Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp1195298ybl; Sun, 1 Dec 2019 22:50:30 -0800 (PST) X-Google-Smtp-Source: APXvYqwo+YMaLqva3jwFCobK7rmxcZHfYNyAizRJgIYelr51xZHHXBJ0Q6ba7JJEFPrszx7TOMEs X-Received: by 2002:a17:906:2cce:: with SMTP id r14mr716973ejr.113.1575269430120; Sun, 01 Dec 2019 22:50:30 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1575269430; cv=none; d=google.com; s=arc-20160816; b=u+bsRuAszrM4WcaYpWHa48D4L+rRBYMnKAfKtnAFMHXWfaWEY3EZRNsay/7QOLvJ9P J8R96CT0icctYkJmBzh/JGslSu0F5ia2PFBBt0fnKNXze8FxYpfC852ee5e1Tq+b26/M 3A86TFU9qlSUQZJJydiybUVXjPgi0xZTDWjljPYTOyabr7qV+2isK6Y3yPjlv89FPvON DKbccw4mFnXufnOI35CAjtkfP6nMg6InnwyicY11cEc7i1CKIEjSaDkymxFiWHKCKoo9 awLSYtYqIWtHW47tQKg0+LQ/FfJrItFF3BQggtR3jVeLCSL2LmQHzJeqoUtpFw7WnJHc A0TA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:references:in-reply-to:date :subject:cc:to:from; bh=1r8UCfndDCpQ/pKTb0YJbsA3bHOh1N2MPZ34LyjgkMo=; b=vVIVSOMKYpqBMo/bPa9GCKa2QS1beVQQKBC7hDuVslW9/yg2hivxwwYwWVHnjeJkj4 PoYE5KPxB+xsngg4/8+PDtUUb+tPVm9Xnmkf22DisgQ8CgcwgX0g48HhJotoJgmuOPvp LbNBQEJAC4UDpvoWCNLEe5bVNdlzToqE22NCh1uJ5CF66wM68SjblIRT9ho81bKmG58f NnAbrmGN8++TSppBcelRUK0FCXvQYv1lCyn/o+0bGRUWdvVuiHmuARThqTSv2gc9yhrn YMTzQLXeH9KptiNBUnduHuXRsO20HRfWIgaQS9B49g0xJxK1QVC2BMgAksHRz0BPnjzf C2vg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h40si8644420edb.128.2019.12.01.22.50.06; Sun, 01 Dec 2019 22:50:30 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726473AbfLBGqa (ORCPT + 99 others); Mon, 2 Dec 2019 01:46:30 -0500 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:42584 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725977AbfLBGqa (ORCPT ); Mon, 2 Dec 2019 01:46:30 -0500 Received: from pps.filterd (m0098399.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id xB26gFCF119413 for ; Mon, 2 Dec 2019 01:46:29 -0500 Received: from e06smtp04.uk.ibm.com (e06smtp04.uk.ibm.com [195.75.94.100]) by mx0a-001b2d01.pphosted.com with ESMTP id 2wm6uxpv7j-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Mon, 02 Dec 2019 01:46:29 -0500 Received: from localhost by e06smtp04.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Mon, 2 Dec 2019 06:46:27 -0000 Received: from b06cxnps4076.portsmouth.uk.ibm.com (9.149.109.198) by e06smtp04.uk.ibm.com (192.168.101.134) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Mon, 2 Dec 2019 06:46:22 -0000 Received: from d06av25.portsmouth.uk.ibm.com (d06av25.portsmouth.uk.ibm.com [9.149.105.61]) by b06cxnps4076.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id xB26kLJ534799708 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 2 Dec 2019 06:46:21 GMT Received: from d06av25.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 86BF711C0A1; Mon, 2 Dec 2019 06:46:21 +0000 (GMT) Received: from d06av25.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 2CCED11C0BE; Mon, 2 Dec 2019 06:46:08 +0000 (GMT) Received: from oc0525413822.ibm.com (unknown [9.80.214.136]) by d06av25.portsmouth.uk.ibm.com (Postfix) with ESMTP; Mon, 2 Dec 2019 06:46:07 +0000 (GMT) From: Ram Pai To: linuxppc-dev@lists.ozlabs.org, mpe@ellerman.id.au Cc: benh@kernel.crashing.org, david@gibson.dropbear.id.au, paulus@ozlabs.org, mdroth@linux.vnet.ibm.com, hch@lst.de, linuxram@us.ibm.com, andmike@us.ibm.com, sukadev@linux.vnet.ibm.com, mst@redhat.com, ram.n.pai@gmail.com, aik@ozlabs.ru, cai@lca.pw, tglx@linutronix.de, bauerman@linux.ibm.com, linux-kernel@vger.kernel.org