Received: by 2002:a25:6193:0:0:0:0:0 with SMTP id v141csp56761ybb; Thu, 9 Apr 2020 17:08:49 -0700 (PDT) X-Google-Smtp-Source: APiQypI5BrJ3U54NtB1EANpiQS5WCxvENxfp33tv3eCqBNZJCrtZx61iibrSYY3wMQyk9jHhFHpv X-Received: by 2002:ae9:dfc2:: with SMTP id t185mr1664024qkf.20.1586477329572; Thu, 09 Apr 2020 17:08:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1586477329; cv=none; d=google.com; s=arc-20160816; b=IxMt5L3c9niOiSdelYVkd6kEHL80sjBcV4RahFpynHMHKS4lzuEib1TewybTmFCHqz BO7rACJqgPjeI7Ajg495XvakmxD+CS6Qu3kCwzkKxLn2QQUGB+kbo4f2t9ebNtAcslLj IkE4zpPN3pXBBHzhN5pQ3D7W0HiKe+qD86qVlDKfoz9XQIbntANhWEd33qjmGbNzFuyb f87vWbuPbhJfsqODMBGCsuUHy2qy4qrZoZ0+XgAJxv0J/EqTUJXCKRjbszogIodB1Gvp uFXmP9iwv7AkrEHwveWYzjkNp9Bfuf6VspGJ0aa0Q3du0PcVDzRkTrDuxA+tBY7ht06z WFjg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=inzVyw6Ot/LgxDWOIQtKmkQVDEN4+rg6ys6xtOG3kl4=; b=P8EMULBSEYkifNVMzjywRGqTz509jjBA3+AGc674we2gywxQaHaH9PIKx+nGw25zJD i97i6tY+/TqlG+T8hTggdnmVVOv9C7Io6fpLULYO7JZzF4jZGoSSw/yXhe0ezFTNhJBa xMcmA9lORslcrlcxEO55xQQvQtLX4kikdPh9O8HKnHZ25Pt6txP+1nQYhbDu9dwA7D1b ETYuCLWKeL8g4bJWDInfEljIewwxKAMf9o8UUFA+/Xwad4zm8jmoPhnvLDEv9CHxcW9S TUbJJwFH0py98ABnjnS/8WgPT6NokFJ0dK3uj7l0eJ9lNmCzrUbawoqIofbXb6jpFA0J lusA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=SSTs7G5A; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d188si426518qkc.138.2020.04.09.17.08.33; Thu, 09 Apr 2020 17:08:49 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=SSTs7G5A; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726952AbgDJAHC (ORCPT + 99 others); Thu, 9 Apr 2020 20:07:02 -0400 Received: from mail-lf1-f66.google.com ([209.85.167.66]:41834 "EHLO mail-lf1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726858AbgDJAHC (ORCPT ); Thu, 9 Apr 2020 20:07:02 -0400 Received: by mail-lf1-f66.google.com with SMTP id z23so213939lfh.8 for ; Thu, 09 Apr 2020 17:06:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=inzVyw6Ot/LgxDWOIQtKmkQVDEN4+rg6ys6xtOG3kl4=; b=SSTs7G5AW5Jc7I+C1WtZ9C/PnjS7Hvz4y5rUIMgax7RffUNOKUfaYATuO2YOBkdvTW iLKR3f++3jkecH5xYvwGvyNY2rqoNjog8zLh58gI5OsGHGi6mFO2TgiclVSXHriRvBcY KoEBdfuZ6bzXKEF9OLSrvSjSPXpom7tQ7wzvfnDYT9298AiaaLbiDJeR7wzxj99vPPOB Ho0rchYWdmfELpxzzZeDNPKS3eni7mCSkoTx6bSI3rK5CFKbtdyhSAdMymy6oI0DfYyo TWjZlz8KYT2gmXNzryg7OLwScO43rIDPjeoPoBxb1uUdlcj7ekqcIMQnNBBr5L1qaiTn CA4g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=inzVyw6Ot/LgxDWOIQtKmkQVDEN4+rg6ys6xtOG3kl4=; b=b4gFoG0KxZLMeGdKh86t84tS8Nb7+wFhXkj4gNuuMwLzHeSgKVyqOyEFgtVWy1lqDF 24OxyA9jBjBxFzozGiZHWRyEtIAa8Fh2v+aPIy3AJsNZF/BlsRGYcjii5VvJAmzOCC8b /jhFYfvnUMdO2/NQ3ikZ2zvWdi5h0CkOqHcvTv7lrypHuSCh0+f0nFRyoQyYrIcvyURG ZXrmzsMtWEFPC7f/A0TMxhm42kqGgTnaSss5AnUoWtsFVlnfRjTJS9EjFZyctO3HUzMD useZHp6HbHggiKF+QHs1wk5w1kDqpkaXZvHz0v78vpifC3bmWTgxPiZ7x34fEFvpeoh1 4rcQ== X-Gm-Message-State: AGi0PuaOewuEFlst2kES9vlV8L/Q92xZ6M344iedXsedxPzzPu4mCZyB zH5496BcySpy/Q1MhFeTUULMiP5FIILFDqw8WrfRqQ== X-Received: by 2002:ac2:515d:: with SMTP id q29mr1019159lfd.210.1586477218911; Thu, 09 Apr 2020 17:06:58 -0700 (PDT) MIME-Version: 1.0 References: <4d4fbe2b9acda82c04834682900acf782182ec23.1585548051.git.ashish.kalra@amd.com> <20200408014852.GA27608@ashkalra_ubuntu_server> In-Reply-To: <20200408014852.GA27608@ashkalra_ubuntu_server> From: Steve Rutherford Date: Thu, 9 Apr 2020 17:06:21 -0700 Message-ID: Subject: Re: [PATCH v6 11/14] KVM: x86: Introduce KVM_SET_PAGE_ENC_BITMAP ioctl To: Ashish Kalra Cc: Paolo Bonzini , Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Joerg Roedel , Borislav Petkov , Tom Lendacky , X86 ML , KVM list , LKML , David Rientjes , Andy Lutomirski , Brijesh Singh Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Apr 7, 2020 at 6:49 PM Ashish Kalra wrote: > > Hello Steve, > > On Tue, Apr 07, 2020 at 05:26:33PM -0700, Steve Rutherford wrote: > > On Sun, Mar 29, 2020 at 11:23 PM Ashish Kalra wr= ote: > > > > > > From: Brijesh Singh > > > > > > The ioctl can be used to set page encryption bitmap for an > > > incoming guest. > > > > > > Cc: Thomas Gleixner > > > Cc: Ingo Molnar > > > Cc: "H. Peter Anvin" > > > Cc: Paolo Bonzini > > > Cc: "Radim Kr=C4=8Dm=C3=A1=C5=99" > > > Cc: Joerg Roedel > > > Cc: Borislav Petkov > > > Cc: Tom Lendacky > > > Cc: x86@kernel.org > > > Cc: kvm@vger.kernel.org > > > Cc: linux-kernel@vger.kernel.org > > > Signed-off-by: Brijesh Singh > > > Signed-off-by: Ashish Kalra > > > --- > > > Documentation/virt/kvm/api.rst | 22 +++++++++++++++++ > > > arch/x86/include/asm/kvm_host.h | 2 ++ > > > arch/x86/kvm/svm.c | 42 +++++++++++++++++++++++++++++++= ++ > > > arch/x86/kvm/x86.c | 12 ++++++++++ > > > include/uapi/linux/kvm.h | 1 + > > > 5 files changed, 79 insertions(+) > > > > > > diff --git a/Documentation/virt/kvm/api.rst b/Documentation/virt/kvm/= api.rst > > > index 8ad800ebb54f..4d1004a154f6 100644 > > > --- a/Documentation/virt/kvm/api.rst > > > +++ b/Documentation/virt/kvm/api.rst > > > @@ -4675,6 +4675,28 @@ or shared. The bitmap can be used during the g= uest migration, if the page > > > is private then userspace need to use SEV migration commands to tran= smit > > > the page. > > > > > > +4.126 KVM_SET_PAGE_ENC_BITMAP (vm ioctl) > > > +--------------------------------------- > > > + > > > +:Capability: basic > > > +:Architectures: x86 > > > +:Type: vm ioctl > > > +:Parameters: struct kvm_page_enc_bitmap (in/out) > > > +:Returns: 0 on success, -1 on error > > > + > > > +/* for KVM_SET_PAGE_ENC_BITMAP */ > > > +struct kvm_page_enc_bitmap { > > > + __u64 start_gfn; > > > + __u64 num_pages; > > > + union { > > > + void __user *enc_bitmap; /* one bit per page */ > > > + __u64 padding2; > > > + }; > > > +}; > > > + > > > +During the guest live migration the outgoing guest exports its page = encryption > > > +bitmap, the KVM_SET_PAGE_ENC_BITMAP can be used