabled_in_guest(struct kvm_vcpu *vcpu, u32 leaf)
3599798adbcSSean Christopherson {
3609798adbcSSean Christopherson /*
3619798adbcSSean Christopherson * ENCLS generates a #UD if SGX1 isn't supported, i.e. this point will
3629798adbcSSean Christopherson * be reached if and only if the SGX1 leafs are enabled.
3639798adbcSSean Christopherson */
3649798adbcSSean Christopherson if (leaf >= ECREATE && leaf <= ETRACK)
3659798adbcSSean Christopherson return true;
3669798adbcSSean Christopherson
3679798adbcSSean Christopherson if (leaf >= EAUG && leaf <= EMODT)
3689798adbcSSean Christopherson return guest_cpuid_has(vcpu, X86_FEATURE_SGX2);
3699798adbcSSean Christopherson
3709798adbcSSean Christopherson return false;
3719798adbcSSean Christopherson }
3729798adbcSSean Christopherson
sgx_enabled_in_guest_bios(struct kvm_vcpu * vcpu)3739798adbcSSean Christopherson static inline bool sgx_enabled_in_guest_bios(struct kvm_vcpu *vcpu)
3749798adbcSSean Christopherson {
3759798adbcSSean Christopherson const u64 bits = FEAT_CTL_SGX_ENABLED | FEAT_CTL_LOCKED;
3769798adbcSSean Christopherson
3779798adbcSSean Christopherson return (to_vmx(vcpu)->msr_ia32_feature_control & bits) == bits;
3789798adbcSSean Christopherson }
3799798adbcSSean Christopherson
handle_encls(struct kvm_vcpu * vcpu)3809798adbcSSean Christopherson int handle_encls(struct kvm_vcpu *vcpu)
3819798adbcSSean Christopherson {
3829798adbcSSean Christopherson u32 leaf = (u32)kvm_rax_read(vcpu);
3839798adbcSSean Christopherson
3849798adbcSSean Christopherson if (!enable_sgx || !guest_cpuid_has(vcpu, X86_FEATURE_SGX) ||
3859798adbcSSean Christopherson !guest_cpuid_has(vcpu, X86_FEATURE_SGX1)) {
3869798adbcSSean Christopherson kvm_queue_exception(vcpu, UD_VECTOR);
3879798adbcSSean Christopherson } else if (!encls_leaf_enabled_in_guest(vcpu, leaf) ||
38870210c04SSean Christopherson !sgx_enabled_in_guest_bios(vcpu) || !is_paging(vcpu)) {
38970210c04SSean Christopherson kvm_inject_gp(vcpu, 0);
390b6f084caSSean Christopherson } else {
391b6f084caSSean Christopherson if (leaf == ECREATE)
3928d20bd63SSean Christopherson return handle_encls_ecreate(vcpu);
3939798adbcSSean Christopherson if (leaf == EINIT)
3949798adbcSSean Christopherson return handle_encls_einit(vcpu);
3959798adbcSSean Christopherson WARN_ONCE(1, "unexpected exit on ENCLS[%u]", leaf);
3969798adbcSSean Christopherson vcpu->run->exit_reason = KVM_EXIT_UNKNOWN;
3979798adbcSSean Christopherson vcpu->run->hw.hardware_exit_reason = EXIT_REASON_ENCLS;
3989798adbcSSean Christopherson return 0;
3998f102445SSean Christopherson }
4008f102445SSean Christopherson return 1;
4018f102445SSean Christopherson }
4028f102445SSean Christopherson
setup_default_sgx_lepubkeyhash(void)4038f102445SSean Christopherson void setup_default_sgx_lepubkeyhash(void)
4048f102445SSean Christopherson {
4058f102445SSean Christopherson /*
4068f102445SSean Christopherson * Use Intel's default value for Skylake hardware if Launch Control is
4078f102445SSean Christopherson * not supported, i.e. Intel's hash is hardcoded into silicon, or if
4088f102445SSean Christopherson * Launch Control is supported and enabled, i.e. mimic the reset value
4098f102445SSean Christopherson * and let the guest write the MSRs at will. If Launch Control is
4108f102445SSean Christopherson * supported but disabled, then use the current MSR values as the hash
4118f102445SSean Christopherson * MSRs exist but are read-only (locked and not writable).
4128f102445SSean Christopherson */
4138f102445SSean Christopherson if (!enable_sgx || boot_cpu_has(X86_FEATURE_SGX_LC) ||
4148f102445SSean Christopherson rdmsrl_safe(MSR_IA32_SGXLEPUBKEYHASH0, &sgx_pubkey_hash[0])) {
4158f102445SSean Christopherson sgx_pubkey_hash[0] = 0xa6053e051270b7acULL;
4168f102445SSean Christopherson sgx_pubkey_hash[1] = 0x6cfbe8ba8b3b413dULL;
4178f102445SSean Christopherson sgx_pubkey_hash[2] = 0xc4916d99f2b3735dULL;
4188f102445SSean Christopherson sgx_pubkey_hash[3] = 0xd4f8c05909f9bb3bULL;
4198f102445SSean Christopherson } else {
4208f102445SSean Christopherson /* MSR_IA32_SGXLEPUBKEYHASH0 is read above */
4218f102445SSean Christopherson rdmsrl(MSR_IA32_SGXLEPUBKEYHASH1, sgx_pubkey_hash[1]);
4228f102445SSean Christopherson rdmsrl(MSR_IA32_SGXLEPUBKEYHASH2, sgx_pubkey_hash[2]);
4238f102445SSean Christopherson rdmsrl(MSR_IA32_SGXLEPUBKEYHASH3, sgx_pubkey_hash[3]);
4248f102445SSean Christopherson }
4258f102445SSean Christopherson }
4268f102445SSean Christopherson
vcpu_setup_sgx_lepubkeyhash(struct kvm_vcpu * vcpu)4278f102445SSean Christopherson void vcpu_setup_sgx_lepubkeyhash(struct kvm_vcpu *vcpu)
4288f102445SSean Christopherson {
4298f102445SSean Christopherson struct vcpu_vmx *vmx = to_vmx(vcpu);
4308f102445SSean Christopherson
43172add915SSean Christopherson memcpy(vmx->msr_ia32_sgxlepubkeyhash, sgx_pubkey_hash,
43272add915SSean Christopherson sizeof(sgx_pubkey_hash));
43372add915SSean Christopherson }
43472add915SSean Christopherson
43572add915SSean Christopherson /*
43672add915SSean Christopherson * ECREATE must be intercepted to enforce MISCSELECT, ATTRIBUTES and XFRM
43772add915SSean Christopherson * restrictions if the guest's allowed-1 settings diverge from hardware.
43872add915SSean Christopherson */
sgx_intercept_encls_ecreate(struct kvm_vcpu * vcpu)43972add915SSean Christopherson static bool sgx_intercept_encls_ecreate(struct kvm_vcpu *vcpu)
44072add915SSean Christopherson {
44172add915SSean Christopherson struct kvm_cpuid_entry2 *guest_cpuid;
44272add915SSean Christopherson u32 eax, ebx, ecx, edx;
44372add915SSean Christopherson
444277ad7d5SSean Christopherson if (!vcpu->kvm->arch.sgx_provisioning_allowed)
44572add915SSean Christopherson return true;
44672add915SSean Christopherson
44772add915SSean Christopherson guest_cpuid = kvm_find_cpuid_entry_index(vcpu, 0x12, 0);
44872add915SSean Christopherson if (!guest_cpuid)
44972add915SSean Christopherson return true;
45072add915SSean Christopherson
45172add915SSean Christopherson cpuid_count(0x12, 0, &eax, &ebx, &ecx, &edx);
452277ad7d5SSean Christopherson if (guest_cpuid->ebx != ebx || guest_cpuid->edx != edx)
45372add915SSean Christopherson return true;
45472add915SSean Christopherson
45572add915SSean Christopherson guest_cpuid = kvm_find_cpuid_entry_index(vcpu, 0x12, 1);
45672add915SSean Christopherson if (!guest_cpuid)
45772add915SSean Christopherson return true;
45872add915SSean Christopherson
45972add915SSean Christopherson cpuid_count(0x12, 1, &eax, &ebx, &ecx, &edx);
46072add915SSean Christopherson if (guest_cpuid->eax != eax || guest_cpuid->ebx != ebx ||
