From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5963ECD11C2 for ; Wed, 10 Apr 2024 22:27:47 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B817C6B0082; Wed, 10 Apr 2024 18:27:46 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id B31B46B0087; Wed, 10 Apr 2024 18:27:46 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 9D24F6B008C; Wed, 10 Apr 2024 18:27:46 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 7C8546B0082 for ; Wed, 10 Apr 2024 18:27:46 -0400 (EDT) Received: from smtpin09.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 4CB86120967 for ; Wed, 10 Apr 2024 22:27:39 +0000 (UTC) X-FDA: 81995060238.09.977D2B3 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2126.outbound.protection.outlook.com [40.107.236.126]) by imf21.hostedemail.com (Postfix) with ESMTP id 70D9C1C0012 for ; Wed, 10 Apr 2024 22:27:36 +0000 (UTC) Authentication-Results: imf21.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=Ol9zF6j8; dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf21.hostedemail.com: domain of Thomas.Lendacky@amd.com designates 40.107.236.126 as permitted sender) smtp.mailfrom=Thomas.Lendacky@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1712788056; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=WexGFk06xrVYbL2+xke+5W+/6/DWshicySwm/UQwIdg=; b=CON81yalosEuzC2qxgYJd9lQ1a3pbWVfIiZ8Hu05eYKOvE5gMlG4MLCLZSaQQYPkJBGlTy Hoi3Gzh9D6n+mKJbsmqCEWsv4S1Hn1mZE6h3xabT30flEoPH8KJLshjTFNt3DsD3visFyF ugaxj4sZSn7Y7A7cGbzf3x00urtjH38= ARC-Authentication-Results: i=2; imf21.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=Ol9zF6j8; dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf21.hostedemail.com: domain of Thomas.Lendacky@amd.com designates 40.107.236.126 as permitted sender) smtp.mailfrom=Thomas.Lendacky@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1712788056; a=rsa-sha256; cv=pass; b=hS27W855Pqn1vKZb1FeM5Na7p9sEzwJzq0ejKB8JeR5KTDF/xrpzoPtnH1PTgkJba4d5YZ lEgGektZFQWl+BirTqFUhtN8aHytkeCHqXt8EARvA5YECrACWv5XfnjbvawOw59UnWCSbk YC4kAN5n5hBZQ0AU5SiYc5Kzwa3lYHE= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=m8H3twUeSsF4/C3WuLbanKHvYNBScX5EfNL7am8HVNbABloFk4LWx2fJdRbwA/dfoPYBiBfl4BOYMj6e09nLN8f/MTyKXf5e5p7CJbQZhi1cmaCfmkZNfkzj6dQ7cU7ydAQ84la0V7+C5BwtwPwRl5VQogOPPNpOH/v4g1oByPLROeGGxA4m3YSgW1bUvbmZpoNtgvCjY9/kmvw3ZO6dP6ULZ4A5nM2qkXXS1rAurV2qlu+G2bLubE2iQRjVuhMb110YE2tvY/GM3gUkN4F23dbycbHRufCXVJ1kxn3ArP01GnDXuodJ/aSwByVHvvjhCBHP42Pmp/VjfOM3cEaqZQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=WexGFk06xrVYbL2+xke+5W+/6/DWshicySwm/UQwIdg=; b=etaOvjibSYNbIp/4mq+br2gTn4976TWRfs9L/Qm4+ZKuE5xNdu06ToF8OVRg9Cp+NtH4jFJBcFXUW069ikRUwA5EDJEZ7rFF76mTIaR+7BCeZczYDYE2WodTiKgJDYoAQPqTp49PsnoEDBsiOQHROoJ6zZN23fW+JOeG138SUZilC886PdYSxKFPD/8Qq4j6VSHopDG9eu3hJTEMctfdScpVXIVWFpEqJ7+atNWCzvy2BrzDLxyJARICOi49+hF6wx7cWJg1crLWCvfXglzN+76cp8rZqhR1VtHxsRFqNjrH8A8GV7jFYZ/TwcopQuu4oibdylpHpPpWIdNrZFnepw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=WexGFk06xrVYbL2+xke+5W+/6/DWshicySwm/UQwIdg=; b=Ol9zF6j8010bISzA351eU/2jnNuwSla3/c+XAJ/+AUuqLMZYKoLk0mAdshO6ecvZNqRO3yVww1ZbfOnNOvnR9XH9RT5ulB5kvbWvW3B/+A7we6mYM41I+3x3UYwbEFvw6oO6f5fQP4x2vsL/KXbwth0K9rDInUs0uB9OGCaOfkM= Received: from BL1PR12MB5732.namprd12.prod.outlook.com (2603:10b6:208:387::17) by MW3PR12MB4379.namprd12.prod.outlook.com (2603:10b6:303:5e::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.46; Wed, 10 Apr 2024 22:27:32 +0000 Received: from BL1PR12MB5732.namprd12.prod.outlook.com ([fe80::1032:4da5:7572:508]) by BL1PR12MB5732.namprd12.prod.outlook.com ([fe80::1032:4da5:7572:508%6]) with mapi id 15.20.7409.042; Wed, 10 Apr 2024 22:27:32 +0000 Message-ID: <5f8fbdae-6c43-e332-1ddf-daaac42f381c@amd.com> Date: Wed, 10 Apr 2024 17:27:28 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.15.1 Subject: Re: [PATCH v12 28/29] crypto: ccp: Add the SNP_{PAUSE,RESUME}_ATTESTATION commands Content-Language: en-US To: Michael Roth , kvm@vger.kernel.org Cc: linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org, tglx@linutronix.de, mingo@redhat.com, jroedel@suse.de, hpa@zytor.com, ardb@kernel.org, pbonzini@redhat.com, seanjc@google.com, vkuznets@redhat.com, jmattson@google.com, luto@kernel.org, dave.hansen@linux.intel.com, slp@redhat.com, pgonda@google.com, peterz@infradead.org, srinivas.pandruvada@linux.intel.com, rientjes@google.com, dovmurik@linux.ibm.com, tobin@ibm.com, bp@alien8.de, vbabka@suse.cz, kirill@shutemov.name, ak@linux.intel.com, tony.luck@intel.com, sathyanarayanan.kuppuswamy@linux.intel.com, alpergun@google.com, jarkko@kernel.org, ashish.kalra@amd.com, nikunj.dadhania@amd.com, pankaj.gupta@amd.com, liam.merwick@oracle.com References: <20240329225835.400662-1-michael.roth@amd.com> <20240329225835.400662-29-michael.roth@amd.com> From: Tom Lendacky In-Reply-To: <20240329225835.400662-29-michael.roth@amd.