From: Halil Pasic <pasic@linux.ibm.com> To: kvm@vger.kernel.org, linux-s390@vger.kernel.org, Cornelia Huck <cohuck@redhat.com>, Martin Schwidefsky <schwidefsky@de.ibm.com>, Sebastian Ott <sebott@linux.ibm.com> Cc: Halil Pasic <pasic@linux.ibm.com>, virtualization@lists.linux-foundation.org, "Michael S. Tsirkin" <mst@redhat.com>, Christoph Hellwig <hch@infradead.org>, Thomas Huth <thuth@redhat.com>, Christian Borntraeger <borntraeger@de.ibm.com>, Viktor Mihajlovski <mihajlov@linux.ibm.com>, Vasily Gorbik <gor@linux.ibm.com>, Janosch Frank <frankja@linux.ibm.com>, Claudio Imbrenda <imbrenda@linux.ibm.com>, Farhan Ali <alifm@linux.ibm.com>, Eric Farman <farman@linux.ibm.com> Subject: [PATCH 00/10] s390: virtio: support protected virtualization Date: Fri, 26 Apr 2019 20:32:35 +0200 [thread overview] Message-ID: <20190426183245.37939-1-pasic@linux.ibm.com> (raw) Enhanced virtualization protection technology may require the use of bounce buffers for I/O. While support for this was built into the virtio core, virtio-ccw wasn't changed accordingly. Some background on technology (not part of this series) and the terminology used. * Protected Virtualization (PV): Protected Virtualization guarantees, that non-shared memory of a guest that operates in PV mode private to that guest. I.e. any attempts by the hypervisor or other guests to access it will result in an exception. If supported by the environment (machine, KVM, guest VM) a guest can decide to change into PV mode by doing the appropriate ultravisor calls. Unlike some other enhanced virtualization protection technology, * Ultravisor: A hardware/firmware entity that manages PV guests, and polices access to their memory. A PV guest prospect needs to interact with the ultravisor, to enter PV mode, and potentially to share pages (for I/O which should be encrypted by the guest). A guest interacts with the ultravisor via so called ultravisor calls. A hypervisor needs to interact with the ultravisor to facilitate interpretation, emulation and swapping. A hypervisor interacts with the ultravisor via ultravisor calls and via the SIE state description. Generally the ultravisor sanitizes hypervisor inputs so that the guest can not be corrupted (except for denial of service. What needs to be done ===================== Thus what needs to be done to bring virtio-ccw up to speed with respect to protected virtualization is: * use some 'new' common virtio stuff * make sure that virtio-ccw specific stuff uses shared memory when talking to the hypervisor (except control/communication blocks like ORB, these are handled by the ultravisor) * make sure the DMA API does what is necessary to talk through shared memory if we are a protected virtualization guest. * make sure the common IO layer plays along as well (airqs, sense). Important notes ================ * This patch set is based on Martins features branch (git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux.git branch 'features'). * Documentation is still very sketchy. I'm committed to improving this, but I'm currently hampered by some dependencies currently. * The existing naming in the common infrastructure (kernel internal interfaces) is pretty much based on the AMD SEV terminology. Thus the names aren't always perfect. There might be merit to changing these names to more abstract ones. I did not put much thought into that at the current stage. * Testing: Please use iommu_platform=on for any virtio devices you are going to test this code with (so virtio actually uses the DMA API). Change log ========== RFC --> v1: * Fixed bugs found by Connie (may_reduce and handling reduced, warning, split move -- thanks Connie!). * Fixed console bug found by Sebastian (thanks Sebastian!). * Removed the completely useless duplicate of dma-mapping.h spotted by Christoph (thanks Christoph!). * Don't use the global DMA pool for subchannel and ccw device owned memory as requested by Sebastian. Consequences: * Both subchannel and ccw devices have their dma masks now (both specifying 31 bit addressable) * We require at least 2 DMA pages per ccw device now, most of this memory is wasted though. * DMA memory allocated by virtio is also 31 bit addressable now as virtio uses the parent (which is the ccw device). * Enabled packed ring. * Rebased onto Martins feature branch; using the actual uv (ultravisor) interface instead of TODO comments. * Added some explanations to the cover letter (Connie, David). * Squashed a couple of patches together and fixed some text stuff. Looking forward to your review, or any other type of input. Halil Pasic (10): virtio/s390: use vring_create_virtqueue virtio/s390: DMA support for virtio-ccw virtio/s390: enable packed ring s390/mm: force swiotlb for protected virtualization s390/cio: introduce DMA pools to cio s390/cio: add basic protected virtualization support s390/airq: use DMA memory for adapter interrupts virtio/s390: add indirection to indicators access virtio/s390: use DMA memory for ccw I/O and classic notifiers virtio/s390: make airq summary indicators DMA arch/s390/Kconfig | 5 + arch/s390/include/asm/airq.h | 2 + arch/s390/include/asm/ccwdev.h | 4 + arch/s390/include/asm/cio.h | 11 ++ arch/s390/include/asm/mem_encrypt.h | 18 +++ arch/s390/mm/init.c | 50 +++++++ drivers/s390/cio/airq.c | 18 ++- drivers/s390/cio/ccwreq.c | 8 +- drivers/s390/cio/cio.h | 1 + drivers/s390/cio/css.c | 101 +++++++++++++ drivers/s390/cio/device.c | 65 +++++++-- drivers/s390/cio/device_fsm.c | 40 +++--- drivers/s390/cio/device_id.c | 18 +-- drivers/s390/cio/device_ops.c | 21 ++- drivers/s390/cio/device_pgid.c | 20 +-- drivers/s390/cio/device_status.c | 24 ++-- drivers/s390/cio/io_sch.h | 21 ++- drivers/s390/virtio/virtio_ccw.c | 275 +++++++++++++++++++----------------- include/linux/virtio.h | 17 --- 19 files changed, 499 insertions(+), 220 deletions(-) create mode 100644 arch/s390/include/asm/mem_encrypt.h -- 2.16.4
WARNING: multiple messages have this Message-ID (diff)
