From: Michael Mueller <mimu@linux.ibm.com>
To: KVM Mailing List <kvm@vger.kernel.org>,
Linux-S390 Mailing List <linux-s390@vger.kernel.org>,
Cornelia Huck <cohuck@redhat.com>,
Sebastian Ott <sebott@linux.ibm.com>,
Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: Halil Pasic <pasic@linux.ibm.com>,
virtualization@lists.linux-foundation.org,
"Michael S . Tsirkin" <mst@redhat.com>,
Christoph Hellwig <hch@infradead.org>,
Thomas Huth <thuth@redhat.com>,
Christian Borntraeger <borntraeger@de.ibm.com>,
Viktor Mihajlovski <mihajlov@linux.ibm.com>,
Vasily Gorbik <gor@linux.ibm.com>,
Janosch Frank <frankja@linux.ibm.com>,
Claudio Imbrenda <imbrenda@linux.ibm.com>,
Farhan Ali <alifm@linux.ibm.com>,
Eric Farman <farman@linux.ibm.com>,
Pierre Morel <pmorel@linux.ibm.com>,
Michael Mueller <mimu@linux.ibm.com>
Subject: [PATCH v2 1/8] s390/mm: force swiotlb for protected virtualization
Date: Thu, 23 May 2019 18:22:02 +0200 [thread overview]
Message-ID: <20190523162209.9543-2-mimu@linux.ibm.com> (raw)
In-Reply-To: <20190523162209.9543-1-mimu@linux.ibm.com>
From: Halil Pasic <pasic@linux.ibm.com>
On s390, protected virtualization guests have to use bounced I/O
buffers. That requires some plumbing.
Let us make sure, any device that uses DMA API with direct ops correctly
is spared from the problems, that a hypervisor attempting I/O to a
non-shared page would bring.
Signed-off-by: Halil Pasic <pasic@linux.ibm.com>
Reviewed-by: Claudio Imbrenda <imbrenda@linux.ibm.com>
---
arch/s390/Kconfig | 4 ++++
arch/s390/include/asm/mem_encrypt.h | 18 ++++++++++++++
arch/s390/mm/init.c | 47 +++++++++++++++++++++++++++++++++++++
3 files changed, 69 insertions(+)
create mode 100644 arch/s390/include/asm/mem_encrypt.h
diff --git a/arch/s390/Kconfig b/arch/s390/Kconfig
index 109243fdb6ec..88d8355b7bf7 100644
--- a/arch/s390/Kconfig
+++ b/arch/s390/Kconfig
@@ -1,4 +1,7 @@
# SPDX-License-Identifier: GPL-2.0
+config ARCH_HAS_MEM_ENCRYPT
+ def_bool y
+
config MMU
def_bool y
@@ -187,6 +190,7 @@ config S390
select VIRT_CPU_ACCOUNTING
select ARCH_HAS_SCALED_CPUTIME
select HAVE_NMI
+ select SWIOTLB
config SCHED_OMIT_FRAME_POINTER
diff --git a/arch/s390/include/asm/mem_encrypt.h b/arch/s390/include/asm/mem_encrypt.h
new file mode 100644
index 000000000000..0898c09a888c
--- /dev/null
+++ b/arch/s390/include/asm/mem_encrypt.h
@@ -0,0 +1,18 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+#ifndef S390_MEM_ENCRYPT_H__
+#define S390_MEM_ENCRYPT_H__
+
+#ifndef __ASSEMBLY__
+
+#define sme_me_mask 0ULL
+
+static inline bool sme_active(void) { return false; }
+extern bool sev_active(void);
+
+int set_memory_encrypted(unsigned long addr, int numpages);
+int set_memory_decrypted(unsigned long addr, int numpages);
+
+#endif /* __ASSEMBLY__ */
+
+#endif /* S390_MEM_ENCRYPT_H__ */
+
diff --git a/arch/s390/mm/init.c b/arch/s390/mm/init.c
index 14d1eae9fe43..f0bee6af3960 100644
--- a/arch/s390/mm/init.c
+++ b/arch/s390/mm/init.c
@@ -18,6 +18,7 @@
#include <linux/mman.h>
#include <linux/mm.h>
#include <linux/swap.h>
+#include <linux/swiotlb.h>
#include <linux/smp.h>
#include <linux/init.h>
