From patchwork Wed Oct 4 13:13:49 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 9984693 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id B865860365 for ; Wed, 4 Oct 2017 13:24:24 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A98722654B for ; Wed, 4 Oct 2017 13:24:24 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 9E2D226E16; Wed, 4 Oct 2017 13:24:24 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 0C0E32654B for ; Wed, 4 Oct 2017 13:24:24 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752610AbdJDNXh (ORCPT ); Wed, 4 Oct 2017 09:23:37 -0400 Received: from mail-cys01nam02on0084.outbound.protection.outlook.com ([104.47.37.84]:31550 "EHLO NAM02-CY1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1752210AbdJDNO4 (ORCPT ); Wed, 4 Oct 2017 09:14:56 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=wRyIYPN5vJatnyl3Kvys17fpDKWydQzjEU8PZvOQtw4=; b=QfK2Zg7lvWf1EGVy4n4n+r8cRpvNN1S3n0uCK45WJhrds+DaOF9YCx3cW8Xwe3ScX9PGsGv8Vh7BO3gkFZihhavVxsiYmBsjNrwDiSTjzg2ynd7lZpDuWSdF/0NJq2hVOsYu/oGJnvIv+TOfKijH7v3ccJJ8rKyOSkVHgyHmZ+w= Received: from ubuntu-010236106000.amd.com (165.204.78.1) by SN1PR12MB0160.namprd12.prod.outlook.com (10.162.3.147) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.77.7; Wed, 4 Oct 2017 13:14:52 +0000 From: Brijesh Singh To: x86@kernel.org, kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: Brijesh Singh , Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Joerg Roedel , Borislav Petkov , Tom Lendacky Subject: [Part2 PATCH v5 08/31] KVM: Introduce KVM_MEMORY_ENCRYPT_REGISTER_REGION ioctl Date: Wed, 4 Oct 2017 08:13:49 -0500 Message-Id: <20171004131412.13038-9-brijesh.singh@amd.com> X-Mailer: git-send-email 2.9.5 In-Reply-To: <20171004131412.13038-1-brijesh.singh@amd.com> References: <20171004131412.13038-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: MWHPR2201CA0056.namprd22.prod.outlook.com (10.172.59.30) To SN1PR12MB0160.namprd12.prod.outlook.com (10.162.3.147) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 0c139c84-3dcd-4d9d-0958-08d50b29e6ce X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254152)(48565401081)(2017052603199)(201703131423075)(201703031133081)(201702281549075); SRVR:SN1PR12MB0160; X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0160; 3:vLdU7gnM5bMjCPlNREs7wgDleGcFUJGKkn+oRwnrfF95cx7mJfbtFrUQeDjNNljcyq504xT+2/N6HvG0+536pD+Kiuy+lVkFvWXW8uini92VyBRJcVy+0qbjTOZP8HAFJlJsyyfqB0uHurWchH8B6BC6EXvZL8tKk4OQTBsWsBS7DYWEKmqQMUBrX8BDPka2uTreP0b9C34QASPR7nvmQszB6DVRg3GHfrApgJZtcRxx5RlYT7/g2F6AJ3+AoNq+; 