From: Claudio Carvalho <cclaudio@linux.ibm.com>
To: janani@linux.ibm.com
Cc: Madhavan Srinivasan <maddy@linux.vnet.ibm.com>,
Michael Anderson <andmike@linux.ibm.com>,
Ram Pai <linuxram@us.ibm.com>,
kvm-ppc@vger.kernel.org, Bharata B Rao <bharata@linux.ibm.com>,
linuxppc-dev@ozlabs.org, Ryan Grimm <grimm@linux.ibm.com>,
Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>,
Thiago Bauermann <bauerman@linux.ibm.com>,
Anshuman Khandual <khandual@linux.vnet.ibm.com>
Subject: Re: [PATCH v4 7/8] KVM: PPC: Ultravisor: Enter a secure guest
Date: Mon, 8 Jul 2019 17:52:44 -0300 [thread overview]
Message-ID: <97525c73-841b-8399-cfdb-8d4b0f115d8b@linux.ibm.com> (raw)
In-Reply-To: <fa038e6849738d21707bde46616d84ff@linux.vnet.ibm.com>
On 7/8/19 5:53 PM, janani wrote:
> On 2019-06-28 15:08, Claudio Carvalho wrote:
>> From: Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>
>>
>> To enter a secure guest, we have to go through the ultravisor, therefore
>> we do a ucall when we are entering a secure guest.
>>
>> This change is needed for any sort of entry to the secure guest from the
>> hypervisor, whether it is a return from an hcall, a return from a
>> hypervisor interrupt, or the first time that a secure guest vCPU is run.
>>
>> If we are returning from an hcall, the results are already in the
>> appropriate registers R3:12, except for R3, R6 and R7. R3 has the status
>> of the reflected hcall, therefore we move it to R0 for the ultravisor and
>> set R3 to the UV_RETURN ucall number. R6,7 were used as temporary
>> registers, hence we restore them.
>>
>> Have fast_guest_return check the kvm_arch.secure_guest field so that a
>> new CPU enters UV when started (in response to a RTAS start-cpu call).
>>
>> Thanks to input from Paul Mackerras, Ram Pai and Mike Anderson.
>>
>> Signed-off-by: Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>
>> [ Pass SRR1 in r11 for UV_RETURN, fix kvmppc_msr_interrupt to preserve
>> the MSR_S bit ]
>> Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
>> [ Fix UV_RETURN ucall number and arch.secure_guest check ]
>> Signed-off-by: Ram Pai <linuxram@us.ibm.com>
>> [ Save the actual R3 in R0 for the ultravisor and use R3 for the
>> UV_RETURN ucall number. Update commit message and ret_to_ultra comment ]
>> Signed-off-by: Claudio Carvalho <cclaudio@linux.ibm.com>
> Reviewed-by: Janani Janakiraman <janani@linux.ibm.com>
Thanks Janani for reviewing the patchset.
Claudio
>> ---
>> arch/powerpc/include/asm/kvm_host.h | 1 +
>> arch/powerpc/include/asm/ultravisor-api.h | 1 +
>> arch/powerpc/kernel/asm-offsets.c | 1 +
>> arch/powerpc/kvm/book3s_hv_rmhandlers.S | 40 +++++++++++++++++++----
>> 4 files changed, 37 insertions(+), 6 deletions(-)
>>
>> diff --git a/arch/powerpc/include/asm/kvm_host.h
>> b/arch/powerpc/include/asm/kvm_host.h
>> index 013c76a0a03e..184becb62ea4 100644
>> --- a/arch/powerpc/include/asm/kvm_host.h
>> +++ b/arch/powerpc/include/asm/kvm_host.h
