diff mbox series

[v3,30/33] KVM: PPC: Book3S HV: Allow HV module to load without hypervisor mode

Message ID 1538479892-14835-31-git-send-email-paulus@ozlabs.org (mailing list archive)
State New, archived
Headers show
Series KVM: PPC: Book3S HV: Nested HV virtualization | expand

Commit Message

Paul Mackerras Oct. 2, 2018, 11:31 a.m. UTC
With this, the KVM-HV module can be loaded in a guest running under
KVM-HV, and if the hypervisor supports nested virtualization, this
guest can now act as a nested hypervisor and run nested guests.

This also adds some checks to inform userspace that HPT guests are not
supported by nested hypervisors, and to prevent userspace from
configuring a guest to use HPT mode.

Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
---
 arch/powerpc/kvm/book3s_hv.c | 20 ++++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)

Comments

David Gibson Oct. 3, 2018, 6:15 a.m. UTC | #1
On Tue, Oct 02, 2018 at 09:31:29PM +1000, Paul Mackerras wrote:
> With this, the KVM-HV module can be loaded in a guest running under
> KVM-HV, and if the hypervisor supports nested virtualization, this
> guest can now act as a nested hypervisor and run nested guests.
> 
> This also adds some checks to inform userspace that HPT guests are not
> supported by nested hypervisors, and to prevent userspace from
> configuring a guest to use HPT mode.
> 
> Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
> ---
>  arch/powerpc/kvm/book3s_hv.c | 20 ++++++++++++++++----
>  1 file changed, 16 insertions(+), 4 deletions(-)
> 
> diff --git a/arch/powerpc/kvm/book3s_hv.c b/arch/powerpc/kvm/book3s_hv.c
> index f630e91..196bff1 100644
> --- a/arch/powerpc/kvm/book3s_hv.c
> +++ b/arch/powerpc/kvm/book3s_hv.c
> @@ -4237,6 +4237,10 @@ static int kvm_vm_ioctl_get_smmu_info_hv(struct kvm *kvm,
>  {
>  	struct kvm_ppc_one_seg_page_size *sps;
>  
> +	/* If we're a nested hypervisor, we only support radix guests */
> +	if (kvmhv_on_pseries())
> +		return -EINVAL;
> +
>  	/*
>  	 * POWER7, POWER8 and POWER9 all support 32 storage keys for data.
>  	 * POWER7 doesn't support keys for instruction accesses,
> @@ -4822,11 +4826,15 @@ static int kvmppc_core_emulate_mfspr_hv(struct kvm_vcpu *vcpu, int sprn,
>  
>  static int kvmppc_core_check_processor_compat_hv(void)
>  {
> -	if (!cpu_has_feature(CPU_FTR_HVMODE) ||
> -	    !cpu_has_feature(CPU_FTR_ARCH_206))
> -		return -EIO;
> +	if (cpu_has_feature(CPU_FTR_HVMODE) &&
> +	    cpu_has_feature(CPU_FTR_ARCH_206))
> +		return 0;
>  
> -	return 0;
> +	/* Can run as nested hypervisor on POWER9 in radix mode. */
> +	if (cpu_has_feature(CPU_FTR_ARCH_300) && radix_enabled())

Shouldn't we probe the parent hypervisor for ability to support nested
guests before we say "yes" here?

> +		return 0;
> +
> +	return -EIO;
>  }
>  
>  #ifdef CONFIG_KVM_XICS
> @@ -5144,6 +5152,10 @@ static int kvmhv_configure_mmu(struct kvm *kvm, struct kvm_ppc_mmuv3_cfg *cfg)
>  	if (radix && !radix_enabled())
>  		return -EINVAL;
>  
> +	/* If we're a nested hypervisor, we currently only support radix */
> +	if (kvmhv_on_pseries() && !radix)
> +		return -EINVAL;
> +
>  	mutex_lock(&kvm->lock);
>  	if (radix != kvm_is_radix(kvm)) {
>  		if (kvm->arch.mmu_ready) {
Paul Mackerras Oct. 4, 2018, 3:03 a.m. UTC | #2
On Wed, Oct 03, 2018 at 04:15:15PM +1000, David Gibson wrote:
> On Tue, Oct 02, 2018 at 09:31:29PM +1000, Paul Mackerras wrote:
> > With this, the KVM-HV module can be loaded in a guest running under
> > KVM-HV, and if the hypervisor supports nested virtualization, this
> > guest can now act as a nested hypervisor and run nested guests.
> > 
> > This also adds some checks to inform userspace that HPT guests are not
> > supported by nested hypervisors, and to prevent userspace from
> > configuring a guest to use HPT mode.
> > 
> > Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
> > ---
> >  arch/powerpc/kvm/book3s_hv.c | 20 ++++++++++++++++----
> >  1 file changed, 16 insertions(+), 4 deletions(-)
> > 
> > diff --git a/arch/powerpc/kvm/book3s_hv.c b/arch/powerpc/kvm/book3s_hv.c
> > index f630e91..196bff1 100644
> > --- a/arch/powerpc/kvm/book3s_hv.c
> > +++ b/arch/powerpc/kvm/book3s_hv.c
> > @@ -4237,6 +4237,10 @@ static int kvm_vm_ioctl_get_smmu_info_hv(struct kvm *kvm,
> >  {
> >  	struct kvm_ppc_one_seg_page_size *sps;
> >  
> > +	/* If we're a nested hypervisor, we only support radix guests */
> > +	if (kvmhv_on_pseries())
> > +		return -EINVAL;
> > +
> >  	/*
> >  	 * POWER7, POWER8 and POWER9 all support 32 storage keys for data.
> >  	 * POWER7 doesn't support keys for instruction accesses,
> > @@ -4822,11 +4826,15 @@ static int kvmppc_core_emulate_mfspr_hv(struct kvm_vcpu *vcpu, int sprn,
> >  
> >  static int kvmppc_core_check_processor_compat_hv(void)
> >  {
> > -	if (!cpu_has_feature(CPU_FTR_HVMODE) ||
> > -	    !cpu_has_feature(CPU_FTR_ARCH_206))
> > -		return -EIO;
> > +	if (cpu_has_feature(CPU_FTR_HVMODE) &&
> > +	    cpu_has_feature(CPU_FTR_ARCH_206))
> > +		return 0;
> >  
> > -	return 0;
> > +	/* Can run as nested hypervisor on POWER9 in radix mode. */
> > +	if (cpu_has_feature(CPU_FTR_ARCH_300) && radix_enabled())
> 
> Shouldn't we probe the parent hypervisor for ability to support nested
> guests before we say "yes" here?

Well, we do check that the parent hypervisor can support nested
hypervisors, it's just done later on.  And to match nitpick with
nitpick, this is a function evaluating _processor_ compatibility, and
a POWER9 processor in radix mode does have everything necessary to
support nested hypervisors -- if the parent hypervisor doesn't support
nested hypervisors, that's not a deficiency in the processor.

Paul.
David Gibson Oct. 5, 2018, 3:05 a.m. UTC | #3
On Thu, Oct 04, 2018 at 01:03:21PM +1000, Paul Mackerras wrote:
> On Wed, Oct 03, 2018 at 04:15:15PM +1000, David Gibson wrote:
> > On Tue, Oct 02, 2018 at 09:31:29PM +1000, Paul Mackerras wrote:
> > > With this, the KVM-HV module can be loaded in a guest running under
> > > KVM-HV, and if the hypervisor supports nested virtualization, this
> > > guest can now act as a nested hypervisor and run nested guests.
> > > 
> > > This also adds some checks to inform userspace that HPT guests are not
> > > supported by nested hypervisors, and to prevent userspace from
> > > configuring a guest to use HPT mode.
> > > 
> > > Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
> > > ---
> > >  arch/powerpc/kvm/book3s_hv.c | 20 ++++++++++++++++----
> > >  1 file changed, 16 insertions(+), 4 deletions(-)
> > > 
> > > diff --git a/arch/powerpc/kvm/book3s_hv.c b/arch/powerpc/kvm/book3s_hv.c
> > > index f630e91..196bff1 100644
> > > --- a/arch/powerpc/kvm/book3s_hv.c
> > > +++ b/arch/powerpc/kvm/book3s_hv.c
> > > @@ -4237,6 +4237,10 @@ static int kvm_vm_ioctl_get_smmu_info_hv(struct kvm *kvm,
> > >  {
> > >  	struct kvm_ppc_one_seg_page_size *sps;
> > >  
> > > +	/* If we're a nested hypervisor, we only support radix guests */
> > > +	if (kvmhv_on_pseries())
> > > +		return -EINVAL;
> > > +
> > >  	/*
> > >  	 * POWER7, POWER8 and POWER9 all support 32 storage keys for data.
> > >  	 * POWER7 doesn't support keys for instruction accesses,
> > > @@ -4822,11 +4826,15 @@ static int kvmppc_core_emulate_mfspr_hv(struct kvm_vcpu *vcpu, int sprn,
> > >  
> > >  static int kvmppc_core_check_processor_compat_hv(void)
> > >  {
> > > -	if (!cpu_has_feature(CPU_FTR_HVMODE) ||
> > > -	    !cpu_has_feature(CPU_FTR_ARCH_206))
> > > -		return -EIO;
> > > +	if (cpu_has_feature(CPU_FTR_HVMODE) &&
> > > +	    cpu_has_feature(CPU_FTR_ARCH_206))
> > > +		return 0;
> > >  
> > > -	return 0;
> > > +	/* Can run as nested hypervisor on POWER9 in radix mode. */
> > > +	if (cpu_has_feature(CPU_FTR_ARCH_300) && radix_enabled())
> > 
> > Shouldn't we probe the parent hypervisor for ability to support nested
> > guests before we say "yes" here?
> 
> Well, we do check that the parent hypervisor can support nested
> hypervisors, it's just done later on.  And to match nitpick with
> nitpick, this is a function evaluating _processor_ compatibility, and
> a POWER9 processor in radix mode does have everything necessary to
> support nested hypervisors -- if the parent hypervisor doesn't support
> nested hypervisors, that's not a deficiency in the processor.

Fair enough.
diff mbox series

Patch

diff --git a/arch/powerpc/kvm/book3s_hv.c b/arch/powerpc/kvm/book3s_hv.c
index f630e91..196bff1 100644
--- a/arch/powerpc/kvm/book3s_hv.c
+++ b/arch/powerpc/kvm/book3s_hv.c
@@ -4237,6 +4237,10 @@  static int kvm_vm_ioctl_get_smmu_info_hv(struct kvm *kvm,
 {
 	struct kvm_ppc_one_seg_page_size *sps;
 
+	/* If we're a nested hypervisor, we only support radix guests */
+	if (kvmhv_on_pseries())
+		return -EINVAL;
+
 	/*
 	 * POWER7, POWER8 and POWER9 all support 32 storage keys for data.
 	 * POWER7 doesn't support keys for instruction accesses,
@@ -4822,11 +4826,15 @@  static int kvmppc_core_emulate_mfspr_hv(struct kvm_vcpu *vcpu, int sprn,
 
 static int kvmppc_core_check_processor_compat_hv(void)
 {
-	if (!cpu_has_feature(CPU_FTR_HVMODE) ||
-	    !cpu_has_feature(CPU_FTR_ARCH_206))
-		return -EIO;
+	if (cpu_has_feature(CPU_FTR_HVMODE) &&
+	    cpu_has_feature(CPU_FTR_ARCH_206))
+		return 0;
 
-	return 0;
+	/* Can run as nested hypervisor on POWER9 in radix mode. */
+	if (cpu_has_feature(CPU_FTR_ARCH_300) && radix_enabled())
+		return 0;
+
+	return -EIO;
 }
 
 #ifdef CONFIG_KVM_XICS
@@ -5144,6 +5152,10 @@  static int kvmhv_configure_mmu(struct kvm *kvm, struct kvm_ppc_mmuv3_cfg *cfg)
 	if (radix && !radix_enabled())
 		return -EINVAL;
 
+	/* If we're a nested hypervisor, we currently only support radix */
+	if (kvmhv_on_pseries() && !radix)
+		return -EINVAL;
+
 	mutex_lock(&kvm->lock);
 	if (radix != kvm_is_radix(kvm)) {
 		if (kvm->arch.mmu_ready) {