From: "Kalra, Ashish" <ashish.kalra@amd.com>
To: Alexey Kardashevskiy <aik@amd.com>,
Michael Roth <michael.roth@amd.com>,
kvm@vger.kernel.org
Cc: linux-coco@lists.linux.dev, linux-mm@kvack.org,
linux-crypto@vger.kernel.org, x86@kernel.org,
linux-kernel@vger.kernel.org, tglx@linutronix.de,
mingo@redhat.com, jroedel@suse.de, thomas.lendacky@amd.com,
hpa@zytor.com, ardb@kernel.org, pbonzini@redhat.com,
seanjc@google.com, vkuznets@redhat.com, wanpengli@tencent.com,
jmattson@google.com, luto@kernel.org,
dave.hansen@linux.intel.com, slp@redhat.com, pgonda@google.com,
peterz@infradead.org, srinivas.pandruvada@linux.intel.com,
rientjes@google.com, dovmurik@linux.ibm.com, tobin@ibm.com,
bp@alien8.de, vbabka@suse.cz, kirill@shutemov.name,
ak@linux.intel.com, tony.luck@intel.com, marcorr@google.com,
sathyanarayanan.kuppuswamy@linux.intel.com, alpergun@google.com,
dgilbert@redhat.com, jarkko@kernel.org, harald@profian.com,
Brijesh Singh <brijesh.singh@amd.com>
Subject: Re: [PATCH RFC v7 52/64] KVM: SVM: Provide support for SNP_GUEST_REQUEST NAE event
Date: Mon, 9 Jan 2023 17:41:07 -0600 [thread overview]
Message-ID: <66039193-14ca-5edb-d8d4-ca732d8c13a6@amd.com> (raw)
In-Reply-To: <aab7ed11-870e-579d-9328-4c32d9936392@amd.com>
On 1/8/2023 9:33 PM, Alexey Kardashevskiy wrote:
> On 15/12/22 06:40, Michael Roth wrote:
>> From: Brijesh Singh <brijesh.singh@amd.com>
>>
>> Version 2 of GHCB specification added the support for two SNP Guest
>> Request Message NAE events. The events allows for an SEV-SNP guest to
>> make request to the SEV-SNP firmware through hypervisor using the
>> SNP_GUEST_REQUEST API define in the SEV-SNP firmware specification.
>>
>> The SNP_EXT_GUEST_REQUEST is similar to SNP_GUEST_REQUEST with the
>> difference of an additional certificate blob that can be passed through
>> the SNP_SET_CONFIG ioctl defined in the CCP driver. The CCP driver
>> provides snp_guest_ext_guest_request() that is used by the KVM to get
>> both the report and certificate data at once.
>>
>> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
>> Signed-off-by: Ashish Kalra <ashish.kalra@amd.com>
>> Signed-off-by: Michael Roth <michael.roth@amd.com>
>> ---
>> arch/x86/kvm/svm/sev.c | 185 +++++++++++++++++++++++++++++++++++++++--
>> arch/x86/kvm/svm/svm.h | 2 +
>> 2 files changed, 181 insertions(+), 6 deletions(-)
>>
>> diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
>> index 5f2b2092cdae..18efa70553c2 100644
>> --- a/arch/x86/kvm/svm/sev.c
>> +++ b/arch/x86/kvm/svm/sev.c
>> @@ -331,6 +331,7 @@ static int sev_guest_init(struct kvm *kvm, struct
>> kvm_sev_cmd *argp)
>> if (ret)
>> goto e_free;
>> + mutex_init(&sev->guest_req_lock);
>> ret = sev_snp_init(&argp->error, false);
>> } else {
>> ret = sev_platform_init(&argp->error);
>> @@ -2051,23 +2052,34 @@ int sev_vm_move_enc_context_from(struct kvm
>> *kvm, unsigned int source_fd)
>> */
>> static void *snp_context_create(struct kvm *kvm, struct kvm_sev_cmd
>> *argp)
>> {
>> + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info;
>> struct sev_data_snp_addr data = {};
>> - void *context;
>> + void *context, *certs_data;
>> int rc;
>> + /* Allocate memory used for the certs data in SNP guest request */
>> + certs_data = kzalloc(SEV_FW_BLOB_MAX_SIZE, GFP_KERNEL_ACCOUNT);
>> + if (!certs_data)
>> + return NULL;
>> +
>> /* Allocate memory for context page */
>> context = snp_alloc_firmware_page(GFP_KERNEL_ACCOUNT);
>> if (!context)
>> - return NULL;
>> + goto e_free;
>> data.gctx_paddr = __psp_pa(context);
>> rc = __sev_issue_cmd(argp->sev_fd, SEV_CMD_SNP_GCTX_CREATE,
>> &data, &argp->error);
>> - if (rc) {
>> - snp_free_firmware_page(context);
>> - return NULL;
>> - }
>> + if (rc)
>> + goto e_free;
>> +
>> + sev->snp_certs_data = certs_data;
>> return context;
>> +
>> +e_free:
>> + snp_free_firmware_page(context);
>> + kfree(certs_data);
>> + return NULL;
>> }
>> static int snp_bind_asid(struct kvm *kvm, int *error)
>> @@ -2653,6 +2665,8 @@ static int snp_decommission_context(struct kvm
>> *kvm)
>> snp_free_firmware_page(sev->snp_context);
>> sev->snp_context = NULL;
>> + kfree(sev->snp_certs_data);
>> +
>> return 0;
>> }
>> @@ -3174,6 +3188,8 @@ static int sev_es_validate_vmgexit(struct
>> vcpu_svm *svm, u64 *exit_code)
>> case SVM_VMGEXIT_UNSUPPORTED_EVENT:
>> case SVM_VMGEXIT_HV_FEATURES:
>> case SVM_VMGEXIT_PSC:
>> + case SVM_VMGEXIT_GUEST_REQUEST:
>> + case SVM_VMGEXIT_EXT_GUEST_REQUEST:
>> break;
>> default:
>> reason = GHCB_ERR_INVALID_EVENT;
>> @@ -3396,6 +3412,149 @@ static int snp_complete_psc(struct kvm_vcpu
>> *vcpu)
>> return 1;
>> }
>> +static unsigned long snp_setup_guest_buf(struct vcpu_svm *svm,
>> + struct sev_data_snp_guest_request *data,
>> + gpa_t req_gpa, gpa_t resp_gpa)
>> +{
>> + struct kvm_vcpu *vcpu = &svm->vcpu;
>> + struct kvm *kvm = vcpu->kvm;
>> + kvm_pfn_t req_pfn, resp_pfn;
>> + struct kvm_sev_info *sev;
>> +
>> + sev = &to_kvm_svm(kvm)->sev_info;
>> +
>> + if (!IS_ALIGNED(req_gpa, PAGE_SIZE) || !IS_ALIGNED(resp_gpa,
>> PAGE_SIZE))
>> + return SEV_RET_INVALID_PARAM;
>> +
>> + req_pfn = gfn_to_pfn(kvm, gpa_to_gfn(req_gpa));
>> + if (is_error_noslot_pfn(req_pfn))
>> + return SEV_RET_INVALID_ADDRESS;
>> +
>> + resp_pfn = gfn_to_pfn(kvm, gpa_to_gfn(resp_gpa));
>> + if (is_error_noslot_pfn(resp_pfn))
>> + return SEV_RET_INVALID_ADDRESS;
>> +
>> + if (rmp_make_private(resp_pfn, 0, PG_LEVEL_4K, 0, true))
>> + return SEV_RET_INVALID_ADDRESS;
>> +
>> + data->gctx_paddr = __psp_pa(sev->snp_context);
>> + data->req_paddr = __sme_set(req_pfn << PAGE_SHIFT);
