lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20190220201609.28290-22-joao.m.martins@oracle.com>
Date:   Wed, 20 Feb 2019 20:15:51 +0000
From:   Joao Martins <joao.m.martins@...cle.com>
To:     kvm@...r.kernel.org, linux-kernel@...r.kernel.org
Cc:     Ankur Arora <ankur.a.arora@...cle.com>,
        Boris Ostrovsky <boris.ostrovsky@...cle.com>,
        Joao Martins <joao.m.martins@...cle.com>,
        Paolo Bonzini <pbonzini@...hat.com>,
        Radim Krčmář <rkrcmar@...hat.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        "H. Peter Anvin" <hpa@...or.com>, x86@...nel.org
Subject: [PATCH RFC 21/39] KVM: x86/xen: domid allocation

Userspace requests a free @domid to be assigned to itself, or
explicitly selects one by setting @any to 0. The @domid is then
used for various interdomain/unbound event purposes.

Signed-off-by: Joao Martins <joao.m.martins@...cle.com>
---
 arch/x86/include/asm/kvm_host.h |  2 ++
 arch/x86/kvm/x86.c              |  2 ++
 arch/x86/kvm/xen.c              | 70 +++++++++++++++++++++++++++++++++++++++++
 arch/x86/kvm/xen.h              |  2 ++
 include/uapi/linux/kvm.h        |  4 +++
 5 files changed, 80 insertions(+)

diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
index c629fedb2e21..384247fc433d 100644
--- a/arch/x86/include/asm/kvm_host.h
+++ b/arch/x86/include/asm/kvm_host.h
@@ -27,6 +27,7 @@
 #include <linux/clocksource.h>
 #include <linux/irqbypass.h>
 #include <linux/hyperv.h>
+#include <xen/interface/xen.h>
 
 #include <asm/apic.h>
 #include <asm/pvclock-abi.h>
@@ -862,6 +863,7 @@ struct kvm_hv {
 /* Xen emulation context */
 struct kvm_xen {
 	u64 xen_hypercall;
+	domid_t domid;
 
 	gfn_t shinfo_addr;
 	struct shared_info *shinfo;
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index b1d9045d7989..cb95f7f8bed9 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -6986,6 +6986,7 @@ int kvm_arch_init(void *opaque)
 	if (hypervisor_is_type(X86_HYPER_MS_HYPERV))
 		set_hv_tscchange_cb(kvm_hyperv_tsc_notifier);
 #endif
+	kvm_xen_init();
 
 	return 0;
 
@@ -6999,6 +7000,7 @@ int kvm_arch_init(void *opaque)
 
 void kvm_arch_exit(void)
 {
+	kvm_xen_exit();
 #ifdef CONFIG_X86_64
 	if (hypervisor_is_type(X86_HYPER_MS_HYPERV))
 		clear_hv_tscchange_cb();
diff --git a/arch/x86/kvm/xen.c b/arch/x86/kvm/xen.c
index 07066402737d..e570c9b26563 100644
--- a/arch/x86/kvm/xen.c
+++ b/arch/x86/kvm/xen.c
@@ -36,6 +36,48 @@ struct evtchnfd {
 static int kvm_xen_evtchn_send(struct kvm_vcpu *vcpu, int port);
 static void *xen_vcpu_info(struct kvm_vcpu *v);
 
+#define XEN_DOMID_MIN	1
+#define XEN_DOMID_MAX	(DOMID_FIRST_RESERVED - 1)
+
+static rwlock_t domid_lock;
+static struct idr domid_to_kvm;
+
+static int kvm_xen_domid_init(struct kvm *kvm, bool any, domid_t domid)
+{
+	u16 min = XEN_DOMID_MIN, max = XEN_DOMID_MAX;
+	struct kvm_xen *xen = &kvm->arch.xen;
+	int ret;
+
+	if (!any) {
+		min = domid;
+		max = domid + 1;
+	}
+
+	write_lock_bh(&domid_lock);
+	ret = idr_alloc(&domid_to_kvm, kvm, min, max, GFP_ATOMIC);
+	write_unlock_bh(&domid_lock);
+
+	if (ret < 0)
+		return ret;
+
+	xen->domid = ret;
+	return 0;
+}
+
+int kvm_xen_free_domid(struct kvm *kvm)
+{
+	struct kvm_xen *xen = &kvm->arch.xen;
+	struct kvm *vm;
+
+	write_lock_bh(&domid_lock);
+	vm = idr_remove(&domid_to_kvm, xen->domid);
+	write_unlock_bh(&domid_lock);
+
+	synchronize_srcu(&kvm->srcu);
+
+	return vm == kvm;
+}
+
 int kvm_xen_has_interrupt(struct kvm_vcpu *vcpu)
 {
 	struct kvm_vcpu_xen *vcpu_xen = vcpu_to_xen_vcpu(vcpu);
@@ -460,6 +502,17 @@ int kvm_xen_hvm_set_attr(struct kvm *kvm, struct kvm_xen_hvm_attr *data)
 		r = kvm_vm_ioctl_xen_eventfd(kvm, &xevfd);
 		break;
 	}
+	case KVM_XEN_ATTR_TYPE_DOMID: {
+		domid_t domid = (u16) data->u.dom.domid;
+		bool any = (data->u.dom.domid < 0);
+
+		/* Domain ID 0 or >= 0x7ff0 are reserved */
+		if (!any && (!domid || (domid >= XEN_DOMID_MAX)))
+			return -EINVAL;
+
+		r = kvm_xen_domid_init(kvm, any, domid);
+		break;
+	}
 	default:
 		break;
 	}
@@ -489,6 +542,11 @@ int kvm_xen_hvm_get_attr(struct kvm *kvm, struct kvm_xen_hvm_attr *data)
 		r = 0;
 		break;
 	}
+	case KVM_XEN_ATTR_TYPE_DOMID: {
+		data->u.dom.domid = kvm->arch.xen.domid;
+		r = 0;
+		break;
+	}
 	default:
 		break;
 	}
@@ -909,6 +967,18 @@ void kvm_xen_destroy_vm(struct kvm *kvm)
 
 	if (xen->shinfo)
 		put_page(virt_to_page(xen->shinfo));
+
+	kvm_xen_free_domid(kvm);
+}
+
+void kvm_xen_init(void)
+{
+	idr_init(&domid_to_kvm);
+	rwlock_init(&domid_lock);
+}
+
+void kvm_xen_exit(void)
+{
 }
 
 static int kvm_xen_eventfd_update(struct kvm *kvm, struct idr *port_to_evt,
diff --git a/arch/x86/kvm/xen.h b/arch/x86/kvm/xen.h
index f82b8b5b3345..76ef2150c650 100644
--- a/arch/x86/kvm/xen.h
+++ b/arch/x86/kvm/xen.h
@@ -39,6 +39,8 @@ void kvm_xen_destroy_vm(struct kvm *kvm);
 int kvm_vm_ioctl_xen_eventfd(struct kvm *kvm, struct kvm_xen_eventfd *args);
 void kvm_xen_vcpu_init(struct kvm_vcpu *vcpu);
 void kvm_xen_vcpu_uninit(struct kvm_vcpu *vcpu);
+void kvm_xen_init(void);
+void kvm_xen_exit(void);
 
 void __kvm_migrate_xen_timer(struct kvm_vcpu *vcpu);
 int kvm_xen_has_pending_timer(struct kvm_vcpu *vcpu);
diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h
index 1b3ecce5f92e..3212cad732dd 100644
--- a/include/uapi/linux/kvm.h
+++ b/include/uapi/linux/kvm.h
@@ -1500,6 +1500,9 @@ struct kvm_xen_hvm_attr {
 				__u32 padding[2];
 			};
 		} evtchn;
+		struct {
+			__s32 domid;
+		} dom;
 	} u;
 };
 
@@ -1510,6 +1513,7 @@ struct kvm_xen_hvm_attr {
 #define KVM_XEN_ATTR_TYPE_VCPU_RUNSTATE     0x3
 /* Available with KVM_CAP_XEN_HVM_EVTCHN */
 #define KVM_XEN_ATTR_TYPE_EVTCHN            0x4
+#define KVM_XEN_ATTR_TYPE_DOMID             0x5
 
 /* Secure Encrypted Virtualization command */
 enum sev_cmd_id {
-- 
2.11.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