From patchwork Fri Feb 25 03:34:45 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kalesh Singh X-Patchwork-Id: 12759606 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id BC64CC433EF for ; Fri, 25 Feb 2022 03:39:50 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Cc:From:Subject:Mime-Version:Message-Id :Date:Reply-To:To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References: List-Owner; bh=KBPNQ5uDcPGFJZ1ZC/8VmWkSt3NZh+1DZlSbfsIicrE=; b=jz58nt3o5WGbla 7F30IJOqO3QsIfBxlQnnko/ncp/lKs2y1nUOP3LqX9befn82NgncyYgrZD1P9Sd1ph7U9csjwrqFp /N7k0Yg+Xgl2C5sdCug5A+6eLvd0h25j5kdwAo4z2ascibli+QjaMwI54WjIKPAW5sFSG5POh9ubE jGPOCfrLraaNYiQK6E+OaIytwGw6TwumXFUnp8lviIU69N10Mt9xBJXaFvwyj69aki1Zs+y9NmX4/ dYgp4zniAomEcnrrhan5YPNlRKC53ctE+NQvG0BxHSD1Ibh93YBG3PUOoIN28Qkf7EKZ6GHPyVZoO nK474AMjT+juxUuwly+w==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1nNRRC-0036vs-CI; Fri, 25 Feb 2022 03:38:34 +0000 Received: from mail-yb1-xb4a.google.com ([2607:f8b0:4864:20::b4a]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1nNRR7-0036uk-O1 for linux-arm-kernel@lists.infradead.org; Fri, 25 Feb 2022 03:38:31 +0000 Received: by mail-yb1-xb4a.google.com with SMTP id i205-20020a2522d6000000b00622c778ac7cso2045063ybi.3 for ; Thu, 24 Feb 2022 19:38:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:message-id:mime-version:subject:from:cc; bh=lRl0HjXhPu6ADawywYnArEMte7rRfDeWFMBvRkbFFjM=; b=S7Ke1Qrv/H2gN5bhiIKHyXO5BqKb0hR9jNRoPi0ajEBy8u9aNZorLX7Bo8H1GqHsKz fmsU7Ycr3ES37wkC2wy6RB2faGuLjPdcjhP8gh4qvonB2dN744jN9Qd0Y+ewhJBs0Cju R+RzRPi6HqMmLq5cgrFtJ/uBW110v4PhK/pKkXGUlNNCRdDA75w96ekaFpOahjt3Xht5 ZhOZZAaYBlDdZV4/gS2FFVYdvU97vf+K3Q5mKDiKGE/BhIL+5RvDUbw1+8GJK/a1Ybe1 Pm6mYc8xu4dhRUkcWmUWV83PwwMqz8U2so66u68ZMz4jE5XVbhlD7L5Ux4w/BE8bgAcm Kf/Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:message-id:mime-version:subject:from:cc; bh=lRl0HjXhPu6ADawywYnArEMte7rRfDeWFMBvRkbFFjM=; b=hcMv6RyzhVVOOIpDrk2TjuH7V2evSsUBBVHLVSZOnjedxWKZDuxIwupikATJda0pfN qWhrTLLLPZeUfhUUcsSdKcrAa3V4ErXOD5q0+Fklz+hAPXYfIAbZC6hps0k5u8SDicCR mU3mxPfbcuctjikV5u1elF7c3tlzDjoa1PVFW0PI9loBgQfxrr3dKWh3/R5o06QD4nAp J3ulIlWDI7aR0iSVczKsmzeqZYpMcBWOP3kMf2+BtCdtE1GVyF55Zv1ThznCePF54JO1 CbNVvMy6rS1V7wRBkbLImrjp2Gw/qa3NzlFXNe91F1EwGp6bS3WLoTWGS09HugSpHl6A Lkdg== X-Gm-Message-State: AOAM532XX8jSrP3nSwOEqZxt4kezgYykUz3GdaQDWjCz3itfPaD5hrxB FvZWraL8C99begN1zkwIhnbtVRRubP/72roQ1w== X-Google-Smtp-Source: ABdhPJzT2/dEx2ZlZAx77MFqSXMTepcIZYciKpvBk468Pli5bTlecp6MbBohdSPmg6XJHm7ArsvkwmhXD6EBP+rbvA== X-Received: from kaleshsingh.mtv.corp.google.com ([2620:15c:211:200:3a50:90b2:e6a2:9060]) (user=kaleshsingh job=sendgmr) by 2002:a25:4945:0:b0:61d:546d:aedb with SMTP id w66-20020a254945000000b0061d546daedbmr5422061yba.147.1645760305379; Thu, 24 Feb 2022 19:38:25 -0800 (PST) Date: Thu, 24 Feb 2022 19:34:45 -0800 Message-Id: <20220225033548.1912117-1-kaleshsingh@google.com> Mime-Version: 1.0 X-Mailer: git-send-email 2.35.1.574.g5d30c73bfb-goog Subject: [PATCH v4 0/8] KVM: arm64: Hypervisor stack enhancements From: Kalesh Singh Cc: will@kernel.org, maz@kernel.org, qperret@google.com, tabba@google.com, surenb@google.com, kernel-team@android.com, Kalesh Singh , James Morse , Alexandru Elisei , Suzuki K Poulose , Catalin Marinas , Mark Rutland , Mark Brown , Masami Hiramatsu , Peter Collingbourne , "Madhavan T. Venkataraman" , Andrew Walbran , Andrew Scull , Andrew Jones , Ard Biesheuvel , linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu, linux-kernel@vger.kernel.org X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20220224_193829_793293_0B58666E X-CRM114-Status: GOOD ( 15.30 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Hi all, This is v4 of the nVHE hypervisor stack enhancements. Previous versions can be found at: v3: https://lore.kernel.org/r/20220224051439.640768-1-kaleshsingh@google.com/ v2: https://lore.kernel.org/r/20220222165212.2005066-1-kaleshsingh@google.com/ v1: https://lore.kernel.org/r/20220210224220.4076151-1-kaleshsingh@google.com/ The previous cover letter has been copied below for convenience. Thanks, Kalesh ----- This series is based on 5.17-rc5 and adds the following stack features to the KVM nVHE hypervisor: == Hyp Stack Guard Pages == Based on the technique used by arm64 VMAP_STACK to detect overflow. i.e. the stack is aligned to twice its size which ensure that the 'stack shift' bit of any valid SP is 0. The 'stack shift' bit can be tested in the exception entry to detect overflow without corrupting GPRs. == Hyp Stack Unwinder == Based on the arm64 kernel stack unwinder (See: arch/arm64/kernel/stacktrace.c) The unwinding and dumping of the hyp stack is not enabled by default and depends on CONFIG_NVHE_EL2_DEBUG to avoid potential information leaks. When CONFIG_NVHE_EL2_DEBUG is enabled the host stage 2 protection is disabled, allowing the host to read the hypervisor stack pages and unwind the stack from EL1. This allows us to print the hypervisor stacktrace before panicking the host; as shown below. Example call trace: [ 98.916444][ T426] kvm [426]: nVHE hyp panic at: [] __kvm_nvhe_overflow_stack+0x8/0x34! [ 98.918360][ T426] nVHE HYP call trace: [ 98.918692][ T426] kvm [426]: [] __kvm_nvhe_cpu_prepare_nvhe_panic_info+0x4c/0x68 [ 98.919545][ T426] kvm [426]: [] __kvm_nvhe_hyp_panic+0x2c/0xe8 [ 98.920107][ T426] kvm [426]: [] __kvm_nvhe_hyp_panic_bad_stack+0x10/0x10 [ 98.920665][ T426] kvm [426]: [] __kvm_nvhe___kvm_hyp_host_vector+0x24c/0x794 [ 98.921292][ T426] kvm [426]: [] __kvm_nvhe_overflow_stack+0x24/0x34 . . . [ 98.973382][ T426] kvm [426]: [] __kvm_nvhe_overflow_stack+0x24/0x34 [ 98.973816][ T426] kvm [426]: [] __kvm_nvhe___kvm_vcpu_run+0x38/0x438 [ 98.974255][ T426] kvm [426]: [] __kvm_nvhe_handle___kvm_vcpu_run+0x1c4/0x364 [ 98.974719][ T426] kvm [426]: [] __kvm_nvhe_handle_trap+0xa8/0x130 [ 98.975152][ T426] kvm [426]: [] __kvm_nvhe___host_exit+0x64/0x64 [ 98.975588][ T426] ---- end of nVHE HYP call trace ---- Kalesh Singh (8): KVM: arm64: Introduce hyp_alloc_private_va_range() KVM: arm64: Introduce pkvm_alloc_private_va_range() KVM: arm64: Add guard pages for KVM nVHE hypervisor stack KVM: arm64: Add guard pages for pKVM (protected nVHE) hypervisor stack KVM: arm64: Detect and handle hypervisor stack overflows KVM: arm64: Add hypervisor overflow stack KVM: arm64: Unwind and dump nVHE HYP stacktrace KVM: arm64: Symbolize the nVHE HYP backtrace arch/arm64/include/asm/kvm_asm.h | 21 +++ arch/arm64/include/asm/kvm_mmu.h | 4 + arch/arm64/include/asm/stacktrace.h | 12 ++ arch/arm64/kernel/stacktrace.c | 210 ++++++++++++++++++++++++--- arch/arm64/kvm/Kconfig | 5 +- arch/arm64/kvm/arm.c | 34 ++++- arch/arm64/kvm/handle_exit.c | 16 +- arch/arm64/kvm/hyp/include/nvhe/mm.h | 3 +- arch/arm64/kvm/hyp/nvhe/host.S | 29 ++++ arch/arm64/kvm/hyp/nvhe/hyp-main.c | 5 +- arch/arm64/kvm/hyp/nvhe/mm.c | 60 +++++--- arch/arm64/kvm/hyp/nvhe/setup.c | 25 +++- arch/arm64/kvm/hyp/nvhe/switch.c | 30 +++- arch/arm64/kvm/mmu.c | 65 ++++++--- scripts/kallsyms.c | 2 +- 15 files changed, 428 insertions(+), 93 deletions(-) base-commit: cfb92440ee71adcc2105b0890bb01ac3cddb8507