AWS: add the nitro_enclaves driver

Bug #1903087 reported by Kamal Mostafa
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux-aws (Ubuntu)
Fix Released
Undecided
Kamal Mostafa
Focal
Fix Released
Undecided
Kamal Mostafa
Groovy
Fix Released
Undecided
Kamal Mostafa
Hirsute
Fix Released
Undecided
Kamal Mostafa

Bug Description

Add the nitro_enclaves driver from mainline to linux-aws/{focal,bionic-5.4} and linux-aws/{groovy,hirsute}. The driver is supplied by the following mainline commits, which are all clean cherry picks for groovy with a couple of trivial backports for focal:

e82ed736ad2d MAINTAINERS: Add entry for the Nitro Enclaves driver
bf15d79ce142 nitro_enclaves: Add overview documentation
acc4229c3990 nitro_enclaves: Add sample for ioctl interface usage
0f5c7b748439 nitro_enclaves: Add Makefile for the Nitro Enclaves driver
07499cc661a9 nitro_enclaves: Add Kconfig for the Nitro Enclaves driver
9c8eb50fe9e2 nitro_enclaves: Add logic for terminating an enclave
111c775a5f0d nitro_enclaves: Add logic for starting an enclave
7dc9d4309fdb nitro_enclaves: Add logic for setting an enclave memory region
988b7a471726 nitro_enclaves: Add logic for getting the enclave image load info
ff8a4d3e3a99 nitro_enclaves: Add logic for setting an enclave vCPU
38907e124088 nitro_enclaves: Add logic for creating an enclave VM
bd47c995c0e4 nitro_enclaves: Init misc device providing the ioctl interface
e5d616d8bb50 nitro_enclaves: Handle out-of-band PCI device events
ad2b6980d0d3 nitro_enclaves: Handle PCI device command requests
89308c11ae3b nitro_enclaves: Init PCI device driver
1df624892c1e nitro_enclaves: Define enclave info for internal bookkeeping
0a44561768c5 nitro_enclaves: Define the PCI device interface
15b760c37ad3 nitro_enclaves: Add ioctl interface definition

linux-aws/focal also needs this prereq:

93ef1429e556 cpu/hotplug: Add new {add,remove}_cpu() functions

linux-aws/groovy also needs this related fix:

65b422d9b61b vsock: forward all packets to the host when no H2G is registered

[Impact]

 * Supplies driver needed to support AWS feature.

[Test Case]

 * T.B.D. (to be validated by AWS).

[Regression Potential]

 * Low: Just adds a new driver module which won't load by default.

Changed in linux-aws (Ubuntu):
status: New → In Progress
Changed in linux-aws (Ubuntu Groovy):
status: New → In Progress
Changed in linux-aws (Ubuntu Focal):
status: New → In Progress
Changed in linux-aws (Ubuntu Groovy):
assignee: nobody → Kamal Mostafa (kamalmostafa)
Changed in linux-aws (Ubuntu Focal):
assignee: nobody → Kamal Mostafa (kamalmostafa)
Revision history for this message
Kamal Mostafa (kamalmostafa) wrote :
Changed in linux-aws (Ubuntu Focal):
status: In Progress → Fix Committed
Changed in linux-aws (Ubuntu Groovy):
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (80.4 KiB)

This bug was fixed in the package linux-aws - 5.4.0-1030.31

---------------
linux-aws (5.4.0-1030.31) focal; urgency=medium

  * focal/linux-aws: 5.4.0-1030.31 -proposed tracker (LP: #1903158)

  * Focal update: v5.4.66 upstream stable release (LP: #1896824)
    - [Config] [aws] updateconfigs for VGACON_SOFT_SCROLLBACK

  * aws: disable strict IOMMU TLB invalidation by default (LP: #1902281)
    - SAUCE: [aws] iommu: set the default iommu-dma mode as non-strict

  * AWS: add the nitro_enclaves driver (LP: #1903087)
    - cpu/hotplug: Add new {add,remove}_cpu() functions
    - [Config][aws] update config for NITRO_ENCLAVES
    - nitro_enclaves: Add ioctl interface definition
    - nitro_enclaves: Define the PCI device interface
    - nitro_enclaves: Define enclave info for internal bookkeeping
    - nitro_enclaves: Init PCI device driver
    - nitro_enclaves: Handle PCI device command requests
    - nitro_enclaves: Handle out-of-band PCI device events
    - nitro_enclaves: Init misc device providing the ioctl interface
    - nitro_enclaves: Add logic for creating an enclave VM
    - nitro_enclaves: Add logic for setting an enclave vCPU
    - nitro_enclaves: Add logic for getting the enclave image load info
    - nitro_enclaves: Add logic for setting an enclave memory region
    - nitro_enclaves: Add logic for starting an enclave
    - nitro_enclaves: Add logic for terminating an enclave
    - nitro_enclaves: Add Kconfig for the Nitro Enclaves driver
    - nitro_enclaves: Add Makefile for the Nitro Enclaves driver
    - nitro_enclaves: Add sample for ioctl interface usage
    - nitro_enclaves: Add overview documentation
    - MAINTAINERS: Add entry for the Nitro Enclaves driver

  [ Ubuntu: 5.4.0-55.61 ]

