On 6/21/24 08:40, Michael Roth wrote: > Version 2 of GHCB specification added support for the SNP Extended Guest > Request Message NAE event. This event serves a nearly identical purpose > to the previously-added SNP_GUEST_REQUEST event, but for certain message > types it allows the guest to supply a buffer to be used for additional > information in some cases. > > Currently the GHCB spec only defines extended handling of this sort in > the case of attestation requests, where the additional buffer is used to > supply a table of certificate data corresponding to the attestion > report's signing key. Support for this extended handling will require > additional KVM APIs to handle coordinating with userspace. > > Whether or not the hypervisor opts to provide this certificate data is > optional. However, support for processing SNP_EXTENDED_GUEST_REQUEST > GHCB requests is required by the GHCB 2.0 specification for SNP guests, > so for now implement a stub implementation that provides an empty > certificate table to the guest if it supplies an additional buffer, but > otherwise behaves identically to SNP_GUEST_REQUEST. > > Signed-off-by: Michael Roth <michael.roth@xxxxxxx> Reviewed-by: Tom Lendacky <thomas.lendacky@xxxxxxx> > --- > arch/x86/kvm/svm/sev.c | 60 ++++++++++++++++++++++++++++++++++++++++++ > 1 file changed, 60 insertions(+) >
