From patchwork Wed Aug 21 23:35:36 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mark Brown X-Patchwork-Id: 13772237 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 0EA5CC52D7C for ; Wed, 21 Aug 2024 23:38:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Cc:To:In-Reply-To:References :Message-Id:Content-Transfer-Encoding:Content-Type:MIME-Version:Subject:Date: From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=v6PpDRnVrkCxF0cJk+Q3s1OHiD6FKHKLy76A8JwzKWY=; b=qK9vY2ge9+JqLmbFynZ4wJ1mtf jUXe7MBMtU7AIzH2yZMDKAl9ogl4qwo/G8O8N28J2OFRGClfqhl4JFLwEHqiFMtWBGC5j7p4usWYV NxZ3/mvqvdvCk38FVi7QWuEX0FEsAEGCf8GloLdNCuzx76ctAlBLNVkRbJrrw2Roco1vOcm1zzaiT TqHTeASv4ywPp3SSHvNoTtBnSk4QxoEmxUnUXq4nE6+jgmiaHhCCfCL5ES4U3jF7xy2vZzFELH4/e PZzASufwbKpM4C54j1OQzvLo/0Qs10REUbDR7spZPqFJH6l8flma863vTMgt5u2Mpy1WCgSsGro7z p8Jsz3kg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1sgutf-0000000AgKM-3Mr4; Wed, 21 Aug 2024 23:37:47 +0000 Received: from dfw.source.kernel.org ([2604:1380:4641:c500::1]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1sgusI-0000000Ag2Q-1FtL for linux-arm-kernel@lists.infradead.org; Wed, 21 Aug 2024 23:36:24 +0000 Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by dfw.source.kernel.org (Postfix) with ESMTP id 7558D61181; Wed, 21 Aug 2024 23:36:21 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 2DBC0C32782; Wed, 21 Aug 2024 23:36:16 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1724283381; bh=TnLcZV5j0h1vfwLf7V+sLcnJs4449D1TH0HuTBuSxFY=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=UVJODIBkPa2yzzOUczJ87OFjHeeEH3ykt9CBt7yjiV4HZYE5kvEx26ie2f9J75OUg ThXNgMfoHS7mdPzOmzkZGPY8Lo/VAEQdAIBMan1I9NcdtDPdC4hxtg5F14hJL47pJC BrBWMwsjc2wGJNt5+IF/MKpI/hBRJq0FApyf49L8mn0SbIBElWTgyKdX6Vqhe4n+rt gsNQFRQVBMTYTR2RyslAaCrlQBNmuGQrsw5AxH0O6p5iZeCnQ7ZxTlPNccy5aC6erg ZgEL6Pr28BareoygcSb0dZnI/LkeXtCAlqw5X+2oqdsYQo78sInWDMbRoZRi6dSXCe X11aUKnWCkePA== From: Mark Brown Date: Thu, 22 Aug 2024 00:35:36 +0100 Subject: [PATCH v2 1/3] KVM: arm64: Define helper for EL2 registers with custom visibility MIME-Version: 1.0 Message-Id: <20240822-kvm-arm64-hide-pie-regs-v2-1-376624fa829c@kernel.org> References: <20240822-kvm-arm64-hide-pie-regs-v2-0-376624fa829c@kernel.org> In-Reply-To: <20240822-kvm-arm64-hide-pie-regs-v2-0-376624fa829c@kernel.org> To: Marc Zyngier , Oliver Upton , James Morse , Suzuki K Poulose , Catalin Marinas , Will Deacon , Joey Gouly Cc: linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, Mark Brown , 20240813144738.2048302-1-maz@kernel.org X-Mailer: b4 0.15-dev-37811 X-Developer-Signature: v=1; a=openpgp-sha256; l=1399; i=broonie@kernel.org; h=from:subject:message-id; bh=TnLcZV5j0h1vfwLf7V+sLcnJs4449D1TH0HuTBuSxFY=; b=owEBbQGS/pANAwAKASTWi3JdVIfQAcsmYgBmxnnp/eE7jfejNCJhPTNlB8GBsgUEO1dh38EUFkDi 7nBBSjSJATMEAAEKAB0WIQSt5miqZ1cYtZ/in+ok1otyXVSH0AUCZsZ56QAKCRAk1otyXVSH0DiTB/ 9XkFXBeTHJFPIz0WRf13WK1WV5XrzrlUYRwxzkALiU6IEwF6/lfutvjFO6yGScRYuAsjHcXbTNdrDW 