[PATCH v2 00/24] KVM: arm64: Introduce pKVM shadow state at EL2
Vincent Donnefort
vdonnefort at google.com
Tue Jul 19 07:24:15 PDT 2022
On Thu, Jun 30, 2022 at 02:57:23PM +0100, Will Deacon wrote:
> Hi everyone,
>
> This series has been extracted from the pKVM base support series (aka
> "pKVM mega-patch") previously posted here:
>
> https://lore.kernel.org/kvmarm/20220519134204.5379-1-will@kernel.org/
>
> Unlike that more comprehensive series, this one is fairly fundamental
> and does not introduce any new ABI commitments, leaving questions
> involving the management of guest private memory and the creation of
> protected VMs for future work. Instead, this series extends the pKVM EL2
> code so that it can dynamically instantiate and manage VM shadow
> structures without the host being able to access them directly. These
> shadow structures consist of a shadow VM, a set of shadow vCPUs and the
> stage-2 page-table and the pages used to hold them are returned to the
> host when the VM is destroyed.
>
> The last patch is marked as RFC because, although it plumbs in the
> shadow state, it is woefully inefficient and copies to/from the host
> state on every vCPU run. Without the last patch, the new structures are
> unused but we move considerably closer to isolating guests from the
> host.
>
> The series is based on Marc's rework of the flags
> (kvm-arm64/burn-the-flags).
>
> Feedback welcome.
>
> Cheers,
Only had few nitpicks
Reviewed-by: Vincent Donnefort <vdonnefort at google.com>
Also, I've been using this patchset for quite a while now.
Tested-by: Vincent Donnefort <vdonnefort at google.com>
[...]
More information about the linux-arm-kernel
mailing list