[v2,22/42] KVM: s390/mm: handle guest unpin events

Message ID	20200214222658.12946-23-borntraeger@de.ibm.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <SRS0=AN0r=4C=vger.kernel.org=kvm-owner@kernel.org> From: Christian Borntraeger <borntraeger@de.ibm.com> To: Christian Borntraeger <borntraeger@de.ibm.com>, Janosch Frank <frankja@linux.vnet.ibm.com> Cc: KVM <kvm@vger.kernel.org>, Cornelia Huck <cohuck@redhat.com>, David Hildenbrand <david@redhat.com>, Thomas Huth <thuth@redhat.com>, Ulrich Weigand <Ulrich.Weigand@de.ibm.com>, Claudio Imbrenda <imbrenda@linux.ibm.com>, linux-s390 <linux-s390@vger.kernel.org>, Michael Mueller <mimu@linux.ibm.com>, Vasily Gorbik <gor@linux.ibm.com> Subject: [PATCH v2 22/42] KVM: s390/mm: handle guest unpin events Date: Fri, 14 Feb 2020 17:26:38 -0500 Message-Id: <20200214222658.12946-23-borntraeger@de.ibm.com> In-Reply-To: <20200214222658.12946-1-borntraeger@de.ibm.com> References: <20200214222658.12946-1-borntraeger@de.ibm.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: kvm-owner@vger.kernel.org Precedence: bulk
Series	KVM: s390: Add support for protected VMs \| expand [v2,00/42] KVM: s390: Add support for protected VMs [v2,01/42] mm:gup/writeback: add callbacks for inaccessible pages [v2,02/42] KVM: s390/interrupt: do not pin adapter interrupt pages [v2,03/42] s390/protvirt: introduce host side setup [v2,04/42] s390/protvirt: add ultravisor initialization [v2,05/42] s390/mm: provide memory management functions for protected KVM guests [v2,06/42] s390/mm: add (non)secure page access exceptions handlers [v2,07/42] KVM: s390: protvirt: Add UV debug trace [v2,08/42] KVM: s390: add new variants of UV CALL [v2,09/42] KVM: s390: protvirt: Add initial vm and cpu lifecycle handling [v2,10/42] KVM: s390: protvirt: Add KVM api documentation [v2,11/42] KVM: s390: protvirt: Secure memory is not mergeable [v2,12/42] KVM: s390/mm: Make pages accessible before destroying the guest [v2,13/42] KVM: s390: protvirt: Handle SE notification interceptions [v2,14/42] KVM: s390: protvirt: Instruction emulation [v2,15/42] KVM: s390: protvirt: Add interruption injection controls [v2,16/42] KVM: s390: protvirt: Implement interruption injection [v2,17/42] KVM: s390: protvirt: Add SCLP interrupt handling [v2,18/42] KVM: s390: protvirt: Handle spec exception loops [v2,19/42] KVM: s390: protvirt: Add new gprs location handling [v2,20/42] KVM: S390: protvirt: Introduce instruction data area bounce buffer [v2,21/42] KVM: s390: protvirt: handle secure guest prefix pages [v2,22/42] KVM: s390/mm: handle guest unpin events [v2,23/42] KVM: s390: protvirt: Write sthyi data to instruction data area [v2,24/42] KVM: s390: protvirt: STSI handling [v2,25/42] KVM: s390: protvirt: disallow one_reg [v2,26/42] KVM: s390: protvirt: Do only reset registers that are accessible [v2,27/42] KVM: s390: protvirt: Only sync fmt4 registers [v2,28/42] KVM: s390: protvirt: Add program exception injection [v2,29/42] KVM: s390: protvirt: Add diag 308 subcode 8 - 10 handling [v2,30/42] KVM: s390: protvirt: UV calls in support of diag308 0, 1 [v2,31/42] KVM: s390: protvirt: Report CPU state to Ultravisor [v2,32/42] KVM: s390: protvirt: Support cmd 5 operation state [v2,33/42] KVM: s390: protvirt: Mask PSW interrupt bits for interception 104 and 112 [v2,34/42] KVM: s390: protvirt: do not inject interrupts after start [v2,35/42] KVM: s390: protvirt: Add UV cpu reset calls [v2,36/42] DOCUMENTATION: Protected virtual machine introduction and IPL [v2,37/42] s390/uv: Fix handling of length extensions (already in s390 tree) [v2,38/42] s390: protvirt: Add sysfs firmware interface for Ultravisor information [v2,39/42] example for future extension: mm:gup/writeback: add callbacks for inaccessible pages: er… [v2,40/42] example for future extension: mm:gup/writeback: add callbacks for inaccessible pages: so… [v2,41/42] potential fixup for "s390/mm: provide memory management functions for protected KVM gues… [v2,42/42] KVM: s390: rstify new ioctls in api.rst

