[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20210312123824.306-1-joro@8bytes.org>
Date: Fri, 12 Mar 2021 13:38:16 +0100
From: Joerg Roedel <joro@...tes.org>
To: x86@...nel.org
Cc: Joerg Roedel <joro@...tes.org>, Joerg Roedel <jroedel@...e.de>,
hpa@...or.com, Andy Lutomirski <luto@...nel.org>,
Dave Hansen <dave.hansen@...ux.intel.com>,
Peter Zijlstra <peterz@...radead.org>,
Jiri Slaby <jslaby@...e.cz>,
Dan Williams <dan.j.williams@...el.com>,
Tom Lendacky <thomas.lendacky@....com>,
Juergen Gross <jgross@...e.com>,
Kees Cook <keescook@...omium.org>,
David Rientjes <rientjes@...gle.com>,
Cfir Cohen <cfir@...gle.com>,
Erdem Aktas <erdemaktas@...gle.com>,
Masami Hiramatsu <mhiramat@...nel.org>,
Mike Stunes <mstunes@...are.com>,
Sean Christopherson <seanjc@...gle.com>,
Martin Radev <martin.b.radev@...il.com>,
Arvind Sankar <nivedita@...m.mit.edu>,
linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
virtualization@...ts.linux-foundation.org
Subject: [PATCH v3 0/8] x86/seves: Support 32-bit boot path and other updates
From: Joerg Roedel <jroedel@...e.de>
Hi,
these patches add support for the 32-bit boot in the decompressor
code. This is needed to boot an SEV-ES guest on some firmware and grub
versions. The patches also add the necessary CPUID sanity checks and a
32-bit version of the C-bit check.
Other updates included here:
1. Add code to shut down exception handling in the
decompressor code before jumping to the real kernel.
Once in the real kernel it is not safe anymore to jump
back to the decompressor code via exceptions.
2. Replace open-coded hlt loops with proper calls to
sev_es_terminate().
Please review.
Thanks,
Joerg
Changes v2->v3:
- Added a patch to remove the check for the Hypervisor CPUID
bit for detecting SEV
Changes v1->v2:
- Addressed Boris' review comments.
- Fixed a bug which caused the cbit-check to never be
executed even in an SEV guest.
Joerg Roedel (8):
x86/boot/compressed/64: Cleanup exception handling before booting
kernel
x86/sev: Do not require Hypervisor CPUID bit for SEV guests
x86/boot/compressed/64: Reload CS in startup_32
x86/boot/compressed/64: Setup IDT in startup_32 boot path
x86/boot/compressed/64: Add 32-bit boot #VC handler
x86/boot/compressed/64: Add CPUID sanity check to 32-bit boot-path
x86/boot/compressed/64: Check SEV encryption in 32-bit boot-path
x86/sev-es: Replace open-coded hlt-loops with sev_es_terminate()
arch/x86/boot/compressed/head_64.S | 170 ++++++++++++++++++++++++-
arch/x86/boot/compressed/idt_64.c | 14 ++
arch/x86/boot/compressed/mem_encrypt.S | 130 ++++++++++++++++++-
arch/x86/boot/compressed/misc.c | 7 +-
arch/x86/boot/compressed/misc.h | 6 +
arch/x86/boot/compressed/sev-es.c | 12 +-
arch/x86/kernel/sev-es-shared.c | 16 +--
arch/x86/mm/mem_encrypt_identity.c | 35 ++---
8 files changed, 340 insertions(+), 50 deletions(-)
--
2.30.1
Powered by blists - more mailing lists