From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
To: Joerg Roedel <joro@8bytes.org>, daniel.kiper@oracle.com
Cc: kvm@vger.kernel.org, Peter Zijlstra <peterz@infradead.org>,
Dave Hansen <dave.hansen@linux.intel.com>,
virtualization@lists.linux-foundation.org,
Arvind Sankar <nivedita@alum.mit.edu>,
hpa@zytor.com, Jiri Slaby <jslaby@suse.cz>,
x86@kernel.org, David Rientjes <rientjes@google.com>,
Martin Radev <martin.b.radev@gmail.com>,
Tom Lendacky <thomas.lendacky@amd.com>,
Joerg Roedel <jroedel@suse.de>, Kees Cook <keescook@chromium.org>,
Cfir Cohen <cfir@google.com>, Andy Lutomirski <luto@kernel.org>,
Dan Williams <dan.j.williams@intel.com>,
Juergen Gross <jgross@suse.com>, Mike Stunes <mstunes@vmware.com>,
linux-kernel@vger.kernel.org,
Sean Christopherson <sean.j.christopherson@intel.com>,
Masami Hiramatsu <mhiramat@kernel.org>,
Erdem Aktas <erdemaktas@google.com>
Subject: Re: [PATCH 0/7] x86/seves: Support 32-bit boot path and other updates
Date: Wed, 10 Feb 2021 09:58:35 -0500 [thread overview]
Message-ID: <20210210145835.GE358613@fedora> (raw)
In-Reply-To: <20210210102135.30667-1-joro@8bytes.org>
On Wed, Feb 10, 2021 at 11:21:28AM +0100, Joerg Roedel wrote:
> From: Joerg Roedel <jroedel@suse.de>
>
> Hi,
>
> these patches add support for the 32-bit boot in the decompressor
> code. This is needed to boot an SEV-ES guest on some firmware and grub
> versions. The patches also add the necessary CPUID sanity checks and a
Could you expand a bit please?
What GRUB versions are we talking about (CC-ing Daniel Kiper, who owns
GRUB).
By 'some firmware' we talking SeaBIOS?
> 32-bit version of the C-bit check.
>
> Other updates included here:
>
> 1. Add code to shut down exception handling in the
> decompressor code before jumping to the real kernel.
> Once in the real kernel it is not safe anymore to jump
> back to the decompressor code via exceptions.
>
> 2. Replace open-coded hlt loops with proper calls to
> sev_es_terminate().
>
> Please review.
>
> Thanks,
>
> Joerg
>
> Joerg Roedel (7):
> x86/boot/compressed/64: Cleanup exception handling before booting
> kernel
> x86/boot/compressed/64: Reload CS in startup_32
> x86/boot/compressed/64: Setup IDT in startup_32 boot path
> x86/boot/compressed/64: Add 32-bit boot #VC handler
> x86/boot/compressed/64: Add CPUID sanity check to 32-bit boot-path
> x86/boot/compressed/64: Check SEV encryption in 32-bit boot-path
> x86/sev-es: Replace open-coded hlt-loops with sev_es_terminate()
>
> arch/x86/boot/compressed/head_64.S | 168 ++++++++++++++++++++++++-
> arch/x86/boot/compressed/idt_64.c | 14 +++
> arch/x86/boot/compressed/mem_encrypt.S | 114 ++++++++++++++++-
> arch/x86/boot/compressed/misc.c | 7 +-
> arch/x86/boot/compressed/misc.h | 6 +
> arch/x86/boot/compressed/sev-es.c | 12 +-
> arch/x86/kernel/sev-es-shared.c | 10 +-
> 7 files changed, 307 insertions(+), 24 deletions(-)
>
> --
> 2.30.0
>
_______________________________________________
Virtualization mailing list
Virtualization@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/virtualization
WARNING: multiple messages have this Message-ID (diff)
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
To: Joerg Roedel <joro@8bytes.org>, daniel.kiper@oracle.com
Cc: x86@kernel.org, Joerg Roedel <jroedel@suse.de>,
hpa@zytor.com, Andy Lutomirski <luto@kernel.org>,
Dave Hansen <dave.hansen@linux.intel.com>,
Peter Zijlstra <peterz@infradead.org>,
Jiri Slaby <jslaby@suse.cz>,
Dan Williams <dan.j.williams@intel.com>,
Tom Lendacky <thomas.lendacky@amd.com>,
Juergen Gross <jgross@suse.com>,
Kees Cook <keescook@chromium.org>,
David Rientjes <rientjes@google.com>,
Cfir Cohen <cfir@google.com>, Erdem Aktas <erdemaktas@google.com>,
Masami Hiramatsu <mhiramat@kernel.org>,
Mike Stunes <mstunes@vmware.com>,
Sean Christopherson <sean.j.christopherson@intel.com>,
Martin Radev <martin.b.radev@gmail.com>,
Arvind Sankar <nivedita@alum.mit.edu>,
linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
virtualization@lists.linux-foundation.org
Subject: Re: [PATCH 0/7] x86/seves: Support 32-bit boot path and other updates
Date: Wed, 10 Feb 2021 09:58:35 -0500 [thread overview]
Message-ID: <20210210145835.GE358613@fedora> (raw)
In-Reply-To: <20210210102135.30667-1-joro@8bytes.org>
On Wed, Feb 10, 2021 at 11:21:28AM +0100, Joerg Roedel wrote:
> From: Joerg Roedel <jroedel@suse.de>
>
> Hi,
>
> these patches add support for the 32-bit boot in the decompressor
> code. This is needed to boot an SEV-ES guest on some firmware and grub
> versions. The patches also add the necessary CPUID sanity checks and a
Could you expand a bit please?
What GRUB versions are we talking about (CC-ing Daniel Kiper, who owns
GRUB).