#include <linux/pagemap.h>
@@ -29,6 +30,7 @@
#include <linux/export.h>
#include <linux/cma.h>
#include <linux/gfp.h>
+#include <linux/dma-mapping.h>
#include <asm/processor.h>
#include <linux/uaccess.h>
#include <asm/pgtable.h>
@@ -42,6 +44,8 @@
#include <asm/sclp.h>
#include <asm/set_memory.h>
#include <asm/kasan.h>
+#include <asm/dma-mapping.h>
+#include <asm/uv.h>
pgd_t swapper_pg_dir[PTRS_PER_PGD] __section(.bss..swapper_pg_dir);
@@ -128,6 +132,47 @@ void mark_rodata_ro(void)
pr_info("Write protected read-only-after-init data: %luk\n", size >> 10);
}
+int set_memory_encrypted(unsigned long addr, int numpages)
+{
+ int i;
+
+ /* make specified pages unshared, (swiotlb, dma_free) */
+ for (i = 0; i < numpages; ++i) {
+ uv_remove_shared(addr);
+ addr += PAGE_SIZE;
+ }
+ return 0;
+}
+
+int set_memory_decrypted(unsigned long addr, int numpages)
+{
+ int i;
+ /* make specified pages shared (swiotlb, dma_alloca) */
+ for (i = 0; i < numpages; ++i) {
+ uv_set_shared(addr);
+ addr += PAGE_SIZE;
+ }
+ return 0;
+}
+
+/* are we a protected virtualization guest? */
+bool sev_active(void)
+{
+ return is_prot_virt_guest();
+}
+
+/* protected virtualization */
+static void pv_init(void)
+{
+ if (!is_prot_virt_guest())
+ return;
+
+ /* make sure bounce buffers are shared */
+ swiotlb_init(1);
+ swiotlb_update_mem_attributes();
+ swiotlb_force = SWIOTLB_FORCE;
+}
+
void __init mem_init(void)
{
cpumask_set_cpu(0, &init_mm.context.cpu_attach_mask);
@@ -136,6 +181,8 @@ void __init mem_init(void)
set_max_mapnr(max_low_pfn);
high_memory = (void *) __va(max_low_pfn * PAGE_SIZE);
+ pv_init();
+
/* Setup guest page hinting */
cmma_init();
--
2.13.4
WARNING: multiple messages have this Message-ID (diff)
From: Michael Mueller <mimu@linux.ibm.com>
To: KVM Mailing List <kvm@vger.kernel.org>,
Linux-S390 Mailing List <linux-s390@vger.kernel.org>,
Cornelia Huck <cohuck@redhat.com>,
Sebastian Ott <sebott@linux.ibm.com>,
Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: Christoph Hellwig <hch@infradead.org>,
Thomas Huth <thuth@redhat.com>,
Claudio Imbrenda <imbrenda@linux.ibm.com>,
Janosch Frank <frankja@linux.ibm.com>,
Vasily Gorbik <gor@linux.ibm.com>,
"Michael S . Tsirkin" <mst@redhat.com>,
Pierre Morel <pmorel@linux.ibm.com>,
Farhan Ali <alifm@linux.ibm.com>,
Eric Farman <farman@linux.ibm.com>,
virtualization@lists.linux-foundation.org,
Halil Pasic <pasic@linux.ibm.com>,
Christian Borntraeger <borntraeger@de.ibm.com>,
Michael Mueller <mimu@linux.ibm.com>,
Viktor Mihajlovski <mihajlov@linux.ibm.com>
Subject: [PATCH v2 1/8] s390/mm: force swiotlb for protected virtualization
Date: Thu, 23 May 2019 18:22:02 +0200 [thread overview]
Message-ID: <20190523162209.9543-2-mimu@linux.ibm.com> (raw)
In-Reply-To: <20190523162209.9543-1-mimu@linux.ibm.com>
From: Halil Pasic <pasic@linux.ibm.com>
On s390, protected virtualization guests have to use bounced I/O
buffers. That requires some plumbing.
Let us make sure, any device that uses DMA API with direct ops correctly
is spared from the problems, that a hypervisor attempting I/O to a
non-shared page would bring.
