From patchwork Wed Apr 24 16:10:10 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 1090233 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=amd.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=amdcloud.onmicrosoft.com header.i=@amdcloud.onmicrosoft.com header.b="V3vC9EjO"; dkim-atps=neutral Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 44q57G6g1Tz9s9N for ; Thu, 25 Apr 2019 02:17:14 +1000 (AEST) Received: from localhost ([127.0.0.1]:44094 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hJKa8-0008II-DH for incoming@patchwork.ozlabs.org; Wed, 24 Apr 2019 12:17:12 -0400 Received: from eggs.gnu.org ([209.51.188.92]:38740) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hJKTn-0002DU-6W for qemu-devel@nongnu.org; Wed, 24 Apr 2019 12:10:40 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hJKTP-0003sd-Pp for qemu-devel@nongnu.org; Wed, 24 Apr 2019 12:10:30 -0400 Received: from mail-eopbgr710060.outbound.protection.outlook.com ([40.107.71.60]:21343 helo=NAM05-BY2-obe.outbound.protection.outlook.com) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hJKTN-0003lK-Uc for qemu-devel@nongnu.org; Wed, 24 Apr 2019 12:10:15 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=82sYA5FglOWsrg0DbVYRMp15GvBNRUbGrkkGiH2XfkU=; b=V3vC9EjObSxuZF2srPCHroNxg3y7YffZ2HNYYrb6JqlfLoCW/SEQaRqp8tmgad7gmz6gczxiaNSjnx1jcqmNIZpd7z8TuSZeNhMx+6fpiVSmiGsVeALV8T5l5CsNGb0ukRKSv+CwxQJEAFFq7wJyVVMreJHWZNz9x4nqsZcXdbQ= Received: from DM6PR12MB2682.namprd12.prod.outlook.com (20.176.116.31) by DM6PR12MB3212.namprd12.prod.outlook.com (20.179.105.76) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1835.12; Wed, 24 Apr 2019 16:10:10 +0000 Received: from DM6PR12MB2682.namprd12.prod.outlook.com ([fe80::9183:846f:a93e:9a43]) by DM6PR12MB2682.namprd12.prod.outlook.com ([fe80::9183:846f:a93e:9a43%5]) with mapi id 15.20.1813.017; Wed, 24 Apr 2019 16:10:10 +0000 From: "Singh, Brijesh" To: "kvm@vger.kernel.org" Thread-Topic: [RFC PATCH v1 09/10] KVM: x86: Introduce KVM_GET_PAGE_ENC_BITMAP ioctl Thread-Index: AQHU+rgwNLa7fwTWiki9QPhUKWpx/Q== Date: Wed, 24 Apr 2019 16:10:10 +0000 Message-ID: <20190424160942.13567-10-brijesh.singh@amd.com> References: <20190424160942.13567-1-brijesh.singh@amd.com> In-Reply-To: <20190424160942.13567-1-brijesh.singh@amd.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-clientproxiedby: SN4PR0601CA0019.namprd06.prod.outlook.com (2603:10b6:803:2f::29) To DM6PR12MB2682.namprd12.prod.outlook.com (2603:10b6:5:4a::31) authentication-results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; x-ms-exchange-messagesentrepresentingtype: 1 x-mailer: git-send-email 2.17.1 x-originating-ip: [165.204.77.1] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 200eb3ae-a45e-485a-b0d5-08d6c8cf534e x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600141)(711020)(4605104)(4618075)(2017052603328)(7193020); SRVR:DM6PR12MB3212; x-ms-traffictypediagnostic: DM6PR12MB3212: x-microsoft-antispam-prvs: x-forefront-prvs: 00179089FD x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(396003)(136003)(376002)(39860400002)(366004)(346002)(199004)(189003)(6436002)(476003)(5640700003)(66556008)(66066001)(102836004)(6512007)(386003)(6506007)(6116002)(3846002)(6916009)(76176011)(2616005)(486006)(5660300002)(446003)(86362001)(97736004)(26005)(2501003)(11346002)(6486002)(186003)(2351001)(53936002)(14454004)(256004)(14444005)(36756003)(4326008)(54906003)(2906002)(25786009)(50226002)(68736007)(7416002)(8936002)(66476007)(99286004)(52116002)(81166006)(81156014)(73956011)(1076003)(8676002)(305945005)(1730700003)(71200400001)(66946007)(7736002)(66574012)(478600001)(316002)(64756008)(66446008)(71190400001); DIR:OUT; SFP:1101; SCL:1; SRVR:DM6PR12MB3212; H:DM6PR12MB2682.namprd12.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: amd.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: tZZ/ByTmIGPysF3Y+0zu5F+xA2EIoRpOde/usZO/oTqiuG/7FncCdqHl5G/6nsiX5LfywmnClzhwbvrAF/UB9htik9mD5PPyNZJCAjUavUXwN5zyB2JEEl0ZA2pOeuhspXRRW4GBiTM34fJ0WnWO6hUITpSnbKkMKdYQ8fDhEV6yeeyqCNsfEstPPwW4nNHsW2oxK2MBc6xW2NBhOqV140ZIBMWoQGkeNBdNkwyIR7ptdq5zLRxcgje8fLUvw3m5SrY/byPBuYqokebOW1rqG9eK058GpmaEpcwETbdqvy5TjrBh6P+6EJzzjEzesiMci7mJzjayDnI19FRmtZbf5k5xbTnrflshMLGdg44y+5NV971ruydVFyCCfjTtCWgBmJVR202zYiWa72eQZGGOXBfsBWsTXf83O6fy7Vt3aYo= Content-ID: <2EB5FEF7F66F974FA3F26867EDA5F475@namprd12.prod.outlook.com> MIME-Version: 1.0 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 200eb3ae-a45e-485a-b0d5-08d6c8cf534e X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Apr 2019 16:10:10.4167 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3212 X-detected-operating-system: by eggs.gnu.org: Windows 7 or 8 [fuzzy] X-Received-From: 40.107.71.60 Subject: [Qemu-devel] [RFC PATCH v1 09/10] KVM: x86: Introduce KVM_GET_PAGE_ENC_BITMAP ioctl X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: "Lendacky, Thomas" , "Singh, Brijesh" , =?utf-8?b?UmFkaW0gS3LEjW3DocWZ?= , Joerg Roedel , "x86@kernel.org" , "qemu-devel@nongnu.org" , "linux-kernel@vger.kernel.org" , Ingo Molnar , "H. Peter Anvin" , Paolo Bonzini , Thomas Gleixner , Borislav Petkov Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" The ioctl can be used to retrieve page encryption bitmap for a given kvm memory slot. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel Cc: Borislav Petkov Cc: Tom Lendacky Cc: x86@kernel.org Cc: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: Brijesh Singh --- arch/x86/include/asm/kvm_host.h | 1 + arch/x86/kvm/svm.c | 54 ++++++++++++++++++++++++++++++++- arch/x86/kvm/x86.c | 12 ++++++++ include/uapi/linux/kvm.h | 12 ++++++++ 4 files changed, 78 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index adb0ca035b97..9947c4be825d 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1198,6 +1198,7 @@ struct kvm_x86_ops { bool (*need_emulation_on_page_fault)(struct kvm_vcpu *vcpu); int (*page_enc_status_hc)(struct kvm *kvm, unsigned long gpa, unsigned long sz, unsigned long mode); + int (*get_page_enc_bitmap)(struct kvm *kvm, struct kvm_page_enc_bitmap *bmap); }; struct kvm_arch_async_pf { diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c index f024f208b052..f386d72c929b 100644 --- a/arch/x86/kvm/svm.c +++ b/arch/x86/kvm/svm.c @@ -7437,6 +7437,57 @@ static int svm_page_enc_status_hc(struct kvm *kvm, unsigned long gpa, return r; } +static int svm_get_page_enc_bitmap(struct kvm *kvm, + struct kvm_page_enc_bitmap *bmap) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + unsigned long gfn_start, gfn_end; + struct kvm_memory_slot *memslot; + struct kvm_memslots *slots; + unsigned long *bitmap; + unsigned long sz, i; + int ret, as_id, id; + + if (!sev_guest(kvm)) + return -ENOTTY; + + as_id = bmap->slot >> 16; + id = (u16)bmap->slot; + if (as_id >= KVM_ADDRESS_SPACE_NUM || id >= KVM_USER_MEM_SLOTS) + return -EINVAL; + + slots = __kvm_memslots(kvm, as_id); + memslot = id_to_memslot(slots, id); + + gfn_start = memslot->base_gfn; + gfn_end = gfn_start + memslot->npages; + + sz = ALIGN(memslot->npages, BITS_PER_LONG) / 8; + bitmap = kmalloc(sz, GFP_KERNEL); + if (!bitmap) + return -ENOMEM; + + memset(bitmap, 0xff, sz); /* by default all pages are marked encrypted */ + + mutex_lock(&kvm->lock); + if (sev->page_enc_bmap) { + i = gfn_start; + for_each_clear_bit_from(i, sev->page_enc_bmap, + min(sev->page_enc_bmap_size, gfn_end)) + clear_bit(i - gfn_start, bitmap); + } + mutex_unlock(&kvm->lock); + + ret = -EFAULT; + if (copy_to_user(bmap->enc_bitmap, bitmap, sz)) + goto out; + + ret = 0; +out: + kfree(bitmap); + return ret; +} + static int svm_mem_enc_op(struct kvm *kvm, void __user *argp) { struct kvm_sev_cmd sev_cmd; @@ -7779,7 +7830,8 @@ static struct kvm_x86_ops svm_x86_ops __ro_after_init = { .need_emulation_on_page_fault = svm_need_emulation_on_page_fault, - .page_enc_status_hc = svm_page_enc_status_hc + .page_enc_status_hc = svm_page_enc_status_hc, + .get_page_enc_bitmap = svm_get_page_enc_bitmap }; static int __init svm_init(void) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index dea644be5992..44079979b1c5 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -4882,6 +4882,18 @@ long kvm_arch_vm_ioctl(struct file *filp, r = kvm_vm_ioctl_hv_eventfd(kvm, &hvevfd); break; } + case KVM_GET_PAGE_ENC_BITMAP: { + struct kvm_page_enc_bitmap bitmap; + + r = -EFAULT; + if (copy_from_user(&bitmap, argp, sizeof(bitmap))) + goto out; + + r = -ENOTTY; + if (kvm_x86_ops->get_page_enc_bitmap) + r = kvm_x86_ops->get_page_enc_bitmap(kvm, &bitmap); + break; + } default: r = -ENOTTY; } diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 07e058a3ec11..7f944d4e252c 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -492,6 +492,16 @@ struct kvm_dirty_log { }; }; +/* for KVM_GET_PAGE_ENC_BITMAP */ +struct kvm_page_enc_bitmap { + __u32 slot; + __u32 padding1; + union { + void __user *enc_bitmap; /* one bit per page */ + __u64 padding2; + }; +}; + /* for KVM_CLEAR_DIRTY_LOG */ struct kvm_clear_dirty_log { __u32 slot; @@ -1440,6 +1450,8 @@ struct kvm_enc_region { /* Available with KVM_CAP_HYPERV_CPUID */ #define KVM_GET_SUPPORTED_HV_CPUID _IOWR(KVMIO, 0xc1, struct kvm_cpuid2) +#define KVM_GET_PAGE_ENC_BITMAP _IOW(KVMIO, 0xc2, struct kvm_page_enc_bitmap) + /* Secure Encrypted Virtualization command */ enum sev_cmd_id { /* Guest initialization commands */