| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20210609214555.1955404-1-sathyanarayanan.kuppuswamy@linux.intel.com>
Date: Wed, 9 Jun 2021 14:45:45 -0700
From: Kuppuswamy Sathyanarayanan
<sathyanarayanan.kuppuswamy@...ux.intel.com>
To: Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
Peter Zijlstra <peterz@...radead.org>,
Andy Lutomirski <luto@...nel.org>
Cc: Peter H Anvin <hpa@...or.com>, Dave Hansen <dave.hansen@...el.com>,
Tony Luck <tony.luck@...el.com>,
Dan Williams <dan.j.williams@...el.com>,
Andi Kleen <ak@...ux.intel.com>,
Kirill Shutemov <kirill.shutemov@...ux.intel.com>,
Sean Christopherson <seanjc@...gle.com>,
Kuppuswamy Sathyanarayanan <knsathya@...nel.org>,
x86@...nel.org, linux-kernel@...r.kernel.org
Subject: [PATCH v1 00/10] Add TDX Guest Support (#VE handler support)
Hi All,
Intel's Trust Domain Extensions (TDX) protect guest VMs from malicious
hosts and some physical attacks. This series adds #VE handler support,
for port I/O, MMIO and MWAIT/MONITOR features in TDX guest.
This series is the continuation of the patch series titled "Add TDX Guest
Support (Initial support)" which added initial support for TDX guests. You
can find the patchset in the following link.
https://lore.kernel.org/patchwork/project/lkml/list/?series=502143
Protected Guest support patch which is common for both AMD SEV and TDX
guest is also included in this patch series because port IO #VE handler
support has dependency on it.
Also please note that this series alone is not necessarily fully
functional.
You can find TDX related documents in the following link.
https://software.intel.com/content/www/br/pt/develop/articles/intel-trust-domain-extensions.html
Andi Kleen (1):
x86/tdx: Handle early IO operations
Kirill A. Shutemov (6):
x86/io: Allow to override inX() and outX() implementation
x86/tdx: Handle port I/O
x86/insn-eval: Introduce insn_get_modrm_reg_ptr()
x86/insn-eval: Introduce insn_decode_mmio()
x86/sev-es: Use insn_decode_mmio() for MMIO implementation
x86/tdx: Handle in-kernel MMIO
Kuppuswamy Sathyanarayanan (3):
x86: Introduce generic protected guest abstraction
x86/tdx: Handle port I/O in decompression code
x86/tdx: Handle MWAIT and MONITOR
arch/Kconfig | 3 +
arch/x86/Kconfig | 2 +
arch/x86/boot/compressed/Makefile | 1 +
arch/x86/boot/compressed/tdcall.S | 3 +
arch/x86/include/asm/insn-eval.h | 13 ++
arch/x86/include/asm/io.h | 23 ++-
arch/x86/include/asm/protected_guest.h | 20 +++
arch/x86/include/asm/sev.h | 3 +
arch/x86/include/asm/tdx.h | 61 +++++++
arch/x86/kernel/head64.c | 3 +
arch/x86/kernel/sev.c | 186 +++++++--------------
arch/x86/kernel/tdx.c | 216 +++++++++++++++++++++++++
arch/x86/lib/insn-eval.c | 102 ++++++++++++
arch/x86/mm/mem_encrypt.c | 1 +
include/linux/protected_guest.h | 24 +++
15 files changed, 524 insertions(+), 137 deletions(-)
create mode 100644 arch/x86/boot/compressed/tdcall.S
create mode 100644 arch/x86/include/asm/protected_guest.h
create mode 100644 include/linux/protected_guest.h
--
2.25.1
Powered by blists - more mailing lists