* [GIT PULL] x86/sev for v6.9-rc1
@ 2024-03-11 15:19 Borislav Petkov
2024-03-12 0:50 ` Linus Torvalds
2024-03-12 1:30 ` pr-tracker-bot
0 siblings, 2 replies; 5+ messages in thread
From: Borislav Petkov @ 2024-03-11 15:19 UTC (permalink / raw)
To: Linus Torvalds; +Cc: x86-ml, lkml
Hi Linus,
please pull a huuuge pile of x86/sev changes for v6.9-rc1.
If you're merging tip pull requests in the chronological order you've
received them, you'll encounter a couple of simple merge conflicts. I'm
adding how I've resolved them at the end of this message in case you
wanna compare notes.
Thx.
---
The following changes since commit 41bccc98fb7931d63d03f326a746ac4d429c1dd3:
Linux 6.8-rc2 (2024-01-28 17:01:12 -0800)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git tags/x86_sev_for_v6.9_rc1
for you to fetch changes up to c0935fca6ba4799e5efc6daeee37887e84707d01:
x86/sev: Disable KMSAN for memory encryption TUs (2024-03-08 08:59:22 +0100)
----------------------------------------------------------------
- Add the x86 part of the SEV-SNP host support. This will allow the
kernel to be used as a KVM hypervisor capable of running SNP (Secure
Nested Paging) guests. Roughly speaking, SEV-SNP is the ultimate goal
of the AMD confidential computing side, providing the most
comprehensive confidential computing environment up to date.
This is the x86 part and there is a KVM part which did not get ready
in time for the merge window so latter will be forthcoming in the next
cycle.
- Rework the early code's position-dependent SEV variable references in
order to allow building the kernel with clang and -fPIE/-fPIC and
-mcmodel=kernel
- The usual set of fixes, cleanups and improvements all over the place
----------------------------------------------------------------
Ard Biesheuvel (2):
x86/sme: Fix memory encryption setting if enabled by default and not overridden
x86/sev: Fix position dependent variable references in startup code
Ashish Kalra (6):
iommu/amd: Don't rely on external callers to enable IOMMU SNP support
x86/mtrr: Don't print errors if MtrrFixDramModEn is set when SNP enabled
x86/sev: Introduce an SNP leaked pages list
iommu/amd: Clean up RMP entries for IOMMU pages during SNP shutdown
crypto: ccp: Add panic notifier for SEV/SNP firmware shutdown on kdump
iommu/amd: Fix failure return from snp_lookup_rmpentry()
Borislav Petkov (AMD) (5):
x86/sev: Harden #VC instruction emulation somewhat
x86/Kconfig: Remove CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT
crypto: ccp: Make snp_range_list static
crypto: ccp - Have it depend on AMD_IOMMU
x86/sev: Dump SEV_STATUS
Brijesh Singh (14):
x86/cpufeatures: Add SEV-SNP CPU feature
x86/sev: Add SEV-SNP host initialization support
x86/sev: Add RMP entry lookup helpers
x86/fault: Add helper for dumping RMP entries
x86/traps: Define RMP violation #PF error code
x86/sev: Add helper functions for RMPUPDATE and PSMASH instruction
crypto: ccp: Define the SEV-SNP commands
crypto: ccp: Add support to initialize the AMD-SP for SEV-SNP
crypto: ccp: Provide an API to issue SEV and SNP commands
crypto: ccp: Handle the legacy TMR allocation when SNP is enabled
crypto: ccp: Handle legacy SEV commands when SNP is enabled
KVM: SEV: Make AVIC backing, VMSA and VMCB memory allocation SNP safe
crypto: ccp: Add the SNP_PLATFORM_STATUS command
crypto: ccp: Add the SNP_SET_CONFIG command
Changbin Du (1):
x86/sev: Disable KMSAN for memory encryption TUs
Kim Phillips (1):
x86/speculation: Do not enable Automatic IBRS if SEV-SNP is enabled
Kirill A. Shutemov (1):
x86/mm: Fix memory encryption features advertisement
Michael Roth (4):
x86/fault: Dump RMP table information when RMP page faults occur
x86/sev: Adjust the directmap to avoid inadvertent RMP faults
x86/cpufeatures: Enable/unmask SEV-SNP CPU feature
