Commit c8018325 authored by Neeraj Upadhyay's avatar Neeraj Upadhyay Committed by Borislav Petkov (AMD)
Browse files

x86/apic: Add kexec support for Secure AVIC 



Add a apic->teardown() callback to disable Secure AVIC before rebooting into
the new kernel. This ensures that the new kernel does not access the old APIC
backing page which was allocated by the previous kernel.

Such accesses can happen if there are any APIC accesses done during the guest
boot before Secure AVIC driver probe is done by the new kernel (as Secure AVIC
would have remained enabled in the Secure AVIC control MSR).

Signed-off-by: default avatarNeeraj Upadhyay <Neeraj.Upadhyay@amd.com>
Signed-off-by: default avatarBorislav Petkov (AMD) <bp@alien8.de>
Link: https://lore.kernel.org/20250828112008.209013-1-Neeraj.Upadhyay@amd.com
parent 43b6687a

arch/x86/coco/sev/core.c

+23 −0
Original line number Diff line number Diff line
@@ -1187,6 +1187,29 @@ enum es_result savic_register_gpa(u64 gpa) 
	return res;

}



enum es_result savic_unregister_gpa(u64 *gpa)

{

	struct ghcb_state state;

	struct es_em_ctxt ctxt;

	enum es_result res;

	struct ghcb *ghcb;



	guard(irqsave)();



	ghcb = __sev_get_ghcb(&state);

	vc_ghcb_invalidate(ghcb);



	ghcb_set_rax(ghcb, SVM_VMGEXIT_SAVIC_SELF_GPA);

	res = sev_es_ghcb_hv_call(ghcb, &ctxt, SVM_VMGEXIT_SAVIC,

				  SVM_VMGEXIT_SAVIC_UNREGISTER_GPA, 0);

	if (gpa && res == ES_OK)

		*gpa = ghcb->save.rbx;



	__sev_put_ghcb(&state);



	return res;

}



static void snp_register_per_cpu_ghcb(void)

{

	struct sev_es_runtime_data *data;

arch/x86/include/asm/apic.h

+1 −0
Original line number Diff line number Diff line
@@ -306,6 +306,7 @@ struct apic { 
	/* Probe, setup and smpboot functions */

	int	(*probe)(void);

	void	(*setup)(void);

	void	(*teardown)(void);

	int	(*acpi_madt_oem_check)(char *oem_id, char *oem_table_id);



	void	(*init_apic_ldr)(void);

arch/x86/include/asm/sev.h

+2 −0
Original line number Diff line number Diff line
@@ -534,6 +534,7 @@ int snp_svsm_vtpm_send_command(u8 *buffer); 
void __init snp_secure_tsc_prepare(void);

void __init snp_secure_tsc_init(void);

enum es_result savic_register_gpa(u64 gpa);

enum es_result savic_unregister_gpa(u64 *gpa);

u64 savic_ghcb_msr_read(u32 reg);

void savic_ghcb_msr_write(u32 reg, u64 value);
@@ -609,6 +610,7 @@ static inline int snp_svsm_vtpm_send_command(u8 *buffer) { return -ENODEV; } 
static inline void __init snp_secure_tsc_prepare(void) { }

static inline void __init snp_secure_tsc_init(void) { }

static inline enum es_result savic_register_gpa(u64 gpa) { return ES_UNSUPPORTED; }

static inline enum es_result savic_unregister_gpa(u64 *gpa) { return ES_UNSUPPORTED; }

static inline void savic_ghcb_msr_write(u32 reg, u64 value) { }

static inline u64 savic_ghcb_msr_read(u32 reg) { return 0; }

arch/x86/kernel/apic/apic.c

+3 −0
Original line number Diff line number Diff line
@@ -1170,6 +1170,9 @@ void disable_local_APIC(void) 
	if (!apic_accessible())

		return;



	if (apic->teardown)

		apic->teardown();



	apic_soft_disable();



#ifdef CONFIG_X86_32

arch/x86/kernel/apic/x2apic_savic.c

+8 −0
Original line number Diff line number Diff line
@@ -330,6 +330,13 @@ static void savic_eoi(void) 
	}

}



static void savic_teardown(void)

{

	/* Disable Secure AVIC */

	native_wrmsrq(MSR_AMD64_SAVIC_CONTROL, 0);

	savic_unregister_gpa(NULL);

}



static void savic_setup(void)

{

	void *ap = this_cpu_ptr(savic_page);
@@ -385,6 +392,7 @@ static struct apic apic_x2apic_savic __ro_after_init = { 
	.probe				= savic_probe,

	.acpi_madt_oem_check		= savic_acpi_madt_oem_check,

	.setup				= savic_setup,

	.teardown			= savic_teardown,



	.dest_mode_logical		= false,