From patchwork Mon May 12 19:08:37 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 889508 Received: from mail-wr1-f74.google.com (mail-wr1-f74.google.com [209.85.221.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 469D92989B8 for ; Mon, 12 May 2025 19:11:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.221.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747077099; cv=none; b=eeNwqjR8v7Um0t7W2F3tz7+KElMTX8z1GdxGHi/thSMdfiPdwQ4BsRP16Mi94pYHDw3Az63heStc9RdQIGasYZaym41e1C3MG68H24PPX24REzw5uxZtFD/b4HQO1Hl5mxFyY/9O5VUAdJUkQ+abbvScRGgYHHoVhJmmb4MKfeA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747077099; c=relaxed/simple; bh=k2nJHzJI79JTiEUmZ2Lm7CSeKjm3kcKUtV1vGbAlOxA=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=mi2mkBteT0SqGTvCciNrsLnr2tFnpFijVxyufv4/xAL+/GJYMQV660FYlh1vR7/Sn9l4w3ewKGBmITmggmQeO/mwjxv+pCwoGNl+buoF0FveFHniumqXvLPV9No8L4Tm/UiClZeVZ6kPpznJNA13p6g4i1LK8FU98G/a69dH58g= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=24NcXgf2; arc=none smtp.client-ip=209.85.221.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="24NcXgf2" Received: by mail-wr1-f74.google.com with SMTP id ffacd0b85a97d-3a0bcaf5f45so1413345f8f.1 for ; Mon, 12 May 2025 12:11:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1747077096; x=1747681896; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=2A4QOYtd+e+YapxsnA4mVLLZLavidWLily5bwA/VPvU=; b=24NcXgf2Yhi02ZD9tByE5DmymhLuZgiGgs6sMg0cwnyhfeYi5+eFnMunDr18BOYP8x 65vohHfD2HiAiqbTcEPVb0AaI2YolCUHuEr7s0p3u2WWzXvC0zFk6kC8OGx7F8l7hnZO IEroOEkQ+03tW+7iUXE+c6xo08odB5gCk+jE4MPHrPjFEtfIjDqOa+85eKdCrh3DUcZa I/iEP7qDVNmYGsUSPuq1ry1U1WG23Su+PypvzV0xJze8pjWm4N0I7vwTQHEp+Z0w9d0X H7HI3Zt84UKXtAY2akYr9xOFnQy1TTXRl+S4+NzlrsDMG432Da6+dC64Nctvwgk2t1bF lOAg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1747077096; x=1747681896; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=2A4QOYtd+e+YapxsnA4mVLLZLavidWLily5bwA/VPvU=; b=uLxHEaFY1cYeOOdX49Snrjk76E1XFDsdKiMBiUuDjWvp3kqdkI4eHQS3rdW082B62X K1s+KKhLw+H6e+1VLvfnZ3/aKA7eehyGMFyomnh0+7OouMLqmqktw3ztz5mVmzW2vwpa ng2UftS5+/lxRSHxXiwe2Erf+UMw7iZs+GbEwdoc0DfdxR3wpP3YfkRwFwDcLXtqqMgP /OscnIsWq0GzB+Q36j9Mkb68YRE4L3p4V7L/S/FTezgAT/zxWijSvZ3dzuOxtVFXfLEO qNn5iA40b5NdljIOmOPzqXbv/oC+DttW7B5zqTdOfjrcYZe3+WIUGNsNj0hdSgwQ952b MKEQ== X-Gm-Message-State: AOJu0YwOhdEeZMMrXE6krnnYHUISVdtn7ZRWDFc+l4NCWmU7RpUZOx6J 8vjrDHSASJ+xr3FTBiQAXPyLsZFHOXAe7cH7pPiM0AMnmGQJB8NxzJK3UBaMKnJ672TaSg== X-Google-Smtp-Source: AGHT+IErwosD9vJ9JrYgrLx7V9RG6j5DmK6Fk3l/BmDVN9yfDorOHyQFkGdzbGclKBnt8rsqb/4LW6To X-Received: from wmbhh12.prod.google.com ([2002:a05:600c:530c:b0:440:626b:cdc]) (user=ardb job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6000:240d:b0:3a2:3b9:5c97 with SMTP id ffacd0b85a97d-3a203b95dfcmr5365332f8f.10.1747077096579; Mon, 12 May 2025 12:11:36 -0700 (PDT) Date: Mon, 12 May 2025 21:08:37 +0200 In-Reply-To: <20250512190834.332684-23-ardb+git@google.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250512190834.332684-23-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=1194; i=ardb@kernel.org; h=from:subject; bh=etgeXANbrFUuOBqj8tjP9eeHGfbZA0Naim5ziEeTbkU=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIUPJ3WL9V9YldTk75PhN3ZKf2BtO3vD1eEvn01X7nk5SU d4e6Xamo5SFQYyDQVZMkUVg9t93O09PlKp1niULM4eVCWQIAxenAEzENIyRYbUlq+7P21pvJ/Bq MUd7Hvd7Od/uZ/+5tak7UtzPTNKtB6po5okQ/rjIvX/T6rpmpnu/maomGwYkzvk80/3c95Xc240 ZAA== X-Mailer: git-send-email 2.49.0.1045.g170613ef41-goog Message-ID: <20250512190834.332684-25-ardb+git@google.com> Subject: [RFT PATCH v3 02/21] x86/sev: Use MSR protocol for remapping SVSM calling area From: Ard Biesheuvel To: linux-kernel@vger.kernel.org Cc: linux-efi@vger.kernel.org, x86@kernel.org, Ard Biesheuvel , Borislav Petkov , Ingo Molnar , Dionna Amalie Glaze , Kevin Loughlin , Tom Lendacky From: Ard Biesheuvel As the preceding code comment already indicates, remapping the SVSM calling area occurs long before the GHCB page is configured, and so calling svsm_perform_call_protocol() is guaranteed to result in a call to svsm_perform_msr_protocol(). So just call the latter directly. This allows most of the GHCB based API infrastructure to be moved out of the startup code in a subsequent patch. Signed-off-by: Ard Biesheuvel --- arch/x86/boot/startup/sev-startup.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/arch/x86/boot/startup/sev-startup.c b/arch/x86/boot/startup/sev-startup.c index 435853a55768..a1d5a5632d58 100644 --- a/arch/x86/boot/startup/sev-startup.c +++ b/arch/x86/boot/startup/sev-startup.c @@ -325,7 +325,9 @@ static __head void svsm_setup(struct cc_blob_sev_info *cc_info) call.caa = svsm_get_caa(); call.rax = SVSM_CORE_CALL(SVSM_CORE_REMAP_CA); call.rcx = pa; - ret = svsm_perform_call_protocol(&call); + do { + ret = svsm_perform_msr_protocol(&call); + } while (ret == -EAGAIN); if (ret) sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_SVSM_CA_REMAP_FAIL); From patchwork Mon May 12 19:08:39 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 889507 Received: from mail-wr1-f73.google.com (mail-wr1-f73.google.com [209.85.221.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 70033298C37 for ; Mon, 12 May 2025 19:11:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.221.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747077104; cv=none; b=LYn4NK15mFm1E4Pg12Brf7pk5qx+1CchTRi4e5Rc4Fbn44UQl0eMzCmhYbLwz5VacpRaR+RykrT3Slw2JIaZVsCHBfn8N/Kw7QYHhvurkjxlmgVWX9yQzn6vGXkNIp2H92s1c0tesXq+TpGD5noZxeJURJZ6KM/q12W4ZvyIkZE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747077104; c=relaxed/simple; bh=N8lIrN6QnYWQRxj3loyK87tJKBDaO7dJNOxuR7UZwmY=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=NHzc+dUkgarwqyde1ffuZjQvqMf+BN1HqSlHi0DjGwsl8ZQQdMG/3+IegZNfoCXi3pQyJYGnDWYRwPFt0qJ0TtIUz8tiF2AYBHQYO8otIFig8EDa3VTCJxhrONffkaNeK84DFOjSsqDRAmazvGv58nb+kMw3sgaezQfZKcarlfs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=I0N/ARzg; arc=none smtp.client-ip=209.85.221.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="I0N/ARzg" Received: by mail-wr1-f73.google.com with SMTP id ffacd0b85a97d-3a205227595so677542f8f.3 for ; Mon, 12 May 2025 12:11:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1747077100; x=1747681900; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=yAKS3akGBR/9SddxoYh5t/3Kaeg1HbH4Cc4GvmNf7kc=; b=I0N/ARzgFmJo5sYj1560nlfVzrEzIBfXyY5rjLnS6wWfmQtOruXC17dt09kxIC3B/A UkMBVqDDUDCigiJ+Db2S7QyJQ4Ps5mCngvPjEBPYR8sEXC7eTgs6L5VvH3cLFeSCt5g3 RmIIMaiqjEAoHes9NeZLTaA7+D8Y3iBNB73JQG/5YlHsVt+9yzb0weVrLo/9VV783dSR vHrzF2YffoFuaeqh1LrJKPRo6RdyYF4LXbk3Ed5gI4u/L7k/jknlIXCVbLmhvfv2uMoC zRiTcJOy7bRzaJ7/WM3gaKPaXKF2kgRmtYfP7HvHOAt8wALZI4YlrCbDmppurioeC6LS z0sg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1747077100; x=1747681900; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=yAKS3akGBR/9SddxoYh5t/3Kaeg1HbH4Cc4GvmNf7kc=; b=TXL+fl2W54iBXziJMHpWx9lRfim2fgr11YvZTIoN4hZbg6ggU4ZHsVdTRqQAX2Nch0 waHYkGludyCqSBDeBuJUDqvc/MQ7628N8CTvT40LqNoplSMaMBjFIls4zx5O7/Z+dt8A H9vFkTlDIa2Doh7rbahRlcGI5u6YhXRfWD9Jco2h+myfFRZKAuDoOFxu2wCH9zVS1nnP /o0I5QROhx6/hjdoC5bZf5p5tRa7FgkK5iRuQ8o4qBp2Krky1WNx51g8ew+zGrVh6D4C CWp1NlP6qA3Elx3phy9EsgwiSoZW9Y028wArYdbx/pjTecZP4BvA6NfiWAa3l1RivTTh Ng0Q== X-Gm-Message-State: AOJu0Yyb3JALjstWK1OOS1ZZYj0jRD/u5uMV9tdZ9OWYsTdpkC0JrgTr iS8K2Tyle/j9o1M8Bpd4SjbgKNQTmPPUEIfLqNmeWLmprJ4+tMAjmb/ZY5tsiR/9LXn8lw== X-Google-Smtp-Source: AGHT+IGX1Wukqh3EK0YfLcD9ed759VITS0iUHJbGg2BkqMIQpCmp8NgTxMLsY1cSzdbBmJab7Amumzsu X-Received: from wmbhh12.prod.google.com ([2002:a05:600c:530c:b0:440:626b:cdc]) (user=ardb job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6000:3103:b0:39e:e217:28c0 with SMTP id ffacd0b85a97d-3a1f642217dmr11281761f8f.10.1747077100813; Mon, 12 May 2025 12:11:40 -0700 (PDT) Date: Mon, 12 May 2025 21:08:39 +0200 In-Reply-To: <20250512190834.332684-23-ardb+git@google.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250512190834.332684-23-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=2831; i=ardb@kernel.org; h=from:subject; bh=gyvK1vVt7xT2yPdX1EeqNZBgIdQd81Ru1FpgpHIYf3o=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIUPJ3UbMLaG9Z8ePSUG7V/zZ0Gt39cOFEv7j8hw9drPiU 6MfbdvSUcrCIMbBICumyCIw+++7nacnStU6z5KFmcPKBDKEgYtTACZy+R4jw8Iq14cHUy47Hbwz /Rz3Uw7zD7whh9wn1m5f/oA/IbNv80WG36y1Ghd9X/WmWtx/u+rrCY73Ykmx/t9O7yz0eWXFs7L 7CC8A X-Mailer: git-send-email 2.49.0.1045.g170613ef41-goog Message-ID: <20250512190834.332684-27-ardb+git@google.com> Subject: [RFT PATCH v3 04/21] x86/sev: Run RMPADJUST on SVSM calling area page to test VMPL From: Ard Biesheuvel To: linux-kernel@vger.kernel.org Cc: linux-efi@vger.kernel.org, x86@kernel.org, Ard Biesheuvel , Borislav Petkov , Ingo Molnar , Dionna Amalie Glaze , Kevin Loughlin , Tom Lendacky From: Ard Biesheuvel Determining the VMPL at which the kernel runs involves performing a RMPADJUST operation on an arbitary page of memory, and observing whether it succeeds. The use of boot_ghcb_page in the core kernel in this case is completely arbitary, but results in the need to provide a PIC alias for it. So use boot_svsm_ca_page instead, which already needs this alias for other reasons. Signed-off-by: Ard Biesheuvel --- arch/x86/boot/compressed/sev.c | 2 +- arch/x86/boot/startup/sev-shared.c | 5 +++-- arch/x86/boot/startup/sev-startup.c | 2 +- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c index bc4ec45d9935..2141936daba7 100644 --- a/arch/x86/boot/compressed/sev.c +++ b/arch/x86/boot/compressed/sev.c @@ -327,7 +327,7 @@ static bool early_snp_init(struct boot_params *bp) * running at VMPL0. The CA will be used to communicate with the * SVSM and request its services. */ - svsm_setup_ca(cc_info); + svsm_setup_ca(cc_info, rip_rel_ptr(&boot_ghcb_page)); /* * Pass run-time kernel a pointer to CC info via boot_params so EFI diff --git a/arch/x86/boot/startup/sev-shared.c b/arch/x86/boot/startup/sev-shared.c index 297d2abe8e3d..9c8dd6bfe833 100644 --- a/arch/x86/boot/startup/sev-shared.c +++ b/arch/x86/boot/startup/sev-shared.c @@ -782,7 +782,8 @@ static void __head pvalidate_4k_page(unsigned long vaddr, unsigned long paddr, * Maintain the GPA of the SVSM Calling Area (CA) in order to utilize the SVSM * services needed when not running in VMPL0. */ -static bool __head svsm_setup_ca(const struct cc_blob_sev_info *cc_info) +static bool __head svsm_setup_ca(const struct cc_blob_sev_info *cc_info, + void *page) { struct snp_secrets_page *secrets_page; struct snp_cpuid_table *cpuid_table; @@ -805,7 +806,7 @@ static bool __head svsm_setup_ca(const struct cc_blob_sev_info *cc_info) * routine is running identity mapped when called, both by the decompressor * code and the early kernel code. */ - if (!rmpadjust((unsigned long)rip_rel_ptr(&boot_ghcb_page), RMP_PG_SIZE_4K, 1)) + if (!rmpadjust((unsigned long)page, RMP_PG_SIZE_4K, 1)) return false; /* diff --git a/arch/x86/boot/startup/sev-startup.c b/arch/x86/boot/startup/sev-startup.c index a1d5a5632d58..1f928e8264bb 100644 --- a/arch/x86/boot/startup/sev-startup.c +++ b/arch/x86/boot/startup/sev-startup.c @@ -303,7 +303,7 @@ static __head void svsm_setup(struct cc_blob_sev_info *cc_info) * running at VMPL0. The CA will be used to communicate with the * SVSM to perform the SVSM services. */ - if (!svsm_setup_ca(cc_info)) + if (!svsm_setup_ca(cc_info, rip_rel_ptr(&boot_svsm_ca_page))) return; /* From patchwork Mon May 12 19:08:41 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 889506 Received: from mail-wm1-f74.google.com (mail-wm1-f74.google.com [209.85.128.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A86F5298277 for ; Mon, 12 May 2025 19:11:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747077108; cv=none; b=FGqxZbq4MZSiWv7vr1y/JytE3FkQl+WFVzhVkp+fP3FWgsfanWHEuAs4jPs7Cb7o7yLW/Up5w8zePLNj1CXb2uo7UxaPeMjwB26+edJXeOwJSG1vLq1xi5CmyqJNm0IotkNVUn0Wr4c22gFZZj95Fu85BEAUNfllMtNlboOdlmQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747077108; c=relaxed/simple; bh=RRnMIw5g/jrAb0W13Erg+CyjBnpxxydYbxaGL2P/YX4=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=YwoM2FBWCv8lNuh2fjW+jbm1Ft7zPloIVYynCDdopWrgFJdZ0I/Qxnksy8KCVb3ewi6AJ/XXjBSQjXn+VUtBKSCZi/LXtHO4DF4ovdMCMh+5FyH271kYuCJddwvZi1QdnzXP85YCo9NsgGD8mQotP5SLNxjmGRDqKUdFN8aCFec= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=3+8XNM5f; arc=none smtp.client-ip=209.85.128.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="3+8XNM5f" Received: by mail-wm1-f74.google.com with SMTP id 5b1f17b1804b1-43cf44b66f7so27259115e9.1 for ; Mon, 12 May 2025 12:11:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1747077105; x=1747681905; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=71xIGwXHz9m/rl1b5tE1mHXI8wzc1cOO1kDEHCl0Ovk=; b=3+8XNM5fO0HVrV6nUuPA3EILKQqkWJiq4sgzCSreX1zAp26zdB2jCj9I8ggGMB7paO UYk3riMN1meluBLIMy/ay12+AVZxfzAHkauT7ZBO3iPdORPVl7L81BZVuVr+iA8feg1r jVQGv3/U2zxilnKSheyxLJ8JCg788PM1/LpMjm3hnTCzYrH9CCRxHFuMsCXWII9Ah85u yMUK9bshQTHKpQFD4h3A5jOqZserBztVhopLjXiR1ehNpluVlcmUasqYBNWAxoYaDX8F CAwMBrahYOw6k59App4JS2z8iJXJ3TVd4e8YDlbuxksLuSTDXErNrkF7hCam/5jlv1Hz 2xEA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1747077105; x=1747681905; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=71xIGwXHz9m/rl1b5tE1mHXI8wzc1cOO1kDEHCl0Ovk=; b=tgSZJFE7FfwITeVOnHxxN6xB0Iecebs/p27cLNbY7yHK0M2/VNoZNxb+a+apjH1aPT zTXlQ1M1pXry/LlvF+ywHuHmrmclN1eUlYj12CIfdHHcaexdZWn4ZqA2iYk/aqwQEVT7 +IYG7DBMYykbqU8e7+16GHpToB0QmY1KLWENybdag6AuaNaXLG7Sm+p5hdk2ONQwQdl/ RkaSij0O1slMbJiUlCRIRWi+7jpipfUDmgHUmXXY+2fB3k6X27sxD5KmI7i5WprQCesT wRwTIAL6TmZdh3FDZe7bEuAaZRaw7hKQmJ/GjnffuUKaoviixTs80q0YQVBxu92L0lrC JvBw== X-Gm-Message-State: AOJu0YwK6z9hUnoijLM1MEg1EbHyzh0mEWM2LHQ65tGaVobnYLdyFsB4 5lSIQuin6z8jQr4sXVY5FPHCKQdh1waEV3jBlFvJDc9IgeYXogATDgWIHcUEPWO5UYToYw== X-Google-Smtp-Source: AGHT+IFFqCt+fsBqPngsdQyiVskwd9ConFlbUeF25rdan8MOxzENvfrbYyiCj4mVU1L3lcsff9F8yZql X-Received: from wrbcc8.prod.google.com ([2002:a5d:5c08:0:b0:39a:be1a:5df9]) (user=ardb job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6000:2dc4:b0:39c:dfa:c3de with SMTP id ffacd0b85a97d-3a1f64a383dmr11163957f8f.47.1747077104992; Mon, 12 May 2025 12:11:44 -0700 (PDT) Date: Mon, 12 May 2025 21:08:41 +0200 In-Reply-To: <20250512190834.332684-23-ardb+git@google.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250512190834.332684-23-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=6919; i=ardb@kernel.org; h=from:subject; bh=bBn+bWoiPv9ap4MhobATz6OEPk63e0DgR5JHkfb8XMQ=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIUPJ3WHqFU2915K2656WWP98v+/q7/p5s3rlMyyLov8rS QZc42PuKGVhEONgkBVTZBGY/ffdztMTpWqdZ8nCzGFlAhnCwMUpABP518/IcP/zIeVrPTfDVUI3 XHM/tvDCk4N35K+uv2b8U+Cxw6vAFS8YGd4u3205lU+KR0X7a5TeoZN3hbY5JizO6f+6bFdzNdu jUCYA X-Mailer: git-send-email 2.49.0.1045.g170613ef41-goog Message-ID: <20250512190834.332684-29-ardb+git@google.com> Subject: [RFT PATCH v3 06/21] x86/sev: Avoid global variable to store virtual address of SVSM area From: Ard Biesheuvel To: linux-kernel@vger.kernel.org Cc: linux-efi@vger.kernel.org, x86@kernel.org, Ard Biesheuvel , Borislav Petkov , Ingo Molnar , Dionna Amalie Glaze , Kevin Loughlin , Tom Lendacky From: Ard Biesheuvel The boottime SVSM calling area is used both by the startup code running from a 1:1 mapping, and potentially later on running from the ordinary kernel mapping. This SVSM calling area is statically allocated, and so its physical address doesn't change. However, its virtual address depends on the calling context (1:1 mapping or kernel virtual mapping), and even though the variable that holds the virtual address of this calling area gets updated from 1:1 address to kernel address during the boot, it is hard to reason about why this is guaranteed to be safe. So instead, take the RIP-relative address of the boottime SVSM calling area whenever its virtual address is required, and only use a global variable for the physical address. Signed-off-by: Ard Biesheuvel --- arch/x86/boot/compressed/sev.c | 5 ++--- arch/x86/boot/startup/sev-shared.c | 6 ------ arch/x86/boot/startup/sev-startup.c | 4 ++-- arch/x86/coco/sev/core.c | 9 --------- arch/x86/include/asm/sev-internal.h | 3 +-- arch/x86/include/asm/sev.h | 2 -- arch/x86/mm/mem_encrypt_amd.c | 6 ------ 7 files changed, 5 insertions(+), 30 deletions(-) diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c index 2141936daba7..70c3f4fc4349 100644 --- a/arch/x86/boot/compressed/sev.c +++ b/arch/x86/boot/compressed/sev.c @@ -37,12 +37,12 @@ struct ghcb *boot_ghcb; #define __BOOT_COMPRESSED -extern struct svsm_ca *boot_svsm_caa; extern u64 boot_svsm_caa_pa; struct svsm_ca *svsm_get_caa(void) { - return boot_svsm_caa; + /* The decompressor is mapped 1:1 so VA == PA */ + return (struct svsm_ca *)boot_svsm_caa_pa; } u64 svsm_get_caa_pa(void) @@ -530,7 +530,6 @@ bool early_is_sevsnp_guest(void) /* Obtain the address of the calling area to use */ boot_rdmsr(MSR_SVSM_CAA, &m); - boot_svsm_caa = (void *)m.q; boot_svsm_caa_pa = m.q; /* diff --git a/arch/x86/boot/startup/sev-shared.c b/arch/x86/boot/startup/sev-shared.c index 7884884c0898..9e0573aa29c1 100644 --- a/arch/x86/boot/startup/sev-shared.c +++ b/arch/x86/boot/startup/sev-shared.c @@ -26,7 +26,6 @@ * early boot, both with identity mapped virtual addresses and proper kernel * virtual addresses. */ -struct svsm_ca *boot_svsm_caa __ro_after_init; u64 boot_svsm_caa_pa __ro_after_init; /* @@ -648,11 +647,6 @@ static bool __head svsm_setup_ca(const struct cc_blob_sev_info *cc_info, if (caa & (PAGE_SIZE - 1)) sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_SVSM_CAA); - /* - * The CA is identity mapped when this routine is called, both by the - * decompressor code and the early kernel code. - */ - boot_svsm_caa = (struct svsm_ca *)caa; boot_svsm_caa_pa = caa; /* Advertise the SVSM presence via CPUID. */ diff --git a/arch/x86/boot/startup/sev-startup.c b/arch/x86/boot/startup/sev-startup.c index 0000885dc24c..24e7082e1a50 100644 --- a/arch/x86/boot/startup/sev-startup.c +++ b/arch/x86/boot/startup/sev-startup.c @@ -252,6 +252,7 @@ static __head struct cc_blob_sev_info *find_cc_blob(struct boot_params *bp) static __head void svsm_setup(struct cc_blob_sev_info *cc_info) { + struct snp_secrets_page *secrets = (void *)cc_info->secrets_phys; struct svsm_call call = {}; int ret; u64 pa; @@ -280,7 +281,7 @@ static __head void svsm_setup(struct cc_blob_sev_info *cc_info) * RAX = 0 (Protocol=0, CallID=0) * RCX = New CA GPA */ - call.caa = svsm_get_caa(); + call.caa = (struct svsm_ca *)secrets->svsm_caa; call.rax = SVSM_CORE_CALL(SVSM_CORE_REMAP_CA); call.rcx = pa; do { @@ -289,7 +290,6 @@ static __head void svsm_setup(struct cc_blob_sev_info *cc_info) if (ret) sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_SVSM_CA_REMAP_FAIL); - boot_svsm_caa = (struct svsm_ca *)pa; boot_svsm_caa_pa = pa; } diff --git a/arch/x86/coco/sev/core.c b/arch/x86/coco/sev/core.c index 310d867be4dc..0e0ddf4c92aa 100644 --- a/arch/x86/coco/sev/core.c +++ b/arch/x86/coco/sev/core.c @@ -1496,15 +1496,6 @@ void sev_show_status(void) pr_cont("\n"); } -void __init snp_update_svsm_ca(void) -{ - if (!snp_vmpl) - return; - - /* Update the CAA to a proper kernel address */ - boot_svsm_caa = &boot_svsm_ca_page; -} - #ifdef CONFIG_SYSFS static ssize_t vmpl_show(struct kobject *kobj, struct kobj_attribute *attr, char *buf) diff --git a/arch/x86/include/asm/sev-internal.h b/arch/x86/include/asm/sev-internal.h index 4269d9dbefdf..e3b203c280aa 100644 --- a/arch/x86/include/asm/sev-internal.h +++ b/arch/x86/include/asm/sev-internal.h @@ -60,7 +60,6 @@ void early_set_pages_state(unsigned long vaddr, unsigned long paddr, DECLARE_PER_CPU(struct svsm_ca *, svsm_caa); DECLARE_PER_CPU(u64, svsm_caa_pa); -extern struct svsm_ca *boot_svsm_caa; extern u64 boot_svsm_caa_pa; static __always_inline struct svsm_ca *svsm_get_caa(void) @@ -68,7 +67,7 @@ static __always_inline struct svsm_ca *svsm_get_caa(void) if (sev_cfg.use_cas) return this_cpu_read(svsm_caa); else - return boot_svsm_caa; + return rip_rel_ptr(&boot_svsm_ca_page); } static __always_inline u64 svsm_get_caa_pa(void) diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 07081bb85331..ae2502253bd3 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -501,7 +501,6 @@ void snp_accept_memory(phys_addr_t start, phys_addr_t end); u64 snp_get_unsupported_features(u64 status); u64 sev_get_status(void); void sev_show_status(void); -void snp_update_svsm_ca(void); int prepare_pte_enc(struct pte_enc_desc *d); void set_pte_enc_mask(pte_t *kpte, unsigned long pfn, pgprot_t new_prot); void snp_kexec_finish(void); @@ -629,7 +628,6 @@ static inline void snp_accept_memory(phys_addr_t start, phys_addr_t end) { } static inline u64 snp_get_unsupported_features(u64 status) { return 0; } static inline u64 sev_get_status(void) { return 0; } static inline void sev_show_status(void) { } -static inline void snp_update_svsm_ca(void) { } static inline int prepare_pte_enc(struct pte_enc_desc *d) { return 0; } static inline void set_pte_enc_mask(pte_t *kpte, unsigned long pfn, pgprot_t new_prot) { } static inline void snp_kexec_finish(void) { } diff --git a/arch/x86/mm/mem_encrypt_amd.c b/arch/x86/mm/mem_encrypt_amd.c index faf3a13fb6ba..2f8c32173972 100644 --- a/arch/x86/mm/mem_encrypt_amd.c +++ b/arch/x86/mm/mem_encrypt_amd.c @@ -536,12 +536,6 @@ void __init sme_early_init(void) x86_init.resources.dmi_setup = snp_dmi_setup; } - /* - * Switch the SVSM CA mapping (if active) from identity mapped to - * kernel mapped. - */ - snp_update_svsm_ca(); - if (sev_status & MSR_AMD64_SNP_SECURE_TSC) setup_force_cpu_cap(X86_FEATURE_TSC_RELIABLE); } From patchwork Mon May 12 19:08:43 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 889505 Received: from mail-wm1-f73.google.com (mail-wm1-f73.google.com [209.85.128.