From: Brijesh Singh <brijesh.singh@amd.com>
To: x86@kernel.org, linux-kernel@vger.kernel.org,
kvm@vger.kernel.org, linux-coco@lists.linux.dev,
linux-mm@kvack.org, linux-crypto@vger.kernel.org
Cc: Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Joerg Roedel <jroedel@suse.de>,
Tom Lendacky <thomas.lendacky@amd.com>,
"H. Peter Anvin" <hpa@zytor.com>,
Ard Biesheuvel <ardb@kernel.org>,
Paolo Bonzini <pbonzini@redhat.com>,
Sean Christopherson <seanjc@google.com>,
Vitaly Kuznetsov <vkuznets@redhat.com>,
Wanpeng Li <wanpengli@tencent.com>,
Jim Mattson <jmattson@google.com>,
Andy Lutomirski <luto@kernel.org>,
Dave Hansen <dave.hansen@linux.intel.com>,
Sergio Lopez <slp@redhat.com>, Peter Gonda <pgonda@google.com>,
Peter Zijlstra <peterz@infradead.org>,
Srinivas Pandruvada <srinivas.pandruvada@linux.intel.com>,
David Rientjes <rientjes@google.com>,
Dov Murik <dovmurik@linux.ibm.com>,
Tobin Feldman-Fitzthum <tobin@ibm.com>,
Borislav Petkov <bp@alien8.de>,
Michael Roth <michael.roth@amd.com>,
Vlastimil Babka <vbabka@suse.cz>,
"Kirill A . Shutemov" <kirill@shutemov.name>,
Andi Kleen <ak@linux.intel.com>,
tony.luck@intel.com, marcorr@google.com,
sathyanarayanan.kuppuswamy@linux.intel.com,
Brijesh Singh <brijesh.singh@amd.com>
Subject: [PATCH Part2 v5 15/45] crypto: ccp: Handle the legacy SEV command when SNP is enabled
Date: Fri, 20 Aug 2021 10:58:48 -0500 [thread overview]
Message-ID: <20210820155918.7518-16-brijesh.singh@amd.com> (raw)
In-Reply-To: <20210820155918.7518-1-brijesh.singh@amd.com>
The behavior of the SEV-legacy commands is altered when the SNP firmware
is in the INIT state. When SNP is in INIT state, all the SEV-legacy
commands that cause the firmware to write to memory must be in the
firmware state before issuing the command..
A command buffer may contains a system physical address that the firmware
may write to. There are two cases that need to be handled:
1) system physical address points to a guest memory
2) system physical address points to a host memory
To handle the case #1, change the page state to the firmware in the RMP
table before issuing the command and restore the state to shared after the
command completes.
For the case #2, use a bounce buffer to complete the request.
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
drivers/crypto/ccp/sev-dev.c | 346 ++++++++++++++++++++++++++++++++++-
drivers/crypto/ccp/sev-dev.h | 12 ++
2 files changed, 348 insertions(+), 10 deletions(-)
diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index 34dc358b13b9..4cd7d803a624 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -317,12 +317,295 @@ void snp_free_firmware_page(void *addr)
}
EXPORT_SYMBOL(snp_free_firmware_page);
+static int alloc_snp_host_map(struct sev_device *sev)
+{
+ struct page *page;
+ int i;
+
+ for (i = 0; i < MAX_SNP_HOST_MAP_BUFS; i++) {
+ struct snp_host_map *map = &sev->snp_host_map[i];
+
+ memset(map, 0, sizeof(*map));
+
+ page = alloc_pages(GFP_KERNEL_ACCOUNT, get_order(SEV_FW_BLOB_MAX_SIZE));
+ if (!page)
+ return -ENOMEM;
+
+ map->host = page_address(page);
+ }
+
+ return 0;
+}
+
+static void free_snp_host_map(struct sev_device *sev)
+{
+ int i;
+
+ for (i = 0; i < MAX_SNP_HOST_MAP_BUFS; i++) {
+ struct snp_host_map *map = &sev->snp_host_map[i];
+
+ if (map->host) {
+ __free_pages(virt_to_page(map->host), get_order(SEV_FW_BLOB_MAX_SIZE));
+ memset(map, 0, sizeof(*map));
+ }
+ }
+}
+
+static int map_firmware_writeable(u64 *paddr, u32 len, bool guest, struct snp_host_map *map)
+{
+ unsigned int npages = PAGE_ALIGN(len) >> PAGE_SHIFT;
+
+ map->active = false;
+
+ if (!paddr || !len)
+ return 0;
+
+ map->paddr = *paddr;
+ map->len = len;
+
+ /* If paddr points to a guest memory then change the page state to firmwware. */
+ if (guest) {
+ if (snp_set_rmp_state(*paddr, npages, true, true, false))
+ return -EFAULT;
+
+ goto done;
+ }
+
+ if (!map->host)
+ return -ENOMEM;
+
+ /* Check if the pre-allocated buffer can be used to fullfil the request. */
+ if (len > SEV_FW_BLOB_MAX_SIZE)
+ return -EINVAL;
+
+ /* Transition the pre-allocated buffer to the firmware state. */
+ if (snp_set_rmp_state(__pa(map->host), npages, true, true, false))
+ return -EFAULT;
+
+ /* Set the paddr to use pre-allocated firmware buffer */
+ *paddr = __psp_pa(map->host);
+
+done:
+ map->active = true;
+ return 0;
+}
+
+static int unmap_firmware_writeable(u64 *paddr, u32 len, bool guest, struct snp_host_map *map)
+{
+ unsigned int npages = PAGE_ALIGN(len) >> PAGE_SHIFT;
+
+ if (!map->active)
+ return 0;
+
+ /* If paddr points to a guest memory then restore the page state to hypervisor. */
+ if (guest) {
+ if (snp_set_rmp_state(*paddr, npages, false, true, true))
+ return -EFAULT;
+
+ goto done;
+ }
+
+ /*
+ * Transition the pre-allocated buffer to hypervisor state before the access.
