From: Mike Larkin <mlarkin@nested.page>
Subject: Re: SEV-ES: vmm(4): Handle CPUID gexit
To: tech@openbsd.org
Date: Tue, 20 May 2025 17:51:12 -0700

On Tue, May 20, 2025 at 11:53:36AM +0200, Hans-Jörg Höxer wrote:
> Hi,
>
> this change fills in the stub for CPUID related GEXITS:
>
>     Fill in the actual handler for CPUID related VMGEXIT:  The SEV-ES
>     guest sends vmm(4) A and C GPRs; vmm(4) dispatches to vmm_handle_cpuid();
>     and returns the results in A, B, C and D.
>
> Take care,
> HJ.

ok mlarkin

> ----------------------------------------------------------------------------
> commit db5a258b06545b6ee352928a26f042f3640971e1
> Author: Hans-Joerg Hoexer <hshoexer@genua.de>
> Date:   Mon Jan 20 10:46:31 2025 +0100
>
>     vmm(4): Handle CPUID gexit
>
>     Fill in the actual handler for CPUID related VMGEXIT:  The SEV-ES
>     guest sends vmm(4) A and C GPRs; vmm(4) dispatches to vmm_handle_cpuid();
>     and returns the results in A, B, C and D.
>
> diff --git a/sys/arch/amd64/amd64/vmm_machdep.c b/sys/arch/amd64/amd64/vmm_machdep.c
> index f654a6d0054..5f4957c4ded 100644
> --- a/sys/arch/amd64/amd64/vmm_machdep.c
> +++ b/sys/arch/amd64/amd64/vmm_machdep.c
> @@ -4378,6 +4378,10 @@ svm_gexit_sync_host(struct vcpu *vcpu)
>
>  	svm_sw_exitcode = ghcb->v_sw_exitcode;
>  	switch (svm_sw_exitcode) {
> +	case SVM_VMEXIT_CPUID:
> +		ghcb_valbm_set(expected_bm, GHCB_RAX);
> +		ghcb_valbm_set(expected_bm, GHCB_RCX);
> +		break;
>  	default:
>  		return (EINVAL);
>  	}
> @@ -4428,6 +4432,12 @@ svm_gexit_sync_guest(struct vcpu *vcpu)
>  	valid_bm = ghcb->valid_bitmap;
>
>  	switch (svm_sw_exitcode) {
> +	case SVM_VMEXIT_CPUID:
> +		ghcb_valbm_set(valid_bm, GHCB_RAX);
> +		ghcb_valbm_set(valid_bm, GHCB_RBX);
> +		ghcb_valbm_set(valid_bm, GHCB_RCX);
> +		ghcb_valbm_set(valid_bm, GHCB_RDX);
> +		break;
>  	default:
>  		return (EINVAL);
>  	}
> @@ -4487,6 +4497,12 @@ svm_handle_gexit(struct vcpu *vcpu)
>  	/* Handle GHCB protocol */
>  	syncout = 0;
>  	switch (vmcb->v_exitcode) {
> +	case SVM_VMEXIT_CPUID:
> +		error = vmm_handle_cpuid(vcpu);
> +		vmcb->v_rip = vcpu->vc_gueststate.vg_rip;
> +		vcpu->vc_gueststate.vg_rax = vmcb->v_rax;
> +		syncout = 1;
> +		break;
>  	default:
>  		DPRINTF("%s: unknown exit 0x%llx\n", __func__,
>  		    vmcb->v_exitcode);