On Mon, Nov 04, 2019 at 09:47:58AM +0530, Bharata B Rao wrote: > Add support for reset of secure guest via a new ioctl KVM_PPC_SVM_OFF. > This ioctl will be issued by QEMU during reset and includes the > the following steps: > > - Ask UV to terminate the guest via UV_SVM_TERMINATE ucall > - Unpin the VPA pages so that they can be migrated back to secure > side when guest becomes secure again. This is required because > pinned pages can't be migrated. Unpinning the VPA pages is normally handled during VM reset by QEMU doing set_one_reg operations to set the values for the KVM_REG_PPC_VPA_ADDR, KVM_REG_PPC_VPA_SLB and KVM_REG_PPC_VPA_DTL pseudo-registers to zero. Is there some reason why this isn't happening for a secure VM, and if so, what is that reason? If it is happening, then why do we need to unpin the pages explicitly here? > - Reinitialize guest's partitioned scoped page tables. These are > freed when guest becomes secure (H_SVM_INIT_DONE) It doesn't seem particularly useful to me to free the partition-scoped page tables when the guest becomes secure, and it feels like it makes things more fragile. If you don't free them then, then you don't need to reallocate them now. > - Release all device pages of the secure guest. > > After these steps, guest is ready to issue UV_ESM call once again > to switch to secure mode. Paul.