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 97A83299924 for ; Mon, 12 May 2025 19:11:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747077112; cv=none; b=bihd01hqyC5TVjWMMOz4O37zkdXqe+SKGeSl0C8hEQ0251J/2IofkUXwxeGjF1fk4C2ZNuqundcd+xgFWkJCN8nppHsqdkfrhzkers8IsKr5AbxhyHRfO4+TWH1C8mFJIv6z52CbnDgDNYmKQBOaGun0DyFoYVrB1nPCWp9o+VE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747077112; c=relaxed/simple; bh=CEDHPADBrtfM/ieGiln94YohPo2UkLSRjqpr/xNAnb8=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=mCq5Bz50xmYJQshq/fuJlu5foeSCIZO00mm22RxuzCzevhDu06l2/33H2j1n+6FPcf2/JlEKeo/UrV6pikMGhnJSvYtzqAMTAzYW+90McrAhL7ydzv2GyO29X96v75o3k9MjAXO2yXshlcGsz36CV/KLGQbyCxfuUD+DvxvrNCE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=sJXloRfR; arc=none smtp.client-ip=209.85.128.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="sJXloRfR" Received: by mail-wm1-f73.google.com with SMTP id 5b1f17b1804b1-442d472cf84so21959885e9.2 for ; Mon, 12 May 2025 12:11:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1747077109; x=1747681909; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=nhvFVJIiQ0vT+i/sKXNm0DR7xFRSNY+vN9L5egobjeA=; b=sJXloRfRoEvAYUdrjRFvj05n7CWyWPuIxB5VhJnrEzQg6zKARNYNfQgr1x5VtnimC5 KiVCL1FdWyiw+A2LwRNXKfq9dpNuG8wWf349LBzCucc9Azz3WMDzdyLSwPLX52EM5+ky PzigqPQPUE947fkLthmeauGpPG5Wv8Yy/rvxuElMpJBbIOchAK9jPjbackzdOlhmZqqc vuBMPxCUtYAQuZC0XdWyvmzWtdb1APQyo4WL9DBKZhwJQ/wedzm5dHaIU83TnomzIuG7 mCEaCzRbQo3O8U+pPodu5o4+R/ncFA1FPyrsITLrOB6SdpKzJIUGArhza6zEFIWEP0ke B67A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1747077109; x=1747681909; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=nhvFVJIiQ0vT+i/sKXNm0DR7xFRSNY+vN9L5egobjeA=; b=s8XVVNlug8cId1zylUt+ebFgnv01gkAmxSmilfR1L1f65ITWewYuAHZ4t7umuJL6vw hma6E8rrVkGYtU+JYgOuC7owyiEs6Pw44eLoYKdSCOPaAu2eTJM5mZBp5e7+Fe0B5kZQ NwLWP5cpRvD1fMplD04U7Xun6Zl5THV4N+y3p5l2HElVDz9T3csHv8sU7zQBiPrMP50I v68cgBjjQKw/bKUVci4fd59jmDnlGLt8NJhLERCpxccK9UZd0MZZlwu9bUwyhkaXmla3 Yl7glQNB2l3xfbVav/h5XsiQgEtm0NDcyJNsIvjOIzLnVIuRMOpe05rH3vy34+gr5hOc 5cdw== X-Gm-Message-State: AOJu0YwSG5ImVWOTrnGPODbKgAQCPSM7rm7hcyRCSzfyfew8d/segJuy JuCuvQQ4aLpK6SqREeY7QcDEgth6fwWyk6YKmc65yNnzOi3YjvztJZcxUSLSgdC3SVJC6w== X-Google-Smtp-Source: AGHT+IE9c4d8hXCnsFdSoEnEljzaBiKUHnHJAmVQhNhaHMh0SWW33pmdhIS4P2KN4rpcXJGV8HvHUh01 X-Received: from wmbet7.prod.google.com ([2002:a05:600c:8187:b0:442:e9fd:359]) (user=ardb job=prod-delivery.src-stubby-dispatcher) by 2002:a05:600c:1c8f:b0:434:fa55:eb56 with SMTP id 5b1f17b1804b1-442d6d18a76mr112034265e9.7.1747077109001; Mon, 12 May 2025 12:11:49 -0700 (PDT) Date: Mon, 12 May 2025 21:08:43 +0200 In-Reply-To: <20250512190834.332684-23-ardb+git@google.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250512190834.332684-23-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=4782; i=ardb@kernel.org; h=from:subject; bh=3yIuqQM7nuI1sJOHAR/DsDxVbgNKhocAaK2M0PWLoso=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIUPJ3cWL/cSpfVwTXj8qlz9TMX/py8/xZ3kU+W6nromZq XbYN9+2o5SFQYyDQVZMkUVg9t93O09PlKp1niULM4eVCWQIAxenAEyEu5iR4aLurx8vAkyu61zk 3bWWTaPztsi0acHLcy3PL9DwY+aeUsTI8OPKVNlNb73OP9/BEp/qrrWwUpnjgZDSXiGBhuuhupm WHAA= X-Mailer: git-send-email 2.49.0.1045.g170613ef41-goog Message-ID: <20250512190834.332684-31-ardb+git@google.com> Subject: [RFT PATCH v3 08/21] x86/sev: Share implementation of MSR-based page state change From: Ard Biesheuvel To: linux-kernel@vger.kernel.org Cc: linux-efi@vger.kernel.org, x86@kernel.org, Ard Biesheuvel , Borislav Petkov , Ingo Molnar , Dionna Amalie Glaze , Kevin Loughlin , Tom Lendacky From: Ard Biesheuvel Both the decompressor and the SEV startup code implement the exact same sequence for invoking the MSR based communication protocol to effectuate a page state change. Before tweaking the internal APIs used in both versions, merge them and share them so those tweaks are only needed in a single place. Signed-off-by: Ard Biesheuvel --- arch/x86/boot/compressed/sev.c | 28 ------------------- arch/x86/boot/startup/sev-shared.c | 28 +++++++++++++++++++ arch/x86/boot/startup/sev-startup.c | 29 +------------------- 3 files changed, 29 insertions(+), 56 deletions(-) diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c index bdedf4bd23ec..7a01eef9ae01 100644 --- a/arch/x86/boot/compressed/sev.c +++ b/arch/x86/boot/compressed/sev.c @@ -60,34 +60,6 @@ static bool sev_snp_enabled(void) return sev_status & MSR_AMD64_SEV_SNP_ENABLED; } -static void __page_state_change(unsigned long paddr, enum psc_op op) -{ - u64 val, msr; - - /* - * If private -> shared then invalidate the page before requesting the - * state change in the RMP table. - */ - if (op == SNP_PAGE_STATE_SHARED) - pvalidate_4k_page(paddr, paddr, false); - - /* Issue VMGEXIT to change the page state in RMP table. */ - sev_es_wr_ghcb_msr(GHCB_MSR_PSC_REQ_GFN(paddr >> PAGE_SHIFT, op)); - VMGEXIT(); - - /* Read the response of the VMGEXIT. */ - val = sev_es_rd_ghcb_msr(); - if ((GHCB_RESP_CODE(val) != GHCB_MSR_PSC_RESP) || GHCB_MSR_PSC_RESP_VAL(val)) - sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_PSC); - - /* - * Now that page state is changed in the RMP table, validate it so that it is - * consistent with the RMP entry. - */ - if (op == SNP_PAGE_STATE_PRIVATE) - pvalidate_4k_page(paddr, paddr, true); -} - void snp_set_page_private(unsigned long paddr) { u64 msr; diff --git a/arch/x86/boot/startup/sev-shared.c b/arch/x86/boot/startup/sev-shared.c index 9e0573aa29c1..dae770327b50 100644 --- a/arch/x86/boot/startup/sev-shared.c +++ b/arch/x86/boot/startup/sev-shared.c @@ -591,6 +591,34 @@ static void __head pvalidate_4k_page(unsigned long vaddr, unsigned long paddr, } } +static void __head __page_state_change(unsigned long paddr, enum psc_op op) +{ + u64 val; + + /* + * If private -> shared then invalidate the page before requesting the + * state change in the RMP table. + */ + if (op == SNP_PAGE_STATE_SHARED) + pvalidate_4k_page(paddr, paddr, false); + + /* Issue VMGEXIT to change the page state in RMP table. */ + sev_es_wr_ghcb_msr(GHCB_MSR_PSC_REQ_GFN(paddr >> PAGE_SHIFT, op)); + VMGEXIT(); + + /* Read the response of the VMGEXIT. */ + val = sev_es_rd_ghcb_msr(); + if ((GHCB_RESP_CODE(val) != GHCB_MSR_PSC_RESP) || GHCB_MSR_PSC_RESP_VAL(val)) + sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_PSC); + + /* + * Now that page state is changed in the RMP table, validate it so that it is + * consistent with the RMP entry. + */ + if (op == SNP_PAGE_STATE_PRIVATE) + pvalidate_4k_page(paddr, paddr, true); +} + /* * Maintain the GPA of the SVSM Calling Area (CA) in order to utilize the SVSM * services needed when not running in VMPL0. diff --git a/arch/x86/boot/startup/sev-startup.c b/arch/x86/boot/startup/sev-startup.c index 24e7082e1a50..28bf68753580 100644 --- a/arch/x86/boot/startup/sev-startup.c +++ b/arch/x86/boot/startup/sev-startup.c @@ -135,7 +135,6 @@ early_set_pages_state(unsigned long vaddr, unsigned long paddr, unsigned long npages, enum psc_op op) { unsigned long paddr_end; - u64 val; vaddr = vaddr & PAGE_MASK; @@ -143,37 +142,11 @@ early_set_pages_state(unsigned long vaddr, unsigned long paddr, paddr_end = paddr + (npages << PAGE_SHIFT); while (paddr < paddr_end) { - /* Page validation must be rescinded before changing to shared */ - if (op == SNP_PAGE_STATE_SHARED) - pvalidate_4k_page(vaddr, paddr, false); - - /* - * Use the MSR protocol because this function can be called before - * the GHCB is established. - */ - sev_es_wr_ghcb_msr(GHCB_MSR_PSC_REQ_GFN(paddr >> PAGE_SHIFT, op)); - VMGEXIT(); - - val = sev_es_rd_ghcb_msr(); - - if (GHCB_RESP_CODE(val) != GHCB_MSR_PSC_RESP) - goto e_term; - - if (GHCB_MSR_PSC_RESP_VAL(val)) - goto e_term; - - /* Page validation must be performed after changing to private */ - if (op == SNP_PAGE_STATE_PRIVATE) - pvalidate_4k_page(vaddr, paddr, true); + __page_state_change(paddr, op); vaddr += PAGE_SIZE; paddr += PAGE_SIZE; } - - return; - -e_term: - sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_PSC); } void __head early_snp_set_memory_private(unsigned long vaddr, unsigned long paddr, From patchwork Mon May 12 19:08:45 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 889504 Received: from mail-wm1-f74.google.com (mail-wm1-f74.google.com [209.85.128.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 67113299A82 for ; Mon, 12 May 2025 19:11:54 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747077116; cv=none; b=szN7PNwfi0CiCvhw9NaYsKGRtClTdSqkzOAEmN/OotDRZjY/yGy5iVYDBUaVpxpCopH2fitlCqytMjRqi8hfOr0F2kUsud4EGlxgMrGgHHAXKepsMMldsCkUpiVxQFazUU1qbuKISY1SzTqM0cxhkSvu2531JWTrkv90XYf5Ffo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747077116; c=relaxed/simple; bh=7K2L+GKfDJZEmOoWCjZzAUSDROLuN9vFgPOoHrZk8MI=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=tpxMXbbyuztwfyPYH4dLN/0meNaMmLh1xBT8+8T5ig+0hiFhDx3FGqC2fgzVwE2vY9nZ6Gt+K3YKkB5WjKitcrWMj+XsCUSwKrkIdC+e6piJRXwvs6OIfDSxfJm6Ct62EFiTgrVkfAbw0qtI7O1bcFKeKsJpf/w7hv85X7nUuuk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=H2ruq6+u; arc=none smtp.client-ip=209.85.128.