• Brijesh Singh's avatar
    x86/sev: Check SEV-SNP features support · cbd3d4f7
    Brijesh Singh authored
    Version 2 of the GHCB specification added the advertisement of features
    that are supported by the hypervisor. If the hypervisor supports SEV-SNP
    then it must set the SEV-SNP features bit to indicate that the base
    functionality is supported.
    
    Check that feature bit while establishing the GHCB; if failed, terminate
    the guest.
    
    Version 2 of the GHCB specification adds several new Non-Automatic Exits
    (NAEs), most of them are optional except the hypervisor feature. Now
    that the hypervisor feature NAE is implemented, bump the GHCB maximum
    supported protocol version.
    
    While at it, move the GHCB protocol negotiation check from the #VC
    exception handler to sev_enable() so that all feature detection happens
    before the first #VC exception.
    
    While at it, document why the GHCB page cannot be setup from
    load_stage2_idt().
    
      [ bp: Massage commit message. ]
    Signed-off-by: default avatarBrijesh Singh <brijesh.singh@amd.com>
    Signed-off-by: default avatarBorislav Petkov <bp@suse.de>
    Link: https://lore.kernel.org/r/20220307213356.2797205-13-brijesh.singh@amd.com
    cbd3d4f7
sev.c 5.45 KB