On 19/01/23 04:51, Borislav Petkov wrote: > On Wed, Jan 18, 2023 at 11:49:43AM +0530, Nikunj A Dadhania wrote: >> The hypervisor can enable various new features (SEV_FEATURES[1:63]) >> and start the SNP guest. Some of these features need guest side >> implementation. If any of these features are enabled without guest >> side implementation, the behavior of the SNP guest will be undefined. >> The SNP guest boot may fail in a non-obvious way making it difficult >> to debug. >> >> Instead of allowing the guest to continue and have it fail randomly >> later, detect this early and fail gracefully. >> >> SEV_STATUS MSR indicates features which the hypervisor has enabled. >> While booting, SNP guests should ascertain that all the enabled >> features have guest side implementation. In case any feature is not >> implemented in the guest, the guest terminates booting with GHCB >> protocol Non-Automatic Exit(NAE) termination request event[1]. Populate >> SW_EXITINFO2 with mask of unsupported features that the hypervisor >> can easily report to the user. >> >> More details in AMD64 APM[2] Vol 2: 15.34.10 SEV_STATUS MSR >> >> [1] https://developer.amd.com/wp-content/resources/56421.pdf >> 4.1.13 Termination Request >> >> [2] https://www.amd.com/system/files/TechDocs/40332.pdf >> >> Fixes: cbd3d4f7c4e5 ("x86/sev: Check SEV-SNP features support") >> CC: Borislav Petkov <bp@xxxxxxxxx> >> CC: David Rientjes <rientjes@xxxxxxxxxx> >> CC: Michael Roth <michael.roth@xxxxxxx> >> CC: Tom Lendacky <thomas.lendacky@xxxxxxx> >> CC: <stable@xxxxxxxxxx> >> Signed-off-by: Nikunj A Dadhania <nikunj@xxxxxxx> >> Reviewed-by: Tom Lendacky <thomas.lendacky@xxxxxxx> > > Ok, did some massaging. See whether I've fat-fingered something: > Thanks, looks good to me. Regards Nikunj
