linux/arch/x86/include/uapi/asm
Tom Lendacky 1958b5fc40 x86/boot: Add early boot support when running with SEV active
Early in the boot process, add checks to determine if the kernel is
running with Secure Encrypted Virtualization (SEV) active.

Checking for SEV requires checking that the kernel is running under a
hypervisor (CPUID 0x00000001, bit 31), that the SEV feature is available
(CPUID 0x8000001f, bit 1) and then checking a non-interceptable SEV MSR
(0xc0010131, bit 0).

This check is required so that during early compressed kernel booting the
pagetables (both the boot pagetables and KASLR pagetables (if enabled) are
updated to include the encryption mask so that when the kernel is
decompressed into encrypted memory, it can boot properly.

After the kernel is decompressed and continues booting the same logic is
used to check if SEV is active and set a flag indicating so.  This allows
to distinguish between SME and SEV, each of which have unique differences
in how certain things are handled: e.g. DMA (always bounce buffered with
SEV) or EFI tables (always access decrypted with SME).

Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Borislav Petkov <bp@suse.de>
Tested-by: Borislav Petkov <bp@suse.de>
Cc: Laura Abbott <labbott@redhat.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: kvm@vger.kernel.org
Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Cc: Radim Krčmář <rkrcmar@redhat.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
Link: https://lkml.kernel.org/r/20171020143059.3291-13-brijesh.singh@amd.com
2017-11-07 15:35:58 +01:00
..
a.out.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
auxvec.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
bitsperlong.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
boot.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
bootparam.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
byteorder.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
debugreg.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
e820.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
errno.h
fcntl.h
hw_breakpoint.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
hwcap2.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
hyperv.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
ioctl.h
ioctls.h
ipcbuf.h
ist.h License cleanup: add SPDX license identifier to uapi header files with a license 2017-11-02 11:20:11 +01:00
Kbuild kbuild: replace genhdr-y with generated-y 2017-06-22 08:55:21 +09:00
kvm_para.h x86/boot: Add early boot support when running with SEV active 2017-11-07 15:35:58 +01:00
kvm_perf.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
kvm.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
ldt.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
mce.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
mman.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
msgbuf.h
msr.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
mtrr.h License cleanup: add SPDX license identifier to uapi header files with a license 2017-11-02 11:20:11 +01:00
param.h
perf_regs.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
poll.h
posix_types_32.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
posix_types_64.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
posix_types_x32.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
posix_types.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
prctl.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
processor-flags.h Merge branch 'linus' into x86/asm, to pick up fixes and resolve conflicts 2017-11-07 10:53:06 +01:00
ptrace-abi.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
ptrace.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
resource.h
sembuf.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
setup.h create non-empty arch/x86/include/uapi/asm/ files 2012-12-17 17:15:11 -08:00
shmbuf.h
sigcontext32.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
sigcontext.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
siginfo.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
signal.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
socket.h
sockios.h
stat.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
statfs.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
svm.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
swab.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
termbits.h
termios.h
types.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ucontext.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
unistd.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
vm86.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
vmx.h License cleanup: add SPDX license identifier to uapi header files with a license 2017-11-02 11:20:11 +01:00
vsyscall.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00