From patchwork Fri Apr 4 08:29:23 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 878303 Received: from mail-wm1-f73.google.com (mail-wm1-f73.google.com [209.85.128.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6BBAA19924D for ; Fri, 4 Apr 2025 08:29:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1743755375; cv=none; b=rmYuwjAd0d/d+zZHksiBq8mN3rSgUQlC3rFNlAGurBUIOkuntzBHZQ0rlGSd1wHxvD8WNt0Iy7h/Tmajwfe3Q0lnR2d+Tg8JnumEr60OJY9sFfRkOAsi7ninKM2xtyrf9B4ORHm0hm5nJFfhBHy8dbDi1Prz4qUg+HVZBXFM2i0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1743755375; c=relaxed/simple; bh=5ihZOaXE5oCKVov2nIuHQmmdCvuzb5oZZi07YzW87G8=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=Az3Qwwb6rAdfNi1V26U5QffJZx9CewpEWSKCMbtUCngp8r4n22hg5xEm09Y+rvXHDjAMNptHuTYxxfDy4kYnoR0xlOA8BXjhLwL9WvVRcuGQnDQ0ZpNShUTaL/2lGVYPCCtytEq1VeCMvQ48FSE0PMuqHO8yI/hyhqvy7GUxFuU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=hSoafmL3; arc=none smtp.client-ip=209.85.128.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="hSoafmL3" Received: by mail-wm1-f73.google.com with SMTP id 5b1f17b1804b1-43ce245c5acso21053825e9.2 for ; Fri, 04 Apr 2025 01:29:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1743755372; x=1744360172; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=MNNs/vOxrBW2+fNw12dmqWnNPmh1/mCVwB6WN22RsMI=; b=hSoafmL3CXwmv7lNboS1TNLWiSeR3DVYWRWiGYKmsG0RGYcpOe1BR2ju2pqDIqdBTU DBsRdUJeP5wGU8XYCEjRlCAkqzRcsMNGxF2Y6dX3tgaODaAHQAm7Y0QxoMy2QzbNi+Dm zugb9QkDA8qtL2d85P+lLD0I85eKLEFCF6XYPXB3cmWLvXuRUbeSjiEl4GJAN5QvrYya Qc0RMXZlvmO7gZGMXy74+Zql5n+XjsmVogO38xNe73/t46js9VRNLt28TuMLhCTAQlj4 y490QOBAKl9yZIVolPWX3e0PigiqtxpvcGeX7QEBNrZWI/GeA2nrd+Ys/TlsX/gE1Kko w2WA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1743755372; x=1744360172; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=MNNs/vOxrBW2+fNw12dmqWnNPmh1/mCVwB6WN22RsMI=; b=wdBopNz89iKaYPnZ2pscqNt9Ggi5FYgL2FSbCnV5cLwgLiXO6aKMkJIFcr67RIOpeg 9g+agExMi90+p+z3gXANKnjuZyGyw/fQ6Z4fC/l/ZuhTvWkr9MxmM2DzbG1DUyiyI+iQ FPdGR4c1WGZA5FVtHwPAkBZFoP17TDnATPCjGe4BrC1BsOFfqFo2qENREWjgIhkN5ZzP cEsaP6jNIn80vZ3cnGizY6kj73ICsK5R2T2mBeW9KDmUyggxT1LYQlE9fAoPnlPP9h40 DOn5FRofsvS0nstUuOI7ZaN5OIg966N+kXAsCJMOM+0d2OStXNBolRxjbr0P65sf6ZSV N9+A== X-Gm-Message-State: AOJu0YwtqGq1bwFUyDoszAjjPS9Oq7799p94MvLsDEFMRfLND/1/OTA/ ngaU94rcs+MU2M5kwQ8LOK53+mQ2YtddltpjwUVQZuWKhxLYfk9ajooNlX9gZ6ff6RGrtbJQM7i uoZMklPWOrhpVic7C7PNiZUNjDb/r+O1wWZAJQtPvj0nRw/5lFzT5z26ok+TiknGj69Zf8U5gop gtS6+BhoBRk45DtsDBPLcgEKXEaA== X-Google-Smtp-Source: AGHT+IEFX6WXwWxTdMEAsk/jeVa821KRYjXGBbTt+rQOXeMu9ORLEVozZXQwvI7fjUd3eb7KFMh7SAG3 X-Received: from wmcq3.prod.google.com ([2002:a05:600c:c103:b0:43d:41a2:b768]) (user=ardb job=prod-delivery.src-stubby-dispatcher) by 2002:a05:600c:4e42:b0:43c:f629:66f3 with SMTP id 5b1f17b1804b1-43ed0c50af4mr19455825e9.18.1743755371883; Fri, 04 Apr 2025 01:29:31 -0700 (PDT) Date: Fri, 4 Apr 2025 10:29:23 +0200 In-Reply-To: <20250404082921.2767593-5-ardb+git@google.