search for: is_prot_virt_guest

...> +int arch_validate_virtio_features(struct virtio_device *dev) > +{ Maybe jump out immediately if the guest is not protected? > + if (!virtio_has_feature(dev, VIRTIO_F_VERSION_1)) { > + dev_warn(&dev->dev, "device must provide VIRTIO_F_VERSION_1\n"); > + return is_prot_virt_guest() ? -ENODEV : 0; > + } > + > + if (!virtio_has_feature(dev, VIRTIO_F_IOMMU_PLATFORM)) { > + dev_warn(&dev->dev, > + "device must provide VIRTIO_F_IOMMU_PLATFORM\n"); > + return is_prot_virt_guest() ? -ENODEV : 0; > + } if (!is_prot_virt_guest()) return 0...

...> +int arch_validate_virtio_features(struct virtio_device *dev) > +{ Maybe jump out immediately if the guest is not protected? > + if (!virtio_has_feature(dev, VIRTIO_F_VERSION_1)) { > + dev_warn(&dev->dev, "device must provide VIRTIO_F_VERSION_1\n"); > + return is_prot_virt_guest() ? -ENODEV : 0; > + } > + > + if (!virtio_has_feature(dev, VIRTIO_F_IOMMU_PLATFORM)) { > + dev_warn(&dev->dev, > + "device must provide VIRTIO_F_IOMMU_PLATFORM\n"); > + return is_prot_virt_guest() ? -ENODEV : 0; > + } if (!is_prot_virt_guest()) return 0...

....h> > #include <asm/dma-mapping.h> > #include <asm/uv.h> > +#include <linux/virtio_config.h> > > pgd_t swapper_pg_dir[PTRS_PER_PGD] __section(.bss..swapper_pg_dir); > > @@ -161,6 +162,32 @@ bool force_dma_unencrypted(struct device *dev) > return is_prot_virt_guest(); > } > > +/* > + * arch_validate_virtio_features > + * @dev: the VIRTIO device being added > + * > + * Return an error if required features are missing on a guest running > + * with protected virtualization. > + */ > +int arch_validate_virtio_features(struct virti...

....h> > #include <asm/dma-mapping.h> > #include <asm/uv.h> > +#include <linux/virtio_config.h> > > pgd_t swapper_pg_dir[PTRS_PER_PGD] __section(.bss..swapper_pg_dir); > > @@ -161,6 +162,32 @@ bool force_dma_unencrypted(struct device *dev) > return is_prot_virt_guest(); > } > > +/* > + * arch_validate_virtio_features > + * @dev: the VIRTIO device being added > + * > + * Return an error if required features are missing on a guest running > + * with protected virtualization. > + */ > +int arch_validate_virtio_features(struct virti...

....h> > #include <asm/dma-mapping.h> > #include <asm/uv.h> > +#include <linux/virtio_config.h> > > pgd_t swapper_pg_dir[PTRS_PER_PGD] __section(.bss..swapper_pg_dir); > > @@ -161,6 +162,35 @@ bool force_dma_unencrypted(struct device *dev) > return is_prot_virt_guest(); > } > > +#ifdef CONFIG_ARCH_HAS_RESTRICTED_MEMORY_ACCESS > +/* > + * arch_has_restricted_memory_access > + * @dev: the VIRTIO device being added > + * > + * Return an error if required features are missing on a guest running > + * with protected virtualization. >...

...irtio/virtio_ccw.c >> +++ b/drivers/s390/virtio/virtio_ccw.c >> @@ -986,6 +986,11 @@ static void virtio_ccw_set_status(struct virtio_device *vdev, u8 status) >> if (!ccw) >> return; >> >> + /* Protected Virtualisation guest needs IOMMU */ >> + if (is_prot_virt_guest() && >> + !__virtio_test_bit(vdev, VIRTIO_F_IOMMU_PLATFORM)) >> + status &= ~VIRTIO_CONFIG_S_FEATURES_OK; >> + > > set_status seems like an odd place to look at features; shouldn't that > rather be done in finalize_features? Right, looks better to...

...irtio/virtio_ccw.c >> +++ b/drivers/s390/virtio/virtio_ccw.c >> @@ -986,6 +986,11 @@ static void virtio_ccw_set_status(struct virtio_device *vdev, u8 status) >> if (!ccw) >> return; >> >> + /* Protected Virtualisation guest needs IOMMU */ >> + if (is_prot_virt_guest() && >> + !__virtio_test_bit(vdev, VIRTIO_F_IOMMU_PLATFORM)) >> + status &= ~VIRTIO_CONFIG_S_FEATURES_OK; >> + > > set_status seems like an odd place to look at features; shouldn't that > rather be done in finalize_features? Right, looks better to...

...+ * 0 otherwise. > + */ > +int arch_validate_virtio_features(struct virtio_device *dev) > +{ > + if (!virtio_has_feature(dev, VIRTIO_F_VERSION_1)) { > + dev_warn(&dev->dev, "device must provide VIRTIO_F_VERSION_1\n"); I think you only want to warn if is_prot_virt_guest is true? We certainly want to be able to run as a guest of older hypervisors with virtio 0.95, no? > + return is_prot_virt_guest() ? -ENODEV : 0; > + } > + > + if (!virtio_has_feature(dev, VIRTIO_F_IOMMU_PLATFORM)) { > + dev_warn(&dev->dev, > + "device must prov...

...ng.h> > > > #include <asm/uv.h> > > > +#include <linux/virtio_config.h> > > > pgd_t swapper_pg_dir[PTRS_PER_PGD] __section(.bss..swapper_pg_dir); > > > @@ -161,6 +162,33 @@ bool force_dma_unencrypted(struct device *dev) > > > return is_prot_virt_guest(); > > > } > > > +/* > > > + * arch_validate_virtio_features > > > + * @dev: the VIRTIO device being added > > > + * > > > + * Return an error if required features are missing on a guest running > > > + * with protected virtualization...

...ng.h> > > > #include <asm/uv.h> > > > +#include <linux/virtio_config.h> > > > pgd_t swapper_pg_dir[PTRS_PER_PGD] __section(.bss..swapper_pg_dir); > > > @@ -161,6 +162,33 @@ bool force_dma_unencrypted(struct device *dev) > > > return is_prot_virt_guest(); > > > } > > > +/* > > > + * arch_validate_virtio_features > > > + * @dev: the VIRTIO device being added > > > + * > > > + * Return an error if required features are missing on a guest running > > > + * with protected virtualization...

An architecture protecting the guest memory against unauthorized host access may want to enforce VIRTIO I/O device protection through the use of VIRTIO_F_IOMMU_PLATFORM. Let's give a chance to the architecture to accept or not devices without VIRTIO_F_IOMMU_PLATFORM. Pierre Morel (1): s390: virtio: let arch accept devices without IOMMU feature arch/s390/mm/init.c | 6 ++++++

Hi all, I changed the patch subject to reflect the content, becoming more general. 1) I removed the ack from Christian and Jason even far as I understand they gave it for the functionality more than for the implementation. @Jason, @Christian, please can I get back your acked-by with these changes? 2) previous patch had another name: [PATCH v3 0/1] s390: virtio: let arch choose to

An architecture protecting the guest memory against unauthorized host access may want to enforce VIRTIO I/O device protection through the use of VIRTIO_F_IOMMU_PLATFORM. Let's give a chance to the architecture to accept or not devices without VIRTIO_F_IOMMU_PLATFORM. Pierre Morel (1): s390: virtio: let arch accept devices without IOMMU feature arch/s390/mm/init.c | 6 ++++++

...ccw.c index 5730572b52cd..06ffbc96587a 100644 --- a/drivers/s390/virtio/virtio_ccw.c +++ b/drivers/s390/virtio/virtio_ccw.c @@ -986,6 +986,11 @@ static void virtio_ccw_set_status(struct virtio_device *vdev, u8 status) if (!ccw) return; + /* Protected Virtualisation guest needs IOMMU */ + if (is_prot_virt_guest() && + !__virtio_test_bit(vdev, VIRTIO_F_IOMMU_PLATFORM)) + status &= ~VIRTIO_CONFIG_S_FEATURES_OK; + /* Write the status to the host. */ vcdev->dma_area->status = status; ccw->cmd_code = CCW_CMD_WRITE_STATUS; -- 2.25.1

