~timg-tpi/ubuntu/+source/linux-azure/+git/lunar:lunar-azure-TDX-with-HCL

Branch merges

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related charm recipes

696b9da... by Dexuan Cui on 2023-07-10

UBUNTU: SAUCE: Fix building ARM64

BugLink: https://bugs.launchpad.net/bugs/2028286

(cherry picked from commit 1727b08420f8909333573aaa67e1aa8738d4fb88 https://github.com/dcui/linux)
Signed-off-by: Tim Gardner <email address hidden>

6f058c9... by Dexuan Cui on 2023-06-16

UBUNTU: SAUCE: Drivers: hv: vmbus: support >64 VPs for a TDX VM without the pavavisor

BugLink: https://bugs.launchpad.net/bugs/2028286

Don't set *this_cpu_ptr(hyperv_pcpu_input_arg) before the call
set_memory_decrypted() returns, otherwise we can run into this ticky issue:

1. In hv_common_cpu_init(), *this_cpu_ptr(hyperv_pcpu_input_arg) is set to
   a private (i.e. encrypted) page.

2. hv_common_cpu_init() -> set_memory_decrypted() -> __set_memory_enc_dec ->
     __set_memory_enc_pgtable() -> cpa_flush() -> on_each_cpu() ->
    on_each_cpu_cond_mask() -> smp_call_function_many_cond() ->
    arch_send_call_function_ipi_mask() -> smp_ops.send_call_func_ipi() ->
    native_send_call_func_ipi() -> apic->send_IPI_allbutself() ->
    hv_send_ipi_allbutself() -> hv_send_ipi_mask_allbutself() ->
    __send_ipi_mask():

      When the VM has >64 vCPUs, __send_ipi_mask_ex() is called:

         arg = (struct hv_send_ipi_ex **)this_cpu_ptr(hyperv_pcpu_input_arg);
         ipi_arg = *arg;
  hv_do_rep_hypercall(HVCALL_SEND_IPI_EX, 0, nr_bank, ipi_arg, NULL);

          The hv_do_rep_hypercall() will trigger a fatal fault because Hyper-V
          requires that the 'ipi_arg' should point to a shared (i.e. decrypted) page.

Avoid the fatal fault by setting *this_cpu_ptr(hyperv_pcpu_input_arg) after
calling set_memory_decrypted() returns: by doing this, __send_ipi_mask_ex()
returns HV_STATUS_INVALID_PARAMETER because *this_cpu_ptr(hyperv_pcpu_input_arg)
is still NULL, and __send_ipi_mask() returns false, meaning hv_send_ipi_allbutself()
calls orig_apic.send_IPI_all(), i.e. x2apic_send_IPI_all), to send IPIs.
x2apic_send_IPI_all() doesn't depend on *this_cpu_ptr(hyperv_pcpu_input_arg.

Signed-off-by: Dexuan Cui <email address hidden>
(cherry picked from commit f1e61e384cae06a16b97c63fa2238313ad090a3c https://github.com/dcui/linux)
Signed-off-by: Tim Gardner <email address hidden>

5e21243... by Michael Kelley on 2023-05-23

x86/hyperv: Fix hyperv_pcpu_input_arg handling when CPUs go online/offline

BugLink: https://bugs.launchpad.net/bugs/2028286

These commits

a494aef23dfc ("PCI: hv: Replace retarget_msi_interrupt_params with hyperv_pcpu_input_arg")
2c6ba4216844 ("PCI: hv: Enable PCI pass-thru devices in Confidential VMs")

update the Hyper-V virtual PCI driver to use the hyperv_pcpu_input_arg
because that memory will be correctly marked as decrypted or encrypted
for all VM types (CoCo or normal). But problems ensue when CPUs in the
VM go online or offline after virtual PCI devices have been configured.

When a CPU is brought online, the hyperv_pcpu_input_arg for that CPU is
initialized by hv_cpu_init() running under state CPUHP_AP_ONLINE_DYN.
But this state occurs after state CPUHP_AP_IRQ_AFFINITY_ONLINE, which
may call the virtual PCI driver and fault trying to use the as yet
uninitialized hyperv_pcpu_input_arg. A similar problem occurs in a CoCo
VM if the MMIO read and write hypercalls are used from state
CPUHP_AP_IRQ_AFFINITY_ONLINE.

When a CPU is taken offline, IRQs may be reassigned in state
CPUHP_TEARDOWN_CPU. Again, the virtual PCI driver may fault trying to
use the hyperv_pcpu_input_arg that has already been freed by a
higher state.

Fix the onlining problem by adding state CPUHP_AP_HYPERV_ONLINE
immediately after CPUHP_AP_ONLINE_IDLE (similar to CPUHP_AP_KVM_ONLINE)
and before CPUHP_AP_IRQ_AFFINITY_ONLINE. Use this new state for
Hyper-V initialization so that hyperv_pcpu_input_arg is allocated
early enough.

