From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932144AbdCBPyc (ORCPT ); Thu, 2 Mar 2017 10:54:32 -0500 Received: from mail-sn1nam02on0078.outbound.protection.outlook.com ([104.47.36.78]:53633 "EHLO NAM02-SN1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1753205AbdCBPwB (ORCPT ); Thu, 2 Mar 2017 10:52:01 -0500 Authentication-Results: vger.kernel.org; dkim=none (message not signed) header.d=none;vger.kernel.org; dmarc=none action=none header.from=amd.com; Subject: [RFC PATCH v2 23/32] kvm: introduce KVM_MEMORY_ENCRYPT_OP ioctl From: Brijesh Singh To: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Date: Thu, 2 Mar 2017 10:17:11 -0500 Message-ID: <148846783136.2349.9362218518503742320.stgit@brijesh-build-machine> In-Reply-To: <148846752022.2349.13667498174822419498.stgit@brijesh-build-machine> References: <148846752022.2349.13667498174822419498.stgit@brijesh-build-machine> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: MWHPR21CA0071.namprd21.prod.outlook.com (10.172.93.161) To MWHPR12MB1613.namprd12.prod.outlook.com (10.172.56.14) X-MS-Office365-Filtering-Correlation-Id: 805e247e-dc4d-4b82-c478-08d4617f36c5 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001)(48565401081);SRVR:MWHPR12MB1613; X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1613;3:y67RqzKyt8Hp985cQU4ZPfuvPncDx9cvAwRs6ZKJNnti4/c9GkQggOoqJYyAFLoKBvD48wiv5RiTN/D2pT8+fkxS6u6RHp99udAcnBmIEcbfvE7uanR255BsG2X63TQ1Np4tY0PARkF+S/gJDERC2cA4S5JgO4cYCU2Gtw0m4eJhDh8yLpp12WxFPswlCxTweTYHeflY0i3AfMGPpqlDzbz4fIf7On3cnp2FE1V70FEAuO29p83UlnVJPczQvSqTyxM410TMNKrD4xPY5fCSVhOIxDYnyMMUIhJVg7JGnCk=;25:N8B9PxCc3qkpCzEt18i8um6kZdgSLa+oukfeDeFviPRYMAuWMwlfOKf908S06p8IxjyUYSzUjmMU5vtPkEloWFLNkOnIRx6oFENgOIcBg1cIro52ERDiCOiy0MeDab0JFarhkBmL9vC9tzFTN9K0zYRnskX63R2pkWnCMLyPMqyQMbKv7mBDbK7ZdXcM8ZYJuqoLb1VBi+1RXS4yw8u9WRafZLHatEPMpTRzAcleeq8N/VkKNUNAOra/mPtj2OjzyoL1wFGELrvNCMLAyRZWSx7UipbUJBTR16kj+LzBPnz+pC7IxFESZJo99oLNw3sdtlTtmmvVNKmJvhbI0qWNYSIGiOwBqmC920wUsKmzRe74uSxbkW49pRIRhQt2u8jTva9rCl0K+tUqFx7uyi5QVBwUm30qE5PPO4p3dIGNcGTkk1poNsJX2fTIM4C6HN/VnLTVVt//mrPJ/5pbgi99tQ== X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1613;31:VAxR9quPgQ8nK36avp3LaA26X99ZDKKMeGiSaHuv6oIG+1ycUVCKOR9TUDPQZN1zcwnFicNFGzM+A7NDJuhotWo7xhRWBqB4b9+4QmcOTBCIs6d1Ea9VQGy3/sq2HqBNX+Wo6vr50opmxz7k03MWCVz6Ajwu3FX7j1kVzGcYZNo8ZT1mXM2IN9NPqve0/Hxfb8eMLD08FQju7v1RPe0FOCCA35VRDlBP7Ck+gWZdd6ed/oYtziGjRqA1r4b5vdJi;20:fH5OQUwEc0xhAV8xflPUAnMdskdLvdmCqphRGZprkJxGY/9G7SDO6A5BDP72a47RyUa4GMbxMzN0/U3IomPmQSpZLUftvTH5uDb39iqxbUX8mltXf03DrtL5iMG7eQttLPLwdjdoyUzs7lnwv8xJe8mFAYIdqyKaIDXJMa4rOhGkvdhhlkd6Jeesed1ZPY4BQ2OnXbyYORI0iicZ1HnY7y7fW/z06y7/uwL4vrrsB/zdyKNjUhFMNVeoGgUl248yEhqlLT6IBxoGNIvNf+Wo0nsRYV/F0FXGs1ay6knUsxSkbq7kfufTs/o3wqSZs6Msv6xgieipFvLskY2TE+WoLxZh/PUTBfEDl5Op7EUd3aWKwOFHAOIDyk942v7EgI0qnpNC+qwYao6vUmhxJxT4t86vgS9c7PgIfg5i8y56Ys4Px1zMITABErCg078i7L4fnSs2vv2F7EB9sNVhekxurBnWYKJPRtB/PjRgZXTO75UvgQTsvBsiwnjq5FQwSaiI X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040375)(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001)(6055026)(6041248)(20161123555025)(20161123564025)(20161123562025)(20161123558025)(20161123560025)(6072148);SRVR:MWHPR12MB1613;BCL:0;PCL:0;RULEID:;SRVR:MWHPR12MB1613; X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1613;4:5AXX9MdI9jVMx7+AMna9M+VHlacl8JChORPgrP4Er8Z5A4Fypo6LdELm6w4tjJJH9/qQdLn8DYR/oO5fBet2f3cS9I3EDxOuNe6iDCPRtSGhif4p1/MBTdKdVM/M6AQrsgMzO5Yth7BKvdB8hcqvfoIu0NnFVgUl2Qv1EiBmOhbMj9GiHDl64Fqy+I3U8Pj+DPFnJJCKhBZTixuxFoxHc+wxV0A++9yoSFhBZ6Tg+7sxF23MI9o15Sg49tzbQ0XeKo2Z9gCWvayRDZYDaz7v3Vp5+KSG0XA12tB7YcraKRySzU9e7iOeZ1ZTMXcGHubHFHEvxMwFOGaxYYp7w1r0cMyMytnLtpWVbeQjykrDye7el484UWKZwLKOabhuJA5rHng4MQ76x3yC95VxAPpXW8Rg7FkwQKIuLWtTCo41Vd2bYvLQcEfvdya6CYjNqNIpYPirLV0zhcHNkz1x/0/QTuIyDBiLXpQAcNuYL1CLk4v+LK64uopQYfMyX+sx237GQKBZhn0INS7KEaEeD5UqIy3A1DoY3Rz8SR6hO4AAx3pr4kIwyutwsFA2idR+d1dKDKqrF5Yjans+yzshqh/Ozqtl0tWPVtdV60z/M+QlyGyS6xUzq87vxuThVcSrg69Ux3KcqXMxWHMksbJ/es2E8s1rGsplKrqmPlv7oGjGq44= X-Forefront-PRVS: 023495660C X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(4630300001)(6009001)(6049001)(7916002)(39450400003)(39840400002)(39860400002)(39410400002)(39850400002)(54356999)(230700001)(42186005)(76176999)(3846002)(2950100002)(5660300001)(2906002)(33646002)(33716001)(50986999)(6666003)(83506001)(6116002)(66066001)(8676002)(9686003)(38730400002)(25786008)(53936002)(92566002)(77096006)(6486002)(189998001)(90366009)(2201001)(50466002)(23676002)(7406005)(1191002)(7366002)(103116003)(86362001)(7416002)(7736002)(305945005)(81166006)(47776003)(921003)(2101003)(1121003)(83996005)(217873001)(84006005);DIR:OUT;SFP:1101;SCL:1;SRVR:MWHPR12MB1613;H:[127.0.1.1];FPR:;SPF:None;MLV:sfv;LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtNV0hQUjEyTUIxNjEzOzIzOnJjUnhieVpMWHF0THpLRzZpaXpYRzlqcFRk?= =?utf-8?B?TUIrb0F1Y2xmeUdEZ3BCNUVaNVlUSGIydVlhVmJ3SmVVK0M1VUFrZVNyVUxo?= =?utf-8?B?TTBzWFZTcTljVTVTQ2xNUEx3MTN2Rlp6RE1XTFp0b0NrRUN0WUZLeG5CV3Bk?= =?utf-8?B?UEE4bFBvSDFvN1M3T3NiWTg3QTJnc0FRM0k4ajlxWUVRalU5NDl3YVRoZ2Zv?= =?utf-8?B?WDgxR003VGRkK3lQRVIybTlwWDhTQ0RhbEgxY3F4cnlsWkp5TW1iMGlDRlFi?= =?utf-8?B?NUFzQlRvSE84YXZlTjlHd2hydFlheTBNK0hVUm5lL2IxWnh3VFphYUNobkh0?= =?utf-8?B?WWxEbnFXUFVSVDE5T2JuK2cxbklDOUF5OEkzQ1VzNXNVdW5mbm5KZ3NGa1Vz?