* [PATCH v3 0/2] kernel: add new infrastructure for platform_has() support
@ 2022-05-04 15:57 ` Juergen Gross via Virtualization
0 siblings, 0 replies; 17+ messages in thread
From: Juergen Gross @ 2022-05-04 15:57 UTC (permalink / raw)
To: xen-devel, linux-kernel, linux-arch, x86, linux-s390, virtualization
Cc: Juergen Gross, Arnd Bergmann, Heiko Carstens, Vasily Gorbik,
Alexander Gordeev, Christian Borntraeger, Sven Schnelle,
Thomas Gleixner, Ingo Molnar, Borislav Petkov, Dave Hansen,
H. Peter Anvin, Andy Lutomirski, Peter Zijlstra,
Michael S. Tsirkin, Jason Wang, Christoph Hellwig,
Oleksandr Tyshchenko
In another patch series [1] the need has come up to have support for
a generic feature flag infrastructure.
This patch series is introducing that infrastructure and adds the first
use case.
I have decided to use a similar interface as the already known x86
cpu_has() function. As the new infrastructure is meant to be usable for
general and arch-specific feature flags, the flags are being spread
between a general bitmap and an arch specific one.
The bitmaps start all being zero, single features can be set or reset
at any time by using the related platform_[re]set_feature() functions.
The platform_has() function is using a simple test_bit() call for now,
further optimization might be added when needed.
[1]: https://lore.kernel.org/lkml/1650646263-22047-1-git-send-email-olekstysh@gmail.com/T/#t
Juergen Gross (2):
kernel: add platform_has() infrastructure
virtio: replace arch_has_restricted_virtio_memory_access()
MAINTAINERS | 8 ++++++++
arch/s390/Kconfig | 1 -
arch/s390/mm/init.c | 13 +++----------
arch/x86/Kconfig | 1 -
arch/x86/mm/mem_encrypt.c | 7 -------
arch/x86/mm/mem_encrypt_amd.c | 4 ++++
drivers/virtio/Kconfig | 6 ------
drivers/virtio/virtio.c | 5 ++---
include/asm-generic/Kbuild | 1 +
include/asm-generic/platform-feature.h | 8 ++++++++
include/linux/platform-feature.h | 19 ++++++++++++++++++
include/linux/virtio_config.h | 9 ---------
kernel/Makefile | 2 +-
kernel/platform-feature.c | 27 ++++++++++++++++++++++++++
14 files changed, 73 insertions(+), 38 deletions(-)
create mode 100644 include/asm-generic/platform-feature.h
create mode 100644 include/linux/platform-feature.h
create mode 100644 kernel/platform-feature.c
--
2.35.3
^ permalink raw reply [flat|nested] 17+ messages in thread
* [PATCH v3 0/2] kernel: add new infrastructure for platform_has() support
@ 2022-05-04 15:57 ` Juergen Gross via Virtualization
0 siblings, 0 replies; 17+ messages in thread
From: Juergen Gross via Virtualization @ 2022-05-04 15:57 UTC (permalink / raw)
To: xen-devel, linux-kernel, linux-arch, x86, linux-s390, virtualization
Cc: Juergen Gross, Oleksandr Tyshchenko, Arnd Bergmann,
Vasily Gorbik, Michael S. Tsirkin, Peter Zijlstra,
Heiko Carstens, Dave Hansen, Christoph Hellwig, Ingo Molnar,
Borislav Petkov, Sven Schnelle, Andy Lutomirski, H. Peter Anvin,
Alexander Gordeev, Thomas Gleixner
In another patch series [1] the need has come up to have support for
a generic feature flag infrastructure.
This patch series is introducing that infrastructure and adds the first
use case.
I have decided to use a similar interface as the already known x86
cpu_has() function. As the new infrastructure is meant to be usable for
general and arch-specific feature flags, the flags are being spread
between a general bitmap and an arch specific one.
The bitmaps start all being zero, single features can be set or reset
at any time by using the related platform_[re]set_feature() functions.
The platform_has() function is using a simple test_bit() call for now,
further optimization might be added when needed.
[1]: https://lore.kernel.org/lkml/1650646263-22047-1-git-send-email-olekstysh@gmail.com/T/#t
Juergen Gross (2):
kernel: add platform_has() infrastructure
virtio: replace arch_has_restricted_virtio_memory_access()
MAINTAINERS | 8 ++++++++
arch/s390/Kconfig | 1 -
arch/s390/mm/init.c | 13 +++----------
arch/x86/Kconfig | 1 -
arch/x86/mm/mem_encrypt.c | 7 -------
arch/x86/mm/mem_encrypt_amd.c | 4 ++++
drivers/virtio/Kconfig | 6 ------
drivers/virtio/virtio.c | 5 ++---
include/asm-generic/Kbuild | 1 +
include/asm-generic/platform-feature.h | 8 ++++++++
include/linux/platform-feature.h | 19 ++++++++++++++++++
include/linux/virtio_config.h | 9 ---------
kernel/Makefile | 2 +-
kernel/platform-feature.c | 27 ++++++++++++++++++++++++++
14 files changed, 73 insertions(+), 38 deletions(-)
create mode 100644 include/asm-generic/platform-feature.h
create mode 100644 include/linux/platform-feature.h
create mode 100644 kernel/platform-feature.c
--
2.35.3
_______________________________________________
Virtualization mailing list
Virtualization@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/virtualization
^ permalink raw reply [flat|nested] 17+ messages in thread
* [PATCH v3 1/2] kernel: add platform_has() infrastructure
2022-05-04 15:57 ` Juergen Gross via Virtualization
@ 2022-05-04 15:57 ` Juergen Gross via Virtualization
-1 siblings, 0 replies; 17+ messages in thread
From: Juergen Gross @ 2022-05-04 15:57 UTC (permalink / raw)
To: xen-devel, linux-kernel, linux-arch, x86, linux-s390, virtualization
Cc: Juergen Gross, Arnd Bergmann, Heiko Carstens, Vasily Gorbik,
Alexander Gordeev, Christian Borntraeger, Sven Schnelle,
Thomas Gleixner, Ingo Molnar, Borislav Petkov, Dave Hansen,
H. Peter Anvin, Andy Lutomirski, Peter Zijlstra,
Michael S. Tsirkin, Jason Wang, Christoph Hellwig,
Oleksandr Tyshchenko
Add a simple infrastructure for setting, resetting and querying
platform feature flags.
Flags can be either global or architecture specific.
Signed-off-by: Juergen Gross <jgross@suse.com>
---
V2:
- rename set/reset functions to platform_[set|clear]() (Boris Petkov,
Heiko Carstens)
- move function implementations to c file (Boris Petkov)
---
MAINTAINERS | 8 ++++++++
include/asm-generic/Kbuild | 1 +
include/asm-generic/platform-feature.h | 8 ++++++++
include/linux/platform-feature.h | 15 ++++++++++++++
kernel/Makefile | 2 +-
kernel/platform-feature.c | 27 ++++++++++++++++++++++++++
6 files changed, 60 insertions(+), 1 deletion(-)
create mode 100644 include/asm-generic/platform-feature.h
create mode 100644 include/linux/platform-feature.h
create mode 100644 kernel/platform-feature.c
diff --git a/MAINTAINERS b/MAINTAINERS
index edc96cdb85e8..2749a88d75f2 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -15657,6 +15657,14 @@ S: Maintained
F: Documentation/devicetree/bindings/iio/chemical/plantower,pms7003.yaml
F: drivers/iio/chemical/pms7003.c
+PLATFORM FEATURE INFRASTRUCTURE
+M: Juergen Gross <jgross@suse.com>
+S: Maintained
+F: arch/*/include/asm/platform-feature.h
+F: include/asm-generic/platform-feature.h
+F: include/linux/platform-feature.h
+F: kernel/platform-feature.c
+
PLDMFW LIBRARY
M: Jacob Keller <jacob.e.keller@intel.com>
S: Maintained
diff --git a/include/asm-generic/Kbuild b/include/asm-generic/Kbuild
index 302506bbc2a4..8e47d483b524 100644
--- a/include/asm-generic/Kbuild
+++ b/include/asm-generic/Kbuild
@@ -44,6 +44,7 @@ mandatory-y += msi.h
mandatory-y += pci.h
mandatory-y += percpu.h
mandatory-y += pgalloc.h
+mandatory-y += platform-feature.h
mandatory-y += preempt.h
mandatory-y += rwonce.h
mandatory-y += sections.h
diff --git a/include/asm-generic/platform-feature.h b/include/asm-generic/platform-feature.h
new file mode 100644
index 000000000000..4b0af3d51588
--- /dev/null
+++ b/include/asm-generic/platform-feature.h
@@ -0,0 +1,8 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+#ifndef _ASM_GENERIC_PLATFORM_FEATURE_H
+#define _ASM_GENERIC_PLATFORM_FEATURE_H
+
+/* Number of arch specific feature flags. */
+#define PLATFORM_ARCH_FEAT_N 0
+
+#endif /* _ASM_GENERIC_PLATFORM_FEATURE_H */
diff --git a/include/linux/platform-feature.h b/include/linux/platform-feature.h
new file mode 100644
index 000000000000..6ed859928b97
--- /dev/null
+++ b/include/linux/platform-feature.h
