x86/efi: Add GHCB mappings when SEV-ES is active

Calling down to EFI runtime services can result in the firmware performing VMGEXIT calls. The firmware is likely to use the GHCB of the OS (e.g., for setting EFI variables), so each GHCB in the system needs to be identity-mapped in the EFI page tables, as unencrypted, to avoid page faults. Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> [ jroedel@suse.de: Moved GHCB mapping loop to sev-es.c ] Signed-off-by: Joerg Roedel <jroedel@suse.de> Signed-off-by: Borislav Petkov <bp@suse.de> Acked-by: Ard Biesheuvel <ardb@kernel.org> Link: https://lkml.kernel.org/r/20200907131613.12703-72-joro@8bytes.org
author: Tom Lendacky <thomas.lendacky@amd.com> 2020-09-07 15:16:12 +0200
committer: Borislav Petkov <bp@suse.de> 2020-09-10 21:48:50 +0200
commit: 39336f4ffb2478ad384075cf4ba7ef2e5db2bbd7 (patch)
tree: a3b7660370d24d993046a07b47364e1a73fa8b1f /arch/x86/boot
parent: 4ca68e023b11e4d5908bf9ee326fab01111d77d5 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/arch/x86/boot/compressed/sev-es.c b/arch/x86/boot/compressed/sev-es.c
index 5f15e5864e0c..2a6c7c375244 100644
--- a/arch/x86/boot/compressed/sev-es.c
+++ b/arch/x86/boot/compressed/sev-es.c
@@ -12,6 +12,7 @@
  */
 #include "misc.h"
 
+#include <asm/pgtable_types.h>
 #include <asm/sev-es.h>
 #include <asm/trapnr.h>
 #include <asm/trap_pf.h>
author	Tom Lendacky <thomas.lendacky@amd.com>	2020-09-07 15:16:12 +0200
committer	Borislav Petkov <bp@suse.de>	2020-09-10 21:48:50 +0200
commit	39336f4ffb2478ad384075cf4ba7ef2e5db2bbd7 (patch)
tree	a3b7660370d24d993046a07b47364e1a73fa8b1f /arch/x86/boot
parent	4ca68e023b11e4d5908bf9ee326fab01111d77d5 (diff)