From patchwork Thu Nov 14 10:07:41 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Liju-clr Chen X-Patchwork-Id: 13874917 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 64AA9D65C6C for ; Thu, 14 Nov 2024 10:35:20 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Type:MIME-Version: References:In-Reply-To:Message-ID:Date:Subject:CC:To:From:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=9FJ7JtnvV9b15dJtnISl5o8zU3rCv61vcVYHpSWnMyM=; b=VbtitdmrIOEmMAZAWyFKBKKcHx NRs7esRwIhVfsvh9SP8JeGPT1y6IxbuT9zk7riDHhQopjhE6f1jrlKMLD3yzhxy9nSepHKgOVe1lK sVGUYhErm4PXK0MtDsu5uAHJClyPbR5cMUFiLz+dzM4QLl6dKvpnYub4dg52VRwMrqrCCQUdwXuI7 cYL9WlyMwvywpovT+ZFUKBOngekXzp0nBk+hUuSEKCo8y5eMdzmffmbPGd94RcWZn9lJMto0LPmtX ZB59kAl1ERm/xlwlMKeWDYs8168x9h9rUjWL9x+Z/PUcklj6GVMird8rTS8xaqDEQGiEORFfho47Z suek198w==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tBXC3-00000009YqB-141F; Thu, 14 Nov 2024 10:35:19 +0000 Received: from mailgw01.mediatek.com ([216.200.240.184]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tBWls-00000009T9T-3YD3; Thu, 14 Nov 2024 10:08:27 +0000 X-UUID: 57c063c6a27011ef82ff63e91e7eb18c-20241114 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=mediatek.com; s=dk; h=Content-Type:MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:CC:To:From; bh=9FJ7JtnvV9b15dJtnISl5o8zU3rCv61vcVYHpSWnMyM=; b=qEQEKRuFdxcrIPhJ8Mzg3oJMCAG2MapKvo2Uo40qQ3EJLzqsnK+1NvWM/rRpXGtDThvbD2ogKmbcXe2KnuxTAyAGNF1Lh7wbKEZ+o+xoPQNBZKZwNZlm7t6krxT8SDf9KAyJwixAw/yrSfDBczjP5ysKOL+OG2YlInF83UAquF0=; X-CID-P-RULE: Release_Ham X-CID-O-INFO: VERSION:1.1.42,REQID:b474b742-c8c5-40a9-98a6-219921d79e8b,IP:0,U RL:0,TC:0,Content:-25,EDM:0,RT:0,SF:0,FILE:0,BULK:0,RULE:Release_Ham,ACTIO N:release,TS:-25 X-CID-META: VersionHash:b0fcdc3,CLOUDID:f85e0c4f-a2ae-4b53-acd4-c3dc8f449198,B ulkID:nil,BulkQuantity:0,Recheck:0,SF:81|82|102,TC:nil,Content:0,EDM:-3,IP :nil,URL:11|1,File:nil,RT:nil,Bulk:nil,QS:nil,BEC:nil,COL:0,OSI:0,OSA:0,AV :0,LES:1,SPR:NO,DKR:0,DKP:0,BRR:0,BRE:0,ARC:0 X-CID-BVR: 0 X-CID-BAS: 0,_,0,_ X-CID-FACTOR: TF_CID_SPAM_SNR,TF_CID_SPAM_ULN X-UUID: 57c063c6a27011ef82ff63e91e7eb18c-20241114 Received: from mtkmbs11n2.mediatek.inc [(172.21.101.187)] by mailgw01.mediatek.com (envelope-from ) (musrelay.mediatek.com ESMTP with TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 256/256) with ESMTP id 1056971223; Thu, 14 Nov 2024 03:08:06 -0700 Received: from mtkmbs13n1.mediatek.inc (172.21.101.193) by mtkmbs10n1.mediatek.inc (172.21.101.34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.26; Thu, 14 Nov 2024 18:08:03 +0800 Received: from mtksdccf07.mediatek.inc (172.21.84.99) by mtkmbs13n1.mediatek.inc (172.21.101.73) with Microsoft SMTP Server id 15.2.1118.26 via Frontend Transport; Thu, 14 Nov 2024 18:08:03 +0800 From: Liju-clr Chen To: Rob Herring , Krzysztof Kozlowski , Conor Dooley , Jonathan Corbet , "Catalin Marinas" , Will Deacon , "Steven Rostedt" , Masami Hiramatsu , Mathieu Desnoyers , Richard Cochran , Matthias Brugger , AngeloGioacchino Del Regno , Liju-clr Chen , Yingshiuan Pan , Ze-yu Wang CC: , , , , , , , Shawn Hsiao , PeiLun Suei , Chi-shen Yeh , Kevenny Hsieh Subject: [PATCH v13 04/25] virt: geniezone: Add GenieZone hypervisor driver Date: Thu, 14 Nov 2024 18:07:41 +0800 Message-ID: <20241114100802.4116-5-liju-clr.chen@mediatek.com> X-Mailer: git-send-email 2.18.0 In-Reply-To: <20241114100802.4116-1-liju-clr.chen@mediatek.com> References: <20241114100802.4116-1-liju-clr.chen@mediatek.com> MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-14.0.0.3152-9.1.1006-23728.005 X-TM-AS-Result: No-10--14.710900-8.000000 X-TMASE-MatchedRID: 7lb+J3RorLbPwZWTvltloQI0yP/uoH+DUAjrAJWsTe9mU223IIioZfb9 MQK6DQClvfKrrb4bmIqy7ec+ITUwM2eIEG00SdU9drnuu4cCcfF/aDoolm3GXWJkJOQVCIpwMKw CZ7huGiG36SL29gBZ5pCCPgbCpGAQEx7gYK5Baw8mZusHWPhfCgXBq8VnFhCkGoH7Aor25l4faH aH7SYxz5w9wMcKngv65JZWpbmrOY42fA1oT3w9vBes/RxhysDbO69hrW/YgWHRziMbBeTI+f6rI PjisOwVLnrst5PEBItY/xqzfORJ/3+cOjB/YDBsE0Q83A2vD+sikU4xQFgb7nwqSr02aA0dg7M3 17/33cGmuE8sHNH+0fooE3M+qP72Nb4r89y+oGvRfDQgu+j+5SlayzmQ9QV0Fp7kniXxovOJW14 oA532uJW8QZiQ0LetCAtqzqtapouzMsBjmgeEEBIRh9wkXSlF+q1Y+/eEArbczkKO5k4APq0Rom hWPJaQe8WHAlOjF6AQCEi5k+nQxB8TzIzimOwPC24oEZ6SpSk6XEE7Yhw4Fi2BBbyYEj+Q5vYtb tlkT/6Wv3BspGBaJ/lZLP6l7wtQSZ5q7ZSBIyM= X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--14.710900-8.000000 X-TMASE-Version: SMEX-14.0.0.3152-9.1.1006-23728.005 X-TM-SNTS-SMTP: 29EDF289D22924B512A59001A52A272A3404E3BD152226C4C9ADBD9EA32D74C92000:8 X-MTK: N X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241114_020817_167396_307DA60C X-CRM114-Status: GOOD ( 25.69 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org From: Yingshiuan Pan GenieZone hypervisor(gzvm) is a type-I hypervisor that supports various virtual machine types and provides security features such as TEE-like scenarios and secure boot. It can create guest VMs for security use cases and has virtualization capabilities for both platform and interrupt. Although the hypervisor can be booted independently, it requires the assistance of GenieZone hypervisor kernel driver(gzvm-ko) to leverage the ability of Linux kernel for vCPU scheduling, memory management, inter-VM communication and virtio backend support. Add the basic hypervisor driver. Subsequent patches will add more supported features to this driver. Signed-off-by: Yingshiuan Pan Co-developed-by: Jerry Wang Signed-off-by: Jerry Wang Signed-off-by: Yi-De Wu Signed-off-by: Liju Chen --- MAINTAINERS | 3 + arch/arm64/Kbuild | 1 + arch/arm64/geniezone/Makefile | 9 ++ arch/arm64/geniezone/gzvm_arch_common.h | 44 +++++++++ arch/arm64/geniezone/vm.c | 72 +++++++++++++++ drivers/virt/Kconfig | 2 + drivers/virt/geniezone/Kconfig | 16 ++++ drivers/virt/geniezone/Makefile | 9 ++ drivers/virt/geniezone/gzvm_main.c | 117 ++++++++++++++++++++++++ include/linux/soc/mediatek/gzvm_drv.h | 41 +++++++++ 10 files changed, 314 insertions(+) create mode 100644 arch/arm64/geniezone/Makefile create mode 100644 arch/arm64/geniezone/gzvm_arch_common.h create mode 100644 arch/arm64/geniezone/vm.c create mode 100644 drivers/virt/geniezone/Kconfig create mode 100644 drivers/virt/geniezone/Makefile create mode 100644 drivers/virt/geniezone/gzvm_main.c create mode 100644 include/linux/soc/mediatek/gzvm_drv.h diff --git a/MAINTAINERS b/MAINTAINERS index 291f46017f3f..708c13103ec5 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -9677,6 +9677,9 @@ M: Ze-Yu Wang M: Liju Chen F: Documentation/devicetree/bindings/firmware/mediatek,geniezone.yaml F: Documentation/virt/geniezone/ +F: arch/arm64/geniezone/ +F: drivers/virt/geniezone/ +F: include/linux/soc/mediatek/gzvm_drv.h GENWQE (IBM Generic Workqueue Card) M: Frank Haverkamp diff --git a/arch/arm64/Kbuild b/arch/arm64/Kbuild index 5bfbf7d79c99..0c3cca572919 100644 --- a/arch/arm64/Kbuild +++ b/arch/arm64/Kbuild @@ -4,6 +4,7 @@ obj-$(CONFIG_KVM) += kvm/ obj-$(CONFIG_XEN) += xen/ obj-$(subst m,y,$(CONFIG_HYPERV)) += hyperv/ obj-$(CONFIG_CRYPTO) += crypto/ +obj-$(CONFIG_MTK_GZVM) += geniezone/ # for cleaning subdir- += boot diff --git a/arch/arm64/geniezone/Makefile b/arch/arm64/geniezone/Makefile new file mode 100644 index 000000000000..2957898cdd05 --- /dev/null +++ b/arch/arm64/geniezone/Makefile @@ -0,0 +1,9 @@ +# SPDX-License-Identifier: GPL-2.0-only +# +# Main Makefile for gzvm, this one includes drivers/virt/geniezone/Makefile +# +include $(srctree)/drivers/virt/geniezone/Makefile + +gzvm-y += vm.o + +obj-$(CONFIG_MTK_GZVM) += gzvm.o diff --git a/arch/arm64/geniezone/gzvm_arch_common.h b/arch/arm64/geniezone/gzvm_arch_common.h new file mode 100644 index 000000000000..660c7cf3fc18 --- /dev/null +++ b/arch/arm64/geniezone/gzvm_arch_common.h @@ -0,0 +1,44 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * Copyright (c) 2023 MediaTek Inc. + */ + +#ifndef __GZVM_ARCH_COMMON_H__ +#define __GZVM_ARCH_COMMON_H__ + +#include + +enum { + GZVM_FUNC_PROBE = 12, + NR_GZVM_FUNC, +}; + +#define SMC_ENTITY_MTK 59 +#define GZVM_FUNCID_START (0x1000) +#define GZVM_HCALL_ID(func) \ + ARM_SMCCC_CALL_VAL(ARM_SMCCC_FAST_CALL, ARM_SMCCC_SMC_64, \ + SMC_ENTITY_MTK, (GZVM_FUNCID_START + (func))) + +#define MT_HVC_GZVM_PROBE GZVM_HCALL_ID(GZVM_FUNC_PROBE) + +/** + * gzvm_hypcall_wrapper() - the wrapper for hvc calls + * @a0: argument passed in registers 0 + * @a1: argument passed in registers 1 + * @a2: argument passed in registers 2 + * @a3: argument passed in registers 3 + * @a4: argument passed in registers 4 + * @a5: argument passed in registers 5 + * @a6: argument passed in registers 6 + * @a7: argument passed in registers 7 + * @res: result values from registers 0 to 3 + * + * Return: The wrapper helps caller to convert geniezone errno to Linux errno. + */ +int gzvm_hypcall_wrapper(unsigned long a0, unsigned long a1, + unsigned long a2, unsigned long a3, + unsigned long a4, unsigned long a5, + unsigned long a6, unsigned long a7, + struct arm_smccc_res *res); + +#endif /* __GZVM_ARCH_COMMON_H__ */ diff --git a/arch/arm64/geniezone/vm.c b/arch/arm64/geniezone/vm.c new file mode 100644 index 000000000000..daad21b28f6f --- /dev/null +++ b/arch/arm64/geniezone/vm.c @@ -0,0 +1,72 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Copyright (c) 2023 MediaTek Inc. + */ + +#include +#include +#include + +#include +#include "gzvm_arch_common.h" + +/** + * gzvm_hypcall_wrapper() - the wrapper for hvc calls + * @a0: arguments passed in registers 0 + * @a1: arguments passed in registers 1 + * @a2: arguments passed in registers 2 + * @a3: arguments passed in registers 3 + * @a4: arguments passed in registers 4 + * @a5: arguments passed in registers 5 + * @a6: arguments passed in registers 6 + * @a7: arguments passed in registers 7 + * @res: result values from registers 0 to 3 + * + * Return: The wrapper helps caller to convert geniezone errno to Linux errno. + */ +int gzvm_hypcall_wrapper(unsigned long a0, unsigned long a1, + unsigned long a2, unsigned long a3, + unsigned long a4, unsigned long a5, + unsigned long a6, unsigned long a7, + struct arm_smccc_res *res) +{ + struct arm_smccc_1_2_regs res_1_2; + struct arm_smccc_1_2_regs args = { + .a0 = a0, + .a1 = a1, + .a2 = a2, + .a3 = a3, + .a4 = a4, + .a5 = a5, + .a6 = a6, + .a7 = a7, + }; + arm_smccc_1_2_hvc(&args, &res_1_2); + res->a0 = res_1_2.a0; + res->a1 = res_1_2.a1; + res->a2 = res_1_2.a2; + res->a3 = res_1_2.a3; + + return gzvm_err_to_errno(res->a0); +} + +int gzvm_arch_probe(struct gzvm_version drv_version, + struct gzvm_version *hyp_version) +{ + struct arm_smccc_res res; + int ret; + + ret = gzvm_hypcall_wrapper(MT_HVC_GZVM_PROBE, + drv_version.major, + drv_version.minor, + drv_version.sub, + 0, 0, 0, 0, &res); + if (ret) + return -ENXIO; + + hyp_version->major = (u32)res.a1; + hyp_version->minor = (u32)res.a2; + hyp_version->sub = res.a3; + + return 0; +} diff --git a/drivers/virt/Kconfig b/drivers/virt/Kconfig index d8c848cf09a6..848eb97202d1 100644 --- a/drivers/virt/Kconfig +++ b/drivers/virt/Kconfig @@ -49,4 +49,6 @@ source "drivers/virt/acrn/Kconfig" source "drivers/virt/coco/Kconfig" +source "drivers/virt/geniezone/Kconfig" + endif diff --git a/drivers/virt/geniezone/Kconfig b/drivers/virt/geniezone/Kconfig new file mode 100644 index 000000000000..b17c06c91074 --- /dev/null +++ b/drivers/virt/geniezone/Kconfig @@ -0,0 +1,16 @@ +# SPDX-License-Identifier: GPL-2.0-only + +config MTK_GZVM + tristate "GenieZone Hypervisor driver for guest VM operation" + depends on ARM64 && EVENTFD + help + This driver, gzvm, enables to run guest VMs on MTK GenieZone + hypervisor. It exports kvm-like interfaces for VMM (e.g., crosvm) in + order to operate guest VMs on GenieZone hypervisor. + + GenieZone hypervisor now only supports MediaTek SoC and arm64 + architecture. + + Select M if you want it be built as a module (gzvm.ko). + + If unsure, say N. diff --git a/drivers/virt/geniezone/Makefile b/drivers/virt/geniezone/Makefile new file mode 100644 index 000000000000..3a82e5fddf90 --- /dev/null +++ b/drivers/virt/geniezone/Makefile @@ -0,0 +1,9 @@ +# SPDX-License-Identifier: GPL-2.0-only +# +# Makefile for GenieZone driver, this file should be include in arch's +# to avoid two ko being generated. +# + +GZVM_DIR ?= ../../../drivers/virt/geniezone + +gzvm-y := $(GZVM_DIR)/gzvm_main.o diff --git a/drivers/virt/geniezone/gzvm_main.c b/drivers/virt/geniezone/gzvm_main.c new file mode 100644 index 000000000000..dc91fd61ba75 --- /dev/null +++ b/drivers/virt/geniezone/gzvm_main.c @@ -0,0 +1,117 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Copyright (c) 2023 MediaTek Inc. + */ + +#include +#include +#include +#include +#include +#include +#include + +static struct gzvm_driver gzvm_drv = { + .drv_version = { + .major = GZVM_DRV_MAJOR_VERSION, + .minor = GZVM_DRV_MINOR_VERSION, + .sub = 0, + }, +}; + +/** + * gzvm_err_to_errno() - Convert geniezone return value to standard errno + * + * @err: Return value from geniezone function return + * + * Return: Standard errno + */ +int gzvm_err_to_errno(unsigned long err) +{ + int gz_err = (int)err; + + switch (gz_err) { + case 0: + return 0; + case ERR_NO_MEMORY: + return -ENOMEM; + case ERR_NOT_SUPPORTED: + fallthrough; + case ERR_NOT_IMPLEMENTED: + return -EOPNOTSUPP; + case ERR_FAULT: + return -EFAULT; + default: + break; + } + + return -EINVAL; +} + +static int gzvm_dev_open(struct inode *inode, struct file *file) +{ + /* + * Reference count to prevent this module is unload without destroying + * VM + */ + try_module_get(THIS_MODULE); + return 0; +} + +static int gzvm_dev_release(struct inode *inode, struct file *file) +{ + module_put(THIS_MODULE); + return 0; +} + +static const struct file_operations gzvm_chardev_ops = { + .llseek = noop_llseek, + .open = gzvm_dev_open, + .release = gzvm_dev_release, +}; + +static struct miscdevice gzvm_dev = { + .minor = MISC_DYNAMIC_MINOR, + .name = KBUILD_MODNAME, + .fops = &gzvm_chardev_ops, +}; + +static int gzvm_drv_probe(struct platform_device *pdev) +{ + if (gzvm_arch_probe(gzvm_drv.drv_version, &gzvm_drv.hyp_version) != 0) { + dev_err(&pdev->dev, "Not found available conduit\n"); + return -ENODEV; + } + + pr_debug("Found GenieZone hypervisor version %u.%u.%llu\n", + gzvm_drv.hyp_version.major, gzvm_drv.hyp_version.minor, + gzvm_drv.hyp_version.sub); + + return misc_register(&gzvm_dev); +} + +static void gzvm_drv_remove(struct platform_device *pdev) +{ + misc_deregister(&gzvm_dev); +} + +static const struct of_device_id gzvm_of_match[] = { + { .compatible = "mediatek,geniezone" }, + {/* sentinel */}, +}; + +static struct platform_driver gzvm_driver = { + .probe = gzvm_drv_probe, + .remove = gzvm_drv_remove, + .driver = { + .name = KBUILD_MODNAME, + .of_match_table = gzvm_of_match, + }, +}; + +module_platform_driver(gzvm_driver); + +MODULE_DEVICE_TABLE(of, gzvm_of_match); +MODULE_AUTHOR("MediaTek"); +MODULE_DESCRIPTION("GenieZone interface for VMM"); +MODULE_LICENSE("GPL"); diff --git a/include/linux/soc/mediatek/gzvm_drv.h b/include/linux/soc/mediatek/gzvm_drv.h new file mode 100644 index 000000000000..495bf5b8b8e0 --- /dev/null +++ b/include/linux/soc/mediatek/gzvm_drv.h @@ -0,0 +1,41 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * Copyright (c) 2023 MediaTek Inc. + */ + +#ifndef __GZVM_DRV_H__ +#define __GZVM_DRV_H__ + +/* GZVM version encode */ +#define GZVM_DRV_MAJOR_VERSION 16 +#define GZVM_DRV_MINOR_VERSION 0 + +struct gzvm_version { + u32 major; + u32 minor; + u64 sub; /* currently, used by hypervisor */ +}; + +struct gzvm_driver { + struct gzvm_version hyp_version; + struct gzvm_version drv_version; +}; + +/* + * These are the definitions of APIs between GenieZone hypervisor and driver, + * there's no need to be visible to uapi. Furthermore, we need GenieZone + * specific error code in order to map to Linux errno + */ +#define NO_ERROR (0) +#define ERR_NO_MEMORY (-5) +#define ERR_NOT_SUPPORTED (-24) +#define ERR_NOT_IMPLEMENTED (-27) +#define ERR_FAULT (-40) + +int gzvm_err_to_errno(unsigned long err); + +/* arch-dependant functions */ +int gzvm_arch_probe(struct gzvm_version drv_version, + struct gzvm_version *hyp_version); + +#endif /* __GZVM_DRV_H__ */