mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-11-01 08:58:07 +00:00
Code Issues Releases Wiki Activity
linux-stable/arch/x86
History
Sean Christopherson 72add915fb KVM: VMX: Enable SGX virtualization for SGX1, SGX2 and LC 
Enable SGX virtualization now that KVM has the VM-Exit handlers needed
to trap-and-execute ENCLS to ensure correctness and/or enforce the CPU
model exposed to the guest.  Add a KVM module param, "sgx", to allow an
admin to disable SGX virtualization independent of the kernel.

When supported in hardware and the kernel, advertise SGX1, SGX2 and SGX
LC to userspace via CPUID and wire up the ENCLS_EXITING bitmap based on
the guest's SGX capabilities, i.e. to allow ENCLS to be executed in an
SGX-enabled guest.  With the exception of the provision key, all SGX
attribute bits may be exposed to the guest.  Guest access to the
provision key, which is controlled via securityfs, will be added in a
future patch.

Note, KVM does not yet support exposing ENCLS_C leafs or ENCLV leafs.

Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Kai Huang <kai.huang@intel.com>
Message-Id: <a99e9c23310c79f2f4175c1af4c4cbcef913c3e5.1618196135.git.kai.huang@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-04-20 04:18:56 -04:00
..
boot EFI updates collected by Ard Biesheuvel: 2020-12-24 12:40:07 -08:00
configs module: remove EXPORT_UNUSED_SYMBOL* 2021-02-08 12:28:07 +01:00
crypto crypto: aesni - release FPU during skcipher walk API calls 2021-01-22 14:58:04 +11:00
entry x86/sev-es: Introduce ip_within_syscall_gap() helper 2021-03-08 14:22:17 +01:00
events x86/perf: Use RET0 as default for guest_get_msrs to handle "no PMU" case 2021-03-10 16:45:09 +01:00
hyperv iommu/hyperv: setup an IO-APIC IRQ remapping domain for root partition 2021-02-11 08:47:07 +00:00
ia32 x86/ia32_signal: Propagate __user annotation properly 2020-12-11 19:44:31 +01:00
include KVM: VMX: Add SGX ENCLS[ECREATE] handler to enforce CPUID restrictions 2021-04-20 04:18:55 -04:00
kernel x86/kvm: Don't bother __pv_cpu_mask when !CONFIG_SMP 2021-04-19 18:04:45 -04:00
kvm KVM: VMX: Enable SGX virtualization for SGX1, SGX2 and LC 2021-04-20 04:18:56 -04:00
lib x86/sev-es: Use __copy_from_user_inatomic() 2021-03-09 12:37:54 +01:00
math-emu
mm x86: fix seq_file iteration for pat/memtype.c 2021-02-26 09:41:05 -08:00
net bpf, x86: Fix BPF_FETCH atomic and/or/xor with r0 as src 2021-02-22 18:03:11 +01:00
pci Simple Firmware Interface (SFI) support removal for v5.12-rc1 2021-02-24 10:35:29 -08:00
platform Simple Firmware Interface (SFI) support removal for v5.12-rc1 2021-02-24 10:35:29 -08:00
power clang-lto for v5.12-rc1 (part2) 2021-02-23 15:13:45 -08:00
purgatory crypto: sha - split sha.h into sha1.h and sha2.h 2020-11-20 14:45:33 +11:00
ras
realmode
tools Modules updates for v5.12 2021-02-23 10:15:33 -08:00
um um: remove process stub VMA 2021-02-12 21:37:38 +01:00
video
xen xen: branch for v5.12-rc3 2021-03-12 11:34:36 -08:00
.gitignore
Kbuild
Kconfig x86/sgx: Add a basic NUMA allocation scheme to sgx_alloc_epc_page() 2021-03-19 19:16:51 +01:00
Kconfig.assembler
Kconfig.cpu
Kconfig.debug x86, libnvdimm/test: Remove COPY_MC_TEST 2020-10-26 18:08:35 +01:00
Makefile clang-lto for v5.12-rc1 (part2) 2021-02-23 15:13:45 -08:00
Makefile.um
Makefile_32.cpu