Displaying 18 results from an estimated 18 matches for "sev_es_termin".
2020 Apr 28
0
[PATCH v3 42/75] x86/sev-es: Setup GHCB based boot #VC handler
...diff --git a/arch/x86/kernel/sev-es-shared.c b/arch/x86/kernel/sev-es-shared.c
index 5703f9b17e70..3d2299fb5e3f 100644
--- a/arch/x86/kernel/sev-es-shared.c
+++ b/arch/x86/kernel/sev-es-shared.c
@@ -9,7 +9,7 @@
* and is included directly into both code-bases.
*/
-static void __maybe_unused sev_es_terminate(unsigned int reason)
+static void sev_es_terminate(unsigned int reason)
{
u64 val = GHCB_SEV_TERMINATE;
@@ -27,7 +27,7 @@ static void __maybe_unused sev_es_terminate(unsigned int reason)
asm volatile("hlt\n" : : : "memory");
}
-static bool __maybe_unused sev_es_neg...
2020 Sep 07
0
[PATCH v7 40/72] x86/sev-es: Setup GHCB based boot #VC handler
...er
diff --git a/arch/x86/kernel/sev-es-shared.c b/arch/x86/kernel/sev-es-shared.c
index 18619279a46f..aa77f2eb8d88 100644
--- a/arch/x86/kernel/sev-es-shared.c
+++ b/arch/x86/kernel/sev-es-shared.c
@@ -9,7 +9,7 @@
* and is included directly into both code-bases.
*/
-static void __maybe_unused sev_es_terminate(unsigned int reason)
+static void sev_es_terminate(unsigned int reason)
{
u64 val = GHCB_SEV_TERMINATE;
@@ -27,7 +27,7 @@ static void __maybe_unused sev_es_terminate(unsigned int reason)
asm volatile("hlt\n" : : : "memory");
}
-static bool __maybe_unused sev_es_neg...
2020 Apr 28
0
[PATCH v3 40/75] x86/sev-es: Compile early handler code into kernel image
...CONFIG_X86_64),y)
diff --git a/arch/x86/kernel/sev-es-shared.c b/arch/x86/kernel/sev-es-shared.c
index 3d645662ff10..5703f9b17e70 100644
--- a/arch/x86/kernel/sev-es-shared.c
+++ b/arch/x86/kernel/sev-es-shared.c
@@ -9,7 +9,7 @@
* and is included directly into both code-bases.
*/
-static void sev_es_terminate(unsigned int reason)
+static void __maybe_unused sev_es_terminate(unsigned int reason)
{
u64 val = GHCB_SEV_TERMINATE;
@@ -27,7 +27,7 @@ static void sev_es_terminate(unsigned int reason)
asm volatile("hlt\n" : : : "memory");
}
-static bool sev_es_negotiate_protocol...
2020 Apr 28
0
[PATCH v3 23/75] x86/boot/compressed/64: Setup GHCB Based VC Exception handler
...+/* Basic instruction decoding support needed */
+#include "../../lib/inat.c"
+#include "../../lib/insn.c"
/* Include code for early handlers */
#include "../../kernel/sev-es-shared.c"
+
+static bool sev_es_setup_ghcb(void)
+{
+ if (!sev_es_negotiate_protocol())
+ sev_es_terminate(GHCB_SEV_ES_REASON_PROTOCOL_UNSUPPORTED);
+
+ if (set_page_decrypted((unsigned long)&boot_ghcb_page))
+ return false;
+
+ /* Page is now mapped decrypted, clear it */
+ memset(&boot_ghcb_page, 0, sizeof(boot_ghcb_page));
+
+ boot_ghcb = &boot_ghcb_page;
+
+ /* Initialize lookup tabl...
2020 May 12
2
[PATCH v3 23/75] x86/boot/compressed/64: Setup GHCB Based VC Exception handler
...re we checking whether the immediate? insn_get_length() sets
insn->length unconditionally while insn_get_immediate() can error out
and not set ->got... ?
> +
> + return ret;
> +}
...
