| 1 | /* SPDX-License-Identifier: GPL-2.0 */ |
|---|---|
| 2 | /* |
| 3 | * AMD Encrypted Register State Support |
| 4 | * |
| 5 | * Author: Joerg Roedel <jroedel@suse.de> |
| 6 | */ |
| 7 | |
| 8 | #ifndef __ASM_ENCRYPTED_STATE_H |
| 9 | #define __ASM_ENCRYPTED_STATE_H |
| 10 | |
| 11 | #include <linux/types.h> |
| 12 | #include <linux/sev-guest.h> |
| 13 | |
| 14 | #include <asm/insn.h> |
| 15 | #include <asm/sev-common.h> |
| 16 | #include <asm/coco.h> |
| 17 | #include <asm/set_memory.h> |
| 18 | #include <asm/svm.h> |
| 19 | |
| 20 | #define GHCB_PROTOCOL_MIN 1ULL |
| 21 | #define GHCB_PROTOCOL_MAX 2ULL |
| 22 | #define GHCB_DEFAULT_USAGE 0ULL |
| 23 | |
| 24 | #define VMGEXIT() { asm volatile("rep; vmmcall\n\r"); } |
| 25 | |
| 26 | struct boot_params; |
| 27 | |
| 28 | enum es_result { |
| 29 | ES_OK, /* All good */ |
| 30 | ES_UNSUPPORTED, /* Requested operation not supported */ |
| 31 | ES_VMM_ERROR, /* Unexpected state from the VMM */ |
| 32 | ES_DECODE_FAILED, /* Instruction decoding failed */ |
| 33 | ES_EXCEPTION, /* Instruction caused exception */ |
| 34 | ES_RETRY, /* Retry instruction emulation */ |
| 35 | }; |
| 36 | |
| 37 | struct es_fault_info { |
| 38 | unsigned long vector; |
| 39 | unsigned long error_code; |
| 40 | unsigned long cr2; |
| 41 | }; |
| 42 | |
| 43 | struct pt_regs; |
| 44 | |
| 45 | /* ES instruction emulation context */ |
| 46 | struct es_em_ctxt { |
| 47 | struct pt_regs *regs; |
| 48 | struct insn insn; |
| 49 | struct es_fault_info fi; |
| 50 | }; |
| 51 | |
| 52 | /* |
| 53 | * AMD SEV Confidential computing blob structure. The structure is |
| 54 | * defined in OVMF UEFI firmware header: |
| 55 | * https://github.com/tianocore/edk2/blob/master/OvmfPkg/Include/Guid/ConfidentialComputingSevSnpBlob.h |
| 56 | */ |
| 57 | #define CC_BLOB_SEV_HDR_MAGIC 0x45444d41 |
| 58 | struct cc_blob_sev_info { |
| 59 | u32 magic; |
| 60 | u16 version; |
| 61 | u16 reserved; |
| 62 | u64 secrets_phys; |
| 63 | u32 secrets_len; |
| 64 | u32 rsvd1; |
| 65 | u64 cpuid_phys; |
| 66 | u32 cpuid_len; |
| 67 | u32 rsvd2; |
| 68 | } __packed; |
| 69 | |
| 70 | void do_vc_no_ghcb(struct pt_regs *regs, unsigned long exit_code); |
| 71 | |
| 72 | static inline u64 lower_bits(u64 val, unsigned int bits) |
| 73 | { |
| 74 | u64 mask = (1ULL << bits) - 1; |
| 75 | |
| 76 | return (val & mask); |
| 77 | } |
| 78 | |
| 79 | struct real_mode_header; |
| 80 | enum stack_type; |
| 81 | |
| 82 | /* Early IDT entry points for #VC handler */ |
| 83 | extern void vc_no_ghcb(void); |
| 84 | extern void vc_boot_ghcb(void); |
| 85 | extern bool handle_vc_boot_ghcb(struct pt_regs *regs); |
| 86 | |
| 87 | /* |
| 88 | * Individual entries of the SNP CPUID table, as defined by the SNP |
| 89 | * Firmware ABI, Revision 0.9, Section 7.1, Table 14. |
| 90 | */ |
| 91 | struct snp_cpuid_fn { |
| 92 | u32 eax_in; |
| 93 | u32 ecx_in; |
| 94 | u64 xcr0_in; |
| 95 | u64 xss_in; |
| 96 | u32 eax; |
| 97 | u32 ebx; |
| 98 | u32 ecx; |
| 99 | u32 edx; |
| 100 | u64 __reserved; |
| 101 | } __packed; |
| 102 | |
| 103 | /* |
| 104 | * SNP CPUID table, as defined by the SNP Firmware ABI, Revision 0.9, |
