NAK: [SRU][L/gcp][PULL] Support for 3 TDX features
Tim Gardner
tim.gardner at canonical.com
Mon Sep 11 13:05:48 UTC 2023
On 9/11/23 1:22 AM, Khaled Elmously wrote:
> BugLink: https://bugs.launchpad.net/bugs/2034908
>
> This patchset adds support for 3 TDX-related features:
> - UnacceptedMemory, patches 1-24 (this is an optimization for lazy memory acceptance during boot)
> - TDX GetQuote, patches 25-27, (needed for attestation)
> - Marking TSC as reliable (last patch)
>
>
> Intel has provided code review for the first 2 and has additionally tested the GetQuote feature.
> GCP has tested all three features and confirmed basic functionality and sanity. More testing will follow when the features are available in -proposed.
>
> Some of the early patches area already upstream, but most are from Intel's GitHub and are expected to be merged in Linux 6.6 or possibly later.
>
>
>
> The following changes since commit be996e4a1a1e35b0b6083247ca8a4cc1abe087ec:
>
> UBUNTU: Ubuntu-gcp-6.2.0-1014.14 (2023-09-08 00:49:21 -0400)
>
> are available in the Git repository at:
>
> git+ssh://git.launchpad.net/~kmously/ubuntu/+source/linux/+git/lunar tdx-review
>
> for you to fetch changes up to 6ce8708056f40c571a67beacb233e5b3a5ca09f5:
>
> x86/tdx: Mark TSC reliable (2023-09-11 02:41:55 -0400)
>
> ----------------------------------------------------------------
> Khalid Elmously (1):
> UBUNTU: [config] Enable CONFIG_UNACCEPTED_MEMORY
>
> Kirill A. Shutemov (22):
> x86/boot: Centralize __pa()/__va() definitions
> sparc/mm: fix MAX_ORDER usage in tsb_grow()
> um: fix MAX_ORDER usage in linux_main()
> floppy: fix MAX_ORDER usage
> drm/i915: fix MAX_ORDER usage in i915_gem_object_get_pages_internal()
> genwqe: fix MAX_ORDER usage
> perf/core: fix MAX_ORDER usage in rb_alloc_aux_page()
> mm/slub: fix MAX_ORDER usage in calculate_order()
> iommu: fix MAX_ORDER usage in __iommu_dma_alloc_pages()
> mm, treewide: redefine MAX_ORDER sanely
> mm: avoid passing 0 to __ffs()
> mm/page_alloc: make deferred page init free pages in MAX_ORDER blocks
> mm: Add support for unaccepted memory
> efi/x86: Get full memory map in allocate_e820()
> efi/libstub: Implement support for unaccepted memory
> x86/boot/compressed: Handle unaccepted memory
> efi: Add unaccepted memory support
> efi/unaccepted: Avoid load_unaligned_zeropad() stepping into unaccepted memory
> x86/tdx: Make _tdx_hypercall() and __tdx_module_call() available in boot stub
> x86/tdx: Refactor try_accept_one()
> x86/tdx: Add unaccepted memory support
> x86/tdx: Mark TSC reliable
>
> Kuppuswamy Sathyanarayanan (3):
> x86/tdx: Add TDX Guest event notify interrupt support
> virt: tdx-guest: Add Quote generation support
> selftests/tdx: Test GetQuote TDX attestation feature
>
