From: Peter Collingbourne <pcc@google.com>
To: kvmarm@lists.cs.columbia.edu
Cc: Catalin Marinas <catalin.marinas@arm.com>,
kvm@vger.kernel.org, Marc Zyngier <maz@kernel.org>,
Andy Lutomirski <luto@amacapital.net>,
Will Deacon <will@kernel.org>,
Evgenii Stepanov <eugenis@google.com>,
Michael Roth <michael.roth@amd.com>,
Chao Peng <chao.p.peng@linux.intel.com>,
Peter Collingbourne <pcc@google.com>,
linux-arm-kernel@lists.infradead.org
Subject: [PATCH v2 1/3] KVM: arm64: add a hypercall for disowning pages
Date: Fri, 8 Jul 2022 14:21:04 -0700 [thread overview]
Message-ID: <20220708212106.325260-2-pcc@google.com> (raw)
In-Reply-To: <20220708212106.325260-1-pcc@google.com>
Currently we only deny the host access to hyp and guest pages. However,
there may be other pages that could potentially be used to indirectly
compromise the hypervisor or the other guests. Therefore introduce a
__pkvm_disown_pages hypercall that the host kernel may use to deny its
future self access to those pages before deprivileging itself.
Signed-off-by: Peter Collingbourne <pcc@google.com>
---
v2:
- refcount the PTEs owned by NOBODY
arch/arm64/include/asm/kvm_asm.h | 1 +
arch/arm64/kvm/hyp/include/nvhe/mem_protect.h | 1 +
arch/arm64/kvm/hyp/include/nvhe/pkvm.h | 1 +
arch/arm64/kvm/hyp/nvhe/hyp-main.c | 9 +++++++++
arch/arm64/kvm/hyp/nvhe/mem_protect.c | 11 +++++++++++
5 files changed, 23 insertions(+)
diff --git a/arch/arm64/include/asm/kvm_asm.h b/arch/arm64/include/asm/kvm_asm.h
index 411cfbe3ebbd..1a177d9ed517 100644
--- a/arch/arm64/include/asm/kvm_asm.h
+++ b/arch/arm64/include/asm/kvm_asm.h
@@ -63,6 +63,7 @@ enum __kvm_host_smccc_func {
__KVM_HOST_SMCCC_FUNC___kvm_tlb_flush_vmid_ipa,
__KVM_HOST_SMCCC_FUNC___kvm_tlb_flush_vmid,
__KVM_HOST_SMCCC_FUNC___kvm_flush_cpu_context,
+ __KVM_HOST_SMCCC_FUNC___pkvm_disown_pages,
__KVM_HOST_SMCCC_FUNC___pkvm_prot_finalize,
/* Hypercalls available after pKVM finalisation */
diff --git a/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h b/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h
index e0bbb1726fa3..e88a9dab9cd5 100644
--- a/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h
+++ b/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h
@@ -58,6 +58,7 @@ enum pkvm_component_id {
PKVM_ID_HOST,
PKVM_ID_HYP,
PKVM_ID_GUEST,
+ PKVM_ID_NOBODY,
};
extern unsigned long hyp_nr_cpus;
diff --git a/arch/arm64/kvm/hyp/include/nvhe/pkvm.h b/arch/arm64/kvm/hyp/include/nvhe/pkvm.h
index c1987115b217..fbd991a46ab3 100644
--- a/arch/arm64/kvm/hyp/include/nvhe/pkvm.h
+++ b/arch/arm64/kvm/hyp/include/nvhe/pkvm.h
@@ -98,6 +98,7 @@ int __pkvm_init_shadow(struct kvm *kvm,
unsigned long pgd_hva,
unsigned long last_ran_hva, size_t last_ran_size);
int __pkvm_teardown_shadow(unsigned int shadow_handle);
+int __pkvm_disown_pages(phys_addr_t phys, size_t size);
struct kvm_shadow_vcpu_state *
pkvm_load_shadow_vcpu_state(unsigned int shadow_handle, unsigned int vcpu_idx);
diff --git a/arch/arm64/kvm/hyp/nvhe/hyp-main.c b/arch/arm64/kvm/hyp/nvhe/hyp-main.c
index e575224244e6..0dab343734e8 100644
--- a/arch/arm64/kvm/hyp/nvhe/hyp-main.c
+++ b/arch/arm64/kvm/hyp/nvhe/hyp-main.c
@@ -1031,6 +1031,14 @@ static void handle___pkvm_teardown_shadow(struct kvm_cpu_context *host_ctxt)
cpu_reg(host_ctxt, 1) = __pkvm_teardown_shadow(shadow_handle);
}
+static void handle___pkvm_disown_pages(struct kvm_cpu_context *host_ctxt)
+{
+ DECLARE_REG(phys_addr_t, phys, host_ctxt, 1);
+ DECLARE_REG(size_t, size, host_ctxt, 2);
+
+ cpu_reg(host_ctxt, 1) = __pkvm_disown_pages(phys, size);
+}
+
typedef void (*hcall_t)(struct kvm_cpu_context *);
#define HANDLE_FUNC(x) [__KVM_HOST_SMCCC_FUNC_##x] = (hcall_t)handle_##x
@@ -1048,6 +1056,7 @@ static const hcall_t host_hcall[] = {
HANDLE_FUNC(__kvm_tlb_flush_vmid_ipa),
HANDLE_FUNC(__kvm_tlb_flush_vmid),
HANDLE_FUNC(__kvm_flush_cpu_context),
+ HANDLE_FUNC(__pkvm_disown_pages),
HANDLE_FUNC(__pkvm_prot_finalize),
HANDLE_FUNC(__pkvm_host_share_hyp),
diff --git a/arch/arm64/kvm/hyp/nvhe/mem_protect.c b/arch/arm64/kvm/hyp/nvhe/mem_protect.c
index d839bb573b49..b3a2ad8454cc 100644
--- a/arch/arm64/kvm/hyp/nvhe/mem_protect.c
+++ b/arch/arm64/kvm/hyp/nvhe/mem_protect.c
@@ -1756,3 +1756,14 @@ int __pkvm_host_reclaim_page(u64 pfn)
return ret;
}
+
+int __pkvm_disown_pages(phys_addr_t phys, size_t size)
+{
+ int ret;
+
+ host_lock_component();
+ ret = host_stage2_set_owner_locked(phys, size, PKVM_ID_NOBODY);
+ host_unlock_component();
+
+ return ret;
+}
--
2.37.0.144.g8ac04bfd2-goog
_______________________________________________
kvmarm mailing list
kvmarm@lists.cs.columbia.edu
https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
WARNING: multiple messages have this Message-ID (diff)
From: Peter Collingbourne <pcc@google.com>
To: kvmarm@lists.cs.columbia.edu
Cc: Peter Collingbourne <pcc@google.com>,
Marc Zyngier <maz@kernel.org>,
kvm@vger.kernel.org, Andy Lutomirski <luto@amacapital.net>,
linux-arm-kernel@lists.infradead.org,
Michael Roth <michael.roth@amd.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Chao Peng <chao.p.peng@linux.intel.com>,
Will Deacon <will@kernel.org>,
Evgenii Stepanov <eugenis@google.com>
Subject: [PATCH v2 1/3] KVM: arm64: add a hypercall for disowning pages
Date: Fri, 8 Jul 2022 14:21:04 -0700 [thread overview]
Message-ID: <20220708212106.325260-2-pcc@google.com> (raw)
In-Reply-To: <20220708212106.325260-1-pcc@google.com>
Currently we only deny the host access to hyp and guest pages. However,
there may be other pages that could potentially be used to indirectly
compromise the hypervisor or the other guests. Therefore introduce a
__pkvm_disown_pages hypercall that the host kernel may use to deny its
future self access to those pages before deprivileging itself.
Signed-off-by: Peter Collingbourne <pcc@google.com>
---
v2:
- refcount the PTEs owned by NOBODY
arch/arm64/include/asm/kvm_asm.h | 1 +
arch/arm64/kvm/hyp/include/nvhe/mem_protect.h | 1 +
arch/arm64/kvm/hyp/include/nvhe/pkvm.h | 1 +
arch/arm64/kvm/hyp/nvhe/hyp-main.c | 9 +++++++++
arch/arm64/kvm/hyp/nvhe/mem_protect.c | 11 +++++++++++
5 files changed, 23 insertions(+)
diff --git a/arch/arm64/include/asm/kvm_asm.h b/arch/arm64/include/asm/kvm_asm.h
index 411cfbe3ebbd..1a177d9ed517 100644
--- a/arch/arm64/include/asm/kvm_asm.h
+++ b/arch/arm64/include/asm/kvm_asm.h
@@ -63,6 +63,7 @@ enum __kvm_host_smccc_func {
__KVM_HOST_SMCCC_FUNC___kvm_tlb_flush_vmid_ipa,
__KVM_HOST_SMCCC_FUNC___kvm_tlb_flush_vmid,
__KVM_HOST_SMCCC_FUNC___kvm_flush_cpu_context,
+ __KVM_HOST_SMCCC_FUNC___pkvm_disown_pages,
__KVM_HOST_SMCCC_FUNC___pkvm_prot_finalize,
/* Hypercalls available after pKVM finalisation */
diff --git a/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h b/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h
index e0bbb1726fa3..e88a9dab9cd5 100644
--- a/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h
+++ b/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h
@@ -58,6 +58,7 @@ enum pkvm_component_id {
PKVM_ID_HOST,
PKVM_ID_HYP,
PKVM_ID_GUEST,
+ PKVM_ID_NOBODY,
};
extern unsigned long hyp_nr_cpus;
diff --git a/arch/arm64/kvm/hyp/include/nvhe/pkvm.h b/arch/arm64/kvm/hyp/include/nvhe/pkvm.h
index c1987115b217..fbd991a46ab3 100644
--- a/arch/arm64/kvm/hyp/include/nvhe/pkvm.h
+++ b/arch/arm64/kvm/hyp/include/nvhe/pkvm.h
@@ -98,6 +98,7 @@ int __pkvm_init_shadow(struct kvm *kvm,
unsigned long pgd_hva,
unsigned long last_ran_hva, size_t last_ran_size);
int __pkvm_teardown_shadow(unsigned int shadow_handle);
+int __pkvm_disown_pages(phys_addr_t phys, size_t size);
struct kvm_shadow_vcpu_state *
pkvm_load_shadow_vcpu_state(unsigned int shadow_handle, unsigned int vcpu_idx);
diff --git a/arch/arm64/kvm/hyp/nvhe/hyp-main.c b/arch/arm64/kvm/hyp/nvhe/hyp-main.c
index e575224244e6..0dab343734e8 100644
--- a/arch/arm64/kvm/hyp/nvhe/hyp-main.c
+++ b/arch/arm64/kvm/hyp/nvhe/hyp-main.c
@@ -1031,6 +1031,14 @@ static void handle___pkvm_teardown_shadow(struct kvm_cpu_context *host_ctxt)
cpu_reg(host_ctxt, 1) = __pkvm_teardown_shadow(shadow_handle);
}
+static void handle___pkvm_disown_pages(struct kvm_cpu_context *host_ctxt)
+{
+ DECLARE_REG(phys_addr_t, phys, host_ctxt, 1);
+ DECLARE_REG(size_t, size, host_ctxt, 2);
+
+ cpu_reg(host_ctxt, 1) = __pkvm_disown_pages(phys, size);
+}
+
typedef void (*hcall_t)(struct kvm_cpu_context *);
#define HANDLE_FUNC(x) [__KVM_HOST_SMCCC_FUNC_##x] = (hcall_t)handle_##x
@@ -1048,6 +1056,7 @@ static const hcall_t host_hcall[] = {
HANDLE_FUNC(__kvm_tlb_flush_vmid_ipa),
HANDLE_FUNC(__kvm_tlb_flush_vmid),
HANDLE_FUNC(__kvm_flush_cpu_context),
+ HANDLE_FUNC(__pkvm_disown_pages),
HANDLE_FUNC(__pkvm_prot_finalize),
HANDLE_FUNC(__pkvm_host_share_hyp),
diff --git a/arch/arm64/kvm/hyp/nvhe/mem_protect.c b/arch/arm64/kvm/hyp/nvhe/mem_protect.c
index d839bb573b49..b3a2ad8454cc 100644
--- a/arch/arm64/kvm/hyp/nvhe/mem_protect.c
+++ b/arch/arm64/kvm/hyp/nvhe/mem_protect.c
@@ -1756,3 +1756,14 @@ int __pkvm_host_reclaim_page(u64 pfn)
return ret;
}
+
+int __pkvm_disown_pages(phys_addr_t phys, size_t size)
+{
+ int ret;
+
+ host_lock_component();
+ ret = host_stage2_set_owner_locked(phys, size, PKVM_ID_NOBODY);
+ host_unlock_component();
+
+ return ret;
+}
--
2.37.0.144.g8ac04bfd2-goog
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
WARNING: multiple messages have this Message-ID (diff)
From: Peter Collingbourne <pcc@google.com>
To: kvmarm@lists.cs.columbia.edu
Cc: Peter Collingbourne <pcc@google.com>,
Marc Zyngier <maz@kernel.org>,
kvm@vger.kernel.org, Andy Lutomirski <luto@amacapital.net>,
linux-arm-kernel@lists.infradead.org,
Michael Roth <michael.roth@amd.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Chao Peng <chao.p.peng@linux.intel.com>,
Will Deacon <will@kernel.org>,
Evgenii Stepanov <eugenis@google.com>
Subject: [PATCH v2 1/3] KVM: arm64: add a hypercall for disowning pages
Date: Fri, 8 Jul 2022 14:21:04 -0700 [thread overview]
Message-ID: <20220708212106.325260-2-pcc@google.com> (raw)
In-Reply-To: <20220708212106.325260-1-pcc@google.com>
Currently we only deny the host access to hyp and guest pages. However,
there may be other pages that could potentially be used to indirectly
compromise the hypervisor or the other guests. Therefore introduce a
__pkvm_disown_pages hypercall that the host kernel may use to deny its
future self access to those pages before deprivileging itself.