3iSSUULIKNAAmnzc8CMe8cGCDJCexf0uuXVKeiijGCpBI+y+u0L9SUckx7e0iE6oU03cBoqYSWQDst VUM/WL4ChuK4zB3cR7uZnHY/GYZGd30WxU4aeo82V6S78S5UJqZ9UppAlJDJ3eADeFTojthIOTzMWq 4y1ibnm+17XUpCSVsZolSJB9cK/AdQkTEDt1iOKWHuoBKKCK+A4SU7RNcWXGgVqk8HfXEjwtCKHlWm fmedslXbWsubOhmpAac9L+gDeYD4wz X-Developer-Key: i=broonie@kernel.org; a=openpgp; fpr=3F2568AAC26998F9E813A1C5C3F436CA30F5D8EB X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240821_163622_428457_F8E98A47 X-CRM114-Status: GOOD ( 11.65 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org In preparation for adding more visibility filtering for EL2 registers add a helper macro like EL2_REG() which allows specification of a custom visibility operation. Signed-off-by: Mark Brown --- arch/arm64/kvm/sys_regs.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c index d0b4509e59cb..1af15140e067 100644 --- a/arch/arm64/kvm/sys_regs.c +++ b/arch/arm64/kvm/sys_regs.c @@ -2136,6 +2136,15 @@ static bool bad_redir_trap(struct kvm_vcpu *vcpu, .val = v, \ } +#define EL2_REG_FILTERED(name, acc, rst, v, filter) { \ + SYS_DESC(SYS_##name), \ + .access = acc, \ + .reset = rst, \ + .reg = name, \ + .visibility = filter, \ + .val = v, \ +} + #define EL2_REG_VNCR(name, rst, v) EL2_REG(name, bad_vncr_trap, rst, v) #define EL2_REG_REDIR(name, rst, v) EL2_REG(name, bad_redir_trap, rst, v) @@ -2803,8 +2812,8 @@ static const struct sys_reg_desc sys_reg_descs[] = { EL2_REG_VNCR(HFGITR_EL2, reset_val, 0), EL2_REG_VNCR(HACR_EL2, reset_val, 0), - { SYS_DESC(SYS_ZCR_EL2), .access = access_zcr_el2, .reset = reset_val, - .visibility = sve_el2_visibility, .reg = ZCR_EL2 }, + EL2_REG_FILTERED(ZCR_EL2, access_zcr_el2, reset_val, 0, + sve_el2_visibility), EL2_REG_VNCR(HCRX_EL2, reset_val, 0), From patchwork Wed Aug 21 23:35:37 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mark Brown X-Patchwork-Id: 13772238 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id D02F1C52D6F for ; Wed, 21 Aug 2024 23:38:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Cc:To:In-Reply-To:References :Message-Id:Content-Transfer-Encoding:Content-Type:MIME-Version:Subject:Date: From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=bl0oGle6S84ZL0u8qNQKWeDsD+/+Jaz8h9ZInMf+/Ao=; b=arcy0gYvxzPAtfCTAXUoNMTL6F JbAc2y9zMAEuoaKcXxKPofDlSEWUWICOlz4sthR5XdBGFEX0jb55R0umAeDkR097Ch+i4f1/xU52g JxKUrh0dOhw1TKfsrysHYWboPanT+T3R+PCFpYxlr1lM2krSarWll84NFvg4r/SRQdBkR71yv8rMM 2WnXk+Mylibb3cUpmOgg1qYTvkIxiHqPdAWYfLTVhLPVPqApQkeQv67IdhNYnY+cONH91hrAk+PE/ z2A6E0Qm2p0QVAQJ3gXjP0KAhGEssEuWm93TD125J0EIbvM1R1k61NVBxIrR206NC1i60j2c4kVpu Vtdaa5nA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1sguuM-0000000AgTI-3JEP; Wed, 21 Aug 2024 23:38:30 +0000 Received: from sin.source.kernel.org ([2604:1380:40e1:4800::1]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1sgusO-0000000Ag3S-2ha8 for linux-arm-kernel@lists.infradead.org; Wed, 21 Aug 2024 23:36:30 +0000 Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by