Lines Matching +full:normal +full:- +full:power
1 .. SPDX-License-Identifier: GPL-2.0
15 POWER 9 that enables Secure Virtual Machines (SVMs). DD2.3 chips
16 (PVR=0x004e1203) or greater will be PEF-capable. A new ISA release
20 mode, to POWER architecture. Along with the new mode there is new
22 for short). Ultravisor mode is the highest privileged mode in POWER
25 +------------------+
29 +------------------+
31 +------------------+
33 +------------------+
35 +------------------+
57 is in secure mode, MSR(s)=0 process is in normal mode.
75 +---+---+---+---------------+
79 +---+---+---+---------------+
81 +---+---+---+---------------+
83 +---+---+---+---------------+
85 +---+---+---+---------------+
87 **Normal Mode MSR Settings**
89 +---+---+---+---------------+
93 +---+---+---+---------------+
95 +---+---+---+---------------+
97 +---+---+---+---------------+
99 +---+---+---+---------------+
101 * Memory is partitioned into secure and normal memory. Only processes
139 * LDBAR (LD Base Address Register) and IMC (In-Memory Collection)
140 non-architected registers. An attempt to write to them will cause a
152 * SVMs are created from normal VM using (open source) tooling supplied
155 * All SVMs start as normal VMs and utilize an ultracall, UV_ESM
182 * The movement of data between normal and secure pages is coordinated
183 with the Ultravisor by a new HMM plug-in in the Hypervisor.
194 * Normal memory: Memory that is accessible to Hypervisor.
196 * Normal page: Page backed by normal memory and available to
199 * Shared page: A page backed by normal memory and available to both
222 be accessed when running in Ultravisor-privileged mode.
237 parameter-position based code. i.e U_PARAMETER, U_P2, U_P3 etc
242 to normal memory may be encrypted using dynamically generated keys.
267 -----------
269 Encrypt and move the contents of a page from secure memory to normal
275 .. code-block:: c
280 uint64_t src_gpa, /* source guest-physical-address */
296 * U_BUSY if page cannot be currently paged-out.
301 Encrypt the contents of a secure-page and make it available to
302 Hypervisor in a normal page.
304 By default, the source page is unmapped from the SVM's partition-
321 #. When Ultravisor runs low on secure memory and it needs to page-out
324 then allocate a normal page and issue the ``UV_PAGE_OUT`` ultracall
326 page into the normal page.
330 which the Hypervisor can access. The data in the normal page will
334 ----------
336 Move the contents of a page from normal memory to secure memory.
341 .. code-block:: c
356 * U_BUSY if page cannot be currently paged-in.
367 Move the contents of the page identified by ``src_ra`` from normal
372 partition-scoped page-table of the SVM. If `dest_gpa` is not shared,
389 #. When a normal VM switches to secure mode, all its pages residing
390 in normal memory, are moved into secure memory.
395 #. When an SVM accesses a secure page that has been paged-out,
401 -------------
408 .. code-block:: c
412 uint64_t guest_pa, /* destination guest-physical-address */
441 because it is paged-out to disk, Ultravisor needs to know that the
446 -------------
454 .. code-block:: c
479 Validate and write a LPID and its partition-table-entry for the given
487 called PATE (Partition Table Entries), point to the partition-
489 virtual machines (both secure and normal). The Hypervisor
490 operates in partition 0 and its partition-scoped page tables
491 reside in normal memory.
493 #. This ultracall allows the Hypervisor to register the partition-
494 scoped and process-scoped page table entries for the Hypervisor
502 the PATE entries for a normal VM and can change the PATE entry
507 ---------
516 .. code-block:: c
536 * Non-volatile registers are restored to their original values.
556 --------------------
558 Register an SVM address-range with specified properties.
563 .. code-block:: c
603 #. When new memory is hot-plugged, a new memory slot gets registered.
607 ----------------------
609 Unregister an SVM address-range that was previously registered using
615 .. code-block:: c
641 #. Memory hot-remove.
645 ----------------
652 .. code-block:: c
683 -------------
690 .. code-block:: c
732 ---------------
739 .. code-block:: c
777 --------------------
784 .. code-block:: c
814 ------
821 .. code-block:: c
851 #. A normal virtual machine can choose to switch to a secure mode.
861 hypercalls defined in the Power Architecture Platform Reference (PAPR)
881 ----------------
883 Begin the process of converting a normal virtual machine into an SVM.
888 .. code-block:: c
906 pages from normal to secure memory etc. When the process is
917 ---------------
924 .. code-block:: c
955 ----------------
962 .. code-block:: c
980 normal VM).
989 On entry into this hypercall the non-volatile GPRs and FPRs are
997 out pages that were paged-into secure memory, and issue the
1015 -------------
1017 Move the contents of a page from normal memory to secure memory.
1022 .. code-block:: c
1025 uint64_t guest_pa, /* guest-physical-address */
1058 #. When a normal VM becomes a secure VM (using the UV_ESM ultracall),
1060 the VM from normal memory to secure memory.
1063 in normal memory that can be shared between the SVM and Hypervisor.
1065 #. Ultravisor uses this hypercall to page-in a paged-out page. This
1066 can happen when the SVM touches a paged-out page.
1070 and inform Hypervisor that it has released access to the normal
1074 ---------------
1076 Move the contents of the page to normal memory.
1081 .. code-block:: c
1084 uint64_t guest_pa, /* guest-physical-address */
1101 Move the contents of the page identified by ``guest_pa`` to normal
1111 contents of some secure pages, into normal pages using this
1117 - `Supporting Protected Computing on IBM Power Architecture <https://developer.ibm.com/articles/l-s…