Received: by 2002:a25:6193:0:0:0:0:0 with SMTP id v141csp3595467ybb; Mon, 6 Apr 2020 11:40:26 -0700 (PDT) X-Google-Smtp-Source: APiQypJjvzYBCy7L4m5vCqLUASoCWtV+WE9BwQwplpK1zvl5Kds+HdRaT6xkB92zgNMK63IVdmMR X-Received: by 2002:a05:6808:b30:: with SMTP id t16mr626170oij.66.1586198426354; Mon, 06 Apr 2020 11:40:26 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1586198426; cv=none; d=google.com; s=arc-20160816; b=XIPAOdS93LxBJqRBZopi0VFOUJ9OTgGJuI9yFH7P9xE1prlP2MY83DNutnpyLMoIyU rh+LR5HC5BjcO7e3rDWkTTJal+xO7MDrn80zSVBQreW4lccK4us38Ysv1Grs0Eoh9Db8 UTRCc/Rt4r4PXtjdwNMgJ5j9Keo4QFEZJ7DjElvfV+i6Nqlpq3/agf/V4j885CcHLFNV iNAr6e2bW8ixsZ/4uZ4ktjH6pMhqoHVxFDIeq1WglF1fLFSeNFZUzvw5Omw8yuQ+wrP/ pXFII1DwtLlvdhUDTewc7dptNLG4A5BgLAaeuMG4MQqA5BdC5bFDDLnxQlUIyDKipgWJ 5GSQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-language :content-transfer-encoding:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature; bh=x7jn857T6+XVh/cUUNt5yuCqvNHZ55iH/LHch72QhQY=; b=Sxiam389YhOi/rlWFV+Q5C6m8X+XXTJ5PffTp8oIHCm68jxGpJJXtv0bQSoutsSDic 01rxGCCNBf683KB5kM6p2xGeo5U8WLjcqowhynEiVddMPXw4k3eWQvW2ztKTN4KbFnTi 5zLbNk1VF7Qk1aKnl+xjR3PrbqGHxeqQ3PixoIahFqE6etfyp5cXSYDoXr/xOEfR39F8 OxRfED4LCYyitZPTb5LdxSukrHb+VVtzPp9HOQmJQjtI6N4Zlzsg+zTjhYImPeCEK+j7 UzGQzImHy0RnOrxcwLfrp4CCwFMr/RR4XLKb0/LXimxuKLa3NYTipvgt9sC+tbQw19Jc IRZA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2020-01-29 header.b=GVSDdydP; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f29si156887ooh.85.2020.04.06.11.40.10; Mon, 06 Apr 2020 11:40:26 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2020-01-29 header.b=GVSDdydP; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726272AbgDFSiU (ORCPT + 99 others); Mon, 6 Apr 2020 14:38:20 -0400 Received: from aserp2120.oracle.com ([141.146.126.78]:33798 "EHLO aserp2120.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725787AbgDFSiU (ORCPT ); Mon, 6 Apr 2020 14:38:20 -0400 Received: from pps.filterd (aserp2120.oracle.com [127.0.0.1]) by aserp2120.oracle.com (8.16.0.42/8.16.0.42) with SMTP id 036IXhuq008182; Mon, 6 Apr 2020 18:37:55 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=subject : to : cc : references : from : message-id : date : mime-version : in-reply-to : content-type : content-transfer-encoding; s=corp-2020-01-29; bh=x7jn857T6+XVh/cUUNt5yuCqvNHZ55iH/LHch72QhQY=; b=GVSDdydPTYMLD1Hytn0OvUzmaqgrr4pgN35tAcAQQABYSEts0E0lDc5tYke+l2g5RaHX 8UwXJxSjYEDrD4dd9m/5S61klBEOuqHoEuV2p8rUP24976wtmBw/3x1umBWXy1hjasq4 6w9E8AHhyLxmTGREDKhSeM/YoDBIXfdobUYHtPGO58xgx2pw+U3Jw4yHjEfz6hH4Ar28 ULtpVa6+bYaMlAAZ0dksVSfwxugLEe8LaXG2QfVaeymJJybgHEXlKD6fZ4HQzhORzRn5 Uf/A1Ltnic2ONcEeFRbIhieW8jiqlKsy32LLCzz2YYKGoV+bRTsLUnlpOJO1h8dIyoJd 7Q== Received: from aserp3030.oracle.com (aserp3030.oracle.com [141.146.126.71]) by aserp2120.oracle.com with ESMTP id 306j6m8myn-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 06 Apr 2020 18:37:55 +0000 Received: from pps.filterd (aserp3030.oracle.com [127.0.0.1]) by aserp3030.oracle.com (8.16.0.42/8.16.0.42) with SMTP id 036IWdsc041373; Mon, 6 Apr 2020 18:37:54 GMT Received: from aserv0121.oracle.com (aserv0121.oracle.com [141.146.126.235]) by aserp3030.oracle.com with ESMTP id 3073sqedu9-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 06 Apr 2020 18:37:54 +0000 Received: from abhmp0010.oracle.com (abhmp0010.oracle.com [141.146.116.16]) by aserv0121.oracle.com (8.14.4/8.13.8) with ESMTP id 036Ibo4I009211; Mon, 6 Apr 2020 18:37:50 GMT Received: from localhost.localdomain (/10.159.148.184) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Mon, 06 Apr 2020 11:37:49 -0700 Subject: Re: [PATCH v6 14/14] KVM: x86: Add kexec support for SEV Live Migration. To: Ashish Kalra Cc: pbonzini@redhat.com, tglx@linutronix.de, mingo@redhat.com, hpa@zytor.com, joro@8bytes.org, bp@suse.de, thomas.lendacky@amd.com, x86@kernel.org, kvm@vger.kernel.org, linux-kernel@vger.kernel.org, rientjes@google.com, srutherford@google.com, luto@kernel.org, brijesh.singh@amd.com