| 105 | * Section 8.14.2.6. Also noted there is the SNP firmware-enforced limit |
| 106 | * of 64 entries per CPUID table. |
| 107 | */ |
| 108 | #define SNP_CPUID_COUNT_MAX 64 |
| 109 | |
| 110 | struct snp_cpuid_table { |
| 111 | u32 count; |
| 112 | u32 __reserved1; |
| 113 | u64 __reserved2; |
| 114 | struct snp_cpuid_fn fn[SNP_CPUID_COUNT_MAX]; |
| 115 | } __packed; |
| 116 | |
| 117 | /* PVALIDATE return codes */ |
| 118 | #define PVALIDATE_FAIL_SIZEMISMATCH 6 |
| 119 | |
| 120 | /* Software defined (when rFlags.CF = 1) */ |
| 121 | #define PVALIDATE_FAIL_NOUPDATE 255 |
| 122 | |
| 123 | /* RMUPDATE detected 4K page and 2MB page overlap. */ |
| 124 | #define RMPUPDATE_FAIL_OVERLAP 4 |
| 125 | |
| 126 | /* PSMASH failed due to concurrent access by another CPU */ |
| 127 | #define PSMASH_FAIL_INUSE 3 |
| 128 | |
| 129 | /* RMP page size */ |
| 130 | #define RMP_PG_SIZE_4K 0 |
| 131 | #define RMP_PG_SIZE_2M 1 |
| 132 | #define RMP_TO_PG_LEVEL(level) (((level) == RMP_PG_SIZE_4K) ? PG_LEVEL_4K : PG_LEVEL_2M) |
| 133 | #define PG_LEVEL_TO_RMP(level) (((level) == PG_LEVEL_4K) ? RMP_PG_SIZE_4K : RMP_PG_SIZE_2M) |
| 134 | |
| 135 | struct rmp_state { |
| 136 | u64 gpa; |
| 137 | u8 assigned; |
| 138 | u8 pagesize; |
| 139 | u8 immutable; |
| 140 | u8 rsvd; |
| 141 | u32 asid; |
| 142 | } __packed; |
| 143 | |
| 144 | #define RMPADJUST_VMSA_PAGE_BIT BIT(16) |
| 145 | |
| 146 | /* SNP Guest message request */ |
| 147 | struct snp_req_data { |
| 148 | unsigned long req_gpa; |
| 149 | unsigned long resp_gpa; |
| 150 | unsigned long data_gpa; |
| 151 | unsigned int data_npages; |
| 152 | }; |
| 153 | |
| 154 | #define MAX_AUTHTAG_LEN 32 |
| 155 | #define AUTHTAG_LEN 16 |
| 156 | #define AAD_LEN 48 |
| 157 | #define MSG_HDR_VER 1 |
| 158 | |
| 159 | #define SNP_REQ_MAX_RETRY_DURATION (60*HZ) |
| 160 | #define SNP_REQ_RETRY_DELAY (2*HZ) |
| 161 | |
| 162 | /* See SNP spec SNP_GUEST_REQUEST section for the structure */ |
| 163 | enum msg_type { |
| 164 | SNP_MSG_TYPE_INVALID = 0, |
| 165 | SNP_MSG_CPUID_REQ, |
| 166 | SNP_MSG_CPUID_RSP, |
| 167 | SNP_MSG_KEY_REQ, |
| 168 | SNP_MSG_KEY_RSP, |
| 169 | SNP_MSG_REPORT_REQ, |
| 170 | SNP_MSG_REPORT_RSP, |
| 171 | SNP_MSG_EXPORT_REQ, |
| 172 | SNP_MSG_EXPORT_RSP, |
| 173 | SNP_MSG_IMPORT_REQ, |
| 174 | SNP_MSG_IMPORT_RSP, |
| 175 | SNP_MSG_ABSORB_REQ, |
| 176 | SNP_MSG_ABSORB_RSP, |
| 177 | SNP_MSG_VMRK_REQ, |
| 178 | SNP_MSG_VMRK_RSP, |
| 179 | |
| 180 | SNP_MSG_TSC_INFO_REQ = 17, |
| 181 | SNP_MSG_TSC_INFO_RSP, |
| 182 | |
| 183 | SNP_MSG_TYPE_MAX |
| 184 | }; |
| 185 | |
| 186 | enum aead_algo { |
| 187 | SNP_AEAD_INVALID, |
| 188 | SNP_AEAD_AES_256_GCM, |
| 189 | }; |
| 190 | |
| 191 | struct snp_guest_msg_hdr { |
| 192 | u8 authtag[MAX_AUTHTAG_LEN]; |
| 193 | u64 msg_seqno; |
| 194 | u8 rsvd1[8]; |
| 195 | u8 algo; |
| 196 | u8 hdr_version; |
| 197 | u16 hdr_sz; |
| 198 | u8 msg_type; |
| 199 | u8 msg_version; |
| 200 | u16 msg_sz; |
| 201 | u32 rsvd2; |
| 202 | u8 msg_vmpck; |
| 203 | u8 rsvd3[35]; |
| 204 | } __packed; |
| 205 | |
| 206 | struct snp_guest_msg { |
| 207 | struct snp_guest_msg_hdr hdr; |
| 208 | u8 payload[PAGE_SIZE - sizeof(struct snp_guest_msg_hdr)]; |
| 209 | } __packed; |
| 210 | |
| 211 | #define SNP_TSC_INFO_REQ_SZ 128 |
| 212 | |
| 213 | struct snp_tsc_info_req { |
| 214 | u8 rsvd[SNP_TSC_INFO_REQ_SZ]; |
| 215 | } __packed; |
| 216 | |
| 217 | struct snp_tsc_info_resp { |
| 218 | u32 status; |
| 219 | u32 rsvd1; |
| 220 | u64 tsc_scale; |
| 221 | u64 tsc_offset; |
| 222 | u32 tsc_factor; |
| 223 | u8 rsvd2[100]; |
| 224 | } __packed; |
| 225 | |
| 226 | /* |
| 227 | * Obtain the mean TSC frequency by decreasing the nominal TSC frequency with |
| 228 | * TSC_FACTOR as documented in the SNP Firmware ABI specification: |
| 229 | * |
| 230 | * GUEST_TSC_FREQ * (1 - (TSC_FACTOR * 0.00001)) |
| 231 | * |
| 232 | * which is equivalent to: |
| 233 | * |
| 234 | * GUEST_TSC_FREQ -= (GUEST_TSC_FREQ * TSC_FACTOR) / 100000; |
| 235 | */ |
| 236 | #define SNP_SCALE_TSC_FREQ(freq, factor) ((freq) - (freq) * (factor) / 100000) |
| 237 | |
| 238 | struct snp_guest_req { |
| 239 | void *req_buf; |
| 240 | size_t req_sz; |
| 241 | |
| 242 | void *resp_buf; |
| 243 | size_t resp_sz; |
| 244 | |
| 245 | u64 exit_code; |
| 246 | u64 exitinfo2; |
| 247 | unsigned int vmpck_id; |
| 248 | u8 msg_version; |
| 249 | u8 msg_type; |
| 250 | |
| 251 | struct snp_req_data input; |
| 252 | void *certs_data; |
| 253 | }; |
| 254 | |
| 255 | /* |
| 256 | * The secrets page contains 96-bytes of reserved field that can be used by |
| 257 | * the guest OS. The guest OS uses the area to save the message sequence |
| 258 | * number for each VMPCK. |
| 259 | * |
| 260 | * See the GHCB spec section Secret page layout for the format for this area. |
| 261 | */ |
| 262 | struct secrets_os_area { |
| 263 | u32 msg_seqno_0; |
| 264 | u32 msg_seqno_1; |
| 265 | u32 msg_seqno_2; |
| 266 | u32 msg_seqno_3; |
| 267 | u64 ap_jump_table_pa; |
| 268 | u8 rsvd[40]; |
| 269 | u8 guest_usage[32]; |
| 270 | } __packed; |
| 271 | |
| 272 | #define VMPCK_KEY_LEN 32 |
| 273 | |
| 274 | /* See the SNP spec version 0.9 for secrets page format */ |
| 275 | struct snp_secrets_page { |
| 276 | u32 version; |
| 277 | u32 imien : 1, |
| 278 | rsvd1 : 31; |
| 279 | u32 fms; |
| 280 | u32 rsvd2; |
| 281 | u8 gosvw[16]; |
| 282 | u8 vmpck0[VMPCK_KEY_LEN]; |
| 283 | u8 vmpck1[VMPCK_KEY_LEN]; |
| 284 | u8 vmpck2[VMPCK_KEY_LEN]; |
| 285 | u8 vmpck3[VMPCK_KEY_LEN]; |
| 286 | struct secrets_os_area os_area; |
| 287 | |
| 288 | u8 vmsa_tweak_bitmap[64]; |
| 289 | |
| 290 | /* SVSM fields */ |
| 291 | u64 svsm_base; |
| 292 | u64 svsm_size; |
| 293 | u64 svsm_caa; |
| 294 | u32 svsm_max_version; |
| 295 | u8 svsm_guest_vmpl; |
| 296 | u8 rsvd3[3]; |
| 297 | |
| 298 | /* The percentage decrease from nominal to mean TSC frequency. */ |
| 299 | u32 tsc_factor; |
| 300 | |
| 301 | /* Remainder of page */ |
| 302 | u8 rsvd4[3740]; |
| 303 | } __packed; |
| 304 | |
| 305 | struct snp_msg_desc { |
| 306 | /* request and response are in unencrypted memory */ |
| 307 | struct snp_guest_msg *request, *response; |
| 308 | |
| 309 | /* |
| 310 | * Avoid information leakage by double-buffering shared messages |
| 311 | * in fields that are in regular encrypted memory. |
| 312 | */ |
| 313 | struct snp_guest_msg secret_request, secret_response; |
| 314 | |
| 315 | struct snp_secrets_page *secrets; |
| 316 | |
| 317 | struct aesgcm_ctx *ctx; |
| 318 | |
| 319 | u32 *os_area_msg_seqno; |
| 320 | u8 *vmpck; |
| 321 | int vmpck_id; |
| 322 | }; |
| 323 | |
| 324 | /* |
| 325 | * The SVSM Calling Area (CA) related structures. |
| 326 | */ |
| 327 | struct svsm_ca { |
| 328 | u8 call_pending; |
| 329 | u8 mem_available; |
| 330 | u8 rsvd1[6]; |
| 331 | |
| 332 | u8 svsm_buffer[PAGE_SIZE - 8]; |
| 333 | }; |
| 334 | |
| 335 | #define SVSM_SUCCESS 0 |
| 336 | #define SVSM_ERR_INCOMPLETE 0x80000000 |
| 337 | #define SVSM_ERR_UNSUPPORTED_PROTOCOL 0x80000001 |
| 338 | #define SVSM_ERR_UNSUPPORTED_CALL 0x80000002 |
| 339 | #define SVSM_ERR_INVALID_ADDRESS 0x80000003 |
| 340 | #define SVSM_ERR_INVALID_FORMAT 0x80000004 |
| 341 | #define SVSM_ERR_INVALID_PARAMETER 0x80000005 |
| 342 | #define SVSM_ERR_INVALID_REQUEST 0x80000006 |
| 343 | #define SVSM_ERR_BUSY 0x80000007 |
| 344 | #define SVSM_PVALIDATE_FAIL_SIZEMISMATCH 0x80001006 |
| 345 | |
| 346 | /* |
| 347 | * The SVSM PVALIDATE related structures |
| 348 | */ |
| 349 | struct svsm_pvalidate_entry { |
| 350 | u64 page_size : 2, |
| 351 | action : 1, |
| 352 | ignore_cf : 1, |
| 353 | rsvd : 8, |
| 354 | pfn : 52; |
| 355 | }; |
| 356 | |
| 357 | struct svsm_pvalidate_call { |
| 358 | u16 num_entries; |
| 359 | u16 cur_index; |
| 360 | |
| 361 | u8 rsvd1[4]; |
| 362 | |
| 363 | struct svsm_pvalidate_entry entry[]; |
| 364 | }; |
| 365 | |
| 366 | #define SVSM_PVALIDATE_MAX_COUNT ((sizeof_field(struct svsm_ca, svsm_buffer) - \ |
| 367 | offsetof(struct svsm_pvalidate_call, entry)) / \ |
| 368 | sizeof(struct svsm_pvalidate_entry)) |
| 369 | |
| 370 | /* |
| 371 | * The SVSM Attestation related structures |
| 372 | */ |
| 373 | struct svsm_loc_entry { |
| 374 | u64 pa; |
| 375 | u32 len; |
| 376 | u8 rsvd[4]; |
| 377 | }; |
| 378 | |
| 379 | struct svsm_attest_call { |
| 380 | struct svsm_loc_entry report_buf; |
| 381 | struct svsm_loc_entry nonce; |
| 382 | struct svsm_loc_entry manifest_buf; |
| 383 | struct svsm_loc_entry certificates_buf; |
| 384 | |
| 385 | /* For attesting a single service */ |
| 386 | u8 service_guid[16]; |
| 387 | u32 service_manifest_ver; |
| 388 | u8 rsvd[4]; |
| 389 | }; |
| 390 | |
| 391 | /* PTE descriptor used for the prepare_pte_enc() operations. */ |
| 392 | struct pte_enc_desc { |
| 393 | pte_t *kpte; |
| 394 | int pte_level; |
| 395 | bool encrypt; |
| 396 | /* pfn of the kpte above */ |
| 397 | unsigned long pfn; |
| 398 | /* physical address of @pfn */ |
| 399 | unsigned long pa; |
| 400 | /* virtual address of @pfn */ |
| 401 | void *va; |
| 402 | /* memory covered by the pte */ |
| 403 | unsigned long size; |
| 404 | pgprot_t new_pgprot; |
| 405 | }; |
| 406 | |
| 407 | /* |
| 408 | * SVSM protocol structure |
| 409 | */ |
| 410 | struct svsm_call { |
| 411 | struct svsm_ca *caa; |
| 412 | u64 rax; |
| 413 | u64 rcx; |
| 414 | u64 rdx; |
| 415 | u64 r8; |
