| Message ID | 20200204130418.226980-1-borntraeger@de.ibm.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | None | expand |
On 04.02.20 14:04, Christian Borntraeger wrote: > From: Janosch Frank <frankja@linux.ibm.com> > > KSM will not work on secure pages, because when the kernel reads a > secure page, it will be encrypted and hence no two pages will look the > same. > > Let's mark the guest pages as unmergeable when we transition to secure > mode. > > Signed-off-by: Janosch Frank <frankja@linux.ibm.com> > Reviewed-by: Thomas Huth <thuth@redhat.com> > --- > arch/s390/include/asm/gmap.h | 1 + > arch/s390/kvm/kvm-s390.c | 6 ++++++ > arch/s390/mm/gmap.c | 30 ++++++++++++++++++++---------- > 3 files changed, 27 insertions(+), 10 deletions(-) > > diff --git a/arch/s390/include/asm/gmap.h b/arch/s390/include/asm/gmap.h > index e2d2f48c5c7c..e1f2cc0b2b00 100644 > --- a/arch/s390/include/asm/gmap.h > +++ b/arch/s390/include/asm/gmap.h > @@ -146,4 +146,5 @@ int gmap_mprotect_notify(struct gmap *, unsigned long start, > > void gmap_sync_dirty_log_pmd(struct gmap *gmap, unsigned long dirty_bitmap[4], > unsigned long gaddr, unsigned long vmaddr); > +int gmap_mark_unmergeable(void); > #endif /* _ASM_S390_GMAP_H */ > diff --git a/arch/s390/kvm/kvm-s390.c b/arch/s390/kvm/kvm-s390.c > index 35f46404830f..741d81f57c3c 100644 > --- a/arch/s390/kvm/kvm-s390.c > +++ b/arch/s390/kvm/kvm-s390.c > @@ -2181,6 +2181,12 @@ static int kvm_s390_handle_pv(struct kvm *kvm, struct kvm_pv_cmd *cmd) > if (r) > break; > > + down_write(¤t->mm->mmap_sem); > + r = gmap_mark_unmergeable(); > + up_write(¤t->mm->mmap_sem); > + if (r) > + break; > + > mutex_lock(&kvm->lock); > kvm_s390_vcpu_block_all(kvm); > /* FMT 4 SIE needs esca */ > diff --git a/arch/s390/mm/gmap.c b/arch/s390/mm/gmap.c > index edcdca97e85e..7291452fe5f0 100644 > --- a/arch/s390/mm/gmap.c > +++ b/arch/s390/mm/gmap.c > @@ -2548,6 +2548,22 @@ int s390_enable_sie(void) > } > EXPORT_SYMBOL_GPL(s390_enable_sie); > > +int gmap_mark_unmergeable(void) > +{ > + struct mm_struct *mm = current->mm; > + struct vm_area_struct *vma; > + > + for (vma = mm->mmap; vma; vma = vma->vm_next) { > + if (ksm_madvise(vma, vma->vm_start, vma->vm_end, > + MADV_UNMERGEABLE, &vma->vm_flags)) { > + return -ENOMEM; > + } > + } > + mm->def_flags &= ~VM_MERGEABLE; > + return 0; > +} > +EXPORT_SYMBOL_GPL(gmap_mark_unmergeable); > + > /* > * Enable storage key handling from now on and initialize the storage > * keys with the default key. > @@ -2593,7 +2609,6 @@ static const struct mm_walk_ops enable_skey_walk_ops = { > int s390_enable_skey(void) > { > struct mm_struct *mm = current->mm; > - struct vm_area_struct *vma; > int rc = 0; > > down_write(&mm->mmap_sem); > @@ -2601,16 +2616,11 @@ int s390_enable_skey(void) > goto out_up; > > mm->context.uses_skeys = 1; > - for (vma = mm->mmap; vma; vma = vma->vm_next) { > - if (ksm_madvise(vma, vma->vm_start, vma->vm_end, > - MADV_UNMERGEABLE, &vma->vm_flags)) { > - mm->context.uses_skeys = 0; > - rc = -ENOMEM; > - goto out_up; > - } > + rc = gmap_mark_unmergeable(); > + if (rc) { > + mm->context.uses_skeys = 0; > + goto out_up; > } > - mm->def_flags &= ~VM_MERGEABLE; > - > walk_page_range(mm, 0, TASK_SIZE, &enable_skey_walk_ops, NULL); > > out_up: > Reviewed-by: David Hildenbrand <david@redhat.com>
diff --git a/arch/s390/include/asm/gmap.h b/arch/s390/include/asm/gmap.h index e2d2f48c5c7c..e1f2cc0b2b00 100644 --- a/arch/s390/include/asm/gmap.h +++ b/arch/s390/include/asm/gmap.h @@ -146,4 +146,5 @@ int gmap_mprotect_notify(struct gmap *, unsigned long start, void gmap_sync_dirty_log_pmd(struct gmap *gmap, unsigned long dirty_bitmap[4], unsigned long gaddr, unsigned long vmaddr); +int gmap_mark_unmergeable(void); #endif /* _ASM_S390_GMAP_H */ diff --git a/arch/s390/kvm/kvm-s390.c b/arch/s390/kvm/kvm-s390.c index 35f46404830f..741d81f57c3c 100644 --- a/arch/s390/kvm/kvm-s390.c +++ b/arch/s390/kvm/kvm-s390.c @@ -2181,6 +2181,12 @@ static int kvm_s390_handle_pv(struct kvm *kvm, struct kvm_pv_cmd *cmd) if (r) break; + down_write(¤t->mm->mmap_sem); + r = gmap_mark_unmergeable(); + up_write(¤t->mm->mmap_sem); + if (r) + break; + mutex_lock(&kvm->lock); kvm_s390_vcpu_block_all(kvm); /* FMT 4 SIE needs esca */ diff --git a/arch/s390/mm/gmap.c b/arch/s390/mm/gmap.c index edcdca97e85e..7291452fe5f0 100644 --- a/arch/s390/mm/gmap.c +++ b/arch/s390/mm/gmap.c @@ -2548,6 +2548,22 @@ int s390_enable_sie(void) } EXPORT_SYMBOL_GPL(s390_enable_sie); +int gmap_mark_unmergeable(void) +{ + struct mm_struct *mm = current->mm; + struct vm_area_struct *vma; + + for (vma = mm->mmap; vma; vma = vma->vm_next) { + if (ksm_madvise(vma, vma->vm_start, vma->vm_end, + MADV_UNMERGEABLE, &vma->vm_flags)) { + return -ENOMEM; + } + } + mm->def_flags &= ~VM_MERGEABLE; + return 0; +} +EXPORT_SYMBOL_GPL(gmap_mark_unmergeable); + /* * Enable storage key handling from now on and initialize the storage * keys with the default key. @@ -2593,7 +2609,6 @@ static const struct mm_walk_ops enable_skey_walk_ops = { int s390_enable_skey(void) { struct mm_struct *mm = current->mm; - struct vm_area_struct *vma; int rc = 0; down_write(&mm->mmap_sem); @@ -2601,16 +2616,11 @@ int s390_enable_skey(void) goto out_up; mm->context.uses_skeys = 1; - for (vma = mm->mmap; vma; vma = vma->vm_next) { - if (ksm_madvise(vma, vma->vm_start, vma->vm_end, - MADV_UNMERGEABLE, &vma->vm_flags)) { - mm->context.uses_skeys = 0; - rc = -ENOMEM; - goto out_up; - } + rc = gmap_mark_unmergeable(); + if (rc) { + mm->context.uses_skeys = 0; + goto out_up; } - mm->def_flags &= ~VM_MERGEABLE; - walk_page_range(mm, 0, TASK_SIZE, &enable_skey_walk_ops, NULL); out_up: