linux/arch/x86/realmode/rm
Sean Christopherson 77a512e35d x86/boot: Avoid #VE during boot for TDX platforms
There are a few MSRs and control register bits that the kernel
normally needs to modify during boot. But, TDX disallows
modification of these registers to help provide consistent security
guarantees. Fortunately, TDX ensures that these are all in the correct
state before the kernel loads, which means the kernel does not need to
modify them.

The conditions to avoid are:

 * Any writes to the EFER MSR
 * Clearing CR4.MCE

This theoretically makes the guest boot more fragile. If, for instance,
EFER was set up incorrectly and a WRMSR was performed, it will trigger
early exception panic or a triple fault, if it's before early
exceptions are set up. However, this is likely to trip up the guest
BIOS long before control reaches the kernel. In any case, these kinds
of problems are unlikely to occur in production environments, and
developers have good debug tools to fix them quickly.

Change the common boot code to work on TDX and non-TDX systems.
This should have no functional effect on non-TDX systems.

Signed-off-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Reviewed-by: Andi Kleen <ak@linux.intel.com>
Reviewed-by: Dan Williams <dan.j.williams@intel.com>
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
Link: https://lkml.kernel.org/r/20220405232939.73860-24-kirill.shutemov@linux.intel.com
2022-04-07 08:27:53 -07:00
..
.gitignore .gitignore: add SPDX License Identifier 2020-03-25 11:50:48 +01:00
bioscall.S x86, realmode: flattened rm hierachy 2012-05-08 11:48:45 -07:00
copy.S x86, realmode: flattened rm hierachy 2012-05-08 11:48:45 -07:00
header.S x86/boot: Add a trampoline for booting APs via firmware handoff 2022-04-07 08:27:52 -07:00
Makefile Linux 5.7-rc1 2020-04-13 09:44:39 +02:00
realmode.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
realmode.lds.S x86/vmlinux: Drop unneeded linker script discard of .eh_frame 2020-02-25 14:51:29 +01:00
reboot.S x86/asm/64: Add ENDs to some functions and relabel with SYM_CODE_* 2019-10-18 11:58:16 +02:00
regs.c x86, realmode: flattened rm hierachy 2012-05-08 11:48:45 -07:00
stack.S x86/asm/realmode: Use SYM_DATA_* instead of GLOBAL 2019-10-18 11:28:47 +02:00
trampoline_32.S x86/asm/32: Add ENDs to some functions and relabel with SYM_CODE_* 2019-10-18 11:58:33 +02:00
trampoline_64.S x86/boot: Avoid #VE during boot for TDX platforms 2022-04-07 08:27:53 -07:00
trampoline_common.S x86/boot: Add a trampoline for booting APs via firmware handoff 2022-04-07 08:27:52 -07:00
video-bios.c x86, realmode: flattened rm hierachy 2012-05-08 11:48:45 -07:00
video-mode.c x86, realmode: flattened rm hierachy 2012-05-08 11:48:45 -07:00
video-vesa.c x86, realmode: flattened rm hierachy 2012-05-08 11:48:45 -07:00
video-vga.c x86, realmode: flattened rm hierachy 2012-05-08 11:48:45 -07:00
wakemain.c x86/boot: Port I/O: Allow to hook up alternative helpers 2022-04-07 08:27:52 -07:00
wakeup_asm.S x86/asm/64: Add ENDs to some functions and relabel with SYM_CODE_* 2019-10-18 11:58:16 +02:00
wakeup.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00