  * focal/linux: 5.4.0-55.61 -proposed tracker (LP: #1903175)
  * Update kernel packaging to support forward porting kernels (LP: #1902957)
    - [Debian] Update for leader included in BACKPORT_SUFFIX
  * Avoid double newline when running insertchanges (LP: #1903293)
    - [Packaging] insertchanges: avoid double newline
  * EFI: Fails when BootCurrent entry does not exist (LP: #1899993)
    - efivarfs: Replace invalid slashes with exclamation marks in dentries.
  * CVE-2020-14351
    - perf/core: Fix race in the perf_mmap_close() function
  * raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - md/raid10: extend r10bio devs to raid disks
    - md/raid10: pull codes that wait for blocked dev into one function
    - md/raid10: improve raid10 discard request
    - md/raid10: improve discard request for far layout
    - dm raid: fix discard limits for raid1 and raid10
    - dm raid: remove unnecessary discard limits for raid10
  * Bionic: btrfs: kernel BUG at /build/linux-
    eTBZpZ/linux-4.15.0/fs/btrfs/ctree.c:3233! (LP: #1902254)
    - btrfs: drop unnecessary offset_in_page in extent buffer helpers
    - btrfs: extent_io: do extra check for extent buffer read write functions
    - btrfs: extent-tree: kill BUG_ON() in __btrfs_free_extent()
    - btrfs: extent-tree: kill the BUG_ON() in insert_inline_extent_backref()
   ...

Changed in linux-aws (Ubuntu Focal):
status: Fix Committed → Fix Released
description: updated
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (52.4 KiB)

This bug was fixed in the package linux-aws - 5.8.0-1014.15

---------------
linux-aws (5.8.0-1014.15) groovy; urgency=medium

  * groovy/linux-aws: 5.8.0-1014.15 -proposed tracker (LP: #1903182)

  * Groovy update: v5.8.15 upstream stable release (LP: #1902130)
    - [Packaging] [aws] module ocelot_board rename

  * AWS: add the nitro_enclaves driver (LP: #1903087)
    - [Config][aws] update config for NITRO_ENCLAVES
    - nitro_enclaves: Add ioctl interface definition
    - nitro_enclaves: Define the PCI device interface
    - nitro_enclaves: Define enclave info for internal bookkeeping
    - nitro_enclaves: Init PCI device driver
    - nitro_enclaves: Handle PCI device command requests
    - nitro_enclaves: Handle out-of-band PCI device events
    - nitro_enclaves: Init misc device providing the ioctl interface
    - nitro_enclaves: Add logic for creating an enclave VM
    - nitro_enclaves: Add logic for setting an enclave vCPU
    - nitro_enclaves: Add logic for getting the enclave image load info
    - nitro_enclaves: Add logic for setting an enclave memory region
    - nitro_enclaves: Add logic for starting an enclave
    - nitro_enclaves: Add logic for terminating an enclave
    - nitro_enclaves: Add Kconfig for the Nitro Enclaves driver
    - nitro_enclaves: Add Makefile for the Nitro Enclaves driver
    - nitro_enclaves: Add sample for ioctl interface usage
    - nitro_enclaves: Add overview documentation
    - MAINTAINERS: Add entry for the Nitro Enclaves driver

  * aws: improve hibernation reliability in groovy (LP: #1902926)
    - [Config] [aws] disable CONFIG_INPUT_XEN_KBDDEV_FRONTEND
    - [Config] [aws] disable CONFIG_XEN_BALLOON on amd64
    - [Config] [aws] enforce CONFIG_XEN_NETDEV_FRONTEND
    - [Config] [aws] remove all sound-related modules

  * xen hibernation support for linux-aws (LP: #1732512)
    - [Config] [aws] make sure CONFIG_SUSPEND is disabled
    - [Config] [aws] disable CONFIG_XEN_FBDEV_FRONTEND

  * aws: disable CONFIG_DMA_CMA (LP: #1879711)
    - [Config] [aws] make sure CONFIG_FB_HYPERV is disabled

  * aws: update patch to batch hibernate and resume IO requests (LP: #1902864)
    - Revert "UBUNTU: SAUCE: [aws] PM / hibernate: Speed up hibernation by
      batching requests"
    - PM: hibernate: Batch hibernate and resume IO requests

  * aws: disable strict IOMMU TLB invalidation by default (LP: #1902281)
    - SAUCE: [aws] iommu: set the default iommu-dma mode as non-strict

  [ Ubuntu: 5.8.0-30.32 ]

  * groovy/linux: 5.8.0-30.32 -proposed tracker (LP: #1903194)
  * Update kernel packaging to support forward porting kernels (LP: #1902957)
    - [Debian] Update for leader included in BACKPORT_SUFFIX
  * Avoid double newline when running insertchanges (LP: #1903293)
    - [Packaging] insertchanges: avoid double newline
  * EFI: Fails when BootCurrent entry does not exist (LP: #1899993)
    - efivarfs: Replace invalid slashes with exclamation marks in dentries.
  * raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - md/raid10: extend r10bio devs to raid disks
    - md/raid10: pull...

Changed in linux-aws (Ubuntu Groovy):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-aws - 5.8.0-1018.20+21.04.1

---------------
linux-aws (5.8.0-1018.20+21.04.1) hirsute; urgency=medium

  * Packaging resync (LP: #1786013)
    - update dkms package versions

  [ Ubuntu: 5.8.0-1018.20 ]

  * debian/scripts/file-downloader does not handle positive failures correctly
    (LP: #1878897)
    - [Packaging] file-downloader not handling positive failures correctly
  * Packaging resync (LP: #1786013)
    - update dkms package versions
  * CVE-2021-1052 // CVE-2021-1053
    - [Packaging] NVIDIA -- Add the NVIDIA 460 driver

 -- Thadeu Lima de Souza Cascardo <email address hidden> Thu, 07 Jan 2021 10:47:22 -0300

Changed in linux-aws (Ubuntu Hirsute):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers