Let user-space handle all hypercalls that fall under the AccessVsm
partition privilege flag. That is:
- HvCallModifyVtlProtectionMask
- HvCallEnablePartitionVtl
- HvCallEnableVpVtl
- HvCallVtlCall
- HvCallVtlReturn
All these are VTL aware and as such need to be handled in user-space.
Addition
Introduce traces that track memory attributes modification.
Signed-off-by: Nicolas Saenz Julienne
---
include/trace/events/kvm.h | 20
virt/kvm/kvm_main.c| 2 ++
2 files changed, 22 insertions(+)
diff --git a/include/trace/events/kvm.h b/include/trace/events/kvm.h
Take into account access restrictions memory attributes when faulting
guest memory. Prohibited memory accesses will cause an user-space fault
exit.
Additionally, bypass a warning in the !tdp case. Access restrictions in
guest page tables might not necessarily match the host pte's when memory
attri
Declare memory attributes to map memory regions as non-readable,
non-writable, and/or non-executable.
The attributes are negated for the following reasons:
- Setting a 0 memory attribute (attr->attributes == 0) shouldn't
introduce any access restrictions. For example, when moving from
priva
Systems that lack private memory support are about to start using memory
attributes. So query if the memory attributes xarray is empty in order
to decide whether it's necessary to init the hugepage information when
installing a new memslot.
Signed-off-by: Nicolas Saenz Julienne
---
arch/x86/kvm/
In preparation to introducing RWX memory attributes, make sure
user-space is attempting to install a memory attribute with
KVM_MEMORY_ATTRIBUTE_PRIVATE before throwing a warning on systems with
no private memory support.
Signed-off-by: Nicolas Saenz Julienne
---
arch/x86/kvm/mmu/mmu.c | 8 ++
The upcoming access restriction KVM memory attributes open the door to
installing non-executable mappings. Introduce a new attribute in struct
kvm_page_fault, map_executable, to control whether the gfn range should
be mapped as executable and make sure it's taken into account when
generating new sp
In order to simplify Hyper-V VSM secure memory intercept generation in
user-space (it avoids the need of implementing an x86 instruction
decoder and the actual decoding). Pass the instruction length being run
at the time of the guest exit as part of the memory fault exit
information.
The presence
Both VMX and SVM provide the length of the instruction
being run at the time of the page fault. Save it within 'struct
kvm_page_fault', as it'll become useful in the future.
Signed-off-by: Nicolas Saenz Julienne
---
arch/x86/kvm/mmu/mmu.c | 11 ---
arch/x86/kvm/mmu/mmu_internal.
From: Anish Moorthy
kvm_prepare_memory_fault_exit() already takes parameters describing the
RWX-ness of the relevant access but doesn't actually do anything with
them. Define and use the flags necessary to pass this information on to
userspace.
Suggested-by: Sean Christopherson
Signed-off-by: A
Both HvCallStartVirtualProcessor and GetVpIndexFromApicId are used as
part of the Hyper-V VSM CPU bootstrap process, and requires VTL
awareness, as such handle the hypercall in user-space. Also, expose the
ad-hoc CPUID bit.
Note that these hypercalls aren't necessary on Hyper-V guests that don't
e
Handle HvTranslateVirtualAddress in user-space. The hypercall is
VTL-aware and only used in the context of VSM. Additionally, the TLFS
doesn't introduce an ad-hoc CPUID bit for it, so the hypercall
availability is tracked as part of the HV_ACCESS_VSM CPUID. This will be
documented with the main VSM
Let user-space handle HvGetVpRegisters and HvSetVpRegisters as they are
VTL aware hypercalls used solely in the context of VSM. Additionally,
expose the cpuid bit.
Signed-off-by: Nicolas Saenz Julienne
---
Documentation/virt/kvm/api.rst| 10 ++
arch/x86/kvm/hyperv.c | 15
Model inactive VTL vCPUs' behaviour with a new MP state.
Inactive VTLs are in an artificial halt state. They enter into this
state in response to invoking HvCallVtlCall, HvCallVtlReturn.
User-space, which is VTL aware, can processes the hypercall, and set the
vCPU in MP_STATE_HV_INACTIVE_VTL. When
HvCallSendSyntheticClusterIpi and HvCallSendSyntheticClusterIpiEx allow
sending VTL-aware IPIs. Honour the hcall by exiting to user-space upon
receiving a request with a valid VTL target. This behaviour is only
available if the VSM CPUID flag is available and exposed to the guest.
It doesn't introd
Both 'struct hv_send_ipi' and 'struct hv_send_ipi_ex' have an 'union
hv_input_vtl' parameter which has been ignored until now. Expose it, as
KVM will soon provide a way of dealing with VTL-aware IPIs. While doing
Also fixup __send_ipi_mask_ex().
Signed-off-by: Nicolas Saenz Julienne
---
arch/x86
Introduce a helper function to check if the guest exposes the VSM CPUID
bit.
Signed-off-by: Nicolas Saenz Julienne
---
arch/x86/kvm/hyperv.h | 10 ++
include/asm-generic/hyperv-tlfs.h | 1 +
2 files changed, 11 insertions(+)
diff --git a/arch/x86/kvm/hyperv.h b/arch/x86/kvm
Prepare infrastructure to be able to return data through the XMM
registers when Hyper-V hypercalls are issues in fast mode. The XMM
registers are exposed to user-space through KVM_EXIT_HYPERV_HCALL and
restored on successful hypercall completion.
Signed-off-by: Nicolas Saenz Julienne
---
There
This series introduces core KVM functionality necessary to emulate Hyper-V's
Virtual Secure Mode in a Virtual Machine Monitor (VMM).
Hyper-V's Virtual Secure Mode (VSM) is a virtualization security feature that
leverages the hypervisor to create secure execution environments within a
guest. VSM is
19 matches
Mail list logo