>> + data->res_paddr = __sme_set(resp_pfn << PAGE_SHIFT);
>> +
>> + return 0;
>> +}
>> +
>> +static void snp_cleanup_guest_buf(struct sev_data_snp_guest_request
>> *data, unsigned long *rc)
>> +{
>> + u64 pfn = __sme_clr(data->res_paddr) >> PAGE_SHIFT;
>> + int ret;
>> +
>> + ret = snp_page_reclaim(pfn);
>> + if (ret)
>> + *rc = SEV_RET_INVALID_ADDRESS;
>> +
>> + ret = rmp_make_shared(pfn, PG_LEVEL_4K);
>> + if (ret)
>> + *rc = SEV_RET_INVALID_ADDRESS;
>> +}
>> +
>> +static void snp_handle_guest_request(struct vcpu_svm *svm, gpa_t
>> req_gpa, gpa_t resp_gpa)
>> +{
>> + struct sev_data_snp_guest_request data = {0};
>> + struct kvm_vcpu *vcpu = &svm->vcpu;
>> + struct kvm *kvm = vcpu->kvm;
>> + struct kvm_sev_info *sev;
>> + unsigned long rc;
>> + int err;
>> +
>> + if (!sev_snp_guest(vcpu->kvm)) {
>> + rc = SEV_RET_INVALID_GUEST;
>> + goto e_fail;
>> + }
>> +
>> + sev = &to_kvm_svm(kvm)->sev_info;
>> +
>> + mutex_lock(&sev->guest_req_lock);
>> +
>> + rc = snp_setup_guest_buf(svm, &data, req_gpa, resp_gpa);
>> + if (rc)
>> + goto unlock;
>> +
>> + rc = sev_issue_cmd(kvm, SEV_CMD_SNP_GUEST_REQUEST, &data, &err);
>
>
> This one goes via sev_issue_cmd_external_user() and uses sev-fd...
>
>> + if (rc)
>> + /* use the firmware error code */
>> + rc = err;
>> +
>> + snp_cleanup_guest_buf(&data, &rc);
>> +
>> +unlock:
>> + mutex_unlock(&sev->guest_req_lock);
>> +
>> +e_fail:
>> + svm_set_ghcb_sw_exit_info_2(vcpu, rc);
>> +}
>> +
>> +static void snp_handle_ext_guest_request(struct vcpu_svm *svm, gpa_t
>> req_gpa, gpa_t resp_gpa)
>> +{
>> + struct sev_data_snp_guest_request req = {0};
>> + struct kvm_vcpu *vcpu = &svm->vcpu;
>> + struct kvm *kvm = vcpu->kvm;
>> + unsigned long data_npages;
>> + struct kvm_sev_info *sev;
>> + unsigned long rc, err;
>> + u64 data_gpa;
>> +
>> + if (!sev_snp_guest(vcpu->kvm)) {
>> + rc = SEV_RET_INVALID_GUEST;
>> + goto e_fail;
>> + }
>> +
>> + sev = &to_kvm_svm(kvm)->sev_info;
>> +
>> + data_gpa = vcpu->arch.regs[VCPU_REGS_RAX];
>> + data_npages = vcpu->arch.regs[VCPU_REGS_RBX];
>> +
>> + if (!IS_ALIGNED(data_gpa, PAGE_SIZE)) {
>> + rc = SEV_RET_INVALID_ADDRESS;
>> + goto e_fail;
>> + }
>> +
>> + mutex_lock(&sev->guest_req_lock);
>> +
>> + rc = snp_setup_guest_buf(svm, &req, req_gpa, resp_gpa);
>> + if (rc)
>> + goto unlock;
>> +
>> + rc = snp_guest_ext_guest_request(&req, (unsigned
>> long)sev->snp_certs_data,
>> + &data_npages, &err);
>
> but this one does not and jump straight to drivers/crypto/ccp/sev-dev.c
> ignoring sev->fd. Why different? Can these two be unified?
> sev_issue_cmd_external_user() only checks if fd is /dev/sev which is
> hardly useful.
>
> "[PATCH RFC v7 32/64] crypto: ccp: Provide APIs to query extended
> attestation report" added this one.
SNP_EXT_GUEST_REQUEST additionally returns a certificate blob and that's
why it goes through the CCP driver interface
snp_guest_ext_guest_request() that is used to get both the report and
certificate data/blob at the same time.
All the FW API calls on the KVM side go through sev_issue_cmd() and
sev_issue_cmd_external_user() interfaces and that i believe uses sev->fd
more of as a sanity check.
Thanks,
Ashish
>
> Besides, is sev->fd really needed in the sev struct at all? Thanks,
>
>
>> + if (rc) {
>> + /*
>> + * If buffer length is small then return the expected
>> + * length in rbx.
>> + */
>> + if (err == SNP_GUEST_REQ_INVALID_LEN)
>> + vcpu->arch.regs[VCPU_REGS_RBX] = data_npages;
>> +
>> + /* pass the firmware error code */
>> + rc = err;
>> + goto cleanup;
>> + }
>> +
>> + /* Copy the certificate blob in the guest memory */
>> + if (data_npages &&
>> + kvm_write_guest(kvm, data_gpa, sev->snp_certs_data,
>> data_npages << PAGE_SHIFT))
>> + rc = SEV_RET_INVALID_ADDRESS;
>> +
>> +cleanup:
>> + snp_cleanup_guest_buf(&req, &rc);
>> +
>> +unlock:
>> + mutex_unlock(&sev->guest_req_lock);
>> +
>> +e_fail:
>> + svm_set_ghcb_sw_exit_info_2(vcpu, rc);
>> +}
>> +
>> static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm)
>> {
>> struct vmcb_control_area *control = &svm->vmcb->control;
>> @@ -3629,6 +3788,20 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu)
>> vcpu->run->vmgexit.ghcb_msr = ghcb_gpa;
>> vcpu->arch.complete_userspace_io = snp_complete_psc;
>> break;
>> + case SVM_VMGEXIT_GUEST_REQUEST: {
>> + snp_handle_guest_request(svm, control->exit_info_1,
>> control->exit_info_2);
>> +
>> + ret = 1;
>> + break;
>> + }
>> + case SVM_VMGEXIT_EXT_GUEST_REQUEST: {
>> + snp_handle_ext_guest_request(svm,
>> + control->exit_info_1,
>> + control->exit_info_2);
>> +
>> + ret = 1;
>> + break;
>> + }
>> case SVM_VMGEXIT_UNSUPPORTED_EVENT:
>> vcpu_unimpl(vcpu,
>> "vmgexit: unsupported event - exit_info_1=%#llx,
>> exit_info_2=%#llx\n",
>> diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h
>> index 12b9f4d539fb..7c0f9d00950f 100644
>> --- a/arch/x86/kvm/svm/svm.h
>> +++ b/arch/x86/kvm/svm/svm.h
>> @@ -101,6 +101,8 @@ struct kvm_sev_info {
>> u64 snp_init_flags;
>> void *snp_context; /* SNP guest context page */
>> spinlock_t psc_lock;
>> + void *snp_certs_data;
>> + struct mutex guest_req_lock;
>> };
>> struct kvm_svm {
>
next prev parent reply other threads:[~2023-01-09 23:41 UTC|newest]
Thread overview: 205+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-14 19:39 [PATCH RFC v7 00/64] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support Michael Roth
2022-12-14 19:39 ` [PATCH RFC v7 01/64] KVM: Fix memslot boundary condition for large page Michael Roth
2022-12-22 12:16 ` Borislav Petkov
2023-01-05 3:37 ` Chao Peng
2023-01-04 12:01 ` Jarkko Sakkinen
2023-01-05 3:34 ` Chao Peng
2023-01-05 4:08 ` Nikunj A. Dadhania
2023-01-05 8:14 ` Chao Peng
2022-12-14 19:39 ` [PATCH RFC v7 02/64] KVM: x86: Add KVM_CAP_UNMAPPED_PRIVATE_MEMORY Michael Roth
2022-12-22 12:26 ` Borislav Petkov
2023-01-04 17:47 ` Michael Roth
2023-01-05 11:57 ` Borislav Petkov
2023-01-19 13:03 ` Jarkko Sakkinen
