Re: [PATCH v7 0/7] KVMPPC driver to manage secure guest pages
Paul Mackerras writes: > On Thu, Aug 22, 2019 at 03:56:13PM +0530, Bharata B Rao wrote: >> A pseries guest can be run as a secure guest on Ultravisor-enabled >> POWER platforms. On such platforms, this driver will be used to manage >> the movement of guest pages between the normal memory managed by >> hypervisor(HV) and secure memory managed by Ultravisor(UV). >> >> Private ZONE_DEVICE memory equal to the amount of secure memory >> available in the platform for running secure guests is created. >> Whenever a page belonging to the guest becomes secure, a page from >> this private device memory is used to represent and track that secure >> page on the HV side. The movement of pages between normal and secure >> memory is done via migrate_vma_pages(). The reverse movement is driven >> via pagemap_ops.migrate_to_ram(). >> >> The page-in or page-out requests from UV will come to HV as hcalls and >> HV will call back into UV via uvcalls to satisfy these page requests. >> >> These patches are against hmm.git >> (https://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma.git/log/?h=hmm) >> >> plus >> >> Claudio Carvalho's base ultravisor enablement patchset v6 >> (https://lore.kernel.org/linuxppc-dev/20190822034838.27876-1-cclau...@linux.ibm.com/T/#t) > > How are you thinking these patches will go upstream? Are you going to > send them via the hmm tree? > > I assume you need Claudio's patchset as a prerequisite for your series > to compile, which means the hmm maintainers would need to pull in a > topic branch from Michael Ellerman's powerpc tree, or something like > that. I think more workable would be for me to make a topic branch based on the hmm tree (or some commit from the hmm tree), which I then apply the patches on top of, and merge any required powerpc changes into that. I can then ask Linus to merge that branch late in the merge window once the hmm changes have gone in. The bigger problem at the moment is the lack of reviews or acks on the bulk of the series. cheers
Re: [PATCH v7 0/7] KVMPPC driver to manage secure guest pages
On Fri, Aug 23, 2019 at 02:17:47PM +1000, Paul Mackerras wrote: > On Thu, Aug 22, 2019 at 03:56:13PM +0530, Bharata B Rao wrote: > > Hi, > > > > A pseries guest can be run as a secure guest on Ultravisor-enabled > > POWER platforms. On such platforms, this driver will be used to manage > > the movement of guest pages between the normal memory managed by > > hypervisor(HV) and secure memory managed by Ultravisor(UV). > > > > Private ZONE_DEVICE memory equal to the amount of secure memory > > available in the platform for running secure guests is created. > > Whenever a page belonging to the guest becomes secure, a page from > > this private device memory is used to represent and track that secure > > page on the HV side. The movement of pages between normal and secure > > memory is done via migrate_vma_pages(). The reverse movement is driven > > via pagemap_ops.migrate_to_ram(). > > > > The page-in or page-out requests from UV will come to HV as hcalls and > > HV will call back into UV via uvcalls to satisfy these page requests. > > > > These patches are against hmm.git > > (https://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma.git/log/?h=hmm) > > > > plus > > > > Claudio Carvalho's base ultravisor enablement patchset v6 > > (https://lore.kernel.org/linuxppc-dev/20190822034838.27876-1-cclau...@linux.ibm.com/T/#t) > > How are you thinking these patches will go upstream? Are you going to > send them via the hmm tree? > > I assume you need Claudio's patchset as a prerequisite for your series > to compile, which means the hmm maintainers would need to pull in a > topic branch from Michael Ellerman's powerpc tree, or something like > that. I was hoping that changes required from hmm.git would hit upstream soon, will reflect in mpe's powerpc tree at which time these patches can go via powerpc tree along with or after Claudio's patchset. Though this depends on migrate_vma and memremap changes that happen to be in hmm.git, this is majorly a kvmppc change. Hence I thought it would be appropriate for this to go via your or mpe's tree together with required dependencies. Regards, Bharata.
