subject:"Re\: \[RFC PATCH V3 03\/11\] x86\/Hyper\-V\: Add new hvcall guest address host visibility support"

Re: [RFC PATCH V3 03/11] x86/Hyper-V: Add new hvcall guest address host visibility support

2021-06-10 Thread Tianyu Lan


Hi Vitaly:
Thanks for your review.

On 6/10/2021 5:47 PM, Vitaly Kuznetsov wrote:

diff --git a/arch/x86/include/asm/hyperv-tlfs.h 
b/arch/x86/include/asm/hyperv-tlfs.h
index 606f5cc579b2..632281b91b44 100644
--- a/arch/x86/include/asm/hyperv-tlfs.h
+++ b/arch/x86/include/asm/hyperv-tlfs.h
@@ -262,6 +262,17 @@ enum hv_isolation_type {
  #define HV_X64_MSR_TIME_REF_COUNT HV_REGISTER_TIME_REF_COUNT
  #define HV_X64_MSR_REFERENCE_TSC  HV_REGISTER_REFERENCE_TSC
  
+/* Hyper-V GPA map flags */

+#define HV_MAP_GPA_PERMISSIONS_NONE0x0
+#define HV_MAP_GPA_READABLE0x1
+#define HV_MAP_GPA_WRITABLE0x2
+
+enum vmbus_page_visibility {
+   VMBUS_PAGE_NOT_VISIBLE = 0,
+   VMBUS_PAGE_VISIBLE_READ_ONLY = 1,
+   VMBUS_PAGE_VISIBLE_READ_WRITE = 3
+};
+

Why do we need both flags and the enum? I don't see HV_MAP_GPA_* being
used anywhere and VMBUS_PAGE_VISIBLE_READ_WRITE looks like
HV_MAP_GPA_READABLE | HV_MAP_GPA_WRITABLE.

As this is used to communicate with the host, I'd suggest to avoid using
enum and just use flags everywhere.



Nice catch. Will update in the next version.

Thanks.
___
iommu mailing list
iommu@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/iommu

Re: [RFC PATCH V3 03/11] x86/Hyper-V: Add new hvcall guest address host visibility support

2021-06-10 Thread Vitaly Kuznetsov

Tianyu Lan  writes:

