From: Ard Biesheuvel <ardb+git@google.com>
To: linux-kernel@vger.kernel.org
Cc: linux-efi@vger.kernel.org, x86@kernel.org,
Ard Biesheuvel <ardb@kernel.org>, Borislav Petkov <bp@alien8.de>,
Ingo Molnar <mingo@kernel.org>,
Kevin Loughlin <kevinloughlin@google.com>,
Tom Lendacky <thomas.lendacky@amd.com>,
Josh Poimboeuf <jpoimboe@kernel.org>,
Peter Zijlstra <peterz@infradead.org>,
Nikunj A Dadhania <nikunj@amd.com>
Subject: [PATCH v5 09/22] x86/sev: Use boot SVSM CA for all startup and init code
Date: Wed, 16 Jul 2025 05:18:24 +0200 [thread overview]
Message-ID: <20250716031814.2096113-33-ardb+git@google.com> (raw)
In-Reply-To: <20250716031814.2096113-24-ardb+git@google.com>
From: Ard Biesheuvel <ardb@kernel.org>
To avoid having to reason about whether or not to use the per-CPU SVSM
calling area when running startup and init code on the boot CPU, reuse
the boot SVSM calling area as the per-CPU area for CPU #0.
This removes the need to make the per-CPU variables and associated state
in sev_cfg accessible to the startup code once confined.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
arch/x86/boot/compressed/sev.c | 13 ------
arch/x86/boot/startup/sev-startup.c | 7 +--
arch/x86/coco/sev/core.c | 47 +++++++++-----------
arch/x86/include/asm/sev-internal.h | 16 -------
4 files changed, 24 insertions(+), 59 deletions(-)
diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c
index 18b0ccf517eb..4bdf5595ed96 100644
--- a/arch/x86/boot/compressed/sev.c
+++ b/arch/x86/boot/compressed/sev.c
@@ -37,19 +37,6 @@ struct ghcb *boot_ghcb;
#define __BOOT_COMPRESSED
-extern u64 boot_svsm_caa_pa;
-
-struct svsm_ca *svsm_get_caa(void)
-{
- /* The decompressor is mapped 1:1 so VA == PA */
- return (struct svsm_ca *)boot_svsm_caa_pa;
-}
-
-u64 svsm_get_caa_pa(void)
-{
- return boot_svsm_caa_pa;
-}
-
u8 snp_vmpl;
/* Include code for early handlers */
diff --git a/arch/x86/boot/startup/sev-startup.c b/arch/x86/boot/startup/sev-startup.c
index 7aabda0b378e..8e804369cc60 100644
--- a/arch/x86/boot/startup/sev-startup.c
+++ b/arch/x86/boot/startup/sev-startup.c
@@ -50,9 +50,6 @@ u64 sev_secrets_pa __ro_after_init;
/* For early boot SVSM communication */
struct svsm_ca boot_svsm_ca_page __aligned(PAGE_SIZE);
-DEFINE_PER_CPU(struct svsm_ca *, svsm_caa);
-DEFINE_PER_CPU(u64, svsm_caa_pa);
-
/*
* Nothing shall interrupt this code path while holding the per-CPU
* GHCB. The backup GHCB is only for NMIs interrupting this path.
@@ -167,7 +164,7 @@ void __head early_snp_set_memory_private(unsigned long vaddr, unsigned long padd
* table.
