git.baikalelectronics.ru Git - kernel.git/commit

author	Brijesh Singh <brijesh.singh@amd.com>
	Wed, 9 Feb 2022 18:10:06 +0000 (12:10 -0600)
committer	Borislav Petkov <bp@suse.de>
	Wed, 6 Apr 2022 11:10:23 +0000 (13:10 +0200)
commit	88eee0e6967f7cb5fc610eb660f283f0cf9d2569
tree	4c7df4cd0f61c1781905d4294a7cb9bd8d51579d	tree \| snapshot
parent	8b389c85889c10534844d4146dd4d73557e08f05	commit \| diff

x86/sev: Check SEV-SNP features support

Version 2 of the GHCB specification added the advertisement of features
that are supported by the hypervisor. If the hypervisor supports SEV-SNP
then it must set the SEV-SNP features bit to indicate that the base
functionality is supported.

Check that feature bit while establishing the GHCB; if failed, terminate
the guest.

Version 2 of the GHCB specification adds several new Non-Automatic Exits
(NAEs), most of them are optional except the hypervisor feature. Now
that the hypervisor feature NAE is implemented, bump the GHCB maximum
supported protocol version.

While at it, move the GHCB protocol negotiation check from the #VC
exception handler to sev_enable() so that all feature detection happens
before the first #VC exception.

While at it, document why the GHCB page cannot be setup from
load_stage2_idt().

[ bp: Massage commit message. ]

Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Link: https://lore.kernel.org/r/20220307213356.2797205-13-brijesh.singh@amd.com

arch/x86/boot/compressed/idt_64.c		diff \| blob \| history
arch/x86/boot/compressed/sev.c		diff \| blob \| history
arch/x86/include/asm/sev-common.h		diff \| blob \| history
arch/x86/include/asm/sev.h		diff \| blob \| history
arch/x86/include/uapi/asm/svm.h		diff \| blob \| history
arch/x86/kernel/sev-shared.c		diff \| blob \| history
arch/x86/kernel/sev.c		diff \| blob \| history