Documentation: virt: Fix up pre-formatted text block for SEV ioctls
Tom Lendacky (2):
crypto: ccp: Handle non-volatile INIT_EX data when SNP is enabled
crypto: ccp: Add the SNP_COMMIT command
Documentation/admin-guide/kernel-parameters.txt | 4 +-
Documentation/arch/x86/amd-memory-encryption.rst | 16 +-
Documentation/virt/coco/sev-guest.rst | 52 +
arch/x86/Kbuild | 2 +
arch/x86/Kconfig | 13 -
arch/x86/boot/compressed/sev.c | 6 +-
arch/x86/coco/core.c | 7 +-
arch/x86/include/asm/asm.h | 14 +
arch/x86/include/asm/coco.h | 8 +-
arch/x86/include/asm/cpufeatures.h | 1 +
arch/x86/include/asm/disabled-features.h | 8 +-
arch/x86/include/asm/iommu.h | 1 +
arch/x86/include/asm/kvm-x86-ops.h | 1 +
arch/x86/include/asm/kvm_host.h | 1 +
arch/x86/include/asm/mem_encrypt.h | 15 +-
arch/x86/include/asm/msr-index.h | 66 +-
arch/x86/include/asm/sev.h | 40 +
arch/x86/include/asm/trap_pf.h | 20 +-
arch/x86/kernel/Makefile | 1 +
arch/x86/kernel/cpu/amd.c | 21 +-
arch/x86/kernel/cpu/common.c | 7 +-
arch/x86/kernel/cpu/mtrr/generic.c | 3 +
arch/x86/kernel/crash.c | 3 +
arch/x86/kernel/sev-shared.c | 114 +-
arch/x86/kernel/sev.c | 54 +-
arch/x86/kvm/lapic.c | 5 +-
arch/x86/kvm/svm/nested.c | 2 +-
arch/x86/kvm/svm/sev.c | 37 +-
arch/x86/kvm/svm/svm.c | 17 +-
arch/x86/kvm/svm/svm.h | 1 +
arch/x86/mm/Makefile | 1 +
arch/x86/mm/fault.c | 5 +
arch/x86/mm/mem_encrypt.c | 55 +-
arch/x86/mm/mem_encrypt_identity.c | 40 +-
arch/x86/virt/svm/Makefile | 3 +
arch/x86/virt/svm/sev.c | 560 ++++++++++
drivers/crypto/ccp/Kconfig | 2 +-
drivers/crypto/ccp/sev-dev.c | 1260 +++++++++++++++++++---
drivers/crypto/ccp/sev-dev.h | 5 +
drivers/iommu/amd/amd_iommu.h | 1 -
drivers/iommu/amd/init.c | 125 ++-
include/linux/amd-iommu.h | 6 +-
include/linux/psp-sev.h | 321 +++++-
include/uapi/linux/psp-sev.h | 59 +
tools/arch/x86/include/asm/cpufeatures.h | 1 +
45 files changed, 2677 insertions(+), 307 deletions(-)
create mode 100644 arch/x86/virt/svm/Makefile
create mode 100644 arch/x86/virt/svm/sev.c
---
Merge conflicts resolve:
---
commit ad844f23969df842cbbdba40b2d3954a618c96d8 (refs/remotes/amd/merge-test)
Merge: a720c4257e69 c0935fca6ba4
Author: Bob the builder <bp@alien8.de>
Date: Mon Mar 11 14:55:57 2024 +0000
Merge remote-tracking branch 'tip/x86/sev' into merge-test
Conflicts:
arch/x86/include/asm/coco.h
arch/x86/include/asm/disabled-features.h
arch/x86/include/asm/mem_encrypt.h
arch/x86/mm/fault.c
Signed-off-by: Bob the builder <bp@alien8.de>
diff --cc arch/x86/include/asm/coco.h
index 76c310b19b11,21940ef8d290..42871bb262d0
--- a/arch/x86/include/asm/coco.h
+++ b/arch/x86/include/asm/coco.h
@@@ -10,9 -11,15 +11,15 @@@ enum cc_vendor
CC_VENDOR_INTEL,
};
-extern enum cc_vendor cc_vendor;
+ extern u64 cc_mask;
+
#ifdef CONFIG_ARCH_HAS_CC_PLATFORM
+extern enum cc_vendor cc_vendor;
- void cc_set_mask(u64 mask);
+ static inline void cc_set_mask(u64 mask)
+ {
+ RIP_REL_REF(cc_mask) = mask;
+ }
+
u64 cc_mkenc(u64 val);
u64 cc_mkdec(u64 val);
#else
diff --cc arch/x86/include/asm/disabled-features.h
index 1f23960d2b06,3332d2940020..da4054fbf533
--- a/arch/x86/include/asm/disabled-features.h
+++ b/arch/x86/include/asm/disabled-features.h
@@@ -117,12 -117,12 +117,18 @@@
#define DISABLE_IBT (1 << (X86_FEATURE_IBT & 31))
#endif
+#ifdef CONFIG_X86_FRED
+# define DISABLE_FRED 0
+#else
+# define DISABLE_FRED (1 << (X86_FEATURE_FRED & 31))
+#endif
+
+ #ifdef CONFIG_KVM_AMD_SEV
+ #define DISABLE_SEV_SNP 0
+ #else
+ #define DISABLE_SEV_SNP (1 << (X86_FEATURE_SEV_SNP & 31))
+ #endif
+
/*
* Make sure to add features to the correct mask
*/
diff --cc arch/x86/kernel/sev-shared.c
index fcc6d834e2c4,ae79f9505298..a200bd72fadc
--- a/arch/x86/kernel/sev-shared.c
+++ b/arch/x86/kernel/sev-shared.c
@@@ -9,11 -9,11 +9,13 @@@
* and is included directly into both code-bases.
