Commit d4bc3b11 authored by Borislav Petkov (AMD)'s avatar Borislav Petkov (AMD)
Browse files

x86/apic/savic: Do not use snp_abort() 



This function is going away so replace the callsites with the equivalent
functionality. Add a new SAVIC-specific termination reason. If more
granularity is needed there, it will be revisited in the future.

Signed-off-by: default avatarBorislav Petkov (AMD) <bp@alien8.de>
parent 27a17e02

arch/x86/coco/sev/core.c

+2 −2
Original line number Diff line number Diff line
@@ -1129,7 +1129,7 @@ u64 savic_ghcb_msr_read(u32 reg) 
	if (res != ES_OK) {

		pr_err("Secure AVIC MSR (0x%llx) read returned error (%d)\n", msr, res);

		/* MSR read failures are treated as fatal errors */

		snp_abort();

		sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_SAVIC_FAIL);

	}



	__sev_put_ghcb(&state);
@@ -1159,7 +1159,7 @@ void savic_ghcb_msr_write(u32 reg, u64 value) 
	if (res != ES_OK) {

		pr_err("Secure AVIC MSR (0x%llx) write returned error (%d)\n", msr, res);

		/* MSR writes should never fail. Any failure is fatal error for SNP guest */

		snp_abort();

		sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_SAVIC_FAIL);

	}



	__sev_put_ghcb(&state);

arch/x86/include/asm/sev-common.h

+1 −0
Original line number Diff line number Diff line
@@ -208,6 +208,7 @@ struct snp_psc_desc { 
#define GHCB_TERM_SVSM_CAA		9	/* SVSM is present but CAA is not page aligned */

#define GHCB_TERM_SECURE_TSC		10	/* Secure TSC initialization failed */

#define GHCB_TERM_SVSM_CA_REMAP_FAIL	11	/* SVSM is present but CA could not be remapped */

#define GHCB_TERM_SAVIC_FAIL		12	/* Secure AVIC-specific failure */



#define GHCB_RESP_CODE(v)		((v) & GHCB_MSR_INFO_MASK)

arch/x86/kernel/apic/x2apic_savic.c

+3 −3
Original line number Diff line number Diff line
@@ -363,7 +363,7 @@ static void savic_setup(void) 
	 */

	res = savic_register_gpa(gpa);

	if (res != ES_OK)

		snp_abort();

		sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_SAVIC_FAIL);



	native_wrmsrq(MSR_AMD64_SAVIC_CONTROL,

		      gpa | MSR_AMD64_SAVIC_EN | MSR_AMD64_SAVIC_ALLOWEDNMI);
@@ -376,13 +376,13 @@ static int savic_probe(void) 


	if (!x2apic_mode) {

		pr_err("Secure AVIC enabled in non x2APIC mode\n");

		snp_abort();

		sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_SAVIC_FAIL);

		/* unreachable */

	}



	savic_page = alloc_percpu(struct secure_avic_page);

	if (!savic_page)

		snp_abort();

		sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_SAVIC_FAIL);



	return 1;

}