From: Thiago Jung Bauermann <bauerman@linux.ibm.com>
To: linuxppc-dev@lists.ozlabs.org
Cc: Anshuman Khandual <anshuman.linux@gmail.com>,
Alexey Kardashevskiy <aik@ozlabs.ru>,
Mike Anderson <andmike@linux.ibm.com>,
Ram Pai <linuxram@us.ibm.com>,
linux-kernel@vger.kernel.org,
Claudio Carvalho <cclaudio@linux.ibm.com>,
Paul Mackerras <paulus@samba.org>, Christoph Hellwig <hch@lst.de>,
Thiago Jung Bauermann <bauerman@linux.ibm.com>,
Anshuman Khandual <khandual@linux.vnet.ibm.com>
Subject: [PATCH 07/12] powerpc/pseries/svm: Use shared memory for Debug Trace Log (DTL)
Date: Tue, 21 May 2019 01:49:07 -0300 [thread overview]
Message-ID: <20190521044912.1375-8-bauerman@linux.ibm.com> (raw)
In-Reply-To: <20190521044912.1375-1-bauerman@linux.ibm.com>
From: Anshuman Khandual <khandual@linux.vnet.ibm.com>
Secure guests need to share the DTL buffers with the hypervisor. To that
end, use a kmem_cache constructor which converts the underlying buddy
allocated SLUB cache pages into shared memory.
Signed-off-by: Anshuman Khandual <khandual@linux.vnet.ibm.com>
Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com>
---
arch/powerpc/include/asm/svm.h | 5 ++++
arch/powerpc/platforms/pseries/Makefile | 1 +
arch/powerpc/platforms/pseries/setup.c | 5 +++-
arch/powerpc/platforms/pseries/svm.c | 40 +++++++++++++++++++++++++
4 files changed, 50 insertions(+), 1 deletion(-)
diff --git a/arch/powerpc/include/asm/svm.h b/arch/powerpc/include/asm/svm.h
index fef3740f46a6..f253116c31fc 100644
--- a/arch/powerpc/include/asm/svm.h
+++ b/arch/powerpc/include/asm/svm.h
@@ -15,6 +15,9 @@ static inline bool is_secure_guest(void)
return mfmsr() & MSR_S;
}
+void dtl_cache_ctor(void *addr);
+#define get_dtl_cache_ctor() (is_secure_guest() ? dtl_cache_ctor : NULL)
+
#else /* CONFIG_PPC_SVM */
static inline bool is_secure_guest(void)
@@ -22,5 +25,7 @@ static inline bool is_secure_guest(void)
return false;
}
+#define get_dtl_cache_ctor() NULL
+
#endif /* CONFIG_PPC_SVM */
#endif /* _ASM_POWERPC_SVM_H */
diff --git a/arch/powerpc/platforms/pseries/Makefile b/arch/powerpc/platforms/pseries/Makefile
index a43ec843c8e2..b7b6e6f52bd0 100644
--- a/arch/powerpc/platforms/pseries/Makefile
+++ b/arch/powerpc/platforms/pseries/Makefile
@@ -25,6 +25,7 @@ obj-$(CONFIG_LPARCFG) += lparcfg.o
obj-$(CONFIG_IBMVIO) += vio.o
obj-$(CONFIG_IBMEBUS) += ibmebus.o
obj-$(CONFIG_PAPR_SCM) += papr_scm.o
+obj-$(CONFIG_PPC_SVM) += svm.o
ifdef CONFIG_PPC_PSERIES
obj-$(CONFIG_SUSPEND) += suspend.o
diff --git a/arch/powerpc/platforms/pseries/setup.c b/arch/powerpc/platforms/pseries/setup.c
index e4f0dfd4ae33..c928e6e8a279 100644
--- a/arch/powerpc/platforms/pseries/setup.c
+++ b/arch/powerpc/platforms/pseries/setup.c
@@ -71,6 +71,7 @@
#include <asm/isa-bridge.h>
#include <asm/security_features.h>