> Mike Rapoport (IBM) (2):
> loongarch: drop ranges for definition of ARCH_FORCE_MAX_ORDER
> mips: drop ranges for definition of ARCH_FORCE_MAX_ORDER
>
> Documentation/admin-guide/kdump/vmcoreinfo.rst | 6 +-
> Documentation/admin-guide/kernel-parameters.txt | 2 +-
> Documentation/virt/coco/tdx-guest.rst | 11 +
> arch/arc/Kconfig | 4 +-
> arch/arm/Kconfig | 9 +-
> arch/arm/configs/imx_v6_v7_defconfig | 2 +-
> arch/arm/configs/milbeaut_m10v_defconfig | 2 +-
> arch/arm/configs/oxnas_v6_defconfig | 2 +-
> arch/arm/configs/pxa_defconfig | 2 +-
> arch/arm/configs/sama7_defconfig | 2 +-
> arch/arm/configs/sp7021_defconfig | 2 +-
> arch/arm64/Kconfig | 14 +-
> arch/arm64/include/asm/sparsemem.h | 2 +-
> arch/arm64/kvm/hyp/include/nvhe/gfp.h | 2 +-
> arch/arm64/kvm/hyp/nvhe/page_alloc.c | 10 +-
> arch/csky/Kconfig | 2 +-
> arch/ia64/Kconfig | 8 +-
> arch/ia64/include/asm/sparsemem.h | 4 +-
> arch/ia64/mm/hugetlbpage.c | 2 +-
> arch/loongarch/Kconfig | 12 +-
> arch/m68k/Kconfig.cpu | 5 +-
> arch/mips/Kconfig | 15 +-
> arch/nios2/Kconfig | 7 +-
> arch/powerpc/Kconfig | 27 +--
> arch/powerpc/configs/85xx/ge_imp3a_defconfig | 2 +-
> arch/powerpc/configs/fsl-emb-nonhw.config | 2 +-
> arch/powerpc/mm/book3s64/iommu_api.c | 2 +-
> arch/powerpc/mm/hugetlbpage.c | 2 +-
> arch/powerpc/platforms/powernv/pci-ioda.c | 2 +-
> arch/sh/configs/ecovec24_defconfig | 2 +-
> arch/sh/mm/Kconfig | 17 +-
> arch/sparc/Kconfig | 5 +-
> arch/sparc/kernel/pci_sun4v.c | 2 +-
> arch/sparc/kernel/traps_64.c | 2 +-
> arch/sparc/mm/tsb.c | 4 +-
> arch/x86/Kconfig | 2 +
> arch/x86/boot/compressed/Makefile | 3 +-
> arch/x86/boot/compressed/efi.h | 10 +
> arch/x86/boot/compressed/error.c | 19 ++
> arch/x86/boot/compressed/error.h | 1 +
> arch/x86/boot/compressed/ident_map_64.c | 8 -
> arch/x86/boot/compressed/kaslr.c | 40 +++-
> arch/x86/boot/compressed/mem.c | 83 +++++++
> arch/x86/boot/compressed/misc.c | 6 +
> arch/x86/boot/compressed/misc.h | 19 ++
> arch/x86/boot/compressed/sev.c | 2 -
> arch/x86/boot/compressed/tdx-shared.c | 2 +
> arch/x86/coco/tdx/Makefile | 2 +-
> arch/x86/coco/tdx/tdx-shared.c | 71 ++++++
> arch/x86/coco/tdx/tdx.c | 288 +++++++++++++++--------
> arch/x86/include/asm/efi.h | 2 +
> arch/x86/include/asm/shared/tdx.h | 50 ++++
> arch/x86/include/asm/tdx.h | 27 +--
> arch/x86/include/asm/unaccepted_memory.h | 24 ++
> arch/x86/platform/efi/efi.c | 3 +
> arch/xtensa/Kconfig | 5 +-
> debian.gcp/config/annotations | 2 +
> drivers/base/node.c | 7 +
> drivers/base/regmap/regmap-debugfs.c | 8 +-
> drivers/block/floppy.c | 2 +-
> drivers/crypto/hisilicon/sgl.c | 6 +-
> drivers/firmware/efi/Kconfig | 14 ++
> drivers/firmware/efi/Makefile | 1 +
> drivers/firmware/efi/efi.c | 26 ++
> drivers/firmware/efi/libstub/Makefile | 2 +
