Commit 29dcc60f authored by Joerg Roedel's avatar Joerg Roedel Committed by Borislav Petkov
Browse files

x86/boot/compressed/64: Add stage1 #VC handler 



Add the first handler for #VC exceptions. At stage 1 there is no GHCB
yet because the kernel might still be running on the EFI page table.

The stage 1 handler is limited to the MSR-based protocol to talk to the
hypervisor and can only support CPUID exit-codes, but that is enough to
get to stage 2.

 [ bp: Zap superfluous newlines after rd/wrmsr instruction mnemonics. ]

Signed-off-by: default avatarJoerg Roedel <jroedel@suse.de>
Signed-off-by: default avatarBorislav Petkov <bp@suse.de>
Link: https://lkml.kernel.org/r/20200907131613.12703-20-joro@8bytes.org
parent 21cf2372

arch/x86/boot/compressed/Makefile

+1 −0
Original line number Diff line number Diff line
@@ -88,6 +88,7 @@ ifdef CONFIG_X86_64 
	vmlinux-objs-y += $(obj)/idt_64.o $(obj)/idt_handlers_64.o

	vmlinux-objs-y += $(obj)/mem_encrypt.o

	vmlinux-objs-y += $(obj)/pgtable_64.o

	vmlinux-objs-$(CONFIG_AMD_MEM_ENCRYPT) += $(obj)/sev-es.o

endif



vmlinux-objs-$(CONFIG_ACPI) += $(obj)/acpi.o

arch/x86/boot/compressed/idt_64.c

+4 −0
Original line number Diff line number Diff line
@@ -32,6 +32,10 @@ void load_stage1_idt(void) 
{

	boot_idt_desc.address = (unsigned long)boot_idt;





	if (IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT))

		set_idt_entry(X86_TRAP_VC, boot_stage1_vc);



	load_boot_idt(&boot_idt_desc);

}

arch/x86/boot/compressed/idt_handlers_64.S

+4 −0
Original line number Diff line number Diff line
@@ -70,3 +70,7 @@ SYM_FUNC_END(\name) 
	.code64



EXCEPTION_HANDLER	boot_page_fault do_boot_page_fault error_code=1



#ifdef CONFIG_AMD_MEM_ENCRYPT

EXCEPTION_HANDLER	boot_stage1_vc do_vc_no_ghcb error_code=1

#endif

arch/x86/boot/compressed/misc.h

+1 −0
Original line number Diff line number Diff line
@@ -141,5 +141,6 @@ extern struct desc_ptr boot_idt_desc; 


/* IDT Entry Points */

void boot_page_fault(void);

void boot_stage1_vc(void);



#endif /* BOOT_COMPRESSED_MISC_H */

arch/x86/boot/compressed/sev-es.c

0 → 100644
+45 −0
Original line number Diff line number Diff line 
// SPDX-License-Identifier: GPL-2.0

/*

 * AMD Encrypted Register State Support

 *

 * Author: Joerg Roedel <jroedel@suse.de>

 */



/*

 * misc.h needs to be first because it knows how to include the other kernel

 * headers in the pre-decompression code in a way that does not break

 * compilation.

 */

#include "misc.h"



#include <asm/sev-es.h>

#include <asm/msr-index.h>

#include <asm/ptrace.h>

#include <asm/svm.h>



static inline u64 sev_es_rd_ghcb_msr(void)

{

	unsigned long low, high;



	asm volatile("rdmsr" : "=a" (low), "=d" (high) :

			"c" (MSR_AMD64_SEV_ES_GHCB));



	return ((high << 32) | low);

}



static inline void sev_es_wr_ghcb_msr(u64 val)

{

	u32 low, high;



	low  = val & 0xffffffffUL;

	high = val >> 32;



	asm volatile("wrmsr" : : "c" (MSR_AMD64_SEV_ES_GHCB),

			"a"(low), "d" (high) : "memory");

}



#undef __init

#define __init



/* Include code for early handlers */

#include "../../kernel/sev-es-shared.c"

CRA Git | Maintained and supported by SUSTech CRA and CCSE