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="H2ruq6+u" Received: by mail-wm1-f74.google.com with SMTP id 5b1f17b1804b1-44059976a1fso16009225e9.1 for ; Mon, 12 May 2025 12:11:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1747077113; x=1747681913; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=3XKokAspLOvkjts4pWwEpgnj480mrGaJGARvds1P8gU=; b=H2ruq6+ur9GO1EneyBzUiLVVvZt+fyW+tq4ytWW0WZAnY8WYNXKgG/QjnL4itgy95Q KR24Vv0VJfjTJ4y+4qfi5Gn1onLI5gnWv/DpbrAiwXg+J27lTFysnecU6DRa8flSHQEF iCCyNS6Va8FdOWGY0u++WcC73bPyJ3gnA7Im3VxMUaB32x4YA7KrNyvReoUcewfqiHN0 q/eU1Nb0bMnH12g1qmoXpPEdZaeZ+mgL6L6CYHE/HSdvPRImRaVtsNjJ30/5VSmMx6nm Dtecd0gYNLHWdR3AvZwT2ywKz9zhBgT1sg9BuMgadMDBVdWNR4OohGUlgu5lXcuxm8N6 zjzw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1747077113; x=1747681913; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=3XKokAspLOvkjts4pWwEpgnj480mrGaJGARvds1P8gU=; b=w1xtLqhjuhc1SJZWxuaszQ5B86rpQcBJrV1Pnws2R8Xwv2xA8pDcXDObOaCkvUe4pz +1IJ7ZOHO299ZXVOUt+fbCErJ5bn0fYKG7aSgRXQHkjQy6Pz7Ju8la0RvH6e/dYUPeNo u+caRr9aRCjrw/csjIH8REJI9VXeo/gNaE9l48L7jwUkadiMEiFZjtUSeIIMJzwt4ZYU RvCNrEPc0MXNxekghGTkWyLbBRF6qlDESNli8pr8Nub03wqhhm0IlkdPScQBzcNeVgry +sGnnJAhdLWdggMz1VI/HTUN3lx1qhC7prNCHjt3OtXYLIfxUb1WGqOA+E/U5fcjfFDR RiCw== X-Gm-Message-State: AOJu0YzFRr5H4f+Q+pIsExkrURufEozTe+2wq2l8N9YPHjDtknnM3KGU buJd/Py0qyylndmWRMxyqNGOse7haqA7RECHmarI1t/wJxqdmJiw540GRcNjrg1X9cWMJw== X-Google-Smtp-Source: AGHT+IFCBAwZKHnIc2xjqftOjJZwQmyTYMlu5P3aWusXhTyeYtY2YRoTyZ+awOa8ofAOsfGILXoGhK9q X-Received: from wmqb6.prod.google.com ([2002:a05:600c:4e06:b0:442:cd17:732c]) (user=ardb job=prod-delivery.src-stubby-dispatcher) by 2002:a05:600c:c12:b0:43c:f616:f08 with SMTP id 5b1f17b1804b1-442d6d3decbmr125763715e9.8.1747077113088; Mon, 12 May 2025 12:11:53 -0700 (PDT) Date: Mon, 12 May 2025 21:08:45 +0200 In-Reply-To: <20250512190834.332684-23-ardb+git@google.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250512190834.332684-23-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=5484; i=ardb@kernel.org; h=from:subject; bh=bVbymWKNm9wWjinbz/J23+LuQcjm/YhHZrH0j/hDw2w=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIUPJ3Z0zI1ElwedOVEPJR+c3x17um37Q6kvA+0c57C84P 8TJzl3fUcrCIMbBICumyCIw+++7nacnStU6z5KFmcPKBDKEgYtTACbCksDI8Cuq0nhSuXncrXUi y/52Lcl9J7UoxqJu5fUiB8fcFZ+uSTMyvPj53PGLiZ6uwrwvvC9S958q7Kt92b9//4PqCLkZZWd VGQE= X-Mailer: git-send-email 2.49.0.1045.g170613ef41-goog Message-ID: <20250512190834.332684-33-ardb+git@google.com> Subject: [RFT PATCH v3 10/21] x86/sev: Use boot SVSM CA for all startup and init code From: Ard Biesheuvel To: linux-kernel@vger.kernel.org Cc: linux-efi@vger.kernel.org, x86@kernel.org, Ard Biesheuvel , Borislav Petkov , Ingo Molnar , Dionna Amalie Glaze , Kevin Loughlin , Tom Lendacky From: Ard Biesheuvel To avoid having to reason about whether or not to use the per-CPU SVSM calling area when running startup and init code on the boot CPU, reuse the boot SVSM calling area as the per-CPU area for CPU #0. This removes the need to make the per-CPU variables and associated state in sev_cfg accessible to the startup code once confined. Signed-off-by: Ard Biesheuvel --- arch/x86/boot/compressed/sev.c | 13 ------ arch/x86/boot/startup/sev-startup.c | 7 +-- arch/x86/coco/sev/core.c | 47 +++++++++----------- arch/x86/include/asm/sev-internal.h | 16 ------- 4 files changed, 24 insertions(+), 59 deletions(-) diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c index 04bc39d065ff..fc0119bdc878 100644 --- a/arch/x86/boot/compressed/sev.c +++ b/arch/x86/boot/compressed/sev.c @@ -37,19 +37,6 @@ struct ghcb *boot_ghcb; #define __BOOT_COMPRESSED -extern u64 boot_svsm_caa_pa; - -struct svsm_ca *svsm_get_caa(void) -{ - /* The decompressor is mapped 1:1 so VA == PA */ - return (struct svsm_ca *)boot_svsm_caa_pa; -} - -u64 svsm_get_caa_pa(void) -{ - return boot_svsm_caa_pa; -} - u8 snp_vmpl; /* Include code for early handlers */ diff --git a/arch/x86/boot/startup/sev-startup.c b/arch/x86/boot/startup/sev-startup.c index 7a3ad17d06f6..2e946dab036c 100644 --- a/arch/x86/boot/startup/sev-startup.c +++ b/arch/x86/boot/startup/sev-startup.c @@ -50,9 +50,6 @@ u64 sev_secrets_pa __ro_after_init; /* For early boot SVSM communication */ struct svsm_ca boot_svsm_ca_page __aligned(PAGE_SIZE); -DEFINE_PER_CPU(struct svsm_ca *, svsm_caa); -DEFINE_PER_CPU(u64, svsm_caa_pa); - /* * Nothing shall interrupt this code path while holding the per-CPU * GHCB. The backup GHCB is only for NMIs interrupting this path. @@ -167,7 +164,7 @@ void __head early_snp_set_memory_private(unsigned long vaddr, unsigned long padd * table. */ early_set_pages_state(vaddr, paddr, npages, SNP_PAGE_STATE_PRIVATE, - svsm_get_caa(), svsm_get_caa_pa()); + rip_rel_ptr(&boot_svsm_ca_page), boot_svsm_caa_pa); } void __head early_snp_set_memory_shared(unsigned long vaddr, unsigned long paddr, @@ -184,7 +181,7 @@ void __head early_snp_set_memory_shared(unsigned long vaddr, unsigned long paddr /* Ask hypervisor to mark the memory pages shared in the RMP table. */ early_set_pages_state(vaddr, paddr, npages, SNP_PAGE_STATE_SHARED, - svsm_get_caa(), svsm_get_caa_pa()); + rip_rel_ptr(&boot_svsm_ca_page), boot_svsm_caa_pa); } /* diff --git a/arch/x86/coco/sev/core.c b/arch/x86/coco/sev/core.c index 39bbbea09c24..fa7fdd11a45b 100644 --- a/arch/x86/coco/sev/core.c +++ b/arch/x86/coco/sev/core.c @@ -45,6 +45,25 @@ #include #include +DEFINE_PER_CPU(struct svsm_ca *, svsm_caa); +DEFINE_PER_CPU(u64, svsm_caa_pa); + +static inline struct svsm_ca *svsm_get_caa(void) +{ + if (sev_cfg.use_cas) + return this_cpu_read(svsm_caa); + else + return rip_rel_ptr(&boot_svsm_ca_page); +} + +static inline u64 svsm_get_caa_pa(void) +{ + if (sev_cfg.use_cas) + return this_cpu_read(svsm_caa_pa); + else + return boot_svsm_caa_pa; +} + /* AP INIT values as documented in the APM2 section "Processor Initialization State" */ #define AP_INIT_CS_LIMIT 0xffff #define AP_INIT_DS_LIMIT 0xffff @@ -1207,7 +1226,8 @@ static void __init alloc_runtime_data(int cpu) struct svsm_ca *caa; /* Allocate the SVSM CA page if an SVSM is present */ - caa = memblock_alloc_or_panic(sizeof(*caa), PAGE_SIZE); + caa = cpu ? memblock_alloc_or_panic(sizeof(*caa), PAGE_SIZE) + : &boot_svsm_ca_page; per_cpu(svsm_caa, cpu) = caa; per_cpu(svsm_caa_pa, cpu) = __pa(caa); @@ -1261,32 +1281,9 @@ void __init sev_es_init_vc_handling(void) init_ghcb(cpu); } - /* If running under an SVSM, switch to the per-cpu CA */ - if (snp_vmpl) { - struct svsm_call call = {}; - unsigned long flags; - int ret; - - local_irq_save(flags); - - /* - * SVSM_CORE_REMAP_CA call: - * RAX = 0 (Protocol=0, CallID=0) - * RCX = New CA GPA - */ - call.caa = svsm_get_caa(); - call.rax = SVSM_CORE_CALL(SVSM_CORE_REMAP_CA); - call.rcx = this_cpu_read(svsm_caa_pa); - ret = svsm_perform_call_protocol(&call); - if (ret) - panic("Can't remap the SVSM CA, ret=%d, rax_out=0x%llx\n", - ret, call.rax_out); - + if (snp_vmpl) sev_cfg.use_cas = true; - local_irq_restore(flags); - } - sev_es_setup_play_dead(); /* Secondary CPUs use the runtime #VC handler */ diff --git a/arch/x86/include/asm/sev-internal.h b/arch/x86/include/asm/sev-internal.h index 08e2cfdef512..3690994275dd 100644 --- a/arch/x86/include/asm/sev-internal.h +++ b/arch/x86/include/asm/sev-internal.h @@ -63,22 +63,6 @@ DECLARE_PER_CPU(u64, svsm_caa_pa); extern u64 boot_svsm_caa_pa; -static __always_inline struct svsm_ca *svsm_get_caa(void) -{ - if (sev_cfg.use_cas) - return this_cpu_read(svsm_caa); - else - return rip_rel_ptr(&boot_svsm_ca_page); -} - -static __always_inline u64 svsm_get_caa_pa(void) -{ - if (sev_cfg.use_cas) - return this_cpu_read(svsm_caa_pa); - else - return boot_svsm_caa_pa; -} - enum es_result verify_exception_info(struct ghcb *ghcb, struct es_em_ctxt *ctxt); void vc_forward_exception(struct es_em_ctxt *ctxt); From patchwork Mon May 12 19:08:47 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 889503 Received: from mail-wm1-f73.google.com (mail-wm1-f73.google.com [209.85.128.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A8C94299AB6 for ; Mon, 12 May 2025 19:11:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747077120; cv=none; b=hsgpEv9/SSEAB0Lg4hcIM0r02ee0cKyXP6merBdf4fETE2eQMM3f5nFrRVzm0XymmNHjY1N9xzgKLo8vYy7zieFe2T1s77i1xMskF6QUjYkpqWQSpFNKNXaTMC7wqSIWD7NPrWrf+yuhvjKGeINVzPrx6i4J/WJ1cwolJnhgG9A= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747077120; c=relaxed/simple; bh=Ae2bTUsPVgTkgeeoTxnjjgufOuYstQjBzDP0Q98XS34=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=hDxZVCQuYNij/QayI1qJPYu3F/ZqEsu0bxM1qeEDRarb1W0TCLc1zCKnRQ/NpraQTgH4U5BI5tMO8qq45Gftp1PmGx+8q2b7tzTuuiKgxcvFlr5xG2U0I2cKOc7+5SHht8MiyKBqWijc833pnZvU5reL7iN2oI/h9oZe9wwSrMo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=GzDMK/Dk; arc=none smtp.client-ip=209.85.128.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="GzDMK/Dk" Received: by mail-wm1-f73.google.com with SMTP id 5b1f17b1804b1-442d472cf7fso27654105e9.3 for ; Mon, 12 May 2025 12:11:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1747077117; x=1747681917; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=h2cjVQZuIH0EwsabYOpjvP/rbkK0LuiNi8s+Yy7b5os=; b=GzDMK/Dk5oJckkrLT8lfE79KGvcY8A74bD335syAYPAtlExvw2sPf/PercefDn/AzX 4VGKrnnYcvvejeHHd1DjIZIenLp3s2g+8AmhwHNOewXsw3NVO/3Ncq1WCvKsVSJ/K7qR 7hc90tbA+upbO0VzloVo7MTu42Mu/2yPo7QDWA3Tzt1tP7aYalcjGqSY9Rk4PdnhhIWx 3pwGC30skiORB8L5MWnw4cX2K1NZZq9sCafDJf+VD+aE8gcb9UdDyUImD6ufTgnS34jm XuG4Ll5t753wYWqpuIFHv2814bvOy4O6fc8kaoAQIN/sXbN4MbryktW7rXxYsgCF8qnM xrhg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1747077117; x=1747681917; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=h2cjVQZuIH0EwsabYOpjvP/rbkK0LuiNi8s+Yy7b5os=; b=j9mtILeBUId/Fhip0h4iEfXHzTjQKGybXDtncjq/hemZLQ5scdDLrJrt9Da8fEY+PP uPpPEOloG0zLfOxbQYMDveC0lHsCSnCP2M0k9seXVRKJdWjSNBB4gQVpe+nSnrVVXi62 xxJg2yvh20DPEUPpxNinus/C4C6ROj5TLrBq6uJYMAJcx7G6F5Kr5mtDxMYEBNEyeWkD 7DaPS4i4Exg2xNzDt9wb1G9mxk+4DjSLN692zGsyc/2gDOkyze2JIDnGvGUahNYVFD6l oVeVw50XnO9fILsteHC34wKTf2tVGbDlceCtyeWknsV/q1O+vKtl+x0QgAblC2Iga3vh IZ4Q== X-Gm-Message-State: AOJu0Yzg8LZUqYNnpQ3O/FMu0T8f43pUJzD/jOCaMjzrTjXAsWQIE6Wh mTOAW7Y6CWI7yxoX88gLlS3I013IlAKPtnijUe9WlPDcZRNHdllprWlqPlDua9msuGH/nA== X-Google-Smtp-Source: AGHT+IFO2Juxgf0Vy95m5fzCvEWVqisVFwZ/ZeZtIx+d2i9YuGp6LSEDOFfWg83ZlqJL44eeGcS09Pr4 X-Received: from wmbji6.prod.google.com ([2002:a05:600c:a346:b0:43c:fe99:2bc5]) (user=ardb job=prod-delivery.src-stubby-dispatcher) by 2002:a05:600c:4f52:b0:43d:40b0:5b with SMTP id 5b1f17b1804b1-442d6dda0bfmr89095805e9.25.1747077117045; Mon, 12 May 2025 12:11:57 -0700 (PDT) Date: Mon, 12 May 2025 21:08:47 +0200 In-Reply-To: <20250512190834.332684-23-ardb+git@google.