From: Linus Torvalds Date: Tue, 12 Mar 2024 00:44:11 +0000 (-0700) Subject: Merge tag 'x86_sev_for_v6.9_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git... X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=38b334fc767e44816be087b3ec5d84b1438b735f;p=users%2Fjedix%2Flinux-maple.git Merge tag 'x86_sev_for_v6.9_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 SEV updates from Borislav Petkov: - Add the x86 part of the SEV-SNP host support. This will allow the kernel to be used as a KVM hypervisor capable of running SNP (Secure Nested Paging) guests. Roughly speaking, SEV-SNP is the ultimate goal of the AMD confidential computing side, providing the most comprehensive confidential computing environment up to date. This is the x86 part and there is a KVM part which did not get ready in time for the merge window so latter will be forthcoming in the next cycle. - Rework the early code's position-dependent SEV variable references in order to allow building the kernel with clang and -fPIE/-fPIC and -mcmodel=kernel - The usual set of fixes, cleanups and improvements all over the place * tag 'x86_sev_for_v6.9_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (36 commits) x86/sev: Disable KMSAN for memory encryption TUs x86/sev: Dump SEV_STATUS crypto: ccp - Have it depend on AMD_IOMMU iommu/amd: Fix failure return from snp_lookup_rmpentry() x86/sev: Fix position dependent variable references in startup code crypto: ccp: Make snp_range_list static x86/Kconfig: Remove CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT Documentation: virt: Fix up pre-formatted text block for SEV ioctls crypto: ccp: Add the SNP_SET_CONFIG command crypto: ccp: Add the SNP_COMMIT command crypto: ccp: Add the SNP_PLATFORM_STATUS command x86/cpufeatures: Enable/unmask SEV-SNP CPU feature KVM: SEV: Make AVIC backing, VMSA and VMCB memory allocation SNP safe crypto: ccp: Add panic notifier for SEV/SNP firmware shutdown on kdump iommu/amd: Clean up RMP entries for IOMMU pages during SNP shutdown crypto: ccp: Handle legacy SEV commands when SNP is enabled crypto: ccp: Handle non-volatile INIT_EX data when SNP is enabled crypto: ccp: Handle the legacy TMR allocation when SNP is enabled x86/sev: Introduce an SNP leaked pages list crypto: ccp: Provide an API to issue SEV and SNP commands ... --- 38b334fc767e44816be087b3ec5d84b1438b735f diff --cc arch/x86/include/asm/coco.h index 76c310b19b11,21940ef8d290..fb7388bbc212 --- a/arch/x86/include/asm/coco.h +++ b/arch/x86/include/asm/coco.h @@@ -10,9 -11,15 +11,15 @@@ enum cc_vendor CC_VENDOR_INTEL, }; +#ifdef CONFIG_ARCH_HAS_CC_PLATFORM extern enum cc_vendor cc_vendor; - void cc_set_mask(u64 mask); + extern u64 cc_mask; + -#ifdef CONFIG_ARCH_HAS_CC_PLATFORM + static inline void cc_set_mask(u64 mask) + { + RIP_REL_REF(cc_mask) = mask; + } + u64 cc_mkenc(u64 val); u64 cc_mkdec(u64 val); #else diff --cc arch/x86/include/asm/disabled-features.h index f40b29d3abad,3332d2940020..d73fea9c3bf1 --- a/arch/x86/include/asm/disabled-features.h +++ b/arch/x86/include/asm/disabled-features.h @@@ -117,12 -117,12 +117,18 @@@ #define DISABLE_IBT (1 << (X86_FEATURE_IBT & 31)) #endif +#ifdef CONFIG_X86_FRED +# define DISABLE_FRED 0 +#else +# define DISABLE_FRED (1 << (X86_FEATURE_FRED & 31)) +#endif + + #ifdef CONFIG_KVM_AMD_SEV + #define DISABLE_SEV_SNP 0 + #else + #define DISABLE_SEV_SNP (1 << (X86_FEATURE_SEV_SNP & 31)) + #endif + /* * Make sure to add features to the correct mask */ diff --cc arch/x86/mm/fault.c index e1ac86396446,859adcd123c9..cdb5045a0428 --- a/arch/x86/mm/fault.c +++ b/arch/x86/mm/fault.c @@@ -34,7 -34,7 +34,8 @@@ #include /* kvm_handle_async_pf */ #include /* fixup_vdso_exception() */ #include +#include + #include /* snp_dump_hva_rmpentry() */ #define CREATE_TRACE_POINTS #include