#include <asm/asm-const.h>
+#include <asm/svm.h>
#include "pseries.h"
#include "../../../../drivers/pci/pci.h"
@@ -329,8 +330,10 @@ static inline int alloc_dispatch_logs(void)
static int alloc_dispatch_log_kmem_cache(void)
{
+ void (*ctor)(void *) = get_dtl_cache_ctor();
+
dtl_cache = kmem_cache_create("dtl", DISPATCH_LOG_BYTES,
- DISPATCH_LOG_BYTES, 0, NULL);
+ DISPATCH_LOG_BYTES, 0, ctor);
if (!dtl_cache) {
pr_warn("Failed to create dispatch trace log buffer cache\n");
pr_warn("Stolen time statistics will be unreliable\n");
diff --git a/arch/powerpc/platforms/pseries/svm.c b/arch/powerpc/platforms/pseries/svm.c
new file mode 100644
index 000000000000..c508196f7c83
--- /dev/null
+++ b/arch/powerpc/platforms/pseries/svm.c
@@ -0,0 +1,40 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Secure VM platform
+ *
+ * Copyright 2019 IBM Corporation
+ * Author: Anshuman Khandual <khandual@linux.vnet.ibm.com>
+ */
+
+#include <linux/mm.h>
+#include <asm/ultravisor.h>
+
+/* There's one dispatch log per CPU. */
+#define NR_DTL_PAGE (DISPATCH_LOG_BYTES * CONFIG_NR_CPUS / PAGE_SIZE)
+
+static struct page *dtl_page_store[NR_DTL_PAGE];
+static long dtl_nr_pages;
+
+static bool is_dtl_page_shared(struct page *page)
+{
+ long i;
+
+ for (i = 0; i < dtl_nr_pages; i++)
+ if (dtl_page_store[i] == page)
+ return true;
+
+ return false;
+}
+
+void dtl_cache_ctor(void *addr)
+{
+ unsigned long pfn = PHYS_PFN(__pa(addr));
+ struct page *page = pfn_to_page(pfn);
+
+ if (!is_dtl_page_shared(page)) {
+ dtl_page_store[dtl_nr_pages] = page;
+ dtl_nr_pages++;
+ WARN_ON(dtl_nr_pages >= NR_DTL_PAGE);
+ uv_share_page(pfn, 1);
+ }
+}
WARNING: multiple messages have this Message-ID (diff)
From: Thiago Jung Bauermann <bauerman@linux.ibm.com>
To: linuxppc-dev@lists.ozlabs.org
Cc: linux-kernel@vger.kernel.org,
Alexey Kardashevskiy <aik@ozlabs.ru>,
Anshuman Khandual <anshuman.linux@gmail.com>,
Benjamin Herrenschmidt <benh@kernel.crashing.org>,
Christoph Hellwig <hch@lst.de>,
Michael Ellerman <mpe@ellerman.id.au>,
Mike Anderson <andmike@linux.ibm.com>,
Paul Mackerras <paulus@samba.org>, Ram Pai <linuxram@us.ibm.com>,
Claudio Carvalho <cclaudio@linux.ibm.com>,
Anshuman Khandual <khandual@linux.vnet.ibm.com>,
Thiago Jung Bauermann <bauerman@linux.ibm.com>
Subject: [PATCH 07/12] powerpc/pseries/svm: Use shared memory for Debug Trace Log (DTL)
Date: Tue, 21 May 2019 01:49:07 -0300 [thread overview]
Message-ID: <20190521044912.1375-8-bauerman@linux.ibm.com> (raw)
In-Reply-To: <20190521044912.1375-1-bauerman@linux.ibm.com>
From: Anshuman Khandual <khandual@linux.vnet.ibm.com>
Secure guests need to share the DTL buffers with the hypervisor. To that
end, use a kmem_cache constructor which converts the underlying buddy
allocated SLUB cache pages into shared memory.
