From patchwork Thu Apr 13 11:04:54 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Joey Gouly X-Patchwork-Id: 13210137 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 5DADFC77B6C for ; Thu, 13 Apr 2023 11:06:53 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:Message-ID:Date:Subject:CC :To:From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References: List-Owner; bh=kfGNwHPo9XsU993QgxKfROU3F4e2/rvnP+Nb3GRhmog=; b=PhNQHuV3B1CYSB WV8Oh1zfKwXgKkYPCOTirf10zXa/3/gaa7Lvw4NqczeTDX9vgIiDBCEKuaN+Xjjn2W3rbOsGEKS9e uSZYqZlhhaPQAVu/X2n4muqMwd4208hpxHojxc57SyRxxJBxjZt8fo6FlK/BEyVfm4AzUFd7dEWk1 wSNV3pLM3+yjpEWk/XHzm71JwoyyViHjH+XII/gBeuwXiBMdHbiFBNQ+cwAmaHxRMaotEP5eBvbU2 WMIXml1O7WvDo8NDQp7c/0GQa/AjwuECZ095BvED48j/mnDbgd3gGJiyvy7FBtIZiynKRfKMdRmJ1 VBFNakZWq9oDpWLt2kFA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1pmulz-005yU9-1j; Thu, 13 Apr 2023 11:05:51 +0000 Received: from mail-vi1eur04on0622.outbound.protection.outlook.com ([2a01:111:f400:fe0e::622] helo=EUR04-VI1-obe.outbound.protection.outlook.com) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1pmulk-005yK1-2V for linux-arm-kernel@lists.infradead.org; Thu, 13 Apr 2023 11:05:38 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Yobf3XJNytTlUZx0pSj1P+DYaCNcLERfyOz3yQ403So=; b=ElFTUh8XR7RH8YzVAYvgD8tZ45/xFxf0/bVhtDdV7rFklY78pGR4uqM1D3dbyOWYfIMriXuMHAJoS4URjoxPexAUsDtb8PnO4EvpktSdkY3mq7dVPex8dYFjlYX1sssaBp0W/iRyDPFzJtM3cPcdA0bnftqGAeeig2iZuOphluw= Received: from DB6P191CA0013.EURP191.PROD.OUTLOOK.COM (2603:10a6:6:28::23) by PAWPR08MB10166.eurprd08.prod.outlook.com (2603:10a6:102:368::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6277.35; Thu, 13 Apr 2023 11:05:30 +0000 Received: from DBAEUR03FT016.eop-EUR03.prod.protection.outlook.com (2603:10a6:6:28:cafe::30) by DB6P191CA0013.outlook.office365.com (2603:10a6:6:28::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6298.30 via Frontend Transport; Thu, 13 Apr 2023 11:05:30 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;dmarc=pass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com; pr=C Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by DBAEUR03FT016.mail.protection.outlook.com (100.127.142.204) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6298.29 via Frontend Transport; Thu, 13 Apr 2023 11:05:30 +0000 Received: ("Tessian outbound 99a3040377ca:v136"); Thu, 13 Apr 2023 11:05:30 +0000 X-CheckRecipientChecked: true X-CR-MTA-CID: a698681edb78701c X-CR-MTA-TID: 64aa7808 Received: from cda8c9f4d1d7.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 559B7E39-A617-42EC-BD8B-CC183913837F.1; Thu, 13 Apr 2023 11:05:23 +0000 Received: from EUR04-HE1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id cda8c9f4d1d7.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Thu, 13 Apr 2023 11:05:23 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RibTkmbhQSr9NMy0pZtbF/3H1ziHwuJFg33nJdHLCmU12CSSjIlPPwtGpUk7/Ftwu7FxCdkiMRgbDQZrudVyNGZCTG7HqQkrE74jhyblRs/Q9Z4+GQgGKrtOZVbz5dXG13f6UmBz1R/NoaDpeqyxJ5mPLqsq7g+5c//dbMHnIym8tMSiMRjDOsOBWb1u4rF+fTDTgn7Jkl59Zx2L1P8Kf8/BWFTYE529XJxkaGWczBXtFU9IdX+DdpzUp3lKjZKfZtDbGQIFG4VSGmy0zsbuFD0uPRc+bMpYuFvWnBg+qqvklPxLDfDpcnZm4WkX4/ciwslC7LnkWhNHof2c8MsgZw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Yobf3XJNytTlUZx0pSj1P+DYaCNcLERfyOz3yQ403So=; b=GhzZ4rmOGfnZpcqdb8pTsFUr+3wMo9biJI73AyC3mAh1ZVdQNVG4ajXKCDgVsbOEwkmSrKlYvN/bsi1fjYEEKmsbKOuAJ+7xLmjLIOC8GhJWhXTbXw7nJbmzR0NOTMOiJ6reA3/HSNgzrkvCRztw30/XAkcxUCH4IHNl0vSdusvX7QPBsf3cmP/B1i6c0NRm7R5Hj6oFSco5a1vA8hku6FILVNLt2ucf6ywQHLpDqzYMZ8m/VS6bo3Z+veGcerStzwfrDU8ikSQqFZkjkpT5ijYTI+rHzKzBQLwT1RFvqIliFiWi55snaI4dh5JoJ4Hcoj2NqfrqcauPU6Ng9lkeSg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 40.67.248.234) smtp.rcpttodomain=lists.infradead.org smtp.mailfrom=arm.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=arm.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Yobf3XJNytTlUZx0pSj1P+DYaCNcLERfyOz3yQ403So=; b=ElFTUh8XR7RH8YzVAYvgD8tZ45/xFxf0/bVhtDdV7rFklY78pGR4uqM1D3dbyOWYfIMriXuMHAJoS4URjoxPexAUsDtb8PnO4EvpktSdkY3mq7dVPex8dYFjlYX1sssaBp0W/iRyDPFzJtM3cPcdA0bnftqGAeeig2iZuOphluw= Received: from AS9PR06CA0465.eurprd06.prod.outlook.com (2603:10a6:20b:49a::17) by DU0PR08MB9584.eurprd08.prod.outlook.com (2603:10a6:10:448::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6298.30; Thu, 13 Apr 2023 11:05:16 +0000 Received: from AM7EUR03FT021.eop-EUR03.prod.protection.outlook.com (2603:10a6:20b:49a:cafe::8d) by AS9PR06CA0465.outlook.office365.com (2603:10a6:20b:49a::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6298.31 via Frontend Transport; Thu, 13 Apr 2023 11:05:16 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 40.67.248.234) smtp.mailfrom=arm.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 40.67.248.234 as permitted sender) receiver=protection.outlook.com; client-ip=40.67.248.234; helo=nebula.arm.com; pr=C Received: from nebula.arm.com (40.67.248.234) by AM7EUR03FT021.mail.protection.outlook.com (100.127.140.243) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6298.31 via Frontend Transport; Thu, 13 Apr 2023 11:05:16 +0000 Received: from AZ-NEU-EX02.Emea.Arm.com (10.251.26.5) by AZ-NEU-EX04.Arm.com (10.251.24.32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.17; Thu, 13 Apr 2023 11:05:15 +0000 Received: from AZ-NEU-EX03.Arm.com (10.251.24.31) by AZ-NEU-EX02.Emea.Arm.com (10.251.26.5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.17; Thu, 13 Apr 2023 11:05:14 +0000 Received: from e124191.cambridge.arm.com (10.1.197.45) by mail.arm.com (10.251.24.31) with Microsoft SMTP Server id 15.1.2507.17 via Frontend Transport; Thu, 13 Apr 2023 11:05:14 +0000 From: Joey Gouly To: CC: , , , , , , , , , , Subject: [PATCH v2 00/19] Permission Indirection Extension Date: Thu, 13 Apr 2023 12:04:54 +0100 Message-ID: <20230413110513.243326-1-joey.gouly@arm.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 X-EOPAttributedMessage: 1 X-MS-TrafficTypeDiagnostic: AM7EUR03FT021:EE_|DU0PR08MB9584:EE_|DBAEUR03FT016:EE_|PAWPR08MB10166:EE_ X-MS-Office365-Filtering-Correlation-Id: d850806d-5e87-48d0-2fd4-08db3c0efee1 x-checkrecipientrouted: true NoDisclaimer: true X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Untrusted: BCL:0; X-Microsoft-Antispam-Message-Info-Original: qArXl11nl4d23JlXVhegQFf53njl/i3dYTGkftCcLFwhFckNg8gUY3yDAGtifLC5N0CnJd3uZQ2eLLrj8mkZ5eebJF+oFWLdhwCbosvE40RC8YHUBCciAv7D/hR9w1PPIjpiM/TH4t7ya3QUYi/V8kJpf6yKD34qhjRyG7pmiUxHI0iWkikvNMH7cb/sVpThKn1t+2e5VNb2ndZDpmdSjgl1ZdLza530mRyFzNKXdFbvOki66PH046jw2ybostOlKqIwBcZrBsPN1Fd3MAqJnPjQsn4YlUGwE3OWcXb7sj0rr1TCGHut9resldp4X4nqSHXTxNe9CaJ8viKPwxNLjkuSv3DxFc2yg/i++8A1emdlt5wq4Zw0E14HAlQD5GWjw8Fuu+w8ABGeFylMh6NmIpqf+Nbeb6+nlj0M+gG/D8MWgm82jdmHzY66TM5vZgFKnUFBUJh5urmYvDgauQk88lL344OmX2NsgbhI+SsLicrSYrm2h67+NVAOftyjVyOclemaE0h7CX7GtGz2ZgVGY+7hQazp5ZrC5oesJJM4J/LSZ+XreT6sJ/5kAOU1BioKLR7KGKFj/g214gmMrolWp3Xn6ZsACF7y6tJ7vKMtC8yHrBKSrddwy8UDkgFmoMYAKEjt9ACoCIX8cmHa+YTUqrFmGAfjwYiveaTZYQIRXLCEqNjTjHZc7vD2Ggs8VPE9mQNJeU/Xp9850kZcjgqRzezxCKibQCxzR41G/lrDqOU= X-Forefront-Antispam-Report-Untrusted: CIP:40.67.248.234;CTRY:IE;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:nebula.arm.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230028)(4636009)(346002)(376002)(39860400002)(396003)(136003)(451199021)(46966006)(36840700001)(40470700004)(8676002)(8936002)(41300700001)(5660300002)(44832011)(6916009)(4326008)(81166007)(316002)(356005)(2906002)(70206006)(70586007)(426003)(478600001)(54906003)(86362001)(82740400003)(7696005)(6666004)(186003)(1076003)(40460700003)(82310400005)(83380400001)(336012)(26005)(40480700001)(36860700001)(2616005)(36756003)(47076005)(36900700001);DIR:OUT;SFP:1101; X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU0PR08MB9584 X-MS-Exchange-Transport-CrossTenantHeadersStripped: DBAEUR03FT016.eop-EUR03.prod.protection.outlook.com X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id-Prvs: 28fab09b-c5ba-4f1f-0783-08db3c0ef639 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: hfONa1800MN4HSJ0/gtABy5Xw8ushOX6dKbSZ8Do94gQcYYFAzeFMMLQzBbBI19nu4lh16dkgzP+VukwpoI6HHF1x1JQ+ifOmMXrBX8fwXIHBKJVgiDB4V2YShZqk0MezqsRNSza7OjkjrlXuVCvB2LwSeHiQ5YG121TWLEnGUASZs0tw4cYOETsKHt8mebAa2kQ8EwOTQIrz47SsU2FRkGm+k5gM0PJ1RU0/mqmT1Un3Aktz8riiYKAd7aq8lQdLotXPzly7RwP5Z6GwbRjlwIf/tC4RDUzoVMsc3ZHh5c7J86JxAnCIuRbdpFv0j1vJcI9VmfxgfYNz14AYnovkbgJKDknYNb3ideQrhTIYIkIlYEFNgOa0DWLUxOHw+u8sjvTyhCoYeY/a9MgPrZcL46LWN9J1ftFqc+zQsqU5yyLzobtWA+m4ETqw/ml9hrUJCdCPqCgjcEWZBGpMn61+zN4DPauF7MHGtZqdUVh5dvoCUgXmFnJSE5ziqbNZgJdoDuPnTyXZUyOPIUashrj9kmxV5aXom+hvuf9MM1sUAOsVEahgAP2DEfWqE//frnf+JoJ1jQJF1t/OL5BzvCWS46mAOYoxnc3JRKgjszxZ9/TLZv1BJX57EZt/Ajqf6lc7Aj7BoF1BjWDPA8eDI2gcmP2NuG/aKP1pLOvxSYqlQb7q8EEaaXWfO0GxYQpPjh1kMYkyNY4a9TbC2oh6e4xjg== X-Forefront-Antispam-Report: CIP:63.35.35.123;CTRY:IE;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:64aa7808-outbound-1.mta.getcheckrecipient.com;PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com;CAT:NONE;SFS:(13230028)(4636009)(346002)(396003)(136003)(376002)(39860400002)(451199021)(36840700001)(46966006)(40470700004)(86362001)(4326008)(70206006)(26005)(6916009)(316002)(1076003)(70586007)(186003)(40460700003)(36756003)(6666004)(7696005)(54906003)(40480700001)(107886003)(478600001)(8676002)(8936002)(36860700001)(2616005)(41300700001)(81166007)(5660300002)(83380400001)(44832011)(2906002)(426003)(82310400005)(336012)(47076005)(82740400003);DIR:OUT;SFP:1101; X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 Apr 2023 11:05:30.6124 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: d850806d-5e87-48d0-2fd4-08db3c0efee1 X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d;Ip=[63.35.35.123];Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com] X-MS-Exchange-CrossTenant-AuthSource: DBAEUR03FT016.eop-EUR03.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PAWPR08MB10166 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230413_040536_991857_AD4CFF60 X-CRM114-Status: GOOD ( 15.34 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Hi all, This series implements the Permission Indirection Extension introduced in 2022 VMSA enhancements [1]. Changes since v1 [2]: - Renamed PIRx_ELx_PERMIDX and reversed the arguments - Added new registers to get-reg-list selftest - Added booting requirements - Add TCR2_EL2 and PIR_EL2 registers - Collected review tags - Rebased onto arm64/for-next/core (b2ad9d4e249), to get Mark Brown's HFG* register commit. The Permission Indirection Extension is a new way to set memory permissions. Instead of directly encoding the permission in the Page Table Entry (PTE), fields in the PTEs are used to index into an array of permissions specified in a register. This indirection provides greater flexibility, greater encoding density and enables the representation of new permissions. The PTEs bit that are repurposed for use with permission indirection are: 54 PTE_UXN 53 PTE_PXN 51 PTE_DBM 6 PTE_USER The way that PIE is implemented in this patchset is that the encodings are picked such that they match how Linux currently sets the bits in the PTEs, so none of the page table handling has changed. This means this patchset keeps the same functionality as currently implemented, but allows for future expansion. Enabling PIE is also a prerequisite for implementing the Guarded Control Stack Extension (GCS). Another related extension is the Permission Overlay Extension, which is not covered by this patch set, but is mentioned in patch 5 as half of PIE encoding values apply an overlay. However, since overlays are not currently enabled, they act as all the other permissions do. This first few patches are adding the new system registers, and cpufeature capabilities. Then KVM support for save/restore of the new registers is added. Finally the new Permission Indirection registers are set and the new feature is enabled. Kristina's series [3] changes how HCRX_EL2 is handled, so there will be need to be some minor changes, depending on which series goes in first. Thanks, Joey Joey Gouly (19): arm64/sysreg: Add ID register ID_AA64MMFR3 arm64/sysreg: add system registers TCR2_ELx arm64/sysreg: update HCRX_EL2 register arm64/sysreg: add PIR*_ELx registers arm64: cpufeature: add system register ID_AA64MMFR3 arm64: cpufeature: add TCR2 cpucap arm64: cpufeature: add Permission Indirection Extension cpucap KVM: arm64: Save/restore TCR2_EL1 KVM: arm64: Save/restore PIE registers KVM: arm64: expose ID_AA64MMFR3_EL1 to guests arm64: add PTE_UXN/PTE_WRITE to SWAPPER_*_FLAGS arm64: add PTE_WRITE to PROT_SECT_NORMAL arm64: reorganise PAGE_/PROT_ macros arm64: disable EL2 traps for PIE arm64: add encodings of PIRx_ELx registers arm64: enable Permission Indirection Extension (PIE) arm64: transfer permission indirection settings to EL2 arm64: Document boot requirements for PIE KVM: selftests: get-reg-list: add Permission Indirection registers Documentation/arm64/booting.rst | 26 +++ arch/arm64/include/asm/cpu.h | 1 + arch/arm64/include/asm/el2_setup.h | 23 ++- arch/arm64/include/asm/kernel-pgtable.h | 4 +- arch/arm64/include/asm/kvm_host.h | 5 + arch/arm64/include/asm/pgtable-hwdef.h | 8 + arch/arm64/include/asm/pgtable-prot.h | 96 ++++++++--- arch/arm64/include/asm/sysreg.h | 19 +++ arch/arm64/kernel/cpufeature.c | 32 ++++ arch/arm64/kernel/cpuinfo.c | 1 + arch/arm64/kernel/head.S | 8 +- arch/arm64/kernel/hyp-stub.S | 18 ++ arch/arm64/kvm/hyp/include/hyp/sysreg-sr.h | 12 ++ arch/arm64/kvm/sys_regs.c | 5 +- arch/arm64/mm/proc.S | 17 +- arch/arm64/tools/cpucaps | 2 + arch/arm64/tools/sysreg | 159 +++++++++++++++++- .../selftests/kvm/aarch64/get-reg-list.c | 5 +- 18 files changed, 402 insertions(+), 39 deletions(-) Reviewed-by: Mark Brown