Re: [PATCH v7 0/7] KVMPPC driver to manage secure guest pages
On Thu, Aug 22, 2019 at 03:56:13PM +0530, Bharata B Rao wrote: > Hi, > > A pseries guest can be run as a secure guest on Ultravisor-enabled > POWER platforms. On such platforms, this driver will be used to manage > the movement of guest pages between the normal memory managed by > hypervisor(HV) and secure memory managed by Ultravisor(UV). > > Private ZONE_DEVICE memory equal to the amount of secure memory > available in the platform for running secure guests is created. > Whenever a page belonging to the guest becomes secure, a page from > this private device memory is used to represent and track that secure > page on the HV side. The movement of pages between normal and secure > memory is done via migrate_vma_pages(). The reverse movement is driven > via pagemap_ops.migrate_to_ram(). > > The page-in or page-out requests from UV will come to HV as hcalls and > HV will call back into UV via uvcalls to satisfy these page requests. > > These patches are against hmm.git > (https://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma.git/log/?h=hmm) > > plus > > Claudio Carvalho's base ultravisor enablement patchset v6 > (https://lore.kernel.org/linuxppc-dev/20190822034838.27876-1-cclau...@linux.ibm.com/T/#t) How are you thinking these patches will go upstream? Are you going to send them via the hmm tree? I assume you need Claudio's patchset as a prerequisite for your series to compile, which means the hmm maintainers would need to pull in a topic branch from Michael Ellerman's powerpc tree, or something like that. Paul.
[PATCH v7 0/7] KVMPPC driver to manage secure guest pages
Hi, A pseries guest can be run as a secure guest on Ultravisor-enabled POWER platforms. On such platforms, this driver will be used to manage the movement of guest pages between the normal memory managed by hypervisor(HV) and secure memory managed by Ultravisor(UV). Private ZONE_DEVICE memory equal to the amount of secure memory available in the platform for running secure guests is created. Whenever a page belonging to the guest becomes secure, a page from this private device memory is used to represent and track that secure page on the HV side. The movement of pages between normal and secure memory is done via migrate_vma_pages(). The reverse movement is driven via pagemap_ops.migrate_to_ram(). The page-in or page-out requests from UV will come to HV as hcalls and HV will call back into UV via uvcalls to satisfy these page requests. These patches are against hmm.git (https://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma.git/log/?h=hmm) plus Claudio Carvalho's base ultravisor enablement patchset v6 (https://lore.kernel.org/linuxppc-dev/20190822034838.27876-1-cclau...@linux.ibm.com/T/#t) These patches along with Claudio's above patches are required to run a secure pseries guest on KVM. This patchset is based on hmm.git because hmm.git has migrate_vma cleanup and not-device memremap_pages patchsets that are required by this patchset. Changes in v7 = - The major change in this version is to not create a char device but instead use the not device versions of memremap_pages and request_free_mem_region (Christoph Hellwig) - Other changes * Addressed all the changes suggested by Christoph Hellwig for v6. * Removed MIGRATE_VMA_HELPER dependency * Switched to using of_find_compatible_node() and not doing find by path (Thiago Jung Bauermann) * Moved kvmppc_rmap_is_devm_pfn to kvm_host.h * Updated comments * use @page_shift argument in H_SVM_PAGE_OUT instead of PAGE_SHIFT * Proper handling of return val from kvmppc_devm_fault_migrate_alloc_and_copy v6: https://lore.kernel.org/linuxppc-dev/20190809084108.30343-1-bhar...@linux.ibm.com/T/#t Anshuman Khandual (1): KVM: PPC: Ultravisor: Add PPC_UV config option Bharata B Rao (6): kvmppc: Driver to manage pages of secure guest kvmppc: Shared pages support for secure guests kvmppc: H_SVM_INIT_START and H_SVM_INIT_DONE hcalls kvmppc: Handle memory plug/unplug to secure VM kvmppc: Radix changes for secure guest kvmppc: Support reset of secure guest Documentation/virtual/kvm/api.txt | 19 + arch/powerpc/Kconfig | 17 + arch/powerpc/include/asm/hvcall.h | 9 + arch/powerpc/include/asm/kvm_book3s_devm.h | 47 ++ arch/powerpc/include/asm/kvm_host.h| 39 ++ arch/powerpc/include/asm/kvm_ppc.h | 2 + arch/powerpc/include/asm/ultravisor-api.h | 6 + arch/powerpc/include/asm/ultravisor.h | 36 ++ arch/powerpc/kvm/Makefile | 3 + arch/powerpc/kvm/book3s_64_mmu_radix.c | 22 + arch/powerpc/kvm/book3s_hv.c | 113 arch/powerpc/kvm/book3s_hv_devm.c | 614 + arch/powerpc/kvm/powerpc.c | 12 + include/uapi/linux/kvm.h | 1 + 14 files changed, 940 insertions(+) create mode 100644 arch/powerpc/include/asm/kvm_book3s_devm.h create mode 100644 arch/powerpc/kvm/book3s_hv_devm.c -- 2.21.0