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250512190834.332684-23-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=6173; i=ardb@kernel.org; h=from:subject; bh=puw+vd+gW6u69/qXNHG7sPOaV2+GnhFrDkUQFAxL0rY=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIUPJ3Vvdfc/9ortWk10F7u+1U/8YnGQzacdPdalvXx+03 pftUeLpKGVhEONgkBVTZBGY/ffdztMTpWqdZ8nCzGFlAhnCwMUpABPZ28XwT/nRlncfbLpvz/yx fsk7nVTvpMc7GnZbO/4JU6gLK1lRxMzwV0BXf9Num0W9wdofC/VXnGNmuVTAdeHctO17Zzp+22P hwQ0A X-Mailer: git-send-email 2.49.0.1045.g170613ef41-goog Message-ID: <20250512190834.332684-35-ardb+git@google.com> Subject: [RFT PATCH v3 12/21] x86/sev: Unify SEV-SNP hypervisor feature check From: Ard Biesheuvel To: linux-kernel@vger.kernel.org Cc: linux-efi@vger.kernel.org, x86@kernel.org, Ard Biesheuvel , Borislav Petkov , Ingo Molnar , Dionna Amalie Glaze , Kevin Loughlin , Tom Lendacky From: Ard Biesheuvel The decompressor and the core kernel both check the hypervisor feature mask exposed by the hypervisor, but test it in slightly different ways. This disparity seems unintentional, and simply a result of the fact that the decompressor and the core kernel evolve differently over time when it comes to setting up the SEV-SNP execution context. So move the HV feature check into a helper function and call that instead. For the core kernel, move the check to an earlier boot stage, right after the point where it is established that the guest is executing in SEV-SNP mode. Signed-off-by: Ard Biesheuvel --- arch/x86/boot/compressed/sev.c | 19 +---------- arch/x86/boot/startup/sev-shared.c | 33 +++++++++++++++----- arch/x86/boot/startup/sme.c | 2 ++ arch/x86/coco/sev/core.c | 11 ------- arch/x86/include/asm/sev-internal.h | 2 +- arch/x86/include/asm/sev.h | 2 ++ 6 files changed, 32 insertions(+), 37 deletions(-) diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c index 68fc3d179bbe..4b7a99b2f822 100644 --- a/arch/x86/boot/compressed/sev.c +++ b/arch/x86/boot/compressed/sev.c @@ -397,24 +397,7 @@ void sev_enable(struct boot_params *bp) sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SEV_ES_PROT_UNSUPPORTED); } - /* - * SNP is supported in v2 of the GHCB spec which mandates support for HV - * features. - */ - if (sev_status & MSR_AMD64_SEV_SNP_ENABLED) { - u64 hv_features; - - hv_features = get_hv_features(); - if (!(hv_features & GHCB_HV_FT_SNP)) - sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SNP_UNSUPPORTED); - - /* - * Running at VMPL0 is required unless an SVSM is present and - * the hypervisor supports the required SVSM GHCB events. - */ - if (snp_vmpl > 0 && !(hv_features & GHCB_HV_FT_SNP_MULTI_VMPL)) - sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_NOT_VMPL0); - } + snp_check_hv_features(); if (snp && !(sev_status & MSR_AMD64_SEV_SNP_ENABLED)) error("SEV-SNP supported indicated by CC blob, but not SEV status MSR."); diff --git a/arch/x86/boot/startup/sev-shared.c b/arch/x86/boot/startup/sev-shared.c index 70ad9a0aa023..560985ef8df6 100644 --- a/arch/x86/boot/startup/sev-shared.c +++ b/arch/x86/boot/startup/sev-shared.c @@ -66,16 +66,10 @@ sev_es_terminate(unsigned int set, unsigned int reason) asm volatile("hlt\n" : : : "memory"); } -/* - * The hypervisor features are available from GHCB version 2 onward. - */ -u64 get_hv_features(void) +static u64 __head get_hv_features(void) { u64 val; - if (ghcb_version < 2) - return 0; - sev_es_wr_ghcb_msr(GHCB_MSR_HV_FT_REQ); VMGEXIT(); @@ -86,6 +80,31 @@ u64 get_hv_features(void) return GHCB_MSR_HV_FT_RESP_VAL(val); } +u64 __head snp_check_hv_features(void) +{ + /* + * SNP is supported in v2 of the GHCB spec which mandates support for HV + * features. + */ + if (sev_status & MSR_AMD64_SEV_SNP_ENABLED) { + u64 hv_features; + + hv_features = get_hv_features(); + if (!(hv_features & GHCB_HV_FT_SNP)) + sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SNP_UNSUPPORTED); + + /* + * Running at VMPL0 is required unless an SVSM is present and + * the hypervisor supports the required SVSM GHCB events. + */ + if (snp_vmpl > 0 && !(hv_features & GHCB_HV_FT_SNP_MULTI_VMPL)) + sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_NOT_VMPL0); + + return hv_features; + } + return 0; +} + int svsm_perform_msr_protocol(struct svsm_call *call) { u8 pending = 0; diff --git a/arch/x86/boot/startup/sme.c b/arch/x86/boot/startup/sme.c index 753cd2094080..0ae04e333f51 100644 --- a/arch/x86/boot/startup/sme.c +++ b/arch/x86/boot/startup/sme.c @@ -533,6 +533,8 @@ void __head sme_enable(struct boot_params *bp) if (snp_en ^ !!(msr & MSR_AMD64_SEV_SNP_ENABLED)) snp_abort(); + sev_hv_features = snp_check_hv_features(); + /* Check if memory encryption is enabled */ if (feature_mask == AMD_SME_BIT) { if (!(bp->hdr.xloadflags & XLF_MEM_ENCRYPTION)) diff --git a/arch/x86/coco/sev/core.c b/arch/x86/coco/sev/core.c index fa7fdd11a45b..fc4f6f188d42 100644 --- a/arch/x86/coco/sev/core.c +++ b/arch/x86/coco/sev/core.c @@ -1264,17 +1264,6 @@ void __init sev_es_init_vc_handling(void) if (!sev_es_check_cpu_features()) panic("SEV-ES CPU Features missing"); - /* - * SNP is supported in v2 of the GHCB spec which mandates support for HV - * features. - */ - if (cc_platform_has(CC_ATTR_GUEST_SEV_SNP)) { - sev_hv_features = get_hv_features(); - - if (!(sev_hv_features & GHCB_HV_FT_SNP)) - sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SNP_UNSUPPORTED); - } - /* Initialize per-cpu GHCB pages */ for_each_possible_cpu(cpu) { alloc_runtime_data(cpu); diff --git a/arch/x86/include/asm/sev-internal.h b/arch/x86/include/asm/sev-internal.h index 3690994275dd..7ad8faf5e88b 100644 --- a/arch/x86/include/asm/sev-internal.h +++ b/arch/x86/include/asm/sev-internal.h @@ -81,6 +81,6 @@ static __always_inline void sev_es_wr_ghcb_msr(u64 val) native_wrmsr(MSR_AMD64_SEV_ES_GHCB, low, high); } -u64 get_hv_features(void); +void check_hv_features(void); const struct snp_cpuid_table *snp_cpuid_get_table(void); diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index ae2502253bd3..17b03a1f5694 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -418,6 +418,7 @@ struct svsm_call { #ifdef CONFIG_AMD_MEM_ENCRYPT extern u8 snp_vmpl; +extern u64 sev_hv_features; extern void __sev_es_ist_enter(struct pt_regs *regs); extern void __sev_es_ist_exit(void); @@ -495,6 +496,7 @@ void snp_set_memory_private(unsigned long vaddr, unsigned long npages); void snp_set_wakeup_secondary_cpu(void); bool snp_init(struct boot_params *bp); void __noreturn snp_abort(void); +u64 snp_check_hv_features(void); void snp_dmi_setup(void); int snp_issue_svsm_attest_req(u64 call_id, struct svsm_call *call, struct svsm_attest_call *input); void snp_accept_memory(phys_addr_t start, phys_addr_t end); From patchwork Mon May 12 19:08:49 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 889502 Received: from mail-wm1-f73.google.com (mail-wm1-f73.google.com [209.85.128.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E8B7229A330 for ; Mon, 12 May 2025 19:12:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747077124; cv=none; b=bjNYcYfTxbl18+4qsU9ArltkNm3DBoDQjRUSjSx2XGQJup8oHMsjXGee7fRQnpzC7JcIFSwY+m+Rvd1/srr+dCvHrwYzpoXalYCFJmKrrdmzIKgFoktapjVZRBtfhpUle2YOjdwhR9+KBjF/OAIbA34dZ7bMyE6i1gvpSjlxDGg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747077124; c=relaxed/simple; bh=1Hjpnh9dda2ORviudkcMn1du7RIYbpCSvA6mjNRuDvw=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=RFXwysXaMIzVONq2qh5GNN5CFAXbY98gMkia/WQbnhy0M0RUEe3cVn93FXqqti5jKQhjlkVNpOqrdEnZpvp4+eBLDWH6BLRxiHk8NT6H3ZoFmjmGNesxl25PrKzRV2YEw7yxmHo/lHaybBp37O4s4GkzKSiDB9AvRZNE61dAd8A= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=0JfW20Y2; arc=none smtp.client-ip=209.85.128.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="0JfW20Y2" Received: by mail-wm1-f73.google.com with SMTP id 5b1f17b1804b1-43cf3168b87so20618265e9.2 for ; Mon, 12 May 2025 12:12:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1747077121; x=1747681921; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=bY9IzSlLGQPC+pLUaE7gEvrg/6v4J3wqpLjIKooAt2g=; b=0JfW20Y2nlUWjvNVB+qh1BnvYYQI6vAzArQg2A01V++o0nrZrhHs8HA8QCvtX/PPgR VnTLdNVTaytiLQlFPt6BDshIxxxL8uVEhiuQJt7yh2oeHCDxMhH4DdrBgIa4XZV5flHf s7D3WI5Zi21KWfwfAN2BLU6t1/dXNLdvOrQXZPu6aai+dOelg+05ru3I+Da8NiTkGTka VuOzGwvjM/ewYU9l6peD7LZmUQvM1/extqbI6bPmpjPMdIi0TObF3ihgFSas57OlheS9 oncuQQbrx29k2yYjkd1tPmLDmapy18VxucNZYSekIirGdCCOa0sXbQTGmQA1kd7cfTGi EN0A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1747077121; x=1747681921; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=bY9IzSlLGQPC+pLUaE7gEvrg/6v4J3wqpLjIKooAt2g=; b=HKJPXzla1RyIYILb/DyLHyA5lzx9kjbCGuHww15btsD4ZDtS3C1Km1ydGG1SiurpCG iH8DdcW7zowUxPtukVv5JlkExrfS68YYe18B9+0NFXoq74jiNq/TkrFy2wk34Y7MRSRe xYAfE/kym6UJRGGvf5UqtTETPYO51m6p3JAsa1whGbjw/X9QA7Y2JadYnNn+3xt64WBw 977CRKBqjl4Rndv3m3tu2C7zgx0Zs8qUJk2sf/Uim/qHYNinHVBf6EmZkzmmQCUlp+FJ w3edy2NKE03zqrZqXNPPaOcdYkM7wZoU/ldWgasAW6uh12BjnsHfY0rQBqAhgv2elMcz IUjw== X-Gm-Message-State: AOJu0YxbfkWnJDYRV2zNxnj6BKveNI8rBvFpdMJogxRzptWXrDIgpRHr FhdZ9OqPXBL++74zZReejNYrkPcgeafbyQQJ5UJje52VVGRp5ZxuSi0ASj5W2sGjimbUWA== X-Google-Smtp-Source: AGHT+IG6r7Gg70bdS7tcnW+62zSzZoWqv+6NsK7xaxabAud3Z8dqLNSZsfNkRAZ44imeWrkOrJ7kMKGs X-Received: from wmbej7.prod.google.com ([2002:a05:600c:3e87:b0:43d:1873:dbaf]) (user=ardb job=prod-delivery.src-stubby-dispatcher) by 2002:a05:600c:450a:b0:441:d437:ed19 with SMTP id 5b1f17b1804b1-442d6d448afmr102359415e9.11.1747077121291; Mon, 12 May 2025 12:12:01 -0700 (PDT) Date: Mon, 12 May 2025 21:08:49 +0200 In-Reply-To: <20250512190834.332684-23-ardb+git@google.