From: Peter Gonda <pgonda@google.com>
To: Ashish Kalra <Ashish.Kalra@amd.com>
Cc: "the arch/x86 maintainers" <x86@kernel.org>,
LKML <linux-kernel@vger.kernel.org>,
kvm list <kvm@vger.kernel.org>,
linux-coco@lists.linux.dev, linux-mm@kvack.org,
Linux Crypto Mailing List <linux-crypto@vger.kernel.org>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Joerg Roedel <jroedel@suse.de>,
"Lendacky, Thomas" <thomas.lendacky@amd.com>,
"H. Peter Anvin" <hpa@zytor.com>,
Ard Biesheuvel <ardb@kernel.org>,
Paolo Bonzini <pbonzini@redhat.com>,
Sean Christopherson <seanjc@google.com>,
Vitaly Kuznetsov <vkuznets@redhat.com>,
Jim Mattson <jmattson@google.com>,
Andy Lutomirski <luto@kernel.org>,
Dave Hansen <dave.hansen@linux.intel.com>,
Sergio Lopez <slp@redhat.com>,
Peter Zijlstra <peterz@infradead.org>,
Srinivas Pandruvada <srinivas.pandruvada@linux.intel.com>,
David Rientjes <rientjes@google.com>,
Dov Murik <dovmurik@linux.ibm.com>,
Tobin Feldman-Fitzthum <tobin@ibm.com>,
Borislav Petkov <bp@alien8.de>,
Michael Roth <michael.roth@amd.com>,
Vlastimil Babka <vbabka@suse.cz>,
"Kirill A . Shutemov" <kirill@shutemov.name>,
Andi Kleen <ak@linux.intel.com>, Tony Luck <tony.luck@intel.com>,
Marc Orr <marcorr@google.com>,
Sathyanarayanan Kuppuswamy
<sathyanarayanan.kuppuswamy@linux.intel.com>,
Alper Gun <alpergun@google.com>,
"Dr. David Alan Gilbert" <dgilbert@redhat.com>,
jarkko@kernel.org
Subject: Re: [PATCH Part2 v6 14/49] crypto: ccp: Handle the legacy TMR allocation when SNP is enabled
Date: Tue, 21 Jun 2022 12:11:16 -0600 [thread overview]
Message-ID: <CAMkAt6ruxMazN3NmWHsemDNQj6Uj0PhCVeaxw2unCxU=YZFRWw@mail.gmail.com> (raw)
In-Reply-To: <3a51840f6a80c87b39632dc728dbd9b5dd444cd7.1655761627.git.ashish.kalra@amd.com>
On Mon, Jun 20, 2022 at 5:05 PM Ashish Kalra <Ashish.Kalra@amd.com> wrote:
>
> From: Brijesh Singh <brijesh.singh@amd.com>
>
> The behavior and requirement for the SEV-legacy command is altered when
> the SNP firmware is in the INIT state. See SEV-SNP firmware specification
> for more details.
>
> Allocate the Trusted Memory Region (TMR) as a 2mb sized/aligned region
> when SNP is enabled to satify new requirements for the SNP. Continue
satisfy
> allocating a 1mb region for !SNP configuration.
>
> While at it, provide API that can be used by others to allocate a page
> that can be used by the firmware. The immediate user for this API will
> be the KVM driver. The KVM driver to need to allocate a firmware context
> page during the guest creation. The context page need to be updated
> by the firmware. See the SEV-SNP specification for further details.
>
> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
> ---
> drivers/crypto/ccp/sev-dev.c | 173 +++++++++++++++++++++++++++++++++--
> include/linux/psp-sev.h | 11 +++
> 2 files changed, 178 insertions(+), 6 deletions(-)
>
> diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
> index 35d76333e120..0dbd99f29b25 100644
> --- a/drivers/crypto/ccp/sev-dev.c
> +++ b/drivers/crypto/ccp/sev-dev.c
> @@ -79,6 +79,14 @@ static void *sev_es_tmr;
> #define NV_LENGTH (32 * 1024)
> static void *sev_init_ex_buffer;
>
> +/* When SEV-SNP is enabled the TMR needs to be 2MB aligned and 2MB size. */
> +#define SEV_SNP_ES_TMR_SIZE (2 * 1024 * 1024)
> +
> +static size_t sev_es_tmr_size = SEV_ES_TMR_SIZE;
Why not keep all this TMR stuff together near the SEV_ES_TMR_SIZE define?
> +
> +static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret);
> +static int sev_do_cmd(int cmd, void *data, int *psp_ret);
> +
> static inline bool sev_version_greater_or_equal(u8 maj, u8 min)
> {
> struct sev_device *sev = psp_master->sev_data;
> @@ -177,11 +185,161 @@ static int sev_cmd_buffer_len(int cmd)
> return 0;
> }
>
> +static void snp_leak_pages(unsigned long pfn, unsigned int npages)
> +{
> + WARN(1, "psc failed, pfn 0x%lx pages %d (leaking)\n", pfn, npages);
> + while (npages--) {
> + memory_failure(pfn, 0);
> + dump_rmpentry(pfn);
> + pfn++;
> + }
> +}
> +
> +static int snp_reclaim_pages(unsigned long pfn, unsigned int npages, bool locked)
> +{
> + struct sev_data_snp_page_reclaim data;
> + int ret, err, i, n = 0;
> +
> + for (i = 0; i < npages; i++) {
What about setting |n| here too, also the other increments.
for (i = 0, n = 0; i < npages; i++, n++, pfn++)
> + memset(&data, 0, sizeof(data));
> + data.paddr = pfn << PAGE_SHIFT;
> +
> + if (locked)
> + ret = __sev_do_cmd_locked(SEV_CMD_SNP_PAGE_RECLAIM, &data, &err);
> + else
> + ret = sev_do_cmd(SEV_CMD_SNP_PAGE_RECLAIM, &data, &err);
Can we change `sev_cmd_mutex` to some sort of nesting lock type? That
could clean up this if (locked) code.
> + if (ret)
> + goto cleanup;
> +
> + ret = rmp_make_shared(pfn, PG_LEVEL_4K);
> + if (ret)
> + goto cleanup;
> +
> + pfn++;
> + n++;
> + }
> +
> + return 0;
> +
> +cleanup:
> + /*
> + * If failed to reclaim the page then page is no longer safe to
> + * be released, leak it.
> + */
> + snp_leak_pages(pfn, npages - n);
> + return ret;
> +}
> +
> +static inline int rmp_make_firmware(unsigned long pfn, int level)
> +{
> + return rmp_make_private(pfn, 0, level, 0, true);
> +}
> +
> +static int snp_set_rmp_state(unsigned long paddr, unsigned int npages, bool to_fw, bool locked,
> + bool need_reclaim)
This function can do a lot and when I read the call sites its hard to
see what its doing since we have a combination of arguments which tell
us what behavior is happening, some of which are not valid (ex: to_fw
== true and need_reclaim == true is an invalid argument combination).
Also this for loop over |npages| is duplicated from
snp_reclaim_pages(). One improvement here is that on the current
snp_reclaim_pages() if we fail to reclaim a page we assume we cannot
reclaim the next pages, this may cause us to snp_leak_pages() more
pages than we actually need too.
What about something like this?
static snp_leak_page(u64 pfn, enum pg_level level)
{
memory_failure(pfn, 0);
dump_rmpentry(pfn);
}
static int snp_reclaim_page(u64 pfn, enum pg_level level)
{
int ret;
struct sev_data_snp_page_reclaim data;
ret = sev_do_cmd(SEV_CMD_SNP_PAGE_RECLAIM, &data, &err);
if (ret)
goto cleanup;
ret = rmp_make_shared(pfn, level);
if (ret)
goto cleanup;
return 0;
cleanup:
snp_leak_page(pfn, level)
}
typedef int (*rmp_state_change_func) (u64 pfn, enum pg_level level);
static int snp_set_rmp_state(unsigned long paddr, unsigned int npages,
rmp_state_change_func state_change, rmp_state_change_func cleanup)
{
struct sev_data_snp_page_reclaim data;
int ret, err, i, n = 0;
for (i = 0, n = 0; i < npages; i++, n++, pfn++) {
ret = state_change(pfn, PG_LEVEL_4K)
if (ret)
goto cleanup;
}
return 0;
cleanup:
for (; i>= 0; i--, n--, pfn--) {
cleanup(pfn, PG_LEVEL_4K);
}
return ret;
}
Then inside of __snp_alloc_firmware_pages():
snp_set_rmp_state(paddr, npages, rmp_make_firmware, snp_reclaim_page);
And inside of __snp_free_firmware_pages():
snp_set_rmp_state(paddr, npages, snp_reclaim_page, snp_leak_page);
Just a suggestion feel free to ignore. The readability comment could
be addressed much less invasively by just making separate functions
for each valid combination of arguments here. Like
snp_set_rmp_fw_state(), snp_set_rmp_shared_state(),
snp_set_rmp_release_state() or something.
> +{
> + unsigned long pfn = __sme_clr(paddr) >> PAGE_SHIFT; /* Cbit maybe set in the paddr */
> + int rc, n = 0, i;
> +
> + for (i = 0; i < npages; i++) {
> + if (to_fw)
> + rc = rmp_make_firmware(pfn, PG_LEVEL_4K);
> + else
> + rc = need_reclaim ? snp_reclaim_pages(pfn, 1, locked) :
> + rmp_make_shared(pfn, PG_LEVEL_4K);
> + if (rc)
> + goto cleanup;
> +
> + pfn++;
> + n++;
> + }
> +
> + return 0;
> +
> +cleanup:
> + /* Try unrolling the firmware state changes */
> + if (to_fw) {
> + /*
> + * Reclaim the pages which were already changed to the
> + * firmware state.
> + */
> + snp_reclaim_pages(paddr >> PAGE_SHIFT, n, locked);
> +
> + return rc;
> + }
> +
> + /*
> + * If failed to change the page state to shared, then its not safe
> + * to release the page back to the system, leak it.
