systemd/SOURCES/1038-fundamental-share-constants-for-confidential-virt-de.patch

185 lines
6.3 KiB
Diff
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

From 704f06e7ac11b8e6887b617ae5a0d67854a98e2a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Thu, 13 Jul 2023 14:02:33 +0100
Subject: [PATCH] fundamental: share constants for confidential virt detection
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
(cherry picked from commit 129b9e3f42d6a2bd92fa7c78ab08a29d6403ddc8)
Related: RHEL-50651
---
src/basic/confidential-virt.c | 67 +----------------
.../confidential-virt-fundamental.h | 72 +++++++++++++++++++
2 files changed, 73 insertions(+), 66 deletions(-)
create mode 100644 src/fundamental/confidential-virt-fundamental.h
diff --git a/src/basic/confidential-virt.c b/src/basic/confidential-virt.c
index 746aa8c313..64067098e5 100644
--- a/src/basic/confidential-virt.c
+++ b/src/basic/confidential-virt.c
@@ -5,10 +5,10 @@
#endif
#include <errno.h>
#include <fcntl.h>
-#include <stdint.h>
#include <stdlib.h>
#include <unistd.h>
+#include "confidential-virt-fundamental.h"
#include "confidential-virt.h"
#include "fd-util.h"
#include "fileio.h"
@@ -16,71 +16,6 @@
#include "string-table.h"
#include "utf8.h"
-#define CPUID_PROCESSOR_INFO_AND_FEATURE_BITS UINT32_C(0x1)
-
-/*
- * AMD64 Architecture Programmers Manual Volume 3:
- * General-Purpose and System Instructions.
- * Chapter: E4.1 - Maximum Extended Function Number and Vendor String
- * https://www.amd.com/system/files/TechDocs/24594.pdf
- */
-#define CPUID_GET_HIGHEST_FUNCTION UINT32_C(0x80000000)
-
-/*
- * AMD64 Architecture Programmers Manual Volume 3:
- * General-Purpose and System Instructions.
- * Chapter: E4.17 - Encrypted Memory Capabilities
- * https://www.amd.com/system/files/TechDocs/24594.pdf
- */
-#define CPUID_AMD_GET_ENCRYPTED_MEMORY_CAPABILITIES UINT32_C(0x8000001f)
-
-/*
- * AMD64 Architecture Programmers Manual Volume 3:
- * General-Purpose and System Instructions.
- * Chapter: 15.34.10 - SEV_STATUS MSR
- * https://www.amd.com/system/files/TechDocs/24593.pdf
- */
-#define MSR_AMD64_SEV UINT32_C(0xc0010131)
-
-/*
- * Intel® TDX Module v1.5 Base Architecture Specification
- * Chapter: 11.2
- * https://www.intel.com/content/www/us/en/content-details/733575/intel-tdx-module-v1-5-base-architecture-specification.html
- */
-
-#define CPUID_INTEL_TDX_ENUMERATION UINT32_C(0x21)
-
-/* Requirements for Implementing the Microsoft Hypervisor Interface
- * https://learn.microsoft.com/en-us/virtualization/hyper-v-on-windows/tlfs/tlfs
- */
-#define CPUID_HYPERV_VENDOR_AND_MAX_FUNCTIONS UINT32_C(0x40000000)
-
-#define CPUID_HYPERV_FEATURES UINT32_C(0x40000003)
-
-#define CPUID_HYPERV_ISOLATION_CONFIG UINT32_C(0x4000000C)
-
-#define CPUID_HYPERV_MIN UINT32_C(0x40000005)
-#define CPUID_HYPERV_MAX UINT32_C(0x4000ffff)
-
-#define CPUID_SIG_AMD "AuthenticAMD"
-#define CPUID_SIG_INTEL "GenuineIntel"
-#define CPUID_SIG_INTEL_TDX "IntelTDX "
-#define CPUID_SIG_HYPERV "Microsoft Hv"
-
-/* ecx bit 31: set => hyperpvisor, unset => bare metal */
-#define CPUID_FEATURE_HYPERVISOR (UINT32_C(1) << 31)
-
-/* Linux include/asm-generic/hyperv-tlfs.h */
-#define CPUID_HYPERV_CPU_MANAGEMENT (UINT32_C(1) << 12) /* root partition */
-#define CPUID_HYPERV_ISOLATION (UINT32_C(1) << 22) /* confidential VM partition */
-
-#define CPUID_HYPERV_ISOLATION_TYPE_MASK UINT32_C(0xf)
-#define CPUID_HYPERV_ISOLATION_TYPE_SNP 2
-
-#define EAX_SEV (UINT32_C(1) << 1)
-#define MSR_SEV (UINT64_C(1) << 0)
-#define MSR_SEV_ES (UINT64_C(1) << 1)
-#define MSR_SEV_SNP (UINT64_C(1) << 2)
#if defined(__x86_64__)
diff --git a/src/fundamental/confidential-virt-fundamental.h b/src/fundamental/confidential-virt-fundamental.h
new file mode 100644
index 0000000000..986923e1c2
--- /dev/null
+++ b/src/fundamental/confidential-virt-fundamental.h
@@ -0,0 +1,72 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+
+#include <stdint.h>
+
+/* Keep CVM detection logic in this file at feature parity with
+ * that in src/efi/boot/vmm.c */
+
+#define CPUID_PROCESSOR_INFO_AND_FEATURE_BITS UINT32_C(0x1)
+
+/*
+ * AMD64 Architecture Programmers Manual Volume 3:
+ * General-Purpose and System Instructions.
+ * Chapter: E4.1 - Maximum Extended Function Number and Vendor String
+ * https://www.amd.com/system/files/TechDocs/24594.pdf
+ */
+#define CPUID_GET_HIGHEST_FUNCTION UINT32_C(0x80000000)
+
+/*
+ * AMD64 Architecture Programmers Manual Volume 3:
+ * General-Purpose and System Instructions.
+ * Chapter: E4.17 - Encrypted Memory Capabilities
+ * https://www.amd.com/system/files/TechDocs/24594.pdf
+ */
+#define CPUID_AMD_GET_ENCRYPTED_MEMORY_CAPABILITIES UINT32_C(0x8000001f)
+
+/*
+ * AMD64 Architecture Programmers Manual Volume 3:
+ * General-Purpose and System Instructions.
+ * Chapter: 15.34.10 - SEV_STATUS MSR
+ * https://www.amd.com/system/files/TechDocs/24593.pdf
+ */
+#define MSR_AMD64_SEV UINT32_C(0xc0010131)
+
+/*
+ * Intel® TDX Module v1.5 Base Architecture Specification
+ * Chapter: 11.2
+ * https://www.intel.com/content/www/us/en/content-details/733575/intel-tdx-module-v1-5-base-architecture-specification.html
+ */
+
+#define CPUID_INTEL_TDX_ENUMERATION UINT32_C(0x21)
+
+/* Requirements for Implementing the Microsoft Hypervisor Interface
+ * https://learn.microsoft.com/en-us/virtualization/hyper-v-on-windows/tlfs/tlfs
+ */
+#define CPUID_HYPERV_VENDOR_AND_MAX_FUNCTIONS UINT32_C(0x40000000)
+
+#define CPUID_HYPERV_FEATURES UINT32_C(0x40000003)
+
+#define CPUID_HYPERV_ISOLATION_CONFIG UINT32_C(0x4000000C)
+
+#define CPUID_HYPERV_MIN UINT32_C(0x40000005)
+#define CPUID_HYPERV_MAX UINT32_C(0x4000ffff)
+
+#define CPUID_SIG_AMD "AuthenticAMD"
+#define CPUID_SIG_INTEL "GenuineIntel"
+#define CPUID_SIG_INTEL_TDX "IntelTDX "
+#define CPUID_SIG_HYPERV "Microsoft Hv"
+
+/* ecx bit 31: set => hyperpvisor, unset => bare metal */
+#define CPUID_FEATURE_HYPERVISOR (UINT32_C(1) << 31)
+
+/* Linux include/asm-generic/hyperv-tlfs.h */
+#define CPUID_HYPERV_CPU_MANAGEMENT (UINT32_C(1) << 12) /* root partition */
+#define CPUID_HYPERV_ISOLATION (UINT32_C(1) << 22) /* confidential VM partition */
+
+#define CPUID_HYPERV_ISOLATION_TYPE_MASK UINT32_C(0xf)
+#define CPUID_HYPERV_ISOLATION_TYPE_SNP 2
+
+#define EAX_SEV (UINT32_C(1) << 1)
+#define MSR_SEV (UINT64_C(1) << 0)
+#define MSR_SEV_ES (UINT64_C(1) << 1)
+#define MSR_SEV_SNP (UINT64_C(1) << 2)