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-ClientProxiedBy: SN7PR04CA0217.namprd04.prod.outlook.com (2603:10b6:806:127::12) To BL1PR12MB5732.namprd12.prod.outlook.com (2603:10b6:208:387::17) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL1PR12MB5732:EE_|MW3PR12MB4379:EE_ X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 7HHqcbelOae+9p74+8WI0X5BuaJSmYBu6mK9sAaUdHlJYFMuI+PbQBpA02AkgL4FqT+Ij2scRHuERalD2Eh6mH8wYXzLtSCcpuMIvcdrJ0YCK+wTQ3r2UpyCLvUhW/yHmDUOIcrjGKJSmquK4Jnldni7OVPVW8oz4rLeibWqD8GfO0hNaCbu3cpZJlbkPiMo4hNh5wG9r2dSP/TxXpwZPb/k/5DGTKmh5tc/dgpqPcPoATP9dHAtEFpwB6qsqpZtT/vYeMdotQrz6LUDZyZFGnab+FJT6zPrmZXH19kpD2ey3OYkvfET9MMORhaQ7DxRgejpC6Nj5J1qUiyyLA/SXVmJHEktCiRQJ04S6rQfXODiYC8ZUznwDwmuTSr12j/y76nNt1GlCTf9vkLCaN8LQ75Jux23IYPBofaleOVQB3ysFF/HBUi0SoI1ddhm6I/6X4KZ6QO3hHD9oFyHDbDDFaVtShKF+ncb6eLBicNajiwVwrU5Ogg3MVSv3wTT3oPHBmGGHDv7V/fIf/26nZJtcMH7DbMY9sqlOvz74G4CyFosTJn2qf1C+W2oXw7QLMgh2+SfOc0V4JB4LdXXNHZGmYT8BPvpHvTgYNGHEQ1daXpBoWvptnnyRdAF+ZIOgZjgtFP8fSEfml0qpXvW19czPL13vIzMHYsdTHIH1LQa6ng= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BL1PR12MB5732.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(7416005)(1800799015)(366007)(376005);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?cU8ybGFNNGJ5YTRWeFhkbmlvRmtGQmF0TzRuZFpoUDZ5aDJ6dXhvWldIQmNJ?= =?utf-8?B?UkpmWHpyV3pQV0tyVHFFYnUzZGRtNmZGN0huTldnaUNaRmFKWlZKczZtc2wv?= =?utf-8?B?KzVVOXh4bGtWaTNqU3lONkZZektIWEZZdVVWeS9YUzBQbUhjTVZUZ0xHdXVz?= =?utf-8?B?ZDM4WEtta3JFUkh3U2pVN0s3WU5ISGxzdm1MSGlMNTI1eUlSOFFxQ2l4aEhD?= =?utf-8?B?MHlTTEZUY0tSWmtVcC9zZFhibEVwZXFqckpJOG5BTTU0UlFNNWt6ZlErdTB1?= =?utf-8?B?YXFGaVY4V0NSR1FvWjkwcGJBYUhKeGRFellSVmxOdEE2dGZuOU5ZY3BvMU9n?= =?utf-8?B?VjBUZUtIc3Jqa2k1UEFGZzc5TStHU25rbm93LytSN3N5VnZjdjZiZnZmV3pT?= =?utf-8?B?bFlEbE1BNDk5eFZKRzdrTkk5ekwvKzBMSVF0d0V2aW9TYWZ3cWQrUGdyOG94?= =?utf-8?B?b0s4anMzVmQrU2NNT21kcUVsK2ljTCtjby9MSGNTMk9qM3J2N0xTY1lQMktx?= =?utf-8?B?M0Vrby9QMTNJV1NCN1pEc0hNdzJDWUVvcis2aDVIU1YyaU9JUDRTMko3SS9D?= =?utf-8?B?amJXQVo1MFMrQVZtZ3NOT0l2bXQ2MW5IeWdWM292Z0QrOExxOTJvaWtBWUYr?= =?utf-8?B?L0FsMnNjOGh6cUIrc1ZscWNucHFLcFNXYTJDUThXdHViOURYZS9KOXZiNjZr?= =?utf-8?B?TzA0ZE8vL0VpSjBRalRlbWNWUTd0NnUwV0xYNWRza0lXNHdxRzlMeVBYcE9n?= =?utf-8?B?dndPSFNvZHBQcGNEWGFiMWRseDJDRDVQSEgrN1JNenF5b292SVNVS1o5V0ZC?= =?utf-8?B?Ukt1N1gyZGFvdWxvQWxIbW8xajhSVndZMWFvQytBZkYyY0JXSnNCV01Yd3RF?= =?utf-8?B?R0sxR0R4emFLL3hxMm4weE54NEs4WVdMRVdEa1B4eGxoajIwc3hBeU9kQndI?= =?utf-8?B?UjNSVXltK09EM0gzb01NNHJyNjZvcERxRWRuT1h2VksrQ1pleVVGVzgyVThn?= =?utf-8?B?MVh2M1ZTOXo2cHRRNE9IVkZoeWNoalRkTzMyL0RoMHIwSkg3WW8waHhvUkdj?= =?utf-8?B?YWx5VVl6b09RamFlODJvTHVPODNqS0tYYnBzSC83YnhkMFFZNldmeWxGMC9N?= =?utf-8?B?U2NaK3puNTZaaFcyQ3A2N1BsU09kb2QwN29hMkNBMjFyUCsvdENhK3BhQzRO?= =?utf-8?B?TVpOU282bzNjc29BS2FHQm0wazU0S3RRZnVlZHNEaWN3VjRpdjVHckNzazFp?= =?utf-8?B?NVV4eWt1T1JhLzE0SW9KWjhhVDVpYzF4ZXNPY3dTWlNEeHVwYXduaHBlRDRs?= =?utf-8?B?SzhrN1ZPREMyTmZabW15Q0xQaWtaQUdQNmJJOUtydW9UTjFzRkVWVXNqOEl0?= =?utf-8?B?R3NjSDBRRnUwdzljY0Y1RW9LeTFaa0N2bjFSM2VSOEhmNXB4dnBibndqQkFE?= =?utf-8?B?Z1F2WEJjTGo0OTZwOFFPbGwrWk9QL05LdG9GUEw2S05jRStxazllS09JdFhi?= =?utf-8?B?ZW4zenptb3A2ay84SGZ6WFV1YUtnRTJDeDczck0zdzhwMmE3Wm1NWHl2UHNS?= =?utf-8?B?SjVBVHRqY0ozNkNwZDNZTHJ2dTFOS25nbzhEZkVkSTV1QjloM01MczlXZ2xy?= =?utf-8?B?OGdSQUd5dEFSUmFOaDV2M0JSWGZPc3Bpc1hxZVdOS0JWQXdqR1hMQ0Q3bGhx?= =?utf-8?B?aW5scitrWUJZNG5NbE5BTHpTMEV1NXJyWWluUHI5NEVjOXZrMWRpdWF3UE9i?= =?utf-8?B?c3NPWk1vaUNlbm5MVUx2TTh1WVhsaW1RUkJxeVlwOGU5U0RRaUtRV291UkpV?= =?utf-8?B?RFBJRktRNzFJNG1qSmpXazZ5WGx1UVNQMHhSY0ErdUxzSXl4RVdFZHdQTmR3?= =?utf-8?B?bjZWMjdYVjlOZEtobnBjREpvTG05YlZVK0hMblpkS2JpdUtQbVZROWhJSFpw?= =?utf-8?B?dHZVS1Z5SDArb2RjSExyS0hMWjlGTnpISjRNQkRVSzdIUkhaYXFReGlMRWp6?= =?utf-8?B?TFNTcjN4WkZNNUxHaThxd2s2NXNRQUlJVFdMcDI1RnpheU5TUC8rZzE5Z2JT?= =?utf-8?B?MjBzQ3JQTGpqRjNVT0JUQk1lcUZrSksvYmkxWHVnQzlxZGxwd0o2K1JBcC9R?= =?utf-8?Q?zc0Hf4ouC35MRBxuAxrv+tUOd?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 43314198-f2d1-41aa-67d5-08dc59ad6a32 X-MS-Exchange-CrossTenant-AuthSource: BL1PR12MB5732.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Apr 2024 22:27:32.7127 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: PDqwEUhPnRGay1z/OELjzknHHLGBfUTdOfIZBEKPYjDnqvwIHb8Dgeq3FNs21so/Z73Z8Q26ufyo+YKnW+Z4WA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW3PR12MB4379 X-Rspamd-Queue-Id: 70D9C1C0012 X-Rspam-User: X-Rspamd-Server: rspam04 X-Stat-Signature: puidysrtdn67ttwyjp7axoq75z5yxp86 X-HE-Tag: 1712788056-1118 X-HE-Meta: U2FsdGVkX1/LqOpyYBTEJCKNadBrOmqP7lRTA/xyM9cZdHOfGJFbgHyD37mnLqRKa+1KEiIsaC2F2DdoYLIRUZ7QLDlfxl0ArK9/ef8YYqyAgMrUPCoZnJWiBco8guXZhEdglSzjgqRaoMnA2THBlnyIaWZtMbMVrX23r553+z1BUCNURVAtsIupiWXvvRC4Uc7GyhAf6VHxUYc+SDcUMJpUwhDCU7KKYmnmxz7f5cvLDwi5tUlE395zQw5PTfShiymXAeMJhK/4UE3ppwpN5DmYsI3n9MG6l8AbDCMCxW8kFitjmT3S9+fD7VLUONiunWGnXGn6f0j3qjnEwPSJV+PtfThRJ1nbyEoZzcgu4O9dain4xL3/1iaXR8CY08VPEjkb+eQoCCjea7GM2cM5Ej8hN0fA4qbjdnHNd78NBRMDkKdeEl3yNof+hxV4orXsGQir6nQxlj0AWFjl+Ilj+WGzE3cCgTMUwfWIhaUmNCyW+V0t8cGfpbcR46CGld5xxktUhAZbJ4gVnt799SeU6JSvlYUqzxGCO5wWeYKkQ1vYzYSZNaqy8qG+Zv389HFsC0kSD63Twr+NogHZEKz2S4E8lVIeLra5/rkk3zkJ5HngL4YOAk82VsAd17HcRXWIHZ3bfWpbzTyXit3X5S3kWe0ByHkqU4CAHXfA2I7dsxDAhW/CPT/IDcezITVruFw+ejDkLSvyYRUDAfYDHW4BNglUCb+xxYmXmvzyLGXk75jHqrBQBdn8UHgC8gPZn5udcj7hlj1LAbWcrt9eagx2V8cD9+8Jmm2DPZs224LnNCzO0NItqICr6kIoMZsAu4EL4PdKb1kYeubEt7GjBHcqPso2e7Cmxj+e4FBMHQKkr+RcZ3brB5z0ryPJ+5dQZ1Ga7lq/bqAvOBvra+IQp3Iw8GlBunKLwEGZiPRiyXRqbSyXp6UWWu75H++KjDomfRGdI3FN/l+c4tj6Vv09U2x Ghe4q/K0 VMZAXFaGXnjsKKG0v96dgjrl4jvzMC7l3EPl0pb0jZY2ZgYs8oawBJJT14cHOEpiZht28085p4/5khDoq7V6wJXM2JmUd7mWMdHjkwBiL4WgAegsFeTj0caEjYsQDSd9HeTc50pGNbnB901qGI7nO5C9DE+kOP1wvRYDT5ISJwTytW4uuFNHUt0AaMgQNROflPn+EEh9pnB/X8j+RuWUHpf5ewqk3E2T7iyfMpsvxydtE+xJ7GYt13Of/P2YAxn5g3TAcnnZtMwylwCKrc2SDwGBb0w== X-Bogosity: Ham, tests=bogofilter, spamicity=0.007403, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On 3/29/24 17:58, Michael Roth wrote: > These commands can be used to pause servicing of guest attestation > requests. This useful when updating the reported TCB or signing key with > commands such as SNP_SET_CONFIG/SNP_COMMIT/SNP_VLEK_LOAD, since they may > in turn require updates to userspace-supplied certificates, and if an > attestation request happens to be in-flight at the time those updates > are occurring there is potential for a guest to receive a certificate > blob that is out of sync with the effective signing key for the > attestation report. > > These interfaces also provide some versatility with how similar > firmware/certificate update activities can be handled in the future. > > Signed-off-by: Michael Roth Reviewed-by: Tom Lendacky > ---