[PATCH v9 00/22] KVM: arm64: Fixed features for protected VMs

[Fuad Tabba]

Hi,

On Mon, Oct 18, 2021 at 11:45 AM Andrew Jones <drjones at redhat.com> wrote:
>
> On Mon, Oct 18, 2021 at 10:51:54AM +0100, Fuad Tabba wrote:
> > Hi Marc,
> >
> > On Wed, Oct 13, 2021 at 1:04 PM Marc Zyngier <maz at kernel.org> wrote:
> > >
> > > This is an update on Fuad's series[1].
> > >
> > > Instead of going going back and forth over a series that has seen a
> > > fair few versions, I've opted for simply writing a set of fixes on
> > > top, hopefully greatly simplifying the handling of most registers, and
> > > moving things around to suit my own taste (just because I can).
> > >
> > > I won't be reposting the initial 11 patches, which is why this series
> > > in is reply to patch 11.
> >
> > Thanks for this series. I've reviewed, built it, and tested it with a
> > dummy protected VM (since we don't have proper protected VMs yet),
> > which initializes some of the relevant protected VMs metadata as well
> > as its control registers. So fwiw:
> >
> > Reviewed-by: Fuad Tabba <tabba at google.com>
> >
> > And to whatever extent possible at this stage:
> > Tested-by: Fuad Tabba <tabba at google.com>
> >
>
> Hi Fuad,
>
> Out of curiosity, when testing pKVM, what VMM do you use? Also, can you
> describe what a "dummy pVM" is? Is it a just pVM which is not actually
> protected? How similar is a pVM to a typical VIRTIO-using VM? Actually,
> maybe I should just ask if there are instructions for playing with pKVM
> somewhere that I could get a pointer to.

Considering the WIP state of pKVM, my setup is hacky and not that
stable. I use QEMU, along with Will'ls pKVM user ABI patches [*] and a
couple of hacks added on top to run a normal VM with the protected
codepath applied to it, to be able to do some testing and sanity
checking. There isn't really any proper way of playing with protected
VMs yet.

Thanks,
/fuad

[*] https://lore.kernel.org/kvmarm/20210603183347.1695-1-will@kernel.org/

> Thanks,
> drew
>