Signed-off-by: Halil Pasic <pasic@linux.ibm.com>
Reviewed-by: Claudio Imbrenda <imbrenda@linux.ibm.com>
---
arch/s390/Kconfig | 4 ++++
arch/s390/include/asm/mem_encrypt.h | 18 ++++++++++++++
arch/s390/mm/init.c | 47 +++++++++++++++++++++++++++++++++++++
3 files changed, 69 insertions(+)
create mode 100644 arch/s390/include/asm/mem_encrypt.h
diff --git a/arch/s390/Kconfig b/arch/s390/Kconfig
index 109243fdb6ec..88d8355b7bf7 100644
--- a/arch/s390/Kconfig
+++ b/arch/s390/Kconfig
@@ -1,4 +1,7 @@
# SPDX-License-Identifier: GPL-2.0
+config ARCH_HAS_MEM_ENCRYPT
+ def_bool y
+
config MMU
def_bool y
@@ -187,6 +190,7 @@ config S390
select VIRT_CPU_ACCOUNTING
select ARCH_HAS_SCALED_CPUTIME
select HAVE_NMI
+ select SWIOTLB
config SCHED_OMIT_FRAME_POINTER
diff --git a/arch/s390/include/asm/mem_encrypt.h b/arch/s390/include/asm/mem_encrypt.h
new file mode 100644
index 000000000000..0898c09a888c
--- /dev/null
+++ b/arch/s390/include/asm/mem_encrypt.h
@@ -0,0 +1,18 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+#ifndef S390_MEM_ENCRYPT_H__
+#define S390_MEM_ENCRYPT_H__
+
+#ifndef __ASSEMBLY__
+
+#define sme_me_mask 0ULL
+
+static inline bool sme_active(void) { return false; }
+extern bool sev_active(void);
+
+int set_memory_encrypted(unsigned long addr, int numpages);
+int set_memory_decrypted(unsigned long addr, int numpages);
+
+#endif /* __ASSEMBLY__ */
+
+#endif /* S390_MEM_ENCRYPT_H__ */
+
diff --git a/arch/s390/mm/init.c b/arch/s390/mm/init.c
index 14d1eae9fe43..f0bee6af3960 100644
--- a/arch/s390/mm/init.c
+++ b/arch/s390/mm/init.c
@@ -18,6 +18,7 @@
#include <linux/mman.h>
#include <linux/mm.h>
#include <linux/swap.h>
+#include <linux/swiotlb.h>
#include <linux/smp.h>
#include <linux/init.h>
#include <linux/pagemap.h>
@@ -29,6 +30,7 @@
#include <linux/export.h>
#include <linux/cma.h>
#include <linux/gfp.h>
+#include <linux/dma-mapping.h>
#include <asm/processor.h>
#include <linux/uaccess.h>
#include <asm/pgtable.h>
@@ -42,6 +44,8 @@
#include <asm/sclp.h>
#include <asm/set_memory.h>
#include <asm/kasan.h>
+#include <asm/dma-mapping.h>
+#include <asm/uv.h>
pgd_t swapper_pg_dir[PTRS_PER_PGD] __section(.bss..swapper_pg_dir);
@@ -128,6 +132,47 @@ void mark_rodata_ro(void)
pr_info("Write protected read-only-after-init data: %luk\n", size >> 10);
}
+int set_memory_encrypted(unsigned long addr, int numpages)
+{
+ int i;
+
+ /* make specified pages unshared, (swiotlb, dma_free) */
+ for (i = 0; i < numpages; ++i) {
+ uv_remove_shared(addr);
+ addr += PAGE_SIZE;
+ }
+ return 0;
+}
+
+int set_memory_decrypted(unsigned long addr, int numpages)
+{
+ int i;
+ /* make specified pages shared (swiotlb, dma_alloca) */
+ for (i = 0; i < numpages; ++i) {
+ uv_set_shared(addr);
+ addr += PAGE_SIZE;
+ }
+ return 0;
+}
+
+/* are we a protected virtualization guest? */
+bool sev_active(void)
+{
+ return is_prot_virt_guest();
+}
+
+/* protected virtualization */
+static void pv_init(void)
+{
+ if (!is_prot_virt_guest())
+ return;
+
+ /* make sure bounce buffers are shared */
+ swiotlb_init(1);
+ swiotlb_update_mem_attributes();
+ swiotlb_force = SWIOTLB_FORCE;
+}
+
void __init mem_init(void)
{
cpumask_set_cpu(0, &init_mm.context.cpu_attach_mask);
@@ -136,6 +181,8 @@ void __init mem_init(void)
set_max_mapnr(max_low_pfn);
high_memory = (void *) __va(max_low_pfn * PAGE_SIZE);
+ pv_init();
+
/* Setup guest page hinting */
cmma_init();
--
2.13.4
next prev parent reply other threads:[~2019-05-23 16:22 UTC|newest]
Thread overview: 72+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-05-23 16:22 [PATCH v2 0/8] s390: virtio: support protected virtualization Michael Mueller