> From: Tianyu Lan 
>
> Add new hvcall guest address host visibility support. Mark vmbus
> ring buffer visible to host when create gpadl buffer and mark back
> to not visible when tear down gpadl buffer.
>
> Co-developed-by: Sunil Muthuswamy 
> Signed-off-by: Tianyu Lan 
> ---
>  arch/x86/hyperv/Makefile   |   2 +-
>  arch/x86/hyperv/ivm.c  | 106 +
>  arch/x86/include/asm/hyperv-tlfs.h |  24 +++
>  arch/x86/include/asm/mshyperv.h|   4 +-
>  arch/x86/mm/pat/set_memory.c   |  10 ++-
>  drivers/hv/channel.c   |  38 ++-
>  include/asm-generic/hyperv-tlfs.h  |   1 +
>  include/linux/hyperv.h |  10 +++
>  8 files changed, 190 insertions(+), 5 deletions(-)
>  create mode 100644 arch/x86/hyperv/ivm.c
>
> diff --git a/arch/x86/hyperv/Makefile b/arch/x86/hyperv/Makefile
> index 48e2c51464e8..5d2de10809ae 100644
> --- a/arch/x86/hyperv/Makefile
> +++ b/arch/x86/hyperv/Makefile
> @@ -1,5 +1,5 @@
>  # SPDX-License-Identifier: GPL-2.0-only
> -obj-y:= hv_init.o mmu.o nested.o irqdomain.o
> +obj-y:= hv_init.o mmu.o nested.o irqdomain.o ivm.o
>  obj-$(CONFIG_X86_64) += hv_apic.o hv_proc.o
>  
>  ifdef CONFIG_X86_64
> diff --git a/arch/x86/hyperv/ivm.c b/arch/x86/hyperv/ivm.c
> new file mode 100644
> index ..fad1d3024056
> --- /dev/null
> +++ b/arch/x86/hyperv/ivm.c
> @@ -0,0 +1,106 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/*
> + * Hyper-V Isolation VM interface with paravisor and hypervisor
> + *
> + * Author:
> + *  Tianyu Lan 
> + */
> +
> +#include 
> +#include 
> +#include 
> +#include 
> +#include 
> +
> +/*
> + * hv_mark_gpa_visibility - Set pages visible to host via hvcall.
> + *
> + * In Isolation VM, all guest memory is encripted from host and guest
> + * needs to set memory visible to host via hvcall before sharing memory
> + * with host.
> + */
> +int hv_mark_gpa_visibility(u16 count, const u64 pfn[], u32 visibility)
> +{
> + struct hv_gpa_range_for_visibility **input_pcpu, *input;
> + u16 pages_processed;
> + u64 hv_status;
> + unsigned long flags;
> +
> + /* no-op if partition isolation is not enabled */
> + if (!hv_is_isolation_supported())
> + return 0;
> +
> + if (count > HV_MAX_MODIFY_GPA_REP_COUNT) {
> + pr_err("Hyper-V: GPA count:%d exceeds supported:%lu\n", count,
> + HV_MAX_MODIFY_GPA_REP_COUNT);
> + return -EINVAL;
> + }
> +
> + local_irq_save(flags);
> + input_pcpu = (struct hv_gpa_range_for_visibility **)
> + this_cpu_ptr(hyperv_pcpu_input_arg);
> + input = *input_pcpu;
> + if (unlikely(!input)) {
> + local_irq_restore(flags);
> + return -EINVAL;
> + }
> +
> + input->partition_id = HV_PARTITION_ID_SELF;
> + input->host_visibility = visibility;
> + input->reserved0 = 0;
> + input->reserved1 = 0;
> + memcpy((void *)input->gpa_page_list, pfn, count * sizeof(*pfn));
> + hv_status = hv_do_rep_hypercall(
> + HVCALL_MODIFY_SPARSE_GPA_PAGE_HOST_VISIBILITY, count,
> + 0, input, _processed);
> + local_irq_restore(flags);
> +
> + if (!(hv_status & HV_HYPERCALL_RESULT_MASK))
> + return 0;
> +
> + return hv_status & HV_HYPERCALL_RESULT_MASK;
> +}
> +EXPORT_SYMBOL(hv_mark_gpa_visibility);
> +
> +/*
> + * hv_set_mem_host_visibility - Set specified memory visible to host.
> + *
> + * In Isolation VM, all guest memory is encrypted from host and guest
> + * needs to set memory visible to host via hvcall before sharing memory
> + * with host. This function works as wrap of hv_mark_gpa_visibility()
> + * with memory base and size.
> + */
> +int hv_set_mem_host_visibility(void *kbuffer, size_t size,
> +enum vmbus_page_visibility visibility)
> +{
> + int pagecount = size >> HV_HYP_PAGE_SHIFT;
> + u64 *pfn_array;
> + int ret = 0;
> + int i, pfn;
> +
> + if (!hv_is_isolation_supported())
> + return 0;
> +
> + pfn_array = vzalloc(HV_HYP_PAGE_SIZE);
> + if (!pfn_array)
> + return -ENOMEM;
> +
> + for (i = 0, pfn = 0; i < pagecount; i++) {
> + pfn_array[pfn] = virt_to_hvpfn(kbuffer + i * HV_HYP_PAGE_SIZE);
> + pfn++;
> +
> + if (pfn == HV_MAX_MODIFY_GPA_REP_COUNT || i == pagecount - 1) {
> + ret |= hv_mark_gpa_visibility(pfn, pfn_array, 
> visibility);
> + pfn = 0;
> +
> + if (ret)
> + goto err_free_pfn_array;
> + }
> + }
> +
> + err_free_pfn_array:
> + vfree(pfn_array);
> + return ret;
> +}
> +EXPORT_SYMBOL_GPL(hv_set_mem_host_visibility);
> +
> diff --git a/arch/x86/include/asm/hyperv-tlfs.h 
> b/arch/x86/include/asm/hyperv-tlfs.h
> index 606f5cc579b2..632281b91b44 100644
> ---

Re: [RFC PATCH V3 03/11] x86/Hyper-V: Add new hvcall guest address host visibility support

2021-05-30 Thread Tianyu Lan


Hi Borislav:
Thanks for your review.

