Re: [patch] x86/smpboot: Disable parallel bootup if cc_vendor != NONE

From: Tom Lendacky
Date: Tue May 30 2023 - 17:14:09 EST

On 5/30/23 15:39, Thomas Gleixner wrote:
On Tue, May 30 2023 at 15:03, Tom Lendacky wrote:
On 5/30/23 14:51, Thomas Gleixner wrote:
That aside. From a semantical POV making this decision about parallel
bootup based on some magic CC encryption attribute is questionable.

I'm tending to just do the below and make this CC agnostic (except that
I couldn't find the right spot for SEV-ES to clear that flag.)

Maybe in sme_sev_setup_real_mode() in arch/x86/realmode/init.c? You could
clear the flag within the CC_ATTR_GUEST_STATE_ENCRYPT check.


Can we please have a AMD SEV-ES init specific place and not hijack some
random code which has to check CC_ATTR_GUEST_STATE_ENCRYPT?

As long as it's not too early, you could try sme_early_init() in arch/x86/mm/mem_encrypt_amd.c. Add a check for sev_status & MSR_AMD64_SEV_ES_ENABLED and clear the flag.