46172add915SSean Christopherson guest_cpuid->ecx != ecx || guest_cpuid->edx != edx)
46272add915SSean Christopherson return true;
46372add915SSean Christopherson
46472add915SSean Christopherson return false;
46572add915SSean Christopherson }
46672add915SSean Christopherson
vmx_write_encls_bitmap(struct kvm_vcpu * vcpu,struct vmcs12 * vmcs12)46772add915SSean Christopherson void vmx_write_encls_bitmap(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12)
46872add915SSean Christopherson {
46972add915SSean Christopherson /*
47072add915SSean Christopherson * There is no software enable bit for SGX that is virtualized by
47172add915SSean Christopherson * hardware, e.g. there's no CR4.SGXE, so when SGX is disabled in the
47272add915SSean Christopherson * guest (either by the host or by the guest's BIOS) but enabled in the
47372add915SSean Christopherson * host, trap all ENCLS leafs and inject #UD/#GP as needed to emulate
47472add915SSean Christopherson * the expected system behavior for ENCLS.
47572add915SSean Christopherson */
47672add915SSean Christopherson u64 bitmap = -1ull;
47772add915SSean Christopherson
47872add915SSean Christopherson /* Nothing to do if hardware doesn't support SGX */
47972add915SSean Christopherson if (!cpu_has_vmx_encls_vmexit())
48072add915SSean Christopherson return;
48172add915SSean Christopherson
48272add915SSean Christopherson if (guest_cpuid_has(vcpu, X86_FEATURE_SGX) &&
48372add915SSean Christopherson sgx_enabled_in_guest_bios(vcpu)) {
48472add915SSean Christopherson if (guest_cpuid_has(vcpu, X86_FEATURE_SGX1)) {
48572add915SSean Christopherson bitmap &= ~GENMASK_ULL(ETRACK, ECREATE);
48672add915SSean Christopherson if (sgx_intercept_encls_ecreate(vcpu))
48772add915SSean Christopherson bitmap |= (1 << ECREATE);
48872add915SSean Christopherson }
48972add915SSean Christopherson
49072add915SSean Christopherson if (guest_cpuid_has(vcpu, X86_FEATURE_SGX2))
49172add915SSean Christopherson bitmap &= ~GENMASK_ULL(EMODT, EAUG);
49272add915SSean Christopherson
49372add915SSean Christopherson /*
49472add915SSean Christopherson * Trap and execute EINIT if launch control is enabled in the
49572add915SSean Christopherson * host using the guest's values for launch control MSRs, even
49672add915SSean Christopherson * if the guest's values are fixed to hardware default values.
49772add915SSean Christopherson * The MSRs are not loaded/saved on VM-Enter/VM-Exit as writing
49872add915SSean Christopherson * the MSRs is extraordinarily expensive.
49972add915SSean Christopherson */
50072add915SSean Christopherson if (boot_cpu_has(X86_FEATURE_SGX_LC))
50172add915SSean Christopherson bitmap |= (1 << EINIT);
50272add915SSean Christopherson
50372add915SSean Christopherson if (!vmcs12 && is_guest_mode(vcpu))
50472add915SSean Christopherson vmcs12 = get_vmcs12(vcpu);
50572add915SSean Christopherson if (vmcs12 && nested_cpu_has_encls_exit(vmcs12))
50672add915SSean Christopherson bitmap |= vmcs12->encls_exiting_bitmap;
507 }
508 vmcs_write64(ENCLS_EXITING_BITMAP, bitmap);
509 }
510