From: Halil Pasic <pasic@linux.ibm.com> To: kvm@vger.kernel.org, linux-s390@vger.kernel.org, Cornelia Huck <cohuck@redhat.com>, Martin Schwidefsky <schwidefsky@de.ibm.com>, Sebastian Ott <sebott@linux.ibm.com> Cc: Christoph Hellwig <hch@infradead.org>, Thomas Huth <thuth@redhat.com>, Claudio Imbrenda <imbrenda@linux.ibm.com>, Janosch Frank <frankja@linux.ibm.com>, Vasily Gorbik <gor@linux.ibm.com>, "Michael S. Tsirkin" <mst@redhat.com>, Farhan Ali <alifm@linux.ibm.com>, Eric Farman <farman@linux.ibm.com>, virtualization@lists.linux-foundation.org, Halil Pasic <pasic@linux.ibm.com>, Viktor Mihajlovski <mihajlov@linux.ibm.com> Subject: [PATCH 00/10] s390: virtio: support protected virtualization Date: Fri, 26 Apr 2019 20:32:35 +0200 [thread overview] Message-ID: <20190426183245.37939-1-pasic@linux.ibm.com> (raw) Enhanced virtualization protection technology may require the use of bounce buffers for I/O. While support for this was built into the virtio core, virtio-ccw wasn't changed accordingly. Some background on technology (not part of this series) and the terminology used. * Protected Virtualization (PV): Protected Virtualization guarantees, that non-shared memory of a guest that operates in PV mode private to that guest. I.e. any attempts by the hypervisor or other guests to access it will result in an exception. If supported by the environment (machine, KVM, guest VM) a guest can decide to change into PV mode by doing the appropriate ultravisor calls. Unlike some other enhanced virtualization protection technology, * Ultravisor: A hardware/firmware entity that manages PV guests, and polices access to their memory. A PV guest prospect needs to interact with the ultravisor, to enter PV mode, and potentially to share pages (for I/O which should be encrypted by the guest). A guest interacts with the ultravisor via so called ultravisor calls. A hypervisor needs to interact with the ultravisor to facilitate interpretation, emulation and swapping. A hypervisor interacts with the ultravisor via ultravisor calls and via the SIE state description. Generally the ultravisor sanitizes hypervisor inputs so that the guest can not be corrupted (except for denial of service. What needs to be done ===================== Thus what needs to be done to bring virtio-ccw up to speed with respect to protected virtualization is: * use some 'new' common virtio stuff * make sure that virtio-ccw specific stuff uses shared memory when talking to the hypervisor (except control/communication blocks like ORB, these are handled by the ultravisor) * make sure the DMA API does what is necessary to talk through shared memory if we are a protected virtualization guest. * make sure the common IO layer plays along as well (airqs, sense). Important notes ================ * This patch set is based on Martins features branch (git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux.git branch 'features'). * Documentation is still very sketchy. I'm committed to improving this, but I'm currently hampered by some dependencies currently. * The existing naming in the common infrastructure (kernel internal interfaces) is pretty much based on the AMD SEV terminology. Thus the names aren't always perfect. There might be merit to changing these names to more abstract ones. I did not put much thought into that at the current stage. * Testing: Please use iommu_platform=on for any virtio devices you are going to test this code with (so virtio actually uses the DMA API). Change log ========== RFC --> v1: * Fixed bugs found by Connie (may_reduce and handling reduced, warning, split move -- thanks Connie!). * Fixed console bug found by Sebastian (thanks Sebastian!). * Removed the