From: Brijesh Singh <brijesh.singh@amd.com> To: Paolo Bonzini <pbonzini@redhat.com>, simon.guinot@sequanux.org, linux-efi@vger.kernel.org, kvm@vger.kernel.org, rkrcmar@redhat.com, matt@codeblueprint.co.uk, linus.walleij@linaro.org, linux-mm@kvack.org, paul.gortmaker@windriver.com, hpa@zytor.com, dan.j.williams@intel.com, aarcange@redhat.com, sfr@canb.auug.org.au, andriy.shevchenko@linux.intel.com, herbert@gondor.apana.org.au, bhe@redhat.com, xemul@parallels.com, joro@8bytes.org, x86@kernel.org, mingo@redhat.com, msalter@redhat.com, ross.zwisler@linux.intel.com, bp@suse.de, dyoung@redhat.com, thomas.lendacky@amd.com, jroedel@suse.de, keescook@chromium.org, toshi.kani@hpe.com, mathieu.desnoyers@efficios.com, devel@linuxdriverproject.org, tglx@linutronix.de, mchehab@kernel.org, iamjoonsoo.kim@lge.com, labbott@fedoraproject.org, tony.luck@intel.com Cc: brijesh.singh@amd.com Subject: Re: [RFC PATCH v1 00/28] x86: Secure Encrypted Virtualization (AMD) Date: Mon, 17 Oct 2016 08:51:33 -0500 [thread overview] Message-ID: <7c1c7a4a-02cd-fa9b-5f4e-065db2042e15@amd.com> (raw) In-Reply-To: <d8f5b59e-5450-6bf6-c01e-084e612a4fed@redhat.com> Hi Paolo, Thanks for reviews. I will incorporate your feedbacks in v2. On 10/13/2016 06:19 AM, Paolo Bonzini wrote: > > > On 23/08/2016 01:23, Brijesh Singh wrote: >> TODO: >> - send qemu/seabios RFC's on respective mailing list >> - integrate the psp driver with CCP driver (they share the PCI id's) >> - add SEV guest migration command support >> - add SEV snapshotting command support >> - determine how to do ioremap of physical memory with mem encryption enabled >> (e.g acpi tables) > > The would be encrypted, right? Similar to the EFI data in patch 9. Yes. > >> - determine how to share the guest memory with hypervisor for to support >> pvclock driver > > Is it enough if the guest makes that page unencrypted? > Yes that should be enough. If guest can mark a page as unencrypted then hypervisor should be able to read and write to that particular page. Tom's patches have introduced API (set_memory_dec) to mark memory as unencrypted but pvclock drv runs very early during boot (when irq was disabled). Because of this we are not able to use set_memory_dec() to mark the page as unencrypted. Will need to come up with method for handling these cases. > I reviewed the KVM host-side patches and they are pretty > straightforward, so the comments on each patch suffice. > > Thanks, > > Paolo > >> Brijesh Singh (11): >> crypto: add AMD Platform Security Processor driver >> KVM: SVM: prepare to reserve asid for SEV guest >> KVM: SVM: prepare for SEV guest management API support >> KVM: introduce KVM_SEV_ISSUE_CMD ioctl >> KVM: SVM: add SEV launch start command >> KVM: SVM: add SEV launch update command >> KVM: SVM: add SEV_LAUNCH_FINISH command >> KVM: SVM: add KVM_SEV_GUEST_STATUS command >> KVM: SVM: add KVM_SEV_DEBUG_DECRYPT command >> KVM: SVM: add KVM_SEV_DEBUG_ENCRYPT command >> KVM: SVM: add command to query SEV API version >> >> Tom Lendacky (17): >> kvm: svm: Add support for