Google Git
Sign in
android-kvm / kvmtool / 392198a2d32b21c85eba85ffbb39afddd7d9ece8
commit392198a2d32b21c85eba85ffbb39afddd7d9ece8[log] [tgz]
authorWill Deacon <willdeacon@google.com>Wed Aug 10 11:46:07 2022 +0100
committerMostafa Saleh <smostafa@google.com>Tue Nov 07 15:33:48 2023 +0000
tree02df9aa605f1babf25b1d27b256c4967ec834751
parent102c0d4723e5562fd1bf8e603b0b03f253abd7bb [diff]
ANDROID: pkvm: Spawn protected guests with an 8MiB restricted DMA pool

Android kernels with pKVM support the creation of protected VMs using
bit 31 of the virtual machine type specifier. By default, the memory of
VMs spawned in this way is inaccessible to the host system.

Hack kvmtool to create protected VMs, request an 8MiB restricted DMA
pool for PCI devices so that virtio traffic can be bounced through a
shared memory window and advertise VIRTIO_F_ACCESS_PLATFORM for its PCI
devices.

Signed-off-by: Will Deacon <willdeacon@google.com>
5 files changed
tree: 02df9aa605f1babf25b1d27b256c4967ec834751
  1. arm/
  2. config/
  3. disk/
  4. Documentation/
  5. guest/
  6. hw/
  7. include/
  8. mips/
  9. net/
  10. powerpc/
  11. riscv/
  12. tests/
  13. ui/
  14. util/
  15. vfio/
  16. virtio/
  17. x86/
  18. .gitignore
  19. builtin-balloon.c
  20. builtin-debug.c
  21. builtin-help.c
  22. builtin-list.c
  23. builtin-pause.c
  24. builtin-resume.c
  25. builtin-run.c
  26. builtin-sandbox.c
  27. builtin-setup.c
  28. builtin-stat.c
  29. builtin-stop.c
  30. builtin-version.c
  31. code16gcc.h
  32. COPYING
  33. CREDITS-Git
  34. devices.c
  35. framebuffer.c
  36. guest_compat.c
  37. INSTALL
  38. ioeventfd.c
  39. irq.c
  40. kvm-cmd.c
  41. kvm-cpu.c
  42. kvm-ipc.c
  43. kvm.c
  44. main.c
  45. Makefile
  46. mmio.c
  47. pci.c
  48. README
  49. symbol.c
  50. term.c