| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20191003212400.31130-8-rick.p.edgecombe@intel.com>
Date: Thu, 3 Oct 2019 14:23:54 -0700
From: Rick Edgecombe <rick.p.edgecombe@...el.com>
To: kvm@...r.kernel.org, linux-kernel@...r.kernel.org, x86@...nel.org,
linux-mm@...ck.org, luto@...nel.org, peterz@...radead.org,
dave.hansen@...el.com, pbonzini@...hat.com,
sean.j.christopherson@...el.com, keescook@...omium.org
Cc: kristen@...ux.intel.com, deneen.t.dock@...el.com,
Rick Edgecombe <rick.p.edgecombe@...el.com>
Subject: [RFC PATCH 07/13] kvm: Add docs for KVM_CAP_EXECONLY_MEM
Add documentation for the KVM_CAP_EXECONLY_MEM capability and
KVM_MEM_EXECONLY memslot.
Signed-off-by: Rick Edgecombe <rick.p.edgecombe@...el.com>
---
Documentation/virt/kvm/api.txt | 16 ++++++++++------
1 file changed, 10 insertions(+), 6 deletions(-)
diff --git a/Documentation/virt/kvm/api.txt b/Documentation/virt/kvm/api.txt
index 2d067767b617..a8001f996a8a 100644
--- a/Documentation/virt/kvm/api.txt
+++ b/Documentation/virt/kvm/api.txt
@@ -1096,6 +1096,7 @@ struct kvm_userspace_memory_region {
/* for kvm_memory_region::flags */
#define KVM_MEM_LOG_DIRTY_PAGES (1UL << 0)
#define KVM_MEM_READONLY (1UL << 1)
+#define KVM_MEM_EXECONLY (1UL << 2)
This ioctl allows the user to create, modify or delete a guest physical
memory slot. Bits 0-15 of "slot" specify the slot id and this value
@@ -1123,12 +1124,15 @@ It is recommended that the lower 21 bits of guest_phys_addr and userspace_addr
be identical. This allows large pages in the guest to be backed by large
pages in the host.
-The flags field supports two flags: KVM_MEM_LOG_DIRTY_PAGES and
-KVM_MEM_READONLY. The former can be set to instruct KVM to keep track of
-writes to memory within the slot. See KVM_GET_DIRTY_LOG ioctl to know how to
-use it. The latter can be set, if KVM_CAP_READONLY_MEM capability allows it,
-to make a new slot read-only. In this case, writes to this memory will be
-posted to userspace as KVM_EXIT_MMIO exits.
+The flags field supports three flags: KVM_MEM_LOG_DIRTY_PAGES, KVM_MEM_READONLY
+and KVM_MEM_EXECONLY. KVM_MEM_LOG_DIRTY_PAGES can be set to instruct KVM to
+keep track of writes to memory within the slot. See KVM_GET_DIRTY_LOG ioctl to
+know how to use it. KVM_MEM_READONLY can be set, if KVM_CAP_READONLY_MEM
+capability allows it, to make a new slot read-only. In this case, writes to
+this memory will be posted to userspace as KVM_EXIT_MMIO exits. KVM_MEM_EXECONLY
+can be set, if KVM_CAP_EXECONLY_MEM capability allows it, to make a new slot
+exec-only. Guest read accesses to KVM_CAP_EXECONLY_MEM will trigger an
+appropriate fault injected into the guest, in support of X86_FEATURE_KVM_XO.
When the KVM_CAP_SYNC_MMU capability is available, changes in the backing of
the memory region are automatically reflected into the guest. For example, an
--
2.17.1
Powered by blists - more mailing lists