From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id EDC05C35274 for ; Mon, 18 Dec 2023 10:14:47 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 627856B008A; Mon, 18 Dec 2023 05:14:47 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 5D7B96B008C; Mon, 18 Dec 2023 05:14:47 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 477DC6B0092; Mon, 18 Dec 2023 05:14:47 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 34CF86B008A for ; Mon, 18 Dec 2023 05:14:47 -0500 (EST) Received: from smtpin09.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 0D022160AC1 for ; Mon, 18 Dec 2023 10:14:47 +0000 (UTC) X-FDA: 81579530214.09.2390883 Received: from mail.alien8.de (mail.alien8.de [65.109.113.108]) by imf04.hostedemail.com (Postfix) with ESMTP id D82C340020 for ; Mon, 18 Dec 2023 10:14:43 +0000 (UTC) Authentication-Results: imf04.hostedemail.com; dkim=pass header.d=alien8.de header.s=alien8 header.b=fxXH5ry6; spf=pass (imf04.hostedemail.com: domain of bp@alien8.de designates 65.109.113.108 as permitted sender) smtp.mailfrom=bp@alien8.de; dmarc=pass (policy=none) header.from=alien8.de ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1702894484; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=flSmrHICJg+bcSVL2Gg7M4juB6JLxKEwKyo/mAL/FNc=; b=be6O0nxy1m5T/DIM7cDTUzS7KJI3raRo1Pk7C4CCQjvk8GJaUVE78yCZY3KC0rRnE3mX+9 8buGoGAiDwjqtpBP0N4Zk+9rd9rXSVeTyfewEiPdENdSRAhJn82RzN1o6ZkCrGag8rttXr eg80yZXDMn+HH6nnnsIh4vwsxSEZqik= ARC-Authentication-Results: i=1; imf04.hostedemail.com; dkim=pass header.d=alien8.de header.s=alien8 header.b=fxXH5ry6; spf=pass (imf04.hostedemail.com: domain of bp@alien8.de designates 65.109.113.108 as permitted sender) smtp.mailfrom=bp@alien8.de; dmarc=pass (policy=none) header.from=alien8.de ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1702894484; a=rsa-sha256; cv=none; b=i1g2HSN/3Ubuu87D8r4yKIDtDynugzQCFrJFeGKBGT17e7fUUzFc0+31mQcNLajjYCbhTM mFzyGRWxhGaBfbzO5UlsQtal9nb/6jSr4OKJd8g03eU90Ic9neqpM9L5mVX1akPJI/dqt5 H6PzKgNMkvIpWhWPFk6KMDmP0NkSFqY= Received: from localhost (localhost.localdomain [127.0.0.1]) by mail.alien8.de (SuperMail on ZX Spectrum 128k) with ESMTP id 6872A40E00CB; Mon, 18 Dec 2023 10:14:39 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at mail.alien8.de Received: from mail.alien8.de ([127.0.0.1]) by localhost (mail.alien8.de [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 6gSLe3VmLbrr; Mon, 18 Dec 2023 10:14:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=alien8; t=1702894476; bh=flSmrHICJg+bcSVL2Gg7M4juB6JLxKEwKyo/mAL/FNc=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=fxXH5ry6RnlJenPbiE6v3VXxmsrkTHM5Uupmu165JWWiAgHehbqsc4BccpJeJIvU8 oXOGZQSlClpqYfk9UrVG5efKbQfGG5lplRVjyUkvs7/EnP/i4LidFQY8B8sXqRFGOf gSrXskQuCeEvDZw/RF0HGvuWPfYcBwYD0dxz2cGonJub0ZJoz9pL9YoG8xHPYeVjtW IaKfeyG5f01ZyhG0Cp7zXMkqHPwuxBtWVtatD0ID+/X+ENwTRoFPYzXmsEDBon+zSu qrdQDWTFEpqTEWvDlXNwLUMhtXlWTUfww0YrzpWJm5BX+D66wTTz9HW6ouIxdpWFN+ GGxS5Keuc7leOliayFRH/y3lI/J5L+VLaqHA5qoVC14rNgEiU3Rs7dqlxnyve/h2Zp T9Yos25zGBBBjcERWxAjXWVE0fz86AxGoIY2/qJBS1qJ4+zmeaEgE2Rl7uoWw5oZht oIm33Tv8ybUANBaOyOpHbLe255QGVCCuE1hlKw25bG78+eVCamI9/21sWhJ/YpNPsj KfL+zMlrYgLiJNedm2V2L7fhzneY312Oa7Fs2L4M6nm2LMEHW2GP3UsTpPy7LDtoV3 B2qaVZ7dNmD5lOAA+vlsn7ugICNiIo5NC/1e3svNnFoU2nS/4+jLd2rfnCoJbEzDjG uJP/vqTMNYhv3VA64TRIqrI8= Received: from zn.tnic (pd95304da.dip0.t-ipconnect.de [217.83.4.218]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail.alien8.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 3532640E0030; Mon, 18 Dec 2023 10:13:57 +0000 (UTC) Date: Mon, 18 Dec 2023 11:13:50 +0100 From: Borislav Petkov To: Michael Roth Cc: kvm@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org, tglx@linutronix.de, mingo@redhat.com, jroedel@suse.de, thomas.lendacky@amd.com, hpa@zytor.com, ardb@kernel.org, pbonzini@redhat.com, seanjc@google.com, vkuznets@redhat.com, jmattson@google.com, luto@kernel.org, dave.hansen@linux.intel.com, slp@redhat.com, pgonda@google.com, peterz@infradead.org, srinivas.pandruvada@linux.intel.com, rientjes@google.com, dovmurik@linux.ibm.com, tobin@ibm.com, vbabka@suse.cz, kirill@shutemov.name, ak@linux.intel.com, tony.luck@intel.com, marcorr@google.com, sathyanarayanan.kuppuswamy@linux.intel.com, alpergun@google.com, jarkko@kernel.org, ashish.kalra@amd.com, nikunj.dadhania@amd.com, pankaj.gupta@amd.com, liam.merwick@oracle.com, zhi.a.wang@intel.com Subject: Re: [PATCH v10 20/50] KVM: SEV: Select CONFIG_KVM_SW_PROTECTED_VM when CONFIG_KVM_AMD_SEV=y Message-ID: <20231218101350.GAZYAbXqYLXByk5Akw@fat_crate.local> References: <20231016132819.1002933-1-michael.roth@amd.com> <20231016132819.1002933-21-michael.roth@amd.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20231016132819.1002933-21-michael.roth@amd.com> X-Rspamd-Queue-Id: D82C340020 X-Rspam-User: X-Stat-Signature: tsh47oj353a61yqu4r8ib1kxn19bmfzs X-Rspamd-Server: rspam01 X-HE-Tag: 1702894483-793839 X-HE-Meta: U2FsdGVkX18uGHnfBZfO3m9uQCJ6s5rkM7l6BI2vOSlxWUhuj43vnBi0ct80NMgBukTO3CjXiJ+l5gbABKJ5R4YmISnAnaLOEtPAcNwO8xka6Mnfhfygj92t8vi/fqUdO+HkZYbE2b73DpwX8W/U+MD9Pcun3fDUrcy/npCf5vw5LdMVCWTGLdURyqNZS5YKNqkjLbg2TxbJLcyJ0d2OmQrE7mvf0qED5N340xHJA7a9p2BF9iwaGbU1CoXjoN5X3foSiuGEthwWgjOhw4aqXbxZNegOMGBtRq0y0FM/BZo/NoqN1jaNKV1yY6tYW2Dxe6MNNfz8Cer8CXUVmMo0LQVURxmR5XuApocaLnvQ2lLy5Fis6zeVb5w1l7eEvt70YM7cJ74C9M2jkDfApFPiA4LPChmo28K70q19irK0Uj3QfH6YG3MfQZ3tSz7HiXqUIRRagoZBD5j7j5tD2pGO0aRVS47cIUFX3KTfWHgU8HLEarG5q4iZZtRfXLRrx2z1JZ3d8jd3uXYmRNSRFb/jDO+7PrbqRw91PiOvP7eGVXCMoQhoC2FevPwhG9xb7mdH/0w7xO4JoRc6Xw+i/ZmGWhP69TcjaJzanLrsWtk763KTqgBurc24d8JCtkzM61rcCCZTnQbJNm4afzZdm2N1iyuOdFneRNTIj/2K+sgKcoNuPzgA1bdXjSQz48aRkweWxQsfxIlL2PTFyMADjZI1EFlXs/RoOTa6ASwr72xqNi+Q2Ghzw/JTcoBUObJVd6Db0ggQyRRRz7GdAn/XJ1gL7wpW6o2Y8XmfJB8wPqFm4DSefZxiytAH9AZScqS7CDH5Kvf8PhciZBt9v7wlOXLpmCnu3fEGrS1L05FVXusV8e7XrCvgi776xzCjT4H2/oIBDLogE6tvHMtI2yMfVEl7qnqfklwCIW3CujT1m7HvNc6ddxQmxznppOC5aQxMqe/29VLKQprNiVW1zM06Ztf L3Eo9UoK bQpdQLQTH9XeOvwYSTc1x9iVYkdzNVU0RHI4jiF+GZwkrwHNM1NMsOds9xj/Xqo/9c8jZ7I7Y/Alq2GHxc9YiKiI6N7tFBV3ggcuRo0fBMbUwstdFAQQR6j63IAg4MD0r6iF9xectuHaoafEiILk8GAdtfF+PzSnvS5YpvBnSoRMwMG1xXY+DQdGcpmetoHfVkL5EE6KEtp3QWbFxXchd4xzBiYNUXj2CZR+DHPOMnn3hitUM+SfNYJWPP8HXe5mvWsAV+8PmuKXzfeQ= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Mon, Oct 16, 2023 at 08:27:49AM -0500, Michael Roth wrote: > SEV-SNP relies on the restricted/protected memory support to run guests, > so make sure to enable that support with the > CONFIG_KVM_SW_PROTECTED_VM build option. > > Signed-off-by: Michael Roth > --- > arch/x86/kvm/Kconfig | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig > index 8452ed0228cb..71dc506aa3fb 100644 > --- a/arch/x86/kvm/Kconfig > +++ b/arch/x86/kvm/Kconfig > @@ -126,6 +126,7 @@ config KVM_AMD_SEV > bool "AMD Secure Encrypted Virtualization (SEV) support" > depends on KVM_AMD && X86_64 > depends on CRYPTO_DEV_SP_PSP && !(KVM_AMD=y && CRYPTO_DEV_CCP_DD=m) > + select KVM_SW_PROTECTED_VM > help > Provides support for launching Encrypted VMs (SEV) and Encrypted VMs > with Encrypted State (SEV-ES) on AMD processors. > -- Kconfig doesn't like this one: WARNING: unmet direct dependencies detected for KVM_SW_PROTECTED_VM Depends on [n]: VIRTUALIZATION [=y] && EXPERT [=n] && X86_64 [=y] Selected by [m]: - KVM_AMD_SEV [=y] && VIRTUALIZATION [=y] && KVM_AMD [=m] && X86_64 [=y] && CRYPTO_DEV_SP_PSP [=y] && (KVM_AMD [=m]!=y || CRYPTO_DEV_CCP_DD [=m]!=m) WARNING: unmet direct dependencies detected for KVM_SW_PROTECTED_VM Depends on [n]: VIRTUALIZATION [=y] && EXPERT [=n] && X86_64 [=y] Selected by [m]: - KVM_AMD_SEV [=y] && VIRTUALIZATION [=y] && KVM_AMD [=m] && X86_64 [=y] && CRYPTO_DEV_SP_PSP [=y] && (KVM_AMD [=m]!=y || CRYPTO_DEV_CCP_DD [=m]!=m) -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette