www.infradead.org Git - users/jedix/linux-maple.git/commit

author	Quentin Perret <qperret@google.com>
	Wed, 18 Dec 2024 19:40:57 +0000 (19:40 +0000)
committer	Marc Zyngier <maz@kernel.org>
	Fri, 20 Dec 2024 09:44:00 +0000 (09:44 +0000)
commit	0adce4d42f249b1701c136907055d9b12f8f6e1c
tree	733e910f783065fd522d24b0c8ddbc5675c666b1	tree
parent	76f0b18b3db57868fb0cabe691201aad3085b712	commit \| diff

KVM: arm64: Introduce __pkvm_tlb_flush_vmid()

Introduce a new hypercall to flush the TLBs of non-protected guests. The
host kernel will be responsible for issuing this hypercall after changing
stage-2 permissions using the __pkvm_host_relax_guest_perms() or
__pkvm_host_wrprotect_guest() paths. This is left under the host's
responsibility for performance reasons.

Note however that the TLB maintenance for all *unmap* operations still
remains entirely under the hypervisor's responsibility for security
reasons -- an unmapped page may be donated to another entity, so a stale
TLB entry could be used to leak private data.

Tested-by: Fuad Tabba <tabba@google.com>
Reviewed-by: Fuad Tabba <tabba@google.com>
Signed-off-by: Quentin Perret <qperret@google.com>
Link: https://lore.kernel.org/r/20241218194059.3670226-17-qperret@google.com
Signed-off-by: Marc Zyngier <maz@kernel.org>

arch/arm64/include/asm/kvm_asm.h		diff \| blob \| history
arch/arm64/kvm/hyp/nvhe/hyp-main.c		diff \| blob \| history