From nobody Tue Oct 7 05:22:14 2025 Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 808DB283FD7; Fri, 3 Oct 2025 22:27:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=13.77.154.182 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1759530446; cv=none; b=LxM1kpqDUPqGcWcr0Fk3YWh8LyWMMysJLCRFcasg1HSCFH0N7mfYVSqBPYPcdQXeJ5Y8/i/mRNg6XD4ev9w9Vztj6GElSd1/xCk8aqHbiqxEs/K4HOs4dmZC7LnV2ToIvRQda0Lr1r+DL3As2CiHy9ctzmHJI1/7VR8eotyQB2g= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1759530446; c=relaxed/simple; bh=WBPIfgVxPGV/LSFNZSZg5i9TojfsH9u2tXp3iGnaa74=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=DGoG+qQ6UkctnOurE5LmwI0HIw4yvrkN182JdhoKfDxHit93D1IZGlCtEAY/Qcnzrcc176rqQCY2cmnBjfvfDu9RKxfaHYzQwvePPMWcqg7squQDyO6Er7+T0qx3fxH3DIfxEtbUIyCbrQvqCyYTKE4YzAZaG0mMPZmLj76wUrc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.microsoft.com; spf=pass smtp.mailfrom=linux.microsoft.com; dkim=pass (1024-bit key) header.d=linux.microsoft.com header.i=@linux.microsoft.com header.b=GkbvjsL2; arc=none smtp.client-ip=13.77.154.182 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.microsoft.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.microsoft.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.microsoft.com header.i=@linux.microsoft.com header.b="GkbvjsL2" Received: from romank-3650.corp.microsoft.com (unknown [131.107.1.188]) by linux.microsoft.com (Postfix) with ESMTPSA id 9C0E9211C280; Fri, 3 Oct 2025 15:27:23 -0700 (PDT) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 9C0E9211C280 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com; s=default; t=1759530443; bh=4R3Q4+AFI3c1tV24p2R3HQuzaQyvhOVsFSX+WtZ8g/0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=GkbvjsL2Wh0oiQhqhbwfdLDDc07cnbi1jhom4DUiqm6wg5zStipT9TcxHOKdMPzE/ MfXbPmh4hWR47gAxIWJxCy1S5l4/qZDxdpvckzpD/w1NJNHc836VUAtAWkhNvTL7NM OikZxQTnY1q2GDqirK5ggCUlnMMwmwIc1otpK9Rw= From: Roman Kisel To: arnd@arndb.de, bp@alien8.de, corbet@lwn.net, dave.hansen@linux.intel.com, decui@microsoft.com, haiyangz@microsoft.com, hpa@zytor.com, kys@microsoft.com, mikelley@microsoft.com, mingo@redhat.com, tglx@linutronix.de, Tianyu.Lan@microsoft.com, wei.liu@kernel.org, x86@kernel.org, linux-hyperv@vger.kernel.org, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org Cc: benhill@microsoft.com, bperkins@microsoft.com, sunilmut@microsoft.com, romank@linux.microsoft.com Subject: [PATCH hyperv-next v6 15/17] Drivers: hv: Support confidential VMBus channels Date: Fri, 3 Oct 2025 15:27:08 -0700 Message-ID: <20251003222710.6257-16-romank@linux.microsoft.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251003222710.6257-1-romank@linux.microsoft.com> References: <20251003222710.6257-1-romank@linux.microsoft.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" To make use of Confidential VMBus channels, initialize the co_ring_buffers and co_external_memory fields of the channel structure. Advertise support upon negotiating the version and compute values for those fields and initialize them. Signed-off-by: Roman Kisel Reviewed-by: Michael Kelley --- drivers/hv/channel_mgmt.c | 19 +++++++++++++++++++ drivers/hv/connection.c | 3 +++ 2 files changed, 22 insertions(+) diff --git a/drivers/hv/channel_mgmt.c b/drivers/hv/channel_mgmt.c index 6d66cbc9030b..74fed2c073d4 100644 --- a/drivers/hv/channel_mgmt.c +++ b/drivers/hv/channel_mgmt.c @@ -1022,6 +1022,7 @@ static void vmbus_onoffer(struct vmbus_channel_messag= e_header *hdr) struct vmbus_channel_offer_channel *offer; struct vmbus_channel *oldchannel, *newchannel; size_t offer_sz; + bool co_ring_buffer, co_external_memory; =20 offer =3D (struct vmbus_channel_offer_channel *)hdr; =20 @@ -1034,6 +1035,22 @@ static void vmbus_onoffer(struct vmbus_channel_messa= ge_header *hdr) return; } =20 + co_ring_buffer =3D is_co_ring_buffer(offer); + co_external_memory =3D is_co_external_memory(offer); + if (!co_ring_buffer && co_external_memory) { + pr_err("Invalid offer relid=3D%d: the ring buffer isn't encrypted\n", + offer->child_relid); + return; + } + if (co_ring_buffer || co_external_memory) { + if (vmbus_proto_version < VERSION_WIN10_V6_0 || !vmbus_is_confidential()= ) { + pr_err("Invalid offer relid=3D%d: no support for confidential VMBus\n", + offer->child_relid); + atomic_dec(&vmbus_connection.offer_in_progress); + return; + } + } + oldchannel =3D find_primary_channel_by_offer(offer); =20 if (oldchannel !=3D NULL) { @@ -1112,6 +1129,8 @@ static void vmbus_onoffer(struct vmbus_channel_messag= e_header *hdr) pr_err("Unable to allocate channel object\n"); return; } + newchannel->co_ring_buffer =3D co_ring_buffer; + newchannel->co_external_memory =3D co_external_memory; =20 vmbus_setup_channel_state(newchannel, offer); =20 diff --git a/drivers/hv/connection.c b/drivers/hv/connection.c index 1fe3573ae52a..5ac9232396f7 100644 --- a/drivers/hv/connection.c +++ b/drivers/hv/connection.c @@ -105,6 +105,9 @@ int vmbus_negotiate_version(struct vmbus_channel_msginf= o *msginfo, u32 version) vmbus_connection.msg_conn_id =3D VMBUS_MESSAGE_CONNECTION_ID; } =20 + if (vmbus_is_confidential() && version >=3D VERSION_WIN10_V6_0) + msg->feature_flags =3D VMBUS_FEATURE_FLAG_CONFIDENTIAL_CHANNELS; + /* * shared_gpa_boundary is zero in non-SNP VMs, so it's safe to always * bitwise OR it --=20 2.43.0