From: Paul Mackerras <paulus@ozlabs.org>
To: Bharata B Rao <bharata@linux.ibm.com>
Cc: linuxram@us.ibm.com, cclaudio@linux.ibm.com,
kvm-ppc@vger.kernel.org, linux-mm@kvack.org, jglisse@redhat.com,
aneesh.kumar@linux.vnet.ibm.com, paulus@au1.ibm.com,
sukadev@linux.vnet.ibm.com, linuxppc-dev@lists.ozlabs.org,
hch@lst.de
Subject: Re: [PATCH v10 2/8] KVM: PPC: Support for running secure guests
Date: Wed, 6 Nov 2019 15:34:57 +1100 [thread overview]
Message-ID: <20191106043457.GC12069@oak.ozlabs.ibm.com> (raw)
In-Reply-To: <20191104041800.24527-3-bharata@linux.ibm.com>
On Mon, Nov 04, 2019 at 09:47:54AM +0530, Bharata B Rao wrote:
> A pseries guest can be run as secure guest on Ultravisor-enabled
> POWER platforms. On such platforms, this driver will be used to manage
> the movement of guest pages between the normal memory managed by
> hypervisor (HV) and secure memory managed by Ultravisor (UV).
>
> HV is informed about the guest's transition to secure mode via hcalls:
>
> H_SVM_INIT_START: Initiate securing a VM
> H_SVM_INIT_DONE: Conclude securing a VM
>
> As part of H_SVM_INIT_START, register all existing memslots with
> the UV. H_SVM_INIT_DONE call by UV informs HV that transition of
> the guest to secure mode is complete.
>
> These two states (transition to secure mode STARTED and transition
> to secure mode COMPLETED) are recorded in kvm->arch.secure_guest.
> Setting these states will cause the assembly code that enters the
> guest to call the UV_RETURN ucall instead of trying to enter the
> guest directly.
>
> Migration of pages betwen normal and secure memory of secure
> guest is implemented in H_SVM_PAGE_IN and H_SVM_PAGE_OUT hcalls.
>
> H_SVM_PAGE_IN: Move the content of a normal page to secure page
> H_SVM_PAGE_OUT: Move the content of a secure page to normal page
>
> Private ZONE_DEVICE memory equal to the amount of secure memory
> available in the platform for running secure guests is created.
> Whenever a page belonging to the guest becomes secure, a page from
> this private device memory is used to represent and track that secure
> page on the HV side. The movement of pages between normal and secure
> memory is done via migrate_vma_pages() using UV_PAGE_IN and
> UV_PAGE_OUT ucalls.
>
> Signed-off-by: Bharata B Rao <bharata@linux.ibm.com>
Reviewed-by: Paul Mackerras <paulus@ozlabs.org>
next prev parent reply other threads:[~2019-11-06 6:08 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-11-04 4:17 [PATCH v10 0/8] KVM: PPC: Driver to manage pages of secure guest Bharata B Rao
2019-11-04 4:17 ` [PATCH v10 1/8] mm: ksm: Export ksm_madvise() Bharata B Rao
2019-11-06 4:33 ` Paul Mackerras
2019-11-06 6:45 ` Bharata B Rao
2019-11-07 5:45 ` Paul Mackerras
2019-11-15 14:10 ` Bharata B Rao
2019-11-04 4:17 ` [PATCH v10 2/8] KVM: PPC: Support for running secure guests Bharata B Rao
2019-11-06 4:34 ` Paul Mackerras [this message]
2019-11-04 4:17 ` [PATCH v10 3/8] KVM: PPC: Shared pages support for " Bharata B Rao
2019-11-06 4:52 ` Paul Mackerras
2019-11-06 8:22 ` Bharata B Rao
2019-11-06 8:29 ` Bharata B Rao
2019-11-04 4:17 ` [PATCH v10 4/8] KVM: PPC: Radix changes for secure guest Bharata B Rao
2019-11-06 5:58 ` Paul Mackerras
2019-11-06 8:36 ` Bharata B Rao
2019-11-04 4:17 ` [PATCH v10 5/8] KVM: PPC: Handle memory plug/unplug to secure VM Bharata B Rao
2019-11-11 4:25 ` Paul Mackerras
2019-11-04 4:17 ` [PATCH v10 6/8] KVM: PPC: Support reset of secure guest Bharata B Rao
2019-11-11 5:28 ` Paul Mackerras
2019-11-11 6:55 ` Bharata B Rao
2019-11-12 5:34 ` Paul Mackerras
2019-11-13 15:29 ` Bharata B Rao
2019-11-14 5:07 ` Paul Mackerras
2019-11-04 4:17 ` [PATCH v10 7/8] KVM: PPC: Implement H_SVM_INIT_ABORT hcall Bharata B Rao
2019-11-11 4:19 ` Paul Mackerras
2019-11-12 1:01 ` Ram Pai
2019-11-12 5:38 ` Paul Mackerras
2019-11-12 7:52 ` Ram Pai
2019-11-12 11:32 ` Paul Mackerras
2019-11-12 14:45 ` Ram Pai
2019-11-13 0:14 ` Paul Mackerras
2019-11-13 6:32 ` Ram Pai
2019-11-13 21:18 ` Paul Mackerras
2019-11-13 21:50 ` Ram Pai
2019-11-14 5:08 ` Paul Mackerras
2019-11-14 7:02 ` Ram Pai
2019-11-04 4:18 ` [PATCH v10 8/8] KVM: PPC: Ultravisor: Add PPC_UV config option Bharata B Rao
2019-11-06 4:30 ` [PATCH v10 0/8] KVM: PPC: Driver to manage pages of secure guest Paul Mackerras
2019-11-06 6:20 ` Bharata B Rao
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191106043457.GC12069@oak.ozlabs.ibm.com \
--to=paulus@ozlabs.org \
--cc=aneesh.kumar@linux.vnet.ibm.com \
--cc=bharata@linux.ibm.com \
--cc=cclaudio@linux.ibm.com \
--cc=hch@lst.de \
--cc=jglisse@redhat.com \
--cc=kvm-ppc@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=linuxram@us.ibm.com \
--cc=paulus@au1.ibm.com \
--cc=sukadev@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).