From: Mihai Donțu
This event is sent when an extended control register XCR is going to
be changed.
Signed-off-by: Mihai Donțu
Co-developed-by: Nicușor Cîțu
Signed-off-by: Nicușor Cîțu
Signed-off-by: Adalbert Lazăr
---
Documentation/virt/kvm/kvmi.rst | 33
arch/x86
of interested will be suppressed (after some appropriate guest-side
handling) while the rest will be sent to the introspector via a VMCALL.
Signed-off-by: Nicușor Cîțu
Co-developed-by: Adalbert Lazăr
Signed-off-by: Adalbert Lazăr
---
Documentation/virt/kvm/kvmi.rst | 41
This helps the introspection tool with the GVA to GPA translations
without the need to read or monitor the guest page tables.
Signed-off-by: Adalbert Lazăr
---
Documentation/virt/kvm/kvmi.rst | 32 +++
arch/x86/kvm/kvmi.c | 5 +++
include
only after initialization.
Signed-off-by: Nicușor Cîțu
Signed-off-by: Adalbert Lazăr
---
arch/x86/kvm/svm/svm.c | 27 ++-
1 file changed, 14 insertions(+), 13 deletions(-)
diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index e16be80edd7e..dfa1a6e74bf7 100644
From: Mihai Donțu
Using the KVMI_VCPU_CONTROL_CR command, the introspection tool subscribes
to KVMI_EVENT_CR events that will be sent when a control register (CR0,
CR3 or CR4) is going to be changed.
Signed-off-by: Mihai Donțu
Co-developed-by: Adalbert Lazăr
Signed-off-by: Adalbert Lazăr
and almost all commands are disallowed.
Some commands, those querying the introspection capabilities,
are always allowed.
Signed-off-by: Adalbert Lazăr
---
Documentation/virt/kvm/api.rst| 66 ++
include/linux/kvmi_host.h | 7 ++
include/uapi/linux
From: Nicușor Cîțu
This function is needed for the KVMI_VCPU_GET_XSAVE command.
Signed-off-by: Nicușor Cîțu
Signed-off-by: Adalbert Lazăr
---
arch/x86/kvm/x86.c | 4 ++--
include/linux/kvm_host.h | 2 ++
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/arch/x86/kvm/x86.c
From: Mihai Donțu
For now, this command returns only the number of online vCPUs.
The introspection tool uses the vCPU index to specify to which vCPU
the introspection command applies to.
Signed-off-by: Mihai Donțu
Signed-off-by: Adalbert Lazăr
---
Documentation/virt/kvm/kvmi.rst
This function is needed to intercept descriptor-table registers access.
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_host.h | 1 +
arch/x86/kvm/svm/svm.c | 26 ++
arch/x86/kvm/vmx/vmx.c | 15 +--
3 files changed, 40 insertions
From: Mihai Donțu
These commands allow the introspection tool to read/write from/to
the guest memory.
Signed-off-by: Mihai Donțu
Co-developed-by: Adalbert Lazăr
Signed-off-by: Adalbert Lazăr
---
Documentation/virt/kvm/kvmi.rst | 68 +++
include/uapi/linux/kvmi.h
of kvm_vcpu_kick().
And because this vCPU command (KVMI_VCPU_PAUSE) is handled by the
receiving thread (instead of the vCPU thread), once a string of
KVMI_VCPU_PAUSE commands with the 'wait' flag set is handled, the
introspection tool can consider the VM paused, without the need to wait
and check ev
Every vCPU has a lock-protected list in which the receiving thread
places the jobs that has to be done by the vCPU thread
once it is kicked out of guest (KVM_REQ_INTROSPECTION).
Co-developed-by: Nicușor Cîțu
Signed-off-by: Nicușor Cîțu
Signed-off-by: Adalbert Lazăr
---
include/linux
a scan.
Signed-off-by: Mihai Donțu
Co-developed-by: Adalbert Lazăr
Signed-off-by: Adalbert Lazăr
---
Documentation/virt/kvm/hypercalls.rst | 35
Documentation/virt/kvm/kvmi.rst | 36 +++-
arch/x86/include/uapi/asm/kvmi.h | 2
)
which will be used and freed by each of them before re-entering in guest.
Signed-off-by: Nicușor Cîțu
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_host.h | 3 ++
arch/x86/include/asm/kvmi_host.h | 4 +++
arch/x86/kvm/kvmi.c | 49 +++
virt
the instruction).
Signed-off-by: Mihai Donțu
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_host.h | 3 +++
arch/x86/kvm/svm/svm.c | 2 ++
arch/x86/kvm/vmx/vmx.c | 1 +
3 files changed, 6 insertions(+)
diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm
From: Mihai Donțu
This should make the code more readable.
Signed-off-by: Mihai Donțu
Signed-off-by: Adalbert Lazăr
---
arch/x86/kvm/vmx/vmx.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index fed661eb65a7
-by: Adalbert Lazăr
---
kernel/signal.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/kernel/signal.c b/kernel/signal.c
index 5ca48cc5da76..c3af81d7b62a 100644
--- a/kernel/signal.c
+++ b/kernel/signal.c
@@ -1456,6 +1456,7 @@ int kill_pid_info(int sig, struct kernel_siginfo *info,
struct pid *pid
From: Nicușor Cîțu
This commit also ensures that the introspection tool and the userspace
do not disable each other the CR3-write VM-exit.
Signed-off-by: Nicușor Cîțu
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvmi_host.h | 4 ++
arch/x86/kvm/kvmi.c | 64
These new error codes help the introspection tool to identify the cause
of the introspection command failure and to recover from some error
cases or to give more information to the user.
Signed-off-by: Adalbert Lazăr
---
include/uapi/linux/kvm_para.h | 4
1 file changed, 4 insertions
This command will allow more control over the guest state on
unhook. However, the memory restrictions (e.g. those set with
KVMI_VM_SET_PAGE_ACCESS) will be removed on unhook.
Signed-off-by: Adalbert Lazăr
--
It will be more interesting if the userspace could control the cleanup
behavior
From: Mihai Donțu
The information we can provide this way is incomplete, but current users
of the page tracking code can work with it.
Signed-off-by: Mihai Donțu
Signed-off-by: Adalbert Lazăr
---
arch/x86/kvm/x86.c | 49 ++
1 file changed, 49
From: Nicușor Cîțu
This function is needed in order to notify the introspection tool
through KVMI_EVENT_BP events on guest breakpoints.
Signed-off-by: Nicușor Cîțu
Signed-off-by: Adalbert Lazăr
---
arch/x86/kvm/x86.c | 18 +-
include/linux/kvm_host.h | 2 ++
2 files
From: Nicușor Cîțu
Both, the introspection tool and the device manager can request #BP
interception. This function will be used to check if this interception
is enabled by either side.
Signed-off-by: Nicușor Cîțu
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_host.h | 1 +
arch
From: Nicușor Cîțu
This function will be used to check if the access for a specific MSR is
already intercepted.
Signed-off-by: Nicușor Cîțu
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_host.h | 1 +
arch/x86/kvm/svm/svm.c | 1 +
arch/x86/kvm/vmx/vmx.c | 1 +
3
From: Mihai Donțu
This is used to add page access notifications as soon as a slot appears.
Signed-off-by: Mihai Donțu
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_page_track.h | 13 -
arch/x86/kvm/mmu/page_track.c | 16 +++-
arch/x86/kvm/x86.c
From: Mihai Donțu
For now, this command returns the TSC frequency (in HZ) for the specified
vCPU if available (otherwise it returns zero).
Signed-off-by: Mihai Donțu
Co-developed-by: Adalbert Lazăr
Signed-off-by: Adalbert Lazăr
---
Documentation/virt/kvm/kvmi.rst | 29
From: Nicușor Cîțu
This commit also ensures that the introspection tool and the userspace
do not disable each other the MSR access VM-exit.
Signed-off-by: Nicușor Cîțu
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvmi_host.h | 12 +++
arch/x86/kvm/kvmi.c | 133
Signed-off-by: Mihai Donțu
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_host.h | 1 +
arch/x86/kvm/svm/svm.c | 9 +
arch/x86/kvm/vmx/vmx.c | 8
3 files changed, 18 insertions(+)
diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/as
Co-developed-by: Mircea Cîrjaliu
Signed-off-by: Mircea Cîrjaliu
Co-developed-by: Adalbert Lazăr
Signed-off-by: Adalbert Lazăr
---
Documentation/virt/kvm/kvmi.rst | 29
include/linux/kvmi_host.h | 3 +
include/uapi/linux/kvmi.h
cea Cîrjaliu
Co-developed-by: Nicușor Cîțu
Signed-off-by: Nicușor Cîțu
Signed-off-by: Adalbert Lazăr
---
Documentation/virt/kvm/api.rst| 55 ++
arch/x86/include/asm/kvmi_host.h | 8 +
arch/x86/kvm/Makefile | 2 +-
arch/x86/kvm/x8
From: Mihai Donțu
These functions are used by the VM introspection code
(for the KVMI_VCPU_GET_REGISTERS command and all events sending the vCPU
registers to the introspection tool).
Signed-off-by: Mihai Donțu
Signed-off-by: Adalbert Lazăr
---
arch/x86/kvm/x86.c | 10
KVMI_VCPU_PAUSE commands.
Signed-off-by: Adalbert Lazăr
---
Documentation/virt/kvm/kvmi.rst | 22 ++-
arch/x86/kvm/kvmi.c | 81 +
include/linux/kvmi_host.h | 11 ++
include/uapi/linux/kvmi.h | 13 ++
.../testing
with
an KVMI_EVENT_TRAP event about the success of the injection. In case
of failure, the introspecion tool is expected to try again later.
Signed-off-by: Mihai Donțu
Co-developed-by: Nicușor Cîțu
Signed-off-by: Nicușor Cîțu
Co-developed-by: Adalbert Lazăr
Signed-off-by: Adalbert Lazăr
Co-developed-by: Mircea Cîrjaliu
Signed-off-by: Mircea Cîrjaliu
Co-developed-by: Adalbert Lazăr
Signed-off-by: Adalbert Lazăr
---
arch/x86/kvm/x86.c| 3 ++
include/linux/kvm_host.h | 1 +
include/linux/kvmi_host.h | 4 +++
virt/kvm/introspection/kvmi.c | 58
Donțu
Co-developed-by: Nicușor Cîțu
Signed-off-by: Nicușor Cîțu
Co-developed-by: Adalbert Lazăr
Signed-off-by: Adalbert Lazăr
---
Documentation/virt/kvm/kvmi.rst | 40
arch/x86/include/uapi/asm/kvmi.h | 6 +++
arch/x86/kvm/kvmi.c
When the introspection tool tries to enable the KVMI_EVENT_DESCRIPTOR
event, this function is used to check if it is supported.
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_host.h | 1 +
arch/x86/kvm/svm/svm.c | 6 ++
arch/x86/kvm/vmx/capabilities.h | 7 ++-
arch
From: Nicușor Cîțu
The next commit that adds the KVMI_EVENT_SINGLESTEP event will make this
command more useful.
Signed-off-by: Nicușor Cîțu
Co-developed-by: Adalbert Lazăr
Signed-off-by: Adalbert Lazăr
---
Documentation/virt/kvm/kvmi.rst | 32 ++
arch/x86/kvm/kvmi.c
From: Mihai Donțu
This is needed for kvmi_update_ad_flags() to emulate a guest page
table walk on SPT violations due to A/D bit updates.
Signed-off-by: Mihai Donțu
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_host.h | 2 +-
arch/x86/kvm/x86.c | 6 +++---
2 files
instruction).
Signed-off-by: Mihai Donțu
Co-developed-by: Marian Rotariu
Signed-off-by: Marian Rotariu
Co-developed-by: Stefan Sicleru
Signed-off-by: Stefan Sicleru
Signed-off-by: Adalbert Lazăr
---
arch/x86/kvm/emulate.c | 4 +++
arch/x86/kvm/kvm_emulate.h | 1 +
arch/x86/kvm/mmu/mmu.c
-off-by: Mihai Donțu
Co-developed-by: Marian Rotariu
Signed-off-by: Marian Rotariu
Signed-off-by: Adalbert Lazăr
---
Documentation/virt/kvm/kvmi.rst | 140 ++
arch/x86/kvm/Kconfig | 13 +++
arch/x86/kvm/Makefile | 2 +
include/linux
commands are disallowed (using id=-1) in which case KVMI_GET_VERSION is
silently allowed, without error.
Signed-off-by: Adalbert Lazăr
---
Documentation/virt/kvm/kvmi.rst | 37 +++
include/uapi/linux/kvmi.h | 10 +
.../testing/selftests/kvm
This function is needed for the KVMI_VCPU_CONTROL_CR command, when the
introspection tool has to intercept the read/write access to CR3.
Co-developed-by: Nicușor Cîțu
Signed-off-by: Nicușor Cîțu
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_host.h | 6 ++
arch/x86/kvm/svm
only after initialization.
