| Message ID | 20210517200758.22593-8-imbrenda@linux.ibm.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | KVM: s390: pv: implement lazy destroy | expand |
On 5/17/21 10:07 PM, Claudio Imbrenda wrote: > Due to upcoming changes, it will be possible to temporarily have > multiple protected VMs in the same address space. When that happens, > it is necessary to perform an export of every page that is to be > imported. ... since the Ultravisor doesn't allow KVM to import a secure page belonging to guest A to be imported for guest B in order to guarantee proper guest isolation. Reviewed-by: Janosch Frank <frankja@linux.ibm.com> > > Signed-off-by: Claudio Imbrenda <imbrenda@linux.ibm.com> > --- > arch/s390/kernel/uv.c | 8 ++++++++ > 1 file changed, 8 insertions(+) > > diff --git a/arch/s390/kernel/uv.c b/arch/s390/kernel/uv.c > index b19b1a1444ec..dbcf4434eb53 100644 > --- a/arch/s390/kernel/uv.c > +++ b/arch/s390/kernel/uv.c > @@ -242,6 +242,12 @@ static int make_secure_pte(pte_t *ptep, unsigned long addr, > return rc; > } > > +static bool should_export_before_import(struct uv_cb_header *uvcb, struct mm_struct *mm) > +{ > + return uvcb->cmd != UVC_CMD_UNPIN_PAGE_SHARED && > + atomic_read(&mm->context.is_protected) > 1; > +} > + > /* > * Requests the Ultravisor to make a page accessible to a guest. > * If it's brought in the first time, it will be cleared. If > @@ -285,6 +291,8 @@ int gmap_make_secure(struct gmap *gmap, unsigned long gaddr, void *uvcb) > > lock_page(page); > ptep = get_locked_pte(gmap->mm, uaddr, &ptelock); > + if (should_export_before_import(uvcb, gmap->mm)) > + uv_convert_from_secure(page_to_phys(page)); > rc = make_secure_pte(ptep, uaddr, page, uvcb); > pte_unmap_unlock(ptep, ptelock); > unlock_page(page); >
diff --git a/arch/s390/kernel/uv.c b/arch/s390/kernel/uv.c index b19b1a1444ec..dbcf4434eb53 100644 --- a/arch/s390/kernel/uv.c +++ b/arch/s390/kernel/uv.c @@ -242,6 +242,12 @@ static int make_secure_pte(pte_t *ptep, unsigned long addr, return rc; } +static bool should_export_before_import(struct uv_cb_header *uvcb, struct mm_struct *mm) +{ + return uvcb->cmd != UVC_CMD_UNPIN_PAGE_SHARED && + atomic_read(&mm->context.is_protected) > 1; +} + /* * Requests the Ultravisor to make a page accessible to a guest. * If it's brought in the first time, it will be cleared. If @@ -285,6 +291,8 @@ int gmap_make_secure(struct gmap *gmap, unsigned long gaddr, void *uvcb) lock_page(page); ptep = get_locked_pte(gmap->mm, uaddr, &ptelock); + if (should_export_before_import(uvcb, gmap->mm)) + uv_convert_from_secure(page_to_phys(page)); rc = make_secure_pte(ptep, uaddr, page, uvcb); pte_unmap_unlock(ptep, ptelock); unlock_page(page);
Due to upcoming changes, it will be possible to temporarily have multiple protected VMs in the same address space. When that happens, it is necessary to perform an export of every page that is to be imported. Signed-off-by: Claudio Imbrenda <imbrenda@linux.ibm.com> --- arch/s390/kernel/uv.c | 8 ++++++++ 1 file changed, 8 insertions(+)