From: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
To: <linux-kernel@vger.kernel.org>
Cc: <bp@alien8.de>, <tglx@linutronix.de>, <mingo@redhat.com>,
<dave.hansen@linux.intel.com>, <Thomas.Lendacky@amd.com>,
<nikunj@amd.com>, <Santosh.Shukla@amd.com>,
<Vasant.Hegde@amd.com>, <Suravee.Suthikulpanit@amd.com>,
<David.Kaplan@amd.com>, <x86@kernel.org>, <hpa@zytor.com>,
<peterz@infradead.org>, <seanjc@google.com>,
<pbonzini@redhat.com>, <kvm@vger.kernel.org>,
<kirill.shutemov@linux.intel.com>, <huibo.wang@amd.com>,
<naveen.rao@amd.com>, <francescolavra.fl@gmail.com>,
<tiala@microsoft.com>
Subject: [RFC PATCH v7 34/37] x86/apic: Add kexec support for Secure AVIC
Date: Tue, 10 Jun 2025 23:24:21 +0530 [thread overview]
Message-ID: <20250610175424.209796-35-Neeraj.Upadhyay@amd.com> (raw)
In-Reply-To: <20250610175424.209796-1-Neeraj.Upadhyay@amd.com>
Add a apic->teardown() callback to disable Secure AVIC before
rebooting into the new kernel. This ensures that the new
kernel does not access the old APIC backing page which was
allocated by the previous kernel. Such accesses can happen
if there are any APIC accesses done during guest boot before
Secure AVIC driver probe is done by the new kernel (as Secure
AVIC would have remained enabled in the Secure AVIC control
msr).
Signed-off-by: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
---
Changes since v6:
- No change.
arch/x86/coco/sev/core.c | 23 +++++++++++++++++++++++
arch/x86/include/asm/apic.h | 1 +
arch/x86/include/asm/sev.h | 2 ++
arch/x86/kernel/apic/apic.c | 3 +++
arch/x86/kernel/apic/x2apic_savic.c | 8 ++++++++
5 files changed, 37 insertions(+)
diff --git a/arch/x86/coco/sev/core.c b/arch/x86/coco/sev/core.c
index 50166c16428a..3afafcc14541 100644
--- a/arch/x86/coco/sev/core.c
+++ b/arch/x86/coco/sev/core.c
@@ -1151,6 +1151,29 @@ enum es_result savic_register_gpa(u64 gpa)
return res;
}
+enum es_result savic_unregister_gpa(u64 *gpa)
+{
+ struct ghcb_state state;
+ struct es_em_ctxt ctxt;
+ enum es_result res;
+ struct ghcb *ghcb;
+
+ guard(irqsave)();
+
+ ghcb = __sev_get_ghcb(&state);
+ vc_ghcb_invalidate(ghcb);
+
+ ghcb_set_rax(ghcb, SVM_VMGEXIT_SAVIC_SELF_GPA);
+ res = sev_es_ghcb_hv_call(ghcb, &ctxt, SVM_VMGEXIT_SAVIC,
+ SVM_VMGEXIT_SAVIC_UNREGISTER_GPA, 0);
+ if (gpa && res == ES_OK)
+ *gpa = ghcb->save.rbx;
+
+ __sev_put_ghcb(&state);
+
+ return res;
+}
+
static void snp_register_per_cpu_ghcb(void)
{
struct sev_es_runtime_data *data;
diff --git a/arch/x86/include/asm/apic.h b/arch/x86/include/asm/apic.h
index 9c74d1faf3e0..e8a32a3eea86 100644
--- a/arch/x86/include/asm/apic.h
+++ b/arch/x86/include/asm/apic.h
@@ -306,6 +306,7 @@ struct apic {
/* Probe, setup and smpboot functions */
int (*probe)(void);
void (*setup)(void);
+ void (*teardown)(void);
int (*acpi_madt_oem_check)(char *oem_id, char *oem_table_id);
void (*init_apic_ldr)(void);
diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h
index bf42cc136c49..ba68d9a17322 100644
--- a/arch/x86/include/asm/sev.h
+++ b/arch/x86/include/asm/sev.h
@@ -521,6 +521,7 @@ int snp_svsm_vtpm_send_command(u8 *buffer);
void __init snp_secure_tsc_prepare(void);
void __init snp_secure_tsc_init(void);
enum es_result savic_register_gpa(u64 gpa);
+enum es_result savic_unregister_gpa(u64 *gpa);
u64 savic_ghcb_msr_read(u32 reg);
void savic_ghcb_msr_write(u32 reg, u64 value);
@@ -596,6 +597,7 @@ static inline int snp_svsm_vtpm_send_command(u8 *buffer) { return -ENODEV; }
static inline void __init snp_secure_tsc_prepare(void) { }
static inline void __init snp_secure_tsc_init(void) { }
static inline enum es_result savic_register_gpa(u64 gpa) { return ES_UNSUPPORTED; }
+static inline enum es_result savic_unregister_gpa(u64 *gpa) { return ES_UNSUPPORTED; }
static inline void savic_ghcb_msr_write(u32 reg, u64 value) { }
static inline u64 savic_ghcb_msr_read(u32 reg) { return 0; }
diff --git a/arch/x86/kernel/apic/apic.c b/arch/x86/kernel/apic/apic.c
index 69b1084da8f4..badd6a42bced 100644
--- a/arch/x86/kernel/apic/apic.c
+++ b/arch/x86/kernel/apic/apic.c
@@ -1170,6 +1170,9 @@ void disable_local_APIC(void)
if (!apic_accessible())
return;
+ if (apic->teardown)
+ apic->teardown();
+
apic_soft_disable();
#ifdef CONFIG_X86_32
diff --git a/arch/x86/kernel/apic/x2apic_savic.c b/arch/x86/kernel/apic/x2apic_savic.c
index a527d7e4477c..417ea676c37e 100644
--- a/arch/x86/kernel/apic/x2apic_savic.c
+++ b/arch/x86/kernel/apic/x2apic_savic.c
@@ -345,6 +345,13 @@ static void init_apic_page(struct apic_page *ap)
apic_set_reg(ap, APIC_ID, apic_id);
}
+static void savic_teardown(void)
+{
+ /* Disable Secure AVIC */
+ native_wrmsr(MSR_AMD64_SECURE_AVIC_CONTROL, 0, 0);
+ savic_unregister_gpa(NULL);
+}
+
static void savic_setup(void)
{
void *backing_page;
@@ -395,6 +402,7 @@ static struct apic apic_x2apic_savic __ro_after_init = {
.probe = savic_probe,
.acpi_madt_oem_check = savic_acpi_madt_oem_check,
.setup = savic_setup,
+ .teardown = savic_teardown,
.dest_mode_logical = false,
--
2.34.1
next prev parent reply other threads:[~2025-06-10 18:07 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-06-10 17:53 [RFC PATCH v7 00/37] AMD: Add Secure AVIC Guest Support Neeraj Upadhyay
2025-06-10 17:53 ` [RFC PATCH v7 01/37] KVM: lapic: Remove __apic_test_and_{set|clear}_vector() Neeraj Upadhyay
2025-06-23 11:26 ` Borislav Petkov
2025-06-25 1:18 ` Neeraj Upadhyay
2025-06-25 12:53 ` Sean Christopherson
2025-06-10 17:53 ` [RFC PATCH v7 02/37] KVM: lapic: Remove redundant parentheses around 'bitmap' Neeraj Upadhyay
2025-06-23 11:41 ` Borislav Petkov
2025-06-25 1:19 ` Neeraj Upadhyay
2025-06-10 17:53 ` [RFC PATCH v7 03/37] x86/apic: KVM: Deduplicate APIC vector => register+bit math Neeraj Upadhyay
2025-06-23 11:49 ` Borislav Petkov
2025-06-25 1:21 ` Neeraj Upadhyay
2025-06-25 12:59 ` Sean Christopherson
2025-06-10 17:53 ` [RFC PATCH v7 04/37] KVM: lapic: Rename VEC_POS/REG_POS macro usages Neeraj Upadhyay
2025-06-10 17:53 ` [RFC PATCH v7 05/37] KVM: lapic: Change lapic regs base address to void pointer Neeraj Upadhyay
2025-07-01 15:47 ` Borislav Petkov
2025-06-10 17:53 ` [RFC PATCH v7 06/37] KVM: lapic: Rename find_highest_vector() Neeraj Upadhyay
2025-06-10 17:53 ` [RFC PATCH v7 07/37] KVM: lapic: Rename lapic get/set_reg() helpers Neeraj Upadhyay
2025-06-25 13:56 ` Sean Christopherson
2025-06-10 17:53 ` [RFC PATCH v7 08/37] KVM: lapic: Rename lapic get/set_reg64() helpers Neeraj Upadhyay
2025-06-10 17:53 ` [RFC PATCH v7 09/37] KVM: lapic: Rename lapic set/clear vector helpers Neeraj Upadhyay
2025-06-10 17:53 ` [RFC PATCH v7 10/37] KVM: lapic: Mark apic_find_highest_vector() inline Neeraj Upadhyay
2025-06-25 13:58 ` Sean Christopherson
2025-06-10 17:53 ` [RFC PATCH v7 11/37] x86/apic: KVM: Move apic_find_highest_vector() to a common header Neeraj Upadhyay
2025-06-25 13:59 ` Sean Christopherson
2025-06-10 17:53 ` [RFC PATCH v7 12/37] x86/apic: KVM: Move lapic get/set_reg() helpers to common code Neeraj Upadhyay
2025-06-25 14:03 ` Sean Christopherson
2025-06-10 17:54 ` [RFC PATCH v7 13/37] KVM: x86: Move lapic get/set_reg64() " Neeraj Upadhyay
2025-06-10 17:54 ` [RFC PATCH v7 14/37] KVM: x86: Move lapic set/clear_vector() " Neeraj Upadhyay
2025-06-25 14:04 ` Sean Christopherson
2025-06-10 17:54 ` [RFC PATCH v7 15/37] KVM: x86: apic_test_vector() " Neeraj Upadhyay
2025-06-10 17:54 ` [RFC PATCH v7 16/37] x86/apic: Rename 'reg_off' to 'reg' Neeraj Upadhyay
2025-06-10 17:54 ` [RFC PATCH v7 17/37] x86/apic: Unionize apic regs for 32bit/64bit access w/o type casting Neeraj Upadhyay
2025-06-24 10:28 ` Huang, Kai
2025-06-25 1:15 ` Neeraj Upadhyay
2025-06-10 17:54 ` [RFC PATCH v7 18/37] x86/apic: Simplify bitwise operations on apic bitmap Neeraj Upadhyay
2025-06-24 10:37 ` Huang, Kai
2025-06-25 1:18 ` Neeraj Upadhyay
2025-06-25 14:05 ` Sean Christopherson
2025-06-10 17:54 ` [RFC PATCH v7 19/37] x86/apic: Move apic_update_irq_cfg() calls to apic_update_vector() Neeraj Upadhyay
2025-06-10 17:54 ` [RFC PATCH v7 20/37] x86/apic: Add new driver for Secure AVIC Neeraj Upadhyay
2025-06-10 17:54 ` [RFC PATCH v7 21/37] x86/apic: Initialize Secure AVIC APIC backing page Neeraj Upadhyay
2025-06-10 17:54 ` [RFC PATCH v7 22/37] x86/apic: Populate .read()/.write() callbacks of Secure AVIC driver Neeraj Upadhyay
2025-06-10 17:54 ` [RFC PATCH v7 23/37] x86/apic: Initialize APIC ID for Secure AVIC Neeraj Upadhyay
2025-06-10 17:54 ` [RFC PATCH v7 24/37] x86/apic: Add update_vector() callback for apic drivers Neeraj Upadhyay
2025-06-10 17:54 ` [RFC PATCH v7 25/37] x86/apic: Add update_vector() callback for Secure AVIC Neeraj Upadhyay
2025-06-10 17:54 ` [RFC PATCH v7 26/37] x86/apic: Add support to send IPI " Neeraj Upadhyay
2025-06-10 17:54 ` [RFC PATCH v7 27/37] x86/apic: Support LAPIC timer " Neeraj Upadhyay
2025-06-10 17:54 ` [RFC PATCH v7 28/37] x86/sev: Initialize VGIF for secondary VCPUs " Neeraj Upadhyay
2025-06-10 17:54 ` [RFC PATCH v7 29/37] x86/apic: Add support to send NMI IPI " Neeraj Upadhyay
2025-06-10 17:54 ` [RFC PATCH v7 30/37] x86/apic: Allow NMI to be injected from hypervisor " Neeraj Upadhyay
2025-06-10 17:54 ` [RFC PATCH v7 31/37] x86/sev: Enable NMI support " Neeraj Upadhyay
2025-06-10 17:54 ` [RFC PATCH v7 32/37] x86/apic: Read and write LVT* APIC registers from HV for SAVIC guests Neeraj Upadhyay
2025-06-10 17:54 ` [RFC PATCH v7 33/37] x86/apic: Handle EOI writes for Secure AVIC guests Neeraj Upadhyay
2025-06-10 17:54 ` Neeraj Upadhyay [this message]
2025-06-10 17:54 ` [RFC PATCH v7 35/37] x86/apic: Enable Secure AVIC in Control MSR Neeraj Upadhyay
2025-06-10 17:54 ` [RFC PATCH v7 36/37] x86/sev: Prevent SECURE_AVIC_CONTROL MSR interception for Secure AVIC guests Neeraj Upadhyay
2025-06-10 17:54 ` [RFC PATCH v7 37/37] x86/sev: Indicate SEV-SNP guest supports Secure AVIC Neeraj Upadhyay
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250610175424.209796-35-Neeraj.Upadhyay@amd.com \
--to=neeraj.upadhyay@amd.com \
--cc=David.Kaplan@amd.com \
--cc=Santosh.Shukla@amd.com \
--cc=Suravee.Suthikulpanit@amd.com \
--cc=Thomas.Lendacky@amd.com \
--cc=Vasant.Hegde@amd.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=francescolavra.fl@gmail.com \
--cc=hpa@zytor.com \
--cc=huibo.wang@amd.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=naveen.rao@amd.com \
--cc=nikunj@amd.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=tiala@microsoft.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox