[PATCH v4 0/4] SEV-SNP guest policy bit support updates

[Tom Lendacky <thomas.lendacky@amd.com>]

This series aims to allow more flexibility in specifying SEV-SNP policy
bits by improving discoverability of supported policy bits from userspace
and enabling support for newer policy bits.

- The first patch consolidates the policy definitions into a single header
  file.

- The second patch adds a CCP driver API to return the supported policy
  bits. Policy bit support is dependent on the version of SEV firmware.

- The third patch adds a new KVM_X86_GRP_SEV attribute group,
  KVM_X86_SNP_POLICY_BITS, that can be used to return the supported
  SEV-SNP policy bits. The initial support for this attribute will use
  the new CCP driver API to return the firmware supported policy bits
  ANDed with the KVM supported policy bits.

- The fourth patch expands the number of policy bits that KVM supports.

The series is based off of:
  git://git.kernel.org/pub/scm/virt/kvm/kvm.git master

---

Changes for v4:
  - Swizzle the patch order in order to preserve ABI.
  - Use the new CCP API from the start for the KVM_X86_SNP_POLICY_BITS
    attribute.

Changes for v3:
  - Remove RFC tag.

Changes for v2:
  - Marked the KVM supported policy bits as read-only after init.

Tom Lendacky (4):
  KVM: SEV: Consolidate the SEV policy bits in a single header file
  crypto: ccp - Add an API to return the supported SEV-SNP policy bits
  KVM: SEV: Publish supported SEV-SNP policy bits
  KVM: SEV: Add known supported SEV-SNP policy bits

 arch/x86/include/uapi/asm/kvm.h |  1 +
 arch/x86/kvm/svm/sev.c          | 45 ++++++++++++++++++++-------------
 arch/x86/kvm/svm/svm.h          |  3 ---
 drivers/crypto/ccp/sev-dev.c    | 37 +++++++++++++++++++++++++++
 include/linux/psp-sev.h         | 39 ++++++++++++++++++++++++++++
 5 files changed, 105 insertions(+), 20 deletions(-)


base-commit: 4361f5aa8bfcecbab3fc8db987482b9e08115a6a
-- 
2.51.1