ACK: [SRU][mantic:gcp][PULL] GCP TDX Support

Philip Cox philip.cox at canonical.com
Wed Feb 7 16:45:16 UTC 2024 

On Tue, 2024-02-06 at 20:49 -0600, John Cabaj wrote:
> BugLink: https://bugs.launchpad.net/bugs/2052576
> 
> [Impact]
> 
> * Google requested TDX guest features to be added to GCP kernel.
> 
> [Fix]
> 
> * 16 clean cherry-picks, 2 backports from upstream
> * 11 backports from Intel
> * 1 config change to enable support
> 
> [Test Case]
> 
> * Compile tested
> * Boot tested
> * Tested internally at various stages of development
> * Tested by Google
> 
> [Where things could go wrong]
> 
> * Majority of patches come from upstream with minimal backporting.
> * Some patches sourced from Intel, and differ from upstream
> counterparts. 
>   However, these patches have been extensively tested in other
> kernels already released.
> 
> [Other Info]
> 
> * SF #00363309
> 
> ----------------------------------------------------------------
> 
> The following changes since commit
> 77c2daaf38b78fdf918f0bc15f5f876c7420e4b6:
> 
>   UBUNTU: Ubuntu-gcp-6.5.0-1013.13 (2024-01-24 15:18:45 -0600)
> 
> are available in the Git repository at:
> 
>  
> https://git.launchpad.net/~john-cabaj/ubuntu/+source/linux-gcp/+git/mantic-gcp-tdx
>  tdx
> 
> for you to fetch changes up to
> ff41aa9bed4a49032f83acc0dd96005aabeff590:
> 
>   UBUNTU: [Config] gcp: Updates for TDX (2024-02-06 20:42:03 -0600)
> 
> ----------------------------------------------------------------
> Dan Williams (6):
>       virt: sevguest: Fix passing a stack buffer as a scatterlist
> target
>       virt: coco: Add a coco/Makefile and coco/Kconfig
>       configfs-tsm: Introduce a shared ABI for attestation reports
>       virt: sevguest: Prep for kernel internal get_ext_report()
>       mm/slab: Add __free() support for kvfree
>       virt: sevguest: Add TSM_REPORTS support for SNP_GET_EXT_REPORT
> 
> Dexuan Cui (1):
>       x86/tdx: Retry partially-completed page conversion hypercalls
> 
> John Cabaj (1):
>       UBUNTU: [Config] gcp: Updates for TDX
> 
> Kai Huang (12):
>       UBUNTU: SAUCE: x86/tdx: Zero out the missing RSI in
> TDX_HYPERCALL macro
>       UBUNTU: SAUCE: x86/tdx: Skip saving output regs when SEAMCALL
> fails with VMFailInvalid
>       UBUNTU: SAUCE: x86/tdx: Make macros of TDCALLs consistent with
> the spec
>       UBUNTU: SAUCE: x86/tdx: Rename __tdx_module_call() to
> __tdcall()
>       UBUNTU: SAUCE: x86/tdx: Pass TDCALL/SEAMCALL input/output
> registers via a structure
>       UBUNTU: SAUCE: x86/tdx: Extend TDX_MODULE_CALL to support more
> TDCALL/SEAMCALL leafs
>       UBUNTU: SAUCE: x86/tdx: Make TDX_HYPERCALL asm similar to
> TDX_MODULE_CALL
>       UBUNTU: SAUCE: x86/tdx: Reimplement __tdx_hypercall() using
> TDX_MODULE_CALL asm
>       UBUNTU: SAUCE: x86/tdx: Remove 'struct tdx_hypercall_args'
>       UBUNTU: SAUCE: x86/virt/tdx: Wire up basic SEAMCALL functions
>       x86/virt/tdx: Make TDX_MODULE_CALL handle SEAMCALL #UD and #GP
>       x86/tdx: Fix __noreturn build warning around
> __tdx_hypercall_failed()
> 
> Kirill A. Shutemov (5):
>       x86/tdx: Mark TSC reliable
>       efi/unaccepted: Fix soft lockups caused by parallel memory
> acceptance
>       x86/coco: Disable 32-bit emulation by default on TDX and SEV
>       x86/tdx: Allow 32-bit emulation by default
>       x86/kvm: Do not try to disable kvmclock if it was not enabled
> 
> Kuppuswamy Sathyanarayanan (2):
>       UBUNTU: SAUCE: virt: tdx-guest: Add RTMR update interface
>       virt: tdx-guest: Add Quote generation support using TSM_REPORTS
> 
> Nikolay Borisov (1):
>       x86: Introduce ia32_enabled()
> 
> Thomas Gleixner (2):
>       x86/entry: Convert INT 0x80 emulation to IDTENTRY
>       x86/entry: Do not allow external 0x80 interrupts
