Public bug reported: Below are two sets of commits required for CVM:
1. Core enablement of Linux to run as a Hyper-V guest with the SNP-enabled HCL. 2. VMbus hardening. Patches related to core enablement of Linux to run as a Hyper-V guest with the SNP-enabled HCL are below: HV/Storvsc: Add bounce buffer support for Storvsc - https://github.com/lantianyu/linux/commit/c46341863ba7cfaa11ed6c95d454769dcde57b84 HV/Netvsc: Add SNP support for netvsc driver - https://github.com/lantianyu/linux/commit/0026626dbc42bfcbe26d993bec104383f9d60e35 x86/Hyper-V: Copy data from/to bounce buffer during IO operation - https://github.com/lantianyu/linux/commit/5f948e69f2be44891af03d60b918a3bc0845f954 x86/Hyper-V: Add new parameter for vmbus_sendpacket_pagebuffer()/mpb_desc() - https://github.com/lantianyu/linux/commit/b484eebaf79340e29012a2dadb4518fa7d5d1284 x86/Hyper-V: Initialize bounce buffer page cache and list - https://github.com/lantianyu/linux/commit/8a437af5e4af945b28ba0071302dfa28a48df408 hv/vmbus: Initialize VMbus ring buffer for Isolated VM - https://github.com/lantianyu/linux/commit/45de7cff82cd6e99aedbd4cf2c44fa30298c0dea HV/Vmbus: Add SNP support for VMbus channel initiate message - https://github.com/lantianyu/linux/commit/4bca8b9748dd17fb860a4528781932ade1825dd5 HV: Add ghcb hvcall support for SNP VM - https://github.com/lantianyu/linux/commit/bfb44533b884b08b639258f7150aa71dc148e221 HV: Add Write/Read MSR registers via ghcb - https://github.com/lantianyu/linux/commit/8cf6a0dea3189a654c41e16ad859c9ceb5bb940c HV: Get Hyper-V Isolated VM capability - https://github.com/lantianyu/linux/commit/9290189014a1b231f70b5620338d61508da673df x86/Hyper-V: Add new hvcall guest address host visibility support - https://github.com/lantianyu/linux/commit/deb6dc9bdbff7a6b16910ebe9aff266de9690cb2 x86/Hyper-V: Add visibility parameter for vmbus_establish_gpadl() - https://github.com/lantianyu/linux/commit/e697bc57e853f058eef9b2268b865aa8e574e233 The following commit is also required by CVM support. It has been upstreamed. If ubuntu kernel doesn't contain the patch, it's necessary to backport the patch. x86/hyperv: Initialize clockevents earlier in CPU onlining - https://github.com/lantianyu/linux/commit/8815c2eec402080a4c5f2536668f6d5b7946ef8b VMbus hardening patches: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0a76566595bfb242a7f4bedc77233e9194831ba3 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=44144185951a0ff9b50bf21c0cd1f79ff688e5ca https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e8b7db38449ac5b950a3f00519171c4be3e226ff https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=453de21c2b8281228173a7b689120b92929743d6 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d18fcc95f50950a99bd940d4e61a983f91d267a https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?id=ab548fd21e1cbe601ce5f775254a6d042c6495f2 https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?id=244808e0302953de11dba1f8a580cdd1df35843d https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?id=91b1b640b834b2d6f330baf04c0cc049eca9d689 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=206ad34d52a2f1205c84d08c12fc116aad0eb407 https://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux.git/commit/?id=4424a8d1acc0a30542d4399e83c2a6cfcdd1eb71 https://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux.git/commit/?id=6809ea1c570b40c9b2f139684784d6318d958011 https://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux.git/commit/?id=46011a70c1c21a5dba02b38edeac16e667544361 https://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux.git/commit/?id=5c0c26e7dca8f892cc342213e737494d8fd3384f https://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux.git/commit/?id=cbf0eda5de05545754540e0ad3173dca5737742e https://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux.git/commit/?id=f844988bde35e491507a1b9b7f84b810464cbf78 https://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux.git/commit/?id=3f71d6b91e7e6fd594c0c8f18b8a1253fea0e093 https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=0ba35fe91ce34f2d0feff626efd0062dac41781c https://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux.git/commit/?id=8190826e75cee9d9c008d24d557ef1ce06f5e3e2 https://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux.git/commit/?id=e5b180a1dd0cd0a8f8c3576eb032c7afda468dcc https://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux.git/commit/?id=5862347fd2b74bc00cd34828afae6dc21206a70a https://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux.git/commit/?id=ef6c74ee0d35122fde67f9af3758071374a31482 ** Affects: linux-azure (Ubuntu) Importance: Undecided Assignee: Marcelo Cerri (mhcerri) Status: In Progress -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-azure in Ubuntu. https://bugs.launchpad.net/bugs/1915146 Title: Backport commits required for confidential VMs Status in linux-azure package in Ubuntu: In Progress Bug description: Below are two sets of commits required for CVM: 1. Core enablement of Linux to run as a Hyper-V guest with the SNP-enabled HCL. 2. VMbus hardening. Patches related to core enablement of Linux to run as a Hyper-V guest with the SNP-enabled HCL are below: HV/Storvsc: Add bounce buffer support for Storvsc - https://github.com/lantianyu/linux/commit/c46341863ba7cfaa11ed6c95d454769dcde57b84 HV/Netvsc: Add SNP support for netvsc driver - https://github.com/lantianyu/linux/commit/0026626dbc42bfcbe26d993bec104383f9d60e35 x86/Hyper-V: Copy data from/to bounce buffer during IO operation - https://github.com/lantianyu/linux/commit/5f948e69f2be44891af03d60b918a3bc0845f954 x86/Hyper-V: Add new parameter for vmbus_sendpacket_pagebuffer()/mpb_desc() - https://github.com/lantianyu/linux/commit/b484eebaf79340e29012a2dadb4518fa7d5d1284 x86/Hyper-V: Initialize bounce buffer page cache and list - https://github.com/lantianyu/linux/commit/8a437af5e4af945b28ba0071302dfa28a48df408 hv/vmbus: Initialize VMbus ring buffer for Isolated VM - https://github.com/lantianyu/linux/commit/45de7cff82cd6e99aedbd4cf2c44fa30298c0dea HV/Vmbus: Add SNP support for VMbus channel initiate message - https://github.com/lantianyu/linux/commit/4bca8b9748dd17fb860a4528781932ade1825dd5 HV: Add ghcb hvcall support for SNP VM - https://github.com/lantianyu/linux/commit/bfb44533b884b08b639258f7150aa71dc148e221 HV: Add Write/Read MSR registers via ghcb - https://github.com/lantianyu/linux/commit/8cf6a0dea3189a654c41e16ad859c9ceb5bb940c HV: Get Hyper-V Isolated VM capability - https://github.com/lantianyu/linux/commit/9290189014a1b231f70b5620338d61508da673df x86/Hyper-V: Add new hvcall guest address host visibility support - https://github.com/lantianyu/linux/commit/deb6dc9bdbff7a6b16910ebe9aff266de9690cb2 x86/Hyper-V: Add visibility parameter for vmbus_establish_gpadl() - https://github.com/lantianyu/linux/commit/e697bc57e853f058eef9b2268b865aa8e574e233 The following commit is also required by CVM support. It has been upstreamed. If ubuntu kernel doesn't contain the patch, it's necessary to backport the patch. x86/hyperv: Initialize clockevents earlier in CPU onlining - https://github.com/lantianyu/linux/commit/8815c2eec402080a4c5f2536668f6d5b7946ef8b VMbus hardening patches: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0a76566595bfb242a7f4bedc77233e9194831ba3 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=44144185951a0ff9b50bf21c0cd1f79ff688e5ca https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e8b7db38449ac5b950a3f00519171c4be3e226ff https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=453de21c2b8281228173a7b689120b92929743d6 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d18fcc95f50950a99bd940d4e61a983f91d267a https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?id=ab548fd21e1cbe601ce5f775254a6d042c6495f2 https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?id=244808e0302953de11dba1f8a580cdd1df35843d https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?id=91b1b640b834b2d6f330baf04c0cc049eca9d689 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=206ad34d52a2f1205c84d08c12fc116aad0eb407 https://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux.git/commit/?id=4424a8d1acc0a30542d4399e83c2a6cfcdd1eb71 https://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux.git/commit/?id=6809ea1c570b40c9b2f139684784d6318d958011 https://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux.git/commit/?id=46011a70c1c21a5dba02b38edeac16e667544361 https://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux.git/commit/?id=5c0c26e7dca8f892cc342213e737494d8fd3384f https://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux.git/commit/?id=cbf0eda5de05545754540e0ad3173dca5737742e https://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux.git/commit/?id=f844988bde35e491507a1b9b7f84b810464cbf78 https://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux.git/commit/?id=3f71d6b91e7e6fd594c0c8f18b8a1253fea0e093 https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=0ba35fe91ce34f2d0feff626efd0062dac41781c https://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux.git/commit/?id=8190826e75cee9d9c008d24d557ef1ce06f5e3e2 https://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux.git/commit/?id=e5b180a1dd0cd0a8f8c3576eb032c7afda468dcc https://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux.git/commit/?id=5862347fd2b74bc00cd34828afae6dc21206a70a https://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux.git/commit/?id=ef6c74ee0d35122fde67f9af3758071374a31482 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-azure/+bug/1915146/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
