From: Bharata B Rao <bharata@linux.ibm.com>
To: linuxppc-dev@lists.ozlabs.org
Cc: kvm-ppc@vger.kernel.org, linux-mm@kvack.org, paulus@au1.ibm.com,
aneesh.kumar@linux.vnet.ibm.com, jglisse@redhat.com,
linuxram@us.ibm.com, sukadev@linux.vnet.ibm.com,
cclaudio@linux.ibm.com, hch@lst.de,
Bharata B Rao <bharata@linux.ibm.com>
Subject: [PATCH v6 2/7] kvmppc: Shared pages support for secure guests
Date: Fri, 09 Aug 2019 08:53:03 +0000 [thread overview]
Message-ID: <20190809084108.30343-3-bharata@linux.ibm.com> (raw)
In-Reply-To: <20190809084108.30343-1-bharata@linux.ibm.com>
A secure guest will share some of its pages with hypervisor (Eg. virtio
bounce buffers etc). Support sharing of pages between hypervisor and
ultravisor.
Once a secure page is converted to shared page, stop tracking that page
as a device page.
Signed-off-by: Bharata B Rao <bharata@linux.ibm.com>
---
arch/powerpc/include/asm/hvcall.h | 3 ++
arch/powerpc/kvm/book3s_hv_devm.c | 67 +++++++++++++++++++++++++++++--
2 files changed, 67 insertions(+), 3 deletions(-)
diff --git a/arch/powerpc/include/asm/hvcall.h b/arch/powerpc/include/asm/hvcall.h
index 2f6b952deb0f..05b8536f6653 100644
--- a/arch/powerpc/include/asm/hvcall.h
+++ b/arch/powerpc/include/asm/hvcall.h
@@ -337,6 +337,9 @@
#define H_TLB_INVALIDATE 0xF808
#define H_COPY_TOFROM_GUEST 0xF80C
+/* Flags for H_SVM_PAGE_IN */
+#define H_PAGE_IN_SHARED 0x1
+
/* Platform-specific hcalls used by the Ultravisor */
#define H_SVM_PAGE_IN 0xEF00
#define H_SVM_PAGE_OUT 0xEF04
diff --git a/arch/powerpc/kvm/book3s_hv_devm.c b/arch/powerpc/kvm/book3s_hv_devm.c
index 2e6c077bd22e..c9189e58401d 100644
--- a/arch/powerpc/kvm/book3s_hv_devm.c
+++ b/arch/powerpc/kvm/book3s_hv_devm.c
@@ -55,6 +55,7 @@ struct kvmppc_devm_page_pvt {
unsigned long *rmap;
unsigned int lpid;
unsigned long gpa;
+ bool skip_page_out;
};
struct kvmppc_devm_copy_args {
@@ -188,6 +189,54 @@ kvmppc_devm_migrate_alloc_and_copy(struct migrate_vma *mig,
return 0;
}
+/*
+ * Shares the page with HV, thus making it a normal page.
+ *
+ * - If the page is already secure, then provision a new page and share
+ * - If the page is a normal page, share the existing page
+ *
+ * In the former case, uses the dev_pagemap_ops migrate_to_ram handler to
+ * release the device page.
+ */
+static unsigned long
+kvmppc_share_page(struct kvm *kvm, unsigned long gpa, unsigned long page_shift)
+{
+
+ int ret = H_PARAMETER;
+ struct page *devm_page;
+ struct kvmppc_devm_page_pvt *pvt;
+ unsigned long pfn;
+ unsigned long *rmap;
+ struct kvm_memory_slot *slot;
+ unsigned long gfn = gpa >> page_shift;
+ int srcu_idx;
+
+ srcu_idx = srcu_read_lock(&kvm->srcu);
+ slot = gfn_to_memslot(kvm, gfn);
+ if (!slot)
+ goto out;
+
+ rmap = &slot->arch.rmap[gfn - slot->base_gfn];
+ if (kvmppc_is_devm_pfn(*rmap)) {
+ devm_page = pfn_to_page(*rmap & ~KVMPPC_PFN_DEVM);
+ pvt = (struct kvmppc_devm_page_pvt *)
+ devm_page->zone_device_data;
+ pvt->skip_page_out = true;
+ }
+
+ pfn = gfn_to_pfn(kvm, gpa >> page_shift);
+ if (is_error_noslot_pfn(pfn))
+ goto out;
+
+ ret = uv_page_in(kvm->arch.lpid, pfn << page_shift, gpa, 0, page_shift);
+ if (ret = U_SUCCESS)
+ ret = H_SUCCESS;
+ kvm_release_pfn_clean(pfn);
+out:
+ srcu_read_unlock(&kvm->srcu, srcu_idx);
+ return ret;
+}
+
/*
* Move page from normal memory to secure memory.
*/
@@ -209,9 +258,12 @@ kvmppc_h_svm_page_in(struct kvm *kvm, unsigned long gpa,
if (page_shift != PAGE_SHIFT)
return H_P3;
- if (flags)
+ if (flags & ~H_PAGE_IN_SHARED)
return H_P2;
+ if (flags & H_PAGE_IN_SHARED)
+ return kvmppc_share_page(kvm, gpa, page_shift);
+
ret = H_PARAMETER;
down_read(&kvm->mm->mmap_sem);
srcu_idx = srcu_read_lock(&kvm->srcu);
@@ -279,8 +331,17 @@ kvmppc_devm_fault_migrate_alloc_and_copy(struct migrate_vma *mig)
pvt = (struct kvmppc_devm_page_pvt *)spage->zone_device_data;
pfn = page_to_pfn(dpage);
- ret = uv_page_out(pvt->lpid, pfn << PAGE_SHIFT,
- pvt->gpa, 0, PAGE_SHIFT);
+
+ /*
+ * This same function is used in two cases:
+ * - When HV touches a secure page, for which we do page-out
+ * - When a secure page is converted to shared page, we touch
+ * the page to essentially discard the device page. In this
+ * case we skip page-out.
+ */
+ if (!pvt->skip_page_out)
+ ret = uv_page_out(pvt->lpid, pfn << PAGE_SHIFT,
+ pvt->gpa, 0, PAGE_SHIFT);
if (ret = U_SUCCESS)
*mig->dst = migrate_pfn(pfn) | MIGRATE_PFN_LOCKED;
return 0;
--
2.21.0
WARNING: multiple messages have this Message-ID (diff)
From: Bharata B Rao <bharata@linux.ibm.com>
To: linuxppc-dev@lists.ozlabs.org
Cc: linuxram@us.ibm.com, cclaudio@linux.ibm.com,
kvm-ppc@vger.kernel.org, Bharata B Rao <bharata@linux.ibm.com>,
linux-mm@kvack.org, jglisse@redhat.com,
aneesh.kumar@linux.vnet.ibm.com, paulus@au1.ibm.com,
sukadev@linux.vnet.ibm.com, hch@lst.de
Subject: [PATCH v6 2/7] kvmppc: Shared pages support for secure guests
Date: Fri, 9 Aug 2019 14:11:03 +0530 [thread overview]
Message-ID: <20190809084108.30343-3-bharata@linux.ibm.com> (raw)
In-Reply-To: <20190809084108.30343-1-bharata@linux.ibm.com>
A secure guest will share some of its pages with hypervisor (Eg. virtio
bounce buffers etc). Support sharing of pages between hypervisor and
ultravisor.
Once a secure page is converted to shared page, stop tracking that page
as a device page.
Signed-off-by: Bharata B Rao <bharata@linux.ibm.com>
---
arch/powerpc/include/asm/hvcall.h | 3 ++
arch/powerpc/kvm/book3s_hv_devm.c | 67 +++++++++++++++++++++++++++++--
2 files changed, 67 insertions(+), 3 deletions(-)
diff --git a/arch/powerpc/include/asm/hvcall.h b/arch/powerpc/include/asm/hvcall.h
index 2f6b952deb0f..05b8536f6653 100644
--- a/arch/powerpc/include/asm/hvcall.h
+++ b/arch/powerpc/include/asm/hvcall.h
@@ -337,6 +337,9 @@
#define H_TLB_INVALIDATE 0xF808
#define H_COPY_TOFROM_GUEST 0xF80C
+/* Flags for H_SVM_PAGE_IN */
+#define H_PAGE_IN_SHARED 0x1
+
/* Platform-specific hcalls used by the Ultravisor */
#define H_SVM_PAGE_IN 0xEF00
#define H_SVM_PAGE_OUT 0xEF04
diff --git a/arch/powerpc/kvm/book3s_hv_devm.c b/arch/powerpc/kvm/book3s_hv_devm.c
index 2e6c077bd22e..c9189e58401d 100644
--- a/arch/powerpc/kvm/book3s_hv_devm.c
+++ b/arch/powerpc/kvm/book3s_hv_devm.c
@@ -55,6 +55,7 @@ struct kvmppc_devm_page_pvt {
unsigned long *rmap;
unsigned int lpid;
unsigned long gpa;
+ bool skip_page_out;
};
struct kvmppc_devm_copy_args {
@@ -188,6 +189,54 @@ kvmppc_devm_migrate_alloc_and_copy(struct migrate_vma *mig,
return 0;
}
+/*
+ * Shares the page with HV, thus making it a normal page.
+ *
+ * - If the page is already secure, then provision a new page and share
+ * - If the page is a normal page, share the existing page
+ *
+ * In the former case, uses the dev_pagemap_ops migrate_to_ram handler to
+ * release the device page.
+ */
+static unsigned long
+kvmppc_share_page(struct kvm *kvm, unsigned long gpa, unsigned long page_shift)
+{
+
+ int ret = H_PARAMETER;
+ struct page *devm_page;
+ struct kvmppc_devm_page_pvt *pvt;
+ unsigned long pfn;
+ unsigned long *rmap;
+ struct kvm_memory_slot *slot;
+ unsigned long gfn = gpa >> page_shift;
+ int srcu_idx;
+
+ srcu_idx = srcu_read_lock(&kvm->srcu);
+ slot = gfn_to_memslot(kvm, gfn);
+ if (!slot)
+ goto out;
+
+ rmap = &slot->arch.rmap[gfn - slot->base_gfn];
+ if (kvmppc_is_devm_pfn(*rmap)) {
+ devm_page = pfn_to_page(*rmap & ~KVMPPC_PFN_DEVM);
+ pvt = (struct kvmppc_devm_page_pvt *)
+ devm_page->zone_device_data;
+ pvt->skip_page_out = true;
+ }
+
+ pfn = gfn_to_pfn(kvm, gpa >> page_shift);
+ if (is_error_noslot_pfn(pfn))
+ goto out;
+
+ ret = uv_page_in(kvm->arch.lpid, pfn << page_shift, gpa, 0, page_shift);
+ if (ret == U_SUCCESS)
+ ret = H_SUCCESS;
+ kvm_release_pfn_clean(pfn);
+out:
+ srcu_read_unlock(&kvm->srcu, srcu_idx);
+ return ret;
+}
+
/*
* Move page from normal memory to secure memory.
*/
@@ -209,9 +258,12 @@ kvmppc_h_svm_page_in(struct kvm *kvm, unsigned long gpa,
if (page_shift != PAGE_SHIFT)
return H_P3;
- if (flags)
+ if (flags & ~H_PAGE_IN_SHARED)
return H_P2;
+ if (flags & H_PAGE_IN_SHARED)
+ return kvmppc_share_page(kvm, gpa, page_shift);
+
ret = H_PARAMETER;
down_read(&kvm->mm->mmap_sem);
srcu_idx = srcu_read_lock(&kvm->srcu);
@@ -279,8 +331,17 @@ kvmppc_devm_fault_migrate_alloc_and_copy(struct migrate_vma *mig)
pvt = (struct kvmppc_devm_page_pvt *)spage->zone_device_data;
pfn = page_to_pfn(dpage);
- ret = uv_page_out(pvt->lpid, pfn << PAGE_SHIFT,
- pvt->gpa, 0, PAGE_SHIFT);
+
+ /*
+ * This same function is used in two cases:
+ * - When HV touches a secure page, for which we do page-out
+ * - When a secure page is converted to shared page, we touch
+ * the page to essentially discard the device page. In this
+ * case we skip page-out.
+ */
+ if (!pvt->skip_page_out)
+ ret = uv_page_out(pvt->lpid, pfn << PAGE_SHIFT,
+ pvt->gpa, 0, PAGE_SHIFT);
if (ret == U_SUCCESS)
*mig->dst = migrate_pfn(pfn) | MIGRATE_PFN_LOCKED;
return 0;
--
2.21.0
WARNING: multiple messages have this Message-ID (diff)
From: Bharata B Rao <bharata@linux.ibm.com>
To: linuxppc-dev@lists.ozlabs.org
Cc: kvm-ppc@vger.kernel.org, linux-mm@kvack.org, paulus@au1.ibm.com,
aneesh.kumar@linux.vnet.ibm.com, jglisse@redhat.com,
linuxram@us.ibm.com, sukadev@linux.vnet.ibm.com,
cclaudio@linux.ibm.com, hch@lst.de,
Bharata B Rao <bharata@linux.ibm.com>
Subject: [PATCH v6 2/7] kvmppc: Shared pages support for secure guests
Date: Fri, 9 Aug 2019 14:11:03 +0530 [thread overview]
Message-ID: <20190809084108.30343-3-bharata@linux.ibm.com> (raw)
In-Reply-To: <20190809084108.30343-1-bharata@linux.ibm.com>
A secure guest will share some of its pages with hypervisor (Eg. virtio
bounce buffers etc). Support sharing of pages between hypervisor and
ultravisor.
Once a secure page is converted to shared page, stop tracking that page
as a device page.
Signed-off-by: Bharata B Rao <bharata@linux.ibm.com>
---
arch/powerpc/include/asm/hvcall.h | 3 ++
arch/powerpc/kvm/book3s_hv_devm.c | 67 +++++++++++++++++++++++++++++--
2 files changed, 67 insertions(+), 3 deletions(-)
diff --git a/arch/powerpc/include/asm/hvcall.h b/arch/powerpc/include/asm/hvcall.h
index 2f6b952deb0f..05b8536f6653 100644
--- a/arch/powerpc/include/asm/hvcall.h
+++ b/arch/powerpc/include/asm/hvcall.h
@@ -337,6 +337,9 @@
#define H_TLB_INVALIDATE 0xF808
#define H_COPY_TOFROM_GUEST 0xF80C
+/* Flags for H_SVM_PAGE_IN */
+#define H_PAGE_IN_SHARED 0x1
+
/* Platform-specific hcalls used by the Ultravisor */
#define H_SVM_PAGE_IN 0xEF00
#define H_SVM_PAGE_OUT 0xEF04
diff --git a/arch/powerpc/kvm/book3s_hv_devm.c b/arch/powerpc/kvm/book3s_hv_devm.c
index 2e6c077bd22e..c9189e58401d 100644
--- a/arch/powerpc/kvm/book3s_hv_devm.c
+++ b/arch/powerpc/kvm/book3s_hv_devm.c
@@ -55,6 +55,7 @@ struct kvmppc_devm_page_pvt {
unsigned long *rmap;
unsigned int lpid;
unsigned long gpa;
+ bool skip_page_out;
};
struct kvmppc_devm_copy_args {
@@ -188,6 +189,54 @@ kvmppc_devm_migrate_alloc_and_copy(struct migrate_vma *mig,
return 0;
}
+/*
+ * Shares the page with HV, thus making it a normal page.
+ *
+ * - If the page is already secure, then provision a new page and share
+ * - If the page is a normal page, share the existing page
+ *
+ * In the former case, uses the dev_pagemap_ops migrate_to_ram handler to
+ * release the device page.
+ */
+static unsigned long
+kvmppc_share_page(struct kvm *kvm, unsigned long gpa, unsigned long page_shift)
+{
+
+ int ret = H_PARAMETER;
+ struct page *devm_page;
+ struct kvmppc_devm_page_pvt *pvt;
+ unsigned long pfn;
+ unsigned long *rmap;
+ struct kvm_memory_slot *slot;
+ unsigned long gfn = gpa >> page_shift;
+ int srcu_idx;
+
+ srcu_idx = srcu_read_lock(&kvm->srcu);
+ slot = gfn_to_memslot(kvm, gfn);
+ if (!slot)
+ goto out;
+
+ rmap = &slot->arch.rmap[gfn - slot->base_gfn];
+ if (kvmppc_is_devm_pfn(*rmap)) {
+ devm_page = pfn_to_page(*rmap & ~KVMPPC_PFN_DEVM);
+ pvt = (struct kvmppc_devm_page_pvt *)
+ devm_page->zone_device_data;
+ pvt->skip_page_out = true;
+ }
+
+ pfn = gfn_to_pfn(kvm, gpa >> page_shift);
+ if (is_error_noslot_pfn(pfn))
+ goto out;
+
+ ret = uv_page_in(kvm->arch.lpid, pfn << page_shift, gpa, 0, page_shift);
+ if (ret == U_SUCCESS)
+ ret = H_SUCCESS;
+ kvm_release_pfn_clean(pfn);
+out:
+ srcu_read_unlock(&kvm->srcu, srcu_idx);
+ return ret;
+}
+
/*
* Move page from normal memory to secure memory.
*/
@@ -209,9 +258,12 @@ kvmppc_h_svm_page_in(struct kvm *kvm, unsigned long gpa,
if (page_shift != PAGE_SHIFT)
return H_P3;
- if (flags)
+ if (flags & ~H_PAGE_IN_SHARED)
return H_P2;
+ if (flags & H_PAGE_IN_SHARED)
+ return kvmppc_share_page(kvm, gpa, page_shift);
+
ret = H_PARAMETER;
down_read(&kvm->mm->mmap_sem);
srcu_idx = srcu_read_lock(&kvm->srcu);
@@ -279,8 +331,17 @@ kvmppc_devm_fault_migrate_alloc_and_copy(struct migrate_vma *mig)
pvt = (struct kvmppc_devm_page_pvt *)spage->zone_device_data;
pfn = page_to_pfn(dpage);
- ret = uv_page_out(pvt->lpid, pfn << PAGE_SHIFT,
- pvt->gpa, 0, PAGE_SHIFT);
+
+ /*
+ * This same function is used in two cases:
+ * - When HV touches a secure page, for which we do page-out
+ * - When a secure page is converted to shared page, we touch
+ * the page to essentially discard the device page. In this
+ * case we skip page-out.
+ */
+ if (!pvt->skip_page_out)
+ ret = uv_page_out(pvt->lpid, pfn << PAGE_SHIFT,
+ pvt->gpa, 0, PAGE_SHIFT);
if (ret == U_SUCCESS)
*mig->dst = migrate_pfn(pfn) | MIGRATE_PFN_LOCKED;
return 0;
--
2.21.0
next prev parent reply other threads:[~2019-08-09 8:53 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-09 8:41 [PATCH v6 0/7] KVMPPC driver to manage secure guest pages Bharata B Rao
2019-08-09 8:53 ` Bharata B Rao
2019-08-09 8:41 ` Bharata B Rao
2019-08-09 8:41 ` [PATCH v6 1/7] kvmppc: Driver to manage pages of secure guest Bharata B Rao
2019-08-09 8:53 ` Bharata B Rao
2019-08-09 8:41 ` Bharata B Rao
2019-08-10 10:58 ` Christoph Hellwig
2019-08-10 10:58 ` Christoph Hellwig
2019-08-10 10:58 ` Christoph Hellwig
2019-08-10 14:21 ` Bharata B Rao
2019-08-10 14:33 ` Bharata B Rao
2019-08-10 14:21 ` Bharata B Rao
2019-08-20 3:04 ` Thiago Jung Bauermann
2019-08-20 3:04 ` Thiago Jung Bauermann
2019-08-20 3:04 ` Thiago Jung Bauermann
2019-08-22 3:29 ` Bharata B Rao
2019-08-22 3:41 ` Bharata B Rao
2019-08-22 3:29 ` Bharata B Rao
2019-08-20 6:22 ` Suraj Jitindar Singh
2019-08-20 6:22 ` Suraj Jitindar Singh
2019-08-20 6:22 ` Suraj Jitindar Singh
2019-08-20 6:44 ` Bharata B Rao
2019-08-20 6:56 ` Bharata B Rao
2019-08-20 6:44 ` Bharata B Rao
2019-08-09 8:41 ` Bharata B Rao [this message]
2019-08-09 8:53 ` [PATCH v6 2/7] kvmppc: Shared pages support for secure guests Bharata B Rao
2019-08-09 8:41 ` Bharata B Rao
2019-08-09 8:41 ` [PATCH v6 3/7] kvmppc: H_SVM_INIT_START and H_SVM_INIT_DONE hcalls Bharata B Rao
2019-08-09 8:53 ` Bharata B Rao
2019-08-09 8:41 ` Bharata B Rao
2019-08-09 8:41 ` [PATCH v6 4/7] kvmppc: Handle memory plug/unplug to secure VM Bharata B Rao
2019-08-09 8:53 ` Bharata B Rao
2019-08-09 8:41 ` Bharata B Rao
2019-08-09 8:41 ` [PATCH v6 5/7] kvmppc: Radix changes for secure guest Bharata B Rao
2019-08-09 8:53 ` Bharata B Rao
2019-08-09 8:41 ` Bharata B Rao
2019-08-09 8:41 ` [PATCH v6 6/7] kvmppc: Support reset of " Bharata B Rao
2019-08-09 8:53 ` Bharata B Rao
2019-08-09 8:41 ` Bharata B Rao
2019-08-09 8:41 ` [PATCH v6 7/7] KVM: PPC: Ultravisor: Add PPC_UV config option Bharata B Rao
2019-08-09 8:53 ` Bharata B Rao
2019-08-09 8:41 ` Bharata B Rao
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190809084108.30343-3-bharata@linux.ibm.com \
--to=bharata@linux.ibm.com \
--cc=aneesh.kumar@linux.vnet.ibm.com \
--cc=cclaudio@linux.ibm.com \
--cc=hch@lst.de \
--cc=jglisse@redhat.com \
--cc=kvm-ppc@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=linuxram@us.ibm.com \
--cc=paulus@au1.ibm.com \
--cc=sukadev@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.