search for: vc_stacks

...ng, print + * an error message + * + * -> #VC(printk) - shifts #VC IST entry to 0, output driver + * uses 'movs' + * + * -> #VC(movs) - shifts IST to unmapped stack, further #VCs will + * cause #DF + * + */ +#define N_VC_STACKS 5 + +#define VC_STACK_MEMBERS(guardsize, holesize) \ + char hole[holesize]; \ + struct { \ + char guard[guardsize]; \ + char stack[EXCEPTION_STKSZ]; \ + } stacks[N_VC_STACKS]; \ + char top_guard[guardsize]; \ + +/* Physical storage */ +struct vmm_exception_stacks { + VC_ST...

...nclude/asm/stacktrace.h +++ b/arch/x86/include/asm/stacktrace.h @@ -21,6 +21,10 @@ enum stack_type { STACK_TYPE_ENTRY, STACK_TYPE_EXCEPTION, STACK_TYPE_EXCEPTION_LAST = STACK_TYPE_EXCEPTION + N_EXCEPTION_STACKS-1, +#ifdef CONFIG_X86_64 + STACK_TYPE_VC, + STACK_TYPE_VC_LAST = STACK_TYPE_VC + N_VC_STACKS - 1, +#endif }; struct stack_info { diff --git a/arch/x86/kernel/dumpstack_64.c b/arch/x86/kernel/dumpstack_64.c index 87b97897a881..2468963c1424 100644 --- a/arch/x86/kernel/dumpstack_64.c +++ b/arch/x86/kernel/dumpstack_64.c @@ -18,6 +18,7 @@ #include <asm/cpu_entry_area.h> #include...

...raps.h> > #include <asm/svm.h> > > /* For early boot hypervisor communication in SEV-ES enabled guests */ > @@ -46,10 +47,26 @@ struct sev_es_runtime_data { > > /* Physical storage for the per-cpu IST stacks of the #VC handler */ > struct vmm_exception_stacks vc_stacks __aligned(PAGE_SIZE); > + > + /* Reserve on page per CPU as backup storage for the unencrypted GHCB */ one > + struct ghcb backup_ghcb; I could use some text explaining what those backups are for? > + /* > + * Mark the per-cpu GHCBs as in-use to detect nested #VC exceptions....

...raps.h> > #include <asm/svm.h> > > /* For early boot hypervisor communication in SEV-ES enabled guests */ > @@ -46,10 +47,26 @@ struct sev_es_runtime_data { > > /* Physical storage for the per-cpu IST stacks of the #VC handler */ > struct vmm_exception_stacks vc_stacks __aligned(PAGE_SIZE); > + > + /* Reserve on page per CPU as backup storage for the unencrypted GHCB */ one > + struct ghcb backup_ghcb; I could use some text explaining what those backups are for? > + /* > + * Mark the per-cpu GHCBs as in-use to detect nested #VC exceptions....

...er. + * The fall-back stack is used when it is not safe to switch back to the + * interrupted stack in the #VC entry code. + */ + char fallback_stack[EXCEPTION_STKSZ] __aligned(PAGE_SIZE); }; static DEFINE_PER_CPU(struct sev_es_runtime_data*, runtime_data); +static void __init sev_es_setup_vc_stacks(int cpu) +{ + struct sev_es_runtime_data *data; + struct cpu_entry_area *cea; + unsigned long vaddr; + phys_addr_t pa; + + data = per_cpu(runtime_data, cpu); + cea = get_cpu_entry_area(cpu); + + /* Map #VC IST stack */ + vaddr = CEA_ESTACK_BOT(&cea->estacks, VC); + pa = __pa(data->ist...

...trap_defs.h> +#include <asm/traps.h> #include <asm/svm.h> /* For early boot hypervisor communication in SEV-ES enabled guests */ @@ -46,10 +47,26 @@ struct sev_es_runtime_data { /* Physical storage for the per-cpu IST stacks of the #VC handler */ struct vmm_exception_stacks vc_stacks __aligned(PAGE_SIZE); + + /* Reserve on page per CPU as backup storage for the unencrypted GHCB */ + struct ghcb backup_ghcb; + + /* + * Mark the per-cpu GHCBs as in-use to detect nested #VC exceptions. + * There is no need for it to be atomic, because nothing is written to + * the GHCB between...

Hi, here is the next version of changes to enable Linux to run as an SEV-ES guest. The code was rebased to v5.7-rc3 and got a fair number of changes since the last version. What is SEV-ES ============== SEV-ES is an acronym for 'Secure Encrypted Virtualization - Encrypted State' and means a hardware feature of AMD processors which hides the register state of VCPUs to the hypervisor by

Hi, here is the next version of changes to enable Linux to run as an SEV-ES guest. The code was rebased to v5.7-rc3 and got a fair number of changes since the last version. What is SEV-ES ============== SEV-ES is an acronym for 'Secure Encrypted Virtualization - Encrypted State' and means a hardware feature of AMD processors which hides the register state of VCPUs to the hypervisor by

From: Joerg Roedel <jroedel at suse.de> Hi, here is the new version of the SEV-ES client enabling patch-set. It is based on the latest tip/master branch and contains the necessary changes. In particular those ar: - Enabling CR4.FSGSBASE early on supported processors so that early #VC exceptions on APs can be handled. - Add another patch (patch 1) to fix a KVM frame-size build

From: Joerg Roedel <jroedel at suse.de> Hi, here is a rebased version of the latest SEV-ES patches. They are now based on latest tip/master instead of upstream Linux and include the necessary changes. Changes to v4 are in particular: - Moved early IDT setup code to idt.c, because the idt_descr and the idt_table are now static - This required to make stack protector work early (or

From: Joerg Roedel <jroedel at suse.de> Hi, here is the fourth version of the SEV-ES Guest Support patches. I addressed the review comments sent to me for the previous version and rebased the code v5.8-rc5. The biggest change in this version is the IST handling code for the #VC handler. I adapted the entry code for the #VC handler to the big pile of entry code changes merged into

From: Joerg Roedel <jroedel at suse.de> Hi, here is the fourth version of the SEV-ES Guest Support patches. I addressed the review comments sent to me for the previous version and rebased the code v5.8-rc5. The biggest change in this version is the IST handling code for the #VC handler. I adapted the entry code for the #VC handler to the big pile of entry code changes merged into

From: Joerg Roedel <jroedel at suse.de> Hi, here is a new version of the SEV-ES Guest Support patches for x86. The previous versions can be found as a linked list starting here: https://lore.kernel.org/lkml/20200824085511.7553-1-joro at 8bytes.org/ I updated the patch-set based on ther review comments I got and the discussions around it. Another important change is that the early IDT

From: Joerg Roedel <jroedel at suse.de> Hi, here is a new version of the SEV-ES Guest Support patches for x86. The previous versions can be found as a linked list starting here: https://lore.kernel.org/lkml/20200824085511.7553-1-joro at 8bytes.org/ I updated the patch-set based on ther review comments I got and the discussions around it. Another important change is that the early IDT