Commit b9ecb9a9 authored by Paolo Bonzini's avatar Paolo Bonzini
Browse files

Merge branch 'kvm-guest-sev-migration' into kvm-master 

Add guest api and guest kernel support for SEV live migration.

Introduces a new hypercall to notify the host of changes to the page
encryption status.  If the page is encrypted then it must be migrated
through the SEV firmware or a helper VM sharing the key.  If page is
not encrypted then it can be migrated normally by userspace.  This new
hypercall is invoked using paravirt_ops.

Conflicts: sev_active() replaced by cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT).
parents debe436e 73f1b4fe

arch/x86/include/asm/kvm_para.h

+12 −0
Original line number Diff line number Diff line
@@ -83,6 +83,18 @@ static inline long kvm_hypercall4(unsigned int nr, unsigned long p1, 
	return ret;

}



static inline long kvm_sev_hypercall3(unsigned int nr, unsigned long p1,

				      unsigned long p2, unsigned long p3)

{

	long ret;



	asm volatile("vmmcall"

		     : "=a"(ret)

		     : "a"(nr), "b"(p1), "c"(p2), "d"(p3)

		     : "memory");

	return ret;

}



#ifdef CONFIG_KVM_GUEST

void kvmclock_init(void);

void kvmclock_disable(void);

arch/x86/include/asm/mem_encrypt.h

+4 −0
Original line number Diff line number Diff line
@@ -44,6 +44,8 @@ void __init sme_enable(struct boot_params *bp); 


int __init early_set_memory_decrypted(unsigned long vaddr, unsigned long size);

int __init early_set_memory_encrypted(unsigned long vaddr, unsigned long size);

void __init early_set_mem_enc_dec_hypercall(unsigned long vaddr, int npages,

					    bool enc);



void __init mem_encrypt_free_decrypted_mem(void);
@@ -78,6 +80,8 @@ static inline int __init 
early_set_memory_decrypted(unsigned long vaddr, unsigned long size) { return 0; }

static inline int __init

early_set_memory_encrypted(unsigned long vaddr, unsigned long size) { return 0; }

static inline void __init

early_set_mem_enc_dec_hypercall(unsigned long vaddr, int npages, bool enc) {}



static inline void mem_encrypt_free_decrypted_mem(void) { }

arch/x86/include/asm/paravirt.h

+6 −0
Original line number Diff line number Diff line
@@ -97,6 +97,12 @@ static inline void paravirt_arch_exit_mmap(struct mm_struct *mm) 
	PVOP_VCALL1(mmu.exit_mmap, mm);

}



static inline void notify_page_enc_status_changed(unsigned long pfn,

						  int npages, bool enc)

{

	PVOP_VCALL3(mmu.notify_page_enc_status_changed, pfn, npages, enc);

}



#ifdef CONFIG_PARAVIRT_XXL

static inline void load_sp0(unsigned long sp0)

{

arch/x86/include/asm/paravirt_types.h

+1 −0
Original line number Diff line number Diff line
@@ -168,6 +168,7 @@ struct pv_mmu_ops { 


	/* Hook for intercepting the destruction of an mm_struct. */

	void (*exit_mmap)(struct mm_struct *mm);

	void (*notify_page_enc_status_changed)(unsigned long pfn, int npages, bool enc);



#ifdef CONFIG_PARAVIRT_XXL

	struct paravirt_callee_save read_cr2;

arch/x86/include/asm/set_memory.h

+1 −0
Original line number Diff line number Diff line
@@ -83,6 +83,7 @@ int set_pages_rw(struct page *page, int numpages); 
int set_direct_map_invalid_noflush(struct page *page);

int set_direct_map_default_noflush(struct page *page);

bool kernel_page_present(struct page *page);

void notify_range_enc_status_changed(unsigned long vaddr, int npages, bool enc);



extern int kernel_set_to_readonly;