[linux-block.git] / arch / x86 / boot / compressed / sev.c

// SPDX-License-Identifier: GPL-2.0
/*
 * AMD Encrypted Register State Support
 *
 * Author: Joerg Roedel <jroedel@suse.de>
 */

/*
 * misc.h needs to be first because it knows how to include the other kernel
 * headers in the pre-decompression code in a way that does not break
 * compilation.
 */
#include "misc.h"

#include <asm/pgtable_types.h>
#include <asm/sev.h>
#include <asm/trapnr.h>
#include <asm/trap_pf.h>
#include <asm/msr-index.h>
#include <asm/fpu/xcr.h>
#include <asm/ptrace.h>
#include <asm/svm.h>
#include <asm/cpuid.h>

#include "error.h"
#include "../msr.h"

struct ghcb boot_ghcb_page __aligned(PAGE_SIZE);
struct ghcb *boot_ghcb;

/*
 * Copy a version of this function here - insn-eval.c can't be used in
 * pre-decompression code.
 */
static bool insn_has_rep_prefix(struct insn *insn)
{
	insn_byte_t p;
	int i;

	insn_get_prefixes(insn);

	for_each_insn_prefix(insn, i, p) {
		if (p == 0xf2 || p == 0xf3)
			return true;
	}

	return false;
}

/*
 * Only a dummy for insn_get_seg_base() - Early boot-code is 64bit only and
 * doesn't use segments.
 */
static unsigned long insn_get_seg_base(struct pt_regs *regs, int seg_reg_idx)
{
	return 0UL;
}

static inline u64 sev_es_rd_ghcb_msr(void)
{
	struct msr m;

	boot_rdmsr(MSR_AMD64_SEV_ES_GHCB, &m);

	return m.q;
}

static inline void sev_es_wr_ghcb_msr(u64 val)
{
	struct msr m;

	m.q = val;
	boot_wrmsr(MSR_AMD64_SEV_ES_GHCB, &m);
}

static enum es_result vc_decode_insn(struct es_em_ctxt *ctxt)
{
	char buffer[MAX_INSN_SIZE];
	int ret;

	memcpy(buffer, (unsigned char *)ctxt->regs->ip, MAX_INSN_SIZE);

	ret = insn_decode(&ctxt->insn, buffer, MAX_INSN_SIZE, INSN_MODE_64);
	if (ret < 0)
		return ES_DECODE_FAILED;

	return ES_OK;
}

static enum es_result vc_write_mem(struct es_em_ctxt *ctxt,
				   void *dst, char *buf, size_t size)
{
	memcpy(dst, buf, size);

	return ES_OK;
}

static enum es_result vc_read_mem(struct es_em_ctxt *ctxt,
				  void *src, char *buf, size_t size)
{
	memcpy(buf, src, size);

	return ES_OK;
}

#undef __init
#undef __pa
#define __init
#define __pa(x)	((unsigned long)(x))

#define __BOOT_COMPRESSED

/* Basic instruction decoding support needed */
#include "../../lib/inat.c"
#include "../../lib/insn.c"

/* Include code for early handlers */
#include "../../kernel/sev-shared.c"

static inline bool sev_snp_enabled(void)
{
	return sev_status & MSR_AMD64_SEV_SNP_ENABLED;
}

static void __page_state_change(unsigned long paddr, enum psc_op op)
{
	u64 val;

	if (!sev_snp_enabled())
		return;

	/*
	 * If private -> shared then invalidate the page before requesting the
	 * state change in the RMP table.
	 */
	if (op == SNP_PAGE_STATE_SHARED && pvalidate(paddr, RMP_PG_SIZE_4K, 0))
		sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_PVALIDATE);

	/* Issue VMGEXIT to change the page state in RMP table. */
	sev_es_wr_ghcb_msr(GHCB_MSR_PSC_REQ_GFN(paddr >> PAGE_SHIFT, op));
	VMGEXIT();

