From: Yang Weijiang <weijiang.yang@intel.com>
To: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Cc: Yang Weijiang <weijiang.yang@intel.com>,
kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
pbonzini@redhat.com, sean.j.christopherson@intel.com,
jmattson@google.com, yu.c.zhang@linux.intel.com,
yu-cheng.yu@intel.com
Subject: Re: [PATCH v8 0/7] Introduce support for guest CET feature
Date: Fri, 13 Dec 2019 08:44:45 +0800 [thread overview]
Message-ID: <20191213004445.GA2822@local-michael-cet-test> (raw)
In-Reply-To: <20191212160345.GA13420@char.us.oracle.com>
On Thu, Dec 12, 2019 at 11:03:45AM -0500, Konrad Rzeszutek Wilk wrote:
> On Fri, Nov 01, 2019 at 04:52:15PM +0800, Yang Weijiang wrote:
> > Control-flow Enforcement Technology (CET) provides protection against
> > Return/Jump-Oriented Programming (ROP/JOP) attack. It includes two
> > sub-features: Shadow Stack (SHSTK) and Indirect Branch Tracking (IBT).
> >
> > KVM change is required to support guest CET feature.
> > This patch serial implemented CET related CPUID/XSAVES enumeration, MSRs
> > and vmentry/vmexit configuration etc.so that guest kernel can setup CET
> > runtime infrastructure based on them. Some CET MSRs and related feature
> > flags used reference the definitions in kernel patchset.
> >
> > CET kernel patches is here:
> > https://lkml.org/lkml/2019/8/13/1110
> > https://lkml.org/lkml/2019/8/13/1109
>
> Is there a git tree with all of them against v5.5-rc1 (so all three series)?
> I tried your github tree: https://github.com/yyu168/linux_cet.git #cet
> but sadly that does not apply against 5.5-rc1 :-(
>
> Thanks!
Hi,
The CET patch includes two parts: one from kernel side the other from KVM,
the kernel patch in github is maintained by my peer, he'll rebase
it to the latest kernel tree shortly after resolve some issues.
Thank you for having interest!
prev parent reply other threads:[~2019-12-13 0:43 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-11-01 8:52 [PATCH v8 0/7] Introduce support for guest CET feature Yang Weijiang
2019-11-01 8:52 ` [PATCH v8 1/7] KVM: CPUID: Fix IA32_XSS support in CPUID(0xd,i) enumeration Yang Weijiang
2019-11-01 8:52 ` [PATCH v8 2/7] KVM: VMX: Define CET VMCS fields and #CP flag Yang Weijiang
2019-12-10 21:00 ` Sean Christopherson
2019-12-11 1:45 ` Yang Weijiang
2019-11-01 8:52 ` [PATCH v8 3/7] KVM: VMX: Pass through CET related MSRs Yang Weijiang
2019-12-10 21:18 ` Sean Christopherson
2019-12-11 1:32 ` Yang Weijiang
2019-12-11 1:50 ` Sean Christopherson
2019-12-11 2:27 ` Yang Weijiang
2019-12-16 2:18 ` Yang Weijiang
2019-12-18 0:34 ` Sean Christopherson
2019-12-18 13:55 ` Yang Weijiang
2019-12-18 16:02 ` Sean Christopherson
2019-11-01 8:52 ` [PATCH v8 4/7] KVM: VMX: Load CET states on vmentry/vmexit Yang Weijiang
2019-12-10 21:23 ` Sean Christopherson
2019-12-11 1:54 ` Yang Weijiang
2019-12-11 16:35 ` Sean Christopherson
2019-12-12 1:04 ` Yang Weijiang
2019-12-18 0:30 ` Sean Christopherson
2019-12-18 13:20 ` Yang Weijiang
2019-11-01 8:52 ` [PATCH v8 5/7] KVM: X86: Enable CET bits update in IA32_XSS Yang Weijiang
2019-11-01 8:52 ` [PATCH v8 6/7] KVM: X86: Load guest fpu state when accessing MSRs managed by XSAVES Yang Weijiang
2019-12-10 21:27 ` Sean Christopherson
2019-12-11 2:03 ` Yang Weijiang
2019-11-01 8:52 ` [PATCH v8 7/7] KVM: X86: Add user-space access interface for CET MSRs Yang Weijiang
2019-12-10 21:58 ` Sean Christopherson
2019-12-11 2:19 ` Yang Weijiang
2019-12-11 16:27 ` Sean Christopherson
2019-12-12 0:42 ` Yang Weijiang
2019-12-12 16:03 ` [PATCH v8 0/7] Introduce support for guest CET feature Konrad Rzeszutek Wilk
2019-12-13 0:44 ` Yang Weijiang [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191213004445.GA2822@local-michael-cet-test \
--to=weijiang.yang@intel.com \
--cc=jmattson@google.com \
--cc=konrad.wilk@oracle.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=sean.j.christopherson@intel.com \
--cc=yu-cheng.yu@intel.com \
--cc=yu.c.zhang@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox