lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <aApaGnFPhsWBZoQ2@linux.dev>
Date: Thu, 24 Apr 2025 08:34:50 -0700
From: Oliver Upton <oliver.upton@...ux.dev>
To: Karim Manaouil <karim.manaouil@...aro.org>
Cc: linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
	linux-arm-msm@...r.kernel.org, linux-arm-kernel@...ts.infradead.org,
	kvmarm@...ts.linux.dev, Alexander Graf <graf@...zon.com>,
	Alex Elder <elder@...nel.org>,
	Catalin Marinas <catalin.marinas@....com>,
	Fuad Tabba <tabba@...gle.com>, Joey Gouly <joey.gouly@....com>,
	Jonathan Corbet <corbet@....net>, Marc Zyngier <maz@...nel.org>,
	Mark Brown <broonie@...nel.org>,
	Mark Rutland <mark.rutland@....com>,
	Paolo Bonzini <pbonzini@...hat.com>,
	Prakruthi Deepak Heragu <quic_pheragu@...cinc.com>,
	Quentin Perret <qperret@...gle.com>, Rob Herring <robh@...nel.org>,
	Srinivas Kandagatla <srini@...nel.org>,
	Srivatsa Vaddagiri <quic_svaddagi@...cinc.com>,
	Will Deacon <will@...nel.org>,
	Haripranesh S <haripran@....qualcomm.com>,
	Carl van Schaik <cvanscha@....qualcomm.com>,
	Murali Nalajala <mnalajal@...cinc.com>,
	Sreenivasulu Chalamcharla <sreeniva@....qualcomm.com>,
	Trilok Soni <tsoni@...cinc.com>,
	Stefan Schmidt <stefan.schmidt@...aro.org>
Subject: Re: [RFC PATCH 00/34] Running Qualcomm's Gunyah Guests via KVM in EL1

On Thu, Apr 24, 2025 at 03:13:07PM +0100, Karim Manaouil wrote:
> This series introduces the capability of running Gunyah guests via KVM on
> Qualcomm SoCs shipped with Gunyah hypervisor [1] (e.g. RB3 Gen2).
> 
> The goal of this work is to port the existing Gunyah hypervisor support from a
> standalone driver interface [2] to KVM, with the aim of leveraging as much of the
> existing KVM infrastructure as possible to reduce duplication of effort around
> memory management (e.g. guest_memfd), irqfd, and other core components.
> 
> In short, Gunyah is a Type-1 hypervisor, meaning that it runs independently of any
> high-level OS kernel such as Linux and runs in a higher CPU privilege level than VMs.
> Gunyah is shipped as firmware and guests typically talk with Gunyah via hypercalls.
> KVM is designed to run as Type-2 hypervisor. This port allows KVM to run in EL1 and
> serve as the interface for VM lifecycle management,while offloading virtualization
> to Gunyah.

If you're keen on running your own hypervisor then I'm sorry, you get to
deal with it soup to nuts. Other hypervisors (e.g. mshv) have their own
kernel drivers for managing the host / UAPI parts of driving VMs.

The KVM arch interface is *internal* to KVM, not something to be
(ab)used for cramming in a non-KVM hypervisor. KVM and other hypervisors
can still share other bits of truly common infrastructure, like
guest_memfd.

I understand the value in what you're trying to do, but if you want it
to smell like KVM you may as well just let the user run it at EL2.

Thanks,
Oliver

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