lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 20 Feb 2019 20:15:52 +0000
From:   Joao Martins <joao.m.martins@...cle.com>
To:     kvm@...r.kernel.org, linux-kernel@...r.kernel.org
Cc:     Ankur Arora <ankur.a.arora@...cle.com>,
        Boris Ostrovsky <boris.ostrovsky@...cle.com>,
        Joao Martins <joao.m.martins@...cle.com>,
        Paolo Bonzini <pbonzini@...hat.com>,
        Radim Krčmář <rkrcmar@...hat.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        "H. Peter Anvin" <hpa@...or.com>, x86@...nel.org
Subject: [PATCH RFC 22/39] KVM: x86/xen: grant table init

Add support for guest grant table initialization. This is mostly
scaffolding at this point: we allocate grant table state and map
it globally.

Later patches add support for seeding the grant table with reserved
entries, and setup maptrack which would be used for grant map and unmap
operations.

Signed-off-by: Joao Martins <joao.m.martins@...cle.com>
---
 arch/x86/include/asm/kvm_host.h | 19 +++++++++
 arch/x86/kvm/xen.c              | 88 +++++++++++++++++++++++++++++++++++++++++
 arch/x86/kvm/xen.h              |  1 +
 include/uapi/linux/kvm.h        | 13 ++++++
 4 files changed, 121 insertions(+)

diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
index 384247fc433d..e0cbc0899580 100644
--- a/arch/x86/include/asm/kvm_host.h
+++ b/arch/x86/include/asm/kvm_host.h
@@ -860,6 +860,23 @@ struct kvm_hv {
 	atomic_t num_mismatched_vp_indexes;
 };
 
+/* Xen grant table */
+struct kvm_grant_table {
+	u32 nr_frames;
+	u32 max_nr_frames;
+	union {
+		void **frames;
+		struct grant_entry_v1 **frames_v1;
+	};
+	gfn_t *frames_addr;
+	gpa_t initial_addr;
+	struct grant_entry_v1 *initial;
+
+	/* maptrack limits */
+	u32 max_mt_frames;
+	u32 nr_mt_frames;
+};
+
 /* Xen emulation context */
 struct kvm_xen {
 	u64 xen_hypercall;
@@ -871,6 +888,8 @@ struct kvm_xen {
 	struct idr port_to_evt;
 	unsigned long poll_mask[BITS_TO_LONGS(KVM_MAX_VCPUS)];
 	struct mutex xen_lock;
+
+	struct kvm_grant_table gnttab;
 };
 
 enum kvm_xen_callback_via {
diff --git a/arch/x86/kvm/xen.c b/arch/x86/kvm/xen.c
index e570c9b26563..b9e6e8f72d87 100644
--- a/arch/x86/kvm/xen.c
+++ b/arch/x86/kvm/xen.c
@@ -17,6 +17,7 @@
 #include <xen/interface/xen.h>
 #include <xen/interface/vcpu.h>
 #include <xen/interface/event_channel.h>
+#include <xen/interface/grant_table.h>
 #include <xen/interface/sched.h>
 
 #include "trace.h"
@@ -35,6 +36,7 @@ struct evtchnfd {
 
 static int kvm_xen_evtchn_send(struct kvm_vcpu *vcpu, int port);
 static void *xen_vcpu_info(struct kvm_vcpu *v);
+static void kvm_xen_gnttab_free(struct kvm_xen *xen);
 
 #define XEN_DOMID_MIN	1
 #define XEN_DOMID_MAX	(DOMID_FIRST_RESERVED - 1)
@@ -513,6 +515,12 @@ int kvm_xen_hvm_set_attr(struct kvm *kvm, struct kvm_xen_hvm_attr *data)
 		r = kvm_xen_domid_init(kvm, any, domid);
 		break;
 	}
+	case KVM_XEN_ATTR_TYPE_GNTTAB: {
+		struct kvm_xen_gnttab xevfd = data->u.gnttab;
+
+		r = kvm_vm_ioctl_xen_gnttab(kvm, &xevfd);
+		break;
+	}
 	default:
 		break;
 	}
@@ -969,6 +977,7 @@ void kvm_xen_destroy_vm(struct kvm *kvm)
 		put_page(virt_to_page(xen->shinfo));
 
 	kvm_xen_free_domid(kvm);
+	kvm_xen_gnttab_free(&kvm->arch.xen);
 }
 
 void kvm_xen_init(void)
@@ -1093,3 +1102,82 @@ int kvm_vm_ioctl_xen_eventfd(struct kvm *kvm, struct kvm_xen_eventfd *args)
 	return kvm_xen_eventfd_assign(kvm, &xen->port_to_evt,
 				      &xen->xen_lock, args);
 }
+
+int kvm_xen_gnttab_init(struct kvm *kvm, struct kvm_xen *xen,
+			struct kvm_xen_gnttab *op, int dom0)
+{
+	u32 max_mt_frames = op->init.max_maptrack_frames;
+	unsigned long initial = op->init.initial_frame;
+	struct kvm_grant_table *gnttab = &xen->gnttab;
+	u32 max_frames = op->init.max_frames;
+	struct page *page = NULL;
+	void *addr;
+
+	if (!dom0) {
+		if (!op->init.initial_frame ||
+		    offset_in_page(op->init.initial_frame))
+			return -EINVAL;
+
+		if (get_user_pages_fast(initial, 1, 1, &page) != 1)
+			return -EFAULT;
+
+		gnttab->initial_addr = initial;
+		gnttab->initial = page_to_virt(page);
+		put_page(page);
+	}
+
+	addr = kcalloc(max_frames, sizeof(gfn_t), GFP_KERNEL);
+	if (!addr)
+		goto out;
+	xen->gnttab.frames_addr = addr;
+
+	addr = kcalloc(max_frames, sizeof(addr), GFP_KERNEL);
+	if (!addr)
+		goto out;
+
+	gnttab->frames = addr;
+	gnttab->frames[0] = xen->gnttab.initial;
+	gnttab->max_nr_frames = max_frames;
+	gnttab->max_mt_frames = max_mt_frames;
+	gnttab->nr_mt_frames = 1;
+	gnttab->nr_frames = 0;
+
+	pr_debug("kvm_xen: dom%u: grant table limits (gnttab:%d maptrack:%d)\n",
+		 xen->domid, gnttab->max_nr_frames, gnttab->max_mt_frames);
+	return 0;
+
+out:
+	kfree(xen->gnttab.frames);
+	kfree(xen->gnttab.frames_addr);
+	if (page)
+		put_page(page);
+	memset(&xen->gnttab, 0, sizeof(xen->gnttab));
+	return -ENOMEM;
+}
+
+void kvm_xen_gnttab_free(struct kvm_xen *xen)
+{
+	struct kvm_grant_table *gnttab = &xen->gnttab;
+
+	kfree(gnttab->frames);
+	kfree(gnttab->frames_addr);
+}
+
+int kvm_vm_ioctl_xen_gnttab(struct kvm *kvm, struct kvm_xen_gnttab *op)
+{
+	int r = -EINVAL;
+
+	if (!op)
+		return r;
+
+	switch (op->flags) {
+	case KVM_XEN_GNTTAB_F_INIT:
+		r = kvm_xen_gnttab_init(kvm, &kvm->arch.xen, op, 0);
+		break;
+	default:
+		r = -ENOSYS;
+		break;
+	}
+
+	return r;
+}
diff --git a/arch/x86/kvm/xen.h b/arch/x86/kvm/xen.h
index 76ef2150c650..08ad4e1259df 100644
--- a/arch/x86/kvm/xen.h
+++ b/arch/x86/kvm/xen.h
@@ -37,6 +37,7 @@ int kvm_xen_setup_evtchn(struct kvm *kvm,
 void kvm_xen_init_vm(struct kvm *kvm);
 void kvm_xen_destroy_vm(struct kvm *kvm);
 int kvm_vm_ioctl_xen_eventfd(struct kvm *kvm, struct kvm_xen_eventfd *args);
+int kvm_vm_ioctl_xen_gnttab(struct kvm *kvm, struct kvm_xen_gnttab *op);
 void kvm_xen_vcpu_init(struct kvm_vcpu *vcpu);
 void kvm_xen_vcpu_uninit(struct kvm_vcpu *vcpu);
 void kvm_xen_init(void);
diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h
index 3212cad732dd..e4fb9bc34d61 100644
--- a/include/uapi/linux/kvm.h
+++ b/include/uapi/linux/kvm.h
@@ -1503,6 +1503,18 @@ struct kvm_xen_hvm_attr {
 		struct {
 			__s32 domid;
 		} dom;
+		struct kvm_xen_gnttab {
+#define KVM_XEN_GNTTAB_F_INIT		0
+			__u32 flags;
+			union {
+				struct {
+					__u32 max_frames;
+					__u32 max_maptrack_frames;
+					__u64 initial_frame;
+				} init;
+				__u32 padding[4];
+			};
+		} gnttab;
 	} u;
 };
 
@@ -1514,6 +1526,7 @@ struct kvm_xen_hvm_attr {
 /* Available with KVM_CAP_XEN_HVM_EVTCHN */
 #define KVM_XEN_ATTR_TYPE_EVTCHN            0x4
 #define KVM_XEN_ATTR_TYPE_DOMID             0x5
+#define KVM_XEN_ATTR_TYPE_GNTTAB            0x6
 
 /* Secure Encrypted Virtualization command */
 enum sev_cmd_id {
-- 
2.11.0

Powered by blists - more mailing lists