x86/head/64: Call verify_cpu() after IDT is set up
Call verify_cpu() after exception handling is set up. This
is needed for SEV-ES support because verify_cpu() will
trigger a number of #VC exceptions when running in an SEV-ES
enabled guest. Is is also safe to call verify_cpu() later
because the things it does are not relevant for what is done
before the call. In particular, it does:
1) Checks for long-mode support. It is not relevant
because the kernel already runs in long-mode, so
it is oviously supported.
2) On Intel, it clears the XD_DISABLE bit in
MSR_IA32_MISC_ENABLE. This is not relevant
because on the boot CPU __startup_64() doesn't
set the NX bit in the page-tables.
For secondary CPUs on this code path the
verify_cpu() function already ran in the
trampoline code, so the XD_DISABLE bit is cleared
already
3) On AMD, it enables SSE in MSR_K7_HWCR. Not
relevant because SSE is not used that early.
So it is safe to execute that function when exception
handling is set up.
Signed-off-by: Joerg Roedel <jroedel@suse.de>
1 file changed
