diff options
| author | Michael Roth <michael.roth@amd.com> | 2022-02-09 12:10:01 -0600 |
|---|---|---|
| committer | Borislav Petkov <bp@suse.de> | 2022-04-06 13:02:21 +0200 |
| commit | ec1c66af3a30d45c2420da0974c01d3515dba26e (patch) | |
| tree | 34bb1217b891df832cff98f6b9988a6f276c734d /arch/x86/boot/compressed/misc.h | |
| parent | 950d00558a920227b5703d1fcc4751cfe03853cd (diff) | |
| download | linux-ec1c66af3a30d45c2420da0974c01d3515dba26e.tar.gz linux-ec1c66af3a30d45c2420da0974c01d3515dba26e.tar.bz2 linux-ec1c66af3a30d45c2420da0974c01d3515dba26e.zip | |
x86/compressed/64: Detect/setup SEV/SME features earlier during boot
With upcoming SEV-SNP support, SEV-related features need to be
initialized earlier during boot, at the same point the initial #VC
handler is set up, so that the SEV-SNP CPUID table can be utilized
during the initial feature checks. Also, SEV-SNP feature detection
will rely on EFI helper functions to scan the EFI config table for the
Confidential Computing blob, and so would need to be implemented at
least partially in C.
Currently set_sev_encryption_mask() is used to initialize the
sev_status and sme_me_mask globals that advertise what SEV/SME features
are available in a guest. Rename it to sev_enable() to better reflect
that (SME is only enabled in the case of SEV guests in the
boot/compressed kernel), and move it to just after the stage1 #VC
handler is set up so that it can be used to initialize SEV-SNP as well
in future patches.
While at it, re-implement it as C code so that all SEV feature
detection can be better consolidated with upcoming SEV-SNP feature
detection, which will also be in C.
The 32-bit entry path remains unchanged, as it never relied on the
set_sev_encryption_mask() initialization to begin with.
[ bp: Massage commit message. ]
Signed-off-by: Michael Roth <michael.roth@amd.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Link: https://lore.kernel.org/r/20220307213356.2797205-8-brijesh.singh@amd.com
Diffstat (limited to 'arch/x86/boot/compressed/misc.h')
| -rw-r--r-- | arch/x86/boot/compressed/misc.h | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/arch/x86/boot/compressed/misc.h b/arch/x86/boot/compressed/misc.h index 16ed360b6692..23e0e395084a 100644 --- a/arch/x86/boot/compressed/misc.h +++ b/arch/x86/boot/compressed/misc.h @@ -120,12 +120,12 @@ static inline void console_init(void) { } #endif -void set_sev_encryption_mask(void); - #ifdef CONFIG_AMD_MEM_ENCRYPT +void sev_enable(struct boot_params *bp); void sev_es_shutdown_ghcb(void); extern bool sev_es_check_ghcb_fault(unsigned long address); #else +static inline void sev_enable(struct boot_params *bp) { } static inline void sev_es_shutdown_ghcb(void) { } static inline bool sev_es_check_ghcb_fault(unsigned long address) { |