| 416 | u64 r9; |
| 417 | u64 rax_out; |
| 418 | u64 rcx_out; |
| 419 | u64 rdx_out; |
| 420 | u64 r8_out; |
| 421 | u64 r9_out; |
| 422 | }; |
| 423 | |
| 424 | #define SVSM_CORE_CALL(x) ((0ULL << 32) | (x)) |
| 425 | #define SVSM_CORE_REMAP_CA 0 |
| 426 | #define SVSM_CORE_PVALIDATE 1 |
| 427 | #define SVSM_CORE_CREATE_VCPU 2 |
| 428 | #define SVSM_CORE_DELETE_VCPU 3 |
| 429 | |
| 430 | #define SVSM_ATTEST_CALL(x) ((1ULL << 32) | (x)) |
| 431 | #define SVSM_ATTEST_SERVICES 0 |
| 432 | #define SVSM_ATTEST_SINGLE_SERVICE 1 |
| 433 | |
| 434 | #define SVSM_VTPM_CALL(x) ((2ULL << 32) | (x)) |
| 435 | #define SVSM_VTPM_QUERY 0 |
| 436 | #define SVSM_VTPM_CMD 1 |
| 437 | |
| 438 | #ifdef CONFIG_AMD_MEM_ENCRYPT |
| 439 | |
| 440 | extern u8 snp_vmpl; |
| 441 | |
| 442 | extern void __sev_es_ist_enter(struct pt_regs *regs); |
| 443 | extern void __sev_es_ist_exit(void); |
| 444 | static __always_inline void sev_es_ist_enter(struct pt_regs *regs) |
| 445 | { |
| 446 | if (cc_vendor == CC_VENDOR_AMD && |
| 447 | cc_platform_has(CC_ATTR_GUEST_STATE_ENCRYPT)) |
| 448 | __sev_es_ist_enter(regs); |
| 449 | } |
| 450 | static __always_inline void sev_es_ist_exit(void) |
| 451 | { |
| 452 | if (cc_vendor == CC_VENDOR_AMD && |
| 453 | cc_platform_has(CC_ATTR_GUEST_STATE_ENCRYPT)) |
| 454 | __sev_es_ist_exit(); |
| 455 | } |
| 456 | extern int sev_es_setup_ap_jump_table(struct real_mode_header *rmh); |
| 457 | extern void __sev_es_nmi_complete(void); |
| 458 | static __always_inline void sev_es_nmi_complete(void) |
| 459 | { |
| 460 | if (cc_vendor == CC_VENDOR_AMD && |
| 461 | cc_platform_has(CC_ATTR_GUEST_STATE_ENCRYPT)) |
| 462 | __sev_es_nmi_complete(); |
| 463 | } |
| 464 | extern int __init sev_es_efi_map_ghcbs_cas(pgd_t *pgd); |
| 465 | extern void sev_enable(struct boot_params *bp); |
| 466 | |
| 467 | /* |
| 468 | * RMPADJUST modifies the RMP permissions of a page of a lesser- |
| 469 | * privileged (numerically higher) VMPL. |
| 470 | * |
| 471 | * If the guest is running at a higher-privilege than the privilege |
| 472 | * level the instruction is targeting, the instruction will succeed, |
| 473 | * otherwise, it will fail. |
| 474 | */ |
| 475 | static inline int rmpadjust(unsigned long vaddr, bool rmp_psize, unsigned long attrs) |
| 476 | { |
| 477 | int rc; |
| 478 | |
| 479 | /* "rmpadjust" mnemonic support in binutils 2.36 and newer */ |
| 480 | asm volatile(".byte 0xF3,0x0F,0x01,0xFE\n\t" |
| 481 | : "=a"(rc) |
| 482 | : "a"(vaddr), "c"(rmp_psize), "d"(attrs) |
| 483 | : "memory", "cc"); |
| 484 | |
| 485 | return rc; |
| 486 | } |
| 487 | static inline int pvalidate(unsigned long vaddr, bool rmp_psize, bool validate) |
| 488 | { |
| 489 | bool no_rmpupdate; |
| 490 | int rc; |
| 491 | |
| 492 | /* "pvalidate" mnemonic support in binutils 2.36 and newer */ |
| 493 | asm volatile(".byte 0xF2, 0x0F, 0x01, 0xFF\n\t" |
| 494 | : "=@ccc"(no_rmpupdate), "=a"(rc) |
| 495 | : "a"(vaddr), "c"(rmp_psize), "d"(validate) |
| 496 | : "memory", "cc"); |
| 497 | |
| 498 | if (no_rmpupdate) |
| 499 | return PVALIDATE_FAIL_NOUPDATE; |
| 500 | |
| 501 | return rc; |
