cryptospore / rpms / qemu-kvm

Forked from rpms/qemu-kvm 2 years ago
Clone

Blame SOURCES/kvm-s390x-protvirt-Inhibit-balloon-when-switching-to-pro.patch

ddf19c
From 095553f9dd1fec02869bf974e8cc07614d6587e5 Mon Sep 17 00:00:00 2001
ddf19c
From: Thomas Huth <thuth@redhat.com>
ddf19c
Date: Fri, 29 May 2020 05:54:06 -0400
ddf19c
Subject: [PATCH 24/42] s390x: protvirt: Inhibit balloon when switching to
ddf19c
 protected mode
ddf19c
MIME-Version: 1.0
ddf19c
Content-Type: text/plain; charset=UTF-8
ddf19c
Content-Transfer-Encoding: 8bit
ddf19c
ddf19c
RH-Author: Thomas Huth <thuth@redhat.com>
ddf19c
Message-id: <20200529055420.16855-25-thuth@redhat.com>
ddf19c
Patchwork-id: 97036
ddf19c
O-Subject: [RHEL-8.3.0 qemu-kvm PATCH v2 24/38] s390x: protvirt: Inhibit balloon when switching to protected mode
ddf19c
Bugzilla: 1828317
ddf19c
RH-Acked-by: Claudio Imbrenda <cimbrend@redhat.com>
ddf19c
RH-Acked-by: Philippe Mathieu-Daudé <philmd@redhat.com>
ddf19c
RH-Acked-by: Cornelia Huck <cohuck@redhat.com>
ddf19c
RH-Acked-by: David Hildenbrand <david@redhat.com>
ddf19c
ddf19c
From: Janosch Frank <frankja@linux.ibm.com>
ddf19c
ddf19c
Ballooning in protected VMs can only be done when the guest shares the
ddf19c
pages it gives to the host. If pages are not shared, the integrity
ddf19c
checks will fail once those pages have been altered and are given back
ddf19c
to the guest.
ddf19c
ddf19c
As we currently do not yet have a solution for this we will continue
ddf19c
like this:
ddf19c
ddf19c
1. We block ballooning now in QEMU (with this patch).
ddf19c
ddf19c
2. Later we will provide a change to virtio that removes the blocker
ddf19c
and adds VIRTIO_F_IOMMU_PLATFORM automatically by QEMU when doing the
ddf19c
protvirt switch. This is OK, as the balloon driver in Linux (the only
ddf19c
supported guest) will refuse to work with the IOMMU_PLATFORM feature
ddf19c
bit set.
ddf19c
ddf19c
3. Later, we can fix the guest balloon driver to accept the IOMMU
ddf19c
feature bit and correctly exercise sharing and unsharing of balloon
ddf19c
pages.
ddf19c
ddf19c
Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
ddf19c
Reviewed-by: David Hildenbrand <david@redhat.com>
ddf19c
Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com>
ddf19c
Reviewed-by: Claudio Imbrenda <imbrenda@linux.ibm.com>
ddf19c
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
ddf19c
Message-Id: <20200319131921.2367-6-frankja@linux.ibm.com>
ddf19c
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
ddf19c
(cherry picked from commit b1697f63fd8f8201b1447bb55f595830b9cbde31)
ddf19c
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
ddf19c
---
ddf19c
 hw/s390x/s390-virtio-ccw.c | 11 +++++++++++
ddf19c
 1 file changed, 11 insertions(+)
ddf19c
ddf19c
diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c
ddf19c
index dbd5125232..b4ebe83766 100644
ddf19c
--- a/hw/s390x/s390-virtio-ccw.c
ddf19c
+++ b/hw/s390x/s390-virtio-ccw.c
ddf19c
@@ -42,6 +42,7 @@
ddf19c
 #include "hw/qdev-properties.h"
ddf19c
 #include "hw/s390x/tod.h"
ddf19c
 #include "sysemu/sysemu.h"
ddf19c
+#include "sysemu/balloon.h"
ddf19c
 #include "hw/s390x/pv.h"
ddf19c
 #include <linux/kvm.h>
ddf19c
 #include "migration/blocker.h"
ddf19c
@@ -330,6 +331,7 @@ static void s390_machine_unprotect(S390CcwMachineState *ms)
ddf19c
     ms->pv = false;
ddf19c
     migrate_del_blocker(pv_mig_blocker);
ddf19c
     error_free_or_abort(&pv_mig_blocker);
ddf19c
+    qemu_balloon_inhibit(false);
ddf19c
 }
ddf19c
 
ddf19c
 static int s390_machine_protect(S390CcwMachineState *ms)
ddf19c
@@ -337,10 +339,18 @@ static int s390_machine_protect(S390CcwMachineState *ms)
ddf19c
     Error *local_err = NULL;
ddf19c
     int rc;
ddf19c
 
ddf19c
+   /*
ddf19c
+    * Ballooning on protected VMs needs support in the guest for
ddf19c
+    * sharing and unsharing balloon pages. Block ballooning for
ddf19c
+    * now, until we have a solution to make at least Linux guests
ddf19c
+    * either support it or fail gracefully.
ddf19c
+    */
ddf19c
+    qemu_balloon_inhibit(true);
ddf19c
     error_setg(&pv_mig_blocker,
ddf19c
                "protected VMs are currently not migrateable.");
ddf19c
     rc = migrate_add_blocker(pv_mig_blocker, &local_err);
ddf19c
     if (rc) {
ddf19c
+        qemu_balloon_inhibit(false);
ddf19c
         error_report_err(local_err);
ddf19c
         error_free_or_abort(&pv_mig_blocker);
ddf19c
         return rc;
ddf19c
@@ -349,6 +359,7 @@ static int s390_machine_protect(S390CcwMachineState *ms)
ddf19c
     /* Create SE VM */
ddf19c
     rc = s390_pv_vm_enable();
ddf19c
     if (rc) {
ddf19c
+        qemu_balloon_inhibit(false);
ddf19c
         error_report_err(local_err);
ddf19c
         migrate_del_blocker(pv_mig_blocker);
ddf19c
         error_free_or_abort(&pv_mig_blocker);
ddf19c
-- 
ddf19c
2.27.0
ddf19c