c15e5684 | 20-Mar-2024 |
Chao Peng <chao.p.peng@linux.intel.com> |
kvm: handle KVM_EXIT_MEMORY_FAULT
Upon an KVM_EXIT_MEMORY_FAULT exit, userspace needs to do the memory conversion on the RAMBlock to turn the memory into desired attribute, switching between private
kvm: handle KVM_EXIT_MEMORY_FAULT
Upon an KVM_EXIT_MEMORY_FAULT exit, userspace needs to do the memory conversion on the RAMBlock to turn the memory into desired attribute, switching between private and shared.
Currently only KVM_MEMORY_EXIT_FLAG_PRIVATE in flags is valid when KVM_EXIT_MEMORY_FAULT happens.
Note, KVM_EXIT_MEMORY_FAULT makes sense only when the RAMBlock has guest_memfd memory backend.
Note, KVM_EXIT_MEMORY_FAULT returns with -EFAULT, so special handling is added.
When page is converted from shared to private, the original shared memory can be discarded via ram_block_discard_range(). Note, shared memory can be discarded only when it's not back'ed by hugetlb because hugetlb is supposed to be pre-allocated and no need for discarding.
Signed-off-by: Chao Peng <chao.p.peng@linux.intel.com> Co-developed-by: Xiaoyao Li <xiaoyao.li@intel.com> Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
Message-ID: <20240320083945.991426-13-michael.roth@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
show more ...
|
37662d85 | 20-Mar-2024 |
Xiaoyao Li <xiaoyao.li@intel.com> |
HostMem: Add mechanism to opt in kvm guest memfd via MachineState
Add a new member "guest_memfd" to memory backends. When it's set to true, it enables RAM_GUEST_MEMFD in ram_flags, thus private kvm
HostMem: Add mechanism to opt in kvm guest memfd via MachineState
Add a new member "guest_memfd" to memory backends. When it's set to true, it enables RAM_GUEST_MEMFD in ram_flags, thus private kvm guest_memfd will be allocated during RAMBlock allocation.
Memory backend's @guest_memfd is wired with @require_guest_memfd field of MachineState. It avoid looking up the machine in phymem.c.
MachineState::require_guest_memfd is supposed to be set by any VMs that requires KVM guest memfd as private memory, e.g., TDX VM.
Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com> Reviewed-by: David Hildenbrand <david@redhat.com> Message-ID: <20240320083945.991426-8-michael.roth@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
show more ...
|
ce5a9832 | 20-Mar-2024 |
Chao Peng <chao.p.peng@linux.intel.com> |
kvm: Enable KVM_SET_USER_MEMORY_REGION2 for memslot
Switch to KVM_SET_USER_MEMORY_REGION2 when supported by KVM.
With KVM_SET_USER_MEMORY_REGION2, QEMU can set up memory region that backend'ed both
kvm: Enable KVM_SET_USER_MEMORY_REGION2 for memslot
Switch to KVM_SET_USER_MEMORY_REGION2 when supported by KVM.
With KVM_SET_USER_MEMORY_REGION2, QEMU can set up memory region that backend'ed both by hva-based shared memory and guest memfd based private memory.
Signed-off-by: Chao Peng <chao.p.peng@linux.intel.com> Co-developed-by: Xiaoyao Li <xiaoyao.li@intel.com> Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com> Message-ID: <20240320083945.991426-10-michael.roth@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
show more ...
|
15f7a80c | 20-Mar-2024 |
Xiaoyao Li <xiaoyao.li@intel.com> |
RAMBlock: Add support of KVM private guest memfd
Add KVM guest_memfd support to RAMBlock so both normal hva based memory and kvm guest memfd based private memory can be associated in one RAMBlock.
RAMBlock: Add support of KVM private guest memfd
Add KVM guest_memfd support to RAMBlock so both normal hva based memory and kvm guest memfd based private memory can be associated in one RAMBlock.
Introduce new flag RAM_GUEST_MEMFD. When it's set, it calls KVM ioctl to create private guest_memfd during RAMBlock setup.
Allocating a new RAM_GUEST_MEMFD flag to instruct the setup of guest memfd is more flexible and extensible than simply relying on the VM type because in the future we may have the case that not all the memory of a VM need guest memfd. As a benefit, it also avoid getting MachineState in memory subsystem.
Note, RAM_GUEST_MEMFD is supposed to be set for memory backends of confidential guests, such as TDX VM. How and when to set it for memory backends will be implemented in the following patches.
Introduce memory_region_has_guest_memfd() to query if the MemoryRegion has KVM guest_memfd allocated.
Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com> Reviewed-by: David Hildenbrand <david@redhat.com> Message-ID: <20240320083945.991426-7-michael.roth@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
show more ...
|
a99c0c66 | 18-Mar-2024 |
Paolo Bonzini <pbonzini@redhat.com> |
KVM: remove kvm_arch_cpu_check_are_resettable
Board reset requires writing a fresh CPU state. As far as KVM is concerned, the only thing that blocks reset is that CPU state is encrypted; therefore,
KVM: remove kvm_arch_cpu_check_are_resettable
Board reset requires writing a fresh CPU state. As far as KVM is concerned, the only thing that blocks reset is that CPU state is encrypted; therefore, kvm_cpus_are_resettable() can simply check if that is the case.
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
show more ...
|
5c3131c3 | 18-Mar-2024 |
Paolo Bonzini <pbonzini@redhat.com> |
KVM: track whether guest state is encrypted
So far, KVM has allowed KVM_GET/SET_* ioctls to execute even if the guest state is encrypted, in which case they do nothing. For the new API using VM typ
KVM: track whether guest state is encrypted
So far, KVM has allowed KVM_GET/SET_* ioctls to execute even if the guest state is encrypted, in which case they do nothing. For the new API using VM types, instead, the ioctls will fail which is a safer and more robust approach.
The new API will be the only one available for SEV-SNP and TDX, but it is also usable for SEV and SEV-ES. In preparation for that, require architecture-specific KVM code to communicate the point at which guest state is protected (which must be after kvm_cpu_synchronize_post_init(), though that might change in the future in order to suppor migration). From that point, skip reading registers so that cpu->vcpu_dirty is never true: if it ever becomes true, kvm_arch_put_registers() will fail miserably.
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
show more ...
|
3e5e5d47 | 13-Nov-2023 |
Philippe Mathieu-Daudé <philmd@linaro.org> |
sysemu/xen-mapcache: Check Xen availability with CONFIG_XEN_IS_POSSIBLE
"sysemu/xen.h" defines CONFIG_XEN_IS_POSSIBLE as a target-agnostic version of CONFIG_XEN accelerator. Use it in order to use "
sysemu/xen-mapcache: Check Xen availability with CONFIG_XEN_IS_POSSIBLE
"sysemu/xen.h" defines CONFIG_XEN_IS_POSSIBLE as a target-agnostic version of CONFIG_XEN accelerator. Use it in order to use "sysemu/xen-mapcache.h" in target-agnostic files.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: David Woodhouse <dwmw@amazon.co.uk> Message-Id: <20231114143816.71079-4-philmd@linaro.org>
show more ...
|
71b3ea37 | 20-Feb-2024 |
Peter Maydell <peter.maydell@linaro.org> |
hw/core/reset: Implement qemu_register_reset via qemu_register_resettable
Reimplement qemu_register_reset() via qemu_register_resettable().
We define a new LegacyReset object which implements Reset
hw/core/reset: Implement qemu_register_reset via qemu_register_resettable
Reimplement qemu_register_reset() via qemu_register_resettable().
We define a new LegacyReset object which implements Resettable and defines its reset hold phase method to call a QEMUResetHandler function. When qemu_register_reset() is called, we create a new LegacyReset object and add it to the simulation_reset ResettableContainer. When qemu_unregister_reset() is called, we find the LegacyReset object in the container and remove it.
This implementation of qemu_unregister_reset() means we'll end up scanning the ResetContainer's list of child objects twice, once to find the LegacyReset object, and once in g_ptr_array_remove(). In theory we could avoid this by having the ResettableContainer interface include a resettable_container_remove_with_equal_func() that took a callback method so that we could use g_ptr_array_find_with_equal_func() and g_ptr_array_remove_index(). But we don't expect qemu_unregister_reset() to be called frequently or in hot paths, and we expect the simulation_reset container to usually not have many children.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Message-id: 20240220160622.114437-9-peter.maydell@linaro.org Reviewed-by: Zhao Liu <zhao1.liu@intel.com>
show more ...
|
86fae16e | 20-Feb-2024 |
Peter Maydell <peter.maydell@linaro.org> |
hw/core/reset: Add qemu_{register, unregister}_resettable()
Implement new functions qemu_register_resettable() and qemu_unregister_resettable(). These are intended to be three-phase-reset aware equ
hw/core/reset: Add qemu_{register, unregister}_resettable()
Implement new functions qemu_register_resettable() and qemu_unregister_resettable(). These are intended to be three-phase-reset aware equivalents of the old qemu_register_reset() and qemu_unregister_reset(). Instead of passing in a function pointer and opaque, you register any QOM object that implements the Resettable interface.
The implementation is simple: we have a single global instance of a ResettableContainer, which we reset in qemu_devices_reset(), and the Resettable objects passed to qemu_register_resettable() are added to it.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Message-id: 20240220160622.114437-8-peter.maydell@linaro.org Reviewed-by: Zhao Liu <zhao1.liu@intel.com>
show more ...
|
8e98c27d | 08-Dec-2023 |
Philippe Mathieu-Daudé <philmd@linaro.org> |
system/cpu-timers: Introduce ICountMode enumerator
Rather than having to lookup for what the 0, 1, 2, ... icount values are, use a enum definition.
Signed-off-by: Philippe Mathieu-Daudé <philmd@lin
system/cpu-timers: Introduce ICountMode enumerator
Rather than having to lookup for what the 0, 1, 2, ... icount values are, use a enum definition.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-ID: <20231208113529.74067-4-philmd@linaro.org>
show more ...
|