On Wed, May 15, 2024 at 01:32:24PM -0700, Sean Christopherson wrote:
> On Tue, May 14, 2024, Mickaël Salaün wrote:
> > On Fri, May 10, 2024 at 10:07:00AM +, Nicolas Saenz Julienne wrote:
> > > Development happens
> > > https://github.com/vianpl/{linux,qemu,kvm-u
On Fri, May 10, 2024 at 10:07:00AM +, Nicolas Saenz Julienne wrote:
> On Tue May 7, 2024 at 4:16 PM UTC, Sean Christopherson wrote:
> > > If yes, that would indeed require a *lot* of work for something we're not
> > > sure will be accepted later on.
> >
> > Yes and no. The AWS folks are
On Tue, May 07, 2024 at 09:16:06AM -0700, Sean Christopherson wrote:
> On Tue, May 07, 2024, Mickaël Salaün wrote:
> > > Actually, potential bad/crazy idea. Why does the _host_ need to define
> > > policy?
> > > Linux already knows what assets it wants to
On Mon, May 06, 2024 at 06:34:53PM GMT, Sean Christopherson wrote:
> On Mon, May 06, 2024, Mickaël Salaün wrote:
> > On Fri, May 03, 2024 at 07:03:21AM GMT, Sean Christopherson wrote:
> > > > ---
> > > >
> > > > Changes since v1:
> > > >
On Fri, May 03, 2024 at 07:03:21AM GMT, Sean Christopherson wrote:
> On Fri, May 03, 2024, Mickaël Salaün wrote:
> > Add an interface for user space to be notified about guests' Heki policy
> > and related violations.
> >
> > Extend the KVM_ENABLE_CAP IOCTL
Kees Cook
Cc: Paolo Bonzini
Cc: Sean Christopherson
Cc: Thomas Gleixner
Cc: Vitaly Kuznetsov
Cc: Wanpeng Li
Co-developed-by: Mickaël Salaün
Signed-off-by: Mickaël Salaün
Signed-off-by: Madhavan T. Venkataraman
Link: https://lore.kernel.org/r/20240503131910.307630-2-...@digikod.net
---
Chan
ok 1 test_cr_disable_smep
ok 1 heki_x86
Link: https://lore.kernel.org/r/20240229170409.365386-2-...@digikod.net [1]
Signed-off-by: Mickaël Salaün
Link: https://lore.kernel.org/r/20240503131910.307630-6-...@digikod.net
---
Changes since v2:
* Make tests standalone (e.g. don't depends
. Venkataraman
Cc: Paolo Bonzini
Cc: Sean Christopherson
Cc: Thomas Gleixner
Cc: Vitaly Kuznetsov
Cc: Wanpeng Li
Signed-off-by: Mickaël Salaün
Link: https://lore.kernel.org/r/20240503131910.307630-4-...@digikod.net
---
Changes since v1:
* New patch. Making user space aware of Heki properties
Bonzini
Cc: Sean Christopherson
Cc: Thomas Gleixner
Cc: Vitaly Kuznetsov
Cc: Wanpeng Li
Co-developed-by: Madhavan T. Venkataraman
Signed-off-by: Madhavan T. Venkataraman
Signed-off-by: Mickaël Salaün
Link: https://lore.kernel.org/r/20240503131910.307630-5-...@digikod.net
---
Changes since v2
with the related
features.
Cc: Borislav Petkov
Cc: Dave Hansen
Cc: H. Peter Anvin
Cc: Ingo Molnar
Cc: Kees Cook
Cc: Madhavan T. Venkataraman
Cc: Paolo Bonzini
Cc: Sean Christopherson
Cc: Thomas Gleixner
Cc: Vitaly Kuznetsov
Cc: Wanpeng Li
Signed-off-by: Mickaël Salaün
Link: https://lore.kernel.org/r
,
Madhavan T. Venkataraman (1):
virt: Introduce Hypervisor Enforced Kernel Integrity (Heki)
Mickaël Salaün (4):
KVM: x86: Add new hypercall to lock control registers
KVM: x86: Add notifications for Heki policy configuration and
violation
heki: Lock guest control registers at the end
Petkov
Cc: Dave Hansen
Cc: H. Peter Anvin
Cc: Ingo Molnar
Cc: Kees Cook
Cc: Madhavan T. Venkataraman
Cc: Paolo Bonzini
Cc: Sean Christopherson
Cc: Thomas Gleixner
Cc: Vitaly Kuznetsov
Cc: Wanpeng Li
Co-developed-by: Mickaël Salaün
Signed-off-by: Mickaël Salaün
Signed-off-by: Madhavan T
From: Madhavan T. Venkataraman
When permissions are changed on an existing mapping, update the
permissions counters.
