[v8,00/11] KVM: arm64: Fixed features for protected VMs

Message ID	20211010145636.1950948-1-tabba@google.com (mailing list archive)
Headers	show Return-Path: <kvm-owner@kernel.org> Date: Sun, 10 Oct 2021 15:56:25 +0100 Message-Id: <20211010145636.1950948-1-tabba@google.com> Mime-Version: 1.0 Subject: [PATCH v8 00/11] KVM: arm64: Fixed features for protected VMs From: Fuad Tabba <tabba@google.com> To: kvmarm@lists.cs.columbia.edu Cc: maz@kernel.org, will@kernel.org, james.morse@arm.com, alexandru.elisei@arm.com, suzuki.poulose@arm.com, mark.rutland@arm.com, christoffer.dall@arm.com, pbonzini@redhat.com, drjones@redhat.com, oupton@google.com, qperret@google.com, kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kernel-team@android.com, tabba@google.com Content-Type: text/plain; charset="UTF-8" Precedence: bulk
Series	KVM: arm64: Fixed features for protected VMs \| expand [v8,00/11] KVM: arm64: Fixed features for protected VMs [v8,01/11] KVM: arm64: Move __get_fault_info() and co into their own include file [v8,02/11] KVM: arm64: Don't include switch.h into nvhe/kvm-main.c [v8,03/11] KVM: arm64: Move early handlers to per-EC handlers [v8,04/11] KVM: arm64: Pass struct kvm to per-EC handlers [v8,05/11] KVM: arm64: Add missing field descriptor for MDCR_EL2 [v8,06/11] KVM: arm64: Simplify masking out MTE in feature id reg [v8,07/11] KVM: arm64: Add handlers for protected VM System Registers [v8,08/11] KVM: arm64: Initialize trap registers for protected VMs [v8,09/11] KVM: arm64: Move sanitized copies of CPU features [v8,10/11] KVM: arm64: Trap access to pVM restricted features [v8,11/11] KVM: arm64: Handle protected guests at 32 bits

Message ID

20211010145636.1950948-1-tabba@google.com (mailing list archive)

Headers

Date: Sun, 10 Oct 2021 15:56:25 +0100
Message-Id: <20211010145636.1950948-1-tabba@google.com>
Mime-Version: 1.0
Subject: [PATCH v8 00/11] KVM: arm64: Fixed features for protected VMs
From: Fuad Tabba <tabba@google.com>
To: kvmarm@lists.cs.columbia.edu
Cc: maz@kernel.org, will@kernel.org, james.morse@arm.com,
        alexandru.elisei@arm.com, suzuki.poulose@arm.com,
        mark.rutland@arm.com, christoffer.dall@arm.com,
        pbonzini@redhat.com, drjones@redhat.com, oupton@google.com,
        qperret@google.com, kvm@vger.kernel.org,
        linux-arm-kernel@lists.infradead.org, kernel-team@android.com,
        tabba@google.com
Content-Type: text/plain; charset="UTF-8"
Precedence: bulk

Series

KVM: arm64: Fixed features for protected VMs | expand

Message

Fuad Tabba Oct. 10, 2021, 2:56 p.m. UTC

Hi,

Changes since v7 [1]:
- Fix build warnings

This patch series adds support for restricting CPU features for protected VMs
in KVM (pKVM). For more background, please refer to the previous series [2].

This series is based on 5.15-rc4. You can find the applied series here [3].

Cheers,
/fuad

[1] https://lore.kernel.org/kvmarm/20211008155832.1415010-1-tabba@google.com/

[2] https://lore.kernel.org/kvmarm/20210827101609.2808181-1-tabba@google.com/

[3] https://android-kvm.googlesource.com/linux/+/refs/heads/tabba/el2_fixed_feature_v8

Fuad Tabba (8):
  KVM: arm64: Pass struct kvm to per-EC handlers
  KVM: arm64: Add missing field descriptor for MDCR_EL2
  KVM: arm64: Simplify masking out MTE in feature id reg
  KVM: arm64: Add handlers for protected VM System Registers
  KVM: arm64: Initialize trap registers for protected VMs
  KVM: arm64: Move sanitized copies of CPU features
  KVM: arm64: Trap access to pVM restricted features
  KVM: arm64: Handle protected guests at 32 bits

Marc Zyngier (3):
  KVM: arm64: Move __get_fault_info() and co into their own include file
  KVM: arm64: Don't include switch.h into nvhe/kvm-main.c
  KVM: arm64: Move early handlers to per-EC handlers

 arch/arm64/include/asm/kvm_arm.h              |   1 +
 arch/arm64/include/asm/kvm_asm.h              |   1 +
 arch/arm64/include/asm/kvm_fixed_config.h     | 195 +++++++
 arch/arm64/include/asm/kvm_host.h             |   2 +
 arch/arm64/include/asm/kvm_hyp.h              |   5 +
 arch/arm64/kvm/arm.c                          |  13 +
 arch/arm64/kvm/hyp/include/hyp/fault.h        |  75 +++
 arch/arm64/kvm/hyp/include/hyp/switch.h       | 221 ++++----
 arch/arm64/kvm/hyp/include/nvhe/sys_regs.h    |  29 +
 .../arm64/kvm/hyp/include/nvhe/trap_handler.h |   2 +
 arch/arm64/kvm/hyp/nvhe/Makefile              |   2 +-
 arch/arm64/kvm/hyp/nvhe/hyp-main.c            |  11 +-
 arch/arm64/kvm/hyp/nvhe/mem_protect.c         |   8 +-
 arch/arm64/kvm/hyp/nvhe/pkvm.c                | 186 +++++++
 arch/arm64/kvm/hyp/nvhe/setup.c               |   3 +
 arch/arm64/kvm/hyp/nvhe/switch.c              | 108 ++++
 arch/arm64/kvm/hyp/nvhe/sys_regs.c            | 500 ++++++++++++++++++
 arch/arm64/kvm/hyp/vhe/switch.c               |  16 +
 arch/arm64/kvm/sys_regs.c                     |  10 +-
 19 files changed, 1243 insertions(+), 145 deletions(-)
 create mode 100644 arch/arm64/include/asm/kvm_fixed_config.h
 create mode 100644 arch/arm64/kvm/hyp/include/hyp/fault.h
 create mode 100644 arch/arm64/kvm/hyp/include/nvhe/sys_regs.h
 create mode 100644 arch/arm64/kvm/hyp/nvhe/pkvm.c
 create mode 100644 arch/arm64/kvm/hyp/nvhe/sys_regs.c


base-commit: 1da38549dd64c7f5dd22427f12dfa8db3d8a722b

Comments

Marc Zyngier Oct. 18, 2021, 4:39 p.m. UTC | #1

On Sun, 10 Oct 2021 15:56:25 +0100, Fuad Tabba wrote:
> Changes since v7 [1]:
> - Fix build warnings
> 
> This patch series adds support for restricting CPU features for protected VMs
> in KVM (pKVM). For more background, please refer to the previous series [2].
> 
> This series is based on 5.15-rc4. You can find the applied series here [3].
> 
> [...]

Applied to next, thanks!

[01/11] KVM: arm64: Move __get_fault_info() and co into their own include file
        commit: 7dd9b5a157485ae8c48f76f087b1867ace016613
[02/11] KVM: arm64: Don't include switch.h into nvhe/kvm-main.c
        commit: cc1e6fdfa92b82902883b70dafa729d3bd427b80
[03/11] KVM: arm64: Move early handlers to per-EC handlers
        commit: 8fb2046180a0ad347f2e5bcae760dca67e65aa73
[04/11] KVM: arm64: Pass struct kvm to per-EC handlers
        commit: 3b1a690eda0dc1891e8fc93991b122bff6fabf8c
[05/11] KVM: arm64: Add missing field descriptor for MDCR_EL2
        commit: 53868390778270f2890621f4498a53587719a3ff
[06/11] KVM: arm64: Simplify masking out MTE in feature id reg
        commit: 16dd1fbb12f72effcd3539561c2a94aed3ab6581
[07/11] KVM: arm64: Add handlers for protected VM System Registers
        commit: 6c30bfb18d0b7d09593f204c936493cfcd153956
[08/11] KVM: arm64: Initialize trap registers for protected VMs
        commit: 2a0c343386ae1a6826e1b9d751bfc14f4711c2de
[09/11] KVM: arm64: Move sanitized copies of CPU features
        commit: 72e1be120eaaf82a58c81fcf173cdb1d7a5dcfbb
[10/11] KVM: arm64: Trap access to pVM restricted features
        commit: 1423afcb411780c7a6a68f801fdcfb6920ad6f06
[11/11] KVM: arm64: Handle protected guests at 32 bits
        commit: 5f39efc42052b042c4d7ba6fd77934e8de43e10c

Cheers,

	M.