References: <0caf809845d2fdb1a1ec17955826df9777f502fb.1585548051.git.ashish.kalra@amd.com> <20200404215741.GA29918@ashkalra_ubuntu_server> From: Krish Sadhukhan Message-ID: <07da6b9a-29c5-59cc-518c-0356126f2181@oracle.com> Date: Mon, 6 Apr 2020 11:37:42 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.7.0 MIME-Version: 1.0 In-Reply-To: <20200404215741.GA29918@ashkalra_ubuntu_server> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US X-Proofpoint-Virus-Version: vendor=nai engine=6000 definitions=9583 signatures=668685 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxscore=0 phishscore=0 spamscore=0 malwarescore=0 suspectscore=0 adultscore=0 bulkscore=0 mlxlogscore=999 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2003020000 definitions=main-2004060145 X-Proofpoint-Virus-Version: vendor=nai engine=6000 definitions=9583 signatures=668685 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 bulkscore=0 mlxlogscore=999 spamscore=0 priorityscore=1501 suspectscore=0 lowpriorityscore=0 malwarescore=0 impostorscore=0 mlxscore=0 phishscore=0 adultscore=0 clxscore=1015 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2003020000 definitions=main-2004060145 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 4/4/20 2:57 PM, Ashish Kalra wrote: > The host's page encryption bitmap is maintained for the guest to keep the encrypted/decrypted state > of the guest pages, therefore we need to explicitly mark all shared pages as encrypted again before > rebooting into the new guest kernel. > > On Fri, Apr 03, 2020 at 05:55:52PM -0700, Krish Sadhukhan wrote: >> On 3/29/20 11:23 PM, Ashish Kalra wrote: >>> From: Ashish Kalra >>> >>> Reset the host's page encryption bitmap related to kernel >>> specific page encryption status settings before we load a >>> new kernel by kexec. We cannot reset the complete >>> page encryption bitmap here as we need to retain the >>> UEFI/OVMF firmware specific settings. >> >> Can the commit message mention why host page encryption needs to be reset ? >> Since the theme of these patches is guest migration in-SEV context, it might >> be useful to mention why the host context comes in here. >> >>> Signed-off-by: Ashish Kalra >>> --- >>> arch/x86/kernel/kvm.c | 28 ++++++++++++++++++++++++++++ >>> 1 file changed, 28 insertions(+) >>> >>> diff --git a/arch/x86/kernel/kvm.c b/arch/x86/kernel/kvm.c >>> index 8fcee0b45231..ba6cce3c84af 100644 >>> --- a/arch/x86/kernel/kvm.c >>> +++ b/arch/x86/kernel/kvm.c >>> @@ -34,6 +34,7 @@ >>> #include >>> #include >>> #include >>> +#include >>> static int kvmapf = 1; >>> @@ -357,6 +358,33 @@ static void kvm_pv_guest_cpu_reboot(void *unused) >>> */ >>> if (kvm_para_has_feature(KVM_FEATURE_PV_EOI)) >>> wrmsrl(MSR_KVM_PV_EOI_EN, 0); >>> + /* >>> + * Reset the host's page encryption bitmap related to kernel >>> + * specific page encryption status settings before we load a >>> + * new kernel by kexec. NOTE: We cannot reset the complete >>> + * page encryption bitmap here as we need to retain the >>> + * UEFI/OVMF firmware specific settings. >>> + */ >>> + if (kvm_para_has_feature(KVM_FEATURE_SEV_LIVE_MIGRATION) && >>> + (smp_processor_id() == 0)) { >>> + unsigned long nr_pages; >>> + int i; >>> + >>> + for (i = 0; i < e820_table->nr_entries; i++) { >>> + struct e820_entry *entry = &e820_table->entries[i]; >>> + unsigned long start_pfn, end_pfn; >>> + >>> + if (entry->type != E820_TYPE_RAM) >>> + continue; >>> + >>> + start_pfn = entry->addr >> PAGE_SHIFT; >>> + end_pfn = (entry->addr + entry->size) >> PAGE_SHIFT; >>> + nr_pages = DIV_ROUND_UP(entry->size, PAGE_SIZE); >>> + >>> + kvm_sev_hypercall3(KVM_HC_PAGE_ENC_STATUS, >>> + entry->addr, nr_pages, 1); >>> + } >>> + } >>> kvm_pv_disable_apf(); >>> kvm_disable_steal_time(); >>> } Thanks for the explanation. It will certainly help one understand the context better if you add it to the commit message. Reviewed-by: Krish Sadhukhan