diff options
| author | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2024-07-09 19:11:07 +0000 |
|---|---|---|
| committer | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2024-07-09 19:11:07 +0000 |
| commit | c8f6db34a8aa4ef711ac4a16e958feba7df8c885 (patch) | |
| tree | 373bc5d8f3c9c642e8f8c1f1891a1850933d9ae9 /sys/arch/amd64/include | |
| parent | 08a58cf71b4c4199365e293eb95936fabf179e63 (diff) | |
Prepare pmap for using the AMD SEV C-bit to encrypt guest memory.
The C-bit in a page table entry is used by a SEV guest to specify,
which pages are to be encrypted and which not. The latter is needed
to share pages with the hypervisor for virtio(4).
The actual position of the C-bit within a PTE is CPU implementation
dependend and needs to be determined dynamically at system boot.
The position of the C-bit also determines the actual size of page
frame mask. This will be provided by a separate change.
To be able to use the same kernel as both host and guest, the C-bit
is provided as variable similar to the NX-bit. Same holds for the
page frame masks.
Right now, pg_crypt is set to 0, pg_frame an pg_lgframe to PG_FRAME
and PG_LGFRAME respectively. Thus the kernel works as a host system
same as before.
Also introduce a PMAP_NOCRYPT flag. A guest will use this with
busdma to establish unencrypted mappings that can be shared with
the hypervisor.
from hshoexer@; OK mlarkin@
Diffstat (limited to 'sys/arch/amd64/include')
| -rw-r--r-- | sys/arch/amd64/include/pmap.h | 3 | ||||
| -rw-r--r-- | sys/arch/amd64/include/pte.h | 3 |
2 files changed, 4 insertions, 2 deletions
diff --git a/sys/arch/amd64/include/pmap.h b/sys/arch/amd64/include/pmap.h index 326050f4642..6a8e4f92dd3 100644 --- a/sys/arch/amd64/include/pmap.h +++ b/sys/arch/amd64/include/pmap.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pmap.h,v 1.88 2023/12/29 13:23:28 jca Exp $ */ +/* $OpenBSD: pmap.h,v 1.89 2024/07/09 19:11:06 bluhm Exp $ */ /* $NetBSD: pmap.h,v 1.1 2003/04/26 18:39:46 fvdl Exp $ */ /* @@ -320,6 +320,7 @@ struct pmap { }; #define PMAP_EFI PMAP_MD0 +#define PMAP_NOCRYPT PMAP_MD1 /* * MD flags that we use for pmap_enter (in the pa): diff --git a/sys/arch/amd64/include/pte.h b/sys/arch/amd64/include/pte.h index c2bd8793c7d..7d7608efe46 100644 --- a/sys/arch/amd64/include/pte.h +++ b/sys/arch/amd64/include/pte.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pte.h,v 1.17 2023/01/20 16:01:04 deraadt Exp $ */ +/* $OpenBSD: pte.h,v 1.18 2024/07/09 19:11:06 bluhm Exp $ */ /* $NetBSD: pte.h,v 1.1 2003/04/26 18:39:47 fvdl Exp $ */ /* @@ -164,6 +164,7 @@ typedef u_int64_t pt_entry_t; /* PTE */ #ifdef _KERNEL extern pt_entry_t pg_xo; /* XO pte bits using PKU key1 */ extern pt_entry_t pg_nx; /* NX pte bit */ +extern pt_entry_t pg_crypt; /* C pte bit */ extern pt_entry_t pg_g_kern; /* PG_G if glbl mappings can be used in kern */ #endif /* _KERNEL */ |