All of lore.kernel.org
 help / color / mirror / Atom feed
From: David Gibson <david@gibson.dropbear.id.au>
To: Greg Kurz <groug@kaod.org>
Cc: paulus@ozlabs.org, qemu-ppc@nongnu.org, linuxram@us.ibm.com,
	qemu-devel@nongnu.org, Bharata B Rao <bharata@linux.ibm.com>
Subject: Re: [PATCH v3 ppc-for-5.0 2/2] ppc/spapr: Support reboot of secure pseries guest
Date: Thu, 19 Dec 2019 12:35:05 +1100	[thread overview]
Message-ID: <20191219013505.GB2321@umbus.fritz.box> (raw)
In-Reply-To: <20191218142249.6bcf5ab4@bahia.lan>

[-- Attachment #1: Type: text/plain, Size: 3640 bytes --]

On Wed, Dec 18, 2019 at 02:22:49PM +0100, Greg Kurz wrote:
> On Wed, 18 Dec 2019 10:02:08 +0530
> Bharata B Rao <bharata@linux.ibm.com> wrote:
> 
> > A pseries guest can be run as a secure guest on Ultravisor-enabled
> > POWER platforms. When such a secure guest is reset, we need to
> > release/reset a few resources both on ultravisor and hypervisor side.
> > This is achieved by invoking this new ioctl KVM_PPC_SVM_OFF from the
> > machine reset path.
> > 
> > As part of this ioctl, the secure guest is essentially transitioned
> > back to normal mode so that it can reboot like a regular guest and
> > become secure again.
> > 
> > This ioctl has no effect when invoked for a normal guest. If this ioctl
> > fails for a secure guest, the guest is terminated.
> > 
> > Signed-off-by: Bharata B Rao <bharata@linux.ibm.com>
> > ---
> >  hw/ppc/spapr.c       |  1 +
> >  target/ppc/kvm.c     | 15 +++++++++++++++
> >  target/ppc/kvm_ppc.h |  6 ++++++
> >  3 files changed, 22 insertions(+)
> > 
> > diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
> > index f11422fc41..e62c89b3dd 100644
> > --- a/hw/ppc/spapr.c
> > +++ b/hw/ppc/spapr.c
> > @@ -1597,6 +1597,7 @@ static void spapr_machine_reset(MachineState *machine)
> >      void *fdt;
> >      int rc;
> >  
> > +    kvmppc_svm_off(&error_fatal);
> >      spapr_caps_apply(spapr);
> >  
> >      first_ppc_cpu = POWERPC_CPU(first_cpu);
> > diff --git a/target/ppc/kvm.c b/target/ppc/kvm.c
> > index 7406d18945..ae920ec310 100644
> > --- a/target/ppc/kvm.c
> > +++ b/target/ppc/kvm.c
> > @@ -2900,3 +2900,18 @@ void kvmppc_set_reg_tb_offset(PowerPCCPU *cpu, int64_t tb_offset)
> >          kvm_set_one_reg(cs, KVM_REG_PPC_TB_OFFSET, &tb_offset);
> >      }
> >  }
> > +
> > +/*
> > + * Don't set error if KVM_PPC_SVM_OFF ioctl is invoked on kernels
> > + * that don't support this ioctl.
> > + */
> > +void kvmppc_svm_off(Error **errp)
> > +{
> > +    int rc;
> > +    KVMState *s = KVM_STATE(current_machine->accelerator);
> > +
> > +    rc = kvm_vm_ioctl(s, KVM_PPC_SVM_OFF);
> > +    if (rc && rc != -ENOTTY) {
> > +        error_setg(errp, "KVM_PPC_SVM_OFF ioctl failed");
> 
> It could have made sense to use error_setg_errno(errp, -rc, ...) here
> but never mind.

Please update for this.  Otherwise we get no indication of what the
kernel level error was in the qemu error.

> 
> Reviewed-by: Greg Kurz <groug@kaod.org>
> 
> > +    }
> > +}
> > diff --git a/target/ppc/kvm_ppc.h b/target/ppc/kvm_ppc.h
> > index 47b08a4030..9a9bca1b72 100644
> > --- a/target/ppc/kvm_ppc.h
> > +++ b/target/ppc/kvm_ppc.h
> > @@ -37,6 +37,7 @@ int kvmppc_booke_watchdog_enable(PowerPCCPU *cpu);
> >  target_ulong kvmppc_configure_v3_mmu(PowerPCCPU *cpu,
> >                                       bool radix, bool gtse,
> >                                       uint64_t proc_tbl);
> > +void kvmppc_svm_off(Error **errp);
> >  #ifndef CONFIG_USER_ONLY
> >  bool kvmppc_spapr_use_multitce(void);
> >  int kvmppc_spapr_enable_inkernel_multitce(void);
> > @@ -201,6 +202,11 @@ static inline target_ulong kvmppc_configure_v3_mmu(PowerPCCPU *cpu,
> >      return 0;
> >  }
> >  
> > +static inline void kvmppc_svm_off(Error **errp)
> > +{
> > +    return;
> > +}
> > +
> >  static inline void kvmppc_set_reg_ppc_online(PowerPCCPU *cpu,
> >                                               unsigned int online)
> >  {
> 

-- 
David Gibson			| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au	| minimalist, thank you.  NOT _the_ _other_
				| _way_ _around_!
http://www.ozlabs.org/~dgibson

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

      reply	other threads:[~2019-12-19  1:36 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-12-18  4:32 [PATCH v3 ppc-for-5.0 0/2] ppc/spapr: Support reboot of secure pseries guest Bharata B Rao
2019-12-18  4:32 ` [PATCH v3 ppc-for-5.0 1/2] linux-headers: Update Bharata B Rao
2019-12-18  4:32 ` [PATCH v3 ppc-for-5.0 2/2] ppc/spapr: Support reboot of secure pseries guest Bharata B Rao
2019-12-18  8:31   ` Cédric Le Goater
2019-12-18 13:22   ` Greg Kurz
2019-12-19  1:35     ` David Gibson [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20191219013505.GB2321@umbus.fritz.box \
    --to=david@gibson.dropbear.id.au \
    --cc=bharata@linux.ibm.com \
    --cc=groug@kaod.org \
    --cc=linuxram@us.ibm.com \
    --cc=paulus@ozlabs.org \
    --cc=qemu-devel@nongnu.org \
    --cc=qemu-ppc@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.