| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ZMOFc+RfSuc5I+XB@yilunxu-OptiPlex-7050>
Date: Fri, 28 Jul 2023 17:08:03 +0800
From: Xu Yilun <yilun.xu@...el.com>
To: Sean Christopherson <seanjc@...gle.com>
Cc: Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
Dave Hansen <dave.hansen@...ux.intel.com>, x86@...nel.org,
Paolo Bonzini <pbonzini@...hat.com>,
linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
Andrew Cooper <Andrew.Cooper3@...rix.com>,
Kai Huang <kai.huang@...el.com>, Chao Gao <chao.gao@...el.com>
Subject: Re: [PATCH v4 10/19] x86/virt: KVM: Move VMXOFF helpers into KVM VMX
On 2023-07-21 at 13:18:50 -0700, Sean Christopherson wrote:
> Now that VMX is disabled in emergencies via the virt callbacks, move the
> VMXOFF helpers into KVM, the only remaining user.
Not sure if it's too early to mention.
Intel TDX Connect could be a future user, it is the TDX extension for
device security.
TDX uses SEAMCALL to interact with TDX Module, and SEAMCALL execution
requires VMXON. This is also true for TDX Connect. But TDX Connect
covers more controls out of KVM scope, like PCI IDE, SPDM, IOMMU.
IOW, other driver modules may use SEAMCALLs and in turn use VMXON/OFF
for TDX Connect.
I'm wondering if then we should again move VMXON/OFF helpers back to
virtext.h
Or, could we just keep vmxoff unchanged now?
Thanks,
Yilun
Powered by blists - more mailing lists