>> @@ -294,6 +294,7 @@ struct kvm_arch {
>> cpumask_t cpu_in_guest;
>> u8 radix;
>> u8 fwnmi_enabled;
>> + u8 secure_guest;
>> bool threads_indep;
>> bool nested_enable;
>> pgd_t *pgtable;
>> diff --git a/arch/powerpc/include/asm/ultravisor-api.h
>> b/arch/powerpc/include/asm/ultravisor-api.h
>> index 141940771add..7c4d0b4ced12 100644
>> --- a/arch/powerpc/include/asm/ultravisor-api.h
>> +++ b/arch/powerpc/include/asm/ultravisor-api.h
>> @@ -19,5 +19,6 @@
>>
>> /* opcodes */
>> #define UV_WRITE_PATE 0xF104
>> +#define UV_RETURN 0xF11C
>>
>> #endif /* _ASM_POWERPC_ULTRAVISOR_API_H */
>> diff --git a/arch/powerpc/kernel/asm-offsets.c
>> b/arch/powerpc/kernel/asm-offsets.c
>> index 8e02444e9d3d..44742724513e 100644
>> --- a/arch/powerpc/kernel/asm-offsets.c
>> +++ b/arch/powerpc/kernel/asm-offsets.c
>> @@ -508,6 +508,7 @@ int main(void)
>> OFFSET(KVM_VRMA_SLB_V, kvm, arch.vrma_slb_v);
>> OFFSET(KVM_RADIX, kvm, arch.radix);
>> OFFSET(KVM_FWNMI, kvm, arch.fwnmi_enabled);
>> + OFFSET(KVM_SECURE_GUEST, kvm, arch.secure_guest);
>> OFFSET(VCPU_DSISR, kvm_vcpu, arch.shregs.dsisr);
>> OFFSET(VCPU_DAR, kvm_vcpu, arch.shregs.dar);
>> OFFSET(VCPU_VPA, kvm_vcpu, arch.vpa.pinned_addr);
>> diff --git a/arch/powerpc/kvm/book3s_hv_rmhandlers.S
>> b/arch/powerpc/kvm/book3s_hv_rmhandlers.S
>> index cffb365d9d02..89813ca987c2 100644
>> --- a/arch/powerpc/kvm/book3s_hv_rmhandlers.S
>> +++ b/arch/powerpc/kvm/book3s_hv_rmhandlers.S
>> @@ -36,6 +36,7 @@
>> #include <asm/asm-compat.h>
>> #include <asm/feature-fixups.h>
>> #include <asm/cpuidle.h>
>> +#include <asm/ultravisor-api.h>
>>
>> /* Sign-extend HDEC if not on POWER9 */
>> #define EXTEND_HDEC(reg) \
>> @@ -1092,16 +1093,12 @@ BEGIN_FTR_SECTION
>> END_FTR_SECTION_IFSET(CPU_FTR_HAS_PPR)
>>
>> ld r5, VCPU_LR(r4)
>> - ld r6, VCPU_CR(r4)
>> mtlr r5
>> - mtcr r6
>>
>> ld r1, VCPU_GPR(R1)(r4)
>> ld r2, VCPU_GPR(R2)(r4)
>> ld r3, VCPU_GPR(R3)(r4)
>> ld r5, VCPU_GPR(R5)(r4)
>> - ld r6, VCPU_GPR(R6)(r4)
>> - ld r7, VCPU_GPR(R7)(r4)
>> ld r8, VCPU_GPR(R8)(r4)
>> ld r9, VCPU_GPR(R9)(r4)
>> ld r10, VCPU_GPR(R10)(r4)
>> @@ -1119,10 +1116,38 @@ BEGIN_FTR_SECTION
>> mtspr SPRN_HDSISR, r0
>> END_FTR_SECTION_IFSET(CPU_FTR_ARCH_300)
>>
>> + ld r6, VCPU_KVM(r4)
>> + lbz r7, KVM_SECURE_GUEST(r6)
>> + cmpdi r7, 0
>> + bne ret_to_ultra
>> +
>> + lwz r6, VCPU_CR(r4)
>> + mtcr r6
>> +
>> + ld r7, VCPU_GPR(R7)(r4)
>> + ld r6, VCPU_GPR(R6)(r4)
>> ld r0, VCPU_GPR(R0)(r4)
>> ld r4, VCPU_GPR(R4)(r4)
>> HRFI_TO_GUEST
>> b .
>> +/*
>> + * We are entering a secure guest, so we have to invoke the ultravisor
>> to do
>> + * that. If we are returning from a hcall, the results are already in the
>> + * appropriate registers R3:12, except for R3, R6 and R7. R3 has the
>> status of
>> + * the reflected hcall, therefore we move it to R0 for the ultravisor
>> and set
>> + * R3 to the UV_RETURN ucall number. R6,7 were used as temporary registers
>> + * above, hence we restore them.
>> + */
>> +ret_to_ultra:
>> + lwz r6, VCPU_CR(r4)
>> + mtcr r6
>> + mfspr r11, SPRN_SRR1
>> + mr r0, r3
>> + LOAD_REG_IMMEDIATE(r3, UV_RETURN)
>> + ld r7, VCPU_GPR(R7)(r4)
>> + ld r6, VCPU_GPR(R6)(r4)
>> + ld r4, VCPU_GPR(R4)(r4)
>> + sc 2
>>
>> /*
>> * Enter the guest on a P9 or later system where we have exactly
>> @@ -3318,13 +3343,16 @@ END_MMU_FTR_SECTION_IFSET(MMU_FTR_TYPE_RADIX)
>> * r0 is used as a scratch register
>> */
>> kvmppc_msr_interrupt:
>> + andis. r0, r11, MSR_S@h
>> rldicl r0, r11, 64 - MSR_TS_S_LG, 62
>> - cmpwi r0, 2 /* Check if we are in transactional state.. */
>> + cmpwi cr1, r0, 2 /* Check if we are in transactional state.. */
>> ld r11, VCPU_INTR_MSR(r9)
>> - bne 1f
>> + bne cr1, 1f
>> /* ... if transactional, change to suspended */
>> li r0, 1
>> 1: rldimi r11, r0, MSR_TS_S_LG, 63 - MSR_TS_T_LG
>> + beqlr
>> + oris r11, r11, MSR_S@h /* preserve MSR_S bit setting */
>> blr
>>
>> /*
>
next prev parent reply other threads:[~2019-07-08 20:56 UTC|newest]
Thread overview: 49+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-28 20:08 [PATCH v4 0/8] kvmppc: Paravirtualize KVM to support ultravisor Claudio Carvalho
2019-06-28 20:08 ` [PATCH v4 1/8] KVM: PPC: Ultravisor: Introduce the MSR_S bit Claudio Carvalho
2019-07-08 17:38 ` janani
2019-07-11 12:57 ` Michael Ellerman
2019-07-12 0:59 ` Nicholas Piggin
2019-07-12 0:57 ` Nicholas Piggin
2019-07-12 6:29 ` Michael Ellerman
2019-07-12 21:07 ` Claudio Carvalho
2019-06-28 20:08 ` [PATCH v4 2/8] powerpc: Introduce FW_FEATURE_ULTRAVISOR Claudio Carvalho
2019-07-08 17:40 ` janani
2019-07-11 12:57 ` Michael Ellerman
2019-07-12 18:01 ` Claudio Carvalho
2019-07-15 4:10 ` Michael Ellerman
2019-06-28 20:08 ` [PATCH v4 3/8] KVM: PPC: Ultravisor: Add generic ultravisor call handler Claudio Carvalho
2019-07-08 17:55 ` janani
2019-07-11 12:57 ` Michael Ellerman
2019-07-13 17:42 ` Claudio Carvalho
2019-07-15 4:46 ` Michael Ellerman
2019-07-12 1:18 ` Nicholas Piggin
2019-06-28 20:08 ` [PATCH v4 4/8] KVM: PPC: Ultravisor: Use UV_WRITE_PATE ucall to register a PATE Claudio Carvalho
2019-07-08 17:57 ` janani
2019-07-11 12:57 ` Michael Ellerman
2019-07-17 14:59 ` Ryan Grimm
2019-07-18 21:25 ` Claudio Carvalho
2019-07-19 2:25 ` Michael Ellerman
2019-06-28 20:08 ` [PATCH v4 5/8] KVM: PPC: Ultravisor: Restrict flush of the partition tlb cache Claudio Carvalho
2019-07-01 5:54 ` Alexey Kardashevskiy
2019-07-08 20:05 ` Claudio Carvalho
2019-07-08 19:54 ` janani
2019-07-10 17:09 ` Ram Pai
2019-06-28 20:08 ` [PATCH v4 6/8] KVM: PPC: Ultravisor: Restrict LDBAR access Claudio Carvalho
2019-07-01 5:54 ` Alexey Kardashevskiy
2019-07-01 6:17 ` maddy
2019-07-01 6:30 ` Alexey Kardashevskiy
2019-07-01 6:46 ` Ram Pai
2019-07-13 17:56 ` Claudio Carvalho
2019-07-08 20:22 ` janani
2019-07-11 12:57 ` Michael Ellerman
2019-07-15 0:38 ` Claudio Carvalho
2019-06-28 20:08 ` [PATCH v4 7/8] KVM: PPC: Ultravisor: Enter a secure guest Claudio Carvalho
2019-07-08 20:53 ` janani
2019-07-08 20:52 ` Claudio Carvalho [this message]
2019-07-11 12:57 ` Michael Ellerman
2019-07-18 2:47 ` Sukadev Bhattiprolu
2019-07-22 11:05 ` Michael Ellerman
2019-07-12 2:03 ` Nicholas Piggin
2019-06-28 20:08 ` [PATCH v4 8/8] KVM: PPC: Ultravisor: Check for MSR_S during hv_reset_msr Claudio Carvalho
2019-07-08 20:54 ` janani
2019-07-11 12:57 ` Michael Ellerman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=97525c73-841b-8399-cfdb-8d4b0f115d8b@linux.ibm.com \
--to=cclaudio@linux.ibm.com \
--cc=andmike@linux.ibm.com \
--cc=bauerman@linux.ibm.com \
--cc=bharata@linux.ibm.com \
--cc=grimm@linux.ibm.com \
--cc=janani@linux.ibm.com \
--cc=khandual@linux.vnet.ibm.com \
--cc=kvm-ppc@vger.kernel.org \
--cc=linuxppc-dev@ozlabs.org \
--cc=linuxram@us.ibm.com \
--cc=maddy@linux.vnet.ibm.com \
--cc=sukadev@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).