additional SVM NPF error codes >> kvm: svm: Add kvm_fast_pio_in support >> kvm: svm: Use the hardware provided GPA instead of page walk >> x86: Secure Encrypted Virtualization (SEV) support >> KVM: SVM: prepare for new bit definition in nested_ctl >> KVM: SVM: Add SEV feature definitions to KVM >> x86: Do not encrypt memory areas if SEV is enabled >> Access BOOT related data encrypted with SEV active >> x86/efi: Access EFI data as encrypted when SEV is active >> x86: Change early_ioremap to early_memremap for BOOT data >> x86: Don't decrypt trampoline area if SEV is active >> x86: DMA support for SEV memory encryption >> iommu/amd: AMD IOMMU support for SEV >> x86: Don't set the SME MSR bit when SEV is active >> x86: Unroll string I/O when SEV is active >> x86: Add support to determine if running with SEV enabled >> KVM: SVM: Enable SEV by setting the SEV_ENABLE cpu feature >> >> >> arch/x86/boot/compressed/Makefile | 2 >> arch/x86/boot/compressed/head_64.S | 19 + >> arch/x86/boot/compressed/mem_encrypt.S | 123 ++++ >> arch/x86/include/asm/io.h | 26 + >> arch/x86/include/asm/kvm_emulate.h | 3 >> arch/x86/include/asm/kvm_host.h | 27 + >> arch/x86/include/asm/mem_encrypt.h | 3 >> arch/x86/include/asm/svm.h | 3 >> arch/x86/include/uapi/asm/hyperv.h | 4 >> arch/x86/include/uapi/asm/kvm_para.h | 4 >> arch/x86/kernel/acpi/boot.c | 4 >> arch/x86/kernel/head64.c | 4 >> arch/x86/kernel/mem_encrypt.S | 44 ++ >> arch/x86/kernel/mpparse.c | 10 >> arch/x86/kernel/setup.c | 7 >> arch/x86/kernel/x8664_ksyms_64.c | 1 >> arch/x86/kvm/cpuid.c | 4 >> arch/x86/kvm/mmu.c | 20 + >> arch/x86/kvm/svm.c | 906 ++++++++++++++++++++++++++++++++ >> arch/x86/kvm/x86.c | 73 +++ >> arch/x86/mm/ioremap.c | 7 >> arch/x86/mm/mem_encrypt.c | 50 ++ >> arch/x86/platform/efi/efi_64.c | 14 >> arch/x86/realmode/init.c | 11 >> drivers/crypto/Kconfig | 11 >> drivers/crypto/Makefile | 1 >> drivers/crypto/psp/Kconfig | 8 >> drivers/crypto/psp/Makefile | 3 >> drivers/crypto/psp/psp-dev.c | 220 ++++++++ >> drivers/crypto/psp/psp-dev.h | 95 +++ >> drivers/crypto/psp/psp-ops.c | 454 ++++++++++++++++ >> drivers/crypto/psp/psp-pci.c | 376 +++++++++++++ >> drivers/sfi/sfi_core.c | 6 >> include/linux/ccp-psp.h | 833 +++++++++++++++++++++++++++++ >> include/uapi/linux/Kbuild | 1 >> include/uapi/linux/ccp-psp.h | 182 ++++++ >> include/uapi/linux/kvm.h | 125 ++++ >> 37 files changed, 3643 insertions(+), 41 deletions(-) >> create mode 100644 arch/x86/boot/compressed/mem_encrypt.S >> create mode 100644 drivers/crypto/psp/Kconfig >> create mode 100644 drivers/crypto/psp/Makefile >> create mode 100644 drivers/crypto/psp/psp-dev.c >> create mode 100644 drivers/crypto/psp/psp-dev.h >> create mode 100644 drivers/crypto/psp/psp-ops.c >> create mode 100644 drivers/crypto/psp/psp-pci.c >> create mode 100644 include/linux/ccp-psp.h >> create mode 100644 include/uapi/linux/ccp-psp.h >> -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@kvack.org. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
WARNING: multiple messages have this Message-ID (diff)