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250512190834.332684-23-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=1036; i=ardb@kernel.org; h=from:subject; bh=Dg3l458uD80s7OT/oBv3zq8dwv/NJq7U/qhuTc4s+G0=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIUPJ3V+2sWte77OvKbdeR09ZJzFxtt2D7waXneIrVtyOf L5G+RNvRykLgxgHg6yYIovA7L/vdp6eKFXrPEsWZg4rE8gQBi5OAZjIXyWG/7W3S2ctnjy94q7+ kv+v7ly8ZbBuib1KP8Mht+4reROUBDIY/heJhQnbyH2Q45iyMf7tz7V3bFsW6efZid77nD25YMe aA9wA X-Mailer: git-send-email 2.49.0.1045.g170613ef41-goog Message-ID: <20250512190834.332684-37-ardb+git@google.com> Subject: [RFT PATCH v3 14/21] x86/boot: Provide PIC aliases for 5-level paging related constants From: Ard Biesheuvel To: linux-kernel@vger.kernel.org Cc: linux-efi@vger.kernel.org, x86@kernel.org, Ard Biesheuvel , Borislav Petkov , Ingo Molnar , Dionna Amalie Glaze , Kevin Loughlin , Tom Lendacky From: Ard Biesheuvel For the time being, provide PIC aliases for the global variables related to 5-level paging. Some or all of these are in the process of being removed, but currently, they are still assigned by the startup code. Signed-off-by: Ard Biesheuvel --- arch/x86/kernel/head64.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/x86/kernel/head64.c b/arch/x86/kernel/head64.c index 510fb41f55fc..8c69cea84297 100644 --- a/arch/x86/kernel/head64.c +++ b/arch/x86/kernel/head64.c @@ -53,10 +53,13 @@ pmdval_t early_pmd_flags = __PAGE_KERNEL_LARGE & ~(_PAGE_GLOBAL | _PAGE_NX); #ifdef CONFIG_X86_5LEVEL unsigned int __pgtable_l5_enabled __ro_after_init; +SYM_PIC_ALIAS(__pgtable_l5_enabled); unsigned int pgdir_shift __ro_after_init = 39; EXPORT_SYMBOL(pgdir_shift); +SYM_PIC_ALIAS(pgdir_shift); unsigned int ptrs_per_p4d __ro_after_init = 1; EXPORT_SYMBOL(ptrs_per_p4d); +SYM_PIC_ALIAS(ptrs_per_p4d); #endif #ifdef CONFIG_DYNAMIC_MEMORY_LAYOUT From patchwork Mon May 12 19:08:51 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 889501 Received: from mail-wm1-f73.google.com (mail-wm1-f73.google.com [209.85.128.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E757229A9D4 for ; Mon, 12 May 2025 19:12:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747077128; cv=none; b=hZ1hU/DyF/LTf4wScGBPiz2yj4uNdkIqOrKMZl94/zyeObVX76SnY0+oAnEcV1bjStsTOzHV4ciYTaG3a2m4BsDt4sWng2hjjF4cf8XgVT3vMWaZjQ86AsQ6/AosSehYlmE9cb4yeDhsWZNDkyVDVF34+Sv7d0dghPvEQq33zjk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747077128; c=relaxed/simple; bh=hrj/f2XMqgf3lgxecBq7szb9aSl6GvUlDkjfdpj7J4Y=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=AxK8pyp+l8TZaEuIkK49oNL9yoLxJc7YfKABfTjlSvWq921UV60L0i7LcaD6RCGQ0WSAzMMhZLaIYFhnMoKFIC+daFhrM2tk6sHPnAE4sSnDaVbHNQ2cIKNT7ySKRGCyCYXGj188w/wMmhhicNqeDuGzwgZk09HrMR9dUi7FRrA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=tTkUha0l; arc=none smtp.client-ip=209.85.128.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="tTkUha0l" Received: by mail-wm1-f73.google.com with SMTP id 5b1f17b1804b1-43d5ca7c86aso22717715e9.0 for ; Mon, 12 May 2025 12:12:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1747077125; x=1747681925; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=0kBEvFCRHzj3sxKuZiVFkKW45Vr6NzjhFUp7ez1esUg=; b=tTkUha0lqn6tHUEpHG3mD4Ozl+BACe0+agvYfY2PgVka0IX2HqB2ukeZjIi1+KDCqr iU7dUStR7ISUpuZlUj8JWfrvph3xCiFXCR0Fynd2YmW+cnaLKHm65AdWeqncqhOB4Tss 0grQ9xWH5/S+2OcfhIGXfjCaYHBjCprHB5kT9v+fGEkYorG88flVPZImywJwnbUR+CUk 2GwLcQs4kKm34Vv7/E1OhbhRd6PBvKqcbWdWBZQAmaGvtvQILFRXlBHgc1AiLQOZhgm3 7yu7c41oZDf7utqVY8bjtiXFjW2Fs6uBJ3L3lSKOCWxYTg5Wwk3rwsYcTJ8tqjvTAz2X +l6A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1747077125; x=1747681925; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=0kBEvFCRHzj3sxKuZiVFkKW45Vr6NzjhFUp7ez1esUg=; b=UIx5y5UpT3EI0B794t785dj42lV6GwP2jtfhS3WlfBUOf9aGR3VH/TBfIj3nYaR8GX nRgHpk0+PUDEpOb6AQyNA8IbCpyqjoZLzi3HByERDZmx2mMCoWZDWzpBK3FaKwF6GCDS 2aUOu/iUcrBvGrZu7C5SVueb7Jvbj4ycdtFjHyLnIL4ZXMxAXfEQI7K+BSLJsIRjUOL9 xck7ud4/6lXOX7ibzMJE0Gj5semo9pW//KqyWAb7CkYWlASQTYyiNUvV2XzbHAO9wuYu dWuhYag/FqbaIQoMaV0gsKdGxmWe2OPCc6ysnyqU8m3L7ydCniomEhu559vX3rUVd3cI NQug== X-Gm-Message-State: AOJu0YzK1k6kSIoZtrSSlKeWuT3Vdv+8DnDurHIRxQ/mDGsbucKHL3Zg lHx5/4kv7/z5OlgECiwo5LPAIJcv9kirm02dSGurOTVGyQUrHUGuhkQvQFcxl2Bthf/WAQ== X-Google-Smtp-Source: AGHT+IGX7wvkk5NB2UW0lU9LegdtqDep2bQwFWNh4CLHj1aKbk3SjdRqu090wwZ8j+WpgYLve8lzEnGa X-Received: from wmcq3.prod.google.com ([2002:a05:600c:c103:b0:442:dc75:51ef]) (user=ardb job=prod-delivery.src-stubby-dispatcher) by 2002:a05:600c:3e8c:b0:43d:fa58:81d3 with SMTP id 5b1f17b1804b1-442d6ddf4d7mr102964655e9.32.1747077125389; Mon, 12 May 2025 12:12:05 -0700 (PDT) Date: Mon, 12 May 2025 21:08:51 +0200 In-Reply-To: <20250512190834.332684-23-ardb+git@google.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250512190834.332684-23-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=1571; i=ardb@kernel.org; h=from:subject; bh=I2NxwJteYinEfH5nIuZqIb0VkWxRZ1JZLhC2mtLZwrQ=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIUPJPejwKuGY4q9ZLlH/Dzk8uSwdk+L95sAdC6v/05i9d t8RUWLqKGVhEONgkBVTZBGY/ffdztMTpWqdZ8nCzGFlAhnCwMUpABPRmM/IcHlr27Zld1dpncw4 ObndwF2l/NwqW+36zE0qVflZcxZ6BjEyfM/4FXst5MFMzQzWql+Rj1+uTbBYG6+RtfJvm4oZ03V tPgA= X-Mailer: git-send-email 2.49.0.1045.g170613ef41-goog Message-ID: <20250512190834.332684-39-ardb+git@google.com> Subject: [RFT PATCH v3 16/21] x86/sev: Export startup routines for later use From: Ard Biesheuvel To: linux-kernel@vger.kernel.org Cc: linux-efi@vger.kernel.org, x86@kernel.org, Ard Biesheuvel , Borislav Petkov , Ingo Molnar , Dionna Amalie Glaze , Kevin Loughlin , Tom Lendacky From: Ard Biesheuvel Create aliases that expose routines that are part of the startup code to other code in the core kernel, so that they can be called later as well. Signed-off-by: Ard Biesheuvel --- arch/x86/boot/startup/exports.h | 12 ++++++++++++ arch/x86/kernel/vmlinux.lds.S | 2 ++ 2 files changed, 14 insertions(+) diff --git a/arch/x86/boot/startup/exports.h b/arch/x86/boot/startup/exports.h new file mode 100644 index 000000000000..00ea376fde33 --- /dev/null +++ b/arch/x86/boot/startup/exports.h @@ -0,0 +1,12 @@ + +/* + * The symbols below are functions that are implemented by the startup code, + * but called at runtime by the SEV code residing in the core kernel. + */ +PROVIDE(early_set_pages_state = __pi_early_set_pages_state); +PROVIDE(early_snp_set_memory_private = __pi_early_snp_set_memory_private); +PROVIDE(early_snp_set_memory_shared = __pi_early_snp_set_memory_shared); +PROVIDE(get_hv_features = __pi_get_hv_features); +PROVIDE(sev_es_terminate = __pi_sev_es_terminate); +PROVIDE(snp_cpuid = __pi_snp_cpuid); +PROVIDE(snp_cpuid_get_table = __pi_snp_cpuid_get_table); diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S index 9340c74b680d..4aaa1693b262 100644 --- a/arch/x86/kernel/vmlinux.lds.S +++ b/arch/x86/kernel/vmlinux.lds.S @@ -517,3 +517,5 @@ xen_elfnote_entry_value = xen_elfnote_phys32_entry_value = ABSOLUTE(xen_elfnote_phys32_entry) + ABSOLUTE(pvh_start_xen - LOAD_OFFSET); #endif + +#include "../boot/startup/exports.h" From patchwork Mon May 12 19:08:53 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 889500 Received: from mail-wm1-f73.google.com (mail-wm1-f73.google.com [209.85.128.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BC55D29A9F5 for ; Mon, 12 May 2025 19:12:10 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747077133; cv=none; b=V5PSgZQBBGe20fu7/Dt1mUctQjyF9w5xChkHbJ9h+6JVlI79Xi154AcgALWB1YDs/f5dyjiJBXlkxfjKvaSpG7wUVnSQQtGG1fz2f1M7A4Vzsl7tmSBpafcE6r94vQ6X50Vam6+LeNTIa4APPSyJouRmXhNyNxa/vFKsaPvl4m8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747077133; c=relaxed/simple; bh=rU+TwznRcBHCFH7MnBGVSjyi/z5s/y0C2yw1ovXBaDs=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=dO+LoCgzFeF2Xl2e2geRcb1Q3+7UuGI4q9YC7DlhCjd/97m4sWwt4xU6VWgX0JMHzeg9+26oFTbxSG1dfDvja/7SJmLEJsiXU2bGOtX1a3bhHizOmr4nkYzozb/iQbNNGupWy0nQsdeAlrcnFsyo1JzW4FhizhD+13SwRKJfBcw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=Ckfmh2Ks; arc=none smtp.client-ip=209.85.128.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="Ckfmh2Ks" Received: by mail-wm1-f73.google.com with SMTP id 5b1f17b1804b1-43d209dc2d3so23320995e9.3 for ; Mon, 12 May 2025 12:12:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1747077129; x=1747681929; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=N552s59xbOEiXCvjnWnzGWY8FKK5cMDeJsBikBFtM2M=; b=Ckfmh2KszkR7YaXxmzUrcUebKWyMWGRiPekVOyWTLhrXf/vRvA7XS2NP5LoJkRcz7H ROnFmlNTjbMhi25ELD7evsABN/FyNSgND6UOivy8cNH2+IZUbJKuZZK4TKvKj1XNOBot lEvHDjabIPGf+85h2k8bgMu0OUHOcYC02iOLUmH/QZhrAn9owgal5S/MrG9mimeyoVg8 e+jKyivbRVpC59csmxL+IVM36lUTm23+UHoIKYPmeTWGPUR43x3TUePZe9mYhUqYBYQf blhcudiePZnywtN7F2Lb0MB9oCCTBlxCXb98wZP9qzI7v96wWZzDc9vrZLRT4+++UkUY PucQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1747077129; x=1747681929; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=N552s59xbOEiXCvjnWnzGWY8FKK5cMDeJsBikBFtM2M=; b=IspqF4N+9GTZZL0N8PaUBHU0QJIHrNjbWmNulyiNynU55V/qETrOZ+YyO4/7CBS9re LQdEotiNjMroXN61Ryo0tXGFpvtfH61Q0atHVKfX+8dFgir4y2QlWlNyBcyVSZIyTVNL OnI6cEDNSHnlBxsxtrPkt6Te114+JHYGtY5MxfgkAleB2iXnfYVPcn7ZcO6E7AJESzrL iO2LqlGTOi/VZTJK9Xmsn+kT4icDJQVJ8aweZcYXmEnY//1l9gh/IHjTftWMqKxfyJmD EyVazxE9hS5niuNJ1+XPFNBQfvdSm3FrxgMpnkZuCcHH0zWRrOepGKMvdVA2WsZ/0PGs +qkQ== X-Gm-Message-State: AOJu0YyAvsR2OJtqAYAEfWS74d/3MKtvzTbNSGhmc1231lbxzkTkDqVr frqOHnLRKSFcyiBMj0i2F5Fu4MFlTTnP+hwyn3CBOvpqmAUkhADnd1S0n9cIZ4m4O40+XQ== X-Google-Smtp-Source: AGHT+IHEVwDsw+AG/riQpdoS4Z2xMV7NSgAPA0IX/hG2WFjkzlI5Pj0OqVBNaZQXFdbBqsgE1IAV1hoo X-Received: from wmbdr11.prod.google.com ([2002:a05:600c:608b:b0:441:d228:3918]) (user=ardb job=prod-delivery.src-stubby-dispatcher) by 2002:a05:600c:34d3:b0:43d:ac5:11ed with SMTP id 5b1f17b1804b1-442d6dc530bmr117931755e9.24.1747077129288; Mon, 12 May 2025 12:12:09 -0700 (PDT) Date: Mon, 12 May 2025 21:08:53 +0200 In-Reply-To: <20250512190834.332684-23-ardb+git@google.