Re: [PATCH v8 01/40] x86/compressed/64: detect/setup SEV/SME features earlier in boot

[Dave Hansen]

On 12/10/21 11:12 AM, Borislav Petkov wrote:
> On Fri, Dec 10, 2021 at 09:42:53AM -0600, Brijesh Singh wrote:
>> @@ -447,6 +446,23 @@ SYM_CODE_START(startup_64)
>>  	call	load_stage1_idt
>>  	popq	%rsi
>>  
>> +#ifdef CONFIG_AMD_MEM_ENCRYPT
> 
> I guess that ifdeffery is not needed.

I think sev_enable() is only defined in arch/x86/boot/compressed/sev.c,
which is compiled via:

        vmlinux-objs-$(CONFIG_AMD_MEM_ENCRYPT) += $(obj)/sev.o

So I think we either need the #ifdef or a stub for sev_enable()
somewhere else.

>> +	/*
>> +	 * Now that the stage1 interrupt handlers are set up, #VC exceptions from
>> +	 * CPUID instructions can be properly handled for SEV-ES guests.
>> +	 *
>> +	 * For SEV-SNP, the CPUID table also needs to be set up in advance of any
>> +	 * CPUID instructions being issued, so go ahead and do that now via
>> +	 * sev_enable(), which will also handle the rest of the SEV-related
>> +	 * detection/setup to ensure that has been done in advance of any dependent
>> +	 * code.
>> +	 */
>> +	pushq	%rsi
>> +	movq	%rsi, %rdi		/* real mode address */
>> +	call	sev_enable
>> +	popq	%rsi
>> +#endif