linuxppc-dev.lists.ozlabs.org archive mirror
 help / color / mirror / Atom feed
From: Thiago Jung Bauermann <bauerman@linux.ibm.com>
To: linuxppc-dev@lists.ozlabs.org
Cc: iommu@lists.linux-foundation.org, linux-kernel@vger.kernel.org,
	Alexey Kardashevskiy <aik@ozlabs.ru>,
	Anshuman Khandual <anshuman.linux@gmail.com>,
	Benjamin Herrenschmidt <benh@kernel.crashing.org>,
	Christoph Hellwig <hch@lst.de>,
	Michael Ellerman <mpe@ellerman.id.au>,
	Mike Anderson <andmike@linux.ibm.com>,
	Paul Mackerras <paulus@samba.org>, Ram Pai <linuxram@us.ibm.com>,
	Anshuman Khandual <khandual@linux.vnet.ibm.com>,
	Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>,
	Thiago Jung Bauermann <bauerman@linux.ibm.com>
Subject: [RFC PATCH 01/11] powerpc/svm: Detect Secure Virtual Machine (SVM) platform
Date: Fri, 24 Aug 2018 13:25:25 -0300	[thread overview]
Message-ID: <20180824162535.22798-2-bauerman@linux.ibm.com> (raw)
In-Reply-To: <20180824162535.22798-1-bauerman@linux.ibm.com>

From: Anshuman Khandual <khandual@linux.vnet.ibm.com>

A guest requests to be moved to secure memory early at the kernel
startup (in prom_init). Define a flag that can be easily checked by other
parts of the kernel so that they can set things up accordingly. This is
done by checking the MSR(S) bit, which is always set for secure VMs.

Also add a new config option CONFIG_PPC_SVM to wrap all these code to
prevent it from being executed from non subscribing platforms. This SVM
platform detection is applicable only to guest kernels that will run under
an Ultravisor as a secure guest.

Signed-off-by: Anshuman Khandual <khandual@linux.vnet.ibm.com>
Signed-off-by: Ram Pai <linuxram@us.ibm.com>
Signed-off-by: Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>
Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com>
---
 arch/powerpc/Kconfig           | 11 +++++++++++
 arch/powerpc/include/asm/reg.h |  3 +++
 arch/powerpc/include/asm/svm.h | 22 ++++++++++++++++++++++
 3 files changed, 36 insertions(+)

diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig
index 9f2b75fe2c2d..f786c962edf0 100644
--- a/arch/powerpc/Kconfig
+++ b/arch/powerpc/Kconfig
@@ -440,6 +440,17 @@ config MATH_EMULATION_HW_UNIMPLEMENTED
 
 endchoice
 
+config PPC_SVM
+       bool "Secure virtual machine (SVM) support for POWERPC"
+       default n
+       depends on PPC_PSERIES
+       help
+         Support secure guests on POWERPC. There are certain POWER platforms
+	 which support secure guests with the help of an Ultravisor executing
+	 below the hypervisor layer. This enables the support for those guests.
+
+	 If unsure, say "N".
+
 config PPC_TRANSACTIONAL_MEM
        bool "Transactional Memory support for POWERPC"
        depends on PPC_BOOK3S_64
diff --git a/arch/powerpc/include/asm/reg.h b/arch/powerpc/include/asm/reg.h
index 562568414cf4..fcf7b79356d0 100644
--- a/arch/powerpc/include/asm/reg.h
+++ b/arch/powerpc/include/asm/reg.h
@@ -36,6 +36,7 @@
 #define MSR_TM_LG	32		/* Trans Mem Available */
 #define MSR_VEC_LG	25	        /* Enable AltiVec */
 #define MSR_VSX_LG	23		/* Enable VSX */
+#define MSR_S_LG	22		/* Secure VM bit */
 #define MSR_POW_LG	18		/* Enable Power Management */
 #define MSR_WE_LG	18		/* Wait State Enable */
 #define MSR_TGPR_LG	17		/* TLB Update registers in use */
@@ -69,11 +70,13 @@
 #define MSR_SF		__MASK(MSR_SF_LG)	/* Enable 64 bit mode */
 #define MSR_ISF		__MASK(MSR_ISF_LG)	/* Interrupt 64b mode valid on 630 */
 #define MSR_HV 		__MASK(MSR_HV_LG)	/* Hypervisor state */
+#define MSR_S 		__MASK(MSR_S_LG)	/* Secure state */
 #else
 /* so tests for these bits fail on 32-bit */
 #define MSR_SF		0
 #define MSR_ISF		0
 #define MSR_HV		0
+#define MSR_S		0
 #endif
 
 /*
diff --git a/arch/powerpc/include/asm/svm.h b/arch/powerpc/include/asm/svm.h
new file mode 100644
index 000000000000..6f89e5d6d37f
--- /dev/null
+++ b/arch/powerpc/include/asm/svm.h
@@ -0,0 +1,22 @@
+/* SPDX-License-Identifier: GPL-2.0+ */
+/*
+ * SVM helper functions
+ *
+ * Copyright 2018 Anshuman Khandual, IBM Corporation.
+ */
+
+#ifndef _ASM_POWERPC_SVM_H
+#define _ASM_POWERPC_SVM_H
+
+#ifdef CONFIG_PPC_SVM
+static bool is_svm_platform(void)
+{
+	return mfmsr() & MSR_S;
+}
+#else
+static inline bool is_svm_platform(void)
+{
+	return false;
+}
+#endif
+#endif /* _ASM_POWERPC_SVM_H */

  reply	other threads:[~2018-08-24 16:26 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-08-24 16:25 [RFC PATCH 00/11] Secure Virtual Machine Enablement Thiago Jung Bauermann
2018-08-24 16:25 ` Thiago Jung Bauermann [this message]
2018-08-24 16:25 ` [RFC PATCH 02/11] powerpc/svm: Select CONFIG_DMA_DIRECT_OPS and CONFIG_SWIOTLB Thiago Jung Bauermann
2018-08-24 16:25 ` [RFC PATCH 03/11] powerpc/svm: Add memory conversion (shared/secure) helper functions Thiago Jung Bauermann
2018-08-24 16:25 ` [RFC PATCH 04/11] powerpc/svm: Convert SWIOTLB buffers to shared memory Thiago Jung Bauermann
2018-08-24 16:25 ` [RFC PATCH 05/11] powerpc/svm: Don't release SWIOTLB buffers on secure guests Thiago Jung Bauermann
2018-08-24 16:25 ` [RFC PATCH 06/11] powerpc/svm: Use SWIOTLB DMA API for all virtio devices Thiago Jung Bauermann
2018-08-24 16:25 ` [RFC PATCH 07/11] powerpc/svm: Use shared memory for Debug Trace Log (DTL) Thiago Jung Bauermann
2018-08-24 16:25 ` [RFC PATCH 08/11] powerpc: Add and use LPPACA_SIZE constant Thiago Jung Bauermann
2018-08-24 16:25 ` [RFC PATCH 09/11] powerpc/svm: Use shared memory for LPPACA structures Thiago Jung Bauermann
2018-08-24 16:25 ` [RFC PATCH 10/11] powerpc/svm: Force the use of bounce buffers Thiago Jung Bauermann
2018-08-24 16:25 ` [RFC PATCH 11/11] powerpc/svm: Increase SWIOTLB buffer size Thiago Jung Bauermann
2018-08-24 17:16   ` Randy Dunlap
2018-08-25  0:38     ` Thiago Jung Bauermann
2018-08-27 18:18   ` Konrad Rzeszutek Wilk
2018-08-24 16:33 ` [RFC PATCH 00/11] Secure Virtual Machine Enablement Christoph Hellwig
2018-08-24 18:16   ` Ram Pai
2019-09-04  2:48 ` Sukadev Bhattiprolu
  -- strict thread matches above, loose matches on Subject: below --
2018-08-24  2:59 Thiago Jung Bauermann
2018-08-24  2:59 ` [RFC PATCH 01/11] powerpc/svm: Detect Secure Virtual Machine (SVM) platform Thiago Jung Bauermann

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20180824162535.22798-2-bauerman@linux.ibm.com \
    --to=bauerman@linux.ibm.com \
    --cc=aik@ozlabs.ru \
    --cc=andmike@linux.ibm.com \
    --cc=anshuman.linux@gmail.com \
    --cc=benh@kernel.crashing.org \
    --cc=hch@lst.de \
    --cc=iommu@lists.linux-foundation.org \
    --cc=khandual@linux.vnet.ibm.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linuxppc-dev@lists.ozlabs.org \
    --cc=linuxram@us.ibm.com \
    --cc=mpe@ellerman.id.au \
    --cc=paulus@samba.org \
    --cc=sukadev@linux.vnet.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).