= =?utf-8?B?M2crbndYanhNaFJzckN5bkpkbU10MXZQai9YMXdoSElpNUNkSENXcGxlbXRa?= =?utf-8?B?L1Q2R1FHQTFYM3hBOVFhU2RTQkJpNTZYY0tnTEpuSmZvdGRyVUlEY2NGRGx5?= =?utf-8?B?aGVPbEY5dGxucXlUTFNScVg5enBEZTR2aUVmd3IvOXpMVDQvOHMrUVpOQ0hT?= =?utf-8?B?QlB6VGQrcGZ0R2Nkc0V4eDZLSnJnb1pkWnlDZyt6c2FuWHlCbkVBWm5EOUN6?= =?utf-8?B?dzlEU3I2ZXNSTXNBRFlHeW1CNnJQZlM5NXNIamRlTSsrUlhRSXVIZ1RBQlZk?= =?utf-8?B?dXdQemp5WVRYTEZCWGkwVnQvcWx4YkZjclhhY1gyZjU4ek1VUE5DYlVMczlZ?= =?utf-8?B?dFVmV094bEljUnhPeTMyTkt5VEJHdjRJSm5OQjhKa1VvbWczcGFmVFU3K1g1?= =?utf-8?B?RStWaVE5TklFQXp5Tjc1WVN0eEphdURrakM0cWVPMkhJYzYxQk9jSnY3V2lC?= =?utf-8?B?VUh6cjZJRTdwdVpjQkJHUzVlZURoamZDOU5kVmM0cndnUVBuU2pEU0VnSkFs?= =?utf-8?B?RUttK1NuZVhaSUYwRVBxd2h2YjBtaG1XaFdXVU84SjcyeDlSd08zazBSb0tC?= =?utf-8?B?V1pUL1ZBUXBZRkZFTERqOUJTY0dpTXhIZmtYNjd2czhGZW1zMmxEOHdGcS8r?= =?utf-8?B?V0FQREtvNUEvVXdIYVhXSE9aT29kSjBJL3lXNVdnK0wrSEJkZGgxSGRJWGpt?= =?utf-8?B?WEIxaTJxaG1MTEN1Wi9jeGhTQkJEMnhDUlNCYWZ2a1I4U3FTeGJOQjh1dU8v?= =?utf-8?B?L1BVNE1IaGx3UWd4cTZHUTMzZUJvNEtNZkFmdS9GUmZ4Z1IySzJOQy9zN3VK?= =?utf-8?B?U0gwS3QySm1XSU4reWsvdFJVZnRrc2Z6WTVsem1yQi8zRHFVRTErSXBJdVRG?= =?utf-8?B?MldXWDAwK3lSL3V0TjVkdU8xbUpkbHEzWG1SUnJTcVorcjRvTDBJdXlFWW9m?= =?utf-8?B?YVRTeWVhSytPZEpiSjFqaDRFdlBnN2FaWjBWR3hYaHZCVFkwMzY5bURUNnNK?= =?utf-8?B?Y2J0QUxwdmlCc204bi8zVE1IZllCSzdVYk9iQnJFZVovSFprMGFaY2ZhZEV6?= =?utf-8?B?ZUcyVmNoRktyK2JnYmhFRGdSWW96UkozcnAzSnNmZzQ3eFNBQlpyRXlid0Rv?= =?utf-8?B?Tk5LVkFma3JzSFVhaitLSEpxVTlEZVJOeTdwcGlXcDhudXpYOHZDb1dPb1hH?= =?utf-8?B?RVljRjVnTTNrT090STN4NTJaSExlZyt3T0l0dlNyWHBNZEJkZUhpY080Z2xG?= =?utf-8?Q?ctdgo7pL84c7aSe+xNftv8S/Rrft4Sy4SyJt8SD?= X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1613;6:gG0+6SYNXiwccF+LfV74HDLsRevFbe3JiE9nd9UMZLJvACQW8ZmJzkgcmDUGSQiwnjiXJyAgab9JruJ4G3VWAP3H++/pkO+mgcEJHLuZrvxZmLM8yt3NuCvb20Y3oxqa4J8n7wxa2OUn3e+dMcpCEbOsZLUeqULt3kAK8EngW7I3g9XsE21uA7mw2py/86lt14teOw3nft+fqBqcVz9ayLgXAqC1s1rCSRuIkJMVGAGNqYurioaa5SpDssHfi5ulTHIMoHEeYlvLvF9MQ3q++XRtV7IYuXQq27coTc8ONvEb6ilZ8acFYfHZK9dMzgnAoQMFM7IM6KPHfq38lD9i+4WdyRbI5VjQ/5KsY+eDB9+NcCiX+W1+Z05nM+9dniXZdGXDtn4FBmGjuQjC38Ehxfu/DBODls/EdA0mwmOy7HY=;5:9SpSZcE0o9xiSFES9MkPDr8DGwEdMAZwnjms7BUcM2+cOELJQb5foBT8eIaoVn3rGCGYUzOHmLL4yfzfeZHP2OH3tyVL1JnYAB/jVGC74DgPxMlBNKM7ZhUdIpQv66D+b0pL+zcoIXJPcXJXRUNSKQ==;24:C9JrT8KsmwjvWdpuYRSXa/RHjJn3MULTyR/0YOUBR3dvCRQpLZmXc1PAQaiDjPtOJeQwSQO3DCvpQBivN41tFLp+C3JAmhGx54eTv0W3hek= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1613;7:pXSoqQgSaawNwd5FeJOlQIymUo9ocimuPaULEurtfv9EIkbRkVEmRVu59Af9snRunvH30xgKaWWQb84racuSnEW4WJ/+agQyaPefe/2xmHAbCTHHiKVEUcyOxOkvmVeI74NKs7+X90cOiEC2d+psowmXTeFnsp2+u8x4UOd/uBEpCar2I5It3HRoo/XkzJ3hchepoLw4uAJcXh/oXJGiDwSJv4x8Xe5UuWi0O1bk/cZD6uiRLokY0nOHTbBm3CzfQaHiMP7Z+k30LmHLxtkjsHsvXPgWZywWNDx1W56PTID06B0raqmzVSxAIL4BeBjiM0flCObnoXegoiB0Ij+2Dg==;20:FcCjHupoHYyCPfW26ijVf8Eckyp3Lq4rS1PFD0WwakacDk6gPtETq+wwXM5suE2AUireqXkEt4bcc2p9dwBoLMN0pyyu4ozR6REh7LstJ3rzaOUehv5+OM1FsHzN8rWTw44JMLpQ5O/gFZtaPksfBPK8cBsfqfnH5h9D+IzyoCnGkJ7jnca3cNtLFUcTqjmSsxwF6IwNz5vSt0fDL2NS7PRstoJ3UFWjjg+3+SUEr7YX5xg5kxdY43JI+x0/vIAY X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Mar 2017 15:17:14.3910 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR12MB1613 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org If hardware supports encrypting then KVM_MEMORY_ENCRYPT_OP ioctl can be used by qemu to issue platform specific memory encryption commands. Signed-off-by: Brijesh Singh --- arch/x86/include/asm/kvm_host.h | 2 ++ arch/x86/kvm/x86.c | 12 ++++++++++++ include/uapi/linux/kvm.h | 2 ++ 3 files changed, 16 insertions(+) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index bff1f15..62651ad 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1033,6 +1033,8 @@ struct kvm_x86_ops { void (*cancel_hv_timer)(struct kvm_vcpu *vcpu); void (*setup_mce)(struct kvm_vcpu *vcpu); + + int (*memory_encryption_op)(struct kvm *kvm, void __user *argp); }; struct kvm_arch_async_pf { diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 2099df8..6a737e9 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -3926,6 +3926,14 @@ static int kvm_vm_ioctl_enable_cap(struct kvm *kvm, return r; } +static int kvm_vm_ioctl_memory_encryption_op(struct kvm *kvm, void __user *argp) +{ + if (kvm_x86_ops->memory_encryption_op) + return kvm_x86_ops->memory_encryption_op(kvm, argp); + + return -ENOTTY; +} + long kvm_arch_vm_ioctl(struct file *filp, unsigned int ioctl, unsigned long arg) { @@ -4189,6 +4197,10 @@ long kvm_arch_vm_ioctl(struct file *filp, r = kvm_vm_ioctl_enable_cap(kvm, &cap); break; } + case KVM_MEMORY_ENCRYPT_OP: { + r = kvm_vm_ioctl_memory_encryption_op(kvm, argp); + break; + } default: r = kvm_vm_ioctl_assigned_device(kvm, ioctl, arg); } diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index cac48ed..fef7d83 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -1281,6 +1281,8 @@ struct kvm_s390_ucas_mapping { #define KVM_S390_GET_IRQ_STATE _IOW(KVMIO, 0xb6, struct kvm_s390_irq_state) /* Available with KVM_CAP_X86_SMM */ #define KVM_SMI _IO(KVMIO, 0xb7) +/* Memory Encryption Commands */ +#define KVM_MEMORY_ENCRYPT_OP _IOWR(KVMIO, 0xb8, unsigned long) #define KVM_DEV_ASSIGN_ENABLE_IOMMU (1 << 0) #define KVM_DEV_ASSIGN_PCI_2_3 (1 << 1) From mboxrd@z Thu Jan 1 00:00:00 1970 From: Brijesh