git.baikalelectronics.ru Git - kernel.git/commit

author	Tom Lendacky <thomas.lendacky@amd.com>
	Thu, 10 Dec 2020 17:10:06 +0000 (11:10 -0600)
committer	Paolo Bonzini <pbonzini@redhat.com>
	Tue, 15 Dec 2020 10:20:58 +0000 (05:20 -0500)
commit	fc2eb6144e95d985f4ae191e892279c9e9120f39
tree	4ce881fdb0d064fc03936b83d9acd9b221da7316	tree \| snapshot
parent	95a3867589f280c1de3512e9b83324e9dfa16937	commit \| diff

KVM: SVM: Provide support for SEV-ES vCPU creation/loading

An SEV-ES vCPU requires additional VMCB initialization requirements for
vCPU creation and vCPU load/put requirements. This includes:

General VMCB initialization changes:
  - Set a VMCB control bit to enable SEV-ES support on the vCPU.
  - Set the VMCB encrypted VM save area address.
  - CRx registers are part of the encrypted register state and cannot be
    updated. Remove the CRx register read and write intercepts and replace
    them with CRx register write traps to track the CRx register values.
  - Certain MSR values are part of the encrypted register state and cannot
    be updated. Remove certain MSR intercepts (EFER, CR_PAT, etc.).
  - Remove the #GP intercept (no support for "enable_vmware_backdoor").
  - Remove the XSETBV intercept since the hypervisor cannot modify XCR0.

General vCPU creation changes:
  - Set the initial GHCB gpa value as per the GHCB specification.

Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Message-Id: <3a8aef366416eddd5556dfa3fdc212aafa1ad0a2.1607620209.git.thomas.lendacky@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

arch/x86/include/asm/svm.h		diff \| blob \| history
arch/x86/kvm/svm/sev.c		diff \| blob \| history
arch/x86/kvm/svm/svm.c		diff \| blob \| history
arch/x86/kvm/svm/svm.h		diff \| blob \| history