*/
early_set_pages_state(vaddr, paddr, npages, SNP_PAGE_STATE_PRIVATE,
- svsm_get_caa(), svsm_get_caa_pa());
+ rip_rel_ptr(&boot_svsm_ca_page), boot_svsm_caa_pa);
}
void __head early_snp_set_memory_shared(unsigned long vaddr, unsigned long paddr,
@@ -184,7 +181,7 @@ void __head early_snp_set_memory_shared(unsigned long vaddr, unsigned long paddr
/* Ask hypervisor to mark the memory pages shared in the RMP table. */
early_set_pages_state(vaddr, paddr, npages, SNP_PAGE_STATE_SHARED,
- svsm_get_caa(), svsm_get_caa_pa());
+ rip_rel_ptr(&boot_svsm_ca_page), boot_svsm_caa_pa);
}
/*
diff --git a/arch/x86/coco/sev/core.c b/arch/x86/coco/sev/core.c
index 7a86a2fe494d..4fe0928bc0ad 100644
--- a/arch/x86/coco/sev/core.c
+++ b/arch/x86/coco/sev/core.c
@@ -46,6 +46,25 @@
#include <asm/cmdline.h>
#include <asm/msr.h>
+DEFINE_PER_CPU(struct svsm_ca *, svsm_caa);
+DEFINE_PER_CPU(u64, svsm_caa_pa);
+
+static inline struct svsm_ca *svsm_get_caa(void)
+{
+ if (sev_cfg.use_cas)
+ return this_cpu_read(svsm_caa);
+ else
+ return rip_rel_ptr(&boot_svsm_ca_page);
+}
+
+static inline u64 svsm_get_caa_pa(void)
+{
+ if (sev_cfg.use_cas)
+ return this_cpu_read(svsm_caa_pa);
+ else
+ return boot_svsm_caa_pa;
+}
+
/* AP INIT values as documented in the APM2 section "Processor Initialization State" */
#define AP_INIT_CS_LIMIT 0xffff
#define AP_INIT_DS_LIMIT 0xffff
@@ -1287,7 +1306,8 @@ static void __init alloc_runtime_data(int cpu)
struct svsm_ca *caa;
/* Allocate the SVSM CA page if an SVSM is present */
- caa = memblock_alloc_or_panic(sizeof(*caa), PAGE_SIZE);
+ caa = cpu ? memblock_alloc_or_panic(sizeof(*caa), PAGE_SIZE)
+ : &boot_svsm_ca_page;
per_cpu(svsm_caa, cpu) = caa;
per_cpu(svsm_caa_pa, cpu) = __pa(caa);
@@ -1341,32 +1361,9 @@ void __init sev_es_init_vc_handling(void)
init_ghcb(cpu);
}
- /* If running under an SVSM, switch to the per-cpu CA */
- if (snp_vmpl) {
- struct svsm_call call = {};
- unsigned long flags;
- int ret;
-
- local_irq_save(flags);
-
- /*
- * SVSM_CORE_REMAP_CA call:
- * RAX = 0 (Protocol=0, CallID=0)
- * RCX = New CA GPA
- */
- call.caa = svsm_get_caa();
- call.rax = SVSM_CORE_CALL(SVSM_CORE_REMAP_CA);
- call.rcx = this_cpu_read(svsm_caa_pa);
- ret = svsm_perform_call_protocol(&call);
- if (ret)
- panic("Can't remap the SVSM CA, ret=%d, rax_out=0x%llx\n",
- ret, call.rax_out);
-
+ if (snp_vmpl)
sev_cfg.use_cas = true;
- local_irq_restore(flags);
- }
-
sev_es_setup_play_dead();
/* Secondary CPUs use the runtime #VC handler */
diff --git a/arch/x86/include/asm/sev-internal.h b/arch/x86/include/asm/sev-internal.h
index 3b72d8217827..bdfe008120f3 100644
--- a/arch/x86/include/asm/sev-internal.h
+++ b/arch/x86/include/asm/sev-internal.h
@@ -63,22 +63,6 @@ DECLARE_PER_CPU(u64, svsm_caa_pa);
extern u64 boot_svsm_caa_pa;
-static __always_inline struct svsm_ca *svsm_get_caa(void)
-{
- if (sev_cfg.use_cas)
- return this_cpu_read(svsm_caa);
- else
- return rip_rel_ptr(&boot_svsm_ca_page);
-}
-
-static __always_inline u64 svsm_get_caa_pa(void)
-{
- if (sev_cfg.use_cas)
- return this_cpu_read(svsm_caa_pa);
- else
- return boot_svsm_caa_pa;
-}
-
enum es_result verify_exception_info(struct ghcb *ghcb, struct es_em_ctxt *ctxt);
void vc_forward_exception(struct es_em_ctxt *ctxt);
--
2.50.0.727.gbf7dc18ff4-goog
next prev parent reply other threads:[~2025-07-16 3:22 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-16 3:18 [PATCH v5 00/22] x86: strict separation of startup code Ard Biesheuvel
2025-07-16 3:18 ` [PATCH v5 01/22] x86/sev: Separate MSR and GHCB based snp_cpuid() via a callback Ard Biesheuvel
2025-07-16 16:52 ` Tom Lendacky
2025-07-16 3:18 ` [PATCH v5 02/22] x86/sev: Use MSR protocol for remapping SVSM calling area Ard Biesheuvel
2025-07-16 17:03 ` Tom Lendacky
2025-07-18 9:45 ` Ard Biesheuvel
2025-07-16 3:18 ` [PATCH v5 03/22] x86/sev: Use MSR protocol only for early SVSM PVALIDATE call Ard Biesheuvel
2025-07-16 3:18 ` [PATCH v5 04/22] x86/sev: Run RMPADJUST on SVSM calling area page to test VMPL Ard Biesheuvel
2025-07-16 3:18 ` [PATCH v5 05/22] x86/sev: Move GHCB page based HV communication out of startup code Ard Biesheuvel
2025-07-16 3:18 ` [PATCH v5 06/22] x86/sev: Avoid global variable to store virtual address of SVSM area Ard Biesheuvel
2025-07-16 3:18 ` [PATCH v5 07/22] x86/sev: Share implementation of MSR-based page state change Ard Biesheuvel
2025-07-16 3:18 ` [PATCH v5 08/22] x86/sev: Pass SVSM calling area down to early page state change API Ard Biesheuvel
2025-07-16 3:18 ` Ard Biesheuvel [this message]
2025-07-16 3:18 ` [PATCH v5 10/22] x86/boot: Drop redundant RMPADJUST in SEV SVSM presence check Ard Biesheuvel
2025-07-16 3:18 ` [PATCH v5 11/22] x86/boot: Provide PIC aliases for 5-level paging related constants Ard Biesheuvel
2025-07-16 3:18 ` [PATCH v5 12/22] x86/sev: Provide PIC aliases for SEV related data objects Ard Biesheuvel
2025-07-16 3:18 ` [PATCH v5 13/22] x86/sev: Move __sev_[get|put]_ghcb() into separate noinstr object Ard Biesheuvel
2025-07-16 3:18 ` [PATCH v5 14/22] x86/sev: Export startup routines for later use Ard Biesheuvel
2025-07-16 3:18 ` [PATCH v5 15/22] objtool: Add action to check for absence of absolute relocations Ard Biesheuvel
2025-07-16 9:54 ` Peter Zijlstra
2025-07-16 10:26 ` Ard Biesheuvel
2025-07-16 11:32 ` Peter Zijlstra
2025-07-16 20:48 ` Josh Poimboeuf
2025-07-16 3:18 ` [PATCH v5 16/22] x86/boot: Check startup code " Ard Biesheuvel
2025-07-16 3:18 ` [PATCH v5 17/22] x86/boot: Revert "Reject absolute references in .head.text" Ard Biesheuvel
2025-07-16 3:18 ` [PATCH v5 18/22] x86/kbuild: Incorporate boot/startup/ via Kbuild makefile Ard Biesheuvel
2025-07-16 3:18 ` [PATCH v5 19/22] x86/boot: Create a confined code area for startup code Ard Biesheuvel
2025-07-16 3:18 ` [PATCH v5 20/22] efistub/x86: Remap inittext read-execute when needed Ard Biesheuvel
2025-07-16 3:18 ` [PATCH v5 21/22] x86/boot: Move startup code out of __head section Ard Biesheuvel
2025-07-16 3:18 ` [PATCH v5 22/22] x86/boot: Get rid of the .head.text section Ard Biesheuvel
2025-07-16 14:27 ` [PATCH v5 00/22] x86: strict separation of startup code Tom Lendacky
2025-07-16 22:02 ` Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250716031814.2096113-33-ardb+git@google.com \
--to=ardb+git@google.com \
--cc=ardb@kernel.org \
--cc=bp@alien8.de \
--cc=jpoimboe@kernel.org \
--cc=kevinloughlin@google.com \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=nikunj@amd.com \
--cc=peterz@infradead.org \
--cc=thomas.lendacky@amd.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox