1. Patchew
  2. linux
  3. View series

[GIT PULL] x86/sev for v6.9-rc1

Borislav Petkov posted 1 patch 1 year, 11 months ago 
Documentation/admin-guide/kernel-parameters.txt  |    4 +-
Documentation/arch/x86/amd-memory-encryption.rst |   16 +-
Documentation/virt/coco/sev-guest.rst            |   52 +
arch/x86/Kbuild                                  |    2 +
arch/x86/Kconfig                                 |   13 -
arch/x86/boot/compressed/sev.c                   |    6 +-
arch/x86/coco/core.c                             |    7 +-
arch/x86/include/asm/asm.h                       |   14 +
arch/x86/include/asm/coco.h                      |    8 +-
arch/x86/include/asm/cpufeatures.h               |    1 +
arch/x86/include/asm/disabled-features.h         |    8 +-
arch/x86/include/asm/iommu.h                     |    1 +
arch/x86/include/asm/kvm-x86-ops.h               |    1 +
arch/x86/include/asm/kvm_host.h                  |    1 +
arch/x86/include/asm/mem_encrypt.h               |   15 +-
arch/x86/include/asm/msr-index.h                 |   66 +-
arch/x86/include/asm/sev.h                       |   40 +
arch/x86/include/asm/trap_pf.h                   |   20 +-
arch/x86/kernel/Makefile                         |    1 +
arch/x86/kernel/cpu/amd.c                        |   21 +-
arch/x86/kernel/cpu/common.c                     |    7 +-
arch/x86/kernel/cpu/mtrr/generic.c               |    3 +
arch/x86/kernel/crash.c                          |    3 +
arch/x86/kernel/sev-shared.c                     |  114 +-
arch/x86/kernel/sev.c                            |   54 +-
arch/x86/kvm/lapic.c                             |    5 +-
arch/x86/kvm/svm/nested.c                        |    2 +-
arch/x86/kvm/svm/sev.c                           |   37 +-
arch/x86/kvm/svm/svm.c                           |   17 +-
arch/x86/kvm/svm/svm.h                           |    1 +
arch/x86/mm/Makefile                             |    1 +
arch/x86/mm/fault.c                              |    5 +
arch/x86/mm/mem_encrypt.c                        |   55 +-
arch/x86/mm/mem_encrypt_identity.c               |   40 +-
arch/x86/virt/svm/Makefile                       |    3 +
arch/x86/virt/svm/sev.c                          |  560 ++++++++++
drivers/crypto/ccp/Kconfig                       |    2 +-
drivers/crypto/ccp/sev-dev.c                     | 1260 +++++++++++++++++++---
drivers/crypto/ccp/sev-dev.h                     |    5 +
drivers/iommu/amd/amd_iommu.h                    |    1 -
drivers/iommu/amd/init.c                         |  125 ++-
include/linux/amd-iommu.h                        |    6 +-
include/linux/psp-sev.h                          |  321 +++++-
include/uapi/linux/psp-sev.h                     |   59 +
tools/arch/x86/include/asm/cpufeatures.h         |    1 +
45 files changed, 2677 insertions(+), 307 deletions(-)
create mode 100644 arch/x86/virt/svm/Makefile
create mode 100644 arch/x86/virt/svm/sev.c
[GIT PULL] x86/sev for v6.9-rc1
Posted by Borislav Petkov 1 year, 11 months ago 
Hi Linus,

please pull a huuuge pile of x86/sev changes for v6.9-rc1.

If you're merging tip pull requests in the chronological order you've
received them, you'll encounter a couple of simple merge conflicts. I'm
adding how I've resolved them at the end of this message in case you
wanna compare notes.

Thx.

---

The following changes since commit 41bccc98fb7931d63d03f326a746ac4d429c1dd3:

  Linux 6.8-rc2 (2024-01-28 17:01:12 -0800)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git tags/x86_sev_for_v6.9_rc1

for you to fetch changes up to c0935fca6ba4799e5efc6daeee37887e84707d01:

  x86/sev: Disable KMSAN for memory encryption TUs (2024-03-08 08:59:22 +0100)

----------------------------------------------------------------
- Add the x86 part of the SEV-SNP host support. This will allow the
  kernel to be used as a KVM hypervisor capable of running SNP (Secure
  Nested Paging) guests. Roughly speaking, SEV-SNP is the ultimate goal
  of the AMD confidential computing side, providing the most
  comprehensive confidential computing environment up to date.

  This is the x86 part and there is a KVM part which did not get ready
  in time for the merge window so latter will be forthcoming in the next
  cycle.

- Rework the early code's position-dependent SEV variable references in
  order to allow building the kernel with clang and -fPIE/-fPIC and
  -mcmodel=kernel

- The usual set of fixes, cleanups and improvements all over the place

----------------------------------------------------------------
Ard Biesheuvel (2):
      x86/sme: Fix memory encryption setting if enabled by default and not overridden
      x86/sev: Fix position dependent variable references in startup code

Ashish Kalra (6):
      iommu/amd: Don't rely on external callers to enable IOMMU SNP support
      x86/mtrr: Don't print errors if MtrrFixDramModEn is set when SNP enabled
      x86/sev: Introduce an SNP leaked pages list
      iommu/amd: Clean up RMP entries for IOMMU pages during SNP shutdown
      crypto: ccp: Add panic notifier for SEV/SNP firmware shutdown on kdump
      iommu/amd: Fix failure return from snp_lookup_rmpentry()

Borislav Petkov (AMD) (5):
      x86/sev: Harden #VC instruction emulation somewhat
      x86/Kconfig: Remove CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT
      crypto: ccp: Make snp_range_list static
      crypto: ccp - Have it depend on AMD_IOMMU
      x86/sev: Dump SEV_STATUS

Brijesh Singh (14):
      x86/cpufeatures: Add SEV-SNP CPU feature
      x86/sev: Add SEV-SNP host initialization support
      x86/sev: Add RMP entry lookup helpers
      x86/fault: Add helper for dumping RMP entries
      x86/traps: Define RMP violation #PF error code
      x86/sev: Add helper functions for RMPUPDATE and PSMASH instruction
      crypto: ccp: Define the SEV-SNP commands
      crypto: ccp: Add support to initialize the AMD-SP for SEV-SNP
      crypto: ccp: Provide an API to issue SEV and SNP commands
      crypto: ccp: Handle the legacy TMR allocation when SNP is enabled
      crypto: ccp: Handle legacy SEV commands when SNP is enabled
      KVM: SEV: Make AVIC backing, VMSA and VMCB memory allocation SNP safe
      crypto: ccp: Add the SNP_PLATFORM_STATUS command
      crypto: ccp: Add the SNP_SET_CONFIG command

Changbin Du (1):
      x86/sev: Disable KMSAN for memory encryption TUs

Kim Phillips (1):
      x86/speculation: Do not enable Automatic IBRS if SEV-SNP is enabled

Kirill A. Shutemov (1):
      x86/mm: Fix memory encryption features advertisement

Michael Roth (4):
      x86/fault: Dump RMP table information when RMP page faults occur
      x86/sev: Adjust the directmap to avoid inadvertent RMP faults
      x86/cpufeatures: Enable/unmask SEV-SNP CPU feature
      Documentation: virt: Fix up pre-formatted text block for SEV ioctls

Tom Lendacky (2):
      crypto: ccp: Handle non-volatile INIT_EX data when SNP is enabled
      crypto: ccp: Add the SNP_COMMIT command

 Documentation/admin-guide/kernel-parameters.txt  |    4 +-
 Documentation/arch/x86/amd-memory-encryption.rst |   16 +-
 Documentation/virt/coco/sev-guest.rst            |   52 +
 arch/x86/Kbuild                                  |    2 +
 arch/x86/Kconfig                                 |   13 -
 arch/x86/boot/compressed/sev.c                   |    6 +-
 arch/x86/coco/core.c                             |    7 +-
 arch/x86/include/asm/asm.h                       |   14 +
 arch/x86/include/asm/coco.h                      |    8 +-
 arch/x86/include/asm/cpufeatures.h               |    1 +
 arch/x86/include/asm/disabled-features.h         |    8 +-
 arch/x86/include/asm/iommu.h                     |    1 +
 arch/x86/include/asm/kvm-x86-ops.h               |    1 +
 arch/x86/include/asm/kvm_host.h                  |    1 +
 arch/x86/include/asm/mem_encrypt.h               |   15 +-
 arch/x86/include/asm/msr-index.h                 |   66 +-
 arch/x86/include/asm/sev.h                       |   40 +
 arch/x86/include/asm/trap_pf.h                   |   20 +-
 arch/x86/kernel/Makefile                         |    1 +
 arch/x86/kernel/cpu/amd.c                        |   21 +-
 arch/x86/kernel/cpu/common.c                     |    7 +-
 arch/x86/kernel/cpu/mtrr/generic.c               |    3 +
 arch/x86/kernel/crash.c                          |    3 +
 arch/x86/kernel/sev-shared.c                     |  114 +-
 arch/x86/kernel/sev.c                            |   54 +-
 arch/x86/kvm/lapic.c                             |    5 +-
 arch/x86/kvm/svm/nested.c                        |    2 +-
 arch/x86/kvm/svm/sev.c                           |   37 +-
 arch/x86/kvm/svm/svm.c                           |   17 +-
 arch/x86/kvm/svm/svm.h                           |    1 +
 arch/x86/mm/Makefile                             |    1 +
 arch/x86/mm/fault.c                              |    5 +
 arch/x86/mm/mem_encrypt.c                        |   55 +-
 arch/x86/mm/mem_encrypt_identity.c               |   40 +-
 arch/x86/virt/svm/Makefile                       |    3 +
 arch/x86/virt/svm/sev.c                          |  560 ++++++++++
 drivers/crypto/ccp/Kconfig                       |    2 +-
 drivers/crypto/ccp/sev-dev.c                     | 1260 +++++++++++++++++++---
 drivers/crypto/ccp/sev-dev.h                     |    5 +
 drivers/iommu/amd/amd_iommu.h                    |    1 -
 drivers/iommu/amd/init.c                         |  125 ++-
 include/linux/amd-iommu.h                        |    6 +-
 include/linux/psp-sev.h                          |  321 +++++-
 include/uapi/linux/psp-sev.h                     |   59 +
 tools/arch/x86/include/asm/cpufeatures.h         |    1 +
 45 files changed, 2677 insertions(+), 307 deletions(-)
 create mode 100644 arch/x86/virt/svm/Makefile
 create mode 100644 arch/x86/virt/svm/sev.c

---

Merge conflicts resolve:

---

commit ad844f23969df842cbbdba40b2d3954a618c96d8 (refs/remotes/amd/merge-test)
Merge: a720c4257e69 c0935fca6ba4
Author: Bob the builder <bp@alien8.de>
Date:   Mon Mar 11 14:55:57 2024 +0000

    Merge remote-tracking branch 'tip/x86/sev' into merge-test
    
     Conflicts:
            arch/x86/include/asm/coco.h
            arch/x86/include/asm/disabled-features.h
            arch/x86/include/asm/mem_encrypt.h
            arch/x86/mm/fault.c
    
    Signed-off-by: Bob the builder <bp@alien8.de>

diff --cc arch/x86/include/asm/coco.h
index 76c310b19b11,21940ef8d290..42871bb262d0
--- a/arch/x86/include/asm/coco.h
+++ b/arch/x86/include/asm/coco.h
@@@ -10,9 -11,15 +11,15 @@@ enum cc_vendor 
  	CC_VENDOR_INTEL,
  };
  
 -extern enum cc_vendor cc_vendor;
+ extern u64 cc_mask;
+ 
  #ifdef CONFIG_ARCH_HAS_CC_PLATFORM
 +extern enum cc_vendor cc_vendor;
- void cc_set_mask(u64 mask);
+ static inline void cc_set_mask(u64 mask)
+ {
+ 	RIP_REL_REF(cc_mask) = mask;
+ }
+ 
  u64 cc_mkenc(u64 val);
  u64 cc_mkdec(u64 val);
  #else
diff --cc arch/x86/include/asm/disabled-features.h
index 1f23960d2b06,3332d2940020..da4054fbf533
--- a/arch/x86/include/asm/disabled-features.h
+++ b/arch/x86/include/asm/disabled-features.h
@@@ -117,12 -117,12 +117,18 @@@
  #define DISABLE_IBT	(1 << (X86_FEATURE_IBT & 31))
  #endif
  
 +#ifdef CONFIG_X86_FRED
 +# define DISABLE_FRED	0
 +#else
 +# define DISABLE_FRED	(1 << (X86_FEATURE_FRED & 31))
 +#endif
 +
+ #ifdef CONFIG_KVM_AMD_SEV
+ #define DISABLE_SEV_SNP		0
+ #else
+ #define DISABLE_SEV_SNP		(1 << (X86_FEATURE_SEV_SNP & 31))
+ #endif
+ 
  /*
   * Make sure to add features to the correct mask
   */
diff --cc arch/x86/kernel/sev-shared.c
index fcc6d834e2c4,ae79f9505298..a200bd72fadc
--- a/arch/x86/kernel/sev-shared.c
+++ b/arch/x86/kernel/sev-shared.c
@@@ -9,11 -9,11 +9,13 @@@
   * and is included directly into both code-bases.
   */
  
 +#include <asm/setup_data.h>
 +
  #ifndef __BOOT_COMPRESSED
- #define error(v)	pr_err(v)
- #define has_cpuflag(f)	boot_cpu_has(f)
+ #define error(v)			pr_err(v)
+ #define has_cpuflag(f)			boot_cpu_has(f)
+ #define sev_printk(fmt, ...)		printk(fmt, ##__VA_ARGS__)
+ #define sev_printk_rtl(fmt, ...)	printk_ratelimited(fmt, ##__VA_ARGS__)
  #else
  #undef WARN
  #define WARN(condition, format...) (!!(condition))
diff --cc arch/x86/mm/fault.c
index e1ac86396446,859adcd123c9..cdb5045a0428
--- a/arch/x86/mm/fault.c
+++ b/arch/x86/mm/fault.c
@@@ -34,7 -34,7 +34,8 @@@
  #include <asm/kvm_para.h>		/* kvm_handle_async_pf		*/
  #include <asm/vdso.h>			/* fixup_vdso_exception()	*/
  #include <asm/irq_stack.h>
 +#include <asm/fred.h>
+ #include <asm/sev.h>			/* snp_dump_hva_rmpentry()	*/
  
  #define CREATE_TRACE_POINTS
  #include <asm/trace/exceptions.h>


-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette
Re: [GIT PULL] x86/sev for v6.9-rc1
Posted by pr-tracker-bot@kernel.org 1 year, 11 months ago 
The pull request you sent on Mon, 11 Mar 2024 16:19:09 +0100:

> git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git tags/x86_sev_for_v6.9_rc1

has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/38b334fc767e44816be087b3ec5d84b1438b735f

Thank you!

-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/prtracker.html
Re: [GIT PULL] x86/sev for v6.9-rc1
Posted by Linus Torvalds 1 year, 11 months ago 
On Mon, 11 Mar 2024 at 08:19, Borislav Petkov <bp@alien8.de> wrote:
>
> If you're merging tip pull requests in the chronological order you've
> received them, you'll encounter a couple of simple merge conflicts.

It's not exactly chronological - I tend to go by areas and by
submitter, but it tends to approximate chronological most of the
time..

> I'm adding how I've resolved them at the end of this message in case
> you wanna compare notes.

Hmm. I took a slightly different approach:

> diff --cc arch/x86/include/asm/coco.h
> index 76c310b19b11,21940ef8d290..42871bb262d0
> --- a/arch/x86/include/asm/coco.h
> +++ b/arch/x86/include/asm/coco.h
> @@@ -10,9 -11,15 +11,15 @@@ enum cc_vendor
>         CC_VENDOR_INTEL,
>   };
>
>  -extern enum cc_vendor cc_vendor;
> + extern u64 cc_mask;
> +
>   #ifdef CONFIG_ARCH_HAS_CC_PLATFORM
>  +extern enum cc_vendor cc_vendor;

I put the 'cc_mask' declaration inside the #ifdef too.

Because those two variables are defined together, and without
CONFIG_ARCH_HAS_CC_PLATFORM the whole coco/ subdirectory that defines
them won't even be built, as far as I can tell.

And I don't see any _use_ of 'cc_mask' anywhere outside of that one
'cc_set_mask()' inline function and the coco/core.c file. So declaring
it only when it's all enabled seems to be the right thing.

Let's hope my artistic merge resolution doesn't end up coming back to bite me.

           Linus
Re: [GIT PULL] x86/sev for v6.9-rc1
Posted by Ingo Molnar 1 year, 11 months ago 
* Linus Torvalds <torvalds@linux-foundation.org> wrote:

> > diff --cc arch/x86/include/asm/coco.h
> > index 76c310b19b11,21940ef8d290..42871bb262d0
> > --- a/arch/x86/include/asm/coco.h
> > +++ b/arch/x86/include/asm/coco.h
> > @@@ -10,9 -11,15 +11,15 @@@ enum cc_vendor
> >         CC_VENDOR_INTEL,
> >   };
> >
> >  -extern enum cc_vendor cc_vendor;
> > + extern u64 cc_mask;
> > +
> >   #ifdef CONFIG_ARCH_HAS_CC_PLATFORM
> >  +extern enum cc_vendor cc_vendor;
> 
> I put the 'cc_mask' declaration inside the #ifdef too.
> 
> Because those two variables are defined together, and without
> CONFIG_ARCH_HAS_CC_PLATFORM the whole coco/ subdirectory that defines
> them won't even be built, as far as I can tell.
> 
> And I don't see any _use_ of 'cc_mask' anywhere outside of that one
> 'cc_set_mask()' inline function and the coco/core.c file. So declaring
> it only when it's all enabled seems to be the right thing.
> 
> Let's hope my artistic merge resolution doesn't end up coming back to bite me.

So it does come back in a fashion, because the tip:x86/boot tree has an 
internal merge of x86/sev, where it dutifully followed the original pattern 
of:

   1c811d403afd x86/sev: Fix position dependent variable references in startup code

... instead of merging it smartly like you did. :-/

And because I think it would suck to force you to do the same smart merge 
conflict resolution *twice*, I did it myself in x86/boot and documented the 
background:

  commit 2e2bc42c8381d2c0e9604b59e49264821da29368 (origin/x86/boot, x86/boot)
  Merge: 428080c9b19b 855684c7d938
  Author: Ingo Molnar <mingo@kernel.org>
  Date:   Tue Mar 12 09:49:52 2024 +0100

    Merge branch 'linus' into x86/boot, to resolve conflict
    
    There's a new conflict with Linus's upstream tree, because
    in the following merge conflict resolution in <asm/coco.h>:
    
      38b334fc767e Merge tag 'x86_sev_for_v6.9_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
    
    Linus has resolved the conflicting placement of 'cc_mask' better
    than the original commit:
    
      1c811d403afd x86/sev: Fix position dependent variable references in startup code
    
    ... which was also done by an internal merge resolution:
    
      2e5fc4786b7a Merge branch 'x86/sev' into x86/boot, to resolve conflicts and to pick up dependent tree
    
    But Linus is right in 38b334fc767e, the 'cc_mask' declaration is sufficient
    within the #ifdef CONFIG_ARCH_HAS_CC_PLATFORM block.
    
    So instead of forcing Linus to do the same resolution again, merge in Linus's
    tree and follow his conflict resolution.
    
     Conflicts:
            arch/x86/include/asm/coco.h
    
    Signed-off-by: Ingo Molnar <mingo@kernel.org>

You'll get the x86/boot pull request later today. If that extra merge 
commit is too much, please merge FETCH_HEAD~1 instead to discard my merge 
commit.

Thanks,

	Ingo
Re: [GIT PULL] x86/sev for v6.9-rc1
Posted by Borislav Petkov 1 year, 11 months ago 
On Mon, Mar 11, 2024 at 05:50:48PM -0700, Linus Torvalds wrote:
> Let's hope my artistic merge resolution doesn't end up coming back to bite me.

Makes sense and looks ok to me.

I think this'll start becoming a problem when it gets referenced from
outside, see the respective example with cc_vendor:

e45964771007 ("x86/coco: Define cc_vendor without CONFIG_ARCH_HAS_CC_PLATFORM")

but we'll cross that bridge when we get to it.

Thx.

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.