From: Thiago Jung Bauermann <bauerman@linux.ibm.com>
To: linuxppc-dev@lists.ozlabs.org
Cc: linux-kernel@vger.kernel.org,
Alexey Kardashevskiy <aik@ozlabs.ru>,
Anshuman Khandual <anshuman.linux@gmail.com>,
Benjamin Herrenschmidt <benh@kernel.crashing.org>,
Christoph Hellwig <hch@lst.de>,
Michael Ellerman <mpe@ellerman.id.au>,
Mike Anderson <andmike@linux.ibm.com>,
Paul Mackerras <paulus@samba.org>, Ram Pai <linuxram@us.ibm.com>,
Claudio Carvalho <cclaudio@linux.ibm.com>,
Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>,
Thiago Jung Bauermann <bauerman@linux.ibm.com>
Subject: [PATCH v4 06/16] powerpc: Introduce the MSR_S bit
Date: Mon, 19 Aug 2019 23:13:16 -0300 [thread overview]
Message-ID: <20190820021326.6884-7-bauerman@linux.ibm.com> (raw)
In-Reply-To: <20190820021326.6884-1-bauerman@linux.ibm.com>
From: Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>
Protected Execution Facility (PEF) is an architectural change for
POWER 9 that enables Secure Virtual Machines (SVMs). When enabled,
PEF adds a new higher privileged mode, called Ultravisor mode, to
POWER architecture.
The hardware changes include the following:
* There is a new bit in the MSR that determines whether the current
process is running in secure mode, MSR(S) bit 41. MSR(S)=1, process
is in secure mode, MSR(s)=0 process is in normal mode.
* The MSR(S) bit can only be set by the Ultravisor.
* HRFID cannot be used to set the MSR(S) bit. If the hypervisor needs
to return to a SVM it must use an ultracall. It can determine if
the VM it is returning to is secure.
* The privilege of a process is now determined by three MSR bits,
MSR(S, HV, PR). In each of the tables below the modes are listed
from least privilege to highest privilege. The higher privilege
modes can access all the resources of the lower privilege modes.
**Secure Mode MSR Settings**
+---+---+---+---------------+
| S | HV| PR|Privilege |
+===+===+===+===============+
| 1 | 0 | 1 | Problem |
+---+---+---+---------------+
| 1 | 0 | 0 | Privileged(OS)|
+---+---+---+---------------+
| 1 | 1 | 0 | Ultravisor |
+---+---+---+---------------+
| 1 | 1 | 1 | Reserved |
+---+---+---+---------------+
**Normal Mode MSR Settings**
+---+---+---+---------------+
| S | HV| PR|Privilege |
+===+===+===+===============+
| 0 | 0 | 1 | Problem |
+---+---+---+---------------+
| 0 | 0 | 0 | Privileged(OS)|
+---+---+---+---------------+
| 0 | 1 | 0 | Hypervisor |
+---+---+---+---------------+
| 0 | 1 | 1 | Problem (HV) |
+---+---+---+---------------+
Signed-off-by: Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>
Signed-off-by: Ram Pai <linuxram@us.ibm.com>
[ cclaudio: Update the commit message ]
Signed-off-by: Claudio Carvalho <cclaudio@linux.ibm.com>
Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com>
---
arch/powerpc/include/asm/reg.h | 3 +++
1 file changed, 3 insertions(+)
diff --git a/arch/powerpc/include/asm/reg.h b/arch/powerpc/include/asm/reg.h
index 10caa145f98b..ec3714cf0989 100644
--- a/arch/powerpc/include/asm/reg.h
+++ b/arch/powerpc/include/asm/reg.h
@@ -38,6 +38,7 @@
#define MSR_TM_LG 32 /* Trans Mem Available */
#define MSR_VEC_LG 25 /* Enable AltiVec */
#define MSR_VSX_LG 23 /* Enable VSX */
+#define MSR_S_LG 22 /* Secure state */
#define MSR_POW_LG 18 /* Enable Power Management */
#define MSR_WE_LG 18 /* Wait State Enable */
#define MSR_TGPR_LG 17 /* TLB Update registers in use */
@@ -71,11 +72,13 @@
#define MSR_SF __MASK(MSR_SF_LG) /* Enable 64 bit mode */
#define MSR_ISF __MASK(MSR_ISF_LG) /* Interrupt 64b mode valid on 630 */
#define MSR_HV __MASK(MSR_HV_LG) /* Hypervisor state */
+#define MSR_S __MASK(MSR_S_LG) /* Secure state */
#else
/* so tests for these bits fail on 32-bit */
#define MSR_SF 0
#define MSR_ISF 0
#define MSR_HV 0
+#define MSR_S 0
#endif
/*
WARNING: multiple messages have this Message-ID (diff)
From: Thiago Jung Bauermann <bauerman@linux.ibm.com>
To: linuxppc-dev@lists.ozlabs.org
Cc: Anshuman Khandual <anshuman.linux@gmail.com>,
Alexey Kardashevskiy <aik@ozlabs.ru>,
Mike Anderson <andmike@linux.ibm.com>,
Ram Pai <linuxram@us.ibm.com>,
linux-kernel@vger.kernel.org,
Claudio Carvalho <cclaudio@linux.ibm.com>,
Paul Mackerras <paulus@samba.org>,
Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>,
Christoph Hellwig <hch@lst.de>,
Thiago Jung Bauermann <bauerman@linux.ibm.com>
Subject: [PATCH v4 06/16] powerpc: Introduce the MSR_S bit
Date: Mon, 19 Aug 2019 23:13:16 -0300 [thread overview]
Message-ID: <20190820021326.6884-7-bauerman@linux.ibm.com> (raw)
In-Reply-To: <20190820021326.6884-1-bauerman@linux.ibm.com>
From: Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>
Protected Execution Facility (PEF) is an architectural change for
POWER 9 that enables Secure Virtual Machines (SVMs). When enabled,
PEF adds a new higher privileged mode, called Ultravisor mode, to
POWER architecture.
