On Thu, 23 Sep 2021 12:22:51 +0100, Will Deacon <will@xxxxxxxxxx> wrote: > > Hi folks, > > This series restricts the hypercalls available to the KVM host on arm64 > when pKVM is enabled so that it is not possible for the host to use them > to replace the EL2 component with something else. > > This occurs in two stages: when switching to the pKVM vectors, the stub > hypercalls are removed and then later when pKVM is finalised, the pKVM > init hypercalls are removed. > > There are still a few dubious calls remaining in terms of protecting the > guest (e.g. __kvm_adjust_pc) but these will be dealt with later when we > have more VM state at EL2 to play with. Yup. This particular one should have an equivalent at EL2 and pending exceptions committed to the state before exiting to EL1. M. -- Without deviation from the norm, progress is not possible. _______________________________________________ kvmarm mailing list kvmarm@xxxxxxxxxxxxxxxxxxxxx https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
