On 3/25/24 16:36, Pavan Kumar Paluri wrote:
KUT's UEFI tests don't currently have support for page allocation.
SEV-ES/SNP tests will need this later, so the support for page
allocation is provided via setup_vm().
SEV-ES/SNP guest uses GHCB page to communicate with the host. Such a
page should remain unencrypted (its c-bit should be unset). Therefore,
call setup_ghcb_pte() in the path of setup_vm() to make sure c-bit of
GHCB's pte is unset.
This looks like it should be 2 separate patches. One for supporting page
allocation and one for setting the GHCB page attributes.
Thanks,
Tom
Signed-off-by: Pavan Kumar Paluri <papaluri@xxxxxxx>
---
lib/x86/vm.c | 6 ++++++
x86/amd_sev.c | 7 +++++++
2 files changed, 13 insertions(+)
diff --git a/lib/x86/vm.c b/lib/x86/vm.c
index 90f73fbb2dfd..ce2063aee75d 100644
--- a/lib/x86/vm.c
+++ b/lib/x86/vm.c
@@ -3,6 +3,7 @@
#include "vmalloc.h"
#include "alloc_page.h"
#include "smp.h"
+#include "amd_sev.h"
static pteval_t pte_opt_mask;
@@ -197,6 +198,11 @@ void *setup_mmu(phys_addr_t end_of_memory, void *opt_mask)
init_alloc_vpage((void*)(3ul << 30));
#endif
+#ifdef CONFIG_EFI
+ if (amd_sev_es_enabled())
+ setup_ghcb_pte(cr3);
+#endif
+
write_cr3(virt_to_phys(cr3));
#ifndef __x86_64__
write_cr4(X86_CR4_PSE);
diff --git a/x86/amd_sev.c b/x86/amd_sev.c
index 7757d4f85b7a..03636e581dfe 100644
--- a/x86/amd_sev.c
+++ b/x86/amd_sev.c
@@ -14,6 +14,8 @@
#include "x86/processor.h"
#include "x86/amd_sev.h"
#include "msr.h"
+#include "x86/vm.h"
+#include "alloc_page.h"
#define EXIT_SUCCESS 0
#define EXIT_FAILURE 1
@@ -89,9 +91,14 @@ static void test_stringio(void)
int main(void)
{
int rtn;
+ unsigned long *vaddr;
rtn = test_sev_activation();
report(rtn == EXIT_SUCCESS, "SEV activation test.");
test_sev_es_activation();
test_stringio();
+ setup_vm();
+ vaddr = alloc_page();
+ if (!vaddr)
+ assert_msg(vaddr, "Page allocation Failure");
return report_summary();
}
