From nobody Sun May 10 21:55:06 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id F21C9C433EF for ; Fri, 22 Apr 2022 13:57:15 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1448256AbiDVOAH (ORCPT ); Fri, 22 Apr 2022 10:00:07 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52210 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233454AbiDVOAF (ORCPT ); Fri, 22 Apr 2022 10:00:05 -0400 Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1anam02on2082.outbound.protection.outlook.com [40.107.96.82]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A1E5258E7F for ; Fri, 22 Apr 2022 06:57:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=IByKd1Mg67u+3Gtxog0hQhZx/2/2JFR6LMWtw36Y/njt1jFn9fxYeudInWvcZBPSZqPpWezdNeHWhfWx8NVcFwHFQt/bXRI2maZGOFY+bj40fdsriltw/JqgtBNNrT4eY2G3wHUt/gfF333nsHuOfRLRCli6kdAagfOE84UIyvuaBPk5N8NgYQtrUpfRnyLhKTpQHAW8BuHvvcdTdwMfg3tNAd5/bBf20t0RBYEmD7q9bvKMLa33hVG5DM9Js2YB5nQfUwBDBKg9L2KJemtipW2sk8VAQ2vYYanX07I3iREoPLNkE0VoqTo+TTHQidovufxK9+iLazhaMYC+/bS8PA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Lxds7ZBgB2Vcifo8P+TFns+xKefa0lTleeYfQDGyVO4=; b=EwDxAYTKcXFQ4YSjNav+u9xdso/XeXgOVD1Cb5Am3vppGwN5TES1cQai+S/b1FxMmWqdyzC6/g4nCjVXZ7p5KI4/JmLps/OoOF82TfQphuh60J1YjowUik37btfXDhq05HdLpatTsCdueRrKdYCQO43FfqmDaqu2b47v3ZNY7kvNHUxzlzd92U3kLwsaTYcLWjmSXJWVO9xXG78zFIk8Kg3xQFwb8GIDLlfj5YiWOwBzIGKpj5z3VUyy0Qn8JEJfZ/RMVStZUelijE9bjWzjDyzmG6WqGI89PZbZSBpie1dmUezEKLnzrrXjq7iusCTEMWVa8ksRVhlhLHEry6AR4A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Lxds7ZBgB2Vcifo8P+TFns+xKefa0lTleeYfQDGyVO4=; b=FfzwOIRk2rQycpZipcItXY45lU6P2eRpt1RL3Iylfq4O3DEo7qBiUs4tcmuLGBtKB/VmF93yYLjCi+K7xAp8Z54r1LoERAEUVfKY0T113ms1iLcq2nN3Agth3Q28mJJi/tehUYrslOEFobLW+bquvfCyctfu0FSDPEECiZbBcjg= Received: from DS7PR07CA0002.namprd07.prod.outlook.com (2603:10b6:5:3af::8) by BL1PR12MB5192.namprd12.prod.outlook.com (2603:10b6:208:311::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5186.13; Fri, 22 Apr 2022 13:57:10 +0000 Received: from DM6NAM11FT033.eop-nam11.prod.protection.outlook.com (2603:10b6:5:3af:cafe::30) by DS7PR07CA0002.outlook.office365.com (2603:10b6:5:3af::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5186.14 via Frontend Transport; Fri, 22 Apr 2022 13:57:09 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT033.mail.protection.outlook.com (10.13.172.221) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.5186.14 via Frontend Transport; Fri, 22 Apr 2022 13:57:09 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Fri, 22 Apr 2022 08:57:08 -0500 From: Michael Roth To: CC: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , , "H . Peter Anvin" , Kees Cook , "Kirill A . Shutemov" , Tony Luck , "Nick Desaulniers" , Kuppuswamy Sathyanarayanan , Tom Lendacky , Venu Busireddy , "Joerg Roedel" , Tianyu Lan , "Borislav Petkov" Subject: [PATCH v3 1/2] x86/sev: Add missing __init annotations to SEV init routines Date: Fri, 22 Apr 2022 08:56:23 -0500 Message-ID: <20220422135624.114172-2-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220422135624.114172-1-michael.roth@amd.com> References: <20220422135624.114172-1-michael.roth@amd.