[SRU][N:linux-gcp/P:linux-gcp][PATCH 0/2] Add SVSM vTPM support for AMD SEV-SNP confidential VMs
Ian Whitfield
ian.whitfield at canonical.com
Tue Jun 17 16:03:48 UTC 2025
On Tue, Jun 17, 2025 at 11:38:46AM +0800, Wei-Lin Chang wrote:
> On Mon, Jun 16, 2025 at 04:04:45PM -0700, Ian Whitfield wrote:
> > BugLink: https://bugs.launchpad.net/bugs/2111956
> >
> > [Impact]
> > Google has made a request for SVSM vTPM support in linux-gcp kernels 6.8 and
> > later.
> >
> > [Fix]
> > Patches requested in the support case:
> > 980a573621ea ("tpm: Make chip->{status,cancel,req_canceled} opt")
> > 770de678bc28 ("x86/sev: Add SVSM vTPM probe/send_command functions")
> > b2849b072366 ("svsm: Add header with SVSM_VTPM_CMD helpers")
> > 93b7c6b3ce91 ("tpm: Add SNP SVSM vTPM driver")
> > e396dd85172c ("x86/sev: Register tpm-svsm platform device")
> >
> > The config for all kernels must have CONFIG_TCG_SVSM=y
> >
> > Noble also requires the changes from this pull request:
> > https://lore.kernel.org/lkml/20240716095557.GAZpZDrdC3HA0Zilxr@fat_crate.local/
> > and CONFIG_SEV_GUEST=m/y and CONFIG_TSM_REPORTS=y
> >
> > Besides context adjustments, Noble required some additional changes to its patchset.
> > Three commits were added to enable 878e70dbd26e ("x86/sev: Check for the
> > presence of an SVSM in the SNP secrets page") to apply more smoothly:
> > 88ed43d32beb ("x86/sev: Rename snp_init() in boot/compressed/sev.c")
> > e2f4c8c319ab ("x86/sev: Make the VMPL0 checking more straight forward")
> > 1e52550729da ("x86/sev: Shorten struct name snp_secrets_page_layout to snp_secrets_page")
> > One commit was dropped from the patchset because it was applied via stable updates:
> > 3991b04d4870 ("virt: sev-guest: Mark driver struct with __refdata to prevent section mismatch")
> > One commit was dropped because it fixes a bug not present in noble:linux-gcp:
> > 0440feb09079 ("x86/sev: Do RMP memory coverage check after max_pfn has been set")
> >
> > [Test Plan]
> > Compile and boot tested. Google has reviewed the patchset.
> >
> > [Where problems could occur]
> > These changes are in core kernel security modules, so care should be taken
> > to ensure that patches are applied correctly to avoid creating new security
> > vulnerabilities. An issue with this patchset could result in critical kernel
> > failures in confidential compute VMs.
> >
> > [Other]
> > SF #00409503
>
> Hi, what does SF #<number> mean?
That's just a note to track the customer support case this change originates
from. It's probably more useful to the submitter than it is to the reviewer.
-Ian
>
> Acked-by: Wei-Lin Chang <weilin.chang at canonical.com>
>
> >
> > Borislav Petkov (AMD) (2):
> > x86/sev: Move SEV compilation units
> > Documentation/ABI/configfs-tsm: Fix an unexpected indentation silly
> >
> > Ian Whitfield (1):
> > UBUNTU: [Config] gcp: Make tpm_svsm built-in
> >
> > Jarkko Sakkinen (1):
> > tpm: Make chip->{status,cancel,req_canceled} opt
> >
> > Stefano Garzarella (4):
> > x86/sev: Add SVSM vTPM probe/send_command functions
> > svsm: Add header with SVSM_VTPM_CMD helpers
> > tpm: Add SNP SVSM vTPM driver
> > x86/sev: Register tpm-svsm platform device
> >
> > Tom Lendacky (15):
> > x86/irqflags: Provide native versions of the
> > local_irq_save()/restore()
> > x86/sev: Rename snp_init() in boot/compressed/sev.c
> > x86/sev: Make the VMPL0 checking more straight forward
> > x86/sev: Check for the presence of an SVSM in the SNP secrets page
> > x86/sev: Use kernel provided SVSM Calling Areas
> > x86/sev: Perform PVALIDATE using the SVSM when not at VMPL0
> > x86/sev: Use the SVSM to create a vCPU when not in VMPL0
> > x86/sev: Provide SVSM discovery support
> > x86/sev: Provide guest VMPL level to userspace
> > virt: sev-guest: Choose the VMPCK key based on executing VMPL
> > sev-guest: configfs-tsm: Allow the privlevel_floor attribute to be
> > updated
> > fs/configfs: Add a callback to determine attribute visibility
> > x86/sev: Take advantage of configfs visibility support in TSM
> > x86/sev: Extend the config-fs attestation support for an SVSM
> > x86/sev: Allow non-VMPL0 execution when an SVSM is present
> >
> > Documentation/ABI/testing/configfs-tsm | 63 +++
> > .../ABI/testing/sysfs-devices-system-cpu | 12 +
> > .../arch/x86/amd-memory-encryption.rst | 29 +-
> > Documentation/virt/coco/sev-guest.rst | 11 +
> > arch/x86/boot/compressed/sev.c | 263 +++++----
> > arch/x86/coco/Makefile | 1 +
> > arch/x86/coco/sev/Makefile | 15 +
> > arch/x86/{kernel/sev.c => coco/sev/core.c} | 518 +++++++++++++++---
> > .../sev-shared.c => coco/sev/shared.c} | 460 +++++++++++++++-
> > arch/x86/include/asm/cpufeatures.h | 1 +
> > arch/x86/include/asm/irqflags.h | 20 +
> > arch/x86/include/asm/msr-index.h | 2 +
> > arch/x86/include/asm/sev-common.h | 18 +
> > arch/x86/include/asm/sev.h | 142 ++++-
> > arch/x86/include/uapi/asm/svm.h | 1 +
> > arch/x86/kernel/Makefile | 5 -
> > arch/x86/mm/mem_encrypt_amd.c | 8 +-
> > debian.gcp/config/annotations | 3 +
> > drivers/char/tpm/Kconfig | 10 +
> > drivers/char/tpm/Makefile | 1 +
> > drivers/char/tpm/tpm-interface.c | 30 +-
> > drivers/char/tpm/tpm_ftpm_tee.c | 20 -
> > drivers/char/tpm/tpm_svsm.c | 125 +++++
> > drivers/virt/coco/sev-guest/sev-guest.c | 204 ++++++-
> > drivers/virt/coco/tdx-guest/tdx-guest.c | 26 +-
> > drivers/virt/coco/tsm.c | 177 ++++--
> > fs/configfs/dir.c | 10 +
> > include/linux/configfs.h | 3 +
> > include/linux/tpm_svsm.h | 149 +++++
> > include/linux/tsm.h | 59 +-
> > 30 files changed, 2105 insertions(+), 281 deletions(-)
> > create mode 100644 arch/x86/coco/sev/Makefile
> > rename arch/x86/{kernel/sev.c => coco/sev/core.c} (83%)
> > rename arch/x86/{kernel/sev-shared.c => coco/sev/shared.c} (72%)
> > create mode 100644 drivers/char/tpm/tpm_svsm.c
> > create mode 100644 include/linux/tpm_svsm.h
> >
> > --
> > 2.43.0
> >
> >
> > --
> > kernel-team mailing list
> > kernel-team at lists.ubuntu.com
> > https://lists.ubuntu.com/mailman/listinfo/kernel-team
More information about the kernel-team
mailing list