From: Claudio Carvalho <cclaudio@linux.ibm.com>
To: linuxppc-dev@ozlabs.org
Cc: Madhavan Srinivasan <maddy@linux.vnet.ibm.com>,
Michael Anderson <andmike@linux.ibm.com>,
Ram Pai <linuxram@us.ibm.com>,
Claudio Carvalho <cclaudio@linux.ibm.com>,
kvm-ppc@vger.kernel.org, Bharata B Rao <bharata@linux.ibm.com>,
Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>,
Thiago Bauermann <bauermann@linux.ibm.com>,
Anshuman Khandual <khandual@linux.vnet.ibm.com>
Subject: [PATCH v3 8/9] KVM: PPC: Ultravisor: Enter a secure guest
Date: Thu, 06 Jun 2019 17:36:13 +0000 [thread overview]
Message-ID: <20190606173614.32090-9-cclaudio@linux.ibm.com> (raw)
In-Reply-To: <20190606173614.32090-1-cclaudio@linux.ibm.com>
From: Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>
To enter a secure guest, we have to go through the ultravisor, therefore
we do a ucall when we are entering a secure guest.
This change is needed for any sort of entry to the secure guest from the
hypervisor, whether it is a return from an hcall, a return from a
hypervisor interrupt, or the first time that a secure guest vCPU is run.
If we are returning from an hcall, the results are already in the
appropriate registers (R3:12), except for R6,7, which need to be
restored before doing the ucall (UV_RETURN).
Have fast_guest_return check the kvm_arch.secure_guest field so that a
new CPU enters UV when started (in response to a RTAS start-cpu call).
Thanks to input from Paul Mackerras, Ram Pai and Mike Anderson.
Signed-off-by: Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>
[Pass SRR1 in r11 for UV_RETURN, fix kvmppc_msr_interrupt to preserve
the MSR_S bit]
Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
[Fix UV_RETURN token number and arch.secure_guest check]
Signed-off-by: Ram Pai <linuxram@us.ibm.com>
[Update commit message and ret_to_ultra comment]
Signed-off-by: Claudio Carvalho <cclaudio@linux.ibm.com>
---
arch/powerpc/include/asm/kvm_host.h | 1 +
arch/powerpc/include/asm/ultravisor-api.h | 1 +
arch/powerpc/kernel/asm-offsets.c | 1 +
arch/powerpc/kvm/book3s_hv_rmhandlers.S | 37 +++++++++++++++++++----
4 files changed, 34 insertions(+), 6 deletions(-)
diff --git a/arch/powerpc/include/asm/kvm_host.h b/arch/powerpc/include/asm/kvm_host.h
index 013c76a0a03e..184becb62ea4 100644
--- a/arch/powerpc/include/asm/kvm_host.h
+++ b/arch/powerpc/include/asm/kvm_host.h
@@ -294,6 +294,7 @@ struct kvm_arch {
cpumask_t cpu_in_guest;
u8 radix;
u8 fwnmi_enabled;
+ u8 secure_guest;
bool threads_indep;
bool nested_enable;
pgd_t *pgtable;
diff --git a/arch/powerpc/include/asm/ultravisor-api.h b/arch/powerpc/include/asm/ultravisor-api.h
index 24bfb4c1737e..15e6ce77a131 100644
--- a/arch/powerpc/include/asm/ultravisor-api.h
+++ b/arch/powerpc/include/asm/ultravisor-api.h
@@ -19,5 +19,6 @@
/* opcodes */
#define UV_WRITE_PATE 0xF104
+#define UV_RETURN 0xF11C
#endif /* _ASM_POWERPC_ULTRAVISOR_API_H */
diff --git a/arch/powerpc/kernel/asm-offsets.c b/arch/powerpc/kernel/asm-offsets.c
index 8e02444e9d3d..44742724513e 100644
--- a/arch/powerpc/kernel/asm-offsets.c
+++ b/arch/powerpc/kernel/asm-offsets.c
@@ -508,6 +508,7 @@ int main(void)
OFFSET(KVM_VRMA_SLB_V, kvm, arch.vrma_slb_v);
OFFSET(KVM_RADIX, kvm, arch.radix);
OFFSET(KVM_FWNMI, kvm, arch.fwnmi_enabled);
+ OFFSET(KVM_SECURE_GUEST, kvm, arch.secure_guest);
