mirror of https://chromium.googlesource.com/crosvm/crosvm synced 2024-11-24 04:09:48 +00:00

History

Dmytro Maluka b12e8c2cac x86_64: add initial support for protected VMs Add support for running protected VMs with pKVM on Intel x86 [1]. The --protected-vm option is not workable yet, since loading pvmfw into guest memory via pKVM is not implemented yet, but the developer options --protected-vm-without-firmware and --protected-vm-with-firmware are working. Following the approach used for pKVM on arm64, the KVM uAPI used for running protected VMs on x86 is a "stable temporary" uAPI: the KVM_X86_PKVM_PROTECTED_VM value shall be updated when upstreaming pKVM to the mainline kernel (see also [2]). [1] https://android-review.git.corp.google.com/c/kernel/common/+/3351287 [2] https://android-review.git.corp.google.com/c/kernel/common/+/3351286 BUG=b:349990461 TEST=On an Intel device with kernel compiled with pKVM-IA patches [1] and kvm-intel.pkvm=1 added to kernel command line, run a VM with --protected-vm-without-firmware or with --protected-vm-with-firmware with the same test pvmfw image as in TEST= in CL:5797353. Change-Id: I625f5eb9a38eaef9312ba62308739efb66f163b0 Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/6022852 Reviewed-by: Daniel Verkamp <dverkamp@chromium.org> Commit-Queue: Dmytro Maluka <dmaluka@chromium.org>		2024-11-18 15:03:41 +00:00
..
hypervisor_test_macro	hypervisor: convenient macro to generate an array from inline assemblies	2024-05-21 19:31:17 +00:00
src	x86_64: add initial support for protected VMs	2024-11-18 15:03:41 +00:00
tests	hypervisor: pass IoOperation data as slices	2024-10-15 20:21:19 +00:00
Cargo.toml	Windows clippy fixes for Rust 1.81	2024-11-13 00:07:11 +00:00
README.md	hypervisor/README.md: add qualcomm contacts for gunyah	2023-11-29 19:20:17 +00:00

README.md

Hypervisor Support

Multiple hypervisor backends are supported. See Advanced Usage for overriding the default backend.

Hypervisors added to crosvm must meet the following requirements:

Hypervisor code must be buildable in crosvm upstream.
- Within reason, crosvm maintainers will ensure the hypervisor's code continues to build.
Hypervisors are not required to be tested upstream.
- We can't require testing upstream because some hypervisors require specialized hardware.
- When not tested upstream, the hypervisor's maintainers are expected to test it downstream. If a change to crosvm breaks something downstream, then the hypervisor's maintainers are expected to supply the fix and can't expect a revert of the culprit change to be accepted upstream.

KVM

Platforms: Linux
Tested upstream: yes

KVM is crosvm's preferred hypervisor for Linux.

WHPX

Platforms: Windows
Tested upstream: no
Contacts: vnagarnaik@google.com

HAXM

Platforms: Windows
Tested upstream: no
Contacts: vnagarnaik@google.com

Android Specific

The hypervisors in this section are used as backends of the Android Virtualization Framework.

Geniezone

Platforms: Linux, aarch64 only
Tested upstream: no
Contacts: fmayle@google.com, smoreland@google.com

Gunyah

Platforms: Linux, aarch64 only
Tested upstream: no
Contacts: quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, fmayle@google.com, smoreland@google.com