> +static bool sev_es_setup_ghcb(void)
> +{
> + if (!sev_es_negotiate_protocol())
> + sev_es_terminate(GHCB_SEV_ES_REASON_PROTOCOL_UNSUPPORTED);
> +
> + if (set_page_decrypted((unsigned long)&boot_ghcb_page))
> + return false;
> +
> + /* Page is now mapped decrypted, clear it */
> + memset(&boot_ghcb_page, 0, sizeof(boot_ghcb_page));
> +
> + boot_ghcb = &boot_...
2020 May 12
2
[PATCH v3 23/75] x86/boot/compressed/64: Setup GHCB Based VC Exception handler
...re we checking whether the immediate? insn_get_length() sets
insn->length unconditionally while insn_get_immediate() can error out
and not set ->got... ?
> +
> + return ret;
> +}
...
> +static bool sev_es_setup_ghcb(void)
> +{
> + if (!sev_es_negotiate_protocol())
> + sev_es_terminate(GHCB_SEV_ES_REASON_PROTOCOL_UNSUPPORTED);
> +
> + if (set_page_decrypted((unsigned long)&boot_ghcb_page))
> + return false;
> +
> + /* Page is now mapped decrypted, clear it */
> + memset(&boot_ghcb_page, 0, sizeof(boot_ghcb_page));
> +
> + boot_ghcb = &boot_...
2020 May 12
0
[PATCH v3 23/75] x86/boot/compressed/64: Setup GHCB Based VC Exception handler
...on was
decoded successfully. So testing immediate.got is the indicator whether
decoding was successful.
>
> > +
> > + return ret;
> > +}
>
> ...
>
> > +static bool sev_es_setup_ghcb(void)
> > +{
> > + if (!sev_es_negotiate_protocol())
> > + sev_es_terminate(GHCB_SEV_ES_REASON_PROTOCOL_UNSUPPORTED);
> > +
> > + if (set_page_decrypted((unsigned long)&boot_ghcb_page))
> > + return false;
> > +
> > + /* Page is now mapped decrypted, clear it */
> > + memset(&boot_ghcb_page, 0, sizeof(boot_ghcb_page));
> &...
2020 Jul 24
0
[PATCH v5 75/75] x86/sev-es: Check required CPU features for SEV-ES
...ine has_cpuflag(f) boot_cpu_has(f)
+#endif
+
+static bool __init sev_es_check_cpu_features(void)
+{
+ if (!has_cpuflag(X86_FEATURE_RDRAND)) {
+ error("RDRAND instruction not supported - no trusted source of randomness available\n");
+ return false;
+ }
+
+ return true;
+}
+
static void sev_es_terminate(unsigned int reason)
{
u64 val = GHCB_SEV_TERMINATE;
diff --git a/arch/x86/kernel/sev-es.c b/arch/x86/kernel/sev-es.c
index c5e0ceb099c2..e1fea7a38019 100644
--- a/arch/x86/kernel/sev-es.c
+++ b/arch/x86/kernel/sev-es.c
@@ -670,6 +670,9 @@ void __init sev_es_init_vc_handling(void)
if (!sev_...
2020 May 20
2
[PATCH v3 42/75] x86/sev-es: Setup GHCB based boot #VC handler
...init vc_boot_ghcb(struct pt_regs *regs)
> +{
> + unsigned long exit_code = regs->orig_ax;
> + struct es_em_ctxt ctxt;
> + enum es_result result;
> +
> + /* Do initial setup or terminate the guest */
> + if (unlikely(boot_ghcb == NULL && !sev_es_setup_ghcb()))
> + sev_es_terminate(GHCB_SEV_ES_REASON_GENERAL_REQUEST);
> +
> + vc_ghcb_invalidate(boot_ghcb);
Newline here...
> + result = vc_init_em_ctxt(&ctxt, regs, exit_code);
> +
... remove that one here.
> + if (result == ES_OK)
> + result = vc_handle_exitcode(&ctxt, boot_ghcb, exit_code);
....
2020 May 20
2
[PATCH v3 42/75] x86/sev-es: Setup GHCB based boot #VC handler
...init vc_boot_ghcb(struct pt_regs *regs)
> +{
> + unsigned long exit_code = regs->orig_ax;
> + struct es_em_ctxt ctxt;
> + enum es_result result;
> +
> + /* Do initial setup or terminate the guest */
> + if (unlikely(boot_ghcb == NULL && !sev_es_setup_ghcb()))
> + sev_es_terminate(GHCB_SEV_ES_REASON_GENERAL_REQUEST);
> +
> + vc_ghcb_invalidate(boot_ghcb);
Newline here...
