From: Michael Mueller <mimu@linux.ibm.com> To: KVM Mailing List <kvm@vger.kernel.org>, Linux-S390 Mailing List <linux-s390@vger.kernel.org>, Cornelia Huck <cohuck@redhat.com>, Sebastian Ott <sebott@linux.ibm.com>, Heiko Carstens <heiko.carstens@de.ibm.com> Cc: Halil Pasic <pasic@linux.ibm.com>, virtualization@lists.linux-foundation.org, "Michael S . Tsirkin" <mst@redhat.com>, Christoph Hellwig <hch@infradead.org>, Thomas Huth <thuth@redhat.com>, Christian Borntraeger <borntraeger@de.ibm.com>, Viktor Mihajlovski <mihajlov@linux.ibm.com>, Vasily Gorbik <gor@linux.ibm.com>, Janosch Frank <frankja@linux.ibm.com>, Claudio Imbrenda <imbrenda@linux.ibm.com>, Farhan Ali <alifm@linux.ibm.com>, Eric Farman <farman@linux.ibm.com>, Pierre Morel <pmorel@linux.ibm.com>, Michael Mueller <mimu@linux.ibm.com> Subject: [PATCH v2 1/8] s390/mm: force swiotlb for protected virtualization Date: Thu, 23 May 2019 18:22:02 +0200 [thread overview] Message-ID: <20190523162209.9543-2-mimu@linux.ibm.com> (raw) In-Reply-To: <20190523162209.9543-1-mimu@linux.ibm.com> From: Halil Pasic <pasic@linux.ibm.com> On s390, protected virtualization guests have to use bounced I/O buffers. That requires some plumbing. Let us make sure, any device that uses DMA API with direct ops correctly is spared from the problems, that a hypervisor attempting I/O to a non-shared page would bring. Signed-off-by: Halil Pasic <pasic@linux.ibm.com> Reviewed-by: Claudio Imbrenda <imbrenda@linux.ibm.com> --- arch/s390/Kconfig | 4 ++++ arch/s390/include/asm/mem_encrypt.h | 18 ++++++++++++++ arch/s390/mm/init.c | 47 +++++++++++++++++++++++++++++++++++++ 3 files changed, 69 insertions(+) create mode 100644 arch/s390/include/asm/mem_encrypt.h diff --git a/arch/s390/Kconfig b/arch/s390/Kconfig index 109243fdb6ec..88d8355b7bf7 100644 --- a/arch/s390/Kconfig +++ b/arch/s390/Kconfig @@ -1,4 +1,7 @@ # SPDX-License-Identifier: GPL-2.0 +config ARCH_HAS_MEM_ENCRYPT + def_bool y + config MMU def_bool y @@ -187,6 +190,7 @@ config S390 select VIRT_CPU_ACCOUNTING select ARCH_HAS_SCALED_CPUTIME select HAVE_NMI + select SWIOTLB config SCHED_OMIT_FRAME_POINTER diff --git a/arch/s390/include/asm/mem_encrypt.h b/arch/s390/include/asm/mem_encrypt.h new file mode 100644 index 000000000000..0898c09a888c --- /dev/null +++ b/arch/s390/include/asm/mem_encrypt.h @@ -0,0 +1,18 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#ifndef S390_MEM_ENCRYPT_H__ +#define S390_MEM_ENCRYPT_H__ + +#ifndef __ASSEMBLY__ + +#define sme_me_mask 0ULL + +static inline bool sme_active(void) { return false; } +extern bool sev_active(void); + +int set_memory_encrypted(unsigned long addr, int numpages); +int set_memory_decrypted(unsigned long addr, int numpages); + +#endif /* __ASSEMBLY__ */ + +#endif /* S390_MEM_ENCRYPT_H__ */ + diff --git a/arch/s390/mm/init.c b/arch/s390/mm/init.c index 14d1eae9fe43..f0bee6af3960 100644 --- a/arch/s390/mm/init.c +++ b/arch/s390/mm/init.c @@ -18,6 +18,7 @@ #include <linux/mman.h> #include <linux/mm.h> #include <linux/swap.h> +#include <linux/swiotlb.h> #include <linux/smp.h> #include <linux/init.h> #include <linux/pagemap.h> @@ -29,6 +30,7 @@ #include <linux/export.h> #include <linux/cma.h> #include <linux/gfp.h> +#include <linux/dma-mapping.h> #include <asm/processor.h> #include <linux/uaccess.h> #include <asm/pgtable.h> @@ -42,6 +44,8 @@ #include <asm/sclp.h> #include <asm/set_memory.h> #include <asm/kasan.h> +#include <asm/dma-mapping.h> +#include <asm/uv.h> pgd_t swapper_pg_dir[PTRS_PER_PGD] __section(.bss..swapper_pg_dir); @@ -128,6 +132,47 @@ void mark_rodata_ro(void) pr_info("Write protected read-only-after-init data: %luk\n", size >> 10); } +int set_memory_encrypted(unsigned long addr, int numpages) +{ + int i; + + /* make specified pages unshared, (swiotlb, dma_free) */ + for (i = 0; i < numpages; ++i) { + uv_remove_shared(addr); + addr += PAGE_SIZE; + } + return 0; +} + +int set_memory_decrypted(unsigned long addr, int numpages) +{ + int i; + /* make specified pages shared (swiotlb, dma_alloca) */ + for (i = 0; i < numpages; ++i) { + uv_set_shared(addr); + addr += PAGE_SIZE; + } + return 0; +} + +/* are we a protected virtualization guest? */ +bool sev_active(void) +{ + return is_prot_virt_guest(); +} + +/* protected virtualization */ +static void pv_init(void) +{ + if (!is_prot_virt_guest()) + return; + + /* make sure bounce buffers are shared */ + swiotlb_init(1); + swiotlb_update_mem_attributes(); + swiotlb_force = SWIOTLB_FORCE; +} + void __init mem_init(void) { cpumask_set_cpu(0, &init_mm.context.cpu_attach_mask); @@ -136,6 +181,8 @@ void __init mem_init(void) set_max_mapnr(max_low_pfn); high_memory = (void *) __va(max_low_pfn * PAGE_SIZE); + pv_init(); + /* Setup guest page hinting */ cmma_init(); -- 2.13.4
WARNING: multiple messages have this Message-ID (diff)
From: Michael Mueller <mimu@linux.ibm.com> To: KVM Mailing List <kvm@vger.kernel.org>, Linux-S390 Mailing List <linux-s390@vger.kernel.org>, Cornelia Huck <cohuck@redhat.com>, Sebastian Ott <sebott@linux.ibm.com>, Heiko Carstens <heiko.carstens@de.ibm.com> Cc: Christoph Hellwig <hch@infradead.org>, Thomas Huth <thuth@redhat.com>, Claudio Imbrenda <imbrenda@linux.ibm.com>, Janosch Frank <frankja@linux.ibm.com>, Vasily Gorbik <gor@linux.ibm.com>, "Michael S . Tsirkin" <mst@redhat.com>, Pierre Morel <pmorel@linux.ibm.com>, Farhan Ali <alifm@linux.ibm.com>, Eric Farman <farman@linux.ibm.com>, virtualization@lists.linux-foundation.org, Halil Pasic <pasic@linux.ibm.com>, Christian Borntraeger <borntraeger@de.ibm.com>, Michael Mueller <mimu@linux.ibm.com>, Viktor Mihajlovski <mihajlov@linux.ibm.com> Subject: [PATCH v2 1/8] s390/mm: force swiotlb for protected virtualization Date: Thu, 23 May 2019 18:22:02 +0200 [thread overview] Message-ID: <20190523162209.9543-2-mimu@linux.ibm.com> (raw) In-Reply-To: <20190523162209.9543-1-mimu@linux.ibm.com> From: Halil Pasic <pasic@linux.ibm.com> On s390, protected virtualization guests have to use bounced I/O buffers. That requires some plumbing. Let us make sure, any device that uses DMA API with direct ops correctly is spared from the problems, that a hypervisor attempting I/O to a non-shared page would bring. Signed-off-by: Halil Pasic <pasic@linux.ibm.com> Reviewed-by: Claudio Imbrenda <imbrenda@linux.ibm.com> --- arch/s390/Kconfig | 4 ++++ arch/s390/include/asm/mem_encrypt.h | 18 ++++++++++++++ arch/s390/mm/init.c | 47 +++++++++++++++++++++++++++++++++++++ 3 files changed, 69 insertions(+) create mode 100644 arch/s390/include/asm/mem_encrypt.h diff --git a/arch/s390/Kconfig b/arch/s390/Kconfig index 109243fdb6ec..88d8355b7bf7 100644 --- a/arch/s390/Kconfig +++ b/arch/s390/Kconfig @@ -1,4 +1,7 @@ # SPDX-License-Identifier: GPL-2.0 +config ARCH_HAS_MEM_ENCRYPT + def_bool y + config MMU def_bool y @@ -187,6 +190,7 @@ config S390 select VIRT_CPU_ACCOUNTING select ARCH_HAS_SCALED_CPUTIME select HAVE_NMI + select SWIOTLB config SCHED_OMIT_FRAME_POINTER diff --git a/arch/s390/include/asm/mem_encrypt.h b/arch/s390/include/asm/mem_encrypt.h new file mode 100644 index 000000000000..0898c09a888c --- /dev/null +++ b/arch/s390/include/asm/mem_encrypt.h @@ -0,0 +1,18 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#ifndef S390_MEM_ENCRYPT_H__ +#define S390_MEM_ENCRYPT_H__ + +#ifndef __ASSEMBLY__ + +#define sme_me_mask 0ULL + +static inline bool sme_active(void) { return false; } +extern bool sev_active(void); + +int set_memory_encrypted(unsigned long addr, int numpages); +int set_memory_decrypted(unsigned long addr, int numpages); + +#endif /* __ASSEMBLY__ */ + +#endif /* S390_MEM_ENCRYPT_H__ */ + diff --git a/arch/s390/mm/init.c b/arch/s390/mm/init.c index 14d1eae9fe43..f0bee6af3960 100644 --- a/arch/s390/mm/init.c +++ b/arch/s390/mm/init.c @@ -18,6 +18,7 @@ #include <linux/mman.h> #include <linux/mm.h> #include <linux/swap.h> +#include <linux/swiotlb.h> #include <linux/smp.h> #include <linux/init.h> #include <linux/pagemap.h> @@ -29,6 +30,7 @@ #include <linux/export.h> #include <linux/cma.h> #include <linux/gfp.h> +#include <linux/dma-mapping.h> #include <asm/processor.h> #include <linux/uaccess.h> #include <asm/pgtable.h> @@ -42,6 +44,8 @@ #include <asm/sclp.h> #include <asm/set_memory.h> #include <asm/kasan.h> +#include <asm/dma-mapping.h> +#include <asm/uv.h> pgd_t swapper_pg_dir[PTRS_PER_PGD] __section(.bss..swapper_pg_dir); @@ -128,6 +132,47 @@ void mark_rodata_ro(void) pr_info("Write protected read-only-after-init data: %luk\n", size >> 10); } +int set_memory_encrypted(unsigned long addr, int numpages) +{ + int i; + + /* make specified pages unshared, (swiotlb, dma_free) */ + for (i = 0; i < numpages; ++i) { + uv_remove_shared(addr); + addr += PAGE_SIZE; + } + return 0; +} + +int set_memory_decrypted(unsigned long addr, int numpages) +{ + int i; + /* make specified pages shared (swiotlb, dma_alloca) */ + for (i = 0; i < numpages; ++i) { + uv_set_shared(addr); + addr += PAGE_SIZE; + } + return 0; +} + +/* are we a protected virtualization guest? */ +bool sev_active(void) +{ + return is_prot_virt_guest(); +} + +/* protected virtualization */ +static void pv_init(void) +{ + if (!is_prot_virt_guest()) + return; + + /* make sure bounce buffers are shared */ + swiotlb_init(1); + swiotlb_update_mem_attributes(); + swiotlb_force = SWIOTLB_FORCE; +} + void __init mem_init(void) { cpumask_set_cpu(0, &init_mm.context.cpu_attach_mask); @@ -136,6 +181,8 @@ void __init mem_init(void) set_max_mapnr(max_low_pfn); high_memory = (void *) __va(max_low_pfn * PAGE_SIZE); + pv_init(); + /* Setup guest page hinting */ cmma_init(); -- 2.13.4
next prev parent reply other threads:[~2019-05-23 16:22 UTC|newest] Thread overview: 72+ messages / expand[flat|nested] mbox.gz Atom feed top 2019-05-23 16:22 [PATCH v2 0/8] s390: virtio: support protected virtualization Michael Mueller 2019-05-23 16:22 ` Michael Mueller 2019-05-23 16:22 ` Michael Mueller [this message] 2019-05-23 16:22 ` [PATCH v2 1/8] s390/mm: force swiotlb for " Michael Mueller 2019-05-23 16:22 ` [PATCH v2 2/8] s390/cio: introduce DMA pools to cio Michael Mueller 2019-05-23 16:22 ` Michael Mueller 2019-05-25 9:22 ` Sebastian Ott 2019-05-25 9:22 ` Sebastian Ott 2019-05-27 11:26 ` Michael Mueller 2019-05-27 11:26 ` Michael Mueller 2019-05-27 6:57 ` Cornelia Huck 2019-05-27 6:57 ` Cornelia Huck 2019-05-27 11:47 ` Halil Pasic 2019-05-27 11:47 ` Halil Pasic 2019-05-27 12:06 ` Cornelia Huck 2019-05-27 12:06 ` Cornelia Huck 2019-05-27 12:00 ` Michael Mueller 2019-05-27 12:00 ` Michael Mueller 2019-05-23 16:22 ` [PATCH v2 3/8] s390/cio: add basic protected virtualization support Michael Mueller 2019-05-23 16:22 ` Michael Mueller 2019-05-25 9:44 ` Sebastian Ott 2019-05-25 9:44 ` Sebastian Ott 2019-05-27 15:01 ` Michael Mueller 2019-05-27 15:01 ` Michael Mueller 2019-05-27 10:38 ` Cornelia Huck 2019-05-27 10:38 ` Cornelia Huck 2019-05-27 12:15 ` Michael Mueller 2019-05-27 12:15 ` Michael Mueller 2019-05-27 12:30 ` Halil Pasic 2019-05-27 12:30 ` Halil Pasic 2019-05-27 13:31 ` Cornelia Huck 2019-05-27 13:31 ` Cornelia Huck 2019-05-29 12:24 ` Michael Mueller 2019-05-29 12:24 ` Michael Mueller 2019-05-29 12:30 ` Cornelia Huck 2019-05-29 12:30 ` Cornelia Huck 2019-05-23 16:22 ` [PATCH v2 4/8] s390/airq: use DMA memory for adapter interrupts Michael Mueller 2019-05-23 16:22 ` Michael Mueller 2019-05-25 9:51 ` Sebastian Ott 2019-05-25 9:51 ` Sebastian Ott 2019-05-27 10:53 ` Cornelia Huck 2019-05-27 10:53 ` Cornelia Huck 2019-05-23 16:22 ` [PATCH v2 5/8] virtio/s390: use cacheline aligned airq bit vectors Michael Mueller 2019-05-23 16:22 ` Michael Mueller 2019-05-27 10:55 ` Cornelia Huck 2019-05-27 10:55 ` Cornelia Huck 2019-05-27 12:03 ` Halil Pasic 2019-05-27 12:03 ` Halil Pasic 2019-05-23 16:22 ` [PATCH v2 6/8] virtio/s390: add indirection to indicators access Michael Mueller 2019-05-23 16:22 ` Michael Mueller 2019-05-27 11:00 ` Cornelia Huck 2019-05-27 11:00 ` Cornelia Huck 2019-05-27 11:57 ` Halil Pasic 2019-05-27 11:57 ` Halil Pasic 2019-05-27 12:10 ` Cornelia Huck 2019-05-27 12:10 ` Cornelia Huck 2019-05-29 11:05 ` Michael Mueller 2019-05-29 11:05 ` Michael Mueller 2019-05-23 16:22 ` [PATCH v2 7/8] virtio/s390: use DMA memory for ccw I/O and classic notifiers Michael Mueller 2019-05-23 16:22 ` Michael Mueller 2019-05-27 11:49 ` Cornelia Huck 2019-05-27 11:49 ` Cornelia Huck 2019-05-23 16:22 ` [PATCH v2 8/8] virtio/s390: make airq summary indicators DMA Michael Mueller 2019-05-23 16:22 ` Michael Mueller 2019-05-27 12:00 ` Cornelia Huck 2019-05-27 12:00 ` Cornelia Huck 2019-05-28 14:33 ` Halil Pasic 2019-05-28 14:33 ` Halil Pasic 2019-05-28 14:56 ` Cornelia Huck 2019-05-28 14:56 ` Cornelia Huck 2019-05-28 14:58 ` Michael Mueller 2019-05-28 14:58 ` Michael Mueller
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20190523162209.9543-2-mimu@linux.ibm.com \ --to=mimu@linux.ibm.com \ --cc=alifm@linux.ibm.com \ --cc=borntraeger@de.ibm.com \ --cc=cohuck@redhat.com \ --cc=farman@linux.ibm.com \ --cc=frankja@linux.ibm.com \ --cc=gor@linux.ibm.com \ --cc=hch@infradead.org \ --cc=heiko.carstens@de.ibm.com \ --cc=imbrenda@linux.ibm.com \ --cc=kvm@vger.kernel.org \ --cc=linux-s390@vger.kernel.org \ --cc=mihajlov@linux.ibm.com \ --cc=mst@redhat.com \ --cc=pasic@linux.ibm.com \ --cc=pmorel@linux.ibm.com \ --cc=sebott@linux.ibm.com \ --cc=thuth@redhat.com \ --cc=virtualization@lists.linux-foundation.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.