Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp1968306ybi; Thu, 18 Jul 2019 01:12:46 -0700 (PDT) X-Google-Smtp-Source: APXvYqz3b2Mf8NdTbbg2A5nyoMlEIn8MuJ+SNWgfAsYZBNN0p7ILdgyE54aX5IiVGUdtlcRCcm9J X-Received: by 2002:a63:dc50:: with SMTP id f16mr46867909pgj.447.1563437566658; Thu, 18 Jul 2019 01:12:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1563437566; cv=none; d=google.com; s=arc-20160816; b=YVFh/pYfrKwf6DnXCJDVZMdIrOWimnCPliQXFkgeULEMjfh4f7ViI9afhdhSukNq+K 1Ozf5f7IxnhXKIXOalN0vgnEDDAUFf4RECDr07w++XPorEomFwGjtbdawneqMio1VVi1 qVWgmRs7HXnbuDYeN5eM4gUOrwIvWm0Rv9SPGVuXzFwwAoCaIxoV75wKx4m2QXPLR5uM FI7m9iClDTVaxHb46mNgPVkEQ6NK14xvjBh+4548ZXOvqlm6o4BsIHR8eaS42Y/FW+hZ L4KAT8Hdh75Ddl1GVeHbzaQYJnEqb3tYvLNdvKmdPxjSIJsPC3VatrGy/n8Pk3iXfg13 S30g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature; bh=AAMO+YwwE2ieI993U2rCRnUi2WpqUahZkNfrTH4tCog=; b=ZnN1+25EfS4q5BvsgQm7b5aw3dDvIvxVdI5thq9/HphJHyvO1tnMhurW1NGXTW4QUh rf2cmWDakXjXVCrhafhxrSGf5Wu/gr1gL11r7KxiJZyAyBIW59naWORPf6FDssPxIWdZ UEHEViW7+SnVbUe4hlqsPGAxG4c9vmP10J7crP/WOBWIh2TDQBAlo2eKJAyrTzxB8Wws UUV7xaQ7wiGRm/MfPVP54BFffZ+rdCuB7/rgfyr4ERJkGR/BA39qQc1xLCViaOzZvwnR UL/hlMuzhmdSEvaeU4kQ9ploLBrEL8qBPQU53XrRY9gLq9zBWm320tSX2B9yTt3OG6oG ivpw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@ozlabs-ru.20150623.gappssmtp.com header.s=20150623 header.b=dV1qtd4V; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id p12si1757629pgj.437.2019.07.18.01.12.29; Thu, 18 Jul 2019 01:12:46 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@ozlabs-ru.20150623.gappssmtp.com header.s=20150623 header.b=dV1qtd4V; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726488AbfGRIL4 (ORCPT + 99 others); Thu, 18 Jul 2019 04:11:56 -0400 Received: from mail-pg1-f194.google.com ([209.85.215.194]:41422 "EHLO mail-pg1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726000AbfGRIL4 (ORCPT ); Thu, 18 Jul 2019 04:11:56 -0400 Received: by mail-pg1-f194.google.com with SMTP id x15so2177452pgg.8 for ; Thu, 18 Jul 2019 01:11:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ozlabs-ru.20150623.gappssmtp.com; s=20150623; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=AAMO+YwwE2ieI993U2rCRnUi2WpqUahZkNfrTH4tCog=; b=dV1qtd4VTc9kjcu7gVzQDzhPj/t3ziv79DJ+Zpn9gcg0hf+W9bdrO/2s7c8IhEIesm H1fDCz79BwDQLp9BKbEAolZcJaDpoIuGGz34zMLOKZu00YDtUSX2KBBRh7YfNahtevx5 x/x4TPlwP6eFkfeFTMkcez4hG7LCisVF1ZwmkF2LXKeYKdzfxyL028JABQfWrOGXLY4U LCdoaDAhWkID/CYyerXweTQoFuwCjlQbGPf4o/Tsr4aL0tFK9ctqm9nxY413/mWN5JT2 YwvIuyG8MwUUAmiMDRKK4Prw18L9Q8LYNEfDmCBiUc2Xvf056uW9J6yI9v92PrMhGtmL vQHw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=AAMO+YwwE2ieI993U2rCRnUi2WpqUahZkNfrTH4tCog=; b=NyLb3YpdpcURXa/ImEeiVrEBPyN9c/Q223dUQAvtaW9xWtR8hMpk1LOn68YAkehHKM vxsiTRL1XFiSKtTs2Xzzlfeaitsq7/lrWzOOvqHMpXpXiSm15JW3jF9EfgUKK+FfXdmY d5CbIqigGylxBPSrC7D1N1MFvqV7YHtkBFtyb/as8QXwjDx3BKb5OJvHaIlIoS1Q8iST OmD0lV9iNJfMWR0FHEGba42vnPKU3HVDl4RPzVWN9Ar5NkPmNBNW/rsvea18Oei7NR+3 VCz1Rb2s5PnZ8MNeGSkHjE86PcDgf7jF7qyFSTiLl3u9+xK6L7DKblObELW0EvaQAi/H t0VQ== X-Gm-Message-State: APjAAAUszS71P8iL4BtiNaBK9jyN2JGPxqPwN7yNgv9g83Uf2A04adp7 KX3OicVnkLnf8FBBBbNt6OY= X-Received: by 2002:a65:500a:: with SMTP id f10mr15393467pgo.105.1563437515134; Thu, 18 Jul 2019 01:11:55 -0700 (PDT) Received: from [10.61.2.175] ([122.99.82.10]) by smtp.gmail.com with ESMTPSA id 143sm42084649pgc.6.2019.07.18.01.11.50 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 18 Jul 2019 01:11:54 -0700 (PDT) Subject: Re: [PATCH v2 03/13] powerpc/prom_init: Add the ESM call to prom_init To: Thiago Jung Bauermann , linuxppc-dev@lists.ozlabs.org Cc: linux-kernel@vger.kernel.org, Anshuman Khandual , Benjamin Herrenschmidt , Christoph Hellwig , Michael Ellerman , Mike Anderson , Paul Mackerras , Ram Pai , Claudio Carvalho References: <20190713060023.8479-1-bauerman@linux.ibm.com> <20190713060023.8479-4-bauerman@linux.ibm.com> From: Alexey Kardashevskiy Message-ID: <70f8097f-7222-fe18-78b4-9372c21bfc9d@ozlabs.ru> Date: Thu, 18 Jul 2019 18:11:48 +1000 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 MIME-Version: 1.0 In-Reply-To: <20190713060023.8479-4-bauerman@linux.ibm.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 13/07/2019 16:00, Thiago Jung Bauermann wrote: > From: Ram Pai > > Make the Enter-Secure-Mode (ESM) ultravisor call to switch the VM to secure > mode. Add "svm=" command line option to turn on switching to secure mode. > > Signed-off-by: Ram Pai > [ andmike: Generate an RTAS os-term hcall when the ESM ucall fails. ] > Signed-off-by: Michael Anderson > [ bauerman: Cleaned up the code a bit. ] > Signed-off-by: Thiago Jung Bauermann > --- > .../admin-guide/kernel-parameters.txt | 5 + > arch/powerpc/include/asm/ultravisor-api.h | 1 + > arch/powerpc/kernel/prom_init.c | 99 +++++++++++++++++++ > 3 files changed, 105 insertions(+) > > diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt > index 7b15abf7db21..c611891b5992 100644 > --- a/Documentation/admin-guide/kernel-parameters.txt > +++ b/Documentation/admin-guide/kernel-parameters.txt > @@ -4585,6 +4585,11 @@ > /sys/power/pm_test). Only available when CONFIG_PM_DEBUG > is set. Default value is 5. > > + svm= [PPC] > + Format: { on | off | y | n | 1 | 0 } > + This parameter controls use of the Protected > + Execution Facility on pSeries. > + > swapaccount=[0|1] > [KNL] Enable accounting of swap in memory resource > controller if no parameter or 1 is given or disable > diff --git a/arch/powerpc/include/asm/ultravisor-api.h b/arch/powerpc/include/asm/ultravisor-api.h > index c8180427fa01..fe9a0d8d7673 100644 > --- a/arch/powerpc/include/asm/ultravisor-api.h > +++ b/arch/powerpc/include/asm/ultravisor-api.h > @@ -19,6 +19,7 @@ > > /* opcodes */ > #define UV_WRITE_PATE 0xF104 > +#define UV_ESM 0xF110 > #define UV_RETURN 0xF11C > #define UV_REGISTER_MEM_SLOT 0xF120 > #define UV_UNREGISTER_MEM_SLOT 0xF124 > diff --git a/arch/powerpc/kernel/prom_init.c b/arch/powerpc/kernel/prom_init.c > index a3fb90bb5a39..6389a992451b 100644 > --- a/arch/powerpc/kernel/prom_init.c > +++ b/arch/powerpc/kernel/prom_init.c > @@ -44,6 +44,7 @@ > #include > #include > #include > +#include > > #include > > @@ -175,6 +176,10 @@ static bool __prombss prom_radix_disable; > static bool __prombss prom_xive_disable; > #endif > > +#ifdef CONFIG_PPC_SVM > +static bool __prombss prom_svm_enable; > +#endif > + > struct platform_support { > bool hash_mmu; > bool radix_mmu; > @@ -816,6 +821,17 @@ static void __init early_cmdline_parse(void) > prom_debug("XIVE