mirror of
				git://git.yoctoproject.org/linux-yocto.git
				synced 2025-10-22 23:13:01 +02:00 
			
		
		
		
	 6c32117963
			
		
	
	
		6c32117963
		
	
	
	
	
		
			
			Add SNP-specific hooks to the unaccepted memory support in the boot path (__accept_memory()) and the core kernel (accept_memory()) in order to support booting SNP guests when unaccepted memory is present. Without this support, SNP guests will fail to boot and/or panic() when unaccepted memory is present in the EFI memory map. The process of accepting memory under SNP involves invoking the hypervisor to perform a page state change for the page to private memory and then issuing a PVALIDATE instruction to accept the page. Since the boot path and the core kernel paths perform similar operations, move the pvalidate_pages() and vmgexit_psc() functions into sev-shared.c to avoid code duplication. Create the new header file arch/x86/boot/compressed/sev.h because adding the function declaration to any of the existing SEV related header files pulls in too many other header files, causing the build to fail. Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de> Link: https://lore.kernel.org/r/a52fa69f460fd1876d70074b20ad68210dfc31dd.1686063086.git.thomas.lendacky@amd.com
		
			
				
	
	
		
			87 lines
		
	
	
		
			2.0 KiB
		
	
	
	
		
			C
		
	
	
	
	
	
			
		
		
	
	
			87 lines
		
	
	
		
			2.0 KiB
		
	
	
	
		
			C
		
	
	
	
	
	
| // SPDX-License-Identifier: GPL-2.0-only
 | |
| 
 | |
| #include "error.h"
 | |
| #include "misc.h"
 | |
| #include "tdx.h"
 | |
| #include "sev.h"
 | |
| #include <asm/shared/tdx.h>
 | |
| 
 | |
| /*
 | |
|  * accept_memory() and process_unaccepted_memory() called from EFI stub which
 | |
|  * runs before decompresser and its early_tdx_detect().
 | |
|  *
 | |
|  * Enumerate TDX directly from the early users.
 | |
|  */
 | |
| static bool early_is_tdx_guest(void)
 | |
| {
 | |
| 	static bool once;
 | |
| 	static bool is_tdx;
 | |
| 
 | |
| 	if (!IS_ENABLED(CONFIG_INTEL_TDX_GUEST))
 | |
| 		return false;
 | |
| 
 | |
| 	if (!once) {
 | |
| 		u32 eax, sig[3];
 | |
| 
 | |
| 		cpuid_count(TDX_CPUID_LEAF_ID, 0, &eax,
 | |
| 			    &sig[0], &sig[2],  &sig[1]);
 | |
| 		is_tdx = !memcmp(TDX_IDENT, sig, sizeof(sig));
 | |
| 		once = true;
 | |
| 	}
 | |
| 
 | |
| 	return is_tdx;
 | |
| }
 | |
| 
 | |
| void arch_accept_memory(phys_addr_t start, phys_addr_t end)
 | |
| {
 | |
| 	/* Platform-specific memory-acceptance call goes here */
 | |
| 	if (early_is_tdx_guest()) {
 | |
| 		if (!tdx_accept_memory(start, end))
 | |
| 			panic("TDX: Failed to accept memory\n");
 | |
| 	} else if (sev_snp_enabled()) {
 | |
| 		snp_accept_memory(start, end);
 | |
| 	} else {
 | |
| 		error("Cannot accept memory: unknown platform\n");
 | |
| 	}
 | |
| }
 | |
| 
 | |
| bool init_unaccepted_memory(void)
 | |
| {
 | |
| 	guid_t guid = LINUX_EFI_UNACCEPTED_MEM_TABLE_GUID;
 | |
| 	struct efi_unaccepted_memory *table;
 | |
| 	unsigned long cfg_table_pa;
 | |
| 	unsigned int cfg_table_len;
 | |
| 	enum efi_type et;
 | |
| 	int ret;
 | |
| 
 | |
| 	et = efi_get_type(boot_params);
 | |
| 	if (et == EFI_TYPE_NONE)
 | |
| 		return false;
 | |
| 
 | |
| 	ret = efi_get_conf_table(boot_params, &cfg_table_pa, &cfg_table_len);
 | |
| 	if (ret) {
 | |
| 		warn("EFI config table not found.");
 | |
| 		return false;
 | |
| 	}
 | |
| 
 | |
| 	table = (void *)efi_find_vendor_table(boot_params, cfg_table_pa,
 | |
| 					      cfg_table_len, guid);
 | |
| 	if (!table)
 | |
| 		return false;
 | |
| 
 | |
| 	if (table->version != 1)
 | |
| 		error("Unknown version of unaccepted memory table\n");
 | |
| 
 | |
| 	/*
 | |
| 	 * In many cases unaccepted_table is already set by EFI stub, but it
 | |
| 	 * has to be initialized again to cover cases when the table is not
 | |
| 	 * allocated by EFI stub or EFI stub copied the kernel image with
 | |
| 	 * efi_relocate_kernel() before the variable is set.
 | |
| 	 *
 | |
| 	 * It must be initialized before the first usage of accept_memory().
 | |
| 	 */
 | |
| 	unaccepted_table = table;
 | |
| 
 | |
| 	return true;
 | |
| }
 |