From patchwork Tue Sep 12 14:16:24 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ard Biesheuvel <ardb@google.com>
X-Patchwork-Id: 13381795
Return-Path: 
 <linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from bombadil.infradead.org (bombadil.infradead.org
 [198.137.202.133])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.lore.kernel.org (Postfix) with ESMTPS id D2523CA0EEB
	for <linux-arm-kernel@archiver.kernel.org>;
 Tue, 12 Sep 2023 14:20:03 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20210309; h=Sender:
	Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post:
	List-Archive:List-Unsubscribe:List-Id:Cc:To:From:Subject:Message-ID:
	References:Mime-Version:In-Reply-To:Date:Reply-To:Content-ID:
	Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
	:Resent-Message-ID:List-Owner;
	bh=+ZzFqHdGY7MO0J7Bs2fZJDCvlWvvuLg3ZuVXCVCDJxM=; b=qtRITNxYP6kpMrbUkA8gw0wevy
	xbrH+mzVVawVNhI6WI/fSqPEZKsg3MhcQc+8tdesSSXV3vWunKiP2Ur2s7gJVf99NtUc8XAgkMmy0
	8GxR+Ucdbw/+5obU1AmQjLC5J8dTZiAu6N+RaFScXQJrf6dRlEYc6JSUzjnH4XhA5mfOGg2DCrH+E
	jxkAvAUaJjZfQm8T48JC3A8cU9Hrb7bOA57NnQ/XBPlJDIINDjCbUi+8rCDcdnaLjkCeHD8X4Gvsy
	6Ecy6/0E+jQNBCYC03U/pp1m56l9BEnrE4uQlrjK26M9nY3CFEUmHxGLC4EspbfW/qjoZ+1Kb0633
	EbciaNow==;
Received: from localhost ([::1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux))
	id 1qg4El-003XXr-0v;
	Tue, 12 Sep 2023 14:19:31 +0000
Received: from desiato.infradead.org ([2001:8b0:10b:1:d65d:64ff:fe57:4e05])
	by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux))
	id 1qg4E6-003WyI-2X
	for linux-arm-kernel@bombadil.infradead.org;
	Tue, 12 Sep 2023 14:18:50 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=infradead.org; s=desiato.20200630; h=Content-Type:Cc:To:From:Subject:
	Message-ID:References:Mime-Version:In-Reply-To:Date:Sender:Reply-To:
	Content-Transfer-Encoding:Content-ID:Content-Description;
	bh=CaXnLCEyTKksb5yUJ9O1Yp+FnZR4E/gfzPnjUBp/gac=; b=pZntRfpOFTcmlreD2juyBVnXKO
	LsiughPV41Iv4aobfuCAg8Xc87EgupnSxqMtCWro+KdJRLVoZONCPBnrE1nfX7p+YIRvzg2AuGAIx
	89juKdABQz1WrIrwd+smLDlGd7xCeR66BLob2QNPqjnoJGp2QKFXws/R80YChHzmPyuRrxmUeK3xC
	s5TK6yb3AFHP9s6ZcuwjXgmhxcBx8hG/QKg5rBwtt3kXFd842XWYCyNOt9mc4xQzcboNTwaUtFS+O
	1e5oLkFG5bV8L9p1iqVduzTdkjjek9xty/oPJblinuzz2+bjdQL+MRbMcRlPC0YP2rIJJ2Wq+RRL9
	HdaioTcg==;
Received: from mail-yw1-x1149.google.com ([2607:f8b0:4864:20::1149])
	by desiato.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux))
	id 1qg4Dz-0069zS-09
	for linux-arm-kernel@lists.infradead.org;
	Tue, 12 Sep 2023 14:18:49 +0000
Received: by mail-yw1-x1149.google.com with SMTP id
 00721157ae682-59b5a586da6so77311247b3.1
        for <linux-arm-kernel@lists.infradead.org>;
 Tue, 12 Sep 2023 07:18:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1694528319; x=1695133119;
 darn=lists.infradead.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=CaXnLCEyTKksb5yUJ9O1Yp+FnZR4E/gfzPnjUBp/gac=;
        b=aU7TWTKk70PXEqnGaGYxfUDtaxOp8aBZnH5U4t6h/Yaw+XnPg87cKQr+0vt0IVVqxy
         NcVX5aXONjj41BVC32vzjOxOqGR5dejkFtV4uzGd32E3x/SfbviHemHDxss5BiJ2/ngu
