From patchwork Tue Jul 30 15:11:06 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Will Deacon <will@kernel.org>
X-Patchwork-Id: 13747530
Return-Path: 
 <linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from bombadil.infradead.org (bombadil.infradead.org
 [198.137.202.133])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.lore.kernel.org (Postfix) with ESMTPS id 5CC8EC3DA49
	for <linux-arm-kernel@archiver.kernel.org>;
 Tue, 30 Jul 2024 15:12:15 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help
	:List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding:
	MIME-Version:Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-Type:
	Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
	Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Owner;
	bh=JPENs751pzCKuQ7ulGkhNm2oR7fmeBHa4FZw4NCIsiU=; b=uv1HAe1ZkVdMqTK5FAI3l6GQJF
	CUtBpW+FpnGGjIVrOqwp/B/hzO5IC210e4eI0OqfPDav1/q+YCUDu3knizXfWgRij5yd/T9JCpP83
	n3eo+vXvBcuimbWXFunMgUROHav3PWhN7QHfR86s9CY7DzZ3+2NBepwRFVmftEm1IesEk6OMyfTNL
	DZO7UVuhHc4+IRS5mTNZfjc6fam4qIWvGQ3Ac7sTJG5yntWjolWE82GAz6HxhLV80QH56mmWNdfx9
	YqTApw3ui15S0R53Tr7grEqK18Cswwcx8jNo3G1WsudkhRWPZgMNqnC0ce1CMjstKMpshaCQ0wTYn
	YZy7vY4Q==;
Received: from localhost ([::1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux))
	id 1sYoW8-0000000Fc1d-3T58;
	Tue, 30 Jul 2024 15:12:00 +0000
Received: from sin.source.kernel.org ([145.40.73.55])
	by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux))
	id 1sYoVW-0000000Fbm1-33Op
	for linux-arm-kernel@lists.infradead.org;
	Tue, 30 Jul 2024 15:11:25 +0000
Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58])
	by sin.source.kernel.org (Postfix) with ESMTP id 8E3F5CE10DD;
	Tue, 30 Jul 2024 15:11:20 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id CFD25C32782;
	Tue, 30 Jul 2024 15:11:17 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1722352279;
	bh=TPq7dUWy/hGjHKJL8srilmGJ0OyLZJ4HqT4NvHIPfa8=;
	h=From:To:Cc:Subject:Date:From;
	b=KDp+qhjC0irf4m02DKVGpspLLB6MD8U+NQjo9jEGMrHpsLzCr9AwxucJyzdSlJCr5
	 rFEqOjjwfIDtJ4jDfgllUXbUnfk3zZxhuOK2cC4FChDpc7hKMyJLrgnb2PHf1VwaOM
	 47lfFXv6J6woKv2HBtLy0tVabi/2ggNoP4DSLqhiBLaT+DmJOklHMcdrgD6Hg8Ue19
	 ygQ6k9r3TvjyhM4/5HrCBl4iU4wLRIK6kFNl1hQfJqIyYdwchuM73UNUnRw2/zuEdx
	 6sn+6TaXMDrL+GU5mSLn53SAZF6mJsnHtxNQMMqNY9+Gz2CiWOpl5Hx1UFsQv1h1se
	 SovPyWj7mvD8Q==
From: Will Deacon <will@kernel.org>
To: linux-arm-kernel@lists.infradead.org
Cc: Will Deacon <will@kernel.org>,
	Sudeep Holla <sudeep.holla@arm.com>,
	Catalin Marinas <catalin.marinas@arm.com>,
	Lorenzo Pieralisi <lpieralisi@kernel.org>,
	Suzuki Poulose <suzuki.poulose@arm.com>,
	Steven Price <steven.price@arm.com>,
	Oliver Upton <oliver.upton@linux.dev>,
	Marc Zyngier <maz@kernel.org>,
	linux-coco@lists.linux.dev
Subject: [PATCH 0/6] Support for running as a pKVM protected guest
Date: Tue, 30 Jul 2024 16:11:06 +0100
Message-Id: <20240730151113.1497-1-will@kernel.org>
X-Mailer: git-send-email 2.20.1
MIME-Version: 1.0
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20240730_081123_284893_0B55C358 
X-CRM114-Status: GOOD (  17.59  )
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: 
 <http://lists.infradead.org/mailman/options/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: 
 <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org

Hi folks,

Since the patches for running as a CCA guest were posted already at [1],
I figured it was worth posting the equivalent pKVM changes needed to run
as a protected guest under an Android host kernel. In particular, I've
tried to structure the code so that the CCA patches can use the same
hooks. I'd welcome feedback from the CCA developers (i.e. Steven and
Suzuki) as to whether this is sufficient.

There are also some pKVM-specific details which are worth discussion:

  * I've kept the code compatible with Android, so these patches allow
    an upstream kernel to run as a protected guest on a production
    (unlocked) Android device. This seemed like a good property for v1,
    but I'm happy to break compatibility if folks prefer a cleaner
    interface (e.g. using consecutive hypercall numbers).

  * I've included only the hypercalls that are necessary for a
    functioning guest. Android has some others, but I'd prefer to land
    the host support upstream before we expose optional interfaces as
    ABI.

  * For now, the stage-2 page size cannot be larger than the guest
    stage-1 page size otherwise the guest will fail to boot.

  * I don't forcefully configure SWIOTLB, as we rely on Restricted DMA
    pools (CONFIG_DMA_RESTRICTED_POOL) for devices that need it.

I also pushed a branch at [2] based on -rc1.

Cheers,

Will

[1] https://lore.kernel.org/r/20240701095505.165383-1-steven.price@arm.com
[2] git://git.kernel.org/pub/scm/linux/kernel/git/will/linux.git kvm/protected-guest

Cc: Sudeep Holla <sudeep.holla@arm.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Lorenzo Pieralisi <lpieralisi@kernel.org>
Cc: Suzuki Poulose <suzuki.poulose@arm.com>
Cc: Steven Price <steven.price@arm.com>
Cc: Oliver Upton <oliver.upton@linux.dev>
Cc: Marc Zyngier <maz@kernel.org>
Cc: linux-coco@lists.linux.dev

--->8

Marc Zyngier (1):
  firmware/smccc: Call arch-specific hook on discovering KVM services

Will Deacon (5):
  drivers/virt: pkvm: Add initial support for running as a protected
    guest
  arm64: mm: Add top-level dispatcher for internal mem_encrypt API
  drivers/virt: pkvm: Hook up mem_encrypt API using pKVM hypercalls
  arm64: mm: Add confidential computing hook to ioremap_prot()
  drivers/virt: pkvm: Intercept ioremap using pKVM MMIO_GUARD hypercall

 Documentation/virt/kvm/arm/hypercalls.rst     |  98 ++++++++++++++
 arch/arm/include/asm/hypervisor.h             |   2 +
 arch/arm64/Kconfig                            |   1 +
 arch/arm64/include/asm/hypervisor.h           |  11 ++
 arch/arm64/include/asm/io.h                   |   4 +
 arch/arm64/include/asm/mem_encrypt.h          |  15 +++
 arch/arm64/include/asm/set_memory.h           |   1 +
 arch/arm64/mm/Makefile                        |   2 +-
 arch/arm64/mm/ioremap.c                       |  23 +++-
 arch/arm64/mm/mem_encrypt.c                   |  50 +++++++
 drivers/firmware/smccc/kvm_guest.c            |   2 +
 drivers/virt/coco/Kconfig                     |   2 +
 drivers/virt/coco/Makefile                    |   1 +
 drivers/virt/coco/pkvm-guest/Kconfig          |  10 ++
 drivers/virt/coco/pkvm-guest/Makefile         |   2 +
 drivers/virt/coco/pkvm-guest/arm-pkvm-guest.c | 127 ++++++++++++++++++
 include/linux/arm-smccc.h                     |  28 ++++
 17 files changed, 377 insertions(+), 2 deletions(-)
 create mode 100644 arch/arm64/include/asm/mem_encrypt.h
 create mode 100644 arch/arm64/mm/mem_encrypt.c
 create mode 100644 drivers/virt/coco/pkvm-guest/Kconfig
 create mode 100644 drivers/virt/coco/pkvm-guest/Makefile
 create mode 100644 drivers/virt/coco/pkvm-guest/arm-pkvm-guest.c