From patchwork Mon Dec 12 19:15:25 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dave Hansen X-Patchwork-Id: 32510 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp2420338wrr; Mon, 12 Dec 2022 11:16:23 -0800 (PST) X-Google-Smtp-Source: AA0mqf7Z6kFHAf6qMBXnDTIxevacpSGie2Bj2Ou1EE6YzfeSFoNlImgAYTP5QIZtx8nX6DWZrCCA X-Received: by 2002:a17:906:2b46:b0:7c1:bb5:5704 with SMTP id b6-20020a1709062b4600b007c10bb55704mr14896120ejg.26.1670872582950; Mon, 12 Dec 2022 11:16:22 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1670872582; cv=none; d=google.com; s=arc-20160816; b=MF4QyUVHRJw6IrWROTH+ulIIkyC4ix+JTR3O/RH12rR/OazSPyuDON97pCNDBdP4nM j7vb73f6PIDvPwrjJ/joYduzRAWFj1JRSHGVR5/14LIDA6hSB3j8PA9gbN+HVSdVLb5I wpjNADERaKcyIagmtGYVBdScZPQGsVJgZ4PU36CfynipN2rkr1dnJQ4m5pTkS0ZdaelI CVeeIaUixhMpKbUM8JDF8IwptrhUcuU5kGgVKSDX/mF7lZ88xkuFW1Bvhr9rNiF60++C 7k5tNfUva73Ab5Lr4og1bRdO++dOcM2rM/myJS6UvPR31BI0ra/FqQT+OnD+0/4EagRn sdWA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=Gpn2U8kTEmbBKjz9fpdvx5NCAr1QNmCT5kWiXRCvaM0=; b=WWFmby1V1K4X3JDbzr3Nq5VqGWczwZfmLHjjjhCW7pWjeCAHCY6jM97q+C29YFRC5f TsJsf7f9/fhsgLQPjfTIT6KrdC+qN9d2EeIrXM9+Fe081N+E3IgaSdiSQz1TOADfilUp AAP/A943F9TEbWESq3xsDa8A2TKjT0DSyqbFH43j2Zircty5+ZxmKBPhW1lgaq2W1dYb kBoeQprcd4xEBa7uSj08nsZxZn81vVQU8xMD1PrVONEf8U+XIsI8e/z610S/TIvzWb+N 205VXNqZXIC7CFw1uyOlNQ5SMzJoysn5yiq7JoC7VxaMGpQHNoS+P+dNtffdnKCy2oWu FlGg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=Vky8SByw; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id js9-20020a17090797c900b007c189b2939fsi20575ejc.482.2022.12.12.11.15.59; Mon, 12 Dec 2022 11:16:22 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=Vky8SByw; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232938AbiLLTP2 (ORCPT + 99 others); Mon, 12 Dec 2022 14:15:28 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56358 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229638AbiLLTP0 (ORCPT ); Mon, 12 Dec 2022 14:15:26 -0500 Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 22706BE09 for ; Mon, 12 Dec 2022 11:15:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1670872526; x=1702408526; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=3ZEqmPkVhAhSXJdoNWMQHZcXSadpWO7gm0BzI46hw6M=; b=Vky8SBywnXTsxlEwVSXZum7kosoCs68s9+6IznI1q+m0IAagNi0a/2ET V0l8kdksiTQ76DvidatX1wfmqJMQpMkdtDf5xCjTavV7fRuux2a/bySQg tQuXHcwg1l9rLyxR/EobiTKrKGk/xL0g5R6uNTwXTWdwb4fMZUsoTzLAt 6G60UMTl++9upv/KHxVDPuoT561XzQpYRoPBe6Lxw54MvNXq5rXv+TcBN x1xqKbBxf+ViM8AxWTKZ00i4bNIDtK99YEP0WbAlZ+evBmRUClChVSFFM 2oMjjkC0//I7T9ActtFmTL6jbLo1ArutZUwGLkT3VD1lWAp3ZZFfAWhF+ g==; X-IronPort-AV: E=McAfee;i="6500,9779,10559"; a="319800683" X-IronPort-AV: E=Sophos;i="5.96,239,1665471600"; d="scan'208";a="319800683" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 12 Dec 2022 11:15:25 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10559"; a="680784943" X-IronPort-AV: E=Sophos;i="5.96,239,1665471600"; d="scan'208";a="680784943" Received: from viggo.jf.intel.com (HELO ray2.sr71.net) ([10.54.77.144]) by orsmga001.jf.intel.com with ESMTP; 12 Dec 2022 11:15:25 -0800 From: Dave Hansen To: Linus Torvalds Cc: linux-kernel@vger.kernel.org, x86@kernel.org Subject: [GIT PULL] x86/tdx for 6.2 Date: Mon, 12 Dec 2022 11:15:25 -0800 Message-Id: <20221212191525.553266-1-dave.hansen@linux.intel.com> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 X-Spam-Status: No, score=-4.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1752036889329182299?= X-GMAIL-MSGID: =?utf-8?q?1752036889329182299?= Hi Linus, Please pull some x86/tdx changes for v6.2. This includes a single chunk of new functionality for TDX guests which allows them to talk to the trusted TDX module software and obtain an attestation report. This report can then be used to prove the trustworthiness of the guest to a third party and get access to things like storage encryption keys. --- The following changes since commit 094226ad94f471a9f19e8f8e7140a09c2625abaa: Linux 6.1-rc5 (2022-11-13 13:12:55 -0800) are available in the Git repository at: https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git tags/x86_tdx_for_6.2 for you to fetch changes up to 00e07cfbdf0b232f7553f0175f8f4e8d792f7e90: selftests/tdx: Test TDX attestation GetReport support (2022-11-17 11:04:28 -0800) ---------------------------------------------------------------- Add TDX guest attestation infrastructure and driver ---------------------------------------------------------------- Kuppuswamy Sathyanarayanan (3): x86/tdx: Add a wrapper to get TDREPORT0 from the TDX Module virt: Add TDX guest driver selftests/tdx: Test TDX attestation GetReport support Documentation/virt/coco/tdx-guest.rst | 52 +++++++++ Documentation/virt/index.rst | 1 + Documentation/x86/tdx.rst | 43 +++++++ arch/x86/coco/tdx/tdx.c | 40 +++++++ arch/x86/include/asm/tdx.h | 2 + drivers/virt/Kconfig | 2 + drivers/virt/Makefile | 1 + drivers/virt/coco/tdx-guest/Kconfig | 10 ++ drivers/virt/coco/tdx-guest/Makefile | 2 + drivers/virt/coco/tdx-guest/tdx-guest.c | 102 +++++++++++++++++ include/uapi/linux/tdx-guest.h | 42 +++++++ tools/testing/selftests/Makefile | 1 + tools/testing/selftests/tdx/Makefile | 7 ++ tools/testing/selftests/tdx/config | 1 + tools/testing/selftests/tdx/tdx_guest_test.c | 163 +++++++++++++++++++++++++++ 15 files changed, 469 insertions(+) create mode 100644 Documentation/virt/coco/tdx-guest.rst create mode 100644 drivers/virt/coco/tdx-guest/Kconfig create mode 100644 drivers/virt/coco/tdx-guest/Makefile create mode 100644 drivers/virt/coco/tdx-guest/tdx-guest.c create mode 100644 include/uapi/linux/tdx-guest.h create mode 100644 tools/testing/selftests/tdx/Makefile create mode 100644 tools/testing/selftests/tdx/config create mode 100644 tools/testing/selftests/tdx/tdx_guest_test.c