25:eoe9WEfwdq3uvXjzH0WSAjkRY8uFGHNtkBbIp2qEU2PePJh3iqczc+bVDJVwIoAbTB7Cy2jiENDpah2q009ta974B8WM0aS73uc7x8nGO2nixFfUwE9q4XPNuWUo1IeyzoNaREwGeMBrJQAohvNRLYMZyyYRMsDYiok56aaTxjHifayH6K09LNKKpsMbpyO+iPW24EkRLnwoGGoAFoJGt8R92YuWbq8XjB228U1y8tASR8xRDtA87HL1cvMnIwerdBppGZa9FtPaKft4ouQaLr7J8vb+JlNGKmM/5OXD4L+zbMfiEmovGx2LF2lcrdZGiLroof0twcewmo9Ck8jklQ==; 31:iQ32F11nnzOgNzQVDzoN7QYtfnsRSqjYxWHQ2aj2VYcs1Qr8sBFdRYJng+bKhuNniXeCOS/bo2bmBUWtt24RiU1kcMIMYd1cgrWwlnf9wLSa6YLHAp2rJLe4rPZMq5XnyfvHXfsEmJjoyG83imkcHwxPdxx/K4x+4Vjk2oHlxLoMumtazMaJIPvduerBfBMWpQvqoo8okkKhjhz2DuEL6/60zsmL6uHgwFX/6dvZr04= X-MS-TrafficTypeDiagnostic: SN1PR12MB0160: X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0160; 20:RkbjXlxHloc8jRFxkjaRLbskhPiIJ+Rmy91gztuFaOjub1bi6ayonqSs2OAuJsWNgQJhPox36LK538n75C2Qv1bXDAVYlC/OT6LOeZP2KPd0cJ3mmQXjwYeXSvwRhEUwmDmm1qWcU2wZGwqTgrYUpodfPIeZleHUyUf/mAb+P/Ta3cilGLuQHsrhVpsc7y4BUeQhncRSeqfuxs/CZ/M8N396zhg6/UfTK5BCUV98PzHI/3Rx/RK6gOk8RrxTldtLeVYdONLQR3LFT9gMM1dkdAGh7Zyi6afEOwWX8LU/1gFdJFy69Qq/FRgJP5Qn/3ChkdJPG/UtSErZ1qJ3vEuf6s/9VPugFOZtr9Pdk8Hf35nCPtRpEJjR7JOboWQ0SmfuS1UCX7Fc4twbW+XHq9PK4PKv59nirnyvgiCex0Fmw+Pi8RZtcRU9vPaCGD52FM9ztHrzgDjEMjmhVx/6rov6Yz+544Im8iYqEYUM8c5EYHIpxx0vj7jY5dw/ojlBvFcb; 4:A0Zr1wRb0zxLu3zKZ+HE2fGOz3qcxUetsWTCGJ7zqTmB3OL8WiFBXrG7y2YEEZK+ew5/KdBKb4+3oLqO39i4dqsHzwZ8nhJq55RUa6FHLaUr726oBXC3T/1F1A2jwtp59Jb/zL47elIv2MXkYrjsR/iK5afuzFmR4zDoD4asG+0xZriGoAMAeMhqKmm+4CeMouY9rMD93YYpGfGeE/uTpogGhn7XpUGvGEq3DWcuY/6fxGgsnvOX8Yrwr3VtQr8i2LSKvV9hPq/GmqYEbuRWGP3qI7PhVeIyYRrlBhcLRPSI809ATjEztaRIwK00619xZEohtKRnGCcLVAs84XGwRw== X-Exchange-Antispam-Report-Test: UriScan:(9452136761055)(767451399110); X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(100000703101)(100105400095)(3002001)(93006095)(93001095)(10201501046)(6055026)(6041248)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123564025)(20161123562025)(20161123555025)(20161123560025)(20161123558100)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:SN1PR12MB0160; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:SN1PR12MB0160; X-Forefront-PRVS: 0450A714CB X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(6009001)(39860400002)(346002)(376002)(199003)(189002)(97736004)(86362001)(23676002)(76176999)(53936002)(50986999)(1076002)(6116002)(3846002)(478600001)(36756003)(47776003)(101416001)(33646002)(6486002)(66066001)(189998001)(68736007)(105586002)(53416004)(50466002)(4326008)(54906003)(8936002)(305945005)(6666003)(2870700001)(81166006)(5660300001)(81156014)(25786009)(2906002)(8676002)(7736002)(2950100002)(7416002)(50226002)(106356001)(316002)(16526018); DIR:OUT; SFP:1101; SCL:1; SRVR:SN1PR12MB0160; H:ubuntu-010236106000.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtTTjFQUjEyTUIwMTYwOzIzOnIxOFRPbEkrS2NadStETWFxVWJVaERBUHAw?= =?utf-8?B?cDIyOUdGS0I1bExxbDdhQU5Ddjlka3loK3ArYyswT2pVaUVlVVpwR3kvYnIz?= =?utf-8?B?dnp1N3BWUE1VdGk3VDYvWHRzNW1maU1oMVMvVlZaSm94d3lYejlWak9nd0tR?= =?utf-8?B?QXRNVC94ckt0YmVnU2d3UzdZZmVhbktWK1htUkZKNmdRODRiRzN5My8rQ0E2?= =?utf-8?B?b0tybjFlbVpVMFo0WVk4bFBBL2RTeCtLTG52cmVOOGo1aWkrbURvQjFDUTN1?= =?utf-8?B?MXJNR3RpdFpqZk9OZ1M5aVRLak94UzdSQzRoQ2F4cXkrcVpoZzZqNjdVeE14?= =?utf-8?B?NmI0dGo2WjlYRi9pdE1jN3BqMlZ1cDhRSmNBWkxLMUtweXFoZXRXQURVSkUv?= =?utf-8?B?UC9QTnhvSkdZU2YzSDNnVHZNSDB6Y0pZUW4wZHc5Si9TdkdHL3hPSGpSejc2?= =?utf-8?B?Nmp0aHVCYzhpVE1GMmk3NFdTVmhmTWplejBxcDJhT09qYURYWTNDWEc1anRQ?= =?utf-8?B?Uzd2eXVrdjdPeTAzbDg4V29mMzlVeFh2NkQxNnFFakJHWnloc3psbFRpd09a?= =?utf-8?B?WjE4bGJZSkc1ZUthZHVocTNVeURYaDU3TXlJbWJ2OW1jR2RxZkFBQU1MM05r?= =?utf-8?B?Zkh2dFgvSnNjeTJGQUZERVRSZ1NrUnhIWGxoRkVOazJGTVV2SERsd2tESTY4?= =?utf-8?B?ZHBXb3EwSXR2OUdWWjdlcStOMi9KQy80bFNHTERJMVJDL0dhUVJ0b3JFeW5K?= =?utf-8?B?N1BabHU5aDNJeVM0enh1MDloSG1TTTBGSEpON0h6bHl5OGI5Z2NJMXpBRjA5?= =?utf-8?B?WS9lZ0lnMktCMnNOb1loekdXTlM5OFpSaXdmNEVQcitLYzcxRlZnSk9oTjJj?= =?utf-8?B?Wjd6N2laRElwNkx1VldwaUtBeHlmQldxaThHYXlvU25tWmhnMFNXTDZjeWhz?= =?utf-8?B?N0pJTklxMTBjbVdMWElUMmtjTno5MlVQRFNlSUwveklVeTlCcjBBakppSFNr?= =?utf-8?B?Vk9TNTNjb3ZIZXZHbVJxdlZyYStHUXJyK3RXbjc3bkxBMXJEMXFPTnVldldr?= =?utf-8?B?Tlgva3pOdVY0bkdPM1poWG5PaGtqZ29MWFlDV3ZRT1VsQ1dwL0lWaW05OFc5?= =?utf-8?B?S01KOHorMmQ3N2xQNmhCZzBHazBEcUNic25IK3VWYmpicDkySlphZExJZlFT?= =?utf-8?B?bzhrMTI2ZC9tRXgwWlhyMGREUFcxbVdvZUdmdVQva0h0VzN4NWNva2RUcjl6?= =?utf-8?B?VmRqMXIwZFZWb2tKK21HU3FEVWlKWU9PUllCWlBJOFpKb3F5ZE9QODM1MXp4?= =?utf-8?B?MzhYSTFIc0JYNjY1cGlhS29Nc2d0QmJLdnNTYkE3MEUxb2tnV0dKWm9TZkRp?= =?utf-8?B?bEhFOUVlTHFRUGF4Z294NVljWkNxM2lpNm1adGM2L3ZKdWFmTWt6NjNNTjdI?= =?utf-8?Q?i44SGV6FUySCnXTUC4pFKf5J5+l?= X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0160; 6:HjZRZUC3bj8lCqcYtVtA/AZD+vizKBV3hQVF9oUFQoPxUJ+brEfH0Vi8k6fYr6capxukE36BU6ffYS1IVyCDdiMuNCnju/F5Wl7m82YiV6abNh8JamzDbacbcHnP0eBwRaDswhrARQnbw22/xinxNlqbXQsWayQGtORPNSvmHLqv4aZO2Zki0ZvSFV2Jwo8SmoWums5sDN2jouWoOdS/AsTBWbPhIwzIV9p4CnfgFpmZFTjBV4YkIm2KUt266i8Ors4ypJJpqowGnwSUdIwcaqhT550JyIoyHosm8TyiVP2EP69mumNTW1WScoSjjmq1afWzI9CNF4bUgSXTSANZRw==; 5:UD2+VW9Qf9yBTcmUyHQBHw76y29m/18OLw+SUb8jdrek8rGr0Ie0PvqQ4NqiBIxbaW3m9kYhXtvLVxt27V6KTSY4eGgb2T+Ab+PGZGRwNy0SWpVxIgfrPrUEZaGH5qFp9omNurtf1U7u8YAQb9MQew==; 24:tKPU8+r7pYeIB9byLtYfQdBY949aiuOjFCC2/wzsJz/vcyk/BDgb8fmI/9dQViMaGWUqPNlUR1fpOMiqG3yM3HCFCi2kfVoUtSqSnxny0HI=; 7:ZCjKWNqCTKD6hqAfIS2PUP7Cu2r4YuEU1QYrAyntECsbi2eojVEY0FkdWrnaodEhuigcLI3ENVNu5ACA283b7hZDUpZNXmPbwAk1yTZ7PjNwM62HrXELK6363feMh7kOguripJ25z1KfUqdCR589oXkFlTvTI6fqxy02MhOPk//GPEACIzoCnBaYom+kdQHF5cxkzZkkzIUTjJrArgiVQSs/BrrqV/Mer8NBGkNb4HU= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0160; 20:soQQsoBhnU5lF4afgRWzhsnh8OqOu1WjbEQqNQ44GMuM6RthvbC+9CNVv15p6jk/IzHpyUfcSCPtFWdXbD8VmIgBiFogyUAQYZTURsGfMh8uy5web65vVkriGlVe7hB89itUuf64G15BWeZuLWbA9Ha3K9UYdm+CSCKPUqmQGc0Lf+U3NXjIN3fRqhH3u06KdbxKfwGkeuFkLea61+uMcpWzwU6nTePsUJd/eBaaq94w7Zs/1oDAMHL9G3NGNLhg X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Oct 2017 13:14:52.0838 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB0160 Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP If hardware supports memory encryption then KVM_MEMORY_ENCRYPT_REGISTER_REGION and KVM_MEMORY_ENCRYPT_UNREGISTER_REGION ioctl's can be used by userspace to register/unregister the guest memory regions which may contain the encrypted data (e.g guest RAM, PCI BAR, SMRAM etc). Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel Cc: Borislav Petkov Cc: Tom Lendacky Cc: x86@kernel.org Cc: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: Brijesh Singh --- Documentation/virtual/kvm/api.txt | 34 ++++++++++++++++++++++++++++++++++ arch/x86/include/asm/kvm_host.h | 2 ++ arch/x86/kvm/x86.c | 36 ++++++++++++++++++++++++++++++++++++ include/uapi/linux/kvm.h | 10 ++++++++++ 4 files changed, 82 insertions(+) diff --git a/Documentation/virtual/kvm/api.txt b/Documentation/virtual/kvm/api.txt index cc1aa76ee6cd..b007998c1403 100644 --- a/Documentation/virtual/kvm/api.txt +++ b/Documentation/virtual/kvm/api.txt @@ -3406,6 +3406,40 @@ Currently, this ioctl is used for issuing Secure Encrypted Virtualization (SEV) commands on AMD Processors. The SEV commands are defined in Documentation/virtual/kvm/amd-memory-encryption.txt. +4.110 KVM_MEMORY_ENCRYPT_REGISTER_REGION + +Capability: basic +Architectures: x86 +Type: system +Parameters: struct kvm_enc_region (in) +Returns: 0 on success; -1 on error + +This ioctl can be used to register the guest memory region which may contain +the encrypted data (e.g guest RAM, SMRAM etc). + +The ioctl is used in the SEV-enabled guest. When encryption is enabled, the +guest memory region may contain the encrypted data. The SEV memory encryption +engine uses a tweak such that two identical plaintext pages at different +location will have different ciphertext. So swapping or moving ciphertext of +two pages will not result in plaintext being swapped. So relocating +(or migrating) physical backing pages for the SEV guest will require some +additional steps. + +Note: current SEV key management spec does not provide commands to swap or +migrate (move) ciphertext pages. Hence, for now we pin the guest memory region +registered with the ioctl. + +4.111 KVM_MEMORY_ENCRYPT_UNREGISTER_REGION + +Capability: basic +Architectures: x86 +Type: system +Parameters: struct kvm_enc_region (in) +Returns: 0 on success; -1 on error + +This