| Message ID | 20230913124227.12574-1-binbin.wu@linux.intel.com (mailing list archive) |
|---|---|
| Headers | show |
| Series | LAM and LASS KVM Enabling | expand |
Hi Sean, Does this version of LAM patch set have the chance to be pulled for 6.7? On 9/13/2023 8:42 PM, Binbin Wu wrote: > This patch series includes KVM enabling patches for Linear-address masking > (LAM) v11 and Linear Address Space Separation (LASS) v3 since the two features > have overlapping prep work and concepts. Sent as a single series to reduce the > probability of conflicts. > > The patch series is organized as follows: > - Patch 1-4: Common prep work for both LAM and LASS. > - Patch 5-13: LAM part. > - Patch 14-16: LASS part. > > Dependency: > - LAM has no other dependency. > - LASS patches depends on LASS kernel enabling patches, which are not merged yet. > https://lore.kernel.org/all/20230609183632.48706-1-alexander.shishkin@linux.intel.com/ > > > ==== LAM v11 ==== > > Linear-address masking (LAM) [1], modifies the checking that is applied to > *64-bit* linear addresses, allowing software to use of the untranslated > address bits for metadata and masks the metadata bits before using them as > linear addresses to access memory. > > When the feature is virtualized and exposed to guest, it can be used for > efficient address sanitizers (ASAN) implementation and for optimizations in > JITs and virtual machines. > > The patch series brings LAM virtualization support in KVM. > > Please review and consider applying. > > LAM QEMU patch: > https://lists.gnu.org/archive/html/qemu-devel/2023-07/msg04160.html > > LAM kvm-unit-tests patch: > https://lore.kernel.org/kvm/20230530024356.24870-1-binbin.wu@linux.intel.com/ > > --- Test --- > 1. Add test cases in kvm-unit-test for LAM [2], including LAM_SUP and LAM_{U57,U48}. > For supervisor pointers, the test covers CR4 LAM_SUP bits toggle, Memory/MMIO > access with tagged pointer, and some special instructions (INVLPG, INVPCID, > INVVPID), INVVPID cases also used to cover VMX instruction VMExit path. > For user pointers, the test covers CR3 LAM bits toggle, Memory/MMIO access with > tagged pointer. > MMIO cases are used to trigger instruction emulation path. > Run the unit test with both LAM feature on/off (i.e. including negative cases). > Run the unit test in L1 guest with both LAM feature on/off. > 2. Run Kernel LAM kselftests in guest, with both EPT=Y/N. > 3. Launch a nested guest and run tests listed in 1 & 2. > > All tests have passed on real machine supporting LAM. > > [1] Intel ISE https://cdrdv2.intel.com/v1/dl/getContent/671368 > Chapter Linear Address Masking (LAM) > [2] https://lore.kernel.org/kvm/20230530024356.24870-1-binbin.wu@linux.intel.com/ > > ---------- > Changelog > > v11: > - A separate patch to drop non-PA bits when getting GFN for guest's PGD [Sean] > - Add a patch to remove kvm_vcpu_is_illegal_gpa() [Isaku] > - Squash CR4 LAM bit handling with the address untag for supervisor pointers. [Sean] > - Squash CR3 LAM bits handling with the address untag for user pointers. [Sean] > - Adopt KVM-governed feature framework to track "LAM enabled" as a separate > optimization patch, and add the reason in patch change log. [Sean, Kai] > - Some comment modifications/additions according to reviews [Sean] > > v10: > https://lore.kernel.org/kvm/20230719144131.29052-1-binbin.wu@linux.intel.com/ > > > ==== LASS v3 ==== > > Linear Address Space Separation (LASS)[1] is a new mechanism that > enforces the same mode-based protections as paging, i.e. SMAP/SMEP > but without traversing the paging structures. Because the protections > enforced by LASS are applied before paging, "probes" by malicious > software will provide no paging-based timing information. > > This patch series provide a LASS KVM solution and depends on kernel > enabling that can be found at [2]. > > --- Test --- > 1. Test the basic function of LASS virtualization including LASS > enumeration and enabling in guest and nested environment. > 2. Run selftest with following cases: > - data access to user address space in supervisor mode > - data access to supervisor address space in user mode > - data access to linear address across space boundary > - Using KVM FEP mechanism to run test cases above > - VMX instruction execution with VMCS structure in user > address space > - instruction fetch from user address space in supervisor mode > - instruction fetch from supervisor address space in user mode > > All tests have passed on real machine supporting LASS. > > [1] Intel ISE spec https://cdrdv2.intel.com/v1/dl/getContent/671368 > Chapter Linear Address Space Separation (LASS) > > [2] LASS kernel patch series > https://lore.kernel.org/all/20230609183632.48706-1-alexander.shishkin@linux.intel.com/ > > ---------- > Change log > > v3: > 1. Refine commit message [Sean/Chao Gao] > 2. Enhance the implementation of LASS violation check [Sean] > 3. Re-organize patch as Sean's suggestion [Sean] > > v2: > https://lore.kernel.org/all/20230719024558.8539-1-guang.zeng@intel.com/ > > > Binbin Wu (10): > KVM: x86: Consolidate flags for __linearize() > KVM: x86: Use a new flag for branch targets > KVM: x86: Add an emulation flag for implicit system access > KVM: x86: Add X86EMUL_F_INVLPG and pass it in em_invlpg() > KVM: x86/mmu: Drop non-PA bits when getting GFN for guest's PGD > KVM: x86: Add & use kvm_vcpu_is_legal_cr3() to check CR3's legality > KVM: x86: Remove kvm_vcpu_is_illegal_gpa() > KVM: x86: Introduce get_untagged_addr() in kvm_x86_ops and call it in > emulator > KVM: x86: Untag address for vmexit handlers when LAM applicable > KVM: x86: Use KVM-governed feature framework to track "LAM enabled" > > Robert Hoo (3): > KVM: x86: Virtualize LAM for supervisor pointer > KVM: x86: Virtualize LAM for user pointer > KVM: x86: Advertise and enable LAM (user and supervisor) > > Zeng Guang (3): > KVM: emulator: Add emulation of LASS violation checks on linear > address > KVM: VMX: Virtualize LASS > KVM: x86: Advertise LASS CPUID to user space > > arch/x86/include/asm/kvm-x86-ops.h | 4 +- > arch/x86/include/asm/kvm_host.h | 8 ++- > arch/x86/kvm/cpuid.c | 4 +- > arch/x86/kvm/cpuid.h | 13 ++-- > arch/x86/kvm/emulate.c | 39 +++++++---- > arch/x86/kvm/governed_features.h | 1 + > arch/x86/kvm/kvm_emulate.h | 13 ++++ > arch/x86/kvm/mmu.h | 8 +++ > arch/x86/kvm/mmu/mmu.c | 2 +- > arch/x86/kvm/mmu/mmu_internal.h | 1 + > arch/x86/kvm/mmu/paging_tmpl.h | 2 +- > arch/x86/kvm/svm/nested.c | 4 +- > arch/x86/kvm/vmx/nested.c | 14 ++-- > arch/x86/kvm/vmx/sgx.c | 4 +- > arch/x86/kvm/vmx/vmx.c | 106 ++++++++++++++++++++++++++++- > arch/x86/kvm/vmx/vmx.h | 5 ++ > arch/x86/kvm/x86.c | 28 +++++++- > arch/x86/kvm/x86.h | 4 ++ > 18 files changed, 226 insertions(+), 34 deletions(-) > > > base-commit: 0bb80ecc33a8fb5a682236443c1e740d5c917d1d > prerequisite-patch-id: 51db36ad7156234d05f8c4004ec6a31ef609b81a
On Sun, Oct 08, 2023, Binbin Wu wrote: > Hi Sean, > > Does this version of LAM patch set have the chance to be pulled for 6.7? There's still a chance, but I haven't looked at this version yet, so I can't give a more confident answer, sorry. For a variety of reasons, my review time this cycle has been much more limited than I anticipated.
