Re: [RFC 01/14] x86/apic: Add new driver for Secure AVIC
From: Neeraj Upadhyay
Date: Tue Oct 08 2024 - 21:57:28 EST
On 10/9/2024 12:45 AM, Borislav Petkov wrote:
> On Fri, Sep 13, 2024 at 05:06:52PM +0530, Neeraj Upadhyay wrote:
>> diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c
>> index cd44e120fe53..ec038be0a048 100644
>> --- a/arch/x86/boot/compressed/sev.c
>> +++ b/arch/x86/boot/compressed/sev.c
>> @@ -394,6 +394,7 @@ void do_boot_stage2_vc(struct pt_regs *regs, unsigned long exit_code)
>> MSR_AMD64_SNP_VMSA_REG_PROT | \
>> MSR_AMD64_SNP_RESERVED_BIT13 | \
>> MSR_AMD64_SNP_RESERVED_BIT15 | \
>> + MSR_AMD64_SNP_SECURE_AVIC_ENABLED | \
>> MSR_AMD64_SNP_RESERVED_MASK)
>>
>> /*
>
> Shouldn't this hunk be in the last patch of the series, after all the sAVIC
> enablement has happened?
>
As SECURE_AVIC feature is not supported (as reported by snp_get_unsupported_features())
by guest at this patch in the series, it is added to SNP_FEATURES_IMPL_REQ here. The bit
value within SNP_FEATURES_IMPL_REQ hasn't changed with this change as the same bit pos
was part of MSR_AMD64_SNP_RESERVED_MASK before this patch. In patch 14 SECURE_AVIC guest
support is indicated by guest.
- Neeraj