Merge tag 'x86_urgent_for_v6.5_rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip (43972cf2) · Commits · EulixOS / Software / Kernel

arch/x86/boot/compressed/idt_64.c

+8 −1

Original line number	Diff line number	Diff line
		@@ -63,7 +63,14 @@ void load_stage2_idt(void)
		set_idt_entry(X86_TRAP_PF, boot_page_fault);

		#ifdef CONFIG_AMD_MEM_ENCRYPT
		/*
		* Clear the second stage #VC handler in case guest types
		* needing #VC have not been detected.
		*/
		if (sev_status & BIT(1))
		set_idt_entry(X86_TRAP_VC, boot_stage2_vc);
		else
		set_idt_entry(X86_TRAP_VC, NULL);
		#endif

		load_boot_idt(&boot_idt_desc);

+35 −2

Original line number	Diff line number	Diff line
		@@ -404,13 +404,46 @@ void sev_enable(struct boot_params *bp)
		if (bp)
		bp->cc_blob_address = 0;

		/*
		* Do an initial SEV capability check before snp_init() which
		* loads the CPUID page and the same checks afterwards are done
		* without the hypervisor and are trustworthy.
		*
		* If the HV fakes SEV support, the guest will crash'n'burn
		* which is good enough.
		*/

		/* Check for the SME/SEV support leaf */
		eax = 0x80000000;
		ecx = 0;
		native_cpuid(&eax, &ebx, &ecx, &edx);
		if (eax < 0x8000001f)
		return;

		/*
		* Check for the SME/SEV feature:
		* CPUID Fn8000_001F[EAX]
		* - Bit 0 - Secure Memory Encryption support
		* - Bit 1 - Secure Encrypted Virtualization support
		* CPUID Fn8000_001F[EBX]
		* - Bits 5:0 - Pagetable bit position used to indicate encryption
		*/
		eax = 0x8000001f;
		ecx = 0;
		native_cpuid(&eax, &ebx, &ecx, &edx);
		/* Check whether SEV is supported */
		if (!(eax & BIT(1)))
		return;

		/*
		* Setup/preliminary detection of SNP. This will be sanity-checked
		* against CPUID/MSR values later.
		*/
		snp = snp_init(bp);

		/* Check for the SME/SEV support leaf */
		/* Now repeat the checks with the SNP CPUID table. */

		/* Recheck the SME/SEV support leaf */
		eax = 0x80000000;
		ecx = 0;
		native_cpuid(&eax, &ebx, &ecx, &edx);
		@@ -418,7 +451,7 @@ void sev_enable(struct boot_params *bp)
		return;

		/*
		* Check for the SME/SEV feature:
		* Recheck for the SME/SEV feature:
		* CPUID Fn8000_001F[EAX]
		* - Bit 0 - Secure Memory Encryption support
		* - Bit 1 - Secure Encrypted Virtualization support

+2 −2

Original line number	Diff line number	Diff line
		@@ -299,8 +299,8 @@ static unsigned long vdso_addr(unsigned long start, unsigned len)

		/* Round the lowest possible end address up to a PMD boundary. */
		end = (start + len + PMD_SIZE - 1) & PMD_MASK;
		if (end >= TASK_SIZE_MAX)
		end = TASK_SIZE_MAX;
		if (end >= DEFAULT_MAP_WINDOW)
		end = DEFAULT_MAP_WINDOW;
		end -= len;

		if (end > start) {

+1 −1

Original line number	Diff line number	Diff line
		@@ -21,7 +21,7 @@
		#define FUNCTION_PADDING
		#endif

		#if (CONFIG_FUNCTION_ALIGNMENT > 8) && !defined(__DISABLE_EXPORTS) && !defined(BULID_VDSO)
		#if (CONFIG_FUNCTION_ALIGNMENT > 8) && !defined(__DISABLE_EXPORTS) && !defined(BUILD_VDSO)
		# define __FUNC_ALIGN __ALIGN; FUNCTION_PADDING
		#else
		# define __FUNC_ALIGN __ALIGN

+1 −1

Original line number	Diff line number	Diff line
		@@ -56,7 +56,7 @@

		#define GDT_ENTRY_INVALID_SEG 0

		#ifdef CONFIG_X86_32
		#if defined(CONFIG_X86_32) && !defined(BUILD_VDSO32_64)
		/*
		* The layout of the per-CPU GDT under Linux:
		*