The hardware changes include the following:
* There is a new bit in the MSR that determines whether the current
process is running in secure mode, MSR(S) bit 41. MSR(S)=1, process
is in secure mode, MSR(s)=0 process is in normal mode.
* The MSR(S) bit can only be set by the Ultravisor.
* HRFID cannot be used to set the MSR(S) bit. If the hypervisor needs
to return to a SVM it must use an ultracall. It can determine if
the VM it is returning to is secure.
* The privilege of a process is now determined by three MSR bits,
MSR(S, HV, PR). In each of the tables below the modes are listed
from least privilege to highest privilege. The higher privilege
modes can access all the resources of the lower privilege modes.
**Secure Mode MSR Settings**
+---+---+---+---------------+
| S | HV| PR|Privilege |
+===+===+===+===============+
| 1 | 0 | 1 | Problem |
+---+---+---+---------------+
| 1 | 0 | 0 | Privileged(OS)|
+---+---+---+---------------+
| 1 | 1 | 0 | Ultravisor |
+---+---+---+---------------+
| 1 | 1 | 1 | Reserved |
+---+---+---+---------------+
**Normal Mode MSR Settings**
+---+---+---+---------------+
| S | HV| PR|Privilege |
+===+===+===+===============+
| 0 | 0 | 1 | Problem |
+---+---+---+---------------+
| 0 | 0 | 0 | Privileged(OS)|
+---+---+---+---------------+
| 0 | 1 | 0 | Hypervisor |
+---+---+---+---------------+
| 0 | 1 | 1 | Problem (HV) |
+---+---+---+---------------+
Signed-off-by: Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>
Signed-off-by: Ram Pai <linuxram@us.ibm.com>
[ cclaudio: Update the commit message ]
Signed-off-by: Claudio Carvalho <cclaudio@linux.ibm.com>
Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com>
---
arch/powerpc/include/asm/reg.h | 3 +++
1 file changed, 3 insertions(+)
diff --git a/arch/powerpc/include/asm/reg.h b/arch/powerpc/include/asm/reg.h
index 10caa145f98b..ec3714cf0989 100644
--- a/arch/powerpc/include/asm/reg.h
+++ b/arch/powerpc/include/asm/reg.h
@@ -38,6 +38,7 @@
#define MSR_TM_LG 32 /* Trans Mem Available */
#define MSR_VEC_LG 25 /* Enable AltiVec */
#define MSR_VSX_LG 23 /* Enable VSX */
+#define MSR_S_LG 22 /* Secure state */
#define MSR_POW_LG 18 /* Enable Power Management */
#define MSR_WE_LG 18 /* Wait State Enable */
#define MSR_TGPR_LG 17 /* TLB Update registers in use */
@@ -71,11 +72,13 @@
#define MSR_SF __MASK(MSR_SF_LG) /* Enable 64 bit mode */
#define MSR_ISF __MASK(MSR_ISF_LG) /* Interrupt 64b mode valid on 630 */
#define MSR_HV __MASK(MSR_HV_LG) /* Hypervisor state */
+#define MSR_S __MASK(MSR_S_LG) /* Secure state */
#else
/* so tests for these bits fail on 32-bit */
#define MSR_SF 0
#define MSR_ISF 0
#define MSR_HV 0
+#define MSR_S 0
#endif
/*
next prev parent reply other threads:[~2019-08-20 2:14 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-20 2:13 [PATCH v4 00/16] Secure Virtual Machine Enablement Thiago Jung Bauermann
2019-08-20 2:13 ` Thiago Jung Bauermann
2019-08-20 2:13 ` [PATCH v4 01/16] powerpc/kernel: Add ucall_norets() ultravisor call handler Thiago Jung Bauermann
2019-08-20 2:13 ` Thiago Jung Bauermann