On Wed, Sep 13, 2023, Binbin Wu wrote: > Binbin Wu (10): > KVM: x86: Consolidate flags for __linearize() > KVM: x86: Use a new flag for branch targets > KVM: x86: Add an emulation flag for implicit system access > KVM: x86: Add X86EMUL_F_INVLPG and pass it in em_invlpg() > KVM: x86/mmu: Drop non-PA bits when getting GFN for guest's PGD > KVM: x86: Add & use kvm_vcpu_is_legal_cr3() to check CR3's legality > KVM: x86: Remove kvm_vcpu_is_illegal_gpa() > KVM: x86: Introduce get_untagged_addr() in kvm_x86_ops and call it in > emulator > KVM: x86: Untag address for vmexit handlers when LAM applicable > KVM: x86: Use KVM-governed feature framework to track "LAM enabled" > > Robert Hoo (3): > KVM: x86: Virtualize LAM for supervisor pointer > KVM: x86: Virtualize LAM for user pointer > KVM: x86: Advertise and enable LAM (user and supervisor) > > Zeng Guang (3): > KVM: emulator: Add emulation of LASS violation checks on linear > address > KVM: VMX: Virtualize LASS > KVM: x86: Advertise LASS CPUID to user space This all looks good! I have a few minor nits, but nothing I can't tweak when applying. Assuming nothing explodes in testing, I'll get this applied for 6.8 next week. My apologies for not getting to this sooner and missing 6.7 :-(
On Fri, Oct 20, 2023, Sean Christopherson wrote: > On Wed, Sep 13, 2023, Binbin Wu wrote: > > Binbin Wu (10): > > KVM: x86: Consolidate flags for __linearize() > > KVM: x86: Use a new flag for branch targets > > KVM: x86: Add an emulation flag for implicit system access > > KVM: x86: Add X86EMUL_F_INVLPG and pass it in em_invlpg() > > KVM: x86/mmu: Drop non-PA bits when getting GFN for guest's PGD > > KVM: x86: Add & use kvm_vcpu_is_legal_cr3() to check CR3's legality > > KVM: x86: Remove kvm_vcpu_is_illegal_gpa() > > KVM: x86: Introduce get_untagged_addr() in kvm_x86_ops and call it in > > emulator > > KVM: x86: Untag address for vmexit handlers when LAM applicable > > KVM: x86: Use KVM-governed feature framework to track "LAM enabled" > > > > Robert Hoo (3): > > KVM: x86: Virtualize LAM for supervisor pointer > > KVM: x86: Virtualize LAM for user pointer > > KVM: x86: Advertise and enable LAM (user and supervisor) > > > > Zeng Guang (3): > > KVM: emulator: Add emulation of LASS violation checks on linear > > address > > KVM: VMX: Virtualize LASS > > KVM: x86: Advertise LASS CPUID to user space > > This all looks good! I have a few minor nits, but nothing I can't tweak when > applying. Assuming nothing explodes in testing, I'll get this applied for 6.8 > next week. Gah, by "this" I meant the LAM parts. LASS is going to have to wait until the kernel support lands.
On 10/21/2023 8:34 AM, Sean Christopherson wrote: > On Fri, Oct 20, 2023, Sean Christopherson wrote: >> On Wed, Sep 13, 2023, Binbin Wu wrote: >>> Binbin Wu (10): >>> KVM: x86: Consolidate flags for __linearize() >>> KVM: x86: Use a new flag for branch targets >>> KVM: x86: Add an emulation flag for implicit system access >>> KVM: x86: Add X86EMUL_F_INVLPG and pass it in em_invlpg() >>> KVM: x86/mmu: Drop non-PA bits when getting GFN for guest's PGD >>> KVM: x86: Add & use kvm_vcpu_is_legal_cr3() to check CR3's legality >>> KVM: x86: Remove kvm_vcpu_is_illegal_gpa() >>> KVM: x86: Introduce get_untagged_addr() in kvm_x86_ops and call it in >>> emulator >>> KVM: x86: Untag address for vmexit handlers when LAM applicable >>> KVM: x86: Use KVM-governed feature framework to track "LAM enabled" >>> >>> Robert Hoo (3): >>> KVM: x86: Virtualize LAM for supervisor pointer >>> KVM: x86: Virtualize LAM for user pointer >>> KVM: x86: Advertise and enable LAM (user and supervisor) >>> >>> Zeng Guang (3): >>> KVM: emulator: Add emulation of LASS violation checks on linear >>> address >>> KVM: VMX: Virtualize LASS >>> KVM: x86: Advertise LASS CPUID to user space >> This all looks good! I have a few minor nits, but nothing I can't tweak when >> applying. Assuming nothing explodes in testing, I'll get this applied for 6.8 >> next week. Thanks very much! > Gah, by "this" I meant the LAM parts. LASS is going to have to wait until the > kernel support lands.
On Wed, 13 Sep 2023 20:42:11 +0800, Binbin Wu wrote: > This patch series includes KVM enabling patches for Linear-address masking > (LAM) v11 and Linear Address Space Separation (LASS) v3 since the two features > have overlapping prep work and concepts. Sent as a single series to reduce the > probability of conflicts. > > The patch series is organized as follows: > - Patch 1-4: Common prep work for both LAM and LASS. > - Patch 5-13: LAM part. > - Patch 14-16: LASS part. > > [...] Applied to kvm-x86 lam (for 6.8)! I skipped the LASS patches, including patch 2 (the branch targets patch). I kept the IMPLICIT emulator flag even thought it's not strictly needed as it's a nice way to document non-existent code. I massaged a few changelogs and fixed the KVM_X86_OP_OPTIONAL() issue, but otherwise I don't think I made any code changes (it's been a long day :-) ). Please take a look to make sure it all looks good. Thanks! [01/16] KVM: x86: Consolidate flags for __linearize() https://github.com/kvm-x86/linux/commit/81c940395b14 [02/16] KVM: x86: Use a new flag for branch targets (no commit info) [03/16] KVM: x86: Add an emulation flag for implicit system access https://github.com/kvm-x86/linux/commit/90532843aebf [04/16] KVM: x86: Add X86EMUL_F_INVLPG and pass it in em_invlpg() https://github.com/kvm-x86/linux/commit/34b4ed7c1eaf [05/16] KVM: x86/mmu: Drop non-PA bits when getting GFN for guest's PGD https://github.com/kvm-x86/linux/commit/8b83853c5c98 [06/16] KVM: x86: Add & use kvm_vcpu_is_legal_cr3() to check CR3's legality https://github.com/kvm-x86/linux/commit/82ba7169837e [07/16] KVM: x86: Remove kvm_vcpu_is_illegal_gpa() https://github.com/kvm-x86/linux/commit/95df55ee42fe [08/16] KVM: x86: Introduce get_untagged_addr() in kvm_x86_ops and call it in emulator https://github.com/kvm-x86/linux/commit/7a747b6c84a1 [09/16] KVM: x86: Untag address for vmexit handlers when LAM applicable https://github.com/kvm-x86/linux/commit/ef99001b30a8 [10/16] KVM: x86: Virtualize LAM for supervisor pointer https://github.com/kvm-x86/linux/commit/4daea9a5183f [11/16] KVM: x86: Virtualize LAM for user pointer https://github.com/kvm-x86/linux/commit/0cadc474eff0 [12/16] KVM: x86: Advertise and enable LAM (user and supervisor) https://github.com/kvm-x86/linux/commit/6ef90ee226f1 [13/16] KVM: x86: Use KVM-governed feature framework to track "LAM enabled" https://github.com/kvm-x86/linux/commit/b291db540763 [14/16] KVM: emulator: Add emulation of LASS violation checks on linear address (no commit info) [15/16] KVM: VMX: Virtualize LASS (no commit info) [16/16] KVM: x86: Advertise LASS CPUID to user space (no commit info) -- https://github.com/kvm-x86/linux/tree/next
On 10/24/2023 7:43 AM, Sean Christopherson wrote: > On Wed, 13 Sep 2023 20:42:11 +0800, Binbin Wu wrote: >> This patch series includes KVM enabling patches for Linear-address masking >> (LAM) v11 and Linear Address Space Separation (LASS) v3 since the two features >> have overlapping prep work and concepts. Sent as a single series to reduce the >> probability of conflicts. >> >> The patch series is organized as follows: >> - Patch 1-4: Common prep work for both LAM and LASS. >> - Patch 5-13: LAM part. >> - Patch 14-16: LASS part. >> >> [...] > Applied to kvm-x86 lam (for 6.8)! I skipped the LASS patches, including patch 2 > (the branch targets patch). I kept the IMPLICIT emulator flag even thought it's > not strictly needed as it's a nice way to document non-existent code. > > I massaged a few changelogs and fixed the KVM_X86_OP_OPTIONAL() issue, but > otherwise I don't think I made any code changes (it's been a long day :-) ). > Please take a look to make sure it all looks good. Hi Sean, Thanks for changelogs massage and the KVM_X86_OP_OPTIONAL() issue fix. The LAM patches were applied as expected. > > Thanks! > > [01/16] KVM: x86: Consolidate flags for __linearize() > https://github.com/kvm-x86/linux/commit/81c940395b14 > [02/16] KVM: x86: Use a new flag for branch targets > (no commit info) > [03/16] KVM: x86: Add an emulation flag for implicit system access > https://github.com/kvm-x86/linux/commit/90532843aebf > [04/16] KVM: x86: Add X86EMUL_F_INVLPG and pass it in em_invlpg() > https://github.com/kvm-x86/linux/commit/34b4ed7c1eaf > [05/16] KVM: x86/mmu: Drop non-PA bits when getting GFN for guest's PGD > https://github.com/kvm-x86/linux/commit/8b83853c5c98 > [06/16] KVM: x86: Add & use kvm_vcpu_is_legal_cr3() to check CR3's legality > https://github.com/kvm-x86/linux/commit/82ba7169837e > [07/16] KVM: x86: Remove kvm_vcpu_is_illegal_gpa() > https://github.com/kvm-x86/linux/commit/95df55ee42fe > [08/16] KVM: x86: Introduce get_untagged_addr() in kvm_x86_ops and call it in emulator > https://github.com/kvm-x86/linux/commit/7a747b6c84a1 > [09/16] KVM: x86: Untag address for vmexit handlers when LAM applicable > https://github.com/kvm-x86/linux/commit/ef99001b30a8 > [10/16] KVM: x86: Virtualize LAM for supervisor pointer > https://github.com/kvm-x86/linux/commit/4daea9a5183f > [11/16] KVM: x86: Virtualize LAM for user pointer > https://github.com/kvm-x86/linux/commit/0cadc474eff0 > [12/16] KVM: x86: Advertise and enable LAM (user and supervisor) > https://github.com/kvm-x86/linux/commit/6ef90ee226f1 > [13/16] KVM: x86: Use KVM-governed feature framework to track "LAM enabled" > https://github.com/kvm-x86/linux/commit/b291db540763 > [14/16] KVM: emulator: Add emulation of LASS violation checks on linear address > (no commit info) > [15/16] KVM: VMX: Virtualize LASS > (no commit info) > [16/16] KVM: x86: Advertise LASS CPUID to user space > (no commit info) > > -- > https://github.com/kvm-x86/linux/tree/next
This patch series includes KVM enabling patches for Linear-address masking (LAM) v11 and Linear Address Space Separation (LASS) v3 since the two features have overlapping prep work and concepts. Sent as a single series to reduce the probability of conflicts. The patch series is organized as follows: - Patch 1-4: Common prep work for both LAM and LASS. - Patch 5-13: LAM part. - Patch 14-16: LASS part. Dependency: - LAM has no other dependency. - LASS patches depends on LASS kernel enabling patches, which are not merged yet. https://lore.kernel.org/all/20230609183632.48706-1-alexander.shishkin@linux.intel.com/ ==== LAM v11 ==== Linear-address masking (LAM) [1], modifies the checking that is applied to *64-bit* linear addresses, allowing software to use of the untranslated address bits for metadata and masks the metadata bits before using them as linear addresses to access memory. When the feature is virtualized and exposed to guest, it can be used for efficient address sanitizers (ASAN) implementation and for optimizations in JITs and virtual machines. The patch series brings LAM virtualization support in KVM. Please review and consider applying. LAM QEMU patch: https://lists.gnu.org/archive/html/qemu-devel/2023-07/msg04160.html LAM kvm-unit-tests patch: https://lore.kernel.org/kvm/20230530024356.24870-1-binbin.wu@linux.intel.com/ --- Test --- 1. Add test cases in kvm-unit-test for LAM [2], including LAM_SUP and LAM_{U57,U48}. For supervisor pointers, the test covers CR4 LAM_SUP bits toggle, Memory/MMIO access with tagged pointer, and some special instructions (INVLPG, INVPCID, INVVPID), INVVPID cases also used to cover VMX instruction VMExit path. For user pointers, the test covers CR3 LAM bits toggle, Memory/MMIO access with tagged pointer. MMIO cases are used to trigger instruction emulation path. Run the unit test with both LAM feature on/off (i.e. including negative cases). Run the unit test in L1 guest with both LAM feature on/off. 2. Run Kernel LAM kselftests in guest, with both EPT=Y/N. 3. Launch a nested guest and run tests listed in 1 & 2. All tests have passed on real machine supporting LAM. [1] Intel ISE https://cdrdv2.intel.com/v1/dl/getContent/671368 Chapter Linear Address Masking (LAM) [2] https://lore.kernel.org/kvm/20230530024356.24870-1-binbin.wu@linux.intel.com/ ---------- Changelog v11: - A separate patch to drop non-PA bits when getting GFN for guest's PGD [Sean] - Add a patch to remove kvm_vcpu_is_illegal_gpa() [Isaku] - Squash CR4 LAM bit handling with the address untag for supervisor pointers. [Sean] - Squash CR3 LAM bits handling with the address untag for user pointers. [Sean] - Adopt KVM-governed feature framework to track "LAM enabled" as a separate optimization patch, and add the reason in patch change log. [Sean, Kai] - Some comment modifications/additions according to reviews [Sean] v10: https://lore.kernel.org/kvm/20230719144131.29052-1-binbin.wu@linux.intel.com/ ==== LASS v3 ==== Linear Address Space Separation (LASS)[1] is a new mechanism that enforces the same mode-based protections as paging, i.e. SMAP/SMEP but without traversing the paging structures. Because the protections enforced by LASS are applied before paging, "probes" by malicious software will provide no paging-based timing information. This patch series provide a LASS KVM solution and depends on kernel enabling that can be found at [2]. --- Test --- 1. Test the basic function of LASS virtualization including LASS enumeration and enabling in guest and nested environment. 2. Run selftest with following cases: - data access to user address space in supervisor mode - data access to supervisor address space in user mode - data access to linear address across space boundary - Using KVM FEP mechanism to run test cases above - VMX instruction execution with VMCS structure in user address space - instruction fetch from user address space in supervisor mode - instruction fetch from supervisor address space in user mode All tests have passed on real machine supporting LASS. [1] Intel ISE spec https://cdrdv2.intel.com/v1/dl/getContent/671368 Chapter Linear Address Space Separation (LASS) [2] LASS kernel patch series https://lore.kernel.org/all/20230609183632.48706-1-alexander.shishkin@linux.intel.com/ ---------- Change log v3: 1. Refine commit message [Sean/Chao Gao] 2. Enhance the implementation of LASS violation check [Sean] 3. Re-organize patch as Sean's suggestion [Sean] v2: https://lore.kernel.org/all/20230719024558.8539-1-guang.zeng@intel.com/ Binbin Wu (10): KVM: x86: Consolidate flags for __linearize() KVM: x86: Use a new flag for branch targets KVM: x86: Add an emulation flag for implicit system access KVM: x86: Add X86EMUL_F_INVLPG and pass it in em_invlpg() KVM: x86/mmu: Drop non-PA bits when getting GFN for guest's PGD KVM: x86: Add & use kvm_vcpu_is_legal_cr3() to check CR3's legality KVM: x86: Remove kvm_vcpu_is_illegal_gpa() KVM: x86: Introduce get_untagged_addr() in kvm_x86_ops and call it in emulator KVM: x86: Untag address for vmexit handlers when LAM applicable KVM: x86: Use KVM-governed feature framework to track "LAM enabled" Robert Hoo (3): KVM: x86: Virtualize LAM for supervisor pointer KVM: x86: Virtualize LAM for user pointer KVM: x86: Advertise and enable LAM (user and supervisor) Zeng Guang (3): KVM: emulator: Add emulation of LASS violation checks on linear address KVM: VMX: Virtualize LASS KVM: x86: Advertise LASS CPUID to user space arch/x86/include/asm/kvm-x86-ops.h | 4 +- arch/x86/include/asm/kvm_host.h | 8 ++- arch/x86/kvm/cpuid.c | 4 +- arch/x86/kvm/cpuid.h | 13 ++-- arch/x86/kvm/emulate.c | 39 +++++++---- arch/x86/kvm/governed_features.h | 1 + arch/x86/kvm/kvm_emulate.h | 13 ++++ arch/x86/kvm/mmu.h | 8 +++ arch/x86/kvm/mmu/mmu.c | 2 +- arch/x86/kvm/mmu/mmu_internal.h | 1 + arch/x86/kvm/mmu/paging_tmpl.h | 2 +- arch/x86/kvm/svm/nested.c | 4 +- arch/x86/kvm/vmx/nested.c | 14 ++-- arch/x86/kvm/vmx/sgx.c | 4 +- arch/x86/kvm/vmx/vmx.c | 106 ++++++++++++++++++++++++++++- arch/x86/kvm/vmx/vmx.h | 5 ++ arch/x86/kvm/x86.c | 28 +++++++- arch/x86/kvm/x86.h | 4 ++ 18 files changed, 226 insertions(+), 34 deletions(-) base-commit: 0bb80ecc33a8fb5a682236443c1e740d5c917d1d prerequisite-patch-id: 51db36ad7156234d05f8c4004ec6a31ef609b81a