sing the appropriate hypercall
mechanism.
Signed-off-by: Ahmed Abd El Mawgood
---
include/kvm/roe.h | 16
include/linux/kvm_host.h | 1 +
include/uapi/linux/kvm_para.h | 4 +
virt/kvm/kvm_main.c | 19 +++--
virt/kvm/roe.c
Signed-off-by: Ahmed Abd El Mawgood
---
virt/kvm/kvm_main.c| 3 ++-
virt/kvm/roe.c | 25 +
virt/kvm/roe_generic.h | 3 ++-
3 files changed, 29 insertions(+), 2 deletions(-)
diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
index d92d300539..b3dc7255b0
: Ahmed Abd El Mawgood
---
include/linux/kvm_host.h | 36 ++-
virt/kvm/roe.c | 228 +++
virt/kvm/roe_generic.h | 3 +
3 files changed, 197 insertions(+), 70 deletions(-)
diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h
index
The conditions upon which kvm_free_memslot are kind of ad-hock,
it will be hard to extend memslot with allocatable data that needs to be
freed, so I replaced the current mechanism by clear flag that states if
the memory slot should be freed.
Signed-off-by: Ahmed Abd El Mawgood
---
virt/kvm
ROE version documented here is implemented in the next 2 patches
Signed-off-by: Ahmed Abd El Mawgood
---
Documentation/virtual/kvm/hypercalls.txt | 40
1 file changed, 40 insertions(+)
diff --git a/Documentation/virtual/kvm/hypercalls.txt
b/Documentation/virtual/kvm
This patch implements kvm_roe_arch_commit_protection and
kvm_roe_arch_is_userspace for x86, and invoke kvm_roe via the
appropriate vmcall.
Signed-off-by: Ahmed Abd El Mawgood
---
arch/x86/include/asm/kvm_host.h | 2 +-
arch/x86/kvm/Makefile | 4 +-
arch/x86/kvm/mmu.c
Signed-off-by: Ahmed Abd El Mawgood
---
arch/x86/kvm/mmu.c | 7 +++
arch/x86/kvm/mmu.h | 1 +
2 files changed, 8 insertions(+)
diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c
index 098df7d135..bbfe3f2863 100644
--- a/arch/x86/kvm/mmu.c
+++ b/arch/x86/kvm/mmu.c
@@ -1053,6 +1053,13
| 57
include/uapi/linux/kvm.h | 2 +-
include/uapi/linux/kvm_para.h | 5 +
virt/kvm/kvm_main.c | 54 +++-
virt/kvm/roe.c | 445 +++
virt/kvm/roe_generic.h | 22 ++
15 files changed, 868 insertions(+), 96 deletions(-)
Signed-off-by: Ahmed Abd El Mawgood
Apply d->memslot->partial_roe_bitmap to shadow page table entries
too.
Signed-off-by: Ahmed Abd El Mawgood
---
arch/x86/kvm/roe.c | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/arch/x86/kvm/roe.c b/arch/x86/kvm/roe.c
index f787106be8..700f69823b 100644
--- a/ar
The problem is that qemu will not be able to detect ROE violations, so
one option would be create host API to tell if a given page is ROE
protected, or create ROE violation exit reason.
Signed-off-by: Ahmed Abd El Mawgood
---
arch/x86/kvm/x86.c | 10 +-
include/kvm/roe.h
This will help sharing data into the slot_level_handler callback. In my
case I need to a share a counter for the pages traversed to use it in some
bitmap. Being able to send arbitrary memory pointer into the
slot_level_handler callback made it easy.
Signed-off-by: Ahmed Abd El Mawgood
---
arch
This patch documents and implements ROE_MPROTECT_CHUNK, a part of ROE
hypercall designed to protect regions of a memory page with byte
granularity. This feature provides a key primitive to protect against
attacks involving pages remapping.
Signed-off-by: Ahmed Abd El Mawgood
---
include/linux
: Ahmed Abd El Mawgood
---
include/linux/kvm_host.h | 36 ++-
virt/kvm/roe.c | 228 +++
virt/kvm/roe_generic.h | 3 +
3 files changed, 197 insertions(+), 70 deletions(-)
diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h
index
The problem is that qemu will not be able to detect ROE violations, so
one option would be create host API to tell if a given page is ROE
protected, or create ROE violation exit reason.
Signed-off-by: Ahmed Abd El Mawgood
---
arch/x86/kvm/x86.c | 10 +-
include/kvm/roe.h
Signed-off-by: Ahmed Abd El Mawgood
---
virt/kvm/kvm_main.c| 3 ++-
virt/kvm/roe.c | 25 +
virt/kvm/roe_generic.h | 3 ++-
3 files changed, 29 insertions(+), 2 deletions(-)
diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
index d92d300539..b3dc7255b0
Apply d->memslot->partial_roe_bitmap to shadow page table entries
too.
Signed-off-by: Ahmed Abd El Mawgood
---
arch/x86/kvm/roe.c | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/arch/x86/kvm/roe.c b/arch/x86/kvm/roe.c
index f787106be8..700f69823b 100644
--- a/ar
This patch implements kvm_roe_arch_commit_protection and
kvm_roe_arch_is_userspace for x86, and invoke kvm_roe via the
appropriate vmcall.
Signed-off-by: Ahmed Abd El Mawgood
---
arch/x86/include/asm/kvm_host.h | 2 +-
arch/x86/kvm/Makefile | 4 +-
arch/x86/kvm/mmu.c
This patch documents and implements ROE_MPROTECT_CHUNK, a part of ROE
hypercall designed to protect regions of a memory page with byte
granularity. This feature provides a key primitive to protect against
attacks involving pages remapping.
Signed-off-by: Ahmed Abd El Mawgood
---
include/linux
ROE version documented here is implemented in the next 2 patches
Signed-off-by: Ahmed Abd El Mawgood
---
Documentation/virtual/kvm/hypercalls.txt | 40
1 file changed, 40 insertions(+)
diff --git a/Documentation/virtual/kvm/hypercalls.txt
b/Documentation/virtual/kvm
Signed-off-by: Ahmed Abd El Mawgood
---
arch/x86/kvm/mmu.c | 7 +++
arch/x86/kvm/mmu.h | 1 +
2 files changed, 8 insertions(+)
diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c
index 098df7d135..bbfe3f2863 100644
--- a/arch/x86/kvm/mmu.c
+++ b/arch/x86/kvm/mmu.c
@@ -1053,6 +1053,13
sing the appropriate hypercall
mechanism.
Signed-off-by: Ahmed Abd El Mawgood
---
include/kvm/roe.h | 16
include/linux/kvm_host.h | 1 +
include/uapi/linux/kvm_para.h | 4 +
virt/kvm/kvm_main.c | 19 +++--
virt/kvm/roe.c
The conditions upon which kvm_free_memslot are kind of ad-hock,
it will be hard to extend memslot with allocatable data that needs to be
freed, so I replaced the current mechanism by clear flag that states if
the memory slot should be freed.
Signed-off-by: Ahmed Abd El Mawgood
---
virt/kvm
| 57
include/uapi/linux/kvm.h | 2 +-
include/uapi/linux/kvm_para.h | 5 +
virt/kvm/kvm_main.c | 54 +++-
virt/kvm/roe.c | 445 +++
virt/kvm/roe_generic.h | 22 ++
15 files changed, 868 insertions(+), 96 deletions(-)
Signed-off-by: Ahmed Abd El Mawgood
This will help sharing data into the slot_level_handler callback. In my
case I need to a share a counter for the pages traversed to use it in some
bitmap. Being able to send arbitrary memory pointer into the
slot_level_handler callback made it easy.
Signed-off-by: Ahmed Abd El Mawgood
---
arch
I am absolutely sorry, I had some modifications that I forgot to commit
before I send. so please use this one patch 10/10 instead of the last
one.
Signed-off-by: Ahmed Abd El Mawgood
---
virt/kvm/kvm_main.c| 3 ++-
virt/kvm/roe.c | 26 ++
virt/kvm
Signed-off-by: Ahmed Abd El Mawgood
---
virt/kvm/kvm_main.c| 5 +
virt/kvm/roe.c | 14 ++
virt/kvm/roe_generic.h | 2 +-
3 files changed, 20 insertions(+), 1 deletion(-)
diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
index c3a21d3bc8..661933053f 100644
The problem is that qemu will not be able to detect ROE violations, so
one option would be create host API to tell if a given page is ROE
protected, or create ROE violation exit reason.
Signed-off-by: Ahmed Abd El Mawgood
---
arch/x86/kvm/x86.c | 10 +-
include/kvm/roe.h
This patch documents and implements ROE_MPROTECT_CHUNK, a part of ROE
hypercall designed to protect regions of a memory page with byte
granularity. This feature provides a key primitive to protect against
attacks involving pages remapping.
Signed-off-by: Ahmed Abd El Mawgood
---
include/linux
Apply d->memslot->partial_roe_bitmap to shadow page table entries
too.
Signed-off-by: Ahmed Abd El Mawgood
---
arch/x86/kvm/roe.c | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/arch/x86/kvm/roe.c b/arch/x86/kvm/roe.c
index f787106be8..700f69823b 100644
--- a/ar
ROE version documented here is implemented in the next 2 patches
Signed-off-by: Ahmed Abd El Mawgood
---
Documentation/virtual/kvm/hypercalls.txt | 40
1 file changed, 40 insertions(+)
diff --git a/Documentation/virtual/kvm/hypercalls.txt
b/Documentation/virtual/kvm
include/uapi/linux/kvm_para.h | 5 +
virt/kvm/kvm_main.c | 56 +++--
virt/kvm/roe.c | 342 +++
virt/kvm/roe_generic.h | 18 ++
15 files changed, 732 insertions(+), 95 deletions(-)
Signed-off-by: Ahmed Abd El Mawgood
This patch implements kvm_roe_arch_commit_protection and
kvm_roe_arch_is_userspace for x86, and invoke kvm_roe via the
appropriate vmcall.
Signed-off-by: Ahmed Abd El Mawgood
---
arch/x86/include/asm/kvm_host.h | 2 +-
arch/x86/kvm/Makefile | 4 +-
arch/x86/kvm/mmu.c
Signed-off-by: Ahmed Abd El Mawgood
---
arch/x86/kvm/mmu.c | 7 +++
arch/x86/kvm/mmu.h | 1 +
2 files changed, 8 insertions(+)
diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c
index b67d743c33..a300e4acb8 100644
--- a/arch/x86/kvm/mmu.c
+++ b/arch/x86/kvm/mmu.c
@@ -1024,6 +1024,13
sing the appropriate hypercall
mechanism.
Signed-off-by: Ahmed Abd El Mawgood
---
include/kvm/roe.h | 16
include/linux/kvm_host.h | 1 +
include/uapi/linux/kvm_para.h | 4 +
virt/kvm/kvm_main.c | 19 +++--
virt/kvm/roe.c
The conditions upon which kvm_free_memslot are kind of ad-hock,
it will be hard to extend memslot with allocatable data that needs to be
freed, so I replaced the current mechanism by clear flag that states if
the memory slot should be freed.
Signed-off-by: Ahmed Abd El Mawgood
---
virt/kvm
This will help sharing data into the slot_level_handler callback. In my
case I need to a share a counter for the pages traversed to use it in some
bitmap. Being able to send arbitrary memory pointer into the
slot_level_handler callback made it easy.
Signed-off-by: Ahmed Abd El Mawgood
---
arch
From: Ahmed Abd El Mawgood
madvise() returns -1 without CONFIG_TRANSPARENT_HUGEPAGE=y. That would
trigger asserts when checking for return value of madvice. Following
similar decision to [1]. I thought it is ok to assume that madvise()
MADV_NOHUGEPAGE failures implies that THP is not supported
From: Ahmed Abd El Mawgood
madvise() returns -1 without CONFIG_TRANSPARENT_HUGEPAGE=y. That would
trigger asserts when checking for return value of madvice. Following
similar decision to [1]. I thought it is ok to assume that madvise()
failures implies that THP is not supported by host kernel
ROE version documented here is implemented in the next 2 patches
Signed-off-by: Ahmed Abd El Mawgood
---
Documentation/virtual/kvm/hypercalls.txt | 31
1 file changed, 31 insertions(+)
diff --git a/Documentation/virtual/kvm/hypercalls.txt
b/Documentation/virtual/kvm
Apply d->memslot->partial_roe_bitmap to shadow page table entries
too.
Signed-off-by: Ahmed Abd El Mawgood
---
arch/x86/kvm/roe.c | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/arch/x86/kvm/roe.c b/arch/x86/kvm/roe.c
index cd3e6944c15f..b2b50fbcd598 100644
---
This will help sharing data into the slot_level_handler callback. In my
case I need to a share a counter for the pages traversed to use it in some
bitmap. Being able to send arbitrary memory pointer into the
slot_level_handler callback made it easy.
Signed-off-by: Ahmed Abd El Mawgood
---
arch
Signed-off-by: Ahmed Abd El Mawgood
---
virt/kvm/kvm_main.c| 7 +++
virt/kvm/roe.c | 14 ++
virt/kvm/roe_generic.h | 2 ++
3 files changed, 23 insertions(+)
diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
index 48c5d9d9474e..d625db7f5350 100644
--- a/virt
volve guest virtual address -> guest physical
address remapping, but there are plans to fix that.
Signed-off-by: Ahmed Abd El Mawgood
---
arch/x86/include/asm/kvm_host.h | 11 ++-
arch/x86/kvm/Kconfig| 7 ++
arch/x86/kvm/mmu.c | 72 +---
arch/x86/k
t is fixed. and I should not
that CONFIG_KVM_MROE should be used when testing my code and trying to
figure out what went wrong
Signed-off-by: Ahmed Abd El Mawgood
---
arch/x86/include/asm/kvm_host.h | 7 +-
arch/x86/kvm/Kconfig| 7 ++
arch/x86/kvm/mmu.c | 158 +
works.
Thansk.
Signed-off-by: Ahmed Abd El Mawgood
---
arch/x86/include/asm/kvm_host.h | 7 ++-
arch/x86/kvm/Kconfig| 7 +++
arch/x86/kvm/mmu.c | 127 +++-
arch/x86/kvm/x86.c | 83
works.
Thansk.
Signed-off-by: Ahmed Abd El Mawgood
---
arch/x86/include/asm/kvm_host.h | 7 ++-
arch/x86/kvm/Kconfig| 7 +++
arch/x86/kvm/mmu.c | 127 +++-
arch/x86/kvm/x86.c | 83
46 matches
Mail list logo