*/
+#include <asm/setup_data.h>
+
#ifndef __BOOT_COMPRESSED
- #define error(v) pr_err(v)
- #define has_cpuflag(f) boot_cpu_has(f)
+ #define error(v) pr_err(v)
+ #define has_cpuflag(f) boot_cpu_has(f)
+ #define sev_printk(fmt, ...) printk(fmt, ##__VA_ARGS__)
+ #define sev_printk_rtl(fmt, ...) printk_ratelimited(fmt, ##__VA_ARGS__)
#else
#undef WARN
#define WARN(condition, format...) (!!(condition))
diff --cc arch/x86/mm/fault.c
index e1ac86396446,859adcd123c9..cdb5045a0428
--- a/arch/x86/mm/fault.c
+++ b/arch/x86/mm/fault.c
@@@ -34,7 -34,7 +34,8 @@@
#include <asm/kvm_para.h> /* kvm_handle_async_pf */
#include <asm/vdso.h> /* fixup_vdso_exception() */
#include <asm/irq_stack.h>
+#include <asm/fred.h>
+ #include <asm/sev.h> /* snp_dump_hva_rmpentry() */
#define CREATE_TRACE_POINTS
#include <asm/trace/exceptions.h>
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
^ permalink raw reply [flat|nested] 5+ messages in thread* Re: [GIT PULL] x86/sev for v6.9-rc1
2024-03-11 15:19 [GIT PULL] x86/sev for v6.9-rc1 Borislav Petkov
@ 2024-03-12 0:50 ` Linus Torvalds
2024-03-12 7:50 ` Borislav Petkov
2024-03-12 9:04 ` Ingo Molnar
2024-03-12 1:30 ` pr-tracker-bot
1 sibling, 2 replies; 5+ messages in thread
From: Linus Torvalds @ 2024-03-12 0:50 UTC (permalink / raw)
To: Borislav Petkov; +Cc: x86-ml, lkml
On Mon, 11 Mar 2024 at 08:19, Borislav Petkov <bp@alien8.de> wrote:
>
> If you're merging tip pull requests in the chronological order you've
> received them, you'll encounter a couple of simple merge conflicts.
It's not exactly chronological - I tend to go by areas and by
submitter, but it tends to approximate chronological most of the
time..
> I'm adding how I've resolved them at the end of this message in case
> you wanna compare notes.
Hmm. I took a slightly different approach:
> diff --cc arch/x86/include/asm/coco.h
> index 76c310b19b11,21940ef8d290..42871bb262d0
> --- a/arch/x86/include/asm/coco.h
> +++ b/arch/x86/include/asm/coco.h
> @@@ -10,9 -11,15 +11,15 @@@ enum cc_vendor
> CC_VENDOR_INTEL,
> };
>
> -extern enum cc_vendor cc_vendor;
> + extern u64 cc_mask;
> +
> #ifdef CONFIG_ARCH_HAS_CC_PLATFORM
> +extern enum cc_vendor cc_vendor;
I put the 'cc_mask' declaration inside the #ifdef too.
Because those two variables are defined together, and without
CONFIG_ARCH_HAS_CC_PLATFORM the whole coco/ subdirectory that defines
them won't even be built, as far as I can tell.
And I don't see any _use_ of 'cc_mask' anywhere outside of that one
'cc_set_mask()' inline function and the coco/core.c file. So declaring
it only when it's all enabled seems to be the right thing.
Let's hope my artistic merge resolution doesn't end up coming back to bite me.
Linus
^ permalink raw reply [flat|nested] 5+ messages in thread* Re: [GIT PULL] x86/sev for v6.9-rc1
2024-03-12 0:50 ` Linus Torvalds
@ 2024-03-12 7:50 ` Borislav Petkov
2024-03-12 9:04 ` Ingo Molnar
1 sibling, 0 replies; 5+ messages in thread
From: Borislav Petkov @ 2024-03-12 7:50 UTC (permalink / raw)
To: Linus Torvalds; +Cc: x86-ml, lkml
On Mon, Mar 11, 2024 at 05:50:48PM -0700, Linus Torvalds wrote:
> Let's hope my artistic merge resolution doesn't end up coming back to bite me.
Makes sense and looks ok to me.
I think this'll start becoming a problem when it gets referenced from
outside, see the respective example with cc_vendor:
e45964771007 ("x86/coco: Define cc_vendor without CONFIG_ARCH_HAS_CC_PLATFORM")
but we'll cross that bridge when we get to it.
