| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250226181453.2311849-1-pbonzini@redhat.com>
Date: Wed, 26 Feb 2025 13:14:19 -0500
From: Paolo Bonzini <pbonzini@...hat.com>
To: linux-kernel@...r.kernel.org,
kvm@...r.kernel.org
Cc: seanjc@...gle.com,
Yan Zhao <yan.y.zhao@...el.com>,
Rick Edgecombe <rick.p.edgecombe@...el.com>
Subject: [PATCH v4 00/33] TDX initialization + vCPU/VM creation
Hi,
Here is v4 of TDX VM/vCPU creation series. The main change is to rebase
on top of Sean's "KVM: x86: Free vCPUs before freeing VM state" which
will go into v6.14. Instead of introducing separate vm_destroy and
vm_free callbacks, vm_destroy is moved at end of kvm_arch_destroy_vm.
Detailed changelog from v3:
KVM: VMX: Refactor VMX module init/exit functions
- fix modpost issues [Kai]
KVM: VMX: Initialize TDX during KVM module load
- extract cpus_read_lock() out of __do_tdx_cleanup [Kai, Chao]
- removed kvm_can_support_tdx()
KVM: TDX: Get system-wide info about TDX module on initialization
- fix for introduction of __tdx_cleanup
KVM: TDX: create/destroy VM structure
- included two patches from Sean's "Free vCPUs before freeing VM state" series
- replace vm_free hook with vm_destroy, introduce new vm_pre_destroy [Sean, Yan]
- rename tdx_vm_free to tdx_vm_destroy
- remove TDX_SEAMCALL_RETRIES from __tdx_reclaim_page
KVM: TDX: initialize VM with TDX specific parameters
- squashed "KVM: TDX: Set arch.has_protected_state to true" [Kai]
Paolo
Isaku Yamahata (13):
x86/virt/tdx: Add tdx_guest_keyid_alloc/free() to alloc and free TDX
guest KeyID
KVM: TDX: Add placeholders for TDX VM/vCPU structures
KVM: TDX: Define TDX architectural definitions
KVM: TDX: Add helper functions to print TDX SEAMCALL error
KVM: TDX: Add place holder for TDX VM specific mem_enc_op ioctl
KVM: TDX: Get system-wide info about TDX module on initialization
KVM: TDX: create/destroy VM structure
KVM: TDX: Support per-VM KVM_CAP_MAX_VCPUS extension check
KVM: TDX: add ioctl to initialize VM with TDX specific parameters
KVM: TDX: Make pmu_intel.c ignore guest TD case
KVM: TDX: Don't offline the last cpu of one package when there's TDX
guest
KVM: TDX: create/free TDX vcpu structure
KVM: TDX: Do TDX specific vcpu initialization
Kai Huang (5):
x86/virt/tdx: Read essential global metadata for KVM
KVM: Export hardware virtualization enabling/disabling functions
KVM: VMX: Refactor VMX module init/exit functions
KVM: VMX: Initialize TDX during KVM module load
KVM: TDX: Get TDX global information
Paolo Bonzini (3):
KVM: x86: move vm_destroy callback at end of kvm_arch_destroy_vm
x86/virt/tdx: allocate tdx_sys_info in static memory
KVM: x86: expose cpuid_entry2_find for TDX
Rick Edgecombe (6):
x86/virt/tdx: Add SEAMCALL wrappers for TDX KeyID management
x86/virt/tdx: Add SEAMCALL wrappers for TDX TD creation
x86/virt/tdx: Add SEAMCALL wrappers for TDX vCPU creation
x86/virt/tdx: Add SEAMCALL wrappers for TDX page cache management
x86/virt/tdx: Add SEAMCALL wrappers for TDX VM/vCPU field access
x86/virt/tdx: Add SEAMCALL wrappers for TDX flush operations
Sean Christopherson (3):
KVM: x86: Free vCPUs before freeing VM state
KVM: x86: Don't load/put vCPU when unloading its MMU during teardown
KVM: TDX: Add TDX "architectural" error codes
Xiaoyao Li (2):
KVM: x86: Introduce KVM_TDX_GET_CPUID
KVM: x86/mmu: Taking guest pa into consideration when calculate tdp
level
Zhiming Hu (1):
KVM: TDX: Register TDX host key IDs to cgroup misc controller
arch/x86/include/asm/kvm-x86-ops.h | 4 +-
arch/x86/include/asm/kvm_host.h | 2 +
arch/x86/include/asm/shared/tdx.h | 7 +-
arch/x86/include/asm/tdx.h | 59 +
.../tdx => include/asm}/tdx_global_metadata.h | 19 +
arch/x86/include/uapi/asm/kvm.h | 60 +
arch/x86/kvm/Kconfig | 12 +
arch/x86/kvm/Makefile | 1 +
arch/x86/kvm/cpuid.c | 33 +-
arch/x86/kvm/cpuid.h | 3 +
arch/x86/kvm/lapic.c | 1 +
arch/x86/kvm/mmu/mmu.c | 9 +-
arch/x86/kvm/vmx/main.c | 180 +-
arch/x86/kvm/vmx/pmu_intel.c | 52 +-
arch/x86/kvm/vmx/pmu_intel.h | 28 +
arch/x86/kvm/vmx/tdx.c | 1545 +++++++++++++++++
arch/x86/kvm/vmx/tdx.h | 90 +
arch/x86/kvm/vmx/tdx_arch.h | 130 ++
arch/x86/kvm/vmx/tdx_errno.h | 37 +
arch/x86/kvm/vmx/vmx.c | 23 +-
arch/x86/kvm/vmx/vmx.h | 37 +-
arch/x86/kvm/vmx/x86_ops.h | 22 +
arch/x86/kvm/x86.c | 27 +-
arch/x86/virt/vmx/tdx/tdx.c | 276 ++-
arch/x86/virt/vmx/tdx/tdx.h | 39 +-
arch/x86/virt/vmx/tdx/tdx_global_metadata.c | 50 +
include/linux/kvm_host.h | 9 +
include/linux/misc_cgroup.h | 4 +
kernel/cgroup/misc.c | 4 +
virt/kvm/kvm_main.c | 21 +-
30 files changed, 2669 insertions(+), 115 deletions(-)
rename arch/x86/{virt/vmx/tdx => include/asm}/tdx_global_metadata.h (58%)
create mode 100644 arch/x86/kvm/vmx/pmu_intel.h
create mode 100644 arch/x86/kvm/vmx/tdx.c
create mode 100644 arch/x86/kvm/vmx/tdx.h
create mode 100644 arch/x86/kvm/vmx/tdx_arch.h
create mode 100644 arch/x86/kvm/vmx/tdx_errno.h
--
2.43.5
Powered by blists - more mailing lists