search for: gpas

Displaying 20 results from an estimated 49 matches for "gpas".

Did you mean: gaps
2020 Jun 11
2
[PATCH v3 59/75] x86/sev-es: Handle MONITOR/MONITORX Events
...OPs on > > SVM. > > Not sure if it is disarmed on VMRUN, but the MONITOR/MWAIT instructions > are part of the GHCB spec, so they are implemented here. Even if MONITOR/MWAIT somehow works across VMRUN I'm not sure it's something the guest should enable by default as it leaks GPAs to the untrusted host, with no benefit to the guest except in specific configurations. Yeah, the VMM can muck with page tables to trace guest to the some extent, but the guest shouldn't be unnecessarily volunteering information to the host. If MONITOR/MWAIT is effectively a NOP then removing...
2020 Jun 11
2
[PATCH v3 59/75] x86/sev-es: Handle MONITOR/MONITORX Events
...OPs on > > SVM. > > Not sure if it is disarmed on VMRUN, but the MONITOR/MWAIT instructions > are part of the GHCB spec, so they are implemented here. Even if MONITOR/MWAIT somehow works across VMRUN I'm not sure it's something the guest should enable by default as it leaks GPAs to the untrusted host, with no benefit to the guest except in specific configurations. Yeah, the VMM can muck with page tables to trace guest to the some extent, but the guest shouldn't be unnecessarily volunteering information to the host. If MONITOR/MWAIT is effectively a NOP then removing...
2020 Jun 11
0
[PATCH v3 59/75] x86/sev-es: Handle MONITOR/MONITORX Events
...> >> Not sure if it is disarmed on VMRUN, but the MONITOR/MWAIT instructions >> are part of the GHCB spec, so they are implemented here. > > Even if MONITOR/MWAIT somehow works across VMRUN I'm not sure it's something > the guest should enable by default as it leaks GPAs to the untrusted host, > with no benefit to the guest except in specific configurations. Yeah, the > VMM can muck with page tables to trace guest to the some extent, but the > guest shouldn't be unnecessarily volunteering information to the host. > > If MONITOR/MWAIT is effecti...
2019 Nov 01
0
[PATCH v4] vhost: introduce mdev based hardware backend
...ork backend w/o multiqueue for now; > - Some minor fixes and improvements; > - Rebase on top of virtio-mdev series v4; > > RFC v4 -> v1: > - Implement vhost-mdev as a mdev device driver directly and > connect it to VFIO container/group. (Jason); > - Pass ring addresses as GPAs/IOVAs in vhost-mdev to avoid > meaningless HVA->GPA translations (Jason); > > RFC v3 -> RFC v4: > - Build vhost-mdev on top of the same abstraction used by > virtio-mdev (Jason); > - Introduce vhost fd and pass VFIO fd via SET_BACKEND ioctl (MST); > > RFC v2 -&gt...
2020 May 20
2
[PATCH v3 59/75] x86/sev-es: Handle MONITOR/MONITORX Events
On Tue, Apr 28, 2020 at 05:17:09PM +0200, Joerg Roedel wrote: > From: Tom Lendacky <thomas.lendacky at amd.com> > > Implement a handler for #VC exceptions caused by MONITOR and MONITORX > instructions. > > Signed-off-by: Tom Lendacky <thomas.lendacky at amd.com> > [ jroedel at suse.de: Adapt to #VC handling infrastructure ] > Co-developed-by: Joerg Roedel
2020 May 20
2
[PATCH v3 59/75] x86/sev-es: Handle MONITOR/MONITORX Events
On Tue, Apr 28, 2020 at 05:17:09PM +0200, Joerg Roedel wrote: > From: Tom Lendacky <thomas.lendacky at amd.com> > > Implement a handler for #VC exceptions caused by MONITOR and MONITORX > instructions. > > Signed-off-by: Tom Lendacky <thomas.lendacky at amd.com> > [ jroedel at suse.de: Adapt to #VC handling infrastructure ] > Co-developed-by: Joerg Roedel
2019 Oct 31
2
[PATCH v4] vhost: introduce mdev based hardware backend
...LE (Jason); - Only support the network backend w/o multiqueue for now; - Some minor fixes and improvements; - Rebase on top of virtio-mdev series v4; RFC v4 -> v1: - Implement vhost-mdev as a mdev device driver directly and connect it to VFIO container/group. (Jason); - Pass ring addresses as GPAs/IOVAs in vhost-mdev to avoid meaningless HVA->GPA translations (Jason); RFC v3 -> RFC v4: - Build vhost-mdev on top of the same abstraction used by virtio-mdev (Jason); - Introduce vhost fd and pass VFIO fd via SET_BACKEND ioctl (MST); RFC v2 -> RFC v3: - Reuse vhost's ioctls ins...
