AMD SEV-ES introduces a new #VC exception that handles the communication
between guest and host. UEFI already implements a #VC handler so there
is no need to re-implement it in KVM-Unit-Tests. To reuse this #VC
handler, this commit reads UEFI's IDT, copy the #VC IDT entry into
KVM-Unit-Tests' IDT.
In this commit, load_idt() can work and now guest crashes in
setup_page_table(), which will be fixed by follow-up commits.
Signed-off-by: Zixuan Wang <zixuanwang@xxxxxxxxxx>
---
lib/x86/amd_sev.c | 10 ++++++++++
lib/x86/amd_sev.h | 5 +++++
2 files changed, 15 insertions(+)
diff --git a/lib/x86/amd_sev.c b/lib/x86/amd_sev.c
index c2aebdf..04b6912 100644
--- a/lib/x86/amd_sev.c
+++ b/lib/x86/amd_sev.c
@@ -46,11 +46,21 @@ EFI_STATUS setup_amd_sev(void)
#ifdef CONFIG_AMD_SEV_ES
EFI_STATUS setup_amd_sev_es(void){
+ struct descriptor_table_ptr idtr;
+ idt_entry_t *idt;
+
/* Test if SEV-ES is enabled */
if (!(rdmsr(MSR_SEV_STATUS) & SEV_ES_ENABLED_MASK)) {
return EFI_UNSUPPORTED;
}
+ /* Copy UEFI's #VC IDT entry, so KVM-Unit-Tests can reuse it and does
+ * not have to re-implement a #VC handler
+ */
+ sidt(&idtr);
+ idt = (idt_entry_t *)idtr.base;
+ boot_idt[SEV_ES_VC_HANDLER_VECTOR] = idt[SEV_ES_VC_HANDLER_VECTOR];
+
return EFI_SUCCESS;
}
diff --git a/lib/x86/amd_sev.h b/lib/x86/amd_sev.h
index 4d81cae..5ebd4a6 100644
--- a/lib/x86/amd_sev.h
+++ b/lib/x86/amd_sev.h
@@ -36,6 +36,11 @@
#define SEV_ENABLED_MASK 0b1
#define SEV_ES_ENABLED_MASK 0b10
+/* AMD Programmer's Manual Volume 2
+ * - Section "#VC Exception"
+ */
+#define SEV_ES_VC_HANDLER_VECTOR 29
+
EFI_STATUS setup_amd_sev(void);
#ifdef CONFIG_AMD_SEV_ES
EFI_STATUS setup_amd_sev_es(void);
--
2.33.0.rc1.237.g0d66db33f3-goog