2023-01-04 12:03 ` Jarkko Sakkinen
2023-01-04 17:56 ` Michael Roth
2022-12-14 19:39 ` [PATCH RFC v7 03/64] KVM: SVM: Advertise private memory support to KVM Michael Roth
2022-12-23 16:56 ` Borislav Petkov
2023-01-05 2:14 ` Michael Roth
2023-01-05 15:04 ` Borislav Petkov
2023-01-05 18:17 ` Michael Roth
2023-01-13 14:16 ` Borislav Petkov
2023-01-20 21:20 ` Jarkko Sakkinen
2023-02-20 16:18 ` Michael Roth
2023-01-18 0:20 ` Huang, Kai
2023-01-18 21:33 ` Sean Christopherson
2022-12-14 19:39 ` [PATCH RFC v7 04/64] KVM: x86: Add 'fault_is_private' x86 op Michael Roth
2022-12-29 16:14 ` Borislav Petkov
2023-01-05 2:42 ` Michael Roth
2023-01-13 14:34 ` Borislav Petkov
2023-01-13 15:48 ` Sean Christopherson
2023-01-13 18:45 ` Borislav Petkov
2023-02-20 16:22 ` Michael Roth
2022-12-14 19:39 ` [PATCH RFC v7 05/64] KVM: x86: Add 'update_mem_attr' " Michael Roth
2022-12-30 11:27 ` Borislav Petkov
2022-12-14 19:39 ` [PATCH RFC v7 06/64] KVM: x86: Add platform hooks for private memory invalidations Michael Roth
2022-12-30 11:53 ` Borislav Petkov
2023-01-05 2:27 ` Michael Roth
2023-01-22 12:43 ` Tom Dohrmann
2023-01-26 15:52 ` Jarkko Sakkinen
2022-12-14 19:39 ` [PATCH RFC v7 07/64] KVM: SEV: Handle KVM_HC_MAP_GPA_RANGE hypercall Michael Roth
2023-01-13 16:00 ` Borislav Petkov
2023-01-13 16:17 ` Sean Christopherson
2023-01-16 7:56 ` Nikunj A. Dadhania
2023-01-17 17:19 ` Sean Christopherson
2023-01-27 16:35 ` Jeremi Piotrowski
2023-01-31 14:15 ` Jeremi Piotrowski
2022-12-14 19:40 ` [PATCH RFC v7 08/64] KVM: Move kvm_for_each_memslot_in_hva_range() to be used in SVM Michael Roth
2023-01-13 18:46 ` Borislav Petkov
2022-12-14 19:40 ` [PATCH RFC v7 09/64] KVM: Add HVA range operator Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 10/64] KVM: SEV: Populate private memory fd during LAUNCH_UPDATE_DATA Michael Roth
2023-01-13 19:11 ` Borislav Petkov
2023-02-20 17:49 ` Michael Roth
2023-01-17 23:42 ` Jarkko Sakkinen
2023-02-20 17:54 ` Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 11/64] KVM: SEV: Support private pages in LAUNCH_UPDATE_DATA Michael Roth
2022-12-22 18:24 ` erbse.13
2022-12-23 11:57 ` Nikunj A. Dadhania
2023-01-17 23:30 ` Jarkko Sakkinen
2023-01-18 8:04 ` Nikunj A. Dadhania
2023-02-01 18:22 ` Borislav Petkov
2023-02-02 8:09 ` Nikunj A. Dadhania
2022-12-14 19:40 ` [PATCH RFC v7 12/64] KVM: SEV: Implement .fault_is_private callback Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 13/64] x86/cpufeatures: Add SEV-SNP CPU feature Michael Roth
2023-02-01 18:39 ` Borislav Petkov
2023-02-20 16:26 ` Michael Roth
2023-02-20 17:50 ` Borislav Petkov
2023-02-20 18:00 ` Michael Roth
2023-02-20 18:36 ` Borislav Petkov
2022-12-14 19:40 ` [PATCH RFC v7 14/64] x86/sev: Add the host SEV-SNP initialization support Michael Roth
2023-01-11 14:50 ` Sabin Rapan
2023-01-19 16:26 ` Kalra, Ashish
2023-01-18 15:55 ` Jeremi Piotrowski
2023-01-19 23:59 ` Kalra, Ashish
2023-01-20 16:51 ` Kalra, Ashish
2023-02-02 11:16 ` Borislav Petkov
2022-12-14 19:40 ` [PATCH RFC v7 15/64] x86/sev: Add RMP entry lookup helpers Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 16/64] x86/sev: Add helper functions for RMPUPDATE and PSMASH instruction Michael Roth