Signed-off-by: Anshuman Khandual <khandual@linux.vnet.ibm.com>
Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com>
---
arch/powerpc/include/asm/svm.h | 5 ++++
arch/powerpc/platforms/pseries/Makefile | 1 +
arch/powerpc/platforms/pseries/setup.c | 5 +++-
arch/powerpc/platforms/pseries/svm.c | 40 +++++++++++++++++++++++++
4 files changed, 50 insertions(+), 1 deletion(-)
diff --git a/arch/powerpc/include/asm/svm.h b/arch/powerpc/include/asm/svm.h
index fef3740f46a6..f253116c31fc 100644
--- a/arch/powerpc/include/asm/svm.h
+++ b/arch/powerpc/include/asm/svm.h
@@ -15,6 +15,9 @@ static inline bool is_secure_guest(void)
return mfmsr() & MSR_S;
}
+void dtl_cache_ctor(void *addr);
+#define get_dtl_cache_ctor() (is_secure_guest() ? dtl_cache_ctor : NULL)
+
#else /* CONFIG_PPC_SVM */
static inline bool is_secure_guest(void)
@@ -22,5 +25,7 @@ static inline bool is_secure_guest(void)
return false;
}
+#define get_dtl_cache_ctor() NULL
+
#endif /* CONFIG_PPC_SVM */
#endif /* _ASM_POWERPC_SVM_H */
diff --git a/arch/powerpc/platforms/pseries/Makefile b/arch/powerpc/platforms/pseries/Makefile
index a43ec843c8e2..b7b6e6f52bd0 100644
--- a/arch/powerpc/platforms/pseries/Makefile
+++ b/arch/powerpc/platforms/pseries/Makefile
@@ -25,6 +25,7 @@ obj-$(CONFIG_LPARCFG) += lparcfg.o
obj-$(CONFIG_IBMVIO) += vio.o
obj-$(CONFIG_IBMEBUS) += ibmebus.o
obj-$(CONFIG_PAPR_SCM) += papr_scm.o
+obj-$(CONFIG_PPC_SVM) += svm.o
ifdef CONFIG_PPC_PSERIES
obj-$(CONFIG_SUSPEND) += suspend.o
diff --git a/arch/powerpc/platforms/pseries/setup.c b/arch/powerpc/platforms/pseries/setup.c
index e4f0dfd4ae33..c928e6e8a279 100644
--- a/arch/powerpc/platforms/pseries/setup.c
+++ b/arch/powerpc/platforms/pseries/setup.c
@@ -71,6 +71,7 @@
#include <asm/isa-bridge.h>
#include <asm/security_features.h>
#include <asm/asm-const.h>
+#include <asm/svm.h>
#include "pseries.h"
#include "../../../../drivers/pci/pci.h"
@@ -329,8 +330,10 @@ static inline int alloc_dispatch_logs(void)
static int alloc_dispatch_log_kmem_cache(void)
{
+ void (*ctor)(void *) = get_dtl_cache_ctor();
+
dtl_cache = kmem_cache_create("dtl", DISPATCH_LOG_BYTES,
- DISPATCH_LOG_BYTES, 0, NULL);
+ DISPATCH_LOG_BYTES, 0, ctor);
if (!dtl_cache) {
pr_warn("Failed to create dispatch trace log buffer cache\n");
pr_warn("Stolen time statistics will be unreliable\n");
diff --git a/arch/powerpc/platforms/pseries/svm.c b/arch/powerpc/platforms/pseries/svm.c
new file mode 100644
index 000000000000..c508196f7c83
--- /dev/null
+++ b/arch/powerpc/platforms/pseries/svm.c
@@ -0,0 +1,40 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Secure VM platform
+ *
+ * Copyright 2019 IBM Corporation
+ * Author: Anshuman Khandual <khandual@linux.vnet.ibm.com>
+ */
+
+#include <linux/mm.h>
+#include <asm/ultravisor.h>
+
+/* There's one dispatch log per CPU. */
+#define NR_DTL_PAGE (DISPATCH_LOG_BYTES * CONFIG_NR_CPUS / PAGE_SIZE)
+
+static struct page *dtl_page_store[NR_DTL_PAGE];
+static long dtl_nr_pages;
+
+static bool is_dtl_page_shared(struct page *page)
+{
+ long i;
+
+ for (i = 0; i < dtl_nr_pages; i++)
+ if (dtl_page_store[i] == page)
+ return true;
+
+ return false;
+}
+
+void dtl_cache_ctor(void *addr)
+{
+ unsigned long pfn = PHYS_PFN(__pa(addr));
+ struct page *page = pfn_to_page(pfn);
+
+ if (!is_dtl_page_shared(page)) {
+ dtl_page_store[dtl_nr_pages] = page;
+ dtl_nr_pages++;
+ WARN_ON(dtl_nr_pages >= NR_DTL_PAGE);
+ uv_share_page(pfn, 1);
+ }
+}
next prev parent reply other threads:[~2019-05-21 5:08 UTC|newest]
Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-05-21 4:49 [PATCH 00/12] Secure Virtual Machine Enablement Thiago Jung Bauermann
2019-05-21 4:49 ` Thiago Jung Bauermann
2019-05-21 4:49 ` [PATCH 01/12] powerpc/pseries: Introduce option to build secure virtual machines Thiago Jung Bauermann
2019-05-21 4:49 ` Thiago Jung Bauermann
2019-05-21 4:49 ` [RFC PATCH 02/12] powerpc: Add support for adding an ESM blob to the zImage wrapper Thiago Jung Bauermann
2019-05-21 4:49 ` Thiago Jung Bauermann
2019-05-21 5:13 ` Christoph Hellwig
2019-05-21 5:13 ` Christoph Hellwig
2019-05-21 15:09 ` Ram Pai
2019-05-21 15:09 ` Ram Pai
2019-05-21 23:15 ` Paul Mackerras
2019-05-21 23:15 ` Paul Mackerras
2019-05-21 4:49 ` [RFC PATCH 03/12] powerpc/prom_init: Add the ESM call to prom_init Thiago Jung Bauermann
2019-05-21 4:49 ` Thiago Jung Bauermann
2019-06-26 7:44 ` Alexey Kardashevskiy
2019-06-26 7:44 ` Alexey Kardashevskiy
2019-06-28 22:33 ` Thiago Jung Bauermann
2019-06-28 22:33 ` Thiago Jung Bauermann
2019-07-01 3:13 ` Alexey Kardashevskiy
2019-07-01 3:13 ` Alexey Kardashevskiy
2019-05-21 4:49 ` [PATCH 04/12] powerpc/pseries/svm: Add helpers for UV_SHARE_PAGE and UV_UNSHARE_PAGE Thiago Jung Bauermann
2019-05-21 4:49 ` Thiago Jung Bauermann
2019-05-21 4:49 ` [PATCH 05/12] powerpc/pseries: Add and use LPPACA_SIZE constant Thiago Jung Bauermann
2019-05-21 4:49 ` Thiago Jung Bauermann
2019-05-21 4:49 ` [PATCH 06/12] powerpc/pseries/svm: Use shared memory for LPPACA structures Thiago Jung Bauermann
2019-05-21 4:49 ` Thiago Jung Bauermann
2019-05-21 4:49 ` Thiago Jung Bauermann [this message]
2019-05-21 4:49 ` [PATCH 07/12] powerpc/pseries/svm: Use shared memory for Debug Trace Log (DTL) Thiago Jung Bauermann
2019-05-21 4:49 ` [PATCH 08/12] powerpc/pseries/svm: Export guest SVM status to user space via sysfs Thiago Jung Bauermann
2019-05-21 4:49 ` Thiago Jung Bauermann
2019-05-21 4:49 ` [PATCH 09/12] powerpc/pseries/svm: Disable doorbells in SVM guests Thiago Jung Bauermann
2019-05-21 4:49 ` Thiago Jung Bauermann
2019-05-21 4:49 ` [PATCH 10/12] powerpc/pseries/iommu: Don't use dma_iommu_ops on secure guests Thiago Jung Bauermann
2019-05-21 4:49 ` Thiago Jung Bauermann
2019-05-21 4:49 ` [PATCH 11/12] powerpc/pseries/svm: Force SWIOTLB for " Thiago Jung Bauermann
2019-05-21 4:49 ` Thiago Jung Bauermann
2019-05-21 5:15 ` Christoph Hellwig
2019-05-21 5:15 ` Christoph Hellwig
2019-05-23 5:15 ` Thiago Jung Bauermann
2019-05-23 5:15 ` Thiago Jung Bauermann
2019-05-21 4:49 ` [PATCH 12/12] powerpc/configs: Enable secure guest support in pseries and ppc64 defconfigs Thiago Jung Bauermann
2019-05-21 4:49 ` Thiago Jung Bauermann
2019-06-07 14:47 ` [RFC PATCH 1/1] powerpc/pseries/svm: Unshare all pages before kexecing a new kernel Ram Pai
2019-06-07 14:47 ` Ram Pai
2019-06-01 17:11 ` [PATCH 00/12] Secure Virtual Machine Enablement Thiago Jung Bauermann
2019-06-01 17:11 ` Thiago Jung Bauermann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190521044912.1375-8-bauerman@linux.ibm.com \
--to=bauerman@linux.ibm.com \
--cc=aik@ozlabs.ru \
--cc=andmike@linux.ibm.com \
--cc=anshuman.linux@gmail.com \
--cc=cclaudio@linux.ibm.com \
--cc=hch@lst.de \
--cc=khandual@linux.vnet.ibm.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=linuxram@us.ibm.com \
--cc=paulus@samba.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.