Lines Matching +full:guest +full:- +full:side
1 // SPDX-License-Identifier: GPL-2.0
10 * headers in the pre-decompression code in a way that does not break
19 #include <asm/msr-index.h>
32 * Copy a version of this function here - insn-eval.c can't be used in
33 * pre-decompression code.
51 * Only a dummy for insn_get_seg_base() - Early boot-code is 64bit only and
81 memcpy(buffer, (unsigned char *)ctxt->regs->ip, MAX_INSN_SIZE); in vc_decode_insn()
83 ret = insn_decode(&ctxt->insn, buffer, MAX_INSN_SIZE, INSN_MODE_64); in vc_decode_insn()
129 #include "../../kernel/sev-shared.c"
144 * If private -> shared then invalidate the page before requesting the in __page_state_change()
190 /* SNP guest requires the GHCB GPA must be registered */ in early_setup_ghcb()
204 hdr = &desc->hdr; in __snp_accept_memory()
207 e = desc->entries; in __snp_accept_memory()
211 hdr->end_entry = i; in __snp_accept_memory()
213 e->gfn = pa >> PAGE_SHIFT; in __snp_accept_memory()
214 e->operation = SNP_PAGE_STATE_PRIVATE; in __snp_accept_memory()
215 if (IS_ALIGNED(pa, PMD_SIZE) && (pa_end - pa) >= PMD_SIZE) { in __snp_accept_memory()
216 e->pagesize = RMP_PG_SIZE_2M; in __snp_accept_memory()
219 e->pagesize = RMP_PG_SIZE_4K; in __snp_accept_memory()
255 error("SEV-ES CPU Features missing."); in sev_es_shutdown_ghcb()
267 * Mark it non-present now to catch bugs when #VC exceptions trigger in sev_es_shutdown_ghcb()
339 * RMPADJUST modifies RMP permissions of a lesser-privileged (numerically in enforce_vmpl0()
341 * GHCB page. If the guest is not running at VMPL0, this will fail. in enforce_vmpl0()
343 * If the guest is running at VMPL0, it will succeed. Even if that operation in enforce_vmpl0()
346 * changing is a don't-care. in enforce_vmpl0()
355 * guest side implementation for proper functioning of the guest. If any
356 * of these features are enabled in the hypervisor but are lacking guest
357 * side implementation, the behavior of the guest will be undefined. The
358 * guest could fail in non-obvious way making it difficult to debug.
361 * safe side add them to the required features mask.
378 * by the guest kernel. As and when a new feature is implemented in the
379 * guest kernel, a corresponding bit should be added to the mask.
397 * guest side implementation. Pass on the unsupported features mask through in snp_check_features()
399 * as part of the guest boot failure. in snp_check_features()
412 * sev_check_cpu_support - Check for SEV support in the CPU capabilities
426 return -ENODEV; in sev_check_cpu_support()
431 * - Bit 0 - Secure Memory Encryption support in sev_check_cpu_support()
432 * - Bit 1 - Secure Encrypted Virtualization support in sev_check_cpu_support()
434 * - Bits 5:0 - Pagetable bit position used to indicate encryption in sev_check_cpu_support()
441 return -ENODEV; in sev_check_cpu_support()
453 * bp->cc_blob_address should only be set by boot/compressed kernel. in sev_enable()
458 bp->cc_blob_address = 0; in sev_enable()
465 * If the HV fakes SEV support, the guest will crash'n'burn in sev_enable()
473 * Setup/preliminary detection of SNP. This will be sanity-checked in sev_enable()
483 error("SEV-SNP support indicated by CC blob, but not CPUID."); in sev_enable()
487 /* Set the SME mask if this is an SEV guest. */ in sev_enable()
511 error("SEV-SNP supported indicated by CC blob, but not SEV status MSR."); in sev_enable()
517 * sev_get_status - Retrieve the SEV status mask
554 * - via an entry in the EFI config table
555 * - via a setup_data structure, as defined by the Linux Boot Protocol
572 if (cc_info->magic != CC_BLOB_SEV_HDR_MAGIC) in find_cc_blob()
579 * Indicate SNP based on presence of SNP-specific CC blob. Subsequent checks
594 * If a SNP-specific Confidential Computing blob is present, then in snp_init()
603 * Pass run-time kernel a pointer to CC info via boot_params so EFI in snp_init()
607 bp->cc_blob_address = (u32)(unsigned long)cc_info; in snp_init()
616 * kernel to find the in-memory CPUID table to handle CPUID in sev_prep_identity_maps()
617 * instructions. Make sure an identity-mapping exists so it can be in sev_prep_identity_maps()
621 unsigned long cc_info_pa = boot_params_ptr->cc_blob_address; in sev_prep_identity_maps()
627 kernel_add_identity_map(cc_info->cpuid_phys, cc_info->cpuid_phys + cc_info->cpuid_len); in sev_prep_identity_maps()