diff options
| author | Joerg Roedel <jroedel@suse.de> | 2020-09-07 15:16:11 +0200 |
|---|---|---|
| committer | Borislav Petkov <bp@suse.de> | 2020-09-09 18:02:35 +0200 |
| commit | 4ca68e023b11e4d5908bf9ee326fab01111d77d5 (patch) | |
| tree | 874f57bbc6627e3f64668d2845051e1ea03cc15f /arch/x86/kernel/nmi.c | |
| parent | 094794f59720d7e877a1eeb372ecedeed6b441ab (diff) | |
| download | lwn-4ca68e023b11e4d5908bf9ee326fab01111d77d5.tar.gz lwn-4ca68e023b11e4d5908bf9ee326fab01111d77d5.zip | |
x86/sev-es: Handle NMI State
When running under SEV-ES, the kernel has to tell the hypervisor when to
open the NMI window again after an NMI was injected. This is done with
an NMI-complete message to the hypervisor.
Add code to the kernel's NMI handler to send this message right at the
beginning of do_nmi(). This always allows nesting NMIs.
[ bp: Mark __sev_es_nmi_complete() noinstr:
vmlinux.o: warning: objtool: exc_nmi()+0x17: call to __sev_es_nmi_complete()
leaves .noinstr.text section
While at it, use __pa_nodebug() for the same reason due to
CONFIG_DEBUG_VIRTUAL=y:
vmlinux.o: warning: objtool: __sev_es_nmi_complete()+0xd9: call to __phys_addr()
leaves .noinstr.text section ]
Signed-off-by: Joerg Roedel <jroedel@suse.de>
Signed-off-by: Borislav Petkov <bp@suse.de>
Link: https://lkml.kernel.org/r/20200907131613.12703-71-joro@8bytes.org
Diffstat (limited to 'arch/x86/kernel/nmi.c')
| -rw-r--r-- | arch/x86/kernel/nmi.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/arch/x86/kernel/nmi.c b/arch/x86/kernel/nmi.c index 4c89c4d3cb82..56b64d779856 100644 --- a/arch/x86/kernel/nmi.c +++ b/arch/x86/kernel/nmi.c @@ -478,6 +478,12 @@ DEFINE_IDTENTRY_RAW(exc_nmi) { bool irq_state; + /* + * Re-enable NMIs right here when running as an SEV-ES guest. This might + * cause nested NMIs, but those can be handled safely. + */ + sev_es_nmi_complete(); + if (IS_ENABLED(CONFIG_SMP) && arch_cpu_is_offline(smp_processor_id())) return; |