sin.source.kernel.org (Postfix) with ESMTP id CA749CE0E88; Wed, 21 Aug 2024 23:36:26 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id BF502C32781; Wed, 21 Aug 2024 23:36:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1724283386; bh=b9JzN3spvWcKQGpRCCgrRJFy7/vr27MdGqrdOp6NEms=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=Dq2tt++tWUppxeQc+fnyL3Jb+OUgXEToC1M4G/g8sM4R/emFtqJP45Ap8BWJIxYR0 DcWvsR5C4Bw4nA+OIZV440sH537D9LjvyMEQxnjUvbqg1bkrMNeE3A+MF4Iwh1V3LO niikM4IQHKurNhSf0H97WGMVBC2WfQD6a//yQO0SQ5khGZSqueePLxk1Io61gTP0E+ QgTGlp2zm6YXWgUJ9lCNjUFFUoHEJjVF+CdOiueTZwsS1glYacN+quYTYmuWwdSoGB JCQOcH4umwOgPhL+lM7AOrTzcSSClxMdGWUiOJCIaOYYi/lke0H8A70OG6NR1Pp0uw vMgi/oeb8qtyg== From: Mark Brown Date: Thu, 22 Aug 2024 00:35:37 +0100 Subject: [PATCH v2 2/3] KVM: arm64: Hide TCR2_EL1 from userspace when disabled for guests MIME-Version: 1.0 Message-Id: <20240822-kvm-arm64-hide-pie-regs-v2-2-376624fa829c@kernel.org> References: <20240822-kvm-arm64-hide-pie-regs-v2-0-376624fa829c@kernel.org> In-Reply-To: <20240822-kvm-arm64-hide-pie-regs-v2-0-376624fa829c@kernel.org> To: Marc Zyngier , Oliver Upton , James Morse , Suzuki K Poulose , Catalin Marinas , Will Deacon , Joey Gouly Cc: linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, Mark Brown , 20240813144738.2048302-1-maz@kernel.org X-Mailer: b4 0.15-dev-37811 X-Developer-Signature: v=1; a=openpgp-sha256; l=3081; i=broonie@kernel.org; h=from:subject:message-id; bh=b9JzN3spvWcKQGpRCCgrRJFy7/vr27MdGqrdOp6NEms=; b=owEBbQGS/pANAwAKASTWi3JdVIfQAcsmYgBmxnnqCSwLUG2jEupZw0pru27MOrYtdiLVk5Ppo6LW 61ok4LiJATMEAAEKAB0WIQSt5miqZ1cYtZ/in+ok1otyXVSH0AUCZsZ56gAKCRAk1otyXVSH0O7JB/ 4lldS+6iSSLUcMtVy4BnN+HyPylNvRhL2FI795oVu72JrMwQ218IadFn7hHe7Xv2KPgF3A7fdUuYkg yB5BtsCRnrpybvmwG+SIxBy8GkvUxBkrSUBqQOPOZKLHtV5GCBbMAtGdhquPaCL1sOBYz2/BXjWOUo otuR0T9r5u3luNGXxVjleuyKVDkn+Ibd1caM0mydZEh58I+UN9vCDheNcoDSq7sfWFu0UGsRXxlUHK OKHoazQyunC/N1hQ6kRnKTeRHST8uSozu0Rd+xGyPfyke5pjfx7aBz9JaQrk1x8FNpwQqWSb8CE8oK 9jvT8SYTym5978W6lSJmGDX91jYfHk X-Developer-Key: i=broonie@kernel.org; a=openpgp; fpr=3F2568AAC26998F9E813A1C5C3F436CA30F5D8EB X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240821_163629_062901_E2808D66 X-CRM114-Status: GOOD ( 15.31 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org When the guest does not support FEAT_TCR2 we should not allow any access to it in order to ensure that we do not create spurious issues with guest migration. Add a visibility operation for it. Fixes: fbff56068232 ("KVM: arm64: Save/restore TCR2_EL1") Signed-off-by: Mark Brown --- arch/arm64/include/asm/kvm_host.h | 3 +++ arch/arm64/kvm/sys_regs.c | 29 ++++++++++++++++++++++++++--- 2 files changed, 29 insertions(+), 3 deletions(-) diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h index ab4c675b491d..7889e5f4009f 100644 --- a/arch/arm64/include/asm/kvm_host.h +++ b/arch/arm64/include/asm/kvm_host.h @@ -1476,4 +1476,7 @@ void kvm_set_vm_id_reg(struct kvm *kvm, u32 reg, u64 val); (pa + pi + pa3) == 1; \ }) +#define kvm_has_tcr2(k) \ + (kvm_has_feat((k), ID_AA64MMFR3_EL1, TCRX, IMP)) + #endif /* __ARM64_KVM_HOST_H__ */ diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c index 1af15140e067..6d5f43781042 100644 --- a/arch/arm64/kvm/sys_regs.c +++ b/arch/arm64/kvm/sys_regs.c @@ -2319,6 +2319,27 @@ static bool access_zcr_el2(struct kvm_vcpu *vcpu, return true; } +static unsigned int tcr2_visibility(const struct kvm_vcpu *vcpu, + const struct sys_reg_desc *rd) +{ + if (kvm_has_tcr2(vcpu->kvm)) + return 0; + + return REG_HIDDEN; +} + +static unsigned int tcr2_el2_visibility(const struct kvm_vcpu *vcpu, + const struct sys_reg_desc *rd) +{ + unsigned int r; + + r = el2_visibility(vcpu, rd); + if (r) + return r; + + return tcr2_visibility(vcpu, rd); +} + /* * Architected system registers. * Important: Must be sorted ascending by Op0, Op1, CRn, CRm, Op2 @@ -2503,7 +2524,8 @@ static const struct sys_reg_desc sys_reg_descs[] = { { SYS_DESC(SYS_TTBR0_EL1), access_vm_reg, reset_unknown, TTBR0_EL1 }, { SYS_DESC(SYS_TTBR1_EL1), access_vm_reg, reset_unknown, TTBR1_EL1 }, { SYS_DESC(SYS_TCR_EL1), access_vm_reg, reset_val, TCR_EL1, 0 }, - { SYS_DESC(SYS_TCR2_EL1), access_vm_reg, reset_val, TCR2_EL1, 0 }, + { SYS_DESC(SYS_TCR2_EL1), access_vm_reg, reset_val, TCR2_EL1, 0, + .visibility = tcr2_visibility }, PTRAUTH_KEY(APIA), PTRAUTH_KEY(APIB), @@ -2820,7 +2842,8 @@ static const struct sys_reg_desc sys_reg_descs[] = { EL2_REG(TTBR0_EL2, access_rw, reset_val, 0), EL2_REG(TTBR1_EL2, access_rw, reset_val, 0), EL2_REG(TCR_EL2, access_rw, reset_val, TCR_EL2_RES1), - EL2_REG(TCR2_EL2, access_tcr2_el2, reset_val, TCR2_EL2_RES1), + EL2_REG_FILTERED(TCR2_EL2, access_tcr2_el2, reset_val, TCR2_EL2_RES1, + tcr2_el2_visibility), EL2_REG_VNCR(VTTBR_EL2, reset_val, 0), EL2_REG_VNCR(VTCR_EL2, reset_val, 0), @@ -4626,7 +4649,7 @@ void kvm_calculate_traps(struct kvm_vcpu *vcpu) if (kvm_has_feat(kvm, ID_AA64ISAR2_EL1, MOPS, IMP)) vcpu->arch.hcrx_el2 |= (HCRX_EL2_MSCEn | HCRX_EL2_MCE2); - if (kvm_has_feat(kvm, ID_AA64MMFR3_EL1, TCRX, IMP)) + if (kvm_has_tcr2(kvm)) vcpu->arch.hcrx_el2 |= HCRX_EL2_TCR2En; } From patchwork Wed Aug 21 23:35:38 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mark Brown X-Patchwork-Id: 13772239 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id C5993C52D7C for ; Wed, 21 Aug 2024 23:39:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Cc:To:In-Reply-To:References :Message-Id:Content-Transfer-Encoding:Content-Type:MIME-Version:Subject:Date: From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=8dRdAG1+6dIFUJaXE8+vLQ9EMkLGiw2ERUHU/ffd1HQ=; b=SzLmduBPirR3g75YIACZHrxv68 W3+mmjYnUYOGKSgaBxV2Ce4wb4PQrcSS8c7syTPFQ+CGhK8SX8p2xs+VkUx04TGtxfPejrk88EHyM /fLHCUqrGZTvQfR6W/57ka/BE4MeVVB8PwkXrETNGWcp8gNBh5QMGeB8rECbjQDYTGDjTLxnpWhhx +k+e3ds/Z35s2ajbCA66lUyw4v6brD8v6OnVmW8EcysB3LGbKBb0DhpKHkvNy4fslPKDmeQs5/lMx UJ6as+LLcN/R+mPqx7yfeqsDgbMMFZpiMAiTuvBLKQGbVXnEPO19rrJqxvMqOx/vZkjBYRPLu9Xx9 pe52wgvw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1sguv2-0000000Agal-3pw3; Wed, 21 Aug 2024 23:39:12 +0000 Received: from nyc.source.kernel.org ([147.75.193.91]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1sgusR-0000000Ag4O-1uvt for linux-arm-kernel@lists.infradead.org; Wed, 21 Aug 2024 23:36:33 +0000 Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by nyc.source.kernel.org (Postfix) with ESMTP id D4713A40E49; Wed, 21 Aug 2024 23:36:23 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 97C51C4AF0E; Wed, 21 Aug 2024 23:36:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1724283390; bh=hrfESbx6SkEicUVkwX2/zXlc1PgEJHcuOvyuBXTbqns=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=RtsAA30Fb5hUcmkl6vaRLL6JfpTZ4oxBv9ZRSOXd9Q/22dLSbo+Ng42w9u7KlSPgK m/2ECNCrgqn11FtjuCQp/vKjU9HoldjRkPIDPMUciS49LPfTCgHR3uDeGheakfSUy2 ql6CJA1eLFb383PkuPItxH/mVQs0VkWVb96fPN01ivSXyijmBdJZPWzpz1m/dJJMYI CnkKBGa0YLiBkRscVYruuZtxSmX/nhqFD5n5LRo/hAS0zLmJGp9kE1nReX3MigRnTo EfpXISzVHJ0TrjgHtnWBkK9SHUkUiFYNmETAxjW+1vkVsS3Ea1R5Sp+JEYM9oSPlA5 vuyK1M4BGWWpA== From: Mark Brown Date: Thu, 22 Aug 2024 00:35:38 +0100 Subject: [PATCH v2 3/3] KVM: arm64: Hide S1PIE registers from userspace when disabled for guests MIME-Version: 1.0 Message-Id: <20240822-kvm-arm64-hide-pie-regs-v2-3-376624fa829c@kernel.org> References: <20240822-kvm-arm64-hide-pie-regs-v2-0-376624fa829c@kernel.org> In-Reply-To: <20240822-kvm-arm64-hide-pie-regs-v2-0-376624fa829c@kernel.org> To: Marc Zyngier , Oliver Upton , James Morse , Suzuki K Poulose , Catalin Marinas , Will Deacon , Joey Gouly Cc: linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, Mark Brown , 20240813144738.2048302-1-maz@kernel.org X-Mailer: b4 0.15-dev-37811 X-Developer-Signature: v=1; a=openpgp-sha256; l=3441; i=broonie@kernel.org; h=from:subject:message-id; bh=hrfESbx6SkEicUVkwX2/zXlc1PgEJHcuOvyuBXTbqns=; b=owEBbQGS/pANAwAKASTWi3JdVIfQAcsmYgBmxnnr4SLnC2qdqcIFy0dcExaXyAtGP2eCtQUx0+0V EfdofO+JATMEAAEKAB0WIQSt5miqZ1cYtZ/in+ok1otyXVSH0AUCZsZ56wAKCRAk1otyXVSH0BQhB/ wJ4EWrWwY5XI4ekGdtftXyjg/WcA3FSzbzlQUBnH4HUM4e6SBk1DSnj8dqLGUKlfkVsDlPmcHbb7pq FpE2qX52OUS2mNpxh/iDws1fykHpQPKhnrdS4tT1R3JVWuFvGkoWb8G/4hILabNUqHtHDZlg0z8He7 qHHBxNg6NpPxX+UXpnLmNm+l1NfO10dYyMWfugIWqlRfS3kYRz1B0Oq/3LaG/nr2YhUj7BiSU3ag7g JUtg8XXdJhyphrZ84pedIgNFkvKGBz2Dx5e9xVEXwGQJeh4XqeP4P1oYRObsWm4yiqMD6mf5zDb8TY Pmsc5xr/9b+X/oT3azrQU9ueGzH3jF X-Developer-Key: i=broonie@kernel.org; a=openpgp; fpr=3F2568AAC26998F9E813A1C5C3F436CA30F5D8EB X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240821_163631_659956_E5772504 X-CRM114-Status: GOOD ( 16.49 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org When the guest does not support S1PIE we should not allow any access to the system registers it adds in order to ensure that we do not create spurious issues with guest migration. Add a visibility operation for these registers. Fixes: 86f9de9db178 ("KVM: arm64: Save/restore PIE registers") Signed-off-by: Mark Brown --- arch/arm64/include/asm/kvm_host.h | 3 +++ arch/arm64/kvm/sys_regs.c | 35 ++++++++++++++++++++++++++++++----- 2 files changed, 33 insertions(+), 5 deletions(-) diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h index 7889e5f4009f..fd161d41df52 100644 --- a/arch/arm64/include/asm/kvm_host.h +++ b/arch/arm64/include/asm/kvm_host.h @@ -1479,4 +1479,7 @@ void kvm_set_vm_id_reg(struct kvm *kvm, u32 reg, u64 val); #define kvm_has_tcr2(k) \ (kvm_has_feat((k), ID_AA64MMFR3_EL1, TCRX, IMP)) +#define kvm_has_s1pie(k) \ + (kvm_has_feat((k), ID_AA64MMFR3_EL1, S1PIE, IMP)) + #endif /* __ARM64_KVM_HOST_H__ */ diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c index 6d5f43781042..3824f6d13bf6 100644 --- a/arch/arm64/kvm/sys_regs.c +++ b/arch/arm64/kvm/sys_regs.c @@ -2340,6 +2340,27 @@ static unsigned int tcr2_el2_visibility(const struct kvm_vcpu *vcpu, return tcr2_visibility(vcpu, rd); } +static unsigned int s1pie_visibility(const struct kvm_vcpu *vcpu, + const struct sys_reg_desc *rd) +{ + if (kvm_has_s1pie(vcpu->kvm)) + return 0; + + return REG_HIDDEN; +} + +static unsigned int s1pie_el2_visibility(const struct kvm_vcpu *vcpu, + const struct sys_reg_desc *rd) +{ + unsigned int r; + + r = el2_visibility(vcpu, rd); + if (r) + return r; + + return s1pie_visibility(vcpu, rd); +} + /* * Architected system registers. * Important: Must be sorted ascending by Op0, Op1, CRn, CRm, Op2 @@ -2577,8 +2598,10 @@ static const struct sys_reg_desc sys_reg_descs[] = { { SYS_DESC(SYS_PMMIR_EL1), trap_raz_wi }, { SYS_DESC(SYS_MAIR_EL1), access_vm_reg, reset_unknown, MAIR_EL1 }, - { SYS_DESC(SYS_PIRE0_EL1), NULL, reset_unknown, PIRE0_EL1 }, - { SYS_DESC(SYS_PIR_EL1), NULL, reset_unknown, PIR_EL1 }, + { SYS_DESC(SYS_PIRE0_EL1), NULL, reset_unknown, PIRE0_EL1, + .visibility = s1pie_visibility }, + { SYS_DESC(SYS_PIR_EL1), NULL, reset_unknown, PIR_EL1, + .visibility = s1pie_visibility }, { SYS_DESC(SYS_AMAIR_EL1), access_vm_reg, reset_amair_el1, AMAIR_EL1 }, { SYS_DESC(SYS_LORSA_EL1), trap_loregion }, @@ -2875,8 +2898,10 @@ static const struct sys_reg_desc sys_reg_descs[] = { EL2_REG(HPFAR_EL2, access_rw, reset_val, 0), EL2_REG(MAIR_EL2, access_rw, reset_val, 0), - EL2_REG(PIRE0_EL2, check_s1pie_access_rw, reset_val, 0), - EL2_REG(PIR_EL2, check_s1pie_access_rw, reset_val, 0), + EL2_REG_FILTERED(PIRE0_EL2, check_s1pie_access_rw, reset_val, 0, + s1pie_el2_visibility), + EL2_REG_FILTERED(PIR_EL2, check_s1pie_access_rw, reset_val, 0, + s1pie_el2_visibility), EL2_REG(AMAIR_EL2, access_rw, reset_val, 0), EL2_REG(VBAR_EL2, access_rw, reset_val, 0), @@ -4691,7 +4716,7 @@ void kvm_calculate_traps(struct kvm_vcpu *vcpu) HFGITR_EL2_TLBIRVAAE1OS | HFGITR_EL2_TLBIRVAE1OS); - if (!kvm_has_feat(kvm, ID_AA64MMFR3_EL1, S1PIE, IMP)) + if (!kvm_has_s1pie(kvm)) kvm->arch.fgu[HFGxTR_GROUP] |= (HFGxTR_EL2_nPIRE0_EL1 | HFGxTR_EL2_nPIR_EL1);