By 'some firmware' we talking SeaBIOS?
> 32-bit version of the C-bit check.
>
> Other updates included here:
>
> 1. Add code to shut down exception handling in the
> decompressor code before jumping to the real kernel.
> Once in the real kernel it is not safe anymore to jump
> back to the decompressor code via exceptions.
>
> 2. Replace open-coded hlt loops with proper calls to
> sev_es_terminate().
>
> Please review.
>
> Thanks,
>
> Joerg
>
> Joerg Roedel (7):
> x86/boot/compressed/64: Cleanup exception handling before booting
> kernel
> x86/boot/compressed/64: Reload CS in startup_32
> x86/boot/compressed/64: Setup IDT in startup_32 boot path
> x86/boot/compressed/64: Add 32-bit boot #VC handler
> x86/boot/compressed/64: Add CPUID sanity check to 32-bit boot-path
> x86/boot/compressed/64: Check SEV encryption in 32-bit boot-path
> x86/sev-es: Replace open-coded hlt-loops with sev_es_terminate()
>
> arch/x86/boot/compressed/head_64.S | 168 ++++++++++++++++++++++++-
> arch/x86/boot/compressed/idt_64.c | 14 +++
> arch/x86/boot/compressed/mem_encrypt.S | 114 ++++++++++++++++-
> arch/x86/boot/compressed/misc.c | 7 +-
> arch/x86/boot/compressed/misc.h | 6 +
> arch/x86/boot/compressed/sev-es.c | 12 +-
> arch/x86/kernel/sev-es-shared.c | 10 +-
> 7 files changed, 307 insertions(+), 24 deletions(-)
>
> --
> 2.30.0
>
next prev parent reply other threads:[~2021-02-10 14:59 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-10 10:21 [PATCH 0/7] x86/seves: Support 32-bit boot path and other updates Joerg Roedel
2021-02-10 10:21 ` Joerg Roedel
2021-02-10 10:21 ` [PATCH 1/7] x86/boot/compressed/64: Cleanup exception handling before booting kernel Joerg Roedel
2021-02-10 10:21 ` Joerg Roedel
2021-02-10 10:21 ` [PATCH 2/7] x86/boot/compressed/64: Reload CS in startup_32 Joerg Roedel
2021-02-10 10:21 ` Joerg Roedel
2021-02-10 10:21 ` [PATCH 3/7] x86/boot/compressed/64: Setup IDT in startup_32 boot path Joerg Roedel
2021-02-10 10:21 ` Joerg Roedel
2021-02-24 10:49 ` Borislav Petkov
2021-02-24 10:49 ` Borislav Petkov
2021-02-10 10:21 ` [PATCH 4/7] x86/boot/compressed/64: Add 32-bit boot #VC handler Joerg Roedel
2021-02-10 10:21 ` Joerg Roedel
2021-02-25 12:13 ` Borislav Petkov
2021-02-25 12:13 ` Borislav Petkov
2021-02-10 10:21 ` [PATCH 5/7] x86/boot/compressed/64: Add CPUID sanity check to 32-bit boot-path Joerg Roedel
2021-02-10 10:21 ` Joerg Roedel
2021-02-10 10:21 ` [PATCH 6/7] x86/boot/compressed/64: Check SEV encryption in " Joerg Roedel
2021-02-10 10:21 ` Joerg Roedel
2021-02-10 16:25 ` Dave Hansen
2021-02-10 16:25 ` Dave Hansen
2021-02-10 16:46 ` Joerg Roedel
2021-02-10 16:46 ` Joerg Roedel
2021-02-10 16:47 ` Dave Hansen
2021-02-10 16:47 ` Dave Hansen
2021-02-10 20:44 ` Tom Lendacky
2021-02-10 20:44 ` Tom Lendacky
2021-03-02 19:43 ` Borislav Petkov
2021-03-02 19:43 ` Borislav Petkov
2021-03-09 10:02 ` Joerg Roedel
2021-03-09 10:02 ` Joerg Roedel
2021-02-10 10:21 ` [PATCH 7/7] x86/sev-es: Replace open-coded hlt-loops with sev_es_terminate() Joerg Roedel
2021-02-10 10:21 ` Joerg Roedel
2021-02-10 14:58 ` Konrad Rzeszutek Wilk [this message]
2021-02-10 14:58 ` [PATCH 0/7] x86/seves: Support 32-bit boot path and other updates Konrad Rzeszutek Wilk
2021-02-10 15:12 ` Joerg Roedel
2021-02-10 15:12 ` Joerg Roedel
2021-02-10 15:19 ` Konrad Rzeszutek Wilk
2021-02-10 15:19 ` Konrad Rzeszutek Wilk
2021-02-10 15:27 ` Joerg Roedel
2021-02-10 15:27 ` Joerg Roedel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210210145835.GE358613@fedora \
--to=konrad.wilk@oracle.com \
--cc=cfir@google.com \
--cc=dan.j.williams@intel.com \
--cc=daniel.kiper@oracle.com \
--cc=dave.hansen@linux.intel.com \
--cc=erdemaktas@google.com \
--cc=hpa@zytor.com \
--cc=jgross@suse.com \
--cc=joro@8bytes.org \
--cc=jroedel@suse.de \
--cc=jslaby@suse.cz \
--cc=keescook@chromium.org \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=martin.b.radev@gmail.com \
--cc=mhiramat@kernel.org \
--cc=mstunes@vmware.com \
--cc=nivedita@alum.mit.edu \
--cc=peterz@infradead.org \
--cc=rientjes@google.com \
--cc=sean.j.christopherson@intel.com \
--cc=thomas.lendacky@amd.com \
--cc=virtualization@lists.linux-foundation.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.