lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20241128004344.4072099-1-seanjc@google.com>
Date: Wed, 27 Nov 2024 16:43:38 -0800
From: Sean Christopherson <seanjc@...gle.com>
To: Sean Christopherson <seanjc@...gle.com>, Paolo Bonzini <pbonzini@...hat.com>
Cc: kvm@...r.kernel.org, linux-kernel@...r.kernel.org, 
	Tom Lendacky <thomas.lendacky@....com>, Binbin Wu <binbin.wu@...ux.intel.com>, 
	Isaku Yamahata <isaku.yamahata@...el.com>, Kai Huang <kai.huang@...el.com>, 
	Xiaoyao Li <xiaoyao.li@...el.com>
Subject: [PATCH v4 0/6] KVM: x86: Prep KVM hypercall handling for TDX

Effectively v4 of Binbin's series to handle hypercall exits to userspace in
a generic manner, so that TDX

Binbin and Kai, this is fairly different that what we last discussed.  While
sorting through Binbin's latest patch, I stumbled on what I think/hope is an
approach that will make life easier for TDX.  Rather than have common code
set the return value, _and_ have TDX implement a callback to do the same for
user return MSRs, just use the callback for all paths.

As for abusing vcpu->run->hypercall.ret... It's obviously a bit gross, but
I think it's a lesser evil than having multiple a one-line wrappers just to
trampoline in the return code.

v4:
 - Fix an SEV-* bug where KVM trips the WARN in is_64_bit_mode().
 - Add a pile of reworks to (hopefully) avoid as much duplicate code when
   TDX comes along.

v3: https://lore.kernel.org/all/20240826022255.361406-1-binbin.wu@linux.intel.com

Binbin Wu (1):
  KVM: x86: Add a helper to check for user interception of KVM
    hypercalls

Sean Christopherson (5):
  KVM: x86: Play nice with protected guests in complete_hypercall_exit()
  KVM: x86: Move "emulate hypercall" function declarations to x86.h
  KVM: x86: Bump hypercall stat prior to fully completing hypercall
  KVM: x86: Always complete hypercall via function callback
  KVM: x86: Refactor __kvm_emulate_hypercall() into a macro

 arch/x86/include/asm/kvm_host.h |  6 ----
 arch/x86/kvm/svm/sev.c          |  4 +--
 arch/x86/kvm/x86.c              | 50 +++++++++++----------------------
 arch/x86/kvm/x86.h              | 28 ++++++++++++++++++
 4 files changed, 47 insertions(+), 41 deletions(-)


base-commit: 4d911c7abee56771b0219a9fbf0120d06bdc9c14
-- 
2.47.0.338.g60cca15819-goog

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