• Tom Lendacky's avatar
    x86/sev: Use kernel provided SVSM Calling Areas · 34ff6590
    Tom Lendacky authored
    The SVSM Calling Area (CA) is used to communicate between Linux and the
    SVSM. Since the firmware supplied CA for the BSP is likely to be in
    reserved memory, switch off that CA to a kernel provided CA so that access
    and use of the CA is available during boot. The CA switch is done using
    the SVSM core protocol SVSM_CORE_REMAP_CA call.
    
    An SVSM call is executed by filling out the SVSM CA and setting the proper
    register state as documented by the SVSM protocol. The SVSM is invoked by
    by requesting the hypervisor to run VMPL0.
    
    Once it is safe to allocate/reserve memory, allocate a CA for each CPU.
    After allocating the new CAs, the BSP will switch from the boot CA to the
    per-CPU CA. The CA for an AP is identified to the SVSM when creating the
    VMSA in preparation for booting the AP.
    
      [ bp: Heavily simplify svsm_issue_call() asm, other touchups. ]
    Signed-off-by: default avatarTom Lendacky <thomas.lendacky@amd.com>
    Signed-off-by: default avatarBorislav Petkov (AMD) <bp@alien8.de>
    Link: https://lore.kernel.org/r/fa8021130bcc3bcf14d722a25548cb0cdf325456.1717600736.git.thomas.lendacky@amd.com
    34ff6590
sev.c 60.1 KB