| Message ID | 20241212155610.76522-35-steven.price@arm.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | arm64: Support for Arm CCA in KVM | expand |
On 12/13/24 1:55 AM, Steven Price wrote: > From: Jean-Philippe Brucker <jean-philippe@linaro.org> > > The RMM describes the maximum number of BPs/WPs available to the guest > in the Feature Register 0. Propagate those numbers into ID_AA64DFR0_EL1, > which is visible to userspace. A VMM needs this information in order to > set up realm parameters. > > Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org> > Signed-off-by: Steven Price <steven.price@arm.com> > --- > arch/arm64/include/asm/kvm_rme.h | 2 ++ > arch/arm64/kvm/rme.c | 22 ++++++++++++++++++++++ > arch/arm64/kvm/sys_regs.c | 2 +- > 3 files changed, 25 insertions(+), 1 deletion(-) > > diff --git a/arch/arm64/include/asm/kvm_rme.h b/arch/arm64/include/asm/kvm_rme.h > index 0d89ab1645c1..f8e37907e2d5 100644 > --- a/arch/arm64/include/asm/kvm_rme.h > +++ b/arch/arm64/include/asm/kvm_rme.h > @@ -85,6 +85,8 @@ void kvm_init_rme(void); > u32 kvm_realm_ipa_limit(void); > u32 kvm_realm_vgic_nr_lr(void); > > +u64 kvm_realm_reset_id_aa64dfr0_el1(const struct kvm_vcpu *vcpu, u64 val); > + > bool kvm_rme_supports_sve(void); > > int kvm_realm_enable_cap(struct kvm *kvm, struct kvm_enable_cap *cap); > diff --git a/arch/arm64/kvm/rme.c b/arch/arm64/kvm/rme.c > index e562e77c1f94..d21042d5ec9a 100644 > --- a/arch/arm64/kvm/rme.c > +++ b/arch/arm64/kvm/rme.c > @@ -63,6 +63,28 @@ u32 kvm_realm_vgic_nr_lr(void) > return u64_get_bits(rmm_feat_reg0, RMI_FEATURE_REGISTER_0_GICV3_NUM_LRS); > } > > +u64 kvm_realm_reset_id_aa64dfr0_el1(const struct kvm_vcpu *vcpu, u64 val) > +{ > + u32 bps = u64_get_bits(rmm_feat_reg0, RMI_FEATURE_REGISTER_0_NUM_BPS); > + u32 wps = u64_get_bits(rmm_feat_reg0, RMI_FEATURE_REGISTER_0_NUM_WPS); > + u32 ctx_cmps; > + > + if (!kvm_is_realm(vcpu->kvm)) > + return val; > + > + /* Ensure CTX_CMPs is still valid */ > + ctx_cmps = FIELD_GET(ID_AA64DFR0_EL1_CTX_CMPs, val); > + ctx_cmps = min(bps, ctx_cmps); > + > + val &= ~(ID_AA64DFR0_EL1_BRPs_MASK | ID_AA64DFR0_EL1_WRPs_MASK | > + ID_AA64DFR0_EL1_CTX_CMPs); > + val |= FIELD_PREP(ID_AA64DFR0_EL1_BRPs_MASK, bps) | > + FIELD_PREP(ID_AA64DFR0_EL1_WRPs_MASK, wps) | > + FIELD_PREP(ID_AA64DFR0_EL1_CTX_CMPs, ctx_cmps); > + > + return val; > +} > + The the filed ID_AA64DFR0_EL1_WRPs_MASK of the system register ID_AA64DFR0_EL1 is writtable, as declared in sys_reg.c. We need to consolidate the field when the system register is written. ID_FILTERED(ID_AA64DFR0_EL1, id_aa64dfr0_el1, ID_AA64DFR0_EL1_DoubleLock_MASK | ID_AA64DFR0_EL1_WRPs_MASK | ID_AA64DFR0_EL1_PMUVer_MASK | ID_AA64DFR0_EL1_DebugVer_MASK), > static int get_start_level(struct realm *realm) > { > return 4 - stage2_pgtable_levels(realm->ia_bits); > diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c > index a4713609e230..55cde43b36b9 100644 > --- a/arch/arm64/kvm/sys_regs.c > +++ b/arch/arm64/kvm/sys_regs.c > @@ -1806,7 +1806,7 @@ static u64 sanitise_id_aa64dfr0_el1(const struct kvm_vcpu *vcpu, u64 val) > /* Hide SPE from guests */ > val &= ~ID_AA64DFR0_EL1_PMSVer_MASK; > > - return val; > + return kvm_realm_reset_id_aa64dfr0_el1(vcpu, val); > } > > static int set_id_aa64dfr0_el1(struct kvm_vcpu *vcpu, Thanks, Gavin
On 2/3/25 9:15 AM, Gavin Shan wrote: > On 12/13/24 1:55 AM, Steven Price wrote: >> From: Jean-Philippe Brucker <jean-philippe@linaro.org> >> >> The RMM describes the maximum number of BPs/WPs available to the guest >> in the Feature Register 0. Propagate those numbers into ID_AA64DFR0_EL1, >> which is visible to userspace. A VMM needs this information in order to >> set up realm parameters. >> >> Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org> >> Signed-off-by: Steven Price <steven.price@arm.com> >> --- >> arch/arm64/include/asm/kvm_rme.h | 2 ++ >> arch/arm64/kvm/rme.c | 22 ++++++++++++++++++++++ >> arch/arm64/kvm/sys_regs.c | 2 +- >> 3 files changed, 25 insertions(+), 1 deletion(-) >> >> diff --git a/arch/arm64/include/asm/kvm_rme.h b/arch/arm64/include/asm/kvm_rme.h >> index 0d89ab1645c1..f8e37907e2d5 100644 >> --- a/arch/arm64/include/asm/kvm_rme.h >> +++ b/arch/arm64/include/asm/kvm_rme.h >> @@ -85,6 +85,8 @@ void kvm_init_rme(void); >> u32 kvm_realm_ipa_limit(void); >> u32 kvm_realm_vgic_nr_lr(void); >> +u64 kvm_realm_reset_id_aa64dfr0_el1(const struct kvm_vcpu *vcpu, u64 val); >> + >> bool kvm_rme_supports_sve(void); >> int kvm_realm_enable_cap(struct kvm *kvm, struct kvm_enable_cap *cap); >> diff --git a/arch/arm64/kvm/rme.c b/arch/arm64/kvm/rme.c >> index e562e77c1f94..d21042d5ec9a 100644 >> --- a/arch/arm64/kvm/rme.c >> +++ b/arch/arm64/kvm/rme.c >> @@ -63,6 +63,28 @@ u32 kvm_realm_vgic_nr_lr(void) >> return u64_get_bits(rmm_feat_reg0, RMI_FEATURE_REGISTER_0_GICV3_NUM_LRS); >> } >> +u64 kvm_realm_reset_id_aa64dfr0_el1(const struct kvm_vcpu *vcpu, u64 val) >> +{ >> + u32 bps = u64_get_bits(rmm_feat_reg0, RMI_FEATURE_REGISTER_0_NUM_BPS); >> + u32 wps = u64_get_bits(rmm_feat_reg0, RMI_FEATURE_REGISTER_0_NUM_WPS); >> + u32 ctx_cmps; >> + >> + if (!kvm_is_realm(vcpu->kvm)) >> + return val; >> + >> + /* Ensure CTX_CMPs is still valid */ >> + ctx_cmps = FIELD_GET(ID_AA64DFR0_EL1_CTX_CMPs, val); >> + ctx_cmps = min(bps, ctx_cmps); >> + >> + val &= ~(ID_AA64DFR0_EL1_BRPs_MASK | ID_AA64DFR0_EL1_WRPs_MASK | >> + ID_AA64DFR0_EL1_CTX_CMPs); >> + val |= FIELD_PREP(ID_AA64DFR0_EL1_BRPs_MASK, bps) | >> + FIELD_PREP(ID_AA64DFR0_EL1_WRPs_MASK, wps) | >> + FIELD_PREP(ID_AA64DFR0_EL1_CTX_CMPs, ctx_cmps); >> + >> + return val; >> +} >> + > > The the filed ID_AA64DFR0_EL1_WRPs_MASK of the system register ID_AA64DFR0_EL1 is > writtable, as declared in sys_reg.c. We need to consolidate the field when the > system register is written. > > ID_FILTERED(ID_AA64DFR0_EL1, id_aa64dfr0_el1, > ID_AA64DFR0_EL1_DoubleLock_MASK | > ID_AA64DFR0_EL1_WRPs_MASK | > ID_AA64DFR0_EL1_PMUVer_MASK | > ID_AA64DFR0_EL1_DebugVer_MASK), > Please ignore this comment. The consolidation when the system register is written has been covered by PATCH[35/43]. >> static int get_start_level(struct realm *realm) >> { >> return 4 - stage2_pgtable_levels(realm->ia_bits); >> diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c >> index a4713609e230..55cde43b36b9 100644 >> --- a/arch/arm64/kvm/sys_regs.c >> +++ b/arch/arm64/kvm/sys_regs.c >> @@ -1806,7 +1806,7 @@ static u64 sanitise_id_aa64dfr0_el1(const struct kvm_vcpu *vcpu, u64 val) >> /* Hide SPE from guests */ >> val &= ~ID_AA64DFR0_EL1_PMSVer_MASK; >> - return val; >> + return kvm_realm_reset_id_aa64dfr0_el1(vcpu, val); >> } >> static int set_id_aa64dfr0_el1(struct kvm_vcpu *vcpu, Thanks, Gavin
diff --git a/arch/arm64/include/asm/kvm_rme.h b/arch/arm64/include/asm/kvm_rme.h index 0d89ab1645c1..f8e37907e2d5 100644 --- a/arch/arm64/include/asm/kvm_rme.h +++ b/arch/arm64/include/asm/kvm_rme.h @@ -85,6 +85,8 @@ void kvm_init_rme(void); u32 kvm_realm_ipa_limit(void); u32 kvm_realm_vgic_nr_lr(void); +u64 kvm_realm_reset_id_aa64dfr0_el1(const struct kvm_vcpu *vcpu, u64 val); + bool kvm_rme_supports_sve(void); int kvm_realm_enable_cap(struct kvm *kvm, struct kvm_enable_cap *cap); diff --git a/arch/arm64/kvm/rme.c b/arch/arm64/kvm/rme.c index e562e77c1f94..d21042d5ec9a 100644 --- a/arch/arm64/kvm/rme.c +++ b/arch/arm64/kvm/rme.c @@ -63,6 +63,28 @@ u32 kvm_realm_vgic_nr_lr(void) return u64_get_bits(rmm_feat_reg0, RMI_FEATURE_REGISTER_0_GICV3_NUM_LRS); } +u64 kvm_realm_reset_id_aa64dfr0_el1(const struct kvm_vcpu *vcpu, u64 val) +{ + u32 bps = u64_get_bits(rmm_feat_reg0, RMI_FEATURE_REGISTER_0_NUM_BPS); + u32 wps = u64_get_bits(rmm_feat_reg0, RMI_FEATURE_REGISTER_0_NUM_WPS); + u32 ctx_cmps; + + if (!kvm_is_realm(vcpu->kvm)) + return val; + + /* Ensure CTX_CMPs is still valid */ + ctx_cmps = FIELD_GET(ID_AA64DFR0_EL1_CTX_CMPs, val); + ctx_cmps = min(bps, ctx_cmps); + + val &= ~(ID_AA64DFR0_EL1_BRPs_MASK | ID_AA64DFR0_EL1_WRPs_MASK | + ID_AA64DFR0_EL1_CTX_CMPs); + val |= FIELD_PREP(ID_AA64DFR0_EL1_BRPs_MASK, bps) | + FIELD_PREP(ID_AA64DFR0_EL1_WRPs_MASK, wps) | + FIELD_PREP(ID_AA64DFR0_EL1_CTX_CMPs, ctx_cmps); + + return val; +} + static int get_start_level(struct realm *realm) { return 4 - stage2_pgtable_levels(realm->ia_bits); diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c index a4713609e230..55cde43b36b9 100644 --- a/arch/arm64/kvm/sys_regs.c +++ b/arch/arm64/kvm/sys_regs.c @@ -1806,7 +1806,7 @@ static u64 sanitise_id_aa64dfr0_el1(const struct kvm_vcpu *vcpu, u64 val) /* Hide SPE from guests */ val &= ~ID_AA64DFR0_EL1_PMSVer_MASK; - return val; + return kvm_realm_reset_id_aa64dfr0_el1(vcpu, val); } static int set_id_aa64dfr0_el1(struct kvm_vcpu *vcpu,