to build the page en= cryption > > > +bitmap for an incoming guest. > > > > > > 5. The kvm_run structure > > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D > > > diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/k= vm_host.h > > > index 27e43e3ec9d8..d30f770aaaea 100644 > > > --- a/arch/x86/include/asm/kvm_host.h > > > +++ b/arch/x86/include/asm/kvm_host.h > > > @@ -1271,6 +1271,8 @@ struct kvm_x86_ops { > > > unsigned long sz, unsigned long mod= e); > > > int (*get_page_enc_bitmap)(struct kvm *kvm, > > > struct kvm_page_enc_bitmap *bmap); > > > + int (*set_page_enc_bitmap)(struct kvm *kvm, > > > + struct kvm_page_enc_bitmap *bmap); > > > }; > > > > > > struct kvm_arch_async_pf { > > > diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c > > > index bae783cd396a..313343a43045 100644 > > > --- a/arch/x86/kvm/svm.c > > > +++ b/arch/x86/kvm/svm.c > > > @@ -7756,6 +7756,47 @@ static int svm_get_page_enc_bitmap(struct kvm = *kvm, > > > return ret; > > > } > > > > > > +static int svm_set_page_enc_bitmap(struct kvm *kvm, > > > + struct kvm_page_enc_bitmap *bmap) > > > +{ > > > + struct kvm_sev_info *sev =3D &to_kvm_svm(kvm)->sev_info; > > > + unsigned long gfn_start, gfn_end; > > > + unsigned long *bitmap; > > > + unsigned long sz, i; > > > + int ret; > > > + > > > + if (!sev_guest(kvm)) > > > + return -ENOTTY; > > > + > > > + gfn_start =3D bmap->start_gfn; > > > + gfn_end =3D gfn_start + bmap->num_pages; > > > + > > > + sz =3D ALIGN(bmap->num_pages, BITS_PER_LONG) / 8; > > > + bitmap =3D kmalloc(sz, GFP_KERNEL); > > > + if (!bitmap) > > > + return -ENOMEM; > > > + > > > + ret =3D -EFAULT; > > > + if (copy_from_user(bitmap, bmap->enc_bitmap, sz)) > > > + goto out; > > > + > > > + mutex_lock(&kvm->lock); > > > + ret =3D sev_resize_page_enc_bitmap(kvm, gfn_end); > > I realize now that usermode could use this for initializing the > > minimum size of the enc bitmap, which probably solves my issue from > > the other thread. > > > + if (ret) > > > + goto unlock; > > > + > > > + i =3D gfn_start; > > > + for_each_clear_bit_from(i, bitmap, (gfn_end - gfn_start)) > > > + clear_bit(i + gfn_start, sev->page_enc_bmap); > > This API seems a bit strange, since it can only clear bits. I would > > expect "set" to force the values to match the values passed down, > > instead of only ensuring that cleared bits in the input are also > > cleared in the kernel. > > > > The sev_resize_page_enc_bitmap() will allocate a new bitmap and > set it to all 0xFF's, therefore, the code here simply clears the bits > in the bitmap as per the cleared bits in the input. If I'm not mistaken, resize only reinitializes the newly extended part of the buffer, and copies the old values for the rest. With the API you proposed you could probably reimplement a normal set call by calling get, then reset, and then set, but this feels cumbersome. --Steve