From patchwork Sun Jul 16 21:51:09 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mark Brown X-Patchwork-Id: 13314945 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1A0BFEB64DD for ; Sun, 16 Jul 2023 21:54:15 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id AE9068D0002; Sun, 16 Jul 2023 17:54:14 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id A71198D0001; Sun, 16 Jul 2023 17:54:14 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 911AF8D0002; Sun, 16 Jul 2023 17:54:14 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 800268D0001 for ; Sun, 16 Jul 2023 17:54:14 -0400 (EDT) Received: from smtpin19.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id 50FED401BD for ; Sun, 16 Jul 2023 21:54:14 +0000 (UTC) X-FDA: 81018828828.19.0A4A9CD Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by imf21.hostedemail.com (Postfix) with ESMTP id 7C0891C000C for ; Sun, 16 Jul 2023 21:54:12 +0000 (UTC) Authentication-Results: imf21.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=St80ihEN; spf=pass (imf21.hostedemail.com: domain of broonie@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=broonie@kernel.org; dmarc=pass (policy=none) header.from=kernel.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1689544452; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=B999s6g/ipLtJ/XGBQqngHGg0XyqvuBFMFqFXjAGRfk=; b=nFSexuAfYzSf64T9a0WeIVR5Vex7ogsaCO0Uhz5dxOdsLIh9v/NnVjDPYyemfcy7SFLT1A sblLhvnSgxNqG6Ck6IIO2nHmzQfUxuUtSmGwWeErVCIeVgEVDaHeXH6m0EhQxWi4ByAJ+j JWjg7aXsU/jMdYqpKbI6xEi9Hdt14do= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1689544452; a=rsa-sha256; cv=none; b=1DcJcy7GhMSqUQ3sZS/yvtGTxDkzxYckri3lGi8b7HtKRUeD2Kq5marcTNzhcnFWggNAvy ND2o/awPcBEx/080E7wy1hNzC/xO9N62iyP0aMNbnEEj2N7VewF5n6dNH5RWuFJE4YRrb+ /UwJgOCJxa3Hhhu354KlsH2iOpAUx3w= ARC-Authentication-Results: i=1; imf21.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=St80ihEN; spf=pass (imf21.hostedemail.com: domain of broonie@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=broonie@kernel.org; dmarc=pass (policy=none) header.from=kernel.org Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id C5D4960EC6; Sun, 16 Jul 2023 21:54:11 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 90C06C433CD; Sun, 16 Jul 2023 21:54:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1689544451; bh=5smHZ4W7RhTfanvJnpNO7WAAfTjfLDVmUyZjClF1Lpo=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=St80ihENKA8tqKHUDgDDetHM4Me6OmsIO/5Kn1rfjFdHzdqn+d1BJ1qC9HN0DJUsk +BxcVbDyNgsj7+8D8XWaG/Lbxbw29b97isJaTqrueBr8Up2qDSSZgjuFcpS4g3wygO 9pZeO1qzn4To0m1js+m4UY6ewJLnjQW5KpAaa2MCbo7BZqGP82p0Eev6FX13P0cIVH esE9YJ73uwhE4BBkgUZOBurhg0y4LPEZHk8YCnYCH1/r/XgYkVLmt12aKTeyZpFr0w B0A632JEz+QvGZVAhqZS9usCc3iWddyHWNt3b4nZMJIwUP1rRcHRtdMmSTqfHmPmgD 1rNQxl4K/7sZQ== From: Mark Brown Date: Sun, 16 Jul 2023 22:51:09 +0100 Subject: [PATCH 13/35] KVM: arm64: Manage GCS registers for guests MIME-Version: 1.0 Message-Id: <20230716-arm64-gcs-v1-13-bf567f93bba6@kernel.org> References: <20230716-arm64-gcs-v1-0-bf567f93bba6@kernel.org> In-Reply-To: <20230716-arm64-gcs-v1-0-bf567f93bba6@kernel.org> To: Catalin Marinas , Will Deacon , Jonathan Corbet , Andrew Morton , Marc Zyngier , Oliver Upton , James Morse , Suzuki K Poulose , Arnd Bergmann , Oleg Nesterov , Eric Biederman , Kees Cook , Shuah Khan , "Rick P. Edgecombe" , Deepak Gupta , Ard Biesheuvel , Szabolcs Nagy Cc: "H.J. Lu" , Paul Walmsley , Palmer Dabbelt , Albert Ou , linux-arm-kernel@lists.infradead.org, linux-doc@vger.kernel.org, kvmarm@lists.linux.dev, linux-fsdevel@vger.kernel.org, linux-arch@vger.kernel.org, linux-mm@kvack.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, linux-riscv@lists.infradead.org, Mark Brown X-Mailer: b4 0.13-dev-099c9 X-Developer-Signature: v=1; a=openpgp-sha256; l=5347; i=broonie@kernel.org; h=from:subject:message-id; bh=5smHZ4W7RhTfanvJnpNO7WAAfTjfLDVmUyZjClF1Lpo=; b=owEBbAGT/pANAwAKASTWi3JdVIfQAcsmYgBktGaZrbq4+idLyXtYDjhxjU47zM2RQq1sPBxgQzNl ETBuuliJATIEAAEKAB0WIQSt5miqZ1cYtZ/in+ok1otyXVSH0AUCZLRmmQAKCRAk1otyXVSH0PE+B/ dxrMXJjspzTj1qyUJx7pswmVIH+n2f8NOk00cAJH8JgQ+1q4H2wzSSyMLJOOSvHeWyXW1ufVEJFuvX R1wHxj1FovQtGg9xTrab9n9Rv6v+6lpuZtjsCmNBZ782xRidxw0ejwuDuwDBfrXrfg1h7E4kUmXDNE fQ1EwrKFs9N+FuhI8dV0yJQ8lZtf+9zOWRAELNey/2NLhpNXDJPN5MC+CbkrHku46dIEPMbpfxObi8 0WGMquDYQTOkyI8CC0I/Mh6ICXrB2RYpjAOo8O2aWV2SYtQ1JrS3xCuxxrZwSG3HM2bHeoedXu5QY1 WnK5CzNyIcIcUGj8Ru05WdNOkJnhM= X-Developer-Key: i=broonie@kernel.org; a=openpgp; fpr=3F2568AAC26998F9E813A1C5C3F436CA30F5D8EB X-Rspamd-Queue-Id: 7C0891C000C X-Rspam-User: X-Stat-Signature: xop5zbeacb7h6uj9hed88rqye5e5mozf X-Rspamd-Server: rspam03 X-HE-Tag: 1689544452-191409 X-HE-Meta: U2FsdGVkX1+jcl7NWq2q1w3UWr2cExjiNUW5JPiuxMtWyI8YbBXgp1+lkRC7lE28tLNNpqhYCZktoe139X2zm4zcg5eFTAo3s08VedyIJt0nY9/Xdg1yg1McxTUEL53PARU3uQ+b44s6eayoEnrNAv/LffcFUjT2Q/01QLRQItFV+7xngl9eCrYisWs9aCPxuI6NJbGH6TmMRlI7DraBkqwBEeWoe8si42rytRucjVmcx5U8RZUhsK5tu7WcXZCmtWGDvs1hw+DSmUbAvPJ99I0h+rxCfNG7COjywKsiKgEYzumIyq9ec1Umn+0/iv9fT/0v97y73uwz4CmlQ8LH+vVQ6leRDIJTu8wXsgnfY3cuWbZ3l/oOgxx0Tkaiy4YkV4kwkWRpxz50qkRZ6H3JxExChdvWNlreVqMqt+drjfaNFyZIbovq6m21vQE5wbN4AWt8pfb+6IcvwjAV7C8I11lPE7uAPp/VuCW1lHOnsXvnG8yF/xXj2/GS9qL3/Sq/g8Nogcn1zRbS/dbecBlye3MFWxAq3j3nxyCCoU0T10F+3hdGplEb1c2D/0NgQta0tiJnWaZhZowRIAGQzYXQuY3FwpEjW4pfJ7U2o6r5oTlX/EFqQJPBGn7ViVkqDAKe+FGGRIMGFQf7f5YG+fNpYy6hT3hnZBbuFl+ODf0x5mToNcGxsp5yU6qq/DB4OVlz7q8/8+IugaNuVH1J5Ek3x6ji2vc576RnYR+qxmnMEcgrG4GJzWgxjo4QhGUYvlY8dBepX6t3pjx5wGi35mWIVEIaJsaBc0+LYcdVXP1bveNNMC9vqAIGLyNVFthvwEPoJjcE3u5FOXbCn/hjBmmVWeoTNT1rDRhDi2LvYWhMNRDCuU6qKomU2AN2ELZbzP/NhpoR7Dd/YOyT2CLMyLAynP32PGk/tuW3pXkcN5wuUCQbhEs1Srpm7vUFPpOLAQ3sA2Y1Xc4j9gMB4IBRNa+ oseXjXUr iNk0RNP6ae+pS2LdaFbDOqGHVm6DNQGA8J/kbjvHsrmOy9Ce+s6VOGyzUDKV+JcLqUg69v3Rw7lMGQGofWI8+M5/BrYhRf6gYDoOn9A+KPTYR6wDYtfSyFyG20/lwyo3W8fyaCueSCrQ+0+OLiaPScXNMjFj1QYNki4H3NkhxngUl9TkOTwrUggmaaqj+jwrlgDyHNYFRLClK3Ab4tT6bAdti3FITNmWDWLXYYJTRqKCuJFimag0tNiZVZqr4PZIL4pwT0Ny2GcPrCuSjwRzGzGD/vlX2HLXyaz0OfgC+PqgixYwOs4wySy1Qf9rR25WnAkvBkmSQZI8FinpewuCP7fUq7yLeTA2IdOxX5dUeEUdDPdhbUyA3ArKwqwW83HAQ/kaJ26Oit5xkYGufzioHmnTlsMDy3vBS7xQPWHjxIU49i1Q= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: GCS introduces a number of system registers for EL1 and EL0, on systems with GCS we need to context switch them and expose them to VMMs to allow guests to use GCS. Traps are already disabled. Signed-off-by: Mark Brown --- arch/arm64/include/asm/kvm_host.h | 12 ++++++++++++ arch/arm64/kvm/hyp/include/hyp/sysreg-sr.h | 17 +++++++++++++++++ arch/arm64/kvm/sys_regs.c | 22 ++++++++++++++++++++++ 3 files changed, 51 insertions(+) diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h index 8b6096753740..67f3894a86f1 100644 --- a/arch/arm64/include/asm/kvm_host.h +++ b/arch/arm64/include/asm/kvm_host.h @@ -364,6 +364,12 @@ enum vcpu_sysreg { PIR_EL1, /* Permission Indirection Register 1 (EL1) */ PIRE0_EL1, /* Permission Indirection Register 0 (EL1) */ + /* Guarded Control Stack registers */ + GCSCRE0_EL1, /* Guarded Control Stack Control (EL0) */ + GCSCR_EL1, /* Guarded Control Stack Control (EL1) */ + GCSPR_EL0, /* Guarded Control Stack Pointer (EL0) */ + GCSPR_EL1, /* Guarded Control Stack Pointer (EL1) */ + /* 32bit specific registers. */ DACR32_EL2, /* Domain Access Control Register */ IFSR32_EL2, /* Instruction Fault Status Register */ @@ -1134,6 +1140,12 @@ bool kvm_arm_vcpu_is_finalized(struct kvm_vcpu *vcpu); #define kvm_vm_has_ran_once(kvm) \ (test_bit(KVM_ARCH_FLAG_HAS_RAN_ONCE, &(kvm)->arch.flags)) +static inline bool has_gcs(void) +{ + return IS_ENABLED(CONFIG_ARM64_GCS) && + cpus_have_final_cap(ARM64_HAS_GCS); +} + int kvm_trng_call(struct kvm_vcpu *vcpu); #ifdef CONFIG_KVM extern phys_addr_t hyp_mem_base; diff --git a/arch/arm64/kvm/hyp/include/hyp/sysreg-sr.h b/arch/arm64/kvm/hyp/include/hyp/sysreg-sr.h index bb6b571ec627..ec34d4a90717 100644 --- a/arch/arm64/kvm/hyp/include/hyp/sysreg-sr.h +++ b/arch/arm64/kvm/hyp/include/hyp/sysreg-sr.h @@ -25,6 +25,8 @@ static inline void __sysreg_save_user_state(struct kvm_cpu_context *ctxt) { ctxt_sys_reg(ctxt, TPIDR_EL0) = read_sysreg(tpidr_el0); ctxt_sys_reg(ctxt, TPIDRRO_EL0) = read_sysreg(tpidrro_el0); + if (has_gcs()) + ctxt_sys_reg(ctxt, GCSPR_EL0) = read_sysreg_s(SYS_GCSPR_EL0); } static inline bool ctxt_has_mte(struct kvm_cpu_context *ctxt) @@ -62,6 +64,12 @@ static inline void __sysreg_save_el1_state(struct kvm_cpu_context *ctxt) ctxt_sys_reg(ctxt, PAR_EL1) = read_sysreg_par(); ctxt_sys_reg(ctxt, TPIDR_EL1) = read_sysreg(tpidr_el1); + if (has_gcs()) { + ctxt_sys_reg(ctxt, GCSPR_EL1) = read_sysreg_el1(SYS_GCSPR); + ctxt_sys_reg(ctxt, GCSCR_EL1) = read_sysreg_el1(SYS_GCSCR); + ctxt_sys_reg(ctxt, GCSCRE0_EL1) = read_sysreg_s(SYS_GCSCRE0_EL1); + } + if (ctxt_has_mte(ctxt)) { ctxt_sys_reg(ctxt, TFSR_EL1) = read_sysreg_el1(SYS_TFSR); ctxt_sys_reg(ctxt, TFSRE0_EL1) = read_sysreg_s(SYS_TFSRE0_EL1); @@ -95,6 +103,8 @@ static inline void __sysreg_restore_user_state(struct kvm_cpu_context *ctxt) { write_sysreg(ctxt_sys_reg(ctxt, TPIDR_EL0), tpidr_el0); write_sysreg(ctxt_sys_reg(ctxt, TPIDRRO_EL0), tpidrro_el0); + if (has_gcs()) + write_sysreg_s(ctxt_sys_reg(ctxt, GCSPR_EL0), SYS_GCSPR_EL0); } static inline void __sysreg_restore_el1_state(struct kvm_cpu_context *ctxt) @@ -138,6 +148,13 @@ static inline void __sysreg_restore_el1_state(struct kvm_cpu_context *ctxt) write_sysreg(ctxt_sys_reg(ctxt, PAR_EL1), par_el1); write_sysreg(ctxt_sys_reg(ctxt, TPIDR_EL1), tpidr_el1); + if (has_gcs()) { + write_sysreg_el1(ctxt_sys_reg(ctxt, GCSPR_EL1), SYS_GCSPR); + write_sysreg_el1(ctxt_sys_reg(ctxt, GCSCR_EL1), SYS_GCSCR); + write_sysreg_s(ctxt_sys_reg(ctxt, GCSCRE0_EL1), + SYS_GCSCRE0_EL1); + } + if (ctxt_has_mte(ctxt)) { write_sysreg_el1(ctxt_sys_reg(ctxt, TFSR_EL1), SYS_TFSR); write_sysreg_s(ctxt_sys_reg(ctxt, TFSRE0_EL1), SYS_TFSRE0_EL1); diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c index bd3431823ec5..e829400aa911 100644 --- a/arch/arm64/kvm/sys_regs.c +++ b/arch/arm64/kvm/sys_regs.c @@ -1768,6 +1768,23 @@ static unsigned int mte_visibility(const struct kvm_vcpu *vcpu, .visibility = mte_visibility, \ } +static unsigned int gcs_visibility(const struct kvm_vcpu *vcpu, + const struct sys_reg_desc *rd) +{ + if (has_gcs()) + return 0; + + return REG_HIDDEN; +} + +#define GCS_REG(name) { \ + SYS_DESC(SYS_##name), \ + .access = undef_access, \ + .reset = reset_unknown, \ + .reg = name, \ + .visibility = gcs_visibility, \ +} + static unsigned int el2_visibility(const struct kvm_vcpu *vcpu, const struct sys_reg_desc *rd) { @@ -2080,6 +2097,10 @@ static const struct sys_reg_desc sys_reg_descs[] = { PTRAUTH_KEY(APDB), PTRAUTH_KEY(APGA), + GCS_REG(GCSCR_EL1), + GCS_REG(GCSPR_EL1), + GCS_REG(GCSCRE0_EL1), + { SYS_DESC(SYS_SPSR_EL1), access_spsr}, { SYS_DESC(SYS_ELR_EL1), access_elr}, @@ -2162,6 +2183,7 @@ static const struct sys_reg_desc sys_reg_descs[] = { { SYS_DESC(SYS_SMIDR_EL1), undef_access }, { SYS_DESC(SYS_CSSELR_EL1), access_csselr, reset_unknown, CSSELR_EL1 }, { SYS_DESC(SYS_CTR_EL0), access_ctr }, + GCS_REG(GCSPR_EL0), { SYS_DESC(SYS_SVCR), undef_access }, { PMU_SYS_REG(SYS_PMCR_EL0), .access = access_pmcr,