This patch set is part-3 of this RFC patches. It introduces page table management for pKVM on Intel platform, and based on it, build pKVM's MMU page table and host EPT page table. pKVM needs isolated address space, so it shall have its own MMU page table. At the same time, host VM shall not be able to access pKVM's memory, host EPT page table shall be setup for it. pKVM requires its own memory pool and memory allocation to setup above MMU & EPT page table, it leverages the memory reservation mechanism and buddy page allocator from ARM solution. The setup of MMU/EPT page table is triggered by new added hypercall init-finalise after host OS got deprivileged. After MMU/EPT setup, pKVM can access all system memory, while host VM can access most of system memory except ones owned by pKVM. For MMIO access, host EPT only prepared mapping below 4G, for high address MMIO access from host VM, needs to build during runtime host EPT violation. Chuanxiao Dong (3): pkvm: x86: Introduce general page table management framework pkvm: x86: Introduce find_mem_range API pkvm: x86: Dynamically handle host MMIO EPT violation Jason Chen CJ (19): pkvm: x86: Define hypervisor runtime VA/PA APIs pkvm: x86: Add arch specific spinlock pkvm: x86: Add memset lib pkvm: x86: Add buddy page allocator pkvm: x86: Generate pkvm_constants.h for pKVM initialization pkvm: x86: Calculate total reserve page numbers pkvm: x86: Reserve memory for pKVM pkvm: x86: Early alloc from reserved memory pkvm: x86: Initialize MMU/EPT configuration pkvm: x86: Add early allocator based mm_ops pkvm: x86: Define linker script alias for kernel-proper symbol pkvm: x86: Introduce MMU pgtable support pkvm: x86: Add global pkvm_hyp pointer pkvm: x86: Add init-finalise hypercall pkvm: x86: Create MMU pgtable in init-finalise hypercall pkvm: x86: Add vmemmap and switch to buddy page allocator pkvm: x86: Introduce host EPT pgtable support pkvm: x86: Create host EPT pgtable in init-finalise hypercall pkvm: x86: Add pgtable API pkvm_pgtable_lookup arch/x86/include/asm/kvm_pkvm.h | 134 ++++++ arch/x86/include/asm/pkvm_image.h | 6 + arch/x86/include/asm/pkvm_image_vars.h | 18 + arch/x86/include/asm/pkvm_spinlock.h | 73 +++ arch/x86/kernel/setup.c | 3 + arch/x86/kernel/vmlinux.lds.S | 4 + arch/x86/kvm/.gitignore | 1 + arch/x86/kvm/vmx/pkvm/Makefile | 20 + arch/x86/kvm/vmx/pkvm/hyp/Makefile | 9 +- arch/x86/kvm/vmx/pkvm/hyp/early_alloc.c | 73 +++ arch/x86/kvm/vmx/pkvm/hyp/early_alloc.h | 15 + arch/x86/kvm/vmx/pkvm/hyp/ept.c | 223 +++++++++ arch/x86/kvm/vmx/pkvm/hyp/ept.h | 21 + arch/x86/kvm/vmx/pkvm/hyp/init_finalise.c | 296 ++++++++++++ arch/x86/kvm/vmx/pkvm/hyp/lib/memset_64.S | 24 + arch/x86/kvm/vmx/pkvm/hyp/memory.c | 65 +++ arch/x86/kvm/vmx/pkvm/hyp/memory.h | 23 + arch/x86/kvm/vmx/pkvm/hyp/mmu.c | 230 +++++++++ arch/x86/kvm/vmx/pkvm/hyp/mmu.h | 19 + arch/x86/kvm/vmx/pkvm/hyp/pgtable.c | 560 ++++++++++++++++++++++ arch/x86/kvm/vmx/pkvm/hyp/pgtable.h | 81 ++++ arch/x86/kvm/vmx/pkvm/hyp/pkvm.c | 8 + arch/x86/kvm/vmx/pkvm/hyp/pkvm_hyp.h | 10 + arch/x86/kvm/vmx/pkvm/hyp/vmexit.c | 36 ++ arch/x86/kvm/vmx/pkvm/hyp/vmx.h | 48 ++ arch/x86/kvm/vmx/pkvm/hyp/vmx_ops.h | 5 +- arch/x86/kvm/vmx/pkvm/include/pkvm.h | 49 ++ arch/x86/kvm/vmx/pkvm/pkvm_constants.c | 15 + arch/x86/kvm/vmx/pkvm/pkvm_host.c | 220 +++++++-- virt/kvm/pkvm/gfp.h | 1 + virt/kvm/pkvm/pkvm.c | 1 + 31 files changed, 2245 insertions(+), 46 deletions(-) create mode 100644 arch/x86/include/asm/kvm_pkvm.h create mode 100644 arch/x86/include/asm/pkvm_image_vars.h create mode 100644 arch/x86/include/asm/pkvm_spinlock.h create mode 100644 arch/x86/kvm/vmx/pkvm/hyp/early_alloc.c create mode 100644 arch/x86/kvm/vmx/pkvm/hyp/early_alloc.h create mode 100644 arch/x86/kvm/vmx/pkvm/hyp/ept.c create mode 100644 arch/x86/kvm/vmx/pkvm/hyp/ept.h create mode 100644 arch/x86/kvm/vmx/pkvm/hyp/init_finalise.c create mode 100644 arch/x86/kvm/vmx/pkvm/hyp/lib/memset_64.S create mode 100644 arch/x86/kvm/vmx/pkvm/hyp/memory.c create mode 100644 arch/x86/kvm/vmx/pkvm/hyp/memory.h create mode 100644 arch/x86/kvm/vmx/pkvm/hyp/mmu.c create mode 100644 arch/x86/kvm/vmx/pkvm/hyp/mmu.h create mode 100644 arch/x86/kvm/vmx/pkvm/hyp/pgtable.c create mode 100644 arch/x86/kvm/vmx/pkvm/hyp/pgtable.h create mode 100644 arch/x86/kvm/vmx/pkvm/hyp/pkvm.c create mode 100644 arch/x86/kvm/vmx/pkvm/hyp/pkvm_hyp.h create mode 100644 arch/x86/kvm/vmx/pkvm/hyp/vmx.h create mode 100644 arch/x86/kvm/vmx/pkvm/pkvm_constants.c -- 2.25.1
