From patchwork Thu Feb 4 00:39:32 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: "Kalra, Ashish" X-Patchwork-Id: 12065871 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,MSGID_FROM_MTA_HEADER,SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 33901C433E0 for ; Thu, 4 Feb 2021 00:42:35 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id D569564DF0 for ; Thu, 4 Feb 2021 00:42:34 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234415AbhBDAmL (ORCPT ); Wed, 3 Feb 2021 19:42:11 -0500 Received: from mail-bn7nam10on2071.outbound.protection.outlook.com ([40.107.92.71]:5024 "EHLO NAM10-BN7-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S234410AbhBDAls (ORCPT ); Wed, 3 Feb 2021 19:41:48 -0500 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=F/pDofn1WLrFMUWrQpudKmDGm7q661pBuDnPswX+8p4+TKl+aT5OGv4NBKFoafL6fdJZQhPuYOa4AGVuDZef17ZUmqP1yR9JXXADGGbqtT2C67pioNVrGYc0FXLMPOTQhrXkR7aR8vPEd/DpKbUrLesilEnlMigjyPJkD64aHEqBHpGXgoex4aaZrK595QFxQ3adQ2SRlGVKoyAYBw8woY9MrlzRhJsv+1fgkFAYKJNGb8pFV10MNIs2Vittmq2l7V/sIKjFvF+RJbq5+A0kLGm8x3Kp+I61Zj0i6f6Ke9Zg08vPwAXxKkHWY7agcFWeMFWY0EO2F2CkQ05vye/3Ng== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=WGONI3/EKRdB5D1A0wwvnXAIPORbbYPpLkd82kLuqi0=; b=dixA2A7RJ+36pkc/rlWr3JOg8l0yiaannVhcQisWhhzVS7udoQjuQ9t/fge5PsRLzc2h1LAyQsl4uAS76kxmQKtcqDine40FCjBuwlk7wC/QZg03dJlUnvdykCDqrW6W0Rc5jIRzG4sbmcR9F+58qR8etg4X/YdXXIAa6UzZDB2InxCHspQpw38PLuTof8is64/ohZG1E1nRsVkawJmNLdaIUzs7sGXmtlHTSmnx4X+NjhAvAGbGl1BZlBf3BdU2otVgKeN4JM8tBWV0uYResjlOxhHNXR3SD4iB8r12VfEV/aHhpHBBfUhZXBZnV7bbEuBSdPTHqb9Jos+eIBv43Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=WGONI3/EKRdB5D1A0wwvnXAIPORbbYPpLkd82kLuqi0=; b=ygyhzQG9vG8miKY2wWpHm7ob3EBABD7DfGRJXLTJfVo4PnM7whhWaEEw3Omq9nPYTWfvNeWHYFHzvCq9D+AaoqiViHiPKh/kXCRk9mJus3qDiXJzYJ/8AT61jSpehk2piwN4d1Dze00BzbFzmD3GsivAbcxw6KIfm0LYMj5xJiQ= Authentication-Results: redhat.com; dkim=none (message not signed) header.d=none;redhat.com; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2767.namprd12.prod.outlook.com (2603:10b6:805:75::23) by SA0PR12MB4384.namprd12.prod.outlook.com (2603:10b6:806:9f::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3805.16; Thu, 4 Feb 2021 00:39:42 +0000 Received: from SN6PR12MB2767.namprd12.prod.outlook.com ([fe80::24bb:3e53:c95e:cb8e]) by SN6PR12MB2767.namprd12.prod.outlook.com ([fe80::24bb:3e53:c95e:cb8e%7]) with mapi id 15.20.3805.028; Thu, 4 Feb 2021 00:39:42 +0000 From: Ashish Kalra To: pbonzini@redhat.com Cc: tglx@linutronix.de, mingo@redhat.com, hpa@zytor.com, rkrcmar@redhat.com, joro@8bytes.org, bp@suse.de, thomas.lendacky@amd.com, x86@kernel.org, kvm@vger.kernel.org, linux-kernel@vger.kernel.org, srutherford@google.com, seanjc@google.com, venu.busireddy@oracle.com, brijesh.singh@amd.com Subject: [PATCH v10 11/16] KVM: x86: Introduce KVM_SET_SHARED_PAGES_LIST ioctl Date: Thu, 4 Feb 2021 00:39:32 +0000 Message-Id: <89a3e3218f3b08be562f68a9c0d736030fff9b1b.1612398155.git.ashish.kalra@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: References: X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SA9PR13CA0106.namprd13.prod.outlook.com (2603:10b6:806:24::21) To SN6PR12MB2767.namprd12.prod.outlook.com (2603:10b6:805:75::23) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from ashkalra_ubuntu_server.amd.com (165.204.77.1) by SA9PR13CA0106.namprd13.prod.outlook.com (2603:10b6:806:24::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3825.15 via Frontend Transport; Thu, 4 Feb 2021 00:39:41 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: cbe3a24a-8c76-46b2-2118-08d8c8a55c4f X-MS-TrafficTypeDiagnostic: SA0PR12MB4384: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:5516; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: w0LbrfngPNiu4lhaYRMeNbS6GapLIsC72qB5+hC/KbDeW62MQ9/fGDGtI12FsHhKWjFowApHMqsVWlMTVuSRLjpEjv9TULOhJTZ5yexWItGUnEJIvb7n/3dfTdat7jae9axjRmYD/iaIBjfn9Gs8sQs2GwpIezw6i3FkOTVdmW/dQBJpfq+bvq3QjoC/S2H37+B93a7nU365FZadlg1GdMNuZ6eCudR8mbUIPwY/0I04hCQ4nfrdl1UK7nj0GFx4g+dB3DcxAY/oKo7rNO0vjbvEvhPJYCe+8lpL2S1hb+o2Z8aSLJrJjHcQWUvZyQfVg4Z1Qtt2iKEXNSi0MM2ErPwJtXJpu2bUN7zu3NEQOPiIGRbqrgEh0SP1bGuVLlsMCXPlstQ8AIKjcfwZN9DpSUQzpn78jMmr7hUf6nVENRS6MMB4MVx7H2NviOe1ZwtEZlCmBMLKZdT2Wa+oMGAPMF8AccS3VYzOEV4PVkYEb/hquwyAK87PzYHdhX2xYHOSGjvYzRR69mIYa2+I4bxDKw== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR12MB2767.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(136003)(39850400004)(366004)(346002)(376002)(396003)(8936002)(4326008)(66556008)(86362001)(6666004)(66476007)(2906002)(186003)(478600001)(26005)(6916009)(6486002)(5660300002)(52116002)(16526019)(36756003)(7696005)(7416002)(66946007)(83380400001)(8676002)(956004)(2616005)(66574015)(316002);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData: =?utf-8?q?XV0Gxo9XCbu9whXG9jTQMK2X7Vb5Xs?= =?utf-8?q?GZPWg8vmfGH7RgoSNFmiCrlLcb51Jw9hLW4jXnE5dweRAXJVk34MlvzG3aqLr5T4e?= =?utf-8?q?LzaDbIXbv7e+x/cu1PRCXbiL1qoSU6x3QzBVwN8fB2EBrFk57uQ3GTotun0Auvkgq?= =?utf-8?q?kl1x0eZlKP58H2o3XXES4h87nWiea3j5+MhaIpYhkQw++jTzLEBofBpxhxFjH/ca1?= =?utf-8?q?PNpW0XOSXKJaivTW/cF54H2ujtPwtEs+Y2cgRUWgjguInAIfwmKdAp10ji9nhF/9P?= =?utf-8?q?oIEHjgVfSI2Yj0NxPYTf9wVxBXLFX+F0VOjnQc+q+s+9STTlkkU3BkggTnZ8/g8jD?= =?utf-8?q?dGcuMZf/c9pGX1yZknVCY1HZ4wJ6GoSumYrLiscPpamHoYZuM4LH0agWlqv1MxWhq?= =?utf-8?q?lGMc9OAj6a70/78Ap0LWHhBqPi1FyYfzGSgBf4mcfDBQf4qI7sAAAYUJla13cSjyd?= =?utf-8?q?stRYZvPvJJjytC3nozX09tOYuFwGsYD43dl8NmLCC1aoaKMM85bHlKeyRXPYU3OIx?= =?utf-8?q?FyXt3tzM7WT3HfEJIP0WvfgEznjWOyoePpiRVi7wQ4vfO2+5q3s5lnDxlUuT5Ou97?= =?utf-8?q?TwlHGVXZLHwHBing0v97QaNE6v3ZhktKBXM8gbBerIWEYt9o+KgCz4YEdyBlzmpFf?= =?utf-8?q?Rakznq7PAeZwMn47+yIAhvGTwUcppy5pPyNoyyCPgyjawLmXG44EkaMKdXTMZnRnY?= =?utf-8?q?pF/6MgJvKYW2hW20GhTv+68oQDMdxmUdr76Q9qNFxg8O28PbzyKb0BwzJZRqh7QCD?= =?utf-8?q?Qkdi0vk6vv1CW/Xl15AYdlm7DJYYumq7Ni2Uq9phAsGnX/v/jCiLJONZeY51bZtq0?= =?utf-8?q?7tsvVIR8OobWA3Rl0lxONpPfWhIv3q7PJFcml4BitDuRWktOW68rVRMc65Z5/cVTt?= =?utf-8?q?0z+Z/Ecct5jVUqgI43LHukar48H1uwth9vPFJ43DIVXFf8dqDd/4QfYQo59NAqbtf?= =?utf-8?q?oCrFncRyPBsUCaV79RzknvrDDYz9K4xfrx8V/XpLEoJpWdeIMBpodC5lDKF/X4Vdi?= =?utf-8?q?s8b4XVjdPaCUzvQKWcgHYw7gOYvP+//IQvFaqiOVgUv1ec7E7iWevuThRAwLg7c9a?= =?utf-8?q?s1LMEFDTy0a/61/wfsoU8ZIRMa+/95MaHN/VeTgqLoOLULSs4QE9mADHU8jJOEHrH?= =?utf-8?q?gT0cdhqup7IgdGMSG5at8D9YiUE5Y6iHXeR+c8vyfS6WYi5kb5FmTMepAUMsqQ6dn?= =?utf-8?q?IhDh4G9KYxNxB5Ev5Aj24F4FnjH32JClbD9W8cg6ypJQX1zH2abHvvAK+6YQfhFjt?= =?utf-8?q?uXVyPz8L2r6UzS?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: cbe3a24a-8c76-46b2-2118-08d8c8a55c4f X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2767.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2021 00:39:42.1351 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: yLu3i6H1jmvyu2LwAzX/Q+QTEMffhhPjQg4nFiXO4dxG8veqzcZSyULmQuHS46K8z1ohBT69vCmKGh8iTVZt0A== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB4384 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org From: Brijesh Singh The ioctl is used to setup the shared pages list for an incoming guest. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel Cc: Borislav Petkov Cc: Tom Lendacky Cc: x86@kernel.org Cc: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: Brijesh Singh Co-developed-by: Ashish Kalra Signed-off-by: Ashish Kalra --- Documentation/virt/kvm/api.rst | 20 +++++++++- arch/x86/include/asm/kvm_host.h | 2 + arch/x86/kvm/svm/sev.c | 70 +++++++++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.c | 1 + arch/x86/kvm/svm/svm.h | 1 + arch/x86/kvm/x86.c | 12 ++++++ include/uapi/linux/kvm.h | 1 + 7 files changed, 106 insertions(+), 1 deletion(-) diff --git a/Documentation/virt/kvm/api.rst b/Documentation/virt/kvm/api.rst index 59ef537c0cdd..efb4720733b4 100644 --- a/Documentation/virt/kvm/api.rst +++ b/Documentation/virt/kvm/api.rst @@ -4701,6 +4701,25 @@ This list can be used during the guest migration. If the page is private then the userspace need to use SEV migration commands to transmit the page. +4.126 KVM_SET_SHARED_PAGES_LIST (vm ioctl) +--------------------------------------- + +:Capability: basic +:Architectures: x86 +:Type: vm ioctl +:Parameters: struct kvm_shared_pages_list (in/out) +:Returns: 0 on success, -1 on error + +/* for KVM_SET_SHARED_PAGES_LIST */ +struct kvm_shared_pages_list { + int __user *pnents; + void __user *buffer; + __u32 size; +}; + +During the guest live migration the outgoing guest exports its unencrypted +memory regions list, the KVM_SET_SHARED_PAGES_LIST can be used to build the +shared/unencrypted regions list for an incoming guest. 4.125 KVM_S390_PV_COMMAND ------------------------- @@ -4855,7 +4874,6 @@ into user space. If a vCPU is in running state while this ioctl is invoked, the vCPU may experience inconsistent filtering behavior on MSR accesses. - 5. The kvm_run structure ======================== diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index cd354d830e13..f05b812b69bd 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1305,6 +1305,8 @@ struct kvm_x86_ops { unsigned long sz, unsigned long mode); int (*get_shared_pages_list)(struct kvm *kvm, struct kvm_shared_pages_list *list); + int (*set_shared_pages_list)(struct kvm *kvm, + struct kvm_shared_pages_list *list); }; struct kvm_x86_nested_ops { diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 701d74c8b15b..b0d324aed515 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -1671,6 +1671,76 @@ int svm_get_shared_pages_list(struct kvm *kvm, return ret; } +int svm_set_shared_pages_list(struct kvm *kvm, + struct kvm_shared_pages_list *list) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct shared_region_array_entry *array; + struct shared_region *shrd_region; + int ret, nents, i; + unsigned long sz; + + if (!sev_guest(kvm)) + return -ENOTTY; + + if (get_user(nents, list->pnents)) + return -EFAULT; + + /* special case of resetting the shared pages list */ + if (!list->buffer || !nents) { + struct shared_region *pos; + + mutex_lock(&kvm->lock); + list_for_each_entry(pos, &sev->shared_pages_list, list) + kfree(pos); + sev->shared_pages_list_count = 0; + mutex_unlock(&kvm->lock); + + return 0; + } + + sz = nents * sizeof(struct shared_region_array_entry); + array = kmalloc(sz, GFP_KERNEL); + if (!array) + return -ENOMEM; + + ret = -EFAULT; + if (copy_from_user(array, list->buffer, sz)) + goto out; + + ret = 0; + mutex_lock(&kvm->lock); + for (i = 0; i < nents; i++) { + shrd_region = kzalloc(sizeof(*shrd_region), GFP_KERNEL_ACCOUNT); + if (!shrd_region) { + struct shared_region *pos; + + /* Freeing previously allocated entries */ + list_for_each_entry(pos, + &sev->shared_pages_list, + list) { + kfree(pos); + } + + mutex_unlock(&kvm->lock); + ret = -ENOMEM; + goto out; + } + + shrd_region->gfn_start = array[i].gfn_start; + shrd_region->gfn_end = array[i].gfn_end; + list_add_tail(&shrd_region->list, + &sev->shared_pages_list); + } + sev->shared_pages_list_count = nents; + mutex_unlock(&kvm->lock); + +out: + kfree(array); + + return ret; +} + int svm_mem_enc_op(struct kvm *kvm, void __user *argp) { struct kvm_sev_cmd sev_cmd; diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 533ce47ff158..58f89f83caab 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -4539,6 +4539,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata = { .page_enc_status_hc = svm_page_enc_status_hc, .get_shared_pages_list = svm_get_shared_pages_list, + .set_shared_pages_list = svm_set_shared_pages_list, }; static struct kvm_x86_init_ops svm_init_ops __initdata = { diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 6a777c61373c..066ca2a9f1e6 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -478,6 +478,7 @@ void sync_nested_vmcb_control(struct vcpu_svm *svm); int svm_page_enc_status_hc(struct kvm *kvm, unsigned long gpa, unsigned long npages, unsigned long enc); int svm_get_shared_pages_list(struct kvm *kvm, struct kvm_shared_pages_list *list); +int svm_set_shared_pages_list(struct kvm *kvm, struct kvm_shared_pages_list *list); extern struct kvm_x86_nested_ops svm_nested_ops; diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index acfec2ae1402..c119715c1034 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -5731,6 +5731,18 @@ long kvm_arch_vm_ioctl(struct file *filp, r = kvm_x86_ops.get_shared_pages_list(kvm, &list); break; } + case KVM_SET_SHARED_PAGES_LIST: { + struct kvm_shared_pages_list list; + + r = -EFAULT; + if (copy_from_user(&list, argp, sizeof(list))) + goto out; + + r = -ENOTTY; + if (kvm_x86_ops.set_shared_pages_list) + r = kvm_x86_ops.set_shared_pages_list(kvm, &list); + break; + } default: r = -ENOTTY; } diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 0529ba80498a..f704b08c97f2 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -1573,6 +1573,7 @@ struct kvm_pv_cmd { #define KVM_RESET_DIRTY_RINGS _IO(KVMIO, 0xc7) #define KVM_GET_SHARED_PAGES_LIST _IOW(KVMIO, 0xc8, struct kvm_shared_pages_list) +#define KVM_SET_SHARED_PAGES_LIST _IOW(KVMIO, 0xc9, struct kvm_shared_pages_list) /* Secure Encrypted Virtualization command */ enum sev_cmd_id {