Fix the offlining problem by not freeing hyperv_pcpu_input_arg when
a CPU goes offline. Retain the allocated memory, and reuse it if
the CPU comes back online later.

Signed-off-by: Michael Kelley <email address hidden>
Reviewed-by: Vitaly Kuznetsov <email address hidden>
Acked-by: Borislav Petkov (AMD) <email address hidden>
Reviewed-by: Dexuan Cui <email address hidden>
Link: https://<email address hidden>
Signed-off-by: Wei Liu <email address hidden>
(cherry picked from commit 9636be85cc5bdd8b7a7f6a53405cbcc52161c93c)
Signed-off-by: Dexuan Cui <email address hidden>
(cherry picked from commit f4fe22fc55bc5b72aa2fc39474043d7336e5b994 https://github.com/dcui/linux)
Signed-off-by: Tim Gardner <email address hidden>

989bffc... by Dexuan Cui on 2023-06-27

UBUNTU: SAUCE: Support TDX+HCL (July 9, 2023)

BugLink: https://bugs.launchpad.net/bugs/2028286

The changes will be furher cleaned up and posted to LKML.

Tested the below scenarios and the VMs were able to boot up with 128 VPs:
1) TDX with the pavavisor.
2) TDX without the pavavisor.
3) SNP with the pavavisor.
4) VBS.
5) Regular VMs.

(cherry picked from commit 9893873bdef6f1e5574f784ed6e1d9d5bc54f1d8 https://github.com/dcui/linux/commit/9893873bdef6f1e5574f784ed6e1d9d5bc54f1d8)
Signed-off-by: Dexuan Cui <email address hidden>
(cherry picked from commit 52283f363634df9b096b94634100b1c945ea60eb https://github.com/dcui/linux)
Signed-off-by: Tim Gardner <email address hidden>

3a77bfd... by Dexuan Cui on 2023-06-16

UBUNTU: SAUCE: clocksource: hyper-v: Use InvariantTSC and enable TSC page for TDX VM (WIP)

BugLink: https://bugs.launchpad.net/bugs/2028286

Need to better address the __bss_decrypted attribute of 'tsc_pg'.

(cherry picked from commit 662d8f2222aef359039363eeba856d7a6a8ad87b https://github.com/dcui/linux/commit/662d8f2222aef359039363eeba856d7a6a8ad87b)
Signed-off-by: Dexuan Cui <email address hidden>
(cherry picked from commit 2da82f8783279af94eca2f707a87d41ea648f417 https://github.com/dcui/linux)
Signed-off-by: Tim Gardner <email address hidden>

dce922b... by Tim Gardner on 2023-07-18

UBUNTU: Ubuntu-azure-6.2.0-1009.9

Signed-off-by: Tim Gardner <email address hidden>

490b9e5... by Tim Gardner on 2023-07-18

UBUNTU: link-to-tracker: update tracking bug

BugLink: https://bugs.launchpad.net/bugs/2026476
Properties: no-test-build
Signed-off-by: Tim Gardner <email address hidden>

e51776c... by Tim Gardner on 2023-07-18

UBUNTU: Start new release

Ignore: yes
Signed-off-by: Tim Gardner <email address hidden>

413ec57... by Tim Gardner on 2023-07-18

UBUNTU: [Packaging] resync getabis

BugLink: https://bugs.launchpad.net/bugs/1786013
Signed-off-by: Tim Gardner <email address hidden>

6b2bfdc... by Petr Tesarik <email address hidden> on 2023-07-12

swiotlb: fix a braino in the alignment check fix

BugLink: https://bugs.launchpad.net/bugs/2026736

The alignment mask in swiotlb_do_find_slots() masks off the high
bits which are not relevant for the alignment, so multiple
requirements are combined with a bitwise OR rather than AND.
In plain English, the stricter the alignment, the more bits must
be set in iotlb_align_mask.

Confusion may arise from the fact that the same variable is also
used to mask off the offset within a swiotlb slot, which is
achieved with a bitwise AND.

Fixes: 0eee5ae10256 ("swiotlb: fix slot alignment checks")
Reported-by: Dexuan Cui <email address hidden>
Link: https://lore.kernel<email address hidden>/
Reported-by: Kelsey Steele <email address hidden>
Link: https://<email address hidden>/
Signed-off-by: Petr Tesarik <email address hidden>
Tested-by: Dexuan Cui <email address hidden>
Signed-off-by: Christoph Hellwig <email address hidden>
(cherry picked from commit bbb73a103fbbed6f63cb738d3783261c4241b4b2)
Signed-off-by: Tim Gardner <email address hidden>
Acked-by: Cengiz Can <email address hidden>
Acked-by: John Cabaj <email address hidden>
Signed-off-by: Tim Gardner <email address hidden>