Re: [RFC 00/11] KVM, EFI, arm64: EFI Runtime Services Sandboxing

On Tue, Sep 26, 2017 at 11:14:52PM +0200, Florent Revest wrote: > On Thu, 2017-08-31 at 11:26 +0200, Christoffer Dall wrote: > > I wonder if this should be split into two series; one that sets up > > anything you may need from KVM, and another one that uses that for > > UEFI. > > > > There's a

Re: [RFC 04/11] KVM, arm, arm64: Offer PAs to IPAs idmapping to internal VMs

On Tue, Sep 26, 2017 at 11:14:45PM +0200, Florent Revest wrote: > On Thu, 2017-08-31 at 11:23 +0200, Christoffer Dall wrote: > > > diff --git a/virt/kvm/arm/mmu.c b/virt/kvm/arm/mmu.c > > > index 2ea21da..1d2d3df 100644 > > > --- a/virt/kvm/arm/mmu.c > > > +++ b/virt/kvm/arm/mmu.c > > > @@ -772,6

[Part1 PATCH v6 07/17] x86/efi: Access EFI data as encrypted when SEV is active

From: Tom Lendacky EFI data is encrypted when the kernel is run under SEV. Update the page table references to be sure the EFI memory areas are accessed encrypted. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin"

Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices

On Fri, Oct 13, 2017 at 10:47:46PM +0300, Jarkko Sakkinen wrote: > On Thu, Oct 12, 2017 at 05:03:38PM +0200, Javier Martinez Canillas wrote: > > On Thu, Oct 12, 2017 at 1:38 PM, Jarkko Sakkinen > > wrote: > > > > [snip] > > > > > > > > Now all Thiebaud's patches

Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices

On Wed, Oct 11, 2017 at 02:52:54PM +0300, Jarkko Sakkinen wrote: > On Wed, Oct 11, 2017 at 12:54:26PM +1100, James Morris wrote: > > On Tue, 10 Oct 2017, Jarkko Sakkinen wrote: > > > > > The way I've agreed with James Morris to have my tree is to be rooted to > > > security trees next branch. > >