MMIO access to APIC's private GPA with C-bit set that is not backed by
memslots is no longer treated as MMIO access and is treated as an
invalid guest access. So unset the C-bit on APIC page for it to be treated
as a valid MMIO access. This applies to both SEV-ES/SNP guests.
Signed-off-by: Pavan Kumar Paluri <papaluri@xxxxxxx>
---
lib/x86/apic.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/lib/x86/apic.c b/lib/x86/apic.c
index bbc2d8ae85b1..45ac36c5cbaf 100644
--- a/lib/x86/apic.c
+++ b/lib/x86/apic.c
@@ -5,6 +5,8 @@
#include "smp.h"
#include "asm/barrier.h"
#include "asm/io.h"
+#include "amd_sev.h"
+#include "x86/vm.h"
/* xAPIC and I/O APIC are identify mapped, and never relocated. */
static void *g_apic = (void *)APIC_DEFAULT_PHYS_BASE;
@@ -233,7 +235,19 @@ void set_irq_line(unsigned line, int val)
void enable_apic(void)
{
+ pteval_t *pte;
+
printf("enabling apic\n");
+
+ if (amd_sev_es_enabled()) {
+ pte = get_pte((pgd_t *)read_cr3(),
+ (void *)APIC_DEFAULT_PHYS_BASE);
+
+ flush_tlb();
+ *pte &= ~get_amd_sev_c_bit_mask();
+ flush_tlb();
+ }
+
xapic_write(APIC_SPIV, 0x1ff);
}
--
2.34.1
