From: Borislav Petkov (AMD) Date: Wed, 3 Sep 2025 15:42:05 +0000 (+0200) Subject: x86/apic/savic: Do not use snp_abort() X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d4bc3b11c12b41fdb5650f5ad797de97f8dce869;p=thirdparty%2Fkernel%2Fstable.git x86/apic/savic: Do not use snp_abort() This function is going away so replace the callsites with the equivalent functionality. Add a new SAVIC-specific termination reason. If more granularity is needed there, it will be revisited in the future. Signed-off-by: Borislav Petkov (AMD) --- diff --git a/arch/x86/coco/sev/core.c b/arch/x86/coco/sev/core.c index b64f43010a128..e858e2979db04 100644 --- a/arch/x86/coco/sev/core.c +++ b/arch/x86/coco/sev/core.c @@ -1129,7 +1129,7 @@ u64 savic_ghcb_msr_read(u32 reg) if (res != ES_OK) { pr_err("Secure AVIC MSR (0x%llx) read returned error (%d)\n", msr, res); /* MSR read failures are treated as fatal errors */ - snp_abort(); + sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_SAVIC_FAIL); } __sev_put_ghcb(&state); @@ -1159,7 +1159,7 @@ void savic_ghcb_msr_write(u32 reg, u64 value) if (res != ES_OK) { pr_err("Secure AVIC MSR (0x%llx) write returned error (%d)\n", msr, res); /* MSR writes should never fail. Any failure is fatal error for SNP guest */ - snp_abort(); + sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_SAVIC_FAIL); } __sev_put_ghcb(&state); diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index 0020d77a08000..01a6e4dbe4235 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -208,6 +208,7 @@ struct snp_psc_desc { #define GHCB_TERM_SVSM_CAA 9 /* SVSM is present but CAA is not page aligned */ #define GHCB_TERM_SECURE_TSC 10 /* Secure TSC initialization failed */ #define GHCB_TERM_SVSM_CA_REMAP_FAIL 11 /* SVSM is present but CA could not be remapped */ +#define GHCB_TERM_SAVIC_FAIL 12 /* Secure AVIC-specific failure */ #define GHCB_RESP_CODE(v) ((v) & GHCB_MSR_INFO_MASK) diff --git a/arch/x86/kernel/apic/x2apic_savic.c b/arch/x86/kernel/apic/x2apic_savic.c index b846de0fbcfad..dbc5678bc3b68 100644 --- a/arch/x86/kernel/apic/x2apic_savic.c +++ b/arch/x86/kernel/apic/x2apic_savic.c @@ -363,7 +363,7 @@ static void savic_setup(void) */ res = savic_register_gpa(gpa); if (res != ES_OK) - snp_abort(); + sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_SAVIC_FAIL); native_wrmsrq(MSR_AMD64_SAVIC_CONTROL, gpa | MSR_AMD64_SAVIC_EN | MSR_AMD64_SAVIC_ALLOWEDNMI); @@ -376,13 +376,13 @@ static int savic_probe(void) if (!x2apic_mode) { pr_err("Secure AVIC enabled in non x2APIC mode\n"); - snp_abort(); + sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_SAVIC_FAIL); /* unreachable */ } savic_page = alloc_percpu(struct secure_avic_page); if (!savic_page) - snp_abort(); + sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_SAVIC_FAIL); return 1; }