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250404082921.2767593-5-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=4096; i=ardb@kernel.org; h=from:subject; bh=UZ+b8Yi8WQmsR+vt4vQblpJ9pbegiTibK3Qjm8rxJkE=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIf39jOSlH7mW11quljcWbpjquM1fNbCYp+VaLKfCMdd27 9SayXkdpSwMYhwMsmKKLAKz/77beXqiVK3zLFmYOaxMIEMYuDgFYCL7axj+B3ObdfPVSS9UfyTk eLZTLmXbDfWLKnv5m2f5N9u0yzg6MDKcbNA+VcJZpsETVp+tuVyi/+XaMt65Mso1QVv5UoU1uBg B X-Mailer: git-send-email 2.49.0.504.g3bcea36a83-goog Message-ID: <20250404082921.2767593-6-ardb+git@google.com> Subject: [PATCH v2 1/3] x86/boot: Move accept_memory() into decompressor From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, x86@kernel.org, Ard Biesheuvel , Tom Lendacky , "Kirill A. Shutemov" , Borislav Petkov , Dionna Amalie Glaze , Kevin Loughlin From: Ard Biesheuvel accept_memory() is only called from the decompressor, and uses an API that will become specific to the decompressor as well, given that the EFI stub will need to switch to a special memory acceptance API that can be called while running in the firmware context with the firmware's page tables. So move the function into arch/x86/boot/compressed/mem.c Signed-off-by: Ard Biesheuvel --- arch/x86/boot/compressed/mem.c | 45 ++++++++++++++++++++ drivers/firmware/efi/libstub/unaccepted_memory.c | 45 -------------------- 2 files changed, 45 insertions(+), 45 deletions(-) diff --git a/arch/x86/boot/compressed/mem.c b/arch/x86/boot/compressed/mem.c index dbba332e4a12..6a888b80669e 100644 --- a/arch/x86/boot/compressed/mem.c +++ b/arch/x86/boot/compressed/mem.c @@ -84,3 +84,48 @@ bool init_unaccepted_memory(void) return true; } + +void accept_memory(phys_addr_t start, unsigned long size) +{ + unsigned long range_start, range_end; + phys_addr_t end = start + size; + unsigned long bitmap_size; + u64 unit_size; + + if (!unaccepted_table) + return; + + unit_size = unaccepted_table->unit_size; + + /* + * Only care for the part of the range that is represented + * in the bitmap. + */ + if (start < unaccepted_table->phys_base) + start = unaccepted_table->phys_base; + if (end < unaccepted_table->phys_base) + return; + + /* Translate to offsets from the beginning of the bitmap */ + start -= unaccepted_table->phys_base; + end -= unaccepted_table->phys_base; + + /* Make sure not to overrun the bitmap */ + if (end > unaccepted_table->size * unit_size * BITS_PER_BYTE) + end = unaccepted_table->size * unit_size * BITS_PER_BYTE; + + range_start = start / unit_size; + bitmap_size = DIV_ROUND_UP(end, unit_size); + + for_each_set_bitrange_from(range_start, range_end, + unaccepted_table->bitmap, bitmap_size) { + unsigned long phys_start, phys_end; + + phys_start = range_start * unit_size + unaccepted_table->phys_base; + phys_end = range_end * unit_size + unaccepted_table->phys_base; + + arch_accept_memory(phys_start, phys_end); + bitmap_clear(unaccepted_table->bitmap, + range_start, range_end - range_start); + } +} diff --git a/drivers/firmware/efi/libstub/unaccepted_memory.c b/drivers/firmware/efi/libstub/unaccepted_memory.c index 757dbe734a47..02040bd6a330 100644 --- a/drivers/firmware/efi/libstub/unaccepted_memory.c +++ b/drivers/firmware/efi/libstub/unaccepted_memory.c @@ -176,48 +176,3 @@ void process_unaccepted_memory(u64 start, u64 end) bitmap_set(unaccepted_table->bitmap, start / unit_size, (end - start) / unit_size); } - -void accept_memory(phys_addr_t start, unsigned long size) -{ - unsigned long range_start, range_end; - phys_addr_t end = start + size; - unsigned long bitmap_size; - u64 unit_size; - - if (!unaccepted_table) - return; - - unit_size = unaccepted_table->unit_size; - - /* - * Only care for the part of the range that is represented - * in the bitmap. - */ - if (start < unaccepted_table->phys_base) - start = unaccepted_table->phys_base; - if (end < unaccepted_table->phys_base) - return; - - /* Translate to offsets from the beginning of the bitmap */ - start -= unaccepted_table->phys_base; - end -= unaccepted_table->phys_base; - - /* Make sure not to overrun the bitmap */ - if (end > unaccepted_table->size * unit_size * BITS_PER_BYTE) - end = unaccepted_table->size * unit_size * BITS_PER_BYTE; - - range_start = start / unit_size; - bitmap_size = DIV_ROUND_UP(end, unit_size); - - for_each_set_bitrange_from(range_start, range_end, - unaccepted_table->bitmap, bitmap_size) { - unsigned long phys_start, phys_end; - - phys_start = range_start * unit_size + unaccepted_table->phys_base; - phys_end = range_end * unit_size + unaccepted_table->phys_base; - - arch_accept_memory(phys_start, phys_end); - bitmap_clear(unaccepted_table->bitmap, - range_start, range_end - range_start); - } -} From patchwork Fri Apr 4 08:29:24 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 879097 Received: from mail-wm1-f74.google.com (mail-wm1-f74.google.com [209.85.128.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 810E519924D for ; Fri, 4 Apr 2025 08:29:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1743755377; cv=none; b=OsfSGdqQRqSMuC4/SNHSdgY7i0NnROTzmCIrpjb9b8QxWkUobNqNKZyQBCgqWg4GEC5Z0hTGonx1C+Zc7+kdhOT+ifIqTa0cvs5e4CH0ICbBKPgqqCLqDuwUuV1rWyVbOg5PYeT6ORSaOe1dq5eNYIEL753SYl3NxuKOe2m6OEk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1743755377; c=relaxed/simple; bh=CUYtQcUJjqD/0qbbx6y1aire71Oowdr+5/jf1s0Zshs=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=K6cIK7EEsYZV7E5mER6j3LtQp1KpGfX5nSa+/HnCVEtN3usRFI7mWAeQhHwLyhEie7HWuEXiLw/+yrZ2L9QQwH+iEhEO2YpFzoDWMEr76dKIw5DU+vsN+GMIUWJ/WRHN/O5GXsfYQh6/V+2b50xoh5qyQZ0efArr+yov0zsYrGw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=jDJ80Esq; arc=none smtp.client-ip=209.85.128.