...ccw.c index 5730572b52cd..06ffbc96587a 100644 --- a/drivers/s390/virtio/virtio_ccw.c +++ b/drivers/s390/virtio/virtio_ccw.c @@ -986,6 +986,11 @@ static void virtio_ccw_set_status(struct virtio_device *vdev, u8 status) if (!ccw) return; + /* Protected Virtualisation guest needs IOMMU */ + if (is_prot_virt_guest() && + !__virtio_test_bit(vdev, VIRTIO_F_IOMMU_PLATFORM)) + status &= ~VIRTIO_CONFIG_S_FEATURES_OK; + /* Write the status to the host. */ vcdev->dma_area->status = status; ccw->cmd_code = CCW_CMD_WRITE_STATUS; -- 2.25.1

....h> > #include <asm/dma-mapping.h> > #include <asm/uv.h> > +#include <linux/virtio_config.h> > > pgd_t swapper_pg_dir[PTRS_PER_PGD] __section(.bss..swapper_pg_dir); > > @@ -161,6 +162,33 @@ bool force_dma_unencrypted(struct device *dev) > return is_prot_virt_guest(); > } > > +/* > + * arch_validate_virtio_features > + * @dev: the VIRTIO device being added > + * > + * Return an error if required features are missing on a guest running > + * with protected virtualization. > + */ > +int arch_validate_virtio_features(struct virti...

....h> > #include <asm/dma-mapping.h> > #include <asm/uv.h> > +#include <linux/virtio_config.h> > > pgd_t swapper_pg_dir[PTRS_PER_PGD] __section(.bss..swapper_pg_dir); > > @@ -161,6 +162,33 @@ bool force_dma_unencrypted(struct device *dev) > return is_prot_virt_guest(); > } > > +/* > + * arch_validate_virtio_features > + * @dev: the VIRTIO device being added > + * > + * Return an error if required features are missing on a guest running > + * with protected virtualization. > + */ > +int arch_validate_virtio_features(struct virti...

...t; arch/s390/mm/init.c including virtio.h looks a bit strange to me, but if Heiko and Vasily don't mind, neither do I. > > pgd_t swapper_pg_dir[PTRS_PER_PGD] __section(.bss..swapper_pg_dir); > > @@ -162,6 +163,11 @@ bool force_dma_unencrypted(struct device *dev) > return is_prot_virt_guest(); > } > > +int arch_needs_iommu_platform(struct virtio_device *dev) Maybe prefixing the name with virtio_ would help provide the proper context. > +{ > + return is_prot_virt_guest(); > +} > + > /* protected virtualization */ > static void pv_init(void) > { &g...

...t; arch/s390/mm/init.c including virtio.h looks a bit strange to me, but if Heiko and Vasily don't mind, neither do I. > > pgd_t swapper_pg_dir[PTRS_PER_PGD] __section(.bss..swapper_pg_dir); > > @@ -162,6 +163,11 @@ bool force_dma_unencrypted(struct device *dev) > return is_prot_virt_guest(); > } > > +int arch_needs_iommu_platform(struct virtio_device *dev) Maybe prefixing the name with virtio_ would help provide the proper context. > +{ > + return is_prot_virt_guest(); > +} > + > /* protected virtualization */ > static void pv_init(void) > { &g...

...asm/kasan.h> > #include <asm/dma-mapping.h> > #include <asm/uv.h> > +#include <linux/virtio.h> > > pgd_t swapper_pg_dir[PTRS_PER_PGD] __section(.bss..swapper_pg_dir); > > @@ -161,6 +162,11 @@ bool force_dma_unencrypted(struct device *dev) > return is_prot_virt_guest(); > } > > +int arch_needs_virtio_iommu_platform(struct virtio_device *dev) > +{ > + return is_prot_virt_guest(); > +} > + > /* protected virtualization */ > static void pv_init(void) Can we please stop dumping random code to arch/s390/mm/init.c? All the protected v...