TWxSoftware/twx-linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
10ef74c06b
twx-linux/include
History
Paolo Bonzini 10ef74c06b KVM SEV-SNP CipherText Hiding support for 6.18 
Add support for SEV-SNP's CipherText Hiding, an opt-in feature that prevents
 unauthorized CPU accesses from reading the ciphertext of SNP guest private
 memory, e.g. to attempt an offline attack.  Instead of ciphertext, the CPU
 will always read back all FFs when CipherText Hiding is enabled.
 
 Add new module parameter to the KVM module to enable CipherText Hiding and
 control the number of ASIDs that can be used for VMs with CipherText Hiding,
 which is in effect the number of SNP VMs.  When CipherText Hiding is enabled,
 the hared SEV-ES/SEV-SNP ASID space is split into separate ranges for SEV-ES
 and SEV-SNP guests, i.e. ASIDs that can be used for CipherText Hiding cannot
 be used to run SEV-ES guests.
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEKTobbabEP7vbhhN9OlYIJqCjN/0FAmjXG0EACgkQOlYIJqCj
 N/1TKQ//UlPcGwoR9cl9V5YRz0b+wNOHNh7JqOTdQsEa00qqIXaAnK+M77Jynvmj
 YqnQbFCxnQS2pQWkSKv3eJ9Kc9ndTBA7+lL3rrHot6ccks3xM0cHe8Bquu8Of/Ht
 1qla1OazrYjJBjFdYCzO+ZQdUvSNAr5RkOPO1KrnHZPELPOQt0+LbxlewRRbKHIj
 hea8KgmRqmlRJYDJlOGh+G/FFDCFqaeXyOfEkeBuYyCAL60r+0IMHKMwrwlDx/1+
 Kzlrf65YuMZlgg7AjhA2mXj4DvlSQkPnMkmkNmNgPXI1XNgHDS/7M1f2m/QbgGV8
 Y1D1/GY5u5YD30zDHCmmqPocs5sxrsVoAH8cHalMQsiDlr/HfoKlQ+w0aHEQnHFJ
 j4GnfCIkyx77tPHeS8e8RJk8qXs+0Bf2bzOAQkv0f/k6JaWhiLzISTFOTyztaf8v
 m7gPWJORWGZyWVBk+Ad+KGh5Ww2o+sY3aufp81JBT12kC17G0xsHrO1XvUV6YDQ7
 wSINQap0TQFY2Lh9Vr1GDNx4jk+YnQOjqKbqd6efyv8No4+j75eaCkbAItma9YVc
 EPGYa+LaRoC58f7LIChT0uXTAkK7lgdAuGwice7CPsRTjPJqxneIL7u6ohO9jAkz
 EysFgzsozLynnVUPmXqf5SDots1G5RrAne8Bj+6tLaGxCjW+lLI=
 =mc41
 -----END PGP SIGNATURE-----

Merge tag 'kvm-x86-ciphertext-6.18' of https://github.com/kvm-x86/linux into HEAD

KVM SEV-SNP CipherText Hiding support for 6.18

Add support for SEV-SNP's CipherText Hiding, an opt-in feature that prevents
unauthorized CPU accesses from reading the ciphertext of SNP guest private
memory, e.g. to attempt an offline attack.  Instead of ciphertext, the CPU
will always read back all FFs when CipherText Hiding is enabled.

Add new module parameter to the KVM module to enable CipherText Hiding and
control the number of ASIDs that can be used for VMs with CipherText Hiding,
which is in effect the number of SNP VMs.  When CipherText Hiding is enabled,
the shared SEV-ES/SEV-SNP ASID space is split into separate ranges for SEV-ES
and SEV-SNP guests, i.e. ASIDs that can be used for CipherText Hiding cannot
be used to run SEV-ES guests.
2025-09-30 13:34:32 -04:00
..
acpi mailbox/pcc: support mailbox management of the shared buffer 2025-08-07 23:49:56 -05:00
asm-generic Deferred unwind changes for 6.17 2025-08-01 09:46:24 -07:00
clocksource
crypto crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg 2025-09-18 17:24:59 +08:00
cxl
drm drm/gpuvm: fix various typos in .c and .h gpuvm file 2025-08-25 21:48:50 +02:00
dt-bindings Pin control changes for v6.17 2025-08-02 12:07:09 -07:00
hyperv
keys
kunit
kvm KVM/arm64 updates for 6.18 2025-09-30 13:23:28 -04:00
linux KVM SEV-SNP CipherText Hiding support for 6.18 2025-09-30 13:34:32 -04:00
math-emu
media
memory
misc
net net: clear sk->sk_ino in sk_set_socket(sk, NULL) 2025-09-18 07:47:17 -07:00
pcmcia pcmcia: remove PCCARD_IODYN 2025-08-16 15:37:47 +02:00
ras
rdma
rv
scsi
soc This is the usual collection of primarily clk driver updates. The big part of 2025-07-31 13:36:27 -07:00
sound More minor SDCA bug fixes 2025-09-04 19:31:51 +01:00
target
trace LoongArch: KVM: Move kvm_iocsr tracepoint out of generic code 2025-09-23 23:37:26 +08:00
uapi KVM SEV-SNP CipherText Hiding support for 6.18 2025-09-30 13:34:32 -04:00
ufs
vdso
video
xen Significant patch series in this pull request: 2025-08-03 16:23:09 -07:00
Kbuild