From: Bharata B Rao <bharata.rao@gmail.com>
To: Paul Mackerras <paulus@ozlabs.org>
Cc: linuxram@us.ibm.com, cclaudio@linux.ibm.com,
kvm-ppc@vger.kernel.org, Bharata B Rao <bharata@linux.ibm.com>,
linux-mm@kvack.org, jglisse@redhat.com,
Aneesh Kumar <aneesh.kumar@linux.vnet.ibm.com>,
paulus@au1.ibm.com, sukadev@linux.vnet.ibm.com,
linuxppc-dev <linuxppc-dev@lists.ozlabs.org>,
Christoph Hellwig <hch@lst.de>
Subject: Re: [PATCH v9 2/8] KVM: PPC: Move pages between normal and secure memory
Date: Tue, 22 Oct 2019 11:59:35 +0530 [thread overview]
Message-ID: <CAGZKiBqoxAvix3wrF2wuxTrikVCjY6PzD22pHsasew-F=P3KSg@mail.gmail.com> (raw)
In-Reply-To: <20191018030049.GA907@oak.ozlabs.ibm.com>
On Fri, Oct 18, 2019 at 8:31 AM Paul Mackerras <paulus@ozlabs.org> wrote:
>
> On Wed, Sep 25, 2019 at 10:36:43AM +0530, Bharata B Rao wrote:
> > Manage migration of pages betwen normal and secure memory of secure
> > guest by implementing H_SVM_PAGE_IN and H_SVM_PAGE_OUT hcalls.
> >
> > H_SVM_PAGE_IN: Move the content of a normal page to secure page
> > H_SVM_PAGE_OUT: Move the content of a secure page to normal page
> >
> > Private ZONE_DEVICE memory equal to the amount of secure memory
> > available in the platform for running secure guests is created.
> > Whenever a page belonging to the guest becomes secure, a page from
> > this private device memory is used to represent and track that secure
> > page on the HV side. The movement of pages between normal and secure
> > memory is done via migrate_vma_pages() using UV_PAGE_IN and
> > UV_PAGE_OUT ucalls.
>
> As we discussed privately, but mentioning it here so there is a
> record: I am concerned about this structure
>
> > +struct kvmppc_uvmem_page_pvt {
> > + unsigned long *rmap;
> > + struct kvm *kvm;
> > + unsigned long gpa;
> > +};
>
> which keeps a reference to the rmap. The reference could become stale
> if the memslot is deleted or moved, and nothing in the patch series
> ensures that the stale references are cleaned up.
I will add code to release the device PFNs when memslot goes away. In
fact the early versions of the patchset had this, but it subsequently
got removed.
>
> If it is possible to do without the long-term rmap reference, and
> instead find the rmap via the memslots (with the srcu lock held) each
> time we need the rmap, that would be safer, I think, provided that we
> can sort out the lock ordering issues.
All paths except fault handler access rmap[] under srcu lock. Even in
case of fault handler, for those faults induced by us (shared page
handling, releasing device pfns), we do hold srcu lock. The difficult
case is when we fault due to HV accessing a device page. In this case
we come to fault hanler with mmap_sem already held and are not in a
position to take kvm srcu lock as that would lead to lock order
reversal. Given that we have pages mapped in still, I assume memslot
can't go away while we access rmap[], so think we should be ok here.
However if that sounds fragile, may be I can go back to my initial
design where we weren't using rmap[] to store device PFNs. That will
increase the memory usage but we give us an easy option to have
per-guest mutex to protect concurrent page-ins/outs/faults.
Regards,
Bharata.
--
http://raobharata.wordpress.com/
next prev parent reply other threads:[~2019-10-22 6:32 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-09-25 5:06 [PATCH v9 0/8] KVM: PPC: Driver to manage pages of secure guest Bharata B Rao
2019-09-25 5:06 ` [PATCH v9 1/8] KVM: PPC: Book3S HV: Define usage types for rmap array in guest memslot Bharata B Rao
2019-09-25 5:06 ` [PATCH v9 2/8] KVM: PPC: Move pages between normal and secure memory Bharata B Rao
2019-09-25 12:12 ` Jason Gunthorpe
2019-10-18 3:00 ` Paul Mackerras
2019-10-22 6:29 ` Bharata B Rao [this message]
2019-10-23 4:17 ` Paul Mackerras
2019-10-23 5:41 ` Bharata B Rao
2019-09-25 5:06 ` [PATCH v9 3/8] KVM: PPC: Shared pages support for secure guests Bharata B Rao
2019-09-25 5:06 ` [PATCH v9 4/8] KVM: PPC: H_SVM_INIT_START and H_SVM_INIT_DONE hcalls Bharata B Rao
2019-09-25 5:06 ` [PATCH v9 5/8] KVM: PPC: Handle memory plug/unplug to secure VM Bharata B Rao
2019-09-25 5:06 ` [PATCH v9 6/8] KVM: PPC: Radix changes for secure guest Bharata B Rao
2019-09-25 5:06 ` [PATCH v9 7/8] KVM: PPC: Support reset of " Bharata B Rao
2019-09-25 5:06 ` [PATCH v9 8/8] KVM: PPC: Ultravisor: Add PPC_UV config option Bharata B Rao
2019-09-25 12:14 ` [PATCH v9 0/8] KVM: PPC: Driver to manage pages of secure guest Jason Gunthorpe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAGZKiBqoxAvix3wrF2wuxTrikVCjY6PzD22pHsasew-F=P3KSg@mail.gmail.com' \
--to=bharata.rao@gmail.com \
--cc=aneesh.kumar@linux.vnet.ibm.com \
--cc=bharata@linux.ibm.com \
--cc=cclaudio@linux.ibm.com \
--cc=hch@lst.de \
--cc=jglisse@redhat.com \
--cc=kvm-ppc@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=linuxram@us.ibm.com \
--cc=paulus@au1.ibm.com \
--cc=paulus@ozlabs.org \
--cc=sukadev@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).