Cc: Borislav Petkov
Cc: Dave Hansen
Cc: H. Peter Anvin
Cc: Ingo Molnar
Cc: Kees Cook
Cc: Madhavan T. Venkataraman
Cc: Mickaël Salaün
Cc: Paolo Bonzini
Cc: Sean
to modify the
instructions in that page.
Cc: Borislav Petkov
Cc: Dave Hansen
Cc: H. Peter Anvin
Cc: Ingo Molnar
Cc: Kees Cook
Cc: Madhavan T. Venkataraman
Cc: Mickaël Salaün
Cc: Paolo Bonzini
Cc: Sean Christopherson
Cc: Thomas Gleixner
Cc: Vitaly Kuznetsov
Cc: Wanpeng Li
Signed-off
Cook
Cc: Mickaël Salaün
Cc: Paolo Bonzini
Cc: Sean Christopherson
Cc: Thomas Gleixner
Cc: Vitaly Kuznetsov
Cc: Wanpeng Li
Signed-off-by: Madhavan T. Venkataraman
---
Changes since v1:
* New patch
---
include/linux/heki.h | 11 ++-
mm/vmalloc.c | 7 +++
virt/heki
it from tampering by the guest kernel itself.
We should note that walking through all mappings might be slow if KASAN
is enabled.
Cc: Borislav Petkov
Cc: Dave Hansen
Cc: H. Peter Anvin
Cc: Ingo Molnar
Cc: Kees Cook
Cc: Madhavan T. Venkataraman
Cc: Mickaël Salaün
Cc: Paolo Bonzini
Cc: Sean
Cc: Ingo Molnar
Cc: Kees Cook
Cc: Paolo Bonzini
Cc: Sean Christopherson
Cc: Thomas Gleixner
Cc: Vitaly Kuznetsov
Cc: Wanpeng Li
Co-developed-by: Mickaël Salaün
Signed-off-by: Mickaël Salaün
Signed-off-by: Madhavan T. Venkataraman
---
Changes since v1:
The original hypercall contained
to understand what is going on.
Cc: Borislav Petkov
Cc: Dave Hansen
Cc: H. Peter Anvin
Cc: Ingo Molnar
Cc: Kees Cook
Cc: Madhavan T. Venkataraman
Cc: Paolo Bonzini
Cc: Sean Christopherson
Cc: Thomas Gleixner
Cc: Vitaly Kuznetsov
Cc: Wanpeng Li
Signed-off-by: Mickaël Salaün
---
Changes
: Kees Cook
Cc: Madhavan T. Venkataraman
Cc: Paolo Bonzini
Cc: Sean Christopherson
Cc: Thomas Gleixner
Cc: Vitaly Kuznetsov
Cc: Wanpeng Li
Co-developed-by: Mickaël Salaün
Signed-off-by: Mickaël Salaün
Signed-off-by: Madhavan T. Venkataraman
---
Change since v1:
* New patch and new file: virt
thanks to extra mem_table_ops's merge() and split() operations.
Cc: Borislav Petkov
Cc: Dave Hansen
Cc: H. Peter Anvin
Cc: Ingo Molnar
Cc: Kees Cook
Cc: Madhavan T. Venkataraman
Cc: Mickaël Salaün
Cc: Paolo Bonzini
Cc: Sean Christopherson
Cc: Thomas Gleixner
Cc: Vitaly Kuznetsov
Cc
: H. Peter Anvin
Cc: Ingo Molnar
Cc: Kees Cook
Cc: Madhavan T. Venkataraman
Cc: Mickaël Salaün
Cc: Paolo Bonzini
Cc: Sean Christopherson
Cc: Thomas Gleixner
Cc: Vitaly Kuznetsov
Cc: Wanpeng Li
Co-developed-by: Madhavan T. Venkataraman
Signed-off-by: Madhavan T. Venkataraman
Signed-off
() KVM_MEMORY_ATTRIBUTE_PRIVATE
optimizations.
