Lines Matching full:secure
3 * Secure pages management: Migration of pages between normal and secure
10 * A pseries guest can be run as secure guest on Ultravisor-enabled
13 * hypervisor (HV) and secure memory managed by Ultravisor (UV).
18 * Private ZONE_DEVICE memory equal to the amount of secure memory
19 * available in the platform for running secure guests is hotplugged.
20 * Whenever a page belonging to the guest becomes secure, a page from this
21 * private device memory is used to represent and track that secure page
36 * UV(secure) and vice versa. So the serialization points are around
40 * fault path as page-out can occur when HV faults on accessing secure
44 * by HV touching secure pages is very very low. If an when UV supports
60 * secure GPAs at 64K page size and maintains one device PFN for each
61 * 64K secure GPA. UV_PAGE_IN and UV_PAGE_OUT calls by HV are also issued
64 * HV faulting on secure pages: When HV touches any secure page, it
69 * Shared pages: Whenever guest shares a secure page, UV will split and
72 * HV invalidating a page: When a regular page belonging to secure
74 * page size. Using 64K page size is correct here because any non-secure
79 * to secure guest, it sends that to UV with a 64K UV_PAGE_IN request.
83 * In summary, the current secure pages handling code in HV assumes
107 * (a) Secure - The GFN is secure. The GFN is associated with
108 * a Secure VM, the contents of the GFN is not accessible
109 * to the Hypervisor. This GFN can be backed by a secure-PFN,
116 * a secure VM. The contents of the GFN is accessible to
130 * Secure VM: A VM whose contents are not accessible to the
132 * either Shared-GFN or Secure-GFNs.
134 * Transient VM: A Normal VM that is transitioning to secure VM.
138 * in any of the three states; i.e Secure-GFN, Shared-GFN,
157 * secure-state. At this point any left-over normal-GFNs are
158 * transitioned to Secure-GFN.
163 * UV_TERMINATE transitions the secure-VM back to normal-VM. All
164 * the secure-GFN and shared-GFNs are tranistioned to normal-GFN
170 * Secure GFN is associated with a secure-PFN; also called uvmem_pfn,
172 * set, and contains the value of the secure-PFN.
193 * | Secure | Shared | Secure |Normal |Secure |
195 * | Shared | Shared | Secure |Normal |Shared |
197 * | Normal | Shared | Secure |Normal |Secure |
211 * | Secure | Error | Error |Error |Error |Normal |
213 * |Transient| N/A | Error |Secure |Normal |Normal |
305 /* mark the GFN as secure-GFN associated with @uvmem pfn device-PFN. */
312 /* mark the GFN as secure-GFN associated with a memory-PFN. */
330 /* return true, if the GFN is a secure-GFN backed by a secure-PFN */
354 * transitioned to a secure GFN. return the value of that GFN in *gfn. If a
468 /* Only radix guests can be secure guests */ in kvmppc_h_svm_init_start()
472 /* NAK the transition to secure if not enabled */ in kvmppc_h_svm_init_start()
501 * from secure memory using UV_PAGE_OUT uvcall.
552 * - When HV touches a secure page, for which we do UV_PAGE_OUT in __kvmppc_svm_page_out()
553 * - When a secure page is converted to shared page, we *get* in __kvmppc_svm_page_out()
591 * Drop device pages that we maintain for the secure guest
678 * Called when a normal page is moved to secure memory (UV_PAGE_IN). Device
679 * PFN will be used to keep track of the secure page on HV side.
727 * copy page from normal memory to secure memory using UV_PAGE_IN uvcall.
850 pr_info("LPID %d went secure\n", kvm->arch.lpid); in kvmppc_h_svm_init_done()
860 * - If the page is already secure, then provision a new page and share
920 * H_SVM_PAGE_IN: Move page from normal memory to secure memory.
982 * has been moved to secure memory, we ask UV to give back the page by
1003 * Gets called when secure GFN tranistions from a secure-PFN
1032 * H_SVM_PAGE_OUT: Move page from secure memory to normal memory.
1117 * First try the new ibm,secure-memory nodes which supersede the in kvmppc_get_secmem_size()
1118 * secure-memory-ranges property. in kvmppc_get_secmem_size()
1121 for_each_compatible_node(np, NULL, "ibm,secure-memory") { in kvmppc_get_secmem_size()
1134 prop = of_get_property(np, "secure-memory-ranges", &len); in kvmppc_get_secmem_size()
1162 pr_info("KVMPPC-UVMEM: No support for secure guests\n"); in kvmppc_uvmem_init()
1194 pr_info("KVMPPC-UVMEM: Secure Memory size 0x%lx\n", size); in kvmppc_uvmem_init()