[Part2 PATCH v9 14/38] crypto: ccp: Implement SEV_FACTORY_RESET ioctl command

The SEV_FACTORY_RESET command can be used by the platform owner to reset the non-volatile SEV related data. The command is defined in SEV spec section 5.4 Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu

[Part2 PATCH v9 14/38] crypto: ccp: Implement SEV_FACTORY_RESET ioctl command

The SEV_FACTORY_RESET command can be used by the platform owner to reset the non-volatile SEV related data. The command is defined in SEV spec section 5.4 Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu Cc: Gary Hook Cc: Tom Lendacky Cc: linux-cry...@vger.kernel.org

Re: [PATCH 02/10] net: bcmgenet: free netdev on of_match_node() error

On 12/02/2017 11:26 AM, Arvind Yadav wrote: > The change is to call free_netdev(), If of_match_node() will fail. > > Signed-off-by: Arvind Yadav > --- > drivers/net/ethernet/broadcom/genet/bcmgenet.c | 6 -- > 1 file changed, 4 insertions(+), 2 deletions(-) > >

Re: [PATCH 02/10] net: bcmgenet: free netdev on of_match_node() error

On 12/02/2017 11:26 AM, Arvind Yadav wrote: > The change is to call free_netdev(), If of_match_node() will fail. > > Signed-off-by: Arvind Yadav > --- > drivers/net/ethernet/broadcom/genet/bcmgenet.c | 6 -- > 1 file changed, 4 insertions(+), 2 deletions(-) > > diff --git

[Part2 PATCH v9 12/38] crypto: ccp: Add Platform Security Processor (PSP) device support

The Platform Security Processor (PSP) is part of the AMD Secure Processor (AMD-SP) functionality. The PSP is a dedicated processor that provides support for key management commands in Secure Encrypted Virtualization (SEV) mode, along with software-based Trusted Execution Environment (TEE) to

[Part2 PATCH v9 12/38] crypto: ccp: Add Platform Security Processor (PSP) device support

The Platform Security Processor (PSP) is part of the AMD Secure Processor (AMD-SP) functionality. The PSP is a dedicated processor that provides support for key management commands in Secure Encrypted Virtualization (SEV) mode, along with software-based Trusted Execution Environment (TEE) to

[Part2 PATCH v9 17/38] crypto: ccp: Implement SEV_PDH_GEN ioctl command

The SEV_PDH_GEN command is used to re-generate the Platform Diffie-Hellman (PDH) key. The command is defined in SEV spec section 5.6. Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu Cc:

[Part2 PATCH v9 17/38] crypto: ccp: Implement SEV_PDH_GEN ioctl command

The SEV_PDH_GEN command is used to re-generate the Platform Diffie-Hellman (PDH) key. The command is defined in SEV spec section 5.6. Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu Cc: Gary Hook Cc: Tom Lendacky Cc: linux-cry...@vger.kernel.org Cc:

[Part2 PATCH v9 10/38] crypto: ccp: Define SEV userspace ioctl and command id

Add a include file which defines the ioctl and command id used for issuing SEV platform management specific commands. Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu Cc: Gary Hook

[Part2 PATCH v9 19/38] crypto: ccp: Implement SEV_PEK_CERT_IMPORT ioctl command

The SEV_PEK_CERT_IMPORT command can be used to import the signed PEK certificate. The command is defined in SEV spec section 5.8. Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu Cc:

[Part2 PATCH v9 19/38] crypto: ccp: Implement SEV_PEK_CERT_IMPORT ioctl command

The SEV_PEK_CERT_IMPORT command can be used to import the signed PEK certificate. The command is defined in SEV spec section 5.8. Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu Cc: Gary Hook Cc: Tom Lendacky Cc: linux-cry...@vger.kernel.org Cc: k...@vger.kernel.org

[Part2 PATCH v9 10/38] crypto: ccp: Define SEV userspace ioctl and command id

Add a include file which defines the ioctl and command id used for issuing SEV platform management specific commands. Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu Cc: Gary Hook Cc: Tom Lendacky Cc: linux-cry...@vger.kernel.org Cc: k...@vger.kernel.org Cc:

[Part2 PATCH v9 18/38] crypto: ccp: Implement SEV_PEK_CSR ioctl command

The SEV_PEK_CSR command can be used to generate a PEK certificate signing request. The command is defined in SEV spec section 5.7. Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu Cc:

[Part2 PATCH v9 18/38] crypto: ccp: Implement SEV_PEK_CSR ioctl command

The SEV_PEK_CSR command can be used to generate a PEK certificate signing request. The command is defined in SEV spec section 5.7. Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu Cc: Gary Hook Cc: Tom Lendacky Cc: linux-cry...@vger.kernel.org Cc: k...@vger.kernel.org

[Part2 PATCH v9 16/38] crypto: ccp: Implement SEV_PEK_GEN ioctl command

The SEV_PEK_GEN command is used to generate a new Platform Endorsement Key (PEK). The command is defined in SEV spec section 5.6. Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu Cc:

[Part2 PATCH v9 16/38] crypto: ccp: Implement SEV_PEK_GEN ioctl command

The SEV_PEK_GEN command is used to generate a new Platform Endorsement Key (PEK). The command is defined in SEV spec section 5.6. Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu Cc: Gary Hook Cc: Tom Lendacky Cc: linux-cry...@vger.kernel.org Cc: k...@vger.kernel.org

[Part2 PATCH v9 20/38] crypto: ccp: Implement SEV_PDH_CERT_EXPORT ioctl command

The SEV_PDH_CERT_EXPORT command can be used to export the PDH and its certificate chain. The command is defined in SEV spec section 5.10. Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu

[Part2 PATCH v9 20/38] crypto: ccp: Implement SEV_PDH_CERT_EXPORT ioctl command

The SEV_PDH_CERT_EXPORT command can be used to export the PDH and its certificate chain. The command is defined in SEV spec section 5.10. Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu Cc: Gary Hook Cc: Tom Lendacky Cc: linux-cry...@vger.kernel.org Cc:

[Part2 PATCH v9 21/38] KVM: X86: Add CONFIG_KVM_AMD_SEV

The config option can be used to enable SEV support on AMD Processors. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel

[Part2 PATCH v9 21/38] KVM: X86: Add CONFIG_KVM_AMD_SEV

The config option can be used to enable SEV support on AMD Processors. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel Cc: Borislav Petkov Cc: Tom Lendacky Cc: x...@kernel.org Cc: k...@vger.kernel.org Cc:

[Part2 PATCH v9 23/38] KVM: SVM: Add sev module_param

The module parameter can be used to control the SEV feature support. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel

[Part2 PATCH v9 23/38] KVM: SVM: Add sev module_param

The module parameter can be used to control the SEV feature support. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel Cc: Borislav Petkov Cc: Tom Lendacky Cc: x...@kernel.org Cc: k...@vger.kernel.org Cc:

[Part2 PATCH v9 24/38] KVM: Define SEV key management command id

Define Secure Encrypted Virtualization (SEV) key management command id and structure. The command definition is available in SEV KM spec 0.14 (http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf) and Documentation/virtual/kvm/amd-memory-encryption.txt. Cc: Thomas Gleixner

[Part2 PATCH v9 24/38] KVM: Define SEV key management command id

Define Secure Encrypted Virtualization (SEV) key management command id and structure. The command definition is available in SEV KM spec 0.14 (http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf) and Documentation/virtual/kvm/amd-memory-encryption.txt. Cc: Thomas Gleixner Cc: Ingo

[Part2 PATCH v9 25/38] KVM: SVM: Add KVM_SEV_INIT command

The command initializes the SEV platform context and allocates a new ASID for this guest from the SEV ASID pool. The firmware must be initialized before we issue any guest launch commands to create a new memory encryption context. Cc: Thomas Gleixner Cc: Ingo Molnar

[Part2 PATCH v9 25/38] KVM: SVM: Add KVM_SEV_INIT command

The command initializes the SEV platform context and allocates a new ASID for this guest from the SEV ASID pool. The firmware must be initialized before we issue any guest launch commands to create a new memory encryption context. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc:

[Part2 PATCH v9 09/38] crypto: ccp: Build the AMD secure processor driver only with AMD CPU support

From: Borislav Petkov This is AMD-specific hardware so present it in Kconfig only when AMD CPU support is enabled or on ARM64 where it is also used. Signed-off-by: Borislav Petkov Signed-off-by: Brijesh Singh Reviewed-by: Gary R Hook

[Part2 PATCH v9 09/38] crypto: ccp: Build the AMD secure processor driver only with AMD CPU support

From: Borislav Petkov This is AMD-specific hardware so present it in Kconfig only when AMD CPU support is enabled or on ARM64 where it is also used. Signed-off-by: Borislav Petkov Signed-off-by: Brijesh Singh Reviewed-by: Gary R Hook Cc: Brijesh Singh Cc: Tom Lendacky Cc: Gary Hook Cc:

[Part2 PATCH v9 27/38] KVM: SVM: Add support for KVM_SEV_LAUNCH_START command

The KVM_SEV_LAUNCH_START command is used to create a memory encryption context within the SEV firmware. In order to do so, the guest owner should provide the guest's policy, its public Diffie-Hellman (PDH) key and session information. The command implements the LAUNCH_START flow defined in SEV

[Part2 PATCH v9 27/38] KVM: SVM: Add support for KVM_SEV_LAUNCH_START command

The KVM_SEV_LAUNCH_START command is used to create a memory encryption context within the SEV firmware. In order to do so, the guest owner should provide the guest's policy, its public Diffie-Hellman (PDH) key and session information. The command implements the LAUNCH_START flow defined in SEV

[Part2 PATCH v9 26/38] KVM: SVM: VMRUN should use associated ASID when SEV is enabled

SEV hardware uses ASIDs to associate a memory encryption key with a guest VM. During guest creation, a SEV VM uses the SEV_CMD_ACTIVATE command to bind a particular ASID to the guest. Lets make sure that the VMCB is programmed with the bound ASID before a VMRUN. Cc: Thomas Gleixner

[Part2 PATCH v9 28/38] KVM: SVM: Add support for KVM_SEV_LAUNCH_UPDATE_DATA command

The command is used for encrypting the guest memory region using the VM encryption key (VEK) created during KVM_SEV_LAUNCH_START. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim

[Part2 PATCH v9 28/38] KVM: SVM: Add support for KVM_SEV_LAUNCH_UPDATE_DATA command

The command is used for encrypting the guest memory region using the VM encryption key (VEK) created during KVM_SEV_LAUNCH_START. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel Cc: Borislav Petkov Cc: Tom Lendacky Cc:

[Part2 PATCH v9 26/38] KVM: SVM: VMRUN should use associated ASID when SEV is enabled

SEV hardware uses ASIDs to associate a memory encryption key with a guest VM. During guest creation, a SEV VM uses the SEV_CMD_ACTIVATE command to bind a particular ASID to the guest. Lets make sure that the VMCB is programmed with the bound ASID before a VMRUN. Cc: Thomas Gleixner Cc: Ingo

[Part2 PATCH v9 08/38] KVM: Introduce KVM_MEMORY_ENCRYPT_{UN,}REG_REGION ioctl

If hardware supports memory encryption then KVM_MEMORY_ENCRYPT_REG_REGION and KVM_MEMORY_ENCRYPT_UNREG_REGION ioctl's can be used by userspace to register/unregister the guest memory regions which may contain the encrypted data (e.g guest RAM, PCI BAR, SMRAM etc). Cc: Thomas Gleixner

[Part2 PATCH v9 31/38] KVM: SVM: Add support for SEV GUEST_STATUS command

The command is used for querying the SEV guest information. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel Cc:

[Part2 PATCH v9 08/38] KVM: Introduce KVM_MEMORY_ENCRYPT_{UN,}REG_REGION ioctl

If hardware supports memory encryption then KVM_MEMORY_ENCRYPT_REG_REGION and KVM_MEMORY_ENCRYPT_UNREG_REGION ioctl's can be used by userspace to register/unregister the guest memory regions which may contain the encrypted data (e.g guest RAM, PCI BAR, SMRAM etc). Cc: Thomas Gleixner Cc: Ingo

[Part2 PATCH v9 31/38] KVM: SVM: Add support for SEV GUEST_STATUS command

The command is used for querying the SEV guest information. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel Cc: Borislav Petkov Cc: Tom Lendacky Cc: x...@kernel.org Cc: k...@vger.kernel.org Cc: linux-kernel@vger.kernel.org

[Part2 PATCH v9 29/38] KVM: SVM: Add support for KVM_SEV_LAUNCH_MEASURE command

The command is used to retrieve the measurement of contents encrypted through the KVM_SEV_LAUNCH_UPDATE_DATA command. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář"

[Part2 PATCH v9 29/38] KVM: SVM: Add support for KVM_SEV_LAUNCH_MEASURE command

The command is used to retrieve the measurement of contents encrypted through the KVM_SEV_LAUNCH_UPDATE_DATA command. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel Cc: Borislav Petkov Cc: Tom Lendacky Cc: x...@kernel.org Cc:

[Part2 PATCH v9 32/38] KVM: SVM: Add support for SEV DEBUG_DECRYPT command

The command is used for decrypting a guest memory region for debug purposes. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel

[Part2 PATCH v9 32/38] KVM: SVM: Add support for SEV DEBUG_DECRYPT command

The command is used for decrypting a guest memory region for debug purposes. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel Cc: Borislav Petkov Cc: Tom Lendacky Cc: x...@kernel.org Cc: k...@vger.kernel.org Cc:

[Part2 PATCH v9 33/38] KVM: SVM: Add support for SEV DEBUG_ENCRYPT command

The command copies a plaintext into guest memory and encrypts it using the VM encryption key. The command will be used for debug purposes (e.g setting breakpoints through gdbserver) Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin"

[Part2 PATCH v9 33/38] KVM: SVM: Add support for SEV DEBUG_ENCRYPT command

The command copies a plaintext into guest memory and encrypts it using the VM encryption key. The command will be used for debug purposes (e.g setting breakpoints through gdbserver) Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel

[Part2 PATCH v9 34/38] KVM: SVM: Add support for SEV LAUNCH_SECRET command

The command is used for injecting a secret into the guest memory region. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel

[Part2 PATCH v9 35/38] KVM: SVM: Pin guest memory when SEV is active

The SEV memory encryption engine uses a tweak such that two identical plaintext pages at different location will have different ciphertext. So swapping or moving ciphertext of two pages will not result in plaintext being swapped. Relocating (or migrating) physical backing pages for a SEV guest

[Part2 PATCH v9 34/38] KVM: SVM: Add support for SEV LAUNCH_SECRET command

The command is used for injecting a secret into the guest memory region. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel Cc: Borislav Petkov Cc: Tom Lendacky Cc: x...@kernel.org Cc: k...@vger.kernel.org Cc:

[Part2 PATCH v9 35/38] KVM: SVM: Pin guest memory when SEV is active

The SEV memory encryption engine uses a tweak such that two identical plaintext pages at different location will have different ciphertext. So swapping or moving ciphertext of two pages will not result in plaintext being swapped. Relocating (or migrating) physical backing pages for a SEV guest

[Part2 PATCH v9 38/38] KVM: X86: Restart the guest when insn_len is zero and SEV is enabled

On AMD platforms, under certain conditions insn_len may be zero on #NPF. This can happen if a guest gets a page-fault on data access but the HW table walker is not able to read the instruction page (e.g instruction page is not present in memory). Typically, when insn_len is zero,

[Part2 PATCH v9 38/38] KVM: X86: Restart the guest when insn_len is zero and SEV is enabled

On AMD platforms, under certain conditions insn_len may be zero on #NPF. This can happen if a guest gets a page-fault on data access but the HW table walker is not able to read the instruction page (e.g instruction page is not present in memory). Typically, when insn_len is zero,

[Part2 PATCH v9 37/38] KVM: SVM: Do not install #UD intercept when SEV is enabled

On #UD, x86_emulate_instruction() fetches the data from guest memory and decodes the instruction bytes to assist further. When SEV is enabled, the instruction bytes will be encrypted using the guest-specific key and the hypervisor will no longer able to fetch the instruction bytes to assist UD

[Part2 PATCH v9 37/38] KVM: SVM: Do not install #UD intercept when SEV is enabled

On #UD, x86_emulate_instruction() fetches the data from guest memory and decodes the instruction bytes to assist further. When SEV is enabled, the instruction bytes will be encrypted using the guest-specific key and the hypervisor will no longer able to fetch the instruction bytes to assist UD

[Part2 PATCH v9 30/38] KVM: SVM: Add support for SEV LAUNCH_FINISH command

The command is used for finializing the SEV guest launch process. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel

[Part2 PATCH v9 36/38] KVM: SVM: Clear C-bit from the page fault address

When SEV is active, on #VMEXIT the page fault address will contain the C-bit. We must clear the C-bit before handling the fault. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim

[Part2 PATCH v9 30/38] KVM: SVM: Add support for SEV LAUNCH_FINISH command

The command is used for finializing the SEV guest launch process. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel Cc: Borislav Petkov Cc: Tom Lendacky Cc: x...@kernel.org Cc: k...@vger.kernel.org Cc:

[Part2 PATCH v9 36/38] KVM: SVM: Clear C-bit from the page fault address

When SEV is active, on #VMEXIT the page fault address will contain the C-bit. We must clear the C-bit before handling the fault. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel Cc: Borislav Petkov Cc: Tom Lendacky Cc:

[Part2 PATCH v9 11/38] crypto: ccp: Define SEV key management command id

Define Secure Encrypted Virtualization (SEV) key management command id and structure. The command definition is available in SEV KM spec 0.14 (http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf) Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc:

[Part2 PATCH v9 11/38] crypto: ccp: Define SEV key management command id

Define Secure Encrypted Virtualization (SEV) key management command id and structure. The command definition is available in SEV KM spec 0.14 (http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf) Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu Cc: Gary

[Part2 PATCH v9 07/38] KVM: Introduce KVM_MEMORY_ENCRYPT_OP ioctl

If the hardware supports memory encryption then the KVM_MEMORY_ENCRYPT_OP ioctl can be used by qemu to issue a platform specific memory encryption commands. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini

[Part2 PATCH v9 07/38] KVM: Introduce KVM_MEMORY_ENCRYPT_OP ioctl

If the hardware supports memory encryption then the KVM_MEMORY_ENCRYPT_OP ioctl can be used by qemu to issue a platform specific memory encryption commands. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel Cc: Borislav Petkov

[Part2 PATCH v9 22/38] KVM: SVM: Reserve ASID range for SEV guest

A SEV-enabled guest must use ASIDs from the defined subset, while non-SEV guests can use the remaining ASID range. The range of allowed SEV guest ASIDs is [1 - CPUID_8000_001F[ECX][31:0]]. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin"

[Part2 PATCH v9 22/38] KVM: SVM: Reserve ASID range for SEV guest

A SEV-enabled guest must use ASIDs from the defined subset, while non-SEV guests can use the remaining ASID range. The range of allowed SEV guest ASIDs is [1 - CPUID_8000_001F[ECX][31:0]]. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg

[Part2 PATCH v9 03/38] kvm: svm: prepare for new bit definition in nested_ctl

From: Tom Lendacky Currently the nested_ctl variable in the vmcb_control_area structure is used to indicate nested paging support. The nested paging support field is actually defined as bit 0 of the field. In order to support a new feature flag the usage of the

[Part2 PATCH v9 03/38] kvm: svm: prepare for new bit definition in nested_ctl

From: Tom Lendacky Currently the nested_ctl variable in the vmcb_control_area structure is used to indicate nested paging support. The nested paging support field is actually defined as bit 0 of the field. In order to support a new feature flag the usage of the nested_ctl and nested paging

[Part2 PATCH v9 02/38] x86/CPU/AMD: Add the Secure Encrypted Virtualization CPU feature

From: Tom Lendacky Update the CPU features to include identifying and reporting on the Secure Encrypted Virtualization (SEV) feature. SEV is identified by CPUID 0x801f, but requires BIOS support to enable it (set bit 23 of MSR_K8_SYSCFG and set bit 0 of

[Part2 PATCH v9 02/38] x86/CPU/AMD: Add the Secure Encrypted Virtualization CPU feature

From: Tom Lendacky Update the CPU features to include identifying and reporting on the Secure Encrypted Virtualization (SEV) feature. SEV is identified by CPUID 0x801f, but requires BIOS support to enable it (set bit 23 of MSR_K8_SYSCFG and set bit 0 of MSR_K7_HWCR). Only show the SEV

[Part2 PATCH v9 01/38] Documentation/virtual/kvm: Add AMD Secure Encrypted Virtualization (SEV)

Create a Documentation entry to describe the AMD Secure Encrypted Virtualization (SEV) feature. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc:

[Part2 PATCH v9 01/38] Documentation/virtual/kvm: Add AMD Secure Encrypted Virtualization (SEV)

Create a Documentation entry to describe the AMD Secure Encrypted Virtualization (SEV) feature. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Jonathan Corbet Cc: Borislav Petkov Cc: Tom Lendacky Cc: k...@vger.kernel.org Cc:

Re: [PATCH 1/7 v2] net: bcmgenet: Fix platform_get_irq's error checking

On 12/04/2017 09:48 AM, Arvind Yadav wrote: > The platform_get_irq() function returns negative number if an error occurs, > Zero if No irq is found and positive number if irq gets successful. > platform_get_irq() error checking only for zero is not correct. > > Signed-off-by: Arvind Yadav

Re: [PATCH 1/7 v2] net: bcmgenet: Fix platform_get_irq's error checking

On 12/04/2017 09:48 AM, Arvind Yadav wrote: > The platform_get_irq() function returns negative number if an error occurs, > Zero if No irq is found and positive number if irq gets successful. > platform_get_irq() error checking only for zero is not correct. > > Signed-off-by: Arvind Yadav > ---

Re: [PATCH 4/8] ASoC: uniphier: add support for UniPhier EVEA codec

+CC Greg-KH +CC Thomas Gleixner 2017-12-05 3:20 GMT+09:00 Mark Brown : > On Wed, Nov 22, 2017 at 08:43:17PM +0900, Katsuhiro Suzuki wrote: > >> +++ b/sound/soc/uniphier/evea.c >> @@ -0,0 +1,567 @@ >> +// SPDX-License-Identifier: GPL-2.0 >> +/* >> + * Socionext UniPhier EVEA

Re: [PATCH 4/8] ASoC: uniphier: add support for UniPhier EVEA codec

+CC Greg-KH +CC Thomas Gleixner 2017-12-05 3:20 GMT+09:00 Mark Brown : > On Wed, Nov 22, 2017 at 08:43:17PM +0900, Katsuhiro Suzuki wrote: > >> +++ b/sound/soc/uniphier/evea.c >> @@ -0,0 +1,567 @@ >> +// SPDX-License-Identifier: GPL-2.0 >> +/* >> + * Socionext UniPhier EVEA ADC/DAC codec driver.

Re: [PATCH 2/8] [media] uvc_video: use ktime_t for timestamps

Hi Arnd, On Tuesday, 5 December 2017 02:37:27 EET Laurent Pinchart wrote: > On Monday, 27 November 2017 15:19:54 EET Arnd Bergmann wrote: > > uvc_video_get_ts() returns a 'struct timespec', but all its users > > really want a nanoseconds variable anyway. > > > > Changing the deprecated

Re: [PATCH 2/8] [media] uvc_video: use ktime_t for timestamps

Hi Arnd, On Tuesday, 5 December 2017 02:37:27 EET Laurent Pinchart wrote: > On Monday, 27 November 2017 15:19:54 EET Arnd Bergmann wrote: > > uvc_video_get_ts() returns a 'struct timespec', but all its users > > really want a nanoseconds variable anyway. > > > > Changing the deprecated

Re: [PATCH v2] KVM: VMX: Fix rflags cache during vCPU reset

2017-12-05 8:28 GMT+08:00 Jim Mattson : > That seems like a convoluted path to produce an illegal RFLAGS value. > What's to prevent syzkaller from simply clearing bit 1 of RFLAGS with > the KVM_SET_REGS ioctl? Yeah, it can happen. Which do you prefer, ioctl fails or |

Re: [PATCH v2] KVM: VMX: Fix rflags cache during vCPU reset

2017-12-05 8:28 GMT+08:00 Jim Mattson : > That seems like a convoluted path to produce an illegal RFLAGS value. > What's to prevent syzkaller from simply clearing bit 1 of RFLAGS with > the KVM_SET_REGS ioctl? Yeah, it can happen. Which do you prefer, ioctl fails or | X86_EFLAGS_FIXED

[PATCH v1 6/6] resource: Set type when reserving new regions

From: Bjorn Helgaas Set resource structs inserted by __reserve_region_with_split() to have the correct type. Setting the type doesn't fix any functional problem but makes %pR on the resource work better. Signed-off-by: Bjorn Helgaas ---

Re: [PATCH 5/8] [media] omap3isp: support 64-bit version of omap3isp_stat_data

Hi Arnd, Thank you for the patch. I'll try to review this without too much delay. In the meantime, I'm CC'ing Sakari Ailus who might be faster than me :-) On Monday, 27 November 2017 15:19:57 EET Arnd Bergmann wrote: > C libraries with 64-bit time_t use an incompatible format for > struct

[PATCH v1 3/6] powerpc: Set I/O port resource types correctly

From: Bjorn Helgaas Set I/O port resource structs to have IORESOURCE_IO in their type field. Previously we marked these as merely IORESOURCE_BUSY without indicating the type. Setting the type doesn't fix any functional problem but makes %pR on the resource work better.

