guest\-side (full) in projects: Documentation

Project(s)

Full Search
Definition
Symbol
File Path
History
Type

Searched +full:guest +full:- +full:side (Results 1 – 25 of 40) sorted by relevance

/Documentation/security/
D	snp-tdx-threat-model.rst	17 the kernel through various networking or limited HW-specific exposed 46 integrity for the VM's guest memory and execution state (vCPU registers), 47 more tightly controlled guest interrupt injection, as well as some 48 additional mechanisms to control guest-host page mapping. More details on 49 the x86-specific solutions can be found in 51 …https://www.amd.com/system/files/techdocs/sev-snp-strengthening-vm-isolation-with-integrity-protec… 53 The basic CoCo guest layout includes the host, guest, the interfaces that 54 communicate guest and host, a platform capable of supporting CoCo VMs, and 55 a trusted intermediary between the guest VM and the underlying platform 56 that acts as a security manager. The host-side virtual machine monitor [all …]
/Documentation/virt/kvm/x86/
D	cpuid.rst	1 .. SPDX-License-Identifier: GPL-2.0 9 A guest running on a kvm host, can check some of its features using 11 mask-out some, or even all KVM-related cpuid features before launching 12 a guest. 65 KVM_FEATURE_PV_UNHALT 7 guest checks this feature bit 69 KVM_FEATURE_PV_TLB_FLUSH 9 guest checks this feature bit 77 KVM_FEATURE_PV_SEND_IPI 11 guest checks this feature bit 81 KVM_FEATURE_POLL_CONTROL 12 host-side polling on HLT can 85 KVM_FEATURE_PV_SCHED_YIELD 13 guest checks this feature bit 89 KVM_FEATURE_ASYNC_PF_INT 14 guest checks this feature bit [all …]
D	errata.rst	1 .. SPDX-License-Identifier: GPL-2.0 18 ---------------------------------- 27 Clearing these bits in CPUID has no effect on the operation of the guest; 31 Workaround: It is recommended to always set these bits in guest CPUID. 37 ------------------------------ 42 ------ 45 vCPU has legacy xAPIC enabled, e.g. to bring up hotplugged vCPUs via INIT-SIPI 46 on VMs with > 255 vCPUs. A side effect of the quirk is that, if multiple vCPUs 53 ----- 54 KVM does not virtualize guest MTRR memory types. KVM emulates accesses to MTRR [all …]
D	msr.rst	1 .. SPDX-License-Identifier: GPL-2.0 4 KVM-specific MSRs 16 --------------- 24 4-byte alignment physical address of a memory area which must be 25 in guest RAM. This memory is expected to hold a copy of the following 40 guest has to check version before and after grabbing 42 An odd version indicates an in-progress update. 53 Note that although MSRs are per-CPU entities, the effect of this 63 4-byte aligned physical address of a memory area which must be in 64 guest RAM, plus an enable bit in bit 0. This memory is expected to hold [all …]
D	mmu.rst	`1 .. SPDX-License-Identifier: GPL-2.0 8 for presenting a standard x86 mmu to the guest, while translating guest 13 - correctness: 14 the guest should not be able to determine that it is running 18 - security: 19 the guest must not be able to touch host memory not assigned 21 - performance: 23 - scaling: 25 - hardware: 27 - integration: [all …]`
/Documentation/virt/
D	guest-halt-polling.rst	2 Guest halt polling 6 the guest vcpus to poll for a specified amount of time before 9 This provides the following benefits to host side polling: 15 2) The VM-exit cost can be avoided. 17 The downside of guest side polling is that polling is performed 25 ("per-cpu guest_halt_poll_ns"), which is adjusted by the algorithm 42 Division factor used to shrink per-cpu guest_halt_poll_ns when 49 Multiplication factor used to grow per-cpu guest_halt_poll_ns 50 when event occurs after per-cpu guest_halt_poll_ns 57 The per-cpu guest_halt_poll_ns eventually reaches zero [all …]
