[PATCH v2 0/4] Allow disabling RAPL during SNP initialization

Next message: Andrew Lunn: "Re: [PATCH v13 3/4] gpio: rpmsg: add generic rpmsg GPIO driver"
Previous message: Paul Menzel: "Re: [PATCH] tpm: Remove dead NULL check in tpm2_flush_space()"
Next in thread: Tycho Andersen: "[PATCH v2 1/4] crypto/ccp: Pass init_args to __sev_snp_init_locked()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Tycho Andersen

Date: Mon Apr 27 2026 - 16:51:47 EST

From: "Tycho Andersen (AMD)" <tycho@xxxxxxxxxx>

The PLATYPUS (https://platypusattack.com/platypus.pdf) attack paper
offers method for exfiltration via a low-resolution side channel using
Running Average Power Limit. Newer versions of the SEV firmware offer a
way to freeze these counters while initialized, so export this as an
option.

Changes from v1:
* add a blurb from the platypus attack paper about the side channel
* move the kernel parameter from the ccp driver to kvm_amd to make it
more obvious
* split off the SEV-ES feature detection into its own series:
https://lore.kernel.org/all/20260416232329.3408497-1-seanjc@xxxxxxxxxx/

v1 is here: https://lore.kernel.org/all/20260223162900.772669-1-tycho@xxxxxxxxxx/

Tycho Andersen (AMD) (4):
crypto/ccp: Pass init_args to __sev_snp_init_locked()
crypto/ccp: Support setting RAPL_DIS in SNP_INIT_EX
KVM: SEV: Add the kvm-amd.rapl_disable module parameter
KVM: selftests: Add a smoke test support for RAPL_DIS

.../admin-guide/kernel-parameters.txt | 5 +++
arch/x86/kvm/svm/sev.c | 8 +++++
drivers/crypto/ccp/sev-dev.c | 35 +++++++++++++------
include/linux/psp-sev.h | 2 ++
tools/testing/selftests/kvm/include/x86/sev.h | 1 +
.../selftests/kvm/x86/sev_smoke_test.c | 24 ++++++++++++-
6 files changed, 63 insertions(+), 12 deletions(-)

base-commit: 39f1c201b93f4ff71631bac72cff6eb155f976a4
--
2.53.0