From: Joerg Roedel <joro@8bytes.org> To: x86@kernel.org Cc: hpa@zytor.com, Andy Lutomirski <luto@kernel.org>, Dave Hansen <dave.hansen@linux.intel.com>, Peter Zijlstra <peterz@infradead.org>, Thomas Hellstrom <thellstrom@vmware.com>, Jiri Slaby <jslaby@suse.cz>, Dan Williams <dan.j.williams@intel.com>, Tom Lendacky <thomas.lendacky@amd.com>, Juergen Gross <jgross@suse.com>, Kees Cook <keescook@chromium.org>, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, virtualization@lists.linux-foundation.org, Joerg Roedel <joro@8bytes.org>, Joerg Roedel <jroedel@suse.de> Subject: [PATCH 37/70] x86/sev-es: Compile early handler code into kernel image Date: Thu, 19 Mar 2020 10:13:34 +0100 [thread overview] Message-ID: <20200319091407.1481-38-joro@8bytes.org> (raw) In-Reply-To: <20200319091407.1481-1-joro@8bytes.org> From: Joerg Roedel <jroedel@suse.de> Setup sev-es.c and include the code from the pre-decompression stage to also build it into the image of the running kernel. Temporarily add __maybe_unused annotations to avoid build warnings until the functions get used. Signed-off-by: Joerg Roedel <jroedel@suse.de> --- arch/x86/kernel/Makefile | 1 + arch/x86/kernel/sev-es-shared.c | 21 +++-- arch/x86/kernel/sev-es.c | 162 ++++++++++++++++++++++++++++++++ 3 files changed, 174 insertions(+), 10 deletions(-) create mode 100644 arch/x86/kernel/sev-es.c diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel/Makefile index 9b0ebcf4b9f3..28b4a2ebba25 100644 --- a/arch/x86/kernel/Makefile +++ b/arch/x86/kernel/Makefile @@ -147,6 +147,7 @@ obj-$(CONFIG_UNWINDER_ORC) += unwind_orc.o obj-$(CONFIG_UNWINDER_FRAME_POINTER) += unwind_frame.o obj-$(CONFIG_UNWINDER_GUESS) += unwind_guess.o +obj-$(CONFIG_AMD_MEM_ENCRYPT) += sev-es.o ### # 64 bit specific files ifeq ($(CONFIG_X86_64),y) diff --git a/arch/x86/kernel/sev-es-shared.c b/arch/x86/kernel/sev-es-shared.c index a632b8f041ec..7a6e4db669f0 100644 --- a/arch/x86/kernel/sev-es-shared.c +++ b/arch/x86/kernel/sev-es-shared.c @@ -9,7 +9,7 @@ * and is included directly into both code-bases. */ -static void sev_es_terminate(unsigned int reason) +static void __maybe_unused sev_es_terminate(unsigned int reason) { /* Request Guest Termination from Hypvervisor */ sev_es_wr_ghcb_msr(GHCB_SEV_TERMINATE); @@ -19,7 +19,7 @@ static void sev_es_terminate(unsigned int reason) asm volatile("hlt\n" : : : "memory"); } -static bool sev_es_negotiate_protocol(void) +static bool __maybe_unused sev_es_negotiate_protocol(void) { u64 val; @@ -38,7 +38,7 @@ static bool sev_es_negotiate_protocol(void) return true; } -static void vc_ghcb_invalidate(struct ghcb *ghcb) +static void __maybe_unused vc_ghcb_invalidate(struct ghcb *ghcb) { memset(ghcb->save.valid_bitmap, 0, sizeof(ghcb->save.valid_bitmap)); } @@ -50,9 +50,9 @@ static bool vc_decoding_needed(unsigned long exit_code) exit_code <= SVM_EXIT_LAST_EXCP); } -static enum es_result vc_init_em_ctxt(struct es_em_ctxt *ctxt, - struct pt_regs *regs, - unsigned long exit_code) +static enum es_result __maybe_unused vc_init_em_ctxt(struct es_em_ctxt *ctxt, + struct pt_regs *regs, + unsigned long exit_code) { enum es_result ret = ES_OK; @@ -65,7 +65,7 @@ static enum es_result vc_init_em_ctxt(struct es_em_ctxt *ctxt, return ret; } -static void vc_finish_insn(struct es_em_ctxt *ctxt) +static void __maybe_unused vc_finish_insn(struct es_em_ctxt *ctxt) { ctxt->regs->ip += ctxt->insn.length; } @@ -312,7 +312,8 @@ static enum es_result vc_ioio_exitinfo(struct es_em_ctxt *ctxt, u64 *exitinfo) return ES_OK; } -static