~philcox/ubuntu/+source/linux/+git/mantic:philcox/hectorcao-tdx

Branch merges

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related charm recipes

bf46bb2... by Philip Cox on 2023-08-22

CONFIG: disable Rust

TDX isn't building with Rust enabled right now.

Signed-off-by: Philip Cox <email address hidden>

b907e0c... by Philip Cox on 2023-08-22

CONFIG: enable TDX related KVM options

CONFIG_KVM_GENERIC_MEMORY_ATTRIBUTES
CONFIG_KVM_GENERIC_MMU_NOTIFIER
CONFIG_KVM_GENERIC_PRIVATE_MEM
CONFIG_KVM_MMU_PRIVATE
CONFIG_KVM_PRIVATE_MEM
CONFIG_KVM_SW_PROTECTED_VM

Signed-off-by: Philip Cox <email address hidden>

e3fff9e... by Philip Cox on 2023-08-22

CONFIG: enable CONFIG_ARCH_KEEP_MEMBLOCK on amd64

this is needed to enable TDX for the host

Signed-off-by: Philip Cox <email address hidden>

4a69a99... by Philip Cox on 2023-08-22

CONFIG: enabling TDX_host

Signed-off-by: Philip Cox <email address hidden>

cc4a9f7... by Isaku Yamahata on 2022-03-03

the end of (the first phase of) TDX KVM patch series

This empty commit is to mark the end of (the first phase of) patch series
of TDX KVM support.

Signed-off-by: Isaku Yamahata <email address hidden>

2380937... by Isaku Yamahata on 2023-05-24

RFC: KVM: x86, TDX: Add check for KVM_SET_CPUID2

Implement a hook of KVM_SET_CPUID2 for additional consistency check.

Intel TDX or AMD SEV has a restriction on the value of cpuid. For example,
some values must be the same between all vcpus. Check if the new values
are consistent with the old values. The check is light because the cpuid
consistency is very model specific and complicated. The user space VMM
should set cpuid and MSRs consistently.

Suggested-by: Sean Christopherson <email address hidden>
Link: https://<email address hidden>/
Signed-off-by: Isaku Yamahata <email address hidden>

275087f... by Isaku Yamahata on 2023-06-03

RFC: KVM: x86: Add x86 callback to check cpuid

The x86 backend should check the consistency of KVM_SET_CPUID2 because it
has its constraint. Add a callback for it. The backend code will come as
another patch.

Suggested-by: Sean Christopherson <email address hidden>
Link: https://<email address hidden>/
Signed-off-by: Isaku Yamahata <email address hidden>

b7331a6... by Isaku Yamahata on 2022-01-20

KVM: x86: design documentation on TDX support of x86 KVM TDP MMU

Add a high level design document on TDX changes to TDP MMU.

Signed-off-by: Isaku Yamahata <email address hidden>

93815c4... by Isaku Yamahata on 2021-01-23

Documentation/virt/kvm: Document on Trust Domain Extensions(TDX)

Add documentation to Intel Trusted Domain Extensions(TDX) support.

Signed-off-by: Isaku Yamahata <email address hidden>

2a238fc... by Isaku Yamahata on 2023-08-09

KVM: TDX: Inhibit APICv for TDX guest

TDX doesn't support APICV, inhibit APICv for TDX guest. Follow how SEV
does it. Define a new inhibit reason for TDX, set it on TD
initialization, and add the flag to kvm_x86_ops.required_apicv_inhibits.

Signed-off-by: Isaku Yamahata <email address hidden>