From patchwork Fri Sep 22 07:02:58 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jan Kiszka X-Patchwork-Id: 9965265 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 0CF8F602D8 for ; Fri, 22 Sep 2017 07:03:47 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id F205328537 for ; Fri, 22 Sep 2017 07:03:46 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id E6B75285CC; Fri, 22 Sep 2017 07:03:46 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 3DAF528537 for ; Fri, 22 Sep 2017 07:03:45 +0000 (UTC) Received: from localhost ([::1]:57004 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dvI01-0000jc-4v for patchwork-qemu-devel@patchwork.kernel.org; Fri, 22 Sep 2017 03:03:45 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:56094) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dvHzO-0000jR-Ar for qemu-devel@nongnu.org; Fri, 22 Sep 2017 03:03:10 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dvHzK-0007XY-29 for qemu-devel@nongnu.org; Fri, 22 Sep 2017 03:03:06 -0400 Received: from thoth.sbs.de ([192.35.17.2]:47580) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1dvHzJ-0007X2-Nf for qemu-devel@nongnu.org; Fri, 22 Sep 2017 03:03:01 -0400 Received: from mail3.siemens.de (mail3.siemens.de [139.25.208.14]) by thoth.sbs.de (8.15.2/8.15.2) with ESMTPS id v8M72x1u011871 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 22 Sep 2017 09:03:00 +0200 Received: from md1f2u6c.ww002.siemens.net ([139.22.130.22]) by mail3.siemens.de (8.15.2/8.15.2) with ESMTP id v8M72waH027428; Fri, 22 Sep 2017 09:02:59 +0200 To: qemu-devel , Peter Maydell From: Jan Kiszka Message-ID: <4f243068-aaea-776f-d18f-f9e05e7be9cd@siemens.com> Date: Fri, 22 Sep 2017 09:02:58 +0200 User-Agent: Mozilla/5.0 (X11; U; Linux i686 (x86_64); de; rv:1.8.1.12) Gecko/20080226 SUSE/2.0.0.12-1.1 Thunderbird/2.0.0.12 Mnenhy/0.7.5.666 MIME-Version: 1.0 Content-Language: en-US X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [fuzzy] X-Received-From: 192.35.17.2 Subject: [Qemu-devel] [PATCH v2] arm: Fix SMC reporting to EL2 when QEMU provides PSCI X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Virus-Scanned: ClamAV using ClamSMTP From: Jan Kiszka This properly forwards SMC events to EL2 when PSCI is provided by QEMU itself and, thus, ARM_FEATURE_EL3 is off. Found and tested with the Jailhouse hypervisor. Solution based on suggestions by Peter Maydell. Signed-off-by: Jan Kiszka --- Changes in v2: - implemented Peter's suggestions - and it turned out that the arm_is_psci_call became indeed obsolete target/arm/helper.c | 9 ++++++++- target/arm/op_helper.c | 27 +++++++++++++++++---------- 2 files changed, 25 insertions(+), 11 deletions(-) diff --git a/target/arm/helper.c b/target/arm/helper.c index fa60040361..539eef0187 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -3717,7 +3717,14 @@ static void hcr_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value) if (arm_feature(env, ARM_FEATURE_EL3)) { valid_mask &= ~HCR_HCD; - } else { + } else if (cpu->psci_conduit != QEMU_PSCI_CONDUIT_SMC) { + /* Architecturally HCR.TSC is RES0 if EL3 is not implemented. + * However, if we're using the SMC PSCI conduit then QEMU is + * effectively acting like EL3 firmware and so the guest at + * EL2 should retain the ability to prevent EL1 from being + * able to make SMC calls into the ersatz firmware, so in + * that case HCR.TSC should be read/write. + */ valid_mask &= ~HCR_TSC; } diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c index 2a85666579..26a0a5cf35 100644 --- a/target/arm/op_helper.c +++ b/target/arm/op_helper.c @@ -901,22 +901,29 @@ void HELPER(pre_smc)(CPUARMState *env, uint32_t syndrome) */ bool undef = arm_feature(env, ARM_FEATURE_AARCH64) ? smd : smd && !secure; - if (arm_is_psci_call(cpu, EXCP_SMC)) { - /* If PSCI is enabled and this looks like a valid PSCI call then - * that overrides the architecturally mandated SMC behaviour. + if (!arm_feature(env, ARM_FEATURE_EL3) && + cpu->psci_conduit != QEMU_PSCI_CONDUIT_SMC) { + /* If we have no EL3 then SMC always UNDEFs and can't be + * trapped to EL2. PSCI-via-SMC is a sort of ersatz EL3 + * firmware within QEMU, and we want an EL2 guest to be able + * to forbid its EL1 from making PSCI calls into QEMU's + * "firmware" via HCR.TSC, so for these purposes treat + * PSCI-via-SMC as implying an EL3. */ - return; - } - - if (!arm_feature(env, ARM_FEATURE_EL3)) { - /* If we have no EL3 then SMC always UNDEFs */ undef = true; } else if (!secure && cur_el == 1 && (env->cp15.hcr_el2 & HCR_TSC)) { - /* In NS EL1, HCR controlled routing to EL2 has priority over SMD. */ + /* In NS EL1, HCR controlled routing to EL2 has priority over SMD. + * We also want an EL2 guest to be able to forbid its EL1 from + * making PSCI calls into QEMU's "firmware" via HCR.TSC. + */ raise_exception(env, EXCP_HYP_TRAP, syndrome, 2); } - if (undef) { + /* If PSCI is enabled and this looks like a valid PSCI call then + * suppress the UNDEF -- we'll catch the SMC exception and + * implement the PSCI call behaviour there. + */ + if (undef && !arm_is_psci_call(cpu, EXCP_SMC)) { raise_exception(env, EXCP_UDEF, syn_uncategorized(), exception_target_el(env)); }