Subject: [PATCH v4 1/2] powerpc/pseries/iommu: Share the per-cpu TCE page with the hypervisor. Date: Sun, 1 Dec 2019 22:45:23 -0800 X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1575269124-17885-1-git-send-email-linuxram@us.ibm.com> References: <1575269124-17885-1-git-send-email-linuxram@us.ibm.com> X-TM-AS-GCONF: 00 x-cbid: 19120206-0016-0000-0000-000002CF7A2D X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19120206-0017-0000-0000-000033316BD7 Message-Id: <1575269124-17885-2-git-send-email-linuxram@us.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,18.0.572 definitions=2019-12-01_04:2019-11-29,2019-12-01 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 malwarescore=0 clxscore=1015 priorityscore=1501 impostorscore=0 adultscore=0 phishscore=0 bulkscore=0 suspectscore=2 lowpriorityscore=0 mlxlogscore=364 mlxscore=0 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1910280000 definitions=main-1912020059 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org H_PUT_TCE_INDIRECT hcall uses a page filled with TCE entries, as one of its parameters. One page is dedicated per cpu, for the lifetime of the kernel for this purpose. On secure VMs, contents of this page, when accessed by the hypervisor, retrieves encrypted TCE entries. Hypervisor needs to know the unencrypted entries, to update the TCE table accordingly. There is nothing secret or sensitive about these entries. Hence share the page with the hypervisor. Signed-off-by: Ram Pai --- arch/powerpc/platforms/pseries/iommu.c | 23 ++++++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/arch/powerpc/platforms/pseries/iommu.c b/arch/powerpc/platforms/pseries/iommu.c index 6ba081d..0720831 100644 --- a/arch/powerpc/platforms/pseries/iommu.c +++ b/arch/powerpc/platforms/pseries/iommu.c @@ -37,6 +37,7 @@ #include #include #include +#include #include "pseries.h" @@ -179,6 +180,23 @@ static int tce_build_pSeriesLP(struct iommu_table *tbl, long tcenum, static DEFINE_PER_CPU(__be64 *, tce_page); +/* + * Allocate a tce page. If secure VM, share the page with the hypervisor. + * + * NOTE: the TCE page is shared with the hypervisor explicitly and remains + * shared for the lifetime of the kernel. It is implicitly unshared at kernel + * shutdown through a UV_UNSHARE_ALL_PAGES ucall. + */ +static __be64 *alloc_tce_page(void) +{ + __be64 *tcep = (__be64 *)__get_free_page(GFP_ATOMIC); + + if (tcep && is_secure_guest()) + uv_share_page(PHYS_PFN(__pa(tcep)), 1); + + return tcep; +} + static int tce_buildmulti_pSeriesLP(struct iommu_table *tbl, long tcenum, long npages, unsigned long uaddr, enum dma_data_direction direction, @@ -206,8 +224,7 @@ static int tce_buildmulti_pSeriesLP(struct iommu_table *tbl, long tcenum, * from iommu_alloc{,_sg}() */ if (!tcep) { - tcep = (__be64 *)__get_free_page(GFP_ATOMIC); - /* If allocation fails, fall back to the loop implementation */ + tcep = alloc_tce_page(); if (!tcep) { local_irq_restore(flags); return tce_build_pSeriesLP(tbl, tcenum, npages, uaddr, @@ -405,7 +422,7 @@ static int tce_setrange_multi_pSeriesLP(unsigned long start_pfn, tcep = __this_cpu_read(tce_page); if (!tcep) { - tcep = (__be64 *)__get_free_page(GFP_ATOMIC); + tcep = alloc_tce_page(); if (!tcep) { local_irq_enable(); return -ENOMEM; -- 1.8.3.1