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="jDJ80Esq" Received: by mail-wm1-f74.google.com with SMTP id 5b1f17b1804b1-43ceb011ea5so11936475e9.2 for ; Fri, 04 Apr 2025 01:29:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1743755374; x=1744360174; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=+Fs3rumgXYlNdIo0aPoSPqrWy63NrFhU04t96nvkXVE=; b=jDJ80Esq/bdEQSBLUoJuLFY5BVSg7tbO31LgcYWnDg2VgIupb+9C1nEu69YfxRi4pG qM4Wc3bi5S6Ts+Tr3F0Uqc2s+7Wqzgr+pERu67INSxiCp8lKzr4F7B1ynELaT1lZifJu AVOWjCOLsoSLJB2J/R+g5l1j4bTBh1KBuMAjJCbBBPY3VdZtwXxVMFW7tegIsyC3SbTE WsXfi+WCK8z6T4DqAL7tW11AFOqULWYLE1WXGheZVsvKtmgcakaSJNjLnXDZy5GVdtU+ hfFxBgaq7yBJ8q7pk4l4uv+7i04e59RJMQpFnnnLi2NumNyN/VhXWO/qzys1QNTg8/24 pswQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1743755374; x=1744360174; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=+Fs3rumgXYlNdIo0aPoSPqrWy63NrFhU04t96nvkXVE=; b=q4FR2UNEoejcO4wjQ2P++u0OTHMCFSOVQRLYAfHokhJPyfn/iTUK1q7s3p4qrYpSXX ed21n5z2qdQtzy16tFlFmeUnE3NsQ4tVkGKFjHw1DdIwMfGMOclhIepsyUur4KVpy+w0 WqjOdmazzmMdfiVphBThm1TsE/W19K3oksd4frVS+0LE3W0+8QFWDX6G15eSKZ6bvSRx mYU5jhl85GW4YU1FBDzrcI8h8l4YwmIVe9yU44RIDzByegCBsjviovlGoRZ+Si6gshdF UqlxedGXHm1sojnRSaVK3xXCwi8RCbSDY3ldsXNXdW/t8XKtlUYC5ZAyIM5NPv0izFow 4KxA== X-Gm-Message-State: AOJu0YygehRr0hZNsVLuW4rkTlcAbxUNKtOq4H2s2+epoMFCU5Pjqpjw bpURXXNT5U1DsBMBm3y1u+JXeaKXvtdYj1p+IzLAO4c8BlspC1j4JNmdV90gO6TG5Zp3sPhWoXF VXViyUtPznW8l0+q/l6vTNwLshqCKrIRDL9L4KIzzSnWUhO/lrm8UzLReNb2GE1VNud75Frs3Er GxlVc9qVCTASJ8rClUAPVwa297eg== X-Google-Smtp-Source: AGHT+IGykQasf+1H0ClSKYIvXLOSj5e5GSTKJXwp9D5dqminxf5F5O91uvLT25YsY0d5LKA66+W6hP+v X-Received: from wmog19.prod.google.com ([2002:a05:600c:3113:b0:43d:1c63:a630]) (user=ardb job=prod-delivery.src-stubby-dispatcher) by 2002:a05:600c:3494:b0:43c:efed:732c with SMTP id 5b1f17b1804b1-43ecfa0714emr17114135e9.28.1743755373919; Fri, 04 Apr 2025 01:29:33 -0700 (PDT) Date: Fri, 4 Apr 2025 10:29:24 +0200 In-Reply-To: <20250404082921.2767593-5-ardb+git@google.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250404082921.2767593-5-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=5396; i=ardb@kernel.org; h=from:subject; bh=BXF8E0AZdhhPev1MpXG0fcbAXL1mKRFgDJG1RHi4ock=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIf39jJRUppeHLyZ0aIe6aP/cte6O8r1i1nNVEkwGVv/d7 kf1lad0lLIwiHEwyIopsgjM/vtu5+mJUrXOs2Rh5rAygQxh4OIUgIkEmjAyLJCb+MvDtXF9qMBK oT1LNupOrDBrzY2fmeD51o6nK232V0aGkzzn+f8qt0YsT7/Q8dkzXuW9Lh8HG0vc3Z8ijjo7F1W zAwA= X-Mailer: git-send-email 2.49.0.504.g3bcea36a83-goog Message-ID: <20250404082921.2767593-7-ardb+git@google.com> Subject: [PATCH v2 2/3] x86/boot: Use separate API for memory acceptance in the EFI stub From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, x86@kernel.org, Ard Biesheuvel , Tom Lendacky , "Kirill A. Shutemov" , Borislav Petkov , Dionna Amalie Glaze , Kevin Loughlin From: Ard Biesheuvel The EFI stub runs in the execution context of the firmware, and even if the memory acceptance that occurs when constructing the E820 memory map after ExitBootServices(), it is still too early for SEV-SNP based memory acceptance to use the shared GHCB page, as this requires manipulating the firmware's live page tables. So implement the unaccepted memory processing locally in the EFI stub. The SEV-SNP handling will be updated in a subsequent patch. Signed-off-by: Ard Biesheuvel --- arch/x86/boot/compressed/mem.c | 2 +- drivers/firmware/efi/libstub/efistub.h | 3 +- drivers/firmware/efi/libstub/unaccepted_memory.c | 12 +++--- drivers/firmware/efi/libstub/x86-stub.c | 39 ++++++++++++++++++++ 4 files changed, 47 insertions(+), 9 deletions(-) diff --git a/arch/x86/boot/compressed/mem.c b/arch/x86/boot/compressed/mem.c index 6a888b80669e..caa3640fc2a0 100644 --- a/arch/x86/boot/compressed/mem.c +++ b/arch/x86/boot/compressed/mem.c @@ -32,7 +32,7 @@ static bool early_is_tdx_guest(void) return is_tdx; } -void arch_accept_memory(phys_addr_t start, phys_addr_t end) +static void arch_accept_memory(phys_addr_t start, phys_addr_t end) { /* Platform-specific memory-acceptance call goes here */ if (early_is_tdx_guest()) { diff --git a/drivers/firmware/efi/libstub/efistub.h b/drivers/firmware/efi/libstub/efistub.h index f5ba032863a9..88751d83f584 100644 --- a/drivers/firmware/efi/libstub/efistub.h +++ b/drivers/firmware/efi/libstub/efistub.h @@ -1231,8 +1231,7 @@ efi_zboot_entry(efi_handle_t handle, efi_system_table_t *systab); efi_status_t allocate_unaccepted_bitmap(__u32 nr_desc, struct efi_boot_memmap *map); void process_unaccepted_memory(u64 start, u64 end); -void accept_memory(phys_addr_t start, unsigned long size); -void arch_accept_memory(phys_addr_t start, phys_addr_t end); +void efistub_accept_memory(phys_addr_t start, phys_addr_t end); efi_status_t efi_zboot_decompress_init(unsigned long *alloc_size); efi_status_t efi_zboot_decompress(u8 *out, unsigned long outlen); diff --git a/drivers/firmware/efi/libstub/unaccepted_memory.c b/drivers/firmware/efi/libstub/unaccepted_memory.c index 02040bd6a330..4e90077ca797 100644 --- a/drivers/firmware/efi/libstub/unaccepted_memory.c +++ b/drivers/firmware/efi/libstub/unaccepted_memory.c @@ -118,7 +118,7 @@ void process_unaccepted_memory(u64 start, u64 end) * immediately accepted in its entirety. */ if (end - start < 2 * unit_size) { - arch_accept_memory(start, end); + efistub_accept_memory(start, end); return; } @@ -129,13 +129,13 @@ void process_unaccepted_memory(u64 start, u64 end) /* Immediately accept a phys_base) { - arch_accept_memory(start, - min(unaccepted_table->phys_base, end)); + efistub_accept_memory(start, + min(unaccepted_table->phys_base, end)); start = unaccepted_table->phys_base; } @@ -165,7 +165,7 @@ void process_unaccepted_memory(u64 start, u64 end) unaccepted_table->phys_base; phys_end = end + unaccepted_table->phys_base; - arch_accept_memory(phys_start, phys_end); + efistub_accept_memory(phys_start, phys_end); end = bitmap_size * unit_size * BITS_PER_BYTE; } diff --git a/drivers/firmware/efi/libstub/x86-stub.c b/drivers/firmware/efi/libstub/x86-stub.c index