diff options
Diffstat (limited to 'meta-amd-bsp/recipes-kernel/linux/linux-yocto-4.14.71-e3000/0068-KVM-SVM-Add-sev-module_param.patch')
| -rw-r--r-- | meta-amd-bsp/recipes-kernel/linux/linux-yocto-4.14.71-e3000/0068-KVM-SVM-Add-sev-module_param.patch | 112 |
1 files changed, 0 insertions, 112 deletions
diff --git a/meta-amd-bsp/recipes-kernel/linux/linux-yocto-4.14.71-e3000/0068-KVM-SVM-Add-sev-module_param.patch b/meta-amd-bsp/recipes-kernel/linux/linux-yocto-4.14.71-e3000/0068-KVM-SVM-Add-sev-module_param.patch deleted file mode 100644 index ad28d312..00000000 --- a/meta-amd-bsp/recipes-kernel/linux/linux-yocto-4.14.71-e3000/0068-KVM-SVM-Add-sev-module_param.patch +++ /dev/null @@ -1,112 +0,0 @@ -From c4db443adf12808cf037cfe61c08dedc360aacee Mon Sep 17 00:00:00 2001 -From: Brijesh Singh <brijesh.singh@amd.com> -Date: Mon, 4 Dec 2017 10:57:33 -0600 -Subject: [PATCH 68/95] KVM: SVM: Add sev module_param -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The module parameter can be used to control the SEV feature support. - -Cc: Thomas Gleixner <tglx@linutronix.de> -Cc: Ingo Molnar <mingo@redhat.com> -Cc: "H. Peter Anvin" <hpa@zytor.com> -Cc: Paolo Bonzini <pbonzini@redhat.com> -Cc: "Radim Krčmář" <rkrcmar@redhat.com> -Cc: Joerg Roedel <joro@8bytes.org> -Cc: Borislav Petkov <bp@suse.de> -Cc: Tom Lendacky <thomas.lendacky@amd.com> -Cc: x86@kernel.org -Cc: kvm@vger.kernel.org -Cc: linux-kernel@vger.kernel.org -Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> -Reviewed-by: Borislav Petkov <bp@suse.de> -Signed-off-by: Sudheesh Mavila <sudheesh.mavila@amd.com> ---- - arch/x86/kvm/svm.c | 49 +++++++++++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 49 insertions(+) - -diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c -index 77914701..df8e1e3 100644 ---- a/arch/x86/kvm/svm.c -+++ b/arch/x86/kvm/svm.c -@@ -37,6 +37,7 @@ - #include <linux/amd-iommu.h> - #include <linux/hashtable.h> - #include <linux/frame.h> -+#include <linux/psp-sev.h> - - #include <asm/apic.h> - #include <asm/perf_event.h> -@@ -298,6 +299,10 @@ module_param(vls, int, 0444); - static int vgif = true; - module_param(vgif, int, 0444); - -+/* enable/disable SEV support */ -+static int sev = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); -+module_param(sev, int, 0444); -+ - static void svm_set_cr0(struct kvm_vcpu *vcpu, unsigned long cr0); - static void svm_flush_tlb(struct kvm_vcpu *vcpu); - static void svm_complete_interrupts(struct vcpu_svm *svm); -@@ -1086,6 +1091,39 @@ static int avic_ga_log_notifier(u32 ga_tag) - return 0; - } - -+static __init int sev_hardware_setup(void) -+{ -+ struct sev_user_data_status *status; -+ int rc; -+ -+ /* Maximum number of encrypted guests supported simultaneously */ -+ max_sev_asid = cpuid_ecx(0x8000001F); -+ -+ if (!max_sev_asid) -+ return 1; -+ -+ status = kmalloc(sizeof(*status), GFP_KERNEL); -+ if (!status) -+ return 1; -+ -+ /* -+ * Check SEV platform status. -+ * -+ * PLATFORM_STATUS can be called in any state, if we failed to query -+ * the PLATFORM status then either PSP firmware does not support SEV -+ * feature or SEV firmware is dead. -+ */ -+ rc = sev_platform_status(status, NULL); -+ if (rc) -+ goto err; -+ -+ pr_info("SEV supported\n"); -+ -+err: -+ kfree(status); -+ return rc; -+} -+ - static __init int svm_hardware_setup(void) - { - int cpu; -@@ -1121,6 +1159,17 @@ static __init int svm_hardware_setup(void) - kvm_enable_efer_bits(EFER_SVME | EFER_LMSLE); - } - -+ if (sev) { -+ if (boot_cpu_has(X86_FEATURE_SEV) && -+ IS_ENABLED(CONFIG_KVM_AMD_SEV)) { -+ r = sev_hardware_setup(); -+ if (r) -+ sev = false; -+ } else { -+ sev = false; -+ } -+ } -+ - for_each_possible_cpu(cpu) { - r = svm_cpu_init(cpu); - if (r) --- -2.7.4 - |