[PATCH v1 6/6] resource: Set type when reserving new regions

From: Bjorn Helgaas Set resource structs inserted by __reserve_region_with_split() to have the correct type. Setting the type doesn't fix any functional problem but makes %pR on the resource work better. Signed-off-by: Bjorn Helgaas --- kernel/resource.c |5 +++-- 1 file changed, 3

Re: [PATCH 5/8] [media] omap3isp: support 64-bit version of omap3isp_stat_data

Hi Arnd, Thank you for the patch. I'll try to review this without too much delay. In the meantime, I'm CC'ing Sakari Ailus who might be faster than me :-) On Monday, 27 November 2017 15:19:57 EET Arnd Bergmann wrote: > C libraries with 64-bit time_t use an incompatible format for > struct

[PATCH v1 3/6] powerpc: Set I/O port resource types correctly

From: Bjorn Helgaas Set I/O port resource structs to have IORESOURCE_IO in their type field. Previously we marked these as merely IORESOURCE_BUSY without indicating the type. Setting the type doesn't fix any functional problem but makes %pR on the resource work better. Signed-off-by: Bjorn

[PATCH v1 5/6] resource: Set type of "reserve=" user-specified resources

From: Bjorn Helgaas When we reserve regions because the user specified a "reserve=" parameter, set the resource type to either IORESOURCE_IO (for regions below 0x1) or IORESOURCE_MEM. The test for 0x1 is just a heuristic; obviously there can be memory below 0x1

[PATCH v1 4/6] irqchip/i8259: Set I/O port resource types correctly

From: Bjorn Helgaas Set I/O port resource structs to have IORESOURCE_IO in their type field. Previously we marked these as merely IORESOURCE_BUSY without indicating the type. Setting the type doesn't fix any functional problem but makes %pR on the resource work better.

[PATCH v1 5/6] resource: Set type of "reserve=" user-specified resources

From: Bjorn Helgaas When we reserve regions because the user specified a "reserve=" parameter, set the resource type to either IORESOURCE_IO (for regions below 0x1) or IORESOURCE_MEM. The test for 0x1 is just a heuristic; obviously there can be memory below 0x1 as well. Improve

[PATCH v1 4/6] irqchip/i8259: Set I/O port resource types correctly

From: Bjorn Helgaas Set I/O port resource structs to have IORESOURCE_IO in their type field. Previously we marked these as merely IORESOURCE_BUSY without indicating the type. Setting the type doesn't fix any functional problem but makes %pR on the resource work better. Signed-off-by: Bjorn

[PATCH v1 2/6] MIPS: Set I/O port resource types correctly

From: Bjorn Helgaas Set I/O port resource structs to have IORESOURCE_IO in their type field. Previously we marked these as merely IORESOURCE_BUSY without indicating the type. Setting the type doesn't fix any functional problem but makes %pR on the resource work better.

[PATCH v1 1/6] vgacon: Set VGA struct resource types

From: Bjorn Helgaas Set the resource type when we reserve VGA-related I/O port resources. The resource code doesn't actually look at the type, so it inserts resources without a type in the tree correctly even without this change. But if we ever print a resource without a

[PATCH v1 2/6] MIPS: Set I/O port resource types correctly

From: Bjorn Helgaas Set I/O port resource structs to have IORESOURCE_IO in their type field. Previously we marked these as merely IORESOURCE_BUSY without indicating the type. Setting the type doesn't fix any functional problem but makes %pR on the resource work better. Signed-off-by: Bjorn

[PATCH v1 1/6] vgacon: Set VGA struct resource types

From: Bjorn Helgaas Set the resource type when we reserve VGA-related I/O port resources. The resource code doesn't actually look at the type, so it inserts resources without a type in the tree correctly even without this change. But if we ever print a resource without a type, it looks like

Re: [PATCH 1/8] [media] uvc_video: use ktime_t for stats

Hi Arnd, Thank you for the patch. On Monday, 27 November 2017 15:19:53 EET Arnd Bergmann wrote: > 'struct timespec' works fine here, but we try to migrate > away from it in favor of ktime_t or timespec64. In this > case, using ktime_t produces the simplest code. > > Signed-off-by: Arnd Bergmann

[PATCH v1 0/6] resource: Set struct resource types correctly

We have several places that insert struct resources into the iomem_resource or ioport_resource trees without setting the type. This *works* fine because it's obvious that a resource must be the same type as its parent, but it does mean that if we ever print the resource with %pR, it doesn't print

Re: [PATCH 1/8] [media] uvc_video: use ktime_t for stats

Hi Arnd, Thank you for the patch. On Monday, 27 November 2017 15:19:53 EET Arnd Bergmann wrote: > 'struct timespec' works fine here, but we try to migrate > away from it in favor of ktime_t or timespec64. In this > case, using ktime_t produces the simplest code. > > Signed-off-by: Arnd Bergmann

[PATCH v1 0/6] resource: Set struct resource types correctly

We have several places that insert struct resources into the iomem_resource or ioport_resource trees without setting the type. This *works* fine because it's obvious that a resource must be the same type as its parent, but it does mean that if we ever print the resource with %pR, it doesn't print

Re: [PATCH 2/8] [media] uvc_video: use ktime_t for timestamps

Hi Arnd, Thank you for the patch. On Monday, 27 November 2017 15:19:54 EET Arnd Bergmann wrote: > uvc_video_get_ts() returns a 'struct timespec', but all its users > really want a nanoseconds variable anyway. > > Changing the deprecated ktime_get_ts/ktime_get_real_ts to ktime_get > and

Re: [PATCH 2/8] [media] uvc_video: use ktime_t for timestamps

Hi Arnd, Thank you for the patch. On Monday, 27 November 2017 15:19:54 EET Arnd Bergmann wrote: > uvc_video_get_ts() returns a 'struct timespec', but all its users > really want a nanoseconds variable anyway. > > Changing the deprecated ktime_get_ts/ktime_get_real_ts to ktime_get > and

Re: [PATCH v2] KVM: VMX: Fix rflags cache during vCPU reset

That seems like a convoluted path to produce an illegal RFLAGS value. What's to prevent syzkaller from simply clearing bit 1 of RFLAGS with the KVM_SET_REGS ioctl? On Mon, Nov 20, 2017 at 4:34 PM, Wanpeng Li wrote: > 2017-11-21 7:09 GMT+08:00 Paolo Bonzini

Re: [PATCH v2] KVM: VMX: Fix rflags cache during vCPU reset

That seems like a convoluted path to produce an illegal RFLAGS value. What's to prevent syzkaller from simply clearing bit 1 of RFLAGS with the KVM_SET_REGS ioctl? On Mon, Nov 20, 2017 at 4:34 PM, Wanpeng Li wrote: > 2017-11-21 7:09 GMT+08:00 Paolo Bonzini : >> On 20/11/2017 23:52, Wanpeng Li

Re: Linux 4.15-rc2: Regression in resume from ACPI S3

On Monday, December 4, 2017 11:41:06 PM CET Rafael J. Wysocki wrote: > On Monday, December 4, 2017 11:38:54 PM CET Thomas Gleixner wrote: > > On Mon, 4 Dec 2017, Linus Torvalds wrote: > > > > > On Mon, Dec 4, 2017 at 2:25 PM, Rafael J. Wysocki > > > wrote: > > > > > > > > So

Re: Linux 4.15-rc2: Regression in resume from ACPI S3

On Monday, December 4, 2017 11:41:06 PM CET Rafael J. Wysocki wrote: > On Monday, December 4, 2017 11:38:54 PM CET Thomas Gleixner wrote: > > On Mon, 4 Dec 2017, Linus Torvalds wrote: > > > > > On Mon, Dec 4, 2017 at 2:25 PM, Rafael J. Wysocki > > > wrote: > > > > > > > > So far, resume from

<    1   2   3   4   5   6   7   8   9   10   >