Re: [PATCH v6 14/14] KVM: x86: Add kexec support for SEV Live Migration.

From: Ashish Kalra
Date: Sat Apr 04 2020 - 17:58:59 EST

Next message: syzbot: "Re: WARNING in ext4_da_update_reserve_space"
Previous message: Dmitry Osipenko: "Re: [PATCH] PM / devfreq: tegra30: Delete an error message in tegra_devfreq_probe()"
In reply to: Krish Sadhukhan: "Re: [PATCH v6 14/14] KVM: x86: Add kexec support for SEV Live Migration."
Next in thread: Krish Sadhukhan: "Re: [PATCH v6 14/14] KVM: x86: Add kexec support for SEV Live Migration."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The host's page encryption bitmap is maintained for the guest to keep the encrypted/decrypted state
of the guest pages, therefore we need to explicitly mark all shared pages as encrypted again before
rebooting into the new guest kernel.

On Fri, Apr 03, 2020 at 05:55:52PM -0700, Krish Sadhukhan wrote:
>
> On 3/29/20 11:23 PM, Ashish Kalra wrote:
> > From: Ashish Kalra <ashish.kalra@xxxxxxx>
> >
> > Reset the host's page encryption bitmap related to kernel
> > specific page encryption status settings before we load a
> > new kernel by kexec. We cannot reset the complete
> > page encryption bitmap here as we need to retain the
> > UEFI/OVMF firmware specific settings.
>
>
> Can the commit message mention why host page encryption needs to be reset ?
> Since the theme of these patches is guest migration in-SEV context, it might
> be useful to mention why the host context comes in here.
>
> >
> > Signed-off-by: Ashish Kalra <ashish.kalra@xxxxxxx>
> > ---
> > arch/x86/kernel/kvm.c | 28 ++++++++++++++++++++++++++++
> > 1 file changed, 28 insertions(+)
> >
> > diff --git a/arch/x86/kernel/kvm.c b/arch/x86/kernel/kvm.c
> > index 8fcee0b45231..ba6cce3c84af 100644
> > --- a/arch/x86/kernel/kvm.c
> > +++ b/arch/x86/kernel/kvm.c
> > @@ -34,6 +34,7 @@
> > #include <asm/hypervisor.h>
> > #include <asm/tlb.h>
> > #include <asm/cpuidle_haltpoll.h>
> > +#include <asm/e820/api.h>
> > static int kvmapf = 1;
> > @@ -357,6 +358,33 @@ static void kvm_pv_guest_cpu_reboot(void *unused)
> > */
> > if (kvm_para_has_feature(KVM_FEATURE_PV_EOI))
> > wrmsrl(MSR_KVM_PV_EOI_EN, 0);
> > + /*
> > + * Reset the host's page encryption bitmap related to kernel
> > + * specific page encryption status settings before we load a
> > + * new kernel by kexec. NOTE: We cannot reset the complete
> > + * page encryption bitmap here as we need to retain the
> > + * UEFI/OVMF firmware specific settings.
> > + */
> > + if (kvm_para_has_feature(KVM_FEATURE_SEV_LIVE_MIGRATION) &&
> > + (smp_processor_id() == 0)) {
> > + unsigned long nr_pages;
> > + int i;
> > +
> > + for (i = 0; i < e820_table->nr_entries; i++) {
> > + struct e820_entry *entry = &e820_table->entries[i];
> > + unsigned long start_pfn, end_pfn;
> > +
> > + if (entry->type != E820_TYPE_RAM)
> > + continue;
> > +
> > + start_pfn = entry->addr >> PAGE_SHIFT;
> > + end_pfn = (entry->addr + entry->size) >> PAGE_SHIFT;
> > + nr_pages = DIV_ROUND_UP(entry->size, PAGE_SIZE);
> > +
> > + kvm_sev_hypercall3(KVM_HC_PAGE_ENC_STATUS,
> > + entry->addr, nr_pages, 1);
> > + }
> > + }
> > kvm_pv_disable_apf();
> > kvm_disable_steal_time();
> > }

Next message: syzbot: "Re: WARNING in ext4_da_update_reserve_space"
Previous message: Dmitry Osipenko: "Re: [PATCH] PM / devfreq: tegra30: Delete an error message in tegra_devfreq_probe()"
In reply to: Krish Sadhukhan: "Re: [PATCH v6 14/14] KVM: x86: Add kexec support for SEV Live Migration."
Next in thread: Krish Sadhukhan: "Re: [PATCH v6 14/14] KVM: x86: Add kexec support for SEV Live Migration."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]