git.baikalelectronics.ru Git - kernel.git/commit

author	David Brazdil <dbrazdil@google.com>
	Wed, 2 Dec 2020 18:40:57 +0000 (18:40 +0000)
committer	Marc Zyngier <maz@kernel.org>
	Fri, 4 Dec 2020 08:43:43 +0000 (08:43 +0000)
commit	7403b44c4ab4be079aa97aa61eccd08c617a2e15
tree	55c51a443c79ced21284dcc359523ded2e358306	tree \| snapshot
parent	f27f140298a2f49bd0627119e8a9ebd245841f36	commit \| diff

KVM: arm64: Add kvm-arm.mode early kernel parameter

Add an early parameter that allows users to select the mode of operation
for KVM/arm64.

For now, the only supported value is "protected". By passing this flag
users opt into the hypervisor placing additional restrictions on the
host kernel. These allow the hypervisor to spawn guests whose state is
kept private from the host. Restrictions will include stage-2 address
translation to prevent host from accessing guest memory, filtering its
SMC calls, etc.

Without this parameter, the default behaviour remains selecting VHE/nVHE
based on hardware support and CONFIG_ARM64_VHE.

Signed-off-by: David Brazdil <dbrazdil@google.com>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Link: https://lore.kernel.org/r/20201202184122.26046-2-dbrazdil@google.com

Documentation/admin-guide/kernel-parameters.txt		diff \| blob \| history
arch/arm64/include/asm/kvm_host.h		diff \| blob \| history
arch/arm64/kvm/arm.c		diff \| blob \| history