Singh Subject: [RFC PATCH v2 23/32] kvm: introduce KVM_MEMORY_ENCRYPT_OP ioctl Date: Thu, 2 Mar 2017 10:17:11 -0500 Message-ID: <148846783136.2349.9362218518503742320.stgit@brijesh-build-machine> References: <148846752022.2349.13667498174822419498.stgit@brijesh-build-machine> Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <148846752022.2349.13667498174822419498.stgit@brijesh-build-machine> Sender: owner-linux-mm@kvack.org To: simon.guinot@sequanux.org, linux-efi@vger.kernel.org, brijesh.singh@amd.com, kvm@vger.kernel.org, rkrcmar@redhat.com, matt@codeblueprint.co.uk, linux-pci@vger.kernel.org, linus.walleij@linaro.org, gary.hook@amd.com, linux-mm@kvack.org, paul.gortmaker@windriver.com, hpa@zytor.com, cl@linux.com, dan.j.williams@intel.com, aarcange@redhat.com, sfr@canb.auug.org.au, andriy.shevchenko@linux.intel.com, herbert@gondor.apana.org.au, bhe@redhat.com, xemul@parallels.com, joro@8bytes.org, x86@kernel.org, peterz@infradead.org, piotr.luc@intel.com, mingo@redhat.com, msalter@redhat.com, ross.zwisler@linux.intel.com, bp@suse.de, dyoung@redhat.com, thomas.lendacky@amd.com, jroedel@suse.de, keescook@chromium.org, arnd@arndb.de, toshi.kani@hpe.com, mathieu.desnoyers@efficios.com, luto@kernel.org, devel@linuxdriverproj List-Id: linux-efi@vger.kernel.org If hardware supports encrypting then KVM_MEMORY_ENCRYPT_OP ioctl can be used by qemu to issue platform specific memory encryption commands. Signed-off-by: Brijesh Singh --- arch/x86/include/asm/kvm_host.h | 2 ++ arch/x86/kvm/x86.c | 12 ++++++++++++ include/uapi/linux/kvm.h | 2 ++ 3 files changed, 16 insertions(+) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index bff1f15..62651ad 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1033,6 +1033,8 @@ struct kvm_x86_ops { void (*cancel_hv_timer)(struct kvm_vcpu *vcpu); void (*setup_mce)(struct kvm_vcpu *vcpu); + + int (*memory_encryption_op)(struct kvm *kvm, void __user *argp); }; struct kvm_arch_async_pf { diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 2099df8..6a737e9 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -3926,6 +3926,14 @@ static int kvm_vm_ioctl_enable_cap(struct kvm *kvm, return r; } +static int kvm_vm_ioctl_memory_encryption_op(struct kvm *kvm, void __user *argp) +{ + if (kvm_x86_ops->memory_encryption_op) + return kvm_x86_ops->memory_encryption_op(kvm, argp); + + return -ENOTTY; +} + long kvm_arch_vm_ioctl(struct file *filp, unsigned int ioctl, unsigned long arg) { @@ -4189,6 +4197,10 @@ long kvm_arch_vm_ioctl(struct file *filp, r = kvm_vm_ioctl_enable_cap(kvm, &cap); break; } + case KVM_MEMORY_ENCRYPT_OP: { + r = kvm_vm_ioctl_memory_encryption_op(kvm, argp); + break; + } default: r = kvm_vm_ioctl_assigned_device(kvm, ioctl, arg); } diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index cac48ed..fef7d83 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -1281,6 +1281,8 @@ struct kvm_s390_ucas_mapping { #define KVM_S390_GET_IRQ_STATE _IOW(KVMIO, 0xb6, struct kvm_s390_irq_state) /* Available with KVM_CAP_X86_SMM */ #define KVM_SMI _IO(KVMIO, 0xb7) +/* Memory Encryption Commands */ +#define KVM_MEMORY_ENCRYPT_OP _IOWR(KVMIO, 0xb8, unsigned long) #define KVM_DEV_ASSIGN_ENABLE_IOMMU (1 << 0) #define KVM_DEV_ASSIGN_PCI_2_3 (1 << 1) -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@kvack.org. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: email@kvack.org From mboxrd@z Thu Jan 1 00:00:00 1970 From: Brijesh Singh Subject: [RFC PATCH v2 23/32] kvm: introduce KVM_MEMORY_ENCRYPT_OP ioctl Date: Thu, 2 Mar 2017 10:17:11 -0500 Message-ID: <148846783136.2349.9362218518503742320.stgit@brijesh-build-machine> References: <148846752022.2349.13667498174822419498.stgit@brijesh-build-machine> Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit To: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , In-Reply-To: <148846752022.2349.13667498174822419498.stgit@brijesh-build-machine> Sender: owner-linux-mm@kvack.org List-Id: kvm.vger.kernel.org If hardware supports encrypting then KVM_MEMORY_ENCRYPT_OP ioctl can be used by qemu to issue platform specific memory encryption commands. Signed-off-by: Brijesh Singh --- arch/x86/include/asm/kvm_host.h | 2 ++ arch/x86/kvm/x86.c | 12 ++++++++++++ include/uapi/linux/kvm.h | 2 ++ 3 files changed, 16 insertions(+) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index bff1f15..62651ad 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1033,6 +1033,8 @@ struct kvm_x86_ops { void (*cancel_hv_timer)(struct kvm_vcpu *vcpu); void (*setup_mce)(struct kvm_vcpu *vcpu); + + int (*memory_encryption_op)(struct kvm *kvm, void __user *argp); }; struct kvm_arch_async_pf { diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 2099df8..6a737e9 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -3926,6 +3926,14 @@ static int kvm_vm_ioctl_enable_cap(struct kvm *kvm, return r; } +static int kvm_vm_ioctl_memory_encryption_op(struct kvm *kvm, void __user *argp) +{ + if (kvm_x86_ops->memory_encryption_op) + return kvm_x86_ops->memory_encryption_op(kvm, argp); + + return -ENOTTY; +} + long kvm_arch_vm_ioctl(struct file *filp, unsigned int ioctl, unsigned long arg) { @@ -4189,6 +4197,10 @@ long kvm_arch_vm_ioctl(struct file *filp, r = kvm_vm_ioctl_enable_cap(kvm, &cap); break; } + case KVM_MEMORY_ENCRYPT_OP: { + r = kvm_vm_ioctl_memory_encryption_op(kvm, argp); + break; + } default: r = kvm_vm_ioctl_assigned_device(kvm, ioctl, arg); } diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index cac48ed..fef7d83 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -1281,6 +1281,8 @@ struct kvm_s390_ucas_mapping { #define KVM_S390_GET_IRQ_STATE _IOW(KVMIO, 0xb6, struct kvm_s390_irq_state) /* Available with KVM_CAP_X86_SMM */ #define KVM_SMI _IO(KVMIO, 0xb7) +/* Memory Encryption Commands */ +#define KVM_MEMORY_ENCRYPT_OP _IOWR(KVMIO, 0xb8, unsigned long) #define KVM_DEV_ASSIGN_ENABLE_IOMMU (1 << 0) #define KVM_DEV_ASSIGN_PCI_2_3 (1 << 1) -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@kvack.org. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: email@kvack.org From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pf0-f200.google.com (mail-pf0-f200.google.com [209.85.192.200]) by kanga.kvack.org (Postfix) with ESMTP id CBF226B03AF for ; Thu, 2 Mar 2017 10:17:19 -0500 (EST) Received: by mail-pf0-f200.google.com with SMTP id 6so85326242pfd.6 for ; Thu, 02 Mar 2017 07:17:19 -0800 (PST) Received: from NAM01-BY2-obe.outbound.protection.outlook.com (mail-by2nam01on0066.outbound.protection.outlook.com. [104.47.34.66]) by mx.google.com with ESMTPS id c21si7685475pgi.128.2017.03.02.07.17.18 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 02 Mar 2017 07:17:18 -0800 (PST) Subject: [RFC PATCH v2 23/32] kvm: introduce KVM_MEMORY_ENCRYPT_OP ioctl From: Brijesh Singh Date: Thu, 2 Mar 2017 10:17:11 -0500 Message-ID: <148846783136.2349.9362218518503742320.stgit@brijesh-build-machine> In-Reply-To: <148846752022.2349.13667498174822419498.stgit@brijesh-build-machine> References: <148846752022.2349.13667498174822419498.stgit@brijesh-build-machine> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Sender: owner-linux-mm@kvack.org List-ID: To: simon.guinot@sequanux.org, linux-efi@vger.kernel.org, brijesh.singh@amd.com, kvm@vger.kernel.org, rkrcmar@redhat.com, matt@codeblueprint.co.uk, linux-pci@vger.kernel.org, linus.walleij@linaro.org, gary.hook@amd.com, linux-mm@kvack.org, paul.gortmaker@windriver.com, hpa@zytor.com, cl@linux.com, dan.j.williams@intel.com, aarcange@redhat.com, sfr@canb.auug.org.au, andriy.shevchenko@linux.intel.com, herbert@gondor.apana.org.au, bhe@redhat.com, xemul@parallels.com, joro@8bytes.org, x86@kernel.org, peterz@infradead.org, piotr.luc@intel.com, mingo@redhat.com, msalter@redhat.com, ross.zwisler@linux.intel.com, bp@suse.de, dyoung@redhat.com, thomas.lendacky@amd.com, jroedel@suse.de, keescook@chromium.org, arnd@arndb.de, toshi.kani@hpe.com, mathieu.desnoyers@efficios.com, luto@kernel.org, devel@linuxdriverproject.org, bhelgaas@google.com, tglx@linutronix.de, mchehab@kernel.org, iamjoonsoo.kim@lge.com, labbott@fedoraproject.org, tony.luck@intel.com, alexandre.bounine@idt.com, kuleshovmail@gmail.com, linux-kernel@vger.kernel.org, mcgrof@kernel.org, mst@redhat.com, linux-crypto@vger.kernel.org, tj@kernel.org, pbonzini@redhat.com, akpm@linux-foundation.org, davem@davemloft.net If hardware supports encrypting then KVM_MEMORY_ENCRYPT_OP ioctl can be used by qemu to issue platform specific memory encryption commands. Signed-off-by: Brijesh Singh --- arch/x86/include/asm/kvm_host.h | 2 ++ arch/x86/kvm/x86.c | 12 ++++++++++++ include/uapi/linux/kvm.h | 2 ++ 3 files changed, 16 insertions(+) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index bff1f15..62651ad 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1033,6 +1033,8 @@ struct kvm_x86_ops { void (*cancel_hv_timer)(struct kvm_vcpu *vcpu); void (*setup_mce)(struct kvm_vcpu *vcpu); + + int (*memory_encryption_op)(struct kvm *kvm, void __user *argp); }; struct kvm_arch_async_pf { diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 2099df8..6a737e9 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -3926,6 +3926,14 @@ static int kvm_vm_ioctl_enable_cap(struct kvm *kvm, return r; } +static int kvm_vm_ioctl_memory_encryption_op(struct kvm *kvm, void __user *argp) +{ + if (kvm_x86_ops->memory_encryption_op) + return kvm_x86_ops->memory_encryption_op(kvm, argp); + + return -ENOTTY; +} + long kvm_arch_vm_ioctl(struct file *filp, unsigned int ioctl, unsigned long arg) { @@ -4189,6 +4197,10 @@ long kvm_arch_vm_ioctl(struct file *filp, r = kvm_vm_ioctl_enable_cap(kvm, &cap); break; } + case KVM_MEMORY_ENCRYPT_OP: { + r = kvm_vm_ioctl_memory_encryption_op(kvm, argp); + break; + } default: r = kvm_vm_ioctl_assigned_device(kvm, ioctl, arg); } diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index cac48ed..fef7d83 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -1281,6 +1281,8 @@ struct kvm_s390_ucas_mapping { #define KVM_S390_GET_IRQ_STATE _IOW(KVMIO, 0xb6, struct kvm_s390_irq_state) /* Available with KVM_CAP_X86_SMM */ #define KVM_SMI _IO(KVMIO, 0xb7) +/* Memory Encryption Commands */ +#define KVM_MEMORY_ENCRYPT_OP _IOWR(KVMIO, 0xb8, unsigned long) #define KVM_DEV_ASSIGN_ENABLE_IOMMU (1 << 0) #define KVM_DEV_ASSIGN_PCI_2_3 (1 << 1) -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@kvack.org. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: email@kvack.org