From: Michael Kelley <mikelley@microsoft.com>
To: Tianyu Lan <ltykernel@gmail.com>,
KY Srinivasan <kys@microsoft.com>,
Haiyang Zhang <haiyangz@microsoft.com>,
Stephen Hemminger <sthemmin@microsoft.com>,
"wei.liu@kernel.org" <wei.liu@kernel.org>,
Dexuan Cui <decui@microsoft.com>,
"tglx@linutronix.de" <tglx@linutronix.de>,
"mingo@redhat.com" <mingo@redhat.com>,
"bp@alien8.de" <bp@alien8.de>, "x86@kernel.org" <x86@kernel.org>,
"hpa@zytor.com" <hpa@zytor.com>,
"dave.hansen@linux.intel.com" <dave.hansen@linux.intel.com>,
"luto@kernel.org" <luto@kernel.org>,
"peterz@infradead.org" <peterz@infradead.org>,
"davem@davemloft.net" <davem@davemloft.net>,
"kuba@kernel.org" <kuba@kernel.org>,
"gregkh@linuxfoundation.org" <gregkh@linuxfoundation.org>,
"arnd@arndb.de" <arnd@arndb.de>,
"brijesh.singh@amd.com" <brijesh.singh@amd.com>,
"jroedel@suse.de" <jroedel@suse.de>,
Tianyu Lan <Tianyu.Lan@microsoft.com>,
"thomas.lendacky@amd.com" <thomas.lendacky@amd.com>,
"pgonda@google.com" <pgonda@google.com>,
"akpm@linux-foundation.org" <akpm@linux-foundation.org>,
"rppt@kernel.org" <rppt@kernel.org>,
"kirill.shutemov@linux.intel.com"
<kirill.shutemov@linux.intel.com>,
"saravanand@fb.com" <saravanand@fb.com>,
"aneesh.kumar@linux.ibm.com" <aneesh.kumar@linux.ibm.com>,
"rientjes@google.com" <rientjes@google.com>,
"tj@kernel.org" <tj@kernel.org>
Cc: "linux-arch@vger.kernel.org" <linux-arch@vger.kernel.org>,
"linux-hyperv@vger.kernel.org" <linux-hyperv@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"netdev@vger.kernel.org" <netdev@vger.kernel.org>,
vkuznets <vkuznets@redhat.com>,
"konrad.wilk@oracle.com" <konrad.wilk@oracle.com>,
"hch@lst.de" <hch@lst.de>,
"robin.murphy@arm.com" <robin.murphy@arm.com>,
"joro@8bytes.org" <joro@8bytes.org>,
"parri.andrea@gmail.com" <parri.andrea@gmail.com>,
"dave.hansen@intel.com" <dave.hansen@intel.com>
Subject: RE: [PATCH V6 7/8] Drivers: hv: vmbus: Add SNP support for VMbus channel initiate message
Date: Sat, 2 Oct 2021 13:26:26 +0000 [thread overview]
Message-ID: <MWHPR21MB15933BC87034940AB7170552D7AC9@MWHPR21MB1593.namprd21.prod.outlook.com> (raw)
In-Reply-To: <20210930130545.1210298-8-ltykernel@gmail.com>
From: Tianyu Lan <ltykernel@gmail.com> Sent: Thursday, September 30, 2021 6:06 AM
>
> The monitor pages in the CHANNELMSG_INITIATE_CONTACT msg are shared
> with host in Isolation VM and so it's necessary to use hvcall to set
> them visible to host. In Isolation VM with AMD SEV SNP, the access
> address should be in the extra space which is above shared gpa
> boundary. So remap these pages into the extra address(pa +
> shared_gpa_boundary).
>
> Introduce monitor_pages_original[] in the struct vmbus_connection
> to store monitor page virtual address returned by hv_alloc_hyperv_
> zeroed_page() and free monitor page via monitor_pages_original in
> the vmbus_disconnect(). The monitor_pages[] is to used to access
> monitor page and it is initialized to be equal with monitor_pages_
> original. The monitor_pages[] will be overridden in the isolation VM
> with va of extra address. Introduce monitor_pages_pa[] to store
> monitor pages' physical address and use it to populate pa in the
> initiate msg.
>
> Signed-off-by: Tianyu Lan <Tianyu.Lan@microsoft.com>
> ---
> Change since v5:
> * change vmbus_connection.monitor_pages_pa type from
> unsigned long to phys_addr_t
> * Plus vmbus_connection.monitor_pages_pa with ms_hyperv.
> shared_gpa_boundary only in the IVM with AMD SEV.
>
> Change since v4:
> * Introduce monitor_pages_pa[] to store monitor pages' physical
> address and use it to populate pa in the initiate msg.
> * Move code of mapping moniter pages in extra address into
> vmbus_connect().
>
> Change since v3:
> * Rename monitor_pages_va with monitor_pages_original
> * free monitor page via monitor_pages_original and
> monitor_pages is used to access monitor page.
>
> Change since v1:
> * Not remap monitor pages in the non-SNP isolation VM.
> ---
> drivers/hv/connection.c | 90 ++++++++++++++++++++++++++++++++++++---
> drivers/hv/hyperv_vmbus.h | 2 +
> 2 files changed, 86 insertions(+), 6 deletions(-)
>
> diff --git a/drivers/hv/connection.c b/drivers/hv/connection.c
> index 8820ae68f20f..7fac8d99541c 100644
> --- a/drivers/hv/connection.c
> +++ b/drivers/hv/connection.c
> @@ -19,6 +19,8 @@
> #include <linux/vmalloc.h>
> #include <linux/hyperv.h>
> #include <linux/export.h>
> +#include <linux/io.h>
> +#include <linux/set_memory.h>
> #include <asm/mshyperv.h>
>
> #include "hyperv_vmbus.h"
> @@ -102,8 +104,9 @@ int vmbus_negotiate_version(struct vmbus_channel_msginfo *msginfo, u32 version)
> vmbus_connection.msg_conn_id = VMBUS_MESSAGE_CONNECTION_ID;
> }
>
> - msg->monitor_page1 = virt_to_phys(vmbus_connection.monitor_pages[0]);
> - msg->monitor_page2 = virt_to_phys(vmbus_connection.monitor_pages[1]);
> + msg->monitor_page1 = vmbus_connection.monitor_pages_pa[0];
> + msg->monitor_page2 = vmbus_connection.monitor_pages_pa[1];
> +
> msg->target_vcpu = hv_cpu_number_to_vp_number(VMBUS_CONNECT_CPU);
>
> /*
> @@ -216,6 +219,65 @@ int vmbus_connect(void)
> goto cleanup;
> }
>
> + vmbus_connection.monitor_pages_original[0]
> + = vmbus_connection.monitor_pages[0];
> + vmbus_connection.monitor_pages_original[1]
> + = vmbus_connection.monitor_pages[1];
> + vmbus_connection.monitor_pages_pa[0]
> + = virt_to_phys(vmbus_connection.monitor_pages[0]);
> + vmbus_connection.monitor_pages_pa[1]
> + = virt_to_phys(vmbus_connection.monitor_pages[1]);
> +
> + if (hv_is_isolation_supported()) {
> + ret = set_memory_decrypted((unsigned long)
> + vmbus_connection.monitor_pages[0],
> + 1);
> + ret |= set_memory_decrypted((unsigned long)
> + vmbus_connection.monitor_pages[1],
> + 1);
> + if (ret)
> + goto cleanup;
> +
> + /*
> + * Isolation VM with AMD SNP needs to access monitor page via
> + * address space above shared gpa boundary.
> + */
> + if (hv_isolation_type_snp()) {
> + vmbus_connection.monitor_pages_pa[0] +=
> + ms_hyperv.shared_gpa_boundary;
> + vmbus_connection.monitor_pages_pa[1] +=
> + ms_hyperv.shared_gpa_boundary;
> +
> + vmbus_connection.monitor_pages[0]
> + = memremap(vmbus_connection.monitor_pages_pa[0],
> + HV_HYP_PAGE_SIZE,
> + MEMREMAP_WB);
> + if (!vmbus_connection.monitor_pages[0]) {
> + ret = -ENOMEM;
> + goto cleanup;
> + }
> +
> + vmbus_connection.monitor_pages[1]
> + = memremap(vmbus_connection.monitor_pages_pa[1],
> + HV_HYP_PAGE_SIZE,
> + MEMREMAP_WB);
> + if (!vmbus_connection.monitor_pages[1]) {
> + ret = -ENOMEM;
> + goto cleanup;
> + }
> + }
> +
> + /*
> + * Set memory host visibility hvcall smears memory
> + * and so zero monitor pages here.
> + */
> + memset(vmbus_connection.monitor_pages[0], 0x00,
> + HV_HYP_PAGE_SIZE);
> + memset(vmbus_connection.monitor_pages[1], 0x00,
> + HV_HYP_PAGE_SIZE);
> +
> + }
> +
> msginfo = kzalloc(sizeof(*msginfo) +
> sizeof(struct vmbus_channel_initiate_contact),
> GFP_KERNEL);
> @@ -303,10 +365,26 @@ void vmbus_disconnect(void)
> vmbus_connection.int_page = NULL;
> }
>
> - hv_free_hyperv_page((unsigned long)vmbus_connection.monitor_pages[0]);
> - hv_free_hyperv_page((unsigned long)vmbus_connection.monitor_pages[1]);
> - vmbus_connection.monitor_pages[0] = NULL;
> - vmbus_connection.monitor_pages[1] = NULL;
> + if (hv_is_isolation_supported()) {
> + memunmap(vmbus_connection.monitor_pages[0]);
> + memunmap(vmbus_connection.monitor_pages[1]);
The matching memremap() calls are made in vmbus_connect() only in the
SNP case. In the non-SNP case, monitor_pages and monitor_pages_original
are the same, so you would be doing an unmap, and then doing the
set_memory_encrypted() and hv_free_hyperv_page() using an address
that is no longer mapped, which seems wrong. Looking at memunmap(),
it might be a no-op in this case, but even if it is, making them conditional
on the SNP case might be a safer thing to do, and it would make the code
more symmetrical.
> +
> + set_memory_encrypted((unsigned long)
> + vmbus_connection.monitor_pages_original[0],
> + 1);
> + set_memory_encrypted((unsigned long)
> + vmbus_connection.monitor_pages_original[1],
> + 1);
> + }
> +
> + hv_free_hyperv_page((unsigned long)
> + vmbus_connection.monitor_pages_original[0]);
> + hv_free_hyperv_page((unsigned long)
> + vmbus_connection.monitor_pages_original[1]);
> + vmbus_connection.monitor_pages_original[0] =
> + vmbus_connection.monitor_pages[0] = NULL;
> + vmbus_connection.monitor_pages_original[1] =
> + vmbus_connection.monitor_pages[1] = NULL;
> }
>
> /*
> diff --git a/drivers/hv/hyperv_vmbus.h b/drivers/hv/hyperv_vmbus.h
> index 42f3d9d123a1..d0a5232a1c3e 100644
> --- a/drivers/hv/hyperv_vmbus.h
> +++ b/drivers/hv/hyperv_vmbus.h
> @@ -240,6 +240,8 @@ struct vmbus_connection {
> * is child->parent notification
> */
> struct hv_monitor_page *monitor_pages[2];
> + void *monitor_pages_original[2];
> + phys_addr_t monitor_pages_pa[2];
> struct list_head chn_msg_list;
> spinlock_t channelmsg_lock;
>
> --
> 2.25.1
next prev parent reply other threads:[~2021-10-02 13:29 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-30 13:05 [PATCH V6 0/8] x86/Hyper-V: Add Hyper-V Isolation VM support(First part) Tianyu Lan
2021-09-30 13:05 ` [PATCH V6 1/8] x86/hyperv: Initialize GHCB page in Isolation VM Tianyu Lan
2021-09-30 13:05 ` [PATCH V6 2/8] x86/hyperv: Initialize shared memory boundary in the " Tianyu Lan
2021-09-30 13:05 ` [PATCH V6 3/8] x86/hyperv: Add new hvcall guest address host visibility support Tianyu Lan
2021-09-30 18:02 ` Borislav Petkov
2021-10-01 13:17 ` Tianyu Lan
2021-09-30 13:05 ` [PATCH V6 4/8] Drivers: hv: vmbus: Mark vmbus ring buffer visible to host in Isolation VM Tianyu Lan
2021-09-30 13:05 ` [PATCH V6 5/8] x86/hyperv: Add Write/Read MSR registers via ghcb page Tianyu Lan
2021-09-30 18:20 ` Borislav Petkov
2021-10-01 13:31 ` Tianyu Lan
2021-09-30 18:27 ` Tom Lendacky
2021-09-30 18:33 ` Borislav Petkov
2021-10-01 13:44 ` Tianyu Lan
2021-09-30 18:34 ` Tom Lendacky
2021-09-30 13:05 ` [PATCH V6 6/8] x86/hyperv: Add ghcb hvcall support for SNP VM Tianyu Lan
2021-09-30 13:05 ` [PATCH V6 7/8] Drivers: hv: vmbus: Add SNP support for VMbus channel initiate message Tianyu Lan
2021-10-02 13:26 ` Michael Kelley [this message]
2021-10-02 14:39 ` Tianyu Lan
2021-10-04 2:39 ` Michael Kelley
2021-09-30 13:05 ` [PATCH V6 8/8] Drivers: hv : vmbus: Initialize VMbus ring buffer for Isolation VM Tianyu Lan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=MWHPR21MB15933BC87034940AB7170552D7AC9@MWHPR21MB1593.namprd21.prod.outlook.com \
--to=mikelley@microsoft.com \
--cc=Tianyu.Lan@microsoft.com \
--cc=akpm@linux-foundation.org \
--cc=aneesh.kumar@linux.ibm.com \
--cc=arnd@arndb.de \
--cc=bp@alien8.de \
--cc=brijesh.singh@amd.com \
--cc=dave.hansen@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=davem@davemloft.net \
--cc=decui@microsoft.com \
--cc=gregkh@linuxfoundation.org \
--cc=haiyangz@microsoft.com \
--cc=hch@lst.de \
--cc=hpa@zytor.com \
--cc=joro@8bytes.org \
--cc=jroedel@suse.de \
--cc=kirill.shutemov@linux.intel.com \
--cc=konrad.wilk@oracle.com \
--cc=kuba@kernel.org \
--cc=kys@microsoft.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-hyperv@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=ltykernel@gmail.com \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=netdev@vger.kernel.org \
--cc=parri.andrea@gmail.com \
--cc=peterz@infradead.org \
--cc=pgonda@google.com \
--cc=rientjes@google.com \
--cc=robin.murphy@arm.com \
--cc=rppt@kernel.org \
--cc=saravanand@fb.com \
--cc=sthemmin@microsoft.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=tj@kernel.org \
--cc=vkuznets@redhat.com \
--cc=wei.liu@kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.