lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 9 Feb 2022 20:07:52 +0000
From:   Sean Christopherson <seanjc@...gle.com>
To:     Borislav Petkov <bp@...en8.de>
Cc:     Kai Huang <kai.huang@...el.com>,
        "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>,
        tglx@...utronix.de, mingo@...hat.com, dave.hansen@...el.com,
        luto@...nel.org, peterz@...radead.org,
        sathyanarayanan.kuppuswamy@...ux.intel.com, aarcange@...hat.com,
        ak@...ux.intel.com, dan.j.williams@...el.com, david@...hat.com,
        hpa@...or.com, jgross@...e.com, jmattson@...gle.com,
        joro@...tes.org, jpoimboe@...hat.com, knsathya@...nel.org,
        pbonzini@...hat.com, sdeep@...are.com, tony.luck@...el.com,
        vkuznets@...hat.com, wanpengli@...cent.com, x86@...nel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCHv2 00/29] TDX Guest: TDX core support

On Wed, Feb 09, 2022, Borislav Petkov wrote:
> On Wed, Feb 09, 2022 at 04:50:08PM +0000, Sean Christopherson wrote:
> > An alternative idea would be to mirror what generic KVM does (virt/kvm/), and do:
> > 
> >   arch/x86/coco/<guest stuff>
> >   arch/x86/virt/<"generic" x86 host virtualization stuff>
> >   arch/x86/virt/coco/<host coco stuff>
> >   arch/x86/virt/kvm/
> > 
> > Though I can already hear the stable trees and downstream kernels crying out in
> > horror at moving arch/x86/kvm :-)
> 
> Hmmm, so I am still thinking about guest-only when we're talking about
> arch/x86/coco/.
> 
> Lemme look at the other virt things:
> 
> the kvm host virt stuff is in:
> 
> arch/x86/kvm/
> 
>  (btw, this is where the SEV host stuff is: arch/x86/kvm/svm/sev.c)
> 
> arch/x86/hyperv/ - looks like hyperv guest stuff
> 
> arch/x86/xen/ - xen guest stuff
> 
> arch/x86/kernel/cpu/vmware.c - vmware guest stuff
> 
> arch/x86/kernel/cpu/acrn.c - Acorn guest stuff
> 
> So we have a real mess. :-(

Don't forget :-)

  arch/x86/kernel/kvm.c - KVM guest stuff

> Not surprised though. So that last thing you're suggesting kinda makes
> sense but lemme tweak it a bit:
> 
> arch/x86/coco/<guest stuff>
> arch/x86/virt/<"generic" x86 host virtualization stuff>
> arch/x86/virt/tdx/ - no need for the "coco" thing - TDX is nothing but coco. TDX host
> stuff
> 
> arch/x86/virt/sev/ - ditto
> 
> and we'll keep arch/x86/kvm because of previous precedents with other
> things I've enumerated above.
> 
> Hmmm?

No objection to omitting "coco".  Though what about using "vmx" and "svm" instead
of "tdx" and "sev".  We lose the more explicit tie to coco, but it would mirror the
sub-directories in arch/x86/kvm/ and would avoid a mess in the scenario where tdx
or sev needs to share code with the non-coco side, e.g. I'm guessing TDX will need
to do VMXON.

  arch/x86/virt/vmx/
  	tdx.c
	vmx.c

  arch/x86/virt/svm/
  	sev.c
	sev-es.c
	sev-snp.c
  	svm.c

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