From patchwork Wed Aug 21 23:35:38 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mark Brown X-Patchwork-Id: 13772239 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id C5993C52D7C for ; Wed, 21 Aug 2024 23:39:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Cc:To:In-Reply-To:References :Message-Id:Content-Transfer-Encoding:Content-Type:MIME-Version:Subject:Date: From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=8dRdAG1+6dIFUJaXE8+vLQ9EMkLGiw2ERUHU/ffd1HQ=; b=SzLmduBPirR3g75YIACZHrxv68 W3+mmjYnUYOGKSgaBxV2Ce4wb4PQrcSS8c7syTPFQ+CGhK8SX8p2xs+VkUx04TGtxfPejrk88EHyM /fLHCUqrGZTvQfR6W/57ka/BE4MeVVB8PwkXrETNGWcp8gNBh5QMGeB8rECbjQDYTGDjTLxnpWhhx +k+e3ds/Z35s2ajbCA66lUyw4v6brD8v6OnVmW8EcysB3LGbKBb0DhpKHkvNy4fslPKDmeQs5/lMx UJ6as+LLcN/R+mPqx7yfeqsDgbMMFZpiMAiTuvBLKQGbVXnEPO19rrJqxvMqOx/vZkjBYRPLu9Xx9 pe52wgvw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1sguv2-0000000Agal-3pw3; Wed, 21 Aug 2024 23:39:12 +0000 Received: from nyc.source.kernel.org ([147.75.193.91]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1sgusR-0000000Ag4O-1uvt for linux-arm-kernel@lists.infradead.org; Wed, 21 Aug 2024 23:36:33 +0000 Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by nyc.source.kernel.org (Postfix) with ESMTP id D4713A40E49; Wed, 21 Aug 2024 23:36:23 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 97C51C4AF0E; Wed, 21 Aug 2024 23:36:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1724283390; bh=hrfESbx6SkEicUVkwX2/zXlc1PgEJHcuOvyuBXTbqns=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=RtsAA30Fb5hUcmkl6vaRLL6JfpTZ4oxBv9ZRSOXd9Q/22dLSbo+Ng42w9u7KlSPgK m/2ECNCrgqn11FtjuCQp/vKjU9HoldjRkPIDPMUciS49LPfTCgHR3uDeGheakfSUy2 ql6CJA1eLFb383PkuPItxH/mVQs0VkWVb96fPN01ivSXyijmBdJZPWzpz1m/dJJMYI CnkKBGa0YLiBkRscVYruuZtxSmX/nhqFD5n5LRo/hAS0zLmJGp9kE1nReX3MigRnTo EfpXISzVHJ0TrjgHtnWBkK9SHUkUiFYNmETAxjW+1vkVsS3Ea1R5Sp+JEYM9oSPlA5 vuyK1M4BGWWpA== From: Mark Brown Date: Thu, 22 Aug 2024 00:35:38 +0100 Subject: [PATCH v2 3/3] KVM: arm64: Hide S1PIE registers from userspace when disabled for guests MIME-Version: 1.0 Message-Id: <20240822-kvm-arm64-hide-pie-regs-v2-3-376624fa829c@kernel.org> References: <20240822-kvm-arm64-hide-pie-regs-v2-0-376624fa829c@kernel.org> In-Reply-To: <20240822-kvm-arm64-hide-pie-regs-v2-0-376624fa829c@kernel.org> To: Marc Zyngier , Oliver Upton , James Morse , Suzuki K Poulose , Catalin Marinas , Will Deacon , Joey Gouly Cc: linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, Mark Brown , 20240813144738.2048302-1-maz@kernel.org X-Mailer: b4 0.15-dev-37811 X-Developer-Signature: v=1; a=openpgp-sha256; l=3441; i=broonie@kernel.org; h=from:subject:message-id; bh=hrfESbx6SkEicUVkwX2/zXlc1PgEJHcuOvyuBXTbqns=; b=owEBbQGS/pANAwAKASTWi3JdVIfQAcsmYgBmxnnr4SLnC2qdqcIFy0dcExaXyAtGP2eCtQUx0+0V EfdofO+JATMEAAEKAB0WIQSt5miqZ1cYtZ/in+ok1otyXVSH0AUCZsZ56wAKCRAk1otyXVSH0BQhB/ wJ4EWrWwY5XI4ekGdtftXyjg/WcA3FSzbzlQUBnH4HUM4e6SBk1DSnj8dqLGUKlfkVsDlPmcHbb7pq FpE2qX52OUS2mNpxh/iDws1fykHpQPKhnrdS4tT1R3JVWuFvGkoWb8G/4hILabNUqHtHDZlg0z8He7 qHHBxNg6NpPxX+UXpnLmNm+l1NfO10dYyMWfugIWqlRfS3kYRz1B0Oq/3LaG/nr2YhUj7BiSU3ag7g JUtg8XXdJhyphrZ84pedIgNFkvKGBz2Dx5e9xVEXwGQJeh4XqeP4P1oYRObsWm4yiqMD6mf5zDb8TY Pmsc5xr/9b+X/oT3azrQU9ueGzH3jF X-Developer-Key: i=broonie@kernel.org; a=openpgp; fpr=3F2568AAC26998F9E813A1C5C3F436CA30F5D8EB X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240821_163631_659956_E5772504 X-CRM114-Status: GOOD ( 16.49 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org When the guest does not support S1PIE we should not allow any access to the system registers it adds in order to ensure that we do not create spurious issues with guest migration. Add a visibility operation for these registers. Fixes: 86f9de9db178 ("KVM: arm64: Save/restore PIE registers") Signed-off-by: Mark Brown --- arch/arm64/include/asm/kvm_host.h | 3 +++ arch/arm64/kvm/sys_regs.c | 35 ++++++++++++++++++++++++++++++----- 2 files changed, 33 insertions(+), 5 deletions(-) diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h index 7889e5f4009f..fd161d41df52 100644 --- a/arch/arm64/include/asm/kvm_host.h +++ b/arch/arm64/include/asm/kvm_host.h @@ -1479,4 +1479,7 @@ void kvm_set_vm_id_reg(struct kvm *kvm, u32 reg, u64 val); #define kvm_has_tcr2(k) \ (kvm_has_feat((k), ID_AA64MMFR3_EL1, TCRX, IMP)) +#define kvm_has_s1pie(k) \ + (kvm_has_feat((k), ID_AA64MMFR3_EL1, S1PIE, IMP)) + #endif /* __ARM64_KVM_HOST_H__ */ diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c index 6d5f43781042..3824f6d13bf6 100644 --- a/arch/arm64/kvm/sys_regs.c +++ b/arch/arm64/kvm/sys_regs.c @@ -2340,6 +2340,27 @@ static unsigned int tcr2_el2_visibility(const struct kvm_vcpu *vcpu, return tcr2_visibility(vcpu, rd); } +static unsigned int s1pie_visibility(const struct kvm_vcpu *vcpu, + const struct sys_reg_desc *rd) +{ + if (kvm_has_s1pie(vcpu->kvm)) + return 0; + + return REG_HIDDEN; +} + +static unsigned int s1pie_el2_visibility(const struct kvm_vcpu *vcpu, + const struct sys_reg_desc *rd) +{ + unsigned int r; + + r = el2_visibility(vcpu, rd); + if (r) + return r; + + return s1pie_visibility(vcpu, rd); +} + /* * Architected system registers. * Important: Must be sorted ascending by Op0, Op1, CRn, CRm, Op2 @@ -2577,8 +2598,10 @@ static const struct sys_reg_desc sys_reg_descs[] = { { SYS_DESC(SYS_PMMIR_EL1), trap_raz_wi }, { SYS_DESC(SYS_MAIR_EL1), access_vm_reg, reset_unknown, MAIR_EL1 }, - { SYS_DESC(SYS_PIRE0_EL1), NULL, reset_unknown, PIRE0_EL1 }, - { SYS_DESC(SYS_PIR_EL1), NULL, reset_unknown, PIR_EL1 }, + { SYS_DESC(SYS_PIRE0_EL1), NULL, reset_unknown, PIRE0_EL1, + .visibility = s1pie_visibility }, + { SYS_DESC(SYS_PIR_EL1), NULL, reset_unknown, PIR_EL1, + .visibility = s1pie_visibility }, { SYS_DESC(SYS_AMAIR_EL1), access_vm_reg, reset_amair_el1, AMAIR_EL1 }, { SYS_DESC(SYS_LORSA_EL1), trap_loregion }, @@ -2875,8 +2898,10 @@ static const struct sys_reg_desc sys_reg_descs[] = { EL2_REG(HPFAR_EL2, access_rw, reset_val, 0), EL2_REG(MAIR_EL2, access_rw, reset_val, 0), - EL2_REG(PIRE0_EL2, check_s1pie_access_rw, reset_val, 0), - EL2_REG(PIR_EL2, check_s1pie_access_rw, reset_val, 0), + EL2_REG_FILTERED(PIRE0_EL2, check_s1pie_access_rw, reset_val, 0, + s1pie_el2_visibility), + EL2_REG_FILTERED(PIR_EL2, check_s1pie_access_rw, reset_val, 0, + s1pie_el2_visibility), EL2_REG(AMAIR_EL2, access_rw, reset_val, 0), EL2_REG(VBAR_EL2, access_rw, reset_val, 0), @@ -4691,7 +4716,7 @@ void kvm_calculate_traps(struct kvm_vcpu *vcpu) HFGITR_EL2_TLBIRVAAE1OS | HFGITR_EL2_TLBIRVAE1OS); - if (!kvm_has_feat(kvm, ID_AA64MMFR3_EL1, S1PIE, IMP)) + if (!kvm_has_s1pie(kvm)) kvm->arch.fgu[HFGxTR_GROUP] |= (HFGxTR_EL2_nPIRE0_EL1 | HFGxTR_EL2_nPIR_EL1);