2023-01-31 21:26 ` Alexander Graf
2023-02-01 17:14 ` Kalra, Ashish
2023-02-01 17:20 ` Alexander Graf
2023-02-02 19:04 ` Kalra, Ashish
2023-02-08 16:30 ` Liam Merwick
2022-12-14 19:40 ` [PATCH RFC v7 17/64] x86/mm/pat: Introduce set_memory_p Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 18/64] x86/sev: Invalidate pages from the direct map when adding them to the RMP table Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 19/64] x86/traps: Define RMP violation #PF error code Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 20/64] x86/fault: Add support to handle the RMP fault for user address Michael Roth
2023-01-17 10:42 ` Zhi Wang
2022-12-14 19:40 ` [PATCH RFC v7 21/64] x86/fault: fix handle_split_page_fault() to work with memfd backed pages Michael Roth
2022-12-15 1:01 ` Hugh Dickins
2022-12-14 19:40 ` [PATCH RFC v7 22/64] x86/fault: Return pfn from dump_pagetable() for SEV-specific fault handling Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 23/64] x86/fault: Add support to dump RMP entry on fault Michael Roth
2023-01-13 22:56 ` Alper Gun
2023-01-13 23:49 ` Kalra, Ashish
2022-12-14 19:40 ` [PATCH RFC v7 24/64] crypto:ccp: Define the SEV-SNP commands Michael Roth
2023-01-22 16:09 ` Sabin Rapan
2022-12-14 19:40 ` [PATCH RFC v7 25/64] crypto: ccp: Add support to initialize the AMD-SP for SEV-SNP Michael Roth
2022-12-31 15:32 ` Jarkko Sakkinen
2023-01-05 22:40 ` Kalra, Ashish
2023-01-20 22:19 ` Jarkko Sakkinen
2023-01-04 12:12 ` Jarkko Sakkinen
2023-01-05 22:54 ` Kalra, Ashish
2023-01-20 22:56 ` Jarkko Sakkinen
2022-12-14 19:40 ` [PATCH RFC v7 26/64] crypto:ccp: Provide API to issue SEV and SNP commands Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 27/64] crypto: ccp: Introduce snp leaked pages list Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 28/64] crypto: ccp: Handle the legacy TMR allocation when SNP is enabled Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 29/64] crypto: ccp: Handle the legacy SEV command " Michael Roth
2023-01-12 20:47 ` Alper Gun
2023-01-13 22:03 ` Kalra, Ashish
2023-01-13 22:42 ` Alper Gun
2023-01-13 22:48 ` Kalra, Ashish
2023-01-12 23:45 ` Alper Gun
2023-01-13 22:34 ` Kalra, Ashish
2022-12-14 19:40 ` [PATCH RFC v7 30/64] crypto: ccp: Add the SNP_PLATFORM_STATUS command Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 31/64] crypto: ccp: Add the SNP_{SET,GET}_EXT_CONFIG command Michael Roth
2023-01-19 7:23 ` Dov Murik
2022-12-14 19:40 ` [PATCH RFC v7 32/64] crypto: ccp: Provide APIs to query extended attestation report Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 33/64] KVM: SVM: Add support to handle AP reset MSR protocol Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 34/64] KVM: SVM: Provide the Hypervisor Feature support VMGEXIT Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 35/64] KVM: SVM: Make AVIC backing, VMSA and VMCB memory allocation SNP safe Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 36/64] KVM: SVM: Add initial SEV-SNP support Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 37/64] KVM: SVM: Add KVM_SNP_INIT command Michael Roth
2022-12-31 14:27 ` Jarkko Sakkinen