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: cb34b11e-7b89-4bc3-873f-08da2467fe6c X-MS-TrafficTypeDiagnostic: BL1PR12MB5192:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: IfwerDEmJBDfAzXF60tvFvcWaNWXc/cIM/41dWXas2j16ykRePwZjm4Nth4JSBIEJlOE6rGQpYNz8tty4yFXFSn3KgIaNsv/WzDAjnJATvQI6eFr3tRQiQZNo9FPPG5cbI3oGakMrRDaJZxDI2W65/WEWubogehW8HZ69z5QCAfMPCkNviA7qPBq0bqvE/IWS1SKDemqOpAifGvfGQa2FWFzQDuxQF7FR35J/qxNuL1CUP/L4fVA/rbhGE6DBrzCUawyOtUhyr4UcNMHwmrtnUe82CPdblVXG2DRJ9RMHR7a4ncODJ7zVfqbkmC2v+SLsbk2WziRA8Pl9J7fYEVPYJmYloTwfff18oes2vLkvFViXNXmKdma9XX/Xm0i+UzVNLF0WDZ38hBKpF26G5lnnJjV6bc8MivyI5W7Y0jZX51KwnlxuK3ovM6HzPyK+Gzxr2E/Eawftm8aVTg8vMU4tbzobGoboDVfEwrrJsajvK4HUhaVcD9BW1oN2PRCji7HQqoxoVlYG+WBWw52TzZjS1gFYH37FeOS1jXt+GYzKisypG/nJyZKy7av/8s2HOgoSzioIAiKXFkNFGUmA4vy7qQAQvtAsz4EBkV0K7zQeR0Ph6OR5P1RoSlkTQOsCmbrEu6gW8pRZmK5XRMId0s469Vqe/Y4COqgdvw1Pjjf1E9sJGLl3OSbo4g4Ui6F2LQbTGiyn9H2wcIgUxyWl7LpxA== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230001)(4636009)(40470700004)(36840700001)(46966006)(356005)(508600001)(86362001)(336012)(16526019)(186003)(2616005)(26005)(54906003)(1076003)(83380400001)(81166007)(44832011)(40460700003)(316002)(6916009)(7416002)(4326008)(8676002)(70586007)(70206006)(47076005)(426003)(5660300002)(82310400005)(6666004)(36860700001)(36756003)(8936002)(2906002)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Apr 2022 13:57:09.4009 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: cb34b11e-7b89-4bc3-873f-08da2467fe6c X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT033.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL1PR12MB5192 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Currently get_secrets_page() is only reachable from the following call chain: __init snp_init_platform_device(): get_secrets_page() so mark it as __init as well. This is also needed since it calls early_memremap(), which is also an __init routine. Similarly, get_jump_table_addr() is only reachable from the following call chain: __init setup_real_mode(): sme_sev_setup_real_mode(): sev_es_setup_ap_jump_table(): get_jump_table_addr() so mark get_jump_table_addr() and everything up that call chain as __init as well. This is also needed since future patches will add a call to get_secrets_page(), which needs to be __init due to the reasons stated above. Suggested-by: Borislav Petkov Signed-off-by: Michael Roth --- arch/x86/kernel/sev.c | 6 +++--- arch/x86/realmode/init.c | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index 2fa87a07ab30..b7fd1915560d 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -558,7 +558,7 @@ void noinstr __sev_es_nmi_complete(void) __sev_put_ghcb(&state); } =20 -static u64 get_jump_table_addr(void) +static u64 __init get_jump_table_addr(void) { struct ghcb_state state; unsigned long flags; @@ -1077,7 +1077,7 @@ void snp_set_wakeup_secondary_cpu(void) apic->wakeup_secondary_cpu =3D wakeup_cpu_via_vmgexit; } =20 -int sev_es_setup_ap_jump_table(struct real_mode_header *rmh) +int __init sev_es_setup_ap_jump_table(struct real_mode_header *rmh) { u16 startup_cs, startup_ip; phys_addr_t jump_table_pa; @@ -2171,7 +2171,7 @@ static struct platform_device sev_guest_device =3D { .id =3D -1, }; =20 -static u64 get_secrets_page(void) +static u64 __init get_secrets_page(void) { u64 pa_data =3D boot_params.cc_blob_address; struct cc_blob_sev_info info; diff --git a/arch/x86/realmode/init.c b/arch/x86/realmode/init.c index c5e29db02a46..41d7669a97ad 100644 --- a/arch/x86/realmode/init.c +++ b/arch/x86/realmode/init.c @@ -67,7 +67,7 @@ void __init reserve_real_mode(void) memblock_reserve(0, SZ_1M); } =20 -static void sme_sev_setup_real_mode(struct trampoline_header *th) +static void __init sme_sev_setup_real_mode(struct trampoline_header *th) { #ifdef CONFIG_AMD_MEM_ENCRYPT