platform: enable interrupts when possible

Enable the use of interrupts whenever the kernel is executing outside of an IRQ guard. This is not safe on SNP systems that do not use Restricted Injection but is safe in all other configurations. Signed-off-by: Jon Lange <[email protected]>
coconut-svsm · Oct 23, 2024 · 0f8cacb · 0f8cacb
1 parent 4a53ac2
commit 0f8cacb
Show file tree

Hide file tree

Showing 7 changed files with 58 additions and 3 deletions.
diff --git a/kernel/src/cpu/irq_state.rs b/kernel/src/cpu/irq_state.rs
@@ -152,6 +152,19 @@ impl IrqState {
     pub fn count(&self) -> isize {
         self.count.load(Ordering::Relaxed)
     }
+
+    /// Changes whether interrupts will be enabled when the nesting count
+    /// drops to zero.
+    ///
+    /// # Safety
+    ///
+    /// The caller must ensure that the current nesting count is non-zero,
+    /// and must ensure that the specified value is appropriate for the
+    /// current environment.
+    pub unsafe fn set_restore_state(&self, enabled: bool) {
+        assert!(self.count.load(Ordering::Relaxed) != 0);
+        self.state.store(enabled, Ordering::Relaxed);
+    }
 }
 
 impl Drop for IrqState {

diff --git a/kernel/src/cpu/percpu.rs b/kernel/src/cpu/percpu.rs
@@ -825,6 +825,17 @@ impl PerCpu {
     }
 
     pub fn schedule_init(&self) -> TaskPointer {
+        // If the platform permits the use of interrupts, then ensure that
+        // interrupts will be enabled on the current CPU when leaving the
+        // scheduler environment.  This is done after disabling interrupts
+        // for scheduler initialization so that the first interrupt that can
+        // be received will always observe that there is a current task and
+        // not the boot thread.
+        if SVSM_PLATFORM.as_dyn_ref().use_interrupts() {
+            unsafe {
+                self.irq_state.set_restore_state(true);
+            }
+        }
         let task = self.runqueue.lock_write().schedule_init();
         self.current_stack.set(task.stack_bounds());
         task

diff --git a/kernel/src/platform/mod.rs b/kernel/src/platform/mod.rs
@@ -115,6 +115,9 @@ pub trait SvsmPlatform {
     /// Queries the state of APIC registration on this system.
     fn query_apic_registration_state(&self) -> bool;
 
+    /// Determines whether the platform supports interrupts to the SVSM.
+    fn use_interrupts(&self) -> bool;
+
     /// Signal an IRQ on one or more CPUs.
     fn post_irq(&self, icr: u64) -> Result<(), SvsmError>;
 

diff --git a/kernel/src/platform/native.rs b/kernel/src/platform/native.rs
@@ -128,6 +128,10 @@ impl SvsmPlatform for NativePlatform {
         false
     }
 
+    fn use_interrupts(&self) -> bool {
+        true
+    }
+
     fn post_irq(&self, icr: u64) -> Result<(), SvsmError> {
         write_msr(APIC_MSR_ICR, icr);
         Ok(())

diff --git a/kernel/src/platform/snp.rs b/kernel/src/platform/snp.rs
@@ -19,7 +19,7 @@ use crate::sev::hv_doorbell::current_hv_doorbell;
 use crate::sev::msr_protocol::{
     hypervisor_ghcb_features, request_termination_msr, verify_ghcb_version, GHCBHvFeatures,
 };
-use crate::sev::status::vtom_enabled;
+use crate::sev::status::{sev_restricted_injection, vtom_enabled};
 use crate::sev::{
     init_hypervisor_ghcb_features, pvalidate_range, sev_status_init, sev_status_verify, PvalidateOp,
 };
@@ -69,11 +69,15 @@ impl From<PageValidateOp> for PvalidateOp {
 }
 
 #[derive(Clone, Copy, Debug)]
-pub struct SnpPlatform {}
+pub struct SnpPlatform {
+    can_use_interrupts: bool,
+}
 
 impl SnpPlatform {
     pub fn new() -> Self {
-        Self {}
+        Self {
+            can_use_interrupts: false,
+        }
     }
 }
 
@@ -87,6 +91,14 @@ impl SvsmPlatform for SnpPlatform {
     fn env_setup(&mut self, _debug_serial_port: u16, vtom: usize) -> Result<(), SvsmError> {
         sev_status_init();
         VTOM.init(&vtom).map_err(|_| SvsmError::PlatformInit)?;
+
+        // Now that SEV status is initialized, determine whether this platform
+        // supports the use of SVSM interrupts.  SVSM interrupts are supported
+        // if this system uses restricted injection.
+        if sev_restricted_injection() {
+            self.can_use_interrupts = true;
+        }
+
         Ok(())
     }
 
@@ -255,6 +267,10 @@ impl SvsmPlatform for SnpPlatform {
         APIC_EMULATION_REG_COUNT.load(Ordering::Relaxed) > 0
     }
 
+    fn use_interrupts(&self) -> bool {
+        self.can_use_interrupts
+    }
+
     fn post_irq(&self, icr: u64) -> Result<(), SvsmError> {
         current_ghcb().hv_ipi(icr)?;
         Ok(())

diff --git a/kernel/src/platform/tdp.rs b/kernel/src/platform/tdp.rs
@@ -144,6 +144,10 @@ impl SvsmPlatform for TdpPlatform {
         false
     }
 
+    fn use_interrupts(&self) -> bool {
+        true
+    }
+
     fn post_irq(&self, _icr: u64) -> Result<(), SvsmError> {
         Err(SvsmError::Tdx)
     }

diff --git a/kernel/src/sev/status.rs b/kernel/src/sev/status.rs
@@ -158,6 +158,10 @@ pub fn vtom_enabled() -> bool {
     sev_flags().contains(SEVStatusFlags::VTOM)
 }
 
+pub fn sev_restricted_injection() -> bool {
+    sev_flags().contains(SEVStatusFlags::REST_INJ)
+}
+
 pub fn sev_status_verify() {
     let required = SEVStatusFlags::SEV | SEVStatusFlags::SEV_ES | SEVStatusFlags::SEV_SNP;
     let supported = SEVStatusFlags::DBGSWP