Under SEV, the pagetables needs to be post-processed to add the C-bit (to make the mapping encrypted). The guest is expected to query the C-bit through CPUID. However, under SEV-ES and SEV-SNP modes, this instruction now triggers #VC instead. The guest would need to setup a IDT very early and instead use the early-GHCB protocol to emulate CPUID, which is complicated.
Alternatively, we can signal to the guest that it is a SEV-ES/SNP through start_info structure, which is visible to the guest early on. All SEV-ES/SNP guests have the GHCB MSR available, which can be trivially [1] used to get the C-bit and proceed with the initialization avoiding CPUID instruction. We integrate that to the PVH ABI and expect all SEV-enabled domain builders to honor this flag for simplifying the PVH entry point logic of guests. [1] Initial GHCB MSR value contains the C-bit. The guest can trivially read this MSR and skip CPUID logic. Signed-off-by: Teddy Astie <[email protected]> --- Actually, C-bit itself cannot be a part of ABI as it is hardware-dependant (and even firmware configuration dependant). --- docs/misc/pvh.pandoc | 5 +++++ xen/include/public/xen.h | 2 ++ 2 files changed, 7 insertions(+) diff --git a/docs/misc/pvh.pandoc b/docs/misc/pvh.pandoc index 3e18789d36..6453ee21eb 100644 --- a/docs/misc/pvh.pandoc +++ b/docs/misc/pvh.pandoc @@ -44,6 +44,11 @@ using HVMPARAMS, just like it's done on HVM guests. The setup of the hypercall page is also performed in the same way as HVM guests, using the hypervisor cpuid leaves and msr ranges. +## SEV-ES/SNP guests ## + +The domain builder must set `SIF_HVM_GHCB` in start_info if the guest uses +SEV-ES or SEV-SNP technologies; i.e requires the use of GHCB protocol. + ## AP startup ## AP startup can be performed using hypercalls or the local APIC if present. diff --git a/xen/include/public/xen.h b/xen/include/public/xen.h index 7f15204c38..9b84df573b 100644 --- a/xen/include/public/xen.h +++ b/xen/include/public/xen.h @@ -890,6 +890,8 @@ typedef struct start_info start_info_t; #define SIF_MOD_START_PFN (1<<3) /* Is mod_start a PFN? */ #define SIF_VIRT_P2M_4TOOLS (1<<4) /* Do Xen tools understand a virt. mapped */ /* P->M making the 3 level tree obsolete? */ +#define SIF_HVM_GHCB (1<<5) /* Domain is SEV-ES/SNP guest that requires */ + /* use of GHCB. */ #define SIF_PM_MASK (0xFF<<8) /* reserve 1 byte for xen-pm options */ /* -- 2.52.0 -- Teddy Astie | Vates XCP-ng Developer XCP-ng & Xen Orchestra - Vates solutions web: https://vates.tech