2019-05-23 16:22 ` Michael Mueller
2019-05-23 16:22 ` Michael Mueller [this message]
2019-05-23 16:22 ` [PATCH v2 1/8] s390/mm: force swiotlb for " Michael Mueller
2019-05-23 16:22 ` [PATCH v2 2/8] s390/cio: introduce DMA pools to cio Michael Mueller
2019-05-23 16:22 ` Michael Mueller
2019-05-25 9:22 ` Sebastian Ott
2019-05-25 9:22 ` Sebastian Ott
2019-05-27 11:26 ` Michael Mueller
2019-05-27 11:26 ` Michael Mueller
2019-05-27 6:57 ` Cornelia Huck
2019-05-27 6:57 ` Cornelia Huck
2019-05-27 11:47 ` Halil Pasic
2019-05-27 11:47 ` Halil Pasic
2019-05-27 12:06 ` Cornelia Huck
2019-05-27 12:06 ` Cornelia Huck
2019-05-27 12:00 ` Michael Mueller
2019-05-27 12:00 ` Michael Mueller
2019-05-23 16:22 ` [PATCH v2 3/8] s390/cio: add basic protected virtualization support Michael Mueller
2019-05-23 16:22 ` Michael Mueller
2019-05-25 9:44 ` Sebastian Ott
2019-05-25 9:44 ` Sebastian Ott
2019-05-27 15:01 ` Michael Mueller
2019-05-27 15:01 ` Michael Mueller
2019-05-27 10:38 ` Cornelia Huck
2019-05-27 10:38 ` Cornelia Huck
2019-05-27 12:15 ` Michael Mueller
2019-05-27 12:15 ` Michael Mueller
2019-05-27 12:30 ` Halil Pasic
2019-05-27 12:30 ` Halil Pasic
2019-05-27 13:31 ` Cornelia Huck
2019-05-27 13:31 ` Cornelia Huck
2019-05-29 12:24 ` Michael Mueller
2019-05-29 12:24 ` Michael Mueller
2019-05-29 12:30 ` Cornelia Huck
2019-05-29 12:30 ` Cornelia Huck
2019-05-23 16:22 ` [PATCH v2 4/8] s390/airq: use DMA memory for adapter interrupts Michael Mueller
2019-05-23 16:22 ` Michael Mueller
2019-05-25 9:51 ` Sebastian Ott
2019-05-25 9:51 ` Sebastian Ott
2019-05-27 10:53 ` Cornelia Huck
2019-05-27 10:53 ` Cornelia Huck
2019-05-23 16:22 ` [PATCH v2 5/8] virtio/s390: use cacheline aligned airq bit vectors Michael Mueller
2019-05-23 16:22 ` Michael Mueller
2019-05-27 10:55 ` Cornelia Huck
2019-05-27 10:55 ` Cornelia Huck
2019-05-27 12:03 ` Halil Pasic
2019-05-27 12:03 ` Halil Pasic
2019-05-23 16:22 ` [PATCH v2 6/8] virtio/s390: add indirection to indicators access Michael Mueller
2019-05-23 16:22 ` Michael Mueller
2019-05-27 11:00 ` Cornelia Huck
2019-05-27 11:00 ` Cornelia Huck
2019-05-27 11:57 ` Halil Pasic
2019-05-27 11:57 ` Halil Pasic
2019-05-27 12:10 ` Cornelia Huck
2019-05-27 12:10 ` Cornelia Huck
2019-05-29 11:05 ` Michael Mueller
2019-05-29 11:05 ` Michael Mueller
2019-05-23 16:22 ` [PATCH v2 7/8] virtio/s390: use DMA memory for ccw I/O and classic notifiers Michael Mueller
2019-05-23 16:22 ` Michael Mueller
2019-05-27 11:49 ` Cornelia Huck
2019-05-27 11:49 ` Cornelia Huck
2019-05-23 16:22 ` [PATCH v2 8/8] virtio/s390: make airq summary indicators DMA Michael Mueller
2019-05-23 16:22 ` Michael Mueller
2019-05-27 12:00 ` Cornelia Huck
2019-05-27 12:00 ` Cornelia Huck
2019-05-28 14:33 ` Halil Pasic
2019-05-28 14:33 ` Halil Pasic
2019-05-28 14:56 ` Cornelia Huck
2019-05-28 14:56 ` Cornelia Huck
2019-05-28 14:58 ` Michael Mueller
2019-05-28 14:58 ` Michael Mueller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190523162209.9543-2-mimu@linux.ibm.com \
--to=mimu@linux.ibm.com \
--cc=alifm@linux.ibm.com \
--cc=borntraeger@de.ibm.com \
--cc=cohuck@redhat.com \
--cc=farman@linux.ibm.com \
--cc=frankja@linux.ibm.com \
--cc=gor@linux.ibm.com \
--cc=hch@infradead.org \
--cc=heiko.carstens@de.ibm.com \
--cc=imbrenda@linux.ibm.com \
--cc=kvm@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
--cc=mihajlov@linux.ibm.com \
--cc=mst@redhat.com \
--cc=pasic@linux.ibm.com \
--cc=pmorel@linux.ibm.com \
--cc=sebott@linux.ibm.com \
--cc=thuth@redhat.com \
--cc=virtualization@lists.linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.