> + */
> + snp_leak_pages(pfn, npages - n);
> +
> + return rc;
> +}
> +
> +static struct page *__snp_alloc_firmware_pages(gfp_t gfp_mask, int order, bool locked)
> +{
> + unsigned long npages = 1ul << order, paddr;
> + struct sev_device *sev;
> + struct page *page;
> +
> + if (!psp_master || !psp_master->sev_data)
> + return NULL;
> +
> + page = alloc_pages(gfp_mask, order);
> + if (!page)
> + return NULL;
> +
> + /* If SEV-SNP is initialized then add the page in RMP table. */
> + sev = psp_master->sev_data;
> + if (!sev->snp_inited)
> + return page;
> +
> + paddr = __pa((unsigned long)page_address(page));
> + if (snp_set_rmp_state(paddr, npages, true, locked, false))
> + return NULL;
So what about the case where snp_set_rmp_state() fails but we were
able to reclaim all the pages? Should we be able to signal that to
callers so that we could free |page| here? But given this is an error
path already maybe we can optimize this in a follow up series.
> +
> + return page;
> +}
> +
> +void *snp_alloc_firmware_page(gfp_t gfp_mask)
> +{
> + struct page *page;
> +
> + page = __snp_alloc_firmware_pages(gfp_mask, 0, false);
> +
> + return page ? page_address(page) : NULL;
> +}
> +EXPORT_SYMBOL_GPL(snp_alloc_firmware_page);
> +
> +static void __snp_free_firmware_pages(struct page *page, int order, bool locked)
> +{
> + unsigned long paddr, npages = 1ul << order;
> +
> + if (!page)
> + return;
> +
> + paddr = __pa((unsigned long)page_address(page));
> + if (snp_set_rmp_state(paddr, npages, false, locked, true))
> + return;
Here we may be able to free some of |page| depending how where inside
of snp_set_rmp_state() we failed. But again given this is an error
path already maybe we can optimize this in a follow up series.
> +
> + __free_pages(page, order);
> +}
> +
> +void snp_free_firmware_page(void *addr)
> +{
> + if (!addr)
> + return;
> +
> + __snp_free_firmware_pages(virt_to_page(addr), 0, false);
> +}
> +EXPORT_SYMBOL(snp_free_firmware_page);
> +
> static void *sev_fw_alloc(unsigned long len)
> {
> struct page *page;
>
> - page = alloc_pages(GFP_KERNEL, get_order(len));
> + page = __snp_alloc_firmware_pages(GFP_KERNEL, get_order(len), false);
> if (!page)
> return NULL;
>
> @@ -393,7 +551,7 @@ static int __sev_init_locked(int *error)
> data.tmr_address = __pa(sev_es_tmr);
>
> data.flags |= SEV_INIT_FLAGS_SEV_ES;
> - data.tmr_len = SEV_ES_TMR_SIZE;
> + data.tmr_len = sev_es_tmr_size;
> }
>
> return __sev_do_cmd_locked(SEV_CMD_INIT, &data, error);
> @@ -421,7 +579,7 @@ static int __sev_init_ex_locked(int *error)
> data.tmr_address = __pa(sev_es_tmr);
>
> data.flags |= SEV_INIT_FLAGS_SEV_ES;
> - data.tmr_len = SEV_ES_TMR_SIZE;
> + data.tmr_len = sev_es_tmr_size;
> }
>
> return __sev_do_cmd_locked(SEV_CMD_INIT_EX, &data, error);
> @@ -818,6 +976,8 @@ static int __sev_snp_init_locked(int *error)
> sev->snp_inited = true;
> dev_dbg(sev->dev, "SEV-SNP firmware initialized\n");
>
> + sev_es_tmr_size = SEV_SNP_ES_TMR_SIZE;
> +
> return rc;
> }
>
> @@ -1341,8 +1501,9 @@ static void sev_firmware_shutdown(struct sev_device *sev)
> /* The TMR area was encrypted, flush it from the cache */
> wbinvd_on_all_cpus();
>
> - free_pages((unsigned long)sev_es_tmr,
> - get_order(SEV_ES_TMR_SIZE));
> + __snp_free_firmware_pages(virt_to_page(sev_es_tmr),
> + get_order(sev_es_tmr_size),
> + false);