@@ -0,0 +1,15 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+#ifndef _PLATFORM_FEATURE_H
+#define _PLATFORM_FEATURE_H
+
+#include <linux/bitops.h>
+#include <asm/platform-feature.h>
+
+/* The platform features are starting with the architecture specific ones. */
+#define PLATFORM_FEAT_N (0 + PLATFORM_ARCH_FEAT_N)
+
+void platform_set(unsigned int feature);
+void platform_clear(unsigned int feature);
+bool platform_has(unsigned int feature);
+
+#endif /* _PLATFORM_FEATURE_H */
diff --git a/kernel/Makefile b/kernel/Makefile
index 847a82bfe0e3..2f412f80110d 100644
--- a/kernel/Makefile
+++ b/kernel/Makefile
@@ -7,7 +7,7 @@ obj-y = fork.o exec_domain.o panic.o \
cpu.o exit.o softirq.o resource.o \
sysctl.o capability.o ptrace.o user.o \
signal.o sys.o umh.o workqueue.o pid.o task_work.o \
- extable.o params.o \
+ extable.o params.o platform-feature.o \
kthread.o sys_ni.o nsproxy.o \
notifier.o ksysfs.o cred.o reboot.o \
async.o range.o smpboot.o ucount.o regset.o
diff --git a/kernel/platform-feature.c b/kernel/platform-feature.c
new file mode 100644
index 000000000000..cb6a6c3e4fed
--- /dev/null
+++ b/kernel/platform-feature.c
@@ -0,0 +1,27 @@
+// SPDX-License-Identifier: GPL-2.0
+
+#include <linux/bitops.h>
+#include <linux/cache.h>
+#include <linux/export.h>
+#include <linux/platform-feature.h>
+
+#define PLATFORM_FEAT_ARRAY_SZ BITS_TO_LONGS(PLATFORM_FEAT_N)
+static unsigned long __read_mostly platform_features[PLATFORM_FEAT_ARRAY_SZ];
+
+void platform_set(unsigned int feature)
+{
+ set_bit(feature, platform_features);
+}
+EXPORT_SYMBOL_GPL(platform_set);
+
+void platform_clear(unsigned int feature)
+{
+ clear_bit(feature, platform_features);
+}
+EXPORT_SYMBOL_GPL(platform_clear);
+
+bool platform_has(unsigned int feature)
+{
+ return test_bit(feature, platform_features);
+}
+EXPORT_SYMBOL_GPL(platform_has);
--
2.35.3
^ permalink raw reply related [flat|nested] 17+ messages in thread
* [PATCH v3 1/2] kernel: add platform_has() infrastructure
@ 2022-05-04 15:57 ` Juergen Gross via Virtualization
0 siblings, 0 replies; 17+ messages in thread
From: Juergen Gross via Virtualization @ 2022-05-04 15:57 UTC (permalink / raw)
To: xen-devel, linux-kernel, linux-arch, x86, linux-s390, virtualization
Cc: Juergen Gross, Oleksandr Tyshchenko, Arnd Bergmann,
Vasily Gorbik, Michael S. Tsirkin, Peter Zijlstra,
Heiko Carstens, Dave Hansen, Christoph Hellwig, Ingo Molnar,
Borislav Petkov, Sven Schnelle, Andy Lutomirski, H. Peter Anvin,
Alexander Gordeev, Thomas Gleixner
Add a simple infrastructure for setting, resetting and querying
platform feature flags.
Flags can be either global or architecture specific.
Signed-off-by: Juergen Gross <jgross@suse.com>
---
V2:
- rename set/reset functions to platform_[set|clear]() (Boris Petkov,
Heiko Carstens)
- move function implementations to c file (Boris Petkov)
---
MAINTAINERS | 8 ++++++++
include/asm-generic/Kbuild | 1 +
include/asm-generic/platform-feature.h | 8 ++++++++
include/linux/platform-feature.h | 15 ++++++++++++++
kernel/Makefile | 2 +-
kernel/platform-feature.c | 27 ++++++++++++++++++++++++++
6 files changed, 60 insertions(+), 1 deletion(-)
create mode 100644 include/asm-generic/platform-feature.h
create mode 100644 include/linux/platform-feature.h
create mode 100644 kernel/platform-feature.c
diff --git a/MAINTAINERS b/MAINTAINERS
index edc96cdb85e8..2749a88d75f2 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -15657,6 +15657,14 @@ S: Maintained
F: Documentation/devicetree/bindings/iio/chemical/plantower,pms7003.yaml
F: drivers/iio/chemical/pms7003.c
+PLATFORM FEATURE INFRASTRUCTURE
+M: Juergen Gross <jgross@suse.com>
+S: Maintained
+F: arch/*/include/asm/platform-feature.h
+F: include/asm-generic/platform-feature.h
+F: include/linux/platform-feature.h
+F: kernel/platform-feature.c
+
PLDMFW LIBRARY
M: Jacob Keller <jacob.e.keller@intel.com>
S: Maintained
diff --git a/include/asm-generic/Kbuild b/include/asm-generic/Kbuild
index 302506bbc2a4..8e47d483b524 100644
--- a/include/asm-generic/Kbuild
+++ b/include/asm-generic/Kbuild
@@ -44,6 +44,7 @@ mandatory-y += msi.h
mandatory-y += pci.h
mandatory-y += percpu.h
mandatory-y += pgalloc.h
+mandatory-y += platform-feature.h
mandatory-y += preempt.h
mandatory-y += rwonce.h
mandatory-y += sections.h
diff --git a/include/asm-generic/platform-feature.h b/include/asm-generic/platform-feature.h
new file mode 100644
index 000000000000..4b0af3d51588
--- /dev/null
+++ b/include/asm-generic/platform-feature.h
@@ -0,0 +1,8 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+#ifndef _ASM_GENERIC_PLATFORM_FEATURE_H
+#define _ASM_GENERIC_PLATFORM_FEATURE_H
+
+/* Number of arch specific feature flags. */
+#define PLATFORM_ARCH_FEAT_N 0
+
+#endif /* _ASM_GENERIC_PLATFORM_FEATURE_H */
diff --git a/include/linux/platform-feature.h b/include/linux/platform-feature.h
new file mode 100644
index 000000000000..6ed859928b97
--- /dev/null
+++ b/include/linux/platform-feature.h
@@ -0,0 +1,15 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+#ifndef _PLATFORM_FEATURE_H
+#define _PLATFORM_FEATURE_H
+
+#include <linux/bitops.h>
+#include <asm/platform-feature.h>
+
+/* The platform features are starting with the architecture specific ones. */
+#define PLATFORM_FEAT_N (0 + PLATFORM_ARCH_FEAT_N)
+
+void platform_set(unsigned int feature);
+void platform_clear(unsigned int feature);
+bool platform_has(unsigned int feature);
+
+#endif /* _PLATFORM_FEATURE_H */
diff --git a/kernel/Makefile b/kernel/Makefile
index 847a82bfe0e3..2f412f80110d 100644
--- a/kernel/Makefile
+++ b/kernel/Makefile
@@ -7,7 +7,7 @@ obj-y = fork.o exec_domain.o panic.o \
cpu.o exit.o softirq.o resource.o \
sysctl.o capability.o ptrace.o user.o \
signal.o sys.o umh.o workqueue.o pid.o task_work.o \
- extable.o params.o \
+ extable.o params.o platform-feature.o \
kthread.o sys_ni.o nsproxy.o \
notifier.o ksysfs.o cred.o reboot.o \
async.o range.o smpboot.o ucount.o regset.o
diff --git a/kernel/platform-feature.c b/kernel/platform-feature.c
new file mode 100644
index 000000000000..cb6a6c3e4fed
--- /dev/null
+++ b/kernel/platform-feature.c
@@ -0,0 +1,27 @@
+// SPDX-License-Identifier: GPL-2.0
+
+#include <linux/bitops.h>
+#include <linux/cache.h>
+#include <linux/export.h>
+#include <linux/platform-feature.h>
+
+#define PLATFORM_FEAT_ARRAY_SZ BITS_TO_LONGS(PLATFORM_FEAT_N)
+static unsigned long __read_mostly platform_features[PLATFORM_FEAT_ARRAY_SZ];
+
+void platform_set(unsigned int feature)
+{
+ set_bit(feature, platform_features);
+}
+EXPORT_SYMBOL_GPL(platform_set);
+
+void platform_clear(unsigned int feature)
+{
+ clear_bit(feature, platform_features);
+}
+EXPORT_SYMBOL_GPL(platform_clear);
+
+bool platform_has(unsigned int feature)
+{
+ return test_bit(feature, platform_features);
+}
+EXPORT_SYMBOL_GPL(platform_has);
--
2.35.3
_______________________________________________
Virtualization mailing list
Virtualization@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/virtualization
^ permalink raw reply related [flat|nested] 17+ messages in thread
* [PATCH v3 2/2] virtio: replace arch_has_restricted_virtio_memory_access()
2022-05-04 15:57 ` Juergen Gross via Virtualization
@ 2022-05-04 15:57 ` Juergen Gross via Virtualization
-1 siblings, 0 replies; 17+ messages in thread
From: Juergen Gross @ 2022-05-04 15:57 UTC (permalink / raw)
To: xen-devel, linux-kernel, linux-arch, x86, linux-s390, virtualization
Cc: Juergen Gross, Arnd Bergmann, Heiko Carstens, Vasily Gorbik,
Alexander Gordeev, Christian Borntraeger, Sven Schnelle,
Thomas Gleixner, Ingo Molnar, Borislav Petkov, Dave Hansen,
H. Peter Anvin, Andy Lutomirski, Peter Zijlstra,
Michael S. Tsirkin, Jason Wang, Christoph Hellwig,
Oleksandr Tyshchenko
Instead of using arch_has_restricted_virtio_memory_access() together
with CONFIG_ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS, replace those
with platform_has() and a new platform feature
PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS.
