On Thu, Jun 30, 2022 at 02:57:23PM +0100, Will Deacon wrote: > Hi everyone, > > This series has been extracted from the pKVM base support series (aka > "pKVM mega-patch") previously posted here: > > https://lore.kernel.org/kvmarm/20220519134204.5379-1-will@xxxxxxxxxx/ > > Unlike that more comprehensive series, this one is fairly fundamental > and does not introduce any new ABI commitments, leaving questions > involving the management of guest private memory and the creation of > protected VMs for future work. Instead, this series extends the pKVM EL2 > code so that it can dynamically instantiate and manage VM shadow > structures without the host being able to access them directly. These > shadow structures consist of a shadow VM, a set of shadow vCPUs and the > stage-2 page-table and the pages used to hold them are returned to the > host when the VM is destroyed. > > The last patch is marked as RFC because, although it plumbs in the > shadow state, it is woefully inefficient and copies to/from the host > state on every vCPU run. Without the last patch, the new structures are > unused but we move considerably closer to isolating guests from the > host. > > The series is based on Marc's rework of the flags > (kvm-arm64/burn-the-flags). > > Feedback welcome. > > Cheers, Only had few nitpicks Reviewed-by: Vincent Donnefort <vdonnefort@xxxxxxxxxx> Also, I've been using this patchset for quite a while now. Tested-by: Vincent Donnefort <vdonnefort@xxxxxxxxxx> [...]