From: Brijesh Singh <brijesh.singh@amd.com> To: Paolo Bonzini <pbonzini@redhat.com>, <simon.guinot@sequanux.org>, <linux-efi@vger.kernel.org>, <kvm@vger.kernel.org>, <rkrcmar@redhat.com>, <matt@codeblueprint.co.uk>, <linus.walleij@linaro.org>, <linux-mm@kvack.org>, <paul.gortmaker@windriver.com>, <hpa@zytor.com>, <dan.j.williams@intel.com>, <aarcange@redhat.com>, <sfr@canb.auug.org.au>, <andriy.shevchenko@linux.intel.com>, <herbert@gondor.apana.org.au>, <bhe@redhat.com>, <xemul@parallels.com>, <joro@8bytes.org>, <x86@kernel.org>, <mingo@redhat.com>, <msalter@redhat.com>, <ross.zwisler@linux.intel.com>, <bp@suse.de>, <dyoung@redhat.com>, <thomas.lendacky@amd.com>, <jroedel@suse.de>, <keescook@chromium.org>, <toshi.kani@hpe.com>, <mathieu.desnoyers@efficios.com>, <devel@linuxdriverproject.org>, <tglx@linutronix.de>, <mchehab@kernel.org>, <iamjoonsoo.kim@lge.com>, <labbott@fedoraproject.org>, <tony.luck@intel.com> Cc: <brijesh.singh@amd.com> Subject: Re: [RFC PATCH v1 00/28] x86: Secure Encrypted Virtualization (AMD) Date: Mon, 17 Oct 2016 08:51:33 -0500 [thread overview] Message-ID: <7c1c7a4a-02cd-fa9b-5f4e-065db2042e15@amd.com> (raw) In-Reply-To: <d8f5b59e-5450-6bf6-c01e-084e612a4fed@redhat.com> Hi Paolo, Thanks for reviews. I will incorporate your feedbacks in v2. On 10/13/2016 06:19 AM, Paolo Bonzini wrote: > > > On 23/08/2016 01:23, Brijesh Singh wrote: >> TODO: >> - send qemu/seabios RFC's on respective mailing list >> - integrate the psp driver with CCP driver (they share the PCI id's) >> - add SEV guest migration command support >> - add SEV snapshotting command support >> - determine how to do ioremap of physical memory with mem encryption enabled >> (e.g acpi tables) > > The would be encrypted, right? Similar to the EFI data in patch 9. Yes. > >> - determine how to share the guest memory with hypervisor for to support >> pvclock driver > > Is it enough if the guest makes that page unencrypted? > Yes that should be enough. If guest can mark a page as unencrypted then hypervisor should be able to read and write to that particular page. Tom's patches have introduced API (set_memory_dec) to mark memory as unencrypted but pvclock drv runs very early during boot (when irq was disabled). Because of this we are not able to use set_memory_dec() to mark the page as unencrypted. Will need to come up with method for handling these cases. > I reviewed the KVM host-side patches and they are pretty > straightforward, so the comments on each patch suffice. > > Thanks, > > Paolo > >> Brijesh Singh (11): >> crypto: add AMD Platform Security Processor driver >> KVM: SVM: prepare to reserve asid for SEV guest >> KVM: SVM: prepare for SEV guest management API support >> KVM: introduce KVM_SEV_ISSUE_CMD ioctl >> KVM: SVM: add SEV launch start command >> KVM: SVM: add SEV launch update command >> KVM: SVM: add SEV_LAUNCH_FINISH command >> KVM: SVM: add KVM_SEV_GUEST_STATUS command >> KVM: SVM: add KVM_SEV_DEBUG_DECRYPT command >> KVM: SVM: add KVM_SEV_DEBUG_ENCRYPT command >> KVM: SVM: add command to query SEV API version >> >> Tom Lendacky (17): >> kvm: svm: Add support for additional SVM NPF error codes >> kvm: svm: Add kvm_fast_pio_in support >> kvm: svm: Use the hardware provided GPA instead of page walk >> x86: Secure Encrypted Virtualization (SEV) support >> KVM: SVM: prepare for new bit definition in nested_ctl >> KVM: SVM: Add SEV feature definitions to KVM >> x86: Do not encrypt memory areas if SEV is enabled >> Access BOOT related data encrypted with SEV active >> x86/efi: Access EFI data as encrypted when SEV is active >> x86: Change early_ioremap to early_memremap for BOOT data >> x86: Don't decrypt trampoline area if SEV is active >> x86: DMA support for SEV memory encryption >> iommu/amd: AMD IOMMU support for SEV >> x86: Don't set the SME MSR bit when SEV is active >> x86: Unroll string I/O when SEV is active >> x86: Add support to determine if running with SEV enabled >> KVM: SVM: Enable SEV by setting the SEV_ENABLE cpu feature >> >> >> arch/x86/boot/compressed/Makefile | 2 >> arch/x86/boot/compressed/head_64.S | 19 + >> arch/x86/boot/compressed/mem_encrypt.S | 123 ++++ >> arch/x86/include/asm/io.h | 26 + >> arch/x86/include/asm/kvm_emulate.h | 3 >> arch/x86/include/asm/kvm_host.h | 27 + >> arch/x86/include/asm/mem_encrypt.h | 3 >> arch/x86/include/asm/svm.h | 3 >> arch/x86/include/uapi/asm/hyperv.h | 4 >> arch/x86/include/uapi/asm/kvm_para.h | 4 >> arch/x86/kernel/acpi/boot.c | 4 >> arch/x86/kernel/head64.c | 4 >> arch/x86/kernel/mem_encrypt.S | 44 ++ >> arch/x86/kernel/mpparse.c | 10 >> arch/x86/kernel/setup.c | 7 >> arch/x86/kernel/x8664_ksyms_64.c | 1 >> arch/x86/kvm/cpuid.c | 4 >> arch/x86/kvm/mmu.c | 20 + >> arch/x86/kvm/svm.c | 906 ++++++++++++++++++++++++++++++++ >> arch/x86/kvm/x86.c | 73 +++ >> arch/x86/mm/ioremap.c | 7 >> arch/x86/mm/mem_encrypt.c | 50 ++ >> arch/x86/platform/efi/efi_64.c | 14 >> arch/x86/realmode/init.c | 11 >> drivers/crypto/Kconfig | 11 >> drivers/crypto/Makefile | 1 >> drivers/crypto/psp/Kconfig | 8 >> drivers/crypto/psp/Makefile | 3 >> drivers/crypto/psp/psp-dev.c | 220 ++++++++ >> drivers/crypto/psp/psp-dev.h | 95 +++ >> drivers/crypto/psp/psp-ops.c | 454 ++++++++++++++++ >> drivers/crypto/psp/psp-pci.c | 376 +++++++++++++ >> drivers/sfi/sfi_core.c | 6 >> include/linux/ccp-psp.h | 833 +++++++++++++++++++++++++++++ >> include/uapi/linux/Kbuild | 1 >> include/uapi/linux/ccp-psp.h | 182 ++++++ >> include/uapi/linux/kvm.h | 125 ++++ >> 37 files changed, 3643 insertions(+), 41 deletions(-) >> create mode 100644 arch/x86/boot/compressed/mem_encrypt.S >> create mode 100644 drivers/crypto/psp/Kconfig >> create mode 100644 drivers/crypto/psp/Makefile >> create mode 100644 drivers/crypto/psp/psp-dev.c >> create mode 100644 drivers/crypto/psp/psp-dev.h >> create mode 100644 drivers/crypto/psp/psp-ops.c >> create mode 100644 drivers/crypto/psp/psp-pci.c >> create mode 100644 include/linux/ccp-psp.h >> create mode 100644 include/uapi/linux/ccp-psp.h >> -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@kvack.org. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2016-10-17 13:51 UTC|newest] Thread overview: 260+ messages / expand[flat|nested] mbox.gz Atom feed top 2016-08-22 23:23 [RFC PATCH v1 00/28] x86: Secure Encrypted Virtualization (AMD) Brijesh Singh 2016-08-22 23:23 ` Brijesh Singh 2016-08-22 23:23 ` Brijesh Singh 2016-08-22 23:23 ` Brijesh Singh 2016-08-22 23:23 ` [RFC PATCH v1 01/28] kvm: svm: Add support for additional SVM NPF error codes Brijesh Singh 2016-08-22 23:23 ` Brijesh Singh 2016-08-22 23:23 ` Brijesh Singh 2016-08-22 23:23 ` Brijesh Singh 2016-09-13 9:56 ` Borislav Petkov 2016-09-13 9:56 ` Borislav Petkov 2016-09-13 9:56 ` Borislav Petkov 2016-08-22 23:23 ` Brijesh Singh 2016-08-22 23:23 ` [RFC PATCH v1 02/28] kvm: svm: Add kvm_fast_pio_in support Brijesh Singh 2016-08-22 23:23 ` Brijesh Singh 2016-08-22 23:23 ` Brijesh Singh 2016-08-22 23:23 ` Brijesh Singh 2016-09-21 10:58 ` Borislav Petkov 2016-09-21 10:58 ` Borislav Petkov 2016-09-21 10:58 ` Borislav Petkov 2016-08-22 23:23 ` Brijesh Singh 2016-08-22 23:24 ` [RFC PATCH v1 03/28] kvm: svm: Use the hardware provided GPA instead of page walk Brijesh Singh 2016-08-22 23:24 ` Brijesh Singh 2016-08-22 23:24 ` Brijesh Singh 2016-08-22 23:24 ` Brijesh Singh 2016-09-21 17:16 ` Borislav Petkov 2016-09-21 17:16 ` Borislav Petkov 2016-09-21 17:16 ` Borislav Petkov 2016-08-22 23:24 ` Brijesh Singh 2016-08-22 23:24 ` [RFC PATCH v1 04/28] x86: Secure Encrypted Virtualization (SEV) support Brijesh Singh 2016-08-22 23:24 ` Brijesh Singh 2016-08-22 23:24 ` Brijesh Singh 2016-08-22 23:24 ` Brijesh Singh 2016-08-22 23:24 ` Brijesh Singh 2016-09-22 15:00 ` Borislav Petkov 2016-09-22 15:00 ` Borislav Petkov 2016-09-22 15:00 ` Borislav Petkov 2016-08-22 23:24 ` [RFC PATCH v1 05/28] KVM: SVM: prepare for new bit definition in nested_ctl Brijesh Singh 2016-08-22 23:24 ` Brijesh Singh 2016-08-22 23:24 ` Brijesh Singh 2016-08-22 23:24 ` Brijesh Singh 2016-09-22 14:17 ` Borislav Petkov 2016-09-22 14:17 ` Borislav Petkov 2016-09-22 14:17 ` Borislav Petkov 2016-08-22 23:24 ` Brijesh Singh 2016-08-22 23:24 ` [RFC PATCH v1 06/28] KVM: SVM: Add SEV feature definitions to KVM Brijesh Singh 2016-08-22 23:24 ` Brijesh Singh 2016-08-22 23:24 ` Brijesh Singh 2016-08-22 23:24 ` Brijesh Singh 2016-08-22 23:24 ` Brijesh Singh 2016-08-22 23:24 ` [RFC PATCH v1 07/28] x86: Do not encrypt memory areas if SEV is enabled Brijesh Singh 2016-08-22 23:24 ` Brijesh Singh 2016-08-22 23:24 ` Brijesh Singh 2016-08-22 23:24 ` Brijesh Singh 2016-08-22 23:24 ` Brijesh Singh 2016-08-22 23:25 ` [RFC PATCH v1 08/28] Access BOOT related data encrypted with SEV active Brijesh Singh 2016-08-22 23:25 ` Brijesh Singh 2016-08-22 23:25 ` Brijesh Singh 2016-08-22 23:25 ` Brijesh Singh 2016-08-22 23:25 ` Brijesh Singh 2016-08-22 23:25 ` [RFC PATCH v1 09/28] x86/efi: Access EFI data as encrypted when SEV is active Brijesh Singh 2016-08-22 23:25 ` Brijesh Singh 2016-08-22 23:25 ` Brijesh Singh 2016-08-22 23:25 ` Brijesh Singh 2016-09-22 14:35 ` Borislav Petkov 2016-09-22 14:35 ` Borislav Petkov 2016-09-22 14:35 ` Borislav Petkov 2016-09-22 