From: Michael Roth <michael.roth@xxxxxxx> Initial/preliminary detection of SEV-SNP is done via the Confidential Computing blob. Check for it prior to the normal SEV/SME feature initialization, and add some sanity checks to confirm it agrees with SEV-SNP CPUID/MSR bits. Signed-off-by: Michael Roth <michael.roth@xxxxxxx> Signed-off-by: Brijesh Singh <brijesh.singh@xxxxxxx> --- arch/x86/boot/compressed/sev.c | 91 +++++++++++++++++++++++++++++++++- arch/x86/include/asm/sev.h | 13 +++++ arch/x86/kernel/sev-shared.c | 34 +++++++++++++ 3 files changed, 137 insertions(+), 1 deletion(-) diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c index 3514feb5b226..93e125da12cf 100644 --- a/arch/x86/boot/compressed/sev.c +++ b/arch/x86/boot/compressed/sev.c @@ -291,6 +291,13 @@ static void enforce_vmpl0(void) void sev_enable(struct boot_params *bp) { unsigned int eax, ebx, ecx, edx; + bool snp; + + /* + * Setup/preliminary detection of SEV-SNP. This will be sanity-checked + * against CPUID/MSR values later. + */ + snp = snp_init(bp); /* Check for the SME/SEV support leaf */ eax = 0x80000000; @@ -311,8 +318,11 @@ void sev_enable(struct boot_params *bp) ecx = 0; native_cpuid(&eax, &ebx, &ecx, &edx); /* Check whether SEV is supported */ - if (!(eax & BIT(1))) + if (!(eax & BIT(1))) { + if (snp) + error("SEV-SNP support indicated by CC blob, but not CPUID."); return; + } /* Set the SME mask if this is an SEV guest. */ sev_status = rd_sev_status_msr(); @@ -337,5 +347,84 @@ void sev_enable(struct boot_params *bp) enforce_vmpl0(); } + if (snp && !(sev_status & MSR_AMD64_SEV_SNP_ENABLED)) + error("SEV-SNP supported indicated by CC blob, but not SEV status MSR."); + sme_me_mask = BIT_ULL(ebx & 0x3f); } + +/* Search for Confidential Computing blob in the EFI config table. */ +static struct cc_blob_sev_info *snp_find_cc_blob_efi(struct boot_params *bp) +{ + struct cc_blob_sev_info *cc_info; + unsigned long conf_table_pa; + unsigned int conf_table_len; + bool efi_64; + int ret; + + ret = efi_get_conf_table(bp, &conf_table_pa, &conf_table_len, &efi_64); + if (ret) + return NULL; + + ret = efi_find_vendor_table(conf_table_pa, conf_table_len, + EFI_CC_BLOB_GUID, efi_64, + (unsigned long *)&cc_info); + if (ret) + return NULL; + + return cc_info; +} + +/* + * Initial set up of SEV-SNP relies on information provided by the + * Confidential Computing blob, which can be passed to the boot kernel + * by firmware/bootloader in the following ways: + * + * - via an entry in the EFI config table + * - via a setup_data structure, as defined by the Linux Boot Protocol + * + * Scan for the blob in that order. + */ +static struct cc_blob_sev_info *snp_find_cc_blob(struct boot_params *bp) +{ + struct cc_blob_sev_info *cc_info; + + cc_info = snp_find_cc_blob_efi(bp); + if (cc_info) + goto found_cc_info; + + cc_info = snp_find_cc_blob_setup_data(bp); + if (!cc_info) + return NULL; + +found_cc_info: + if (cc_info->magic != CC_BLOB_SEV_HDR_MAGIC) + sev_es_terminate(0, GHCB_SNP_UNSUPPORTED); + + return cc_info; +} + +bool snp_init(struct boot_params *bp) +{ + struct cc_blob_sev_info *cc_info; + + if (!bp) + return false; + + cc_info = snp_find_cc_blob(bp); + if (!cc_info) + return false; + + /* + * Pass run-time kernel a pointer to CC info via boot_params so EFI + * config table doesn't need to be searched again during early startup + * phase. + */ + bp->cc_blob_address = (u32)(unsigned long)cc_info; + + /* + * Indicate SEV-SNP based on presence of SEV-SNP-specific CC blob. + * Subsequent checks will verify SEV-SNP CPUID/MSR bits. + */ + return true; +} diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index f42fbe3c332f..cd189c20bcc4 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -11,6 +11,7 @@ #include <linux/types.h> #include <asm/insn.h> #include <asm/sev-common.h> +#include <asm/bootparam.h> #define GHCB_PROTOCOL_MIN 1ULL #define GHCB_PROTOCOL_MAX 2ULL @@ -145,6 +146,17 @@ void __init snp_prep_memory(unsigned long paddr, unsigned int sz, enum psc_op op void snp_set_memory_shared(unsigned long vaddr, unsigned int npages); void snp_set_memory_private(unsigned long vaddr, unsigned int npages); void snp_set_wakeup_secondary_cpu(void); +bool snp_init(struct boot_params *bp); +/* + * TODO: These are exported only temporarily while boot/compressed/sev.c is + * the only user. This is to avoid unused function warnings for kernel/sev.c + * during the build of kernel proper. + * + * Once the code is added to consume these in kernel proper these functions + * can be moved back to being statically-scoped to units that pull in + * sev-shared.c via #include and these declarations can be dropped. + */ +struct cc_blob_sev_info *snp_find_cc_blob_setup_data(struct boot_params *bp); #else static inline void sev_es_ist_enter(struct pt_regs *regs) { } static inline void sev_es_ist_exit(void) { } @@ -162,6 +174,7 @@ static inline void __init snp_prep_memory(unsigned long paddr, unsigned int sz, static inline void snp_set_memory_shared(unsigned long vaddr, unsigned int npages) { } static inline void snp_set_memory_private(unsigned long vaddr, unsigned int npages) { } static inline void snp_set_wakeup_secondary_cpu(void) { } +static inline bool snp_init(struct boot_params *bp) { return false; } #endif #endif diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c index dabb425498e0..bd58a4ce29c8 100644 --- a/arch/x86/kernel/sev-shared.c +++ b/arch/x86/kernel/sev-shared.c @@ -934,3 +934,37 @@ static enum es_result vc_handle_rdtsc(struct ghcb *ghcb, return ES_OK; } + +struct cc_setup_data { + struct setup_data header; + u32 cc_blob_address; +}; + +static struct cc_setup_data *get_cc_setup_data(struct boot_params *bp) +{ + struct setup_data *hdr = (struct setup_data *)bp->hdr.setup_data; + + while (hdr) { + if (hdr->type == SETUP_CC_BLOB) + return (struct cc_setup_data *)hdr; + hdr = (struct setup_data *)hdr->next; + } + + return NULL; +} + +/* + * Search for a Confidential Computing blob passed in as a setup_data entry + * via the Linux Boot Protocol. + */ +struct cc_blob_sev_info * +snp_find_cc_blob_setup_data(struct boot_params *bp) +{ + struct cc_setup_data *sd; + + sd = get_cc_setup_data(bp); + if (!sd) + return NULL; + + return (struct cc_blob_sev_info *)(unsigned long)sd->cc_blob_address; +} -- 2.25.1