enum es_result vc_handle_ioio(struct ghcb *ghcb, struct es_em_ctxt *ctxt) +static enum es_result __maybe_unused +vc_handle_ioio(struct ghcb *ghcb, struct es_em_ctxt *ctxt) { struct pt_regs *regs = ctxt->regs; u64 exit_info_1, exit_info_2; @@ -408,8 +409,8 @@ static enum es_result vc_handle_ioio(struct ghcb *ghcb, struct es_em_ctxt *ctxt) return ret; } -static enum es_result vc_handle_cpuid(struct ghcb *ghcb, - struct es_em_ctxt *ctxt) +static enum es_result __maybe_unused vc_handle_cpuid(struct ghcb *ghcb, + struct es_em_ctxt *ctxt) { struct pt_regs *regs = ctxt->regs; u32 cr4 = native_read_cr4(); diff --git a/arch/x86/kernel/sev-es.c b/arch/x86/kernel/sev-es.c new file mode 100644 index 000000000000..27fdef6b3700 --- /dev/null +++ b/arch/x86/kernel/sev-es.c @@ -0,0 +1,162 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * AMD Memory Encryption Support + * + * Copyright (C) 2019 SUSE + * + * Author: Joerg Roedel <jroedel@suse.de> + */ + +#include <linux/kernel.h> +#include <linux/mm.h> + +#include <asm/trap_defs.h> +#include <asm/sev-es.h> +#include <asm/insn-eval.h> +#include <asm/fpu/internal.h> +#include <asm/processor.h> +#include <asm/svm.h> + +static inline u64 sev_es_rd_ghcb_msr(void) +{ + return native_read_msr(MSR_AMD64_SEV_ES_GHCB); +} + +static inline void sev_es_wr_ghcb_msr(u64 val) +{ + u32 low, high; + + low = (u32)(val); + high = (u32)(val >> 32); + + native_write_msr(MSR_AMD64_SEV_ES_GHCB, low, high); +} + +static int vc_fetch_insn_kernel(struct es_em_ctxt *ctxt, + unsigned char *buffer) +{ + return probe_kernel_read(buffer, (unsigned char *)ctxt->regs->ip, + MAX_INSN_SIZE); +} + +static enum es_result vc_decode_insn(struct es_em_ctxt *ctxt) +{ + char buffer[MAX_INSN_SIZE]; + enum es_result ret; + int res; + + res = vc_fetch_insn_kernel(ctxt, buffer); + if (unlikely(res == -EFAULT)) { + ctxt->fi.vector = X86_TRAP_PF; + ctxt->fi.error_code = 0; + ctxt->fi.cr2 = ctxt->regs->ip; + return ES_EXCEPTION; + } + + insn_init(&ctxt->insn, buffer, MAX_INSN_SIZE - res, 1); + insn_get_length(&ctxt->insn); + + ret = ctxt->insn.immediate.got ? ES_OK : ES_DECODE_FAILED; + + return ret; +} + +static enum es_result vc_write_mem(struct es_em_ctxt *ctxt, + char *dst, char *buf, size_t size) +{ + unsigned long error_code = X86_PF_PROT | X86_PF_WRITE; + unsigned char *target = dst; + u64 d8; + u32 d4; + u16 d2; + u8 d1; + + switch (size) { + case 1: + memcpy(&d1, buf, 1); + if (put_user(d1, target)) + goto fault; + break; + case 2: + memcpy(&d2, buf, 2); + if (put_user(d2, target)) + goto fault; + break; + case 4: + memcpy(&d4, buf, 4); + if (put_user(d4, target)) + goto fault; + break; + case 8: + memcpy(&d8, buf, 8); + if (put_user(d8, target)) + goto fault; + break; + default: + WARN_ONCE(1, "%s: Invalid size: %zu\n", __func__, size); + return ES_UNSUPPORTED; + } + + return ES_OK; + +fault: + if (user_mode(ctxt->regs)) + error_code |= X86_PF_USER; + + ctxt->fi.vector = X86_TRAP_PF; + ctxt->fi.error_code = error_code; + ctxt->fi.cr2 = (unsigned long)dst; + + return ES_EXCEPTION; +} + +static enum es_result vc_read_mem(struct es_em_ctxt *ctxt, + char *src, char *buf, size_t size) +{ + unsigned long error_code = X86_PF_PROT; + u64 d8; + u32 d4; + u16 d2; + u8 d1; + + switch (size) { + case 1: + if (get_user(d1, src)) + goto fault; + memcpy(buf, &d1, 1); + break; + case 2: + if (get_user(d2, src)) + goto fault; + memcpy(buf, &d2, 2); + break; + case 4: + if (get_user(d4, src)) + goto fault; + memcpy(buf, &d4, 4); + break; + case 8: + if (get_user(d8, src)) + goto fault; + memcpy(buf, &d8, 8); + break; + default: + WARN_ONCE(1, "%s: Invalid size: %zu\n", __func__, size); + return ES_UNSUPPORTED; + } + + return ES_OK; + +fault: + if (user_mode(ctxt->regs)) + error_code |= X86_PF_USER; + + ctxt->fi.vector = X86_TRAP_PF; + ctxt->fi.error_code = error_code; + ctxt->fi.cr2 = (unsigned long)src; + + return ES_EXCEPTION; +} + +/* Include code shared with pre-decompression boot stage */ +#include "sev-es-shared.c" -- 2.17.1
WARNING: multiple messages have this Message-ID (diff)
From: Joerg Roedel <joro@8bytes.org> To: x86@kernel.org Cc: Juergen Gross <jgross@suse.com>, Tom Lendacky <thomas.lendacky@amd.com>, Thomas Hellstrom <thellstrom@vmware.com>, Joerg Roedel <jroedel@suse.de>, Kees Cook <keescook@chromium.org>, kvm@vger.kernel.org, Peter Zijlstra <peterz@infradead.org>, Joerg Roedel <joro@8bytes.org>, Dave Hansen <dave.hansen@linux.intel.com>, linux-kernel@vger.kernel.org, virtualization@lists.linux-foundation.org, Andy Lutomirski <luto@kernel.org>, hpa@zytor.com, Dan Williams <dan.j.williams@intel.com>, Jiri Slaby <jslaby@suse.cz> Subject: [PATCH 37/70] x86/sev-es: Compile early handler code into kernel image Date: Thu, 19 Mar 2020 10:13:34 +0100 [thread overview] Message-ID: <20200319091407.1481-38-joro@8bytes.org> (raw) In-Reply-To: <20200319091407.1481-1-joro@8bytes.org> From: Joerg Roedel <jroedel@suse.de> Setup sev-es.c and include the code from the pre-decompression stage to also build it into the image of the running kernel. Temporarily add __maybe_unused annotations to avoid build warnings until the functions get used. Signed-off-by: Joerg Roedel <jroedel@suse.de> --- arch/x86/kernel/Makefile | 1 + arch/x86/kernel/sev-es-shared.c | 21 +++-- arch/x86/kernel/sev-es.c | 162 ++++++++++++++++++++++++++++++++ 3 files changed, 174 insertions(+), 10 deletions(-) create mode 100644 arch/x86/kernel/sev-es.c diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel/Makefile index 9b0ebcf4b9f3..28b4a2ebba25 100644 --- a/arch/x86/kernel/Makefile +++ b/arch/x86/kernel/Makefile @@ -147,6 +147,7 @@ obj-$(CONFIG_UNWINDER_ORC) += unwind_orc.o obj-$(CONFIG_UNWINDER_FRAME_POINTER) += unwind_frame.o obj-$(CONFIG_UNWINDER_GUESS) += unwind_guess.o +obj-$(CONFIG_AMD_MEM_ENCRYPT) += sev-es.o ### # 64 bit specific files ifeq ($(CONFIG_X86_64),y) diff --git a/arch/x86/kernel/sev-es-shared.c b/arch/x86/kernel/sev-es-shared.c index a632b8f041ec..7a6e4db669f0 100644 --- a/arch/x86/kernel/sev-es-shared.c +++ b/arch/x86/kernel/sev-es-shared.c @@ -9,7 +9,7 @@ * and is included directly into both code-bases. */ -static void sev_es_terminate(unsigned int reason) +static void __maybe_unused sev_es_terminate(unsigned int reason) { /* Request Guest Termination from Hypvervisor */ sev_es_wr_ghcb_msr(GHCB_SEV_TERMINATE); @@ -19,7 +19,7 @@ static void sev_es_terminate(unsigned int reason) asm volatile("hlt\n" : : : "memory"); } -static bool sev_es_negotiate_protocol(void) +static bool __maybe_unused sev_es_negotiate_protocol(void) { u64 val; @@ -38,7 +38,7 @@ static bool sev_es_negotiate_protocol(void) return true; } -static void vc_ghcb_invalidate(struct ghcb *ghcb) +static void __maybe_unused vc_ghcb_invalidate(struct ghcb *ghcb) { memset(ghcb->save.valid_bitmap, 0, sizeof(ghcb->save.valid_bitmap)); } @@ -50,9 +50,9 @@ static bool vc_decoding_needed(unsigned long exit_code) exit_code <= SVM_EXIT_LAST_EXCP); } -static enum es_result vc_init_em_ctxt(struct es_em_ctxt *ctxt, - struct pt_regs *regs, - unsigned long exit_code) +static enum es_result __maybe_unused vc_init_em_ctxt(struct es_em_ctxt *ctxt, + struct pt_regs *regs, + unsigned long exit_code) { enum es_result ret = ES_OK; @@ -65,7 +65,7 @@ static enum es_result vc_init_em_ctxt(struct es_em_ctxt *ctxt, return ret; } -static void vc_finish_insn(struct es_em_ctxt *ctxt) +static void __maybe_unused vc_finish_insn(struct es_em_ctxt *ctxt) { ctxt->regs->ip += ctxt->insn.length; } @@ -312,7 +312,8 @@ static enum es_result vc_ioio_exitinfo(struct es_em_ctxt *ctxt, u64 *exitinfo) return ES_OK; } -static enum es_result vc_handle_ioio(struct ghcb *ghcb, struct es_em_ctxt *ctxt) +static enum es_result __maybe_unused +vc_handle_ioio(struct ghcb *ghcb, struct es_em_ctxt *ctxt) { struct pt_regs *regs = ctxt->regs; u64 exit_info_1, exit_info_2; @@ -408,8 +409,8 @@ static enum es_result vc_handle_ioio(struct ghcb *ghcb, struct es_em_ctxt *ctxt) return ret; } -static enum es_result vc_handle_cpuid(struct ghcb *ghcb, - struct es_em_ctxt *ctxt) +static enum es_result __maybe_unused vc_handle_cpuid(struct ghcb *ghcb, + struct es_em_ctxt *ctxt) { struct pt_regs *regs = ctxt->regs; u32 cr4 = native_read_cr4(); diff --git a/arch/x86/kernel/sev-es.c b/arch/x86/kernel/sev-es.c new file mode 100644 index 000000000000..27fdef6b3700 --- /dev/null +++ b/arch/x86/kernel/sev-es.c @@ -0,0 +1,162 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * AMD Memory Encryption Support + * + * Copyright (C) 2019 SUSE + * + * Author: Joerg Roedel <jroedel@suse.de> + */ + +#include <linux/kernel.h> +#include <linux/mm.h> + +#include <asm/trap_defs.h> +#include <asm/sev-es.h> +#include <asm/insn-eval.h> +#include <asm/fpu/internal.h> +#include <asm/processor.h> +#include <asm/svm.h> + +static inline u64 sev_es_rd_ghcb_msr(void) +{ + return native_read_msr(MSR_AMD64_SEV_ES_GHCB); +} + +static inline void sev_es_wr_ghcb_msr(u64 val) +{ + u32 low, high; + + low = (u32)(val); + high = (u32)(val >> 32); + + native_write_msr(MSR_AMD64_SEV_ES_GHCB, low, high); +} + +static int vc_fetch_insn_kernel(struct es_em_ctxt *ctxt, + unsigned char *buffer) +{ + return probe_kernel_read(buffer, (unsigned char *)ctxt->regs->ip, + MAX_INSN_SIZE); +} + +static enum es_result vc_decode_insn(struct es_em_ctxt *ctxt) +{ + char buffer[MAX_INSN_SIZE]; + enum es_result ret; + int res; + + res = vc_fetch_insn_kernel(ctxt, buffer); + if (unlikely(res == -EFAULT)) { + ctxt->fi.vector = X86_TRAP_PF; + ctxt->fi.error_code = 0; + ctxt->fi.cr2 = ctxt->regs->ip; + return ES_EXCEPTION; + } + + insn_init(&ctxt->insn, buffer, MAX_INSN_SIZE - res, 1); + insn_get_length(&ctxt->insn); + + ret = ctxt->insn.immediate.got ? ES_OK : ES_DECODE_FAILED; + + return ret; +} + +static enum es_result vc_write_mem(struct es_em_ctxt *ctxt, + char *dst, char *buf, size_t size) +{ + unsigned long error_code = X86_PF_PROT | X86_PF_WRITE; + unsigned char *target = dst; + u64 d8; + u32 d4; + u16 d2; + u8 d1; + + switch (size) { + case 1: + memcpy(&d1, buf, 1); + if (put_user(d1, target)) + goto fault; + break; + case 2: + memcpy(&d2, buf, 2); + if (put_user(d2, target)) + goto fault; + break; + case 4: + memcpy(&d4, buf, 4); + if (put_user(d4, target)) + goto fault; + break; + case 8: + memcpy(&d8, buf, 8); + if (put_user(d8, target)) + goto fault; + break; + default: + WARN_ONCE(1, "%s: Invalid size: %zu\n", __func__, size); + return ES_UNSUPPORTED; + } + + return ES_OK; + +fault: + if (user_mode(ctxt->regs)) + error_code |= X86_PF_USER; + + ctxt->fi.vector = X86_TRAP_PF; + ctxt->fi.error_code = error_code; + ctxt->fi.cr2 = (unsigned long)dst; + + return ES_EXCEPTION; +} + +static enum es_result vc_read_mem(struct es_em_ctxt *ctxt, + char *src, char *buf, size_t size) +{ + unsigned long error_code = X86_PF_PROT; + u64 d8; + u32 d4; + u16 d2; + u8 d1; + + switch (size) { + case 1: + if (get_user(d1, src)) + goto fault; + memcpy(buf, &d1, 1); + break; + case 2: + if (get_user(d2, src)) + goto fault; + memcpy(buf, &d2, 2); + break; + case 4: + if (get_user(d4, src)) + goto fault; + memcpy(buf, &d4, 4); + break; + case 8: + if (get_user(d8, src)) + goto fault; + memcpy(buf, &d8, 8); + break; + default: + WARN_ONCE(1, "%s: Invalid size: %zu\n", __func__, size); + return ES_UNSUPPORTED; + } + + return ES_OK; + +fault: + if (user_mode(ctxt->regs)) + error_code |= X86_PF_USER; + + ctxt->fi.vector = X86_TRAP_PF; + ctxt->fi.error_code = error_code; + ctxt->fi.cr2 = (unsigned long)src; + + return ES_EXCEPTION; +} + +/* Include code shared with pre-decompression boot stage */ +#include "sev-es-shared.c" -- 2.17.1
next prev parent reply other threads:[~2020-03-19 9:17 UTC|newest] Thread overview: 243+ messages / expand[flat|nested] mbox.gz Atom feed top 2020-03-19 9:12 [RFC PATCH 00/70 v2] x86: SEV-ES Guest Support Joerg Roedel 2020-03-19 9:12 ` [PATCH 01/70] KVM: SVM: Add GHCB definitions Joerg Roedel 2020-03-19 9:12 ` Joerg Roedel 2020-03-23 13:23 ` [PATCH] KVM: SVM: Use __packed shorthard Borislav Petkov 2020-03-24 12:43 ` Joerg Roedel 2020-03-19 9:12 ` [PATCH 02/70] KVM: SVM: Add GHCB Accessor functions Joerg Roedel 2020-03-19 9:12 ` Joerg Roedel 2020-03-19 9:13 ` [PATCH 03/70] x86/cpufeatures: Add SEV-ES CPU feature Joerg Roedel 2020-03-19 9:13 ` Joerg Roedel 2020-03-19 9:13 ` [PATCH 04/70] x86/traps: Move some definitions to <asm/trap_defs.h> Joerg Roedel 2020-03-19 9:13 ` [PATCH 05/70] x86/insn: Make inat-tables.c suitable for pre-decompression code Joerg Roedel 2020-03-19 9:13 ` Joerg Roedel 2020-03-25 15:39 ` Borislav Petkov 2020-03-27 3:02 ` Masami Hiramatsu 2020-03-27 3:02 ` Masami Hiramatsu 2020-04-16 15:24 ` Joerg Roedel 2020-04-16 15:24 ` Joerg Roedel 2020-04-17 12:50 ` Masami Hiramatsu 2020-04-17 13:39 ` Joerg Roedel 2020-03-19 9:13 ` [PATCH 06/70] x86/umip: Factor out instruction fetch Joerg Roedel 2020-03-26 17:21 ` Borislav Petkov 2020-03-19 9:13 ` [PATCH 07/70] x86/umip: Factor out instruction decoding Joerg Roedel 2020-03-19 9:13 ` Joerg Roedel 2020-03-26 17:24 ` Borislav Petkov 2020-03-19 9:13 ` [PATCH 08/70] x86/insn: Add insn_get_modrm_reg_off() Joerg Roedel 2020-03-19 9:13 ` Joerg Roedel 2020-03-27 3:57 ` Masami Hiramatsu 2020-03-19 9:13 ` [PATCH 09/70] x86/insn: Add insn_rep_prefix() helper Joerg Roedel 2020-03-19 9:13 ` Joerg Roedel 2020-03-27 3:56 ` Masami Hiramatsu 2020-03-19 9:13 ` [PATCH 10/70] x86/boot/compressed: Fix debug_puthex() parameter type Joerg Roedel 2020-03-28 11:23 ` [tip: x86/boot] " tip-bot2 for Joerg Roedel 2020-03-19 9:13 ` [PATCH 11/70] x86/boot/compressed/64: Disable red-zone usage Joerg Roedel 2020-03-19 9:13 ` Joerg Roedel 2020-03-31 13:16 ` Borislav Petkov 2020-03-19 9:13 ` [PATCH 12/70] x86/boot/compressed/64: Add IDT Infrastructure Joerg Roedel 2020-04-07 2:21 ` Arvind Sankar 2020-04-16 13:30 ` Joerg Roedel 2020-04-16 13:30 ` Joerg Roedel 2020-03-19 9:13 ` [PATCH 13/70] x86/boot/compressed/64: Rename kaslr_64.c to ident_map_64.c Joerg Roedel 2020-03-19 9:13 ` [PATCH 14/70] x86/boot/compressed/64: Add page-fault handler Joerg Roedel 2020-03-19 9:13 ` Joerg Roedel 2020-04-02 11:49 ` Borislav Petkov 2020-03-19 9:13 ` [PATCH 15/70] x86/boot/compressed/64: Always switch to own page-table Joerg Roedel 2020-04-06 11:56 ` Borislav Petkov 2020-03-19 9:13 ` [PATCH 16/70] x86/boot/compressed/64: Don't pre-map memory in KASLR code Joerg Roedel 2020-03-19 9:13 ` [PATCH 17/70] x86/boot/compressed/64: Change add_identity_map() to take start and end Joerg Roedel 2020-03-19 9:13 ` Joerg Roedel 2020-03-19 9:13 ` [PATCH 18/70] x86/boot/compressed/64: Add stage1 #VC handler Joerg Roedel 2020-03-19 9:13 ` Joerg Roedel 2020-03-20 21:16 ` David Rientjes 2020-03-20 22:19 ` Joerg Roedel 2020-04-06 12:41 ` Borislav Petkov 2020-03-19 9:13 ` [PATCH 19/70] x86/boot/compressed/64: Call set_sev_encryption_mask earlier Joerg Roedel 2020-03-19 9:13 ` Joerg Roedel 2020-03-19 9:13 ` [PATCH 20/70] x86/boot/compressed/64: Check return value of kernel_ident_mapping_init() Joerg Roedel 2020-03-19 9:13 ` [PATCH 21/70] x86/boot/compressed/64: Add function to map a page unencrypted Joerg Roedel 2020-03-19 9:13 ` Joerg Roedel 2020-03-20 20:53 ` David Rientjes 2020-03-20 21:02 ` Dave Hansen 2020-03-20 22:12 ` Joerg Roedel 2020-03-20 22:26 ` Dave Hansen 2020-03-21 15:40 ` Joerg Roedel 2020-03-21 15:40 ` Joerg Roedel 2020-03-19 9:13 ` [PATCH 22/70] x86/boot/compressed/64: Setup GHCB Based VC Exception handler Joerg Roedel 2020-03-19 9:13 ` Joerg Roedel 2020-03-19 9:13 ` [PATCH 23/70] x86/sev-es: Add support for handling IOIO exceptions Joerg Roedel 2020-03-19 9:13 ` Joerg Roedel 2020-03-20 21:03 ` David Rientjes 2020-03-20 22:24 ` Joerg Roedel 2020-03-19 9:13 ` [PATCH 24/70] x86/fpu: Move xgetbv()/xsetbv() into separate header Joerg Roedel 2020-03-19 9:13 ` Joerg Roedel 2020-03-19 9:13 ` [PATCH 25/70] x86/sev-es: Add CPUID handling to #VC handler Joerg Roedel 2020-03-19 9:13 ` Joerg Roedel 2020-03-19 9:13 ` [PATCH 26/70] x86/idt: Move IDT to data segment Joerg Roedel 2020-03-19 9:13 ` Joerg Roedel 2020-03-19 9:13 ` [PATCH 27/70] x86/idt: Split idt_data setup out of set_intr_gate() Joerg Roedel 2020-03-19 9:13 ` Joerg Roedel 2020-03-19 9:13 ` [PATCH 28/70] x86/idt: Move two function from k/idt.c to i/a/desc.h Joerg Roedel 2020-03-19 9:13 ` Joerg Roedel 2020-03-19 9:13 ` [PATCH 29/70] x86/head/64: Install boot GDT Joerg Roedel 2020-03-19 9:13 ` [PATCH 30/70] x86/head/64: Reload GDT after switch to virtual addresses Joerg Roedel 2020-03-19 9:13 ` Joerg Roedel 2020-03-19 9:13 ` [PATCH 31/70] x86/head/64: Load segment registers earlier Joerg Roedel 2020-03-19 9:13 ` Joerg Roedel 2020-03-19 9:13 ` [PATCH 32/70] x86/head/64: Switch to initial stack earlier Joerg Roedel 2020-03-19 9:13 ` Joerg Roedel 2020-03-19 9:13 ` [PATCH 33/70] x86/head/64: Build k/head64.c with -fno-stack-protector Joerg Roedel 2020-03-19 9:13 ` Joerg Roedel 2020-03-19 9:13 ` [PATCH 34/70] x86/head/64: Load IDT earlier Joerg Roedel 2020-03-19 9:13 ` [PATCH 35/70] x86/head/64: Move early exception dispatch to C code Joerg Roedel 2020-03-19 9:13 ` Joerg Roedel 2020-03-19 9:13 ` [PATCH 36/70] x86/sev-es: Add SEV-ES Feature Detection Joerg Roedel 2020-03-19 9:13 ` Joerg Roedel 2020-03-19 9:13 ` Joerg Roedel [this message] 2020-03-19 9:13 ` [PATCH 37/70] x86/sev-es: Compile early handler code into kernel image Joerg Roedel 2020-03-19 9:13 ` [PATCH 38/70] x86/sev-es: Setup early #VC handler Joerg Roedel 2020-03-19 9:13 ` Joerg Roedel 2020-03-19 9:13 ` [PATCH 39/70] x86/sev-es: Setup GHCB based boot " Joerg Roedel 2020-03-19 9:13 ` [PATCH 40/70] x86/sev-es: Setup per-cpu GHCBs for the runtime handler Joerg Roedel 2020-04-14 19:03 ` Mike Stunes 2020-04-14 19:03 ` Mike Stunes 2020-04-14 20:04 ` Tom Lendacky 2020-04-14 20:04 ` Tom Lendacky 2020-04-14 20:12 ` Dave Hansen 2020-04-14 20:12 ` Dave Hansen 2020-04-14 20:16 ` Tom Lendacky 2020-04-14 20:16 ` Tom Lendacky 2020-04-14 20:18 ` Tom Lendacky 2020-04-14 20:18 ` Tom Lendacky 2020-04-15 15:54 ` Joerg Roedel 2020-04-15 15:54 ` Joerg Roedel 2020-04-15 15:53 ` Joerg Roedel 2020-04-15 15:53 ` Joerg Roedel 2020-04-23 1:33 ` Bo Gan 2020-04-23 1:33 ` Bo Gan 2020-04-23 11:30 ` Joerg Roedel 2020-04-23 11:30 ` Joerg Roedel 2020-03-19 9:13 ` [PATCH 41/70] x86/sev-es: Add Runtime #VC Exception Handler Joerg Roedel 2020-03-19 9:13 ` Joerg Roedel 2020-03-19 15:44 ` Andy Lutomirski 2020-03-19 16:24 ` Joerg Roedel 2020-03-19 18:43 ` Andy Lutomirski 2020-03-19 19:38 ` Joerg Roedel 2020-03-19 9:13 ` [PATCH 42/70] x86/sev-es: Support nested #VC exceptions Joerg Roedel 2020-03-19 15:46 ` Andy Lutomirski 2020-03-19 15:46 ` Andy Lutomirski 2020-03-19 16:12 ` Joerg Roedel 2020-03-19 9:13 ` [PATCH 43/70] x86/sev-es: Wire up existing #VC exit-code handlers Joerg Roedel 2020-03-19 9:13 ` [PATCH 44/70] x86/sev-es: Handle instruction fetches from user-space Joerg Roedel 2020-03-19 9:13 ` [PATCH 45/70] x86/sev-es: Harden runtime #VC handler for exceptions " Joerg Roedel 2020-03-19 9:13 ` [PATCH 46/70] x86/sev-es: Filter exceptions not supported " Joerg Roedel 2020-03-19 9:13 ` [PATCH 47/70] x86/sev-es: Handle MMIO events Joerg Roedel 2020-03-19 9:13 ` [PATCH 48/70] x86/sev-es: Handle MMIO String Instructions Joerg Roedel 2020-03-19 9:13 ` [PATCH 49/70] x86/sev-es: Handle MSR events Joerg Roedel 2020-03-19 9:13 ` [PATCH 50/70] x86/sev-es: Handle DR7 read/write events Joerg Roedel 2020-03-19 9:13 ` [PATCH 51/70] x86/sev-es: Handle WBINVD Events Joerg Roedel 2020-03-19 9:13 ` [PATCH 52/70] x86/sev-es: Handle RDTSC Events Joerg Roedel 2020-03-19 9:13 ` [PATCH 53/70] x86/sev-es: Handle RDPMC Events Joerg Roedel 2020-03-19 9:13 ` [PATCH 54/70] x86/sev-es: Handle INVD Events Joerg Roedel 2020-03-19 9:13 ` [PATCH 55/70] x86/sev-es: Handle RDTSCP Events Joerg Roedel 2020-04-24 21:03 ` [PATCH] Allow RDTSC and RDTSCP from userspace Mike Stunes 2020-04-24 21:03 ` Mike Stunes 2020-04-24 21:24 ` Dave Hansen 2020-04-24 21:27 ` Tom Lendacky 2020-04-24 22:53 ` Dave Hansen 2020-04-25 12:49 ` Joerg Roedel 2020-04-25 18:15 ` Andy Lutomirski 2020-04-25 19:10 ` Joerg Roedel 2020-04-25 19:47 ` Andy Lutomirski 2020-04-25 20:23 ` Joerg Roedel 2020-04-25 22:10 ` Andy Lutomirski 2020-04-27 17:37 ` Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) Andy Lutomirski 2020-04-27 18:15 ` Andrew Cooper 2020-04-27 18:43 ` Tom Lendacky 2020-04-28 7:55 ` Joerg Roedel 2020-04-28 16:34 ` Andrew Cooper 2020-06-23 11:07 ` Peter Zijlstra 2020-06-23 11:07 ` Peter Zijlstra 2020-06-23 11:30 ` Joerg Roedel 2020-06-23 11:48 ` Peter Zijlstra 2020-06-23 11:48 ` Peter Zijlstra 2020-06-23 12:04 ` Joerg Roedel 2020-06-23 12:52 ` Peter Zijlstra 2020-06-23 12:52 ` Peter Zijlstra 2020-06-23 13:40 ` Joerg Roedel 2020-06-23 13:40 ` Joerg Roedel 2020-06-23 13:59 ` Peter Zijlstra 2020-06-23 13:59 ` Peter Zijlstra 2020-06-23 14:53 ` Peter Zijlstra 2020-06-23 14:53 ` Peter Zijlstra 2020-06-23 14:59 ` Joerg Roedel 2020-06-23 15:23 ` Peter Zijlstra 2020-06-23 15:23 ` Peter Zijlstra 2020-06-23 15:38 ` Peter Zijlstra 2020-06-23 15:38 ` Peter Zijlstra 2020-06-23 15:38 ` Joerg Roedel 2020-06-23 16:02 ` Peter Zijlstra 2020-06-23 16:02 ` Peter Zijlstra 2020-06-23 15:39 ` Andrew Cooper 2020-06-23 15:52 ` Peter Zijlstra 2020-06-23 15:52 ` Peter Zijlstra 2020-06-23 16:03 ` Dave Hansen 2020-06-23 16:13 ` Peter Zijlstra 2020-06-23 16:13 ` Peter Zijlstra 2020-06-23 16:13 ` Borislav Petkov 2020-06-23 11:51 ` Andrew Cooper 2020-06-23 12:47 ` Peter Zijlstra 2020-06-23 12:47 ` Peter Zijlstra 2020-06-23 13:57 ` Andrew Cooper 2020-06-23 13:57 ` Andrew Cooper 2020-06-23 15:51 ` Borislav Petkov 2020-06-23 9:45 ` Joerg Roedel 2020-06-23 10:45 ` Peter Zijlstra 2020-06-23 11:11 ` Joerg Roedel 2020-06-23 11:14 ` Peter Zijlstra 2020-06-23 11:14 ` Peter Zijlstra 2020-06-23 11:43 ` Joerg Roedel 2020-06-23 11:50 ` Peter Zijlstra 2020-06-23 11:50 ` Peter Zijlstra 2020-06-23 12:12 ` Joerg Roedel 2020-06-23 13:03 ` Peter Zijlstra 2020-06-23 13:03 ` Peter Zijlstra 2020-06-23 14:49 ` Joerg Roedel 2020-06-23 15:16 ` Peter Zijlstra 2020-06-23 15:16 ` Peter Zijlstra 2020-06-23 15:32 ` Andrew Cooper 2020-06-23 16:10 ` Borislav Petkov 2020-06-23 15:22 ` Andrew Cooper 2020-06-23 18:26 ` Andy Lutomirski 2020-06-23 18:56 ` Andrew Cooper 2020-04-27 18:47 ` [PATCH] Allow RDTSC and RDTSCP from userspace Dave Hansen 2020-04-25 12:28 ` Joerg Roedel 2020-03-19 9:13 ` [PATCH 56/70] x86/sev-es: Handle MONITOR/MONITORX Events Joerg Roedel 2020-03-19 9:13 ` [PATCH 57/70] x86/sev-es: Handle MWAIT/MWAITX Events Joerg Roedel 2020-03-19 9:13 ` [PATCH 58/70] x86/sev-es: Handle VMMCALL Events Joerg Roedel 2020-03-19 9:13 ` [PATCH 59/70] x86/sev-es: Handle #AC Events Joerg Roedel 2020-03-19 9:13 ` [PATCH 60/70] x86/sev-es: Handle #DB Events Joerg Roedel 2020-03-19 9:13 ` [PATCH 61/70] x86/paravirt: Allow hypervisor specific VMMCALL handling under SEV-ES Joerg Roedel 2020-03-19 9:13 ` [PATCH 62/70] x86/kvm: Add KVM " Joerg Roedel 2020-03-20 21:23 ` David Rientjes 2020-03-20 22:21 ` Joerg Roedel 2020-03-19 9:14 ` [PATCH 63/70] x86/vmware: Add VMware specific handling for VMMCALL " Joerg Roedel 2020-03-19 10:18 ` Thomas Hellstrom 2020-03-19 10:18 ` Thomas Hellstrom 2020-03-19 9:14 ` [PATCH 64/70] x86/realmode: Add SEV-ES specific trampoline entry point Joerg Roedel 2020-03-19 9:14 ` [PATCH 65/70] x86/realmode: Setup AP jump table Joerg Roedel 2020-03-19 9:14 ` [PATCH 66/70] x86/head/64: Don't call verify_cpu() on starting APs Joerg Roedel 2020-03-19 9:14 ` [PATCH 67/70] x86/head/64: Rename start_cpu0 Joerg Roedel 2020-03-19 9:14 ` [PATCH 68/70] x86/sev-es: Support CPU offline/online Joerg Roedel 2020-03-19 9:14 ` [PATCH 69/70] x86/cpufeature: Add SEV_ES_GUEST CPU Feature Joerg Roedel 2020-03-19 9:14 ` [PATCH 70/70] x86/sev-es: Add NMI state tracking Joerg Roedel 2020-03-19 15:35 ` Andy Lutomirski 2020-03-19 16:07 ` Joerg Roedel 2020-03-19 18:40 ` Andy Lutomirski 2020-03-19 19:26 ` Joerg Roedel 2020-03-19 21:27 ` Andy Lutomirski 2020-03-20 19:48 ` Joerg Roedel 2020-03-20 13:17 ` [RFC PATCH v2.1] x86/sev-es: Handle NMI State Joerg Roedel 2020-03-20 14:42 ` Dave Hansen 2020-03-20 19:42 ` Joerg Roedel 2020-03-19 16:53 ` [PATCH 70/70] x86/sev-es: Add NMI state tracking Mika Penttilä 2020-03-19 19:41 ` Joerg Roedel
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20200319091407.1481-38-joro@8bytes.org \ --to=joro@8bytes.org \ --cc=dan.j.williams@intel.com \ --cc=dave.hansen@linux.intel.com \ --cc=hpa@zytor.com \ --cc=jgross@suse.com \ --cc=jroedel@suse.de \ --cc=jslaby@suse.cz \ --cc=keescook@chromium.org \ --cc=kvm@vger.kernel.org \ --cc=linux-kernel@vger.kernel.org \ --cc=luto@kernel.org \ --cc=peterz@infradead.org \ --cc=thellstrom@vmware.com \ --cc=thomas.lendacky@amd.com \ --cc=virtualization@lists.linux-foundation.org \ --cc=x86@kernel.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.