Message ID | 20191024114059.102802-2-frankja@linux.ibm.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | KVM: s390: Add support for protected VMs | expand |
On 24.10.19 13:40, Janosch Frank wrote: > Introduction to Protected VMs. > > Signed-off-by: Janosch Frank <frankja@linux.ibm.com> > --- > Documentation/virtual/kvm/s390-pv.txt | 23 +++++++++++++++++++++++ > 1 file changed, 23 insertions(+) > create mode 100644 Documentation/virtual/kvm/s390-pv.txt > > diff --git a/Documentation/virtual/kvm/s390-pv.txt b/Documentation/virtual/kvm/s390-pv.txt > new file mode 100644 > index 000000000000..86ed95f36759 > --- /dev/null > +++ b/Documentation/virtual/kvm/s390-pv.txt > @@ -0,0 +1,23 @@ > +Ultravisor and Protected VMs > +=========================== > + > +Summary: > + > +Protected VMs (PVM) are KVM VMs, where KVM can't access the VM's state > +like guest memory and guest registers anymore. Instead the PVMs are > +mostly managed by a new entity called Ultravisor (UV), which provides > +an API, so KVM and the PVM can request management actions. > + > +Each guest starts in the non-protected mode and then transitions into > +protected mode. On transition KVM registers the guest and its VCPUs > +with the Ultravisor and prepares everything for running it. > + > +The Ultravisor will secure and decrypt the guest's boot memory > +(i.e. kernel/initrd). It will safeguard state changes like VCPU > +starts/stops and injected interrupts while the guest is running. > + > +As access to the guest's state, like the SIE state description is not a native speaker, but do we need a , /here\ ? > +normally needed to be able to run a VM, some changes have been made in > +SIE behavior and fields have different meaning for a PVM. SIE exits > +are minimized as much as possible to improve speed and reduce exposed > +guest state. > Acked-by: Christian Borntraeger <borntraeger@de.ibm.com> After review we could merge all documentation patches into one, if we want.
On Thu, 24 Oct 2019 07:40:23 -0400 Janosch Frank <frankja@linux.ibm.com> wrote: > Introduction to Protected VMs. > > Signed-off-by: Janosch Frank <frankja@linux.ibm.com> > --- > Documentation/virtual/kvm/s390-pv.txt | 23 +++++++++++++++++++++++ > 1 file changed, 23 insertions(+) > create mode 100644 Documentation/virtual/kvm/s390-pv.txt > > diff --git a/Documentation/virtual/kvm/s390-pv.txt b/Documentation/virtual/kvm/s390-pv.txt > new file mode 100644 > index 000000000000..86ed95f36759 > --- /dev/null > +++ b/Documentation/virtual/kvm/s390-pv.txt This should be under /virt/, I think. Also, maybe start out with RST already for new files? > @@ -0,0 +1,23 @@ > +Ultravisor and Protected VMs > +=========================== > + > +Summary: > + > +Protected VMs (PVM) are KVM VMs, where KVM can't access the VM's state > +like guest memory and guest registers anymore. Instead the PVMs are s/Instead/Instead,/ > +mostly managed by a new entity called Ultravisor (UV), which provides > +an API, so KVM and the PVM can request management actions. Hm... "The UV provides an API (both for guests and hypervisors), where PVMs and KVM can request management actions." ? > + > +Each guest starts in the non-protected mode and then transitions into "and then may make a request to transition into protected mode" ? > +protected mode. On transition KVM registers the guest and its VCPUs > +with the Ultravisor and prepares everything for running it. > + > +The Ultravisor will secure and decrypt the guest's boot memory > +(i.e. kernel/initrd). It will safeguard state changes like VCPU > +starts/stops and injected interrupts while the guest is running. > + > +As access to the guest's state, like the SIE state description is "such as the SIE state description," ? > +normally needed to be able to run a VM, some changes have been made in > +SIE behavior and fields have different meaning for a PVM. SIE exits > +are minimized as much as possible to improve speed and reduce exposed > +guest state.
On 11/4/19 3:18 PM, Cornelia Huck wrote: > On Thu, 24 Oct 2019 07:40:23 -0400 > Janosch Frank <frankja@linux.ibm.com> wrote: > >> Introduction to Protected VMs. >> >> Signed-off-by: Janosch Frank <frankja@linux.ibm.com> >> --- >> Documentation/virtual/kvm/s390-pv.txt | 23 +++++++++++++++++++++++ >> 1 file changed, 23 insertions(+) >> create mode 100644 Documentation/virtual/kvm/s390-pv.txt >> >> diff --git a/Documentation/virtual/kvm/s390-pv.txt b/Documentation/virtual/kvm/s390-pv.txt >> new file mode 100644 >> index 000000000000..86ed95f36759 >> --- /dev/null >> +++ b/Documentation/virtual/kvm/s390-pv.txt > > This should be under /virt/, I think. Also, maybe start out with RST > already for new files? > >> @@ -0,0 +1,23 @@ >> +Ultravisor and Protected VMs >> +=========================== >> + >> +Summary: >> + >> +Protected VMs (PVM) are KVM VMs, where KVM can't access the VM's state >> +like guest memory and guest registers anymore. Instead the PVMs are > > s/Instead/Instead,/ Fixed > >> +mostly managed by a new entity called Ultravisor (UV), which provides >> +an API, so KVM and the PVM can request management actions. > > Hm... > > "The UV provides an API (both for guests and hypervisors), where PVMs > and KVM can request management actions." ? I applied your proposal, but removed the part in the brace, as it is obvious from the words that follow. > >> + >> +Each guest starts in the non-protected mode and then transitions into > > "and then may make a request to transition into protected mode" ? Sure > >> +protected mode. On transition KVM registers the guest and its VCPUs >> +with the Ultravisor and prepares everything for running it. >> + >> +The Ultravisor will secure and decrypt the guest's boot memory >> +(i.e. kernel/initrd). It will safeguard state changes like VCPU >> +starts/stops and injected interrupts while the guest is running. >> + >> +As access to the guest's state, like the SIE state description is > > "such as the SIE state description," ? > >> +normally needed to be able to run a VM, some changes have been made in >> +SIE behavior and fields have different meaning for a PVM. SIE exits >> +are minimized as much as possible to improve speed and reduce exposed >> +guest state. >
diff --git a/Documentation/virtual/kvm/s390-pv.txt b/Documentation/virtual/kvm/s390-pv.txt new file mode 100644 index 000000000000..86ed95f36759 --- /dev/null +++ b/Documentation/virtual/kvm/s390-pv.txt @@ -0,0 +1,23 @@ +Ultravisor and Protected VMs +=========================== + +Summary: + +Protected VMs (PVM) are KVM VMs, where KVM can't access the VM's state +like guest memory and guest registers anymore. Instead the PVMs are +mostly managed by a new entity called Ultravisor (UV), which provides +an API, so KVM and the PVM can request management actions. + +Each guest starts in the non-protected mode and then transitions into +protected mode. On transition KVM registers the guest and its VCPUs +with the Ultravisor and prepares everything for running it. + +The Ultravisor will secure and decrypt the guest's boot memory +(i.e. kernel/initrd). It will safeguard state changes like VCPU +starts/stops and injected interrupts while the guest is running. + +As access to the guest's state, like the SIE state description is +normally needed to be able to run a VM, some changes have been made in +SIE behavior and fields have different meaning for a PVM. SIE exits +are minimized as much as possible to improve speed and reduce exposed +guest state.
Introduction to Protected VMs. Signed-off-by: Janosch Frank <frankja@linux.ibm.com> --- Documentation/virtual/kvm/s390-pv.txt | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 Documentation/virtual/kvm/s390-pv.txt