Merge drm/drm-next into drm-misc-next

Backmerging to get v6.2-rc6. Signed-off-by: Thomas Zimmermann <tzimmermann@suse.de>
author: Thomas Zimmermann <tzimmermann@suse.de> 2023-01-31 14:18:33 +0100
committer: Thomas Zimmermann <tzimmermann@suse.de> 2023-01-31 14:18:33 +0100
commit: df5bf3b942a8d344bd9cbbe6ac31c9a2ea1557a4 (patch)
tree: bfbcbe56b9f4f8b1e44242b80800a68b2ae5b2d6 /Documentation/x86/amd-memory-encryption.rst
parent: 532a38292c7213aa6d950e6a1b86659d08b5aa67 (diff)
parent: aebd8f0c6f8280ba35bc989f4a9ea47469d3589a (diff)
1 files changed, 36 insertions, 0 deletions
diff --git a/Documentation/x86/amd-memory-encryption.rst b/Documentation/x86/amd-memory-encryption.rst
index a1940ebe7be5..934310ce7258 100644
--- a/Documentation/x86/amd-memory-encryption.rst
+++ b/Documentation/x86/amd-memory-encryption.rst
@@ -95,3 +95,39 @@ by supplying mem_encrypt=on on the kernel command line.  However, if BIOS does
 not enable SME, then Linux will not be able to activate memory encryption, even
 if configured to do so by default or the mem_encrypt=on command line parameter
 is specified.
+
+Secure Nested Paging (SNP)
+==========================
+
+SEV-SNP introduces new features (SEV_FEATURES[1:63]) which can be enabled
+by the hypervisor for security enhancements. Some of these features need
+guest side implementation to function correctly. The below table lists the
+expected guest behavior with various possible scenarios of guest/hypervisor
+SNP feature support.
+
++-----------------+---------------+---------------+------------------+
+| Feature Enabled | Guest needs   | Guest has     | Guest boot       |
+| by the HV       | implementation| implementation| behaviour        |
++=================+===============+===============+==================+
+|      No         |      No       |      No       |     Boot         |
+|                 |               |               |                  |
++-----------------+---------------+---------------+------------------+
+|      No         |      Yes      |      No       |     Boot         |
+|                 |               |               |                  |
++-----------------+---------------+---------------+------------------+
+|      No         |      Yes      |      Yes      |     Boot         |
+|                 |               |               |                  |
++-----------------+---------------+---------------+------------------+
+|      Yes        |      No       |      No       | Boot with        |
+|                 |               |               | feature enabled  |
++-----------------+---------------+---------------+------------------+
+|      Yes        |      Yes      |      No       | Graceful boot    |
+|                 |               |               | failure          |
++-----------------+---------------+---------------+------------------+
+|      Yes        |      Yes      |      Yes      | Boot with        |
+|                 |               |               | feature enabled  |
++-----------------+---------------+---------------+------------------+
+
+More details in AMD64 APM[1] Vol 2: 15.34.10 SEV_STATUS MSR
+
+[1] https://www.amd.com/system/files/TechDocs/40332.pdf
author	Thomas Zimmermann <tzimmermann@suse.de>	2023-01-31 14:18:33 +0100
committer	Thomas Zimmermann <tzimmermann@suse.de>	2023-01-31 14:18:33 +0100
commit	df5bf3b942a8d344bd9cbbe6ac31c9a2ea1557a4 (patch)
tree	bfbcbe56b9f4f8b1e44242b80800a68b2ae5b2d6 /Documentation/x86/amd-memory-encryption.rst
parent	532a38292c7213aa6d950e6a1b86659d08b5aa67 (diff)
parent	aebd8f0c6f8280ba35bc989f4a9ea47469d3589a (diff)