if (cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT)) --=20 2.25.1 From nobody Sun May 10 21:55:06 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 696BCC433EF for ; Fri, 22 Apr 2022 13:57:38 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1448263AbiDVOA2 (ORCPT ); Fri, 22 Apr 2022 10:00:28 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52446 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1448260AbiDVOA0 (ORCPT ); Fri, 22 Apr 2022 10:00:26 -0400 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2059.outbound.protection.outlook.com [40.107.94.59]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B996C5A091 for ; Fri, 22 Apr 2022 06:57:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=NGdHU8thuiPPHGvOxsi+05y1WtPsKdmzhD1sPlpAqsuwfgCdIUYJxuugG8MRkHn2yp/oufbZGhnLChNCen7FmY8GxGnpeXcj6BXDc9+KfNvtblLnt6iKZBsCdw4fHtWtwlMVyHgiqI6dmSzip7looXAF9XjFvvj7et2OltpIizEqmj42kwInAkv1D+IiJ2GlCUc7Bgon8qkvoadsIc4cz7esQd9cPW8ZYjcjUhGdPJkohdwtXQbeb63jT1BqA6vtPuYUd0hRTZ6sSGlxxSI7KwFM8wc+5mkSIvpvT/I7jSXoYDbMp2l0AziS+//7c/UDUTIGR/mbnMJGJzmDuemm1Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ydcJf4WaUjoucqhxVp6oCuP4pT7lfq1bTMSlUyejUSc=; b=dWfRwcVq/fkYEF5Fswe0n1McNerWRywtqGSbvUnTUjiVcsSbHo0q5PJnbVEN5M5JvkPC0jdxnUXmdvOGJfwthz6swZJpF0UxJR+4HZEI7rAuLs5mYGwePtNz+h5cJtJsgfP4stjuv5Wyb0z8aVMTXrnW5Jn39pfXTxwgB/acQ11S8zlszdkXLJJISYZqcKo8eAM/YAtDNyowQxuj48oWy39z5oBQF6JTXkQWN51EYJD3et1aneyR2eAwGHNYSgsOVXFWt2bUbLydmGpD9M8d7i+8gU3Jh1s6DJPOlMQijxmkWq/j72PGIXOT+JnnN8tKHDTAndza/yMJntuHTlP1TA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ydcJf4WaUjoucqhxVp6oCuP4pT7lfq1bTMSlUyejUSc=; b=IdBivRv8p/k4IVEqWEJOrJAbXIBpRudcCwwBcIiZ6DS6LEamSqVT5EivRLNZ4mtquVRCGjPtVUTH6an9q6MC2DpGe2g4OC2ZxmCgmVdzoRpC9EF2yf7QEeJdLvBVdxxjGlE4tZAVCT+4oZ6oifAU/w9l0KdJZSUZwqUq2IZTRbk= Received: from DM6PR06CA0092.namprd06.prod.outlook.com (2603:10b6:5:336::25) by DM6PR12MB3850.namprd12.prod.outlook.com (2603:10b6:5:1c3::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5186.15; Fri, 22 Apr 2022 13:57:30 +0000 Received: from DM6NAM11FT052.eop-nam11.prod.protection.outlook.com (2603:10b6:5:336:cafe::84) by DM6PR06CA0092.outlook.office365.com (2603:10b6:5:336::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5186.15 via Frontend Transport; Fri, 22 Apr 2022 13:57:30 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT052.mail.protection.outlook.com (10.13.172.111) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.5186.14 via Frontend Transport; Fri, 22 Apr 2022 13:57:30 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Fri, 22 Apr 2022 08:57:29 -0500 From: Michael Roth To: CC: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , , "H . Peter Anvin" , Kees Cook , "Kirill A . Shutemov" , Tony Luck , "Nick Desaulniers" , Kuppuswamy Sathyanarayanan , Tom Lendacky , Venu Busireddy , "Joerg Roedel" , Tianyu Lan , "Brijesh Singh" Subject: [PATCH v3 2/2] x86/sev: Get the AP jump table address from secrets page Date: Fri, 22 Apr 2022 08:56:24 -0500 Message-ID: <20220422135624.114172-3-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220422135624.114172-1-michael.roth@amd.com> References: <20220422135624.114172-1-michael.roth@amd.