ioctl can be used to unregister the guest memory region registered with +KVM_MEMORY_ENCRYPT_REGISTER_REGION ioctl. + 5. The kvm_run structure ------------------------ diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index 48001ca48c14..20fba8bfa727 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1063,6 +1063,8 @@ struct kvm_x86_ops { void (*setup_mce)(struct kvm_vcpu *vcpu); int (*mem_enc_op)(struct kvm *kvm, void __user *argp); + int (*mem_enc_register_region)(struct kvm *kvm, struct kvm_enc_region *argp); + int (*mem_enc_unregister_region)(struct kvm *kvm, struct kvm_enc_region *argp); }; struct kvm_arch_async_pf { diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index a68e8ca78dd8..95a95f24bcd7 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -4018,6 +4018,24 @@ static int kvm_vm_ioctl_mem_enc_op(struct kvm *kvm, void __user *argp) return -ENOTTY; } +static int kvm_vm_ioctl_mem_enc_register_region(struct kvm *kvm, + struct kvm_enc_region *region) +{ + if (kvm_x86_ops->mem_enc_register_region) + return kvm_x86_ops->mem_enc_register_region(kvm, region); + + return -ENOTTY; +} + +static int kvm_vm_ioctl_mem_enc_unregister_region(struct kvm *kvm, + struct kvm_enc_region *region) +{ + if (kvm_x86_ops->mem_enc_unregister_region) + return kvm_x86_ops->mem_enc_unregister_region(kvm, region); + + return -ENOTTY; +} + long kvm_arch_vm_ioctl(struct file *filp, unsigned int ioctl, unsigned long arg) { @@ -4282,6 +4300,24 @@ long kvm_arch_vm_ioctl(struct file *filp, r = kvm_vm_ioctl_mem_enc_op(kvm, argp); break; } + case KVM_MEMORY_ENCRYPT_REGISTER_REGION: { + struct kvm_enc_region region; + + r = -EFAULT; + if (copy_from_user(®ion, argp, sizeof(region))) + goto out; + r = kvm_vm_ioctl_mem_enc_register_region(kvm, ®ion); + break; + } + case KVM_MEMORY_ENCRYPT_UNREGISTER_REGION: { + struct kvm_enc_region region; + + r = -EFAULT; + if (copy_from_user(®ion, argp, sizeof(region))) + goto out; + r = kvm_vm_ioctl_mem_enc_unregister_region(kvm, ®ion); + break; + } default: r = -ENOTTY; } diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 4a39d99c5f99..d595d3970390 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -1359,6 +1359,16 @@ struct kvm_s390_ucas_mapping { /* Memory Encryption Commands */ #define KVM_MEMORY_ENCRYPT_OP _IOWR(KVMIO, 0xba, unsigned long) +struct kvm_enc_region { + __u64 addr; + __u64 size; +}; + +#define KVM_MEMORY_ENCRYPT_REGISTER_REGION _IOR(KVMIO, 0xbb,\ + struct kvm_enc_region) +#define KVM_MEMORY_ENCRYPT_UNREGISTER_REGION _IOR(KVMIO, 0xbc,\ + struct kvm_enc_region) + #define KVM_DEV_ASSIGN_ENABLE_IOMMU (1 << 0) #define KVM_DEV_ASSIGN_PCI_2_3 (1 << 1) #define KVM_DEV_ASSIGN_MASK_INTX (1 << 2)