Public bug reported:
SKX introduced the Protection Key for User Pages (PKU) feature enabling
fast, thread-specific manipulation of permission restrictions on user
pages. SPR introduced Protection Key for Supervisor Pages(PKS), a new
feature that extends the Protection Key architecture to support thread-
specific permission restrictions on supervisor pages. This important
feature enables enhanced access control on memory, and brings more valid
usage model.
Generally PKS enables protections on 'domains' of supervisor pages to
limit supervisor mode access to pages beyond the normal paging
protections(U/S, R/W, P). PKS works in a similar fashion to user space
pkeys, PKU. As with PKU, supervisor pkeys are checked in addition to
normal paging protections and Access or Writes can be disabled via a MSR
update without TLB flushes when permissions change.
PKS virtualization enabling should base on existing PKU code. Major
works:
CPUID exposure
New CR4 bit exposure
New VMCS fields enabling
IA32_PKRS saving/restoring
#GP handling
Target Linux 5.19
** Affects: kvm (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1954466
Title:
KVM Protection Keys for Supervisor Pages (PKS)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/kvm/+bug/1954466/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
