lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 27 Oct 2022 12:49:34 -0400
From:   Paolo Bonzini <pbonzini@...hat.com>
To:     linux-kernel@...r.kernel.org, kvm@...r.kernel.org
Cc:     mlevitsk@...hat.com, seanjc@...gle.com
Subject: [PATCH v3 0/10] KVM: x86: allow compiling out SMM support

Some users of KVM implement the UEFI variable store through a paravirtual device
that does not require the "SMM lockbox" component of edk2; allow them to
compile out system management mode, which is not a full implementation
especially in how it interacts with nested virtualization.

In order to limit the number and especially the size of the #ifdefs,
the first 4 patches move most SMM code to a completely new file in
arch/x86/kvm.  Patch 5 is the main change to introduce the Kconfig
symbol and key smm.c's compilation off it; patches 6-10 instead
eliminate other bits of SMM code that remain outside smm.c.

Paolo

v2->v3: remove kvm_smm_changed stub as well as more code in KVM_GET_VCPU_EVENTS
	leave kvm_apic_init_sipi_allowed inline
	change placement Kconfig to generate the right menu hierarchy

Paolo Bonzini (9):
  KVM: x86: start moving SMM-related functions to new files
  KVM: x86: move SMM entry to a new file
  KVM: x86: move SMM exit to a new file
  KVM: x86: do not go through ctxt->ops when emulating rsm
  KVM: allow compiling out SMM support
  KVM: x86: compile out vendor-specific code if SMM is disabled
  KVM: x86: remove SMRAM address space if SMM is not supported
  KVM: x86: do not define KVM_REQ_SMI if SMM disabled
  KVM: zero output of KVM_GET_VCPU_EVENTS before filling in the struct

Sean Christopherson (1):
  KVM: x86: do not define SMM-related constants if SMM disabled

 arch/x86/include/asm/kvm-x86-ops.h            |   2 +
 arch/x86/include/asm/kvm_host.h               |  25 +-
 arch/x86/kvm/Kconfig                          |  11 +
 arch/x86/kvm/Makefile                         |   1 +
 arch/x86/kvm/emulate.c                        | 355 +----------
 arch/x86/kvm/kvm_cache_regs.h                 |   5 -
 arch/x86/kvm/kvm_emulate.h                    |  47 +-
 arch/x86/kvm/lapic.c                          |   8 +-
 arch/x86/kvm/lapic.h                          |   2 +-
 arch/x86/kvm/mmu/mmu.c                        |   1 +
 arch/x86/kvm/smm.c                            | 576 ++++++++++++++++++
 arch/x86/kvm/smm.h                            |  37 ++
 arch/x86/kvm/svm/nested.c                     |   3 +
 arch/x86/kvm/svm/svm.c                        |  11 +-
 arch/x86/kvm/vmx/nested.c                     |   1 +
 arch/x86/kvm/vmx/vmx.c                        |   7 +
 arch/x86/kvm/x86.c                            | 371 ++---------
 tools/testing/selftests/kvm/x86_64/smm_test.c |   2 +
 18 files changed, 741 insertions(+), 724 deletions(-)
 create mode 100644 arch/x86/kvm/smm.c
 create mode 100644 arch/x86/kvm/smm.h

-- 
2.31.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