[Kernel-packages] [Bug 1954466] Re: KVM Protection Keys for Supervisor Pages (PKS)
[Expired for linux (Ubuntu) because there has been no activity for 60 days.] ** Changed in: linux (Ubuntu) Status: Incomplete => Expired -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1954466 Title: KVM Protection Keys for Supervisor Pages (PKS) Status in linux package in Ubuntu: Expired Bug description: SKX introduced the Protection Key for User Pages (PKU) feature enabling fast, thread-specific manipulation of permission restrictions on user pages. SPR introduced Protection Key for Supervisor Pages(PKS), a new feature that extends the Protection Key architecture to support thread-specific permission restrictions on supervisor pages. This important feature enables enhanced access control on memory, and brings more valid usage model. Generally PKS enables protections on 'domains' of supervisor pages to limit supervisor mode access to pages beyond the normal paging protections(U/S, R/W, P). PKS works in a similar fashion to user space pkeys, PKU. As with PKU, supervisor pkeys are checked in addition to normal paging protections and Access or Writes can be disabled via a MSR update without TLB flushes when permissions change. PKS virtualization enabling should base on existing PKU code. Major works: CPUID exposure New CR4 bit exposure New VMCS fields enabling IA32_PKRS saving/restoring #GP handling Target Linux 5.19 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1954466/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1954466] Re: KVM Protection Keys for Supervisor Pages (PKS)
Thanks for correcting pkg names. No upstream commits yet. Target Linux 5.19 timeframe. Target Ubuntu 23.04. Platform is Sapphire Rapids -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1954466 Title: KVM Protection Keys for Supervisor Pages (PKS) Status in linux package in Ubuntu: Incomplete Bug description: SKX introduced the Protection Key for User Pages (PKU) feature enabling fast, thread-specific manipulation of permission restrictions on user pages. SPR introduced Protection Key for Supervisor Pages(PKS), a new feature that extends the Protection Key architecture to support thread-specific permission restrictions on supervisor pages. This important feature enables enhanced access control on memory, and brings more valid usage model. Generally PKS enables protections on 'domains' of supervisor pages to limit supervisor mode access to pages beyond the normal paging protections(U/S, R/W, P). PKS works in a similar fashion to user space pkeys, PKU. As with PKU, supervisor pkeys are checked in addition to normal paging protections and Access or Writes can be disabled via a MSR update without TLB flushes when permissions change. PKS virtualization enabling should base on existing PKU code. Major works: CPUID exposure New CR4 bit exposure New VMCS fields enabling IA32_PKRS saving/restoring #GP handling Target Linux 5.19 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1954466/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1954466] Re: KVM Protection Keys for Supervisor Pages (PKS)
** Tags added: intel-bug-december-2021 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1954466 Title: KVM Protection Keys for Supervisor Pages (PKS) Status in linux package in Ubuntu: Incomplete Bug description: SKX introduced the Protection Key for User Pages (PKU) feature enabling fast, thread-specific manipulation of permission restrictions on user pages. SPR introduced Protection Key for Supervisor Pages(PKS), a new feature that extends the Protection Key architecture to support thread-specific permission restrictions on supervisor pages. This important feature enables enhanced access control on memory, and brings more valid usage model. Generally PKS enables protections on 'domains' of supervisor pages to limit supervisor mode access to pages beyond the normal paging protections(U/S, R/W, P). PKS works in a similar fashion to user space pkeys, PKU. As with PKU, supervisor pkeys are checked in addition to normal paging protections and Access or Writes can be disabled via a MSR update without TLB flushes when permissions change. PKS virtualization enabling should base on existing PKU code. Major works: CPUID exposure New CR4 bit exposure New VMCS fields enabling IA32_PKRS saving/restoring #GP handling Target Linux 5.19 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1954466/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1954466] Re: KVM Protection Keys for Supervisor Pages (PKS)
Hi Paul, Bugs in launchpad are filed against source packages, and "src:kvm" doesn't exist for more than 8 years now :-) Instead you'd want to file it against the package the code is in, in your case most likely src:qemu [1] or src:linux [2]. Also you should talk about the target Ubuntu release you want the fix to be in. I assume from the type of bug that you want to feature request for the coming LTS Ubuntu 22.04 - but please clarify to be sure. Finally referencing to features/commits works much better if you could please include the hashes of the commits. Please consider doing so once they exist upstream. If they are not existing there someone needs to provide the patches upfront and convince the team that they are stable enough to be picked up. The referred kernel version is in the future, so that might be a normal bug for a new feature. I'll re-assign this to src:linux for now as your bug indicates that is the target. [1]: https://bugs.launchpad.net/ubuntu/+source/qemu [2]: https://bugs.launchpad.net/ubuntu/+source/linux ** Package changed: kvm (Ubuntu) => linux (Ubuntu) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1954466 Title: KVM Protection Keys for Supervisor Pages (PKS) Status in linux package in Ubuntu: Incomplete Bug description: SKX introduced the Protection Key for User Pages (PKU) feature enabling fast, thread-specific manipulation of permission restrictions on user pages. SPR introduced Protection Key for Supervisor Pages(PKS), a new feature that extends the Protection Key architecture to support thread-specific permission restrictions on supervisor pages. This important feature enables enhanced access control on memory, and brings more valid usage model. Generally PKS enables protections on 'domains' of supervisor pages to limit supervisor mode access to pages beyond the normal paging protections(U/S, R/W, P). PKS works in a similar fashion to user space pkeys, PKU. As with PKU, supervisor pkeys are checked in addition to normal paging protections and Access or Writes can be disabled via a MSR update without TLB flushes when permissions change. PKS virtualization enabling should base on existing PKU code. Major works: CPUID exposure New CR4 bit exposure New VMCS fields enabling IA32_PKRS saving/restoring #GP handling Target Linux 5.19 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1954466/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
