From: Ashish Kalra <Ashish.Kalra@amd.com>
To: <tglx@linutronix.de>, <mingo@redhat.com>, <bp@alien8.de>,
<dave.hansen@linux.intel.com>, <x86@kernel.org>
Cc: <rafael@kernel.org>, <hpa@zytor.com>, <peterz@infradead.org>,
<adrian.hunter@intel.com>,
<sathyanarayanan.kuppuswamy@linux.intel.com>,
<jun.nakajima@intel.com>, <rick.p.edgecombe@intel.com>,
<thomas.lendacky@amd.com>, <michael.roth@amd.com>,
<seanjc@google.com>, <kai.huang@intel.com>, <bhe@redhat.com>,
<kirill.shutemov@linux.intel.com>, <bdas@redhat.com>,
<vkuznets@redhat.com>, <dionnaglaze@google.com>,
<anisinha@redhat.com>, <jroedel@suse.de>, <ardb@kernel.org>,
<dyoung@redhat.com>, <kexec@lists.infradead.org>,
<linux-coco@lists.linux.dev>, <linux-kernel@vger.kernel.org>
Subject: [PATCH v8 0/2] x86/snp: Add kexec support
Date: Mon, 17 Jun 2024 21:13:43 +0000 [thread overview]
Message-ID: <cover.1718657194.git.ashish.kalra@amd.com> (raw)
In-Reply-To: <20240614095904.1345461-1-kirill.shutemov@linux.intel.com>
From: Ashish Kalra <ashish.kalra@amd.com>
The patchset adds bits and pieces to get kexec (and crashkernel) work on
SNP guest.
This patchset requires the following fix for preventing EFI memory map
corruption while doing SNP guest kexec:
https://lore.kernel.org/all/16131a10-b473-41cc-a96e-d71a4d930353@amd.com/T/#m77f2f33f5521d1369b0e8d461802b99005b4ffd6
The series is based off of and tested against Kirill Shutemov's tree:
https://github.com/intel/tdx.git guest-kexec
----
v8:
- removed fix EFI memory map corruption with kexec patch as this
is a use-after-free bug that is not specific to SNP/TDX or kexec
and a generic fix for the same has been posted.
- Add new early_sev_detect() and move detection of SEV-ES/SNP guest
and skip accessing video RAM during decompressor stage into
this function as per feedback from upstream review.
v7:
- Rebased onto current tip/master;
- Moved back to checking the md attribute instead of checking the
efi_setup for detecting if running under kexec kernel as
suggested in upstream review feedback.
v6:
- Updated and restructured the commit message for patch 1/3 to
explain the issue in detail.
- Updated inline comments in patch 1/3 to explain the issue in
detail.
- Moved back to checking efi_setup for detecting if running
under kexec kernel.
v5:
- Removed sev_es_enabled() function and using sev_status directly to
check for SEV-ES/SEV-SNP guest.
- used --base option to generate patches to specify Kirill's TDX guest
kexec patches as prerequisite patches to fix kernel test robot
build errors.
v4:
- Rebased to current tip/master.
- Reviewed-bys from Sathya.
- Remove snp_kexec_unprep_rom_memory() as it is not needed any more as
SEV-SNP code is not validating the ROM range in probe_roms() anymore.
- Fix kernel test robot build error/warnings.
v3:
- Rebased;
- moved Keep page tables that maps E820_TYPE_ACPI patch to Kirill's tdx
guest kexec patch series.
- checking the md attribute instead of checking the efi_setup for
detecting if running under kexec kernel.
- added new sev_es_enabled() function.
- skip video memory access in decompressor for SEV-ES/SNP systems to
prevent guest termination as boot stage2 #VC handler does not handle
MMIO.
v2:
- address zeroing of unaccepted memory table mappings at all page table levels
adding phys_pte_init(), phys_pud_init() and phys_p4d_init().
- include skip efi_arch_mem_reserve() in case of kexec as part of this
patch set.
- rename last_address_shd_kexec to a more appropriate
kexec_last_address_to_make_private.
- remove duplicate code shared with TDX and use common interfaces
defined for SNP and TDX for kexec/kdump.
- remove set_pte_enc() dependency on pg_level_to_pfn() and make the
function simpler.
- rename unshare_pte() to make_pte_private().
- clarify and make the comment for using kexec_last_address_to_make_private
more understandable.
- general cleanup.