	/* Read the response of the VMGEXIT. */
	val = sev_es_rd_ghcb_msr();
	if ((GHCB_RESP_CODE(val) != GHCB_MSR_PSC_RESP) || GHCB_MSR_PSC_RESP_VAL(val))
		sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_PSC);

	/*
	 * Now that page state is changed in the RMP table, validate it so that it is
	 * consistent with the RMP entry.
	 */
	if (op == SNP_PAGE_STATE_PRIVATE && pvalidate(paddr, RMP_PG_SIZE_4K, 1))
		sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_PVALIDATE);
}

void snp_set_page_private(unsigned long paddr)
{
	__page_state_change(paddr, SNP_PAGE_STATE_PRIVATE);
}

void snp_set_page_shared(unsigned long paddr)
{
	__page_state_change(paddr, SNP_PAGE_STATE_SHARED);
}

static bool early_setup_ghcb(void)
{
	if (set_page_decrypted((unsigned long)&boot_ghcb_page))
		return false;

	/* Page is now mapped decrypted, clear it */
	memset(&boot_ghcb_page, 0, sizeof(boot_ghcb_page));

	boot_ghcb = &boot_ghcb_page;

	/* Initialize lookup tables for the instruction decoder */
	inat_init_tables();

	/* SNP guest requires the GHCB GPA must be registered */
	if (sev_snp_enabled())
		snp_register_ghcb_early(__pa(&boot_ghcb_page));

	return true;
}

void sev_es_shutdown_ghcb(void)
{
	if (!boot_ghcb)
		return;

	if (!sev_es_check_cpu_features())
		error("SEV-ES CPU Features missing.");

	/*
	 * GHCB Page must be flushed from the cache and mapped encrypted again.
	 * Otherwise the running kernel will see strange cache effects when
	 * trying to use that page.
	 */
	if (set_page_encrypted((unsigned long)&boot_ghcb_page))
		error("Can't map GHCB page encrypted");

	/*
	 * GHCB page is mapped encrypted again and flushed from the cache.
	 * Mark it non-present now to catch bugs when #VC exceptions trigger
	 * after this point.
	 */
	if (set_page_non_present((unsigned long)&boot_ghcb_page))
		error("Can't unmap GHCB page");
}

bool sev_es_check_ghcb_fault(unsigned long address)
{
	/* Check whether the fault was on the GHCB page */
	return ((address & PAGE_MASK) == (unsigned long)&boot_ghcb_page);
}

void do_boot_stage2_vc(struct pt_regs *regs, unsigned long exit_code)
{
	struct es_em_ctxt ctxt;
	enum es_result result;

	if (!boot_ghcb && !early_setup_ghcb())
		sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SEV_ES_GEN_REQ);

	vc_ghcb_invalidate(boot_ghcb);
	result = vc_init_em_ctxt(&ctxt, regs, exit_code);
	if (result != ES_OK)
		goto finish;

	switch (exit_code) {
	case SVM_EXIT_RDTSC:
	case SVM_EXIT_RDTSCP:
		result = vc_handle_rdtsc(boot_ghcb, &ctxt, exit_code);
		break;
	case SVM_EXIT_IOIO:
		result = vc_handle_ioio(boot_ghcb, &ctxt);
		break;
	case SVM_EXIT_CPUID:
		result = vc_handle_cpuid(boot_ghcb, &ctxt);
		break;
	default:
		result = ES_UNSUPPORTED;
		break;
	}

finish:
	if (result == ES_OK)
		vc_finish_insn(&ctxt);
	else if (result != ES_RETRY)
		sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SEV_ES_GEN_REQ);
}

static void enforce_vmpl0(void)
{
	u64 attrs;
	int err;

	/*
	 * RMPADJUST modifies RMP permissions of a lesser-privileged (numerically
	 * higher) privilege level. Here, clear the VMPL1 permission mask of the
	 * GHCB page. If the guest is not running at VMPL0, this will fail.
	 *
	 * If the guest is running at VMPL0, it will succeed. Even if that operation
	 * modifies permission bits, it is still ok to do so currently because Linux
	 * SNP guests are supported only on VMPL0 so VMPL1 or higher permission masks
	 * changing is a don't-care.
	 */
	attrs = 1;
	if (rmpadjust((unsigned long)&boot_ghcb_page, RMP_PG_SIZE_4K, attrs))
		sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_NOT_VMPL0);
}

void sev_enable(struct boot_params *bp)
{
	unsigned int eax, ebx, ecx, edx;
	struct msr m;
	bool snp;

	/*
	 * Setup/preliminary detection of SNP. This will be sanity-checked
	 * against CPUID/MSR values later.
	 */
	snp = snp_init(bp);

	/* Check for the SME/SEV support leaf */
	eax = 0x80000000;
	ecx = 0;
	native_cpuid(&eax, &ebx, &ecx, &edx);
	if (eax < 0x8000001f)
		return;

	/*
	 * Check for the SME/SEV feature:
	 *   CPUID Fn8000_001F[EAX]
	 *   - Bit 0 - Secure Memory Encryption support
	 *   - Bit 1 - Secure Encrypted Virtualization support
	 *   CPUID Fn8000_001F[EBX]
	 *   - Bits 5:0 - Pagetable bit position used to indicate encryption
	 */
	eax = 0x8000001f;
	ecx = 0;
	native_cpuid(&eax, &ebx, &ecx, &edx);
	/* Check whether SEV is supported */
	if (!(eax & BIT(1))) {
		if (snp)
			error("SEV-SNP support indicated by CC blob, but not CPUID.");
		return;
	}

	/* Set the SME mask if this is an SEV guest. */
	boot_rdmsr(MSR_AMD64_SEV, &m);
	sev_status = m.q;
	if (!(sev_status & MSR_AMD64_SEV_ENABLED))
		return;

	/* Negotiate the GHCB protocol version. */
	if (sev_status & MSR_AMD64_SEV_ES_ENABLED) {
		if (!sev_es_negotiate_protocol())
			sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SEV_ES_PROT_UNSUPPORTED);
	}

	/*
	 * SNP is supported in v2 of the GHCB spec which mandates support for HV
	 * features.
	 */
	if (sev_status & MSR_AMD64_SEV_SNP_ENABLED) {
		if (!(get_hv_features() & GHCB_HV_FT_SNP))
			sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SNP_UNSUPPORTED);

		enforce_vmpl0();
	}

	if (snp && !(sev_status & MSR_AMD64_SEV_SNP_ENABLED))
		error("SEV-SNP supported indicated by CC blob, but not SEV status MSR.");

	sme_me_mask = BIT_ULL(ebx & 0x3f);
}

/* Search for Confidential Computing blob in the EFI config table. */
static struct cc_blob_sev_info *find_cc_blob_efi(struct boot_params *bp)
{
	unsigned long cfg_table_pa;
	unsigned int cfg_table_len;
	int ret;

	ret = efi_get_conf_table(bp, &cfg_table_pa, &cfg_table_len);
	if (ret)
		return NULL;

	return (struct cc_blob_sev_info *)efi_find_vendor_table(bp, cfg_table_pa,
								cfg_table_len,
								EFI_CC_BLOB_GUID);
}

/*
 * Initial set up of SNP relies on information provided by the
 * Confidential Computing blob, which can be passed to the boot kernel
 * by firmware/bootloader in the following ways:
 *
 * - via an entry in the EFI config table
 * - via a setup_data structure, as defined by the Linux Boot Protocol
 *
 * Scan for the blob in that order.
 */
static struct cc_blob_sev_info *find_cc_blob(struct boot_params *bp)
{
	struct cc_blob_sev_info *cc_info;

	cc_info = find_cc_blob_efi(bp);
	if (cc_info)
		goto found_cc_info;

	cc_info = find_cc_blob_setup_data(bp);
	if (!cc_info)
		return NULL;

found_cc_info:
	if (cc_info->magic != CC_BLOB_SEV_HDR_MAGIC)
		sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SNP_UNSUPPORTED);

	return cc_info;
}

/*
 * Indicate SNP based on presence of SNP-specific CC blob. Subsequent checks
 * will verify the SNP CPUID/MSR bits.
 */
bool snp_init(struct boot_params *bp)
{
	struct cc_blob_sev_info *cc_info;

	if (!bp)
		return false;

	cc_info = find_cc_blob(bp);
	if (!cc_info)
		return false;

	/*
	 * If a SNP-specific Confidential Computing blob is present, then
	 * firmware/bootloader have indicated SNP support. Verifying this
	 * involves CPUID checks which will be more reliable if the SNP
	 * CPUID table is used. See comments over snp_setup_cpuid_table() for
	 * more details.
	 */
	setup_cpuid_table(cc_info);

	/*
	 * Pass run-time kernel a pointer to CC info via boot_params so EFI
	 * config table doesn't need to be searched again during early startup
	 * phase.
	 */
	bp->cc_blob_address = (u32)(unsigned long)cc_info;

	return true;
}

void sev_prep_identity_maps(unsigned long top_level_pgt)
{
	/*
	 * The Confidential Computing blob is used very early in uncompressed
	 * kernel to find the in-memory CPUID table to handle CPUID
	 * instructions. Make sure an identity-mapping exists so it can be
	 * accessed after switchover.
	 */
	if (sev_snp_enabled()) {
		unsigned long cc_info_pa = boot_params->cc_blob_address;
		struct cc_blob_sev_info *cc_info;

		kernel_add_identity_map(cc_info_pa, cc_info_pa + sizeof(*cc_info));

		cc_info = (struct cc_blob_sev_info *)cc_info_pa;
		kernel_add_identity_map(cc_info->cpuid_phys, cc_info->cpuid_phys + cc_info->cpuid_len);
	}

	sev_verify_cbit(top_level_pgt);
}
Commit	Line	Data
29dcc60f JR	1	// SPDX-License-Identifier: GPL-2.0
	2	/*
	3	* AMD Encrypted Register State Support
	4	*
	5	* Author: Joerg Roedel <jroedel@suse.de>
	6	*/
	7
	8	/*
	9	* misc.h needs to be first because it knows how to include the other kernel
	10	* headers in the pre-decompression code in a way that does not break
	11	* compilation.
	12	*/
	13	#include "misc.h"
	14
39336f4f	15	#include <asm/pgtable_types.h>
e759959f	16	#include <asm/sev.h>
597cfe48 JR	17	#include <asm/trapnr.h>
597cfe48 JR	18	#include <asm/trap_pf.h>
29dcc60f	19	#include <asm/msr-index.h>
a7de15d4	20	#include <asm/fpu/xcr.h>
29dcc60f JR	21	#include <asm/ptrace.h>
29dcc60f JR	22	#include <asm/svm.h>
801baa69	23	#include <asm/cpuid.h>
29dcc60f	24
597cfe48	25	#include "error.h"
950d0055	26	#include "../msr.h"
597cfe48 JR	27
	28	struct ghcb boot_ghcb_page __aligned(PAGE_SIZE);
	29	struct ghcb *boot_ghcb;
	30
25189d08 TL	31	/*
	32	* Copy a version of this function here - insn-eval.c can't be used in
	33	* pre-decompression code.
	34	*/
	35	static bool insn_has_rep_prefix(struct insn *insn)
	36	{
84da009f	37	insn_byte_t p;
25189d08 TL	38	int i;
	39
	40	insn_get_prefixes(insn);
	41
84da009f	42	for_each_insn_prefix(insn, i, p) {
25189d08 TL	43	if (p == 0xf2 \|\| p == 0xf3)
	44	return true;
	45	}
	46
	47	return false;
	48	}
	49
	50	/*
	51	* Only a dummy for insn_get_seg_base() - Early boot-code is 64bit only and
	52	* doesn't use segments.
	53	*/
	54	static unsigned long insn_get_seg_base(struct pt_regs *regs, int seg_reg_idx)
	55	{
	56	return 0UL;
	57	}
	58
29dcc60f JR	59	static inline u64 sev_es_rd_ghcb_msr(void)
29dcc60f JR	60	{
950d0055	61	struct msr m;
29dcc60f	62
950d0055	63	boot_rdmsr(MSR_AMD64_SEV_ES_GHCB, &m);
29dcc60f	64
950d0055	65	return m.q;
29dcc60f JR	66	}
	67
	68	static inline void sev_es_wr_ghcb_msr(u64 val)
	69	{
950d0055	70	struct msr m;
29dcc60f	71
950d0055 MR	72	m.q = val;
950d0055 MR	73	boot_wrmsr(MSR_AMD64_SEV_ES_GHCB, &m);
29dcc60f JR	74	}
29dcc60f JR	75
597cfe48 JR	76	static enum es_result vc_decode_insn(struct es_em_ctxt *ctxt)
	77	{
	78	char buffer[MAX_INSN_SIZE];
514ef776	79	int ret;
597cfe48 JR	80
	81	memcpy(buffer, (unsigned char *)ctxt->regs->ip, MAX_INSN_SIZE);
	82
514ef776 BP	83	ret = insn_decode(&ctxt->insn, buffer, MAX_INSN_SIZE, INSN_MODE_64);
	84	if (ret < 0)
	85	return ES_DECODE_FAILED;
597cfe48	86
514ef776	87	return ES_OK;
597cfe48 JR	88	}
	89
	90	static enum es_result vc_write_mem(struct es_em_ctxt *ctxt,
	91	void dst, char buf, size_t size)
	92	{
	93	memcpy(dst, buf, size);
	94
	95	return ES_OK;
	96	}
	97
	98	static enum es_result vc_read_mem(struct es_em_ctxt *ctxt,
	99	void src, char buf, size_t size)
	100	{
	101	memcpy(buf, src, size);
	102
	103	return ES_OK;
	104	}
	105
29dcc60f	106	#undef __init
597cfe48	107	#undef __pa
29dcc60f	108	#define __init
597cfe48 JR	109	#define __pa(x) ((unsigned long)(x))
	110
	111	#define __BOOT_COMPRESSED
	112
	113	/* Basic instruction decoding support needed */
	114	#include "../../lib/inat.c"
	115	#include "../../lib/insn.c"
29dcc60f JR	116
29dcc60f JR	117	/* Include code for early handlers */
e759959f	118	#include "../../kernel/sev-shared.c"
597cfe48	119
4f9c403e BS	120	static inline bool sev_snp_enabled(void)
	121	{
	122	return sev_status & MSR_AMD64_SEV_SNP_ENABLED;
	123	}
	124
