Message ID | 20240503131910.307630-1-mic@digikod.net (mailing list archive) |
---|---|
Headers | show |
Series | Hypervisor-Enforced Kernel Integrity - CR pinning | expand |
On Fri, May 03, 2024, Mickaël Salaün wrote: > Hi, > > This patch series implements control-register (CR) pinning for KVM and > provides an hypervisor-agnostic API to protect guests. It includes the > guest interface, the host interface, and the KVM implementation. > > It's not ready for mainline yet (see the current limitations), but we > think the overall design and interfaces are good and we'd like to have > some feedback on that. ... > # Current limitations > > This patch series doesn't handle VM reboot, kexec, nor hybernate yet. > We'd like to leverage the realated feature from KVM CR-pinning patch > series [3]. Help appreciated! Until you have a story for those scenarios, I don't expect you'll get a lot of valuable feedback, or much feedback at all. They were the hot topic for KVM CR pinning, and they'll likely be the hot topic now.