On 04/05/21 19:09, Sean Christopherson wrote:
On Sat, May 01, 2021, Paolo Bonzini wrote:
- make it completely independent from migration, i.e. it's just a facet of
MSR_KVM_PAGE_ENC_STATUS saying whether the bitmap is up-to-date. It would
use CPUID bit as the encryption status bitmap and have no code at all in KVM
(userspace needs to set up the filter and implement everything).
If the bit is purely a "page encryption status is up-to-date", what about
overloading KVM_HC_PAGE_ENC_STATUS to handle that status update as well? That
would eliminate my biggest complaint about having what is effectively a single
paravirt feature split into two separate, but intertwined chunks of ABI.
It's true that they are intertwined, but I dislike not having a way to
read the current state.
Paolo
#define KVM_HC_PAGE_ENC_UPDATE 12
#define KVM_HC_PAGE_ENC_REGION_UPDATE 0 /* encrypted vs. plain text */
#define KVM_HC_PAGE_ENC_STATUS_UPDATE 1 /* up-to-date vs. stale */
ret = -KVM_ENOSYS;
if (!vcpu->kvm->arch.hypercall_exit_enabled)
break;
ret = -EINVAL;
if (a0 == KVM_HC_PAGE_ENC_REGION_UPDATE) {
u64 gpa = a1, npages = a2;
if (!PAGE_ALIGNED(gpa) || !npages ||
gpa_to_gfn(gpa) + npages <= gpa_to_gfn(gpa))
break;
} else if (a0 != KVM_HC_PAGE_ENC_STATUS_UPDATE) {
break;
}
vcpu->run->exit_reason = KVM_EXIT_HYPERCALL;
vcpu->run->hypercall.nr = KVM_HC_PAGE_ENC_STATUS;
vcpu->run->hypercall.args[0] = a0;
vcpu->run->hypercall.args[1] = a1;
vcpu->run->hypercall.args[2] = a2;
vcpu->run->hypercall.args[3] = a3;
vcpu->run->hypercall.longmode = op_64_bit;
vcpu->arch.complete_userspace_io = complete_hypercall_exit;
return 0;
