ci: patch ARM 6.1 guest kernel with VMGenID support

Linux support for VMGenID on ARM systems landed in kernel 6.10. We only
support up to kernel 6.1. So in order to be able to test VMGenID on ARM
systems we need to patch our 6.1 kernel to backport the 6.10 commits.

This commit adds the patches in our repo under
`resources/patches/vmgenid_dt` and changes rebuild.sh to patch 6.1
kernel on ARM before building it. Also, it enables `CONFIG_VMGENID` for
ARM 6.1 guest kernel.

Eventually we will switch to using guest kernels from Amazon Linux trees
hosted on Github, which they will eventually backport the relevant
patches. Once this is done we can drop the patches from our tree and we
won't need to manually patch them.

Signed-off-by: Babis Chalios <[email protected]>

Author: bchalios

resources/guest_configs/microvm-kernel-ci-aarch64-6.1.config

@@ -1943,6 +1943,7 @@ CONFIG_CHARLCD_BL_FLASH=y
 # CONFIG_UIO is not set
 # CONFIG_VFIO is not set
 CONFIG_VIRT_DRIVERS=y
+CONFIG_VMGENID=y
 CONFIG_VIRTIO=y
 CONFIG_VIRTIO_MENU=y
 CONFIG_VIRTIO_BALLOON=y

resources/patches/vmgenid_dt/0001-virt-vmgenid-change-implementation-to-use-a-platform.patch

@@ -0,0 +1,174 @@
+From 1e96eb7dd95b1908428195ef69a30effd562f947 Mon Sep 17 00:00:00 2001
+From: Sudan Landge <[email protected]>
+Date: Wed, 17 Apr 2024 12:40:42 +0200
+Subject: [PATCH 1/3] virt: vmgenid: change implementation to use a platform
+ driver
+
+Re-implement vmgenid as a platform driver in preparation for adding
+devicetree bindings support in next commits.
+
+Signed-off-by: Sudan Landge <[email protected]>
+Reviewed-by: Alexander Graf <[email protected]>
+Tested-by: Babis Chalios <[email protected]>
+[Jason: - Small style cleanups and refactoring.]
+Signed-off-by: Jason A. Donenfeld <[email protected]>
+---
+ drivers/virt/vmgenid.c | 99 +++++++++++++++++++++++++++---------------
+ 1 file changed, 65 insertions(+), 34 deletions(-)
+
+diff --git a/drivers/virt/vmgenid.c b/drivers/virt/vmgenid.c
+index a1c467a0e9f71..0522107f9beeb 100644
+--- a/drivers/virt/vmgenid.c
++++ b/drivers/virt/vmgenid.c
+@@ -7,9 +7,10 @@
+  * information to random.c.
+  */
+ 
++#include <linux/acpi.h>
+ #include <linux/kernel.h>
+ #include <linux/module.h>
+-#include <linux/acpi.h>
++#include <linux/platform_device.h>
+ #include <linux/random.h>
+ 
+ ACPI_MODULE_NAME("vmgenid");
+@@ -21,19 +22,41 @@ struct vmgenid_state {
+ 	u8 this_id[VMGENID_SIZE];
+ };
+ 
+-static int vmgenid_add(struct acpi_device *device)
++static void vmgenid_notify(struct device *device)
++{
++	struct vmgenid_state *state = device->driver_data;
++	u8 old_id[VMGENID_SIZE];
++
++	memcpy(old_id, state->this_id, sizeof(old_id));
++	memcpy(state->this_id, state->next_id, sizeof(state->this_id));
++	if (!memcmp(old_id, state->this_id, sizeof(old_id)))
++		return;
++	add_vmfork_randomness(state->this_id, sizeof(state->this_id));
++}
++
++static void setup_vmgenid_state(struct vmgenid_state *state, void *virt_addr)
+ {
++	state->next_id = virt_addr;
++	memcpy(state->this_id, state->next_id, sizeof(state->this_id));
++	add_device_randomness(state->this_id, sizeof(state->this_id));
++}
++
++static void vmgenid_acpi_handler(acpi_handle __always_unused handle,
++				 u32 __always_unused event, void *dev)
++{
++	vmgenid_notify(dev);
++}
++
++static int vmgenid_add_acpi(struct device *dev, struct vmgenid_state *state)
++{
++	struct acpi_device *device = ACPI_COMPANION(dev);
+ 	struct acpi_buffer parsed = { ACPI_ALLOCATE_BUFFER };
+-	struct vmgenid_state *state;
+ 	union acpi_object *obj;
+ 	phys_addr_t phys_addr;
+ 	acpi_status status;
++	void *virt_addr;
+ 	int ret = 0;
+ 
+-	state = devm_kmalloc(&device->dev, sizeof(*state), GFP_KERNEL);
+-	if (!state)
+-		return -ENOMEM;
+-
+ 	status = acpi_evaluate_object(device->handle, "ADDR", NULL, &parsed);
+ 	if (ACPI_FAILURE(status)) {
+ 		ACPI_EXCEPTION((AE_INFO, status, "Evaluating ADDR"));
+@@ -49,53 +72,61 @@ static int vmgenid_add(struct acpi_device *device)
+ 
+ 	phys_addr = (obj->package.elements[0].integer.value << 0) |
+ 		    (obj->package.elements[1].integer.value << 32);
+-	state->next_id = devm_memremap(&device->dev, phys_addr, VMGENID_SIZE, MEMREMAP_WB);
+-	if (IS_ERR(state->next_id)) {
+-		ret = PTR_ERR(state->next_id);
++
++	virt_addr = devm_memremap(&device->dev, phys_addr, VMGENID_SIZE, MEMREMAP_WB);
++	if (IS_ERR(virt_addr)) {
++		ret = PTR_ERR(virt_addr);
+ 		goto out;
+ 	}
++	setup_vmgenid_state(state, virt_addr);
+ 
+-	memcpy(state->this_id, state->next_id, sizeof(state->this_id));
+-	add_device_randomness(state->this_id, sizeof(state->this_id));
+-
+-	device->driver_data = state;
++	status = acpi_install_notify_handler(device->handle, ACPI_DEVICE_NOTIFY,
++					     vmgenid_acpi_handler, dev);
++	if (ACPI_FAILURE(status)) {
++		ret = -ENODEV;
++		goto out;
++	}
+ 
++	dev->driver_data = state;
+ out:
+ 	ACPI_FREE(parsed.pointer);
+ 	return ret;
+ }
+ 
+-static void vmgenid_notify(struct acpi_device *device, u32 event)
++static int vmgenid_add(struct platform_device *pdev)
+ {
+-	struct vmgenid_state *state = acpi_driver_data(device);
+-	u8 old_id[VMGENID_SIZE];
++	struct device *dev = &pdev->dev;
++	struct vmgenid_state *state;
++	int ret;
+ 
+-	memcpy(old_id, state->this_id, sizeof(old_id));
+-	memcpy(state->this_id, state->next_id, sizeof(state->this_id));
+-	if (!memcmp(old_id, state->this_id, sizeof(old_id)))
+-		return;
+-	add_vmfork_randomness(state->this_id, sizeof(state->this_id));
++	state = devm_kmalloc(dev, sizeof(*state), GFP_KERNEL);
++	if (!state)
++		return -ENOMEM;
++
++	ret = vmgenid_add_acpi(dev, state);
++
++	if (ret < 0)
++		devm_kfree(dev, state);
++	return ret;
+ }
+ 
+-static const struct acpi_device_id vmgenid_ids[] = {
++static const struct acpi_device_id vmgenid_acpi_ids[] = {
+ 	{ "VMGENCTR", 0 },
+ 	{ "VM_GEN_COUNTER", 0 },
+ 	{ }
+ };
+-
+-static struct acpi_driver vmgenid_driver = {
+-	.name = "vmgenid",
+-	.ids = vmgenid_ids,
+-	.owner = THIS_MODULE,
+-	.ops = {
+-		.add = vmgenid_add,
+-		.notify = vmgenid_notify
+-	}
++MODULE_DEVICE_TABLE(acpi, vmgenid_acpi_ids);
++
++static struct platform_driver vmgenid_plaform_driver = {
++	.probe      = vmgenid_add,
++	.driver     = {
++		.name   = "vmgenid",
++		.acpi_match_table = vmgenid_acpi_ids,
++	},
+ };
+ 
+-module_acpi_driver(vmgenid_driver);
++module_platform_driver(vmgenid_plaform_driver)
+ 
+-MODULE_DEVICE_TABLE(acpi, vmgenid_ids);
+ MODULE_DESCRIPTION("Virtual Machine Generation ID");
+ MODULE_LICENSE("GPL v2");
+ MODULE_AUTHOR("Jason A. Donenfeld <[email protected]>");
+-- 
+2.34.1
+

resources/patches/vmgenid_dt/0002-dt-bindings-rng-Add-vmgenid-support.patch

@@ -0,0 +1,135 @@
+From 477bd33715e9d669bc3d5968cd69108241ae099c Mon Sep 17 00:00:00 2001
+From: Sudan Landge <[email protected]>
+Date: Wed, 17 Apr 2024 12:40:45 +0200
+Subject: [PATCH 2/3] dt-bindings: rng: Add vmgenid support
+
+Virtual Machine Generation ID driver was introduced in commit
+af6b54e2b5ba ("virt: vmgenid: notify RNG of VM fork and supply
+generation ID"), as an ACPI only device.
+
+VMGenID specification http://go.microsoft.com/fwlink/?LinkId=260709
+defines a mechanism for the BIOS/hypervisors to communicate to the
+virtual machine that it is executed with a different configuration (e.g.
+snapshot execution or creation from a template).  The guest operating
+system can use the notification for various purposes such as
+re-initializing its random number generator etc.
+
+As per the specs, hypervisor should provide a globally unique
+identified, or GUID via ACPI.
+
+This patch tries to mimic the mechanism to provide the same
+functionality which is for a hypervisor/BIOS to notify the virtual
+machine when it is executed with a different configuration.
+
+As part of this support the devicetree bindings requires the hypervisors
+or BIOS to provide a memory address which holds the GUID and an IRQ
+which is used to notify when there is a change in the GUID.  The memory
+exposed in the DT should follow the rules defined in the vmgenid spec
+mentioned above.
+
+Reason for this change: Chosing ACPI or devicetree is an intrinsic part
+of an hypervisor design.  Without going into details of why a hypervisor
+would chose DT over ACPI, we would like to highlight that the
+hypervisors that have chose devicetree and now want to make use of the
+vmgenid functionality cannot do so today because vmgenid is an ACPI only
+device.  This forces these hypervisors to change their design which
+could have undesirable impacts on their use-cases, test-scenarios etc.
+
+The point of vmgenid is to provide a mechanism to discover a GUID when
+the execution state of a virtual machine changes and the simplest way to
+do it is pass a memory location and an interrupt via devicetree.  It
+would complicate things unnecessarily if instead of using devicetree, we
+try to implement a new protocol or modify other protocols to somehow
+provide the same functionility.
+
+We believe that adding a devicetree binding for vmgenid is a simpler,
+better alternative to provide the same functionality and will allow such
+hypervisors as mentioned above to continue using devicetree.
+
+More references to the vmgenid specs are found below.
+
+Signed-off-by: Sudan Landge <[email protected]>
+Reviewed-by: Rob Herring <[email protected]>
+Reviewed-by: Alexander Graf <[email protected]>
+Link: https://www.qemu.org/docs/master/specs/vmgenid.html
+Link: https://learn.microsoft.com/en-us/windows/win32/hyperv_v2/virtual-machine-generation-identifier
+Signed-off-by: Jason A. Donenfeld <[email protected]>
+---
+ .../bindings/rng/microsoft,vmgenid.yaml       | 49 +++++++++++++++++++
+ MAINTAINERS                                   |  3 +-
+ 2 files changed, 51 insertions(+), 1 deletion(-)
+ create mode 100644 Documentation/devicetree/bindings/rng/microsoft,vmgenid.yaml
+
+diff --git a/Documentation/devicetree/bindings/rng/microsoft,vmgenid.yaml b/Documentation/devicetree/bindings/rng/microsoft,vmgenid.yaml
+new file mode 100644
+index 0000000000000..8f20dee93e7ea
+--- /dev/null
++++ b/Documentation/devicetree/bindings/rng/microsoft,vmgenid.yaml
+@@ -0,0 +1,49 @@
++# SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
++%YAML 1.2
++---
++$id: http://devicetree.org/schemas/rng/microsoft,vmgenid.yaml#
++$schema: http://devicetree.org/meta-schemas/core.yaml#
++
++title: Virtual Machine Generation ID
++
++maintainers:
++  - Jason A. Donenfeld <[email protected]>
++
++description:
++  Firmwares or hypervisors can use this devicetree to describe an
++  interrupt and a shared resource to inject a Virtual Machine Generation ID.
++  Virtual Machine Generation ID is a globally unique identifier (GUID) and
++  the devicetree binding follows VMGenID specification defined in
++  http://go.microsoft.com/fwlink/?LinkId=260709.
++
++properties:
++  compatible:
++    const: microsoft,vmgenid
++
++  reg:
++    description:
++      Specifies a 16-byte VMGenID in endianness-agnostic hexadecimal format.
++    maxItems: 1
++
++  interrupts:
++    description:
++      Interrupt used to notify that a new VMGenID is available.
++    maxItems: 1
++
++required:
++  - compatible
++  - reg
++  - interrupts
++
++additionalProperties: false
++
++examples:
++  - |
++    #include <dt-bindings/interrupt-controller/arm-gic.h>
++    rng@80000000 {
++      compatible = "microsoft,vmgenid";
++      reg = <0x80000000 0x1000>;
++      interrupts = <GIC_SPI 35 IRQ_TYPE_EDGE_RISING>;
++    };
++
++...
+diff --git a/MAINTAINERS b/MAINTAINERS
+index 886d3f69ee644..792d1a8b6f422 100644
+--- a/MAINTAINERS
++++ b/MAINTAINERS
+@@ -17290,8 +17290,9 @@ F:	arch/mips/generic/board-ranchu.c
+ RANDOM NUMBER DRIVER
+ M:	"Theodore Ts'o" <[email protected]>
+ M:	Jason A. Donenfeld <[email protected]>
+-T:	git https://git.kernel.org/pub/scm/linux/kernel/git/crng/random.git
+ S:	Maintained
++T:	git https://git.kernel.org/pub/scm/linux/kernel/git/crng/random.git
++F:	Documentation/devicetree/bindings/rng/microsoft,vmgenid.yaml
+ F:	drivers/char/random.c
+ F:	drivers/virt/vmgenid.c
+ 
+-- 
+2.34.1
+