Is there any production hardware supporting SEV? Which one? We
are interested to do some test.
SEV support is not available in production hardware's. SEV support will
be available in future AMD hardware's.
And, generally, I have a question about container protection. In
white paper an
The CCP and PSP devices part of AMD Secure Procesor may share the same
interrupt. Hence we expand the SP device to register a common interrupt
handler and provide functions to CCP and PSP devices to register their
interrupt callback which will be invoked upon interrupt.
Signed-off-by: Brijesh
initialized and handled appropriately. The series
does not makes any logic modification into CCP - it refactors the code to
integerate CCP into AMD secure processor framework.
Brijesh Singh (3):
crypto: ccp - Use devres interface to allocate PCI/iomap and cleanup
crypto: ccp - Introduce the
The CCP device is part of the AMD Secure Processor. In order to expand
the usage of the AMD Secure Processor, create a framework that allows
functional components of the AMD Secure Processor to be initialized and
handled appropriately.
Signed-off-by: Brijesh Singh
---
drivers/crypto/Kconfig
Update pci and platform files to use devres interface to allocate the PCI
and iomap resources. Also add helper functions to consolicate module init,
exit and power mangagement code duplication.
Signed-off-by: Brijesh Singh
---
drivers/crypto/ccp/ccp-dev-v3.c | 8 +++
drivers/crypto/ccp/ccp
SEV support has been accepted into EDKII/OVMF BIOS
https://github.com/tianocore/edk2/commits/master
Cc: Thomas Gleixner
Cc: Ingo Molnar
Cc: "H. Peter Anvin"
Cc: Borislav Petkov
Cc: Andy Lutomirski
Cc: Tom Lendacky
Cc: Brijesh Singh
Cc: Paolo Bonzini
Cc: "Rad
: Thomas Gleixner
Cc: Ingo Molnar
Cc: "H. Peter Anvin"
Cc: Borislav Petkov
Cc: Andy Lutomirski
Cc: Laura Abbott
Cc: "Kirill A. Shutemov"
Cc: Matt Fleming
Cc: linux-kernel@vger.kernel.org
Cc: x...@kernel.org
Signed-off-by: Tom Lendacky
Signed-off-by: Brijesh Singh
Reviewed
Molnar
Cc: "H. Peter Anvin"
Cc: Borislav Petkov
Cc: "Kirill A. Shutemov"
Cc: Laura Abbott
Cc: Andy Lutomirski
Cc: "Jérôme Glisse"
Cc: Andrew Morton
Cc: Dan Williams
Cc: Kees Cook
Cc: x...@kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Tom Lendacky
: linux-kernel@vger.kernel.org
Signed-off-by: Tom Lendacky
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
kernel/resource.c | 52 +---
1 file changed, 25 insertions(+), 27 deletions(-)
diff --git a/kernel/resource.c b/kernel
hypervisor and guest can access the data.
Cc: Thomas Gleixner
Cc: Ingo Molnar
Cc: "H. Peter Anvin"
Cc: Borislav Petkov
Cc: Paolo Bonzini
Cc: "Radim Krčmář"
Cc: Tom Lendacky
Cc: x...@kernel.org
Cc: linux-kernel@vger.kernel.org
Cc: k...@vger.kernel.org
Signed-off-by: Brijes
dim Krčmář"
Cc: Tom Lendacky
Cc: x...@kernel.org
Cc: linux-kernel@vger.kernel.org
Cc: k...@vger.kernel.org
Signed-off-by: Brijesh Singh
---
Changes since v5:
early_set_memory_decrypt() takes care of decrypting the memory contents
and changing the C bit hence there is no need
Signed-off-by: Tom Lendacky
Signed-off-by: Brijesh Singh
---
arch/powerpc/kernel/machine_kexec_file_64.c | 12 +---
arch/x86/kernel/crash.c | 18 +-
arch/x86/kernel/pmem.c | 2 +-
include/linux/ioport.h | 4 ++-
attribute in early boot code.
Cc: Thomas Gleixner
Cc: Ingo Molnar
Cc: "H. Peter Anvin"
Cc: Borislav Petkov
Cc: x...@kernel.org
Cc: linux-kernel@vger.kernel.org
Cc: Tom Lendacky
Signed-off-by: Brijesh Singh
---
Changes since v5:
early_set_memory_enc_dec() is enhanced to perfo
Christoph Lameter
Cc: linux-a...@vger.kernel.org
Cc: x...@kernel.org
Cc: linux-kernel@vger.kernel.org
Cc: Tom Lendacky
Signed-off-by: Brijesh Singh
Acked-by: Tejun Heo
Reviewed-by: Borislav Petkov
---
include/asm-generic/vmlinux.lds.h | 19 +++
include/linux/percpu-defs.h
Laight
Cc: Arnd Bergmann
Cc: x...@kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Tom Lendacky
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
arch/x86/include/asm/io.h | 42 ++
arch/x86/mm/mem_encrypt.c | 8
2 files c
Lutomirski
Cc: Kees Cook
Cc: Paolo Bonzini
Cc: "Radim Krčmář"
Cc: x...@kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Tom Lendacky
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
arch/x86/boot/compressed/Makefile | 1 +
arch/x86/boot/compressed/head_
k Wilk
Cc: x...@kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Tom Lendacky
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
arch/x86/mm/mem_encrypt.c | 86 +++
lib/swiotlb.c | 5 +--
2 files changed, 89 insert
g
Cc: Ard Biesheuvel
Cc: linux-...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Cc: x...@kernel.org
Signed-off-by: Tom Lendacky
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
arch/x86/platform/efi/efi_64.c | 16 +++-
1 file changed, 15 insertions(+), 1 deletion(-)
. Shutemov"
Cc: linux-kernel@vger.kernel.org
Cc: x...@kernel.org
Signed-off-by: Tom Lendacky
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
arch/x86/realmode/init.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/arch/x86/realmode/init.c b/arch/x86/r
"
Cc: Borislav Petkov
Cc: Andy Lutomirski
Cc: John Ogness
Cc: Matt Fleming
Cc: Laura Abbott
Cc: Dan Williams
Cc: "Kirill A. Shutemov"
Cc: linux-kernel@vger.kernel.org
Cc: x...@kernel.org
Signed-off-by: Tom Lendacky
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petk
mirski
Cc: linux-kernel@vger.kernel.org
Cc: x...@kernel.org
Signed-off-by: Tom Lendacky
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
arch/x86/include/asm/mem_encrypt.h | 6 ++
arch/x86/mm/mem_encrypt.c | 26 ++
include/linux/mem_encrypt.h
.org
Cc: x...@kernel.org
Signed-off-by: Tom Lendacky
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
arch/x86/kernel/setup.c | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
index 17dea09f06a3..bb5c3b4ea00f 100644
On 10/16/17 10:34 AM, Brijesh Singh wrote:
> This series is based on tip/master commit : 3594329f88c5 (Merge branch
> 'linus')
Small correction,
On tip/master the series applies on 3c794350da95 (Merge branch
'x86/urgent')'
Complete git tree based on t
On 10/16/17 11:21 AM, Borislav Petkov wrote:
...
>> +static bool sev_enabled __section(.data) = false;
> You need to run a patch through checkpatch everytime you change it -
> sometimes the warning makes sense, like in this case:
>
> ERROR: do not initialise statics to false
> #73: FILE: arch/x8
mirski
Cc: linux-kernel@vger.kernel.org
Cc: x...@kernel.org
Signed-off-by: Tom Lendacky
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
Changes since v6:
* do not initialise static sev_enabled to false
arch/x86/include/asm/mem_encrypt.h | 6 ++
arch/x86/mm/mem_encrypt.c
attribute in early boot code.
Cc: Thomas Gleixner
Cc: Ingo Molnar
Cc: "H. Peter Anvin"
Cc: Borislav Petkov
Cc: x...@kernel.org
Cc: linux-kernel@vger.kernel.org
Cc: Tom Lendacky
Improvements-by: Borislav Petkov
Signed-off-by: Brijesh Singh
---
Changes since v6:
* applied the im
On 10/16/17 5:24 PM, Borislav Petkov wrote:
...
>>
>> +static inline void __set_percpu_decrypted(void *ptr, unsigned long size)
>> +{
>> +early_set_memory_decrypted(slow_virt_to_phys(ptr), size);
>> +}
> Ok, so this looks like useless conversion:
>
> you pass in a virtual address, it gets
On 10/17/17 3:20 AM, Borislav Petkov wrote:
> On Mon, Oct 16, 2017 at 08:43:15PM -0500, Brijesh Singh wrote:
>> Actually, I worked to enable the kvmclock support before the
>> kvm-stealtime, eoi and apf_reason. The kvmclock uses memblock_alloc() to
>> allocate the shared
On 10/17/17 8:35 AM, Borislav Petkov wrote:
...
>> The second call is for UP cases. The kvm_smp_prepapre_boot_cpu() is
>> called only when CONFIG_SMP is enabled. Am I missing something ?
> Yes, you are.
>
> kvm_guest_init() gets called unconditionally from setup_arch(). But then
> you said kvm_g
ger.kernel.org
Cc: x...@kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
Documentation/virtual/kvm/00-INDEX | 3 ++
.../virtual/kvm/amd-memory-encryption.rst | 45 ++
2 files changed, 48 insertions(+)
off-by: Tom Lendacky
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
arch/x86/include/asm/svm.h | 2 ++
arch/x86/kvm/svm.c | 7 ---
2 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h
index 14835dd205a5..5e324
Cc: linux-kernel@vger.kernel.org
Improvements-by: Borislav Petkov
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
Acked-by: Gary R Hook
---
include/uapi/linux/psp-sev.h | 113 +++
1 file changed, 113 insertions(+)
create mode 100644 include/uapi
org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh
---
arch/x86/kvm/svm.c | 68 ++
1 file changed, 68 insertions(+)
diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index 35840979627f..749d2f9898d1 100644
--- a/arch/x86/kvm/svm.
linux-cry...@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Improvements-by: Borislav Petkov
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
Acked-by: Gary R Hook
---
drivers/crypto/ccp/psp-dev.c | 18 ++
1 file changed, 18 insertions(+)
diff --git a/driv
lav Petkov
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
arch/x86/include/asm/kvm_host.h | 2 +
arch/x86/kvm/svm.c | 153
2 files changed, 155 insertions(+)
diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/inc
el.org
Signed-off-by: Brijesh Singh
---
arch/x86/kvm/mmu.c | 10 ++
arch/x86/kvm/svm.c | 3 ++-
2 files changed, 12 insertions(+), 1 deletion(-)
diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c
index 7a69cf053711..0d4776b855bb 100644
--- a/arch/x86/kvm/mmu.c
+++ b/arch/x86/kvm/mmu.c
@@ -49
org
Cc: linux-kernel@vger.kernel.org
Reviewed-by: Borislav Petkov
Signed-off-by: Brijesh Singh
---
arch/x86/kvm/svm.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index a0e5e22bb661..29c30ecde780 100644
--- a/arch/x86/kvm/svm.c
+++
"
Cc: Paolo Bonzini
Cc: "Radim Krčmář"
Cc: Joerg Roedel
Cc: Borislav Petkov
Cc: Tom Lendacky
Cc: x...@kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh
---
arch/x86/include/asm/kvm_host.h | 1 +
arch/x86/kvm/svm.
org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
arch/x86/kvm/svm.c | 23 +++
1 file changed, 23 insertions(+)
diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index c9be9dde7b85..0ed823806bbc 100644
--- a/arch/x86/kvm/svm.c
+++
Tom Lendacky
Cc: x...@kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Reviewed-by: Borislav Petkov
Signed-off-by: Brijesh Singh
---
arch/x86/kvm/svm.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index 6df96d4c164f..a0e5e
t;
Cc: Joerg Roedel
Cc: Borislav Petkov
Cc: Tom Lendacky
Cc: x...@kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh
---
arch/x86/kvm/svm.c | 103 ++---
1 file changed, 98 insertions(+), 5 deleti
rnel@vger.kernel.org
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
arch/x86/kvm/svm.c | 33 +
1 file changed, 33 insertions(+)
diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index 0ed823806bbc..65ef2a72b8e8 100644
--- a/arch/x86/kvm/svm.c
+++
org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh
---
arch/x86/kvm/svm.c | 157 +
1 file changed, 157 insertions(+)
diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index 65ef2a72b8e8..adf4d80caee4 100644
--- a/arch/x86/kvm/svm.
"
Cc: Paolo Bonzini
Cc: "Radim Krčmář"
Cc: Joerg Roedel
Cc: Borislav Petkov
Cc: Tom Lendacky
Cc: x...@kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh
---
arch/x86/include/asm/kvm_host.h | 7 +++
arch/x86/kvm/svm.
Molnar
Cc: "H. Peter Anvin"
Cc: Paolo Bonzini
Cc: "Radim Krčmář"
Cc: Joerg Roedel
Cc: Borislav Petkov
Cc: Tom Lendacky
Cc: x...@kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
arc
: x...@kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
arch/x86/kvm/svm.c | 74 ++
1 file changed, 74 insertions(+)
diff --git a/arch/x86/kvm/svm.c b/arch
Tom Lendacky
Cc: x...@kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Improvements-by: Borislav Petkov
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
arch/x86/include/asm/kvm_host.h | 1 +
arch/x86/kvm/svm.c | 191 +
mář"
Cc: Joerg Roedel
Cc: Borislav Petkov
Cc: Tom Lendacky
Cc: x...@kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Improvements-by: Borislav Petkov
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
arch/x86/kvm/svm.c | 23 ++-
Molnar
Cc: "H. Peter Anvin"
Cc: Paolo Bonzini
Cc: "Radim Krčmář"
Cc: Joerg Roedel
Cc: Borislav Petkov
Cc: Tom Lendacky
Cc: Jonathan Corbet
Cc: x...@kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Improvements-by: Borislav Petkov
Signed-off-by: Bri
org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
arch/x86/kvm/svm.c | 4
1 file changed, 4 insertions(+)
diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index fab5b1b7fc63..be2e98c01b22 100644
--- a/arch/x86/kvm/svm.c
+++ b/arch/x86/kvm/svm
kernel.org
Cc: linux-kernel@vger.kernel.org
Reviewed-by: Borislav Petkov
Improvements-by: Borislav Petkov
Signed-off-by: Brijesh Singh
Acked-by: Gary R Hook
---
drivers/crypto/ccp/psp-dev.c | 16
1 file changed, 16 insertions(+)
diff --git a/drivers/crypto/ccp/psp-dev.c b/driv
.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Improvements-by: Borislav Petkov
Signed-off-by: Brijesh Singh
Acked-by: Gary R Hook
---
drivers/crypto/ccp/psp-dev.c | 98
1 file changed, 98 insertions(+)
diff --git a/drivers/crypto/ccp/psp-dev.c
org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
arch/x86/kvm/Kconfig | 10 ++
1 file changed, 10 insertions(+)
diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig
index 3c48bc8bf08c..86273a0f981a 100644
--- a/arch/x86/kvm/Kconfig
+++ b/
.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
Acked-by: Gary R Hook
---
drivers/crypto/ccp/psp-dev.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c
index 2c
kernel.org
Cc: linux-kernel@vger.kernel.org
Improvements-by: Borislav Petkov
Signed-off-by: Brijesh Singh
Acked-by: Gary R Hook
---
drivers/crypto/ccp/psp-dev.c | 68
1 file changed, 68 insertions(+)
diff --git a/drivers/crypto/ccp/psp-dev.c b/driv
kernel.org
Cc: linux-kernel@vger.kernel.org
Improvements-by: Borislav Petkov
Signed-off-by: Brijesh Singh
Acked-by: Gary R Hook
---
drivers/crypto/ccp/psp-dev.c | 81
include/linux/psp-sev.h | 4 +++
2 files changed, 85 insertions(+)
diff --git
kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Improvements-by: Borislav Petkov
Signed-off-by: Brijesh Singh
Acked-by: Gary R Hook
---
drivers/crypto/ccp/psp-dev.c | 70 +++-
1 file changed, 69 insertions(+), 1 deletion(-)
diff --git
Cc: Gary Hook
Cc: Tom Lendacky
Cc: linux-cry...@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Improvements-by: Borislav Petkov
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
Acked-by: Gary R Hook
---
include/linux/psp-s
: Gary Hook
Cc: Tom Lendacky
Cc: linux-cry...@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Improvements-by: Borislav Petkov
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
drivers/crypto/ccp/Kconfig | 11 +
drivers/crypto/ccp/Makefile | 1 +
dri
Improvements-by: Borislav Petkov
Signed-off-by: Brijesh Singh
---
drivers/crypto/ccp/psp-dev.c | 350 +++
drivers/crypto/ccp/psp-dev.h | 24 +++
drivers/crypto/ccp/sp-dev.c | 9 ++
drivers/crypto/ccp/sp-dev.h | 4 +
include/linux/psp-s
From: Borislav Petkov
This is AMD-specific hardware so present it in Kconfig only when AMD
CPU support is enabled or on ARM64 where it is also used.
Signed-off-by: Borislav Petkov
Signed-off-by: Brijesh Singh
Reviewed-by: Gary R Hook
Cc: Brijesh Singh
Cc: Tom Lendacky
Cc: Gary Hook
Cc
Ingo Molnar
Cc: "H. Peter Anvin"
Cc: Paolo Bonzini
Cc: "Radim Krčmář"
Cc: Joerg Roedel
Cc: Borislav Petkov
Cc: Tom Lendacky
Cc: x...@kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Improvements-by: Borislav Petkov
Signed-off-by: Brijesh Singh
Rev
* Optimize LAUNCH_UPDATE command to reduce the number of calls to AMD-SP driver
* Changes to address v2 feedbacks
Borislav Petkov (1):
crypto: ccp: Build the AMD secure processor driver only with AMD CPU
support
Brijesh Singh (34):
Documentation/virtual/kvm: Add AMD Secure Encrypted Vi
Borislav Petkov
Cc: Tom Lendacky
Cc: x...@kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Reviewed-by: Borislav Petkov
Signed-off-by: Brijesh Singh
---
arch/x86/kvm/cpuid.c | 2 +-
arch/x86/kvm/svm.c | 6 ++
2 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/
Borislav Petkov
Cc: Tom Lendacky
Cc: x...@kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh
Reviewed-by: Paolo Bonzini
Reviewed-by: Borislav Petkov
---
Documentation/virtual/kvm/api.txt | 16
arch/x86/include/asm/kvm_host.h |
...@kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh
Reviewed-by: Paolo Bonzini
Reviewed-by: Borislav Petkov
---
arch/x86/kvm/svm.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.
Cc: x...@kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Tom Lendacky
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
arch/x86/include/asm/svm.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/arch/x86/include/asm/svm.h b/arch/x86/inc
dacky
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
arch/x86/include/asm/cpufeatures.h | 1 +
arch/x86/include/asm/msr-index.h | 2 ++
arch/x86/kernel/cpu/amd.c | 66 ++
arch/x86/kernel/cpu/scattered.c| 1 +
4 files changed,
On 11/02/2017 12:10 PM, Borislav Petkov wrote:
...
drivers/crypto/ccp/psp-dev.c | 350 +++
drivers/crypto/ccp/psp-dev.h | 24 +++
drivers/crypto/ccp/sp-dev.c | 9 ++
drivers/crypto/ccp/sp-dev.h | 4 +
include/linux/psp-sev.h | 143 +
On 10/26/2017 08:56 AM, Borislav Petkov wrote:
On Mon, Oct 23, 2017 at 02:57:04PM -0500, Brijesh Singh wrote:
Calling PLATFORM_GET_STATUS is not required, we can manage the state through
a simple ref count variable. Issuing PSP commands will always be much more
expensive compare to accessing
On 10/26/2017 12:44 PM, Borislav Petkov wrote:
On Thu, Oct 26, 2017 at 11:56:57AM -0500, Brijesh Singh wrote:
The variable is used as ref counter.
... and it can't be converted to a boolean because...?
SHUTDOWN command unconditionally transitions a platform to uninitialized
state
On 10/26/2017 03:13 PM, Borislav Petkov wrote:
On Thu, Oct 26, 2017 at 02:26:15PM -0500, Brijesh Singh wrote:
SHUTDOWN command unconditionally transitions a platform to uninitialized
state. The command does not care how many processes are actively using the
PSP. We don't want to shutdow
On 11/3/17 2:42 PM, Borislav Petkov wrote:
...
>> +if (psp_master->sev_state == SEV_STATE_UNINIT) {
>> +ret = __sev_platform_init_locked(psp_master->sev_init,
>> &argp->error);
> Right, you're passing psp_master->sev_init (or whatever you're going to
> end up calling it) down bu
On 11/05/2017 05:34 AM, Borislav Petkov wrote:
...
Fixes ontop:
* !input.cert_chain_address test was repeated. I saw that by aligning
them vertically, i.e., after making it more readable, the repetition
became obvious.
* Do the lengths checks first and the access_ok after, in each PDH and
c
On 11/06/2017 04:34 AM, Borislav Petkov wrote:
...
int cpu;
@@ -1084,6 +1095,16 @@ static __init int svm_hardware_setup(void)
kvm_tsc_scaling_ratio_frac_bits = 32;
}
+ if (sev) {
+ if (boot_cpu_has(X86_FEATURE_SEV) &&
+ IS_ENA
On 11/06/2017 04:57 AM, Borislav Petkov wrote:
...
Just get rid of that silly function:
Sure, will do.
On 11/06/2017 05:31 AM, Borislav Petkov wrote:
...
- ret = sev_dbg_decrypt_user(kvm,
- __sme_page_pa(src_p[0]) + s_off,
- dst_vaddr,
- __sme_page_pa(dst_p[0]
On 11/06/2017 08:43 AM, Borislav Petkov wrote:
...
+
+ region->uaddr = range->addr;
+ region->size = range->size;
+ list_add_tail(®ion->list, &sev->regions_list);
+ return ret;
Nothing's protecting that list from concurrent modifications of adding
and removal of regio
SP driver
* Changes to address v2 feedbacks
Borislav Petkov (1):
crypto: ccp: Build the AMD secure processor driver only with AMD CPU
support
Brijesh Singh (34):
Documentation/virtual/kvm: Add AMD Secure Encrypted Virtualization
(SEV)
KVM: SVM: Prepare to reserve asid for SEV guest
K
dacky
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
arch/x86/include/asm/cpufeatures.h | 1 +
arch/x86/include/asm/msr-index.h | 2 ++
arch/x86/kernel/cpu/amd.c | 66 ++
arch/x86/kernel/cpu/scattered.c| 1 +
4 files changed,
Ingo Molnar
Cc: "H. Peter Anvin"
Cc: Paolo Bonzini
Cc: "Radim Krčmář"
Cc: Joerg Roedel
Cc: Borislav Petkov
Cc: Tom Lendacky
Cc: x...@kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Improvements-by: Borislav Petkov
Signed-off-by: Brijesh Singh
Rev
: Gary Hook
Cc: Tom Lendacky
Cc: linux-cry...@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Improvements-by: Borislav Petkov
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
drivers/crypto/ccp/Kconfig | 11 +
drivers/crypto/ccp/Makefile | 1 +
dri
Tom Lendacky
Cc: x...@kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Improvements-by: Borislav Petkov
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
arch/x86/include/asm/kvm_host.h | 1 +
arch/x86/kvm/svm.c | 191 +
.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
Acked-by: Gary R Hook
---
drivers/crypto/ccp/psp-dev.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c
index 8a
lav Petkov
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
arch/x86/include/asm/kvm_host.h | 2 +
arch/x86/kvm/svm.c | 153
2 files changed, 155 insertions(+)
diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/inc
Molnar
Cc: "H. Peter Anvin"
Cc: Paolo Bonzini
Cc: "Radim Krčmář"
Cc: Joerg Roedel
Cc: Borislav Petkov
Cc: Tom Lendacky
Cc: x...@kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
arc
: x...@kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
arch/x86/kvm/svm.c | 74 ++
1 file changed, 74 insertions(+)
diff --git a/arch/x86/kvm/svm.c b/arch
kernel.org
Cc: linux-kernel@vger.kernel.org
Improvements-by: Borislav Petkov
Signed-off-by: Brijesh Singh
Acked-by: Gary R Hook
---
drivers/crypto/ccp/psp-dev.c | 66
1 file changed, 66 insertions(+)
diff --git a/drivers/crypto/ccp/psp-dev.c b/driv
"
Cc: Paolo Bonzini
Cc: "Radim Krčmář"
Cc: Joerg Roedel
Cc: Borislav Petkov
Cc: Tom Lendacky
Cc: x...@kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
arch/x86/include/asm/kvm_host.h | 7 +++
Molnar
Cc: "H. Peter Anvin"
Cc: Paolo Bonzini
Cc: "Radim Krčmář"
Cc: Joerg Roedel
Cc: Borislav Petkov
Cc: Tom Lendacky
Cc: Jonathan Corbet
Cc: x...@kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Improvements-by: Borislav Petkov
Signed-off-by: Bri
mář"
Cc: Joerg Roedel
Cc: Borislav Petkov
Cc: Tom Lendacky
Cc: x...@kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Improvements-by: Borislav Petkov
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
arch/x86/kvm/svm.c | 4 +++-
1 file changed, 3 inser
org
Cc: linux-kernel@vger.kernel.org
Reviewed-by: Borislav Petkov
Signed-off-by: Brijesh Singh
---
arch/x86/kvm/svm.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index 388dc0f6d9e2..c4b7f2120e96 100644
--- a/arch/x86/kvm/svm.c
+++
rnel@vger.kernel.org
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
arch/x86/kvm/svm.c | 33 +
1 file changed, 33 insertions(+)
diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index 6bce4b9a0bfd..22af24264411 100644
--- a/arch/x86/kvm/svm.c
+++
Tom Lendacky
Cc: x...@kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Reviewed-by: Borislav Petkov
Signed-off-by: Brijesh Singh
---
arch/x86/kvm/svm.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index 21c206
Cc: Paolo Bonzini
Cc: "Radim Krčmář"
Cc: Joerg Roedel
Cc: Borislav Petkov
Cc: Tom Lendacky
Cc: x...@kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh
---
arch/x86/include/asm/kvm_host.h | 1 +
arch/x86/kvm/svm.
el.org
Signed-off-by: Brijesh Singh
---
arch/x86/kvm/mmu.c | 10 ++
arch/x86/kvm/svm.c | 6 --
2 files changed, 14 insertions(+), 2 deletions(-)
diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c
index 0b481cc9c725..ee81685da05f 100644
--- a/arch/x86/kvm/mmu.c
+++ b/arch/x86/kvm/mmu.c
org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
arch/x86/kvm/svm.c | 68 ++
1 file changed, 68 insertions(+)
diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index 3e7c7dc72c2d..9dae464cb712 10064
org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
arch/x86/kvm/svm.c | 23 +++
1 file changed, 23 insertions(+)
diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index 3a5ae4fd7103..6bce4b9a0bfd 100644
--- a/arch/x86/kvm/svm.c
+++
org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
---
arch/x86/kvm/svm.c | 152 +
1 file changed, 152 insertions(+)
diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index 22af24264411..55adcd35cd
t;
Cc: Joerg Roedel
Cc: Borislav Petkov
Cc: Tom Lendacky
Cc: x...@kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh
---
arch/x86/kvm/svm.c | 98 +++---
1 file changed, 93 insertions(+), 5 deleti
1 - 100 of 859 matches
Mail list logo
