diff mbox series

[v10,15/16] KVM: x86: Add kexec support for SEV Live Migration.

Message ID 11de0243f7991ebe2b6a2acd4992cd7dcc5afb61.1612398155.git.ashish.kalra@amd.com (mailing list archive)
State New, archived
Headers show
Series Add AMD SEV guest live migration support | expand

Commit Message

Kalra, Ashish Feb. 4, 2021, 12:40 a.m. UTC 
From: Ashish Kalra <ashish.kalra@amd.com>

Reset the host's shared pages list related to kernel
specific page encryption status settings before we load a
new kernel by kexec. We cannot reset the complete
shared pages list here as we need to retain the
UEFI/OVMF firmware specific settings.

The host's shared pages list is maintained for the
guest to keep track of all unencrypted guest memory regions,
therefore we need to explicitly mark all shared pages as
encrypted again before rebooting into the new guest kernel.

Signed-off-by: Ashish Kalra <ashish.kalra@amd.com>
---
 arch/x86/kernel/kvm.c | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

Comments

kernel test robot Feb. 4, 2021, 4:10 a.m. UTC | #1 
Hi Ashish,

Thank you for the patch! Perhaps something to improve:

[auto build test WARNING on v5.11-rc6]
[also build test WARNING on next-20210125]
[cannot apply to kvm/linux-next tip/x86/mm tip/x86/core]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]

url:    https://github.com/0day-ci/linux/commits/Ashish-Kalra/KVM-SVM-Add-KVM_SEV-SEND_START-command/20210204-093647
base:    1048ba83fb1c00cd24172e23e8263972f6b5d9ac
config: i386-randconfig-r034-20210202 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-15) 9.3.0
reproduce (this is a W=1 build):
        # https://github.com/0day-ci/linux/commit/51c7205a5d0abf98f52da67fcf7a223c521f9693
        git remote add linux-review https://github.com/0day-ci/linux
        git fetch --no-tags linux-review Ashish-Kalra/KVM-SVM-Add-KVM_SEV-SEND_START-command/20210204-093647
        git checkout 51c7205a5d0abf98f52da67fcf7a223c521f9693
        # save the attached .config to linux build tree
        make W=1 ARCH=i386 

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>

All warnings (new ones prefixed by >>):

   arch/x86/kernel/kvm.c: In function 'kvm_pv_guest_cpu_reboot':
>> arch/x86/kernel/kvm.c:402:18: warning: variable 'end_pfn' set but not used [-Wunused-but-set-variable]
     402 |    unsigned long end_pfn;
         |                  ^~~~~~~
>> arch/x86/kernel/kvm.c:401:18: warning: variable 'start_pfn' set but not used [-Wunused-but-set-variable]
     401 |    unsigned long start_pfn;
         |                  ^~~~~~~~~


vim +/end_pfn +402 arch/x86/kernel/kvm.c

   378	
   379	static void kvm_pv_guest_cpu_reboot(void *unused)
   380	{
   381		/*
   382		 * We disable PV EOI before we load a new kernel by kexec,
   383		 * since MSR_KVM_PV_EOI_EN stores a pointer into old kernel's memory.
   384		 * New kernel can re-enable when it boots.
   385		 */
   386		if (kvm_para_has_feature(KVM_FEATURE_PV_EOI))
   387			wrmsrl(MSR_KVM_PV_EOI_EN, 0);
   388		/*
   389		 * Reset the host's shared pages list related to kernel
   390		 * specific page encryption status settings before we load a
   391		 * new kernel by kexec. NOTE: We cannot reset the complete
   392		 * shared pages list here as we need to retain the
   393		 * UEFI/OVMF firmware specific settings.
   394		 */
   395		if (sev_live_migration_enabled & (smp_processor_id() == 0)) {
   396			int i;
   397			unsigned long nr_pages;
   398	
   399			for (i = 0; i < e820_table->nr_entries; i++) {
   400				struct e820_entry *entry = &e820_table->entries[i];
 > 401				unsigned long start_pfn;
 > 402				unsigned long end_pfn;
   403	
   404				if (entry->type != E820_TYPE_RAM)
   405					continue;
   406	
   407				start_pfn = entry->addr >> PAGE_SHIFT;
   408				end_pfn = (entry->addr + entry->size) >> PAGE_SHIFT;
   409				nr_pages = DIV_ROUND_UP(entry->size, PAGE_SIZE);
   410	
   411				kvm_sev_hypercall3(KVM_HC_PAGE_ENC_STATUS,
   412						   entry->addr, nr_pages, 1);
   413			}
   414		}
   415		kvm_pv_disable_apf();
   416		kvm_disable_steal_time();
   417	}
   418	

---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
diff mbox series

Patch

diff --git a/arch/x86/kernel/kvm.c b/arch/x86/kernel/kvm.c
index c4b8029c1442..d61156db7797 100644
--- a/arch/x86/kernel/kvm.c
+++ b/arch/x86/kernel/kvm.c
@@ -39,6 +39,7 @@ 
 #include <asm/cpuidle_haltpoll.h>
 #include <asm/ptrace.h>
 #include <asm/svm.h>
+#include <asm/e820/api.h>
 
 DEFINE_STATIC_KEY_FALSE(kvm_async_pf_enabled);
 
@@ -384,6 +385,33 @@  static void kvm_pv_guest_cpu_reboot(void *unused)
 	 */
 	if (kvm_para_has_feature(KVM_FEATURE_PV_EOI))
 		wrmsrl(MSR_KVM_PV_EOI_EN, 0);
+	/*
+	 * Reset the host's shared pages list related to kernel
+	 * specific page encryption status settings before we load a
+	 * new kernel by kexec. NOTE: We cannot reset the complete
+	 * shared pages list here as we need to retain the
+	 * UEFI/OVMF firmware specific settings.
+	 */
+	if (sev_live_migration_enabled & (smp_processor_id() == 0)) {
+		int i;
+		unsigned long nr_pages;
+
+		for (i = 0; i < e820_table->nr_entries; i++) {
+			struct e820_entry *entry = &e820_table->entries[i];
+			unsigned long start_pfn;
+			unsigned long end_pfn;
+
+			if (entry->type != E820_TYPE_RAM)
+				continue;
+
+			start_pfn = entry->addr >> PAGE_SHIFT;
+			end_pfn = (entry->addr + entry->size) >> PAGE_SHIFT;
+			nr_pages = DIV_ROUND_UP(entry->size, PAGE_SIZE);
+
+			kvm_sev_hypercall3(KVM_HC_PAGE_ENC_STATUS,
+					   entry->addr, nr_pages, 1);
+		}
+	}
 	kvm_pv_disable_apf();
 	kvm_disable_steal_time();
 }