> + result = vc_init_em_ctxt(&ctxt, regs, exit_code);
> +
... remove that one here.
> + if (result == ES_OK)
> + result = vc_handle_exitcode(&ctxt, boot_ghcb, exit_code);
....
2020 Sep 07
84
[PATCH v7 00/72] x86: SEV-ES Guest Support
From: Joerg Roedel <jroedel at suse.de>
Hi,
here is a new version of the SEV-ES Guest Support patches for x86. The
previous versions can be found as a linked list starting here:
https://lore.kernel.org/lkml/20200824085511.7553-1-joro at 8bytes.org/
I updated the patch-set based on ther review comments I got and the
discussions around it.
Another important change is that the early IDT
2020 Sep 07
84
[PATCH v7 00/72] x86: SEV-ES Guest Support
From: Joerg Roedel <jroedel at suse.de>
Hi,
here is a new version of the SEV-ES Guest Support patches for x86. The
previous versions can be found as a linked list starting here:
https://lore.kernel.org/lkml/20200824085511.7553-1-joro at 8bytes.org/
I updated the patch-set based on ther review comments I got and the
discussions around it.
Another important change is that the early IDT
2020 Jul 24
86
[PATCH v5 00/75] x86: SEV-ES Guest Support
From: Joerg Roedel <jroedel at suse.de>
Hi,
here is a rebased version of the latest SEV-ES patches. They are now
based on latest tip/master instead of upstream Linux and include the
necessary changes.
Changes to v4 are in particular:
- Moved early IDT setup code to idt.c, because the idt_descr
and the idt_table are now static
- This required to make stack protector work early (or
2020 Jul 14
92
[PATCH v4 00/75] x86: SEV-ES Guest Support
From: Joerg Roedel <jroedel at suse.de>
Hi,
here is the fourth version of the SEV-ES Guest Support patches. I
addressed the review comments sent to me for the previous version and
rebased the code v5.8-rc5.
The biggest change in this version is the IST handling code for the
#VC handler. I adapted the entry code for the #VC handler to the big
pile of entry code changes merged into
2020 Jul 14
92
[PATCH v4 00/75] x86: SEV-ES Guest Support
From: Joerg Roedel <jroedel at suse.de>
Hi,
here is the fourth version of the SEV-ES Guest Support patches. I
addressed the review comments sent to me for the previous version and
rebased the code v5.8-rc5.
The biggest change in this version is the IST handling code for the
#VC handler. I adapted the entry code for the #VC handler to the big
pile of entry code changes merged into
2020 Aug 24
96
[PATCH v6 00/76] x86: SEV-ES Guest Support
From: Joerg Roedel <jroedel at suse.de>
Hi,
here is the new version of the SEV-ES client enabling patch-set. It is
based on the latest tip/master branch and contains the necessary
changes. In particular those ar:
- Enabling CR4.FSGSBASE early on supported processors so that
early #VC exceptions on APs can be handled.
- Add another patch (patch 1) to fix a KVM frame-size build
2020 Apr 28
116
[PATCH v3 00/75] x86: SEV-ES Guest Support
Hi,
here is the next version of changes to enable Linux to run as an SEV-ES
guest. The code was rebased to v5.7-rc3 and got a fair number of changes
since the last version.
What is SEV-ES
==============
SEV-ES is an acronym for 'Secure Encrypted Virtualization - Encrypted
State' and means a hardware feature of AMD processors which hides the
register state of VCPUs to the hypervisor by
2020 Apr 28
116
[PATCH v3 00/75] x86: SEV-ES Guest Support
Hi,
here is the next version of changes to enable Linux to run as an SEV-ES
guest. The code was rebased to v5.7-rc3 and got a fair number of changes
since the last version.
What is SEV-ES
==============
SEV-ES is an acronym for 'Secure Encrypted Virtualization - Encrypted
State' and means a hardware feature of AMD processors which hides the
register state of VCPUs to the hypervisor by