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250512190834.332684-23-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=16708; i=ardb@kernel.org; h=from:subject; bh=+O+UrsC91HAI+PXyY59+K+bmlox0wgmI5ck05CzzrkM=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIUPJPYyzLi/7Uti6Fu8Zwrd77FseT9I1kFm/PPtzudnz3 +IaCes6SlkYxDgYZMUUWQRm/3238/REqVrnWbIwc1iZQIYwcHEKwESmMDD8r/PbErnpomejYc+f BuXwxJf+u1I5HObKZh0TVO679G26AsM//Z2fp1+PPFT9uNubZ82TJ/s+uxea75nVuKJGe+lb623 y7AA= X-Mailer: git-send-email 2.49.0.1045.g170613ef41-goog Message-ID: <20250512190834.332684-41-ardb+git@google.com> Subject: [RFT PATCH v3 18/21] x86/boot: Move startup code out of __head section From: Ard Biesheuvel To: linux-kernel@vger.kernel.org Cc: linux-efi@vger.kernel.org, x86@kernel.org, Ard Biesheuvel , Borislav Petkov , Ingo Molnar , Dionna Amalie Glaze , Kevin Loughlin , Tom Lendacky From: Ard Biesheuvel Move startup code out of the __head section, now that this no longer has a special significance. Move everything into .text or .init.text as appropriate, so that startup code is not kept around unnecessarily. Signed-off-by: Ard Biesheuvel --- arch/x86/boot/compressed/sev.c | 3 -- arch/x86/boot/startup/gdt_idt.c | 4 +-- arch/x86/boot/startup/map_kernel.c | 4 +-- arch/x86/boot/startup/sev-shared.c | 34 ++++++++++---------- arch/x86/boot/startup/sev-startup.c | 14 ++++---- arch/x86/boot/startup/sme.c | 26 +++++++-------- arch/x86/include/asm/init.h | 6 ---- arch/x86/kernel/head_32.S | 2 +- arch/x86/kernel/head_64.S | 2 +- arch/x86/platform/pvh/head.S | 2 +- 10 files changed, 44 insertions(+), 53 deletions(-) diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c index 750f08d1c7a1..79309944cb19 100644 --- a/arch/x86/boot/compressed/sev.c +++ b/arch/x86/boot/compressed/sev.c @@ -32,9 +32,6 @@ struct ghcb *boot_ghcb; #undef __init #define __init -#undef __head -#define __head - #define __BOOT_COMPRESSED u8 snp_vmpl; diff --git a/arch/x86/boot/startup/gdt_idt.c b/arch/x86/boot/startup/gdt_idt.c index a3112a69b06a..d16102abdaec 100644 --- a/arch/x86/boot/startup/gdt_idt.c +++ b/arch/x86/boot/startup/gdt_idt.c @@ -24,7 +24,7 @@ static gate_desc bringup_idt_table[NUM_EXCEPTION_VECTORS] __page_aligned_data; /* This may run while still in the direct mapping */ -void __head startup_64_load_idt(void *vc_handler) +void startup_64_load_idt(void *vc_handler) { struct desc_ptr desc = { .address = (unsigned long)rip_rel_ptr(bringup_idt_table), @@ -46,7 +46,7 @@ void __head startup_64_load_idt(void *vc_handler) /* * Setup boot CPU state needed before kernel switches to virtual addresses. */ -void __head startup_64_setup_gdt_idt(void) +void __init startup_64_setup_gdt_idt(void) { struct gdt_page *gp = rip_rel_ptr((void *)(__force unsigned long)&gdt_page); void *handler = NULL; diff --git a/arch/x86/boot/startup/map_kernel.c b/arch/x86/boot/startup/map_kernel.c index 099ae2559336..75b3dd62da50 100644 --- a/arch/x86/boot/startup/map_kernel.c +++ b/arch/x86/boot/startup/map_kernel.c @@ -36,7 +36,7 @@ static inline bool check_la57_support(void) return true; } -static unsigned long __head sme_postprocess_startup(struct boot_params *bp, +static unsigned long __init sme_postprocess_startup(struct boot_params *bp, pmdval_t *pmd, unsigned long p2v_offset) { @@ -90,7 +90,7 @@ static unsigned long __head sme_postprocess_startup(struct boot_params *bp, * the 1:1 mapping of memory. Kernel virtual addresses can be determined by * subtracting p2v_offset from the RIP-relative address. */ -unsigned long __head __startup_64(unsigned long p2v_offset, +unsigned long __init __startup_64(unsigned long p2v_offset, struct boot_params *bp) { pmd_t (*early_pgts)[PTRS_PER_PMD] = rip_rel_ptr(early_dynamic_pgts); diff --git a/arch/x86/boot/startup/sev-shared.c b/arch/x86/boot/startup/sev-shared.c index 49440955885a..77b34ab6c7d8 100644 --- a/arch/x86/boot/startup/sev-shared.c +++ b/arch/x86/boot/startup/sev-shared.c @@ -29,7 +29,7 @@ static u32 cpuid_std_range_max __ro_after_init; static u32 cpuid_hyp_range_max __ro_after_init; static u32 cpuid_ext_range_max __ro_after_init; -void __head __noreturn +void __noreturn sev_es_terminate(unsigned int set, unsigned int reason) { u64 val = GHCB_MSR_TERM_REQ; @@ -45,7 +45,7 @@ sev_es_terminate(unsigned int set, unsigned int reason) asm volatile("hlt\n" : : : "memory"); } -static u64 __head get_hv_features(void) +static u64 __init get_hv_features(void) { u64 val; @@ -59,7 +59,7 @@ static u64 __head get_hv_features(void) return GHCB_MSR_HV_FT_RESP_VAL(val); } -u64 __head snp_check_hv_features(void) +u64 __init snp_check_hv_features(void) { /* * SNP is supported in v2 of the GHCB spec which mandates support for HV @@ -186,7 +186,7 @@ const struct snp_cpuid_table *snp_cpuid_get_table(void) * * Return: XSAVE area size on success, 0 otherwise. */ -static u32 __head snp_cpuid_calc_xsave_size(u64 xfeatures_en, bool compacted) +static u32 snp_cpuid_calc_xsave_size(u64 xfeatures_en, bool compacted) { const struct snp_cpuid_table *cpuid_table = snp_cpuid_get_table(); u64 xfeatures_found = 0; @@ -222,7 +222,7 @@ static u32 __head snp_cpuid_calc_xsave_size(u64 xfeatures_en, bool compacted) return xsave_size; } -static bool __head +static bool snp_cpuid_get_validated_func(struct cpuid_leaf *leaf) { const struct snp_cpuid_table *cpuid_table = snp_cpuid_get_table(); @@ -264,7 +264,7 @@ static void snp_cpuid_hv_no_ghcb(void *ctx, struct cpuid_leaf *leaf) sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_CPUID_HV); } -static int __head +static int snp_cpuid_postprocess(void (*cpuid_hv)(void *ctx, struct cpuid_leaf *), void *ctx, struct cpuid_leaf *leaf) { @@ -360,7 +360,7 @@ snp_cpuid_postprocess(void (*cpuid_hv)(void *ctx, struct cpuid_leaf *), * Returns -EOPNOTSUPP if feature not enabled. Any other non-zero return value * should be treated as fatal by caller. */ -int __head +int snp_cpuid(void (*cpuid_hv)(void *ctx, struct cpuid_leaf *), void *ctx, struct cpuid_leaf *leaf) { @@ -404,7 +404,7 @@ snp_cpuid(void (*cpuid_hv)(void *ctx, struct cpuid_leaf *), * page yet, so it only supports the MSR based communication with the * hypervisor and only the CPUID exit-code. */ -void __head do_vc_no_ghcb(struct pt_regs *regs, unsigned long exit_code) +void do_vc_no_ghcb(struct pt_regs *regs, unsigned long exit_code) { unsigned int subfn = lower_bits(regs->cx, 32); unsigned int fn = lower_bits(regs->ax, 32); @@ -480,7 +480,7 @@ struct cc_setup_data { * Search for a Confidential Computing blob passed in as a setup_data entry * via the Linux Boot Protocol. */ -static __head +static __init struct cc_blob_sev_info *find_cc_blob_setup_data(struct boot_params *bp) { struct cc_setup_data *sd = NULL; @@ -508,7 +508,7 @@ struct cc_blob_sev_info *find_cc_blob_setup_data(struct boot_params *bp) * mapping needs to be updated in sync with all the changes to virtual memory * layout and related mapping facilities throughout the boot process. */ -static void __head setup_cpuid_table(const struct cc_blob_sev_info *cc_info) +static void __init setup_cpuid_table(const struct cc_blob_sev_info *cc_info) { const struct snp_cpuid_table *cpuid_table_fw, *cpuid_table; int i; @@ -536,8 +536,8 @@ static void __head setup_cpuid_table(const struct cc_blob_sev_info *cc_info) } } -static void __head svsm_pval_4k_page(unsigned long paddr, bool validate, - struct svsm_ca *caa, u64 caa_pa) +static void svsm_pval_4k_page(unsigned long paddr, bool validate, + struct svsm_ca *caa, u64 caa_pa) { struct svsm_pvalidate_call *pc; struct svsm_call call = {}; @@ -576,8 +576,8 @@ static void __head svsm_pval_4k_page(unsigned long paddr, bool validate, native_local_irq_restore(flags); } -static void __head pvalidate_4k_page(unsigned long vaddr, unsigned long paddr, - bool validate, struct svsm_ca *caa, u64 caa_pa) +static void pvalidate_4k_page(unsigned long vaddr, unsigned long paddr, + bool validate, struct svsm_ca *caa, u64 caa_pa) { int ret; @@ -590,8 +590,8 @@ static void __head pvalidate_4k_page(unsigned long vaddr, unsigned long paddr, } } -static void __head __page_state_change(unsigned long paddr, enum psc_op op, - struct svsm_ca *caa, u64 caa_pa) +static void __page_state_change(unsigned long paddr, enum psc_op op, + struct svsm_ca *caa, u64 caa_pa) { u64 val; @@ -623,7 +623,7 @@ static void __head __page_state_change(unsigned long paddr, enum psc_op op, * Maintain the GPA of the SVSM Calling Area (CA) in order to utilize the SVSM * services needed when not running in VMPL0. */ -static bool __head svsm_setup_ca(const struct cc_blob_sev_info *cc_info, +static bool __init svsm_setup_ca(const struct cc_blob_sev_info *cc_info, void *page) { struct snp_secrets_page *secrets_page; diff --git a/arch/x86/boot/startup/sev-startup.c b/arch/x86/boot/startup/sev-startup.c index b56a585f57ab..21424157819c 100644 --- a/arch/x86/boot/startup/sev-startup.c +++ b/arch/x86/boot/startup/sev-startup.c @@ -44,7 +44,7 @@ /* Include code shared with pre-decompression boot stage */ #include "sev-shared.c" -void __head +void __init early_set_pages_state(unsigned long vaddr, unsigned long paddr, unsigned long npages, enum psc_op op, struct svsm_ca *caa, u64 caa_pa) @@ -64,7 +64,7 @@ early_set_pages_state(unsigned long vaddr, unsigned long paddr, } } -void __head early_snp_set_memory_private(unsigned long vaddr, unsigned long paddr, +void __init early_snp_set_memory_private(unsigned long vaddr, unsigned long paddr, unsigned long npages) { /* @@ -84,7 +84,7 @@ void __head early_snp_set_memory_private(unsigned long vaddr, unsigned long padd rip_rel_ptr(&boot_svsm_ca_page), boot_svsm_caa_pa); } -void __head early_snp_set_memory_shared(unsigned long vaddr, unsigned long paddr, +void __init early_snp_set_memory_shared(unsigned long vaddr, unsigned long paddr, unsigned long npages) { /* @@ -114,7 +114,7 @@ void __head early_snp_set_memory_shared(unsigned long vaddr, unsigned long paddr * * Scan for the blob in that order. */ -static __head struct cc_blob_sev_info *find_cc_blob(struct boot_params *bp) +static struct cc_blob_sev_info *__init find_cc_blob(struct boot_params *bp) { struct cc_blob_sev_info *cc_info; @@ -140,7 +140,7 @@ static __head struct cc_blob_sev_info *find_cc_blob(struct boot_params *bp) return cc_info; } -static __head void svsm_setup(struct cc_blob_sev_info *cc_info) +static void __init svsm_setup(struct cc_blob_sev_info *cc_info) { struct snp_secrets_page *secrets = (void *)cc_info->secrets_phys; struct svsm_call call = {}; @@ -183,7 +183,7 @@ static __head void svsm_setup(struct cc_blob_sev_info *cc_info) boot_svsm_caa_pa = pa; } -bool __head snp_init(struct boot_params *bp) +bool __init snp_init(struct boot_params *bp) { struct cc_blob_sev_info *cc_info; @@ -212,7 +212,7 @@ bool __head snp_init(struct boot_params *bp) return true; } -void __head __noreturn snp_abort(void) +void __init __noreturn snp_abort(void) { sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SNP_UNSUPPORTED); } diff --git a/arch/x86/boot/startup/sme.c b/arch/x86/boot/startup/sme.c index ffd0185aaa9d..846f5d7c24e1 100644 --- a/arch/x86/boot/startup/sme.c +++ b/arch/x86/boot/startup/sme.c @@ -91,7 +91,7 @@ struct sme_populate_pgd_data { */ static char sme_workarea[2 * PMD_SIZE] __section(".init.scratch"); -static void __head sme_clear_pgd(struct sme_populate_pgd_data *ppd) +static void __init sme_clear_pgd(struct sme_populate_pgd_data *ppd) { unsigned long pgd_start, pgd_end, pgd_size; pgd_t *pgd_p; @@ -106,7 +106,7 @@ static void __head sme_clear_pgd(struct sme_populate_pgd_data *ppd) memset(pgd_p, 0, pgd_size); } -static pud_t __head *sme_prepare_pgd(struct sme_populate_pgd_data *ppd) +static pud_t __init *sme_prepare_pgd(struct sme_populate_pgd_data *ppd) { pgd_t *pgd; p4d_t *p4d; @@ -143,7 +143,7 @@ static pud_t __head *sme_prepare_pgd(struct sme_populate_pgd_data *ppd) return pud; } -static void __head sme_populate_pgd_large(struct sme_populate_pgd_data *ppd) +static void __init sme_populate_pgd_large(struct sme_populate_pgd_data *ppd) { pud_t *pud; pmd_t *pmd; @@ -159,7 +159,7 @@ static void __head sme_populate_pgd_large(struct sme_populate_pgd_data *ppd) set_pmd(pmd, __pmd(ppd->paddr | ppd->pmd_flags)); } -static void __head sme_populate_pgd(struct sme_populate_pgd_data *ppd) +static void __init sme_populate_pgd(struct sme_populate_pgd_data *ppd) { pud_t *pud; pmd_t *pmd; @@ -185,7 +185,7 @@ static void __head sme_populate_pgd(struct sme_populate_pgd_data *ppd) set_pte(pte, __pte(ppd->paddr | ppd->pte_flags)); } -static void __head __sme_map_range_pmd(struct sme_populate_pgd_data *ppd) +static void __init __sme_map_range_pmd(struct sme_populate_pgd_data *ppd) { while (ppd->vaddr < ppd->vaddr_end) { sme_populate_pgd_large(ppd); @@ -195,7 +195,7 @@ static void __head __sme_map_range_pmd(struct sme_populate_pgd_data *ppd) } } -static void __head __sme_map_range_pte(struct sme_populate_pgd_data *ppd) +static void __init __sme_map_range_pte(struct sme_populate_pgd_data *ppd) { while (ppd->vaddr < ppd->vaddr_end) { sme_populate_pgd(ppd); @@ -205,7 +205,7 @@ static void __head __sme_map_range_pte(struct sme_populate_pgd_data *ppd) } } -static void __head __sme_map_range(struct sme_populate_pgd_data *ppd, +static void __init __sme_map_range(struct sme_populate_pgd_data *ppd, pmdval_t pmd_flags, pteval_t pte_flags) { unsigned long vaddr_end; @@ -229,22 +229,22 @@ static void __head __sme_map_range(struct sme_populate_pgd_data *ppd, __sme_map_range_pte(ppd); } -static void __head sme_map_range_encrypted(struct sme_populate_pgd_data *ppd) +static void __init sme_map_range_encrypted(struct sme_populate_pgd_data *ppd) { __sme_map_range(ppd, PMD_FLAGS_ENC, PTE_FLAGS_ENC); } -static void __head sme_map_range_decrypted(struct sme_populate_pgd_data *ppd) +static void __init sme_map_range_decrypted(struct sme_populate_pgd_data *ppd) { __sme_map_range(ppd, PMD_FLAGS_DEC, PTE_FLAGS_DEC); } -static void __head sme_map_range_decrypted_wp(struct sme_populate_pgd_data *ppd) +static void __init sme_map_range_decrypted_wp(struct sme_populate_pgd_data *ppd) { __sme_map_range(ppd, PMD_FLAGS_DEC_WP, PTE_FLAGS_DEC_WP); } -static unsigned long __head sme_pgtable_calc(unsigned long len) +static unsigned long __init sme_pgtable_calc(unsigned long len) { unsigned long entries = 0, tables = 0; @@ -281,7 +281,7 @@ static unsigned long __head sme_pgtable_calc(unsigned long len) return entries + tables; } -void __head sme_encrypt_kernel(struct boot_params *bp) +void __init sme_encrypt_kernel(struct boot_params *bp) { unsigned long workarea_start, workarea_end, workarea_len; unsigned long execute_start, execute_end, execute_len; @@ -485,7 +485,7 @@ void __head sme_encrypt_kernel(struct boot_params *bp) native_write_cr3(__native_read_cr3()); } -void __head sme_enable(struct boot_params *bp) +void __init sme_enable(struct boot_params *bp) { unsigned int eax, ebx, ecx, edx; unsigned long feature_mask; diff --git a/arch/x86/include/asm/init.h b/arch/x86/include/asm/init.h index 8b1b1abcef15..01ccdd168df0 100644 --- a/arch/x86/include/asm/init.h +++ b/arch/x86/include/asm/init.h @@ -2,12 +2,6 @@ #ifndef _ASM_X86_INIT_H #define _ASM_X86_INIT_H -#if defined(CONFIG_CC_IS_CLANG) && CONFIG_CLANG_VERSION < 170000 -#define __head __section(".head.text") __no_sanitize_undefined __no_stack_protector -#else -#define __head __section(".head.text") __no_sanitize_undefined -#endif - struct x86_mapping_info { void *(*alloc_pgt_page)(void *); /* allocate buf for page table */ void (*free_pgt_page)(void *, void *); /* free buf for page table */ diff --git a/arch/x86/kernel/head_32.S b/arch/x86/kernel/head_32.S index 2e42056d2306..5962ff2a189a 100644 --- a/arch/x86/kernel/head_32.S +++ b/arch/x86/kernel/head_32.S @@ -61,7 +61,7 @@ RESERVE_BRK(pagetables, INIT_MAP_SIZE) * any particular GDT layout, because we load our own as soon as we * can. */ -__HEAD + __INIT SYM_CODE_START(startup_32) movl pa(initial_stack),%ecx diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S index 88cbf932f7c2..ac1116f623d3 100644 --- a/arch/x86/kernel/head_64.S +++ b/arch/x86/kernel/head_64.S @@ -33,7 +33,7 @@ * because we need identity-mapped pages. */ - __HEAD + __INIT .code64 SYM_CODE_START_NOALIGN(startup_64) UNWIND_HINT_END_OF_STACK diff --git a/arch/x86/platform/pvh/head.S b/arch/x86/platform/pvh/head.S index cfa18ec7d55f..16aa1f018b80 100644 --- a/arch/x86/platform/pvh/head.S +++ b/arch/x86/platform/pvh/head.S @@ -24,7 +24,7 @@ #include #include - __HEAD + __INIT /* * Entry point for PVH guests. From patchwork Mon May 12 19:08:55 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 889499 Received: from mail-wm1-f74.google.com (mail-wm1-f74.google.com [209.85.128.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8B2B929AB10 for ; Mon, 12 May 2025 19:12:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747077136; cv=none; b=IGQrDmE9oETXDst5P7jrWzXcUWY92adbGtt6wA5qbPU0S3mdwDnZXsTHAjC1omLZsnAef+zv69GM+ExIIvUMMGb3vcTtalYHR9xrl+6l+rnUtT8xP7SiQLwzov5Gkb8D8kCWWFDPRaz99YsgnSMcofNBR38pBKE+alkSIzBiL9w= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747077136; c=relaxed/simple; bh=TorHU3D8vzlbLnDF5GG3Z8lBw/d5rL8k173kxpHudfQ=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=BSp2zsLHy2yS1WTRmSf5PmKCuBDsj2zrrCxXPW/EobYIo6VQ1GwQaTMkfPJwippHqOg0W6pNdujrGkEozDpee/Cx2pKNyamx7eIG6DDnCdR6Vbeh7HoOPGMPZ2i1L2JGC0u5eKOvtX7LEncQBq3NZ5ufEhXQynxgxQoY8rmU5wQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=0iOxz77K; arc=none smtp.client-ip=209.85.128.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="0iOxz77K" Received: by mail-wm1-f74.google.com with SMTP id 5b1f17b1804b1-43f405810b4so23986495e9.1 for ; Mon, 12 May 2025 12:12:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1747077133; x=1747681933; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=v439pYe/axTRwHMKr6MQIEHe6JUV+bVOJ6eq2XJ3atI=; b=0iOxz77KFxU69GuMWPUbCWgW9VNpO0QySmGBiRoIjTyviRHp6M2K0MgvQ35zf15weo 1zeX82bJdbPduQ+rjfhWQ5Nnj0SsKJ7YiYN2QJhsU4ipU5dSYTj3Ae6nUBgdxLmNOF/6 5owS9NRWLOL5L0h3rfifqjogsbRPC9JNyx80So+ww//gwnN5zCT8CFO+PZACAu8oEW0n SsIaceHb0dah9IvU7jrdl2jdTffCI7fj1SMvSB36y8WFnupn9clK/t+KUTaqHUjYiNKw 0IENPyLCL7AiGG31K5WuNpZ9GGSz/v8iaPrxaTrXWwdmoud1eoBzhW0WVi1rts2t6ZAk Y7Rg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1747077133; x=1747681933; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=v439pYe/axTRwHMKr6MQIEHe6JUV+bVOJ6eq2XJ3atI=; b=YLyYYnUOOas9T/hYfHsEw0Eq8CQNEW41cQkjBcqJx9GF+0iSr0S0ZIOn+7LaeDqN4q 6m+ODfBCGD2hJIgZym+f/tNK+0OA+nCCbCyuKSuhAYMlpMW2Ad5/R531nIb3Lr8S+bxg ukFhhSjmAsv0kUZ0b+Iq7aplczkai/DpPPzXPX4qnITxCsTzCVMXpCszUtAXuSc+RfBW GBTTIMOc0HBh+TsJWNJ015zlBIW8H2CnUfgLCROaenv+1PriPuGLG/IGVqPTRcE+6ppc i6O2A14ew+G0xhLueEnFKcW20hmSz3v9dsI5cgfkqPF+ULUTPismja8PkCJD/DMGH8d0 CnxQ== X-Gm-Message-State: AOJu0YwtFhfSqirF0D7TkXIpq8OszBXko/ofJH0aZq3nNWHD4FEoL2Ha Y2NWT8bPl9vVIHYVbK1717PiCNWn6MGGkfmSU87BycojcHbFSxOaP+8v8A6fpeYcV2Y8xQ== X-Google-Smtp-Source: AGHT+IEMZYndVwREXzsaDO3LVik4Mk0won2pEwZv3DWg+/+jysG1MAjNpnGgjDfRCAkMKKBZbMh+CUx9 X-Received: from wmbem11.prod.google.com ([2002:a05:600c:820b:b0:43b:c450:ea70]) (user=ardb job=prod-delivery.src-stubby-dispatcher) by 2002:a05:600c:4e45:b0:43b:cd0d:9466 with SMTP id 5b1f17b1804b1-442d6d44b3cmr122027975e9.9.1747077133093; Mon, 12 May 2025 12:12:13 -0700 (PDT) Date: Mon, 12 May 2025 21:08:55 +0200 In-Reply-To: <20250512190834.332684-23-ardb+git@google.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250512190834.332684-23-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=1439; i=ardb@kernel.org; h=from:subject; bh=XkUgHViP3uJKbwSMBnGo+c2h3KHUCLzDm2JV//00rhk=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIUPJPdKy5iq787yskwwr2n5uPOiQNaejP9rN/vnp52+nc P1bFqXQUcrCIMbBICumyCIw+++7nacnStU6z5KFmcPKBDKEgYtTACZSZcPwP7+25rde1Srnw/Nq zMt1XAt/JhU/jTE8WWJ39JCikt1FL4b/rhz7vT59+u82febDNTt/9ptGZ4r9N9bUeVTpOWfep6N 2/AA= X-Mailer: git-send-email 2.49.0.1045.g170613ef41-goog Message-ID: <20250512190834.332684-43-ardb+git@google.com> Subject: [RFT PATCH v3 20/21] x86/boot: Revert "Reject absolute references in .head.text" From: Ard Biesheuvel To: linux-kernel@vger.kernel.org Cc: linux-efi@vger.kernel.org, x86@kernel.org, Ard Biesheuvel , Borislav Petkov , Ingo Molnar , Dionna Amalie Glaze , Kevin Loughlin , Tom Lendacky From: Ard Biesheuvel This reverts commit faf0ed487415f76fe4acf7980ce360901f5e1698. The startup code is checked directly for the absence of absolute symbol references, so checking the .head.text section in the relocs tool is no longer needed. Signed-off-by: Ard Biesheuvel --- arch/x86/tools/relocs.c | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/arch/x86/tools/relocs.c b/arch/x86/tools/relocs.c index 5778bc498415..e5a2b9a912d1 100644 --- a/arch/x86/tools/relocs.c +++ b/arch/x86/tools/relocs.c @@ -740,10 +740,10 @@ static void walk_relocs(int (*process)(struct section *sec, Elf_Rel *rel, static int do_reloc64(struct section *sec, Elf_Rel *rel, ElfW(Sym) *sym, const char *symname) { - int headtext = !strcmp(sec_name(sec->shdr.sh_info), ".head.text"); unsigned r_type = ELF64_R_TYPE(rel->r_info); ElfW(Addr) offset = rel->r_offset; int shn_abs = (sym->st_shndx == SHN_ABS) && !is_reloc(S_REL, symname); + if (sym->st_shndx == SHN_UNDEF) return 0; @@ -783,12 +783,6 @@ static int do_reloc64(struct section *sec, Elf_Rel *rel, ElfW(Sym) *sym, break; } - if (headtext) { - die("Absolute reference to symbol '%s' not permitted in .head.text\n", - symname); - break; - } - /* * Relocation offsets for 64 bit kernels are output * as 32 bits and sign extended back to 64 bits when