lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <86bjkqq9dp.wl-maz@kernel.org>
Date: Tue, 25 Nov 2025 18:01:38 +0000
From: Marc Zyngier <maz@...nel.org>
To: Anirudh Raybharam <anirudh@...rudhrb.com>
Cc: kys@...rosoft.com,
	haiyangz@...rosoft.com,
	wei.liu@...nel.org,
	decui@...rosoft.com,
	longli@...rosoft.com,
	catalin.marinas@....com,
	will@...nel.org,
	tglx@...utronix.de,
	Arnd Bergmann <arnd@...db.de>,
	akpm@...ux-foundation.org,
	agordeev@...ux.ibm.com,
	guoweikang.kernel@...il.com,
	osandov@...com,
	bsz@...zon.de,
	linux-hyperv@...r.kernel.org,
	linux-arm-kernel@...ts.infradead.org,
	linux-kernel@...r.kernel.org,
	linux-arch@...r.kernel.org
Subject: Re: [PATCH 2/3] irqchip/gic-v3: allocate one SGI for MSHV

On Tue, 25 Nov 2025 17:01:23 +0000,
Anirudh Raybharam <anirudh@...rudhrb.com> wrote:
> 
> From: Anirudh Rayabharam <anirudh@...rudhrb.com>
> 
> From: Anirudh Rayabharam (Microsoft) <anirudh@...rudhrb.com>
> 
> Currently SGIs are allocated only for the smp subsystem. The MSHV
> (Microsoft Hypervisor aka Hyper-V) code also needs an SGI that can be
> programmed into the SYNIC to receive intercepts from the hypervisor. The
> hypervisor would then assert this SGI whenever there is a guest
> VMEXIT.
> 
> Allocate one SGI for MSHV use in addition to the SGIs allocated for
> IPIs. When running under MSHV, the full SGI range can be used i.e. no
> need to reserve SGIs 8-15 for the secure firmware.
> 
> Since this SGI is needed only when running as a parent partition (i.e.
> we can create guest partitions), check for it before allocating an SGI.

Sorry, but that's not an acceptable situation.

SGIs are for Linux to use, nobody else, and that allocation must be
the same irrespective of whether Linux runs virtualised or not. This
also won't work with GICv5 (there are no SGIs at all), so this is
doomed from the very start, and would immediately create technical
debt.

If you want to signal an interrupt to Linux, expose a device with an
interrupt in a firmware table (i.e. not an SGI), and use that in your
driver.

Thanks,

	M.

-- 
Without deviation from the norm, progress is not possible.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