[PATCH v6 9/9] KVM: selftests: Add a basic SEV-SNP smoke test

Extend sev_smoke_test to also run a minimal SEV-SNP smoke test that initializes and sets up private memory regions required to run a simple SEV-SNP guest. Similar to its SEV-ES smoke test counterpart, this also does not support GHCB and ucall yet and uses the GHCB MSR protocol to trigger an exit o

[PATCH v6 8/9] KVM: selftests: Abstractions for SEV to decouple policy from type

In preparation for SNP, cleanup the smoke test to decouple deriving type from policy. Introduce, wrappers for SEV and SEV-ES types to abstract the parametrized launch tests calls and reduce verbosity. No functional change intended. Tested-by: Srikanth Aithal Signed-off-by: Pratik R. Sampat ---

[PATCH v6 7/9] KVM: selftests: Force GUEST_MEMFD flag for SNP VM type

Force the SEV-SNP VM type to set the KVM_MEM_GUEST_MEMFD flag for the creation of private memslots. Tested-by: Srikanth Aithal Signed-off-by: Pratik R. Sampat --- v5..v6: * Collected tags from Srikanth. --- tools/testing/selftests/kvm/lib/kvm_util.c | 7 +-- 1 file changed, 5 insertions(+)

[PATCH v6 6/9] KVM: selftests: Add library support for interacting with SNP

Extend the SEV library to include support for SNP ioctl() wrappers, which aid in launching and interacting with a SEV-SNP guest. Tested-by: Srikanth Aithal Signed-off-by: Pratik R. Sampat --- v5..v6: * Collected tags from Srikanth. --- tools/testing/selftests/kvm/include/x86/sev.h | 49 +++

[PATCH v6 5/9] KVM: selftests: Introduce SEV VM type check

In preparation for SNP, declutter the vm type check by introducing a SEV-SNP VM type check as well as a transitive set of helper functions. The SNP VM type is the subset of SEV-ES. Similarly, the SEV-ES and SNP types are subset of the SEV VM type check. Tested-by: Srikanth Aithal Signed-off-by:

[PATCH v6 4/9] KVM: selftests: Add VMGEXIT helper

Abstract rep vmmcall coded into the VMGEXIT helper for the sev library. No functional change intended. Reviewed-by: Pankaj Gupta Tested-by: Srikanth Aithal Signed-off-by: Pratik R. Sampat --- v5..v6: * Collected tags from Pankaj and Srikanth. --- tools/testing/selftests/kvm/include/x86/sev.h

[PATCH v6 3/9] KVM: selftests: SEV-SNP test for KVM_SEV_INIT2

Add the X86_FEATURE_SEV_SNP CPU feature to the architectural definition for the SEV-SNP VM type to exercise the KVM_SEV_INIT2 call. Ensure that the SNP test is skipped in scenarios where CPUID supports it but KVM does not, preventing reporting of failure in such cases. Reviewed-by: Nikunj A Dadhan

[PATCH v6 2/9] KVM: SEV: Disable SEV on platform init failure

If the platform initialization sev_platform_init() fails, SEV cannot be set up and a secure VM cannot be spawned. Therefore, in this case, ensure that KVM does not set up, nor advertise support for SEV, SEV-ES, and SEV-SNP. Suggested-by: Nikunj A Dadhania Tested-by: Srikanth Aithal Signed-off-by

[PATCH v6 1/9] KVM: SEV: Disable SEV-SNP on FW validation failure

On incompatible firmware versions, SEV-SNP support is pulled and the setup is not performed. However, the platform and subsequently the KVM capability may continue to advertise support for it. Disable support for SEV-SNP if the FW version validation fails. Fixes: 1dfe571c12cf ("KVM: SEV: Add initi

[PATCH v6 0/9] Basic SEV-SNP Selftests

This patch series extends the sev_init2 and the sev_smoke test to exercise the SEV-SNP VM launch workflow. Primarily, it introduces the architectural defines, its support in the SEV library and extends the tests to interact with the SEV-SNP ioctl() wrappers. Patch 1 - Do not advertize SNP on inco

[PATCH 3/5] crypto: virtio - Drop superfluous ctx->tfm backpointer

struct virtio_crypto_[as]kcipher_ctx contains a backpointer to struct crypto_[as]kcipher which is superfluous in two ways: First, it's not used anywhere. Second, the context is embedded into struct crypto_tfm, so one could just use container_of() to get from the context to crypto_tfm and from the

[PATCH 5/5] crypto: virtio - Drop superfluous [as]kcipher_req pointer

The request context virtio_crypto_{akcipher,sym}_request contains a pointer to the [as]kcipher_request itself. The pointer is superfluous as it can be calculated with container_of(). Drop the superfluous pointer. Signed-off-by: Lukas Wunner --- I've considered introducing a static inline to to

[PATCH 4/5] crypto: virtio - Drop superfluous [as]kcipher_ctx pointer

The request context virtio_crypto_{akcipher,sym}_request contains a pointer to the transform context virtio_crypto_[as]kcipher_ctx. The pointer is superfluous as it can be calculated with the cheap crypto_akcipher_reqtfm() + akcipher_tfm_ctx() and crypto_skcipher_reqtfm() + crypto_skcipher_ctx() c

[PATCH 2/5] crypto: virtio - Simplify RSA key size caching

When setting a public or private RSA key, the integer n is cached in the transform context virtio_crypto_akcipher_ctx -- with the sole purpose of calculating the key size from it in virtio_crypto_rsa_max_size(). It looks like this was copy-pasted from crypto/rsa.c. Cache the key size directly inst

[PATCH 1/5] crypto: virtio - Fix kernel-doc of virtcrypto_dev_stop()

It seems the kernel-doc of virtcrypto_dev_start() was copied verbatim to virtcrypto_dev_stop(). Fix it. Signed-off-by: Lukas Wunner --- drivers/crypto/virtio/virtio_crypto_mgr.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/crypto/virtio/virtio_crypto_mgr.c b/driv

[PATCH 0/5] crypto virtio cleanups

Here's an assortment of trivial crypto virtio cleanups which I accumulated while working on commit 5b553e06b321 ("crypto: virtio - Drop sign/verify operations"). I've used qemu + libgcrypt backend to ascertain that all boot-time crypto selftests still pass after these changes. I've also verified t