mirror of
git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2025-08-05 16:54:27 +00:00
8ed12ab131
Commit:d54d610243("x86/boot/sev: Avoid shared GHCB page for early memory acceptance") provided a fix for SEV-SNP memory acceptance from the EFI stub when running at VMPL #0. However, that fix was insufficient for SVSM SEV-SNP guests running at VMPL >0, as those rely on a SVSM calling area, which is a shared buffer whose address is programmed into a SEV-SNP MSR, and the SEV init code that sets up this calling area executes much later during the boot. Given that booting via the EFI stub at VMPL >0 implies that the firmware has configured this calling area already, reuse it for performing memory acceptance in the EFI stub. Fixes:fcd042e864("x86/sev: Perform PVALIDATE using the SVSM when not at VMPL0") Tested-by: Tom Lendacky <thomas.lendacky@amd.com> Co-developed-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Ingo Molnar <mingo@kernel.org> Cc: <stable@vger.kernel.org> Cc: Dionna Amalie Glaze <dionnaglaze@google.com> Cc: Kevin Loughlin <kevinloughlin@google.com> Cc: linux-efi@vger.kernel.org Link: https://lore.kernel.org/r/20250428174322.2780170-2-ardb+git@google.com
86 lines
2 KiB
C
86 lines
2 KiB
C
// SPDX-License-Identifier: GPL-2.0-only
|
|
|
|
#include "error.h"
|
|
#include "misc.h"
|
|
#include "tdx.h"
|
|
#include "sev.h"
|
|
#include <asm/shared/tdx.h>
|
|
|
|
/*
|
|
* accept_memory() and process_unaccepted_memory() called from EFI stub which
|
|
* runs before decompressor and its early_tdx_detect().
|
|
*
|
|
* Enumerate TDX directly from the early users.
|
|
*/
|
|
static bool early_is_tdx_guest(void)
|
|
{
|
|
static bool once;
|
|
static bool is_tdx;
|
|
|
|
if (!IS_ENABLED(CONFIG_INTEL_TDX_GUEST))
|
|
return false;
|
|
|
|
if (!once) {
|
|
u32 eax, sig[3];
|
|
|
|
cpuid_count(TDX_CPUID_LEAF_ID, 0, &eax,
|
|
&sig[0], &sig[2], &sig[1]);
|
|
is_tdx = !memcmp(TDX_IDENT, sig, sizeof(sig));
|
|
once = true;
|
|
}
|
|
|
|
return is_tdx;
|
|
}
|
|
|
|
void arch_accept_memory(phys_addr_t start, phys_addr_t end)
|
|
{
|
|
/* Platform-specific memory-acceptance call goes here */
|
|
if (early_is_tdx_guest()) {
|
|
if (!tdx_accept_memory(start, end))
|
|
panic("TDX: Failed to accept memory\n");
|
|
} else if (early_is_sevsnp_guest()) {
|
|
snp_accept_memory(start, end);
|
|
} else {
|
|
error("Cannot accept memory: unknown platform\n");
|
|
}
|
|
}
|
|
|
|
bool init_unaccepted_memory(void)
|
|
{
|
|
guid_t guid = LINUX_EFI_UNACCEPTED_MEM_TABLE_GUID;
|
|
struct efi_unaccepted_memory *table;
|
|
unsigned long cfg_table_pa;
|
|
unsigned int cfg_table_len;
|
|
enum efi_type et;
|
|
int ret;
|
|
|
|
et = efi_get_type(boot_params_ptr);
|
|
if (et == EFI_TYPE_NONE)
|
|
return false;
|
|
|
|
ret = efi_get_conf_table(boot_params_ptr, &cfg_table_pa, &cfg_table_len);
|
|
if (ret) {
|
|
warn("EFI config table not found.");
|
|
return false;
|
|
}
|
|
|
|
table = (void *)efi_find_vendor_table(boot_params_ptr, cfg_table_pa,
|
|
cfg_table_len, guid);
|
|
if (!table)
|
|
return false;
|
|
|
|
if (table->version != 1)
|
|
error("Unknown version of unaccepted memory table\n");
|
|
|
|
/*
|
|
* In many cases unaccepted_table is already set by EFI stub, but it
|
|
* has to be initialized again to cover cases when the table is not
|
|
* allocated by EFI stub or EFI stub copied the kernel image with
|
|
* efi_relocate_kernel() before the variable is set.
|
|
*
|
|
* It must be initialized before the first usage of accept_memory().
|
|
*/
|
|
unaccepted_table = table;
|
|
|
|
return true;
|
|
}
|