Signed-off-by: Nicușor Cîțu
Signed-off-by: Adalbert Lazăr
---
arch/x86/kvm/vmx/vmx.c | 74 --
1 file changed, 42 insertions(+), 32 deletions(-)
diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index cf07db129670
From: Mihai Donțu
This event is sent when a #PF occurs due to a failed permission check
in the shadow page tables, for a page in which the introspection tool
has shown interest.
Signed-off-by: Mihai Donțu
Co-developed-by: Adalbert Lazăr
Signed-off-by: Adalbert Lazăr
---
Documentation/virt
From: Marian Rotariu
This command returns a CPUID leaf (as seen by the guest OS).
Signed-off-by: Marian Rotariu
Co-developed-by: Adalbert Lazăr
Signed-off-by: Adalbert Lazăr
---
Documentation/virt/kvm/kvmi.rst | 36 +++
arch/x86/include/uapi/asm/kvmi.h
commands can never be
disallowed by the device manager.
Signed-off-by: Adalbert Lazăr
---
Documentation/virt/kvm/kvmi.rst | 62 +++
include/uapi/linux/kvmi.h | 16 -
.../testing/selftests/kvm/x86_64/kvmi_test.c | 59 ++
virt/kvm
x64)
to triple-fault very early in the boot process with the introspection
enabled.
With introspection disabled, these faults are handled by simply removing
the protection from the affected guest page and returning to guest.
Signed-off-by: Mihai Donțu
Signed-off-by: Adalbert Lazăr
---
arch/x86
to
the introspection tool.
The access restrictions for pages that are not visible to the guest are
silently ignored by default (the tool might set restrictions for the
whole memory, based on KVMI_VM_GET_MAX_GFN).
Signed-off-by: Mihai Donțu
Co-developed-by: Adalbert Lazăr
Signed-off-by: Adalbert Lazăr
sage validation, etc.).
Adalbert Lazăr (22):
KVM: UAPI: add error codes used by the VM introspection code
KVM: add kvm_vcpu_kick_and_wait()
KVM: doc: fix the hypercall numbering
KVM: x86: add .control_cr3_intercept() to struct kvm_x86_ops
KVM: x86: add .desc_ctrl_supported()
KVM: x86: add .co
From: Nicușor Cîțu
This function will be used to allow the introspection tool to disable the
CR3-write interception when it is no longer interested in these events,
but only if nothing else depends on these VM-exits.
Signed-off-by: Nicușor Cîțu
Signed-off-by: Adalbert Lazăr
---
arch/x86
From: Nicușor Cîțu
This function is needed for the KVMI_EVENT_DESCRIPTOR event.
Signed-off-by: Nicușor Cîțu
Signed-off-by: Adalbert Lazăr
---
arch/x86/kvm/svm/svm.c | 15 +++
1 file changed, 15 insertions(+)
diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index
This is used by the introspection tool to check the hardware support
for the single step feature.
Signed-off-by: Adalbert Lazăr
---
Documentation/virt/kvm/kvmi.rst| 13 -
arch/x86/include/uapi/asm/kvmi.h | 5 +
arch/x86/kvm/kvmi.c
From: Nicușor Cîțu
This commit also ensures that only the userspace or the introspection
tool can control the #BP interception exclusively at one time.
Signed-off-by: Nicușor Cîțu
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvmi_host.h | 18 ++
arch/x86/kvm/kvmi.c
From: Ștefan Șicleru
The introspection tool will use this command to get the memory address
range for which it can set access restrictions.
Signed-off-by: Ștefan Șicleru
Co-developed-by: Nicușor Cîțu
Signed-off-by: Nicușor Cîțu
Signed-off-by: Adalbert Lazăr
---
Documentation/virt/kvm
Donțu
Co-developed-by: Adalbert Lazăr
Signed-off-by: Adalbert Lazăr
---
Documentation/virt/kvm/kvmi.rst | 51 +-
include/linux/kvmi_host.h | 2 +
include/uapi/linux/kvmi.h | 12 -
.../testing/selftests/kvm/x86_64
From: Mihai Donțu
This is needed because the emulator calls the page tracking code
irrespective of the current VM-exit reason or available information.
Signed-off-by: Mihai Donțu
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_host.h | 2 +-
arch/x86/include/asm
then checks its pause counter in
order to send the pause events requested by the introspection tool.
Signed-off-by: Adalbert Lazăr
---
Documentation/virt/kvm/kvmi.rst | 66 ++-
include/linux/kvmi_host.h | 2 +
include/uapi/linux/kvmi.h
From: Ștefan Șicleru
shadow_present_mask is not 0ull if #VE support is enabled.
If #VE support is enabled, shadow_present_mask is updated in
vmx_enable_tdp() with VMX_EPT_SUPPRESS_VE_BIT.
Signed-off-by: Ștefan Șicleru
Signed-off-by: Adalbert Lazăr
---
arch/x86/kvm/mmu/mmu.c | 8 +++-
1
Signed-off-by: Adalbert Lazăr
---
arch/x86/kvm/mmu/mmu.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c
index 97766f34910d..f3ba4d0452c9 100644
--- a/arch/x86/kvm/mmu/mmu.c
+++ b/arch/x86/kvm/mmu/mmu.c
@@ -2573,6 +2573,7
-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_host.h | 2 +-
arch/x86/kvm/mmu/mmu.c | 4 +++-
arch/x86/kvm/x86.c | 4 +++-
3 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
index 2fbb26b54cf1
From: Ștefan Șicleru
The introspection tool uses this to set distinct access rights on
different EPT views.
Signed-off-by: Ștefan Șicleru
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_host.h | 2 +-
arch/x86/include/asm/kvm_page_track.h | 4 +-
arch/x86/kvm/kvmi.c
From: Ștefan Șicleru
Add one more field to struct kvmi_features in order to publish #VE
capabilities on the host as indicated by kvm_ve_supported flag.
Signed-off-by: Ștefan Șicleru
Signed-off-by: Adalbert Lazăr
---
Documentation/virt/kvm/kvmi.rst| 5 +++--
arch/x86/include
-developed-by: Ștefan Șicleru
Signed-off-by: Ștefan Șicleru
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_host.h | 2 ++
arch/x86/kvm/vmx/capabilities.h | 8
arch/x86/kvm/vmx/vmx.c | 8
arch/x86/kvm/x86.c | 3 +++
4 files changed, 21 insertions
From: Ștefan Șicleru
On EPT violations, when we check if the introspection tool has shown
interest in the current guest page, we will take into consideration
the EPT view of the current vCPU too.
Signed-off-by: Ștefan Șicleru
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvmi_host.h
From: Ștefan Șicleru
If the guest has EPTP switching capabilities with VMFUNC, read the
current view from VMCS instead of walking through the EPTP list when #VE
support is active.
Signed-off-by: Ștefan Șicleru
Signed-off-by: Adalbert Lazăr
---
arch/x86/kvm/vmx/vmx.c | 22
From: Ștefan Șicleru
This function returns the EPT view of the current vCPU
or 0 if the hardware support is missing.
Signed-off-by: Ștefan Șicleru
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_host.h | 3 +++
arch/x86/kvm/vmx/vmx.c | 8
arch/x86/kvm/vmx/vmx.h
h provided a new mask for non-mmio sptes.
Signed-off-by: Ștefan Șicleru
Signed-off-by: Adalbert Lazăr
---
arch/x86/kvm/vmx/vmx.c | 10 +-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index 3428857c6157..b65bd0d144e5 100644
From: Ștefan Șicleru
Signed-off-by: Ștefan Șicleru
Signed-off-by: Adalbert Lazăr
---
arch/x86/kvm/vmx/vmx.c | 7 +++
1 file changed, 7 insertions(+)
diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index 035f6c43a2a4..736b6cc6ca8f 100644
--- a/arch/x86/kvm/vmx/vmx.c
+++ b
From: Ștefan Șicleru
This function is needed for the KVMI_VCPU_DISABLE_VE command.
Signed-off-by: Ștefan Șicleru
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_host.h | 1 +
arch/x86/kvm/vmx/vmx.c | 10 ++
2 files changed, 11 insertions(+)
diff --git a/arch/x86
From: Ștefan Șicleru
Report the view a vCPU operates on when sending events to the
introspection tool.
Signed-off-by: Ștefan Șicleru
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/uapi/asm/kvmi.h | 4 +++-
arch/x86/kvm/kvmi.c | 1 +
2 files changed, 4 insertions(+), 1
to how
access rights are configured using the page tracking mechanism.
Signed-off-by: Ștefan Șicleru
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_page_track.h | 1 +
arch/x86/kvm/mmu.h| 2 ++
arch/x86/kvm/mmu/mmu.c| 38
From: Ștefan Șicleru
This will be used by the introspection tool to control the EPT views to
which the guest is allowed to switch.
Signed-off-by: Ștefan Șicleru
Signed-off-by: Adalbert Lazăr
---
Documentation/virt/kvm/kvmi.rst | 37 ++
arch/x86/include/uapi/asm/kvmi.h
-by: Ștefan Șicleru
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_host.h | 2 ++
arch/x86/kvm/kvmi.c | 23 ++-
virt/kvm/introspection/kvmi.c | 3 +++
3 files changed, 27 insertions(+), 1 deletion(-)
diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86
From: Ștefan Șicleru
The introspection tool can use #VE to reduce the number of VM-exits
caused by SPT violations for some guests.
Signed-off-by: Ștefan Șicleru
Signed-off-by: Adalbert Lazăr
---
Documentation/virt/kvm/kvmi.rst | 63 +++
arch/x86/include/uapi/asm
From: Ștefan Șicleru
This will be used to create root_hpa for all the EPT views.
Signed-off-by: Ștefan Șicleru
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_host.h | 7 +-
arch/x86/kvm/mmu/mmu.c | 43 -
arch/x86/kvm/mmu/paging_tmpl.h
.
Patches 31-34 extend the VM introspection API with #VE related commands.
Adalbert Lazăr (2):
KVM: x86: mmu: reindent to avoid lines longer than 80 chars
KVM: introspection: mask out non-rwx flags when reading/writing
from/to the internal database
Marian Rotariu (5):
KVM: x86: export
From: Marian Rotariu
Only the hardware support check function and the #VE info page management
are introduced.
Signed-off-by: Marian Rotariu
Co-developed-by: Ștefan Șicleru
Signed-off-by: Ștefan Șicleru
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_host.h | 1 +
arch/x86
From: Ștefan Șicleru
The introspection tool uses this command to set distinct access rights
on different EPT views.
Signed-off-by: Ștefan Șicleru
Signed-off-by: Adalbert Lazăr
---
Documentation/virt/kvm/kvmi.rst | 8 +---
include/uapi/linux/kvmi.h | 4 ++--
virt/kvm/introspection
From: Ștefan Șicleru
This will be used by the introspection tool to control the EPT views to
which the guest is allowed to switch.
Signed-off-by: Ștefan Șicleru
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_host.h | 1 +
arch/x86/kvm/vmx/vmx.c | 18
Signed-off-by: Adalbert Lazăr
---
Documentation/virt/kvm/kvmi.rst | 34 +++
arch/x86/include/uapi/asm/kvmi.h | 6
arch/x86/kvm/kvmi.c | 5 +++
include/uapi/linux/kvmi.h | 1 +
.../testing/selftests/kvm
-by: Ștefan Șicleru
Signed-off-by: Ștefan Șicleru
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_host.h | 1 +
arch/x86/kvm/vmx/vmx.c | 6 ++
2 files changed, 7 insertions(+)
diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
index d96bf0e15ea2
-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_host.h | 1 +
arch/x86/kvm/vmx/vmx.c | 35 -
2 files changed, 35 insertions(+), 1 deletion(-)
diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
index 1035308940fe..300f7fc43987 100644
This is needed because the KVMI_VM_SET_PAGE_SVE command we will use
the same database to keep the suppress #VE bit requested by the
introspection tool.
Signed-off-by: Adalbert Lazăr
---
virt/kvm/introspection/kvmi.c | 36 ---
1 file changed, 25 insertions(+), 11
tion #VEs are in
use.
Signed-off-by: Sean Christopherson
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_host.h | 1 +
arch/x86/kvm/Makefile | 2 +-
arch/x86/kvm/mmu.h | 1 +
arch/x86/kvm/mmu/mmu.c | 22 +++---
arch/x86/kvm/vmx
From: Ștefan Șicleru
This function is needed for the KVMI_VCPU_SET_VE_INFO command.
Signed-off-by: Ștefan Șicleru
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_host.h | 2 ++
arch/x86/include/asm/vmx.h | 1 +
arch/x86/kvm/vmx/vmx.c | 40
From: Ștefan Șicleru
This command is used by the introspection tool to set/clear
the suppress-VE bit for specific guest memory pages.
