From patchwork Fri Aug 9 08:41:02 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bharata B Rao X-Patchwork-Id: 11085665 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 09DAC1395 for ; Fri, 9 Aug 2019 08:41:32 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E9A6D28C2D for ; Fri, 9 Aug 2019 08:41:31 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id D97BB28C3B; Fri, 9 Aug 2019 08:41:31 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6BDF528C2D for ; Fri, 9 Aug 2019 08:41:30 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 6966C6B000E; Fri, 9 Aug 2019 04:41:29 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 61F276B0010; Fri, 9 Aug 2019 04:41:29 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 49ABF6B0266; Fri, 9 Aug 2019 04:41:29 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-yb1-f200.google.com (mail-yb1-f200.google.com [209.85.219.200]) by kanga.kvack.org (Postfix) with ESMTP id 1CA366B000E for ; Fri, 9 Aug 2019 04:41:29 -0400 (EDT) Received: by mail-yb1-f200.google.com with SMTP id p84so12336854ybc.17 for ; Fri, 09 Aug 2019 01:41:29 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:in-reply-to:references:mime-version :content-transfer-encoding:message-id; bh=RFQxAh3utraF5wxoz0usex9oaA1fkhiIy4QmW3Im/M4=; b=VeiXkLEv+caqeQrqEflgcn1+uZZEeFMHCpUF64OMinUYl5h2GW3YWtWrLMCYhSorG3 p5BoPP0MjTvmudhKc8Y5H+O4kk48pkj7+BiE4xgr6NcIqy/oT8OkSrcI773OWKJeQyHQ OVhpzp1+Mqf6wp2RrbB4j7qe4VwKHwgKCc58Yna8GpW5XrMZe/ornaq4PefrCF9k8IF+ aWTrl5bQkgMS2NZRXajqq9lbXCn9Y/7Jbn21S5cEhIpsU21bUQ+CbWZTrzLSOW7fKbPz mSqjvyQ7pLE4+/De/tZFO1Xot4oxtRAIpmWd8iaRuA6BAquz0a4BJxez/AMKVu1qvhrv WeIQ== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of bharata@linux.ibm.com designates 148.163.158.5 as permitted sender) smtp.mailfrom=bharata@linux.ibm.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com X-Gm-Message-State: APjAAAX9yPBgdkD9PNWsbrYOeohfKXXGV+kYSW7urc2AQLjE5J2lcpAh /O0637ulCzxz4EGR2pHIe4YSrfA8J2/tFDO0zYuvD/BL8wSjH7Dl96ux5cYm2wA6cLiLfYJ2fIL TtErsyxBE7GAg07cdYttjbcyL0dfQRAAVogOiVJNLA7zPhcwFY7Mj80sZ9TUQbpUDJA== X-Received: by 2002:a81:b64e:: with SMTP id h14mr13446925ywk.431.1565340088747; Fri, 09 Aug 2019 01:41:28 -0700 (PDT) X-Google-Smtp-Source: APXvYqzmCxFUHSmOAZloU7kdSA8ZpBT1HhiKQoMAEguBmr5IPktUrHwyUNktjEmLvcroclEQ4sqq X-Received: by 2002:a81:b64e:: with SMTP id h14mr13446868ywk.431.1565340086756; Fri, 09 Aug 2019 01:41:26 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565340086; cv=none; d=google.com; s=arc-20160816; b=U1IXarZ/pGU9b2cGSBkvfECIK8g7c414qlaIvc61obspvYO4VoWMgt+0Z+68c6i57A cdA6dfW6Pzu2ZqkYrXLjag7/voyOw7LXQl+DnuW8UmQs79hKN9e7siqxknE2diEc4dcI +UheWAupB4FnyrG/+VpbxuglsRCvS8GIwwRHKm0VrA5Dm8Vi3Ju016cz1Nq0M2yaiPw/ dJPgZcsAuH0wSlj/7+KCjxGk/cRGht9Ach9juHQ2acgCxluOLKKDD/J+E/BEvVyeaY8+ wRY3XeQIxss20QJUcr/wYqCEFx1UPrhKSG0uqoKdFgmO/T2uLv9/YTsPxZ2O5L+L1ewf rHSA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=message-id:content-transfer-encoding:mime-version:references :in-reply-to:date:subject:cc:to:from; bh=RFQxAh3utraF5wxoz0usex9oaA1fkhiIy4QmW3Im/M4=; b=cwgvAxUS3SMN6JzrPyx5pnLqfSpNo3AY6XCSyhpOO8u3ZNmv6uBjkR5uOfUTgNx5PL K424nGVX9gZ+XRoLpJqrxyPD58ZtuyHCO0fIXRf+8Edb2bx7T9vdgJdT81RAzuuLmbD/ m7s9FaW+HD2Whjq1DuzOt73McIV381wOM/q9sfNXrHKuHq4xniL4uMETK+gBtXky3xuN oLFvg9oXDw1rkRTeg4W+NlCbwz/XslL3nDK9R5eqf7+UiiyGX0lHh6dqqlzLwDa9riBP Vm79Vs09OyuvG/wycKJdZ9U+Wts+h1GnMfTGxS25OGJcPgyoXS/S+xfqEoametjcMv3L Ej7Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of bharata@linux.ibm.com designates 148.163.158.5 as permitted sender) smtp.mailfrom=bharata@linux.ibm.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: from mx0a-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com. [148.163.158.5]) by mx.google.com with ESMTPS id k71si2739635ywa.291.2019.08.09.01.41.26 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 09 Aug 2019 01:41:26 -0700 (PDT) Received-SPF: pass (google.com: domain of bharata@linux.ibm.com designates 148.163.158.5 as permitted sender) client-ip=148.163.158.5; Authentication-Results: mx.google.com; spf=pass (google.com: domain of bharata@linux.ibm.com designates 148.163.158.5 as permitted sender) smtp.mailfrom=bharata@linux.ibm.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: from pps.filterd (m0098421.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x798bds6146035 for ; Fri, 9 Aug 2019 04:41:26 -0400 Received: from e06smtp05.uk.ibm.com (e06smtp05.uk.ibm.com [195.75.94.101]) by mx0a-001b2d01.pphosted.com with ESMTP id 2u93qnvge6-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 09 Aug 2019 04:41:25 -0400 Received: from localhost by e06smtp05.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 9 Aug 2019 09:41:23 +0100 Received: from b06cxnps3075.portsmouth.uk.ibm.com (9.149.109.195) by e06smtp05.uk.ibm.com (192.168.101.135) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Fri, 9 Aug 2019 09:41:20 +0100 Received: from b06wcsmtp001.portsmouth.uk.ibm.com (b06wcsmtp001.portsmouth.uk.ibm.com [9.149.105.160]) by b06cxnps3075.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id x798fJZO61800594 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 9 Aug 2019 08:41:19 GMT Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 18FDDA405C; Fri, 9 Aug 2019 08:41:19 +0000 (GMT) Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id F3CCBA4054; Fri, 9 Aug 2019 08:41:16 +0000 (GMT) Received: from bharata.ibmuc.com (unknown [9.85.95.61]) by b06wcsmtp001.portsmouth.uk.ibm.com (Postfix) with ESMTP; Fri, 9 Aug 2019 08:41:16 +0000 (GMT) From: Bharata B Rao To: linuxppc-dev@lists.ozlabs.org Cc: kvm-ppc@vger.kernel.org, linux-mm@kvack.org, paulus@au1.ibm.com, aneesh.kumar@linux.vnet.ibm.com, jglisse@redhat.com, linuxram@us.ibm.com, sukadev@linux.vnet.ibm.com, cclaudio@linux.ibm.com, hch@lst.de, Bharata B Rao Subject: [PATCH v6 1/7] kvmppc: Driver to manage pages of secure guest Date: Fri, 9 Aug 2019 14:11:02 +0530 X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190809084108.30343-1-bharata@linux.ibm.com> References: <20190809084108.30343-1-bharata@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 x-cbid: 19080908-0020-0000-0000-0000035DA569 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19080908-0021-0000-0000-000021B2ABF3 Message-Id: <20190809084108.30343-2-bharata@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2019-08-09_02:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=4 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1906280000 definitions=main-1908090089 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP KVMPPC driver to manage page transitions of secure guest via H_SVM_PAGE_IN and H_SVM_PAGE_OUT hcalls. H_SVM_PAGE_IN: Move the content of a normal page to secure page H_SVM_PAGE_OUT: Move the content of a secure page to normal page Private ZONE_DEVICE memory equal to the amount of secure memory available in the platform for running secure guests is created via a char device. Whenever a page belonging to the guest becomes secure, a page from this private device memory is used to represent and track that secure page on the HV side. The movement of pages between normal and secure memory is done via migrate_vma_pages() using UV_PAGE_IN and UV_PAGE_OUT ucalls. Signed-off-by: Bharata B Rao --- arch/powerpc/include/asm/hvcall.h | 4 + arch/powerpc/include/asm/kvm_book3s_devm.h | 29 ++ arch/powerpc/include/asm/kvm_host.h | 12 + arch/powerpc/include/asm/ultravisor-api.h | 2 + arch/powerpc/include/asm/ultravisor.h | 14 + arch/powerpc/kvm/Makefile | 3 + arch/powerpc/kvm/book3s_hv.c | 19 + arch/powerpc/kvm/book3s_hv_devm.c | 492 +++++++++++++++++++++ 8 files changed, 575 insertions(+) create mode 100644 arch/powerpc/include/asm/kvm_book3s_devm.h create mode 100644 arch/powerpc/kvm/book3s_hv_devm.c diff --git a/arch/powerpc/include/asm/hvcall.h b/arch/powerpc/include/asm/hvcall.h index 463c63a9fcf1..2f6b952deb0f 100644 --- a/arch/powerpc/include/asm/hvcall.h +++ b/arch/powerpc/include/asm/hvcall.h @@ -337,6 +337,10 @@ #define H_TLB_INVALIDATE 0xF808 #define H_COPY_TOFROM_GUEST 0xF80C +/* Platform-specific hcalls used by the Ultravisor */ +#define H_SVM_PAGE_IN 0xEF00 +#define H_SVM_PAGE_OUT 0xEF04 + /* Values for 2nd argument to H_SET_MODE */ #define H_SET_MODE_RESOURCE_SET_CIABR 1 #define H_SET_MODE_RESOURCE_SET_DAWR 2 diff --git a/arch/powerpc/include/asm/kvm_book3s_devm.h b/arch/powerpc/include/asm/kvm_book3s_devm.h new file mode 100644 index 000000000000..21f3de5f2acb --- /dev/null +++ b/arch/powerpc/include/asm/kvm_book3s_devm.h @@ -0,0 +1,29 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#ifndef __POWERPC_KVM_PPC_HMM_H__ +#define __POWERPC_KVM_PPC_HMM_H__ + +#ifdef CONFIG_PPC_UV +extern unsigned long kvmppc_h_svm_page_in(struct kvm *kvm, + unsigned long gra, + unsigned long flags, + unsigned long page_shift); +extern unsigned long kvmppc_h_svm_page_out(struct kvm *kvm, + unsigned long gra, + unsigned long flags, + unsigned long page_shift); +#else +static inline unsigned long +kvmppc_h_svm_page_in(struct kvm *kvm, unsigned long gra, + unsigned long flags, unsigned long page_shift) +{ + return H_UNSUPPORTED; +} + +static inline unsigned long +kvmppc_h_svm_page_out(struct kvm *kvm, unsigned long gra, + unsigned long flags, unsigned long page_shift) +{ + return H_UNSUPPORTED; +} +#endif /* CONFIG_PPC_UV */ +#endif /* __POWERPC_KVM_PPC_HMM_H__ */ diff --git a/arch/powerpc/include/asm/kvm_host.h b/arch/powerpc/include/asm/kvm_host.h index 4bb552d639b8..86bbe607ad7e 100644 --- a/arch/powerpc/include/asm/kvm_host.h +++ b/arch/powerpc/include/asm/kvm_host.h @@ -849,4 +849,16 @@ static inline void kvm_arch_vcpu_blocking(struct kvm_vcpu *vcpu) {} static inline void kvm_arch_vcpu_unblocking(struct kvm_vcpu *vcpu) {} static inline void kvm_arch_vcpu_block_finish(struct kvm_vcpu *vcpu) {} +#ifdef CONFIG_PPC_UV +extern int kvmppc_devm_init(void); +extern void kvmppc_devm_free(void); +#else +static inline int kvmppc_devm_init(void) +{ + return 0; +} + +static inline void kvmppc_devm_free(void) {} +#endif /* CONFIG_PPC_UV */ + #endif /* __POWERPC_KVM_HOST_H__ */ diff --git a/arch/powerpc/include/asm/ultravisor-api.h b/arch/powerpc/include/asm/ultravisor-api.h index 6a0f9c74f959..1cd1f595fd81 100644 --- a/arch/powerpc/include/asm/ultravisor-api.h +++ b/arch/powerpc/include/asm/ultravisor-api.h @@ -25,5 +25,7 @@ /* opcodes */ #define UV_WRITE_PATE 0xF104 #define UV_RETURN 0xF11C +#define UV_PAGE_IN 0xF128 +#define UV_PAGE_OUT 0xF12C #endif /* _ASM_POWERPC_ULTRAVISOR_API_H */ diff --git a/arch/powerpc/include/asm/ultravisor.h b/arch/powerpc/include/asm/ultravisor.h index 6fe1f365dec8..d668a59e099b 100644 --- a/arch/powerpc/include/asm/ultravisor.h +++ b/arch/powerpc/include/asm/ultravisor.h @@ -19,4 +19,18 @@ static inline int uv_register_pate(u64 lpid, u64 dw0, u64 dw1) return ucall_norets(UV_WRITE_PATE, lpid, dw0, dw1); } +static inline int uv_page_in(u64 lpid, u64 src_ra, u64 dst_gpa, u64 flags, + u64 page_shift) +{ + return ucall_norets(UV_PAGE_IN, lpid, src_ra, dst_gpa, flags, + page_shift); +} + +static inline int uv_page_out(u64 lpid, u64 dst_ra, u64 src_gpa, u64 flags, + u64 page_shift) +{ + return ucall_norets(UV_PAGE_OUT, lpid, dst_ra, src_gpa, flags, + page_shift); +} + #endif /* _ASM_POWERPC_ULTRAVISOR_H */ diff --git a/arch/powerpc/kvm/Makefile b/arch/powerpc/kvm/Makefile index 4c67cc79de7c..16b40590e67c 100644 --- a/arch/powerpc/kvm/Makefile +++ b/arch/powerpc/kvm/Makefile @@ -71,6 +71,9 @@ kvm-hv-y += \ book3s_64_mmu_radix.o \ book3s_hv_nested.o +kvm-hv-$(CONFIG_PPC_UV) += \ + book3s_hv_devm.o + kvm-hv-$(CONFIG_PPC_TRANSACTIONAL_MEM) += \ book3s_hv_tm.o diff --git a/arch/powerpc/kvm/book3s_hv.c b/arch/powerpc/kvm/book3s_hv.c index ec1804f822af..00b43ee8b693 100644 --- a/arch/powerpc/kvm/book3s_hv.c +++ b/arch/powerpc/kvm/book3s_hv.c @@ -72,6 +72,8 @@ #include #include #include +#include +#include #include "book3s.h" @@ -1075,6 +1077,18 @@ int kvmppc_pseries_do_hcall(struct kvm_vcpu *vcpu) kvmppc_get_gpr(vcpu, 5), kvmppc_get_gpr(vcpu, 6)); break; + case H_SVM_PAGE_IN: + ret = kvmppc_h_svm_page_in(vcpu->kvm, + kvmppc_get_gpr(vcpu, 4), + kvmppc_get_gpr(vcpu, 5), + kvmppc_get_gpr(vcpu, 6)); + break; + case H_SVM_PAGE_OUT: + ret = kvmppc_h_svm_page_out(vcpu->kvm, + kvmppc_get_gpr(vcpu, 4), + kvmppc_get_gpr(vcpu, 5), + kvmppc_get_gpr(vcpu, 6)); + break; default: return RESUME_HOST; } @@ -5510,11 +5524,16 @@ static int kvmppc_book3s_init_hv(void) no_mixing_hpt_and_radix = true; } + r = kvmppc_devm_init(); + if (r < 0) + pr_err("KVM-HV: kvmppc_devm_init failed %d\n", r); + return r; } static void kvmppc_book3s_exit_hv(void) { + kvmppc_devm_free(); kvmppc_free_host_rm_ops(); if (kvmppc_radix_possible()) kvmppc_radix_exit(); diff --git a/arch/powerpc/kvm/book3s_hv_devm.c b/arch/powerpc/kvm/book3s_hv_devm.c new file mode 100644 index 000000000000..2e6c077bd22e --- /dev/null +++ b/arch/powerpc/kvm/book3s_hv_devm.c @@ -0,0 +1,492 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Driver to manage page migration between normal and secure + * memory. + * + * Copyright 2018 Bharata B Rao, IBM Corp. + */ + +/* + * A pseries guest can be run as a secure guest on Ultravisor-enabled + * POWER platforms. On such platforms, this driver will be used to manage + * the movement of guest pages between the normal memory managed by + * hypervisor (HV) and secure memory managed by Ultravisor (UV). + * + * The page-in or page-out requests from UV will come to HV as hcalls and + * HV will call back into UV via uvcalls to satisfy these page requests. + * + * Private ZONE_DEVICE memory equal to the amount of secure memory + * available in the platform for running secure guests is created + * via a char device. Whenever a page belonging to the guest becomes + * secure, a page from this private device memory is used to + * represent and track that secure page on the HV side. + * + * For each page that gets moved into secure memory, a device PFN is used + * on the HV side and migration PTE corresponding to that PFN would be + * populated in the QEMU page tables. Device PFNs are stored in the rmap + * array. Whenever a guest page becomes secure, device PFN allocated for + * the same will be populated in the corresponding slot in the rmap + * array. The overloading of rmap array's usage which otherwise is + * used primarily by HPT guests means that this feature (secure + * guest on PEF platforms) is available only for Radix MMU guests. + * Also the same rmap array is used differently by nested HPT guests. + * Hence a secure guest can't have nested guests. + */ + +#include +#include +#include +#include +#include + +struct kvmppc_devm_device { + struct device dev; + dev_t devt; + struct dev_pagemap pagemap; + unsigned long pfn_first, pfn_last; + unsigned long *pfn_bitmap; +}; + + +static struct kvmppc_devm_device kvmppc_devm; +spinlock_t kvmppc_devm_lock; + +struct kvmppc_devm_page_pvt { + unsigned long *rmap; + unsigned int lpid; + unsigned long gpa; +}; + +struct kvmppc_devm_copy_args { + unsigned long *rmap; + unsigned int lpid; + unsigned long gpa; + unsigned long page_shift; +}; + +/* + * Bits 60:56 in the rmap entry will be used to identify the + * different uses/functions of rmap. This definition with move + * to a proper header when all other functions are defined. + */ +#define KVMPPC_PFN_DEVM (0x2ULL << 56) + +static inline bool kvmppc_is_devm_pfn(unsigned long pfn) +{ + return !!(pfn & KVMPPC_PFN_DEVM); +} + +/* + * Get a free device PFN from the pool + * + * Called when a normal page is moved to secure memory (UV_PAGE_IN). Device + * PFN will be used to keep track of the secure page on HV side. + * + * @rmap here is the slot in the rmap array that corresponds to @gpa. + * Thus a non-zero rmap entry indicates that the corresonding guest + * page has become secure, and is not mapped on the HV side. + * + * NOTE: In this and subsequent functions, we pass around and access + * individual elements of kvm_memory_slot->arch.rmap[] without any + * protection. Should we use lock_rmap() here? + */ +static struct page *kvmppc_devm_get_page(unsigned long *rmap, + unsigned long gpa, unsigned int lpid) +{ + struct page *dpage = NULL; + unsigned long bit, devm_pfn; + unsigned long nr_pfns = kvmppc_devm.pfn_last - + kvmppc_devm.pfn_first; + unsigned long flags; + struct kvmppc_devm_page_pvt *pvt; + + if (kvmppc_is_devm_pfn(*rmap)) + return NULL; + + spin_lock_irqsave(&kvmppc_devm_lock, flags); + bit = find_first_zero_bit(kvmppc_devm.pfn_bitmap, nr_pfns); + if (bit >= nr_pfns) + goto out; + + bitmap_set(kvmppc_devm.pfn_bitmap, bit, 1); + devm_pfn = bit + kvmppc_devm.pfn_first; + dpage = pfn_to_page(devm_pfn); + + if (!trylock_page(dpage)) + goto out_clear; + + *rmap = devm_pfn | KVMPPC_PFN_DEVM; + pvt = kzalloc(sizeof(*pvt), GFP_ATOMIC); + if (!pvt) + goto out_unlock; + pvt->rmap = rmap; + pvt->gpa = gpa; + pvt->lpid = lpid; + dpage->zone_device_data = pvt; + spin_unlock_irqrestore(&kvmppc_devm_lock, flags); + + get_page(dpage); + return dpage; + +out_unlock: + unlock_page(dpage); +out_clear: + bitmap_clear(kvmppc_devm.pfn_bitmap, + devm_pfn - kvmppc_devm.pfn_first, 1); +out: + spin_unlock_irqrestore(&kvmppc_devm_lock, flags); + return NULL; +} + +/* + * Release the device PFN back to the pool + * + * Gets called when secure page becomes a normal page during UV_PAGE_OUT. + */ +static void kvmppc_devm_put_page(struct page *page) +{ + unsigned long pfn = page_to_pfn(page); + unsigned long flags; + struct kvmppc_devm_page_pvt *pvt; + + spin_lock_irqsave(&kvmppc_devm_lock, flags); + pvt = (struct kvmppc_devm_page_pvt *)page->zone_device_data; + page->zone_device_data = 0; + + bitmap_clear(kvmppc_devm.pfn_bitmap, + pfn - kvmppc_devm.pfn_first, 1); + *(pvt->rmap) = 0; + spin_unlock_irqrestore(&kvmppc_devm_lock, flags); + kfree(pvt); +} + +/* + * Alloc a PFN from private device memory pool and copy page from normal + * memory to secure memory. + */ +static int +kvmppc_devm_migrate_alloc_and_copy(struct migrate_vma *mig, + struct kvmppc_devm_copy_args *args) +{ + struct page *spage = migrate_pfn_to_page(*mig->src); + unsigned long pfn = *mig->src >> MIGRATE_PFN_SHIFT; + struct page *dpage; + + *mig->dst = 0; + if (!spage || !(*mig->src & MIGRATE_PFN_MIGRATE)) + return 0; + + dpage = kvmppc_devm_get_page(args->rmap, args->gpa, args->lpid); + if (!dpage) + return -EINVAL; + + if (spage) + uv_page_in(args->lpid, pfn << args->page_shift, + args->gpa, 0, args->page_shift); + + *mig->dst = migrate_pfn(page_to_pfn(dpage)) | MIGRATE_PFN_LOCKED; + return 0; +} + +/* + * Move page from normal memory to secure memory. + */ +unsigned long +kvmppc_h_svm_page_in(struct kvm *kvm, unsigned long gpa, + unsigned long flags, unsigned long page_shift) +{ + unsigned long addr, end; + unsigned long src_pfn, dst_pfn; + struct kvmppc_devm_copy_args args; + struct migrate_vma mig; + struct vm_area_struct *vma; + int srcu_idx; + unsigned long gfn = gpa >> page_shift; + struct kvm_memory_slot *slot; + unsigned long *rmap; + int ret; + + if (page_shift != PAGE_SHIFT) + return H_P3; + + if (flags) + return H_P2; + + ret = H_PARAMETER; + down_read(&kvm->mm->mmap_sem); + srcu_idx = srcu_read_lock(&kvm->srcu); + slot = gfn_to_memslot(kvm, gfn); + rmap = &slot->arch.rmap[gfn - slot->base_gfn]; + addr = gfn_to_hva(kvm, gpa >> page_shift); + if (kvm_is_error_hva(addr)) + goto out; + + end = addr + (1UL << page_shift); + vma = find_vma_intersection(kvm->mm, addr, end); + if (!vma || vma->vm_start > addr || vma->vm_end < end) + goto out; + + args.rmap = rmap; + args.lpid = kvm->arch.lpid; + args.gpa = gpa; + args.page_shift = page_shift; + + memset(&mig, 0, sizeof(mig)); + mig.vma = vma; + mig.start = addr; + mig.end = end; + mig.src = &src_pfn; + mig.dst = &dst_pfn; + + if (migrate_vma_setup(&mig)) + goto out; + + if (kvmppc_devm_migrate_alloc_and_copy(&mig, &args)) + goto out_finalize; + + migrate_vma_pages(&mig); + ret = H_SUCCESS; +out_finalize: + migrate_vma_finalize(&mig); +out: + srcu_read_unlock(&kvm->srcu, srcu_idx); + up_read(&kvm->mm->mmap_sem); + return ret; +} + +/* + * Provision a new page on HV side and copy over the contents + * from secure memory. + */ +static int +kvmppc_devm_fault_migrate_alloc_and_copy(struct migrate_vma *mig) +{ + struct page *dpage, *spage; + struct kvmppc_devm_page_pvt *pvt; + unsigned long pfn; + int ret = U_SUCCESS; + + spage = migrate_pfn_to_page(*mig->src); + if (!spage || !(*mig->src & MIGRATE_PFN_MIGRATE)) + return 0; + if (!is_zone_device_page(spage)) + return 0; + + dpage = alloc_page_vma(GFP_HIGHUSER, mig->vma, mig->start); + if (!dpage) + return -EINVAL; + lock_page(dpage); + pvt = (struct kvmppc_devm_page_pvt *)spage->zone_device_data; + + pfn = page_to_pfn(dpage); + ret = uv_page_out(pvt->lpid, pfn << PAGE_SHIFT, + pvt->gpa, 0, PAGE_SHIFT); + if (ret == U_SUCCESS) + *mig->dst = migrate_pfn(pfn) | MIGRATE_PFN_LOCKED; + return 0; +} + +/* + * Fault handler callback when HV touches any page that has been + * moved to secure memory, we ask UV to give back the page by + * issuing a UV_PAGE_OUT uvcall. + * + * This eventually results in dropping of device PFN and the newly + * provisioned page/PFN gets populated in QEMU page tables. + */ +static vm_fault_t kvmppc_devm_migrate_to_ram(struct vm_fault *vmf) +{ + unsigned long src_pfn, dst_pfn = 0; + struct migrate_vma mig; + int ret = 0; + + memset(&mig, 0, sizeof(mig)); + mig.vma = vmf->vma; + mig.start = vmf->address; + mig.end = vmf->address + PAGE_SIZE; + mig.src = &src_pfn; + mig.dst = &dst_pfn; + + if (migrate_vma_setup(&mig)) { + ret = VM_FAULT_SIGBUS; + goto out; + } + + if (kvmppc_devm_fault_migrate_alloc_and_copy(&mig)) { + ret = VM_FAULT_SIGBUS; + goto out_finalize; + } + + migrate_vma_pages(&mig); +out_finalize: + migrate_vma_finalize(&mig); +out: + return ret; +} + +static void kvmppc_devm_page_free(struct page *page) +{ + kvmppc_devm_put_page(page); +} + +static const struct dev_pagemap_ops kvmppc_devm_ops = { + .page_free = kvmppc_devm_page_free, + .migrate_to_ram = kvmppc_devm_migrate_to_ram, +}; + +/* + * Move page from secure memory to normal memory. + */ +unsigned long +kvmppc_h_svm_page_out(struct kvm *kvm, unsigned long gpa, + unsigned long flags, unsigned long page_shift) +{ + struct migrate_vma mig; + unsigned long addr, end; + struct vm_area_struct *vma; + unsigned long src_pfn, dst_pfn = 0; + int srcu_idx; + int ret; + + if (page_shift != PAGE_SHIFT) + return H_P3; + + if (flags) + return H_P2; + + ret = H_PARAMETER; + down_read(&kvm->mm->mmap_sem); + srcu_idx = srcu_read_lock(&kvm->srcu); + addr = gfn_to_hva(kvm, gpa >> page_shift); + if (kvm_is_error_hva(addr)) + goto out; + + end = addr + (1UL << page_shift); + vma = find_vma_intersection(kvm->mm, addr, end); + if (!vma || vma->vm_start > addr || vma->vm_end < end) + goto out; + + memset(&mig, 0, sizeof(mig)); + mig.vma = vma; + mig.start = addr; + mig.end = end; + mig.src = &src_pfn; + mig.dst = &dst_pfn; + if (migrate_vma_setup(&mig)) + goto out; + + if (kvmppc_devm_fault_migrate_alloc_and_copy(&mig)) + goto out_finalize; + + migrate_vma_pages(&mig); + ret = H_SUCCESS; +out_finalize: + migrate_vma_finalize(&mig); +out: + srcu_read_unlock(&kvm->srcu, srcu_idx); + up_read(&kvm->mm->mmap_sem); + return ret; +} + +static u64 kvmppc_get_secmem_size(void) +{ + struct device_node *np; + int i, len; + const __be32 *prop; + u64 size = 0; + + np = of_find_node_by_path("/ibm,ultravisor/ibm,uv-firmware"); + if (!np) + goto out; + + prop = of_get_property(np, "secure-memory-ranges", &len); + if (!prop) + goto out_put; + + for (i = 0; i < len / (sizeof(*prop) * 4); i++) + size += of_read_number(prop + (i * 4) + 2, 2); + +out_put: + of_node_put(np); +out: + return size; +} + +static int kvmppc_devm_pages_init(void) +{ + unsigned long nr_pfns = kvmppc_devm.pfn_last - + kvmppc_devm.pfn_first; + + kvmppc_devm.pfn_bitmap = kcalloc(BITS_TO_LONGS(nr_pfns), + sizeof(unsigned long), GFP_KERNEL); + if (!kvmppc_devm.pfn_bitmap) + return -ENOMEM; + + spin_lock_init(&kvmppc_devm_lock); + + return 0; +} + +static void kvmppc_devm_release(struct device *dev) +{ + unregister_chrdev_region(kvmppc_devm.devt, 1); +} + +int kvmppc_devm_init(void) +{ + int ret = 0; + unsigned long size; + struct resource *res; + void *addr; + + size = kvmppc_get_secmem_size(); + if (!size) { + ret = -ENODEV; + goto out; + } + + ret = alloc_chrdev_region(&kvmppc_devm.devt, 0, 1, + "kvmppc-devm"); + if (ret) + goto out; + + dev_set_name(&kvmppc_devm.dev, "kvmppc_devm_device%d", 0); + kvmppc_devm.dev.release = kvmppc_devm_release; + device_initialize(&kvmppc_devm.dev); + res = devm_request_free_mem_region(&kvmppc_devm.dev, + &iomem_resource, size); + if (IS_ERR(res)) { + ret = PTR_ERR(res); + goto out_unregister; + } + + kvmppc_devm.pagemap.type = MEMORY_DEVICE_PRIVATE; + kvmppc_devm.pagemap.res = *res; + kvmppc_devm.pagemap.ops = &kvmppc_devm_ops; + addr = devm_memremap_pages(&kvmppc_devm.dev, &kvmppc_devm.pagemap); + if (IS_ERR(addr)) { + ret = PTR_ERR(addr); + goto out_unregister; + } + + kvmppc_devm.pfn_first = res->start >> PAGE_SHIFT; + kvmppc_devm.pfn_last = kvmppc_devm.pfn_first + + (resource_size(res) >> PAGE_SHIFT); + ret = kvmppc_devm_pages_init(); + if (ret < 0) + goto out_unregister; + + pr_info("KVMPPC-DEVM: Secure Memory size 0x%lx\n", size); + return ret; + +out_unregister: + put_device(&kvmppc_devm.dev); +out: + return ret; +} + +void kvmppc_devm_free(void) +{ + kfree(kvmppc_devm.pfn_bitmap); + put_device(&kvmppc_devm.dev); +} From patchwork Fri Aug 9 08:41:03 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bharata B Rao X-Patchwork-Id: 11085679 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 49CEB14F7 for ; Fri, 9 Aug 2019 08:41:55 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3A6DE28C3A for ; Fri, 9 Aug 2019 08:41:55 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 2DC6328C3B; Fri, 9 Aug 2019 08:41:55 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 93AD228C3D for ; Fri, 9 Aug 2019 08:41:54 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 9CB056B026E; Fri, 9 Aug 2019 04:41:53 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 954056B026F; Fri, 9 Aug 2019 04:41:53 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 7CDDE6B0270; Fri, 9 Aug 2019 04:41:53 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pg1-f197.google.com (mail-pg1-f197.google.com [209.85.215.197]) by kanga.kvack.org (Postfix) with ESMTP id 42F166B026E for ; Fri, 9 Aug 2019 04:41:53 -0400 (EDT) Received: by mail-pg1-f197.google.com with SMTP id q1so3698649pgt.2 for ; Fri, 09 Aug 2019 01:41:53 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:in-reply-to:references:mime-version :content-transfer-encoding:message-id; bh=5LuG0HaO2bEKT13rvG09jejP+YLFYU9mB9zquGtlRoc=; b=LaHTHtw6Yh1cmQwDk/OQJZFqVWtmNExNplxsFq//2aIex496/P2kkmy664SD7ePw6z KHIXysumMImUW7XAIOGImEcUkCM8bWYVzANM1B5mGZ9mYTjQXy6ih8SNQUyiKVakcZaL xKJHtfyehBm7eEGFYxfjdSME8HXQfO4xOzslKFYOrKadUUopKe0qG1WPb1HVizU0s2Qj D4XAAfq3asgCqVCswLfag98/+tyAu9Oq1wEAGUFL4MPpDxE2SXSJ4kGWEJ8QHcydC96d bgKPRLDI2EjbTsrqQlNbKljRHlrMcazAdwRIYoVbqwomea0U5pWNodM5Ivaena3Lk+zE W35A== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of bharata@linux.ibm.com designates 148.163.156.1 as permitted sender) smtp.mailfrom=bharata@linux.ibm.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com X-Gm-Message-State: APjAAAWLr2nlr2UXzzgPQiCZdie4U4vQMKF0D9h1SD3EARNniHjhDkN8 3PYVGiPA6a25Ko8g7J7JIcnrN5c8PE0J63fmy2QkRw02pwRq3jrg7cM5B+FU7mcmAeCnYpkxojn jnU4LzEkIG8wAa9HZpwtxMkrg+oPTeVxGaHZJ90E9eYh1FAfKeTJAanRUc9CnYIPQlw== X-Received: by 2002:a17:90a:898e:: with SMTP id v14mr8283739pjn.119.1565340112939; Fri, 09 Aug 2019 01:41:52 -0700 (PDT) X-Google-Smtp-Source: APXvYqyiakDODebaHo4gRljLTeTWiSkH8FxPnNd1B8aiPk1a1wt+Y3jgqC47YpWTKFEpoQ7tcdlV X-Received: by 2002:a17:90a:898e:: with SMTP id v14mr8283676pjn.119.1565340111552; Fri, 09 Aug 2019 01:41:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565340111; cv=none; d=google.com; s=arc-20160816; b=09M1E7bWvB6rSWR4HjQ0Y+ng8+a40o9kxxhp++q34A88Y+9/N89q/xe5bL0cJMgqvm gX/jLs4Emc+sGQVleAkfregEO+g2ToWziIrgQ4OreiiiAkilk9Mdil0CiCVQ8WDURuaV 8kRq1nJ8KZHemm+HMc4QI1yRld9m6+DYhpO0tI39QXeZT7Cjq/8c77DGv7IMGK+XM2jd J0KWqSolzrCnR14o7I7+0xO3dK+OBMeW5I82ZQreuQn9n6XFm6rVfGlZOcgQjoHxTNHP JU+QohfNHEBkgd06Rsonab7WJlV9a91Ugs7ZXrSa78hZ4YeApSDWgtWwwgldtpsumCVv sXKg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=message-id:content-transfer-encoding:mime-version:references :in-reply-to:date:subject:cc:to:from; bh=5LuG0HaO2bEKT13rvG09jejP+YLFYU9mB9zquGtlRoc=; b=UxgqjND4d7pq7c5pQs4rcW0LSsgtANP2MkJIl2JgNOX1GqkMnhwXnyVNpCY8qfF6Zy ebTHMq7oYlSmYbbHX8DKOyItvPyXSO8NVGqaDsRZQUo0CMs5/+czHg64uEOM+gXbeEkO FOSlbcgriXmWMu9MryEW5MA3d0Ue08/7CeiiH931vwctVf1DZSMgtoPMlYNX+k0mAQny KWW7iIzMznuHhSTSULakUXxz22FeGQbk3WAxa6su0if2LtFR/LF6nSEltrG+Rsczjnev WkYEc76zO78+Db0atOQ/rRtkUC4lLaP6YdVlF5jtl/SGm25KOM+onvXHJOoRlSaM3Pwk exFw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of bharata@linux.ibm.com designates 148.163.156.1 as permitted sender) smtp.mailfrom=bharata@linux.ibm.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com. [148.163.156.1]) by mx.google.com with ESMTPS id r8si57480018pgr.243.2019.08.09.01.41.51 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 09 Aug 2019 01:41:51 -0700 (PDT) Received-SPF: pass (google.com: domain of bharata@linux.ibm.com designates 148.163.156.1 as permitted sender) client-ip=148.163.156.1; Authentication-Results: mx.google.com; spf=pass (google.com: domain of bharata@linux.ibm.com designates 148.163.156.1 as permitted sender) smtp.mailfrom=bharata@linux.ibm.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: from pps.filterd (m0098393.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x798buR0101188 for ; Fri, 9 Aug 2019 04:41:51 -0400 Received: from e06smtp04.uk.ibm.com (e06smtp04.uk.ibm.com [195.75.94.100]) by mx0a-001b2d01.pphosted.com with ESMTP id 2u94vqhdfe-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 09 Aug 2019 04:41:29 -0400 Received: from localhost by e06smtp04.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 9 Aug 2019 09:41:26 +0100 Received: from b06avi18878370.portsmouth.uk.ibm.com (9.149.26.194) by e06smtp04.uk.ibm.com (192.168.101.134) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Fri, 9 Aug 2019 09:41:23 +0100 Received: from b06wcsmtp001.portsmouth.uk.ibm.com (b06wcsmtp001.portsmouth.uk.ibm.com [9.149.105.160]) by b06avi18878370.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id x798fLDm25231790 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 9 Aug 2019 08:41:21 GMT Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 58632A4054; Fri, 9 Aug 2019 08:41:21 +0000 (GMT) Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 60C61A405C; Fri, 9 Aug 2019 08:41:19 +0000 (GMT) Received: from bharata.ibmuc.com (unknown [9.85.95.61]) by b06wcsmtp001.portsmouth.uk.ibm.com (Postfix) with ESMTP; Fri, 9 Aug 2019 08:41:19 +0000 (GMT) From: Bharata B Rao To: linuxppc-dev@lists.ozlabs.org Cc: kvm-ppc@vger.kernel.org, linux-mm@kvack.org, paulus@au1.ibm.com, aneesh.kumar@linux.vnet.ibm.com, jglisse@redhat.com, linuxram@us.ibm.com, sukadev@linux.vnet.ibm.com, cclaudio@linux.ibm.com, hch@lst.de, Bharata B Rao Subject: [PATCH v6 2/7] kvmppc: Shared pages support for secure guests Date: Fri, 9 Aug 2019 14:11:03 +0530 X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190809084108.30343-1-bharata@linux.ibm.com> References: <20190809084108.30343-1-bharata@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 x-cbid: 19080908-0016-0000-0000-0000029CA6A9 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19080908-0017-0000-0000-000032FCADCD Message-Id: <20190809084108.30343-3-bharata@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2019-08-09_02:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=1 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=705 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1906280000 definitions=main-1908090089 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP A secure guest will share some of its pages with hypervisor (Eg. virtio bounce buffers etc). Support sharing of pages between hypervisor and ultravisor. Once a secure page is converted to shared page, stop tracking that page as a device page. Signed-off-by: Bharata B Rao --- arch/powerpc/include/asm/hvcall.h | 3 ++ arch/powerpc/kvm/book3s_hv_devm.c | 67 +++++++++++++++++++++++++++++-- 2 files changed, 67 insertions(+), 3 deletions(-) diff --git a/arch/powerpc/include/asm/hvcall.h b/arch/powerpc/include/asm/hvcall.h index 2f6b952deb0f..05b8536f6653 100644 --- a/arch/powerpc/include/asm/hvcall.h +++ b/arch/powerpc/include/asm/hvcall.h @@ -337,6 +337,9 @@ #define H_TLB_INVALIDATE 0xF808 #define H_COPY_TOFROM_GUEST 0xF80C +/* Flags for H_SVM_PAGE_IN */ +#define H_PAGE_IN_SHARED 0x1 + /* Platform-specific hcalls used by the Ultravisor */ #define H_SVM_PAGE_IN 0xEF00 #define H_SVM_PAGE_OUT 0xEF04 diff --git a/arch/powerpc/kvm/book3s_hv_devm.c b/arch/powerpc/kvm/book3s_hv_devm.c index 2e6c077bd22e..c9189e58401d 100644 --- a/arch/powerpc/kvm/book3s_hv_devm.c +++ b/arch/powerpc/kvm/book3s_hv_devm.c @@ -55,6 +55,7 @@ struct kvmppc_devm_page_pvt { unsigned long *rmap; unsigned int lpid; unsigned long gpa; + bool skip_page_out; }; struct kvmppc_devm_copy_args { @@ -188,6 +189,54 @@ kvmppc_devm_migrate_alloc_and_copy(struct migrate_vma *mig, return 0; } +/* + * Shares the page with HV, thus making it a normal page. + * + * - If the page is already secure, then provision a new page and share + * - If the page is a normal page, share the existing page + * + * In the former case, uses the dev_pagemap_ops migrate_to_ram handler to + * release the device page. + */ +static unsigned long +kvmppc_share_page(struct kvm *kvm, unsigned long gpa, unsigned long page_shift) +{ + + int ret = H_PARAMETER; + struct page *devm_page; + struct kvmppc_devm_page_pvt *pvt; + unsigned long pfn; + unsigned long *rmap; + struct kvm_memory_slot *slot; + unsigned long gfn = gpa >> page_shift; + int srcu_idx; + + srcu_idx = srcu_read_lock(&kvm->srcu); + slot = gfn_to_memslot(kvm, gfn); + if (!slot) + goto out; + + rmap = &slot->arch.rmap[gfn - slot->base_gfn]; + if (kvmppc_is_devm_pfn(*rmap)) { + devm_page = pfn_to_page(*rmap & ~KVMPPC_PFN_DEVM); + pvt = (struct kvmppc_devm_page_pvt *) + devm_page->zone_device_data; + pvt->skip_page_out = true; + } + + pfn = gfn_to_pfn(kvm, gpa >> page_shift); + if (is_error_noslot_pfn(pfn)) + goto out; + + ret = uv_page_in(kvm->arch.lpid, pfn << page_shift, gpa, 0, page_shift); + if (ret == U_SUCCESS) + ret = H_SUCCESS; + kvm_release_pfn_clean(pfn); +out: + srcu_read_unlock(&kvm->srcu, srcu_idx); + return ret; +} + /* * Move page from normal memory to secure memory. */ @@ -209,9 +258,12 @@ kvmppc_h_svm_page_in(struct kvm *kvm, unsigned long gpa, if (page_shift != PAGE_SHIFT) return H_P3; - if (flags) + if (flags & ~H_PAGE_IN_SHARED) return H_P2; + if (flags & H_PAGE_IN_SHARED) + return kvmppc_share_page(kvm, gpa, page_shift); + ret = H_PARAMETER; down_read(&kvm->mm->mmap_sem); srcu_idx = srcu_read_lock(&kvm->srcu); @@ -279,8 +331,17 @@ kvmppc_devm_fault_migrate_alloc_and_copy(struct migrate_vma *mig) pvt = (struct kvmppc_devm_page_pvt *)spage->zone_device_data; pfn = page_to_pfn(dpage); - ret = uv_page_out(pvt->lpid, pfn << PAGE_SHIFT, - pvt->gpa, 0, PAGE_SHIFT); + + /* + * This same function is used in two cases: + * - When HV touches a secure page, for which we do page-out + * - When a secure page is converted to shared page, we touch + * the page to essentially discard the device page. In this + * case