[v8,07/11] KVM: arm64: Enable writable for ID_AA64PFR0_EL1

Message ID	20230807162210.2528230-8-jingzhangos@google.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org> Date: Mon, 7 Aug 2023 09:22:05 -0700 In-Reply-To: <20230807162210.2528230-1-jingzhangos@google.com> Mime-Version: 1.0 References: <20230807162210.2528230-1-jingzhangos@google.com> Message-ID: <20230807162210.2528230-8-jingzhangos@google.com> Subject: [PATCH v8 07/11] KVM: arm64: Enable writable for ID_AA64PFR0_EL1 From: Jing Zhang <jingzhangos@google.com> To: KVM <kvm@vger.kernel.org>, KVMARM <kvmarm@lists.linux.dev>, ARMLinux <linux-arm-kernel@lists.infradead.org>, Marc Zyngier <maz@kernel.org>, Oliver Upton <oliver.upton@linux.dev> Cc: Will Deacon <will@kernel.org>, Paolo Bonzini <pbonzini@redhat.com>, James Morse <james.morse@arm.com>, Alexandru Elisei <alexandru.elisei@arm.com>, Suzuki K Poulose <suzuki.poulose@arm.com>, Fuad Tabba <tabba@google.com>, Reiji Watanabe <reijiw@google.com>, Raghavendra Rao Ananta <rananta@google.com>, Suraj Jitindar Singh <surajjs@amazon.com>, Cornelia Huck <cohuck@redhat.com>, Jing Zhang <jingzhangos@google.com> Precedence: list Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org> Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org
Series	Enable writable for idregs DFR0,PFR0, MMFR{0,1,2,3} \| expand [v8,00/11] Enable writable for idregs DFR0,PFR0, MMFR{0,1,2,3} [v8,01/11] KVM: arm64: Allow userspace to get the writable masks for feature ID registers [v8,02/11] KVM: arm64: Document KVM_ARM_GET_REG_WRITABLE_MASKS [v8,03/11] KVM: arm64: Use guest ID register values for the sake of emulation [v8,04/11] KVM: arm64: Reject attempts to set invalid debug arch version [v8,05/11] KVM: arm64: Enable writable for ID_AA64DFR0_EL1 and ID_DFR0_EL1 [v8,06/11] KVM: arm64: Bump up the default KVM sanitised debug version to v8p8 [v8,07/11] KVM: arm64: Enable writable for ID_AA64PFR0_EL1 [v8,08/11] KVM: arm64: Refactor helper Macros for idreg desc [v8,09/11] KVM: arm64: Enable writable for ID_AA64MMFR{0, 1, 2, 3}_EL1 [v8,10/11] KVM: arm64: selftests: Import automatic system register definition generation from kernel [v8,11/11] KVM: arm64: selftests: Test for setting ID register from usersapce

Message ID

20230807162210.2528230-8-jingzhangos@google.com (mailing list archive)

State

New, archived

Headers

Date: Mon,  7 Aug 2023 09:22:05 -0700
In-Reply-To: <20230807162210.2528230-1-jingzhangos@google.com>
Mime-Version: 1.0
References: <20230807162210.2528230-1-jingzhangos@google.com>
Message-ID: <20230807162210.2528230-8-jingzhangos@google.com>
Subject: [PATCH v8 07/11] KVM: arm64: Enable writable for ID_AA64PFR0_EL1
From: Jing Zhang <jingzhangos@google.com>
To: KVM <kvm@vger.kernel.org>, KVMARM <kvmarm@lists.linux.dev>,
	ARMLinux <linux-arm-kernel@lists.infradead.org>,
 Marc Zyngier <maz@kernel.org>,
	Oliver Upton <oliver.upton@linux.dev>
Cc: Will Deacon <will@kernel.org>, Paolo Bonzini <pbonzini@redhat.com>,
	James Morse <james.morse@arm.com>,
 Alexandru Elisei <alexandru.elisei@arm.com>,
	Suzuki K Poulose <suzuki.poulose@arm.com>, Fuad Tabba <tabba@google.com>,
	Reiji Watanabe <reijiw@google.com>,
 Raghavendra Rao Ananta <rananta@google.com>,
	Suraj Jitindar Singh <surajjs@amazon.com>, Cornelia Huck <cohuck@redhat.com>,
	Jing Zhang <jingzhangos@google.com>
Precedence: list
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org

Series

Enable writable for idregs DFR0,PFR0, MMFR{0,1,2,3} | expand

All valid fields in ID_AA64PFR0_EL1 are writable from usrespace with this change. Signed-off-by: Jing Zhang <jingzhangos@google.com> --- arch/arm64/kvm/sys_regs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Marc Zyngier Aug. 17, 2023, 3:53 p.m. UTC | #1

On Mon, 07 Aug 2023 17:22:05 +0100,
Jing Zhang <jingzhangos@google.com> wrote:
> 
> All valid fields in ID_AA64PFR0_EL1 are writable from usrespace
> with this change.

userspace

> 
> Signed-off-by: Jing Zhang <jingzhangos@google.com>
> ---
>  arch/arm64/kvm/sys_regs.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c
> index 879004fd37e5..392613bec560 100644
> --- a/arch/arm64/kvm/sys_regs.c
> +++ b/arch/arm64/kvm/sys_regs.c
> @@ -2041,7 +2041,7 @@ static const struct sys_reg_desc sys_reg_descs[] = {
>  	  .get_user = get_id_reg,
>  	  .set_user = set_id_reg,
>  	  .reset = read_sanitised_id_aa64pfr0_el1,
> -	  .val = ID_AA64PFR0_EL1_CSV2_MASK | ID_AA64PFR0_EL1_CSV3_MASK, },
> +	  .val = GENMASK(63, 0), },
>  	ID_SANITISED(ID_AA64PFR1_EL1),
>  	ID_UNALLOCATED(4,2),
>  	ID_UNALLOCATED(4,3),

Same remark as the previous patch. What makes it legal to make
*everything* writable? For example, we don't expose the AMU. And yet
you are telling userspace "sure, go ahead".

Userspace will then try and restore *something*, and will eventually
crap itself because the kernel won't allow it.

Why do we bother describing the writable fields if userspace can't
write to them?

	M.

Jing Zhang Aug. 21, 2023, 5:40 p.m. UTC | #2

Hi Marc,

On Thu, Aug 17, 2023 at 8:53 AM Marc Zyngier <maz@kernel.org> wrote:
>
> On Mon, 07 Aug 2023 17:22:05 +0100,
> Jing Zhang <jingzhangos@google.com> wrote:
> >
> > All valid fields in ID_AA64PFR0_EL1 are writable from usrespace
> > with this change.
>
> userspace
>
> >
> > Signed-off-by: Jing Zhang <jingzhangos@google.com>
> > ---
> >  arch/arm64/kvm/sys_regs.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c
> > index 879004fd37e5..392613bec560 100644
> > --- a/arch/arm64/kvm/sys_regs.c
> > +++ b/arch/arm64/kvm/sys_regs.c
> > @@ -2041,7 +2041,7 @@ static const struct sys_reg_desc sys_reg_descs[] = {
> >         .get_user = get_id_reg,
> >         .set_user = set_id_reg,
> >         .reset = read_sanitised_id_aa64pfr0_el1,
> > -       .val = ID_AA64PFR0_EL1_CSV2_MASK | ID_AA64PFR0_EL1_CSV3_MASK, },
> > +       .val = GENMASK(63, 0), },
> >       ID_SANITISED(ID_AA64PFR1_EL1),
> >       ID_UNALLOCATED(4,2),
> >       ID_UNALLOCATED(4,3),
>
> Same remark as the previous patch. What makes it legal to make
> *everything* writable? For example, we don't expose the AMU. And yet
> you are telling userspace "sure, go ahead".
>
> Userspace will then try and restore *something*, and will eventually
> crap itself because the kernel won't allow it.
>
> Why do we bother describing the writable fields if userspace can't
> write to them?

I'll send out another version which wouldn't enable writable masks for
RES0 fields and KVM hidden fields.
Does it sound good to you?

>
>         M.
>
> --
> Without deviation from the norm, progress is not possible.

Thanks,
Jing

diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c
index 879004fd37e5..392613bec560 100644
--- a/arch/arm64/kvm/sys_regs.c
+++ b/arch/arm64/kvm/sys_regs.c
@@ -2041,7 +2041,7 @@  static const struct sys_reg_desc sys_reg_descs[] = {
 	  .get_user = get_id_reg,
 	  .set_user = set_id_reg,
 	  .reset = read_sanitised_id_aa64pfr0_el1,
-	  .val = ID_AA64PFR0_EL1_CSV2_MASK | ID_AA64PFR0_EL1_CSV3_MASK, },
+	  .val = GENMASK(63, 0), },
 	ID_SANITISED(ID_AA64PFR1_EL1),
 	ID_UNALLOCATED(4,2),
 	ID_UNALLOCATED(4,3),

[v8,07/11] KVM: arm64: Enable writable for ID_AA64PFR0_EL1

Commit Message

Comments

Patch