github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-03 12:03:54 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
fd02aa45bd
linux/arch/x86
History
Paolo Bonzini fd02aa45bd Merge branch 'kvm-tdx-initial' into HEAD 
This large commit contains the initial support for TDX in KVM.  All x86
parts enable the host-side hypercalls that KVM uses to talk to the TDX
module, a software component that runs in a special CPU mode called SEAM
(Secure Arbitration Mode).

The series is in turn split into multiple sub-series, each with a separate
merge commit:

- Initialization: basic setup for using the TDX module from KVM, plus
  ioctls to create TDX VMs and vCPUs.

- MMU: in TDX, private and shared halves of the address space are mapped by
  different EPT roots, and the private half is managed by the TDX module.
  Using the support that was added to the generic MMU code in 6.14,
  add support for TDX's secure page tables to the Intel side of KVM.
  Generic KVM code takes care of maintaining a mirror of the secure page
  tables so that they can be queried efficiently, and ensuring that changes
  are applied to both the mirror and the secure EPT.

- vCPU enter/exit: implement the callbacks that handle the entry of a TDX
  vCPU (via the SEAMCALL TDH.VP.ENTER) and the corresponding save/restore
  of host state.

- Userspace exits: introduce support for guest TDVMCALLs that KVM forwards to
  userspace.  These correspond to the usual KVM_EXIT_* "heavyweight vmexits"
  but are triggered through a different mechanism, similar to VMGEXIT for
  SEV-ES and SEV-SNP.

- Interrupt handling: support for virtual interrupt injection as well as
  handling VM-Exits that are caused by vectored events.  Exclusive to
  TDX are machine-check SMIs, which the kernel already knows how to
  handle through the kernel machine check handler (commit 7911f145de,
  "x86/mce: Implement recovery for errors in TDX/SEAM non-root mode")

- Loose ends: handling of the remaining exits from the TDX module, including
  EPT violation/misconfig and several TDVMCALL leaves that are handled in
  the kernel (CPUID, HLT, RDMSR/WRMSR, GetTdVmCallInfo); plus returning
  an error or ignoring operations that are not supported by TDX guests

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2025-04-07 07:36:33 -04:00
..
boot Kbuild updates for v6.15 2025-04-05 15:46:50 -07:00
coco x86/tdx: Emit warning if IRQs are enabled during HLT #VE handling 2025-03-26 08:52:10 +01:00
configs x86/mm: Remove CONFIG_HIGHMEM64G support 2025-02-27 11:21:53 +01:00
crypto This update includes the following changes: 2025-03-29 10:01:55 -07:00
entry mseal sysmap: enable x86-64 2025-04-01 15:17:15 -07:00
events lsm/stable-6.15 PR 20250323 2025-03-25 15:44:19 -07:00
hyperv hyperv-next for 6.15 2025-03-25 14:47:04 -07:00
ia32
include Merge branch 'kvm-tdx-initial' into HEAD 2025-04-07 07:36:33 -04:00
kernel A set of final cleanups for the timer subsystem: 2025-04-06 08:35:37 -07:00
kvm Merge branch 'kvm-tdx-initial' into HEAD 2025-04-07 07:36:33 -04:00
lib x86/uaccess: Improve performance by aligning writes to 8 bytes in copy_user_generic(), on non-FSRM/ERMS CPUs 2025-03-28 22:57:44 +01:00
math-emu x86/headers: Replace __ASSEMBLY__ with __ASSEMBLER__ in non-UAPI headers 2025-03-19 11:47:30 +01:00
mm Miscellaneous x86 fixes: 2025-04-04 07:12:26 -07:00
net bpf-next-6.15 2025-03-30 12:43:03 -07:00
pci xen: branch for v6.15-rc1 2025-03-25 14:33:32 -07:00
platform x86/platform/iosf_mbi: Remove unused iosf_mbi_unregister_pmic_bus_access_notifier() 2025-04-01 20:31:39 +02:00
power x86/fred: Fix system hang during S4 resume with FRED enabled 2025-04-01 22:29:02 +02:00
purgatory
ras
realmode x86/headers: Replace __ASSEMBLY__ with __ASSEMBLER__ in non-UAPI headers 2025-03-19 11:47:30 +01:00
tools x86/tools: Drop duplicate unlikely() definition in insn_decoder_test.c 2025-03-28 22:57:44 +01:00
um um: x86: clean up elf specific definitions 2025-03-18 14:48:31 +01:00
video
virt Merge branch 'kvm-tdx-initial' into HEAD 2025-04-07 07:36:33 -04:00
xen - The 6 patch series "Enable strict percpu address space checks" from 2025-04-01 09:29:18 -07:00
.gitignore
Kbuild tracing: Disable branch profiling in noinstr code 2025-03-22 09:49:26 +01:00
Kconfig Kbuild updates for v6.15 2025-04-05 15:46:50 -07:00
Kconfig.assembler
Kconfig.cpu x86/mm: Add INVLPGB feature and Kconfig entry 2025-03-19 11:08:52 +01:00
Kconfig.cpufeatures x86/cpufeatures: Add {REQUIRED,DISABLED} feature configs 2025-03-19 11:15:11 +01:00
Kconfig.debug mm: rename GENERIC_PTDUMP and PTDUMP_CORE 2025-03-17 00:05:32 -07:00
Makefile Kbuild updates for v6.15 2025-04-05 15:46:50 -07:00
Makefile_32.cpu x86/cpu: Drop configuration options for early 64-bit CPUs 2025-02-27 11:19:06 +01:00
Makefile.um um: Pass the correct Rust target and options with gcc 2025-03-18 11:01:02 +01:00