Skip to content

Commit

Permalink
sev: remove SNP/ES checks
Browse files Browse the repository at this point in the history 
The use of the SNP platform assumes that SEV-ES and SEV-SNP are always
enabled (this is enforced during SEV status register checks).  There is
no longer any reason to make decisions at runtime based on whether ES or
SNP is available.

Signed-off-by: Jon Lange <[email protected]>
  • Loading branch information
@msft-jlange
msft-jlange committed Oct 24, 2024
1 parent b2dc667 commit 4527afc
Show file tree
Hide file tree
Showing 3 changed files with 7 additions and 19 deletions.
17 changes: 7 additions & 10 deletions kernel/src/sev/ghcb.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,6 @@ use crate::mm::validate::{
use crate::mm::virt_to_phys;
use crate::platform::PageStateChangeOp;
use crate::sev::hv_doorbell::HVDoorbell;
use crate::sev::sev_snp_enabled;
use crate::sev::utils::raw_vmgexit;
use crate::types::{Bytes, PageSize, GUEST_VMPL, PAGE_SIZE_2M};
use crate::utils::MemoryRegion;
Expand Down Expand Up @@ -138,17 +137,15 @@ impl GhcbPage {
let vaddr = page.vaddr();
let paddr = virt_to_phys(vaddr);

if sev_snp_enabled() {
// Make page invalid
pvalidate(vaddr, PageSize::Regular, PvalidateOp::Invalid)?;
// Make page invalid
pvalidate(vaddr, PageSize::Regular, PvalidateOp::Invalid)?;

// Let the Hypervisor take the page back
invalidate_page_msr(paddr)?;
// Let the Hypervisor take the page back
invalidate_page_msr(paddr)?;

// Needs guarding for Stage2 GHCB
if valid_bitmap_valid_addr(paddr) {
valid_bitmap_clear_valid_4k(paddr);
}
// Needs guarding for Stage2 GHCB
if valid_bitmap_valid_addr(paddr) {
valid_bitmap_clear_valid_4k(paddr);
}

// Map page unencrypted
Expand Down
1 change: 0 additions & 1 deletion kernel/src/sev/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,5 @@ pub use msr_protocol::init_hypervisor_ghcb_features;
pub use secrets_page::{secrets_page, secrets_page_mut, SecretsPage, VMPCK_SIZE};
pub use status::sev_status_init;
pub use status::sev_status_verify;
pub use status::{sev_es_enabled, sev_snp_enabled};
pub use utils::{pvalidate, pvalidate_range, PvalidateOp, SevSnpError};
pub use utils::{rmp_adjust, RMPFlags};
8 changes: 0 additions & 8 deletions kernel/src/sev/status.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -146,14 +146,6 @@ pub fn sev_status_init() {
.expect("Already initialized SEV flags");
}

pub fn sev_es_enabled() -> bool {
sev_flags().contains(SEVStatusFlags::SEV_ES)
}

pub fn sev_snp_enabled() -> bool {
sev_flags().contains(SEVStatusFlags::SEV_SNP)
}

pub fn vtom_enabled() -> bool {
sev_flags().contains(SEVStatusFlags::VTOM)
}
Expand Down

0 comments on commit 4527afc

Please sign in to comment.