Received: by 2002:a25:ef43:0:0:0:0:0 with SMTP id w3csp367470ybm; Fri, 29 May 2020 02:06:57 -0700 (PDT) X-Google-Smtp-Source: ABdhPJz0JUJu9waz8aTppk+5Zu7r0diLVyAblLrpEjv9hqN4yhRgJnwaDBCmxDSHMH5Oxi1EzZYc X-Received: by 2002:aa7:d158:: with SMTP id r24mr1440975edo.272.1590743217348; Fri, 29 May 2020 02:06:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1590743217; cv=none; d=google.com; s=arc-20160816; b=DQKWVbkdKYzXsihFGa3jS3ryxa+fOEMUGTv3C632Bh2qUz3XILtK8zJmU85zeYttb/ tB23UmZ0W0RSR6sKsFScRnTAaB5Xzw8tUjyUo1gTzZs0GiKoPHPS+XR1R8x0GRy9lRci FBd06b1rG0ZnaGoLU4bvRdQo5GhyX6UfN38SIRdhst2/ObKA8gaKigtWieJeIbElcklT p8JW+ACHOfLqv4sI8KqgpyRt3/xl5XLHlITSYLFVKB6B2m+D6mFDQAdOO0WyrD92Pc42 j8fP6jq2Fk6x5P9zUM38n5Wcusd8nypijhDYRSaycocuo636oq6uoSH5woUTV+soVdmN kFcQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=YgI+deux/7QqPwTMEpnAWUAEJvChvf4UJKUuseczbb4=; b=JOPgsxl1WCHlgYb6zed8GzUYx0JBXV4L9LM5nRn9hYZzAZDlUFPq7S5C9GSXi/dG7Z imXUJX9t8VMbsM9JeCb0sJAfx+SDKlOFjFc2ziJ97fb/vPlVzWCMpgYPw7Yo11KsGJe+ jOjBEsUKwBFfQraS0ay5RQAPv9XssWxFeILJ0vtY8Fhub3ZUKwC9JWztTgXtNuG41+Hq Z32TCgZlF+bMnDoFrHdwmDRHuvMllouhPSdUdk+06Ifcu0XcrPV3YlWMHW5hDsMgycKV vPTWfz01GWVLdBOl2AFCCSx2ZGsSFPCb9JED1zs+HAsShYAdRZTIjjrdtqAIOnAVXZW4 7pBw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=PvGwZ3rY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id d6si5459131ejt.703.2020.05.29.02.06.33; Fri, 29 May 2020 02:06:57 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=PvGwZ3rY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726495AbgE2JCa (ORCPT + 99 others); Fri, 29 May 2020 05:02:30 -0400 Received: from mail.skyhub.de ([5.9.137.197]:44990 "EHLO mail.skyhub.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725601AbgE2JC3 (ORCPT ); Fri, 29 May 2020 05:02:29 -0400 Received: from zn.tnic (p200300ec2f0f5e00e15a1b2e1d2ace20.dip0.t-ipconnect.de [IPv6:2003:ec:2f0f:5e00:e15a:1b2e:1d2a:ce20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 35F751EC03D2; Fri, 29 May 2020 11:02:28 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=dkim; t=1590742948; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:in-reply-to:in-reply-to: references:references; bh=YgI+deux/7QqPwTMEpnAWUAEJvChvf4UJKUuseczbb4=; b=PvGwZ3rYkyScKSVfHSnOMSijlVOIzSrLpHiSrsUElDG4vAzwAYEsx6De23tXnYVphT6ZgT Dr4h4i5vlcTx2lq79mmX7QhWu+2bY+eytnB7asc3JQXZjR8YwcsapWBxZvRxBUX7Wwrh7X U2INYoyOAHuXtTHPwVuZtStgsNeMBEs= Date: Fri, 29 May 2020 11:02:22 +0200 From: Borislav Petkov To: Joerg Roedel Cc: x86@kernel.org, hpa@zytor.com, Andy Lutomirski , Dave Hansen , Peter Zijlstra , Jiri Slaby , Dan Williams , Tom Lendacky , Juergen Gross , Kees Cook , David Rientjes , Cfir Cohen , Erdem Aktas , Masami Hiramatsu , Mike Stunes , Joerg Roedel , linux-kernel@vger.kernel.org, kvm@vger.kernel.org, virtualization@lists.linux-foundation.org Subject: Re: [PATCH v3 69/75] x86/realmode: Setup AP jump table Message-ID: <20200529090222.GA9011@zn.tnic> References: <20200428151725.31091-1-joro@8bytes.org> <20200428151725.31091-70-joro@8bytes.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20200428151725.31091-70-joro@8bytes.org> User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Apr 28, 2020 at 05:17:19PM +0200, Joerg Roedel wrote: > From: Tom Lendacky > > Setup the AP jump table to point to the SEV-ES trampoline code so that > the APs can boot. Tom, in his laconic way, doesn't want to explain to us why is this even needed... :) /me reads the code /me reads the GHCB spec aha, it gets it from the HV. And it can be set by the guest too... So how about expanding that commit message as to why this is done, why needed, etc? Thx. > diff --git a/arch/x86/realmode/init.c b/arch/x86/realmode/init.c > index 262f83cad355..1c5cbfd102d5 100644 > --- a/arch/x86/realmode/init.c > +++ b/arch/x86/realmode/init.c > @@ -9,6 +9,7 @@ > #include > #include > #include > +#include > > struct real_mode_header *real_mode_header; > u32 *trampoline_cr4_features; > @@ -107,6 +108,11 @@ static void __init setup_real_mode(void) > if (sme_active()) > trampoline_header->flags |= TH_FLAGS_SME_ACTIVE; > > + if (sev_es_active()) { > + if (sev_es_setup_ap_jump_table(real_mode_header)) > + panic("Failed to update SEV-ES AP Jump Table"); > + } > + So this function gets slowly sprinkled with if (sev-something) bla Please wrap at least those last two into a sev_setup_real_mode() or so. -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette