search for: vmm_exception_stacks

...+ * + */ +#define N_VC_STACKS 5 + +#define VC_STACK_MEMBERS(guardsize, holesize) \ + char hole[holesize]; \ + struct { \ + char guard[guardsize]; \ + char stack[EXCEPTION_STKSZ]; \ + } stacks[N_VC_STACKS]; \ + char top_guard[guardsize]; \ + +/* Physical storage */ +struct vmm_exception_stacks { + VC_STACK_MEMBERS(0, 0) +}; + +/* Mapping in cpu_entry_area */ +struct cea_vmm_exception_stacks { + VC_STACK_MEMBERS(PAGE_SIZE, EXCEPTION_STKSZ) +}; + #endif #ifdef CONFIG_X86_32 @@ -110,6 +165,12 @@ struct cpu_entry_area { * Exception stacks used for IST entries with guard pages. */...

...100644 --- a/arch/x86/include/asm/cpu_entry_area.h +++ b/arch/x86/include/asm/cpu_entry_area.h @@ -192,6 +192,7 @@ struct cpu_entry_area { DECLARE_PER_CPU(struct cpu_entry_area *, cpu_entry_area); DECLARE_PER_CPU(struct cea_exception_stacks *, cea_exception_stacks); +DECLARE_PER_CPU(struct cea_vmm_exception_stacks *, cea_vmm_exception_stacks); extern void setup_cpu_entry_areas(void); extern void cea_set_pte(void *cea_vaddr, phys_addr_t pa, pgprot_t flags); diff --git a/arch/x86/include/asm/sev-es.h b/arch/x86/include/asm/sev-es.h index e1ed963a57ec..265da8351475 100644 --- a/arch/x86/include/asm/sev-es.h...

...; +#include <asm/traps.h> > #include <asm/svm.h> > > /* For early boot hypervisor communication in SEV-ES enabled guests */ > @@ -46,10 +47,26 @@ struct sev_es_runtime_data { > > /* Physical storage for the per-cpu IST stacks of the #VC handler */ > struct vmm_exception_stacks vc_stacks __aligned(PAGE_SIZE); > + > + /* Reserve on page per CPU as backup storage for the unencrypted GHCB */ one > + struct ghcb backup_ghcb; I could use some text explaining what those backups are for? > + /* > + * Mark the per-cpu GHCBs as in-use to detect nested #VC e...

...; +#include <asm/traps.h> > #include <asm/svm.h> > > /* For early boot hypervisor communication in SEV-ES enabled guests */ > @@ -46,10 +47,26 @@ struct sev_es_runtime_data { > > /* Physical storage for the per-cpu IST stacks of the #VC handler */ > struct vmm_exception_stacks vc_stacks __aligned(PAGE_SIZE); > + > + /* Reserve on page per CPU as backup storage for the unencrypted GHCB */ one > + struct ghcb backup_ghcb; I could use some text explaining what those backups are for? > + /* > + * Mark the per-cpu GHCBs as in-use to detect nested #VC e...

...t; -#include <asm/trap_defs.h> +#include <asm/traps.h> #include <asm/svm.h> /* For early boot hypervisor communication in SEV-ES enabled guests */ @@ -46,10 +47,26 @@ struct sev_es_runtime_data { /* Physical storage for the per-cpu IST stacks of the #VC handler */ struct vmm_exception_stacks vc_stacks __aligned(PAGE_SIZE); + + /* Reserve on page per CPU as backup storage for the unencrypted GHCB */ + struct ghcb backup_ghcb; + + /* + * Mark the per-cpu GHCBs as in-use to detect nested #VC exceptions. + * There is no need for it to be atomic, because nothing is written to + * the GHC...

Hi, here is the next version of changes to enable Linux to run as an SEV-ES guest. The code was rebased to v5.7-rc3 and got a fair number of changes since the last version. What is SEV-ES ============== SEV-ES is an acronym for 'Secure Encrypted Virtualization - Encrypted State' and means a hardware feature of AMD processors which hides the register state of VCPUs to the hypervisor by

Hi, here is the next version of changes to enable Linux to run as an SEV-ES guest. The code was rebased to v5.7-rc3 and got a fair number of changes since the last version. What is SEV-ES ============== SEV-ES is an acronym for 'Secure Encrypted Virtualization - Encrypted State' and means a hardware feature of AMD processors which hides the register state of VCPUs to the hypervisor by