we skip page-out. + */ + if (!pvt->skip_page_out) + ret = uv_page_out(pvt->lpid, pfn << PAGE_SHIFT, + pvt->gpa, 0, PAGE_SHIFT); if (ret == U_SUCCESS) *mig->dst = migrate_pfn(pfn) | MIGRATE_PFN_LOCKED; return 0; From patchwork Fri Aug 9 08:41:04 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bharata B Rao X-Patchwork-Id: 11085667 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id DC6691395 for ; Fri, 9 Aug 2019 08:41:34 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id CC31D28C2D for ; Fri, 9 Aug 2019 08:41:34 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id C01EC28C3B; Fri, 9 Aug 2019 08:41:34 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 0B16B28C2D for ; Fri, 9 Aug 2019 08:41:34 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 07C9E6B0010; Fri, 9 Aug 2019 04:41:33 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 005BE6B0266; Fri, 9 Aug 2019 04:41:32 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id DC0786B0269; Fri, 9 Aug 2019 04:41:32 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pf1-f197.google.com (mail-pf1-f197.google.com [209.85.210.197]) by kanga.kvack.org (Postfix) with ESMTP id A54CE6B0010 for ; Fri, 9 Aug 2019 04:41:32 -0400 (EDT) Received: by mail-pf1-f197.google.com with SMTP id i26so60930708pfo.22 for ; Fri, 09 Aug 2019 01:41:32 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:in-reply-to:references:mime-version :content-transfer-encoding:message-id; bh=Py6ja5kQrd5Wh0Vhg1w/rX2YMsO9pLLJNn85o7CuwKo=; b=aA18Rbs9ZzZ4wIX0EeALnonKcvPkMLpqbbiUrlXDcqmKJLkCJFqUd6RnE+N15bsGUl WBr9LH7hUtq4n0x2oC/IAmFDvaNxMXpy+Beiri21keDilP6s39q35MnWtHBMSRE8oCqK vtA7/8TqEwAkaKc23YXOg/dEPzYBU0CY8FzCCnrW/vryPPtE9xzwYQrB1I6i1P0mh8du PhmtuBIRu6GAnzW2lBU4BF4a5PQq5DdWhATG5Pl78yCBvwfiGVVtV/Bbtf7FCr/aORCz bxv+eaZEc78J8D9y4yLrf0XhgZx96Uw5X0wc3DCG0W8KnXacRXbWyZkLMQHJVgTvLepz IHbw== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of bharata@linux.ibm.com designates 148.163.156.1 as permitted sender) smtp.mailfrom=bharata@linux.ibm.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com X-Gm-Message-State: APjAAAUHfHjUsBS/Mt2D6dYoKkdQiG0bZOCrmXO9kGdrDvUzFDwDJc9U P26E6erN2IRY7+CQa/3Vze6nxSJ9Yy0eUwgC/lebECvxFS0qo19yVuQXAlPNXA8j0gfbIuRoqUs fdIxjlhmJUUv1NbAOsa7lKx9zox+gB+kMwwmIE0iR+PQzF6YbRUmEVjKp+Pwbx5iP4w== X-Received: by 2002:a63:6947:: with SMTP id e68mr16750958pgc.60.1565340092219; Fri, 09 Aug 2019 01:41:32 -0700 (PDT) X-Google-Smtp-Source: APXvYqzQeYOQJS20r9qAfXpq82PWInQL8X6C/vw5eatsnfbreg6GJ4Lw6WvXCZ/UGdx0FlLS+Te0 X-Received: by 2002:a63:6947:: with SMTP id e68mr16750909pgc.60.1565340091126; Fri, 09 Aug 2019 01:41:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565340091; cv=none; d=google.com; s=arc-20160816; b=sVdfiwV2s8Kqsntn6I2vYwm7kVqqg52xWV9/glEzJ+iQIP0ZFkE42AmJ0ho+E/PnOz VIK8d8TKVH75s6RpJZLeM5DcsRWkXo06O+H1C6v/tgWwqlVNvAndmplvGvPMm+wtgtHj f7cUZTnga7/O/l20xb3FruJtXCvasDf8MOyGtkl46Oza3Fj55G5SMIcnFkiKReoW6RLX kic4F1fmfCCTgopVmxgbQAzlRLNtqaWdcHb2bnl/0IJS40gTdlqnDbBWsdieL2e77IGD MymipIQuo/ow7z6Icw/DDrcPWCeo+QPvuDgwvIcXIkIBYipBCHHn37WFmB8BXega8MWI qTyw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=message-id:content-transfer-encoding:mime-version:references :in-reply-to:date:subject:cc:to:from; bh=Py6ja5kQrd5Wh0Vhg1w/rX2YMsO9pLLJNn85o7CuwKo=; b=GyeOUj/letwUsIwssMEykiwGo52xVIVWHHu3yiqQ9mGo7Sofff/ybrTRtFIfHCa+p7 QEIszaYawQ4TAp5UUImD6Or1tTx0QTL0BMufwQ75LYr+/xTljiAN6RNWcST3bfS8FIcF fIfT1fK2grUz1rZjiKDwZbgB+0UamBJSPsModesYZuivPyU9Nl+bTkq3IvkIe1cizBb6 GciYVDcGsuS7qBCkvdbSU7tPEBN7hV9/TAGx5hJzwpUZiBI+Tvz114QnvMGbEvWqOsUg +APw3uepZbGI0Xq+Src4Rur7BxZQZ/PlgCellhZeX4evCtczT/H2RIQZFywVuNnkg4xY 9GkQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of bharata@linux.ibm.com designates 148.163.156.1 as permitted sender) smtp.mailfrom=bharata@linux.ibm.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com. [148.163.156.1]) by mx.google.com with ESMTPS id b8si47119369pgn.56.2019.08.09.01.41.30 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 09 Aug 2019 01:41:31 -0700 (PDT) Received-SPF: pass (google.com: domain of bharata@linux.ibm.com designates 148.163.156.1 as permitted sender) client-ip=148.163.156.1; Authentication-Results: mx.google.com; spf=pass (google.com: domain of bharata@linux.ibm.com designates 148.163.156.1 as permitted sender) smtp.mailfrom=bharata@linux.ibm.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: from pps.filterd (m0098399.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x798bdUv136827 for ; Fri, 9 Aug 2019 04:41:30 -0400 Received: from e06smtp07.uk.ibm.com (e06smtp07.uk.ibm.com [195.75.94.103]) by mx0a-001b2d01.pphosted.com with ESMTP id 2u92upeexs-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 09 Aug 2019 04:41:30 -0400 Received: from localhost by e06smtp07.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 9 Aug 2019 09:41:27 +0100 Received: from b06cxnps3074.portsmouth.uk.ibm.com (9.149.109.194) by e06smtp07.uk.ibm.com (192.168.101.137) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Fri, 9 Aug 2019 09:41:25 +0100 Received: from b06wcsmtp001.portsmouth.uk.ibm.com (b06wcsmtp001.portsmouth.uk.ibm.com [9.149.105.160]) by b06cxnps3074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id x798fN4M41091198 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 9 Aug 2019 08:41:23 GMT Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id BC1B0A4065; Fri, 9 Aug 2019 08:41:23 +0000 (GMT) Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id A1344A4054; Fri, 9 Aug 2019 08:41:21 +0000 (GMT) Received: from bharata.ibmuc.com (unknown [9.85.95.61]) by b06wcsmtp001.portsmouth.uk.ibm.com (Postfix) with ESMTP; Fri, 9 Aug 2019 08:41:21 +0000 (GMT) From: Bharata B Rao To: linuxppc-dev@lists.ozlabs.org Cc: kvm-ppc@vger.kernel.org, linux-mm@kvack.org, paulus@au1.ibm.com, aneesh.kumar@linux.vnet.ibm.com, jglisse@redhat.com, linuxram@us.ibm.com, sukadev@linux.vnet.ibm.com, cclaudio@linux.ibm.com, hch@lst.de, Bharata B Rao , Paul Mackerras Subject: [PATCH v6 3/7] kvmppc: H_SVM_INIT_START and H_SVM_INIT_DONE hcalls Date: Fri, 9 Aug 2019 14:11:04 +0530 X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190809084108.30343-1-bharata@linux.ibm.com> References: <20190809084108.30343-1-bharata@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 x-cbid: 19080908-0028-0000-0000-0000038DA5B0 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19080908-0029-0000-0000-0000244FAAD1 Message-Id: <20190809084108.30343-4-bharata@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2019-08-09_02:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=1 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1906280000 definitions=main-1908090089 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP H_SVM_INIT_START: Initiate securing a VM H_SVM_INIT_DONE: Conclude securing a VM As part of H_SVM_INIT_START, register all existing memslots with the UV. H_SVM_INIT_DONE call by UV informs HV that transition of the guest to secure mode is complete. These two states (transition to secure mode STARTED and transition to secure mode COMPLETED) are recorded in kvm->arch.secure_guest. Setting these states will cause the assembly code that enters the guest to call the UV_RETURN ucall instead of trying to enter the guest directly. Signed-off-by: Bharata B Rao Acked-by: Paul Mackerras --- arch/powerpc/include/asm/hvcall.h | 2 ++ arch/powerpc/include/asm/kvm_book3s_devm.h | 12 ++++++++ arch/powerpc/include/asm/kvm_host.h | 4 +++ arch/powerpc/include/asm/ultravisor-api.h | 1 + arch/powerpc/include/asm/ultravisor.h | 7 +++++ arch/powerpc/kvm/book3s_hv.c | 7 +++++ arch/powerpc/kvm/book3s_hv_devm.c | 34 ++++++++++++++++++++++ 7 files changed, 67 insertions(+) diff --git a/arch/powerpc/include/asm/hvcall.h b/arch/powerpc/include/asm/hvcall.h index 05b8536f6653..fa7695928e30 100644 --- a/arch/powerpc/include/asm/hvcall.h +++ b/arch/powerpc/include/asm/hvcall.h @@ -343,6 +343,8 @@ /* Platform-specific hcalls used by the Ultravisor */ #define H_SVM_PAGE_IN 0xEF00 #define H_SVM_PAGE_OUT 0xEF04 +#define H_SVM_INIT_START 0xEF08 +#define H_SVM_INIT_DONE 0xEF0C /* Values for 2nd argument to H_SET_MODE */ #define H_SET_MODE_RESOURCE_SET_CIABR 1 diff --git a/arch/powerpc/include/asm/kvm_book3s_devm.h b/arch/powerpc/include/asm/kvm_book3s_devm.h index 21f3de5f2acb..8c7aacabb2e0 100644 --- a/arch/powerpc/include/asm/kvm_book3s_devm.h +++ b/arch/powerpc/include/asm/kvm_book3s_devm.h @@ -11,6 +11,8 @@ extern unsigned long kvmppc_h_svm_page_out(struct kvm *kvm, unsigned long gra, unsigned long flags, unsigned long page_shift); +extern unsigned long kvmppc_h_svm_init_start(struct kvm *kvm); +extern unsigned long kvmppc_h_svm_init_done(struct kvm *kvm); #else static inline unsigned long kvmppc_h_svm_page_in(struct kvm *kvm, unsigned long gra, @@ -25,5 +27,15 @@ kvmppc_h_svm_page_out(struct kvm *kvm, unsigned long gra, { return H_UNSUPPORTED; } + +static inline unsigned long kvmppc_h_svm_init_start(struct kvm *kvm) +{ + return H_UNSUPPORTED; +} + +static inline unsigned long kvmppc_h_svm_init_done(struct kvm *kvm) +{ + return H_UNSUPPORTED; +} #endif /* CONFIG_PPC_UV */ #endif /* __POWERPC_KVM_PPC_HMM_H__ */ diff --git a/arch/powerpc/include/asm/kvm_host.h b/arch/powerpc/include/asm/kvm_host.h index 86bbe607ad7e..1827c22909cd 100644 --- a/arch/powerpc/include/asm/kvm_host.h +++ b/arch/powerpc/include/asm/kvm_host.h @@ -261,6 +261,10 @@ struct kvm_hpt_info { struct kvm_resize_hpt; +/* Flag values for kvm_arch.secure_guest */ +#define KVMPPC_SECURE_INIT_START 0x1 /* H_SVM_INIT_START has been called */ +#define KVMPPC_SECURE_INIT_DONE 0x2 /* H_SVM_INIT_DONE completed */ + struct kvm_arch { unsigned int lpid; unsigned int smt_mode; /* # vcpus per virtual core */ diff --git a/arch/powerpc/include/asm/ultravisor-api.h b/arch/powerpc/include/asm/ultravisor-api.h index 1cd1f595fd81..c578d9b13a56 100644 --- a/arch/powerpc/include/asm/ultravisor-api.h +++ b/arch/powerpc/include/asm/ultravisor-api.h @@ -25,6 +25,7 @@ /* opcodes */ #define UV_WRITE_PATE 0xF104 #define UV_RETURN 0xF11C +#define UV_REGISTER_MEM_SLOT 0xF120 #define UV_PAGE_IN 0xF128 #define UV_PAGE_OUT 0xF12C diff --git a/arch/powerpc/include/asm/ultravisor.h b/arch/powerpc/include/asm/ultravisor.h index d668a59e099b..8a722c575c56 100644 --- a/arch/powerpc/include/asm/ultravisor.h +++ b/arch/powerpc/include/asm/ultravisor.h @@ -33,4 +33,11 @@ static inline int uv_page_out(u64 lpid, u64 dst_ra, u64 src_gpa, u64 flags, page_shift); } +static inline int uv_register_mem_slot(u64 lpid, u64 start_gpa, u64 size, + u64 flags, u64 slotid) +{ + return ucall_norets(UV_REGISTER_MEM_SLOT, lpid, start_gpa, + size, flags, slotid); +} + #endif /* _ASM_POWERPC_ULTRAVISOR_H */ diff --git a/arch/powerpc/kvm/book3s_hv.c b/arch/powerpc/kvm/book3s_hv.c index 00b43ee8b693..33b8ebffbef0 100644 --- a/arch/powerpc/kvm/book3s_hv.c +++ b/arch/powerpc/kvm/book3s_hv.c @@ -1089,6 +1089,13 @@ int kvmppc_pseries_do_hcall(struct kvm_vcpu *vcpu) kvmppc_get_gpr(vcpu, 5), kvmppc_get_gpr(vcpu, 6)); break; + case H_SVM_INIT_START: + ret = kvmppc_h_svm_init_start(vcpu->kvm); + break; + case H_SVM_INIT_DONE: + ret = kvmppc_h_svm_init_done(vcpu->kvm); + break; + default: return RESUME_HOST; } diff --git a/arch/powerpc/kvm/book3s_hv_devm.c b/arch/powerpc/kvm/book3s_hv_devm.c index c9189e58401d..c55bb5f57928 100644 --- a/arch/powerpc/kvm/book3s_hv_devm.c +++ b/arch/powerpc/kvm/book3s_hv_devm.c @@ -65,6 +65,40 @@ struct kvmppc_devm_copy_args { unsigned long page_shift; }; +unsigned long kvmppc_h_svm_init_start(struct kvm *kvm) +{ + struct kvm_memslots *slots; + struct kvm_memory_slot *memslot; + int ret = H_SUCCESS; + int srcu_idx; + + srcu_idx = srcu_read_lock(&kvm->srcu); + slots = kvm_memslots(kvm); + kvm_for_each_memslot(memslot, slots) { + ret = uv_register_mem_slot(kvm->arch.lpid, + memslot->base_gfn << PAGE_SHIFT, + memslot->npages * PAGE_SIZE, + 0, memslot->id); + if (ret < 0) { + ret = H_PARAMETER; + goto out; + } + } + kvm->arch.secure_guest |= KVMPPC_SECURE_INIT_START; +out: + srcu_read_unlock(&kvm->srcu, srcu_idx); + return ret; +} + +unsigned long kvmppc_h_svm_init_done(struct kvm *kvm) +{ + if (!