On 11/16/20 9:31 AM, Suman Anna wrote:
Hi Santosh,
On 11/16/20 11:22 AM, Grzegorz Jaszczyk wrote:
Since the of_device_get_match_data() doesn't return error code, remove
wrong IS_ERR test. Proper check against NULL pointer is already done
later before usage: if (data && data->...).
it.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
> master
> head: a6af8718b98e1cd37a9ea9a02269c79577fc9138
> commit: 2067fd92d75b6d9085a43caf050bca5d88c491b8 staging/speakup: Move out of
> staging
> date: 4 months ago
> config: parisc-randconfig-r023-20201116 (at
On Sun, Nov 15, 2020 at 10:26:50AM +0530, Srinivasa Rao Mandadapu wrote:
> lpass_pcm_data is not freed in error paths. Free it in
> error paths to avoid memory leak.
Please use subject lines reflecting the general style for the subsystem,
it makes it easier for people to spot patches that need to
On Mon, Nov 16, 2020 at 08:39:54PM +0200, Grygorii Strashko wrote:
>
>
> On 14/11/2020 21:17, Vladimir Oltean wrote:
> > On Sat, Nov 14, 2020 at 05:56:54AM +0200, Grygorii Strashko wrote:
> > > This patch enables support for ingress broadcast(BC)/multicast(MC) rate
> > > limiting
> > > in TI
On Fri, Nov 13, 2020 at 02:06:29PM -0800, Tim Harvey wrote:
> asserted? I'm also wondering if my issue is that I currently have the
> interrupt registered as such:
> ret = devm_regmap_add_irq_chip(dev, gsc->regmap, client->irq,
> IRQF_ONESHOT | IRQF_SHARED | IRQF_TRIGGER_FALLING, 0, _irq_chip,
>
On 10/11/20 23:42, Ashish Kalra wrote:
From: Ashish Kalra
Fix offset computation in __sev_dbg_decrypt() to include the
source paddr before it is rounded down to be aligned to 16 bytes
as required by SEV API. This fixes incorrect guest memory dumps
observed when using qemu monitor.
On Thu, Oct 22, 2020 at 1:18 AM Gilad Ben-Yossef wrote:
>
>
> Hi again,
>
> Any opinion on the suggested below?
Sorry, lost in the pile...
> Thanks!
> Gilad
>
>
> On Tue, Sep 29, 2020 at 9:08 PM Gilad Ben-Yossef wrote:
>>
>>
>> On Wed, Sep 23, 2020 at 4:57 AM Rob Herring wrote:
>> >
>> > On
On Sun, Nov 15, 2020 at 07:58:52PM +0100, Thomas Gleixner wrote:
> Ira,
>
> On Fri, Nov 06 2020 at 15:29, ira weiny wrote:
>
> Subject prefix wants to 'entry:'. This changes generic code and the x86
> part is just required to fix the generic code change.
Sorry, yes that was carried incorrectly
On Mon, 2020-11-16 at 18:08 +, Al Viro wrote:
> On Mon, Nov 16, 2020 at 09:37:32AM -0800, Linus Torvalds wrote:
> > On Mon, Nov 16, 2020 at 8:47 AM Mimi Zohar wrote:
> > >
> > > This discussion seems to be going down the path of requiring an IMA
> > > filesystem hook for reading the file,
On Mon, Nov 16, 2020 at 06:45:15PM +0100, Thomas Bogendoerfer wrote:
> The loop over all memblocks works with PFN numbers and not physical
> addresses, so we need for_each_mem_pfn_range().
>
> Fixes: b10d6bca8720 ("arch, drivers: replace for_each_membock() with
> for_each_mem_range()")
>
Em Mon, 16 Nov 2020 18:24:04 +0100
Daniel Vetter escreveu:
> On Mon, Nov 16, 2020 at 05:38:04PM +0100, Mauro Carvalho Chehab wrote:
> > Em Mon, 16 Nov 2020 16:36:06 +0100
> > Daniel Vetter escreveu:
> >
> > > On Mon, Nov 16, 2020 at 11:18:06AM +0100, Mauro Carvalho Chehab wrote:
> > > >
On 14/11/2020 21:17, Vladimir Oltean wrote:
On Sat, Nov 14, 2020 at 05:56:54AM +0200, Grygorii Strashko wrote:
This patch enables support for ingress broadcast(BC)/multicast(MC) rate limiting
in TI AM65x CPSW driver (the corresponding ALE support was added in previous
patch) by implementing
bpf handlers for perf events other than tracepoints, kprobes or uprobes
are attached to the overflow_handler of the perf event.
Perf events of type software/dummy are placeholder events. So when
attaching a bpf handle to an overflow_handler of such an event, the bpf
handler will not be triggered.
于 2020年11月16日 GMT+08:00 下午11:55:08, Maxime Ripard 写到:
>On Tue, Nov 10, 2020 at 06:41:37PM +0800, Icenowy Zheng wrote:
>>
>>
>> 于 2020年11月10日 GMT+08:00 下午6:39:25, Maxime Ripard
>写到:
>> >On Sat, Nov 07, 2020 at 08:53:32PM +0800, Icenowy Zheng wrote:
>> >> Some developers received PineTab
On Mon, Nov 16, 2020 at 01:59:30PM +0100, Mauro Carvalho Chehab wrote:
> This driver is ready for mainstream. Move it out of staging.
There's quite a few issues here, to be honest I'm disappointed some of
them weren't caught during staging review, this needs fairly substantial
work and there's
On Thu, Nov 12, 2020 at 2:15 PM Flavio Suligoi wrote:
>
> The "gpio-line-names" declaration is not fully
> documented, so can be useful to add some important
> information and one more example.
>
> This commit also fixes a trivial spelling mistake.
The spelling mistake has been fixed already, so
On Mon, Nov 16, 2020 at 10:10 AM Alexandre Chartre
wrote:
>
>
> On 11/16/20 5:57 PM, Andy Lutomirski wrote:
> > On Mon, Nov 16, 2020 at 6:47 AM Alexandre Chartre
> > wrote:
> >>
> >> When entering the kernel from userland, use the per-task PTI stack
> >> instead of the per-cpu trampoline stack.
From: Isaku Yamahata
Add a flag for TDX to flag RO memory as unsupported and propagate it to
KVM_MEM_READONLY to allow reporting RO memory as unsupported on a per-VM
basis. TDX1 doesn't expose permission bits to the VMM in the SEPT
tables, i.e. doesn't support read-only private memory.
On 11/12/20 10:40 AM, Jeffrin Jose T wrote:
hello,
i wrote a small program to check for the existence of "config" files
for testing projects under kselftest framework.
chmod 755 test_config.py
This file should be located in "tools/testing/selftests"
This can be run as "./test_config.py"
Why
From: Sean Christopherson
Add 'guest_state_protected' to mark a VM's state as being protected by
hardware/firmware, e.g. SEV-ES or TDX-SEAM. Use the flag to disallow
ioctls() and/or flows that attempt to access protected state.
Return an error if userspace attempts to get/set register state
From: Sean Christopherson
Return true for kvm_vcpu_has_events() if the vCPU has a pending APICv
interrupt to support TDX's usage of APICv. Unlike VMX, TDX doesn't have
access to vmcs.GUEST_INTR_STATUS and so can't emulate posted interrupts,
i.e. needs to generate a posted interrupt and more
From: Sean Christopherson
Signed-off-by: Sean Christopherson
---
virt/kvm/kvm_main.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
index 2541a17ff1c4..65e1737c4354 100644
--- a/virt/kvm/kvm_main.c
+++ b/virt/kvm/kvm_main.c
@@ -4288,6 +4288,7 @@
On 11/16/20 5:56 PM, Andy Lutomirski wrote:
On Mon, Nov 16, 2020 at 6:48 AM Alexandre Chartre
wrote:
Using stack protector requires the stack canary to be mapped into
the current page-table. Now that the page-table switch between the
user and kernel page-table is deferred to C code, stack
From: Sean Christopherson
By necessity, TDX will use a different register ABI for hypercalls.
Break out the core functionality so that it may be reused for TDX.
Signed-off-by: Sean Christopherson
---
arch/x86/include/asm/kvm_host.h | 4 +++
arch/x86/kvm/x86.c | 49
From: Sean Christopherson
Let userspace, or in the case of TDX, KVM itself, enable X2APIC even if
X2APIC is not reported as supported in the guest's CPU model. KVM
generally does not force specific ordering between ioctls(), e.g. this
forces userspace to configure CPUID before MSRs. And for
From: Sean Christopherson
Export kvm_make_all_cpus_request() and hoist the request helper
declarations of request up to the KVM_REQ_* definitions in preparation
for adding a "VM bugged" framework. The framework will add KVM_BUG()
and KVM_BUG_ON() as alternatives to full BUG()/BUG_ON() for cases
From: Sean Christopherson
Signed-off-by: Sean Christopherson
---
include/linux/kvm_host.h | 27 +++
virt/kvm/kvm_main.c | 10 +-
2 files changed, 32 insertions(+), 5 deletions(-)
diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h
index
From: Sean Christopherson
Add a capability to effectively allow userspace to query what VM types
are supported by KVM.
Co-developed-by: Xiaoyao Li
Signed-off-by: Xiaoyao Li
Signed-off-by: Sean Christopherson
---
arch/x86/include/asm/kvm_host.h | 2 ++
arch/x86/include/uapi/asm/kvm.h
From: Sean Christopherson
Explicitly check that kvm_x86_ops.tlb_remote_flush() points at Hyper-V's
implementation for PV flushing instead of assuming that a non-NULL
implemenation means running on Hyper-V. Wrap the related logic in
ifdeffery as hv_remote_flush_tlb() is defined iff
On 11/14/20 12:42 AM, Hillf Danton wrote:
> On Fri, 13 Nov 2020 00:01:16 +0200 Jarkko Sakkinen wrote:
>> + */
>> +static void sgx_sanitize_section(struct sgx_epc_section *section)
>> +{
>> +struct sgx_epc_page *page;
>> +LIST_HEAD(dirty);
>> +int ret;
>> +
>> +while
From: Isaku Yamahata
TDX doesn't support SMM, whereas VMX conditionally support SMM. Rework
kvm_x86_ops.has_emulated_msr() to take a struct kvm so that TDX can
reject SMM by way of the MSR_IA32_SMBASE check.
This pair with a QEMU change to query SMM support using a VM ioctl().
Signed-off-by:
From: Sean Christopherson
Signed-off-by: Sean Christopherson
---
arch/x86/kvm/mmu/mmu.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c
index 3c7e43e12513..bebd2b6ebcad 100644
--- a/arch/x86/kvm/mmu/mmu.c
+++
From: Sean Christopherson
Move the kvm_dirty_regs vs. KVM_SYNC_X86_VALID_FIELDS check out of
sync_regs() and into its sole caller, kvm_arch_vcpu_ioctl_run(). This
allows a future patch to allow synchronizing select state for protected
VMs.
Signed-off-by: Sean Christopherson
---
From: Kai Huang
Add a flag to let TDX disallow the in-kernel I/O APIC, level triggered
routes for a userspace I/O APIC, and anything else that relies on being
able to intercept EOIs. TDX-SEAM does not allow intercepting EOI.
Note, technically KVM could partially emulate the I/O APIC by
From: Sean Christopherson
Add a flag to disallow MCE injection and reject KVM_X86_SETUP_MCE with
-EINVAL when set. TDX doesn't support injecting exceptions, including
(virtual) #MCs.
Signed-off-by: Kai Huang
Co-developed-by: Sean Christopherson
Signed-off-by: Sean Christopherson
---
On Mon, 2020-11-16 at 10:09 -0800, Linus Torvalds wrote:
> On Mon, Nov 16, 2020 at 9:41 AM Christoph Hellwig wrote:
> >
> > The "issue" with IMA is that it uses security hooks to hook into the
> > VFS and then wants to read every file that gets opened on a real file
> > system to "measure" the
From: Zhang Chen
Move get_builtin_firmware() to common.c so that it can be used to get
non-ucode firmware, e.g. Intel's SEAM modules, even if MICROCODE=n.
Require the consumers to select FW_LOADER, which is already true for
MICROCODE, instead of having dead code that returns false at runtime.
From: Sean Christopherson
Signed-off-by: Sean Christopherson
---
arch/x86/kvm/svm/svm.c | 2 +-
arch/x86/kvm/vmx/vmx.c | 23 ++-
arch/x86/kvm/x86.c | 4
3 files changed, 19 insertions(+), 10 deletions(-)
diff --git a/arch/x86/kvm/svm/svm.c
From: Sean Christopherson
Signed-off-by: Sean Christopherson
---
arch/x86/kvm/x86.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 0f67f762717a..1d999b57f21a 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -11237,6 +11237,7 @@ int
From: Isaku Yamahata
* What's TDX?
TDX stands for Trust Domain Extensions which isolates VMs from
the virtual-machine manager (VMM)/hypervisor and any other software on
the platform. [1]
For details, the specifications, [2], [3], [4], [5], [6], [7], are
available.
* The goal of this RFC patch
From: Sean Christopherson
Signed-off-by: Sean Christopherson
---
arch/arm64/include/asm/kvm_host.h | 3 ---
arch/arm64/kvm/arm.c | 7 ++-
arch/arm64/kvm/vgic/vgic-init.c | 6 +++---
include/linux/kvm_host.h | 1 +
virt/kvm/kvm_main.c | 3 ++-
5 files
From: Sean Christopherson
Pass intr_info to the NMI and INTR handlers instead of pulling it from
vcpu_vmx in preparation for sharing the bulk of the handlers with TDX.
Signed-off-by: Sean Christopherson
---
arch/x86/kvm/vmx/vmx.c | 16 ++--
1 file changed, 6 insertions(+), 10
From: Sean Christopherson
When adding pages prior to boot, TDX will need the resulting host pfn so
that it can be passed to TDADDPAGE (TDX-SEAM always works with physical
addresses as it has its own page tables). Start plumbing pfn back up
the page fault stack.
Signed-off-by: Sean
From: Sean Christopherson
Signed-off-by: Sean Christopherson
---
arch/x86/kvm/vmx/common.h | 29 +
arch/x86/kvm/vmx/vmx.c| 32 +---
2 files changed, 34 insertions(+), 27 deletions(-)
diff --git a/arch/x86/kvm/vmx/common.h
From: Sean Christopherson
Co-developed-by: Kai Huang
Signed-off-by: Kai Huang
Co-developed-by: Xiaoyao Li
Signed-off-by: Xiaoyao Li
Signed-off-by: Sean Christopherson
---
arch/x86/kvm/vmx/tdx_ops.h | 531 +
1 file changed, 531 insertions(+)
create mode
From: Sean Christopherson
TDX will use kvm_is_reserved_pfn() to prevent installing a reserved PFN
int SEPT. Or rather, to prevent such an attempt, as reserved PFNs are
not covered by TDMRs.
Signed-off-by: Sean Christopherson
---
virt/kvm/kvm_main.c | 1 +
1 file changed, 1 insertion(+)
diff
From: Sean Christopherson
Employ a 'continue' to reduce the indentation for linking a new shadow
page during __direct_map() in preparation for linking private pages.
Signed-off-by: Sean Christopherson
---
arch/x86/kvm/mmu/mmu.c | 19 +--
1 file changed, 9 insertions(+), 10
From: Kai Huang
Add a comment to explain that TDX also depends on booting logical CPUs
at least once.
TDSYSINITLP must be run on all CPUs, even software disabled CPUs in the
-nosmt case. Fortunately, current SMT handling for #MC already supports
booting all CPUs once; the to-be-disabled
From: Sean Christopherson
Add a flag, KVM_DEBUGREG_AUTO_SWITCHED, to skip saving/restoring DRs
irrespective of any other flags. TDX-SEAM unconditionally saves and
restores host DRs, ergo there is nothing to do.
Opportunistically convert the KVM_DEBUGREG_* definitions to use BIT().
On Nov 16 2020, Randy Dunlap wrote:
> What kernel version are you building?
5.10-rc4
Andreas.
--
Andreas Schwab, sch...@linux-m68k.org
GPG Key fingerprint = 7578 EB47 D4E5 4D69 2510 2552 DF73 E780 A9DA AEC1
"And now for something completely different."
From: Sean Christopherson
Stub in kvm_tdx, vcpu_tdx, their various accessors, and VMCS helpers.
The VMCS helpers, which rely on the stubs, will be used by preparatory
patches to move VMX functions for accessing VMCS state to common code.
Signed-off-by: Sean Christopherson
---
From: Rick Edgecombe
Add support in KVM's MMU for aliasing multiple GPAs (from a hardware
perspective) to a single GPA (from a memslot perspective). GPA alising
will be used to repurpose GPA bits as attribute bits, e.g. to expose an
execute-only permission bit to the guest. To keep the
From: Sean Christopherson
TDX is not supported on platforms with non-coherent IOMMUs, freak out if
one is encountered, and because SEPT doesn't allow the memtype control
that's needed to support non-coherent DMA.
Signed-off-by: Sean Christopherson
---
arch/x86/kvm/x86.c | 1 +
1 file changed,
From: Kai Huang
Two new MSRs IA32_SEAMRR_PHYS_BASE and IA32_SEAMRR_PHYS_MASK are added
in SPR for TDX. Add macro definition for both of them.
Signed-off-by: Kai Huang
---
arch/x86/include/asm/msr-index.h | 8
1 file changed, 8 insertions(+)
diff --git
From: Sean Christopherson
Signed-off-by: Sean Christopherson
---
arch/x86/kvm/vmx/main.c | 6 --
arch/x86/kvm/vmx/vmx.c | 12
2 files changed, 4 insertions(+), 14 deletions(-)
diff --git a/arch/x86/kvm/vmx/main.c b/arch/x86/kvm/vmx/main.c
index 30b1815fd5a7..53e1ea8df861
From: Sean Christopherson
Signed-off-by: Sean Christopherson
---
arch/x86/include/asm/kvm_host.h | 2 ++
arch/x86/kvm/mmu.h | 4 +++-
arch/x86/kvm/mmu/mmu.c | 24 +++-
arch/x86/kvm/mmu/spte.c | 26 ++
From: Sean Christopherson
Add a per-vcpu placeholder for the support XSS of the guest so that the
TDX configuration code doesn't need to hack in manual computation of the
supported XSS. KVM XSS enabling is currently being upstreamed, i.e.
guest_supported_xss will no longer be a placeholder by
From: Sean Christopherson
Co-developed-by: Kai Huang
Signed-off-by: Kai Huang
Co-developed-by: Xiaoyao Li
Signed-off-by: Xiaoyao Li
Signed-off-by: Sean Christopherson
---
arch/x86/kvm/vmx/tdx_arch.h | 230
1 file changed, 230 insertions(+)
create mode
From: Sean Christopherson
Return the old SPTE when clearing a SPTE and push the "old SPTE present"
check to the caller. Private shadow page support will use the old SPTE
in rmap_remove() to determine whether or not there is a linked private
shadow page.
Signed-off-by: Sean Christopherson
---
From: Sean Christopherson
Wrap the VMX kvm_x86_ops hooks in preparation of adding TDX, which can
coexist with VMX, i.e. KVM can run both VMs and TDs. Use 'vt' for the
naming scheme as a nod to VT-x and as a concatenation of VmxTdx.
Co-developed-by: Xiaoyao Li
Signed-off-by: Xiaoyao Li
On Mon, Nov 16, 2020 at 8:22 AM Masami Hiramatsu wrote:
>
> /* TODO: Ensure the @path is initramfs/initrd image */
> - ret = write(fd, data, size + 8);
> + ret = write(fd, data, size);
> if (ret < 0) {
> pr_err("Failed to apply a boot config: %d\n",
From: Sean Christopherson
Add kvm_x86_ops hooks to set/clear private SPTEs, i.e. SEPT entries, and
to link/free private shadow pages, i.e. non-leaf SEPT pages.
Because SEAMCALLs are bloody expensive, and because KVM's MMU is already
complex enough, TDX's SEPT will mirror KVM's shadow pages
From: Sean Christopherson
Move the AR_BYTES helpers to common.h so that future patches can reuse
them to decode/encode AR for TDX.
Signed-off-by: Sean Christopherson
---
arch/x86/kvm/vmx/common.h | 41 ++
arch/x86/kvm/vmx/vmx.c| 46
From: Sean Christopherson
Explicity check for an MMIO spte in the fast page fault flow. TDX will
use a not-present entry for MMIO sptes, which can be mistaken for an
access-tracked spte since both have SPTE_SPECIAL_MASK set.
Signed-off-by: Sean Christopherson
---
arch/x86/kvm/mmu/mmu.c | 2
From: Sean Christopherson
Add a second kvm_x86_ops hook in kvm_arch_vm_destroy() to support TDX's
destruction path, which needs to first put the VM into a teardown state,
then free per-vCPU resource, and finally free per-VM resources.
Note, this knowingly creates a discrepancy in nomenclature
From: Sean Christopherson
Signed-off-by: Sean Christopherson
---
arch/x86/kvm/vmx/common.h | 54 +++
arch/x86/kvm/vmx/vmx.c| 42 +-
2 files changed, 60 insertions(+), 36 deletions(-)
create mode 100644
From: Sean Christopherson
Signed-off-by: Sean Christopherson
---
arch/x86/kvm/vmx/common.h | 14 ++
arch/x86/kvm/vmx/vmx.c| 10 +-
2 files changed, 15 insertions(+), 9 deletions(-)
diff --git a/arch/x86/kvm/vmx/common.h b/arch/x86/kvm/vmx/common.h
index
From: Isaku Yamahata
---
arch/x86/kvm/vmx/tdx.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c
index adcb866861b7..d2c1766416f2 100644
--- a/arch/x86/kvm/vmx/tdx.c
+++ b/arch/x86/kvm/vmx/tdx.c
@@ -331,9 +331,6 @@ static int
From: Sean Christopherson
Add an option to skip the IRR check in kvm_wait_lapic_expire(). This
will be used by TDX to wait if there is an outstanding notification for
a TD, i.e. a virtual interrupt is being triggered via posted interrupt
processing. KVM TDX doesn't emulate PI processing, i.e.
From: Sean Christopherson
Signed-off-by: Sean Christopherson
---
arch/x86/include/asm/kvm_host.h | 2 ++
arch/x86/kvm/x86.c | 12
2 files changed, 14 insertions(+)
diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
index
From: Sean Christopherson
Ignore bits 63 and 62 when checking for present SPTEs to allow setting
said bits in not-present SPTEs. TDX will set bit 63 in "zero" SPTEs to
suppress #VEs (TDX-SEAM unconditionally enables EPT Violation #VE), and
will use bit 62 to track zapped private SPTEs.
From: Sean Christopherson
Add a macro framework to hide VMX vs. TDX details of VMREAD and VMWRITE
so the VMX and TDX can shared common flows, e.g. accessing DTs.
Note, the TDX paths are dead code at this time. There is no great way
to deal with the chicken-and-egg scenario of having things in
From: Sean Christopherson
Move the guts of vmx_cache_reg() to vt_cache_reg() in preparation for
reusing the bulk of the code for TDX, which can access guest state for
debug TDs.
Use kvm_x86_ops.cache_reg() in ept_update_paging_mode_cr0() rather than
trying to expose vt_cache_reg() to vmx.c,
From: Sean Christopherson
Add a flag to disable IRQ injection, which is not supported by TDX.
Signed-off-by: Sean Christopherson
---
arch/x86/include/asm/kvm_host.h | 1 +
arch/x86/kvm/x86.c | 4 +++-
2 files changed, 4 insertions(+), 1 deletion(-)
diff --git
From: Sean Christopherson
TDX-SEAM uses bits 31:0 to return more information, so these error codes
will only exactly match RAX[63:32].
