[SRU][N:linux-gke][PATCH 00/24] Add SVSM and SVSM vTPM support for GKE

Ian Whitfield ian.whitfield at canonical.com
Thu Sep 18 01:26:37 UTC 2025 

BugLink: https://bugs.launchpad.net/bugs/2111956

[Impact]
GKE has requested confidential VM patchset parity with linux-gcp kernels on 6.8.
This patchset was previously applied to noble:linux-gcp, and is now being ported
to noble:linux-gke.

[Fix]
The patchset is almost identical to as on noble:linux-gcp, the only changes were
to commit messages where necessary.

Original patchset fix description:

Patches requested in the support case:
980a573621ea ("tpm: Make chip->{status,cancel,req_canceled} opt")
770de678bc28 ("x86/sev: Add SVSM vTPM probe/send_command functions")
b2849b072366 ("svsm: Add header with SVSM_VTPM_CMD helpers")
93b7c6b3ce91 ("tpm: Add SNP SVSM vTPM driver")
e396dd85172c ("x86/sev: Register tpm-svsm platform device")

The config for all kernels must have CONFIG_TCG_SVSM=y

Noble also requires the changes from this pull request:
https://lore.kernel.org/lkml/20240716095557.GAZpZDrdC3HA0Zilxr@fat_crate.local/
and CONFIG_SEV_GUEST=m/y and CONFIG_TSM_REPORTS=y

Besides context adjustments, Noble required some additional changes to its patchset.
Three commits were added to enable 878e70dbd26e ("x86/sev: Check for the
presence of an SVSM in the SNP secrets page") to apply more smoothly:
  88ed43d32beb ("x86/sev: Rename snp_init() in boot/compressed/sev.c")
  e2f4c8c319ab ("x86/sev: Make the VMPL0 checking more straight forward")
  1e52550729da ("x86/sev: Shorten struct name snp_secrets_page_layout to snp_secrets_page")
One commit was dropped from the patchset because it was applied via stable updates:
  3991b04d4870 ("virt: sev-guest: Mark driver struct with __refdata to prevent section mismatch")
One commit was dropped because it fixes a bug not present in noble:linux-gcp:
  0440feb09079 ("x86/sev: Do RMP memory coverage check after max_pfn has been set")

[Test Plan]
Compile and boot tested. This patchset has been in place on GCP kernels for a
few cycles.

[Where problems could occur]
These changes are in core kernel confidential VM modules, so care should
be taken to ensure that patches are applied correctly to avoid creating new
security vulnerabilities. An issue with this patchset could result in critical
kernel failures in confidential compute VMs.

[Other]
SF #00409503

Borislav Petkov (AMD) (2):
  x86/sev: Move SEV compilation units
  Documentation/ABI/configfs-tsm: Fix an unexpected indentation silly

Ian Whitfield (1):
  UBUNTU: [Config] gke: Make tpm_svsm built-in

Jarkko Sakkinen (1):
  tpm: Make chip->{status,cancel,req_canceled} opt

Stefano Garzarella (4):
  x86/sev: Add SVSM vTPM probe/send_command functions
  svsm: Add header with SVSM_VTPM_CMD helpers
  tpm: Add SNP SVSM vTPM driver
  x86/sev: Register tpm-svsm platform device

Tom Lendacky (16):
  x86/irqflags: Provide native versions of the
    local_irq_save()/restore()
  x86/sev: Rename snp_init() in boot/compressed/sev.c
  x86/sev: Make the VMPL0 checking more straight forward
  x86/sev: Shorten struct name snp_secrets_page_layout to
    snp_secrets_page
  x86/sev: Check for the presence of an SVSM in the SNP secrets page
  x86/sev: Use kernel provided SVSM Calling Areas
  x86/sev: Perform PVALIDATE using the SVSM when not at VMPL0
  x86/sev: Use the SVSM to create a vCPU when not in VMPL0
  x86/sev: Provide SVSM discovery support
  x86/sev: Provide guest VMPL level to userspace
  virt: sev-guest: Choose the VMPCK key based on executing VMPL
  sev-guest: configfs-tsm: Allow the privlevel_floor attribute to be
    updated
  fs/configfs: Add a callback to determine attribute visibility
  x86/sev: Take advantage of configfs visibility support in TSM
  x86/sev: Extend the config-fs attestation support for an SVSM
  x86/sev: Allow non-VMPL0 execution when an SVSM is present

 Documentation/ABI/testing/configfs-tsm        |  63 +++
 .../ABI/testing/sysfs-devices-system-cpu      |  12 +
 .../arch/x86/amd-memory-encryption.rst        |  29 +-
 Documentation/virt/coco/sev-guest.rst         |  11 +
 arch/x86/boot/compressed/sev.c                | 263 +++++----
 arch/x86/coco/Makefile                        |   1 +
 arch/x86/coco/sev/Makefile                    |  15 +
 arch/x86/{kernel/sev.c => coco/sev/core.c}    | 524 +++++++++++++++---
 .../sev-shared.c => coco/sev/shared.c}        | 460 ++++++++++++++-
 arch/x86/include/asm/cpufeatures.h            |   1 +
 arch/x86/include/asm/irqflags.h               |  20 +
 arch/x86/include/asm/msr-index.h              |   2 +
 arch/x86/include/asm/sev-common.h             |  18 +
 arch/x86/include/asm/sev.h                    | 144 ++++-
 arch/x86/include/uapi/asm/svm.h               |   1 +
 arch/x86/kernel/Makefile                      |   5 -
 arch/x86/mm/mem_encrypt_amd.c                 |   8 +-
 debian.gke/config/annotations                 |   9 +
 drivers/char/tpm/Kconfig                      |  10 +
 drivers/char/tpm/Makefile                     |   1 +
 drivers/char/tpm/tpm-interface.c              |  30 +-
 drivers/char/tpm/tpm_ftpm_tee.c               |  20 -
 drivers/char/tpm/tpm_svsm.c                   | 125 +++++
 drivers/virt/coco/sev-guest/sev-guest.c       | 232 +++++++-
 drivers/virt/coco/tdx-guest/tdx-guest.c       |  26 +-
 drivers/virt/coco/tsm.c                       | 177 ++++--
 fs/configfs/dir.c                             |  10 +
 include/linux/configfs.h                      |   3 +
 include/linux/tpm_svsm.h                      | 149 +++++
 include/linux/tsm.h                           |  59 +-
 30 files changed, 2129 insertions(+), 299 deletions(-)
 create mode 100644 arch/x86/coco/sev/Makefile
 rename arch/x86/{kernel/sev.c => coco/sev/core.c} (82%)
 rename arch/x86/{kernel/sev-shared.c => coco/sev/shared.c} (72%)
 create mode 100644 drivers/char/tpm/tpm_svsm.c
 create mode 100644 include/linux/tpm_svsm.h

-- 
2.43.0

More information about the kernel-team mailing list