From: Michael Kelley <mikelley@microsoft.com>
To: hpa@zytor.com, kys@microsoft.com, haiyangz@microsoft.com,
wei.liu@kernel.org, decui@microsoft.com, luto@kernel.org,
peterz@infradead.org, davem@davemloft.net, edumazet@google.com,
kuba@kernel.org, pabeni@redhat.com, lpieralisi@kernel.org,
robh@kernel.org, kw@linux.com, bhelgaas@google.com,
arnd@arndb.de, hch@lst.de, m.szyprowski@samsung.com,
robin.murphy@arm.com, thomas.lendacky@amd.com,
brijesh.singh@amd.com, tglx@linutronix.de, mingo@redhat.com,
bp@alien8.de, dave.hansen@linux.intel.com,
Tianyu.Lan@microsoft.com, kirill.shutemov@linux.intel.com,
sathyanarayanan.kuppuswamy@linux.intel.com, ak@linux.intel.com,
isaku.yamahata@intel.com, dan.j.williams@intel.com,
jane.chu@oracle.com, seanjc@google.com, tony.luck@intel.com,
x86@kernel.org, linux-kernel@vger.kernel.org,
linux-hyperv@vger.kernel.org, netdev@vger.kernel.org,
linux-pci@vger.kernel.org, linux-arch@vger.kernel.org,
iommu@lists.linux.dev
Cc: mikelley@microsoft.com
Subject: [PATCH v5 09/14] Drivers: hv: vmbus: Remove second mapping of VMBus monitor pages
Date: Thu, 12 Jan 2023 13:42:28 -0800 [thread overview]
Message-ID: <1673559753-94403-10-git-send-email-mikelley@microsoft.com> (raw)
In-Reply-To: <1673559753-94403-1-git-send-email-mikelley@microsoft.com>
With changes to how Hyper-V guest VMs flip memory between private
(encrypted) and shared (decrypted), creating a second kernel virtual
mapping for shared memory is no longer necessary. Everything needed
for the transition to shared is handled by set_memory_decrypted().
As such, remove the code to create and manage the second
mapping for VMBus monitor pages. Because set_memory_decrypted()
and set_memory_encrypted() are no-ops in normal VMs, it's
not even necessary to test for being in a Confidential VM
(a.k.a., "Isolation VM").
Signed-off-by: Michael Kelley <mikelley@microsoft.com>
Reviewed-by: Tianyu Lan <Tianyu.Lan@microsoft.com>
---
drivers/hv/connection.c | 113 ++++++++++++----------------------------------
drivers/hv/hyperv_vmbus.h | 2 -
2 files changed, 28 insertions(+), 87 deletions(-)
diff --git a/drivers/hv/connection.c b/drivers/hv/connection.c
index 9dc27e5..f670cfd 100644
--- a/drivers/hv/connection.c
+++ b/drivers/hv/connection.c
@@ -104,8 +104,14 @@ int vmbus_negotiate_version(struct vmbus_channel_msginfo *msginfo, u32 version)
vmbus_connection.msg_conn_id = VMBUS_MESSAGE_CONNECTION_ID;
}
- msg->monitor_page1 = vmbus_connection.monitor_pages_pa[0];
- msg->monitor_page2 = vmbus_connection.monitor_pages_pa[1];
+ /*
+ * shared_gpa_boundary is zero in non-SNP VMs, so it's safe to always
+ * bitwise OR it
+ */
+ msg->monitor_page1 = virt_to_phys(vmbus_connection.monitor_pages[0]) |
+ ms_hyperv.shared_gpa_boundary;
+ msg->monitor_page2 = virt_to_phys(vmbus_connection.monitor_pages[1]) |
+ ms_hyperv.shared_gpa_boundary;
msg->target_vcpu = hv_cpu_number_to_vp_number(VMBUS_CONNECT_CPU);
@@ -219,72 +225,27 @@ int vmbus_connect(void)
