From: bluhm Date: Fri, 4 Oct 2024 21:15:52 +0000 (+0000) Subject: Allow kernel boot on QEMU with AMD SEV. X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=2ce883118e8e5b201f86b9c7b55b5710ef029134;p=openbsd Allow kernel boot on QEMU with AMD SEV. When booting an OpenBSD kernel on Linux QEMU with SEV enabled, the hypervisor does not forward the SME feature, only the SEV bit is set. Therefore do not depend on SME when checking for SEV guest mode in locore0. from Sebastian Sturm; via hshoexer@; OK jsg@ --- diff --git a/sys/arch/amd64/amd64/locore0.S b/sys/arch/amd64/amd64/locore0.S index bc45eee7a09..978821715e7 100644 --- a/sys/arch/amd64/amd64/locore0.S +++ b/sys/arch/amd64/amd64/locore0.S @@ -1,4 +1,4 @@ -/* $OpenBSD: locore0.S,v 1.25 2024/07/21 19:41:31 bluhm Exp $ */ +/* $OpenBSD: locore0.S,v 1.26 2024/10/04 21:15:52 bluhm Exp $ */ /* $NetBSD: locore.S,v 1.13 2004/03/25 18:33:17 drochner Exp $ */ /* @@ -269,37 +269,33 @@ cont: orl %edx, RELOC(cpu_feature) /* - * Determine AMD SME and SEV capabilities. + * Determine AMD SEV capability. */ movl $RELOC(cpu_vendor),%ebp cmpl $0x68747541, (%ebp) /* "Auth" */ - jne .Lno_smesev + jne .Lno_sev cmpl $0x69746e65, 4(%ebp) /* "enti" */ - jne .Lno_smesev + jne .Lno_sev cmpl $0x444d4163, 8(%ebp) /* "cAMD" */ - jne .Lno_smesev + jne .Lno_sev - /* AMD CPU, check for SME and SEV. */ + /* AMD CPU, check for SEV. */ movl $0x8000001f, %eax cpuid - pushl %eax - andl $CPUIDEAX_SME, %eax /* SME */ - popl %eax - jz .Lno_smesev andl $CPUIDEAX_SEV, %eax /* SEV */ - jz .Lno_smesev + jz .Lno_sev /* Are we in guest mode with SEV enabled? */ movl $MSR_SEV_STATUS, %ecx rdmsr andl $SEV_STAT_ENABLED, %eax - jz .Lno_smesev + jz .Lno_sev /* Determine C bit position */ movl %ebx, %ecx /* %ebx from previous cpuid */ andl $0x3f, %ecx cmpl $0x20, %ecx /* must be at least bit 32 (counting from 0) */ - jl .Lno_smesev + jl .Lno_sev xorl %eax, %eax movl %eax, RELOC(pg_crypt) subl $0x20, %ecx @@ -338,7 +334,7 @@ cont: movl $0x1, RELOC(cpu_sev_guestmode) /* we are a SEV guest */ -.Lno_smesev: +.Lno_sev: /* * Finished with old stack; load new %esp now instead of later so we