Signed-off-by: Juergen Gross <jgross@suse.com>
---
V2:
- move setting of PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS in SEV case
to sev_setup_arch().
V3:
- remove Hyper-V chunk (Michael Kelley)
- remove include virtio_config.h from mem_encrypt.c (Oleksandr Tyshchenko)
- add comment for PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS (Oleksandr Tyshchenko)
---
arch/s390/Kconfig | 1 -
arch/s390/mm/init.c | 13 +++----------
arch/x86/Kconfig | 1 -
arch/x86/mm/mem_encrypt.c | 7 -------
arch/x86/mm/mem_encrypt_amd.c | 4 ++++
drivers/virtio/Kconfig | 6 ------
drivers/virtio/virtio.c | 5 ++---
include/linux/platform-feature.h | 6 +++++-
include/linux/virtio_config.h | 9 ---------
9 files changed, 14 insertions(+), 38 deletions(-)
diff --git a/arch/s390/Kconfig b/arch/s390/Kconfig
index e084c72104f8..f97a22ae69a8 100644
--- a/arch/s390/Kconfig
+++ b/arch/s390/Kconfig
@@ -772,7 +772,6 @@ menu "Virtualization"
config PROTECTED_VIRTUALIZATION_GUEST
def_bool n
prompt "Protected virtualization guest support"
- select ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS
help
Select this option, if you want to be able to run this
kernel as a protected virtualization KVM guest.
diff --git a/arch/s390/mm/init.c b/arch/s390/mm/init.c
index 86ffd0d51fd5..2c3b451813ed 100644
--- a/arch/s390/mm/init.c
+++ b/arch/s390/mm/init.c
@@ -31,6 +31,7 @@
#include <linux/cma.h>
#include <linux/gfp.h>
#include <linux/dma-direct.h>
+#include <linux/platform-feature.h>
#include <asm/processor.h>
#include <linux/uaccess.h>
#include <asm/pgalloc.h>
@@ -168,22 +169,14 @@ bool force_dma_unencrypted(struct device *dev)
return is_prot_virt_guest();
}
-#ifdef CONFIG_ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS
-
-int arch_has_restricted_virtio_memory_access(void)
-{
- return is_prot_virt_guest();
-}
-EXPORT_SYMBOL(arch_has_restricted_virtio_memory_access);
-
-#endif
-
/* protected virtualization */
static void pv_init(void)
{
if (!is_prot_virt_guest())
return;
+ platform_set(PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS);
+
/* make sure bounce buffers are shared */
swiotlb_force = SWIOTLB_FORCE;
swiotlb_init(1);
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 4bed3abf444d..eeb7c6c8eec5 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -1515,7 +1515,6 @@ config X86_CPA_STATISTICS
config X86_MEM_ENCRYPT
select ARCH_HAS_FORCE_DMA_UNENCRYPTED
select DYNAMIC_PHYSICAL_MASK
- select ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS
def_bool n
config AMD_MEM_ENCRYPT
diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c
index 50d209939c66..18a55a0f1ca2 100644
--- a/arch/x86/mm/mem_encrypt.c
+++ b/arch/x86/mm/mem_encrypt.c
@@ -12,7 +12,6 @@
#include <linux/swiotlb.h>
#include <linux/cc_platform.h>
#include <linux/mem_encrypt.h>
-#include <linux/virtio_config.h>
/* Override for DMA direct allocation check - ARCH_HAS_FORCE_DMA_UNENCRYPTED */
bool force_dma_unencrypted(struct device *dev)
@@ -76,9 +75,3 @@ void __init mem_encrypt_init(void)
print_mem_encrypt_feature_info();
}
-
-int arch_has_restricted_virtio_memory_access(void)
-{
- return cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT);
-}
-EXPORT_SYMBOL_GPL(arch_has_restricted_virtio_memory_access);
diff --git a/arch/x86/mm/mem_encrypt_amd.c b/arch/x86/mm/mem_encrypt_amd.c
index 6169053c2854..39b71084d36b 100644
--- a/arch/x86/mm/mem_encrypt_amd.c
+++ b/arch/x86/mm/mem_encrypt_amd.c
@@ -21,6 +21,7 @@
#include <linux/dma-mapping.h>
#include <linux/virtio_config.h>
#include <linux/cc_platform.h>
+#include <linux/platform-feature.h>
#include <asm/tlbflush.h>
#include <asm/fixmap.h>
@@ -206,6 +207,9 @@ void __init sev_setup_arch(void)
size = total_mem * 6 / 100;
size = clamp_val(size, IO_TLB_DEFAULT_SIZE, SZ_1G);
swiotlb_adjust_size(size);
+
+ /* Set restricted memory access for virtio. */
+ platform_set(PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS);
}
static unsigned long pg_level_to_pfn(int level, pte_t *kpte, pgprot_t *ret_prot)
diff --git a/drivers/virtio/Kconfig b/drivers/virtio/Kconfig
index b5adf6abd241..a6dc8b5846fe 100644
--- a/drivers/virtio/Kconfig
+++ b/drivers/virtio/Kconfig
@@ -6,12 +6,6 @@ config VIRTIO
bus, such as CONFIG_VIRTIO_PCI, CONFIG_VIRTIO_MMIO, CONFIG_RPMSG
or CONFIG_S390_GUEST.
-config ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS
- bool
- help
- This option is selected if the architecture may need to enforce
- VIRTIO_F_ACCESS_PLATFORM
-
config VIRTIO_PCI_LIB
tristate
help
diff --git a/drivers/virtio/virtio.c b/drivers/virtio/virtio.c
index 22f15f444f75..371e16b18381 100644
--- a/drivers/virtio/virtio.c
+++ b/drivers/virtio/virtio.c
@@ -5,6 +5,7 @@
#include <linux/module.h>
#include <linux/idr.h>
#include <linux/of.h>
+#include <linux/platform-feature.h>
#include <uapi/linux/virtio_ids.h>
/* Unique numbering for virtio devices. */
@@ -170,12 +171,10 @@ EXPORT_SYMBOL_GPL(virtio_add_status);
static int virtio_features_ok(struct virtio_device *dev)
{
unsigned status;
- int ret;
might_sleep();
- ret = arch_has_restricted_virtio_memory_access();
- if (ret) {
+ if (platform_has(PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS)) {
if (!virtio_has_feature(dev, VIRTIO_F_VERSION_1)) {
dev_warn(&dev->dev,
"device must provide VIRTIO_F_VERSION_1\n");
diff --git a/include/linux/platform-feature.h b/include/linux/platform-feature.h
index 6ed859928b97..b2f48be999fa 100644
--- a/include/linux/platform-feature.h
+++ b/include/linux/platform-feature.h
@@ -6,7 +6,11 @@
#include <asm/platform-feature.h>
/* The platform features are starting with the architecture specific ones. */
-#define PLATFORM_FEAT_N (0 + PLATFORM_ARCH_FEAT_N)
+
+/* Used to enable platform specific DMA handling for virtio devices. */
+#define PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS (0 + PLATFORM_ARCH_FEAT_N)
+
+#define PLATFORM_FEAT_N (1 + PLATFORM_ARCH_FEAT_N)
void platform_set(unsigned int feature);
void platform_clear(unsigned int feature);
diff --git a/include/linux/virtio_config.h b/include/linux/virtio_config.h
index b341dd62aa4d..79498298519d 100644
--- a/include/linux/virtio_config.h
+++ b/include/linux/virtio_config.h
@@ -559,13 +559,4 @@ static inline void virtio_cwrite64(struct virtio_device *vdev,
_r; \
})
-#ifdef CONFIG_ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS
-int arch_has_restricted_virtio_memory_access(void);
-#else
-static inline int arch_has_restricted_virtio_memory_access(void)
-{
- return 0;
-}
-#endif /* CONFIG_ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS */
-
#endif /* _LINUX_VIRTIO_CONFIG_H */
--
2.35.3
^ permalink raw reply related [flat|nested] 17+ messages in thread
* [PATCH v3 2/2] virtio: replace arch_has_restricted_virtio_memory_access()
@ 2022-05-04 15:57 ` Juergen Gross via Virtualization
0 siblings, 0 replies; 17+ messages in thread
From: Juergen Gross via Virtualization @ 2022-05-04 15:57 UTC (permalink / raw)
To: xen-devel, linux-kernel, linux-arch, x86, linux-s390, virtualization
Cc: Juergen Gross, Oleksandr Tyshchenko, Arnd Bergmann,
Vasily Gorbik, Michael S. Tsirkin, Peter Zijlstra,
Heiko Carstens, Dave Hansen, Christoph Hellwig, Ingo Molnar,
Borislav Petkov, Sven Schnelle, Andy Lutomirski, H. Peter Anvin,
Alexander Gordeev, Thomas Gleixner
Instead of using arch_has_restricted_virtio_memory_access() together
with CONFIG_ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS, replace those
with platform_has() and a new platform feature
PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS.
Signed-off-by: Juergen Gross <jgross@suse.com>
---
V2:
- move setting of PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS in SEV case
to sev_setup_arch().
V3:
- remove Hyper-V chunk (Michael Kelley)
- remove include virtio_config.h from mem_encrypt.c (Oleksandr Tyshchenko)
- add comment for PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS (Oleksandr Tyshchenko)
---
arch/s390/Kconfig | 1 -
arch/s390/mm/init.c | 13 +++----------
arch/x86/Kconfig | 1 -
arch/x86/mm/mem_encrypt.c | 7 -------
arch/x86/mm/mem_encrypt_amd.c | 4 ++++
drivers/virtio/Kconfig | 6 ------
drivers/virtio/virtio.c | 5 ++---
include/linux/platform-feature.h | 6 +++++-
include/linux/virtio_config.h | 9 ---------
9 files changed, 14 insertions(+), 38 deletions(-)
diff --git a/arch/s390/Kconfig b/arch/s390/Kconfig
index e084c72104f8..f97a22ae69a8 100644
--- a/arch/s390/Kconfig
+++ b/arch/s390/Kconfig
@@ -772,7 +772,6 @@ menu "Virtualization"
config PROTECTED_VIRTUALIZATION_GUEST
def_bool n
prompt "Protected virtualization guest support"
- select ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS
help
Select this option, if you want to be able to run this
kernel as a protected virtualization KVM guest.
diff --git a/arch/s390/mm/init.c b/arch/s390/mm/init.c
index 86ffd0d51fd5..2c3b451813ed 100644
--- a/arch/s390/mm/init.c
+++ b/arch/s390/mm/init.c
@@ -31,6 +31,7 @@
#include <linux/cma.h>
#include <linux/gfp.h>
#include <linux/dma-direct.h>
+#include <linux/platform-feature.h>
#include <asm/processor.h>
#include <linux/uaccess.h>
#include <asm/pgalloc.h>
@@ -168,22 +169,14 @@ bool force_dma_unencrypted(struct device *dev)
return is_prot_virt_guest();
}
-#ifdef CONFIG_ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS
-
-int arch_has_restricted_virtio_memory_access(void)
-{
- return is_prot_virt_guest();
-}
-EXPORT_SYMBOL(arch_has_restricted_virtio_memory_access);
-
-#endif
-
/* protected virtualization */
static void pv_init(void)
{
if (!is_prot_virt_guest())
return;
+ platform_set(PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS);
+
/* make sure bounce buffers are shared */
swiotlb_force = SWIOTLB_FORCE;
swiotlb_init(1);
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 4bed3abf444d..eeb7c6c8eec5 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -1515,7 +1515,6 @@ config X86_CPA_STATISTICS
config X86_MEM_ENCRYPT
select ARCH_HAS_FORCE_DMA_UNENCRYPTED
select DYNAMIC_PHYSICAL_MASK
- select ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS
def_bool n
config AMD_MEM_ENCRYPT
diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c
index 50d209939c66..18a55a0f1ca2 100644
--- a/arch/x86/mm/mem_encrypt.c
+++ b/arch/x86/mm/mem_encrypt.c
@@ -12,7 +12,6 @@
#include <linux/swiotlb.h>
#include <linux/cc_platform.h>
#include <linux/mem_encrypt.h>
-#include <linux/virtio_config.h>
/* Override for DMA direct allocation check - ARCH_HAS_FORCE_DMA_UNENCRYPTED */
bool force_dma_unencrypted(struct device *dev)
@@ -76,9 +75,3 @@ void __init mem_encrypt_init(void)
print_mem_encrypt_feature_info();
}
-
-int arch_has_restricted_virtio_memory_access(void)
-{
- return cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT);
-}
-EXPORT_SYMBOL_GPL(arch_has_restricted_virtio_memory_access);
diff --git a/arch/x86/mm/mem_encrypt_amd.c b/arch/x86/mm/mem_encrypt_amd.c
index 6169053c2854..39b71084d36b 100644
--- a/arch/x86/mm/mem_encrypt_amd.c
+++ b/arch/x86/mm/mem_encrypt_amd.c
@@ -21,6 +21,7 @@
#include <linux/dma-mapping.h>
#include <linux/virtio_config.h>
#include <linux/cc_platform.h>
+#include <linux/platform-feature.h>
#include <asm/tlbflush.h>
#include <asm/fixmap.h>
@@ -206,6 +207,9 @@ void __init sev_setup_arch(void)
size = total_mem * 6 / 100;
size = clamp_val(size, IO_TLB_DEFAULT_SIZE, SZ_1G);
swiotlb_adjust_size(size);
+
+ /* Set restricted memory access for virtio. */
+ platform_set(PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS);
}
static unsigned long pg_level_to_pfn(int level, pte_t *kpte, pgprot_t *ret_prot)
diff --git a/drivers/virtio/Kconfig b/drivers/virtio/Kconfig
index b5adf6abd241..a6dc8b5846fe 100644
--- a/drivers/virtio/Kconfig
+++ b/drivers/virtio/Kconfig
@@ -6,12 +6,6 @@ config VIRTIO
bus, such as CONFIG_VIRTIO_PCI, CONFIG_VIRTIO_MMIO, CONFIG_RPMSG
or CONFIG_S390_GUEST.
-config ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS
- bool
- help
- This option is selected if the architecture may need to enforce
- VIRTIO_F_ACCESS_PLATFORM
-
config VIRTIO_PCI_LIB
tristate
help
diff --git a/drivers/virtio/virtio.c b/drivers/virtio/virtio.c
index 22f15f444f75..371e16b18381 100644
--- a/drivers/virtio/virtio.c
+++ b/drivers/virtio/virtio.c
@@ -5,6 +5,7 @@
#include <linux/module.h>
#include <linux/idr.h>
#include <linux/of.h>
+#include <linux/platform-feature.h>
#include <uapi/linux/virtio_ids.h>
/* Unique numbering for virtio devices. */
@@ -170,12 +171,10 @@ EXPORT_SYMBOL_GPL(virtio_add_status);
static int virtio_features_ok(struct virtio_device *dev)
{
unsigned status;
- int ret;
might_sleep();
- ret = arch_has_restricted_virtio_memory_access();
- if (ret) {
+ if (platform_has(PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS)) {
if (!virtio_has_feature(dev, VIRTIO_F_VERSION_1)) {
dev_warn(&dev->dev,
"device must provide VIRTIO_F_VERSION_1\n");
diff --git a/include/linux/platform-feature.h b/include/linux/platform-feature.h
index 6ed859928b97..b2f48be999fa 100644
--- a/include/linux/platform-feature.h
+++ b/include/linux/platform-feature.h
@@ -6,7 +6,11 @@
#include <asm/platform-feature.h>
/* The platform features are starting with the architecture specific ones. */
-#define PLATFORM_FEAT_N (0 + PLATFORM_ARCH_FEAT_N)
+
+/* Used to enable platform specific DMA handling for virtio devices. */
+#define PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS (0 + PLATFORM_ARCH_FEAT_N)
+
+#define PLATFORM_FEAT_N (1 + PLATFORM_ARCH_FEAT_N)
void platform_set(unsigned int feature);
void platform_clear(unsigned int feature);
diff --git a/include/linux/virtio_config.h b/include/linux/virtio_config.h
index b341dd62aa4d..79498298519d 100644
--- a/include/linux/virtio_config.h
+++ b/include/linux/virtio_config.h
@@ -559,13 +559,4 @@ static inline void virtio_cwrite64(struct virtio_device *vdev,
_r; \
})
-#ifdef CONFIG_ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS
-int arch_has_restricted_virtio_memory_access(void);
-#else
-static inline int arch_has_restricted_virtio_memory_access(void)
-{
- return 0;
-}
-#endif /* CONFIG_ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS */
-
#endif /* _LINUX_VIRTIO_CONFIG_H */
--
2.35.3
_______________________________________________
Virtualization mailing list
Virtualization@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/virtualization
^ permalink raw reply related [flat|nested] 17+ messages in thread
* Re: [PATCH v3 0/2] kernel: add new infrastructure for platform_has() support
2022-05-04 15:57 ` Juergen Gross via Virtualization
` (2 preceding siblings ...)
(?)
@ 2022-05-05 16:13 ` Oleksandr
-1 siblings, 0 replies; 17+ messages in thread
From: Oleksandr @ 2022-05-05 16:13 UTC (permalink / raw)
To: Juergen Gross
Cc: xen-devel, linux-kernel, linux-arch, x86, linux-s390,
virtualization, Arnd Bergmann, Heiko Carstens, Vasily Gorbik,
Alexander Gordeev, Christian Borntraeger, Sven Schnelle,
Thomas Gleixner, Ingo Molnar, Borislav Petkov, Dave Hansen,
H. Peter Anvin, Andy Lutomirski, Peter Zijlstra,
Michael S. Tsirkin, Jason Wang, Christoph Hellwig
On 04.05.22 18:57, Juergen Gross wrote:
Hello Juergen
> In another patch series [1] the need has come up to have support for
> a generic feature flag infrastructure.
>
> This patch series is introducing that infrastructure and adds the first
> use case.
>
> I have decided to use a similar interface as the already known x86
> cpu_has() function. As the new infrastructure is meant to be usable for
> general and arch-specific feature flags, the flags are being spread
> between a general bitmap and an arch specific one.
>
> The bitmaps start all being zero, single features can be set or reset
> at any time by using the related platform_[re]set_feature() functions.
>
> The platform_has() function is using a simple test_bit() call for now,
> further optimization might be added when needed.
>
> [1]: https://lore.kernel.org/lkml/1650646263-22047-1-git-send-email-olekstysh@gmail.com/T/#t
For both patches:
Reviewed-by: Oleksandr Tyshchenko <oleksandr_tyshchenko@epam.com>
Also I haven't faced any issues with testing current series (w/ and w/o
xen-virtio series [1] applied) in Xen guest (Linux v5.18-rc4) on Arm64
based board.
So, you can also add:
[Arm64 only]
Tested-by: Oleksandr Tyshchenko <oleksandr_tyshchenko@epam.com>
Thanks!
Note, I reworked patch #3 [1] to use new platform_xxx functionality:
diff --git a/arch/arm/xen/enlighten.c b/arch/arm/xen/enlighten.c
index 07eb69f..1f9c3ba 100644
--- a/arch/arm/xen/enlighten.c
+++ b/arch/arm/xen/enlighten.c
@@ -443,6 +443,8 @@ static int __init xen_guest_init(void)
if (!xen_domain())
return 0;
+ xen_set_restricted_virtio_memory_access();
+
if (!acpi_disabled)
xen_acpi_guest_init();
else
diff --git a/arch/x86/xen/enlighten_hvm.c b/arch/x86/xen/enlighten_hvm.c
index 517a9d8..8b71b1d 100644
--- a/arch/x86/xen/enlighten_hvm.c
+++ b/arch/x86/xen/enlighten_hvm.c
@@ -195,6 +195,8 @@ static void __init xen_hvm_guest_init(void)
if (xen_pv_domain())
return;
+ xen_set_restricted_virtio_memory_access();
+
init_hvm_pv_info();
reserve_shared_info();
diff --git a/arch/x86/xen/enlighten_pv.c b/arch/x86/xen/enlighten_pv.c
index 5038edb..fcd5d5d 100644
--- a/arch/x86/xen/enlighten_pv.c
+++ b/arch/x86/xen/enlighten_pv.c
@@ -109,6 +109,8 @@ static DEFINE_PER_CPU(struct tls_descs,
shadow_tls_desc);
static void __init xen_pv_init_platform(void)
{
+ xen_set_restricted_virtio_memory_access();
+
populate_extra_pte(fix_to_virt(FIX_PARAVIRT_BOOTMAP));
set_fixmap(FIX_PARAVIRT_BOOTMAP, xen_start_info->shared_info);
diff --git a/drivers/xen/Kconfig b/drivers/xen/Kconfig
index 313a9127..a7bd8ce 100644
--- a/drivers/xen/Kconfig
+++ b/drivers/xen/Kconfig
@@ -339,4 +339,15 @@ config XEN_GRANT_DMA_OPS
bool
select DMA_OPS
+config XEN_VIRTIO
+ bool "Xen virtio support"
+ depends on VIRTIO
+ select XEN_GRANT_DMA_OPS
+ help
+ Enable virtio support for running as Xen guest. Depending on the
+ guest type this will require special support on the backend side
+ (qemu or kernel, depending on the virtio device types used).
+
+ If in doubt, say n.
+
endmenu
diff --git a/include/xen/xen.h b/include/xen/xen.h
index a99bab8..0780a81 100644
--- a/include/xen/xen.h
+++ b/include/xen/xen.h
@@ -52,6 +52,14 @@ bool xen_biovec_phys_mergeable(const struct bio_vec
*vec1,
extern u64 xen_saved_max_mem_size;
#endif
+#include <linux/platform-feature.h>
+
+static inline void xen_set_restricted_virtio_memory_access(void)
+{
+ if (IS_ENABLED(CONFIG_XEN_VIRTIO) && xen_domain())
+ platform_set(PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS);
+}
+
#ifdef CONFIG_XEN_UNPOPULATED_ALLOC
int xen_alloc_unpopulated_pages(unsigned int nr_pages, struct page
**pages);
void xen_free_unpopulated_pages(unsigned int nr_pages, struct page
**pages);
(END)
>
> Juergen Gross (2):
> kernel: add platform_has() infrastructure
> virtio: replace arch_has_restricted_virtio_memory_access()
>
> MAINTAINERS | 8 ++++++++
> arch/s390/Kconfig | 1 -
> arch/s390/mm/init.c | 13 +++----------
> arch/x86/Kconfig | 1 -
> arch/x86/mm/mem_encrypt.c | 7 -------
> arch/x86/mm/mem_encrypt_amd.c | 4 ++++
> drivers/virtio/Kconfig | 6 ------
> drivers/virtio/virtio.c | 5 ++---
> include/asm-generic/Kbuild | 1 +
> include/asm-generic/platform-feature.h | 8 ++++++++
> include/linux/platform-feature.h | 19 ++++++++++++++++++
> include/linux/virtio_config.h | 9 ---------
> kernel/Makefile | 2 +-
> kernel/platform-feature.c | 27 ++++++++++++++++++++++++++
> 14 files changed, 73 insertions(+), 38 deletions(-)
> create mode 100644 include/asm-generic/platform-feature.h
> create mode 100644 include/linux/platform-feature.h
> create mode 100644 kernel/platform-feature.c
>
--
Regards,
Oleksandr Tyshchenko
^ permalink raw reply related [flat|nested] 17+ messages in thread
* Re: [PATCH v3 1/2] kernel: add platform_has() infrastructure
2022-05-04 15:57 ` Juergen Gross via Virtualization
@ 2022-05-09 6:30 ` Christoph Hellwig
-1 siblings, 0 replies; 17+ messages in thread
From: Christoph Hellwig @ 2022-05-09 6:30 UTC (permalink / raw)
To: Juergen Gross
Cc: Michael S. Tsirkin, Peter Zijlstra, Dave Hansen, virtualization,
H. Peter Anvin, Alexander Gordeev, linux-arch, linux-s390,
Arnd Bergmann, x86, Christoph Hellwig, Ingo Molnar, xen-devel,
Vasily Gorbik, Heiko Carstens, Borislav Petkov, Andy Lutomirski,
Thomas Gleixner, linux-kernel, Oleksandr Tyshchenko,
Sven Schnelle
Looks good:
Reviewed-by: Christoph Hellwig <hch@lst.de>
_______________________________________________
Virtualization mailing list
Virtualization@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/virtualization
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PATCH v3 1/2] kernel: add platform_has() infrastructure
@ 2022-05-09 6:30 ` Christoph Hellwig
0 siblings, 0 replies; 17+ messages in thread
From: Christoph Hellwig @ 2022-05-09 6:30 UTC (permalink / raw)
To: Juergen Gross
Cc: xen-devel, linux-kernel, linux-arch, x86, linux-s390,
virtualization, Arnd Bergmann, Heiko Carstens, Vasily Gorbik,
Alexander Gordeev, Christian Borntraeger, Sven Schnelle,
Thomas Gleixner, Ingo Molnar, Borislav Petkov, Dave Hansen,
H. Peter Anvin, Andy Lutomirski, Peter Zijlstra,
Michael S. Tsirkin, Jason Wang, Christoph Hellwig,
Oleksandr Tyshchenko
Looks good:
Reviewed-by: Christoph Hellwig <hch@lst.de>
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PATCH v3 2/2] virtio: replace arch_has_restricted_virtio_memory_access()
2022-05-04 15:57 ` Juergen Gross via Virtualization
@ 2022-05-09 6:31 ` Christoph Hellwig
-1 siblings, 0 replies; 17+ messages in thread
From: Christoph Hellwig @ 2022-05-09 6:31 UTC (permalink / raw)
To: Juergen Gross
Cc: Michael S. Tsirkin, Peter Zijlstra, Dave Hansen, virtualization,
H. Peter Anvin, Alexander Gordeev, linux-arch, linux-s390,
Arnd Bergmann, x86, Christoph Hellwig, Ingo Molnar, xen-devel,
Vasily Gorbik, Heiko Carstens, Borislav Petkov, Andy Lutomirski,
Thomas Gleixner, linux-kernel, Oleksandr Tyshchenko,
Sven Schnelle
Looks good:
Reviewed-by: Christoph Hellwig <hch@lst.de>
_______________________________________________
Virtualization mailing list
Virtualization@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/virtualization
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PATCH v3 2/2] virtio: replace arch_has_restricted_virtio_memory_access()
@ 2022-05-09 6:31 ` Christoph Hellwig
0 siblings, 0 replies; 17+ messages in thread
From: Christoph Hellwig @ 2022-05-09 6:31 UTC (permalink / raw)
To: Juergen Gross
Cc: xen-devel, linux-kernel, linux-arch, x86, linux-s390,
virtualization, Arnd Bergmann, Heiko Carstens, Vasily Gorbik,
Alexander Gordeev, Christian Borntraeger, Sven Schnelle,
Thomas Gleixner, Ingo Molnar, Borislav Petkov, Dave Hansen,
H. Peter Anvin, Andy Lutomirski, Peter Zijlstra,
Michael S. Tsirkin, Jason Wang, Christoph Hellwig,
Oleksandr Tyshchenko
Looks good:
Reviewed-by: Christoph Hellwig <hch@lst.de>
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PATCH v3 1/2] kernel: add platform_has() infrastructure
2022-05-04 15:57 ` Juergen Gross via Virtualization
@ 2022-05-09 11:48 ` Boris Petkov
-1 siblings, 0 replies; 17+ messages in thread
From: Boris Petkov @ 2022-05-09 11:48 UTC (permalink / raw)
To: Juergen Gross, xen-devel, linux-kernel, linux-arch, x86,
linux-s390, virtualization
Cc: Arnd Bergmann, Heiko Carstens, Vasily Gorbik, Alexander Gordeev,
Christian Borntraeger, Sven Schnelle, Thomas Gleixner,
Ingo Molnar, Dave Hansen, H. Peter Anvin, Andy Lutomirski,
Peter Zijlstra, Michael S. Tsirkin, Jason Wang,
Christoph Hellwig, Oleksandr Tyshchenko
On May 4, 2022 5:57:02 PM GMT+02:00, Juergen Gross <jgross@suse.com> wrote:
>Add a simple infrastructure for setting, resetting and querying
>platform feature flags.
>
>Flags can be either global or architecture specific.