+ *
+ * This is because while changing the page state to firmware, the kernel unmaps
+ * the pages from the direct map, and to restore the direct map we must
+ * transition the pages to shared state.
+ */
+ if (snp_set_rmp_state(__pa(map->host), npages, false, true, true))
+ return -EFAULT;
+
+ /* Copy the response data firmware buffer to the callers buffer. */
+ memcpy(__va(__sme_clr(map->paddr)), map->host, min_t(size_t, len, map->len));
+ *paddr = map->paddr;
+
+done:
+ map->active = false;
+ return 0;
+}
+
+static bool sev_legacy_cmd_buf_writable(int cmd)
+{
+ switch (cmd) {
+ case SEV_CMD_PLATFORM_STATUS:
+ case SEV_CMD_GUEST_STATUS:
+ case SEV_CMD_LAUNCH_START:
+ case SEV_CMD_RECEIVE_START:
+ case SEV_CMD_LAUNCH_MEASURE:
+ case SEV_CMD_SEND_START:
+ case SEV_CMD_SEND_UPDATE_DATA:
+ case SEV_CMD_SEND_UPDATE_VMSA:
+ case SEV_CMD_PEK_CSR:
+ case SEV_CMD_PDH_CERT_EXPORT:
+ case SEV_CMD_GET_ID:
+ case SEV_CMD_ATTESTATION_REPORT:
+ return true;
+ default:
+ return false;
+ }
+}
+
+#define prep_buffer(name, addr, len, guest, map) \
+ func(&((typeof(name *))cmd_buf)->addr, ((typeof(name *))cmd_buf)->len, guest, map)
+
+static int __snp_cmd_buf_copy(int cmd, void *cmd_buf, bool to_fw, int fw_err)
+{
+ int (*func)(u64 *paddr, u32 len, bool guest, struct snp_host_map *map);
+ struct sev_device *sev = psp_master->sev_data;
+ bool from_fw = !to_fw;
+
+ /*
+ * After the command is completed, change the command buffer memory to
+ * hypervisor state.
+ *
+ * The immutable bit is automatically cleared by the firmware, so
+ * no not need to reclaim the page.
+ */
+ if (from_fw && sev_legacy_cmd_buf_writable(cmd)) {
+ if (snp_set_rmp_state(__pa(cmd_buf), 1, false, true, false))
+ return -EFAULT;
+
+ /* No need to go further if firmware failed to execute command. */
+ if (fw_err)
+ return 0;
+ }
+
+ if (to_fw)
+ func = map_firmware_writeable;
+ else
+ func = unmap_firmware_writeable;
+
+ /*
+ * A command buffer may contains a system physical address. If the address
+ * points to a host memory then use an intermediate firmware page otherwise
+ * change the page state in the RMP table.
+ */
+ switch (cmd) {
+ case SEV_CMD_PDH_CERT_EXPORT:
+ if (prep_buffer(struct sev_data_pdh_cert_export, pdh_cert_address,
+ pdh_cert_len, false, &sev->snp_host_map[0]))
+ goto err;
+ if (prep_buffer(struct sev_data_pdh_cert_export, cert_chain_address,
+ cert_chain_len, false, &sev->snp_host_map[1]))
+ goto err;
+ break;
+ case SEV_CMD_GET_ID:
+ if (prep_buffer(struct sev_data_get_id, address, len,
+ false, &sev->snp_host_map[0]))
+ goto err;
+ break;
+ case SEV_CMD_PEK_CSR:
+ if (prep_buffer(struct sev_data_pek_csr, address, len,
+ false, &sev->snp_host_map[0]))
+ goto err;
+ break;
+ case SEV_CMD_LAUNCH_UPDATE_DATA:
+ if (prep_buffer(struct sev_data_launch_update_data, address, len,
+ true, &sev->snp_host_map[0]))
+ goto err;
+ break;
+ case SEV_CMD_LAUNCH_UPDATE_VMSA:
+ if (prep_buffer(struct sev_data_launch_update_vmsa, address, len,
+ true, &sev->snp_host_map[0]))
+ goto err;
+ break;
+ case SEV_CMD_LAUNCH_MEASURE:
+ if (prep_buffer(struct sev_data_launch_measure, address, len,
+ false, &sev->snp_host_map[0]))
+ goto err;
+ break;
+ case SEV_CMD_LAUNCH_UPDATE_SECRET:
+ if (prep_buffer(struct sev_data_launch_secret, guest_address, guest_len,
+ true, &sev->snp_host_map[0]))
+ goto err;
+ break;
+ case SEV_CMD_DBG_DECRYPT:
+ if (prep_buffer(struct sev_data_dbg, dst_addr, len, false,
+ &sev->snp_host_map[0]))
+ goto err;
+ break;
+ case SEV_CMD_DBG_ENCRYPT:
+ if (prep_buffer(struct sev_data_dbg, dst_addr, len, true,
+ &sev->snp_host_map[0]))
+ goto err;
+ break;
+ case SEV_CMD_ATTESTATION_REPORT:
+ if (prep_buffer(struct sev_data_attestation_report, address, len,
+ false, &sev->snp_host_map[0]))
+ goto err;
+ break;
+ case SEV_CMD_SEND_START:
+ if (prep_buffer(struct sev_data_send_start, session_address,
+ session_len, false, &sev->snp_host_map[0]))
+ goto err;
+ break;
+ case SEV_CMD_SEND_UPDATE_DATA:
+ if (prep_buffer(struct sev_data_send_update_data, hdr_address, hdr_len,
+ false, &sev->snp_host_map[0]))
+ goto err;
+ if (prep_buffer(struct sev_data_send_update_data, trans_address,
+ trans_len, false, &sev->snp_host_map[1]))
+ goto err;
+ break;
+ case SEV_CMD_SEND_UPDATE_VMSA:
+ if (prep_buffer(struct sev_data_send_update_vmsa, hdr_address, hdr_len,
+ false, &sev->snp_host_map[0]))
+ goto err;
+ if (prep_buffer(struct sev_data_send_update_vmsa, trans_address,
+ trans_len, false, &sev->snp_host_map[1]))
+ goto err;
+ break;
+ case SEV_CMD_RECEIVE_UPDATE_DATA:
+ if (prep_buffer(struct sev_data_receive_update_data, guest_address,
+ guest_len, true, &sev->snp_host_map[0]))
+ goto err;
+ break;
+ case SEV_CMD_RECEIVE_UPDATE_VMSA:
+ if (prep_buffer(struct sev_data_receive_update_vmsa, guest_address,
+ guest_len, true, &sev->snp_host_map[0]))
+ goto err;
+ break;
+ default:
+ break;
+ }
+
+ /* The command buffer need to be in the firmware state. */
+ if (to_fw && sev_legacy_cmd_buf_writable(cmd)) {
+ if (snp_set_rmp_state(__pa(cmd_buf), 1, true, true, false))
+ return -EFAULT;
+ }
+
+ return 0;
+
+err:
+ return -EINVAL;
+}
+
+static inline bool need_firmware_copy(int cmd)
+{
+ struct sev_device *sev = psp_master->sev_data;
+
+ /* After SNP is INIT'ed, the behavior of legacy SEV command is changed. */
+ return ((cmd < SEV_CMD_SNP_INIT) && sev->snp_inited) ? true : false;
+}
+
+static int snp_aware_copy_to_firmware(int cmd, void *data)
+{
+ return __snp_cmd_buf_copy(cmd, data, true, 0);
+}
+
+static int snp_aware_copy_from_firmware(int cmd, void *data, int fw_err)
+{
+ return __snp_cmd_buf_copy(cmd, data, false, fw_err);
+}
+
static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret)
{
struct psp_device *psp = psp_master;
struct sev_device *sev;
unsigned int phys_lsb, phys_msb;
unsigned int reg, ret = 0;
+ void *cmd_buf;
int buf_len;
if (!psp || !psp->sev_data)
@@ -342,12 +625,28 @@ static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret)
* work for some memory, e.g. vmalloc'd addresses, and @data may not be
* physically contiguous.
*/
- if (data)
- memcpy(sev->cmd_buf, data, buf_len);
+ if (data) {
+ if (sev->cmd_buf_active > 2)
+ return -EBUSY;
+
+ cmd_buf = sev->cmd_buf_active ? sev->cmd_buf_backup : sev->cmd_buf;
+
+ memcpy(cmd_buf, data, buf_len);
+ sev->cmd_buf_active++;
+
+ /*
+ * The behavior of the SEV-legacy commands is altered when the
+ * SNP firmware is in the INIT state.
+ */
+ if (need_firmware_copy(cmd) && snp_aware_copy_to_firmware(cmd, sev->cmd_buf))
+ return -EFAULT;
+ } else {
+ cmd_buf = sev->cmd_buf;
+ }
/* Get the physical address of the command buffer */
- phys_lsb = data ? lower_32_bits(__psp_pa(sev->cmd_buf)) : 0;
- phys_msb = data ? upper_32_bits(__psp_pa(sev->cmd_buf)) : 0;
+ phys_lsb = data ? lower_32_bits(__psp_pa(cmd_buf)) : 0;
+ phys_msb = data ? upper_32_bits(__psp_pa(cmd_buf)) : 0;
dev_dbg(sev->dev, "sev command id %#x buffer 0x%08x%08x timeout %us\n",
cmd, phys_msb, phys_lsb, psp_timeout);
@@ -388,15 +687,24 @@ static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret)
ret = -EIO;
}
- print_hex_dump_debug("(out): ", DUMP_PREFIX_OFFSET, 16, 2, data,
- buf_len, false);
-
/*
* Copy potential output from the PSP back to data. Do this even on
* failure in case the caller wants to glean something from the error.
*/
- if (data)
- memcpy(data, sev->cmd_buf, buf_len);
+ if (data) {
+ /*
+ * Restore the page state after the command completes.
+ */
+ if (need_firmware_copy(cmd) &&
+ snp_aware_copy_from_firmware(cmd, cmd_buf, ret))
+ return -EFAULT;
+
+ memcpy(data, cmd_buf, buf_len);
+ sev->cmd_buf_active--;
+ }
+
+ print_hex_dump_debug("(out): ", DUMP_PREFIX_OFFSET, 16, 2, data,
+ buf_len, false);
return ret;
}
@@ -1271,10 +1579,12 @@ int sev_dev_init(struct psp_device *psp)
if (!sev)
goto e_err;
- sev->cmd_buf = (void *)devm_get_free_pages(dev, GFP_KERNEL, 0);
+ sev->cmd_buf = (void *)devm_get_free_pages(dev, GFP_KERNEL, 1);
if (!sev->cmd_buf)
goto e_sev;
+ sev->cmd_buf_backup = (uint8_t *)sev->cmd_buf + PAGE_SIZE;
+
psp->sev_data = sev;
sev->dev = dev;
@@ -1327,6 +1637,12 @@ static void sev_firmware_shutdown(struct sev_device *sev)
sev_es_tmr = NULL;
}
+ /*
+ * The host map need to clear the immutable bit so it must be free'd before the
+ * SNP firmware shutdown.
+ */
+ free_snp_host_map(sev);
+
sev_snp_shutdown(NULL);
}
@@ -1391,6 +1707,14 @@ void sev_pci_init(void)
dev_err(sev->dev, "SEV-SNP: failed to INIT error %#x\n", error);
}
}
+
+ /*
+ * Allocate the intermediate buffers used for the legacy command handling.
+ */
+ if (alloc_snp_host_map(sev)) {
+ dev_notice(sev->dev, "Failed to alloc host map (disabling legacy SEV)\n");
+ goto skip_legacy;
+ }
}
/* Obtain the TMR memory area for SEV-ES use */
@@ -1420,12 +1744,14 @@ void sev_pci_init(void)
if (rc)
dev_err(sev->dev, "SEV: failed to INIT error %#x\n", error);
+skip_legacy:
dev_info(sev->dev, "SEV%s API:%d.%d build:%d\n", sev->snp_inited ?
"-SNP" : "", sev->api_major, sev->api_minor, sev->build);
return;
err:
+ free_snp_host_map(sev);
psp_master->sev_data = NULL;
}
diff --git a/drivers/crypto/ccp/sev-dev.h b/drivers/crypto/ccp/sev-dev.h
index 186ad20cbd24..fe5d7a3ebace 100644
--- a/drivers/crypto/ccp/sev-dev.h
+++ b/drivers/crypto/ccp/sev-dev.h
@@ -29,11 +29,20 @@
#define SEV_CMDRESP_CMD_SHIFT 16
#define SEV_CMDRESP_IOC BIT(0)
+#define MAX_SNP_HOST_MAP_BUFS 2
+
struct sev_misc_dev {
struct kref refcount;
struct miscdevice misc;
};
+struct snp_host_map {
+ u64 paddr;
+ u32 len;
+ void *host;
+ bool active;
+};
+
struct sev_device {
struct device *dev;
struct psp_device *psp;
@@ -52,8 +61,11 @@ struct sev_device {
u8 build;
void *cmd_buf;
+ void *cmd_buf_backup;
+ int cmd_buf_active;
bool snp_inited;
+ struct snp_host_map snp_host_map[MAX_SNP_HOST_MAP_BUFS];
};
int sev_dev_init(struct psp_device *psp);
--
2.17.1
next prev parent reply other threads:[~2021-08-20 16:01 UTC|newest]
Thread overview: 239+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-20 15:58 [PATCH Part2 v5 00/45] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support Brijesh Singh
2021-08-20 15:58 ` [PATCH Part2 v5 01/45] x86/cpufeatures: Add SEV-SNP CPU feature Brijesh Singh
2021-09-16 16:56 ` Borislav Petkov
2021-09-16 17:35 ` Brijesh Singh
2021-08-20 15:58 ` [PATCH Part2 v5 02/45] iommu/amd: Introduce function to check SEV-SNP support Brijesh Singh
2021-09-16 17:26 ` Borislav Petkov
2021-08-20 15:58 ` [PATCH Part2 v5 03/45] x86/sev: Add the host SEV-SNP initialization support Brijesh Singh
2021-09-24 8:58 ` Borislav Petkov
2021-08-20 15:58 ` [PATCH Part2 v5 04/45] x86/sev: Add RMP entry lookup helpers Brijesh Singh
2021-09-24 9:49 ` Borislav Petkov
2021-09-27 16:01 ` Brijesh Singh
2021-09-27 16:04 ` Brijesh Singh
2021-09-29 12:56 ` Borislav Petkov
2022-06-02 11:57 ` Jarkko Sakkinen
2021-08-20 15:58 ` [PATCH Part2 v5 05/45] x86/sev: Add helper functions for RMPUPDATE and PSMASH instruction Brijesh Singh
2021-09-24 14:04 ` Borislav Petkov
2021-09-27 16:06 ` Brijesh Singh
2021-10-15 18:05 ` Sean Christopherson
2021-10-15 20:18 ` Brijesh Singh
2021-10-15 20:27 ` Sean Christopherson
2021-10-15 20:36 ` Brijesh Singh
2021-08-20 15:58 ` [PATCH Part2 v5 06/45] x86/sev: Invalid pages from direct map when adding it to RMP table Brijesh Singh
2021-09-29 14:34 ` Borislav Petkov
2021-09-30 16:19 ` Brijesh Singh
2021-10-01 11:06 ` Borislav Petkov
2021-08-20 15:58 ` [PATCH Part2 v5 07/45] x86/traps: Define RMP violation #PF error code Brijesh Singh
2021-09-29 17:25 ` Borislav Petkov
2021-08-20 15:58 ` [PATCH Part2 v5 08/45] x86/fault: Add support to handle the RMP fault for user address Brijesh Singh
2021-08-23 14:20 ` Dave Hansen
2021-08-23 14:36 ` Brijesh Singh
2021-08-23 14:50 ` Dave Hansen
2021-08-24 16:42 ` Joerg Roedel
2021-08-25 9:16 ` Vlastimil Babka
2021-08-25 13:50 ` Tom Lendacky
2021-09-29 18:19 ` Borislav Petkov
2021-08-20 15:58 ` [PATCH Part2 v5 09/45] x86/fault: Add support to dump RMP entry on fault Brijesh Singh
2021-09-29 18:38 ` Borislav Petkov
2021-08-20 15:58 ` [PATCH Part2 v5 10/45] crypto: ccp: shutdown SEV firmware on kexec Brijesh Singh
2021-08-20 15:58 ` [PATCH Part2 v5 11/45] crypto:ccp: Define the SEV-SNP commands Brijesh Singh
2021-08-20 15:58 ` [PATCH Part2 v5 12/45] crypto: ccp: Add support to initialize the AMD-SP for SEV-SNP Brijesh Singh
2021-08-20 15:58 ` [PATCH Part2 v5 13/45] crypto:ccp: Provide APIs to issue SEV-SNP commands Brijesh Singh
2021-08-20 15:58 ` [PATCH Part2 v5 14/45] crypto: ccp: Handle the legacy TMR allocation when SNP is enabled Brijesh Singh
2022-02-25 18:03 ` Alper Gun
2022-03-01 14:12 ` Brijesh Singh
2022-06-14 0:10 ` Alper Gun
2021-08-20 15:58 ` Brijesh Singh [this message]
2021-08-20 15:58 ` [PATCH Part2 v5 16/45] crypto: ccp: Add the SNP_PLATFORM_STATUS command Brijesh Singh
2021-09-10 3:18 ` Marc Orr
2021-09-13 11:17 ` Brijesh Singh
2021-09-22 17:35 ` Dr. David Alan Gilbert
2021-09-23 18:01 ` Brijesh Singh
2021-08-20 15:58 ` [PATCH Part2 v5 17/45] crypto: ccp: Add the SNP_{SET,GET}_EXT_CONFIG command Brijesh Singh
2021-09-01 21:02 ` Connor Kuehl
2021-09-01 23:06 ` Brijesh Singh
2021-09-10 3:27 ` Marc Orr
2021-09-13 11:29 ` Brijesh Singh
2021-08-20 15:58 ` [PATCH Part2 v5 18/45] crypto: ccp: Provide APIs to query extended attestation report Brijesh Singh
2021-09-10 3:30 ` Marc Orr
2021-09-12 7:46 ` Dov Murik
2021-08-20 15:58 ` [PATCH Part2 v5 19/45] KVM: SVM: Add support to handle AP reset MSR protocol Brijesh Singh
2021-08-20 15:58 ` [PATCH Part2 v5 20/45] KVM: SVM: Provide the Hypervisor Feature support VMGEXIT Brijesh Singh
2021-10-12 20:38 ` Sean Christopherson
2021-08-20 15:58 ` [PATCH Part2 v5 21/45] KVM: SVM: Make AVIC backing, VMSA and VMCB memory allocation SNP safe Brijesh Singh
2021-09-22 18:55 ` Dr. David Alan Gilbert
2021-09-23 18:09 ` Brijesh Singh
2021-09-23 18:39 ` Dr. David Alan Gilbert
2021-09-23 22:23 ` Brijesh Singh
2021-09-23 19:17 ` Marc Orr
2021-09-23 20:44 ` Brijesh Singh
2021-09-23 20:55 ` Marc Orr
2021-10-12 20:44 ` Sean Christopherson
2021-08-20 15:58 ` [PATCH Part2 v5 22/45] KVM: SVM: Add initial SEV-SNP support Brijesh Singh
2021-08-20 15:58 ` [PATCH Part2 v5 23/45] KVM: SVM: Add KVM_SNP_INIT command Brijesh Singh
2021-09-05 6:56 ` Dov Murik
2021-09-05 13:59 ` Brijesh Singh
2021-09-10 3:32 ` Marc Orr
2021-09-13 11:32 ` Brijesh Singh
2021-09-16 15:50 ` Peter Gonda
2022-06-13 20:58 ` Alper Gun
2022-06-13 23:15 ` Ashish Kalra
2022-06-13 23:33 ` Alper Gun
2022-06-14 0:21 ` Ashish Kalra
2022-06-14 15:37 ` Peter Gonda
2022-06-14 16:11 ` Kalra, Ashish
2022-06-14 16:30 ` Peter Gonda
2022-06-14 17:16 ` Kalra, Ashish
2022-06-14 18:58 ` Alper Gun
2022-06-14 20:23 ` Kalra, Ashish
2022-06-14 20:29 ` Peter Gonda
2022-06-14 20:39 ` Kalra, Ashish
2021-08-20 15:58 ` [PATCH Part2 v5 24/45] KVM: SVM: Add KVM_SEV_SNP_LAUNCH_START command Brijesh Singh
2021-08-20 15:58 ` [PATCH Part2 v5 25/45] KVM: SVM: Add KVM_SEV_SNP_LAUNCH_UPDATE command Brijesh Singh
2021-09-27 16:43 ` Peter Gonda
2021-09-27 19:33 ` Brijesh Singh
2021-10-05 15:01 ` Peter Gonda
2021-08-20 15:58 ` [PATCH Part2 v5 26/45] KVM: SVM: Mark the private vma unmerable for SEV-SNP guests Brijesh Singh
2021-09-23 17:18 ` Dr. David Alan Gilbert
2021-10-12 18:46 ` Sean Christopherson
2021-10-13 12:39 ` Brijesh Singh
2021-10-13 14:34 ` Sean Christopherson
2021-10-13 14:51 ` Brijesh Singh
2021-10-13 15:33 ` Sean Christopherson
2021-08-20 15:59 ` [PATCH Part2 v5 27/45] KVM: SVM: Add KVM_SEV_SNP_LAUNCH_FINISH command Brijesh Singh
2022-05-18 20:21 ` Marc Orr
2022-05-18 20:35 ` Kalra, Ashish
2021-08-20 15:59 ` [PATCH Part2 v5 28/45] KVM: X86: Keep the NPT and RMP page level in sync Brijesh Singh
2021-08-20 15:59 ` [PATCH Part2 v5 29/45] KVM: x86/mmu: Move 'pfn' variable to caller of direct_page_fault() Brijesh Singh
2021-08-20 15:59 ` [PATCH Part2 v5 30/45] KVM: x86/mmu: Introduce kvm_mmu_map_tdp_page() for use by TDX and SNP Brijesh Singh
2021-08-20 15:59 ` [PATCH Part2 v5 31/45] KVM: x86: Introduce kvm_mmu_get_tdp_walk() for SEV-SNP use Brijesh Singh
2021-08-20 15:59 ` [PATCH Part2 v5 32/45] KVM: x86: Define RMP page fault error bits for #NPF Brijesh Singh
2021-09-30 23:41 ` Marc Orr
2021-10-01 13:03 ` Borislav Petkov
2021-08-20 15:59 ` [PATCH Part2 v5 33/45] KVM: x86: Update page-fault trace to log full 64-bit error code Brijesh Singh
2021-10-13 21:23 ` Sean Christopherson
2021-08-20 15:59 ` [PATCH Part2 v5 34/45] KVM: SVM: Do not use long-lived GHCB map while setting scratch area Brijesh Singh
2021-10-13 21:20 ` Sean Christopherson
2021-10-15 16:11 ` Brijesh Singh
2021-10-15 16:44 ` Sean Christopherson
2021-08-20 15:59 ` [PATCH Part2 v5 35/45] KVM: SVM: Remove the long-lived GHCB host map Brijesh Singh
2021-08-20 15:59 ` [PATCH Part2 v5 36/45] KVM: SVM: Add support to handle GHCB GPA register VMGEXIT Brijesh Singh
2021-08-20 15:59 ` [PATCH Part2 v5 37/45] KVM: SVM: Add support to handle MSR based Page State Change VMGEXIT Brijesh Singh
2021-09-28 9:56 ` Dr. David Alan Gilbert
2021-10-12 21:48 ` Sean Christopherson
2021-10-13 17:04 ` Sean Christopherson
2021-10-13 17:05 ` Brijesh Singh
2021-10-13 17:24 ` Sean Christopherson
2021-10-13 17:49 ` Brijesh Singh
2021-08-20 15:59 ` [PATCH Part2 v5 38/45] KVM: SVM: Add support to handle " Brijesh Singh
2021-09-28 10:17 ` Dr. David Alan Gilbert
2021-09-28 23:20 ` Brijesh Singh
2021-08-20 15:59 ` [PATCH Part2 v5 39/45] KVM: SVM: Introduce ops for the post gfn map and unmap Brijesh Singh
2021-10-13 0:23 ` Sean Christopherson
2021-10-13 18:10 ` Brijesh Singh
2021-10-13 20:10 ` Sean Christopherson
2021-10-13 21:49 ` Brijesh Singh
2021-10-13 22:10 ` Sean Christopherson
2021-10-13 22:31 ` Brijesh Singh
2021-10-13 20:16 ` Sean Christopherson
2021-10-15 16:31 ` Brijesh Singh
2021-10-15 17:16 ` Sean Christopherson
2022-09-08 21:21 ` Michael Roth
2022-09-08 22:28 ` Michael Roth
2022-09-14 8:05 ` Sean Christopherson
2022-09-14 11:02 ` Marc Orr
2022-09-14 16:15 ` Sean Christopherson
2022-09-14 16:32 ` Marc Orr
2022-09-14 16:39 ` Marc Orr
2022-09-19 17:56 ` Michael Roth
2021-08-20 15:59 ` [PATCH Part2 v5 40/45] KVM: x86: Export the kvm_zap_gfn_range() for the SNP use Brijesh Singh
2021-08-20 15:59 ` [PATCH Part2 v5 41/45] KVM: SVM: Add support to handle the RMP nested page fault Brijesh Singh
2021-09-29 12:24 ` Dr. David Alan Gilbert
2021-10-13 17:57 ` Sean Christopherson
2021-08-20 15:59 ` [PATCH Part2 v5 42/45] KVM: SVM: Provide support for SNP_GUEST_REQUEST NAE event Brijesh Singh
2021-09-29 21:33 ` Peter Gonda
2021-09-29 22:00 ` Peter Gonda
2021-08-20 15:59 ` [PATCH Part2 v5 43/45] KVM: SVM: Use a VMSA physical address variable for populating VMCB Brijesh Singh
2021-10-15 18:58 ` Sean Christopherson
2021-08-20 15:59 ` [PATCH Part2 v5 44/45] KVM: SVM: Support SEV-SNP AP Creation NAE event Brijesh Singh
2021-10-15 19:50 ` Sean Christopherson
2021-10-20 21:48 ` Brijesh Singh
2021-10-20 23:01 ` Sean Christopherson
2021-08-20 15:59 ` [PATCH Part2 v5 45/45] KVM: SVM: Add module parameter to enable the SEV-SNP Brijesh Singh
2021-11-12 15:43 ` [PATCH Part2 v5 00/45] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support Peter Gonda
2021-11-12 17:59 ` Dave Hansen
2021-11-12 18:35 ` Borislav Petkov
2021-11-12 19:48 ` Sean Christopherson
2021-11-12 20:04 ` Borislav Petkov
2021-11-12 20:37 ` Sean Christopherson
2021-11-12 20:53 ` Borislav Petkov
2021-11-12 21:12 ` Peter Gonda
2021-11-12 21:20 ` Andy Lutomirski
2021-11-12 22:04 ` Borislav Petkov
2021-11-12 22:52 ` Peter Gonda
2021-11-13 0:00 ` Sean Christopherson
2021-11-13 0:10 ` Marc Orr
2021-11-13 18:34 ` Sean Christopherson
2021-11-14 7:54 ` Marc Orr
2021-11-15 17:16 ` Sean Christopherson
2021-11-15 16:36 ` Joerg Roedel
2021-11-15 17:25 ` Sean Christopherson
2021-11-12 21:30 ` Marc Orr
2021-11-12 21:37 ` Dave Hansen
2021-11-12 21:40 ` Marc Orr
2021-11-12 21:39 ` Andy Lutomirski
2021-11-12 21:43 ` Marc Orr
2021-11-12 22:54 ` Peter Gonda
2021-11-13 0:53 ` Sean Christopherson
2021-11-13 1:04 ` Marc Orr
2021-11-13 18:28 ` Sean Christopherson
2021-11-14 7:41 ` Marc Orr
2021-11-15 18:17 ` Sean Christopherson
2021-11-15 16:52 ` Joerg Roedel
2021-11-15 16:18 ` Brijesh Singh
2021-11-15 18:44 ` Sean Christopherson
2021-11-15 18:58 ` Brijesh Singh
2021-11-12 21:16 ` Marc Orr
2021-11-12 21:23 ` Andy Lutomirski
2021-11-12 21:35 ` Borislav Petkov
2021-11-15 12:30 ` Dr. David Alan Gilbert
2021-11-15 14:42 ` Joerg Roedel
2021-11-15 15:33 ` Dr. David Alan Gilbert
2021-11-15 16:20 ` Joerg Roedel
2021-11-15 16:32 ` Dr. David Alan Gilbert
2021-11-15 18:26 ` Sean Christopherson
2021-11-15 18:41 ` Marc Orr
2021-11-15 19:15 ` Sean Christopherson
2021-11-16 3:07 ` Marc Orr
2021-11-16 5:14 ` Andy Lutomirski
2021-11-16 13:21 ` Joerg Roedel
2021-11-16 18:26 ` Sean Christopherson
2021-11-16 18:39 ` Peter Gonda
2021-11-16 13:30 ` Joerg Roedel
2021-11-16 5:00 ` Andy Lutomirski
2021-11-16 13:02 ` Joerg Roedel
2021-11-16 20:08 ` Sean Christopherson
2021-11-15 16:16 ` Joerg Roedel
2021-11-22 15:23 ` Brijesh Singh
2021-11-22 17:03 ` Vlastimil Babka
2021-11-22 18:01 ` Brijesh Singh
2021-11-22 18:30 ` Dave Hansen
2021-11-22 19:06 ` Brijesh Singh
2021-11-22 19:14 ` Dave Hansen
2021-11-22 20:33 ` Brijesh Singh
2021-11-22 21:34 ` Sean Christopherson
2021-11-22 22:51 ` Dave Hansen
2021-11-23 5:15 ` Luck, Tony
2021-11-23 7:18 ` Borislav Petkov
2021-11-23 15:36 ` Sean Christopherson
2021-11-23 16:26 ` Borislav Petkov
2021-11-23 8:55 ` Vlastimil Babka
2021-11-24 16:03 ` Joerg Roedel
2021-11-24 17:48 ` Dave Hansen
2021-11-24 19:34 ` Vlastimil Babka
2021-11-25 10:05 ` Joerg Roedel
2021-11-29 14:44 ` Brijesh Singh
2021-11-29 14:58 ` Vlastimil Babka
2021-11-29 16:13 ` Brijesh Singh
2021-11-30 19:40 ` Vlastimil Babka
2021-11-29 16:41 ` Dave Hansen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210820155918.7518-16-brijesh.singh@amd.com \
--to=brijesh.singh@amd.com \
--cc=ak@linux.intel.com \
--cc=ardb@kernel.org \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=dovmurik@linux.ibm.com \
--cc=hpa@zytor.com \
--cc=jmattson@google.com \
--cc=jroedel@suse.de \
--cc=kirill@shutemov.name \
--cc=kvm@vger.kernel.org \
--cc=linux-coco@lists.linux.dev \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luto@kernel.org \
--cc=marcorr@google.com \
--cc=michael.roth@amd.com \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=pgonda@google.com \
--cc=rientjes@google.com \
--cc=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=seanjc@google.com \
--cc=slp@redhat.com \
--cc=srinivas.pandruvada@linux.intel.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=tobin@ibm.com \
--cc=tony.luck@intel.com \
--cc=vbabka@suse.cz \
--cc=vkuznets@redhat.com \
--cc=wanpengli@tencent.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).