2022-12-31 14:47 ` Jarkko Sakkinen
2022-12-31 15:16 ` Jarkko Sakkinen
2023-01-05 23:37 ` Kalra, Ashish
2023-01-20 23:17 ` Jarkko Sakkinen
2023-01-23 22:49 ` Kalra, Ashish
2023-01-26 21:25 ` Jarkko Sakkinen
2022-12-14 19:40 ` [PATCH RFC v7 38/64] KVM: SVM: Add KVM_SEV_SNP_LAUNCH_START command Michael Roth
2023-03-15 13:50 ` Peter Gonda
2022-12-14 19:40 ` [PATCH RFC v7 39/64] KVM: SVM: Add KVM_SEV_SNP_LAUNCH_UPDATE command Michael Roth
2023-01-11 13:56 ` Tom Dohrmann
2023-01-11 14:04 ` Harald Hoyer
2022-12-14 19:40 ` [PATCH RFC v7 40/64] KVM: SVM: Add KVM_SEV_SNP_LAUNCH_FINISH command Michael Roth
2022-12-19 18:04 ` Tom Lendacky
2022-12-19 23:24 ` Kalra, Ashish
2022-12-20 14:25 ` Tom Lendacky
2023-01-11 13:27 ` Sabin Rapan
2023-01-11 23:18 ` Kalra, Ashish
2022-12-14 19:40 ` [PATCH RFC v7 41/64] KVM: X86: Keep the NPT and RMP page level in sync Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 42/64] KVM: x86: Define RMP page fault error bits for #NPF Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 43/64] KVM: SVM: Do not use long-lived GHCB map while setting scratch area Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 44/64] KVM: SVM: Remove the long-lived GHCB host map Michael Roth
2023-01-18 15:27 ` Jeremi Piotrowski
2023-01-18 18:15 ` Alper Gun
2023-01-20 20:10 ` Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 45/64] KVM: SVM: Add support to handle GHCB GPA register VMGEXIT Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 46/64] KVM: SVM: Add KVM_EXIT_VMGEXIT Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 47/64] KVM: SVM: Add support to handle MSR based Page State Change VMGEXIT Michael Roth
2023-01-11 14:38 ` Tom Dohrmann
2022-12-14 19:40 ` [PATCH RFC v7 48/64] KVM: SVM: Add support to handle " Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 49/64] KVM: SVM: Introduce ops for the post gfn map and unmap Michael Roth
2023-01-11 13:49 ` Sabin Rapan
2022-12-14 19:40 ` [PATCH RFC v7 50/64] KVM: x86: Export the kvm_zap_gfn_range() for the SNP use Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 51/64] KVM: SVM: Add support to handle the RMP nested page fault Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 52/64] KVM: SVM: Provide support for SNP_GUEST_REQUEST NAE event Michael Roth
2023-01-09 3:33 ` Alexey Kardashevskiy
2023-01-09 23:41 ` Kalra, Ashish [this message]
2023-01-10 2:28 ` Alexey Kardashevskiy
2023-01-10 8:33 ` Kalra, Ashish
2023-01-11 0:48 ` Alexey Kardashevskiy
2023-01-11 2:01 ` Kalra, Ashish
2023-01-31 1:54 ` Alexey Kardashevskiy
2023-01-31 16:23 ` Tom Lendacky
2023-01-31 20:21 ` Alexey Kardashevskiy
2023-01-31 21:21 ` Tom Lendacky
2023-01-31 22:00 ` Alexey Kardashevskiy
2023-01-31 22:42 ` Tom Lendacky
2023-05-11 23:02 ` Dionna Amalie Glaze
2023-05-11 23:32 ` Sean Christopherson
2023-05-15 16:45 ` Dionna Amalie Glaze
2023-01-31 17:52 ` Kalra, Ashish
2023-02-06 3:13 ` [PATCH kernel] KVM: SVM: Fix SVM_VMGEXIT_EXT_GUEST_REQUEST to follow the rest of API Alexey Kardashevskiy
2023-02-06 21:57 ` Kalra, Ashish
2023-02-07 1:24 ` Alexey Kardashevskiy
2023-02-08 21:50 ` Kalra, Ashish
2023-01-19 20:35 ` [PATCH RFC v7 52/64] KVM: SVM: Provide support for SNP_GUEST_REQUEST NAE event Dionna Amalie Glaze