completely useless duplicate of dma-mapping.h spotted by Christoph (thanks Christoph!). * Don't use the global DMA pool for subchannel and ccw device owned memory as requested by Sebastian. Consequences: * Both subchannel and ccw devices have their dma masks now (both specifying 31 bit addressable) * We require at least 2 DMA pages per ccw device now, most of this memory is wasted though. * DMA memory allocated by virtio is also 31 bit addressable now as virtio uses the parent (which is the ccw device). * Enabled packed ring. * Rebased onto Martins feature branch; using the actual uv (ultravisor) interface instead of TODO comments. * Added some explanations to the cover letter (Connie, David). * Squashed a couple of patches together and fixed some text stuff. Looking forward to your review, or any other type of input. Halil Pasic (10): virtio/s390: use vring_create_virtqueue virtio/s390: DMA support for virtio-ccw virtio/s390: enable packed ring s390/mm: force swiotlb for protected virtualization s390/cio: introduce DMA pools to cio s390/cio: add basic protected virtualization support s390/airq: use DMA memory for adapter interrupts virtio/s390: add indirection to indicators access virtio/s390: use DMA memory for ccw I/O and classic notifiers virtio/s390: make airq summary indicators DMA arch/s390/Kconfig | 5 + arch/s390/include/asm/airq.h | 2 + arch/s390/include/asm/ccwdev.h | 4 + arch/s390/include/asm/cio.h | 11 ++ arch/s390/include/asm/mem_encrypt.h | 18 +++ arch/s390/mm/init.c | 50 +++++++ drivers/s390/cio/airq.c | 18 ++- drivers/s390/cio/ccwreq.c | 8 +- drivers/s390/cio/cio.h | 1 + drivers/s390/cio/css.c | 101 +++++++++++++ drivers/s390/cio/device.c | 65 +++++++-- drivers/s390/cio/device_fsm.c | 40 +++--- drivers/s390/cio/device_id.c | 18 +-- drivers/s390/cio/device_ops.c | 21 ++- drivers/s390/cio/device_pgid.c | 20 +-- drivers/s390/cio/device_status.c | 24 ++-- drivers/s390/cio/io_sch.h | 21 ++- drivers/s390/virtio/virtio_ccw.c | 275 +++++++++++++++++++----------------- include/linux/virtio.h | 17 --- 19 files changed, 499 insertions(+), 220 deletions(-) create mode 100644 arch/s390/include/asm/mem_encrypt.h -- 2.16.4
next reply other threads:[~2019-04-26 18:32 UTC|newest] Thread overview: 182+ messages / expand[flat|nested] mbox.gz Atom feed top 2019-04-26 18:32 Halil Pasic [this message] 2019-04-26 18:32 ` [PATCH 00/10] s390: virtio: support protected virtualization Halil Pasic 2019-04-26 18:32 ` [PATCH 01/10] virtio/s390: use vring_create_virtqueue Halil Pasic 2019-04-26 18:32 ` Halil Pasic 2019-05-03 9:17 ` Cornelia Huck 2019-05-03 20:04 ` Michael S. Tsirkin 2019-05-03 20:04 ` Michael S. Tsirkin 2019-05-04 14:03 ` Halil Pasic 2019-05-04 14:03 ` Halil Pasic 2019-05-05 11:15 ` Cornelia Huck 2019-05-05 11:15 ` Cornelia Huck 2019-05-07 13:58 ` Christian Borntraeger 2019-05-07 13:58 ` Christian Borntraeger 2019-05-08 20:12 ` Halil Pasic 2019-05-08 20:12 ` Halil Pasic 2019-05-10 14:07 ` Cornelia Huck 2019-05-10 14:07 ` Cornelia Huck 2019-05-12 16:47 ` Michael S. Tsirkin 2019-05-12 16:47 ` Michael S. Tsirkin 2019-05-13 9:52 ` Cornelia Huck 2019-05-13 9:52 ` Cornelia Huck 2019-05-13 12:27 ` Michael Mueller 2019-05-13 12:27 ` Michael Mueller 2019-05-13 12:29 ` Cornelia