CVSROOT: /cvs
Module name: src
Changes by: bl...@cvs.openbsd.org 2024/07/09 13:11:06
Modified files:
sys/arch/amd64/amd64: pmap.c
sys/arch/amd64/include: pmap.h pte.h
Log message:
Prepare pmap for using the AMD SEV C-bit to encrypt guest memory.
The C-bit in a page table entry is used by a SEV guest to specify,
which pages are to be encrypted and which not. The latter is needed
to share pages with the hypervisor for virtio(4).
The actual position of the C-bit within a PTE is CPU implementation
dependend and needs to be determined dynamically at system boot.
The position of the C-bit also determines the actual size of page
frame mask. This will be provided by a separate change.
To be able to use the same kernel as both host and guest, the C-bit
is provided as variable similar to the NX-bit. Same holds for the
page frame masks.
Right now, pg_crypt is set to 0, pg_frame an pg_lgframe to PG_FRAME
and PG_LGFRAME respectively. Thus the kernel works as a host system
same as before.
Also introduce a PMAP_NOCRYPT flag. A guest will use this with
busdma to establish unencrypted mappings that can be shared with
the hypervisor.
from hshoexer@; OK mlarkin@