| 502 | } |
| 503 | |
| 504 | void setup_ghcb(void); |
| 505 | void snp_register_ghcb_early(unsigned long paddr); |
| 506 | void early_snp_set_memory_private(unsigned long vaddr, unsigned long paddr, |
| 507 | unsigned long npages); |
| 508 | void early_snp_set_memory_shared(unsigned long vaddr, unsigned long paddr, |
| 509 | unsigned long npages); |
| 510 | void snp_set_memory_shared(unsigned long vaddr, unsigned long npages); |
| 511 | void snp_set_memory_private(unsigned long vaddr, unsigned long npages); |
| 512 | void snp_set_wakeup_secondary_cpu(void); |
| 513 | bool snp_init(struct boot_params *bp); |
| 514 | void snp_dmi_setup(void); |
| 515 | int snp_issue_svsm_attest_req(u64 call_id, struct svsm_call *call, struct svsm_attest_call *input); |
| 516 | void snp_accept_memory(phys_addr_t start, phys_addr_t end); |
| 517 | u64 snp_get_unsupported_features(u64 status); |
| 518 | u64 sev_get_status(void); |
| 519 | void sev_show_status(void); |
| 520 | int prepare_pte_enc(struct pte_enc_desc *d); |
| 521 | void set_pte_enc_mask(pte_t *kpte, unsigned long pfn, pgprot_t new_prot); |
| 522 | void snp_kexec_finish(void); |
| 523 | void snp_kexec_begin(void); |
| 524 | |
| 525 | int snp_msg_init(struct snp_msg_desc *mdesc, int vmpck_id); |
| 526 | struct snp_msg_desc *snp_msg_alloc(void); |
| 527 | void snp_msg_free(struct snp_msg_desc *mdesc); |
| 528 | int snp_send_guest_request(struct snp_msg_desc *mdesc, struct snp_guest_req *req); |
| 529 | |
| 530 | int snp_svsm_vtpm_send_command(u8 *buffer); |
| 531 | |
| 532 | void __init snp_secure_tsc_prepare(void); |
| 533 | void __init snp_secure_tsc_init(void); |
| 534 | enum es_result savic_register_gpa(u64 gpa); |
| 535 | enum es_result savic_unregister_gpa(u64 *gpa); |
| 536 | u64 savic_ghcb_msr_read(u32 reg); |
| 537 | void savic_ghcb_msr_write(u32 reg, u64 value); |
| 538 | |
| 539 | static __always_inline void vc_ghcb_invalidate(struct ghcb *ghcb) |
| 540 | { |
| 541 | ghcb->save.sw_exit_code = 0; |
| 542 | __builtin_memset(ghcb->save.valid_bitmap, 0, sizeof(ghcb->save.valid_bitmap)); |
| 543 | } |
| 544 | |
| 545 | /* I/O parameters for CPUID-related helpers */ |
| 546 | struct cpuid_leaf { |
| 547 | u32 fn; |
| 548 | u32 subfn; |
| 549 | u32 eax; |
| 550 | u32 ebx; |
| 551 | u32 ecx; |
| 552 | u32 edx; |
| 553 | }; |
| 554 | |
| 555 | int svsm_perform_msr_protocol(struct svsm_call *call); |
| 556 | int __pi_svsm_perform_msr_protocol(struct svsm_call *call); |
| 557 | int snp_cpuid(void (*cpuid_fn)(void *ctx, struct cpuid_leaf *leaf), |
| 558 | void *ctx, struct cpuid_leaf *leaf); |
| 559 | |
| 560 | void svsm_issue_call(struct svsm_call *call, u8 *pending); |
| 561 | int svsm_process_result_codes(struct svsm_call *call); |
| 562 | |
| 563 | void __noreturn sev_es_terminate(unsigned int set, unsigned int reason); |
| 564 | enum es_result sev_es_ghcb_hv_call(struct ghcb *ghcb, |
| 565 | struct es_em_ctxt *ctxt, |
| 566 | u64 exit_code, u64 exit_info_1, |
| 567 | u64 exit_info_2); |
| 568 | |
| 569 | bool sev_es_negotiate_protocol(void); |
| 570 | bool sev_es_check_cpu_features(void); |
| 571 | |
| 572 | extern u16 ghcb_version; |
| 573 | extern struct ghcb *boot_ghcb; |
| 574 | extern bool sev_snp_needs_sfw; |
| 575 | |
| 576 | struct psc_desc { |
| 577 | enum psc_op op; |
| 578 | struct svsm_ca *ca; |
| 579 | u64 caa_pa; |
| 580 | }; |
| 581 | |
| 582 | static inline void sev_evict_cache(void *va, int npages) |
| 583 | { |
| 584 | volatile u8 val __always_unused; |
| 585 | u8 *bytes = va; |
| 586 | int page_idx; |
| 587 | |
| 588 | /* |
| 589 | * For SEV guests, a read from the first/last cache-lines of a 4K page |
| 590 | * using the guest key is sufficient to cause a flush of all cache-lines |
| 591 | * associated with that 4K page without incurring all the overhead of a |
| 592 | * full CLFLUSH sequence. |
| 593 | */ |
| 594 | for (page_idx = 0; page_idx < npages; page_idx++) { |
| 595 | val = bytes[page_idx * PAGE_SIZE]; |
| 596 | val = bytes[page_idx * PAGE_SIZE + PAGE_SIZE - 1]; |
| 597 | } |
| 598 | } |
| 599 | |
| 600 | #else /* !CONFIG_AMD_MEM_ENCRYPT */ |
| 601 | |
| 602 | #define snp_vmpl 0 |
| 603 | static inline void sev_es_ist_enter(struct pt_regs *regs) { } |
| 604 | static inline void sev_es_ist_exit(void) { } |
| 605 | static inline int sev_es_setup_ap_jump_table(struct real_mode_header *rmh) { return 0; } |
| 606 | static inline void sev_es_nmi_complete(void) { } |
| 607 | static inline int sev_es_efi_map_ghcbs_cas(pgd_t *pgd) { return 0; } |
| 608 | static inline void sev_enable(struct boot_params *bp) { } |
| 609 | static inline int pvalidate(unsigned long vaddr, bool rmp_psize, bool validate) { return 0; } |
| 610 | static inline int rmpadjust(unsigned long vaddr, bool rmp_psize, unsigned long attrs) { return 0; } |
| 611 | static inline void setup_ghcb(void) { } |
| 612 | static inline void __init |
| 613 | early_snp_set_memory_private(unsigned long vaddr, unsigned long paddr, unsigned long npages) { } |
| 614 | static inline void __init |
| 615 | early_snp_set_memory_shared(unsigned long vaddr, unsigned long paddr, unsigned long npages) { } |
| 616 | static inline void snp_set_memory_shared(unsigned long vaddr, unsigned long npages) { } |
| 617 | static inline void snp_set_memory_private(unsigned long vaddr, unsigned long npages) { } |
| 618 | static inline void snp_set_wakeup_secondary_cpu(void) { } |
| 619 | static inline bool snp_init(struct boot_params *bp) { return false; } |
| 620 | static inline void snp_dmi_setup(void) { } |
| 621 | static inline int snp_issue_svsm_attest_req(u64 call_id, struct svsm_call *call, struct svsm_attest_call *input) |
| 622 | { |
| 623 | return -ENOTTY; |
| 624 | } |
| 625 | static inline void snp_accept_memory(phys_addr_t start, phys_addr_t end) { } |
| 626 | static inline u64 snp_get_unsupported_features(u64 status) { return 0; } |
| 627 | static inline u64 sev_get_status(void) { return 0; } |
| 628 | static inline void sev_show_status(void) { } |
| 629 | static inline int prepare_pte_enc(struct pte_enc_desc *d) { return 0; } |
| 630 | static inline void set_pte_enc_mask(pte_t *kpte, unsigned long pfn, pgprot_t new_prot) { } |
| 631 | static inline void snp_kexec_finish(void) { } |
