Re: [PATCH 15/15] Drivers: hv: Add modules to expose /dev/mshv to VMMs running on Hyper-V

From: Nuno Das Neves
Date: Thu Aug 17 2023 - 13:57:44 EST

Next message: Jason Gunthorpe: "Re: [PATCH v2] iommu/arm-smmu-v3: Allow default substream bypass with a pasid support"
Previous message: Rik van Riel: "[PATCH] mm,kexec,ima,x86: use memblock_free_late from ima_free_kexec_buffer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 8/2/2023 6:23 PM, Wei Liu wrote:
> On Thu, Jul 27, 2023 at 12:54:50PM -0700, Nuno Das Neves wrote:
>> Add mshv, mshv_root, and mshv_vtl modules.
>> - mshv provides /dev/mshv and common code, and is the parent module
>> - mshv_root provides APIs for creating and managing child partitions
>> - mshv_vtl provides VTL (Virtual Trust Level) support for VMMs
>
> Please provide a slightly more detailed description of what these
> modules do. This is huge patch after all. People doing code archaeology
> will appreciate a better commit message.
>
> For example (please correct if I'm wrong):
>
> Module mshv provides /dev/mshv and common code, and is the parent module
> to the other two modules. At its core, it implements an eventfd frame
> work, and defines some helper functions for the other modules.
>
> Module mshv_root provides APIs for creating and managing child
> partitions. It defines abstractions for vcpus, partitions and other
> things related to running a guest inside the kernel. It also exposes
> user space interfaces for the VMMs.
>
> Module mshv_vtl provides VTL (Virtual Trust Level) support for VMMs. It
> allows the VMM to run in a higher trust level than the guest but still
> within the same context as the guest. This is a useful feature for in
> guest emulation for better isolation and performance.
>

Thanks - I will provide some more detail, including what you described.

I will make a couple of changes - the eventfd framework is in mshv_root,
not mshv. I will amend the mshv_vtl part a little for clarity.

>>
>> Signed-off-by: Nuno Das Neves <nunodasneves@xxxxxxxxxxxxxxxxxxx>
>> ---
>> drivers/hv/Kconfig | 54 +
>> drivers/hv/Makefile | 21 +
>> drivers/hv/hv_call.c | 119 ++
>> drivers/hv/mshv.h | 156 +++
>> drivers/hv/mshv_eventfd.c | 758 ++++++++++++
>> drivers/hv/mshv_eventfd.h | 80 ++
>> drivers/hv/mshv_main.c | 208 ++++
>> drivers/hv/mshv_msi.c | 129 +++
>> drivers/hv/mshv_portid_table.c | 84 ++
>> drivers/hv/mshv_root.h | 194 ++++
>> drivers/hv/mshv_root_hv_call.c | 1064 +++++++++++++++++
>> drivers/hv/mshv_root_main.c | 1964 ++++++++++++++++++++++++++++++++
>> drivers/hv/mshv_synic.c | 689 +++++++++++
>> drivers/hv/mshv_vtl.h | 52 +
>> drivers/hv/mshv_vtl_main.c | 1541 +++++++++++++++++++++++++
>> drivers/hv/xfer_to_guest.c | 28 +
>> include/uapi/linux/mshv.h | 298 +++++
>> 17 files changed, 7439 insertions(+)
>> create mode 100644 drivers/hv/hv_call.c
>> create mode 100644 drivers/hv/mshv.h
>> create mode 100644 drivers/hv/mshv_eventfd.c
>> create mode 100644 drivers/hv/mshv_eventfd.h
>> create mode 100644 drivers/hv/mshv_main.c
>> create mode 100644 drivers/hv/mshv_msi.c
>> create mode 100644 drivers/hv/mshv_portid_table.c
>> create mode 100644 drivers/hv/mshv_root.h
>> create mode 100644 drivers/hv/mshv_root_hv_call.c
>> create mode 100644 drivers/hv/mshv_root_main.c
>> create mode 100644 drivers/hv/mshv_synic.c
>> create mode 100644 drivers/hv/mshv_vtl.h
>> create mode 100644 drivers/hv/mshv_vtl_main.c
>> create mode 100644 drivers/hv/xfer_to_guest.c
>> create mode 100644 include/uapi/linux/mshv.h
>>
>> diff --git a/drivers/hv/Kconfig b/drivers/hv/Kconfig
>> index 00242107d62e..b150d686e902 100644
>> --- a/drivers/hv/Kconfig
>> +++ b/drivers/hv/Kconfig
>> @@ -54,4 +54,58 @@ config HYPERV_BALLOON
>> help
>> Select this option to enable Hyper-V Balloon driver.
>>
>> +config MSHV
>> + tristate "Microsoft Hypervisor root partition interfaces: /dev/mshv"
>> + depends on X86_64 && HYPERV
>> + select EVENTFD
>> + select MSHV_VFIO
>
> This is not needed yet, right? I think this is just dead code right now.
>
> It can be introduced when we start upstreaming the VFIO bits.
>

Right. Removed, along with config MSHV_VFIO below.

>> + select MSHV_XFER_TO_GUEST_WORK
>> + help
>> + Select this option to enable core functionality for managing guest
>> + virtual machines running under the Microsoft Hypervisor.
>> +
>> + The interfaces are provided via a device named /dev/mshv.
>> +
>> + To compile this as a module, choose M here.
>> +
>> + If unsure, say N.
>> +
>> +config MSHV_ROOT
>> + tristate "Microsoft Hyper-V root partition APIs driver"
>> + depends on MSHV
>> + help
>> + Select this option to provide /dev/mshv interfaces specific to
>> + running as the root partition on Microsoft Hypervisor.
>> +
>> + To compile this as a module, choose M here.
>> +
>> + If unsure, say N.
>> +
>> +config MSHV_VTL
>> + tristate "Microsoft Hyper-V VTL driver"
>> + depends on MSHV
>> + select HYPERV_VTL_MODE
>> + select TRANSPARENT_HUGEPAGE
>> + help
>> + Select this option to enable Hyper-V VTL driver.
>> + Virtual Secure Mode (VSM) is a set of hypervisor capabilities and
>> + enlightenments offered to host and guest partitions which enables
>> + the creation and management of new security boundaries within
>> + operating system software.
>> +
>> + VSM achieves and maintains isolation through Virtual Trust Levels
>> + (VTLs). Virtual Trust Levels are hierarchical, with higher levels
>> + being more privileged than lower levels. VTL0 is the least privileged
>> + level, and currently only other level supported is VTL2.
>> +
>> + To compile this as a module, choose M here.
>> +
>> + If unsure, say N.
>
> The changes to the function which indicates if output pages are needed
> should be in this patch.
>

Yes - I will add it in this patch.

>> +
>> +config MSHV_VFIO
>> + bool
>> +
>> +config MSHV_XFER_TO_GUEST_WORK
>> + bool
>> +
>> endmenu
>> diff --git a/drivers/hv/Makefile b/drivers/hv/Makefile
>> index d76df5c8c2a9..113c79cfadb9 100644
>> --- a/drivers/hv/Makefile
>> +++ b/drivers/hv/Makefile
>> @@ -2,10 +2,31 @@
>> obj-$(CONFIG_HYPERV) += hv_vmbus.o
>> obj-$(CONFIG_HYPERV_UTILS) += hv_utils.o
>> obj-$(CONFIG_HYPERV_BALLOON) += hv_balloon.o
>> +obj-$(CONFIG_DXGKRNL) += dxgkrnl/
>
> This is not yet upstreamed. It shouldn't be here. Does this not break
> the build for you?
>
Oops! Nope, it doesn't seem to break the build... Anyway, removed.

> The rest is basically a copy of what was posted many moons before plus
> some VTL stuff, and new code for the root scheduler and async hypercall
> support. I've probably gone through some versions of this code already,
> so I only skim the code.
>
> Since this is a Microsoft only driver, I don't expect to get much review
> from the community -- the last few rounds were quiet. I will however let
> this patch series float for a while before taking any further actions
> just in case.
>
> If people are interested in specific bits of the code in the driver,
> please let Nuno and I know.
>
> Thanks,
> Wei.

Next message: Jason Gunthorpe: "Re: [PATCH v2] iommu/arm-smmu-v3: Allow default substream bypass with a pasid support"
Previous message: Rik van Riel: "[PATCH] mm,kexec,ima,x86: use memblock_free_late from ima_free_kexec_buffer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]