lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 9 Jun 2021 14:45:45 -0700 From: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@...ux.intel.com> To: Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>, Peter Zijlstra <peterz@...radead.org>, Andy Lutomirski <luto@...nel.org> Cc: Peter H Anvin <hpa@...or.com>, Dave Hansen <dave.hansen@...el.com>, Tony Luck <tony.luck@...el.com>, Dan Williams <dan.j.williams@...el.com>, Andi Kleen <ak@...ux.intel.com>, Kirill Shutemov <kirill.shutemov@...ux.intel.com>, Sean Christopherson <seanjc@...gle.com>, Kuppuswamy Sathyanarayanan <knsathya@...nel.org>, x86@...nel.org, linux-kernel@...r.kernel.org Subject: [PATCH v1 00/10] Add TDX Guest Support (#VE handler support) Hi All, Intel's Trust Domain Extensions (TDX) protect guest VMs from malicious hosts and some physical attacks. This series adds #VE handler support, for port I/O, MMIO and MWAIT/MONITOR features in TDX guest. This series is the continuation of the patch series titled "Add TDX Guest Support (Initial support)" which added initial support for TDX guests. You can find the patchset in the following link. https://lore.kernel.org/patchwork/project/lkml/list/?series=502143 Protected Guest support patch which is common for both AMD SEV and TDX guest is also included in this patch series because port IO #VE handler support has dependency on it. Also please note that this series alone is not necessarily fully functional. You can find TDX related documents in the following link. https://software.intel.com/content/www/br/pt/develop/articles/intel-trust-domain-extensions.html Andi Kleen (1): x86/tdx: Handle early IO operations Kirill A. Shutemov (6): x86/io: Allow to override inX() and outX() implementation x86/tdx: Handle port I/O x86/insn-eval: Introduce insn_get_modrm_reg_ptr() x86/insn-eval: Introduce insn_decode_mmio() x86/sev-es: Use insn_decode_mmio() for MMIO implementation x86/tdx: Handle in-kernel MMIO Kuppuswamy Sathyanarayanan (3): x86: Introduce generic protected guest abstraction x86/tdx: Handle port I/O in decompression code x86/tdx: Handle MWAIT and MONITOR arch/Kconfig | 3 + arch/x86/Kconfig | 2 + arch/x86/boot/compressed/Makefile | 1 + arch/x86/boot/compressed/tdcall.S | 3 + arch/x86/include/asm/insn-eval.h | 13 ++ arch/x86/include/asm/io.h | 23 ++- arch/x86/include/asm/protected_guest.h | 20 +++ arch/x86/include/asm/sev.h | 3 + arch/x86/include/asm/tdx.h | 61 +++++++ arch/x86/kernel/head64.c | 3 + arch/x86/kernel/sev.c | 186 +++++++-------------- arch/x86/kernel/tdx.c | 216 +++++++++++++++++++++++++ arch/x86/lib/insn-eval.c | 102 ++++++++++++ arch/x86/mm/mem_encrypt.c | 1 + include/linux/protected_guest.h | 24 +++ 15 files changed, 524 insertions(+), 137 deletions(-) create mode 100644 arch/x86/boot/compressed/tdcall.S create mode 100644 arch/x86/include/asm/protected_guest.h create mode 100644 include/linux/protected_guest.h -- 2.25.1
Powered by blists - more mailing lists