D	ne_overview.rst	1 .. SPDX-License-Identifier: GPL-2.0 29 1. An enclave abstraction process - a user space process running in the primary 30 VM guest that uses the provided ioctl interface of the NE driver to spawn an 38 translated into actions taken on the hypervisor side; that's the Nitro 42 2. The enclave itself - a VM running on the same host as the primary VM that 58 using virtio-vsock [5]. The primary VM has virtio-pci vsock emulated device, 59 while the enclave VM has a virtio-mmio vsock emulated device. The vsock device 60 uses eventfd for signaling. The enclave VM sees the usual interfaces - local 61 APIC and IOAPIC - to get interrupts from virtio-vsock device. The virtio-mmio 84 predefined port - 9000 - to send a heartbeat value - 0xb7. This mechanism is [all …]
/Documentation/devicetree/bindings/firmware/
D	qemu,fw-cfg-mmio.yaml	1 # SPDX-License-Identifier: GPL-2.0 3 --- 4 $id: http://devicetree.org/schemas/firmware/qemu,fw-cfg-mmio.yaml# 5 $schema: http://devicetree.org/meta-schemas/core.yaml# 10 - Rob Herring <robh@kernel.org> 16 - A write-only, 16-bit wide selector (or control) register, 17 - a read-write, 64-bit wide data register. 20 registers; their location is communicated to the guest's UEFI firmware in the 21 DTB that QEMU places at the bottom of the guest's DRAM. 23 The authoritative guest-side hardware interface documentation to the fw_cfg [all …]
/Documentation/virt/hyperv/
D	vmbus.rst	1 .. SPDX-License-Identifier: GPL-2.0 5 VMBus is a software construct provided by Hyper-V to guest VMs. It 7 devices that Hyper-V presents to guest VMs. The control path is 8 used to offer synthetic devices to the guest VM and, in some cases, 10 channels for communicating between the device driver in the guest VM 11 and the synthetic device implementation that is part of Hyper-V, and 12 signaling primitives to allow Hyper-V and the guest to interrupt 16 entry in a running Linux guest. The VMBus driver (drivers/hv/vmbus_drv.c) 17 establishes the VMBus control path with the Hyper-V host, then 21 Most synthetic devices offered by Hyper-V have a corresponding Linux [all …]
D	vpci.rst	1 .. SPDX-License-Identifier: GPL-2.0 3 PCI pass-thru devices 5 In a Hyper-V guest VM, PCI pass-thru devices (also called 8 Guest device drivers can interact directly with the hardware 12 hypervisor. The device should appear to the guest just as it 16 Hyper-V terminology for vPCI devices is "Discrete Device 17 Assignment" (DDA). Public documentation for Hyper-V DDA is 20 …tps://learn.microsoft.com/en-us/windows-server/virtualization/hyper-v/plan/plan-for-deploying-devi… 23 and for GPUs. A similar mechanism for NICs is called SR-IOV 24 and produces the same benefits by allowing a guest device [all …]
/Documentation/admin-guide/hw-vuln/
D	spectre.rst	`1 .. SPDX-License-Identifier: GPL-2.0 3 Spectre Side Channels 6 Spectre is a class of side channel attacks that exploit branch prediction 8 bypassing access controls. Speculative execution side channel exploits 14 ------------------- 16 Speculative execution side channel methods affect a wide range of modern 22 - Intel Core, Atom, Pentium, and Xeon processors 24 - AMD Phenom, EPYC, and Zen processors 26 - IBM POWER and zSeries processors 28 - Higher end ARM processors [all …]`
D	gather_data_sampling.rst	`1 .. SPDX-License-Identifier: GPL-2.0 3 GDS - Gather Data Sampling 10 ------- 16 infer stale data using typical side channel techniques like cache timing 17 attacks. GDS is a purely sampling-based attack. 24 Because the buffers are shared between Hyper-Threads cross Hyper-Thread attacks 28 ---------------- 32 Non-enclaves can infer SGX enclave data 35 Guest can infer guest from other guests 39 lower-privilege contexts like guests and when running outside SGX enclaves. [all …]`
D	mds.rst	1 MDS - Microarchitectural Data Sampling 9 ------------------- 14 - Processors from AMD, Centaur and other non Intel vendors 16 - Older processor models, where the CPU family is < 6 18 - Some Atoms (Bonnell, Saltwell, Goldmont, GoldmontPlus) 20 - Intel processors which have the ARCH_CAP_MDS_NO bit set in the 31 ------------ 36 CVE-2018-12126 MSBDS Microarchitectural Store Buffer Data Sampling 37 CVE-2018-12130 MFBDS Microarchitectural Fill Buffer Data Sampling 38 CVE-2018-12127 MLPDS Microarchitectural Load Port Data Sampling [all …]
D	srso.rst	1 .. SPDX-License-Identifier: GPL-2.0 8 known scenario of poisoning CPU functional units - the Branch Target 9 Buffer (BTB) and Return Address Predictor (RAP) in this case - and then 14 Return Address Stack/Return Stack Buffer). In some cases, a non-architectural 20 but the concern is that an attacker can mis-train the CPU BTB to predict 21 non-architectural CALL instructions in kernel space and use this to 23 leading to information disclosure via a speculative side-channel. 25 The issue is tracked under CVE-2023-20569. 28 ------------------- 30 AMD Zen, generations 1-4. That is, all families 0x17 and 0x19. Older [all …]
D	l1tf.rst	`1 L1TF - L1 Terminal Fault 10 ------------------- 15 - Processors from AMD, Centaur and other non Intel vendors 17 - Older processor models, where the CPU family is < 6 19 - A range of Intel ATOM processors (Cedarview, Cloverview, Lincroft, 22 - The Intel XEON PHI family 24 - Intel processors which have the ARCH_CAP_RDCL_NO bit set in the 33 ------------ 38 CVE-2018-3615 L1 Terminal Fault SGX related aspects 39 CVE-2018-3620 L1 Terminal Fault OS, SMM related aspects [all …]`
/Documentation/networking/device_drivers/ethernet/microsoft/
D	netvsc.rst	`1 .. SPDX-License-Identifier: GPL-2.0 4 Hyper-V network driver 17 ---------------- 19 Hyper-V host version does. Windows Server 2016 and Azure 23 Receive Side Scaling 24 -------------------- 25 Hyper-V supports receive side scaling. For TCP & UDP, packets can 41 ethtool -N eth0 rx-flow-hash udp4 sdfn 45 ethtool -N eth0 rx-flow-hash udp4 sd 49 ethtool -n eth0 rx-flow-hash udp4 [all …]`
/Documentation/arch/x86/
D	amd-memory-encryption.rst	1 .. SPDX-License-Identifier: GPL-2.0 17 of the guest VM are secured so that a decrypted version is available only 18 within the VM itself. SEV guest VMs have the concept of private and shared 19 memory. Private memory is encrypted with the guest-specific key, while shared 36 When SEV is enabled, instruction pages and guest page tables are always treated 37 as private. All the DMA operations inside the guest must be performed on shared 38 memory. Since the memory encryption bit is controlled by the guest OS when it 39 is operating in 64-bit or 32-bit PAE mode, in all other modes the SEV hardware 53 system physical addresses, not guest physical 78 - Supported: [all …]
D	mds.rst	7 -------- 9 Microarchitectural Data Sampling (MDS) is a family of side channel attacks 12 - Microarchitectural Store Buffer Data Sampling (MSBDS) (CVE-2018-12126) 13 - Microarchitectural Fill Buffer Data Sampling (MFBDS) (CVE-2018-12130) 14 - Microarchitectural Load Port Data Sampling (MLPDS) (CVE-2018-12127) 15 - Microarchitectural Data Sampling Uncacheable Memory (MDSUM) (CVE-2019-11091) 18 dependent load (store-to-load forwarding) as an optimization. The forward 21 buffers are partitioned between Hyper-Threads so cross thread forwarding is 32 Hyper-Threads so cross thread leakage is possible. 39 exploited eventually. Load ports are shared between Hyper-Threads so cross [all …]
/Documentation/arch/s390/
D	vfio-ccw.rst	2 vfio-ccw: the basic infrastructure 6 ------------ 9 Linux/s390. Motivation for vfio-ccw is to passthrough subchannels to a 16 - Channel programs run asynchronously on a separate (co)processor. 17 - The channel subsystem will access any memory designated by the caller 31 - A good start to know Channel I/O in general: 33 - s390 architecture: 34 s390 Principles of Operation manual (IBM Form. No. SA22-7832) 35 - The existing QEMU code which implements a simple emulated channel 41 - Documentation/driver-api/vfio-mediated-device.rst [all …]
/Documentation/virt/kvm/
D	vcpu-requests.rst	1 .. SPDX-License-Identifier: GPL-2.0 46 ---------- 48 The goal of a VCPU kick is to bring a VCPU thread out of guest mode in 50 a guest mode exit. However, a VCPU thread may not be in guest mode at the 55 1) Send an IPI. This forces a guest mode exit. 56 2) Waking a sleeping VCPU. Sleeping VCPUs are VCPU threads outside guest 60 3) Nothing. When the VCPU is not in guest mode and the VCPU thread is not 64 --------- 66 VCPUs have a mode state, ``vcpu->mode``, that is used to track whether the 67 guest is running in guest mode or not, as well as some specific [all …]
D	locking.rst	1 .. SPDX-License-Identifier: GPL-2.0 8 --------------------- 12 - cpus_read_lock() is taken outside kvm_lock 14 - kvm_usage_lock is taken outside cpus_read_lock() 16 - kvm->lock is taken outside vcpu->mutex 18 - kvm->lock is taken outside kvm->slots_lock and kvm->irq_lock 20 - kvm->slots_lock is taken outside kvm->irq_lock, though acquiring 23 - kvm->mn_active_invalidate_count ensures that pairs of 25 use the same memslots array. kvm->slots_lock and kvm->slots_arch_lock 26 are taken on the waiting side when modifying memslots, so MMU notifiers [all …]
D	api.rst	1 .. SPDX-License-Identifier: GPL-2.0 4 The Definitive KVM (Kernel-based Virtual Machine) API Documentation 13 - System ioctls: These query and set global attributes which affect the 17 - VM ioctls: These query and set attributes that affect an entire virtual 24 - vcpu ioctls: These query and set attributes that control the operation 32 - device ioctls: These query and set attributes that control the operation 49 task of actually running guest code. 70 discouraged and may have unwanted side effects, e.g. memory allocated 80 facility that allows backward-compatible extensions to the API to be 104 the ioctl returns -ENOTTY. [all …]
/Documentation/arch/sparc/oradax/
D	dax-hv-api.txt	3 Publication date 2017-09-25 08:21 5 Extracted via "pdftotext -f 547 -l 572 -layout sun4v_20170925.pdf" 16 live-migration and other system management activities. 20 …high speed processoring of database-centric operations. The coprocessors may support one or more of 28 …e Completion Area and, unless execution order is specifically restricted through the use of serial- 32 …Guest software may implement a software timeout on CCB operations, and if the timeout is exceeded,… 33 …tion may be cancelled or killed via the ccb_kill API function. It is recommended for guest software 38 …There is no fixed limit on the number of outstanding CCBs guest software may have queued in the vi… 45 …device node in the guest MD (Section 8.24.17, “Database Analytics Accelerators (DAX) virtual-device 51 36.1.1.1. "ORCL,sun4v-dax" Device Compatibility [all …]
/Documentation/ABI/testing/
D	sysfs-firmware-qemu_fw_cfg	`8 provide configuration data to the guest firmware. Starting 11 useful as an out-of-band, asynchronous mechanism for providing 12 configuration data to the guest userspace. 14 The authoritative guest-side hardware interface documentation 17 https://qemu-project.gitlab.io/qemu/specs/fw_cfg.html 50 name The 56-byte nul-terminated ASCII string used as the 73 "etc/boot-fail-wait" 74 "etc/system-states" 75 "etc/table-loader" 78 "etc/smbios/smbios-tables" [all …]`
/Documentation/arch/arm64/
D	amu.rst	`9 Date: 2019-09-10 16 --------------------- 24 optional external memory-mapped interface. 27 of four fixed and architecturally defined 64-bit event counters. 29 - CPU cycle counter: increments at the frequency of the CPU. 30 - Constant counter: increments at the fixed frequency of the system 32 - Instructions retired: increments with every architecturally executed 34 - Memory stall cycles: counts instruction dispatch stall cycles caused by 44 64-bit event counters. 50 ------------- [all …]`

Documentation
LICENSES
arch
block
certs
crypto
drivers
fs
gki
include
init
io_uring
ipc
kernel
lib
mm
net
rust
samples
scripts
security
sound
tools
usr
virt