Ashish Kalra (2):
x86/boot/compressed: Skip Video Memory access in Decompressor for
SEV-ES/SNP.
x86/snp: Convert shared memory back to private on kexec
arch/x86/boot/compressed/misc.c | 23 +++++
arch/x86/include/asm/sev.h | 4 +
arch/x86/kernel/sev.c | 168 ++++++++++++++++++++++++++++++++
arch/x86/mm/mem_encrypt_amd.c | 3 +
4 files changed, 198 insertions(+)
base-commit: f87c20c019e22be5f2efd11bf9141a532ae876da
prerequisite-patch-id: a911f230c2524bd791c47f62f17f0a93cbf726b6
prerequisite-patch-id: bfe2fa046349978ac1825275eb205acecfbc22f3
prerequisite-patch-id: 36fe38a0547bcc26048bd1c5568d736344173d0a
prerequisite-patch-id: 1f97d0a2edb7509dd58276f628d1a4bda62c154c
prerequisite-patch-id: c890aed9c68e5f6dec8e640194950f0abeddb68c
prerequisite-patch-id: 17a7d996d9af56c6b24a2374e9e498feafe18216
prerequisite-patch-id: 6a8bda2b3cf9bfab8177acdcfc8dd0408ed129fa
prerequisite-patch-id: 99382c42348b9a076ba930eca0dfc9d000ec951d
prerequisite-patch-id: 469a0a3c78b0eca82527cd85e2205fb8fb89d645
prerequisite-patch-id: fda4eb74abfdee49760e508ee6f3b661d52ceb26
prerequisite-patch-id: 6da1f25b8b1646f326911eb10c05f3821343313e
prerequisite-patch-id: 95356474298029468750a9c1bc2224fb09a86eed
prerequisite-patch-id: d4966ae63e86d24b0bf578da4dae871cd9002b12
prerequisite-patch-id: fccde6f1fa385b5af0195f81fcb95acd71822428
prerequisite-patch-id: 16048ee15e392b0b9217b8923939b0059311abd2
prerequisite-patch-id: 5c9ae9aa294f72f63ae2c3551507dfbd92525803
prerequisite-patch-id: 6bd2e291bfdb1f61b6d194899d3bb3c678d534dd
prerequisite-patch-id: c85fd0bb6d183a40da73720eaa607481b1d51daf
prerequisite-patch-id: 60760e0c98ab7ccd2ca22ae3e9f20ff5a94c6e91
--
2.34.1
next prev parent reply other threads:[~2024-06-17 21:13 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-14 9:58 [PATCHv12 00/19] x86/tdx: Add kexec support Kirill A. Shutemov
2024-06-14 9:58 ` [PATCHv12 01/19] x86/acpi: Extract ACPI MADT wakeup code into a separate file Kirill A. Shutemov
2024-06-14 9:58 ` [PATCHv12 02/19] x86/apic: Mark acpi_mp_wake_* variables as __ro_after_init Kirill A. Shutemov
2024-06-14 9:58 ` [PATCHv12 03/19] cpu/hotplug: Add support for declaring CPU offlining not supported Kirill A. Shutemov
2024-06-14 9:58 ` [PATCHv12 04/19] cpu/hotplug, x86/acpi: Disable CPU offlining for ACPI MADT wakeup Kirill A. Shutemov
2024-06-14 9:58 ` [PATCHv12 05/19] x86/relocate_kernel: Use named labels for less confusion Kirill A. Shutemov
2024-06-14 9:58 ` [PATCHv12 06/19] x86/kexec: Keep CR4.MCE set during kexec for TDX guest Kirill A. Shutemov
2024-06-14 9:58 ` [PATCHv12 07/19] x86/mm: Make x86_platform.guest.enc_status_change_*() return errno Kirill A. Shutemov
2024-06-14 9:58 ` [PATCHv12 08/19] x86/mm: Return correct level from lookup_address() if pte is none Kirill A. Shutemov
2024-06-14 9:58 ` [PATCHv12 09/19] x86/tdx: Account shared memory Kirill A. Shutemov
2024-06-14 9:58 ` [PATCHv12 10/19] x86/mm: Add callbacks to prepare encrypted memory for kexec Kirill A. Shutemov
2024-06-14 9:58 ` [PATCHv12 11/19] x86/tdx: Convert shared memory back to private on kexec Kirill A. Shutemov
2024-06-14 9:58 ` [PATCHv12 12/19] x86/mm: Make e820__end_ram_pfn() cover E820_TYPE_ACPI ranges Kirill A. Shutemov
2024-06-14 9:58 ` [PATCHv12 13/19] x86/mm: Do not zap page table entries mapping unaccepted memory table during kdump Kirill A. Shutemov
2024-06-14 9:58 ` [PATCHv12 14/19] x86/acpi: Rename fields in acpi_madt_multiproc_wakeup structure Kirill A. Shutemov
2024-06-14 9:59 ` [PATCHv12 15/19] x86/acpi: Do not attempt to bring up secondary CPUs in kexec case Kirill A. Shutemov
2024-06-14 9:59 ` [PATCHv12 16/19] x86/smp: Add smp_ops.stop_this_cpu() callback Kirill A. Shutemov
2024-06-14 9:59 ` [PATCHv12 17/19] x86/mm: Introduce kernel_ident_mapping_free() Kirill A. Shutemov
2024-06-14 9:59 ` [PATCHv12 18/19] x86/acpi: Add support for CPU offlining for ACPI MADT wakeup method Kirill A. Shutemov
2024-06-14 9:59 ` [PATCHv12 19/19] ACPI: tables: Print MULTIPROC_WAKEUP when MADT is parsed Kirill A. Shutemov
2024-06-17 21:13 ` Ashish Kalra [this message]
2024-06-17 21:15 ` [PATCH v8 1/2] x86/boot/compressed: Skip Video Memory access in Decompressor for SEV-ES/SNP Ashish Kalra
2024-06-19 10:22 ` Borislav Petkov
2024-06-17 21:15 ` [PATCH v8 2/2] x86/snp: Convert shared memory back to private on kexec Ashish Kalra
2024-06-20 22:22 ` [PATCH v9 0/3] x86/snp: Add kexec support Ashish Kalra
2024-06-20 22:23 ` [PATCH v9 1/3] x86/sev: Move SEV compilation units Ashish Kalra
2024-06-20 22:23 ` [PATCH v9 2/3] x86/boot: Skip video memory access in the decompressor for SEV-ES/SNP Ashish Kalra
2024-06-24 15:03 ` Tom Lendacky
2024-06-20 22:23 ` [PATCH v9 3/3] x86/snp: Convert shared memory back to private on kexec Ashish Kalra
2024-06-24 15:18 ` Tom Lendacky
2024-06-24 18:26 ` Borislav Petkov
2024-06-24 20:57 ` Kalra, Ashish
2024-06-25 3:59 ` Borislav Petkov
2024-06-28 4:27 ` Kalra, Ashish
2024-06-28 14:01 ` Tom Lendacky
2024-06-28 19:14 ` Kalra, Ashish
2024-06-28 20:33 ` Kalra, Ashish
2024-06-24 18:21 ` [PATCH v10 0/2] x86/snp: Add kexec support Ashish Kalra
2024-06-24 18:21 ` [PATCH v10 1/2] x86/boot: Skip video memory access in the decompressor for SEV-ES/SNP Ashish Kalra
2024-06-24 18:22 ` [PATCH v10 2/2] Subject: [PATCH v9 3/3] x86/snp: Convert shared memory back to private on kexec Ashish Kalra
2024-07-02 19:56 ` [PATCH v11 0/3] x86/snp: Add kexec support Ashish Kalra
2024-07-02 19:57 ` [PATCH v11 1/3] x86/boot: Skip video memory access in the decompressor for SEV-ES/SNP Ashish Kalra
2024-07-02 19:57 ` [PATCH v11 2/3] x86/mm: refactor __set_clr_pte_enc() Ashish Kalra
2024-07-05 14:26 ` Borislav Petkov
2024-07-02 19:58 ` [PATCH v11 3/3] x86/snp: Convert shared memory back to private on kexec Ashish Kalra
2024-07-05 14:28 ` Borislav Petkov
2024-07-05 14:29 ` Borislav Petkov
2024-07-10 20:12 ` Kalra, Ashish
2024-07-30 19:20 ` [PATCH v12 0/3] x86/snp: Add kexec support Ashish Kalra
2024-07-30 19:21 ` [PATCH v12 1/3] x86/boot: Skip video memory access in the decompressor for SEV-ES/SNP Ashish Kalra
2024-07-30 19:21 ` [PATCH v12 2/3] x86/mm: refactor __set_clr_pte_enc() Ashish Kalra
2024-07-30 19:22 ` [PATCH v12 3/3] x86/snp: Convert shared memory back to private on kexec Ashish Kalra
2024-08-01 19:14 ` [PATCH v13 0/3] x86/snp: Add kexec support Ashish Kalra
2024-08-01 19:14 ` [PATCH v13 1/3] x86/boot: Skip video memory access in the decompressor for SEV-ES/SNP Ashish Kalra
2024-08-01 19:14 ` [PATCH v13 2/3] x86/mm: refactor __set_clr_pte_enc() Ashish Kalra
2024-10-28 16:15 ` Tom Lendacky
2024-08-01 19:14 ` [PATCH v13 3/3] x86/snp: Convert shared memory back to private on kexec Ashish Kalra
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1718657194.git.ashish.kalra@amd.com \
--to=ashish.kalra@amd.com \
--cc=adrian.hunter@intel.com \
--cc=anisinha@redhat.com \
--cc=ardb@kernel.org \
--cc=bdas@redhat.com \
--cc=bhe@redhat.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=dionnaglaze@google.com \
--cc=dyoung@redhat.com \
--cc=hpa@zytor.com \
--cc=jroedel@suse.de \
--cc=jun.nakajima@intel.com \
--cc=kai.huang@intel.com \
--cc=kexec@lists.infradead.org \
--cc=kirill.shutemov@linux.intel.com \
--cc=linux-coco@lists.linux.dev \
--cc=linux-kernel@vger.kernel.org \
--cc=michael.roth@amd.com \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
--cc=rafael@kernel.org \
--cc=rick.p.edgecombe@intel.com \
--cc=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=vkuznets@redhat.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).