	125	static void __page_state_change(unsigned long paddr, enum psc_op op)
	126	{
	127	u64 val;
	128
	129	if (!sev_snp_enabled())
	130	return;
	131
	132	/*
	133	* If private -> shared then invalidate the page before requesting the
	134	* state change in the RMP table.
	135	*/
	136	if (op == SNP_PAGE_STATE_SHARED && pvalidate(paddr, RMP_PG_SIZE_4K, 0))
	137	sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_PVALIDATE);
	138
	139	/* Issue VMGEXIT to change the page state in RMP table. */
	140	sev_es_wr_ghcb_msr(GHCB_MSR_PSC_REQ_GFN(paddr >> PAGE_SHIFT, op));
	141	VMGEXIT();
	142
	143	/* Read the response of the VMGEXIT. */
	144	val = sev_es_rd_ghcb_msr();
	145	if ((GHCB_RESP_CODE(val) != GHCB_MSR_PSC_RESP) \|\| GHCB_MSR_PSC_RESP_VAL(val))
	146	sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_PSC);
	147
	148	/*
	149	* Now that page state is changed in the RMP table, validate it so that it is
	150	* consistent with the RMP entry.
	151	*/
	152	if (op == SNP_PAGE_STATE_PRIVATE && pvalidate(paddr, RMP_PG_SIZE_4K, 1))
	153	sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_PVALIDATE);
	154	}
	155
	156	void snp_set_page_private(unsigned long paddr)
	157	{
	158	__page_state_change(paddr, SNP_PAGE_STATE_PRIVATE);
	159	}
	160
	161	void snp_set_page_shared(unsigned long paddr)
	162	{
	163	__page_state_change(paddr, SNP_PAGE_STATE_SHARED);
	164	}
	165
cbd3d4f7	166	static bool early_setup_ghcb(void)
597cfe48	167	{
597cfe48 JR	168	if (set_page_decrypted((unsigned long)&boot_ghcb_page))
	169	return false;
	170
	171	/* Page is now mapped decrypted, clear it */
	172	memset(&boot_ghcb_page, 0, sizeof(boot_ghcb_page));
	173
	174	boot_ghcb = &boot_ghcb_page;
	175
	176	/* Initialize lookup tables for the instruction decoder */
	177	inat_init_tables();
	178
87294bdb BS	179	/* SNP guest requires the GHCB GPA must be registered */
	180	if (sev_snp_enabled())
	181	snp_register_ghcb_early(__pa(&boot_ghcb_page));
	182
597cfe48 JR	183	return true;
	184	}
	185
	186	void sev_es_shutdown_ghcb(void)
	187	{
	188	if (!boot_ghcb)
	189	return;
	190
f5ed7775 MR	191	if (!sev_es_check_cpu_features())
	192	error("SEV-ES CPU Features missing.");
	193
597cfe48 JR	194	/*
	195	* GHCB Page must be flushed from the cache and mapped encrypted again.
	196	* Otherwise the running kernel will see strange cache effects when
	197	* trying to use that page.
	198	*/
	199	if (set_page_encrypted((unsigned long)&boot_ghcb_page))
	200	error("Can't map GHCB page encrypted");
69add17a JR	201
	202	/*
	203	* GHCB page is mapped encrypted again and flushed from the cache.
	204	* Mark it non-present now to catch bugs when #VC exceptions trigger
	205	* after this point.
	206	*/
	207	if (set_page_non_present((unsigned long)&boot_ghcb_page))
	208	error("Can't unmap GHCB page");
	209	}
	210
	211	bool sev_es_check_ghcb_fault(unsigned long address)
	212	{
	213	/* Check whether the fault was on the GHCB page */
	214	return ((address & PAGE_MASK) == (unsigned long)&boot_ghcb_page);
597cfe48 JR	215	}
	216
	217	void do_boot_stage2_vc(struct pt_regs *regs, unsigned long exit_code)
	218	{
	219	struct es_em_ctxt ctxt;
	220	enum es_result result;
	221
cbd3d4f7	222	if (!boot_ghcb && !early_setup_ghcb())
6c0f74d6	223	sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SEV_ES_GEN_REQ);
597cfe48 JR	224
	225	vc_ghcb_invalidate(boot_ghcb);
	226	result = vc_init_em_ctxt(&ctxt, regs, exit_code);
	227	if (result != ES_OK)
	228	goto finish;
	229
	230	switch (exit_code) {
4711e7ac TL	231	case SVM_EXIT_RDTSC:
	232	case SVM_EXIT_RDTSCP:
	233	result = vc_handle_rdtsc(boot_ghcb, &ctxt, exit_code);
	234	break;
25189d08 TL	235	case SVM_EXIT_IOIO:
	236	result = vc_handle_ioio(boot_ghcb, &ctxt);
	237	break;
a7de15d4 TL	238	case SVM_EXIT_CPUID:
	239	result = vc_handle_cpuid(boot_ghcb, &ctxt);
	240	break;
597cfe48 JR	241	default:
	242	result = ES_UNSUPPORTED;
	243	break;
	244	}
	245
	246	finish:
f15a0a73	247	if (result == ES_OK)
597cfe48	248	vc_finish_insn(&ctxt);
f15a0a73	249	else if (result != ES_RETRY)
6c0f74d6	250	sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SEV_ES_GEN_REQ);
597cfe48	251	}
ec1c66af	252
81cc3df9 BS	253	static void enforce_vmpl0(void)
	254	{
	255	u64 attrs;
	256	int err;
	257
	258	/*
	259	* RMPADJUST modifies RMP permissions of a lesser-privileged (numerically
	260	* higher) privilege level. Here, clear the VMPL1 permission mask of the
	261	* GHCB page. If the guest is not running at VMPL0, this will fail.
	262	*
	263	* If the guest is running at VMPL0, it will succeed. Even if that operation
	264	* modifies permission bits, it is still ok to do so currently because Linux
	265	* SNP guests are supported only on VMPL0 so VMPL1 or higher permission masks
	266	* changing is a don't-care.
	267	*/
	268	attrs = 1;
	269	if (rmpadjust((unsigned long)&boot_ghcb_page, RMP_PG_SIZE_4K, attrs))
	270	sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_NOT_VMPL0);
	271	}
	272
ec1c66af MR	273	void sev_enable(struct boot_params *bp)
	274	{
	275	unsigned int eax, ebx, ecx, edx;
	276	struct msr m;
c01fce9c MR	277	bool snp;
	278
	279	/*
	280	* Setup/preliminary detection of SNP. This will be sanity-checked
	281	* against CPUID/MSR values later.
	282	*/
	283	snp = snp_init(bp);
ec1c66af MR	284
	285	/* Check for the SME/SEV support leaf */
	286	eax = 0x80000000;
	287	ecx = 0;
	288	native_cpuid(&eax, &ebx, &ecx, &edx);
	289	if (eax < 0x8000001f)
	290	return;
	291
	292	/*
	293	* Check for the SME/SEV feature:
	294	* CPUID Fn8000_001F[EAX]
	295	* - Bit 0 - Secure Memory Encryption support
	296	* - Bit 1 - Secure Encrypted Virtualization support
	297	* CPUID Fn8000_001F[EBX]
	298	* - Bits 5:0 - Pagetable bit position used to indicate encryption
	299	*/
	300	eax = 0x8000001f;
	301	ecx = 0;
	302	native_cpuid(&eax, &ebx, &ecx, &edx);
	303	/* Check whether SEV is supported */
c01fce9c MR	304	if (!(eax & BIT(1))) {
	305	if (snp)
	306	error("SEV-SNP support indicated by CC blob, but not CPUID.");
ec1c66af	307	return;
c01fce9c	308	}
ec1c66af MR	309
	310	/* Set the SME mask if this is an SEV guest. */
	311	boot_rdmsr(MSR_AMD64_SEV, &m);
	312	sev_status = m.q;
	313	if (!(sev_status & MSR_AMD64_SEV_ENABLED))
	314	return;
	315
cbd3d4f7 BS	316	/* Negotiate the GHCB protocol version. */
	317	if (sev_status & MSR_AMD64_SEV_ES_ENABLED) {
	318	if (!sev_es_negotiate_protocol())
	319	sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SEV_ES_PROT_UNSUPPORTED);
	320	}
	321
	322	/*
	323	* SNP is supported in v2 of the GHCB spec which mandates support for HV
	324	* features.
	325	*/
81cc3df9 BS	326	if (sev_status & MSR_AMD64_SEV_SNP_ENABLED) {
	327	if (!(get_hv_features() & GHCB_HV_FT_SNP))
	328	sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SNP_UNSUPPORTED);
	329
	330	enforce_vmpl0();
	331	}
