[RFC 13/14] x86/apic: Enable Secure AVIC in Control MSR

From: Neeraj Upadhyay
Date: Fri Sep 13 2024 - 07:41:36 EST

Next message: Oleg Nesterov: "Re: [PATCHv3 1/7] uprobe: Add support for session consumer"
Previous message: Neeraj Upadhyay: "[RFC 12/14] x86/sev: Enable NMI support for Secure AVIC"
In reply to: Neeraj Upadhyay: "[RFC 12/14] x86/sev: Enable NMI support for Secure AVIC"
Next in thread: Neeraj Upadhyay: "[RFC 14/14] x86/sev: Indicate SEV-SNP guest supports Secure AVIC"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

With all the pieces in place now, enable Secure AVIC in Secure
AVIC Control MSR. Any access to x2APIC MSRs are emulated by
hypervisor before Secure AVIC is enabled in the Control MSR.
Post Secure AVIC enablement, all x2APIC MSR accesses (whether
accelerated by AVIC hardware or trapped as #VC exception) operate
on guest APIC backing page.

Signed-off-by: Neeraj Upadhyay <Neeraj.Upadhyay@xxxxxxx>
---
arch/x86/kernel/apic/x2apic_savic.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/x86/kernel/apic/x2apic_savic.c b/arch/x86/kernel/apic/x2apic_savic.c
index 321b3678e26f..a3f0ddc6b5b6 100644
--- a/arch/x86/kernel/apic/x2apic_savic.c
+++ b/arch/x86/kernel/apic/x2apic_savic.c
@@ -406,7 +406,7 @@ static void x2apic_savic_setup(void)
ret = sev_notify_savic_gpa(gpa);
if (ret != ES_OK)
snp_abort();
- savic_wr_control_msr(gpa | MSR_AMD64_SECURE_AVIC_ALLOWEDNMI);
+ savic_wr_control_msr(gpa | MSR_AMD64_SECURE_AVIC_EN | MSR_AMD64_SECURE_AVIC_ALLOWEDNMI);
this_cpu_write(savic_setup_done, true);
}

--
2.34.1

Next message: Oleg Nesterov: "Re: [PATCHv3 1/7] uprobe: Add support for session consumer"
Previous message: Neeraj Upadhyay: "[RFC 12/14] x86/sev: Enable NMI support for Secure AVIC"
In reply to: Neeraj Upadhyay: "[RFC 12/14] x86/sev: Enable NMI support for Secure AVIC"
Next in thread: Neeraj Upadhyay: "[RFC 14/14] x86/sev: Indicate SEV-SNP guest supports Secure AVIC"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]