From: Christian Borntraeger <borntraeger@de.ibm.com>
To: Janosch Frank <frankja@linux.vnet.ibm.com>,
Andrew Morton <akpm@linux-foundation.org>
Cc: KVM <kvm@vger.kernel.org>, Cornelia Huck <cohuck@redhat.com>,
David Hildenbrand <david@redhat.com>,
Thomas Huth <thuth@redhat.com>,
Ulrich Weigand <Ulrich.Weigand@de.ibm.com>,
Claudio Imbrenda <imbrenda@linux.ibm.com>,
linux-s390 <linux-s390@vger.kernel.org>,
Michael Mueller <mimu@linux.ibm.com>,
Vasily Gorbik <gor@linux.ibm.com>,
Andrea Arcangeli <aarcange@redhat.com>,
linux-mm@kvack.org
Subject: Re: [PATCH v4 00/36] KVM: s390: Add support for protected VMs
Date: Wed, 26 Feb 2020 10:35:54 +0100 [thread overview]
Message-ID: <68e6ba26-6f96-fb6a-db64-2c591526f588@de.ibm.com> (raw)
In-Reply-To: <20200224114107.4646-1-borntraeger@de.ibm.com>
The KVM part is almost done with review and I have now pushed this to
kvms390/next to give some exposure:
https://git.kernel.org/pub/scm/linux/kernel/git/kvms390/linux.git/log/?h=next
We still need a solution for Patch 1,"mm:gup/writeback: add callbacks for
inaccessible pages".
Andrew, I need your guidance here. Take this via s390kvm with an ACK or
take it via your tree?
Christian
On 24.02.20 12:40, Christian Borntraeger wrote:
> mm-related patches CCed on linux-mm, the complete list can be found on
> the KVM and linux-s390 list.
>
> Andrew, any chance to take " mm:gup/writeback: add callbacks for
> inaccessible pages" for 5.7? I can then carry the s390/kvm part. There
> is no build dependency on this patch (just a logical one). As an
> alternative I can take an ack and carry that patch myself.
>
> This series contains a "pretty small" common code memory management
> change that will allow paging, guest backing with files etc almost
> just like normal VMs. It should be a no-op for all architectures not
> opting in. And it should be usable for others that also try to get
> notified on "the pages are in the process of being used for things
> like I/O". This time I included error handling and an ACK from Will
> Deacon as well as a Reviewed-by: from David Hildenbrand.
> This patch will be used by
> "[PATCH v4 05/36] s390/mm: provide memory management functions for
> protected KVM guests".
> We need to call into the "make accessible" architecture function when
> the refcount is already increased the writeback bit is set. This will
> make sure that we do not call the reverse function (convert to secure)
> until the host operation has finished.
>
>
> Overview
> --------
> Protected VMs (PVM) are KVM VMs, where KVM can't access the VM's state
> like guest memory and guest registers anymore. Instead the PVMs are
> mostly managed by a new entity called Ultravisor (UV), which provides
> an API, so KVM and the PV can request management actions.
>
> PVMs are encrypted at rest and protected from hypervisor access while
> running. They switch from a normal operation into protected mode, so
> we can still use the standard boot process to load a encrypted blob
> and then move it into protected mode.
>
> Rebooting is only possible by passing through the unprotected/normal
> mode and switching to protected again.
>
> All patches are in the protvirtv4 branch of the korg s390 kvm git
> https://git.kernel.org/pub/scm/linux/kernel/git/kvms390/linux.git/log/?h=protvirtv6
>
> Claudio presented the technology at his presentation at KVM Forum
> 2019.
>
> https://static.sched.com/hosted_files/kvmforum2019/3b/ibm_protected_vms_s390x.pdf
>
>
> v3 -> v4:
> general
> -------
> - copyright updates
> - Reviewedby + acked by tags
>
> KVM: s390/interrupt: do not pin adapter interrupt pages
> -------------------------------------------------------
> - more comments
> - get rid of now obsolete adapter parameter
>
> s390/mm: provide memory management functions for protected KVM guests
> ---------------------------------------------------------------------
> - improved patch description
>
> KVM: s390: protvirt: Add initial vm and cpu lifecycle handling
> --------------------------------------------------------------
> - rework tweak logic to not use an array
> - remove _VM_ part of the subfunction names of PV_COMMAND
> - merge alloc/create/destroy/dealloc into init/deinit
> - handle cmma deallocation on failures
> - rework error handling to pass along the first rc/rrc if VCPU or VM CREATE/DESTROY fails
> This was tested successfully with error injection and tracing. We do not deallocate on
> destroy failure and we pass along the first rc/rrc when vcpu destroy fails.
>
> KVM: s390: protvirt: Add KVM api documentation
> -----------------------------------------------
> - mention new MP_STATE
> - remove "old" interfaces that are no longer in the previous patch
> - move to the end
>
> KVM: s390: protvirt: Secure memory is not mergeable
> ---------------------------------------------------
> - rebase on new lifecycle patch
>
> KVM: s390: protvirt: UV calls in support of diag308 0,1
> -------------------------------------------------------
> - remove _VM_ part of the subfunction names of PV_COMMAND
>
> KVM: s390: rstify new ioctls in api.rst
> ---------------------------------------
> - removed from this patch queue
>
>
>
> v2 -> v3
> - rebase against v5.6-rc2
> - move some checks into the callers
> - typo fixes
> - extend UV query size
> - do a tlb flush when entering/exiting protected mode
> - more comments
> - change interface to PV_ENABLE/DISABLE instead of vcpu/vm
> create/destroy
> - lockdep checks for *is_protected calls
> - locking improments
> - move facility 161 to qemu
> - checkpatch fixes
> - merged error handling in mm patch
> - removed vcpu pv commands
> - use mp_state for setting the IPL PSW
>
>
> v1 -> v2
> - rebase on top of kvm/master
> - pipe through rc and rrc. This might have created some churn here and
> there
> - turn off sclp masking when rebooting into "unsecure"
> - memory management simplification
> - prefix page handling now via intercept 112
> - io interrupt intervention request fix (do not use GISA)
> - api.txt conversion to rst
> - sample patches on top of mm/gup/writeback
> - tons of review feedback
> - kvm_uv debug feature fixes and unifications
> - ultravisor information for /sys/firmware
> -
>
> RFCv2 -> v1 (you can diff the protvirtv2 and the protvirtv3 branch)
> - tons of review feedback integrated (see mail thread)
> - memory management now complete and working
> - Documentation patches merged
> - interrupt patches merged
> - CONFIG_KVM_S390_PROTECTED_VIRTUALIZATION_HOST removed
> - SIDA interface integrated into memop
> - for merged patches I removed reviews that were not in all patches
>
>
>
> Christian Borntraeger (4):
> KVM: s390/mm: Make pages accessible before destroying the guest
> KVM: s390: protvirt: Add SCLP interrupt handling
> KVM: s390: protvirt: do not inject interrupts after start
> KVM: s390: protvirt: introduce and enable KVM_CAP_S390_PROTECTED
>
> Claudio Imbrenda (3):
> mm/gup/writeback: add callbacks for inaccessible pages
> s390/mm: provide memory management functions for protected KVM guests
> KVM: s390/mm: handle guest unpin events
>
> Janosch Frank (24):
> KVM: s390: protvirt: Add UV debug trace
> KVM: s390: add new variants of UV CALL
> KVM: s390: protvirt: Add initial vm and cpu lifecycle handling
> KVM: s390: protvirt: Secure memory is not mergeable
> KVM: s390: protvirt: Handle SE notification interceptions
> KVM: s390: protvirt: Instruction emulation
> KVM: s390: protvirt: Handle spec exception loops
> KVM: s390: protvirt: Add new gprs location handling
> KVM: S390: protvirt: Introduce instruction data area bounce buffer
> KVM: s390: protvirt: handle secure guest prefix pages
> KVM: s390: protvirt: Write sthyi data to instruction data area
> KVM: s390: protvirt: STSI handling
> KVM: s390: protvirt: disallow one_reg
> KVM: s390: protvirt: Do only reset registers that are accessible
> KVM: s390: protvirt: Only sync fmt4 registers
> KVM: s390: protvirt: Add program exception injection
> KVM: s390: protvirt: UV calls in support of diag308 0, 1
> KVM: s390: protvirt: Report CPU state to Ultravisor
> KVM: s390: protvirt: Support cmd 5 operation state
> KVM: s390: protvirt: Mask PSW interrupt bits for interception 104 and
> 112
> KVM: s390: protvirt: Add UV cpu reset calls
> DOCUMENTATION: Protected virtual machine introduction and IPL
> s390: protvirt: Add sysfs firmware interface for Ultravisor
> information
> KVM: s390: protvirt: Add KVM api documentation
>
> Michael Mueller (1):
> KVM: s390: protvirt: Implement interrupt injection
>
> Ulrich Weigand (1):
> KVM: s390/interrupt: do not pin adapter interrupt pages
>
> Vasily Gorbik (3):
> s390/protvirt: introduce host side setup
> s390/protvirt: add ultravisor initialization
> s390/mm: add (non)secure page access exceptions handlers
>
> .../admin-guide/kernel-parameters.txt | 5 +
> Documentation/virt/kvm/api.rst | 61 +-
> Documentation/virt/kvm/devices/s390_flic.rst | 11 +-
> Documentation/virt/kvm/index.rst | 2 +
> Documentation/virt/kvm/s390-pv-boot.rst | 83 +++
> Documentation/virt/kvm/s390-pv.rst | 116 ++++
> MAINTAINERS | 1 +
> arch/s390/boot/Makefile | 2 +-
> arch/s390/boot/uv.c | 21 +-
> arch/s390/include/asm/gmap.h | 6 +
> arch/s390/include/asm/kvm_host.h | 113 +++-
> arch/s390/include/asm/mmu.h | 2 +
> arch/s390/include/asm/mmu_context.h | 1 +
> arch/s390/include/asm/page.h | 5 +
> arch/s390/include/asm/pgtable.h | 35 +-
> arch/s390/include/asm/uv.h | 252 ++++++++-
> arch/s390/kernel/Makefile | 1 +
> arch/s390/kernel/pgm_check.S | 4 +-
> arch/s390/kernel/setup.c | 9 +-
> arch/s390/kernel/uv.c | 413 ++++++++++++++
> arch/s390/kvm/Makefile | 2 +-
> arch/s390/kvm/diag.c | 6 +-
> arch/s390/kvm/intercept.c | 117 +++-
> arch/s390/kvm/interrupt.c | 399 +++++++------
> arch/s390/kvm/kvm-s390.c | 532 +++++++++++++++---
> arch/s390/kvm/kvm-s390.h | 51 +-
> arch/s390/kvm/priv.c | 13 +-
> arch/s390/kvm/pv.c | 298 ++++++++++
> arch/s390/mm/fault.c | 78 +++
> arch/s390/mm/gmap.c | 65 ++-
> include/linux/gfp.h | 6 +
> include/uapi/linux/kvm.h | 43 +-
> mm/gup.c | 15 +-
> mm/page-writeback.c | 5 +
> 34 files changed, 2461 insertions(+), 312 deletions(-)
> create mode 100644 Documentation/virt/kvm/s390-pv-boot.rst
> create mode 100644 Documentation/virt/kvm/s390-pv.rst
> create mode 100644 arch/s390/kernel/uv.c
> create mode 100644 arch/s390/kvm/pv.c
>
prev parent reply other threads:[~2020-02-26 9:36 UTC|newest]
Thread overview: 101+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-02-24 11:40 [PATCH v4 00/36] KVM: s390: Add support for protected VMs Christian Borntraeger
2020-02-24 11:40 ` [PATCH v4 01/36] mm/gup/writeback: add callbacks for inaccessible pages Christian Borntraeger
2020-02-24 11:40 ` [PATCH v4 02/36] KVM: s390/interrupt: do not pin adapter interrupt pages Christian Borntraeger
2020-02-25 10:18 ` Cornelia Huck
2020-02-24 11:40 ` [PATCH v4 03/36] s390/protvirt: introduce host side setup Christian Borntraeger
2020-02-24 11:40 ` [PATCH v4 04/36] s390/protvirt: add ultravisor initialization Christian Borntraeger
2020-02-24 11:40 ` [PATCH v4 05/36] s390/mm: provide memory management functions for protected KVM guests Christian Borntraeger
2020-02-25 10:32 ` Cornelia Huck
2020-02-24 11:40 ` [PATCH v4 06/36] s390/mm: add (non)secure page access exceptions handlers Christian Borntraeger
2020-02-25 10:37 ` Cornelia Huck
2020-02-24 11:40 ` [PATCH v4 07/36] KVM: s390: protvirt: Add UV debug trace Christian Borntraeger
2020-02-24 11:40 ` [PATCH v4 08/36] KVM: s390: add new variants of UV CALL Christian Borntraeger
2020-02-24 11:40 ` [PATCH v4 09/36] KVM: s390: protvirt: Add initial vm and cpu lifecycle handling Christian Borntraeger
2020-02-25 17:46 ` David Hildenbrand
2020-02-25 21:44 ` Christian Borntraeger
2020-02-25 22:29 ` David Hildenbrand
2020-02-25 21:48 ` [PATCH v4.5 " Christian Borntraeger
2020-02-25 22:37 ` David Hildenbrand
2020-02-26 8:12 ` Christian Borntraeger
2020-02-26 8:28 ` David Hildenbrand
2020-02-26 9:12 ` Christian Borntraeger
2020-02-26 9:15 ` David Hildenbrand
2020-02-26 10:01 ` Cornelia Huck
2020-02-26 10:52 ` Christian Borntraeger
2020-02-26 10:38 ` Cornelia Huck
2020-02-26 11:03 ` Christian Borntraeger
2020-02-26 12:26 ` Cornelia Huck
2020-02-26 13:31 ` Christian Borntraeger
2020-02-26 16:54 ` Cornelia Huck
2020-02-26 17:00 ` [PATCH v4.6 " Christian Borntraeger
2020-02-26 17:08 ` Cornelia Huck
2020-02-24 11:40 ` [PATCH v4 10/36] KVM: s390: protvirt: Secure memory is not mergeable Christian Borntraeger
2020-02-24 11:40 ` [PATCH v4 11/36] KVM: s390/mm: Make pages accessible before destroying the guest Christian Borntraeger
2020-02-24 11:40 ` [PATCH v4 12/36] KVM: s390: protvirt: Handle SE notification interceptions Christian Borntraeger
2020-02-25 11:11 ` Cornelia Huck
2020-02-24 11:40 ` [PATCH v4 13/36] KVM: s390: protvirt: Instruction emulation Christian Borntraeger
2020-02-24 11:40 ` [PATCH v4 14/36] KVM: s390: protvirt: Implement interrupt injection Christian Borntraeger
2020-02-25 12:07 ` Cornelia Huck
2020-02-24 11:40 ` [PATCH v4 15/36] KVM: s390: protvirt: Add SCLP interrupt handling Christian Borntraeger
2020-02-25 12:11 ` Cornelia Huck
2020-02-24 11:40 ` [PATCH v4 16/36] KVM: s390: protvirt: Handle spec exception loops Christian Borntraeger
2020-02-24 19:14 ` David Hildenbrand
2020-02-24 11:40 ` [PATCH v4 17/36] KVM: s390: protvirt: Add new gprs location handling Christian Borntraeger
2020-02-24 11:40 ` [PATCH v4 18/36] KVM: S390: protvirt: Introduce instruction data area bounce buffer Christian Borntraeger
2020-02-24 19:13 ` David Hildenbrand
2020-02-25 7:50 ` Christian Borntraeger
2020-02-25 8:18 ` David Hildenbrand
2020-02-25 17:21 ` Cornelia Huck
2020-02-25 18:39 ` Christian Borntraeger
2020-02-25 17:19 ` Cornelia Huck
2020-02-25 18:37 ` Christian Borntraeger
2020-02-24 11:40 ` [PATCH v4 19/36] KVM: s390: protvirt: handle secure guest prefix pages Christian Borntraeger
2020-02-25 12:15 ` Cornelia Huck
2020-02-24 11:40 ` [PATCH v4 20/36] KVM: s390/mm: handle guest unpin events Christian Borntraeger
2020-02-25 12:18 ` Cornelia Huck
2020-02-25 14:21 ` Christian Borntraeger
2020-02-25 14:30 ` Cornelia Huck
2020-02-24 11:40 ` [PATCH v4 21/36] KVM: s390: protvirt: Write sthyi data to instruction data area Christian Borntraeger
2020-02-24 11:40 ` [PATCH v4 22/36] KVM: s390: protvirt: STSI handling Christian Borntraeger
2020-02-24 19:00 ` David Hildenbrand
2020-02-24 11:40 ` [PATCH v4 23/36] KVM: s390: protvirt: disallow one_reg Christian Borntraeger
2020-02-24 11:40 ` [PATCH v4 24/36] KVM: s390: protvirt: Do only reset registers that are accessible Christian Borntraeger
2020-02-25 12:32 ` Cornelia Huck
2020-02-25 12:51 ` Janosch Frank
2020-02-25 13:06 ` Cornelia Huck
2020-02-25 13:08 ` Christian Borntraeger
2020-02-25 13:16 ` Cornelia Huck
2020-02-25 13:07 ` Christian Borntraeger
2020-02-24 11:40 ` [PATCH v4 25/36] KVM: s390: protvirt: Only sync fmt4 registers Christian Borntraeger
2020-02-25 12:36 ` Cornelia Huck
2020-02-24 11:40 ` [PATCH v4 26/36] KVM: s390: protvirt: Add program exception injection Christian Borntraeger
2020-02-24 11:40 ` [PATCH v4 27/36] KVM: s390: protvirt: UV calls in support of diag308 0, 1 Christian Borntraeger
2020-02-25 12:51 ` Cornelia Huck
2020-02-24 11:40 ` [PATCH v4 28/36] KVM: s390: protvirt: Report CPU state to Ultravisor Christian Borntraeger
2020-02-24 19:05 ` David Hildenbrand
2020-02-25 8:29 ` Christian Borntraeger
2020-02-25 8:41 ` David Hildenbrand
2020-02-25 13:01 ` Cornelia Huck
2020-02-25 13:21 ` Christian Borntraeger
2020-02-25 13:44 ` Cornelia Huck
2020-02-24 11:41 ` [PATCH v4 29/36] KVM: s390: protvirt: Support cmd 5 operation state Christian Borntraeger
2020-02-24 19:08 ` David Hildenbrand
2020-02-25 7:53 ` Christian Borntraeger
2020-02-25 13:21 ` Cornelia Huck
2020-02-24 11:41 ` [PATCH v4 30/36] KVM: s390: protvirt: Mask PSW interrupt bits for interception 104 and 112 Christian Borntraeger
2020-02-24 11:41 ` [PATCH v4 31/36] KVM: s390: protvirt: do not inject interrupts after start Christian Borntraeger
2020-02-24 11:41 ` [PATCH v4 32/36] KVM: s390: protvirt: Add UV cpu reset calls Christian Borntraeger
2020-02-24 11:41 ` [PATCH v4 33/36] DOCUMENTATION: Protected virtual machine introduction and IPL Christian Borntraeger
2020-02-25 16:22 ` Cornelia Huck
2020-02-25 16:42 ` Christian Borntraeger
2020-02-24 11:41 ` [PATCH v4 34/36] s390: protvirt: Add sysfs firmware interface for Ultravisor information Christian Borntraeger
2020-02-25 13:30 ` Cornelia Huck
2020-02-25 13:37 ` Cornelia Huck
2020-02-24 11:41 ` [PATCH v4 35/36] KVM: s390: protvirt: introduce and enable KVM_CAP_S390_PROTECTED Christian Borntraeger
2020-02-25 13:22 ` Cornelia Huck
2020-02-24 11:41 ` [PATCH v4 36/36] KVM: s390: protvirt: Add KVM api documentation Christian Borntraeger
2020-02-25 15:50 ` Cornelia Huck
2020-02-25 19:30 ` Christian Borntraeger
2020-02-27 8:47 ` [PATCH v4.1 " Christian Borntraeger
2020-02-27 9:04 ` Cornelia Huck
2020-02-26 9:35 ` Christian Borntraeger [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=68e6ba26-6f96-fb6a-db64-2c591526f588@de.ibm.com \
--to=borntraeger@de.ibm.com \
--cc=Ulrich.Weigand@de.ibm.com \
--cc=aarcange@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=cohuck@redhat.com \
--cc=david@redhat.com \
--cc=frankja@linux.vnet.ibm.com \
--cc=gor@linux.ibm.com \
--cc=imbrenda@linux.ibm.com \
--cc=kvm@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-s390@vger.kernel.org \
--cc=mimu@linux.ibm.com \
--cc=thuth@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).