[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v0] ppc/spapr: Support reboot of secure pseries
|
From: |
David Gibson |
|
Subject: |
Re: [Qemu-devel] [PATCH v0] ppc/spapr: Support reboot of secure pseries guest |
|
Date: |
Thu, 11 Jul 2019 11:31:00 +1000 |
|
User-agent: |
Mutt/1.12.0 (2019-05-25) |
On Wed, Jul 10, 2019 at 11:36:21AM +0530, Bharata B Rao wrote:
> A pseries guest can be run as a secure guest on Ultravisor-enabled
> POWER platforms. When such a secure guest is reset, we need to
> release/reset a few resources both on ultravisor and hypervisor side.
> This is achieved by invoking this new ioctl KVM_PPC_SVM_OFF from the
> machine reset path.
>
> As part of this ioctl, the secure guest is essentially transitioned
> back to normal mode so that it can reboot like a regular guest and
> become secure again.
>
> This ioctl has no effect when invoked for a normal guest.
>
> Signed-off-by: Bharata B Rao <address@hidden>
> ---
> * The ioctl implementation in the kernel can be found as part of this
> patchset:
> https://www.spinics.net/lists/linux-mm/msg184366.html
> * Updated linux-headers/linux/kvm.h here for completeness as the
> definition of KVM_PPC_SVM_OFF isn't yet part of upstream kernel.
The qemu change looks good to me. To actually merge this, the support
will need to go upstream in the kernel first, then we'll need an
update-kernel-headers as a separate patch.
>
> hw/ppc/spapr.c | 1 +
> linux-headers/linux/kvm.h | 1 +
> target/ppc/kvm.c | 7 +++++++
> target/ppc/kvm_ppc.h | 6 ++++++
> 4 files changed, 15 insertions(+)
>
> diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
> index 821f0d4a49..6abf71f159 100644
> --- a/hw/ppc/spapr.c
> +++ b/hw/ppc/spapr.c
> @@ -1709,6 +1709,7 @@ static void spapr_machine_reset(MachineState *machine)
> void *fdt;
> int rc;
>
> + kvmppc_svm_off();
> spapr_caps_apply(spapr);
>
> first_ppc_cpu = POWERPC_CPU(first_cpu);
> diff --git a/linux-headers/linux/kvm.h b/linux-headers/linux/kvm.h
> index c8423e760c..9603fef9bf 100644
> --- a/linux-headers/linux/kvm.h
> +++ b/linux-headers/linux/kvm.h
> @@ -1327,6 +1327,7 @@ struct kvm_s390_ucas_mapping {
> #define KVM_PPC_GET_RMMU_INFO _IOW(KVMIO, 0xb0, struct
> kvm_ppc_rmmu_info)
> /* Available with KVM_CAP_PPC_GET_CPU_CHAR */
> #define KVM_PPC_GET_CPU_CHAR _IOR(KVMIO, 0xb1, struct kvm_ppc_cpu_char)
> +#define KVM_PPC_SVM_OFF _IO(KVMIO, 0xb2)
>
> /* ioctl for vm fd */
> #define KVM_CREATE_DEVICE _IOWR(KVMIO, 0xe0, struct kvm_create_device)
> diff --git a/target/ppc/kvm.c b/target/ppc/kvm.c
> index 8a06d3171e..079d83ce6c 100644
> --- a/target/ppc/kvm.c
> +++ b/target/ppc/kvm.c
> @@ -2953,3 +2953,10 @@ void kvmppc_set_reg_tb_offset(PowerPCCPU *cpu, int64_t
> tb_offset)
> kvm_set_one_reg(cs, KVM_REG_PPC_TB_OFFSET, &tb_offset);
> }
> }
> +
> +int kvmppc_svm_off(void)
> +{
> + KVMState *s = KVM_STATE(current_machine->accelerator);
> +
> + return kvm_vm_ioctl(s, KVM_PPC_SVM_OFF);
> +}
> diff --git a/target/ppc/kvm_ppc.h b/target/ppc/kvm_ppc.h
> index 98bd7d5da6..0fd80e1100 100644
> --- a/target/ppc/kvm_ppc.h
> +++ b/target/ppc/kvm_ppc.h
> @@ -37,6 +37,7 @@ int kvmppc_booke_watchdog_enable(PowerPCCPU *cpu);
> target_ulong kvmppc_configure_v3_mmu(PowerPCCPU *cpu,
> bool radix, bool gtse,
> uint64_t proc_tbl);
> +int kvmppc_svm_off(void);
> #ifndef CONFIG_USER_ONLY
> bool kvmppc_spapr_use_multitce(void);
> int kvmppc_spapr_enable_inkernel_multitce(void);
> @@ -201,6 +202,11 @@ static inline target_ulong
> kvmppc_configure_v3_mmu(PowerPCCPU *cpu,
> return 0;
> }
>
> +static inline int kvmppc_svm_off(void)
> +{
> + return 0;
> +}
> +
> static inline void kvmppc_set_reg_ppc_online(PowerPCCPU *cpu,
> unsigned int online)
> {
--
David Gibson | I'll have my music baroque, and my code
david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson
signature.asc
Description: PGP signature