2019 Oct 31
2
[PATCH v4] vhost: introduce mdev based hardware backend
...LE (Jason); - Only support the network backend w/o multiqueue for now; - Some minor fixes and improvements; - Rebase on top of virtio-mdev series v4; RFC v4 -> v1: - Implement vhost-mdev as a mdev device driver directly and connect it to VFIO container/group. (Jason); - Pass ring addresses as GPAs/IOVAs in vhost-mdev to avoid meaningless HVA->GPA translations (Jason); RFC v3 -> RFC v4: - Build vhost-mdev on top of the same abstraction used by virtio-mdev (Jason); - Introduce vhost fd and pass VFIO fd via SET_BACKEND ioctl (MST); RFC v2 -> RFC v3: - Reuse vhost's ioctls ins...
2019 Aug 24
1
Re: RLIMIT_MEMLOCK in container environment
...#39;s because of swap. I can be totally confused on > > that part though. > > > What I understand from an IRC conversation with Alex just now is that > increasing RLIMIT_MEMLOCK isn't done just to prevent any of the pages > being swapped out. It's done because "all GPAs (Guest Physical > Addresses) that could potentially be DMA targets need to have fixed > mappings through the iommu, therefore all need to be allocated and > mappings fixed [...] setting rlimit allows us to perform all the > necessary pins within the user's locked memory limit"....
2020 Jul 22
0
[RFC PATCH v1 06/34] KVM: x86: mmu: add support for EPT switching
...u32 exit_reason = vmx->exit_reason; u32 vectoring_info = vmx->idt_vectoring_info; + if (vmx->eptp_list_pg) { + unsigned int view = update_ept_view(vmx); + struct kvm_mmu *mmu = vcpu->arch.mmu; + + mmu->root_hpa = mmu->root_hpa_altviews[view]; + } + /* * Flush logged GPAs PML buffer, this will make dirty_bitmap more * updated. Another good is, in kvm_vm_ioctl_get_dirty_log, before @@ -6951,12 +7034,21 @@ static fastpath_t vmx_vcpu_run(struct kvm_vcpu *vcpu) return exit_fastpath; } +static void vmx_destroy_eptp_list_page(struct vcpu_vmx *vmx) +{ + if (vmx-&gt...
2019 Aug 22
2
Re: RLIMIT_MEMLOCK in container environment
On Thu, Aug 22, 2019 at 12:01 PM Laine Stump <laine@redhat.com> wrote: > > On 8/22/19 10:56 AM, Ihar Hrachyshka wrote: > > On Thu, Aug 22, 2019 at 2:24 AM Daniel P. Berrangé <berrange@redhat.com> wrote: > >> > >> On Wed, Aug 21, 2019 at 01:37:21PM -0700, Ihar Hrachyshka wrote: > >>> Hi all, > >>> > >>> KubeVirt uses
2019 Aug 22
0
Re: RLIMIT_MEMLOCK in container environment
...t; limit, but I assume it's because of swap. I can be totally confused on > that part though. What I understand from an IRC conversation with Alex just now is that increasing RLIMIT_MEMLOCK isn't done just to prevent any of the pages being swapped out. It's done because "all GPAs (Guest Physical Addresses) that could potentially be DMA targets need to have fixed mappings through the iommu, therefore all need to be allocated and mappings fixed [...] setting rlimit allows us to perform all the necessary pins within the user's locked memory limit". So even if swa...
2019 Sep 26
6
[PATCH] vhost: introduce mdev based hardware backend
...tup the backend. Signed-off-by: Tiwei Bie <tiwei.bie at intel.com> --- This patch depends on below series: https://lkml.org/lkml/2019/9/24/357 RFC v4 -> v1: - Implement vhost-mdev as a mdev device driver directly and connect it to VFIO container/group. (Jason); - Pass ring addresses as GPAs/IOVAs in vhost-mdev to avoid meaningless HVA->GPA translations (Jason); RFC v3 -> RFC v4: - Build vhost-mdev on top of the same abstraction used by virtio-mdev (Jason); - Introduce vhost fd and pass VFIO fd via SET_BACKEND ioctl (MST); RFC v2 -> RFC v3: - Reuse vhost's ioctls ins...
2019 Sep 26
6
[PATCH] vhost: introduce mdev based hardware backend
...tup the backend. Signed-off-by: Tiwei Bie <tiwei.bie at intel.com> --- This patch depends on below series: https://lkml.org/lkml/2019/9/24/357 RFC v4 -> v1: - Implement vhost-mdev as a mdev device driver directly and connect it to VFIO container/group. (Jason); - Pass ring addresses as GPAs/IOVAs in vhost-mdev to avoid meaningless HVA->GPA translations (Jason); RFC v3 -> RFC v4: - Build vhost-mdev on top of the same abstraction used by virtio-mdev (Jason); - Introduce vhost fd and pass VFIO fd via SET_BACKEND ioctl (MST); RFC v2 -> RFC v3: - Reuse vhost's ioctls ins...
2019 Sep 26
0
[PATCH] vhost: introduce mdev based hardware backend
...ie <tiwei.bie at intel.com> > --- > This patch depends on below series: > https://lkml.org/lkml/2019/9/24/357 > > RFC v4 -> v1: > - Implement vhost-mdev as a mdev device driver directly and > connect it to VFIO container/group. (Jason); > - Pass ring addresses as GPAs/IOVAs in vhost-mdev to avoid > meaningless HVA->GPA translations (Jason); > > RFC v3 -> RFC v4: > - Build vhost-mdev on top of the same abstraction used by > virtio-mdev (Jason); > - Introduce vhost fd and pass VFIO fd via SET_BACKEND ioctl (MST); > > RFC v2 -&gt...
2019 Oct 22
2
[PATCH v2] vhost: introduce mdev based hardware backend
...LE (Jason); - Only support the network backend w/o multiqueue for now; - Some minor fixes and improvements; - Rebase on top of virtio-mdev series v4; RFC v4 -> v1: - Implement vhost-mdev as a mdev device driver directly and connect it to VFIO container/group. (Jason); - Pass ring addresses as GPAs/IOVAs in vhost-mdev to avoid meaningless HVA->GPA translations (Jason); RFC v3 -> RFC v4: - Build vhost-mdev on top of the same abstraction used by virtio-mdev (Jason); - Introduce vhost fd and pass VFIO fd via SET_BACKEND ioctl (MST); RFC v2 -> RFC v3: - Reuse vhost's ioctls ins...
2019 Oct 22
2
[PATCH v2] vhost: introduce mdev based hardware backend
...LE (Jason); - Only support the network backend w/o multiqueue for now; - Some minor fixes and improvements; - Rebase on top of virtio-mdev series v4; RFC v4 -> v1: - Implement vhost-mdev as a mdev device driver directly and connect it to VFIO container/group. (Jason); - Pass ring addresses as GPAs/IOVAs in vhost-mdev to avoid meaningless HVA->GPA translations (Jason); RFC v3 -> RFC v4: - Build vhost-mdev on top of the same abstraction used by virtio-mdev (Jason); - Introduce vhost fd and pass VFIO fd via SET_BACKEND ioctl (MST); RFC v2 -> RFC v3: - Reuse vhost's ioctls ins...
2019 Sep 27
0
[PATCH] vhost: introduce mdev based hardware backend
...-- > This patch depends on below series: > https://lkml.org/lkml/2019/9/24/357 Looks pretty nice, comments inline. > > RFC v4 -> v1: > - Implement vhost-mdev as a mdev device driver directly and > connect it to VFIO container/group. (Jason); > - Pass ring addresses as GPAs/IOVAs in vhost-mdev to avoid > meaningless HVA->GPA translations (Jason); > > RFC v3 -> RFC v4: > - Build vhost-mdev on top of the same abstraction used by > virtio-mdev (Jason); > - Introduce vhost fd and pass VFIO fd via SET_BACKEND ioctl (MST); > > RFC v2 -&gt...
2020 Jul 21
0
[PATCH v9 77/84] KVM: introspection: add KVMI_VM_SET_PAGE_ACCESS
From: Mihai Don?u <mdontu at bitdefender.com> This command sets the spte access bits (rwx) for an array of guest physical addresses (through the page tracking subsystem). These GPAs, with the requested access bits, are also kept in a radix tree in order to filter out the #PF events which are of no interest to the introspection tool. The access restrictions for pages that are not visible to the guest are silently ignored by default (the tool might set restrictions for the whol...
2019 Oct 29
2
[PATCH v3] vhost: introduce mdev based hardware backend
...LE (Jason); - Only support the network backend w/o multiqueue for now; - Some minor fixes and improvements; - Rebase on top of virtio-mdev series v4; RFC v4 -> v1: - Implement vhost-mdev as a mdev device driver directly and connect it to VFIO container/group. (Jason); - Pass ring addresses as GPAs/IOVAs in vhost-mdev to avoid meaningless HVA->GPA translations (Jason); RFC v3 -> RFC v4: - Build vhost-mdev on top of the same abstraction used by virtio-mdev (Jason); - Introduce vhost fd and pass VFIO fd via SET_BACKEND ioctl (MST); RFC v2 -> RFC v3: - Reuse vhost's ioctls ins...