Lines Matching full:secure
3 * Secure pages management: Migration of pages between normal and secure
10 * A pseries guest can be run as secure guest on Ultravisor-enabled
13 * hypervisor (HV) and secure memory managed by Ultravisor (UV).
18 * Private ZONE_DEVICE memory equal to the amount of secure memory
19 * available in the platform for running secure guests is hotplugged.
20 * Whenever a page belonging to the guest becomes secure, a page from this
21 * private device memory is used to represent and track that secure page
36 * UV(secure) and vice versa. So the serialization points are around
40 * fault path as page-out can occur when HV faults on accessing secure
44 * by HV touching secure pages is very very low. If an when UV supports
60 * secure GPAs at 64K page size and maintains one device PFN for each
61 * 64K secure GPA. UV_PAGE_IN and UV_PAGE_OUT calls by HV are also issued
64 * HV faulting on secure pages: When HV touches any secure page, it
69 * Shared pages: Whenever guest shares a secure page, UV will split and
72 * HV invalidating a page: When a regular page belonging to secure
74 * page size. Using 64K page size is correct here because any non-secure
79 * to secure guest, it sends that to UV with a 64K UV_PAGE_IN request.
83 * In summary, the current secure pages handling code in HV assumes
109 * (a) Secure - The GFN is secure. The GFN is associated with
110 * a Secure VM, the contents of the GFN is not accessible
111 * to the Hypervisor. This GFN can be backed by a secure-PFN,
118 * a secure VM. The contents of the GFN is accessible to
132 * Secure VM: A VM whose contents are not accessible to the
134 * either Shared-GFN or Secure-GFNs.
136 * Transient VM: A Normal VM that is transitioning to secure VM.
140 * in any of the three states; i.e Secure-GFN, Shared-GFN,
159 * secure-state. At this point any left-over normal-GFNs are
160 * transitioned to Secure-GFN.
165 * UV_TERMINATE transitions the secure-VM back to normal-VM. All
166 * the secure-GFN and shared-GFNs are tranistioned to normal-GFN
172 * Secure GFN is associated with a secure-PFN; also called uvmem_pfn,
174 * set, and contains the value of the secure-PFN.
195 * | Secure | Shared | Secure |Normal |Secure |
197 * | Shared | Shared | Secure |Normal |Shared |
199 * | Normal | Shared | Secure |Normal |Secure |
213 * | Secure | Error | Error |Error |Error |Normal |
215 * |Transient| N/A | Error |Secure |Normal |Normal |
307 /* mark the GFN as secure-GFN associated with @uvmem pfn device-PFN. */
314 /* mark the GFN as secure-GFN associated with a memory-PFN. */
332 /* return true, if the GFN is a secure-GFN backed by a secure-PFN */
356 * transitioned to a secure GFN. return the value of that GFN in *gfn. If a
477 /* Only radix guests can be secure guests */ in kvmppc_h_svm_init_start()
481 /* NAK the transition to secure if not enabled */ in kvmppc_h_svm_init_start()
510 * from secure memory using UV_PAGE_OUT uvcall.
562 * - When HV touches a secure page, for which we do UV_PAGE_OUT in __kvmppc_svm_page_out()
563 * - When a secure page is converted to shared page, we *get* in __kvmppc_svm_page_out()
603 * Drop device pages that we maintain for the secure guest
690 * Called when a normal page is moved to secure memory (UV_PAGE_IN). Device
691 * PFN will be used to keep track of the secure page on HV side.
738 * copy page from normal memory to secure memory using UV_PAGE_IN uvcall.
861 pr_info("LPID %d went secure\n", kvm->arch.lpid); in kvmppc_h_svm_init_done()
871 * - If the page is already secure, then provision a new page and share
931 * H_SVM_PAGE_IN: Move page from normal memory to secure memory.
993 * has been moved to secure memory, we ask UV to give back the page by
1014 * Gets called when secure GFN tranistions from a secure-PFN
1043 * H_SVM_PAGE_OUT: Move page from secure memory to normal memory.
1128 * First try the new ibm,secure-memory nodes which supersede the in kvmppc_get_secmem_size()
1129 * secure-memory-ranges property. in kvmppc_get_secmem_size()
1132 for_each_compatible_node(np, NULL, "ibm,secure-memory") { in kvmppc_get_secmem_size()
1145 prop = of_get_property(np, "secure-memory-ranges", &len); in kvmppc_get_secmem_size()
1173 pr_info("KVMPPC-UVMEM: No support for secure guests\n"); in kvmppc_uvmem_init()
1204 pr_info("KVMPPC-UVMEM: Secure Memory size 0x%lx\n", size); in kvmppc_uvmem_init()