Message ID

20200214222658.12946-23-borntraeger@de.ibm.com (mailing list archive)

State

New, archived

Headers

From: Christian Borntraeger <borntraeger@de.ibm.com>
To: Christian Borntraeger <borntraeger@de.ibm.com>,
        Janosch Frank <frankja@linux.vnet.ibm.com>
Cc: KVM <kvm@vger.kernel.org>, Cornelia Huck <cohuck@redhat.com>,
        David Hildenbrand <david@redhat.com>,
        Thomas Huth <thuth@redhat.com>,
        Ulrich Weigand <Ulrich.Weigand@de.ibm.com>,
        Claudio Imbrenda <imbrenda@linux.ibm.com>,
        linux-s390 <linux-s390@vger.kernel.org>,
        Michael Mueller <mimu@linux.ibm.com>,
        Vasily Gorbik <gor@linux.ibm.com>
Subject: [PATCH v2 22/42] KVM: s390/mm: handle guest unpin events
Date: Fri, 14 Feb 2020 17:26:38 -0500
Message-Id: <20200214222658.12946-23-borntraeger@de.ibm.com>
In-Reply-To: <20200214222658.12946-1-borntraeger@de.ibm.com>
References: <20200214222658.12946-1-borntraeger@de.ibm.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: kvm-owner@vger.kernel.org
Precedence: bulk

Series

KVM: s390: Add support for protected VMs | expand

Commit Message

Christian Borntraeger Feb. 14, 2020, 10:26 p.m. UTC

From: Claudio Imbrenda <imbrenda@linux.ibm.com>

The current code tries to first pin shared pages, if that fails (e.g.
because the page is not shared) it will export them. For shared pages
this means that we get a new intercept telling us that the guest is
unsharing that page. We will make the page secure at that point in time
and revoke the host access. This is synchronized with other host events,
e.g. the code will wait until host I/O has finished.

Signed-off-by: Claudio Imbrenda <imbrenda@linux.ibm.com>
[borntraeger@de.ibm.com: patch merging, splitting, fixing]
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
---
 arch/s390/kvm/intercept.c | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