2019-08-20 2:13 ` [PATCH v4 02/16] powerpc/pseries: Introduce option to build secure virtual machines Thiago Jung Bauermann
2019-08-20 2:13 ` Thiago Jung Bauermann
2019-09-02 3:29 ` Michael Ellerman
2019-09-03 18:53 ` Thiago Jung Bauermann
2019-09-03 18:53 ` Thiago Jung Bauermann
2019-09-05 4:03 ` Michael Ellerman
2019-09-05 4:03 ` Michael Ellerman
2019-09-05 16:06 ` Thiago Jung Bauermann
2019-09-05 16:06 ` Thiago Jung Bauermann
2019-08-20 2:13 ` [PATCH v4 03/16] powerpc: Add support for adding an ESM blob to the zImage wrapper Thiago Jung Bauermann
2019-08-20 2:13 ` Thiago Jung Bauermann
2019-08-20 2:13 ` [PATCH v4 04/16] powerpc/prom_init: Add the ESM call to prom_init Thiago Jung Bauermann
2019-08-20 2:13 ` Thiago Jung Bauermann
2019-08-20 2:13 ` [PATCH v4 05/16] powerpc/pseries/svm: Add helpers for UV_SHARE_PAGE and UV_UNSHARE_PAGE Thiago Jung Bauermann
2019-08-20 2:13 ` Thiago Jung Bauermann
2019-08-20 2:13 ` Thiago Jung Bauermann [this message]
2019-08-20 2:13 ` [PATCH v4 06/16] powerpc: Introduce the MSR_S bit Thiago Jung Bauermann
2019-08-20 2:13 ` [PATCH v4 07/16] powerpc/pseries: Add and use LPPACA_SIZE constant Thiago Jung Bauermann
2019-08-20 2:13 ` Thiago Jung Bauermann
2019-08-20 2:13 ` [PATCH v4 08/16] powerpc/pseries/svm: Use shared memory for LPPACA structures Thiago Jung Bauermann
2019-08-20 2:13 ` Thiago Jung Bauermann
2019-08-20 2:13 ` [PATCH v4 09/16] powerpc/pseries/svm: Use shared memory for Debug Trace Log (DTL) Thiago Jung Bauermann
2019-08-20 2:13 ` Thiago Jung Bauermann
2019-08-20 2:13 ` [PATCH v4 10/16] powerpc/pseries/svm: Unshare all pages before kexecing a new kernel Thiago Jung Bauermann
2019-08-20 2:13 ` Thiago Jung Bauermann
2019-08-20 2:13 ` [RFC PATCH v4 11/16] powerpc/pseries/svm: Export guest SVM status to user space via sysfs Thiago Jung Bauermann
2019-08-20 2:13 ` Thiago Jung Bauermann
2019-08-20 2:13 ` [PATCH v4 12/16] powerpc/pseries/svm: Disable doorbells in SVM guests Thiago Jung Bauermann
2019-08-20 2:13 ` Thiago Jung Bauermann
2019-08-20 2:13 ` [PATCH v4 13/16] powerpc/pseries/iommu: Don't use dma_iommu_ops on secure guests Thiago Jung Bauermann
2019-08-20 2:13 ` Thiago Jung Bauermann
2019-08-20 2:13 ` [PATCH v4 14/16] powerpc/pseries/svm: Force SWIOTLB for " Thiago Jung Bauermann
2019-08-20 2:13 ` Thiago Jung Bauermann
2019-08-20 2:13 ` [PATCH v4 15/16] Documentation/powerpc: Ultravisor API Thiago Jung Bauermann
2019-08-20 2:13 ` Thiago Jung Bauermann
2019-08-20 2:13 ` [PATCH v4 16/16] powerpc/configs: Enable secure guest support in pseries and ppc64 defconfigs Thiago Jung Bauermann
2019-08-20 2:13 ` Thiago Jung Bauermann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190820021326.6884-7-bauerman@linux.ibm.com \
--to=bauerman@linux.ibm.com \
--cc=aik@ozlabs.ru \
--cc=andmike@linux.ibm.com \
--cc=anshuman.linux@gmail.com \
--cc=benh@kernel.crashing.org \
--cc=cclaudio@linux.ibm.com \
--cc=hch@lst.de \
--cc=linux-kernel@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=linuxram@us.ibm.com \
--cc=mpe@ellerman.id.au \
--cc=paulus@samba.org \
--cc=sukadev@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.