From patchwork Mon Feb 26 10:05:52 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Marc Zyngier X-Patchwork-Id: 13571825 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 07495C54E55 for ; Mon, 26 Feb 2024 10:09:18 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=ueCr3E3b2yBOaRA4IMCJ993IzRWk4I92HHiRD6mTR2M=; b=S17+KXMqe2PPHa zPpwTB8+f3vU9PieAmhwZgZfnnxDMv62tQzlpwWWnngZbqA8yFiH2qZUyoNszBA4MOgG3yGT3JFZV uSy47n6qGt4dg2hG64CN2E0nO9h5XyqfT0jk5W99BTU3yZf4+HQi2kPbTvFwk6Yltiw+XzewECIHD u2UyajNnha519z66kgr4KrU1sWuK1H/Z6Bs4j8o0JedykQomYR/fJXglTNtyR5xtTQUzWaR4fayV9 13w8AQpHCafqurkugQxZ3Ce+YhCCRsMjTYK4bQ/+2GT81O5sP/TNtjzm4uxm9nSnYtLhvRDqIBBSs V49l3Y0Njn1Z5KK74yWA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1reXuZ-0000000HXwF-3x7l; Mon, 26 Feb 2024 10:08:40 +0000 Received: from desiato.infradead.org ([2001:8b0:10b:1:d65d:64ff:fe57:4e05]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1reXu4-0000000HXjd-0u2U for linux-arm-kernel@bombadil.infradead.org; Mon, 26 Feb 2024 10:08:26 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=desiato.20200630; h=Content-Transfer-Encoding:MIME-Version :References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To: Content-Type:Content-ID:Content-Description; bh=9M4PvMhPR4X8x3Uwm4fYy0UfKGe8fpeivHfhVbKERdg=; b=HFvUYavAue+LeiitCW8/sy9RrI SmPYDxu3PHgF9KzX3+5FhozIif1reC3rQZW6hiTqZt1b4rEZEIKKaLYOMnbq064jKKe0dkSXMHZss e9TN0jHNAPlr1OJwN+l41RIN99fQJZLb5CqZkzKihul50GOgIJ1iKqIgGTQehjwsa2T5D4a11ODM6 iK6jNFPs/gLrfll3YCVPVWraf9Oz9xKAAs7o6tIhJiB6F+JtKRSRXTwW6Oc3dX9U9PUpLUwL0PtMZ hN/URGFBy66/ZxUChIbqreHEZLyfiE529avKQX43CL68ZqT0uWcgqsrOApb7XNsTC1iuo99yEIqAG nZpb32GQ==; Received: from sin.source.kernel.org ([145.40.73.55]) by desiato.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1reXtq-0000000170S-2SDw for linux-arm-kernel@lists.infradead.org; Mon, 26 Feb 2024 10:08:03 +0000 Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by sin.source.kernel.org (Postfix) with ESMTP id 80335CE135C; Mon, 26 Feb 2024 10:07:37 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id B76D1C43399; Mon, 26 Feb 2024 10:07:36 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1708942056; bh=nuP68np28bnX5e9ek2TaXzYB9gLQsB4wYLjkmlaziwg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=cftFMEGW011VnLjXiOPHIhMu2vHQ39I4h9WtAjhnm2MqvakiBkC6O53EQw0OtQZgv RHJOhE6OA8zAGqOWyhe81q6Lk6Hfa1ck7OfusC/0zZvafvsr7gbtZ1ms3OjuGVxZaG TdFmriarGG6qedNmZnRZeTLDd6NyVWWZuFQ8YquSaeepIJKT4t+b6DjD/Xas2IexXu AFyuhl7kzz2OjOQV/HcKGLuIs2bEOqZvolQ30UST7jLfxK3fQukfPrnXSm4klirVmv +3MNQ+9FNn9auZBykJO4ZuhsQ22pjRO4JJrRzNFbYK4Qw27ajo7kBREBmfM6YYQE4U zdBc1Sc64VD4w== Received: from sofa.misterjones.org ([185.219.108.64] helo=valley-girl.lan) by disco-boy.misterjones.org with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1reXtW-006nQ5-9P; Mon, 26 Feb 2024 10:07:34 +0000 From: Marc Zyngier To: kvmarm@lists.linux.dev, kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org Cc: James Morse , Suzuki K Poulose , Oliver Upton , Zenghui Yu , Joey Gouly , Will Deacon , Catalin Marinas Subject: [PATCH v2 04/13] KVM: arm64: nv: Configure HCR_EL2 for FEAT_NV2 Date: Mon, 26 Feb 2024 10:05:52 +0000 Message-Id: <20240226100601.2379693-5-maz@kernel.org> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20240226100601.2379693-1-maz@kernel.org> References: <20240226100601.2379693-1-maz@kernel.org> MIME-Version: 1.0 X-SA-Exim-Connect-IP: 185.219.108.64 X-SA-Exim-Rcpt-To: kvmarm@lists.linux.dev, kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, james.morse@arm.com, suzuki.poulose@arm.com, oliver.upton@linux.dev, yuzenghui@huawei.com, joey.gouly@arm.com, will@kernel.org, catalin.marinas@arm.com X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on disco-boy.misterjones.org); SAEximRunCond expanded to false X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240226_100755_453864_B26A1EC9 X-CRM114-Status: GOOD ( 16.19 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Add the HCR_EL2 configuration for FEAT_NV2, adding the required bits for running a guest hypervisor, and overall merging the allowed bits provided by the guest. This heavily replies on unavaliable features being sanitised when the HCR_EL2 shadow register is accessed, and only a couple of bits must be explicitly disabled. Non-NV guests are completely unaffected by any of this. Reviewed-by: Joey Gouly Signed-off-by: Marc Zyngier --- arch/arm64/kvm/hyp/include/hyp/switch.h | 4 +-- arch/arm64/kvm/hyp/nvhe/switch.c | 2 +- arch/arm64/kvm/hyp/vhe/switch.c | 35 ++++++++++++++++++++++++- 3 files changed, 36 insertions(+), 5 deletions(-) diff --git a/arch/arm64/kvm/hyp/include/hyp/switch.h b/arch/arm64/kvm/hyp/include/hyp/switch.h index e3fcf8c4d5b4..f5f701f309a9 100644 --- a/arch/arm64/kvm/hyp/include/hyp/switch.h +++ b/arch/arm64/kvm/hyp/include/hyp/switch.h @@ -271,10 +271,8 @@ static inline void __deactivate_traps_common(struct kvm_vcpu *vcpu) __deactivate_traps_hfgxtr(vcpu); } -static inline void ___activate_traps(struct kvm_vcpu *vcpu) +static inline void ___activate_traps(struct kvm_vcpu *vcpu, u64 hcr) { - u64 hcr = vcpu->arch.hcr_el2; - if (cpus_have_final_cap(ARM64_WORKAROUND_CAVIUM_TX2_219_TVM)) hcr |= HCR_TVM; diff --git a/arch/arm64/kvm/hyp/nvhe/switch.c b/arch/arm64/kvm/hyp/nvhe/switch.c index c50f8459e4fc..4103625e46c5 100644 --- a/arch/arm64/kvm/hyp/nvhe/switch.c +++ b/arch/arm64/kvm/hyp/nvhe/switch.c @@ -40,7 +40,7 @@ static void __activate_traps(struct kvm_vcpu *vcpu) { u64 val; - ___activate_traps(vcpu); + ___activate_traps(vcpu, vcpu->arch.hcr_el2); __activate_traps_common(vcpu); val = vcpu->arch.cptr_el2; diff --git a/arch/arm64/kvm/hyp/vhe/switch.c b/arch/arm64/kvm/hyp/vhe/switch.c index 58415783fd53..d5fdcea2b366 100644 --- a/arch/arm64/kvm/hyp/vhe/switch.c +++ b/arch/arm64/kvm/hyp/vhe/switch.c @@ -33,11 +33,44 @@ DEFINE_PER_CPU(struct kvm_host_data, kvm_host_data); DEFINE_PER_CPU(struct kvm_cpu_context, kvm_hyp_ctxt); DEFINE_PER_CPU(unsigned long, kvm_hyp_vector); +/* + * HCR_EL2 bits that the NV guest can freely change (no RES0/RES1 + * semantics, irrespective of the configuration), but that cannot be + * applied to the actual HW as things would otherwise break badly. + * + * - TGE: we want the guest to use EL1, which is incompatible with + * this bit being set + * + * - API/APK: for hysterical raisins, we enable PAuth lazily, which + * means that the guest's bits cannot be directly applied (we really + * want to see the traps). Revisit this at some point. + */ +#define NV_HCR_GUEST_EXCLUDE (HCR_TGE | HCR_API | HCR_APK) + +static u64 __compute_hcr(struct kvm_vcpu *vcpu) +{ + u64 hcr = vcpu->arch.hcr_el2; + + if (!vcpu_has_nv(vcpu)) + return hcr; + + if (is_hyp_ctxt(vcpu)) { + hcr |= HCR_NV | HCR_NV2 | HCR_AT | HCR_TTLB; + + if (!vcpu_el2_e2h_is_set(vcpu)) + hcr |= HCR_NV1; + + write_sysreg_s(vcpu->arch.ctxt.vncr_array, SYS_VNCR_EL2); + } + + return hcr | (__vcpu_sys_reg(vcpu, HCR_EL2) & ~NV_HCR_GUEST_EXCLUDE); +} + static void __activate_traps(struct kvm_vcpu *vcpu) { u64 val; - ___activate_traps(vcpu); + ___activate_traps(vcpu, __compute_hcr(vcpu)); if (has_cntpoff()) { struct timer_map map;