cafc90d4caaf..7d9cf473f4d0 100644 --- a/drivers/firmware/efi/libstub/x86-stub.c +++ b/drivers/firmware/efi/libstub/x86-stub.c @@ -17,6 +17,7 @@ #include #include #include +#include #include "efistub.h" #include "x86-stub.h" @@ -364,6 +365,44 @@ static void setup_unaccepted_memory(void) efi_err("Memory acceptance protocol failed\n"); } +#ifdef CONFIG_UNACCEPTED_MEMORY + +static bool efistub_is_tdx_guest(void) +{ + u32 eax = TDX_CPUID_LEAF_ID, sig[3] = {}; + + if (!IS_ENABLED(CONFIG_INTEL_TDX_GUEST)) + return false; + + native_cpuid(&eax, &sig[0], &sig[2], &sig[1]); + return !memcmp(TDX_IDENT, sig, sizeof(sig)); +} + +static bool efistub_is_sevsnp_guest(void) +{ + return sev_get_status() & MSR_AMD64_SEV_SNP_ENABLED; +} + +void efistub_accept_memory(phys_addr_t start, phys_addr_t end) +{ + static bool once, is_tdx, is_sevsnp; + + if (!once) { + if (efistub_is_tdx_guest()) + is_tdx = true; + else if (efistub_is_sevsnp_guest()) + is_sevsnp = true; + once = true; + } + + if (is_tdx) + tdx_accept_memory(start, end); + else if (is_sevsnp) + snp_accept_memory(start, end); +} + +#endif + static efi_char16_t *efistub_fw_vendor(void) { unsigned long vendor = efi_table_attr(efi_system_table, fw_vendor); From patchwork Fri Apr 4 08:29:25 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 878302 Received: from mail-wm1-f74.google.com (mail-wm1-f74.google.com [209.85.128.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 61B7219DF48 for ; Fri, 4 Apr 2025 08:29:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1743755379; cv=none; b=uv5CdgxuGayO2kd9HV1bT+nX6jRVf4x2Ghq4xlisZUCZJGLx4sJ4NL/BAxB1Bg3svthyhFxGyEi9qMfAfEEZ+Z2Ogrfm7o5KSsxggqQS+eAupV0imeglCF3EHxlLaLmv8JUkpD49f66+Xhejo/HQlv7q0HtAIcDXM/vSnyWtxlE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1743755379; c=relaxed/simple; bh=8JlQN5R7UYSavnitZVOOcgUDOcx5suieJDCNQGuz1vc=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=eapl+A4umPIG9YOkLdSrLMteOdmtoYFhEBVC5ZhTGIVI2dpxVQEhLbGx5z/hap5otYFHr/x5a6bKnbsviArJsXgi6mxMXKYdZRuH2TkF+WOzaAZIy9tNXV2yv5RVSXSpZKT5PX/IzLgNkXHCkLLBPkNIkDZHJSrKRzAvamJD6eY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=cLBGcfR8; arc=none smtp.client-ip=209.85.128.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="cLBGcfR8" Received: by mail-wm1-f74.google.com with SMTP id 5b1f17b1804b1-43d51bd9b41so14960985e9.3 for ; Fri, 04 Apr 2025 01:29:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1743755376; x=1744360176; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=77wmnRXZYKcuVinOOTSCjtNgLEdtAQ/ze2YYLzREikQ=; b=cLBGcfR8arwLMFIEMO5g0/HErnJC/qST6fqoENYP6Q2XmB20g5ZVqmMbiEQbQVJm8r rYeQ5EwrqF8YbsiQdaXNLJ/GVL8WE6WkjBYGVQTrJz6X3pHPnqrNI3IN3r1qnPq5GPy6 zz+v8e07KNlMQXZmKEPyJeSE/nNHyFrhBxpQiAl42yBkc9KNgHXufno9wx8i2bNANUlv pFLVdN7+rQCo/Uf8Qqx5lHv7ouSV3uE9kyEaKPvMtU/qWMCiXCxZiutrqB/MhM4aU/j4 26eyc+MPczcn9e7aY5uaF15t/y8iB8ED4lC0/V6sz5miJJt94ejSKKCewXjbsYcygPWT