* Setup the monitor notification facility. The 1st page for
* parent->child and the 2nd page for child->parent
*/
- vmbus_connection.monitor_pages[0] = (void *)hv_alloc_hyperv_zeroed_page();
- vmbus_connection.monitor_pages[1] = (void *)hv_alloc_hyperv_zeroed_page();
+ vmbus_connection.monitor_pages[0] = (void *)hv_alloc_hyperv_page();
+ vmbus_connection.monitor_pages[1] = (void *)hv_alloc_hyperv_page();
if ((vmbus_connection.monitor_pages[0] == NULL) ||
(vmbus_connection.monitor_pages[1] == NULL)) {
ret = -ENOMEM;
goto cleanup;
}
- vmbus_connection.monitor_pages_original[0]
- = vmbus_connection.monitor_pages[0];
- vmbus_connection.monitor_pages_original[1]
- = vmbus_connection.monitor_pages[1];
- vmbus_connection.monitor_pages_pa[0]
- = virt_to_phys(vmbus_connection.monitor_pages[0]);
- vmbus_connection.monitor_pages_pa[1]
- = virt_to_phys(vmbus_connection.monitor_pages[1]);
-
- if (hv_is_isolation_supported()) {
- ret = set_memory_decrypted((unsigned long)
- vmbus_connection.monitor_pages[0],
- 1);
- ret |= set_memory_decrypted((unsigned long)
- vmbus_connection.monitor_pages[1],
- 1);
- if (ret)
- goto cleanup;
-
- /*
- * Isolation VM with AMD SNP needs to access monitor page via
- * address space above shared gpa boundary.
- */
- if (hv_isolation_type_snp()) {
- vmbus_connection.monitor_pages_pa[0] +=
- ms_hyperv.shared_gpa_boundary;
- vmbus_connection.monitor_pages_pa[1] +=
- ms_hyperv.shared_gpa_boundary;
-
- vmbus_connection.monitor_pages[0]
- = memremap(vmbus_connection.monitor_pages_pa[0],
- HV_HYP_PAGE_SIZE,
- MEMREMAP_WB);
- if (!vmbus_connection.monitor_pages[0]) {
- ret = -ENOMEM;
- goto cleanup;
- }
-
- vmbus_connection.monitor_pages[1]
- = memremap(vmbus_connection.monitor_pages_pa[1],
- HV_HYP_PAGE_SIZE,
- MEMREMAP_WB);
- if (!vmbus_connection.monitor_pages[1]) {
- ret = -ENOMEM;
- goto cleanup;
- }
- }
-
- /*
- * Set memory host visibility hvcall smears memory
- * and so zero monitor pages here.
- */
- memset(vmbus_connection.monitor_pages[0], 0x00,
- HV_HYP_PAGE_SIZE);
- memset(vmbus_connection.monitor_pages[1], 0x00,
- HV_HYP_PAGE_SIZE);
+ ret = set_memory_decrypted((unsigned long)
+ vmbus_connection.monitor_pages[0], 1);
+ ret |= set_memory_decrypted((unsigned long)
+ vmbus_connection.monitor_pages[1], 1);
+ if (ret)
+ goto cleanup;
- }
+ /*
+ * Set_memory_decrypted() will change the memory contents if
+ * decryption occurs, so zero monitor pages here.
+ */
+ memset(vmbus_connection.monitor_pages[0], 0x00, HV_HYP_PAGE_SIZE);
+ memset(vmbus_connection.monitor_pages[1], 0x00, HV_HYP_PAGE_SIZE);
msginfo = kzalloc(sizeof(*msginfo) +
sizeof(struct vmbus_channel_initiate_contact),
@@ -376,31 +337,13 @@ void vmbus_disconnect(void)
vmbus_connection.int_page = NULL;
}
- if (hv_is_isolation_supported()) {
- /*
- * memunmap() checks input address is ioremap address or not
- * inside. It doesn't unmap any thing in the non-SNP CVM and
- * so not check CVM type here.
- */
- memunmap(vmbus_connection.monitor_pages[0]);
- memunmap(vmbus_connection.monitor_pages[1]);
-
- set_memory_encrypted((unsigned long)
- vmbus_connection.monitor_pages_original[0],
- 1);
- set_memory_encrypted((unsigned long)
- vmbus_connection.monitor_pages_original[1],
- 1);
- }
+ set_memory_encrypted((unsigned long)vmbus_connection.monitor_pages[0], 1);
+ set_memory_encrypted((unsigned long)vmbus_connection.monitor_pages[1], 1);
- hv_free_hyperv_page((unsigned long)
- vmbus_connection.monitor_pages_original[0]);
- hv_free_hyperv_page((unsigned long)
- vmbus_connection.monitor_pages_original[1]);
- vmbus_connection.monitor_pages_original[0] =
- vmbus_connection.monitor_pages[0] = NULL;
- vmbus_connection.monitor_pages_original[1] =
- vmbus_connection.monitor_pages[1] = NULL;
+ hv_free_hyperv_page((unsigned long)vmbus_connection.monitor_pages[0]);
+ hv_free_hyperv_page((unsigned long)vmbus_connection.monitor_pages[1]);
+ vmbus_connection.monitor_pages[0] = NULL;
+ vmbus_connection.monitor_pages[1] = NULL;
}
/*
diff --git a/drivers/hv/hyperv_vmbus.h b/drivers/hv/hyperv_vmbus.h
index dc673ed..167ac51 100644
--- a/drivers/hv/hyperv_vmbus.h
+++ b/drivers/hv/hyperv_vmbus.h
@@ -241,8 +241,6 @@ struct vmbus_connection {
* is child->parent notification
*/
struct hv_monitor_page *monitor_pages[2];
- void *monitor_pages_original[2];
- phys_addr_t monitor_pages_pa[2];
struct list_head chn_msg_list;
spinlock_t channelmsg_lock;
--
1.8.3.1
next prev parent reply other threads:[~2023-01-12 21:50 UTC|newest]
Thread overview: 70+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-12 21:42 [PATCH v5 00/14] Add PCI pass-thru support to Hyper-V Confidential VMs Michael Kelley
2023-01-12 21:42 ` [PATCH v5 01/14] x86/ioapic: Gate decrypted mapping on cc_platform_has() attribute Michael Kelley
2023-01-12 21:42 ` [PATCH v5 02/14] x86/hyperv: Reorder code to facilitate future work Michael Kelley
2023-01-12 21:42 ` [PATCH v5 03/14] Drivers: hv: Explicitly request decrypted in vmap_pfn() calls Michael Kelley
2023-01-12 21:42 ` [PATCH v5 04/14] x86/mm: Handle decryption/re-encryption of bss_decrypted consistently Michael Kelley
2023-01-12 21:42 ` [PATCH v5 05/14] init: Call mem_encrypt_init() after Hyper-V hypercall init is done Michael Kelley
2023-01-12 21:42 ` [PATCH v5 06/14] x86/ioremap: Support hypervisor specified range to map as encrypted Michael Kelley
2023-01-20 20:15 ` Borislav Petkov
2023-01-21 4:10 ` Michael Kelley (LINUX)
2023-01-25 14:55 ` Borislav Petkov
2023-02-02 5:49 ` Michael Kelley (LINUX)
2023-02-07 12:41 ` Borislav Petkov
2023-02-07 19:01 ` Michael Kelley (LINUX)
2023-02-07 19:33 ` Borislav Petkov
2023-02-07 19:48 ` Michael Kelley (LINUX)
2023-02-07 19:54 ` Borislav Petkov
2023-02-07 19:57 ` Michael Kelley (LINUX)
2023-02-08 0:18 ` Michael Kelley (LINUX)
2023-02-08 15:09 ` Dave Hansen
2023-02-09 17:29 ` Michael Kelley (LINUX)
2023-02-08 17:23 ` Dave Hansen
2023-02-09 17:47 ` Michael Kelley (LINUX)
2023-02-10 18:41 ` Sean Christopherson
2023-02-10 18:58 ` Dave Hansen
2023-02-10 19:03 ` Borislav Petkov
2023-02-10 19:15 ` Michael Kelley (LINUX)
2023-02-10 19:36 ` Borislav Petkov
2023-02-10 19:58 ` Dave Hansen
2023-02-10 20:50 ` Sean Christopherson
2023-02-10 20:57 ` Sean Christopherson
2023-02-10 21:27 ` Michael Kelley (LINUX)
2023-02-10 23:47 ` Sean Christopherson
2023-02-14 7:45 ` Michael Kelley (LINUX)
2023-02-16 13:32 ` Borislav Petkov
2023-02-16 16:16 ` Michael Kelley (LINUX)
2023-02-16 17:06 ` Borislav Petkov
2023-02-17 6:16 ` Michael Kelley (LINUX)
2023-02-17 14:55 ` Borislav Petkov
2023-02-22 22:13 ` Sean Christopherson
2023-02-22 22:33 ` Borislav Petkov
2023-02-22 22:54 ` Sean Christopherson
2023-02-22 23:34 ` Borislav Petkov
2023-02-23 1:21 ` Sean Christopherson
2023-02-23 10:45 ` Borislav Petkov
2023-02-23 20:01 ` Michael Kelley (LINUX)
2023-02-23 20:27 ` Dave Hansen
2023-03-06 21:51 ` Borislav Petkov
2023-03-09 11:12 ` David Woodhouse
2023-03-09 11:59 ` Borislav Petkov
2023-03-09 13:00 ` David Woodhouse
2023-03-09 14:19 ` Tom Lendacky
2023-03-09 14:36 ` Jörg Rödel
2023-03-09 14:45 ` Borislav Petkov
2023-03-09 15:45 ` David Woodhouse
2023-03-09 16:34 ` Borislav Petkov
2023-03-10 10:05 ` David Woodhouse
2023-02-23 20:26 ` Dave Hansen
2023-02-23 20:41 ` Dave Hansen
2023-02-23 20:51 ` Michael Kelley (LINUX)
2023-02-23 21:07 ` Sean Christopherson
2023-02-23 21:15 ` Michael Kelley (LINUX)
2023-02-23 21:24 ` Dave Hansen
2023-01-12 21:42 ` [PATCH v5 07/14] x86/hyperv: Change vTOM handling to use standard coco mechanisms Michael Kelley
2023-01-12 21:42 ` [PATCH v5 08/14] swiotlb: Remove bounce buffer remapping for Hyper-V Michael Kelley
2023-01-12 21:42 ` Michael Kelley [this message]
2023-01-12 21:42 ` [PATCH v5 10/14] Drivers: hv: vmbus: Remove second way of mapping ring buffers Michael Kelley
2023-01-12 21:42 ` [PATCH v5 11/14] hv_netvsc: Remove second mapping of send and recv buffers Michael Kelley
2023-01-12 21:42 ` [PATCH v5 12/14] Drivers: hv: Don't remap addresses that are above shared_gpa_boundary Michael Kelley
2023-01-12 21:42 ` [PATCH v5 13/14] PCI: hv: Add hypercalls to read/write MMIO space Michael Kelley
2023-01-12 21:42 ` [PATCH v5 14/14] PCI: hv: Enable PCI pass-thru devices in Confidential VMs Michael Kelley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1673559753-94403-10-git-send-email-mikelley@microsoft.com \
--to=mikelley@microsoft.com \
--cc=Tianyu.Lan@microsoft.com \
--cc=ak@linux.intel.com \
--cc=arnd@arndb.de \
--cc=bhelgaas@google.com \
--cc=bp@alien8.de \
--cc=brijesh.singh@amd.com \
--cc=dan.j.williams@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=davem@davemloft.net \
--cc=decui@microsoft.com \
--cc=edumazet@google.com \
--cc=haiyangz@microsoft.com \
--cc=hch@lst.de \
--cc=hpa@zytor.com \
--cc=iommu@lists.linux.dev \
--cc=isaku.yamahata@intel.com \
--cc=jane.chu@oracle.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=kuba@kernel.org \
--cc=kw@linux.com \
--cc=kys@microsoft.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-hyperv@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=lpieralisi@kernel.org \
--cc=luto@kernel.org \
--cc=m.szyprowski@samsung.com \
--cc=mingo@redhat.com \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=peterz@infradead.org \
--cc=robh@kernel.org \
--cc=robin.murphy@arm.com \
--cc=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=tony.luck@intel.com \
--cc=wei.liu@kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.