Lines Matching +full:guest +full:- +full:side
1 // SPDX-License-Identifier: GPL-2.0
10 * headers in the pre-decompression code in a way that does not break
20 #include <asm/msr-index.h>
33 * Copy a version of this function here - insn-eval.c can't be used in
34 * pre-decompression code.
52 * Only a dummy for insn_get_seg_base() - Early boot-code is 64bit only and
82 memcpy(buffer, (unsigned char *)ctxt->regs->ip, MAX_INSN_SIZE); in vc_decode_insn()
84 ret = insn_decode(&ctxt->insn, buffer, MAX_INSN_SIZE, INSN_MODE_64); in vc_decode_insn()
155 } while (ret == -EAGAIN); in svsm_perform_call_protocol()
173 * If private -> shared then invalidate the page before requesting the in __page_state_change()
219 /* SNP guest requires the GHCB GPA must be registered */ in early_setup_ghcb()
233 hdr = &desc->hdr; in __snp_accept_memory()
236 e = desc->entries; in __snp_accept_memory()
240 hdr->end_entry = i; in __snp_accept_memory()
242 e->gfn = pa >> PAGE_SHIFT; in __snp_accept_memory()
243 e->operation = SNP_PAGE_STATE_PRIVATE; in __snp_accept_memory()
244 if (IS_ALIGNED(pa, PMD_SIZE) && (pa_end - pa) >= PMD_SIZE) { in __snp_accept_memory()
245 e->pagesize = RMP_PG_SIZE_2M; in __snp_accept_memory()
248 e->pagesize = RMP_PG_SIZE_4K; in __snp_accept_memory()
284 error("SEV-ES CPU Features missing."); in sev_es_shutdown_ghcb()
306 * Mark it non-present now to catch bugs when #VC exceptions trigger in sev_es_shutdown_ghcb()
378 * guest side implementation for proper functioning of the guest. If any
379 * of these features are enabled in the hypervisor but are lacking guest
380 * side implementation, the behavior of the guest will be undefined. The
381 * guest could fail in non-obvious way making it difficult to debug.
384 * safe side add them to the required features mask.
401 * by the guest kernel. As and when a new feature is implemented in the
402 * guest kernel, a corresponding bit should be added to the mask.
420 * guest side implementation. Pass on the unsupported features mask through in snp_check_features()
422 * as part of the guest boot failure. in snp_check_features()
455 * - via an entry in the EFI config table
456 * - via a setup_data structure, as defined by the Linux Boot Protocol
473 if (cc_info->magic != CC_BLOB_SEV_HDR_MAGIC) in find_cc_blob()
480 * Indicate SNP based on presence of SNP-specific CC blob. Subsequent checks
495 * If a SNP-specific Confidential Computing blob is present, then in early_snp_init()
504 * Record the SVSM Calling Area (CA) address if the guest is not in early_snp_init()
511 * Pass run-time kernel a pointer to CC info via boot_params so EFI in early_snp_init()
515 bp->cc_blob_address = (u32)(unsigned long)cc_info; in early_snp_init()
521 * sev_check_cpu_support - Check for SEV support in the CPU capabilities
535 return -ENODEV; in sev_check_cpu_support()
540 * - Bit 0 - Secure Memory Encryption support in sev_check_cpu_support()
541 * - Bit 1 - Secure Encrypted Virtualization support in sev_check_cpu_support()
543 * - Bits 5:0 - Pagetable bit position used to indicate encryption in sev_check_cpu_support()
550 return -ENODEV; in sev_check_cpu_support()
562 * bp->cc_blob_address should only be set by boot/compressed kernel. in sev_enable()
567 bp->cc_blob_address = 0; in sev_enable()
574 * If the HV fakes SEV support, the guest will crash'n'burn in sev_enable()
582 * Setup/preliminary detection of SNP. This will be sanity-checked in sev_enable()
592 error("SEV-SNP support indicated by CC blob, but not CPUID."); in sev_enable()
596 /* Set the SME mask if this is an SEV guest. */ in sev_enable()
625 * page. If the guest is running at VMPL0, this will succeed. If the in sev_enable()
626 * guest is running at any other VMPL, this will fail. Linux SNP guests in sev_enable()
628 * lesser-privileged VMPL are a don't-care. in sev_enable()
642 error("SEV-SNP supported indicated by CC blob, but not SEV status MSR."); in sev_enable()
648 * sev_get_status - Retrieve the SEV status mask
668 * kernel to find the in-memory CPUID table to handle CPUID in sev_prep_identity_maps()
669 * instructions. Make sure an identity-mapping exists so it can be in sev_prep_identity_maps()
673 unsigned long cc_info_pa = boot_params_ptr->cc_blob_address; in sev_prep_identity_maps()
679 kernel_add_identity_map(cc_info->cpuid_phys, cc_info->cpuid_phys + cc_info->cpuid_len); in sev_prep_identity_maps()