umber of calls to AMD-SP driver
* Changes to address v2 feedbacks
Borislav Petkov (1):
crypto: ccp: Build the AMD secure processor driver only with AMD CPU
support
Brijesh Singh (34):
Documentation/virtual/kvm: Add AMD Secure Encrypted Virtualization
(SEV)
KVM: SVM: Prepare to reserve
herb...@gondor.apana.org.au>
Cc: Gary Hook <gary.h...@amd.com>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
Cc: linux-crypto@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-ker...@vger.kernel.org
Signed-off-by: Brijesh Singh <brijesh.si...@amd.com>
Reviewed-by: Borislav
herb...@gondor.apana.org.au>
Cc: Gary Hook <gary.h...@amd.com>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
Cc: linux-crypto@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-ker...@vger.kernel.org
Improvements-by: Borislav Petkov <b...@suse.de>
Signed-off-by: Brijesh Singh &
-by: Borislav Petkov <b...@suse.de>
Signed-off-by: Brijesh Singh <brijesh.si...@amd.com>
Reviewed-by: Borislav Petkov <b...@suse.de>
---
drivers/crypto/ccp/Kconfig | 11 +
drivers/crypto/ccp/Makefile | 1 +
drivers/crypto/ccp/psp-dev.c | 105 +++
herb...@gondor.apana.org.au>
Cc: Gary Hook <gary.h...@amd.com>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
Cc: linux-crypto@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-ker...@vger.kernel.org
Improvements-by: Borislav Petkov <b...@suse.de>
Signed-off-by: Brijesh Singh &
t;gary.h...@amd.com>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
Cc: linux-crypto@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-ker...@vger.kernel.org
Improvements-by: Borislav Petkov <b...@suse.de>
Signed-off-by: Brijesh Singh <brijesh
.de>
Cc: Herbert Xu <herb...@gondor.apana.org.au>
Cc: Gary Hook <gary.h...@amd.com>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
Cc: linux-crypto@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-ker...@vger.kernel.org
Improvements-by: Borislav Petkov <b...@suse.de>
Signed-off-by
-by: Borislav Petkov <b...@suse.de>
Signed-off-by: Brijesh Singh <brijesh.si...@amd.com>
Reviewed-by: Borislav Petkov <b...@suse.de>
Acked-by: Gary R Hook <gary.h...@amd.com>
---
include/linux/psp-sev.h | 465
1 file change
.de>
Cc: Herbert Xu <herb...@gondor.apana.org.au>
Cc: Gary Hook <gary.h...@amd.com>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
Cc: linux-crypto@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-ker...@vger.kernel.org
Improvements-by: Borislav Petkov <b...@suse.de>
Signed-of
From: Borislav Petkov <b...@suse.de>
This is AMD-specific hardware so present it in Kconfig only when AMD
CPU support is enabled or on ARM64 where it is also used.
Signed-off-by: Borislav Petkov <b...@suse.de>
Signed-off-by: Brijesh Singh <brijesh.si...@amd.com>
Reviewed-by: G
dor.apana.org.au>
Cc: Gary Hook <gary.h...@amd.com>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
Cc: linux-crypto@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-ker...@vger.kernel.org
Improvements-by: Borislav Petkov <b...@suse.de>
Signed-off-by: Brijesh Singh <brijesh.si...@amd
tkov (1):
crypto: ccp: Build the AMD secure processor driver only with AMD CPU
support
Brijesh Singh (34):
Documentation/virtual/kvm: Add AMD Secure Encrypted Virtualization
(SEV)
KVM: SVM: Prepare to reserve asid for SEV guest
KVM: X86: Extend CPUID range to include new leaf
KV
herb...@gondor.apana.org.au>
Cc: Gary Hook <gary.h...@amd.com>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
Cc: linux-crypto@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-ker...@vger.kernel.org
Reviewed-by: Borislav Petkov <b...@suse.de>
Improvements-by: Borislav Petkov <
<herb...@gondor.apana.org.au>
Cc: Gary Hook <gary.h...@amd.com>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
Cc: linux-crypto@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-ker...@vger.kernel.org
Improvements-by: Borislav Petkov <b...@suse.de>
Signed-off-by: Brijesh Singh &
Hi Herbert,
On 10/24/2017 07:14 AM, Brijesh Singh wrote:
Hi Herbert and Paolo,
Since the PSP patches touches both the CCP and KVM driver, hence I was
wondering if you guys have any thought on how PSP patches will be
merged? I am talking about Patch 9 to 20 from this series. I have
On 11/3/17 2:42 PM, Borislav Petkov wrote:
...
>> +if (psp_master->sev_state == SEV_STATE_UNINIT) {
>> +ret = __sev_platform_init_locked(psp_master->sev_init,
>> >error);
> Right, you're passing psp_master->sev_init (or whatever you're going to
> end up calling it) down but
On 11/05/2017 05:34 AM, Borislav Petkov wrote:
...
Fixes ontop:
* !input.cert_chain_address test was repeated. I saw that by aligning
them vertically, i.e., after making it more readable, the repetition
became obvious.
* Do the lengths checks first and the access_ok after, in each PDH and
r (PSP) interface
+ *
+ * Copyright (C) 2016-2017 Advanced Micro Devices, Inc.
+ *
+ * Author: Brijesh Singh <brijesh.si...@amd.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published
herb...@gondor.apana.org.au>
Cc: Gary Hook <gary.h...@amd.com>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
Cc: linux-crypto@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-ker...@vger.kernel.org
Reviewed-by: Borislav Petkov <b...@suse.de>
Improvements-by: Borislav Petkov <
herb...@gondor.apana.org.au>
Cc: Gary Hook <gary.h...@amd.com>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
Cc: linux-crypto@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-ker...@vger.kernel.org
Improvements-by: Borislav Petkov <b...@suse.de>
Signed-off-by: Brijesh Singh &
t;gary.h...@amd.com>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
Cc: linux-crypto@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-ker...@vger.kernel.org
Improvements-by: Borislav Petkov <b...@suse.de>
Signed-off-by: Brijesh Singh <brijesh.si...@amd.com>
---
Boris,
I have tried to
.de>
Cc: Herbert Xu <herb...@gondor.apana.org.au>
Cc: Gary Hook <gary.h...@amd.com>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
Cc: linux-crypto@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-ker...@vger.kernel.org
Improvements-by: Borislav Petkov <b...@suse.de>
Signed
I just realized that this should be marked as "PATCH v6.1 13/38 ...". I
had some debug patch before this hence it was pushed below in the stack.
On 10/29/17 3:48 PM, Brijesh Singh wrote:
> AMD's new Secure Encrypted Virtualization (SEV) feature allows the
> memory contents of
On 10/30/17 12:57 PM, Borislav Petkov wrote:
> On Mon, Oct 30, 2017 at 12:49:14PM -0500, Brijesh Singh wrote:
>> If the buffer is allocated on the stack then there is no guarantee that
> static global is not allocated on the stack.
Okay, Just tried static global with CONFIG_VMAP_S
On 10/30/2017 12:21 PM, Borislav Petkov wrote:
...
Useless forward declarations.
Actually its helpful in other patches. I was trying to avoid making too
many code movement in other patches to eliminate the forward
declarations. I guess I can fix in v7.
static struct psp_device
herb...@gondor.apana.org.au>
Cc: Gary Hook <gary.h...@amd.com>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
Cc: linux-crypto@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-ker...@vger.kernel.org
Signed-off-by: Brijesh Singh <brijesh.si..
herb...@gondor.apana.org.au>
Cc: Gary Hook <gary.h...@amd.com>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
Cc: linux-crypto@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-ker...@vger.kernel.org
Signed-off-by: Brijesh Singh <brijesh.si..
herb...@gondor.apana.org.au>
Cc: Gary Hook <gary.h...@amd.com>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
Cc: linux-crypto@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-ker...@vger.kernel.org
Signed-off-by: Brijesh Singh <brijesh.si...@amd.com>
---
drivers/crypto/ccp/psp-
-by: Borislav Petkov <b...@suse.de>
Signed-off-by: Brijesh Singh <brijesh.si...@amd.com>
Reviewed-by: Borislav Petkov <b...@suse.de>
---
drivers/crypto/ccp/Kconfig | 11 +
drivers/crypto/ccp/Makefile | 1 +
drivers/crypto/ccp/psp-dev.c | 105 +++
herb...@gondor.apana.org.au>
Cc: Gary Hook <gary.h...@amd.com>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
Cc: linux-crypto@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-ker...@vger.kernel.org
Signed-off-by: Brijesh Singh <brijesh.si...@amd.com>
---
drivers/crypto/ccp/psp-
<herb...@gondor.apana.org.au>
Cc: Gary Hook <gary.h...@amd.com>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
Cc: linux-crypto@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-ker...@vger.kernel.org
Signed-off-by: Brijesh Singh <brijesh.si..
Improvements-by: Borislav Petkov <b...@suse.de>
Signed-off-by: Brijesh Singh <brijesh.si...@amd.com>
Reviewed-by: Borislav Petkov <b...@suse.de>
---
include/linux/psp-sev.h | 494
1 file changed, 494 insertions(+)
create mode 100644
.de>
Cc: Herbert Xu <herb...@gondor.apana.org.au>
Cc: Gary Hook <gary.h...@amd.com>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
Cc: linux-crypto@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-ker...@vger.kernel.org
Improvements-by: Borislav Petkov <b...@suse.de>
.de>
Cc: Herbert Xu <herb...@gondor.apana.org.au>
Cc: Gary Hook <gary.h...@amd.com>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
Cc: linux-crypto@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-ker...@vger.kernel.org
Improvements-by: Borislav Petkov <b...@suse.de>
Signed-off-by
dor.apana.org.au>
Cc: Gary Hook <gary.h...@amd.com>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
Cc: linux-crypto@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-ker...@vger.kernel.org
Improvements-by: Borislav Petkov <b...@suse.de>
Signed-off-by: Brijesh Singh <brijesh.si
t;gary.h...@amd.com>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
Cc: linux-crypto@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-ker...@vger.kernel.org
Improvements-by: Borislav Petkov <b...@suse.de>
Signed-off-by: Brijesh Singh <brijesh
From: Borislav Petkov <b...@suse.de>
This is AMD-specific hardware so present it in Kconfig only when AMD
CPU support is enabled or on ARM64 where it is also used.
Signed-off-by: Borislav Petkov <b...@suse.de>
Signed-off-by: Brijesh Singh <brijesh.si...@amd.com>
Cc: Brijesh
AMD-SP driver
* Changes to address v2 feedbacks
Borislav Petkov (1):
crypto: ccp: Build the AMD secure processor driver only with AMD CPU
support
Brijesh Singh (34):
Documentation/virtual/kvm: Add AMD Secure Encrypted Virtualization
(SEV)
KVM: SVM: Prepare to reserve
On 10/26/2017 08:56 AM, Borislav Petkov wrote:
On Mon, Oct 23, 2017 at 02:57:04PM -0500, Brijesh Singh wrote:
Calling PLATFORM_GET_STATUS is not required, we can manage the state through
a simple ref count variable. Issuing PSP commands will always be much more
expensive compare to accessing
On 10/27/17 2:56 AM, Borislav Petkov wrote:
> On Thu, Oct 26, 2017 at 03:59:32PM -0500, Brijesh Singh wrote:
>> we can workaround #1 by adding some hooks in sp_pci_init() to invoke the PSP
>> initialization routines after pci_register_driver() is done but #2 can get
>
On 10/26/2017 12:44 PM, Borislav Petkov wrote:
On Thu, Oct 26, 2017 at 11:56:57AM -0500, Brijesh Singh wrote:
The variable is used as ref counter.
... and it can't be converted to a boolean because...?
SHUTDOWN command unconditionally transitions a platform to uninitialized
state
On 10/26/2017 03:13 PM, Borislav Petkov wrote:
On Thu, Oct 26, 2017 at 02:26:15PM -0500, Brijesh Singh wrote:
SHUTDOWN command unconditionally transitions a platform to uninitialized
state. The command does not care how many processes are actively using the
PSP. We don't want to shutdown
On 10/27/17 7:00 PM, Borislav Petkov wrote:
> On Fri, Oct 27, 2017 at 05:59:23PM -0500, Brijesh Singh wrote:
>> Yes it is typo. PEK_GEN wants FW to be in INIT state hence someone need
>> to transition from UNINIT -> INIT.
> Which, once you've done it once on driver init,
On 10/27/17 3:15 PM, Borislav Petkov wrote:
> On Fri, Oct 27, 2017 at 06:28:38AM -0500, Brijesh Singh wrote:
>> ... User can retry the command sometime later when nobody else is
>> using the PSP.
> That still doesn't prevent you from doing two things:
>
> * make that fw_
On 10/27/17 3:27 PM, Borislav Petkov wrote:
> On Fri, Oct 27, 2017 at 03:25:24PM -0500, Brijesh Singh wrote:
>> Yep, we are doing state transition only when we really need to. At least
>> so far I have tried to avoid making any unnecessary state transitions.
> So change all t
gt;
Cc: "Radim Krčmář" <rkrc...@redhat.com>
Cc: Borislav Petkov <b...@suse.de>
Cc: Herbert Xu <herb...@gondor.apana.org.au>
Cc: Gary Hook <gary.h...@amd.com>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
Cc: Joerg Roedel <j...@8bytes.org>
Cc: linux-crypto@vger.
a.org.au>
Cc: Gary Hook <gary.h...@amd.com>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
Cc: linux-crypto@vger.kernel.org
Cc: linux-ker...@vger.kernel.org
Signed-off-by: Brijesh Singh <brijesh.si...@amd.com>
---
drivers/crypto/ccp/psp-dev.c | 8
1 file changed, 4 insert
nel crash.
Add check to call get master device only when PSP/SEV is detected.
Reported-by: Paulian Bogdan Marinca <paul...@marinca.net>
Cc: Borislav Petkov <b...@suse.de>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
CC: Gary R Hook <gary.h...@amd.com>
Cc: linux-ker...@vger.kernel
nel crash.
Add check to call get master device only when PSP/SEV is detected.
Reported-by: Paulian Bogdan Marinca <paul...@marinca.net>
Cc: Borislav Petkov <b...@suse.de>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
CC: Gary R Hook <gary.h...@amd.com>
Cc: linux-ker...@vger.kernel
...@amd.com>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
Signed-off-by: Brijesh Singh <brijesh.si...@amd.com>
---
drivers/crypto/ccp/psp-dev.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c
index fcf
..@suse.de>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
CC: Gary R Hook <gary.h...@amd.com>
Signed-off-by: Brijesh Singh <brijesh.si...@amd.com>
---
include/uapi/linux/psp-sev.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/include/uapi/linux/psp-se
On 12/21/17 7:06 AM, Paolo Bonzini wrote:
Hi Paolo,
> Hi Brijesh,
>
> I have a couple comments:
>
> 1) how is MSR_AMD64_SEV's value passed to the guest, and where is it in
> the manual?
It is a non interceptable read-only MSR set by the HW when SEV feature
is enabled in VMRUN
On 12/21/17 9:51 AM, Brijesh Singh wrote:
>
> On 12/21/17 7:06 AM, Paolo Bonzini wrote:
>
>
> Hi Paolo,
>
>
>> Hi Brijesh,
>>
>> I have a couple comments:
>>
>> 1) how is MSR_AMD64_SEV's value passed to the guest, and where is it in
>&
will not apply cleanly hence I will rework a different patch for stable trees
after this patch is accepted.
Brijesh Singh (1):
crypto: ccp: add timeout support in the SEV command
drivers/crypto/ccp/psp-dev.c | 46 +++-
1 file changed, 41 insertions(+), 5
pport")
Cc: # 4.16.x-
Signed-off-by: Tom Lendacky
---
Reviewed-by: Brijesh Singh
drivers/crypto/ccp/psp-dev.c |4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c
index ff478d8..973d683 100644
--- a/driv
+-
drivers/crypto/ccp/psp-dev.h | 10 +-
2 files changed, 2 insertions(+), 10 deletions(-)
Reviewed-by: Brijesh Singh
diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c
index 91ef6ed..875756d 100644
--- a/drivers/crypto/ccp/psp-dev.c
+++ b/drivers/crypto/ccp/psp-dev.c
---
drivers/crypto/ccp/psp-dev.c | 24
drivers/crypto/ccp/psp-dev.h |9 -
drivers/crypto/ccp/sp-dev.h |7 ++-
drivers/crypto/ccp/sp-pci.c |7 ++-
4 files changed, 24 insertions(+), 23 deletions(-)
Reviewed-by: Brijesh Singh
diff --git
ing the Coccinelle software.
>
> Signed-off-by: Markus Elfring <elfr...@users.sourceforge.net>
> ---
> drivers/crypto/ccp/psp-dev.c | 15 +--
> 1 file changed, 1 insertion(+), 14 deletions(-)
Reviewed-by: Brijesh Singh <brijesh.si...@amd.com>
thanks
> d
Hi Herbert,
On 03/02/2018 10:41 AM, Herbert Xu wrote:
On Thu, Feb 15, 2018 at 01:34:44PM -0600, Brijesh Singh wrote:
Fix sparse warning: Using plain integer as NULL pointer. Replaces
assignment of 0 to pointer with NULL assignment.
Fixes: 200664d5237f (Add Secure Encrypted Virtualization
Hi,
The workaround to handle this FW bug has been submitted last month
https://marc.info/?l=linux-crypto-vger=153436754612783=2
And patch is accepted in crypto tree
https://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git/commit/?id=3702a0585e64d70d5bf73bf3e943b8d6005b72c1
It
201 - 260 of 260 matches
Mail list logo