Huck 2019-05-13 12:29 ` Cornelia Huck 2019-04-26 18:32 ` [PATCH 02/10] virtio/s390: DMA support for virtio-ccw Halil Pasic 2019-04-26 18:32 ` Halil Pasic 2019-05-03 9:31 ` Cornelia Huck 2019-04-26 18:32 ` [PATCH 03/10] virtio/s390: enable packed ring Halil Pasic 2019-04-26 18:32 ` Halil Pasic 2019-05-03 9:44 ` Cornelia Huck 2019-05-05 15:13 ` Thomas Huth 2019-05-05 15:13 ` Thomas Huth 2019-04-26 18:32 ` [PATCH 04/10] s390/mm: force swiotlb for protected virtualization Halil Pasic 2019-04-26 18:32 ` Halil Pasic 2019-04-26 19:27 ` Christoph Hellwig 2019-04-26 19:27 ` Christoph Hellwig 2019-04-29 13:59 ` Halil Pasic 2019-04-29 13:59 ` Halil Pasic 2019-04-29 14:05 ` Christian Borntraeger 2019-04-29 14:05 ` Christian Borntraeger 2019-05-13 12:50 ` Michael Mueller 2019-05-13 12:50 ` Michael Mueller 2019-05-08 13:15 ` Claudio Imbrenda 2019-05-08 13:15 ` Claudio Imbrenda 2019-05-09 22:34 ` Halil Pasic 2019-05-09 22:34 ` Halil Pasic 2019-05-15 14:15 ` Michael Mueller 2019-05-15 14:15 ` Michael Mueller [not found] ` <ad23f5e7-dc78-04af-c892-47bbc65134c6@linux.ibm.com> 2019-05-09 18:05 ` Jason J. Herne 2019-05-09 18:05 ` Jason J. Herne 2019-05-09 18:05 ` Jason J. Herne 2019-05-10 7:49 ` Claudio Imbrenda 2019-05-10 7:49 ` Claudio Imbrenda 2019-04-26 18:32 ` [PATCH 05/10] s390/cio: introduce DMA pools to cio Halil Pasic 2019-04-26 18:32 ` Halil Pasic 2019-05-08 13:18 ` Sebastian Ott 2019-05-08 13:18 ` Sebastian Ott 2019-05-08 21:22 ` Halil Pasic 2019-05-08 21:22 ` Halil Pasic 2019-05-09 8:40 ` Sebastian Ott 2019-05-09 8:40 ` Sebastian Ott 2019-05-09 10:11 ` Cornelia Huck 2019-05-09 10:11 ` Cornelia Huck 2019-05-09 22:11 ` Halil Pasic 2019-05-09 22:11 ` Halil Pasic 2019-05-10 14:10 ` Cornelia Huck 2019-05-10 14:10 ` Cornelia Huck 2019-05-12 18:22 ` Halil Pasic 2019-05-12 18:22 ` Halil Pasic 2019-05-13 13:29 ` Cornelia Huck 2019-05-13 13:29 ` Cornelia Huck 2019-05-15 17:12 ` Halil Pasic 2019-05-15 17:12 ` Halil Pasic 2019-05-16 6:13 ` Cornelia Huck 2019-05-16 6:13 ` Cornelia Huck 2019-05-16 13:59 ` Sebastian Ott 2019-05-16 13:59 ` Sebastian Ott 2019-05-20 12:13 ` Halil Pasic 2019-05-20 12:13 ` Halil Pasic 2019-05-21 8:46 ` Michael Mueller 2019-05-21 8:46 ` Michael Mueller 2019-05-22 12:07 ` Sebastian Ott 2019-05-22 12:07 ` Sebastian Ott 2019-05-22 22:12 ` Halil Pasic 2019-05-22 22:12 ` Halil Pasic 2019-05-23 15:17 ` Halil Pasic 2019-05-23 15:17 ` Halil Pasic 2019-04-26 18:32 ` [PATCH 06/10] s390/cio: add basic protected virtualization support Halil Pasic 2019-04-26 18:32 ` Halil Pasic 2019-05-08 13:46 ` Sebastian Ott 2019-05-08 13:46 ` Sebastian Ott 2019-05-08 13:54 ` Christoph Hellwig 2019-05-08 13:54 ` Christoph Hellwig 2019-05-08 21:08 ` Halil Pasic 2019-05-08 21:08 ` Halil Pasic 2019-05-09 8:52 ` Sebastian Ott 2019-05-09 8:52 ` Sebastian Ott 2019-05-08 14:23 ` Pierre Morel 2019-05-08 14:23 ` Pierre Morel 2019-05-13 9:41 ` Cornelia Huck 2019-05-13 9:41 ` Cornelia Huck 2019-05-14 14:47 ` Jason J. Herne 2019-05-14 14:47 ` Jason J. Herne 2019-05-15 21:08 ` Halil Pasic 2019-05-15 21:08 ` Halil Pasic 2019-05-16 6:32 ` Cornelia Huck 2019-05-16 6:32 ` Cornelia Huck 2019-05-16 13:42 ` Halil Pasic 2019-05-16 13:42 ` Halil Pasic 2019-05-16 13:54 ` Cornelia Huck 2019-05-16 13:54 ` Cornelia Huck 2019-05-15 20:51 ` Halil Pasic 2019-05-15 20:51 ` Halil Pasic 2019-05-16 6:29 ` Cornelia Huck 2019-05-16 6:29 ` Cornelia Huck 2019-05-18 18:11 ` Halil Pasic 2019-05-18 18:11 ` Halil Pasic 2019-05-20 10:21 ` Cornelia Huck 2019-05-20 10:21 ` Cornelia Huck 2019-05-20 12:34 ` Halil Pasic 2019-05-20 12:34 ` Halil Pasic 2019-05-20 13:43 ` Cornelia Huck 2019-05-20 13:43 ` Cornelia Huck 2019-04-26 18:32 ` [PATCH 07/10] s390/airq: use DMA memory for adapter interrupts Halil Pasic 2019-04-26 18:32 ` Halil Pasic 2019-05-08 13:58 ` Sebastian Ott 2019-05-08 13:58 ` Sebastian Ott 2019-05-09 11:37 ` Cornelia Huck 2019-05-09 11:37 ` Cornelia Huck 2019-05-13 12:59 ` Cornelia Huck 2019-05-13 12:59 ` Cornelia Huck 2019-04-26 18:32 ` [PATCH 08/10] virtio/s390: add indirection to indicators access Halil Pasic 2019-04-26 18:32 ` Halil Pasic 2019-05-08 14:31 ` Pierre Morel 2019-05-08 14:31 ` Pierre Morel 2019-05-09 12:01 ` Pierre Morel 2019-05-09 12:01 ` Pierre Morel 2019-05-09 18:26 ` Halil Pasic 2019-05-09 18:26 ` Halil Pasic 2019-05-10 7:43 ` Pierre Morel 2019-05-10 7:43 ` Pierre Morel 2019-05-10 11:54 ` Halil Pasic 2019-05-10 11:54 ` Halil Pasic 2019-05-10 15:36 ` Pierre Morel 2019-05-10 15:36 ` Pierre Morel 2019-05-13 10:15 ` Cornelia Huck 2019-05-13 10:15 ` Cornelia Huck 2019-05-16 15:24 ` Pierre Morel 2019-05-16 15:24 ` Pierre Morel 2019-04-26 18:32 ` [PATCH 09/10] virtio/s390: use DMA memory for ccw I/O and classic notifiers Halil Pasic 2019-04-26 18:32 ` Halil Pasic 2019-05-08 14:46 ` Pierre Morel 2019-05-08 14:46 ` Pierre Morel 2019-05-09 13:30 ` Pierre Morel 2019-05-09 13:30 ` Pierre Morel 2019-05-09 18:30 ` Halil Pasic 2019-05-09 18:30 ` Halil Pasic 2019-05-13 13:54 ` Cornelia Huck 2019-05-13 13:54 ` Cornelia Huck 2019-04-26 18:32 ` [PATCH 10/10] virtio/s390: make airq summary indicators DMA Halil Pasic 2019-04-26 18:32 ` Halil Pasic 2019-05-08 15:11 ` Pierre Morel 2019-05-08 15:11 ` Pierre Morel 2019-05-15 13:33 ` Michael Mueller 2019-05-15 13:33 ` Michael Mueller 2019-05-15 17:23 ` Halil Pasic 2019-05-15 17:23 ` Halil Pasic 2019-05-13 12:20 ` Cornelia Huck 2019-05-13 12:20 ` Cornelia Huck 2019-05-15 13:43 ` Michael Mueller 2019-05-15 13:43 ` Michael Mueller 2019-05-15 13:50 ` Cornelia Huck 2019-05-15 13:50 ` Cornelia Huck 2019-05-15 17:18 ` Halil Pasic 2019-05-15 17:18 ` Halil Pasic 2019-05-03 9:55 ` [PATCH 00/10] s390: virtio: support protected virtualization Cornelia Huck 2019-05-03 10:03 ` Juergen Gross 2019-05-03 13:33 ` Cornelia Huck 2019-05-03 13:33 ` Cornelia Huck 2019-05-04 13:58 ` Halil Pasic 2019-05-04 13:58 ` Halil Pasic
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20190426183245.37939-1-pasic@linux.ibm.com \ --to=pasic@linux.ibm.com \ --cc=alifm@linux.ibm.com \ --cc=borntraeger@de.ibm.com \ --cc=cohuck@redhat.com \ --cc=farman@linux.ibm.com \ --cc=frankja@linux.ibm.com \ --cc=gor@linux.ibm.com \ --cc=hch@infradead.org \ --cc=imbrenda@linux.ibm.com \ --cc=kvm@vger.kernel.org \ --cc=linux-s390@vger.kernel.org \ --cc=mihajlov@linux.ibm.com \ --cc=mst@redhat.com \ --cc=schwidefsky@de.ibm.com \ --cc=sebott@linux.ibm.com \ --cc=thuth@redhat.com \ --cc=virtualization@lists.linux-foundation.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.