[PATCH v2 07/12] KVM: arm64: Rework specifying restricted features for protected VMs
Fuad Tabba
tabba at google.com
Wed Nov 27 01:06:31 PST 2024
Hi Kristina,
On Tue, 26 Nov 2024 at 18:28, Kristina Martšenko
<kristina.martsenko at arm.com> wrote:
>
> Hi Fuad,
>
> On 22/11/2024 11:06, Fuad Tabba wrote:
> > The existing code didn't properly distinguish between signed and
> > unsigned features, and was difficult to read and to maintain.
> > Rework it using the same method used in other parts of KVM when
> > handling vcpu features.
> >
> > Signed-off-by: Fuad Tabba <tabba at google.com>
> > ---
>
>
> > +static const struct pvm_feature pvmid_aa64isar2[] = {
> > + MAX_FEAT_FUNC(ID_AA64ISAR2_EL1, GPA3, IMP, _vcpu_has_ptrauth),
> > + MAX_FEAT_FUNC(ID_AA64ISAR2_EL1, APA3, PAuth, _vcpu_has_ptrauth),
> > + MAX_FEAT(ID_AA64ISAR2_EL1, ATS1A, IMP),
> > + FEAT_END
> > +};
>
> Just wondering - did you intentionally hide the MOPS feature from protected
> guests here? (It was exposed before)
>
> I did notice that the HCRX trap setting is currently broken/missing in upstream
> pKVM, which means MOPS instructions UNDEF in the guest. Is it related to that?
You're right on both counts. It was there before, but I removed it in
this patch series since HCRX trap setting is missing.
I have patches that add support for pKVM, based on the work that
you've already done, ready to post later.
I will respin this series again soon, with the comments from Marc.
Thanks,
/fuad
> Thanks,
> Kristina
>
More information about the linux-arm-kernel
mailing list