2023-01-19 20:54 ` Kalra, Ashish
2023-01-19 21:06 ` Dov Murik
2022-12-14 19:40 ` [PATCH RFC v7 53/64] KVM: SVM: Use a VMSA physical address variable for populating VMCB Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 54/64] KVM: SVM: Support SEV-SNP AP Creation NAE event Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 55/64] KVM: SVM: Add SNP-specific handling for memory attribute updates Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 56/64] KVM: x86/mmu: Generate KVM_EXIT_MEMORY_FAULT for implicit conversions for SNP Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 57/64] KVM: SEV: Handle restricted memory invalidations " Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 58/64] KVM: SVM: Add module parameter to enable the SEV-SNP Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 59/64] ccp: Add support to decrypt the page Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 60/64] KVM: SVM: Sync the GHCB scratch buffer using already mapped ghcb Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 61/64] KVM: SVM: Make VMSAVE target area memory allocation SNP safe Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 62/64] x86/sev: Add KVM commands for instance certs Michael Roth
2022-12-22 14:57 ` Dov Murik
2023-01-09 16:55 ` Dionna Amalie Glaze
2023-01-09 22:27 ` Tom Lendacky
2023-01-10 7:10 ` Dov Murik
2023-01-10 15:10 ` Tom Lendacky
2023-01-10 15:23 ` Peter Gonda
2023-01-11 7:26 ` Dov Murik
2023-01-11 6:00 ` Dov Murik
2023-01-11 14:32 ` Tom Lendacky
2023-01-19 18:49 ` Dionna Amalie Glaze
2023-01-19 22:18 ` Kalra, Ashish
2023-01-20 1:40 ` Dionna Amalie Glaze
2022-12-14 19:40 ` [PATCH RFC v7 63/64] x86/sev: Document KVM_SEV_SNP_{G,S}ET_CERTS Michael Roth
2022-12-14 19:40 ` [PATCH RFC v7 64/64] iommu/amd: Add IOMMU_SNP_SHUTDOWN support Michael Roth
2022-12-23 20:33 ` [PATCH RFC v7 00/64] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support Borislav Petkov
2023-01-04 17:21 ` Michael Roth
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=66039193-14ca-5edb-d8d4-ca732d8c13a6@amd.com \
--to=ashish.kalra@amd.com \
--cc=aik@amd.com \
--cc=ak@linux.intel.com \
--cc=alpergun@google.com \
--cc=ardb@kernel.org \
--cc=bp@alien8.de \
--cc=brijesh.singh@amd.com \
--cc=dave.hansen@linux.intel.com \
--cc=dgilbert@redhat.com \
--cc=dovmurik@linux.ibm.com \
--cc=harald@profian.com \
--cc=hpa@zytor.com \
--cc=jarkko@kernel.org \
--cc=jmattson@google.com \
--cc=jroedel@suse.de \
--cc=kirill@shutemov.name \
--cc=kvm@vger.kernel.org \
--cc=linux-coco@lists.linux.dev \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luto@kernel.org \
--cc=marcorr@google.com \
--cc=michael.roth@amd.com \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=pgonda@google.com \
--cc=rientjes@google.com \
--cc=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=seanjc@google.com \
--cc=slp@redhat.com \
--cc=srinivas.pandruvada@linux.intel.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=tobin@ibm.com \
--cc=tony.luck@intel.com \
--cc=vbabka@suse.cz \
--cc=vkuznets@redhat.com \
--cc=wanpengli@tencent.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.