> sev_es_tmr = NULL;
> }
>
> @@ -1430,7 +1591,7 @@ void sev_pci_init(void)
> }
>
> /* Obtain the TMR memory area for SEV-ES use */
> - sev_es_tmr = sev_fw_alloc(SEV_ES_TMR_SIZE);
> + sev_es_tmr = sev_fw_alloc(sev_es_tmr_size);
> if (!sev_es_tmr)
> dev_warn(sev->dev,
> "SEV: TMR allocation failed, SEV-ES support unavailable\n");
> diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h
> index 9f921d221b75..a3bb792bb842 100644
> --- a/include/linux/psp-sev.h
> +++ b/include/linux/psp-sev.h
> @@ -12,6 +12,8 @@
> #ifndef __PSP_SEV_H__
> #define __PSP_SEV_H__
>
> +#include <linux/sev.h>
> +
> #include <uapi/linux/psp-sev.h>
>
> #ifdef CONFIG_X86
> @@ -940,6 +942,8 @@ int snp_guest_page_reclaim(struct sev_data_snp_page_reclaim *data, int *error);
> int snp_guest_dbg_decrypt(struct sev_data_snp_dbg *data, int *error);
>
> void *psp_copy_user_blob(u64 uaddr, u32 len);
> +void *snp_alloc_firmware_page(gfp_t mask);
> +void snp_free_firmware_page(void *addr);
>
> #else /* !CONFIG_CRYPTO_DEV_SP_PSP */
>
> @@ -981,6 +985,13 @@ static inline int snp_guest_dbg_decrypt(struct sev_data_snp_dbg *data, int *erro
> return -ENODEV;
> }
>
> +static inline void *snp_alloc_firmware_page(gfp_t mask)
> +{
> + return NULL;
> +}
> +
> +static inline void snp_free_firmware_page(void *addr) { }
> +
> #endif /* CONFIG_CRYPTO_DEV_SP_PSP */
>
> #endif /* __PSP_SEV_H__ */
> --
> 2.25.1
>
next prev parent reply other threads:[~2022-06-21 18:11 UTC|newest]
Thread overview: 305+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-20 22:56 [PATCH Part2 v6 00/49] Add AMD Secure Nested Paging (SEV-SNP) Ashish Kalra
2022-06-20 22:59 ` [PATCH Part2 v6 01/49] x86/cpufeatures: Add SEV-SNP CPU feature Ashish Kalra
2022-06-21 8:58 ` Borislav Petkov
2022-06-20 22:59 ` [PATCH Part2 v6 02/49] iommu/amd: Introduce function to check SEV-SNP support Ashish Kalra
2022-06-21 15:28 ` Peter Gonda
2022-06-21 17:45 ` Kalra, Ashish
2022-06-21 17:50 ` Peter Gonda
2022-06-22 7:33 ` Suthikulpanit, Suravee
2022-08-25 1:28 ` jarkko
2022-08-25 1:30 ` Jarkko Sakkinen
2022-08-26 18:54 ` Kalra, Ashish
2022-08-28 4:18 ` Jarkko Sakkinen
2022-07-01 10:42 ` Borislav Petkov
2022-07-05 13:56 ` Kalra, Ashish
2022-07-05 14:33 ` Borislav Petkov
2022-07-05 14:53 ` Kalra, Ashish
2022-06-20 23:02 ` [PATCH Part2 v6 03/49] x86/sev: Add the host SEV-SNP initialization support Ashish Kalra
2022-06-21 15:47 ` Peter Gonda
2022-06-21 17:59 ` Kalra, Ashish
2022-06-23 20:48 ` Marc Orr
2022-06-23 22:22 ` Kalra, Ashish
2022-07-17 10:01 ` Borislav Petkov
2022-07-19 3:56 ` Kalra, Ashish
2022-07-19 8:38 ` Borislav Petkov
2022-07-19 11:34 ` Kalra, Ashish
2022-06-20 23:02 ` [PATCH Part2 v6 04/49] x86/sev: set SYSCFG.MFMD Ashish Kalra
2022-06-23 21:00 ` Marc Orr
2022-07-21 11:29 ` Borislav Petkov
2022-08-01 21:16 ` Kalra, Ashish
2022-06-20 23:02 ` [PATCH Part2 v6 05/49] x86/sev: Add RMP entry lookup helpers Ashish Kalra
2022-06-22 14:13 ` Dave Hansen
2022-06-22 14:22 ` Kalra, Ashish
2022-06-22 14:29 ` Dave Hansen
2022-06-22 18:15 ` Kalra, Ashish
2022-06-22 18:17 ` Dave Hansen
2022-06-22 18:34 ` Kalra, Ashish
2022-06-22 18:42 ` Dave Hansen
2022-06-22 19:43 ` Kalra, Ashish
2022-06-22 19:49 ` Dave Hansen
2022-06-22 20:15 ` Kalra, Ashish
2022-06-22 20:58 ` Kalra, Ashish
2022-06-23 22:36 ` Sean Christopherson
2022-06-23 22:43 ` Kalra, Ashish
2022-07-22 11:35 ` Borislav Petkov