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 637c9e5b-bcbd-4fea-942e-08da24680ab6 X-MS-TrafficTypeDiagnostic: DM6PR12MB3850:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: YpY23ufUlXD+fuz6y9lJQbMvYDVcR9K6KSg6z+PUQjcxDInuS3jaxdsI9OKJN9/EFnvjJlHgnlQQ8I5CS7HTaP0G80eGz+7PoGB1sbIryio64vWwMm6A6MlKnIiVhvp8yhukkhZMLBMTBvIJ1IDNdTCP/hoBc5yrJc6jXIc+dBBrNBUeX/735FFp80Rd7CA2WVBrWI77d235wkNIArm3ObgOxQi3aVXmKvwOSSjN5S5wlzCVJz+nj1ME+f6MtRsyKgJ/0iuGRls64nC7/eZg5WfhzHZa0ZK1Ei/DqIc1kmfZlzqR+1Re7PSI8rTCr8l5PosXAvRI3DNYLCPbcc79Y6UVrEatRCNi/HcuOuoikIZ3Wk1EIJF58biD8AbKQNb0vcW5g+CmNtoON9WxKbzKK1XvnYMcyQtNIopO87wT32Bp01NTPPoK7FZ/7hpCOj5vFUbOGebyGYEHUnSoahOLZhkdz/G4sdYDuC91bvtyhUmrecNeJHQ2FX0gsQFArrOTvGLmNg8bKEVOpPt16mIm4BHE9GzdvaUpfdcrgCywNgZyeDRHAbUN8VHHmAXw5fLCNIuqfQsHxvC/c/Uv6/PfWSLhJhgnXdQC/O8UE4ZWJIqfOFfVxpCqJe4Y+lRItvedoPRE7k4pRHTIAS2OjixBrEC7pqrRlful1+ICB0XHCBdHowsWqBT5nm24kDUo4nLxWAPWg8UzIVtwT9O2ONHZVE7vP2e88wwdvN44DDxvno0= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230001)(4636009)(40470700004)(46966006)(36840700001)(81166007)(1076003)(2616005)(426003)(336012)(2906002)(186003)(47076005)(16526019)(316002)(54906003)(44832011)(7416002)(36860700001)(356005)(6916009)(8936002)(83380400001)(40460700003)(86362001)(82310400005)(26005)(6666004)(8676002)(508600001)(5660300002)(4326008)(36756003)(70206006)(70586007)(15583001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Apr 2022 13:57:30.0345 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 637c9e5b-bcbd-4fea-942e-08da24680ab6 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT052.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3850 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Brijesh Singh The GHCB specification section 2.7 states that when SEV-SNP is enabled, a hypervisor must provide the AP jump table physical address through the SNP secrets pages. Fixes: 0afb6b660a6b ("x86/sev: Use SEV-SNP AP creation to start secondary C= PUs") Signed-off-by: Brijesh Singh [ mroth: improve error handling when ioremap()/memremap() return NULL ] [ mroth: don't mix function calls with declarations ] [ mroth: add missing __init ] Signed-off-by: Michael Roth Reviewed-by: Tom Lendacky --- arch/x86/include/asm/sev.h | 35 ++++++++++++ arch/x86/kernel/sev.c | 76 +++++++++++++++++-------- drivers/virt/coco/sev-guest/sev-guest.h | 35 ------------ 3 files changed, 87 insertions(+), 59 deletions(-) diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 6e3dda4f82b5..19514524f0f8 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -99,6 +99,41 @@ struct sev_guest_platform_data { u64 secrets_gpa; }; =20 +/* + * The secrets page contains 96-bytes of reserved field that can be used by + * the guest OS. The guest OS uses the area to save the message sequence + * number for each VMPCK. + * + * See the GHCB spec section Secret page layout for the format for this ar= ea. + */ +struct secrets_os_area { + u32 msg_seqno_0; + u32 msg_seqno_1; + u32 msg_seqno_2; + u32 msg_seqno_3; + u64 ap_jump_table_pa; + u8 rsvd[40]; + u8 guest_usage[32]; +} __packed; + +#define VMPCK_KEY_LEN 32 + +/* See the SNP spec version 0.9 for secrets page format */ +struct snp_secrets_page_layout { + u32 version; + u32 imien : 1, + rsvd1 : 31; + u32 fms; + u32 rsvd2; + u8 gosvw[16]; + u8 vmpck0[VMPCK_KEY_LEN]; + u8 vmpck1[VMPCK_KEY_LEN]; + u8 vmpck2[VMPCK_KEY_LEN]; + u8 vmpck3[VMPCK_KEY_LEN]; + struct secrets_os_area os_area; + u8 rsvd3[3840]; +} __packed; + #ifdef CONFIG_AMD_MEM_ENCRYPT extern struct static_key_false sev_es_enable_key; extern void __sev_es_ist_enter(struct pt_regs *regs); diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index b7fd1915560d..166375084b1f 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -558,6 +558,55 @@ void noinstr __sev_es_nmi_complete(void) __sev_put_ghcb(&state); } =20 +static u64 __init get_secrets_page(void) +{ + u64 pa_data =3D boot_params.cc_blob_address; + struct cc_blob_sev_info info; + void *map; + + /* + * The CC blob contains the address of the secrets page, check if the + * blob is present. + */ + if (!pa_data) + return 0; + + map =3D early_memremap(pa_data, sizeof(info)); + if (!map) { + pr_err("Unable to locate SNP secrets page: failed to map the Confidentia= l Computing blob.\n"); + return 0; + } + memcpy(&info, map, sizeof(info)); + early_memunmap(map, sizeof(info)); + + /* smoke-test the secrets page passed */ + if (!info.secrets_phys || info.secrets_len !=3D PAGE_SIZE) + return 0; + + return info.secrets_phys; +} + +static u64 __init get_snp_jump_table_addr(void) +{ + struct snp_secrets_page_layout *layout; + u64 pa, addr; + + pa =3D get_secrets_page(); + if (!pa) + return 0; + + layout =3D (__force void *)ioremap_encrypted(pa, PAGE_SIZE); + if (!layout) { + pr_err("Unable to locate AP jump table address: failed to map the SNP se= crets page.\n"); + return 0; + } + + addr =3D layout->os_area.ap_jump_table_pa; + iounmap(layout); + + return addr; +} + static u64 __init get_jump_table_addr(void) { struct ghcb_state state; @@ -565,6 +614,9 @@ static u64 __init get_jump_table_addr(void) struct ghcb *ghcb; u64 ret =3D 0; =20 + if (cc_platform_has(CC_ATTR_GUEST_SEV_SNP)) + return get_snp_jump_table_addr(); + local_irq_save(flags); =20 ghcb =3D __sev_get_ghcb(&state); @@ -2171,30 +2223,6 @@ static struct platform_device sev_guest_device =3D { .id =3D -1, }; =20 -static u64 __init get_secrets_page(void) -{ - u64 pa_data =3D boot_params.cc_blob_address; - struct cc_blob_sev_info info; - void *map; - - /* - * The CC blob contains the address of the secrets page, check if the - * blob is present. - */ - if (!pa_data) - return 0; - - map =3D early_memremap(pa_data, sizeof(info)); - memcpy(&info, map, sizeof(info)); - early_memunmap(map, sizeof(info)); - - /* smoke-test the secrets page passed */ - if (!info.secrets_phys || info.secrets_len !=3D PAGE_SIZE) - return 0; - - return info.secrets_phys; -} - static int __init snp_init_platform_device(void) { struct sev_guest_platform_data data; diff --git a/drivers/virt/coco/sev-guest/sev-guest.h b/drivers/virt/coco/se= v-guest/sev-guest.h index d39bdd013765..21bda26fdb95 100644 --- a/drivers/virt/coco/sev-guest/sev-guest.h +++ b/drivers/virt/coco/sev-guest/sev-guest.h @@ -60,39 +60,4 @@ struct snp_guest_msg { u8 payload[4000]; } __packed; =20 -/* - * The secrets page contains 96-bytes of reserved field that can be used by - * the guest OS. The guest OS uses the area to save the message sequence - * number for each VMPCK. - * - * See the GHCB spec section Secret page layout for the format for this ar= ea. - */ -struct secrets_os_area { - u32 msg_seqno_0; - u32 msg_seqno_1; - u32 msg_seqno_2; - u32 msg_seqno_3; - u64 ap_jump_table_pa; - u8 rsvd[40]; - u8 guest_usage[32]; -} __packed; - -#define VMPCK_KEY_LEN 32 - -/* See the SNP spec version 0.9 for secrets page format */ -struct snp_secrets_page_layout { - u32 version; - u32 imien : 1, - rsvd1 : 31; - u32 fms; - u32 rsvd2; - u8 gosvw[16]; - u8 vmpck0[VMPCK_KEY_LEN]; - u8 vmpck1[VMPCK_KEY_LEN]; - u8 vmpck2[VMPCK_KEY_LEN]; - u8 vmpck3[VMPCK_KEY_LEN]; - struct secrets_os_area os_area; - u8 rsvd3[3840]; -} __packed; - #endif /* __VIRT_SEVGUEST_H__ */ --=20 2.25.1