Signed-off-by: Sean Christopherson
---
arch/x86/kvm/vmx/tdx_errno.h | 91
1 file changed, 91 insertions(+)
create mode
From: Sean Christopherson
TDX will run with EPT violation #VEs enabled, which means KVM needs to
set the "suppress #VE" bit in unused PTEs to avoid unintentionally
reflecting not-present EPT violations into the guest.
Signed-off-by: Sean Christopherson
---
arch/x86/kvm/mmu.h | 1 +
From: Sean Christopherson
Define the TDCALL exit reason, which is carved out from the VMX exit
reason namespace as the TDCALL exit from TDX guest to TDX-SEAM is really
just a VM-Exit.
Co-developed-by: Xiaoyao Li
Signed-off-by: Xiaoyao Li
Signed-off-by: Sean Christopherson
---
From: Sean Christopherson
Add what is effectively a TDX-specific ioctl for initializing the guest
Trust Domain. Implement the functionality as a subcommand of
KVM_MEMORY_ENCRYPT_OP, analogous to how the ioctl is used by SVM to
manage SEV guests.
For easy compatibility with future versions of
From: Sean Christopherson
Define MSR_IA32_MKTME_KEYID_PART, used by TDX to enumerate the TDX KeyID
space, which is carved out from the regular MKTME KeyIDs.
Signed-off-by: Sean Christopherson
---
arch/x86/include/asm/msr-index.h | 2 ++
1 file changed, 2 insertions(+)
diff --git
From: Sean Christopherson
Signed-off-by: Sean Christopherson
---
arch/x86/kvm/vmx/main.c | 17 +
arch/x86/kvm/vmx/vmx.c | 13 -
2 files changed, 17 insertions(+), 13 deletions(-)
diff --git a/arch/x86/kvm/vmx/main.c b/arch/x86/kvm/vmx/main.c
index
From: Sean Christopherson
Swap the order of hardware_enable_all() and kvm_arch_init_vm() to
accommodate Intel's TDX, which needs VMX to be enabled during VM init in
order to make SEAMCALLs.
This also provides consistent ordering between kvm_create_vm() and
kvm_destroy_vm() with respect to
From: Sean Christopherson
Signed-off-by: Sean Christopherson
---
arch/x86/include/asm/cpufeatures.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/arch/x86/include/asm/cpufeatures.h
b/arch/x86/include/asm/cpufeatures.h
index dad350d42ecf..1bd2a414dcc0 100644
---
From: Sean Christopherson
Add a flag for TDX to mark dirty logging as unsupported.
Suggested-by: Kai Huang
Signed-off-by: Sean Christopherson
---
include/linux/kvm_host.h | 1 +
virt/kvm/kvm_main.c | 5 -
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git
From: Sean Christopherson
Introduce a helper to directly (pun intented) fault-in a TDP page
without having to go through the full page fault path. This allows
TDX to get the resulting pfn and also allows the RET_PF_* enums to
stay in mmu.c where they belong.
Signed-off-by: Sean Christopherson
From: Sean Christopherson
The TSC for TDX1 guests is fixed at TD creation time. Add tsc_immutable
to reflect that the TSC of the guest cannot be changed in any way, and
use it to short circuit all paths that lead to one of the myriad TSC
adjustment flows.
Suggested-by: Kai Huang
From: Sean Christopherson
Add the VMCS field encoding for the shared EPTP, which will be used by
TDX to have separate EPT walks for private GPAs (existing EPTP) versus
shared GPAs (new shared EPTP).
Signed-off-by: Sean Christopherson
---
arch/x86/include/asm/vmx.h | 2 ++
1 file changed, 2
From: Sean Christopherson
Add hooks to cache and flush GPRs and invoke them from KVM_GET_REGS and
KVM_SET_REGS respecitively. TDX will use the hooks to read/write GPRs
from TDX-SEAM on-demand (for debug TDs).
Cc: Tom Lendacky
Signed-off-by: Sean Christopherson
---
From: Isaku Yamahata
This patch is not for review, but to make build success.
Add dummy empty file for TDX-SEAM module as
linux/lib/firmware/intel-seam/libtdx.so.
TDX-SEAM module isn't published. Its specification is at [1].
[1] Intel TDX Module 1.0 EAS
From: Sean Christopherson
Zap only leaf SPTEs when deleting/moving a memslot by default, and add a
module param to allow reverting to the old behavior of zapping all SPTEs
at all levels and memslots when any memslot is updated.
Signed-off-by: Sean Christopherson
---
arch/x86/kvm/mmu/mmu.c |
From: Sean Christopherson
Define the EPT Violation #VE control bit, #VE info VMCS fields, and the
suppress #VE bit for EPT entries.
Signed-off-by: Sean Christopherson
---
arch/x86/include/asm/vmx.h | 4
arch/x86/include/asm/vmxfeatures.h | 2 +-
2 files changed, 5 insertions(+),
From: Sean Christopherson
Add a hook into the early boot flow to load TDX-SEAM and do BSP-only
init of TDX-SEAM.
Perform TDSYSINIT, TDSYSINITLP sequence to initialize TDX during kernel
boot. Call TDSYSINIT on BSP for platform level initialization, and call
TDSYSINITLP for all cpus for per-cpu
On 11/16/20 11:01 AM, Gene Chen wrote:
Jacek Anaszewski 於 2020年10月31日 週六 上午6:34寫道:
On 10/30/20 9:51 AM, Gene Chen wrote:
Jacek Anaszewski 於 2020年10月28日 週三 上午1:28寫道:
On 10/27/20 10:28 AM, Gene Chen wrote:
Jacek Anaszewski 於 2020年10月21日 週三 上午5:47寫道:
On 10/20/20 8:44 AM, Gene Chen wrote:
On Mon, 2020-11-16 at 17:59 +, Jonathan Cameron wrote:
> On Tue, 10 Nov 2020 21:43:48 -0800
> Ben Widawsky wrote:
>
> > From: Vishal Verma
> >
> > Add an acpi_cxl module to coordinate the ACPI portions of the CXL
> > (Compute eXpress Link) interconnect. This driver binds to ACPI0017
> >
Hello Eugen,
On Thu, Nov 12, 2020 at 03:34:35PM +0200, Eugen Hristev wrote:
> Add bindings documentation for Microchip CSI2 Demultiplexer controller.
>
> CSI2DC is a demultiplexer from Synopsys IDI interface specification to
> parallel interface connection or direct memory access.
>
>
On 11/12/20 3:01 PM, Jarkko Sakkinen wrote:
Add a selftest for SGX. It is a trivial test where a simple enclave copies
one 64-bit word of memory between two memory locations, but ensures that
all SGX hardware and software infrastructure is functioning.
Cc: Shuah Khan
Cc:
On Mon, 2020-11-16 at 17:41 +, Christoph Hellwig wrote:
> On Mon, Nov 16, 2020 at 09:37:32AM -0800, Linus Torvalds wrote:
> > > This discussion seems to be going down the path of requiring an IMA
> > > filesystem hook for reading the file, again. That solution was
> > > rejected, not by me.
On Mon, 16 Nov 2020 10:01:20 +0100 Martin Schiller wrote:
> On 2020-11-14 12:10, Xie He wrote:
> > Martin Schiller is an active developer and reviewer for the X.25 code.
> > His company is providing products based on the Linux X.25 stack.
> > So he is a good candidate for maintainers of the X.25
On 13/11/20 14:02, Thomas Gleixner wrote:
> irq_cpustat_t is exactly the same as the asm-generic one. Define
> ack_bad_irq so the generic header does not emit the generic version of it.
>
> Signed-off-by: Thomas Gleixner
> Cc: Russell King
> Cc: Marc Zyngier
> Cc: Valentin Schneider
> Cc:
From: Colin Ian King
Don't populate the const array bws on the stack but instead it
static. Makes the object code smaller by 80 bytes:
Before:
textdata bss dec hex filename
85694 168651216 103775 1955f ./net/wireless/reg.o
After:
textdata bss dec
The CLKSCREW attack [0] exposed security vulnerabilities in energy management
implementations where untrusted software had direct access to clock and
voltage hardware controls. In this attack, the malicious software was able to
place the platform into unsafe overclocked or undervolted
701 - 800 of 1780 matches
Mail list logo