cbd3d4f7	332
c01fce9c MR	333	if (snp && !(sev_status & MSR_AMD64_SEV_SNP_ENABLED))
	334	error("SEV-SNP supported indicated by CC blob, but not SEV status MSR.");
	335
ec1c66af MR	336	sme_me_mask = BIT_ULL(ebx & 0x3f);
ec1c66af MR	337	}
c01fce9c MR	338
	339	/* Search for Confidential Computing blob in the EFI config table. */
	340	static struct cc_blob_sev_info find_cc_blob_efi(struct boot_params bp)
	341	{
	342	unsigned long cfg_table_pa;
	343	unsigned int cfg_table_len;
	344	int ret;
	345
	346	ret = efi_get_conf_table(bp, &cfg_table_pa, &cfg_table_len);
	347	if (ret)
	348	return NULL;
	349
	350	return (struct cc_blob_sev_info *)efi_find_vendor_table(bp, cfg_table_pa,
	351	cfg_table_len,
	352	EFI_CC_BLOB_GUID);
	353	}
	354
c01fce9c MR	355	/*
	356	* Initial set up of SNP relies on information provided by the
	357	* Confidential Computing blob, which can be passed to the boot kernel
	358	* by firmware/bootloader in the following ways:
	359	*
	360	* - via an entry in the EFI config table
	361	* - via a setup_data structure, as defined by the Linux Boot Protocol
	362	*
	363	* Scan for the blob in that order.
	364	*/
	365	static struct cc_blob_sev_info find_cc_blob(struct boot_params bp)
	366	{
	367	struct cc_blob_sev_info *cc_info;
	368
	369	cc_info = find_cc_blob_efi(bp);
	370	if (cc_info)
	371	goto found_cc_info;
	372
	373	cc_info = find_cc_blob_setup_data(bp);
	374	if (!cc_info)
	375	return NULL;
	376
	377	found_cc_info:
	378	if (cc_info->magic != CC_BLOB_SEV_HDR_MAGIC)
	379	sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SNP_UNSUPPORTED);
	380
	381	return cc_info;
	382	}
	383
	384	/*
	385	* Indicate SNP based on presence of SNP-specific CC blob. Subsequent checks
	386	* will verify the SNP CPUID/MSR bits.
	387	*/
	388	bool snp_init(struct boot_params *bp)
	389	{
	390	struct cc_blob_sev_info *cc_info;
	391
	392	if (!bp)
	393	return false;
	394
	395	cc_info = find_cc_blob(bp);
	396	if (!cc_info)
	397	return false;
	398
5f211f4f MR	399	/*
	400	* If a SNP-specific Confidential Computing blob is present, then
	401	* firmware/bootloader have indicated SNP support. Verifying this
	402	* involves CPUID checks which will be more reliable if the SNP
	403	* CPUID table is used. See comments over snp_setup_cpuid_table() for
	404	* more details.
	405	*/
	406	setup_cpuid_table(cc_info);
	407
c01fce9c MR	408	/*
	409	* Pass run-time kernel a pointer to CC info via boot_params so EFI
	410	* config table doesn't need to be searched again during early startup
	411	* phase.
	412	*/
	413	bp->cc_blob_address = (u32)(unsigned long)cc_info;
	414
	415	return true;
	416	}
76f61e1e MR	417
	418	void sev_prep_identity_maps(unsigned long top_level_pgt)
	419	{
	420	/*
	421	* The Confidential Computing blob is used very early in uncompressed
	422	* kernel to find the in-memory CPUID table to handle CPUID
	423	* instructions. Make sure an identity-mapping exists so it can be
	424	* accessed after switchover.
	425	*/
	426	if (sev_snp_enabled()) {
	427	unsigned long cc_info_pa = boot_params->cc_blob_address;
	428	struct cc_blob_sev_info *cc_info;
	429
	430	kernel_add_identity_map(cc_info_pa, cc_info_pa + sizeof(*cc_info));
	431
	432	cc_info = (struct cc_blob_sev_info *)cc_info_pa;
	433	kernel_add_identity_map(cc_info->cpuid_phys, cc_info->cpuid_phys + cc_info->cpuid_len);
	434	}
	435
	436	sev_verify_cbit(top_level_pgt);
	437	}