OFFSET(VCPU_DSISR, kvm_vcpu, arch.shregs.dsisr);
OFFSET(VCPU_DAR, kvm_vcpu, arch.shregs.dar);
OFFSET(VCPU_VPA, kvm_vcpu, arch.vpa.pinned_addr);
diff --git a/arch/powerpc/kvm/book3s_hv_rmhandlers.S b/arch/powerpc/kvm/book3s_hv_rmhandlers.S
index cffb365d9d02..d719d730d31e 100644
--- a/arch/powerpc/kvm/book3s_hv_rmhandlers.S
+++ b/arch/powerpc/kvm/book3s_hv_rmhandlers.S
@@ -36,6 +36,7 @@
#include <asm/asm-compat.h>
#include <asm/feature-fixups.h>
#include <asm/cpuidle.h>
+#include <asm/ultravisor-api.h>
/* Sign-extend HDEC if not on POWER9 */
#define EXTEND_HDEC(reg) \
@@ -1092,16 +1093,12 @@ BEGIN_FTR_SECTION
END_FTR_SECTION_IFSET(CPU_FTR_HAS_PPR)
ld r5, VCPU_LR(r4)
- ld r6, VCPU_CR(r4)
mtlr r5
- mtcr r6
ld r1, VCPU_GPR(R1)(r4)
ld r2, VCPU_GPR(R2)(r4)
ld r3, VCPU_GPR(R3)(r4)
ld r5, VCPU_GPR(R5)(r4)
- ld r6, VCPU_GPR(R6)(r4)
- ld r7, VCPU_GPR(R7)(r4)
ld r8, VCPU_GPR(R8)(r4)
ld r9, VCPU_GPR(R9)(r4)
ld r10, VCPU_GPR(R10)(r4)
@@ -1119,10 +1116,35 @@ BEGIN_FTR_SECTION
mtspr SPRN_HDSISR, r0
END_FTR_SECTION_IFSET(CPU_FTR_ARCH_300)
+ ld r6, VCPU_KVM(r4)
+ lbz r7, KVM_SECURE_GUEST(r6)
+ cmpdi r7, 0
+ bne ret_to_ultra
+
+ lwz r6, VCPU_CR(r4)
+ mtcr r6
+
+ ld r7, VCPU_GPR(R7)(r4)
+ ld r6, VCPU_GPR(R6)(r4)
ld r0, VCPU_GPR(R0)(r4)
ld r4, VCPU_GPR(R4)(r4)
HRFI_TO_GUEST
b .
+/*
+ * We are entering a secure guest, so we have to invoke the ultravisor to do
+ * that. If we are returning from a hcall, the results are already in the
+ * appropriate registers (R3:12), except for R6,7 which we used as temporary
+ * registers above. Restore them, and set R0 to the ucall number (UV_RETURN).
+ */
+ret_to_ultra:
+ lwz r6, VCPU_CR(r4)
+ mtcr r6
+ mfspr r11, SPRN_SRR1
+ LOAD_REG_IMMEDIATE(r0, UV_RETURN)
+ ld r7, VCPU_GPR(R7)(r4)
+ ld r6, VCPU_GPR(R6)(r4)
+ ld r4, VCPU_GPR(R4)(r4)
+ sc 2
/*
* Enter the guest on a P9 or later system where we have exactly
@@ -3318,13 +3340,16 @@ END_MMU_FTR_SECTION_IFSET(MMU_FTR_TYPE_RADIX)
* r0 is used as a scratch register
*/
kvmppc_msr_interrupt:
+ andis. r0, r11, MSR_S@h
rldicl r0, r11, 64 - MSR_TS_S_LG, 62
- cmpwi r0, 2 /* Check if we are in transactional state.. */
+ cmpwi cr1, r0, 2 /* Check if we are in transactional state.. */
ld r11, VCPU_INTR_MSR(r9)
- bne 1f
+ bne cr1, 1f
/* ... if transactional, change to suspended */
li r0, 1
1: rldimi r11, r0, MSR_TS_S_LG, 63 - MSR_TS_T_LG
+ beqlr
+ oris r11, r11, MSR_S@h /* preserve MSR_S bit setting */
blr
/*
--
2.20.1
WARNING: multiple messages have this Message-ID (diff)
From: Claudio Carvalho <cclaudio@linux.ibm.com>
To: linuxppc-dev@ozlabs.org
Cc: Madhavan Srinivasan <maddy@linux.vnet.ibm.com>,
Michael Anderson <andmike@linux.ibm.com>,
Ram Pai <linuxram@us.ibm.com>,
Claudio Carvalho <cclaudio@linux.ibm.com>,
kvm-ppc@vger.kernel.org, Bharata B Rao <bharata@linux.ibm.com>,
Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>,
Thiago Bauermann <bauermann@linux.ibm.com>,
Anshuman Khandual <khandual@linux.vnet.ibm.com>
Subject: [PATCH v3 8/9] KVM: PPC: Ultravisor: Enter a secure guest
Date: Thu, 6 Jun 2019 14:36:13 -0300 [thread overview]
Message-ID: <20190606173614.32090-9-cclaudio@linux.ibm.com> (raw)
In-Reply-To: <20190606173614.32090-1-cclaudio@linux.ibm.com>
From: Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>
To enter a secure guest, we have to go through the ultravisor, therefore
we do a ucall when we are entering a secure guest.
This change is needed for any sort of entry to the secure guest from the
hypervisor, whether it is a return from an hcall, a return from a
hypervisor interrupt, or the first time that a secure guest vCPU is run.
If we are returning from an hcall, the results are already in the
appropriate registers (R3:12), except for R6,7, which need to be
restored before doing the ucall (UV_RETURN).
Have fast_guest_return check the kvm_arch.secure_guest field so that a
new CPU enters UV when started (in response to a RTAS start-cpu call).
Thanks to input from Paul Mackerras, Ram Pai and Mike Anderson.
Signed-off-by: Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>
[Pass SRR1 in r11 for UV_RETURN, fix kvmppc_msr_interrupt to preserve
the MSR_S bit]
Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
[Fix UV_RETURN token number and arch.secure_guest check]
Signed-off-by: Ram Pai <linuxram@us.ibm.com>
[Update commit message and ret_to_ultra comment]
Signed-off-by: Claudio Carvalho <cclaudio@linux.ibm.com>
---
arch/powerpc/include/asm/kvm_host.h | 1 +
arch/powerpc/include/asm/ultravisor-api.h | 1 +
arch/powerpc/kernel/asm-offsets.c | 1 +
arch/powerpc/kvm/book3s_hv_rmhandlers.S | 37 +++++++++++++++++++----
4 files changed, 34 insertions(+), 6 deletions(-)
diff --git a/arch/powerpc/include/asm/kvm_host.h b/arch/powerpc/include/asm/kvm_host.h
index 013c76a0a03e..184becb62ea4 100644
--- a/arch/powerpc/include/asm/kvm_host.h
+++ b/arch/powerpc/include/asm/kvm_host.h
@@ -294,6 +294,7 @@ struct kvm_arch {
cpumask_t cpu_in_guest;
u8 radix;
u8 fwnmi_enabled;
+ u8 secure_guest;
bool threads_indep;
bool nested_enable;
pgd_t *pgtable;
diff --git a/arch/powerpc/include/asm/ultravisor-api.h b/arch/powerpc/include/asm/ultravisor-api.h
index 24bfb4c1737e..15e6ce77a131 100644
--- a/arch/powerpc/include/asm/ultravisor-api.h
+++ b/arch/powerpc/include/asm/ultravisor-api.h
@@ -19,5 +19,6 @@
/* opcodes */
#define UV_WRITE_PATE 0xF104
+#define UV_RETURN 0xF11C
#endif /* _ASM_POWERPC_ULTRAVISOR_API_H */
diff --git a/arch/powerpc/kernel/asm-offsets.c b/arch/powerpc/kernel/asm-offsets.c
index 8e02444e9d3d..44742724513e 100644
--- a/arch/powerpc/kernel/asm-offsets.c
+++ b/arch/powerpc/kernel/asm-offsets.c
@@ -508,6 +508,7 @@ int main(void)
OFFSET(KVM_VRMA_SLB_V, kvm, arch.vrma_slb_v);
OFFSET(KVM_RADIX, kvm, arch.radix);
OFFSET(KVM_FWNMI, kvm, arch.fwnmi_enabled);
+ OFFSET(KVM_SECURE_GUEST, kvm, arch.secure_guest);
OFFSET(VCPU_DSISR, kvm_vcpu, arch.shregs.dsisr);
OFFSET(VCPU_DAR, kvm_vcpu, arch.shregs.dar);
OFFSET(VCPU_VPA, kvm_vcpu, arch.vpa.pinned_addr);
diff --git a/arch/powerpc/kvm/book3s_hv_rmhandlers.S b/arch/powerpc/kvm/book3s_hv_rmhandlers.S
index cffb365d9d02..d719d730d31e 100644
--- a/arch/powerpc/kvm/book3s_hv_rmhandlers.S
+++ b/arch/powerpc/kvm/book3s_hv_rmhandlers.S
@@ -36,6 +36,7 @@
#include <asm/asm-compat.h>
#include <asm/feature-fixups.h>
#include <asm/cpuidle.h>
+#include <asm/ultravisor-api.h>
/* Sign-extend HDEC if not on POWER9 */
#define EXTEND_HDEC(reg) \
@@ -1092,16 +1093,12 @@ BEGIN_FTR_SECTION
END_FTR_SECTION_IFSET(CPU_FTR_HAS_PPR)
ld r5, VCPU_LR(r4)
- ld r6, VCPU_CR(r4)
mtlr r5
- mtcr r6
ld r1, VCPU_GPR(R1)(r4)
ld r2, VCPU_GPR(R2)(r4)
ld r3, VCPU_GPR(R3)(r4)
ld r5, VCPU_GPR(R5)(r4)
- ld r6, VCPU_GPR(R6)(r4)
- ld r7, VCPU_GPR(R7)(r4)
ld r8, VCPU_GPR(R8)(r4)
ld r9, VCPU_GPR(R9)(r4)
ld r10, VCPU_GPR(R10)(r4)
@@ -1119,10 +1116,35 @@ BEGIN_FTR_SECTION
mtspr SPRN_HDSISR, r0
END_FTR_SECTION_IFSET(CPU_FTR_ARCH_300)
+ ld r6, VCPU_KVM(r4)
+ lbz r7, KVM_SECURE_GUEST(r6)
+ cmpdi r7, 0
+ bne ret_to_ultra
+
+ lwz r6, VCPU_CR(r4)
+ mtcr r6
+
+ ld r7, VCPU_GPR(R7)(r4)
+ ld r6, VCPU_GPR(R6)(r4)
ld r0, VCPU_GPR(R0)(r4)
ld r4, VCPU_GPR(R4)(r4)
HRFI_TO_GUEST
b .
+/*
+ * We are entering a secure guest, so we have to invoke the ultravisor to do
+ * that. If we are returning from a hcall, the results are already in the
+ * appropriate registers (R3:12), except for R6,7 which we used as temporary
+ * registers above. Restore them, and set R0 to the ucall number (UV_RETURN).
+ */
+ret_to_ultra:
+ lwz r6, VCPU_CR(r4)
+ mtcr r6
+ mfspr r11, SPRN_SRR1
+ LOAD_REG_IMMEDIATE(r0, UV_RETURN)
+ ld r7, VCPU_GPR(R7)(r4)
+ ld r6, VCPU_GPR(R6)(r4)
+ ld r4, VCPU_GPR(R4)(r4)
+ sc 2
/*
* Enter the guest on a P9 or later system where we have exactly
@@ -3318,13 +3340,16 @@ END_MMU_FTR_SECTION_IFSET(MMU_FTR_TYPE_RADIX)
* r0 is used as a scratch register
*/
kvmppc_msr_interrupt:
+ andis. r0, r11, MSR_S@h
rldicl r0, r11, 64 - MSR_TS_S_LG, 62
- cmpwi r0, 2 /* Check if we are in transactional state.. */
+ cmpwi cr1, r0, 2 /* Check if we are in transactional state.. */
ld r11, VCPU_INTR_MSR(r9)
- bne 1f
+ bne cr1, 1f
/* ... if transactional, change to suspended */
li r0, 1
1: rldimi r11, r0, MSR_TS_S_LG, 63 - MSR_TS_T_LG
+ beqlr
+ oris r11, r11, MSR_S@h /* preserve MSR_S bit setting */
blr
/*
--
2.20.1
next prev parent reply other threads:[~2019-06-06 17:36 UTC|newest]
Thread overview: 56+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-06 17:36 [PATCH v3 0/9] kvmppc: Paravirtualize KVM to support ultravisor Claudio Carvalho
2019-06-06 17:36 ` Claudio Carvalho
2019-06-06 17:36 ` [PATCH v3 1/9] KVM: PPC: Ultravisor: Add PPC_UV config option Claudio Carvalho
2019-06-06 17:36 ` Claudio Carvalho
2019-06-07 20:11 ` Leonardo Bras
2019-06-07 20:11 ` Leonardo Bras
2019-06-10 12:18 ` Claudio Carvalho