disabled from cmdline\n"); > } > #endif /* CONFIG_PPC_PSERIES */ > + > +#ifdef CONFIG_PPC_SVM > + opt = prom_strstr(prom_cmd_line, "svm="); > + if (opt) { > + bool val; > + > + opt += sizeof("svm=") - 1; > + if (!prom_strtobool(opt, &val)) > + prom_svm_enable = val; > + } > +#endif /* CONFIG_PPC_SVM */ > } > > #ifdef CONFIG_PPC_PSERIES > @@ -1716,6 +1732,43 @@ static void __init prom_close_stdin(void) > } > } > > +#ifdef CONFIG_PPC_SVM > +static int prom_rtas_hcall(uint64_t args) > +{ > + register uint64_t arg1 asm("r3") = H_RTAS; > + register uint64_t arg2 asm("r4") = args; > + > + asm volatile("sc 1\n" : "=r" (arg1) : > + "r" (arg1), > + "r" (arg2) :); > + return arg1; > +} > + > +static struct rtas_args __prombss os_term_args; > + > +static void __init prom_rtas_os_term(char *str) > +{ > + phandle rtas_node; > + __be32 val; > + u32 token; > + > + prom_debug("%s: start...\n", __func__); > + rtas_node = call_prom("finddevice", 1, 1, ADDR("/rtas")); > + prom_debug("rtas_node: %x\n", rtas_node); > + if (!PHANDLE_VALID(rtas_node)) > + return; > + > + val = 0; > + prom_getprop(rtas_node, "ibm,os-term", &val, sizeof(val)); > + token = be32_to_cpu(val); > + prom_debug("ibm,os-term: %x\n", token); > + if (token == 0) > + prom_panic("Could not get token for ibm,os-term\n"); > + os_term_args.token = cpu_to_be32(token); > + prom_rtas_hcall((uint64_t)&os_term_args); > +} > +#endif /* CONFIG_PPC_SVM */ > + > /* > * Allocate room for and instantiate RTAS > */ > @@ -3172,6 +3225,49 @@ static void unreloc_toc(void) > #endif > #endif > > +#ifdef CONFIG_PPC_SVM > +/* > + * Perform the Enter Secure Mode ultracall. > + */ > +static int enter_secure_mode(unsigned long kbase, unsigned long fdt) > +{ > + register uint64_t func asm("r3") = UV_ESM; > + register uint64_t arg1 asm("r4") = (uint64_t)kbase; > + register uint64_t arg2 asm("r5") = (uint64_t)fdt; What does UV do with kbase and fdt precisely? Few words in the commit log will do. > + > + asm volatile("sc 2\n" > + : "=r"(func) > + : "0"(func), "r"(arg1), "r"(arg2) > + :); > + > + return (int)func; And why "func"? Is it "function"? Weird name. Thanks, > +} > + > +/* > + * Call the Ultravisor to transfer us to secure memory if we have an ESM blob. > + */ > +static void setup_secure_guest(unsigned long kbase, unsigned long fdt) > +{ > + int ret; > + > + if (!prom_svm_enable) > + return; > + > + /* Switch to secure mode. */ > + prom_printf("Switching to secure mode.\n"); > + > + ret = enter_secure_mode(kbase, fdt); > + if (ret != U_SUCCESS) { > + prom_printf("Returned %d from switching to secure mode.\n", ret); > + prom_rtas_os_term("Switch to secure mode failed.\n"); > + } > +} > +#else > +static void setup_secure_guest(unsigned long kbase, unsigned long fdt) > +{ > +} > +#endif /* CONFIG_PPC_SVM */ > + > /* > * We enter here early on, when the Open Firmware prom is still > * handling exceptions and the MMU hash table for us. > @@ -3370,6 +3466,9 @@ unsigned long __init prom_init(unsigned long r3, unsigned long r4, > unreloc_toc(); > #endif > > + /* Move to secure memory if we're supposed to be secure guests. */ > + setup_secure_guest(kbase, hdr); > + > __start(hdr, kbase, 0, 0, 0, 0, 0); > > return 0; > -- Alexey