On 5/31/2021 2:25 AM, Borislav Petkov wrote:

On Sun, May 30, 2021 at 11:06:20AM -0400, Tianyu Lan wrote:

diff --git a/arch/x86/mm/pat/set_memory.c b/arch/x86/mm/pat/set_memory.c
index 156cd235659f..a82975600107 100644
--- a/arch/x86/mm/pat/set_memory.c
+++ b/arch/x86/mm/pat/set_memory.c
@@ -29,6 +29,8 @@
  #include 
  #include 
  #include 
+#include 
+#include 
  
  #include "../mm_internal.h"
  
@@ -1986,8 +1988,14 @@ static int __set_memory_enc_dec(unsigned long addr, int numpages, bool enc)

int ret;
  
  	/* Nothing to do if memory encryption is not active */

-   if (!mem_encrypt_active())
+   if (hv_is_isolation_supported()) {
+   return hv_set_mem_host_visibility((void *)addr,
+   numpages * HV_HYP_PAGE_SIZE,
+   enc ? VMBUS_PAGE_NOT_VISIBLE
+   : VMBUS_PAGE_VISIBLE_READ_WRITE);


Put all this gunk in a hv-specific function somewhere in hv-land which
you only call from here. This way you probably won't even need to export
hv_set_mem_host_visibility() and so on...



Good idea. Will update. Thanks.


___
iommu mailing list
iommu@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/iommu

Re: [RFC PATCH V3 03/11] x86/Hyper-V: Add new hvcall guest address host visibility support

2021-05-30 Thread Borislav Petkov

On Sun, May 30, 2021 at 11:06:20AM -0400, Tianyu Lan wrote:
> diff --git a/arch/x86/mm/pat/set_memory.c b/arch/x86/mm/pat/set_memory.c
> index 156cd235659f..a82975600107 100644
> --- a/arch/x86/mm/pat/set_memory.c
> +++ b/arch/x86/mm/pat/set_memory.c
> @@ -29,6 +29,8 @@
>  #include 
>  #include 
>  #include 
> +#include 
> +#include 
>  
>  #include "../mm_internal.h"
>  
> @@ -1986,8 +1988,14 @@ static int __set_memory_enc_dec(unsigned long addr, 
> int numpages, bool enc)
>   int ret;
>  
>   /* Nothing to do if memory encryption is not active */
> - if (!mem_encrypt_active())
> + if (hv_is_isolation_supported()) {
> + return hv_set_mem_host_visibility((void *)addr,
> + numpages * HV_HYP_PAGE_SIZE,
> + enc ? VMBUS_PAGE_NOT_VISIBLE
> + : VMBUS_PAGE_VISIBLE_READ_WRITE);

Put all this gunk in a hv-specific function somewhere in hv-land which
you only call from here. This way you probably won't even need to export
hv_set_mem_host_visibility() and so on...

Thx.

-- 
Regards/Gruss,
Boris.

https://people.kernel.org/tglx/notes-about-netiquette
___
iommu mailing list
iommu@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/iommu

Re: [RFC PATCH V3 03/11] x86/Hyper-V: Add new hvcall guest address host visibility support

Re: [RFC PATCH V3 03/11] x86/Hyper-V: Add new hvcall guest address host visibility support

Re: [RFC PATCH V3 03/11] x86/Hyper-V: Add new hvcall guest address host visibility support

Re: [RFC PATCH V3 03/11] x86/Hyper-V: Add new hvcall guest address host visibility support

4 matches

Site Navigation

Mail list logo

Footer information