From patchwork Wed Aug 21 13:07:15 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mark Brown X-Patchwork-Id: 13771615 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 1DD0BC5320E for ; Wed, 21 Aug 2024 13:15:47 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Cc:To:In-Reply-To:References :Message-Id:Content-Transfer-Encoding:Content-Type:MIME-Version:Subject:Date: From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=a4Kqs0mKjxPHEKs12fSWiPRej80YJozpKkPBtMEEwxM=; b=ceuqyOZ2VJHikEIcxrc+FCVs7z Uj4OaVQcNsEqoAeNwuInivvIoCm05XVvmqye+NAW+tuvYHAK7UvmiWX3oOt5OBIuKWrwVP0EOXqb5 M2ZJKCsp4T8RMOdOSpIFrfc063gbDpOyxo+Q/xIyYhwvCbE5BBEKthqFhB6q0NA9fVXU07bMHWxUX JgDde5e3ZlolkiNDGdFwPiealCrX30z12s6wbUfkmZbYwG3MC7ltgmlzvxUUVfjrlaUGl25YEFqLT tqT2wFsrv2q9sANOEQrcF9k/giU1j4dMyVu6gJ0R+H01pf+BKRU6mLngTDpU2o0dm54nH3iFaKE3A TVygQT8w==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1sglBT-000000095SX-2ugI; Wed, 21 Aug 2024 13:15:31 +0000 Received: from dfw.source.kernel.org ([2604:1380:4641:c500::1]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1sglA4-00000009509-2uzw for linux-arm-kernel@lists.infradead.org; Wed, 21 Aug 2024 13:14:06 +0000 Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by dfw.source.kernel.org (Postfix) with ESMTP id 1F62361027; Wed, 21 Aug 2024 13:14:04 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 43B25C4AF0E; Wed, 21 Aug 2024 13:13:59 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1724246043; bh=M3wnl3jeTEg6L1w31RHY/MPoAWBin2H0UAgATL+YXoE=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=firFY7yb7+k7SGiD0Ub994Yzx9o1Q11JayR9UgvsL/iGO4SDxQg9hqKVLswu4+J5a whAgqr2eQ6FEMijDVgn7SyP6Fbw3+dpEmqAujNZSbawMwUqDoB48i4NY/7wKkZXp45 FqCRPsLaBvMWTJKAn2NnNJ3QgTcOewmBJ1xE6sw7Or+/0LuNMl/Jc90oyChoTmyp78 IubGuhQlVMxuaBcforpPgsSsx3dan0IazpmpP6tFiLCRHVqP1w0IYgK5qiZOYIflvK n1XTQ8qRgpDn2SlAHZMSATuewB1k9ICUocsgcOII+UbStHjhQqZDRPu3Ajrn6SmnmN XpceiD2h52CkA== From: Mark Brown Date: Wed, 21 Aug 2024 14:07:15 +0100 Subject: [PATCH 1/2] KVM: arm64: Hide TCR2_EL1 from userspace when disabled for guests MIME-Version: 1.0 Message-Id: <20240821-kvm-arm64-hide-pie-regs-v1-1-08cb3c79cb57@kernel.org> References: <20240821-kvm-arm64-hide-pie-regs-v1-0-08cb3c79cb57@kernel.org> In-Reply-To: <20240821-kvm-arm64-hide-pie-regs-v1-0-08cb3c79cb57@kernel.org> To: Marc Zyngier , Oliver Upton , James Morse , Suzuki K Poulose , Catalin Marinas , Will Deacon , Joey Gouly Cc: linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, Mark Brown X-Mailer: b4 0.15-dev-37811 X-Developer-Signature: v=1; a=openpgp-sha256; l=2343; i=broonie@kernel.org; h=from:subject:message-id; bh=M3wnl3jeTEg6L1w31RHY/MPoAWBin2H0UAgATL+YXoE=; b=owEBbQGS/pANAwAKASTWi3JdVIfQAcsmYgBmxegSl4TBd1DBRROnEjY3E/Ss1czRmyPxJkdzee5u mpahOMiJATMEAAEKAB0WIQSt5miqZ1cYtZ/in+ok1otyXVSH0AUCZsXoEgAKCRAk1otyXVSH0HXIB/ 94XRxZnxjGI4jLo8qddjEBeQa4tzBEc0DhyJSLV34BmzxlngzGpW3xupdzqNtLJIg4ywynbsmdeAhz 4JXM6f5zRV2RpIdFLH+Emermg0IKeilTP5uGm+SJYAtxG20iVIyrn0SlffDiuR9F1Y4uAIVb7+6Ywx 39jbfYWknUXpAChT3rKFC07mz+HyWB2zkraGtmyrO6irv/sPF64RD/eg60QHguUgRUb6/xSRaHdE2k Fz56JpZIbbtL8yjhF6hEsKx8SUThkreUX07bgJpcDl+Sg9QaRokL9l/HINnbODRXHgfZDU1FI5jGMN oMV2xflGm7czJpYPdMJwvNUxg7kXVA X-Developer-Key: i=broonie@kernel.org; a=openpgp; fpr=3F2568AAC26998F9E813A1C5C3F436CA30F5D8EB X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240821_061404_926694_D3E931F8 X-CRM114-Status: GOOD ( 14.72 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org When the guest does not support FEAT_TCR2 we should not allow any access to it in order to ensure that we do not create spurious issues with guest migration. Add a visibility operation for it. Fixes: fbff56068232 ("KVM: arm64: Save/restore TCR2_EL1") Signed-off-by: Mark Brown --- arch/arm64/include/asm/kvm_host.h | 3 +++ arch/arm64/kvm/sys_regs.c | 14 ++++++++++++-- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h index a33f5996ca9f..47675ef13676 100644 --- a/arch/arm64/include/asm/kvm_host.h +++ b/arch/arm64/include/asm/kvm_host.h @@ -1473,4 +1473,7 @@ void kvm_set_vm_id_reg(struct kvm *kvm, u32 reg, u64 val); (pa + pi + pa3) == 1; \ }) +#define kvm_has_tcr2(k) \ + (kvm_has_feat((k), ID_AA64MMFR3_EL1, TCRX, IMP)) + #endif /* __ARM64_KVM_HOST_H__ */ diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c index c90324060436..aab689ea8992 100644 --- a/arch/arm64/kvm/sys_regs.c +++ b/arch/arm64/kvm/sys_regs.c @@ -2255,6 +2255,15 @@ static bool access_zcr_el2(struct kvm_vcpu *vcpu, return true; } +static unsigned int tcr2_visibility(const struct kvm_vcpu *vcpu, + const struct sys_reg_desc *rd) +{ + if (kvm_has_tcr2(vcpu->kvm)) + return 0; + + return REG_HIDDEN; +} + /* * Architected system registers. * Important: Must be sorted ascending by Op0, Op1, CRn, CRm, Op2 @@ -2438,7 +2447,8 @@ static const struct sys_reg_desc sys_reg_descs[] = { { SYS_DESC(SYS_TTBR0_EL1), access_vm_reg, reset_unknown, TTBR0_EL1 }, { SYS_DESC(SYS_TTBR1_EL1), access_vm_reg, reset_unknown, TTBR1_EL1 }, { SYS_DESC(SYS_TCR_EL1), access_vm_reg, reset_val, TCR_EL1, 0 }, - { SYS_DESC(SYS_TCR2_EL1), access_vm_reg, reset_val, TCR2_EL1, 0 }, + { SYS_DESC(SYS_TCR2_EL1), access_vm_reg, reset_val, TCR2_EL1, 0, + .visibility = tcr2_visibility }, PTRAUTH_KEY(APIA), PTRAUTH_KEY(APIB), @@ -4558,7 +4568,7 @@ void kvm_calculate_traps(struct kvm_vcpu *vcpu) if (kvm_has_feat(kvm, ID_AA64ISAR2_EL1, MOPS, IMP)) vcpu->arch.hcrx_el2 |= (HCRX_EL2_MSCEn | HCRX_EL2_MCE2); - if (kvm_has_feat(kvm, ID_AA64MMFR3_EL1, TCRX, IMP)) + if (kvm_has_tcr2(kvm)) vcpu->arch.hcrx_el2 |= HCRX_EL2_TCR2En; } From patchwork Wed Aug 21 13:07:16 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mark Brown X-Patchwork-Id: 13771616 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id DDAE4C52D6F for ; Wed, 21 Aug 2024 13:16:25 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Cc:To:In-Reply-To:References :Message-Id:Content-Transfer-Encoding:Content-Type:MIME-Version:Subject:Date: From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=Fa8mOYRsNYBU/ZusyDHnfXr5XCuukjkKPT+xUH7y6U8=; b=XPno6EFbXNugcxcdvaGfw4g8Cq ncK6SCqwL7BHbF+X/+oIB44p8CwtDhKJYszoc4qmVajAKAHwhbk7j08OeJJfnu2X51LrDs6nAC/bg 9UZqIBqA/bK+dOAqAo2iMBHAJGhxVrrbqz3GYwxD9FgUhaji+KnUN0glJ2T1me1XyCQqprYq809Ui z3IuQqiSZW2GzQgvIAxMTWnEh63fO5P4EFwJXDSqsb/w1Xl7Fxh54cVsj6NQZcSgAhzZqF3uN0Mmv A1XtLcQzKP5lNj9lZ2L9Pq2n1/o7q4IJSQG1HxM9YzWVIwP5c46rr8Ct+78LDl2AiKIw0s8vEQhcv kYj7Qzyw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1sglCB-000000095lE-3s1Y; Wed, 21 Aug 2024 13:16:15 +0000 Received: from dfw.source.kernel.org ([139.178.84.217]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1sglA9-0000000951b-1Upr for linux-arm-kernel@lists.infradead.org; Wed, 21 Aug 2024 13:14:10 +0000 Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by dfw.source.kernel.org (Postfix) with ESMTP id 56B9A61027; Wed, 21 Aug 2024 13:14:08 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 750E9C4AF09; Wed, 21 Aug 2024 13:14:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1724246048; bh=MuP5Cq46nVjdRD00fJkyIdDWf1YqCyxnb9KmrwxPUec=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=qmyuntaqQ5VbPdNVZl1IPKluOumiawAgga4Vj1MLoX/WmeAp5vqK7+Rdgl0g9Tm6g nujptz48lbK19X4dOwlWKkhppQ41UOnzODAOzr0DyYhMIfVaIAvpG1/e7y7oIl4ljU n7UMwY6ZwbysBxkG4pJz4ZyHWMjgzba1lVooWT5M5rRQkVhOpj+5t3BNlaud7xejs2 Q2mZE6xIfWU+AT4zSBsfaxKztra0BDLeNaya0wsebwiz5diSXHLMzXTmNCZjsB3oHt ++WbQAt2o9WwEINigA7uQn20yqrEBAXfyEpvnE7UDN5VKyEDgV3RT6A91Yu5u57O8w u4TMFvZdklE8A== From: Mark Brown Date: Wed, 21 Aug 2024 14:07:16 +0100 Subject: [PATCH 2/2] KVM: arm64: Hide S1PIE registers from userspace when disabled for guests MIME-Version: 1.0 Message-Id: <20240821-kvm-arm64-hide-pie-regs-v1-2-08cb3c79cb57@kernel.org> References: <20240821-kvm-arm64-hide-pie-regs-v1-0-08cb3c79cb57@kernel.org> In-Reply-To: <20240821-kvm-arm64-hide-pie-regs-v1-0-08cb3c79cb57@kernel.org> To: Marc Zyngier , Oliver Upton , James Morse , Suzuki K Poulose , Catalin Marinas , Will Deacon , Joey Gouly Cc: linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, Mark Brown X-Mailer: b4 0.15-dev-37811 X-Developer-Signature: v=1; a=openpgp-sha256; l=2579; i=broonie@kernel.org; h=from:subject:message-id; bh=MuP5Cq46nVjdRD00fJkyIdDWf1YqCyxnb9KmrwxPUec=; b=owEBbQGS/pANAwAKASTWi3JdVIfQAcsmYgBmxegTt/16CUX8uktq5Mws9/y16UtY/d/Sra3QZeOV uWTrYYGJATMEAAEKAB0WIQSt5miqZ1cYtZ/in+ok1otyXVSH0AUCZsXoEwAKCRAk1otyXVSH0BEMB/ 477h1LbMjJFCyWMayEQuxLp9WrscihPQv91dEogOzcG5/ah1bBLr2yUiwz1sXaUNwMmIDJFzMITGrL 5rrVG/tu9JHy4L6iEUucBZ07AIX5x7aTHHcIDR2zog/A28TMsMES1zLM3lj2M+iISqPp1u1HABaUJE ngVgnnUmgIdZDNJAZvl4+Q7LGVAXgdTFFTwMo7DTB/72c9IJQBVujtXaTahfM5hvpy+mHK7SvRv1ic 2I4EkR25rKPyKajXGpHTnUlgUpn/ITq2C28XNWB6yDwNQMuH7jYo3Ha8CRAXegO8ZSI8eOkDBNRWUZ ZAL1ffEiefDV/3IG4i/0y9F7mKtLlN X-Developer-Key: i=broonie@kernel.org; a=openpgp; fpr=3F2568AAC26998F9E813A1C5C3F436CA30F5D8EB X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240821_061409_555371_E19D0479 X-CRM114-Status: GOOD ( 15.72 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org When the guest does not support S1PIE we should not allow any access to the system registers it adds in order to ensure that we do not create spurious issues with guest migration. Add a visibility operation for these registers. Fixes: 86f9de9db178 ("KVM: arm64: Save/restore PIE registers") Signed-off-by: Mark Brown --- arch/arm64/include/asm/kvm_host.h | 3 +++ arch/arm64/kvm/sys_regs.c | 17 ++++++++++++++--- 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h index 47675ef13676..38bfa6e10ba5 100644 --- a/arch/arm64/include/asm/kvm_host.h +++ b/arch/arm64/include/asm/kvm_host.h @@ -1476,4 +1476,7 @@ void kvm_set_vm_id_reg(struct kvm *kvm, u32 reg, u64 val); #define kvm_has_tcr2(k) \ (kvm_has_feat((k), ID_AA64MMFR3_EL1, TCRX, IMP)) +#define kvm_has_s1pie(k) \ + (kvm_has_feat((k), ID_AA64MMFR3_EL1, S1PIE, IMP)) + #endif /* __ARM64_KVM_HOST_H__ */ diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c index aab689ea8992..73daa33a43b4 100644 --- a/arch/arm64/kvm/sys_regs.c +++ b/arch/arm64/kvm/sys_regs.c @@ -2264,6 +2264,15 @@ static unsigned int tcr2_visibility(const struct kvm_vcpu *vcpu, return REG_HIDDEN; } +static unsigned int s1pie_visibility(const struct kvm_vcpu *vcpu, + const struct sys_reg_desc *rd) +{ + if (kvm_has_s1pie(vcpu->kvm)) + return 0; + + return REG_HIDDEN; +} + /* * Architected system registers. * Important: Must be sorted ascending by Op0, Op1, CRn, CRm, Op2 @@ -2500,8 +2509,10 @@ static const struct sys_reg_desc sys_reg_descs[] = { { SYS_DESC(SYS_PMMIR_EL1), trap_raz_wi }, { SYS_DESC(SYS_MAIR_EL1), access_vm_reg, reset_unknown, MAIR_EL1 }, - { SYS_DESC(SYS_PIRE0_EL1), NULL, reset_unknown, PIRE0_EL1 }, - { SYS_DESC(SYS_PIR_EL1), NULL, reset_unknown, PIR_EL1 }, + { SYS_DESC(SYS_PIRE0_EL1), NULL, reset_unknown, PIRE0_EL1, + .visibility = s1pie_visibility }, + { SYS_DESC(SYS_PIR_EL1), NULL, reset_unknown, PIR_EL1, + .visibility = s1pie_visibility }, { SYS_DESC(SYS_AMAIR_EL1), access_vm_reg, reset_amair_el1, AMAIR_EL1 }, { SYS_DESC(SYS_LORSA_EL1), trap_loregion }, @@ -4610,7 +4621,7 @@ void kvm_calculate_traps(struct kvm_vcpu *vcpu) HFGITR_EL2_TLBIRVAAE1OS | HFGITR_EL2_TLBIRVAE1OS); - if (!kvm_has_feat(kvm, ID_AA64MMFR3_EL1, S1PIE, IMP)) + if (!kvm_has_s1pie(kvm)) kvm->arch.fgu[HFGxTR_GROUP] |= (HFGxTR_EL2_nPIRE0_EL1 | HFGxTR_EL2_nPIR_EL1);