Re: [PATCH v4 2/5] KVM: X86: Expose PKS to guest
From: Paolo Bonzini
Date: Fri Feb 05 2021 - 05:17:36 EST
On 05/02/21 10:56, Borislav Petkov wrote:
On Fri, Feb 05, 2021 at 10:25:48AM +0100, Paolo Bonzini wrote:
On 05/02/21 09:37, Chenyi Qiang wrote:
diff --git a/arch/x86/mm/pkeys.c b/arch/x86/mm/pkeys.c
index 57718716cc70..8027f854c600 100644
--- a/arch/x86/mm/pkeys.c
+++ b/arch/x86/mm/pkeys.c
@@ -390,3 +390,9 @@ void pks_key_free(int pkey)
__clear_bit(pkey, &pks_key_allocation_map);
}
EXPORT_SYMBOL_GPL(pks_key_free);
+
+u32 get_current_pkrs(void)
+{
+ return this_cpu_read(pkrs_cache);
+}
+EXPORT_SYMBOL_GPL(get_current_pkrs);
diff --git a/include/linux/pkeys.h b/include/linux/pkeys.h
index bed0e293f13b..480429020f4c 100644
--- a/include/linux/pkeys.h
+++ b/include/linux/pkeys.h
@@ -72,6 +72,10 @@ static inline void pks_mk_readwrite(int pkey)
{
pr_err("%s is not valid without PKS support\n", __func__);
}
+static inline u32 get_current_pkrs(void)
+{
+ return 0;
+}
#endif /* ! CONFIG_ARCH_HAS_SUPERVISOR_PKEYS */
This would need an ack from the x86 people. Andy, Boris?
This looks like the PKS baremetal pile needs to be upstream first.
Yes, it does. I would like to have an ack for including the above two
hunks once PKS is upstream.
I also have CET and bus lock #DB queued and waiting for the bare metal
functionality, however they do not touch anything outside arch/x86/kvm.
Paolo