> drivers/firmware/efi/libstub/bitmap.c | 41 ++++
> drivers/firmware/efi/libstub/efistub.h | 6 +
> drivers/firmware/efi/libstub/find.c | 43 ++++
> drivers/firmware/efi/libstub/unaccepted_memory.c | 222 +++++++++++++++++
> drivers/firmware/efi/libstub/x86-stub.c | 39 +--
> drivers/firmware/efi/unaccepted_memory.c | 147 ++++++++++++
> drivers/gpu/drm/i915/gem/selftests/huge_pages.c | 2 +-
> drivers/gpu/drm/ttm/ttm_pool.c | 22 +-
> drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.h | 2 +-
> drivers/iommu/dma-iommu.c | 4 +-
> drivers/irqchip/irq-gic-v3-its.c | 4 +-
> drivers/md/dm-bufio.c | 2 +-
> drivers/misc/genwqe/card_utils.c | 2 +-
> drivers/net/ethernet/hisilicon/hns3/hns3_enet.c | 2 +-
> drivers/net/ethernet/ibm/ibmvnic.h | 2 +-
> drivers/video/fbdev/hyperv_fb.c | 4 +-
> drivers/video/fbdev/vermilion/vermilion.c | 2 +-
> drivers/virt/coco/tdx-guest/tdx-guest.c | 175 +++++++++++++-
> drivers/virtio/virtio_balloon.c | 2 +-
> drivers/virtio/virtio_mem.c | 12 +-
> fs/proc/meminfo.c | 5 +
> fs/ramfs/file-nommu.c | 2 +-
> include/drm/ttm/ttm_pool.h | 2 +-
> include/linux/efi.h | 13 +-
> include/linux/hugetlb.h | 2 +-
> include/linux/mm.h | 19 ++
> include/linux/mmzone.h | 20 +-
> include/linux/pageblock-flags.h | 4 +-
> include/linux/slab.h | 6 +-
> include/uapi/linux/tdx-guest.h | 44 ++++
> kernel/crash_core.c | 2 +-
> kernel/dma/pool.c | 6 +-
> kernel/events/ring_buffer.c | 2 +-
> mm/Kconfig | 10 +-
> mm/compaction.c | 8 +-
> mm/debug_vm_pgtable.c | 4 +-
> mm/huge_memory.c | 2 +-
> mm/hugetlb.c | 4 +-
> mm/kmsan/init.c | 6 +-
> mm/memblock.c | 20 +-
> mm/memory_hotplug.c | 15 +-
> mm/page_alloc.c | 237 ++++++++++++++++---
> mm/page_isolation.c | 12 +-
> mm/page_owner.c | 6 +-
> mm/page_reporting.c | 8 +-
> mm/shuffle.h | 2 +-
> mm/slab.c | 2 +-
> mm/slub.c | 4 +-
> mm/vmscan.c | 2 +-
> mm/vmstat.c | 17 +-
> net/smc/smc_ib.c | 2 +-
> security/integrity/ima/ima_crypto.c | 2 +-
> tools/testing/memblock/linux/mmzone.h | 6 +-
> tools/testing/selftests/tdx/tdx_guest_test.c | 65 ++++-
> 119 files changed, 1820 insertions(+), 407 deletions(-)
> create mode 100644 arch/x86/boot/compressed/mem.c
> create mode 100644 arch/x86/boot/compressed/tdx-shared.c
> create mode 100644 arch/x86/coco/tdx/tdx-shared.c
> create mode 100644 arch/x86/include/asm/unaccepted_memory.h
> create mode 100644 drivers/firmware/efi/libstub/bitmap.c
> create mode 100644 drivers/firmware/efi/libstub/find.c
> create mode 100644 drivers/firmware/efi/libstub/unaccepted_memory.c
> create mode 100644 drivers/firmware/efi/unaccepted_memory.c
>
>
The provenance on the 'cherry picked' lines does not appear to be
correct. None of the SHA1 commit IDs are in upstream linux.
--
-----------
Tim Gardner
Canonical, Inc
More information about the kernel-team
mailing list