Google Git
Sign in
android-kvm / linux / refs/heads/for-upstream/pkvm-sme
commitf7d4cd07dca602c3bce1cc4dd64ec809f773b1ad[log] [tgz]
authorFuad Tabba <tabba@google.com>Thu Jan 26 11:29:06 2023 +0000
committerFuad Tabba <tabba@google.com>Thu Feb 08 14:22:53 2024 +0000
tree43053f8fa0a4a2551d3db078b62795ff72ed5c7e
parentdeafb813379184b2f470c91c8ce1c9b787fe942f [diff]
KVM: arm64: Ensure that SME controls are disabled in protected mode

KVM (and pKVM) do not support SME guests. Therefore KVM ensures
that the host's SME state is flushed and that SME controls for
enabling access to ZA storage and for streaming are disabled.

pKVM needs to protect against a buggy/malicious host. Ensure that
it wouldn't run a guest when protected mode is enabled should any
of the SME controls be enabled.

Signed-off-by: Fuad Tabba <tabba@google.com>
2 files changed
tree: 43053f8fa0a4a2551d3db078b62795ff72ed5c7e
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. fs/
  8. include/
  9. init/
  10. io_uring/
  11. ipc/
  12. kernel/
  13. lib/
  14. LICENSES/
  15. mm/
  16. net/
  17. rust/
  18. samples/
  19. scripts/
  20. security/
  21. sound/
  22. tools/
  23. usr/
  24. virt/
  25. .clang-format
  26. .cocciconfig
  27. .editorconfig
  28. .get_maintainer.ignore
  29. .gitattributes
  30. .gitignore
  31. .mailmap
  32. .rustfmt.toml
  33. COPYING
  34. CREDITS
  35. Kbuild
  36. Kconfig
  37. MAINTAINERS
  38. Makefile
  39. README