Or3A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1743755376; x=1744360176; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=77wmnRXZYKcuVinOOTSCjtNgLEdtAQ/ze2YYLzREikQ=; b=g8G1zz5SBoMObnCCv30ryoxBCnvICyUuso3WxXgFu1fCqPxBf5ybp3LrZ2Niu8/543 uSHbFgkHvtt96mQj83K0jmwz17Dex6rZFFAVYTtPr3LfJdZ1Zqlnmdp+CyssUKBB4LS9 ggNIwiJq9KYzU90xaF8cyu7ub7c44Aw4bhyLNOabPNQdmw2kmEquf1ZcHu5EHX5IK0jp XzvBJ8rmSwMney0ehM330RAwqilTttI6ODjijp6DjlfaL0vBSfdDJsR40jDkPPaCmtg2 Wc3oBdufX2umXAFgWoVx0y3/LSKPyoMu5hsHM7dYlo77Jh6eKcBPxhqh6+XHZV4DkNys qORw== X-Gm-Message-State: AOJu0Yyi68/92grnUF18/0FvQYWHNWK0fmMqQGsXC+zUK4BKUcwlxEQj 5H/BjViiUolDlfCnfbTs9eH/qT5vOEvmPTcLgyEQNJtU5BSJGvtVOiwG9nj/By3m4Un06zBwtmo G4jLlGGxt4cvoNuLGK/OQjKHSBESMJq2CENAqIxAdrXf2tmpW4hlQhqdYwymsj2wWtPmkFGLQX4 I0nkcLZ5Cegxp38twKogj4VmSzeQ== X-Google-Smtp-Source: AGHT+IE9Q44fWXDppms3q+uLZeZYVT9euOorhNGORhTF/Ogtb8hSb3mlIok0T+7OJIHJE7VCdiIMFWmF X-Received: from wmco7.prod.google.com ([2002:a05:600c:a307:b0:43c:fd99:1b7e]) (user=ardb job=prod-delivery.src-stubby-dispatcher) by 2002:a05:600c:1912:b0:43c:fcbc:9680 with SMTP id 5b1f17b1804b1-43ed0d98e11mr10813175e9.25.1743755375791; Fri, 04 Apr 2025 01:29:35 -0700 (PDT) Date: Fri, 4 Apr 2025 10:29:25 +0200 In-Reply-To: <20250404082921.2767593-5-ardb+git@google.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250404082921.2767593-5-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=4109; i=ardb@kernel.org; h=from:subject; bh=gU6xURlLYFEx9EzfjM9uVyI6mnhjSldn1tb1ZweMrPM=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIf39jNT1l+JaZF+l6cw8cmpZjmNTX6fNpFntT4UObMzSe Wa06GxfRykLgxgHg6yYIovA7L/vdp6eKFXrPEsWZg4rE8gQBi5OAZhIuAjD/8TFqiu2b/WaNXHK 90+Lm5Ne/FSrZut7m/DJ1ni+goDObQmG/76NtlWZJe/SGB9fTO440NU4Vepe8ZoDxRuF3sziCDh zjAUA X-Mailer: git-send-email 2.49.0.504.g3bcea36a83-goog Message-ID: <20250404082921.2767593-8-ardb+git@google.com> Subject: [PATCH v2 3/3] x86/boot: Implement early memory acceptance for SEV-SNP From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, x86@kernel.org, Ard Biesheuvel , Tom Lendacky , "Kirill A. Shutemov" , Borislav Petkov , Dionna Amalie Glaze , Kevin Loughlin From: Ard Biesheuvel Switch to a different API for accepting memory in SEV-SNP guests, one which is actually supported at the point during boot where the EFI stub may need to accept memory, but the SEV-SNP init code has not executed yet. Co-developed-by: Tom Lendacky Signed-off-by: Tom Lendacky Signed-off-by: Ard Biesheuvel --- arch/x86/boot/compressed/sev.c | 34 +++++++++++++++++--- drivers/firmware/efi/libstub/x86-stub.c | 4 ++- 2 files changed, 33 insertions(+), 5 deletions(-) diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c index bb55934c1cee..88100bf83ded 100644 --- a/arch/x86/boot/compressed/sev.c +++ b/arch/x86/boot/compressed/sev.c @@ -164,10 +164,7 @@ bool sev_snp_enabled(void) static void __page_state_change(unsigned long paddr, enum psc_op op) { - u64 val; - - if (!sev_snp_enabled()) - return; + u64 val, msr; /* * If private -> shared then invalidate the page before requesting the @@ -176,6 +173,9 @@ static void __page_state_change(unsigned long paddr, enum psc_op op) if (op == SNP_PAGE_STATE_SHARED) pvalidate_4k_page(paddr, paddr, false); + /* Save the current GHCB MSR value */ + msr = sev_es_rd_ghcb_msr(); + /* Issue VMGEXIT to change the page state in RMP table. */ sev_es_wr_ghcb_msr(GHCB_MSR_PSC_REQ_GFN(paddr >> PAGE_SHIFT, op)); VMGEXIT(); @@ -185,6 +185,9 @@ static void __page_state_change(unsigned long paddr, enum psc_op op) if ((GHCB_RESP_CODE(val) != GHCB_MSR_PSC_RESP) || GHCB_MSR_PSC_RESP_VAL(val)) sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_PSC); + /* Restore the GHCB MSR value */ + sev_es_wr_ghcb_msr(msr); + /* * Now that page state is changed in the RMP table, validate it so that it is * consistent with the RMP entry. @@ -195,11 +198,17 @@ static void __page_state_change(unsigned long paddr, enum psc_op op) void snp_set_page_private(unsigned long paddr) { + if (!sev_snp_enabled()) + return; + __page_state_change(paddr, SNP_PAGE_STATE_PRIVATE); } void snp_set_page_shared(unsigned long paddr) { + if (!sev_snp_enabled()) + return; + __page_state_change(paddr, SNP_PAGE_STATE_SHARED); } @@ -261,6 +270,11 @@ static phys_addr_t __snp_accept_memory(struct snp_psc_desc *desc, return pa; } +/* + * The memory acceptance support uses the boot GHCB page to perform + * the required page state change operation before validating the + * pages. + */ void snp_accept_memory(phys_addr_t start, phys_addr_t end) { struct snp_psc_desc desc = {}; @@ -275,6 +289,18 @@ void snp_accept_memory(phys_addr_t start, phys_addr_t end) pa = __snp_accept_memory(&desc, pa, end); } +/* + * The early version of memory acceptance is needed when being called + * from the EFI stub driver. The pagetable manipulation to mark the + * boot GHCB page as shared can't be performed at this stage, so use + * the GHCB page state change MSR protocol instead. + */ +void snp_accept_memory_early(phys_addr_t start, phys_addr_t end) +{ + for (phys_addr_t pa = start; pa < end; pa += PAGE_SIZE) + __page_state_change(pa, SNP_PAGE_STATE_PRIVATE); +} + void sev_es_shutdown_ghcb(void) { if (!boot_ghcb) diff --git a/drivers/firmware/efi/libstub/x86-stub.c b/drivers/firmware/efi/libstub/x86-stub.c index 7d9cf473f4d0..dcf436dea99e 100644 --- a/drivers/firmware/efi/libstub/x86-stub.c +++ b/drivers/firmware/efi/libstub/x86-stub.c @@ -383,6 +383,8 @@ static bool efistub_is_sevsnp_guest(void) return sev_get_status() & MSR_AMD64_SEV_SNP_ENABLED; } +void snp_accept_memory_early(phys_addr_t start, phys_addr_t end); + void efistub_accept_memory(phys_addr_t start, phys_addr_t end) { static bool once, is_tdx, is_sevsnp; @@ -398,7 +400,7 @@ void efistub_accept_memory(phys_addr_t start, phys_addr_t end) if (is_tdx) tdx_accept_memory(start, end); else if (is_sevsnp) - snp_accept_memory(start, end); + snp_accept_memory_early(start, end); } #endif