2019-06-10 12:18 ` Claudio Carvalho
2019-06-06 17:36 ` [PATCH v3 2/9] KVM: PPC: Ultravisor: Introduce the MSR_S bit Claudio Carvalho
2019-06-06 17:36 ` Claudio Carvalho
2019-06-06 17:36 ` [PATCH v3 3/9] powerpc: Introduce FW_FEATURE_ULTRAVISOR Claudio Carvalho
2019-06-06 17:36 ` Claudio Carvalho
2019-06-15 7:36 ` Paul Mackerras
2019-06-15 7:36 ` Paul Mackerras
2019-07-01 14:12 ` Claudio Carvalho
2019-07-01 14:12 ` Claudio Carvalho
2019-06-06 17:36 ` [PATCH v3 4/9] KVM: PPC: Ultravisor: Add generic ultravisor call handler Claudio Carvalho
2019-06-06 17:36 ` Claudio Carvalho
2019-06-15 7:37 ` Paul Mackerras
2019-06-15 7:37 ` Paul Mackerras
2019-06-17 2:06 ` Paul Mackerras
2019-06-17 2:06 ` Paul Mackerras
2019-06-17 23:51 ` Ram Pai
2019-06-17 23:51 ` Ram Pai
2019-06-18 11:47 ` Segher Boessenkool
2019-06-18 11:47 ` Segher Boessenkool
2019-06-18 15:25 ` Ram Pai
2019-06-18 15:25 ` Ram Pai
2019-06-06 17:36 ` [PATCH v3 5/9] KVM: PPC: Ultravisor: Use UV_WRITE_PATE ucall to register a PATE Claudio Carvalho
2019-06-06 17:36 ` Claudio Carvalho
2019-06-15 7:38 ` Paul Mackerras
2019-06-15 7:38 ` Paul Mackerras
2019-06-06 17:36 ` [PATCH v3 6/9] KVM: PPC: Ultravisor: Restrict flush of the partition tlb cache Claudio Carvalho
2019-06-06 17:36 ` Claudio Carvalho
2019-06-06 19:39 ` Murilo Opsfelder Araújo
2019-06-06 19:39 ` Murilo Opsfelder Araújo
2019-06-06 21:55 ` Paul Mackerras
2019-06-06 21:55 ` Paul Mackerras
2019-06-06 17:36 ` [PATCH v3 7/9] KVM: PPC: Ultravisor: Restrict LDBAR access Claudio Carvalho
2019-06-06 17:36 ` Claudio Carvalho
2019-06-07 4:48 ` Madhavan Srinivasan
2019-06-07 4:48 ` Madhavan Srinivasan
2019-06-07 12:34 ` Claudio Carvalho
2019-06-07 12:34 ` Claudio Carvalho
2019-06-15 7:43 ` Paul Mackerras
2019-06-15 7:43 ` Paul Mackerras
2019-06-16 1:10 ` Ram Pai
2019-06-16 1:10 ` Ram Pai
2019-06-06 17:36 ` Claudio Carvalho [this message]
2019-06-06 17:36 ` [PATCH v3 8/9] KVM: PPC: Ultravisor: Enter a secure guest Claudio Carvalho
2019-06-15 7:45 ` Paul Mackerras
2019-06-15 7:45 ` Paul Mackerras
2019-06-06 17:36 ` [PATCH v3 9/9] KVM: PPC: Ultravisor: Check for MSR_S during hv_reset_msr Claudio Carvalho
2019-06-06 17:36 ` Claudio Carvalho
2019-06-15 7:47 ` Paul Mackerras
2019-06-15 7:47 ` Paul Mackerras
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190606173614.32090-9-cclaudio@linux.ibm.com \
--to=cclaudio@linux.ibm.com \
--cc=andmike@linux.ibm.com \
--cc=bauermann@linux.ibm.com \
--cc=bharata@linux.ibm.com \
--cc=khandual@linux.vnet.ibm.com \
--cc=kvm-ppc@vger.kernel.org \
--cc=linuxppc-dev@ozlabs.org \
--cc=linuxram@us.ibm.com \
--cc=maddy@linux.vnet.ibm.com \
--cc=sukadev@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.