Cc: Chao Peng
Cc: Kees Cook
Cc: Madhavan T. Venkataraman
Cc: Sean Christopherson
Cc: Yu Zhang
Signed-off-by: Mickaël Salaün
---
Changes since v1:
* New patch
---
arch/x86/kvm/mmu/mmu.c | 23 ---
include/linux/kvm_host.h | 2 ++
virt/kvm
on
Cc: Thomas Gleixner
Cc: Vitaly Kuznetsov
Cc: Wanpeng Li
Signed-off-by: Mickaël Salaün
---
Changes since v1:
* Import the MMU tracepoint changes from the v1's "Enable guests to lock
themselves thanks to MBEC" patch.
---
arch/x86/include/asm/vmx.h | 11 +--
arch/x86/kvm/mmu.h
Kees Cook
Cc: Paolo Bonzini
Cc: Sean Christopherson
Cc: Thomas Gleixner
Cc: Vitaly Kuznetsov
Cc: Wanpeng Li
Co-developed-by: Mickaël Salaün
Signed-off-by: Mickaël Salaün
Signed-off-by: Madhavan T. Venkataraman
---
Changes since v1:
* Shrinked this patch to only contain the minimal c
This enables to check if an attribute is tied to any memory page in a
range. This will be useful in a folling commit to check for
KVM_MEMORY_ATTRIBUTE_HEKI_IMMUTABLE.
Cc: Chao Peng
Cc: Kees Cook
Cc: Madhavan T. Venkataraman
Cc: Sean Christopherson
Cc: Yu Zhang
Signed-off-by: Mickaël Salaün
. Venkataraman
Cc: Paolo Bonzini
Cc: Sean Christopherson
Cc: Thomas Gleixner
Cc: Vitaly Kuznetsov
Cc: Wanpeng Li
Signed-off-by: Mickaël Salaün
---
Changes since v1:
* New patch. Making user space aware of Heki properties was requested by
Sean Christopherson.
---
arch/x86/kvm/vmx/vmx.c | 5
Enable to only update a subset of attributes.
This is needed to be able to use the XArray for different use cases and
make sure they don't interfere (see a following commit).
Cc: Chao Peng
Cc: Kees Cook
Cc: Madhavan T. Venkataraman
Cc: Sean Christopherson
Cc: Yu Zhang
Signed-off-by: Mickaël
Cîțu
Signed-off-by: Nicușor Cîțu
Signed-off-by: Mickaël Salaün
---
arch/x86/include/asm/kvm-x86-ops.h | 1 +
arch/x86/include/asm/kvm_host.h| 2 ++
arch/x86/kvm/svm/svm.c | 9 +
arch/x86/kvm/vmx/vmx.c | 10 ++
4 files changed, 22 insertions
with the related
features.
Cc: Borislav Petkov
Cc: Dave Hansen
Cc: H. Peter Anvin
Cc: Ingo Molnar
Cc: Kees Cook
Cc: Madhavan T. Venkataraman
Cc: Paolo Bonzini
Cc: Sean Christopherson
Cc: Thomas Gleixner
Cc: Vitaly Kuznetsov
Cc: Wanpeng Li
Signed-off-by: Mickaël Salaün
---
Changes since v1:
* Guard
Bonzini
Cc: Sean Christopherson
Cc: Thomas Gleixner
Cc: Vitaly Kuznetsov
Cc: Wanpeng Li
Co-developed-by: Madhavan T. Venkataraman
Signed-off-by: Madhavan T. Venkataraman
Signed-off-by: Mickaël Salaün
---
Changes since v1:
* Shrinked the patch to only manage the CR pinning.
---
arch/x86
during text patching
heki: x86: Protect guest kernel memory using the KVM hypervisor
Mickaël Salaün (10):
KVM: x86: Add new hypercall to lock control registers
KVM: x86: Add notifications for Heki policy configuration and
violation
heki: Lock guest control registers at the end of guest
On 31/05/2023 22:24, Sean Christopherson wrote:
On Tue, May 30, 2023, Rick P Edgecombe wrote:
On Fri, 2023-05-26 at 17:22 +0200, Micka�l Sala�n wrote:
Can the guest kernel ask the host VMM's emulated devices to DMA into
the protected data? It should go through the host userspace mappings
Hi,
What is the status of this microconference proposal? We'd be happy to
talk about Heki [1] and potentially other hypervisor supports.
Regards,
Mickaël
[1] https://lore.kernel.org/all/20230505152046.6575-1-...@digikod.net/
On 26/05/2023 18:09, Mickaël Salaün wrote:
See James Morris's
On 25/05/2023 20:34, Trilok Soni wrote:
On 5/25/2023 6:25 AM, Mickaël Salaün wrote:
On 24/05/2023 23:04, Trilok Soni wrote:
On 5/5/2023 8:20 AM, Mickaël Salaün wrote:
Hi,
This patch series is a proof-of-concept that implements new KVM features
(extended page tracking, MBEC support, CR
On 08/05/2023 23:11, Wei Liu wrote:
On Fri, May 05, 2023 at 05:20:42PM +0200, Mickaël Salaün wrote:
This enables guests to lock their CR0 and CR4 registers with a subset of
X86_CR0_WP, X86_CR4_SMEP, X86_CR4_SMAP, X86_CR4_UMIP, X86_CR4_FSGSBASE
and X86_CR4_CET flags.
The new
On 17/05/2023 14:47, Madhavan T. Venkataraman wrote:
Sorry for the delay. See inline...
On 5/8/23 12:29, Wei Liu wrote:
On Fri, May 05, 2023 at 05:20:40PM +0200, Mickaël Salaün wrote:
From: Madhavan T. Venkataraman
Hypervisor Enforced Kernel Integrity (Heki) is a feature that will use
On 08/05/2023 23:18, Wei Liu wrote:
On Fri, May 05, 2023 at 05:20:43PM +0200, Mickaël Salaün wrote:
From: Madhavan T. Venkataraman
Each supported hypervisor in x86 implements a struct x86_hyper_init to
define the init functions for the hypervisor. Define a new init_heki()
entry point
See James Morris's proposal here:
https://lore.kernel.org/all/17f62cb1-a5de-2020-2041-359b8e96b...@linux.microsoft.com/
On 26/05/2023 04:36, James Morris wrote:
> [Side topic]
>
> Would folks be interested in a Linux Plumbers Conference MC on this
> topic generally, across different
On 25/05/2023 17:52, Edgecombe, Rick P wrote:
On Thu, 2023-05-25 at 15:59 +0200, Mickaël Salaün wrote:
[ snip ]
The kernel often creates writable aliases in order to write to
protected data (kernel text, etc). Some of this is done right as
text
is being first written out (alternatives
On 25/05/2023 15:59, Mickaël Salaün wrote:
On 25/05/2023 00:20, Edgecombe, Rick P wrote:
On Fri, 2023-05-05 at 17:20 +0200, Mickaël Salaün wrote:
# How does it work?
This implementation mainly leverages KVM capabilities to control the
Second
Layer Address Translation (or the Two
On 25/05/2023 00:20, Edgecombe, Rick P wrote:
On Fri, 2023-05-05 at 17:20 +0200, Mickaël Salaün wrote:
# How does it work?
This implementation mainly leverages KVM capabilities to control the
Second
Layer Address Translation (or the Two Dimensional Paging e.g.,
Intel's EPT or
AMD's RVI/NPT
On 24/05/2023 23:04, Trilok Soni wrote:
On 5/5/2023 8:20 AM, Mickaël Salaün wrote:
Hi,
This patch series is a proof-of-concept that implements new KVM features
(extended page tracking, MBEC support, CR pinning) and defines a new API to
protect guest VMs. No VMM (e.g., Qemu) modification
On 05/05/2023 18:44, Sean Christopherson wrote:
On Fri, May 05, 2023, Micka�l Sala�n wrote:
Add a new KVM_HC_LOCK_MEM_PAGE_RANGES hypercall that enables a guest to
set EPT permissions on a set of page ranges.
IMO, manipulation of protections, both for memory (this patch) and CPU state
On 05/05/2023 18:28, Sean Christopherson wrote:
On Fri, May 05, 2023, Micka�l Sala�n wrote:
diff --git a/arch/x86/include/asm/kvm_page_track.h
b/arch/x86/include/asm/kvm_page_track.h
index eb186bc57f6a..a7fb4ff888e6 100644
--- a/arch/x86/include/asm/kvm_page_track.h
+++
Bonzini
Cc: Sean Christopherson
Cc: Thomas Gleixner
Cc: Vitaly Kuznetsov
Cc: Wanpeng Li
Signed-off-by: Mickaël Salaün
Link: https://lore.kernel.org/r/20230505152046.6575-10-...@digikod.net
---
virt/heki/Kconfig | 12 +++
virt/heki/heki.c | 194 +-
2
: Paolo Bonzini
Cc: Sean Christopherson
Cc: Thomas Gleixner
Cc: Vitaly Kuznetsov
Cc: Wanpeng Li
Signed-off-by: Mickaël Salaün
Link: https://lore.kernel.org/r/20230505152046.6575-9-...@digikod.net
---
Documentation/virt/kvm/x86/hypercalls.rst | 4 +-
arch/x86/kvm/mmu/mmu.c| 35
ored.
Cc: Borislav Petkov
Cc: Dave Hansen
Cc: H. Peter Anvin
Cc: Ingo Molnar
Cc: Kees Cook
Cc: Madhavan T. Venkataraman
Cc: Paolo Bonzini
Cc: Sean Christopherson
Cc: Thomas Gleixner
Cc: Vitaly Kuznetsov
Cc: Wanpeng Li
Signed-off-by: Mickaël Salaün
Link: https://lore.kernel.org/r/202305
Cîțu
Signed-off-by: Nicușor Cîțu
Signed-off-by: Mickaël Salaün
Link: https://lore.kernel.org/r/20230505152046.6575-2-...@digikod.net
---
arch/x86/include/asm/kvm-x86-ops.h | 1 +
arch/x86/include/asm/kvm_host.h| 2 ++
arch/x86/kvm/svm/svm.c | 9 +
arch/x86/kvm/vmx
ave Hansen
Cc: H. Peter Anvin
Cc: Ingo Molnar
Cc: Kees Cook
Cc: Paolo Bonzini
Cc: Sean Christopherson
Cc: Thomas Gleixner
Cc: Vitaly Kuznetsov
Cc: Wanpeng Li
Co-developed-by: Mickaël Salaün
Signed-off-by: Mickaël Salaün
Signed-off-by: Madhavan T. Venkataraman
Link: https://lore.kern
Molnar
Cc: Kees Cook
Cc: Madhavan T. Venkataraman
Cc: Paolo Bonzini
Cc: Sean Christopherson
Cc: Thomas Gleixner
Cc: Vitaly Kuznetsov
Cc: Wanpeng Li
Signed-off-by: Mickaël Salaün
Link: https://lore.kernel.org/r/20230505152046.6575-6-...@digikod.net
---
Documentation/virt/kvm/x86
Madhavan T. Venkataraman
Cc: Mickaël Salaün
Cc: Paolo Bonzini
Cc: Sean Christopherson
Cc: Thomas Gleixner
Cc: Vitaly Kuznetsov
Cc: Wanpeng Li
Signed-off-by: Madhavan T. Venkataraman
Link: https://lore.kernel.org/r/20230505152046.6575-4-...@digikod.net
---
Kconfig |
by replying to this thread, we're looking for
people to join and collaborate on this project!
Regards,
Madhavan T. Venkataraman (2):
virt: Implement Heki common code
KVM: x86: Add Heki hypervisor support
Mickaël Salaün (7):
KVM: x86: Add kvm_x86_ops.fault_gva()
KVM: x86/mmu: Add support
van T. Venkataraman
Cc: Paolo Bonzini
Cc: Sean Christopherson
Cc: Thomas Gleixner
Cc: Vitaly Kuznetsov
Cc: Wanpeng Li
Signed-off-by: Mickaël Salaün
Link: https://lore.kernel.org/r/20230505152046.6575-5-...@digikod.net
---
Documentation/virt/kvm/x86/hypercalls.rst | 17 +++
arch/x86/kvm/x86.
Kuznetsov
Cc: Wanpeng Li
Cc: Ștefan Șicleru
Signed-off-by: Mickaël Salaün
Link: https://lore.kernel.org/r/20230505152046.6575-3-...@digikod.net
---
arch/x86/include/asm/kvm_page_track.h | 12 +
arch/x86/kvm/mmu/mmu.c| 64 ++-
arch/x86/kvm/mmu
54 matches
Mail list logo