>
>Signed-off-by: Juergen Gross <jgross@suse.com>
>---
>V2:
>- rename set/reset functions to platform_[set|clear]() (Boris Petkov,
> Heiko Carstens)
>- move function implementations to c file (Boris Petkov)
>---
> MAINTAINERS | 8 ++++++++
> include/asm-generic/Kbuild | 1 +
> include/asm-generic/platform-feature.h | 8 ++++++++
> include/linux/platform-feature.h | 15 ++++++++++++++
> kernel/Makefile | 2 +-
> kernel/platform-feature.c | 27 ++++++++++++++++++++++++++
> 6 files changed, 60 insertions(+), 1 deletion(-)
> create mode 100644 include/asm-generic/platform-feature.h
> create mode 100644 include/linux/platform-feature.h
> create mode 100644 kernel/platform-feature.c
Nice and simple, I like.
Acked-by: Borislav Petkov <bp@suse.de>
--
Sent from a device which is good for reading mail but awful for writing. Please excuse any shortcomings.
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PATCH v3 1/2] kernel: add platform_has() infrastructure
@ 2022-05-09 11:48 ` Boris Petkov
0 siblings, 0 replies; 17+ messages in thread
From: Boris Petkov @ 2022-05-09 11:48 UTC (permalink / raw)
To: Juergen Gross, xen-devel, linux-kernel, linux-arch, x86,
linux-s390, virtualization
Cc: Oleksandr Tyshchenko, Arnd Bergmann, Vasily Gorbik,
Michael S. Tsirkin, Peter Zijlstra, Heiko Carstens, Dave Hansen,
Christoph Hellwig, Ingo Molnar, Sven Schnelle, Andy Lutomirski,
H. Peter Anvin, Alexander Gordeev, Thomas Gleixner
On May 4, 2022 5:57:02 PM GMT+02:00, Juergen Gross <jgross@suse.com> wrote:
>Add a simple infrastructure for setting, resetting and querying
>platform feature flags.
>
>Flags can be either global or architecture specific.
>
>Signed-off-by: Juergen Gross <jgross@suse.com>
>---
>V2:
>- rename set/reset functions to platform_[set|clear]() (Boris Petkov,
> Heiko Carstens)
>- move function implementations to c file (Boris Petkov)
>---
> MAINTAINERS | 8 ++++++++
> include/asm-generic/Kbuild | 1 +
> include/asm-generic/platform-feature.h | 8 ++++++++
> include/linux/platform-feature.h | 15 ++++++++++++++
> kernel/Makefile | 2 +-
> kernel/platform-feature.c | 27 ++++++++++++++++++++++++++
> 6 files changed, 60 insertions(+), 1 deletion(-)
> create mode 100644 include/asm-generic/platform-feature.h
> create mode 100644 include/linux/platform-feature.h
> create mode 100644 kernel/platform-feature.c
Nice and simple, I like.
Acked-by: Borislav Petkov <bp@suse.de>
--
Sent from a device which is good for reading mail but awful for writing. Please excuse any shortcomings.
_______________________________________________
Virtualization mailing list
Virtualization@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/virtualization
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PATCH v3 2/2] virtio: replace arch_has_restricted_virtio_memory_access()
2022-05-04 15:57 ` Juergen Gross via Virtualization
@ 2022-05-09 11:59 ` Boris Petkov
-1 siblings, 0 replies; 17+ messages in thread
From: Boris Petkov @ 2022-05-09 11:59 UTC (permalink / raw)
To: Juergen Gross, xen-devel, linux-kernel, linux-arch, x86,
linux-s390, virtualization
Cc: Arnd Bergmann, Heiko Carstens, Vasily Gorbik, Alexander Gordeev,
Christian Borntraeger, Sven Schnelle, Thomas Gleixner,
Ingo Molnar, Dave Hansen, H. Peter Anvin, Andy Lutomirski,
Peter Zijlstra, Michael S. Tsirkin, Jason Wang,
Christoph Hellwig, Oleksandr Tyshchenko
On May 4, 2022 3:57:03 PM UTC, Juergen Gross <jgross@suse.com> wrote:
>Instead of using arch_has_restricted_virtio_memory_access() together
>with CONFIG_ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS, replace those
>with platform_has() and a new platform feature
>PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS.
>
>Signed-off-by: Juergen Gross <jgross@suse.com>
>---
>V2:
>- move setting of PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS in SEV case
> to sev_setup_arch().
>V3:
>- remove Hyper-V chunk (Michael Kelley)
>- remove include virtio_config.h from mem_encrypt.c (Oleksandr Tyshchenko)
>- add comment for PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS (Oleksandr Tyshchenko)
>---
> arch/s390/Kconfig | 1 -
> arch/s390/mm/init.c | 13 +++----------
> arch/x86/Kconfig | 1 -
> arch/x86/mm/mem_encrypt.c | 7 -------
> arch/x86/mm/mem_encrypt_amd.c | 4 ++++
> drivers/virtio/Kconfig | 6 ------
> drivers/virtio/virtio.c | 5 ++---
> include/linux/platform-feature.h | 6 +++++-
> include/linux/virtio_config.h | 9 ---------
> 9 files changed, 14 insertions(+), 38 deletions(-)
Acked-by: Borislav Petkov <bp@suse.de>
--
Sent from a device which is ok for reading mail but awful for writing. Please excuse any shortcomings.
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PATCH v3 2/2] virtio: replace arch_has_restricted_virtio_memory_access()
@ 2022-05-09 11:59 ` Boris Petkov
0 siblings, 0 replies; 17+ messages in thread
From: Boris Petkov @ 2022-05-09 11:59 UTC (permalink / raw)
To: Juergen Gross, xen-devel, linux-kernel, linux-arch, x86,
linux-s390, virtualization
Cc: Oleksandr Tyshchenko, Arnd Bergmann, Vasily Gorbik,
Michael S. Tsirkin, Peter Zijlstra, Heiko Carstens, Dave Hansen,
Christoph Hellwig, Ingo Molnar, Sven Schnelle, Andy Lutomirski,
H. Peter Anvin, Alexander Gordeev, Thomas Gleixner
On May 4, 2022 3:57:03 PM UTC, Juergen Gross <jgross@suse.com> wrote:
>Instead of using arch_has_restricted_virtio_memory_access() together
>with CONFIG_ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS, replace those
>with platform_has() and a new platform feature
>PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS.
>
>Signed-off-by: Juergen Gross <jgross@suse.com>
>---
>V2:
>- move setting of PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS in SEV case
> to sev_setup_arch().
>V3:
>- remove Hyper-V chunk (Michael Kelley)
>- remove include virtio_config.h from mem_encrypt.c (Oleksandr Tyshchenko)
>- add comment for PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS (Oleksandr Tyshchenko)
>---
> arch/s390/Kconfig | 1 -
> arch/s390/mm/init.c | 13 +++----------
> arch/x86/Kconfig | 1 -
> arch/x86/mm/mem_encrypt.c | 7 -------
> arch/x86/mm/mem_encrypt_amd.c | 4 ++++
> drivers/virtio/Kconfig | 6 ------
> drivers/virtio/virtio.c | 5 ++---
> include/linux/platform-feature.h | 6 +++++-
> include/linux/virtio_config.h | 9 ---------
> 9 files changed, 14 insertions(+), 38 deletions(-)
Acked-by: Borislav Petkov <bp@suse.de>
--
Sent from a device which is ok for reading mail but awful for writing. Please excuse any shortcomings.
_______________________________________________
Virtualization mailing list
Virtualization@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/virtualization
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PATCH v3 2/2] virtio: replace arch_has_restricted_virtio_memory_access()
2022-05-04 15:57 ` Juergen Gross via Virtualization
@ 2022-05-19 15:07 ` Juergen Gross
-1 siblings, 0 replies; 17+ messages in thread
From: Juergen Gross via Virtualization @ 2022-05-19 15:07 UTC (permalink / raw)
To: xen-devel, linux-kernel, linux-arch, x86, linux-s390, virtualization
Cc: Oleksandr Tyshchenko, Arnd Bergmann, Vasily Gorbik,
Michael S. Tsirkin, Peter Zijlstra, Heiko Carstens, Dave Hansen,
Christoph Hellwig, Ingo Molnar, Borislav Petkov, Sven Schnelle,
Andy Lutomirski, H. Peter Anvin, Alexander Gordeev,
Thomas Gleixner
[-- Attachment #1.1.1.1: Type: text/plain, Size: 7665 bytes --]
On 04.05.22 17:57, Juergen Gross wrote:
> Instead of using arch_has_restricted_virtio_memory_access() together
> with CONFIG_ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS, replace those
> with platform_has() and a new platform feature
> PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS.
>
> Signed-off-by: Juergen Gross <jgross@suse.com>
Could I get some feedback from the s390 side, please?
Juergen
> ---
> V2:
> - move setting of PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS in SEV case
> to sev_setup_arch().
> V3:
> - remove Hyper-V chunk (Michael Kelley)
> - remove include virtio_config.h from mem_encrypt.c (Oleksandr Tyshchenko)
> - add comment for PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS (Oleksandr Tyshchenko)
> ---
> arch/s390/Kconfig | 1 -
> arch/s390/mm/init.c | 13 +++----------
> arch/x86/Kconfig | 1 -
> arch/x86/mm/mem_encrypt.c | 7 -------
> arch/x86/mm/mem_encrypt_amd.c | 4 ++++
> drivers/virtio/Kconfig | 6 ------
> drivers/virtio/virtio.c | 5 ++---
> include/linux/platform-feature.h | 6 +++++-
> include/linux/virtio_config.h | 9 ---------
> 9 files changed, 14 insertions(+), 38 deletions(-)
>
> diff --git a/arch/s390/Kconfig b/arch/s390/Kconfig
> index e084c72104f8..f97a22ae69a8 100644
> --- a/arch/s390/Kconfig
> +++ b/arch/s390/Kconfig
> @@ -772,7 +772,6 @@ menu "Virtualization"
> config PROTECTED_VIRTUALIZATION_GUEST
> def_bool n
> prompt "Protected virtualization guest support"
> - select ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS
> help
> Select this option, if you want to be able to run this
> kernel as a protected virtualization KVM guest.
