Commit fa0c5eab authored by Janosch Frank's avatar Janosch Frank Committed by Christian Borntraeger

KVM: s390: protvirt: Secure memory is not mergeable

KSM will not work on secure pages, because when the kernel reads a
secure page, it will be encrypted and hence no two pages will look the
same.

Let's mark the guest pages as unmergeable when we transition to secure
mode.
Signed-off-by: default avatarJanosch Frank <frankja@linux.ibm.com>
Reviewed-by: default avatarThomas Huth <thuth@redhat.com>
Reviewed-by: default avatarDavid Hildenbrand <david@redhat.com>
Reviewed-by: default avatarCornelia Huck <cohuck@redhat.com>
[borntraeger@de.ibm.com: patch merging, splitting, fixing]
Signed-off-by: default avatarChristian Borntraeger <borntraeger@de.ibm.com>
parent 29b40f10
...@@ -148,4 +148,5 @@ int gmap_mprotect_notify(struct gmap *, unsigned long start, ...@@ -148,4 +148,5 @@ int gmap_mprotect_notify(struct gmap *, unsigned long start,
void gmap_sync_dirty_log_pmd(struct gmap *gmap, unsigned long dirty_bitmap[4], void gmap_sync_dirty_log_pmd(struct gmap *gmap, unsigned long dirty_bitmap[4],
unsigned long gaddr, unsigned long vmaddr); unsigned long gaddr, unsigned long vmaddr);
int gmap_mark_unmergeable(void);
#endif /* _ASM_S390_GMAP_H */ #endif /* _ASM_S390_GMAP_H */
...@@ -2234,6 +2234,12 @@ static int kvm_s390_handle_pv(struct kvm *kvm, struct kvm_pv_cmd *cmd) ...@@ -2234,6 +2234,12 @@ static int kvm_s390_handle_pv(struct kvm *kvm, struct kvm_pv_cmd *cmd)
if (r) if (r)
break; break;
down_write(&current->mm->mmap_sem);
r = gmap_mark_unmergeable();
up_write(&current->mm->mmap_sem);
if (r)
break;
r = kvm_s390_pv_init_vm(kvm, &cmd->rc, &cmd->rrc); r = kvm_s390_pv_init_vm(kvm, &cmd->rc, &cmd->rrc);
if (r) if (r)
break; break;
......
...@@ -2548,6 +2548,22 @@ int s390_enable_sie(void) ...@@ -2548,6 +2548,22 @@ int s390_enable_sie(void)
} }
EXPORT_SYMBOL_GPL(s390_enable_sie); EXPORT_SYMBOL_GPL(s390_enable_sie);
int gmap_mark_unmergeable(void)
{
struct mm_struct *mm = current->mm;
struct vm_area_struct *vma;
for (vma = mm->mmap; vma; vma = vma->vm_next) {
if (ksm_madvise(vma, vma->vm_start, vma->vm_end,
MADV_UNMERGEABLE, &vma->vm_flags)) {
return -ENOMEM;
}
}
mm->def_flags &= ~VM_MERGEABLE;
return 0;
}
EXPORT_SYMBOL_GPL(gmap_mark_unmergeable);
/* /*
* Enable storage key handling from now on and initialize the storage * Enable storage key handling from now on and initialize the storage
* keys with the default key. * keys with the default key.
...@@ -2593,7 +2609,6 @@ static const struct mm_walk_ops enable_skey_walk_ops = { ...@@ -2593,7 +2609,6 @@ static const struct mm_walk_ops enable_skey_walk_ops = {
int s390_enable_skey(void) int s390_enable_skey(void)
{ {
struct mm_struct *mm = current->mm; struct mm_struct *mm = current->mm;
struct vm_area_struct *vma;
int rc = 0; int rc = 0;
down_write(&mm->mmap_sem); down_write(&mm->mmap_sem);
...@@ -2601,16 +2616,11 @@ int s390_enable_skey(void) ...@@ -2601,16 +2616,11 @@ int s390_enable_skey(void)
goto out_up; goto out_up;
mm->context.uses_skeys = 1; mm->context.uses_skeys = 1;
for (vma = mm->mmap; vma; vma = vma->vm_next) { rc = gmap_mark_unmergeable();
if (ksm_madvise(vma, vma->vm_start, vma->vm_end, if (rc) {
MADV_UNMERGEABLE, &vma->vm_flags)) {
mm->context.uses_skeys = 0; mm->context.uses_skeys = 0;
rc = -ENOMEM;
goto out_up; goto out_up;
} }
}
mm->def_flags &= ~VM_MERGEABLE;
walk_page_range(mm, 0, TASK_SIZE, &enable_skey_walk_ops, NULL); walk_page_range(mm, 0, TASK_SIZE, &enable_skey_walk_ops, NULL);
out_up: out_up:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment