On 8/15/2025 3:55 PM, Borislav Petkov wrote:
On Mon, Aug 11, 2025 at 03:14:28PM +0530, Neeraj Upadhyay wrote:
With Secure AVIC, the APIC backing page is owned and managed by guest.
Please use articles: "...and managed by the guest."
Check all your text pls.
Ok
+enum es_result savic_register_gpa(u64 gpa)
+{
+ struct ghcb_state state;
+ struct es_em_ctxt ctxt;
+ enum es_result res;
+ struct ghcb *ghcb;
+
+ guard(irqsave)();
+
+ ghcb = __sev_get_ghcb(&state);
+ vc_ghcb_invalidate(ghcb);
+
+ ghcb_set_rax(ghcb, SVM_VMGEXIT_SAVIC_SELF_GPA);
+ ghcb_set_rbx(ghcb, gpa);
+ res = sev_es_ghcb_hv_call(ghcb, &ctxt, SVM_VMGEXIT_SAVIC,
+ SVM_VMGEXIT_SAVIC_REGISTER_GPA, 0);
+
+ __sev_put_ghcb(&state);
+
+ return res;
+}
I was gonna say put this into a new arch/x86/coco/sev/savic.c but ok, you're
adding only two functions.
There are four new functions. So, do I need to put them in new
arch/x86/coco/sev/savic.c file?
savic_register_gpa()
savic_unregister_gpa()
savic_ghcb_msr_read()
savic_ghcb_msr_write()
+struct secure_avic_page {
+ u8 regs[PAGE_SIZE];
+} __aligned(PAGE_SIZE);
+
+static struct secure_avic_page __percpu *secure_avic_page __ro_after_init;
static struct secure_avic_page __percpu *savic_page __ro_after_init;
Ok
- Neeraj
