RE: [Patch v3 02/14] x86/ioapic: Gate decrypted mapping on cc_platform_has()... | netdev

[Patch v3 00/14] Add PCI pass-thru support to Hyper-V Confidential VMs · Michael Kelley <hidden> · 2022-11-16
[Patch v3 01/14] x86/ioremap: Fix page aligned size calculation in __ioremap_caller() · Michael Kelley <hidden> · 2022-11-16
Re: [Patch v3 01/14] x86/ioremap: Fix page aligned size calculation in __ioremap_caller() · Borislav Petkov <bp@alien8.de> · 2022-11-21
RE: [Patch v3 01/14] x86/ioremap: Fix page aligned size calculation in __ioremap_caller() · Michael Kelley (LINUX) <hidden> · 2022-11-21
Re: [Patch v3 01/14] x86/ioremap: Fix page aligned size calculation in __ioremap_caller() · Borislav Petkov <bp@alien8.de> · 2022-11-21
RE: [Patch v3 01/14] x86/ioremap: Fix page aligned size calculation in __ioremap_caller() · Michael Kelley (LINUX) <hidden> · 2022-11-21
Re: [Patch v3 01/14] x86/ioremap: Fix page aligned size calculation in __ioremap_caller() · Dave Hansen <hidden> · 2022-11-21
RE: [Patch v3 01/14] x86/ioremap: Fix page aligned size calculation in __ioremap_caller() · Michael Kelley (LINUX) <hidden> · 2022-11-21
Re: [Patch v3 01/14] x86/ioremap: Fix page aligned size calculation in __ioremap_caller() · Borislav Petkov <bp@alien8.de> · 2022-11-21
[Patch v3 02/14] x86/ioapic: Gate decrypted mapping on cc_platform_has() attribute · Michael Kelley <hidden> · 2022-11-16
Re: [Patch v3 02/14] x86/ioapic: Gate decrypted mapping on cc_platform_has() attribute · Sathyanarayanan Kuppuswamy <sathyanarayanan.kuppuswamy@linux.intel.com> · 2022-11-17
Re: [Patch v3 02/14] x86/ioapic: Gate decrypted mapping on cc_platform_has() attribute · Borislav Petkov <bp@alien8.de> · 2022-11-21
RE: [Patch v3 02/14] x86/ioapic: Gate decrypted mapping on cc_platform_has() attribute · Michael Kelley (LINUX) <hidden> · 2022-11-21
Re: [Patch v3 02/14] x86/ioapic: Gate decrypted mapping on cc_platform_has() attribute · Borislav Petkov <bp@alien8.de> · 2022-11-21
[Patch v3 03/14] x86/hyperv: Reorder code in prep for subsequent patch · Michael Kelley <hidden> · 2022-11-16
[Patch v3 04/14] Drivers: hv: Explicitly request decrypted in vmap_pfn() calls · Michael Kelley <hidden> · 2022-11-16
[Patch v3 05/14] x86/mm: Handle decryption/re-encryption of bss_decrypted consistently · Michael Kelley <hidden> · 2022-11-16
Re: [Patch v3 05/14] x86/mm: Handle decryption/re-encryption of bss_decrypted consistently · Tom Lendacky <thomas.lendacky@amd.com> · 2022-11-16
Re: [Patch v3 05/14] x86/mm: Handle decryption/re-encryption of bss_decrypted consistently · Tom Lendacky <thomas.lendacky@amd.com> · 2022-11-16
RE: [Patch v3 05/14] x86/mm: Handle decryption/re-encryption of bss_decrypted consistently · Michael Kelley (LINUX) <hidden> · 2022-11-18
Re: [Patch v3 05/14] x86/mm: Handle decryption/re-encryption of bss_decrypted consistently · Sathyanarayanan Kuppuswamy <sathyanarayanan.kuppuswamy@linux.intel.com> · 2022-11-17
RE: [Patch v3 05/14] x86/mm: Handle decryption/re-encryption of bss_decrypted consistently · Michael Kelley (LINUX) <hidden> · 2022-11-18
Re: [Patch v3 05/14] x86/mm: Handle decryption/re-encryption of bss_decrypted consistently · Borislav Petkov <bp@alien8.de> · 2022-11-21
Re: [Patch v3 05/14] x86/mm: Handle decryption/re-encryption of bss_decrypted consistently · Sathyanarayanan Kuppuswamy <sathyanarayanan.kuppuswamy@linux.intel.com> · 2022-11-21
RE: [Patch v3 05/14] x86/mm: Handle decryption/re-encryption of bss_decrypted consistently · Michael Kelley (LINUX) <hidden> · 2022-11-22
Re: [Patch v3 05/14] x86/mm: Handle decryption/re-encryption of bss_decrypted consistently · Borislav Petkov <bp@alien8.de> · 2022-11-28
RE: [Patch v3 05/14] x86/mm: Handle decryption/re-encryption of bss_decrypted consistently · Dexuan Cui <decui@microsoft.com> · 2022-11-28
Re: [Patch v3 05/14] x86/mm: Handle decryption/re-encryption of bss_decrypted consistently · Tom Lendacky <thomas.lendacky@amd.com> · 2022-11-28
RE: [Patch v3 05/14] x86/mm: Handle decryption/re-encryption of bss_decrypted consistently · Dexuan Cui <decui@microsoft.com> · 2022-11-28
Re: [Patch v3 05/14] x86/mm: Handle decryption/re-encryption of bss_decrypted consistently · Borislav Petkov <bp@alien8.de> · 2022-11-21
[Patch v3 09/14] Drivers: hv: vmbus: Remove second mapping of VMBus monitor pages · Michael Kelley <hidden> · 2022-11-16
[Patch v3 10/14] Drivers: hv: vmbus: Remove second way of mapping ring buffers · Michael Kelley <hidden> · 2022-11-16
[Patch v3 12/14] Drivers: hv: Don't remap addresses that are above shared_gpa_boundary · Michael Kelley <hidden> · 2022-11-16
[Patch v3 11/14] hv_netvsc: Remove second mapping of send and recv buffers · Michael Kelley <hidden> · 2022-11-16
[Patch v3 14/14] PCI: hv: Enable PCI pass-thru devices in Confidential VMs · Michael Kelley <hidden> · 2022-11-16
[Patch v3 13/14] PCI: hv: Add hypercalls to read/write MMIO space · Michael Kelley <hidden> · 2022-11-16
Re: [Patch v3 13/14] PCI: hv: Add hypercalls to read/write MMIO space · Wei Liu <wei.liu@kernel.org> · 2022-11-17
RE: [Patch v3 13/14] PCI: hv: Add hypercalls to read/write MMIO space · Michael Kelley (LINUX) <hidden> · 2022-11-17
Re: [Patch v3 13/14] PCI: hv: Add hypercalls to read/write MMIO space · Wei Liu <wei.liu@kernel.org> · 2022-11-17
Re: [Patch v3 13/14] PCI: hv: Add hypercalls to read/write MMIO space · Sean Christopherson <seanjc@google.com> · 2022-11-17
Re: [Patch v3 13/14] PCI: hv: Add hypercalls to read/write MMIO space · Wei Liu <wei.liu@kernel.org> · 2022-11-17
RE: [Patch v3 13/14] PCI: hv: Add hypercalls to read/write MMIO space · Haiyang Zhang <haiyangz@microsoft.com> · 2022-11-17
RE: [Patch v3 13/14] PCI: hv: Add hypercalls to read/write MMIO space · Michael Kelley (LINUX) <hidden> · 2022-11-18
[Patch v3 06/14] init: Call mem_encrypt_init() after Hyper-V hypercall init is done · Michael Kelley <hidden> · 2022-11-16
Re: [Patch v3 06/14] init: Call mem_encrypt_init() after Hyper-V hypercall init is done · Tom Lendacky <thomas.lendacky@amd.com> · 2022-11-16
Re: [Patch v3 06/14] init: Call mem_encrypt_init() after Hyper-V hypercall init is done · Borislav Petkov <bp@alien8.de> · 2022-11-21
[Patch v3 07/14] x86/hyperv: Change vTOM handling to use standard coco mechanisms · Michael Kelley <hidden> · 2022-11-16
Re: [Patch v3 07/14] x86/hyperv: Change vTOM handling to use standard coco mechanisms · Tianyu Lan <hidden> · 2022-11-17
Re: [Patch v3 07/14] x86/hyperv: Change vTOM handling to use standard coco mechanisms · Borislav Petkov <bp@alien8.de> · 2022-11-21
RE: [Patch v3 07/14] x86/hyperv: Change vTOM handling to use standard coco mechanisms · Michael Kelley (LINUX) <hidden> · 2022-11-22
Re: [Patch v3 07/14] x86/hyperv: Change vTOM handling to use standard coco mechanisms · Dave Hansen <hidden> · 2022-11-22
RE: [Patch v3 07/14] x86/hyperv: Change vTOM handling to use standard coco mechanisms · Michael Kelley (LINUX) <hidden> · 2022-11-22
Re: [Patch v3 07/14] x86/hyperv: Change vTOM handling to use standard coco mechanisms · Borislav Petkov <bp@alien8.de> · 2022-11-22
RE: [Patch v3 07/14] x86/hyperv: Change vTOM handling to use standard coco mechanisms · Michael Kelley (LINUX) <hidden> · 2022-11-23
RE: [Patch v3 07/14] x86/hyperv: Change vTOM handling to use standard coco mechanisms · Michael Kelley (LINUX) <hidden> · 2022-11-28
Re: [Patch v3 07/14] x86/hyperv: Change vTOM handling to use standard coco mechanisms · Borislav Petkov <bp@alien8.de> · 2022-11-28
RE: [Patch v3 07/14] x86/hyperv: Change vTOM handling to use standard coco mechanisms · Michael Kelley (LINUX) <hidden> · 2022-11-28
Re: [Patch v3 07/14] x86/hyperv: Change vTOM handling to use standard coco mechanisms · Borislav Petkov <bp@alien8.de> · 2022-11-28
RE: [Patch v3 07/14] x86/hyperv: Change vTOM handling to use standard coco mechanisms · Michael Kelley (LINUX) <hidden> · 2022-11-28
Re: [Patch v3 07/14] x86/hyperv: Change vTOM handling to use standard coco mechanisms · Borislav Petkov <bp@alien8.de> · 2022-11-28
RE: [Patch v3 07/14] x86/hyperv: Change vTOM handling to use standard coco mechanisms · Michael Kelley (LINUX) <hidden> · 2022-11-29
Re: [Patch v3 07/14] x86/hyperv: Change vTOM handling to use standard coco mechanisms · Borislav Petkov <bp@alien8.de> · 2022-11-29
RE: [Patch v3 07/14] x86/hyperv: Change vTOM handling to use standard coco mechanisms · Michael Kelley (LINUX) <hidden> · 2022-11-29
Re: [Patch v3 07/14] x86/hyperv: Change vTOM handling to use standard coco mechanisms · Borislav Petkov <bp@alien8.de> · 2022-11-29
RE: [Patch v3 07/14] x86/hyperv: Change vTOM handling to use standard coco mechanisms · Michael Kelley (LINUX) <hidden> · 2022-11-30
[Patch v3 08/14] swiotlb: Remove bounce buffer remapping for Hyper-V · Michael Kelley <hidden> · 2022-11-16

RE: [Patch v3 02/14] x86/ioapic: Gate decrypted mapping on cc_platform_has() attribute

From: Michael Kelley (LINUX) <hidden>
Date: 2022-11-21 16:43:12
Also in: linux-arch, linux-hyperv, linux-iommu, linux-pci, lkml

From: Borislav Petkov <bp@alien8.de> Sent: Monday, November 21, 2022 5:51 AM

On Wed, Nov 16, 2022 at 10:41:25AM -0800, Michael Kelley wrote:

quoted

Current code always maps the IOAPIC as shared (decrypted) in a
confidential VM. But Hyper-V guest VMs on AMD SEV-SNP with vTOM
enabled use a paravisor running in VMPL0 to emulate the IOAPIC.

"IO-APIC" I guess, in all your text.

quoted

In such a case, the IOAPIC must be accessed as private (encrypted).

So the condition for the IO-APIC is pretty specific but the naming
CC_ATTR_EMULATED_IOAPIC too generic. Other HVs emulate IO-APICs too,
right?

If you have to be precise, the proper check should be (pseudo code):

 if (cc_vendor(HYPERV) &&
     SNP enabled &&
     SNP features has vTOM &&
     paravisor in use)

so I guess you're probably better off calling it

  CC_ATTR_ACCESS_IOAPIC_ENCRYPTED

which then gets set on exactly those guests and nothing else.

I'd say.

I'm OK with naming it very narrowly.  When/if there's a more general
case later, we can generalize to whatever degree is appropriate.

Michael

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help