Re: [PATCH v5 00/15] KVM: SVM: Misc SEV cleanups

From: Paolo Bonzini
Date: Thu Apr 22 2021 - 13:09:08 EST

Next message: Vipin Sharma: "Re: linux-next: manual merge of the cgroup tree with the kvm tree"
Previous message: Jesper Dangaard Brouer: "Re: [PATCH bpf-next v4] bpf: Fix some invalid links in bpf_devel_QA.rst"
In reply to: Sean Christopherson: "Re: [PATCH v5 00/15] KVM: SVM: Misc SEV cleanups"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 22/04/21 18:02, Sean Christopherson wrote:

On Thu, Apr 22, 2021, Paolo Bonzini wrote:

Paolo Bonzini (1):
KVM: SEV: Mask CPUID[0x8000001F].eax according to supported features

Sean Christopherson (14):
KVM: SVM: Zero out the VMCB array used to track SEV ASID association
KVM: SVM: Free sev_asid_bitmap during init if SEV setup fails
KVM: SVM: Disable SEV/SEV-ES if NPT is disabled
KVM: SVM: Move SEV module params/variables to sev.c
x86/sev: Drop redundant and potentially misleading 'sev_enabled'
KVM: SVM: Append "_enabled" to module-scoped SEV/SEV-ES control
variables
KVM: SVM: Condition sev_enabled and sev_es_enabled on
CONFIG_KVM_AMD_SEV=y
KVM: SVM: Enable SEV/SEV-ES functionality by default (when supported)
KVM: SVM: Unconditionally invoke sev_hardware_teardown()
KVM: SVM: Explicitly check max SEV ASID during sev_hardware_setup()
KVM: SVM: Move SEV VMCB tracking allocation to sev.c
KVM: SVM: Drop redundant svm_sev_enabled() helper
KVM: SVM: Remove an unnecessary prototype declaration of
sev_flush_asids()
KVM: SVM: Skip SEV cache flush if no ASIDs have been used

arch/x86/include/asm/mem_encrypt.h | 1 -
arch/x86/kvm/cpuid.c | 8 ++-
arch/x86/kvm/cpuid.h | 1 +
arch/x86/kvm/svm/sev.c | 80 ++++++++++++++++++++++--------
arch/x86/kvm/svm/svm.c | 57 +++++++++------------
arch/x86/kvm/svm/svm.h | 9 +---
arch/x86/mm/mem_encrypt.c | 12 ++---
arch/x86/mm/mem_encrypt_identity.c | 1 -
8 files changed, 97 insertions(+), 72 deletions(-)

Queued except for patch 6, send that separately since it's purely x86 and
maintainers will likely not notice it inside this thread. You probably want
to avoid conflicts by waiting for the migration patches, though.

It can't be sent separately, having both the kernel's sev_enabled and KVM's
sev_enabled doesn't build with CONFIG_AMD_MEM_ENCRYPT=y:

I discovered just as much a few hours later, but Boris has acked it already so it's all set.

Paolo

arch/x86/kvm/svm/sev.c:33:13: error: static declaration of ‘sev_enabled’ follows non-static declaration
33 | static bool sev_enabled = true;
| ^~~~~~~~~~~
In file included from include/linux/mem_encrypt.h:17,
from arch/x86/include/asm/page_types.h:7,
from arch/x86/include/asm/page.h:9,
from arch/x86/include/asm/thread_info.h:12,
from include/linux/thread_info.h:58,
from arch/x86/include/asm/preempt.h:7,
from include/linux/preempt.h:78,
from include/linux/percpu.h:6,
from include/linux/context_tracking_state.h:5,
from include/linux/hardirq.h:5,
from include/linux/kvm_host.h:7,
from arch/x86/kvm/svm/sev.c:11:
arch/x86/include/asm/mem_encrypt.h:23:13: note: previous declaration of ‘sev_enabled’ was here
23 | extern bool sev_enabled;
| ^~~~~~~~~~~
make[3]: *** [scripts/Makefile.build:271: arch/x86/kvm/svm/sev.o] Error 1

Next message: Vipin Sharma: "Re: linux-next: manual merge of the cgroup tree with the kvm tree"
Previous message: Jesper Dangaard Brouer: "Re: [PATCH bpf-next v4] bpf: Fix some invalid links in bpf_devel_QA.rst"
In reply to: Sean Christopherson: "Re: [PATCH v5 00/15] KVM: SVM: Misc SEV cleanups"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]