| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 27 Feb 2024 18:20:39 -0500
From: Paolo Bonzini <pbonzini@...hat.com>
To: linux-kernel@...r.kernel.org,
kvm@...r.kernel.org
Cc: seanjc@...gle.com,
michael.roth@....com,
isaku.yamahata@...el.com,
thomas.lendacky@....com
Subject: [PATCH 00/21] TDX/SNP part 1 of n, for 6.9
This is a first set of, hopefully non-controversial patches from the
SNP and TDX series. They cover mostly changes to generic code and new
gmem APIs, and in general have already been reviewed when posted by
Isaku and Michael.
One important change is that the gmem hook for initializing memory
is designed to return -EEXIST if the page already exists in the
guestmemfd filemap. The idea is that the special case of
KVM_SEV_SNP_LAUNCH_UPDATE, where __kvm_gmem_get_pfn() is used to
return an uninitialized page and make it guest-owned, can be be done at
most once per page unless the ioctl fails.
Of course these patches add a bunch of dead code. This is intentional
because it's the only way to trim the large TDX (and to some extent SNP)
series to the point that it's possible to discuss them. The next step is
probably going to be the private<->shared page logic from the TDX series.
Paolo
Isaku Yamahata (5):
KVM: x86/mmu: Add Suppress VE bit to EPT
shadow_mmio_mask/shadow_present_mask
KVM: VMX: Introduce test mode related to EPT violation VE
KVM: x86/tdp_mmu: Init role member of struct kvm_mmu_page at
allocation
KVM: x86/tdp_mmu: Sprinkle __must_check
KVM: x86/mmu: Pass around full 64-bit error code for KVM page faults
Michael Roth (2):
KVM: x86: Add gmem hook for invalidating memory
KVM: x86: Add gmem hook for determining max NPT mapping level
Paolo Bonzini (6):
KVM: x86/mmu: pass error code back to MMU when async pf is ready
KVM: x86/mmu: Use PFERR_GUEST_ENC_MASK to indicate fault is private
KVM: guest_memfd: pass error up from filemap_grab_folio
filemap: add FGP_CREAT_ONLY
KVM: x86: Add gmem hook for initializing memory
KVM: guest_memfd: add API to undo kvm_gmem_get_uninit_pfn
Sean Christopherson (7):
KVM: x86: Split core of hypercall emulation to helper function
KVM: Allow page-sized MMU caches to be initialized with custom 64-bit
values
KVM: x86/mmu: Replace hardcoded value 0 for the initial value for SPTE
KVM: x86/mmu: Track shadow MMIO value on a per-VM basis
KVM: x86/mmu: Allow non-zero value for non-present SPTE and removed
SPTE
KVM: VMX: Move out vmx_x86_ops to 'main.c' to wrap VMX and TDX
KVM: VMX: Modify NMI and INTR handlers to take intr_info as function
argument
Tom Lendacky (1):
KVM: SEV: Use a VMSA physical address variable for populating VMCB
arch/x86/include/asm/kvm-x86-ops.h | 3 +
arch/x86/include/asm/kvm_host.h | 12 +
arch/x86/include/asm/vmx.h | 13 +
arch/x86/kvm/Makefile | 2 +-
arch/x86/kvm/mmu.h | 1 +
arch/x86/kvm/mmu/mmu.c | 55 ++--
arch/x86/kvm/mmu/mmu_internal.h | 6 +-
arch/x86/kvm/mmu/mmutrace.h | 2 +-
arch/x86/kvm/mmu/paging_tmpl.h | 4 +-
arch/x86/kvm/mmu/spte.c | 16 +-
arch/x86/kvm/mmu/spte.h | 21 +-
arch/x86/kvm/mmu/tdp_iter.h | 12 +
arch/x86/kvm/mmu/tdp_mmu.c | 74 +++--
arch/x86/kvm/svm/sev.c | 3 +-
arch/x86/kvm/svm/svm.c | 9 +-
arch/x86/kvm/svm/svm.h | 1 +
arch/x86/kvm/vmx/main.c | 168 +++++++++++
arch/x86/kvm/vmx/vmcs.h | 5 +
arch/x86/kvm/vmx/vmx.c | 460 +++++++++++------------------
arch/x86/kvm/vmx/vmx.h | 6 +-
arch/x86/kvm/vmx/x86_ops.h | 124 ++++++++
arch/x86/kvm/x86.c | 69 +++--
include/linux/kvm_host.h | 25 ++
include/linux/kvm_types.h | 1 +
include/linux/pagemap.h | 2 +
mm/filemap.c | 4 +
virt/kvm/Kconfig | 8 +
virt/kvm/guest_memfd.c | 120 +++++++-
virt/kvm/kvm_main.c | 16 +-
29 files changed, 855 insertions(+), 387 deletions(-)
create mode 100644 arch/x86/kvm/vmx/main.c
create mode 100644 arch/x86/kvm/vmx/x86_ops.h
--
2.39.0
Powered by blists - more mailing lists