linux/arch
Tom Lendacky 1958b5fc40 x86/boot: Add early boot support when running with SEV active
Early in the boot process, add checks to determine if the kernel is
running with Secure Encrypted Virtualization (SEV) active.

Checking for SEV requires checking that the kernel is running under a
hypervisor (CPUID 0x00000001, bit 31), that the SEV feature is available
(CPUID 0x8000001f, bit 1) and then checking a non-interceptable SEV MSR
(0xc0010131, bit 0).

This check is required so that during early compressed kernel booting the
pagetables (both the boot pagetables and KASLR pagetables (if enabled) are
updated to include the encryption mask so that when the kernel is
decompressed into encrypted memory, it can boot properly.

After the kernel is decompressed and continues booting the same logic is
used to check if SEV is active and set a flag indicating so.  This allows
to distinguish between SME and SEV, each of which have unique differences
in how certain things are handled: e.g. DMA (always bounce buffered with
SEV) or EFI tables (always access decrypted with SME).

Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Borislav Petkov <bp@suse.de>
Tested-by: Borislav Petkov <bp@suse.de>
Cc: Laura Abbott <labbott@redhat.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: kvm@vger.kernel.org
Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Cc: Radim Krčmář <rkrcmar@redhat.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
Link: https://lkml.kernel.org/r/20171020143059.3291-13-brijesh.singh@amd.com
2017-11-07 15:35:58 +01:00
..
alpha License cleanup: add SPDX license identifiers to some files 2017-11-02 10:04:46 -07:00
arc License cleanup: add SPDX license identifiers to some files 2017-11-02 10:04:46 -07:00
arm Merge branch 'fixes' of git://git.armlinux.org.uk/~rmk/linux-arm 2017-11-04 14:26:30 -07:00
arm64 Fixes for interrupt controller emulation in ARM/ARM64 and x86, plus a one-liner 2017-11-04 11:44:55 -07:00
blackfin License cleanup: add SPDX license identifier to uapi header files with a license 2017-11-02 11:20:11 +01:00
c6x License cleanup: add SPDX license identifier to uapi header files with a license 2017-11-02 11:20:11 +01:00
cris License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
frv License cleanup: add SPDX license identifier to uapi header files with a license 2017-11-02 11:20:11 +01:00
h8300 License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
hexagon License cleanup: add SPDX license identifier to uapi header files with a license 2017-11-02 11:20:11 +01:00
ia64 Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2017-11-05 12:14:50 -08:00
m32r License cleanup: add SPDX license identifier to uapi header files with a license 2017-11-02 11:20:11 +01:00
m68k License cleanup: add SPDX license identifier to uapi header files with a license 2017-11-02 11:20:11 +01:00
metag License cleanup: add SPDX license identifier to uapi header files with a license 2017-11-02 11:20:11 +01:00
microblaze License cleanup: add SPDX license identifier to uapi header files with a license 2017-11-02 11:20:11 +01:00
mips MIPS fixes for 4.14 2017-11-04 11:31:02 -07:00
mn10300 License cleanup: add SPDX license identifier to uapi header files with a license 2017-11-02 11:20:11 +01:00
nios2 License cleanup: add SPDX license identifier to uapi header files with a license 2017-11-02 11:20:11 +01:00
openrisc License cleanup: add SPDX license identifier to uapi header files with a license 2017-11-02 11:20:11 +01:00
parisc License cleanup: add SPDX license identifier to uapi header files with a license 2017-11-02 11:20:11 +01:00
powerpc resource: Provide resource struct in resource walk callback 2017-11-07 15:35:57 +01:00
s390 License cleanup: add SPDX license identifiers to some files 2017-11-02 10:04:46 -07:00
score License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
sh License cleanup: add SPDX license identifier to uapi header files with a license 2017-11-02 11:20:11 +01:00
sparc License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
tile Merge git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile 2017-11-03 10:36:43 -07:00
um License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
unicore32 License cleanup: add SPDX license identifier to uapi header files with a license 2017-11-02 11:20:11 +01:00
x86 x86/boot: Add early boot support when running with SEV active 2017-11-07 15:35:58 +01:00
xtensa License cleanup: add SPDX license identifier to uapi header files with a license 2017-11-02 11:20:11 +01:00
.gitignore
Kconfig License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00