• Tom Lendacky's avatar
    KVM: SEV: Support SEV-SNP AP Creation NAE event · e366f92e
    Tom Lendacky authored
    Add support for the SEV-SNP AP Creation NAE event. This allows SEV-SNP
    guests to alter the register state of the APs on their own. This allows
    the guest a way of simulating INIT-SIPI.
    
    A new event, KVM_REQ_UPDATE_PROTECTED_GUEST_STATE, is created and used
    so as to avoid updating the VMSA pointer while the vCPU is running.
    
    For CREATE
      The guest supplies the GPA of the VMSA to be used for the vCPU with
      the specified APIC ID. The GPA is saved in the svm struct of the
      target vCPU, the KVM_REQ_UPDATE_PROTECTED_GUEST_STATE event is added
      to the vCPU and then the vCPU is kicked.
    
    For CREATE_ON_INIT:
      The guest supplies the GPA of the VMSA to be used for the vCPU with
      the specified APIC ID the next time an INIT is performed. The GPA is
      saved in the svm struct of the target vCPU.
    
    For DESTROY:
      The guest indicates it wishes to stop the vCPU. The GPA is cleared
      from the svm struct, the KVM_REQ_UPDATE_PROTECTED_GUEST_STATE event is
      added to vCPU and then the vCPU is kicked.
    
    The KVM_REQ_UPDATE_PROTECTED_GUEST_STATE event handler will be invoked
    as a result of the event or as a result of an INIT. If a new VMSA is to
    be installed, the VMSA guest page is set as the VMSA in the vCPU VMCB
    and the vCPU state is set to KVM_MP_STATE_RUNNABLE. If a new VMSA is not
    to be installed, the VMSA is cleared in the vCPU VMCB and the vCPU state
    is set to KVM_MP_STATE_HALTED to prevent it from being run.
    Signed-off-by: default avatarTom Lendacky <thomas.lendacky@amd.com>
    Co-developed-by: default avatarMichael Roth <michael.roth@amd.com>
    Signed-off-by: default avatarMichael Roth <michael.roth@amd.com>
    Signed-off-by: default avatarBrijesh Singh <brijesh.singh@amd.com>
    Signed-off-by: default avatarAshish Kalra <ashish.kalra@amd.com>
    Message-ID: <20240501085210.2213060-13-michael.roth@amd.com>
    Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
    e366f92e
sev.c 120 KB