summaryrefslogtreecommitdiff
path: root/Documentation/virt
diff options
context:
space:
mode:
authorBharata B Rao <bharata@linux.ibm.com>2019-11-25 08:36:30 +0530
committerPaul Mackerras <paulus@ozlabs.org>2019-11-28 17:02:31 +1100
commit22945688acd4d0ec2620b0670a53110401ed9c59 (patch)
tree389ea049e1286364c1ccafde9c6c307eb1e5ab23 /Documentation/virt
parentc32622575dd0ecb6fd0b41e3a451bd58152971ba (diff)
downloadlwn-22945688acd4d0ec2620b0670a53110401ed9c59.tar.gz
lwn-22945688acd4d0ec2620b0670a53110401ed9c59.zip
KVM: PPC: Book3S HV: Support reset of secure guest
Add support for reset of secure guest via a new ioctl KVM_PPC_SVM_OFF. This ioctl will be issued by QEMU during reset and includes the the following steps: - Release all device pages of the secure guest. - Ask UV to terminate the guest via UV_SVM_TERMINATE ucall - Unpin the VPA pages so that they can be migrated back to secure side when guest becomes secure again. This is required because pinned pages can't be migrated. - Reinit the partition scoped page tables After these steps, guest is ready to issue UV_ESM call once again to switch to secure mode. Signed-off-by: Bharata B Rao <bharata@linux.ibm.com> Signed-off-by: Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com> [Implementation of uv_svm_terminate() and its call from guest shutdown path] Signed-off-by: Ram Pai <linuxram@us.ibm.com> [Unpinning of VPA pages] Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
Diffstat (limited to 'Documentation/virt')
-rw-r--r--Documentation/virt/kvm/api.txt18
1 files changed, 18 insertions, 0 deletions
diff --git a/Documentation/virt/kvm/api.txt b/Documentation/virt/kvm/api.txt
index 49183add44e7..9fecec6b4e86 100644
--- a/Documentation/virt/kvm/api.txt
+++ b/Documentation/virt/kvm/api.txt
@@ -4149,6 +4149,24 @@ Valid values for 'action':
#define KVM_PMU_EVENT_ALLOW 0
#define KVM_PMU_EVENT_DENY 1
+4.121 KVM_PPC_SVM_OFF
+
+Capability: basic
+Architectures: powerpc
+Type: vm ioctl
+Parameters: none
+Returns: 0 on successful completion,
+Errors:
+ EINVAL: if ultravisor failed to terminate the secure guest
+ ENOMEM: if hypervisor failed to allocate new radix page tables for guest
+
+This ioctl is used to turn off the secure mode of the guest or transition
+the guest from secure mode to normal mode. This is invoked when the guest
+is reset. This has no effect if called for a normal guest.
+
+This ioctl issues an ultravisor call to terminate the secure guest,
+unpins the VPA pages and releases all the device pages that are used to
+track the secure pages by hypervisor.
5. The kvm_run structure
------------------------