         FnAVixNMuWfC173R88F/gMFSdxeqMWYcnoZW9VKV6kJsZwoqKJG2AxzVpDPJHXh2rH2G
         zi8oMnlaj5rPHL2vIzRb/YNKj+fzryfP3yK2QBjt/bSSioJ6dfGRMI7mRXgHFANeu8QU
         w63BVcpEfeGwHHe0HjoEz1pOnrBFwJZC9Cv564aR1zvUhUD2SckvKZ4lWCGf8Dx2aTEZ
         0yCQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1694528319; x=1695133119;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=CaXnLCEyTKksb5yUJ9O1Yp+FnZR4E/gfzPnjUBp/gac=;
        b=RZb7U3UD6bCH2qPTHmfMZGx4jOM2hNYtTcDytftnnYAEDJ8P5tOD1/VWqTwgu3ltv5
         Ib+S9kdT3RlEgsnKCa6riHBl79zRXMLvKb9m1BPtCpG+o7G2HTIGUHHoYBWlzRhu/SwC
         pn973NeVuO7+3XXsb82Pq6Zb/+VHdz6jzI3xTgMv19TOluO6Z8maPOAsuDXClrx72VGN
         nlmtnqmc7wp1f94Usn+eBE6Be8fb+wT1UN8GspToj664vTNQHA0RgkTuKHtXDFBD9cBu
         T1BOYb29+zI2e9os1noWDD1TG2qcwFxGYpiphVQ16z/r12N4xDfSR1hweJLlMOY6b9eZ
         5i7Q==
X-Gm-Message-State: AOJu0YwgAb5qrvjyK810T2ijpHB/oHo2BCP9qER5xgmb+EPRn4KTKuvC
	Kx7SWvuN5TXD6FdAo/xIWqvC2zEJVhR1aLGV9jJRfmdr2pqbRSmEiQ41ok1cr56PTXkLMwiozZz
	H5Y6vGwNlFVHAk8sLGTVqup204g8gIf1kgmIOM86C6ptI/5Kacx+5HSlNaDwJMIfhcoiiV7TWLz
	s=
X-Google-Smtp-Source: 
 AGHT+IHIzOi2TH8IzZmJtvv++8yzvrmhQ9NVkVC2PZpcNQT/t7fqzKWKhPACavKEIovW73q/tJUaRNkh
X-Received: from palermo.c.googlers.com
 ([fda3:e722:ac3:cc00:28:9cb1:c0a8:118a])
 (user=ardb job=sendgmr) by 2002:a05:690c:311:b0:59b:5a5b:3a91 with SMTP id
 bg17-20020a05690c031100b0059b5a5b3a91mr95062ywb.2.1694528318837; Tue, 12 Sep
 2023 07:18:38 -0700 (PDT)
Date: Tue, 12 Sep 2023 14:16:24 +0000
In-Reply-To: <20230912141549.278777-63-ardb@google.com>
Mime-Version: 1.0
References: <20230912141549.278777-63-ardb@google.com>
X-Developer-Key: i=ardb@kernel.org; a=openpgp;
 fpr=F43D03328115A198C90016883D200E9CA6329909
X-Developer-Signature: v=1; a=openpgp-sha256; l=7010; i=ardb@kernel.org;
 h=from:subject; bh=IP1ASo65b8oOf3V6YkSoNzvt+dQQ7S6GDOamX919CTg=;
 b=owGbwMvMwCFmkMcZplerG8N4Wi2JIZWhaOfMxFM+c+Vi4oIi+ZfZx3LeVs7Td5gmxtl1seH+t
 vf3+RQ7SlkYxDgYZMUUWQRm/3238/REqVrnWbIwc1iZQIYwcHEKwEQe5TAynOA85yv9Kq6N83/X
 LN5qiw9LHf/tzL/YJPTgq6jywz2BkxgZrk85NWXVo6XGkxsfK3uE+bY1f99Q1xl+JSK/8ET+3N1
 z2AE=
X-Mailer: git-send-email 2.42.0.283.g2d96d420d3-goog
Message-ID: <20230912141549.278777-97-ardb@google.com>
Subject: [PATCH v4 34/61] arm64: mm: Use 48-bit virtual addressing for the
 permanent ID map
From: Ard Biesheuvel <ardb@google.com>
To: linux-arm-kernel@lists.infradead.org
Cc: Ard Biesheuvel <ardb@kernel.org>,
 Catalin Marinas <catalin.marinas@arm.com>,
	Will Deacon <will@kernel.org>, Marc Zyngier <maz@kernel.org>,
 Mark Rutland <mark.rutland@arm.com>,
	Ryan Roberts <ryan.roberts@arm.com>,
 Anshuman Khandual <anshuman.khandual@arm.com>,
	Kees Cook <keescook@chromium.org>, Joey Gouly <joey.gouly@arm.com>
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20230912_151844_608969_0DFD05D1 
X-CRM114-Status: GOOD (  25.53  )
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: 
 <http://lists.infradead.org/mailman/options/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: 
 <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org

From: Ard Biesheuvel <ardb@kernel.org>

Even though we support loading kernels anywhere in 48-bit addressable
physical memory, we create the ID maps based on the number of levels
that we happened to configure for the kernel VA and user VA spaces.

The reason for this is that the PGD/PUD/PMD based classification of
translation levels, along with the associated folding when the number of
levels is less than 5, does not permit creating a page table hierarchy
of a set number of levels. This means that, for instance, on 39-bit VA
kernels we need to configure an additional level above PGD level on the
fly, and 36-bit VA kernels still only support 47-bit virtual addressing
with this trick applied.

Now that we have a separate helper to populate page table hierarchies
that does not define the levels in terms of PUDS/PMDS/etc at all, let's
reuse it to create the permanent ID map with a fixed VA size of 48 bits.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 arch/arm64/include/asm/kernel-pgtable.h |  3 ++
 arch/arm64/kernel/head.S                |  5 +++
 arch/arm64/kvm/mmu.c                    | 15 +++------
 arch/arm64/mm/mmu.c                     | 32 +++++++++++---------
 arch/arm64/mm/proc.S                    |  9 ++----
 5 files changed, 32 insertions(+), 32 deletions(-)

diff --git a/arch/arm64/include/asm/kernel-pgtable.h b/arch/arm64/include/asm/kernel-pgtable.h
index 0631604995ee..742a4b2778f7 100644
--- a/arch/arm64/include/asm/kernel-pgtable.h
+++ b/arch/arm64/include/asm/kernel-pgtable.h
@@ -35,6 +35,9 @@
 #define SWAPPER_PGTABLE_LEVELS	(CONFIG_PGTABLE_LEVELS)
 #endif
 
+#define IDMAP_VA_BITS		48
+#define IDMAP_LEVELS		ARM64_HW_PGTABLE_LEVELS(IDMAP_VA_BITS)
+#define IDMAP_ROOT_LEVEL	(4 - IDMAP_LEVELS)
 
 /*
  * A relocatable kernel may execute from an address that differs from the one at
diff --git a/arch/arm64/kernel/head.S b/arch/arm64/kernel/head.S
index ffacce7b5a02..a1c29d64e875 100644
--- a/arch/arm64/kernel/head.S
+++ b/arch/arm64/kernel/head.S
@@ -729,6 +729,11 @@ SYM_FUNC_START_LOCAL(__no_granule_support)
 SYM_FUNC_END(__no_granule_support)
 
 SYM_FUNC_START_LOCAL(__primary_switch)
+	mrs		x1, tcr_el1
+	mov		x2, #64 - VA_BITS
+	tcr_set_t0sz	x1, x2
+	msr		tcr_el1, x1
+
 	adrp	x1, reserved_pg_dir
 	adrp	x2, init_idmap_pg_dir
 	bl	__enable_mmu
diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c
index 587a104f66c3..beee6408534d 100644
--- a/arch/arm64/kvm/mmu.c
+++ b/arch/arm64/kvm/mmu.c
@@ -1889,16 +1889,9 @@ int __init kvm_mmu_init(u32 *hyp_va_bits)
 	BUG_ON((hyp_idmap_start ^ (hyp_idmap_end - 1)) & PAGE_MASK);
 
 	/*
-	 * The ID map may be configured to use an extended virtual address
-	 * range. This is only the case if system RAM is out of range for the
-	 * currently configured page size and VA_BITS_MIN, in which case we will
-	 * also need the extended virtual range for the HYP ID map, or we won't
-	 * be able to enable the EL2 MMU.
-	 *
-	 * However, in some cases the ID map may be configured for fewer than
-	 * the number of VA bits used by the regular kernel stage 1. This
-	 * happens when VA_BITS=52 and the kernel image is placed in PA space
-	 * below 48 bits.
+	 * The ID map is always configured for 48 bits of translation, which
+	 * may be fewer than the number of VA bits used by the regular kernel
+	 * stage 1, when VA_BITS=52.
 	 *
 	 * At EL2, there is only one TTBR register, and we can't switch between
 	 * translation tables *and* update TCR_EL2.T0SZ at the same time. Bottom
@@ -1909,7 +1902,7 @@ int __init kvm_mmu_init(u32 *hyp_va_bits)
 	 * 1 VA bits to assure that the hypervisor can both ID map its code page
 	 * and map any kernel memory.
 	 */
-	idmap_bits = 64 - ((idmap_t0sz & TCR_T0SZ_MASK) >> TCR_T0SZ_OFFSET);
+	idmap_bits = IDMAP_VA_BITS;
 	kernel_bits = vabits_actual;
 	*hyp_va_bits = max(idmap_bits, kernel_bits);
 
diff --git a/arch/arm64/mm/mmu.c b/arch/arm64/mm/mmu.c
index 49a49b37580b..070bc1bc5ad1 100644
--- a/arch/arm64/mm/mmu.c
+++ b/arch/arm64/mm/mmu.c
@@ -754,22 +754,21 @@ static void __init map_kernel(pgd_t *pgdp)
 	kasan_copy_shadow(pgdp);
 }
 
+void __pi_map_range(u64 *pgd, u64 start, u64 end, u64 pa, pgprot_t prot,
+		    int level, pte_t *tbl, bool may_use_cont, u64 va_offset);
+
+static u8 idmap_ptes[IDMAP_LEVELS - 1][PAGE_SIZE] __aligned(PAGE_SIZE) __ro_after_init,
+	  kpti_ptes[IDMAP_LEVELS - 1][PAGE_SIZE] __aligned(PAGE_SIZE) __ro_after_init;
+
 static void __init create_idmap(void)
 {
 	u64 start = __pa_symbol(__idmap_text_start);
-	u64 size = __pa_symbol(__idmap_text_end) - start;
-	pgd_t *pgd = idmap_pg_dir;
-	u64 pgd_phys;
-
-	/* check if we need an additional level of translation */
-	if (VA_BITS < 48 && idmap_t0sz < (64 - VA_BITS_MIN)) {
-		pgd_phys = early_pgtable_alloc(PAGE_SHIFT);
-		set_pgd(&idmap_pg_dir[start >> VA_BITS],
-			__pgd(pgd_phys | P4D_TYPE_TABLE));
-		pgd = __va(pgd_phys);
-	}
-	__create_pgd_mapping(pgd, start, start, size, PAGE_KERNEL_ROX,
-			     early_pgtable_alloc, 0);
+	u64 end   = __pa_symbol(__idmap_text_end);
+	u64 ptep  = __pa_symbol(idmap_ptes);
+
+	__pi_map_range(&ptep, start, end, start, PAGE_KERNEL_ROX,
+		       IDMAP_ROOT_LEVEL, (pte_t *)idmap_pg_dir, false,
+		       __phys_to_virt(ptep) - ptep);
 
 	if (IS_ENABLED(CONFIG_UNMAP_KERNEL_AT_EL0)) {
 		extern u32 __idmap_kpti_flag;
@@ -779,8 +778,10 @@ static void __init create_idmap(void)
 		 * The KPTI G-to-nG conversion code needs a read-write mapping
 		 * of its synchronization flag in the ID map.
 		 */
-		__create_pgd_mapping(pgd, pa, pa, sizeof(u32), PAGE_KERNEL,
-				     early_pgtable_alloc, 0);
+		ptep = __pa_symbol(kpti_ptes);
+		__pi_map_range(&ptep, pa, pa + sizeof(u32), pa, PAGE_KERNEL,
+			       IDMAP_ROOT_LEVEL, (pte_t *)idmap_pg_dir, false,
+			       __phys_to_virt(ptep) - ptep);
 	}
 }
 
@@ -805,6 +806,7 @@ void __init paging_init(void)
 	memblock_allow_resize();
 
 	create_idmap();
+	idmap_t0sz = TCR_T0SZ(IDMAP_VA_BITS);
 }
 
 #ifdef CONFIG_MEMORY_HOTPLUG
diff --git a/arch/arm64/mm/proc.S b/arch/arm64/mm/proc.S
index 30b066ac4a74..8432af63e023 100644
--- a/arch/arm64/mm/proc.S
+++ b/arch/arm64/mm/proc.S
@@ -422,9 +422,9 @@ SYM_FUNC_START(__cpu_setup)
 	mair	.req	x17
 	tcr	.req	x16
 	mov_q	mair, MAIR_EL1_SET
-	mov_q	tcr, TCR_TxSZ(VA_BITS) | TCR_CACHE_FLAGS | TCR_SMP_FLAGS | \
-			TCR_TG_FLAGS | TCR_KASLR_FLAGS | TCR_ASID16 | \
-			TCR_TBI0 | TCR_A1 | TCR_KASAN_SW_FLAGS | TCR_MTE_FLAGS
+	mov_q	tcr, TCR_T0SZ(IDMAP_VA_BITS) | TCR_T1SZ(VA_BITS) | TCR_CACHE_FLAGS | \
+		     TCR_SMP_FLAGS | TCR_TG_FLAGS | TCR_KASLR_FLAGS | TCR_ASID16 | \
+		     TCR_TBI0 | TCR_A1 | TCR_KASAN_SW_FLAGS | TCR_MTE_FLAGS
 
 	tcr_clear_errata_bits tcr, x9, x5
 
@@ -432,10 +432,7 @@ SYM_FUNC_START(__cpu_setup)
 	sub		x9, xzr, x0
 	add		x9, x9, #64
 	tcr_set_t1sz	tcr, x9
-#else
-	idmap_get_t0sz	x9
 #endif
-	tcr_set_t0sz	tcr, x9
 
 	/*
 	 * Set the IPS bits in TCR_EL1.