Lines Matching +full:guest +full:- +full:side
1 // SPDX-License-Identifier: GPL-2.0
10 * headers in the pre-decompression code in a way that does not break
19 #include <asm/msr-index.h>
32 * Copy a version of this function here - insn-eval.c can't be used in
33 * pre-decompression code.
51 * Only a dummy for insn_get_seg_base() - Early boot-code is 64bit only and
81 memcpy(buffer, (unsigned char *)ctxt->regs->ip, MAX_INSN_SIZE); in vc_decode_insn()
83 ret = insn_decode(&ctxt->insn, buffer, MAX_INSN_SIZE, INSN_MODE_64); in vc_decode_insn()
129 #include "../../kernel/sev-shared.c"
141 * If private -> shared then invalidate the page before requesting the in __page_state_change()
199 /* SNP guest requires the GHCB GPA must be registered */ in early_setup_ghcb()
218 error("SEV-ES CPU Features missing."); in sev_es_shutdown_ghcb()
230 * Mark it non-present now to catch bugs when #VC exceptions trigger in sev_es_shutdown_ghcb()
302 * RMPADJUST modifies RMP permissions of a lesser-privileged (numerically in enforce_vmpl0()
304 * GHCB page. If the guest is not running at VMPL0, this will fail. in enforce_vmpl0()
306 * If the guest is running at VMPL0, it will succeed. Even if that operation in enforce_vmpl0()
309 * changing is a don't-care. in enforce_vmpl0()
318 * guest side implementation for proper functioning of the guest. If any
319 * of these features are enabled in the hypervisor but are lacking guest
320 * side implementation, the behavior of the guest will be undefined. The
321 * guest could fail in non-obvious way making it difficult to debug.
324 * safe side add them to the required features mask.
341 * by the guest kernel. As and when a new feature is implemented in the
342 * guest kernel, a corresponding bit should be added to the mask.
360 * guest side implementation. Pass on the unsupported features mask through in snp_check_features()
362 * as part of the guest boot failure. in snp_check_features()
375 * sev_check_cpu_support - Check for SEV support in the CPU capabilities
389 return -ENODEV; in sev_check_cpu_support()
394 * - Bit 0 - Secure Memory Encryption support in sev_check_cpu_support()
395 * - Bit 1 - Secure Encrypted Virtualization support in sev_check_cpu_support()
397 * - Bits 5:0 - Pagetable bit position used to indicate encryption in sev_check_cpu_support()
404 return -ENODEV; in sev_check_cpu_support()
416 * bp->cc_blob_address should only be set by boot/compressed kernel. in sev_enable()
421 bp->cc_blob_address = 0; in sev_enable()
428 * If the HV fakes SEV support, the guest will crash'n'burn in sev_enable()
436 * Setup/preliminary detection of SNP. This will be sanity-checked in sev_enable()
446 error("SEV-SNP support indicated by CC blob, but not CPUID."); in sev_enable()
450 /* Set the SME mask if this is an SEV guest. */ in sev_enable()
474 error("SEV-SNP supported indicated by CC blob, but not SEV status MSR."); in sev_enable()
480 * sev_get_status - Retrieve the SEV status mask
517 * - via an entry in the EFI config table
518 * - via a setup_data structure, as defined by the Linux Boot Protocol
535 if (cc_info->magic != CC_BLOB_SEV_HDR_MAGIC) in find_cc_blob()
542 * Indicate SNP based on presence of SNP-specific CC blob. Subsequent checks
557 * If a SNP-specific Confidential Computing blob is present, then in snp_init()
566 * Pass run-time kernel a pointer to CC info via boot_params so EFI in snp_init()
570 bp->cc_blob_address = (u32)(unsigned long)cc_info; in snp_init()
579 * kernel to find the in-memory CPUID table to handle CPUID in sev_prep_identity_maps()
580 * instructions. Make sure an identity-mapping exists so it can be in sev_prep_identity_maps()
584 unsigned long cc_info_pa = boot_params_ptr->cc_blob_address; in sev_prep_identity_maps()
590 kernel_add_identity_map(cc_info->cpuid_phys, cc_info->cpuid_phys + cc_info->cpuid_len); in sev_prep_identity_maps()