> 
>  Documentation/ABI/testing/configfs-tsm   |  82
> ++++++++++++++++++++++++++++
>  Documentation/virt/coco/tdx-guest.rst    |  11 ++++
>  MAINTAINERS                              |   8 +++
>  arch/x86/Kconfig                         |  12 ++++
>  arch/x86/Makefile                        |   2 +
>  arch/x86/boot/compressed/tdx.c           |   6 +-
>  arch/x86/coco/tdx/tdcall.S               | 231 ++++++++++-----------
> --------------------------------------------------------
>  arch/x86/coco/tdx/tdx-shared.c           |  28 ++++++++--
>  arch/x86/coco/tdx/tdx.c                  | 194
> +++++++++++++++++++++++++++++++++++++++++++++++++---------------
>  arch/x86/entry/common.c                  |  97
> +++++++++++++++++++++++++++++++-
>  arch/x86/entry/entry_64_compat.S         |  77 ---------------------
> -----
>  arch/x86/include/asm/ia32.h              |  23 +++++++-
>  arch/x86/include/asm/idtentry.h          |   4 ++
>  arch/x86/include/asm/proto.h             |   4 --
>  arch/x86/include/asm/shared/tdx.h        |  91 ++++++++++++++++++---
> ---------
>  arch/x86/include/asm/tdx.h               |  15 +++++
>  arch/x86/kernel/asm-offsets.c            |  33 +++++------
>  arch/x86/kernel/idt.c                    |   2 +-
>  arch/x86/kernel/kvmclock.c               |  12 ++--
>  arch/x86/mm/mem_encrypt_amd.c            |  11 ++++
>  arch/x86/virt/Makefile                   |   2 +
>  arch/x86/virt/vmx/Makefile               |   2 +
>  arch/x86/virt/vmx/tdx/Makefile           |   2 +
>  arch/x86/virt/vmx/tdx/seamcall.S         |  61 +++++++++++++++++++++
>  arch/x86/virt/vmx/tdx/tdxcall.S          | 227
> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-----------
> ------
>  arch/x86/xen/enlighten_pv.c              |   2 +-
>  arch/x86/xen/xen-asm.S                   |   2 +-
>  debian.gcp/config/annotations            |   2 +
>  drivers/firmware/efi/unaccepted_memory.c |  64 ++++++++++++++++++++--
>  drivers/virt/Kconfig                     |   6 +-
>  drivers/virt/Makefile                    |   4 +-
>  drivers/virt/coco/Kconfig                |  14 +++++
>  drivers/virt/coco/Makefile               |   8 +++
>  drivers/virt/coco/sev-guest/Kconfig      |   1 +
>  drivers/virt/coco/sev-guest/sev-guest.c  | 214
> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-------
> --
>  drivers/virt/coco/tdx-guest/Kconfig      |   1 +
>  drivers/virt/coco/tdx-guest/tdx-guest.c  | 264
> +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
> +++++++++++++++++-
>  drivers/virt/coco/tsm.c                  | 425
> +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
> +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
> +++
>  include/linux/slab.h                     |   2 +
>  include/linux/tsm.h                      |  69
> +++++++++++++++++++++++
>  include/uapi/linux/psp-sev.h             |   1 +
>  include/uapi/linux/sev-guest.h           |   4 +-
>  include/uapi/linux/tdx-guest.h           |  24 ++++++++
>  tools/objtool/noreturns.h                |   1 +
>  44 files changed, 1857 insertions(+), 488 deletions(-)
>  create mode 100644 Documentation/ABI/testing/configfs-tsm
>  create mode 100644 arch/x86/virt/Makefile
>  create mode 100644 arch/x86/virt/vmx/Makefile
>  create mode 100644 arch/x86/virt/vmx/tdx/Makefile
>  create mode 100644 arch/x86/virt/vmx/tdx/seamcall.S
>  create mode 100644 drivers/virt/coco/Kconfig
>  create mode 100644 drivers/virt/coco/Makefile
>  create mode 100644 drivers/virt/coco/tsm.c
>  create mode 100644 include/linux/tsm.h
> 

-- 
Acked-by: Philip Cox <philip.cox at canonical.com>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20240207/eda54518/attachment-0001.html>

More information about the kernel-team mailing list