| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250429061004.205839-19-Neeraj.Upadhyay@amd.com> Date: Tue, 29 Apr 2025 11:40:02 +0530 From: Neeraj Upadhyay <Neeraj.Upadhyay@....com> To: <linux-kernel@...r.kernel.org> CC: <bp@...en8.de>, <tglx@...utronix.de>, <mingo@...hat.com>, <dave.hansen@...ux.intel.com>, <Thomas.Lendacky@....com>, <nikunj@....com>, <Santosh.Shukla@....com>, <Vasant.Hegde@....com>, <Suravee.Suthikulpanit@....com>, <David.Kaplan@....com>, <x86@...nel.org>, <hpa@...or.com>, <peterz@...radead.org>, <seanjc@...gle.com>, <pbonzini@...hat.com>, <kvm@...r.kernel.org>, <kirill.shutemov@...ux.intel.com>, <huibo.wang@....com>, <naveen.rao@....com>, <francescolavra.fl@...il.com> Subject: [PATCH v5 18/20] x86/apic: Enable Secure AVIC in Control MSR With all the pieces in place now, enable Secure AVIC in Secure AVIC Control MSR. Any access to x2APIC MSRs are emulated by the hypervisor before Secure AVIC is enabled in the control MSR. Post Secure AVIC enablement, all x2APIC MSR accesses (whether accelerated by AVIC hardware or trapped as VC exception) operate on vCPU's APIC backing page. Signed-off-by: Neeraj Upadhyay <Neeraj.Upadhyay@....com> --- Changes since v4: - No change. arch/x86/include/asm/msr-index.h | 2 ++ arch/x86/kernel/apic/x2apic_savic.c | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-index.h index 9f3c4dbd6385..c5ce1c256f1d 100644 --- a/arch/x86/include/asm/msr-index.h +++ b/arch/x86/include/asm/msr-index.h @@ -694,6 +694,8 @@ #define MSR_AMD64_SNP_RESV_BIT 19 #define MSR_AMD64_SNP_RESERVED_MASK GENMASK_ULL(63, MSR_AMD64_SNP_RESV_BIT) #define MSR_AMD64_SECURE_AVIC_CONTROL 0xc0010138 +#define MSR_AMD64_SECURE_AVIC_EN_BIT 0 +#define MSR_AMD64_SECURE_AVIC_EN BIT_ULL(MSR_AMD64_SECURE_AVIC_EN_BIT) #define MSR_AMD64_SECURE_AVIC_ALLOWEDNMI_BIT 1 #define MSR_AMD64_SECURE_AVIC_ALLOWEDNMI BIT_ULL(MSR_AMD64_SECURE_AVIC_ALLOWEDNMI_BIT) #define MSR_AMD64_RMP_BASE 0xc0010132 diff --git a/arch/x86/kernel/apic/x2apic_savic.c b/arch/x86/kernel/apic/x2apic_savic.c index 7ba296ba26e3..b7caadd1b33a 100644 --- a/arch/x86/kernel/apic/x2apic_savic.c +++ b/arch/x86/kernel/apic/x2apic_savic.c @@ -363,7 +363,7 @@ static void savic_setup(void) res = savic_register_gpa(gpa); if (res != ES_OK) snp_abort(); - savic_wr_control_msr(gpa | MSR_AMD64_SECURE_AVIC_ALLOWEDNMI); + savic_wr_control_msr(gpa | MSR_AMD64_SECURE_AVIC_EN | MSR_AMD64_SECURE_AVIC_ALLOWEDNMI); } static int savic_probe(void) -- 2.34.1
Powered by blists - more mailing lists