Thx.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
^ permalink raw reply [flat|nested] 5+ messages in thread* Re: [GIT PULL] x86/sev for v6.9-rc1
2024-03-12 0:50 ` Linus Torvalds
2024-03-12 7:50 ` Borislav Petkov
@ 2024-03-12 9:04 ` Ingo Molnar
1 sibling, 0 replies; 5+ messages in thread
From: Ingo Molnar @ 2024-03-12 9:04 UTC (permalink / raw)
To: Linus Torvalds; +Cc: Borislav Petkov, x86-ml, lkml
* Linus Torvalds <torvalds@linux-foundation.org> wrote:
> > diff --cc arch/x86/include/asm/coco.h
> > index 76c310b19b11,21940ef8d290..42871bb262d0
> > --- a/arch/x86/include/asm/coco.h
> > +++ b/arch/x86/include/asm/coco.h
> > @@@ -10,9 -11,15 +11,15 @@@ enum cc_vendor
> > CC_VENDOR_INTEL,
> > };
> >
> > -extern enum cc_vendor cc_vendor;
> > + extern u64 cc_mask;
> > +
> > #ifdef CONFIG_ARCH_HAS_CC_PLATFORM
> > +extern enum cc_vendor cc_vendor;
>
> I put the 'cc_mask' declaration inside the #ifdef too.
>
> Because those two variables are defined together, and without
> CONFIG_ARCH_HAS_CC_PLATFORM the whole coco/ subdirectory that defines
> them won't even be built, as far as I can tell.
>
> And I don't see any _use_ of 'cc_mask' anywhere outside of that one
> 'cc_set_mask()' inline function and the coco/core.c file. So declaring
> it only when it's all enabled seems to be the right thing.
>
> Let's hope my artistic merge resolution doesn't end up coming back to bite me.
So it does come back in a fashion, because the tip:x86/boot tree has an
internal merge of x86/sev, where it dutifully followed the original pattern
of:
1c811d403afd x86/sev: Fix position dependent variable references in startup code
... instead of merging it smartly like you did. :-/
And because I think it would suck to force you to do the same smart merge
conflict resolution *twice*, I did it myself in x86/boot and documented the
background:
commit 2e2bc42c8381d2c0e9604b59e49264821da29368 (origin/x86/boot, x86/boot)
Merge: 428080c9b19b 855684c7d938
Author: Ingo Molnar <mingo@kernel.org>
Date: Tue Mar 12 09:49:52 2024 +0100
Merge branch 'linus' into x86/boot, to resolve conflict
There's a new conflict with Linus's upstream tree, because
in the following merge conflict resolution in <asm/coco.h>:
38b334fc767e Merge tag 'x86_sev_for_v6.9_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Linus has resolved the conflicting placement of 'cc_mask' better
than the original commit:
1c811d403afd x86/sev: Fix position dependent variable references in startup code
... which was also done by an internal merge resolution:
2e5fc4786b7a Merge branch 'x86/sev' into x86/boot, to resolve conflicts and to pick up dependent tree
But Linus is right in 38b334fc767e, the 'cc_mask' declaration is sufficient
within the #ifdef CONFIG_ARCH_HAS_CC_PLATFORM block.
So instead of forcing Linus to do the same resolution again, merge in Linus's
tree and follow his conflict resolution.
Conflicts:
arch/x86/include/asm/coco.h
Signed-off-by: Ingo Molnar <mingo@kernel.org>
You'll get the x86/boot pull request later today. If that extra merge
commit is too much, please merge FETCH_HEAD~1 instead to discard my merge
commit.
Thanks,
Ingo
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [GIT PULL] x86/sev for v6.9-rc1
2024-03-11 15:19 [GIT PULL] x86/sev for v6.9-rc1 Borislav Petkov
2024-03-12 0:50 ` Linus Torvalds
@ 2024-03-12 1:30 ` pr-tracker-bot
1 sibling, 0 replies; 5+ messages in thread
From: pr-tracker-bot @ 2024-03-12 1:30 UTC (permalink / raw)
To: Borislav Petkov; +Cc: Linus Torvalds, x86-ml, lkml
The pull request you sent on Mon, 11 Mar 2024 16:19:09 +0100:
> git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git tags/x86_sev_for_v6.9_rc1
has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/38b334fc767e44816be087b3ec5d84b1438b735f
Thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/prtracker.html
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2024-03-12 9:04 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-03-11 15:19 [GIT PULL] x86/sev for v6.9-rc1 Borislav Petkov
2024-03-12 0:50 ` Linus Torvalds
2024-03-12 7:50 ` Borislav Petkov
2024-03-12 9:04 ` Ingo Molnar
2024-03-12 1:30 ` pr-tracker-bot
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox