From: Linus Torvalds Date: Tue, 24 May 2022 00:38:01 +0000 (-0700) Subject: Merge tag 'x86_sev_for_v5.19_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git... X-Git-Tag: v5.19-rc1~233 X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=eb39e37d5cebdf0f63ee2a315fc23b035d81b4b0;p=users%2Fhch%2Fxfs.git Merge tag 'x86_sev_for_v5.19_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull AMD SEV-SNP support from Borislav Petkov: "The third AMD confidential computing feature called Secure Nested Paging. Add to confidential guests the necessary memory integrity protection against malicious hypervisor-based attacks like data replay, memory remapping and others, thus achieving a stronger isolation from the hypervisor. At the core of the functionality is a new structure called a reverse map table (RMP) with which the guest has a say in which pages get assigned to it and gets notified when a page which it owns, gets accessed/modified under the covers so that the guest can take an appropriate action. In addition, add support for the whole machinery needed to launch a SNP guest, details of which is properly explained in each patch. And last but not least, the series refactors and improves parts of the previous SEV support so that the new code is accomodated properly and not just bolted on" * tag 'x86_sev_for_v5.19_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (60 commits) x86/entry: Fixup objtool/ibt validation x86/sev: Mark the code returning to user space as syscall gap x86/sev: Annotate stack change in the #VC handler x86/sev: Remove duplicated assignment to variable info x86/sev: Fix address space sparse warning x86/sev: Get the AP jump table address from secrets page x86/sev: Add missing __init annotations to SEV init routines virt: sevguest: Rename the sevguest dir and files to sev-guest virt: sevguest: Change driver name to reflect generic SEV support x86/boot: Put globals that are accessed early into the .data section x86/boot: Add an efi.h header for the decompressor virt: sevguest: Fix bool function returning negative value virt: sevguest: Fix return value check in alloc_shared_pages() x86/sev-es: Replace open-coded hlt-loop with sev_es_terminate() virt: sevguest: Add documentation for SEV-SNP CPUID Enforcement virt: sevguest: Add support to get extended report virt: sevguest: Add support to derive key virt: Add SEV-SNP guest driver x86/sev: Register SEV-SNP guest request platform device x86/sev: Provide support for SNP guest request NAEs ... --- eb39e37d5cebdf0f63ee2a315fc23b035d81b4b0 diff --cc drivers/virt/Kconfig index c877da072d4d,0c1bba7c5c66..87ef258cec64 --- a/drivers/virt/Kconfig +++ b/drivers/virt/Kconfig @@@ -48,6 -48,6 +48,8 @@@ source "drivers/virt/nitro_enclaves/Kco source "drivers/virt/acrn/Kconfig" +source "drivers/virt/coco/efi_secret/Kconfig" + + source "drivers/virt/coco/sev-guest/Kconfig" + endif diff --cc drivers/virt/Makefile index 067b5427f40f,b2e6e864ebbe..093674e05c40 --- a/drivers/virt/Makefile +++ b/drivers/virt/Makefile @@@ -9,4 -9,4 +9,5 @@@ obj-y += vboxguest obj-$(CONFIG_NITRO_ENCLAVES) += nitro_enclaves/ obj-$(CONFIG_ACRN_HSM) += acrn/ +obj-$(CONFIG_EFI_SECRET) += coco/efi_secret/ + obj-$(CONFIG_SEV_GUEST) += coco/sev-guest/