| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aHEMBuVieGioMVaT@google.com>
Date: Fri, 11 Jul 2025 06:05:10 -0700
From: Sean Christopherson <seanjc@...gle.com>
To: Xiaoyao Li <xiaoyao.li@...el.com>
Cc: pbonzini@...hat.com, Adrian Hunter <adrian.hunter@...el.com>, kvm@...r.kernel.org,
rick.p.edgecombe@...el.com, kirill.shutemov@...ux.intel.com,
kai.huang@...el.com, reinette.chatre@...el.com, tony.lindgren@...ux.intel.com,
binbin.wu@...ux.intel.com, isaku.yamahata@...el.com,
linux-kernel@...r.kernel.org, yan.y.zhao@...el.com, chao.gao@...el.com
Subject: Re: [PATCH V4 0/1] KVM: TDX: Decrease TDX VM shutdown time
On Fri, Jul 11, 2025, Xiaoyao Li wrote:
> On 6/26/2025 11:58 PM, Sean Christopherson wrote:
> > On Wed, Jun 25, 2025, Sean Christopherson wrote:
> > > On Wed, 11 Jun 2025 12:51:57 +0300, Adrian Hunter wrote:
> > > > Changes in V4:
> > > >
> > > > Drop TDX_FLUSHVP_NOT_DONE change. It will be done separately.
> > > > Use KVM_BUG_ON() instead of WARN_ON().
> > > > Correct kvm_trylock_all_vcpus() return value.
> > > >
> > > > Changes in V3:
> > > > Refer:
> > > > https://lore.kernel.org/r/aAL4dT1pWG5dDDeo@google.com
> > > >
> > > > [...]
> > >
> > > Applied to kvm-x86 vmx, thanks!
> > >
> > > [1/1] KVM: TDX: Add sub-ioctl KVM_TDX_TERMINATE_VM
> > > https://github.com/kvm-x86/linux/commit/111a7311a016
> >
> > Fixed up to address a docs goof[*], new hash:
> >
> > https://github.com/kvm-x86/linux/commit/e4775f57ad51
> >
> > [*] https://lore.kernel.org/all/20250626171004.7a1a024b@canb.auug.org.au
>
> Hi Sean,
>
> I think it's targeted for v6.17, right?
>
> If so, do we need the enumeration for the new TDX ioctl? Yes, the userspace
> could always try and ignore the failure. But since the ship has not sailed,
> I would like to report it and hear your opinion.
Bugger, you're right. It's sitting at the top of 'kvm-x86 vmx', so it should be
easy enough to tack on a capability.
This?
diff --git a/Documentation/virt/kvm/api.rst b/Documentation/virt/kvm/api.rst
index f0d961436d0f..dcb879897cab 100644
--- a/Documentation/virt/kvm/api.rst
+++ b/Documentation/virt/kvm/api.rst
@@ -9147,6 +9147,13 @@ KVM exits with the register state of either the L1 or L2 guest
depending on which executed at the time of an exit. Userspace must
take care to differentiate between these cases.
+8.46 KVM_CAP_TDX_TERMINATE_VM
+-----------------------------
+
+:Architectures: x86
+
+This capability indicates that KVM supports the KVM_TDX_TERMINATE_VM sub-ioctl.
+
9. Known KVM API problems
=========================
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index b58a74c1722d..e437a50429d3 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -4823,6 +4823,9 @@ int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext)
case KVM_CAP_READONLY_MEM:
r = kvm ? kvm_arch_has_readonly_mem(kvm) : 1;
break;
+ case KVM_CAP_TDX_TERMINATE_VM:
+ r = !!(kvm_caps.supported_vm_types & BIT(KVM_X86_TDX_VM));
+ break;
default:
break;
}
diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h
index 7a4c35ff03fe..54293df4a342 100644
--- a/include/uapi/linux/kvm.h
+++ b/include/uapi/linux/kvm.h
@@ -960,6 +960,7 @@ struct kvm_enable_cap {
#define KVM_CAP_ARM_EL2 240
#define KVM_CAP_ARM_EL2_E2H0 241
#define KVM_CAP_RISCV_MP_STATE_RESET 242
+#define KVM_CAP_TDX_TERMINATE_VM 243
struct kvm_irq_routing_irqchip {
__u32 irqchip;
Powered by blists - more mailing lists