lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sat, 1 Jun 2024 17:40:43 -0300
From: Jason Gunthorpe <jgg@...dia.com>
To: Steven Price <steven.price@....com>
Cc: Itaru Kitayama <itaru.kitayama@...ux.dev>, kvm@...r.kernel.org,
	kvmarm@...ts.linux.dev, Catalin Marinas <catalin.marinas@....com>,
	Marc Zyngier <maz@...nel.org>, Will Deacon <will@...nel.org>,
	James Morse <james.morse@....com>,
	Oliver Upton <oliver.upton@...ux.dev>,
	Suzuki K Poulose <suzuki.poulose@....com>,
	Zenghui Yu <yuzenghui@...wei.com>,
	linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org,
	Joey Gouly <joey.gouly@....com>,
	Alexandru Elisei <alexandru.elisei@....com>,
	Christoffer Dall <christoffer.dall@....com>,
	Fuad Tabba <tabba@...gle.com>, linux-coco@...ts.linux.dev,
	Ganapatrao Kulkarni <gankulkarni@...amperecomputing.com>
Subject: Re: [v2] Support for Arm CCA VMs on Linux

On Mon, Apr 15, 2024 at 09:14:47AM +0100, Steven Price wrote:

> The support for running in a guest is (I believe) in a good state
> and I don't expect to have to iterate much on that before merging -
> but, as always, that depends on the feedback received.

All the stuff I've been hearing about CC is that timely guest support
is a really important thing. Right now the majority of the CC world is
running on propritary hypervisors, it is the guest enablement that is
something a wide group of people will be able to actually consume and
use.

It needs to get into mainline to be able to reach distros about a year
before anyone offers an ARM CC VM to the public. Various x86 guest
only parts for CC are already merged.

The KVM side is absolutely really important as well, but x86 has
managed for a long time now with KVM being out of tree. The KVM side
is far more complex at least.

So I'd split out the guest side and just send it, I saw a few comments
already, but it looks like it shouldn't be an issue to make it this
cycle or next? Keep sending guest enablement updates when the spec is
stable and you have some way to do basic test.

Jason

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