2022-07-22 19:04 ` Sean Christopherson
2022-07-22 19:25 ` Borislav Petkov
2022-07-22 19:38 ` Borislav Petkov
2022-08-01 21:53 ` Kalra, Ashish
2022-07-22 22:16 ` Sean Christopherson
2022-07-22 22:25 ` Borislav Petkov
2022-08-01 21:50 ` Kalra, Ashish
2022-06-23 21:30 ` Marc Orr
2022-07-22 11:43 ` Borislav Petkov
2022-08-01 21:45 ` Kalra, Ashish
2022-07-25 14:32 ` Borislav Petkov
2022-08-01 22:04 ` Kalra, Ashish
2022-06-20 23:02 ` [PATCH Part2 v6 06/49] x86/sev: Add helper functions for RMPUPDATE and PSMASH instruction Ashish Kalra
2022-06-21 16:40 ` Dr. David Alan Gilbert
2022-06-21 17:38 ` Kalra, Ashish
2022-06-22 18:17 ` Kalra, Ashish
2022-06-28 10:50 ` Dr. David Alan Gilbert
2022-06-28 17:57 ` Kalra, Ashish
2022-06-28 18:58 ` Dr. David Alan Gilbert
2022-06-28 19:03 ` Dave Hansen
2022-07-25 13:24 ` Borislav Petkov
2022-08-01 23:32 ` Kalra, Ashish
2022-08-02 14:14 ` Borislav Petkov
2022-06-22 14:26 ` Dave Hansen
2022-06-22 18:04 ` Kalra, Ashish
2022-07-24 17:31 ` Dov Murik
2022-08-02 4:49 ` Kalra, Ashish
2022-07-25 14:36 ` Borislav Petkov
2022-08-01 22:31 ` Kalra, Ashish
2022-08-03 20:26 ` Borislav Petkov
2022-06-20 23:03 ` [PATCH Part2 v6 07/49] x86/sev: Invalid pages from direct map when adding it to RMP table Ashish Kalra
2022-06-24 0:06 ` Marc Orr
2022-07-27 17:01 ` Borislav Petkov
2022-08-01 23:57 ` Kalra, Ashish
2022-08-04 12:11 ` Borislav Petkov
2022-11-02 3:12 ` Kalra, Ashish
2022-11-02 11:27 ` Borislav Petkov
2022-12-19 15:00 ` Michael Roth
2022-12-19 20:08 ` Borislav Petkov
2022-12-27 21:49 ` Kalra, Ashish
2022-12-29 17:09 ` Borislav Petkov
2023-01-05 21:46 ` Kalra, Ashish
2023-01-05 22:08 ` Marc Orr
2023-01-05 22:27 ` Kalra, Ashish
2023-01-05 22:31 ` Marc Orr
2022-12-30 15:19 ` Mike Rapoport
2022-06-20 23:03 ` [PATCH Part2 v6 08/49] x86/traps: Define RMP violation #PF error code Ashish Kalra
2022-08-08 13:13 ` Borislav Petkov
2022-06-20 23:03 ` [PATCH Part2 v6 09/49] x86/fault: Add support to handle the RMP fault for user address Ashish Kalra
2022-06-22 14:29 ` Jeremi Piotrowski
2022-07-12 11:57 ` Jarkko Sakkinen
2022-07-12 14:29 ` Kalra, Ashish
2022-07-12 14:54 ` Jarkko Sakkinen
2022-08-09 16:55 ` Borislav Petkov
2022-08-10 3:59 ` Kalra, Ashish
2022-08-10 9:42 ` Borislav Petkov
2022-08-10 22:00 ` Kalra, Ashish
2022-08-11 14:27 ` Borislav Petkov
2022-09-01 20:32 ` Kalra, Ashish
2022-09-02 6:52 ` Borislav Petkov
2022-09-02 15:33 ` Kalra, Ashish
2022-09-03 4:25 ` Borislav Petkov
2022-09-03 5:51 ` Kalra, Ashish
2022-09-03 6:57 ` Kalra, Ashish
2022-09-03 8:31 ` Boris Petkov
2022-09-03 17:30 ` Kalra, Ashish
2022-09-04 6:37 ` Borislav Petkov
2022-09-06 14:06 ` Kalra, Ashish
2022-09-06 10:25 ` Jarkko Sakkinen
2022-09-06 10:33 ` Jarkko Sakkinen
2022-09-06 13:54 ` Marc Orr
2022-09-06 14:17 ` Kalra, Ashish
2022-09-06 15:06 ` Michael Roth
2022-09-06 16:39 ` Kalra, Ashish
2022-09-07 5:14 ` Marc Orr
2022-09-06 15:44 ` Jarkko Sakkinen
2022-09-08 7:46 ` Jarkko Sakkinen
2022-09-08 7:57 ` Jarkko Sakkinen
2022-08-11 15:15 ` vbabka
2022-09-06 2:30 ` Dave Hansen
2022-06-20 23:03 ` [PATCH Part2 v6 10/49] x86/fault: Add support to dump RMP entry on fault Ashish Kalra
2022-06-22 14:33 ` Jeremi Piotrowski
2022-06-22 14:42 ` Jeremi Piotrowski
2022-06-22 18:08 ` Kalra, Ashish
2022-08-23 13:21 ` Borislav Petkov
2022-06-20 23:04 ` [PATCH Part2 v6 11/49] crypto:ccp: Define the SEV-SNP commands Ashish Kalra
2022-09-20 13:03 ` Borislav Petkov
2022-09-20 13:46 ` Kalra, Ashish
2022-09-20 14:04 ` Borislav Petkov
2022-06-20 23:04 ` [PATCH Part2 v6 12/49] crypto: ccp: Add support to initialize the AMD-SP for SEV-SNP Ashish Kalra
2022-10-01 17:33 ` Borislav Petkov
2022-10-14 21:09 ` Kalra, Ashish
2022-10-14 21:31 ` Kalra, Ashish
2022-10-25 8:56 ` Borislav Petkov
2022-10-19 18:48 ` Kalra, Ashish
2022-10-23 21:17 ` Jarkko Sakkinen
2022-10-25 9:07 ` Borislav Petkov
2022-10-25 8:30 ` Borislav Petkov
2022-06-20 23:04 ` [PATCH Part2 v6 13/49] crypto:ccp: Provide APIs to issue SEV-SNP commands Ashish Kalra
2022-06-21 21:43 ` Peter Gonda
2022-06-22 1:44 ` Kalra, Ashish
2022-08-02 10:52 ` Jarkko Sakkinen
2022-10-01 20:17 ` Borislav Petkov
2022-10-03 14:38 ` Kalra, Ashish
2022-10-03 16:16 ` Borislav Petkov
2022-10-03 17:11 ` Kalra, Ashish
2022-10-03 17:45 ` Borislav Petkov
2022-10-03 18:01 ` Peter Gonda
2022-10-03 18:16 ` Borislav Petkov
2022-10-03 18:43 ` Kalra, Ashish
2022-10-03 18:53 ` Borislav Petkov
2022-06-20 23:05 ` [PATCH Part2 v6 14/49] crypto: ccp: Handle the legacy TMR allocation when SNP is enabled Ashish Kalra
2022-06-21 18:11 ` Peter Gonda [this message]
2022-06-21 20:17 ` Kalra, Ashish
2022-06-24 14:19 ` Peter Gonda
2022-08-02 12:17 ` jarkko
2022-08-02 11:17 ` Jarkko Sakkinen
2022-10-13 15:15 ` Borislav Petkov
2022-10-14 20:00 ` Kalra, Ashish
2022-10-25 10:25 ` Borislav Petkov
2022-10-31 20:10 ` Kalra, Ashish
2022-10-31 21:15 ` Borislav Petkov
2022-10-31 21:58 ` Kalra, Ashish
2022-11-02 11:22 ` Borislav Petkov
2022-11-14 23:36 ` Kalra, Ashish
2022-11-15 14:26 ` Borislav Petkov
2022-11-15 15:14 ` Vlastimil Babka
2022-11-15 15:22 ` Borislav Petkov
2022-11-15 16:27 ` Borislav Petkov
2022-11-15 22:44 ` Kalra, Ashish
2022-11-15 17:24 ` Kalra, Ashish
2022-11-15 18:15 ` Kalra, Ashish
2022-11-16 9:08 ` Vlastimil Babka
2022-11-16 10:19 ` Kalra, Ashish
2022-11-16 10:25 ` Vlastimil Babka
2022-11-16 18:01 ` Kalra, Ashish
2022-11-16 18:33 ` Borislav Petkov
2022-11-16 18:53 ` Kalra, Ashish
2022-11-16 19:09 ` Borislav Petkov
2022-11-16 19:23 ` Kalra, Ashish
2022-11-16 18:32 ` Dave Hansen
2022-11-16 5:19 ` HORIGUCHI NAOYA(堀口 直也)
2022-11-16 10:28 ` Kalra, Ashish
2022-11-16 23:41 ` HORIGUCHI NAOYA(堀口 直也)
2022-11-17 20:56 ` Kalra, Ashish
2022-11-20 21:34 ` Borislav Petkov
2022-11-22 0:37 ` Kalra, Ashish
2022-11-22 10:17 ` Borislav Petkov
2022-11-22 10:32 ` Kalra, Ashish
2022-11-22 10:44 ` Borislav Petkov
2022-11-22 11:44 ` Kalra, Ashish
2022-11-23 11:40 ` Borislav Petkov
2022-11-23 18:32 ` Kalra, Ashish
2022-06-20 23:05 ` [PATCH Part2 v6 15/49] crypto: ccp: Handle the legacy SEV command " Ashish Kalra
2022-06-20 23:05 ` [PATCH Part2 v6 16/49] crypto: ccp: Add the SNP_PLATFORM_STATUS command Ashish Kalra
2022-06-20 23:05 ` [PATCH Part2 v6 17/49] crypto: ccp: Add the SNP_{SET,GET}_EXT_CONFIG command Ashish Kalra
2022-06-21 22:13 ` Peter Gonda
2022-06-22 1:58 ` Kalra, Ashish
2022-08-02 12:31 ` Jarkko Sakkinen
2022-08-08 19:27 ` Dionna Amalie Glaze
2022-08-08 21:32 ` Tom Lendacky
2022-08-08 23:25 ` Dionna Amalie Glaze
2022-06-20 23:06 ` [PATCH Part2 v6 18/49] crypto: ccp: Provide APIs to query extended attestation report Ashish Kalra
2022-06-21 22:30 ` Peter Gonda
2022-08-02 12:39 ` Jarkko Sakkinen
2022-06-20 23:06 ` [PATCH Part2 v6 19/49] KVM: SVM: Add support to handle AP reset MSR protocol Ashish Kalra
2022-06-20 23:06 ` [PATCH Part2 v6 20/49] KVM: SVM: Provide the Hypervisor Feature support VMGEXIT Ashish Kalra
2022-06-20 23:06 ` [PATCH Part2 v6 21/49] KVM: SVM: Make AVIC backing, VMSA and VMCB memory allocation SNP safe Ashish Kalra
2022-08-04 11:32 ` Vlastimil Babka
2022-06-20 23:07 ` [PATCH Part2 v6 22/49] KVM: SVM: Add initial SEV-SNP support Ashish Kalra
2022-06-20 23:07 ` [PATCH Part2 v6 23/49] KVM: SVM: Add KVM_SNP_INIT command Ashish Kalra
2022-06-20 23:07 ` [PATCH Part2 v6 24/49] KVM: SVM: Add KVM_SEV_SNP_LAUNCH_START command Ashish Kalra
2022-06-24 14:42 ` Peter Gonda
2022-06-24 18:17 ` Kalra, Ashish
2022-08-02 13:19 ` Jarkko Sakkinen
2022-06-20 23:07 ` [PATCH Part2 v6 25/49] KVM: SVM: Disallow registering memory range from HugeTLB for SNP guest Ashish Kalra
2022-08-04 13:37 ` Vlastimil Babka
2022-06-20 23:08 ` [PATCH Part2 v6 26/49] KVM: SVM: Add KVM_SEV_SNP_LAUNCH_UPDATE command Ashish Kalra
2022-06-24 14:33 ` Peter Gonda
2022-06-29 18:14 ` Kalra, Ashish
2022-08-02 12:50 ` Jarkko Sakkinen
2022-08-09 13:55 ` Sabin Rapan
2022-08-15 23:04 ` Kalra, Ashish
2022-06-20 23:08 ` [PATCH Part2 v6 27/49] KVM: SVM: Mark the private vma unmerable for SEV-SNP guests Ashish Kalra
2022-06-22 10:29 ` Dr. David Alan Gilbert
2022-08-04 10:56 ` Vlastimil Babka
2022-06-20 23:08 ` [PATCH Part2 v6 28/49] KVM: SVM: Add KVM_SEV_SNP_LAUNCH_FINISH command Ashish Kalra
2022-07-11 14:05 ` Peter Gonda
2022-07-11 22:41 ` Kalra, Ashish
2022-07-12 14:45 ` Peter Gonda
2022-07-12 15:22 ` Kalra, Ashish
2022-07-12 16:04 ` Peter Gonda
2022-07-12 17:40 ` Tom Lendacky
2022-07-13 14:59 ` Peter Gonda
2022-08-02 13:28 ` Jarkko Sakkinen
2022-09-08 14:55 ` [[PATCH for v6]] KVM: SEV: fix snp_launch_finish Harald Hoyer
2022-09-08 15:11 ` Sean Christopherson
2022-09-08 20:34 ` Jarkko Sakkinen
2022-09-09 8:04 ` [PATCH Part2 v6 28/49] KVM: SVM: Add KVM_SEV_SNP_LAUNCH_FINISH command Harald Hoyer
2022-06-20 23:08 ` [PATCH Part2 v6 29/49] KVM: X86: Keep the NPT and RMP page level in sync Ashish Kalra
2022-07-12 16:44 ` Jarkko Sakkinen
2022-06-20 23:09 ` [PATCH Part2 v6 30/49] KVM: x86/mmu: Introduce kvm_mmu_map_tdp_page() for use by TDX and SNP Ashish Kalra
2022-06-20 23:09 ` [PATCH Part2 v6 31/49] KVM: x86: Introduce kvm_mmu_get_tdp_walk() for SEV-SNP use Ashish Kalra
2022-09-07 17:45 ` Alper Gun
2022-06-20 23:09 ` [PATCH Part2 v6 32/49] KVM: x86: Define RMP page fault error bits for #NPF Ashish Kalra
2022-06-20 23:10 ` [PATCH Part2 v6 33/49] KVM: x86: Update page-fault trace to log full 64-bit error code Ashish Kalra
2022-07-25 11:19 ` Vlastimil Babka
2022-06-20 23:10 ` [PATCH Part2 v6 34/49] KVM: SVM: Do not use long-lived GHCB map while setting scratch area Ashish Kalra
2022-06-20 23:10 ` [PATCH Part2 v6 35/49] KVM: SVM: Remove the long-lived GHCB host map Ashish Kalra
2022-06-24 15:12 ` Peter Gonda
2022-06-24 20:14 ` Kalra, Ashish
2022-07-07 20:06 ` Peter Gonda
2022-07-07 20:31 ` Kalra, Ashish
2022-07-08 15:54 ` Peter Gonda
2022-07-08 15:59 ` Kalra, Ashish
2022-06-20 23:11 ` [PATCH Part2 v6 36/49] KVM: SVM: Add support to handle GHCB GPA register VMGEXIT Ashish Kalra
2022-06-28 13:28 ` Dr. David Alan Gilbert
2022-06-20 23:11 ` [PATCH Part2 v6 37/49] KVM: SVM: Add support to handle MSR based Page State Change VMGEXIT Ashish Kalra
2022-08-19 16:54 ` Peter Gonda
2022-09-19 17:53 ` Alper Gun
2022-09-19 21:38 ` Tom Lendacky
2022-09-19 22:02 ` Alper Gun
2022-09-19 22:18 ` Tom Lendacky
2022-09-19 23:46 ` Ashish Kalra
2022-09-26 15:19 ` Peter Gonda
2022-10-12 20:15 ` Kalra, Ashish
2022-10-12 22:57 ` Michael Roth
2022-06-20 23:11 ` [PATCH Part2 v6 38/49] KVM: SVM: Add support to handle " Ashish Kalra
2022-06-20 23:12 ` [PATCH Part2 v6 39/49] KVM: SVM: Introduce ops for the post gfn map and unmap Ashish Kalra
2022-08-18 3:47 ` Alper Gun
2022-11-17 20:18 ` Peter Gonda
2022-11-17 20:28 ` Kalra, Ashish
2022-11-17 21:36 ` Kalra, Ashish
2022-06-20 23:12 ` [PATCH Part2 v6 40/49] KVM: x86: Export the kvm_zap_gfn_range() for the SNP use Ashish Kalra
2022-06-20 23:13 ` [PATCH Part2 v6 41/49] KVM: SVM: Add support to handle the RMP nested page fault Ashish Kalra
2022-07-12 12:33 ` Jarkko Sakkinen
2022-07-12 12:45 ` Jarkko Sakkinen
2022-07-12 12:48 ` Jarkko Sakkinen
2022-07-12 15:32 ` Kalra, Ashish
2022-10-10 22:03 ` Alper Gun
2022-10-11 2:32 ` Kalra, Ashish
2022-10-12 22:53 ` Alper Gun
2022-10-13 15:00 ` Kalra, Ashish
2022-06-20 23:13 ` [PATCH Part2 v6 42/49] KVM: SVM: Provide support for SNP_GUEST_REQUEST NAE event Ashish Kalra
2022-06-24 16:25 ` Peter Gonda
2022-06-27 19:03 ` Kalra, Ashish
2022-06-29 19:15 ` Kalra, Ashish
2022-07-08 15:28 ` Peter Gonda
2022-10-21 19:06 ` Tom Lendacky
2022-10-21 21:12 ` Kalra, Ashish
2022-10-21 21:30 ` Tom Lendacky
2022-10-21 21:56 ` Kalra, Ashish
2022-06-20 23:13 ` [PATCH Part2 v6 43/49] KVM: SVM: Use a VMSA physical address variable for populating VMCB Ashish Kalra
2022-06-20 23:14 ` [PATCH Part2 v6 44/49] KVM: SVM: Support SEV-SNP AP Creation NAE event Ashish Kalra
2022-06-20 23:14 ` [PATCH Part2 v6 45/49] KVM: SVM: Add module parameter to enable the SEV-SNP Ashish Kalra
2022-06-20 23:14 ` [PATCH Part2 v6 46/49] ccp: add support to decrypt the page Ashish Kalra
2022-06-20 23:14 ` [PATCH Part2 v6 47/49] *fix for stale per-cpu pointer due to cond_resched during ghcb mapping Ashish Kalra
2022-06-24 16:35 ` Peter Gonda
2022-06-24 16:44 ` Kalra, Ashish
2022-06-20 23:15 ` [PATCH Part2 v6 48/49] *debug: warn and retry failed rmpupdates Ashish Kalra
2022-06-20 23:15 ` [PATCH Part2 v6 49/49] KVM: SVM: Sync the GHCB scratch buffer using already mapped ghcb Ashish Kalra
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAMkAt6ruxMazN3NmWHsemDNQj6Uj0PhCVeaxw2unCxU=YZFRWw@mail.gmail.com' \
--to=pgonda@google.com \
--cc=Ashish.Kalra@amd.com \
--cc=ak@linux.intel.com \
--cc=alpergun@google.com \
--cc=ardb@kernel.org \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=dgilbert@redhat.com \
--cc=dovmurik@linux.ibm.com \
--cc=hpa@zytor.com \
--cc=jarkko@kernel.org \
--cc=jmattson@google.com \
--cc=jroedel@suse.de \
--cc=kirill@shutemov.name \
--cc=kvm@vger.kernel.org \
--cc=linux-coco@lists.linux.dev \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luto@kernel.org \
--cc=marcorr@google.com \
--cc=michael.roth@amd.com \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=rientjes@google.com \
--cc=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=seanjc@google.com \
--cc=slp@redhat.com \
--cc=srinivas.pandruvada@linux.intel.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=tobin@ibm.com \
--cc=tony.luck@intel.com \
--cc=vbabka@suse.cz \
--cc=vkuznets@redhat.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).