[PATCH v3 0/6] KVM: arm64: Restrict host hypercalls when pKVM is enabled

[Will Deacon]

Hi again folks,

This is version three of the patches I previously posted here:

  v1: https://lore.kernel.org/r/20210923112256.15767-1-will@kernel.org
  v2: https://lore.kernel.org/r/20211005113721.29441-1-will@kernel.org

Changes since v3 are:

  - Included proposed cleanup (using an enum) from Marc
  - Rebased onto -rc4

Cheers,

Will

Cc: Marc Zyngier <maz at kernel.org>
Cc: Quentin Perret <qperret at google.com>
Cc: Catalin Marinas <catalin.marinas at arm.com>
Cc: Alexandru Elisei <alexandru.elisei at arm.com>
Cc: Suzuki K Poulose <suzuki.poulose at arm.com>
Cc: Mark Rutland <mark.rutland at arm.com>
Cc: kvmarm at lists.cs.columbia.edu

--->8

Marc Zyngier (1):
  KVM: arm64: Turn __KVM_HOST_SMCCC_FUNC_* into an enum (mostly)

Will Deacon (5):
  arm64: Prevent kexec and hibernation if is_protected_kvm_enabled()
  KVM: arm64: Reject stub hypercalls after pKVM has been initialised
  KVM: arm64: Propagate errors from __pkvm_prot_finalize hypercall
  KVM: arm64: Prevent re-finalisation of pKVM for a given CPU
  KVM: arm64: Disable privileged hypercalls after pKVM finalisation

 arch/arm64/include/asm/kvm_asm.h      | 47 ++++++++++++---------
 arch/arm64/kernel/smp.c               |  3 +-
 arch/arm64/kvm/arm.c                  | 61 ++++++++++++++++++---------
 arch/arm64/kvm/hyp/nvhe/host.S        | 26 ++++++++----
 arch/arm64/kvm/hyp/nvhe/hyp-main.c    | 37 +++++++++++-----
 arch/arm64/kvm/hyp/nvhe/mem_protect.c |  3 ++
 6 files changed, 117 insertions(+), 60 deletions(-)

-- 
2.33.0.882.g93a45727a2-goog