14:35 ` Borislav Petkov 2016-09-22 14:45 ` Paolo Bonzini 2016-09-22 14:45 ` Paolo Bonzini 2016-09-22 14:45 ` Paolo Bonzini 2016-09-22 14:59 ` Borislav Petkov 2016-09-22 14:59 ` Borislav Petkov 2016-09-22 14:59 ` Borislav Petkov 2016-09-22 14:59 ` Borislav Petkov 2016-09-22 15:05 ` Paolo Bonzini 2016-09-22 15:05 ` Paolo Bonzini 2016-09-22 15:05 ` Paolo Bonzini 2016-09-22 17:07 ` Borislav Petkov 2016-09-22 17:07 ` Borislav Petkov 2016-09-22 17:07 ` Borislav Petkov 2016-09-22 17:07 ` Borislav Petkov 2016-09-22 17:08 ` Paolo Bonzini 2016-09-22 17:08 ` Paolo Bonzini 2016-09-22 17:08 ` Paolo Bonzini 2016-09-22 17:08 ` Paolo Bonzini 2016-09-22 17:27 ` Borislav Petkov 2016-09-22 17:27 ` Borislav Petkov 2016-09-22 17:27 ` Borislav Petkov 2016-09-22 19:04 ` Tom Lendacky 2016-09-22 19:04 ` Tom Lendacky 2016-09-22 19:04 ` Tom Lendacky 2016-09-22 19:04 ` Tom Lendacky 2016-09-22 19:11 ` Borislav Petkov 2016-09-22 19:11 ` Borislav Petkov 2016-09-22 19:11 ` Borislav Petkov 2016-09-22 19:49 ` Tom Lendacky 2016-09-22 19:49 ` Tom Lendacky 2016-09-22 19:49 ` Tom Lendacky 2016-09-22 19:49 ` Tom Lendacky 2016-09-22 20:10 ` Borislav Petkov 2016-09-22 20:10 ` Borislav Petkov 2016-09-22 20:10 ` Borislav Petkov 2016-09-22 18:59 ` Tom Lendacky 2016-09-22 18:59 ` Tom Lendacky 2016-09-22 18:59 ` Tom Lendacky 2016-09-22 18:59 ` Tom Lendacky 2016-09-22 18:47 ` Tom Lendacky 2016-09-22 18:47 ` Tom Lendacky 2016-09-22 18:47 ` Tom Lendacky 2016-09-22 18:47 ` Tom Lendacky 2016-09-22 18:50 ` Paolo Bonzini 2016-09-22 18:50 ` Paolo Bonzini 2016-09-22 18:50 ` Paolo Bonzini 2016-09-22 17:46 ` Tom Lendacky 2016-09-22 17:46 ` Tom Lendacky 2016-09-22 17:46 ` Tom Lendacky 2016-09-22 17:46 ` Tom Lendacky 2016-09-22 18:23 ` Paolo Bonzini 2016-09-22 18:23 ` Paolo Bonzini 2016-09-22 18:23 ` Paolo Bonzini 2016-09-22 18:37 ` Borislav Petkov 2016-09-22 18:37 ` Borislav Petkov 2016-09-22 18:37 ` Borislav Petkov [not found] ` <20160922183759.7ahw2kbxit3epnzk-fF5Pk5pvG8Y@public.gmane.org> 2016-09-22 18:44 ` Paolo Bonzini 2016-09-22 18:44 ` Paolo Bonzini 2016-09-23 9:33 ` Kai Huang 2016-09-23 9:33 ` Kai Huang 2016-09-23 9:33 ` Kai Huang 2016-09-23 9:50 ` Borislav Petkov 2016-09-23 9:50 ` Borislav Petkov 2016-09-23 9:50 ` Borislav Petkov 2016-08-22 23:25 ` Brijesh Singh 2016-08-22 23:25 ` [RFC PATCH v1 10/28] x86: Change early_ioremap to early_memremap for BOOT data Brijesh Singh 2016-08-22 23:25 ` Brijesh Singh 2016-08-22 23:25 ` Brijesh Singh 2016-08-22 23:25 ` Brijesh Singh 2016-08-22 23:25 ` Brijesh Singh 2016-08-22 23:25 ` [RFC PATCH v1 11/28] x86: Don't decrypt trampoline area if SEV is active Brijesh Singh 2016-08-22 23:25 ` Brijesh Singh 2016-08-22 23:25 ` Brijesh Singh 2016-08-22 23:25 ` Brijesh Singh 2016-08-22 23:25 ` Brijesh Singh 2016-08-22 23:26 ` [RFC PATCH v1 12/28] x86: DMA support for SEV memory encryption Brijesh Singh 2016-08-22 23:26 ` Brijesh Singh 2016-08-22 23:26 ` Brijesh Singh 2016-08-22 23:26 ` Brijesh Singh 2016-08-22 23:26 ` Brijesh Singh 2016-08-22 23:26 ` [RFC PATCH v1 13/28] iommu/amd: AMD IOMMU support for SEV Brijesh Singh 2016-08-22 23:26 ` Brijesh Singh 2016-08-22 23:26 ` Brijesh Singh 2016-08-22 23:26 ` Brijesh Singh 2016-08-22 23:26 ` Brijesh Singh 2016-08-22 23:26 ` [RFC PATCH v1 14/28] x86: Don't set the SME MSR bit when SEV is active Brijesh Singh 2016-08-22 23:26 ` Brijesh Singh 2016-08-22 23:26 ` Brijesh Singh 2016-08-22 23:26 ` Brijesh Singh 2016-08-22 23:26 ` Brijesh Singh 2016-08-22 23:26 ` [RFC PATCH v1 15/28] x86: Unroll string I/O " Brijesh Singh 2016-08-22 23:26 ` Brijesh Singh 2016-08-22 23:26 ` Brijesh Singh 2016-08-22 23:26 ` Brijesh Singh 2016-08-22 23:26 ` Brijesh Singh 2016-08-22 23:26 ` [RFC PATCH v1 16/28] x86: Add support to determine if running with SEV enabled Brijesh Singh 2016-08-22 23:26 ` Brijesh Singh 2016-08-22 23:26 ` Brijesh Singh 2016-08-22 23:26 ` Brijesh Singh 2016-08-22 23:26 ` Brijesh Singh 2016-08-22 23:27 ` [RFC PATCH v1 17/28] KVM: SVM: Enable SEV by setting the SEV_ENABLE cpu feature Brijesh Singh 2016-08-22 23:27 ` Brijesh Singh 2016-08-22 23:27 ` Brijesh Singh 2016-08-22 23:27 ` Brijesh Singh 2016-08-22 23:27 ` Brijesh Singh 2016-08-22 23:27 ` [RFC PATCH v1 18/28] crypto: add AMD Platform Security Processor driver Brijesh Singh 2016-08-22 23:27 ` Brijesh Singh 2016-08-22 23:27 ` Brijesh Singh 2016-08-22 23:27 ` Brijesh Singh 2016-08-22 23:27 ` Brijesh Singh 2016-08-23 7:14 ` Herbert Xu 2016-08-23 7:14 ` Herbert Xu 2016-08-23 7:14 ` Herbert Xu 2016-08-24 12:02 ` Tom Lendacky 2016-08-24 12:02 ` Tom Lendacky 2016-08-24 12:02 ` Tom Lendacky 2016-08-24 12:02 ` Tom Lendacky 2016-08-22 23:27 ` [RFC PATCH v1 19/28] KVM: SVM: prepare to reserve asid for SEV guest Brijesh Singh 2016-08-22 23:27 ` Brijesh Singh 2016-08-22 23:27 ` Brijesh Singh 2016-08-22 23:27 ` Brijesh Singh 2016-08-22 23:27 ` Brijesh Singh 2016-10-13 10:17 ` Paolo Bonzini 2016-10-13 10:17 ` Paolo Bonzini 2016-08-22 23:28 ` [RFC PATCH v1 20/28] KVM: SVM: prepare for SEV guest management API support Brijesh Singh 2016-08-22 23:28 ` Brijesh Singh 2016-08-22 23:28 ` Brijesh Singh 2016-08-22 23:28 ` Brijesh Singh 2016-08-22 23:28 ` Brijesh Singh 2016-10-13 10:41 ` Paolo Bonzini 2016-08-22 23:28 ` [RFC PATCH v1 21/28] KVM: introduce KVM_SEV_ISSUE_CMD ioctl Brijesh Singh 2016-08-22 23:28 ` Brijesh Singh 2016-08-22 23:28 ` Brijesh Singh 2016-08-22 23:28 ` Brijesh Singh 2016-10-13 10:45 ` Paolo Bonzini 2016-10-13 10:45 ` Paolo Bonzini 2016-10-17 17:57 ` Brijesh Singh 2016-10-17 17:57 ` Brijesh Singh 2016-10-17 17:57 ` Brijesh Singh 2016-10-17 20:14 ` Paolo Bonzini 2016-10-17 20:14 ` Paolo Bonzini 2016-10-17 20:14 ` Paolo Bonzini 2016-10-18 19:32 ` Brijesh Singh 2016-10-18 19:32 ` Brijesh Singh 2016-10-18 19:32 ` Brijesh Singh 2016-10-18 21:44 ` Paolo Bonzini 2016-10-18 21:44 ` Paolo Bonzini 2016-10-18 21:44 ` Paolo Bonzini 2016-08-22 23:28 ` Brijesh Singh 2016-08-22 23:28 ` [RFC PATCH v1 22/28] KVM: SVM: add SEV launch start command Brijesh Singh 2016-08-22 23:28 ` Brijesh Singh 2016-08-22 23:28 ` Brijesh Singh 2016-08-22 23:28 ` Brijesh Singh 2016-10-13 11:12 ` Paolo Bonzini 2016-08-22 23:28 ` Brijesh Singh 2016-08-22 23:28 ` [RFC PATCH v1 23/28] KVM: SVM: add SEV launch update command Brijesh Singh 2016-08-22 23:28 ` Brijesh Singh 2016-08-22 23:28 ` Brijesh Singh 2016-08-22 23:28 ` Brijesh Singh 2016-08-22 23:28 ` Brijesh Singh 2016-08-22 23:28 ` [RFC PATCH v1 24/28] KVM: SVM: add SEV_LAUNCH_FINISH command Brijesh Singh 2016-08-22 23:28 ` Brijesh Singh 2016-08-22 23:28 ` Brijesh Singh 2016-08-22 23:28 ` Brijesh Singh 2016-08-22 23:28 ` Brijesh Singh 2016-10-13 11:16 ` Paolo Bonzini 2016-08-22 23:29 ` [RFC PATCH v1 25/28] KVM: SVM: add KVM_SEV_GUEST_STATUS command Brijesh Singh 2016-08-22 23:29 ` Brijesh Singh 2016-08-22 23:29 ` Brijesh Singh 2016-08-22 23:29 ` Brijesh Singh 2016-08-22 23:29 ` Brijesh Singh 2016-08-22 23:29 ` [RFC PATCH v1 26/28] KVM: SVM: add KVM_SEV_DEBUG_DECRYPT command Brijesh Singh 2016-08-22 23:29 ` Brijesh Singh 2016-08-22 23:29 ` Brijesh Singh 2016-08-22 23:29 ` Brijesh Singh 2016-08-22 23:29 ` Brijesh Singh 2016-08-22 23:29 ` [RFC PATCH v1 27/28] KVM: SVM: add KVM_SEV_DEBUG_ENCRYPT command Brijesh Singh 2016-08-22 23:29 ` Brijesh Singh 2016-08-22 23:29 ` Brijesh Singh 2016-08-22 23:29 ` Brijesh Singh 2016-08-22 23:29 ` [RFC PATCH v1 28/28] KVM: SVM: add command to query SEV API version Brijesh Singh 2016-08-22 23:29 ` Brijesh Singh 2016-08-22 23:29 ` Brijesh Singh 2016-08-22 23:29 ` Brijesh Singh 2016-08-22 23:29 ` Brijesh Singh 2016-10-13 11:19 ` [RFC PATCH v1 00/28] x86: Secure Encrypted Virtualization (AMD) Paolo Bonzini 2016-10-17 13:51 ` Brijesh Singh [this message] 2016-10-17 13:51 ` Brijesh Singh [not found] <B25DDC54236C3042A5DC90B7728884A6F1A269@SZXEMI504-MBX.china.huawei.com> 2016-08-26 15:38 ` Brijesh Singh -- strict thread matches above, loose matches on Subject: below -- 2016-08-22 23:23 Brijesh Singh 2016-08-22 23:21 Brijesh Singh 2016-08-22 23:21 ` Brijesh Singh 2016-08-22 23:21 ` Brijesh Singh
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=7c1c7a4a-02cd-fa9b-5f4e-065db2042e15@amd.com \ --to=brijesh.singh@amd.com \ --cc=aarcange@redhat.com \ --cc=andriy.shevchenko@linux.intel.com \ --cc=bhe@redhat.com \ --cc=bp@suse.de \ --cc=dan.j.williams@intel.com \ --cc=devel@linuxdriverproject.org \ --cc=dyoung@redhat.com \ --cc=herbert@gondor.apana.org.au \ --cc=hpa@zytor.com \ --cc=iamjoonsoo.kim@lge.com \ --cc=joro@8bytes.org \ --cc=jroedel@suse.de \ --cc=keescook@chromium.org \ --cc=kvm@vger.kernel.org \ --cc=labbott@fedoraproject.org \ --cc=linus.walleij@linaro.org \ --cc=linux-efi@vger.kernel.org \ --cc=linux-mm@kvack.org \ --cc=mathieu.desnoyers@efficios.com \ --cc=matt@codeblueprint.co.uk \ --cc=mchehab@kernel.org \ --cc=mingo@redhat.com \ --cc=msalter@redhat.com \ --cc=paul.gortmaker@windriver.com \ --cc=pbonzini@redhat.com \ --cc=rkrcmar@redhat.com \ --cc=ross.zwisler@linux.intel.com \ --cc=sfr@canb.auug.org.au \ --cc=simon.guinot@sequanux.org \ --cc=tglx@linutronix.de \ --cc=thomas.lendacky@amd.com \ --cc=tony.luck@intel.com \ --cc=toshi.kani@hpe.com \ --cc=x86@kernel.org \ --cc=xemul@parallels.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.