Comments

David Hildenbrand Feb. 17, 2020, 2:23 p.m. UTC | #1

On 14.02.20 23:26, Christian Borntraeger wrote:
> From: Claudio Imbrenda <imbrenda@linux.ibm.com>
> 
> The current code tries to first pin shared pages, if that fails (e.g.
> because the page is not shared) it will export them. For shared pages
> this means that we get a new intercept telling us that the guest is
> unsharing that page. We will make the page secure at that point in time
> and revoke the host access. This is synchronized with other host events,
> e.g. the code will wait until host I/O has finished.
> 
> Signed-off-by: Claudio Imbrenda <imbrenda@linux.ibm.com>
> [borntraeger@de.ibm.com: patch merging, splitting, fixing]
> Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
> ---
>  arch/s390/kvm/intercept.c | 24 ++++++++++++++++++++++++
>  1 file changed, 24 insertions(+)
> 
> diff --git a/arch/s390/kvm/intercept.c b/arch/s390/kvm/intercept.c
> index 6c9db886381c..1e231058e4b3 100644
> --- a/arch/s390/kvm/intercept.c
> +++ b/arch/s390/kvm/intercept.c
> @@ -16,6 +16,7 @@
>  #include <asm/asm-offsets.h>
>  #include <asm/irq.h>
>  #include <asm/sysinfo.h>
> +#include <asm/uv.h>
>  
>  #include "kvm-s390.h"
>  #include "gaccess.h"
> @@ -484,12 +485,35 @@ static int handle_pv_sclp(struct kvm_vcpu *vcpu)
>  	return 0;
>  }
>  
> +static int handle_pv_uvc(struct kvm_vcpu *vcpu)
> +{
> +	struct uv_cb_share *guest_uvcb = (void *)vcpu->arch.sie_block->sidad;
> +	struct uv_cb_cts uvcb = {
> +		.header.cmd	= UVC_CMD_UNPIN_PAGE_SHARED,
> +		.header.len	= sizeof(uvcb),
> +		.guest_handle	= kvm_s390_pv_handle(vcpu->kvm),
> +		.gaddr		= guest_uvcb->paddr,
> +	};
> +	int rc;
> +
> +	if (guest_uvcb->header.cmd != UVC_CMD_REMOVE_SHARED_ACCESS) {
> +		WARN_ONCE(1, "Unexpected UVC 0x%x!\n", guest_uvcb->header.cmd);
> +		return 0;
> +	}
> +	rc = gmap_make_secure(vcpu->arch.gmap, uvcb.gaddr, &uvcb);
> +	if (rc == -EINVAL)
> +		return 0;
> +	return rc;
> +}
> +
>  static int handle_pv_notification(struct kvm_vcpu *vcpu)
>  {
>  	if (vcpu->arch.sie_block->ipa == 0xb210)
>  		return handle_pv_spx(vcpu);
>  	if (vcpu->arch.sie_block->ipa == 0xb220)
>  		return handle_pv_sclp(vcpu);
> +	if (vcpu->arch.sie_block->ipa == 0xb9a4)
> +		return handle_pv_uvc(vcpu);
>  
>  	return handle_instruction(vcpu);
>  }
> 

Acked-by: David Hildenbrand <david@redhat.com>

diff --git a/arch/s390/kvm/intercept.c b/arch/s390/kvm/intercept.c
index 6c9db886381c..1e231058e4b3 100644
--- a/arch/s390/kvm/intercept.c
+++ b/arch/s390/kvm/intercept.c
@@ -16,6 +16,7 @@ 
 #include <asm/asm-offsets.h>
 #include <asm/irq.h>
 #include <asm/sysinfo.h>
+#include <asm/uv.h>
 
 #include "kvm-s390.h"
 #include "gaccess.h"
@@ -484,12 +485,35 @@  static int handle_pv_sclp(struct kvm_vcpu *vcpu)
 	return 0;
 }
 
+static int handle_pv_uvc(struct kvm_vcpu *vcpu)
+{
+	struct uv_cb_share *guest_uvcb = (void *)vcpu->arch.sie_block->sidad;
+	struct uv_cb_cts uvcb = {
+		.header.cmd	= UVC_CMD_UNPIN_PAGE_SHARED,
+		.header.len	= sizeof(uvcb),
+		.guest_handle	= kvm_s390_pv_handle(vcpu->kvm),
+		.gaddr		= guest_uvcb->paddr,
+	};
+	int rc;
+
+	if (guest_uvcb->header.cmd != UVC_CMD_REMOVE_SHARED_ACCESS) {
+		WARN_ONCE(1, "Unexpected UVC 0x%x!\n", guest_uvcb->header.cmd);
+		return 0;
+	}
+	rc = gmap_make_secure(vcpu->arch.gmap, uvcb.gaddr, &uvcb);
+	if (rc == -EINVAL)
+		return 0;
+	return rc;
+}
+
 static int handle_pv_notification(struct kvm_vcpu *vcpu)
 {
 	if (vcpu->arch.sie_block->ipa == 0xb210)
 		return handle_pv_spx(vcpu);
 	if (vcpu->arch.sie_block->ipa == 0xb220)
 		return handle_pv_sclp(vcpu);
+	if (vcpu->arch.sie_block->ipa == 0xb9a4)
+		return handle_pv_uvc(vcpu);
 
 	return handle_instruction(vcpu);
 }

[v2,22/42] KVM: s390/mm: handle guest unpin events

Commit Message

Comments

Patch