> diff --git a/arch/s390/mm/init.c b/arch/s390/mm/init.c
> index 86ffd0d51fd5..2c3b451813ed 100644
> --- a/arch/s390/mm/init.c
> +++ b/arch/s390/mm/init.c
> @@ -31,6 +31,7 @@
> #include <linux/cma.h>
> #include <linux/gfp.h>
> #include <linux/dma-direct.h>
> +#include <linux/platform-feature.h>
> #include <asm/processor.h>
> #include <linux/uaccess.h>
> #include <asm/pgalloc.h>
> @@ -168,22 +169,14 @@ bool force_dma_unencrypted(struct device *dev)
> return is_prot_virt_guest();
> }
>
> -#ifdef CONFIG_ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS
> -
> -int arch_has_restricted_virtio_memory_access(void)
> -{
> - return is_prot_virt_guest();
> -}
> -EXPORT_SYMBOL(arch_has_restricted_virtio_memory_access);
> -
> -#endif
> -
> /* protected virtualization */
> static void pv_init(void)
> {
> if (!is_prot_virt_guest())
> return;
>
> + platform_set(PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS);
> +
> /* make sure bounce buffers are shared */
> swiotlb_force = SWIOTLB_FORCE;
> swiotlb_init(1);
> diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
> index 4bed3abf444d..eeb7c6c8eec5 100644
> --- a/arch/x86/Kconfig
> +++ b/arch/x86/Kconfig
> @@ -1515,7 +1515,6 @@ config X86_CPA_STATISTICS
> config X86_MEM_ENCRYPT
> select ARCH_HAS_FORCE_DMA_UNENCRYPTED
> select DYNAMIC_PHYSICAL_MASK
> - select ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS
> def_bool n
>
> config AMD_MEM_ENCRYPT
> diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c
> index 50d209939c66..18a55a0f1ca2 100644
> --- a/arch/x86/mm/mem_encrypt.c
> +++ b/arch/x86/mm/mem_encrypt.c
> @@ -12,7 +12,6 @@
> #include <linux/swiotlb.h>
> #include <linux/cc_platform.h>
> #include <linux/mem_encrypt.h>
> -#include <linux/virtio_config.h>
>
> /* Override for DMA direct allocation check - ARCH_HAS_FORCE_DMA_UNENCRYPTED */
> bool force_dma_unencrypted(struct device *dev)
> @@ -76,9 +75,3 @@ void __init mem_encrypt_init(void)
>
> print_mem_encrypt_feature_info();
> }
> -
> -int arch_has_restricted_virtio_memory_access(void)
> -{
> - return cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT);
> -}
> -EXPORT_SYMBOL_GPL(arch_has_restricted_virtio_memory_access);
> diff --git a/arch/x86/mm/mem_encrypt_amd.c b/arch/x86/mm/mem_encrypt_amd.c
> index 6169053c2854..39b71084d36b 100644
> --- a/arch/x86/mm/mem_encrypt_amd.c
> +++ b/arch/x86/mm/mem_encrypt_amd.c
> @@ -21,6 +21,7 @@
> #include <linux/dma-mapping.h>
> #include <linux/virtio_config.h>
> #include <linux/cc_platform.h>
> +#include <linux/platform-feature.h>
>
> #include <asm/tlbflush.h>
> #include <asm/fixmap.h>
> @@ -206,6 +207,9 @@ void __init sev_setup_arch(void)
> size = total_mem * 6 / 100;
> size = clamp_val(size, IO_TLB_DEFAULT_SIZE, SZ_1G);
> swiotlb_adjust_size(size);
> +
> + /* Set restricted memory access for virtio. */
> + platform_set(PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS);
> }
>
> static unsigned long pg_level_to_pfn(int level, pte_t *kpte, pgprot_t *ret_prot)
> diff --git a/drivers/virtio/Kconfig b/drivers/virtio/Kconfig
> index b5adf6abd241..a6dc8b5846fe 100644
> --- a/drivers/virtio/Kconfig
> +++ b/drivers/virtio/Kconfig
> @@ -6,12 +6,6 @@ config VIRTIO
> bus, such as CONFIG_VIRTIO_PCI, CONFIG_VIRTIO_MMIO, CONFIG_RPMSG
> or CONFIG_S390_GUEST.
>
> -config ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS
> - bool
> - help
> - This option is selected if the architecture may need to enforce
> - VIRTIO_F_ACCESS_PLATFORM
> -
> config VIRTIO_PCI_LIB
> tristate
> help
> diff --git a/drivers/virtio/virtio.c b/drivers/virtio/virtio.c
> index 22f15f444f75..371e16b18381 100644
> --- a/drivers/virtio/virtio.c
> +++ b/drivers/virtio/virtio.c
> @@ -5,6 +5,7 @@
> #include <linux/module.h>
> #include <linux/idr.h>
> #include <linux/of.h>
> +#include <linux/platform-feature.h>
> #include <uapi/linux/virtio_ids.h>
>
> /* Unique numbering for virtio devices. */
> @@ -170,12 +171,10 @@ EXPORT_SYMBOL_GPL(virtio_add_status);
> static int virtio_features_ok(struct virtio_device *dev)
> {
> unsigned status;
> - int ret;
>
> might_sleep();
>
> - ret = arch_has_restricted_virtio_memory_access();
> - if (ret) {
> + if (platform_has(PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS)) {
> if (!virtio_has_feature(dev, VIRTIO_F_VERSION_1)) {
> dev_warn(&dev->dev,
> "device must provide VIRTIO_F_VERSION_1\n");
> diff --git a/include/linux/platform-feature.h b/include/linux/platform-feature.h
> index 6ed859928b97..b2f48be999fa 100644
> --- a/include/linux/platform-feature.h
> +++ b/include/linux/platform-feature.h
> @@ -6,7 +6,11 @@
> #include <asm/platform-feature.h>
>
> /* The platform features are starting with the architecture specific ones. */
> -#define PLATFORM_FEAT_N (0 + PLATFORM_ARCH_FEAT_N)
> +
> +/* Used to enable platform specific DMA handling for virtio devices. */
> +#define PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS (0 + PLATFORM_ARCH_FEAT_N)
> +
> +#define PLATFORM_FEAT_N (1 + PLATFORM_ARCH_FEAT_N)
>
> void platform_set(unsigned int feature);
> void platform_clear(unsigned int feature);
> diff --git a/include/linux/virtio_config.h b/include/linux/virtio_config.h
> index b341dd62aa4d..79498298519d 100644
> --- a/include/linux/virtio_config.h
> +++ b/include/linux/virtio_config.h
> @@ -559,13 +559,4 @@ static inline void virtio_cwrite64(struct virtio_device *vdev,
> _r; \
> })
>
> -#ifdef CONFIG_ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS
> -int arch_has_restricted_virtio_memory_access(void);
> -#else
> -static inline int arch_has_restricted_virtio_memory_access(void)
> -{
> - return 0;
> -}
> -#endif /* CONFIG_ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS */
> -
> #endif /* _LINUX_VIRTIO_CONFIG_H */
[-- Attachment #1.1.1.2: OpenPGP public key --]
[-- Type: application/pgp-keys, Size: 3149 bytes --]
[-- Attachment #1.2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 495 bytes --]
[-- Attachment #2: Type: text/plain, Size: 183 bytes --]
_______________________________________________
Virtualization mailing list
Virtualization@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/virtualization
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PATCH v3 2/2] virtio: replace arch_has_restricted_virtio_memory_access()
@ 2022-05-19 15:07 ` Juergen Gross
0 siblings, 0 replies; 17+ messages in thread
From: Juergen Gross @ 2022-05-19 15:07 UTC (permalink / raw)
To: xen-devel, linux-kernel, linux-arch, x86, linux-s390, virtualization
Cc: Arnd Bergmann, Heiko Carstens, Vasily Gorbik, Alexander Gordeev,
Christian Borntraeger, Sven Schnelle, Thomas Gleixner,
Ingo Molnar, Borislav Petkov, Dave Hansen, H. Peter Anvin,
Andy Lutomirski, Peter Zijlstra, Michael S. Tsirkin, Jason Wang,
Christoph Hellwig, Oleksandr Tyshchenko
[-- Attachment #1.1.1: Type: text/plain, Size: 7665 bytes --]
On 04.05.22 17:57, Juergen Gross wrote:
> Instead of using arch_has_restricted_virtio_memory_access() together
> with CONFIG_ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS, replace those
> with platform_has() and a new platform feature
> PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS.
>
> Signed-off-by: Juergen Gross <jgross@suse.com>
Could I get some feedback from the s390 side, please?
Juergen
> ---
> V2:
> - move setting of PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS in SEV case
> to sev_setup_arch().
> V3:
> - remove Hyper-V chunk (Michael Kelley)
> - remove include virtio_config.h from mem_encrypt.c (Oleksandr Tyshchenko)
> - add comment for PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS (Oleksandr Tyshchenko)
> ---
> arch/s390/Kconfig | 1 -
> arch/s390/mm/init.c | 13 +++----------
> arch/x86/Kconfig | 1 -
> arch/x86/mm/mem_encrypt.c | 7 -------
> arch/x86/mm/mem_encrypt_amd.c | 4 ++++
> drivers/virtio/Kconfig | 6 ------
> drivers/virtio/virtio.c | 5 ++---
> include/linux/platform-feature.h | 6 +++++-
> include/linux/virtio_config.h | 9 ---------
> 9 files changed, 14 insertions(+), 38 deletions(-)
>
> diff --git a/arch/s390/Kconfig b/arch/s390/Kconfig
> index e084c72104f8..f97a22ae69a8 100644
> --- a/arch/s390/Kconfig
> +++ b/arch/s390/Kconfig
> @@ -772,7 +772,6 @@ menu "Virtualization"
> config PROTECTED_VIRTUALIZATION_GUEST
> def_bool n
> prompt "Protected virtualization guest support"
> - select ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS
> help
> Select this option, if you want to be able to run this
> kernel as a protected virtualization KVM guest.
> diff --git a/arch/s390/mm/init.c b/arch/s390/mm/init.c
> index 86ffd0d51fd5..2c3b451813ed 100644
> --- a/arch/s390/mm/init.c
> +++ b/arch/s390/mm/init.c
> @@ -31,6 +31,7 @@
> #include <linux/cma.h>
> #include <linux/gfp.h>
> #include <linux/dma-direct.h>
> +#include <linux/platform-feature.h>
> #include <asm/processor.h>
> #include <linux/uaccess.h>
> #include <asm/pgalloc.h>
> @@ -168,22 +169,14 @@ bool force_dma_unencrypted(struct device *dev)
> return is_prot_virt_guest();
> }
>
> -#ifdef CONFIG_ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS
> -
> -int arch_has_restricted_virtio_memory_access(void)
> -{
> - return is_prot_virt_guest();
> -}
> -EXPORT_SYMBOL(arch_has_restricted_virtio_memory_access);
> -
> -#endif
> -
> /* protected virtualization */
> static void pv_init(void)
> {
> if (!is_prot_virt_guest())
> return;
>
> + platform_set(PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS);
> +
> /* make sure bounce buffers are shared */
> swiotlb_force = SWIOTLB_FORCE;
> swiotlb_init(1);
> diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
> index 4bed3abf444d..eeb7c6c8eec5 100644
> --- a/arch/x86/Kconfig
> +++ b/arch/x86/Kconfig
> @@ -1515,7 +1515,6 @@ config X86_CPA_STATISTICS
> config X86_MEM_ENCRYPT
> select ARCH_HAS_FORCE_DMA_UNENCRYPTED
> select DYNAMIC_PHYSICAL_MASK
> - select ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS
> def_bool n
>
> config AMD_MEM_ENCRYPT
> diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c
> index 50d209939c66..18a55a0f1ca2 100644
> --- a/arch/x86/mm/mem_encrypt.c
> +++ b/arch/x86/mm/mem_encrypt.c
> @@ -12,7 +12,6 @@
> #include <linux/swiotlb.h>
> #include <linux/cc_platform.h>
> #include <linux/mem_encrypt.h>
> -#include <linux/virtio_config.h>
>
> /* Override for DMA direct allocation check - ARCH_HAS_FORCE_DMA_UNENCRYPTED */
> bool force_dma_unencrypted(struct device *dev)
> @@ -76,9 +75,3 @@ void __init mem_encrypt_init(void)
>
> print_mem_encrypt_feature_info();
> }
> -
> -int arch_has_restricted_virtio_memory_access(void)
> -{
> - return cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT);
> -}
> -EXPORT_SYMBOL_GPL(arch_has_restricted_virtio_memory_access);
> diff --git a/arch/x86/mm/mem_encrypt_amd.c b/arch/x86/mm/mem_encrypt_amd.c
> index 6169053c2854..39b71084d36b 100644
> --- a/arch/x86/mm/mem_encrypt_amd.c
> +++ b/arch/x86/mm/mem_encrypt_amd.c
> @@ -21,6 +21,7 @@
> #include <linux/dma-mapping.h>
> #include <linux/virtio_config.h>
> #include <linux/cc_platform.h>
> +#include <linux/platform-feature.h>
>
> #include <asm/tlbflush.h>
> #include <asm/fixmap.h>
> @@ -206,6 +207,9 @@ void __init sev_setup_arch(void)
> size = total_mem * 6 / 100;
> size = clamp_val(size, IO_TLB_DEFAULT_SIZE, SZ_1G);
> swiotlb_adjust_size(size);
> +
> + /* Set restricted memory access for virtio. */
> + platform_set(PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS);
> }
>
> static unsigned long pg_level_to_pfn(int level, pte_t *kpte, pgprot_t *ret_prot)
> diff --git a/drivers/virtio/Kconfig b/drivers/virtio/Kconfig
> index b5adf6abd241..a6dc8b5846fe 100644
> --- a/drivers/virtio/Kconfig
> +++ b/drivers/virtio/Kconfig
> @@ -6,12 +6,6 @@ config VIRTIO
> bus, such as CONFIG_VIRTIO_PCI, CONFIG_VIRTIO_MMIO, CONFIG_RPMSG
> or CONFIG_S390_GUEST.
>
> -config ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS
> - bool
> - help
> - This option is selected if the architecture may need to enforce
> - VIRTIO_F_ACCESS_PLATFORM
> -
> config VIRTIO_PCI_LIB
> tristate
> help
> diff --git a/drivers/virtio/virtio.c b/drivers/virtio/virtio.c
> index 22f15f444f75..371e16b18381 100644
> --- a/drivers/virtio/virtio.c
> +++ b/drivers/virtio/virtio.c
> @@ -5,6 +5,7 @@
> #include <linux/module.h>
> #include <linux/idr.h>
> #include <linux/of.h>
> +#include <linux/platform-feature.h>
> #include <uapi/linux/virtio_ids.h>
>
> /* Unique numbering for virtio devices. */
> @@ -170,12 +171,10 @@ EXPORT_SYMBOL_GPL(virtio_add_status);
> static int virtio_features_ok(struct virtio_device *dev)
> {
> unsigned status;
> - int ret;
>
> might_sleep();
>
> - ret = arch_has_restricted_virtio_memory_access();
> - if (ret) {
> + if (platform_has(PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS)) {
> if (!virtio_has_feature(dev, VIRTIO_F_VERSION_1)) {
> dev_warn(&dev->dev,
> "device must provide VIRTIO_F_VERSION_1\n");
> diff --git a/include/linux/platform-feature.h b/include/linux/platform-feature.h
> index 6ed859928b97..b2f48be999fa 100644
> --- a/include/linux/platform-feature.h
> +++ b/include/linux/platform-feature.h
> @@ -6,7 +6,11 @@
> #include <asm/platform-feature.h>
>
> /* The platform features are starting with the architecture specific ones. */
> -#define PLATFORM_FEAT_N (0 + PLATFORM_ARCH_FEAT_N)
> +
> +/* Used to enable platform specific DMA handling for virtio devices. */
> +#define PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS (0 + PLATFORM_ARCH_FEAT_N)
> +
> +#define PLATFORM_FEAT_N (1 + PLATFORM_ARCH_FEAT_N)
>
> void platform_set(unsigned int feature);
> void platform_clear(unsigned int feature);
> diff --git a/include/linux/virtio_config.h b/include/linux/virtio_config.h
> index b341dd62aa4d..79498298519d 100644
> --- a/include/linux/virtio_config.h
> +++ b/include/linux/virtio_config.h
> @@ -559,13 +559,4 @@ static inline void virtio_cwrite64(struct virtio_device *vdev,
> _r; \
> })
>
> -#ifdef CONFIG_ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS
> -int arch_has_restricted_virtio_memory_access(void);
> -#else
> -static inline int arch_has_restricted_virtio_memory_access(void)
> -{
> - return 0;
> -}
> -#endif /* CONFIG_ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS */
> -
> #endif /* _LINUX_VIRTIO_CONFIG_H */
[-- Attachment #1.1.2: OpenPGP public key --]
[-- Type: application/pgp-keys, Size: 3149 bytes --]
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 495 bytes --]
^ permalink raw reply [flat|nested] 17+ messages in thread
end of thread, other threads:[~2022-05-19 15:08 UTC | newest]
Thread overview: 17+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-05-04 15:57 [PATCH v3 0/2] kernel: add new infrastructure for platform_has() support Juergen Gross
2022-05-04 15:57 ` Juergen Gross via Virtualization
2022-05-04 15:57 ` [PATCH v3 1/2] kernel: add platform_has() infrastructure Juergen Gross
2022-05-04 15:57 ` Juergen Gross via Virtualization
2022-05-09 6:30 ` Christoph Hellwig
2022-05-09 6:30 ` Christoph Hellwig
2022-05-09 11:48 ` Boris Petkov
2022-05-09 11:48 ` Boris Petkov
2022-05-04 15:57 ` [PATCH v3 2/2] virtio: replace arch_has_restricted_virtio_memory_access() Juergen Gross
2022-05-04 15:57 ` Juergen Gross via Virtualization
2022-05-09 6:31 ` Christoph Hellwig
2022-05-09 6:31 ` Christoph Hellwig
2022-05-09 11:59 ` Boris Petkov
2022-05-09 11:59 ` Boris Petkov
2022-05-19 15:07 ` Juergen Gross via Virtualization
2022-05-19 15:07 ` Juergen Gross
2022-05-05 16:13 ` [PATCH v3 0/2] kernel: add new infrastructure for platform_has() support Oleksandr
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.