(kvm->arch.secure_guest & KVMPPC_SECURE_INIT_START)) + return H_UNSUPPORTED; + + kvm->arch.secure_guest |= KVMPPC_SECURE_INIT_DONE; + return H_SUCCESS; +} + /* * Bits 60:56 in the rmap entry will be used to identify the * different uses/functions of rmap. This definition with move From patchwork Fri Aug 9 08:41:05 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bharata B Rao X-Patchwork-Id: 11085673 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 8AA7A14F7 for ; Fri, 9 Aug 2019 08:41:41 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 7B0FF28C2D for ; Fri, 9 Aug 2019 08:41:41 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 6F71628C3D; Fri, 9 Aug 2019 08:41:41 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E844E28C2D for ; Fri, 9 Aug 2019 08:41:40 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A80106B026A; Fri, 9 Aug 2019 04:41:35 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 7FCDB6B0269; Fri, 9 Aug 2019 04:41:35 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 55FEF6B026B; Fri, 9 Aug 2019 04:41:35 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pf1-f197.google.com (mail-pf1-f197.google.com [209.85.210.197]) by kanga.kvack.org (Postfix) with ESMTP id 0CBD56B0269 for ; Fri, 9 Aug 2019 04:41:35 -0400 (EDT) Received: by mail-pf1-f197.google.com with SMTP id q67so1211242pfc.10 for ; Fri, 09 Aug 2019 01:41:35 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:in-reply-to:references:mime-version :content-transfer-encoding:message-id; bh=H8A/coTF7+9kyLoTkdNkQGmFjwECtBuCUBSoO+bEiyE=; b=VJwcyeHT1RfbOqfeX83zi8I/zz9Nebibls2lpVDWYgMEddb1IQHgQkMQhlmELTdZ0R dQs0K6L9FeslSL/MxA/yTw1YIRw5nIKxClCoNHbbuJ8XPg33zKJp2dptQgHZMO718GuW 82G85PJ1OUm01frRyn9lf6dRAbpgik9VQ59vT4GeW4tF4qdhUh8bdsQWlhb2+PjFuthx q/jwDHHxsvvCjxs0ka/0P2vNumeKHrVSPiNaMTKNLAa5GVNhC7UpSb/SBsYzCW7+Ee6M 3rMLvXugYggWNlVBGAbj6hBVBOqhD+9O6Z7qBTrX/eNJfnHn/bAvhO7S87milHJnDB84 ALsQ== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of bharata@linux.ibm.com designates 148.163.156.1 as permitted sender) smtp.mailfrom=bharata@linux.ibm.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com X-Gm-Message-State: APjAAAV/a0P3oK9TW1tq28hKu46oUl2b9CA8gpxVsw/HMJm9GDAy0LTa GMhfeh4XHnAg19LZhxWHtzS2iRwfGnhpJ9rdDOfTXO+V28S+aIuDZDNH1stwFZ0HxrlVcS0JNO0 n15NOA2sdPBKmZgu9frM7U02/FILCkZYAT3yJ15iSe3xW3tEwrMau99N3oLHPFs0zog== X-Received: by 2002:a17:90a:cb87:: with SMTP id a7mr4815764pju.130.1565340094726; Fri, 09 Aug 2019 01:41:34 -0700 (PDT) X-Google-Smtp-Source: APXvYqy0hYXa/DBX+wLjEalsjwBH10o60YVDCeb079VWlG0J4EVc4RLcEVaQj3Cencn4ip1gROJr X-Received: by 2002:a17:90a:cb87:: with SMTP id a7mr4815719pju.130.1565340093885; Fri, 09 Aug 2019 01:41:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565340093; cv=none; d=google.com; s=arc-20160816; b=s7GsEWsTarqR0FV8ioU1vtZstKafgE8BXqA9Mn0j/uYbWm2YzeyITmgNRtHRgSayUh WtjgVUD8qEtW/gshwbj7+Dl2BgScRvf13pmBvvfui+jVXj+0vifq+KBx1xyauTVnSe+e qK+aIzGpaT2IxHyBY8UHTzMvDw9hj1AP8A70KOyPyYm5QH59LG3pduMvP6TTodvUUcs9 +ObJk9JAzRjhHVlZxe9cyFSnnXTHUraGezRqgugYIEncg8MWMun9gdZ7WOSBMUffrysK yAlWetoL4IJsIZclfbzo+Tf46IeVslwy0RUJgeSjRa/0YtrDDck4fz0p9YLL3U4MFHxq 7Yhw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=message-id:content-transfer-encoding:mime-version:references :in-reply-to:date:subject:cc:to:from; bh=H8A/coTF7+9kyLoTkdNkQGmFjwECtBuCUBSoO+bEiyE=; b=urXtU3H4e3IPPnGu6rLlnCLkOjLsmlhKIA2R9/id+14vdGjAYS2tcJjF6Kn806U2Oc BcaCywMagqJAsyNu+/59WcripXMyBDOCAkidEB0w/Do4+c536OZlf564ymXrtm+ULOPp MwvEOPeOCVEZVtJNSOaPFvyPJgbiOzJpH4PVU8ZlGwOvzNQ0fxr54o6tCvXz7TXzsW6d fM0RsdUZBz/MTPz04wTfDwjPE2cC5rRJQdm7BJiCP9HpcKzz7T+FmXgMPqOATtz/m+M/ kpO2FmdgcprUVBEIaNQ0nBY3jSU/MTKSHj7/2TSOKPkhqFgj9/5K84tvGMgzyY4Rl3KC vxdw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of bharata@linux.ibm.com designates 148.163.156.1 as permitted sender) smtp.mailfrom=bharata@linux.ibm.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com. [148.163.156.1]) by mx.google.com with ESMTPS id d4si52449243pgc.75.2019.08.09.01.41.33 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 09 Aug 2019 01:41:33 -0700 (PDT) Received-SPF: pass (google.com: domain of bharata@linux.ibm.com designates 148.163.156.1 as permitted sender) client-ip=148.163.156.1; Authentication-Results: mx.google.com; spf=pass (google.com: domain of bharata@linux.ibm.com designates 148.163.156.1 as permitted sender) smtp.mailfrom=bharata@linux.ibm.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: from pps.filterd (m0098394.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x798bc9N021131 for ; Fri, 9 Aug 2019 04:41:33 -0400 Received: from e06smtp01.uk.ibm.com (e06smtp01.uk.ibm.com [195.75.94.97]) by mx0a-001b2d01.pphosted.com with ESMTP id 2u93rwm7f6-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 09 Aug 2019 04:41:33 -0400 Received: from localhost by e06smtp01.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 9 Aug 2019 09:41:30 +0100 Received: from b06cxnps3075.portsmouth.uk.ibm.com (9.149.109.195) by e06smtp01.uk.ibm.com (192.168.101.131) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Fri, 9 Aug 2019 09:41:27 +0100 Received: from b06wcsmtp001.portsmouth.uk.ibm.com (b06wcsmtp001.portsmouth.uk.ibm.com [9.149.105.160]) by b06cxnps3075.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id x798fQGl50593842 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 9 Aug 2019 08:41:26 GMT Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 2DEDDA405F; Fri, 9 Aug 2019 08:41:26 +0000 (GMT) Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 10C40A4060; Fri, 9 Aug 2019 08:41:24 +0000 (GMT) Received: from bharata.ibmuc.com (unknown [9.85.95.61]) by b06wcsmtp001.portsmouth.uk.ibm.com (Postfix) with ESMTP; Fri, 9 Aug 2019 08:41:23 +0000 (GMT) From: Bharata B Rao To: linuxppc-dev@lists.ozlabs.org Cc: kvm-ppc@vger.kernel.org, linux-mm@kvack.org, paulus@au1.ibm.com, aneesh.kumar@linux.vnet.ibm.com, jglisse@redhat.com, linuxram@us.ibm.com, sukadev@linux.vnet.ibm.com, cclaudio@linux.ibm.com, hch@lst.de, Bharata B Rao , Paul Mackerras Subject: [PATCH v6 4/7] kvmppc: Handle memory plug/unplug to secure VM Date: Fri, 9 Aug 2019 14:11:05 +0530 X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190809084108.30343-1-bharata@linux.ibm.com> References: <20190809084108.30343-1-bharata@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 x-cbid: 19080908-4275-0000-0000-00000357054D X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19080908-4276-0000-0000-000038690CC9 Message-Id: <20190809084108.30343-5-bharata@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2019-08-09_02:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=1 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=762 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1906280000 definitions=main-1908090089 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Register the new memslot with UV during plug and unregister the memslot during unplug. Signed-off-by: Bharata B Rao Acked-by: Paul Mackerras --- arch/powerpc/include/asm/ultravisor-api.h | 1 + arch/powerpc/include/asm/ultravisor.h | 5 +++++ arch/powerpc/kvm/book3s_hv.c | 19 +++++++++++++++++++ 3 files changed, 25 insertions(+) diff --git a/arch/powerpc/include/asm/ultravisor-api.h b/arch/powerpc/include/asm/ultravisor-api.h index c578d9b13a56..46b1ee381695 100644 --- a/arch/powerpc/include/asm/ultravisor-api.h +++ b/arch/powerpc/include/asm/ultravisor-api.h @@ -26,6 +26,7 @@ #define UV_WRITE_PATE 0xF104 #define UV_RETURN 0xF11C #define UV_REGISTER_MEM_SLOT 0xF120 +#define UV_UNREGISTER_MEM_SLOT 0xF124 #define UV_PAGE_IN 0xF128 #define UV_PAGE_OUT 0xF12C diff --git a/arch/powerpc/include/asm/ultravisor.h b/arch/powerpc/include/asm/ultravisor.h index 8a722c575c56..79c415bf5ee8 100644 --- a/arch/powerpc/include/asm/ultravisor.h +++ b/arch/powerpc/include/asm/ultravisor.h @@ -40,4 +40,9 @@ static inline int uv_register_mem_slot(u64 lpid, u64 start_gpa, u64 size, size, flags, slotid); } +static inline int uv_unregister_mem_slot(u64 lpid, u64 slotid) +{ + return ucall_norets(UV_UNREGISTER_MEM_SLOT, lpid, slotid); +} + #endif /* _ASM_POWERPC_ULTRAVISOR_H */ diff --git a/arch/powerpc/kvm/book3s_hv.c b/arch/powerpc/kvm/book3s_hv.c index 33b8ebffbef0..13e31ef3583e 100644 --- a/arch/powerpc/kvm/book3s_hv.c +++ b/arch/powerpc/kvm/book3s_hv.c @@ -74,6 +74,7 @@ #include #include #include +#include #include "book3s.h" @@ -4504,6 +4505,24 @@ static void kvmppc_core_commit_memory_region_hv(struct kvm *kvm, if (change == KVM_MR_FLAGS_ONLY && kvm_is_radix(kvm) && ((new->flags ^ old->flags) & KVM_MEM_LOG_DIRTY_PAGES)) kvmppc_radix_flush_memslot(kvm, old); + /* + * If UV hasn't yet called H_SVM_INIT_START, don't register memslots. + */ + if (!kvm->arch.secure_guest) + return; + + /* + * TODO: Handle KVM_MR_MOVE + */ + if (change == KVM_MR_CREATE) { + uv_register_mem_slot(kvm->arch.lpid, + new->base_gfn << PAGE_SHIFT, + new->npages * PAGE_SIZE, + 0, + new->id); + } else if (change == KVM_MR_DELETE) { + uv_unregister_mem_slot(kvm->arch.lpid, old->id); + } } /* From patchwork Fri Aug 9 08:41:06 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bharata B Rao X-Patchwork-Id: 11085671 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 906EE14F7 for ; Fri, 9 Aug 2019 08:41:39 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 80F0128C2D for ; Fri, 9 Aug 2019 08:41:39 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 7536C28C3D; Fri, 9 Aug 2019 08:41:39 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B544628C2D for ; Fri, 9 Aug 2019 08:41:38 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 7FFB26B026D; Fri, 9 Aug 2019 04:41:35 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 698626B026A; Fri, 9 Aug 2019 04:41:35 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 472006B026C; Fri, 9 Aug 2019 04:41:35 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-yb1-f200.google.com (mail-yb1-f200.google.com [209.85.219.200]) by kanga.kvack.org (Postfix) with ESMTP id 1F4926B026A for ; Fri, 9 Aug 2019 04:41:35 -0400 (EDT) Received: by mail-yb1-f200.google.com with SMTP id f40so12329282ybj.2 for ; Fri, 09 Aug 2019 01:41:35 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:in-reply-to:references:mime-version :content-transfer-encoding:message-id; bh=uGMDR2CDCiIKgwl6n7dhirIOqTWlu1NJ7zZOKL5M/sc=; b=I0Kgefr2iYVvpNtO+Ig6G5OXDtZoSVJ2rHVauKmf/+lcs0pt3eaMrnDlgizgHri3of i/0tXu731e3rNFJqsQKxIos2xzg9+32UhzS5aXrnKYyRxNyDOsaBJt80KV/ZepEBZ5dz ffrxTMFpvP1atYWqx5fAStMqJ2qs5d2xs6t8BJ6PSYW7+5mNGhpSyHNg+yGRZK1P0oXf oYGVtMtS9B2qS2ZP6v4Qv2RUFWRcwC6ErItY2sTgcTM8K9+2dpMt4kRiV/JiEeUkoZu8 kQQGxvKGtmdgUjYUuOcS0KqENKgIXHjt296Yd20U+PimHaOP1FyoI0sc895FrftKr/GU PdYg== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of bharata@linux.ibm.com designates 148.163.158.5 as permitted sender) smtp.mailfrom=bharata@linux.ibm.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com X-Gm-Message-State: APjAAAXIU1SG/C2DA9juQyQQYY3Rs6CzX06mAgnWafBFmR5t4wplZW4U sBDPZRPjLlGxDhYQ+hdMW5D6h2GTUMjTxh3DUVjFiWanv3CDDL8xzl+QazbPz0Nnz1E1eWOi9o9 EJXWa1apdSjrb2ktYRbLnDD7VnuwEAKHSD4v3WH5INJTKXTibe8IspJlcUljcds0mzA== X-Received: by 2002:a81:3841:: with SMTP id f62mr5412370ywa.312.1565340094865; Fri, 09 Aug 2019 01:41:34 -0700 (PDT) X-Google-Smtp-Source: APXvYqy/+7V9fzEbfKyuGOzgZnQdpg4HDDR5xLby+SZE47AQ5it3YNe9Nlegg9Ci0ym+zuJGvchY X-Received: by 2002:a81:3841:: with SMTP id f62mr5412343ywa.312.1565340094097; Fri, 09 Aug 2019 01:41:34 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565340094; cv=none; d=google.com; s=arc-20160816; b=gD0gqPRaCCZjpM9bSy1eZvQDcjNuo3CoJjjLvgnhJpXOKh+EEVNXyHRtbQK1YqGKor t8dRkcgoR/5/S7BQ854RREid9lSYwsoSMnAG/YOsajzrX1+wXlYK3z2QzkYE0q9UPeqf Vgd3ggXEogzC9JUAd0yrpPi03MLJ9hvFkMd+Sap1Rok6LyWDDofHd9rX4qnoP7LS+lbA wttlU+G4xQ7O0o9K9RiDPoTz1XAzAZjEfODufIYY9erRsf4T7SpkuqLiuQ3PHc5JVs38 IxVMphsaCc+nvpjLQ+kanhaVscmybm5lzfT90VSavwRtIFOOB7k4xo4YGi1z2v16BOKV 4nzA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=message-id:content-transfer-encoding:mime-version:references :in-reply-to:date:subject:cc:to:from; bh=uGMDR2CDCiIKgwl6n7dhirIOqTWlu1NJ7zZOKL5M/sc=; b=j4lobqDEEKBAGGlmbqz0IPRXndevP19ecHRKUQoFq38BUCEWGdh/iAKB3/Q3zWJHFS ALWJckxMFWOlmc+7uKy4cyidACTISQQUFzxp6rZL4DFsCmv5LtWHh10J1t9Fg9AP3gZp /FVeB+n+QjD+GEgimKK0DSI62vZznUiDYoRUwimFWSw7nJaSGebCKtwQvhQOtdG0OTzQ bTMRhiymGAYZFVHh9BWloQDJv8VIbJV5rKkg0KCLvQmwOUT5bx8lCGivXE0F9QyScxPs rG2TXPe3omr/E+WODnI5iQPCcU8fYJvk/RGyw998Fo9Ld0wYLprb1Q/4ZJvEcWKUrhMN 506g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of bharata@linux.ibm.com designates 148.163.158.5 as permitted sender) smtp.mailfrom=bharata@linux.ibm.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: from mx0a-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com. [148.163.158.5]) by mx.google.com with ESMTPS id x3si4471036ybq.457.2019.08.09.01.41.34 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 09 Aug 2019 01:41:34 -0700 (PDT) Received-SPF: pass (google.com: domain of bharata@linux.ibm.com designates 148.163.158.5 as permitted sender) client-ip=148.163.158.5; Authentication-Results: mx.google.com; spf=pass (google.com: domain of bharata@linux.ibm.com designates 148.163.158.5 as permitted sender) smtp.mailfrom=bharata@linux.ibm.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: from pps.filterd (m0098414.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x798cIHD092958 for ; Fri, 9 Aug 2019 04:41:33 -0400 Received: from e06smtp03.uk.ibm.com (e06smtp03.uk.ibm.com [195.75.94.99]) by mx0b-001b2d01.pphosted.com with ESMTP id 2u92w7p603-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 09 Aug 2019 04:41:33 -0400 Received: from localhost by e06smtp03.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 9 Aug 2019 09:41:31 +0100 Received: from b06avi18878370.portsmouth.uk.ibm.com (9.149.26.194) by e06smtp03.uk.ibm.com (192.168.101.133) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Fri, 9 Aug 2019 09:41:30 +0100 Received: from b06wcsmtp001.portsmouth.uk.ibm.com (b06wcsmtp001.portsmouth.uk.ibm.com [9.149.105.160]) by b06avi18878370.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id x798fStq33423854 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 9 Aug 2019 08:41:28 GMT Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 6DFC0A4054; Fri, 9 Aug 2019 08:41:28 +0000 (GMT) Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 75D41A405B; Fri, 9 Aug 2019 08:41:26 +0000 (GMT) Received: from bharata.ibmuc.com (unknown [9.85.95.61]) by b06wcsmtp001.portsmouth.uk.ibm.com (Postfix) with ESMTP; Fri, 9 Aug 2019 08:41:26 +0000 (GMT) From: Bharata B Rao To: linuxppc-dev@lists.ozlabs.org Cc: kvm-ppc@vger.kernel.org, linux-mm@kvack.org, paulus@au1.ibm.com, aneesh.kumar@linux.vnet.ibm.com, jglisse@redhat.com, linuxram@us.ibm.com, sukadev@linux.vnet.ibm.com, cclaudio@linux.ibm.com, hch@lst.de, Bharata B Rao Subject: [PATCH v6 5/7] kvmppc: Radix changes for secure guest Date: Fri, 9 Aug 2019 14:11:06 +0530 X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190809084108.30343-1-bharata@linux.ibm.com> References: <20190809084108.30343-1-bharata@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 x-cbid: 19080908-0012-0000-0000-0000033CA6CA X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19080908-0013-0000-0000-00002176ABF4 Message-Id: <20190809084108.30343-6-bharata@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2019-08-09_02:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=3 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1906280000 definitions=main-1908090089 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP - After the guest becomes secure, when we handle a page fault of a page belonging to SVM in HV, send that page to UV via UV_PAGE_IN. - Whenever a page is unmapped on the HV side, inform UV via UV_PAGE_INVAL. - Ensure all those routines that walk the secondary page tables of the guest don't do so in case of secure VM. For secure guest, the active secondary page tables are in secure memory and the secondary page tables in HV are freed when guest becomes secure. Signed-off-by: Bharata B Rao --- arch/powerpc/include/asm/kvm_host.h | 12 ++++++++++++ arch/powerpc/include/asm/ultravisor-api.h | 1 + arch/powerpc/include/asm/ultravisor.h | 5 +++++ arch/powerpc/kvm/book3s_64_mmu_radix.c | 22 ++++++++++++++++++++++ arch/powerpc/kvm/book3s_hv_devm.c | 20 ++++++++++++++++++++ 5 files changed, 60 insertions(+) diff --git a/arch/powerpc/include/asm/kvm_host.h b/arch/powerpc/include/asm/kvm_host.h index 1827c22909cd..db680d7f5779 100644 --- a/arch/powerpc/include/asm/kvm_host.h +++ b/arch/powerpc/include/asm/kvm_host.h @@ -856,6 +856,8 @@ static inline void kvm_arch_vcpu_block_finish(struct kvm_vcpu *vcpu) {} #ifdef CONFIG_PPC_UV extern int kvmppc_devm_init(void); extern void kvmppc_devm_free(void); +extern bool kvmppc_is_guest_secure(struct kvm *kvm); +extern int kvmppc_send_page_to_uv(struct kvm *kvm, unsigned long gpa); #else static inline int kvmppc_devm_init(void) { @@ -863,6 +865,16 @@ static inline int kvmppc_devm_init(void) } static inline void kvmppc_devm_free(void) {} + +static inline bool kvmppc_is_guest_secure(struct kvm *kvm) +{ + return false; +} + +static inline int kvmppc_send_page_to_uv(struct kvm *kvm, unsigned long gpa) +{ + return -EFAULT; +} #endif /* CONFIG_PPC_UV */ #endif /* __POWERPC_KVM_HOST_H__ */ diff --git a/arch/powerpc/include/asm/ultravisor-api.h b/arch/powerpc/include/asm/ultravisor-api.h index 46b1ee381695..cf200d4ce703 100644 --- a/arch/powerpc/include/asm/ultravisor-api.h +++ b/arch/powerpc/include/asm/ultravisor-api.h @@ -29,5 +29,6 @@ #define UV_UNREGISTER_MEM_SLOT 0xF124 #define UV_PAGE_IN 0xF128 #define UV_PAGE_OUT 0xF12C +#define UV_PAGE_INVAL 0xF138 #endif /* _ASM_POWERPC_ULTRAVISOR_API_H */ diff --git a/arch/powerpc/include/asm/ultravisor.h b/arch/powerpc/include/asm/ultravisor.h index 79c415bf5ee8..640db659c8c8 100644 --- a/arch/powerpc/include/asm/ultravisor.h +++ b/arch/powerpc/include/asm/ultravisor.h @@ -45,4 +45,9 @@ static inline int uv_unregister_mem_slot(u64 lpid, u64 slotid) return ucall_norets(UV_UNREGISTER_MEM_SLOT, lpid, slotid); } +static inline int uv_page_inval(u64 lpid, u64 gpa, u64 page_shift) +{ + return ucall_norets(UV_PAGE_INVAL, lpid, gpa, page_shift); +} + #endif /* _ASM_POWERPC_ULTRAVISOR_H */ diff --git a/arch/powerpc/kvm/book3s_64_mmu_radix.c b/arch/powerpc/kvm/book3s_64_mmu_radix.c index 2d415c36a61d..93ad34e63045 100644 --- a/arch/powerpc/kvm/book3s_64_mmu_radix.c +++ b/arch/powerpc/kvm/book3s_64_mmu_radix.c @@ -19,6 +19,8 @@ #include #include #include +#include +#include /* * Supported radix tree geometry. @@ -915,6 +917,9 @@ int kvmppc_book3s_radix_page_fault(struct kvm_run *run, struct kvm_vcpu *vcpu, if (!(dsisr & DSISR_PRTABLE_FAULT)) gpa |= ea & 0xfff; + if (kvmppc_is_guest_secure(kvm)) + return kvmppc_send_page_to_uv(kvm, gpa & PAGE_MASK); + /* Get the corresponding memslot */ memslot = gfn_to_memslot(kvm, gfn); @@ -972,6 +977,11 @@ int kvm_unmap_radix(struct kvm *kvm, struct kvm_memory_slot *memslot, unsigned long gpa = gfn << PAGE_SHIFT; unsigned int shift; + if (kvmppc_is_guest_secure(kvm)) { + uv_page_inval(kvm->arch.lpid, gpa, PAGE_SIZE); + return 0; + } + ptep = __find_linux_pte(kvm->arch.pgtable, gpa, NULL, &shift); if (ptep && pte_present(*ptep)) kvmppc_unmap_pte(kvm, ptep, gpa, shift, memslot, @@ -989,6 +999,9 @@ int kvm_age_radix(struct kvm *kvm, struct kvm_memory_slot *memslot, int ref = 0; unsigned long old, *rmapp; + if (kvmppc_is_guest_secure(kvm)) + return ref; + ptep = __find_linux_pte(kvm->arch.pgtable, gpa, NULL, &shift); if (ptep && pte_present(*ptep) && pte_young(*ptep)) { old = kvmppc_radix_update_pte(kvm, ptep, _PAGE_ACCESSED, 0, @@ -1013,6 +1026,9 @@ int kvm_test_age_radix(struct kvm *kvm, struct kvm_memory_slot *memslot, unsigned int shift; int ref = 0; + if (kvmppc_is_guest_secure(kvm)) + return ref; + ptep = __find_linux_pte(kvm->arch.pgtable, gpa, NULL, &shift); if (ptep && pte_present(*ptep) && pte_young(*ptep)) ref = 1; @@ -1030,6 +1046,9 @@ static int kvm_radix_test_clear_dirty(struct kvm *kvm, int ret = 0; unsigned long old, *rmapp; + if (kvmppc_is_guest_secure(kvm)) + return ret; + ptep = __find_linux_pte(kvm->arch.pgtable, gpa, NULL, &shift); if (ptep && pte_present(*ptep) && pte_dirty(*ptep)) { ret = 1; @@ -1082,6 +1101,9 @@ void kvmppc_radix_flush_memslot(struct kvm *kvm, unsigned long gpa; unsigned int shift; + if (kvmppc_is_guest_secure(kvm)) + return; + gpa = memslot->base_gfn << PAGE_SHIFT; spin_lock(&kvm->mmu_lock); for (n = memslot->npages; n; --n) { diff --git a/arch/powerpc/kvm/book3s_hv_devm.c b/arch/powerpc/kvm/book3s_hv_devm.c index c55bb5f57928..9c4b05cd5b0a 100644 --- a/arch/powerpc/kvm/book3s_hv_devm.c +++ b/arch/powerpc/kvm/book3s_hv_devm.c @@ -65,6 +65,11 @@ struct kvmppc_devm_copy_args { unsigned long page_shift; }; +bool kvmppc_is_guest_secure(struct kvm *kvm) +{ + return !!(kvm->arch.secure_guest & KVMPPC_SECURE_INIT_DONE); +} + unsigned long kvmppc_h_svm_init_start(struct kvm *kvm) { struct kvm_memslots *slots; @@ -483,6 +488,21 @@ kvmppc_h_svm_page_out(struct kvm *kvm, unsigned long gpa, return ret; } +int kvmppc_send_page_to_uv(struct kvm *kvm, unsigned long gpa) +{ + unsigned long pfn; + int ret; + + pfn = gfn_to_pfn(kvm, gpa >> PAGE_SHIFT); + if (is_error_noslot_pfn(pfn)) + return -EFAULT; + + ret = uv_page_in(kvm->arch.lpid, pfn << PAGE_SHIFT, gpa, 0, PAGE_SHIFT); + kvm_release_pfn_clean(pfn); + + return (ret == U_SUCCESS) ? RESUME_GUEST : -EFAULT; +} + static u64 kvmppc_get_secmem_size(void) { struct device_node *np; From patchwork Fri Aug 9 08:41:07 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bharata B Rao X-Patchwork-Id: 11085677 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 0F80E14F7 for ; Fri, 9 Aug 2019 08:41:47 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id F2A5028C2D for ; Fri, 9 Aug 2019 08:41:46 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id E718B28C3B; Fri, 9 Aug 2019 08:41:46 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E0E2728C2D for ; Fri, 9 Aug 2019 08:41:45 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 75C236B026B; Fri, 9 Aug 2019 04:41:44 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 70BB86B026C; Fri, 9 Aug 2019 04:41:44 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 58A516B026E; Fri, 9 Aug 2019 04:41:44 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-yb1-f198.google.com (mail-yb1-f198.google.com [209.85.219.198]) by kanga.kvack.org (Postfix) with ESMTP id 29D486B026B for ; Fri, 9 Aug 2019 04:41:44 -0400 (EDT) Received: by mail-yb1-f198.google.com with SMTP id g127so4830206ybf.0 for ; Fri, 09 Aug 2019 01:41:44 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:in-reply-to:references:mime-version :content-transfer-encoding:message-id; bh=PM/VxY7pcetXHqPJZw+oJVwJ6JUp3U67BImgkIZCB7Y=; b=ezI/Skfd04CwuX7bUuafxUae8ZQW1Y5i2S11UNVUTbHgNnH210Kd3TBX5Rmc67ttIQ L2i3G5c9EQl+5Ul1ExxiHBxCjJCLnuPfl40wHsxXa2nGIHj8cuVQy03WK5hX0k/2G8yp FAxQk7Ja8Xc3ZjvRUxJRZuvcsgKjAR//fqCN3CAUICAPsGcwbkCXO5zAPPwctSncwXJi NiBZHvjxdo3qBgJVY6kCkAlI5buNTOiFyE+iwOv/aHr1H8jXjr+bdp5JbP5HVKKP5ctu Uj0VUDO/iau6ufQk1WqH7Xztw75TX5oBDcZXaic63fLxlO9o0Jwl7dNNQjh4AYBkng9q 4biA== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of bharata@linux.ibm.com designates 148.163.158.5 as permitted sender) smtp.mailfrom=bharata@linux.ibm.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com X-Gm-Message-State: APjAAAWogKpLQOleS9zrZukHbZdrap9O1oLfArEiGtG6N9qaFgTCBkh+ JqXsVBAVIDutDsj9X6Wgo9mm6HPXUe2PHAMR8C3DVxHCVX4+yPfm6SCa9qpfbGIQpWrWZSPcH71 G3MSsHMtz2hIzDXFoj2KyTkYgUaFGLNObRV7jI947Z2mmwfWvEedLCGqaYlhw47wpvw== X-Received: by 2002:a81:3841:: with SMTP id f62mr5412642ywa.312.1565340103899; Fri, 09 Aug 2019 01:41:43 -0700 (PDT) X-Google-Smtp-Source: APXvYqzG8HCjvJ2PHGt5By5xpS62R7tWBh7GT+xBn/QiwNEHSCsaZZW5W5sTVQL3qq9bE7lejGiH X-Received: by 2002:a81:3841:: with SMTP id f62mr5412593ywa.312.1565340102330; Fri, 09 Aug 2019 01:41:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565340102; cv=none; d=google.com; s=arc-20160816; b=D3syHOiwnyFtzIm5J1v8GgvE7juEsSiSnMo8Dr/99Sa2wbF4nm4hpuM+ySKfG4YKQW MmyndNBxLOIi34RwX+s72wvirizCUTLldYhMuJwOpPM17njhbS38ILrAgWI3bWPH9hG+ sE4yMBIdwKfUmF/hwWQd4D8cK8MeH39rGpo5dxxTQc4PMYPZiZGfAugdWDhSNHGQlWEl PFZpSRDCQ7gG2ExQKT/TX/ya7MK1oTwfy8JHEyFvf+dmEnJU8TSayub25wTAFd3XrGTx PNLSsFZb0sYJro0ngU9t+HQXZNnS9zy0COwEt2pBGBA1ok2cgYzJwQMKMXh24omKSFhq AkwA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=message-id:content-transfer-encoding:mime-version:references :in-reply-to:date:subject:cc:to:from; bh=PM/VxY7pcetXHqPJZw+oJVwJ6JUp3U67BImgkIZCB7Y=; b=tZQsN/AhWEt3FHEwsA8LWIcbQ2XHJQCDtweECvcpA0BdDiuBAKwbV0MS6+2BLc6CT7 P5mogC0QxMfMpX/cfXGDwMQ76VVTrymnGT+EGK+qcmcKdG1riuN3fXnGm4yJysYjd6NI FyzakDMZN5UWENd77u6kqRiaTAbsLAPg03sv/dRxKCwszKBPKkDMlQXVk49WdVfVCLSq bWoIGbKgOqHngyXZYM2LAJ1gsqJPltf9UJXU9+JA1cb/kHxEA7W7QG8weatsxCHcZJFV n7ntbA5Q082+4aIVxRd/T2hBs7fU0yDe0iULMSGcvQbIX/z6MZtsQ3v7+sSFfRwCSkZi BATQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of bharata@linux.ibm.com designates 148.163.158.5 as permitted sender) smtp.mailfrom=bharata@linux.ibm.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: from mx0a-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com. [148.163.158.5]) by mx.google.com with ESMTPS id w9si2800708ybq.432.2019.08.09.01.41.42 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 09 Aug 2019 01:41:42 -0700 (PDT) Received-SPF: pass (google.com: domain of bharata@linux.ibm.com designates 148.163.158.5 as permitted sender) client-ip=148.163.158.5; Authentication-Results: mx.google.com; spf=pass (google.com: domain of bharata@linux.ibm.com designates 148.163.158.5 as permitted sender) smtp.mailfrom=bharata@linux.ibm.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: from pps.filterd (m0098417.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x798bdTh005460 for ; Fri, 9 Aug 2019 04:41:41 -0400 Received: from e06smtp07.uk.ibm.com (e06smtp07.uk.ibm.com [195.75.94.103]) by mx0a-001b2d01.pphosted.com with ESMTP id 2u940u3nm3-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 09 Aug 2019 04:41:37 -0400 Received: from localhost by e06smtp07.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 9 Aug 2019 09:41:35 +0100 Received: from b06cxnps3074.portsmouth.uk.ibm.com (9.149.109.194) by e06smtp07.uk.ibm.com (192.168.101.137) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Fri, 9 Aug 2019 09:41:32 +0100 Received: from b06wcsmtp001.portsmouth.uk.ibm.com (b06wcsmtp001.portsmouth.uk.ibm.com [9.149.105.160]) by b06cxnps3074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id x798fUil41091204 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 9 Aug 2019 08:41:30 GMT Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id B14B8A405B; Fri, 9 Aug 2019 08:41:30 +0000 (GMT) Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id BA357A4060; Fri, 9 Aug 2019 08:41:28 +0000 (GMT) Received: from bharata.ibmuc.com (unknown [9.85.95.61]) by b06wcsmtp001.portsmouth.uk.ibm.com (Postfix) with ESMTP; Fri, 9 Aug 2019 08:41:28 +0000 (GMT) From: Bharata B Rao To: linuxppc-dev@lists.ozlabs.org Cc: kvm-ppc@vger.kernel.org, linux-mm@kvack.org, paulus@au1.ibm.com, aneesh.kumar@linux.vnet.ibm.com, jglisse@redhat.com, linuxram@us.ibm.com, sukadev@linux.vnet.ibm.com, cclaudio@linux.ibm.com, hch@lst.de, Bharata B Rao Subject: [PATCH v6 6/7] kvmppc: Support reset of secure guest Date: Fri, 9 Aug 2019 14:11:07 +0530 X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190809084108.30343-1-bharata@linux.ibm.com> References: <20190809084108.30343-1-bharata@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 x-cbid: 19080908-0028-0000-0000-0000038DA5B3 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19080908-0029-0000-0000-0000244FAAD5 Message-Id: <20190809084108.30343-7-bharata@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2019-08-09_02:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=3 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1906280000 definitions=main-1908090089 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Add support for reset of secure guest via a new ioctl KVM_PPC_SVM_OFF. This ioctl will be issued by QEMU during reset and includes the the following steps: - Ask UV to terminate the guest via UV_SVM_TERMINATE ucall - Unpin the VPA pages so that they can be migrated back to secure side when guest becomes secure again. This is required because pinned pages can't be migrated. - Reinitialize guest's partitioned scoped page tables. These are freed when guest become secure (H_SVM_INIT_DONE) - Release all device pages of the secure guest. After these steps, guest is ready to issue UV_ESM call once again to switch to secure mode. Signed-off-by: Bharata B Rao Signed-off-by: Sukadev Bhattiprolu [Implementation of uv_svm_terminate() and its call from guest shutdown path] Signed-off-by: Ram Pai [Unpinning of VPA pages] --- Documentation/virtual/kvm/api.txt | 18 ++++++ arch/powerpc/include/asm/kvm_book3s_devm.h | 7 +++ arch/powerpc/include/asm/kvm_ppc.h | 2 + arch/powerpc/include/asm/ultravisor-api.h | 1 + arch/powerpc/include/asm/ultravisor.h | 5 ++ arch/powerpc/kvm/book3s_hv.c | 70 ++++++++++++++++++++++ arch/powerpc/kvm/book3s_hv_devm.c | 61 +++++++++++++++++++ arch/powerpc/kvm/powerpc.c | 12 ++++ include/uapi/linux/kvm.h | 1 + 9 files changed, 177 insertions(+) diff --git a/Documentation/virtual/kvm/api.txt b/Documentation/virtual/kvm/api.txt index e54a3f51ddc5..6fdd140dd9af 100644 --- a/Documentation/virtual/kvm/api.txt +++ b/Documentation/virtual/kvm/api.txt @@ -4111,6 +4111,24 @@ Valid values for 'action': #define KVM_PMU_EVENT_ALLOW 0 #define KVM_PMU_EVENT_DENY 1 +4.121 KVM_PPC_SVM_OFF + +Capability: basic +Architectures: powerpc +Type: vm ioctl +Parameters: none +Returns: 0 on successful completion, +Errors: + EINVAL: if ultravisor failed to terminate the secure guest + ENOMEM: if hypervisor failed to allocate new radix page tables for guest + +This ioctl is used to turn off the secure mode of the guest or transition +the guest from secure mode to normal mode. This is invoked when the guest +is reset. This has no effect if called for a normal guest. + +This ioctl issues an ultravisor call to terminate the secure guest, +unpin the VPA pages, reinitialize guest's partition scoped page +tables and releases all the HMM pages that is associated with this guest. 5. The kvm_run structure ------------------------ diff --git a/arch/powerpc/include/asm/kvm_book3s_devm.h b/arch/powerpc/include/asm/kvm_book3s_devm.h index 8c7aacabb2e0..6d97da320400 100644 --- a/arch/powerpc/include/asm/kvm_book3s_devm.h +++ b/arch/powerpc/include/asm/kvm_book3s_devm.h @@ -13,6 +13,8 @@ extern unsigned long kvmppc_h_svm_page_out(struct kvm *kvm, unsigned long page_shift); extern unsigned long kvmppc_h_svm_init_start(struct kvm *kvm); extern unsigned long kvmppc_h_svm_init_done(struct kvm *kvm); +extern void kvmppc_devm_free_memslot_pfns(struct kvm *kvm, + struct kvm_memslots *slots); #else static inline unsigned long kvmppc_h_svm_page_in(struct kvm *kvm, unsigned long gra, @@ -37,5 +39,10 @@ static inline unsigned long kvmppc_h_svm_init_done(struct kvm *kvm) { return H_UNSUPPORTED; } + +static inline void kvmppc_devm_free_memslot_pfns(struct kvm *kvm, + struct kvm_memslots *slots) +{ +} #endif /* CONFIG_PPC_UV */ #endif /* __POWERPC_KVM_PPC_HMM_H__ */ diff --git a/arch/powerpc/include/asm/kvm_ppc.h b/arch/powerpc/include/asm/kvm_ppc.h index 2484e6a8f5ca..e4093d067354 100644 --- a/arch/powerpc/include/asm/kvm_ppc.h +++ b/arch/powerpc/include/asm/kvm_ppc.h @@ -177,6 +177,7 @@ extern void kvm_spapr_tce_release_iommu_group(struct kvm *kvm, extern int kvmppc_switch_mmu_to_hpt(struct kvm *kvm); extern int kvmppc_switch_mmu_to_radix(struct kvm *kvm); extern void kvmppc_setup_partition_table(struct kvm *kvm); +extern int kvmppc_reinit_partition_table(struct kvm *kvm); extern long kvm_vm_ioctl_create_spapr_tce(struct kvm *kvm, struct kvm_create_spapr_tce_64 *args); @@ -321,6 +322,7 @@ struct kvmppc_ops { int size); int (*store_to_eaddr)(struct kvm_vcpu *vcpu, ulong *eaddr, void *ptr, int size); + int (*svm_off)(struct kvm *kvm); }; extern struct kvmppc_ops *kvmppc_hv_ops; diff --git a/arch/powerpc/include/asm/ultravisor-api.h b/arch/powerpc/include/asm/ultravisor-api.h index cf200d4ce703..3a27a0c0be05 100644 --- a/arch/powerpc/include/asm/ultravisor-api.h +++ b/arch/powerpc/include/asm/ultravisor-api.h @@ -30,5 +30,6 @@ #define UV_PAGE_IN 0xF128 #define UV_PAGE_OUT 0xF12C #define UV_PAGE_INVAL 0xF138 +#define UV_SVM_TERMINATE 0xF13C #endif /* _ASM_POWERPC_ULTRAVISOR_API_H */ diff --git a/arch/powerpc/include/asm/ultravisor.h b/arch/powerpc/include/asm/ultravisor.h index 640db659c8c8..03d4fd49fa0d 100644 --- a/arch/powerpc/include/asm/ultravisor.h +++ b/arch/powerpc/include/asm/ultravisor.h @@ -50,4 +50,9 @@ static inline int uv_page_inval(u64 lpid, u64 gpa, u64 page_shift) return ucall_norets(UV_PAGE_INVAL, lpid, gpa, page_shift); } +static inline int uv_svm_terminate(u64 lpid) +{ + return ucall_norets(UV_SVM_TERMINATE, lpid); +} + #endif /* _ASM_POWERPC_ULTRAVISOR_H */ diff --git a/arch/powerpc/kvm/book3s_hv.c b/arch/powerpc/kvm/book3s_hv.c index 13e31ef3583e..b348452b2a93 100644 --- a/arch/powerpc/kvm/book3s_hv.c +++ b/arch/powerpc/kvm/book3s_hv.c @@ -2433,6 +2433,15 @@ static void unpin_vpa(struct kvm *kvm, struct kvmppc_vpa *vpa) vpa->dirty); } +static void unpin_vpa_reset(struct kvm *kvm, struct kvmppc_vpa *vpa) +{ + unpin_vpa(kvm, vpa); + vpa->gpa = 0; + vpa->pinned_addr = NULL; + vpa->dirty = false; + vpa->update_pending = 0; +} + static void kvmppc_core_vcpu_free_hv(struct kvm_vcpu *vcpu) { spin_lock(&vcpu->arch.vpa_update_lock); @@ -4578,6 +4587,22 @@ void kvmppc_setup_partition_table(struct kvm *kvm) kvmhv_set_ptbl_entry(kvm->arch.lpid, dw0, dw1); } +/* + * Called from KVM_PPC_SVM_OFF ioctl at guest reset time when secure + * guest is converted back to normal guest. + */ +int kvmppc_reinit_partition_table(struct kvm *kvm) +{ + int ret; + + ret = kvmppc_init_vm_radix(kvm); + if (ret) + return ret; + + kvmppc_setup_partition_table(kvm); + return 0; +} + /* * Set up HPT (hashed page table) and RMA (real-mode area). * Must be called with kvm->arch.mmu_setup_lock held. @@ -4965,6 +4990,7 @@ static void kvmppc_core_destroy_vm_hv(struct kvm *kvm) if (nesting_enabled(kvm)) kvmhv_release_all_nested(kvm); kvm->arch.process_table = 0; + uv_svm_terminate(kvm->arch.lpid); kvmhv_set_ptbl_entry(kvm->arch.lpid, 0, 0); } kvmppc_free_lpid(kvm->arch.lpid); @@ -5406,6 +5432,49 @@ static int kvmhv_store_to_eaddr(struct kvm_vcpu *vcpu, ulong *eaddr, void *ptr, return rc; } +/* + * IOCTL handler to turn off secure mode of guest + * + * - Issue ucall to terminate the guest on the UV side + * - Unpin the VPA pages (Enables these pages to be migrated back + * when VM becomes secure again) + * - Recreate partition table as the guest is transitioning back to + * normal mode + * - Release all HMM pages + */ +static int kvmhv_svm_off(struct kvm *kvm) +{ + struct kvm_vcpu *vcpu; + int ret = 0; + int i; + + if (kvmppc_is_guest_secure(kvm)) { + ret = uv_svm_terminate(kvm->arch.lpid); + if (ret != U_SUCCESS) { + ret = -EINVAL; + goto out; + } + + kvm_for_each_vcpu(i, vcpu, kvm) { + spin_lock(&vcpu->arch.vpa_update_lock); + unpin_vpa_reset(kvm, &vcpu->arch.dtl); + unpin_vpa_reset(kvm, &vcpu->arch.slb_shadow); + unpin_vpa_reset(kvm, &vcpu->arch.vpa); + spin_unlock(&vcpu->arch.vpa_update_lock); + } + + ret = kvmppc_reinit_partition_table(kvm); + if (ret) + goto out; + kvm->arch.secure_guest = 0; + for (i = 0; i < KVM_ADDRESS_SPACE_NUM; i++) + kvmppc_devm_free_memslot_pfns(kvm, + __kvm_memslots(kvm, i)); + } +out: + return ret; +} + static struct kvmppc_ops kvm_ops_hv = { .get_sregs = kvm_arch_vcpu_ioctl_get_sregs_hv, .set_sregs = kvm_arch_vcpu_ioctl_set_sregs_hv, @@ -5448,6 +5517,7 @@ static struct kvmppc_ops kvm_ops_hv = { .enable_nested = kvmhv_enable_nested, .load_from_eaddr = kvmhv_load_from_eaddr, .store_to_eaddr = kvmhv_store_to_eaddr, + .svm_off = kvmhv_svm_off, }; static int kvm_init_subcore_bitmap(void) diff --git a/arch/powerpc/kvm/book3s_hv_devm.c b/arch/powerpc/kvm/book3s_hv_devm.c index 9c4b05cd5b0a..1a33283192c2 100644 --- a/arch/powerpc/kvm/book3s_hv_devm.c +++ b/arch/powerpc/kvm/book3s_hv_devm.c @@ -38,6 +38,8 @@ #include #include #include +#include +#include struct kvmppc_devm_device { struct device dev; @@ -101,6 +103,12 @@ unsigned long kvmppc_h_svm_init_done(struct kvm *kvm) return H_UNSUPPORTED; kvm->arch.secure_guest |= KVMPPC_SECURE_INIT_DONE; + if (kvm_is_radix(kvm)) { + pr_info("LPID %d went secure, freeing HV side radix pgtables\n", + kvm->arch.lpid); + kvmppc_free_radix(kvm); + } + return H_SUCCESS; } @@ -116,6 +124,59 @@ static inline bool kvmppc_is_devm_pfn(unsigned long pfn) return !!(pfn & KVMPPC_PFN_DEVM); } +/* + * Drop device pages that we maintain for the secure guest + * + * We first mark the pages to be skipped from UV_PAGE_OUT when there + * is HV side fault on these pages. Next we *get* these pages, forcing + * fault on them, do fault time migration to replace the device PTEs in + * QEMU page table with normal PTEs from newly allocated pages. + */ +static void kvmppc_devm_drop_pages(struct kvm_memory_slot *free, + struct kvm *kvm) +{ + int i; + struct kvmppc_devm_page_pvt *pvt; + unsigned long pfn; + + for (i = 0; i < free->npages; i++) { + unsigned long *rmap = &free->arch.rmap[i]; + struct page *devm_page; + + if (kvmppc_is_devm_pfn(*rmap)) { + devm_page = pfn_to_page(*rmap & ~KVMPPC_PFN_DEVM); + pvt = (struct kvmppc_devm_page_pvt *) + devm_page->zone_device_data; + pvt->skip_page_out = true; + + pfn = gfn_to_pfn(kvm, pvt->gpa >> PAGE_SHIFT); + if (is_error_noslot_pfn(pfn)) + continue; + kvm_release_pfn_clean(pfn); + } + } +} + +/* + * Called from KVM_PPC_SVM_OFF ioctl when secure guest is reset + * + * UV has already cleaned up the guest, we release any device pages + * that we maintain + */ +void kvmppc_devm_free_memslot_pfns(struct kvm *kvm, struct kvm_memslots *slots) +{ + struct kvm_memory_slot *memslot; + int srcu_idx; + + if (!slots) + return; + + srcu_idx = srcu_read_lock(&kvm->srcu); + kvm_for_each_memslot(memslot, slots) + kvmppc_devm_drop_pages(memslot, kvm); + srcu_read_unlock(&kvm->srcu, srcu_idx); +} + /* * Get a free device PFN from the pool * diff --git a/arch/powerpc/kvm/powerpc.c b/arch/powerpc/kvm/powerpc.c index 0dba7eb24f92..77dceaa8fb55 100644 --- a/arch/powerpc/kvm/powerpc.c +++ b/arch/powerpc/kvm/powerpc.c @@ -31,6 +31,8 @@ #include #include #endif +#include +#include #include "timing.h" #include "irq.h" @@ -2415,6 +2417,16 @@ long kvm_arch_vm_ioctl(struct file *filp, r = -EFAULT; break; } + case KVM_PPC_SVM_OFF: { + struct kvm *kvm = filp->private_data; + + r = 0; + if (!kvm->arch.kvm_ops->svm_off) + goto out; + + r = kvm->arch.kvm_ops->svm_off(kvm); + break; + } default: { struct kvm *kvm = filp->private_data; r = kvm->arch.kvm_ops->arch_vm_ioctl(filp, ioctl, arg); diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index a7c19540ce21..07041a64e21f 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -1332,6 +1332,7 @@ struct kvm_s390_ucas_mapping { #define KVM_PPC_GET_CPU_CHAR _IOR(KVMIO, 0xb1, struct kvm_ppc_cpu_char) /* Available with KVM_CAP_PMU_EVENT_FILTER */ #define KVM_SET_PMU_EVENT_FILTER _IOW(KVMIO, 0xb2, struct kvm_pmu_event_filter) +#define KVM_PPC_SVM_OFF _IO(KVMIO, 0xb3) /* ioctl for vm fd */ #define KVM_CREATE_DEVICE _IOWR(KVMIO, 0xe0, struct kvm_create_device) From patchwork Fri Aug 9 08:41:08 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bharata B Rao X-Patchwork-Id: 11085675 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id C5D201395 for ; Fri, 9 Aug 2019 08:41:43 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B5DD028C2D for ; Fri, 9 Aug 2019 08:41:43 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id AA11F28C3B; Fri, 9 Aug 2019 08:41:43 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 24DE328C2D for ; Fri, 9 Aug 2019 08:41:43 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 9570F6B0269; Fri, 9 Aug 2019 04:41:41 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 8E0B36B026B; Fri, 9 Aug 2019 04:41:41 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 6BE706B026C; Fri, 9 Aug 2019 04:41:41 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pf1-f197.google.com (mail-pf1-f197.google.com [209.85.210.197]) by kanga.kvack.org (Postfix) with ESMTP id 311FD6B0269 for ; Fri, 9 Aug 2019 04:41:41 -0400 (EDT) Received: by mail-pf1-f197.google.com with SMTP id j22so60953881pfe.11 for ; Fri, 09 Aug 2019 01:41:41 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:in-reply-to:references:mime-version :content-transfer-encoding:message-id; bh=joheOuv75wiZDhRK/dGRAMxToLZySRFQgPGD7osns0c=; b=DOleq1/1etNtaGVj4EwHKUe+kOxKyNTtv5zWgKCNjm8M0gsrZT18vL6DpgBdOAC3x9 Zx2LFAeHllD1DdtwySmc+ghCUOouEVwF5pnKCWpllKu3M6PjnmfeWnSrfOf+CAWRbMnT l0G2XpdNGBAyK8oYhqebTpSZKQJTl7Lm9ILSdHEIUiNg3j2m3F6q16TInd+/+LgcdZC/ pv7v5NTEc2HoTOdo0H53VWhjCTi38iQ0aTfYQANHv5StWdgXxRxwWpZqdB3NXFQMK0v3 pjyYPLV7ifLiUvBxkEr6CyfdWhCmGbNpWjAGVGK83T/WrzpDfOfpBYJ7lJmrNByISlDp BC1w== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of bharata@linux.ibm.com designates 148.163.156.1 as permitted sender) smtp.mailfrom=bharata@linux.ibm.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com X-Gm-Message-State: APjAAAVr7mFq31EwYMPBcb3FIF0Ijc0ucm3BOzfv6J+8r45JHpZyUKg+ iuYdsYc7L70FBsb4c702lKrqJDWWKvGhKTIEFnmRpWDllaiUw2mZCSTc66+b4j26p7pHF6W5ivX dajbPryWL/8qZyXrwQ413PAsQcrEFFQpRTgvMzO2DOUHOZ3hqdlGAj46b4DqSKmHPTQ== X-Received: by 2002:a62:8343:: with SMTP id h64mr2286082pfe.170.1565340100882; Fri, 09 Aug 2019 01:41:40 -0700 (PDT) X-Google-Smtp-Source: APXvYqxfq/D6hvAfffDcMjiJl64dHWIXTrR5TIQnsoe02hKwl4DUHmp0J3lYGMwN+pmnsy7eOkLE X-Received: by 2002:a62:8343:: with SMTP id h64mr2286040pfe.170.1565340100214; Fri, 09 Aug 2019 01:41:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565340100; cv=none; d=google.com; s=arc-20160816; b=ESYOmK3DbctSPC6rPNt0Ki4I4k+MuNMYGVBG06m+BVBuoBJ/0gXyiQtVVzK0L/ALEu KdtxsPuk7CaUHv5er6meM6NSzFeo3/1H9ivRKvPYgytEt1i19/fLJiUUCWwEXoIZKBvi tnuRFvtCmmnaYN0uGA+iTR3rUocbWdWU4c7QWzhHPrD4YD8yFpnadVsAThLqX3K9SRgx w0xPh2VyCV9xzI8G7zcQz8tp2q+HRfNuRpsfITmLbEbhjz/cw2XFNsn9Ikb6l+nTka4F gdZnPH1p3KLCMCI3ENPjUfjRl9wTFa3q36mibhIFSgocLma3tsXi+MEfb+Z1xJIqVxVT jgZg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=message-id:content-transfer-encoding:mime-version:references :in-reply-to:date:subject:cc:to:from; bh=joheOuv75wiZDhRK/dGRAMxToLZySRFQgPGD7osns0c=; b=h87httjbIPGrosIMsygffdjtUdn0Z3ni8O+59Zaro4cilm90lZr1MZAS14712JJ9UV rmY1sWaRtku4TwckV8Di5N2vVb/vj/aOdgPprgSr+GV+jgO6P/bY3V5Cmdq7m2qoWJCe Bw5D+DYnCjurJowF2blvqt/3GcegXmrWU8qPGMvkvBfPUtPiBT+n6qhIuXZZIHbg6sXH qy1SSzWKfsrXKQVviRmdlxCqomqZBHcX4WWaEi2MI//+XVkj8jSp0ZSSo6TUbyCBm0JN 29YeA6RFjuNvGV+S4uJlew9IbYyeDAZcMLAkwTe4S1C1SBMuQUvfNPG+iEecmIdbtySV UM2w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of bharata@linux.ibm.com designates 148.163.156.1 as permitted sender) smtp.mailfrom=bharata@linux.ibm.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com. [148.163.156.1]) by mx.google.com with ESMTPS id a6si49491140pla.259.2019.08.09.01.41.40 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 09 Aug 2019 01:41:40 -0700 (PDT) Received-SPF: pass (google.com: domain of bharata@linux.ibm.com designates 148.163.156.1 as permitted sender) client-ip=148.163.156.1; Authentication-Results: mx.google.com; spf=pass (google.com: domain of bharata@linux.ibm.com designates 148.163.156.1 as permitted sender) smtp.mailfrom=bharata@linux.ibm.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: from pps.filterd (m0098393.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x798btxQ101105 for ; Fri, 9 Aug 2019 04:41:39 -0400 Received: from e06smtp03.uk.ibm.com (e06smtp03.uk.ibm.com [195.75.94.99]) by mx0a-001b2d01.pphosted.com with ESMTP id 2u94vqhdst-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 09 Aug 2019 04:41:39 -0400 Received: from localhost by e06smtp03.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 9 Aug 2019 09:41:37 +0100 Received: from b06cxnps3075.portsmouth.uk.ibm.com (9.149.109.195) by e06smtp03.uk.ibm.com (192.168.101.133) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Fri, 9 Aug 2019 09:41:34 +0100 Received: from b06wcsmtp001.portsmouth.uk.ibm.com (b06wcsmtp001.portsmouth.uk.ibm.com [9.149.105.160]) by b06cxnps3075.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id x798fX9V61735158 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 9 Aug 2019 08:41:33 GMT Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 2661DA4065; Fri, 9 Aug 2019 08:41:33 +0000 (GMT) Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 05288A405B; Fri, 9 Aug 2019 08:41:31 +0000 (GMT) Received: from bharata.ibmuc.com (unknown [9.85.95.61]) by b06wcsmtp001.portsmouth.uk.ibm.com (Postfix) with ESMTP; Fri, 9 Aug 2019 08:41:30 +0000 (GMT) From: Bharata B Rao To: linuxppc-dev@lists.ozlabs.org Cc: kvm-ppc@vger.kernel.org, linux-mm@kvack.org, paulus@au1.ibm.com, aneesh.kumar@linux.vnet.ibm.com, jglisse@redhat.com, linuxram@us.ibm.com, sukadev@linux.vnet.ibm.com, cclaudio@linux.ibm.com, hch@lst.de, Anshuman Khandual , Bharata B Rao Subject: [PATCH v6 7/7] KVM: PPC: Ultravisor: Add PPC_UV config option Date: Fri, 9 Aug 2019 14:11:08 +0530 X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190809084108.30343-1-bharata@linux.ibm.com> References: <20190809084108.30343-1-bharata@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 x-cbid: 19080908-0012-0000-0000-0000033CA6CF X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19080908-0013-0000-0000-00002176ABF7 Message-Id: <20190809084108.30343-8-bharata@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2019-08-09_02:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=1 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=939 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1906280000 definitions=main-1908090089 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Anshuman Khandual CONFIG_PPC_UV adds support for ultravisor. Signed-off-by: Anshuman Khandual Signed-off-by: Bharata B Rao Signed-off-by: Ram Pai [ Update config help and commit message ] Signed-off-by: Claudio Carvalho --- arch/powerpc/Kconfig | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig index d8dcd8820369..8b36ca5ed3b0 100644 --- a/arch/powerpc/Kconfig +++ b/arch/powerpc/Kconfig @@ -448,6 +448,24 @@ config PPC_TRANSACTIONAL_MEM help Support user-mode Transactional Memory on POWERPC. +config PPC_UV + bool "Ultravisor support" + depends on KVM_BOOK3S_HV_POSSIBLE + select ZONE_DEVICE + select MIGRATE_VMA_HELPER + select DEV_PAGEMAP_OPS + select DEVICE_PRIVATE + select MEMORY_HOTPLUG + select MEMORY_HOTREMOVE + default n + help + This option paravirtualizes the kernel to run in POWER platforms that + supports the Protected Execution Facility (PEF). In such platforms, + the ultravisor firmware runs at a privilege level above the + hypervisor. + + If unsure, say "N". + config LD_HEAD_STUB_CATCH bool "Reserve 256 bytes to cope with linker stubs in HEAD text" if EXPERT depends on PPC64