Signed-off-by: Ștefan Șicleru
Signed-off-by: Adalbert Lazăr
---
Documentation/virt/kvm/kvmi.rst | 42 +
arch/x86/include/uapi/asm/kvmi.h
From: Ștefan Șicleru
The introspection tool uses this function to check the hardware support
for EPT switching, which can be used to singlestep vCPUs
on a unprotected EPT view.
Signed-off-by: Ștefan Șicleru
Signed-off-by: Adalbert Lazăr
---
Documentation/virt/kvm/kvmi.rst | 36
"Suppress #VE" bit is ignored:
- By hardware that does not support EPT violation #VEs
- When the EPT violation #VE VMCS control is disabled
- On non-leaf EPT entries
Signed-off-by: Sean Christopherson
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/vmx.h | 1 +
1 fi
From: Ștefan Șicleru
The introspection tool will use these new fields to check
the hardware support before using the related introspection commands.
Signed-off-by: Ștefan Șicleru
Signed-off-by: Adalbert Lazăr
---
Documentation/virt/kvm/kvmi.rst| 6 --
arch/x86/include
-developed-by: Ștefan Șicleru
Signed-off-by: Ștefan Șicleru
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_host.h | 1 +
arch/x86/kvm/mmu/mmu.c | 12 ++--
arch/x86/kvm/vmx/vmx.c | 98 +
arch/x86/kvm/vmx/vmx.h | 1 +
4 files
From: Ștefan Șicleru
We use/allocate more root_hpa's every time mmu_alloc_roots()
is called.
Signed-off-by: Ștefan Șicleru
Signed-off-by: Adalbert Lazăr
---
arch/x86/kvm/mmu/mmu.c | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm
From: Ștefan Șicleru
Signed-off-by: Ștefan Șicleru
Signed-off-by: Adalbert Lazăr
---
arch/x86/kvm/svm/svm.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index 5c2d4a0c3d31..1c78b913eb5d 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86
This function is needed for the KVMI_VCPU_CONTROL_CR command, when the
introspection tool has to intercept the read/write access to CR3.
Co-developed-by: Nicușor Cîțu
Signed-off-by: Nicușor Cîțu
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_host.h | 6 ++
arch/x86/kvm/svm
This function is needed to intercept descriptor-table registers access.
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_host.h | 1 +
arch/x86/kvm/svm/svm.c | 26 ++
arch/x86/kvm/vmx/vmx.c | 15 +--
3 files changed, 40 insertions
).
kvm_page_track_emulation_failure() calls the page tracking code, that
can trigger an event for the introspection tool (which might need the
GVA in addition to the GPA).
Signed-off-by: Mihai Donțu
Co-developed-by: Nicușor Cîțu
Signed-off-by: Nicușor Cîțu
Signed-off-by: Adalbert Lazăr
---
arch/x86
From: Mihai Donțu
This is needed for kvmi_update_ad_flags() to emulate a guest page
table walk on SPT violations due to A/D bit updates.
Signed-off-by: Mihai Donțu
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_host.h | 2 +-
arch/x86/kvm/x86.c | 6 +++---
2 files
From: Mihai Donțu
This is needed because the emulator calls the page tracking code
irrespective of the current VM-exit reason or available information.
Signed-off-by: Mihai Donțu
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_host.h | 2 +-
arch/x86/include/asm
From: Nicușor Cîțu
This function is needed for KVMI_VCPU_CONTROL_SINGLESTEP.
Signed-off-by: Nicușor Cîțu
Signed-off-by: Adalbert Lazăr
---
arch/x86/include/asm/kvm_host.h | 1 +
arch/x86/kvm/vmx/vmx.c | 11 +++
2 files changed, 12 insertions(+)
diff --git a/arch/x86
-off-by: Mihai Donțu
Co-developed-by: Marian Rotariu
Signed-off-by: Marian Rotariu
Signed-off-by: Adalbert Lazăr
---
Documentation/virt/kvm/kvmi.rst | 139 ++
arch/x86/include/asm/kvm_host.h | 2 +
arch/x86/kvm/Kconfig | 9 ++
arch/x86/kvm/Makefile
and as such emulator_write_emulated() fails
and we inject a write #PF, leading to a guest crash.
Signed-off-by: Mihai Donțu
Signed-off-by: Adalbert Lazăr
---
arch/x86/kvm/x86.c | 6 +-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 5951458408fb
301 - 400 of 634 matches
Mail list logo
