merge-31c2c89ce023 from branch/tag: cvm/R102-snp-support into branch: cos-5.15
Changelog:
-------------------------------------------------------------
Adam Dunlap (3):
x86/asm: Force native_apic_mem_read to use mov
x86/sev: Use RIP-relative addressing for static vars
Add sevguest driver to lakitu kernel config
Ashish Kalra (3):
EFI: Introduce the new AMD Memory Encryption GUID.
x86/kvm: Add guest support for detecting and enabling SEV Live Migration feature.
x86/kvm: Add kexec support for SEV Live Migration.
Borislav Petkov (2):
x86/head64: Carve out the guest encryption postprocessing into a helper
x86/sev: Remove do_early_exception() forward declarations
Brijesh Singh (24):
x86/kvm: Add AMD SEV specific Hypercall3
mm: x86: Invoke hypercall when page encryption status is changed
KVM: SVM: Define sev_features and VMPL field in the VMSA
x86/mm: Extend cc_attr to include AMD SEV-SNP
x86/sev: Shorten GHCB terminate macro names
x86/sev: Define the Linux-specific guest termination reasons
x86/sev: Save the negotiated GHCB version
x86/sev: Check SEV-SNP features support
x86/sev: Add a helper for the PVALIDATE instruction
x86/sev: Check the VMPL level
x86/compressed: Add helper for validating pages in the decompression stage
x86/compressed: Register GHCB memory when SEV-SNP is active
x86/sev: Register GHCB memory when SEV-SNP is active
x86/sev: Add helper for validating pages in early enc attribute changes
x86/kernel: Mark the .bss..decrypted section as shared in the RMP table
x86/kernel: Validate ROM memory before accessing when SEV-SNP is active
x86/mm/cpa: Generalize __set_memory_enc_pgtable()
x86/mm: Validate memory when changing the C-bit
x86/boot: Add Confidential Computing type to setup_data
x86/sev: Provide support for SNP guest request NAEs
x86/sev: Register SEV-SNP guest request platform device
virt: Add SEV-SNP guest driver
virt: sevguest: Add support to derive key
virt: sevguest: Add support to get extended report
Kuppuswamy Sathyanarayanan (1):
x86/sev: Rename mem_encrypt.c to mem_encrypt_amd.c
Michael Roth (22):
x86/boot: Introduce helpers for MSR reads/writes
x86/boot: Use MSR read/write helpers instead of inline assembly
x86/compressed/64: Detect/setup SEV/SME features earlier during boot
x86/sev: Detect/setup SEV/SME features earlier in boot
x86/head/64: Re-enable stack protection
x86/compressed/acpi: Move EFI detection to helper
x86/compressed/acpi: Move EFI system table lookup to helper
x86/compressed/acpi: Move EFI config table lookup to helper
x86/compressed/acpi: Move EFI vendor table lookup to helper
x86/compressed/acpi: Move EFI kexec handling into common code
KVM: x86: Move lookup of indexed CPUID leafs to helper
x86/sev: Move MSR-based VMGEXITs for CPUID to helper
x86/compressed/64: Add support for SEV-SNP CPUID table in #VC handlers
x86/boot: Add a pointer to Confidential Computing blob in bootparams
x86/compressed: Add SEV-SNP feature detection/setup
x86/compressed: Use firmware-validated CPUID leaves for SEV-SNP guests
x86/compressed: Export and rename add_identity_map()
x86/compressed/64: Add identity mapping for Confidential Computing blob
x86/sev: Add SEV-SNP feature detection/setup
x86/sev: Use firmware-validated CPUID for SEV-SNP guests
x86/sev: Add a sev= cmdline option
virt: sevguest: Add documentation for SEV-SNP CPUID Enforcement
Peter Gonda (1):
KVM: SEV: Refactor out sev_es_state struct
Tom Lendacky (7):
KVM: SVM: Create a separate mapping for the SEV-ES save area
KVM: SVM: Create a separate mapping for the GHCB save area
KVM: SVM: Update the SEV-ES save area mapping
treewide: Replace the use of mem_encrypt_active() with cc_platform_has()
x86/sme: Replace occurrences of sme_active() with cc_platform_has()
x86/sev: Replace occurrences of sev_active() with cc_platform_has()
x86/sev: Use SEV-SNP AP creation to start secondary CPUs
BUG=b/236415790
TEST=tryjob, validation and K8s e2e
RELEASE_NOTE=Updated the Linux kernel to cvm/R102-snp-support.
Signed-off-by: Oleksandr Tymoshenko <ovt@google.com>
Change-Id: I6bc629574875243905cc5d56ba4a9ab3a50dd17f