| 632 | static inline void snp_kexec_begin(void) { } |
| 633 | static inline int snp_msg_init(struct snp_msg_desc *mdesc, int vmpck_id) { return -1; } |
| 634 | static inline struct snp_msg_desc *snp_msg_alloc(void) { return NULL; } |
| 635 | static inline void snp_msg_free(struct snp_msg_desc *mdesc) { } |
| 636 | static inline int snp_send_guest_request(struct snp_msg_desc *mdesc, |
| 637 | struct snp_guest_req *req) { return -ENODEV; } |
| 638 | static inline int snp_svsm_vtpm_send_command(u8 *buffer) { return -ENODEV; } |
| 639 | static inline void __init snp_secure_tsc_prepare(void) { } |
| 640 | static inline void __init snp_secure_tsc_init(void) { } |
| 641 | static inline void sev_evict_cache(void *va, int npages) {} |
| 642 | static inline enum es_result savic_register_gpa(u64 gpa) { return ES_UNSUPPORTED; } |
| 643 | static inline enum es_result savic_unregister_gpa(u64 *gpa) { return ES_UNSUPPORTED; } |
| 644 | static inline void savic_ghcb_msr_write(u32 reg, u64 value) { } |
| 645 | static inline u64 savic_ghcb_msr_read(u32 reg) { return 0; } |
| 646 | |
| 647 | #endif /* CONFIG_AMD_MEM_ENCRYPT */ |
| 648 | |
| 649 | #ifdef CONFIG_KVM_AMD_SEV |
| 650 | bool snp_probe_rmptable_info(void); |
| 651 | int snp_rmptable_init(void); |
| 652 | int snp_lookup_rmpentry(u64 pfn, bool *assigned, int *level); |
| 653 | void snp_dump_hva_rmpentry(unsigned long address); |
| 654 | int psmash(u64 pfn); |
| 655 | int rmp_make_private(u64 pfn, u64 gpa, enum pg_level level, u32 asid, bool immutable); |
| 656 | int rmp_make_shared(u64 pfn, enum pg_level level); |
| 657 | void __snp_leak_pages(u64 pfn, unsigned int npages, bool dump_rmp); |
| 658 | void kdump_sev_callback(void); |
| 659 | void snp_fixup_e820_tables(void); |
| 660 | static inline void snp_leak_pages(u64 pfn, unsigned int pages) |
| 661 | { |
| 662 | __snp_leak_pages(pfn, pages, true); |
| 663 | } |
| 664 | #else |
| 665 | static inline bool snp_probe_rmptable_info(void) { return false; } |
| 666 | static inline int snp_rmptable_init(void) { return -ENOSYS; } |
| 667 | static inline int snp_lookup_rmpentry(u64 pfn, bool *assigned, int *level) { return -ENODEV; } |
| 668 | static inline void snp_dump_hva_rmpentry(unsigned long address) {} |
| 669 | static inline int psmash(u64 pfn) { return -ENODEV; } |
| 670 | static inline int rmp_make_private(u64 pfn, u64 gpa, enum pg_level level, u32 asid, |
| 671 | bool immutable) |
| 672 | { |
| 673 | return -ENODEV; |
| 674 | } |
| 675 | static inline int rmp_make_shared(u64 pfn, enum pg_level level) { return -ENODEV; } |
| 676 | static inline void __snp_leak_pages(u64 pfn, unsigned int npages, bool dump_rmp) {} |
| 677 | static inline void snp_leak_pages(u64 pfn, unsigned int npages) {} |
| 678 | static inline void kdump_sev_callback(void) { } |
| 679 | static inline void snp_fixup_e820_tables(void) {} |
| 680 | #endif |
| 681 | |
| 682 | #endif |
| 683 |
Generated while processing Linux/arch/x86/kernel/cpu/amd.c
Generated on 2025-Oct-12 from project Linux revision 6.17.0 (67029a49db6c)
Powered by 
Code Browser 2.1
Generator usage only permitted with license.