Signed-off-by: Peter Collingbourne <pcc@google.com>
---
v2:
- refcount the PTEs owned by NOBODY
arch/arm64/include/asm/kvm_asm.h | 1 +
arch/arm64/kvm/hyp/include/nvhe/mem_protect.h | 1 +
arch/arm64/kvm/hyp/include/nvhe/pkvm.h | 1 +
arch/arm64/kvm/hyp/nvhe/hyp-main.c | 9 +++++++++
arch/arm64/kvm/hyp/nvhe/mem_protect.c | 11 +++++++++++
5 files changed, 23 insertions(+)
diff --git a/arch/arm64/include/asm/kvm_asm.h b/arch/arm64/include/asm/kvm_asm.h
index 411cfbe3ebbd..1a177d9ed517 100644
--- a/arch/arm64/include/asm/kvm_asm.h
+++ b/arch/arm64/include/asm/kvm_asm.h
@@ -63,6 +63,7 @@ enum __kvm_host_smccc_func {
__KVM_HOST_SMCCC_FUNC___kvm_tlb_flush_vmid_ipa,
__KVM_HOST_SMCCC_FUNC___kvm_tlb_flush_vmid,
__KVM_HOST_SMCCC_FUNC___kvm_flush_cpu_context,
+ __KVM_HOST_SMCCC_FUNC___pkvm_disown_pages,
__KVM_HOST_SMCCC_FUNC___pkvm_prot_finalize,
/* Hypercalls available after pKVM finalisation */
diff --git a/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h b/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h
index e0bbb1726fa3..e88a9dab9cd5 100644
--- a/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h
+++ b/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h
@@ -58,6 +58,7 @@ enum pkvm_component_id {
PKVM_ID_HOST,
PKVM_ID_HYP,
PKVM_ID_GUEST,
+ PKVM_ID_NOBODY,
};
extern unsigned long hyp_nr_cpus;
diff --git a/arch/arm64/kvm/hyp/include/nvhe/pkvm.h b/arch/arm64/kvm/hyp/include/nvhe/pkvm.h
index c1987115b217..fbd991a46ab3 100644
--- a/arch/arm64/kvm/hyp/include/nvhe/pkvm.h
+++ b/arch/arm64/kvm/hyp/include/nvhe/pkvm.h
@@ -98,6 +98,7 @@ int __pkvm_init_shadow(struct kvm *kvm,
unsigned long pgd_hva,
unsigned long last_ran_hva, size_t last_ran_size);
int __pkvm_teardown_shadow(unsigned int shadow_handle);
+int __pkvm_disown_pages(phys_addr_t phys, size_t size);
struct kvm_shadow_vcpu_state *
pkvm_load_shadow_vcpu_state(unsigned int shadow_handle, unsigned int vcpu_idx);
diff --git a/arch/arm64/kvm/hyp/nvhe/hyp-main.c b/arch/arm64/kvm/hyp/nvhe/hyp-main.c
index e575224244e6..0dab343734e8 100644
--- a/arch/arm64/kvm/hyp/nvhe/hyp-main.c
+++ b/arch/arm64/kvm/hyp/nvhe/hyp-main.c
@@ -1031,6 +1031,14 @@ static void handle___pkvm_teardown_shadow(struct kvm_cpu_context *host_ctxt)
cpu_reg(host_ctxt, 1) = __pkvm_teardown_shadow(shadow_handle);
}
+static void handle___pkvm_disown_pages(struct kvm_cpu_context *host_ctxt)
+{
+ DECLARE_REG(phys_addr_t, phys, host_ctxt, 1);
+ DECLARE_REG(size_t, size, host_ctxt, 2);
+
+ cpu_reg(host_ctxt, 1) = __pkvm_disown_pages(phys, size);
+}
+
typedef void (*hcall_t)(struct kvm_cpu_context *);
#define HANDLE_FUNC(x) [__KVM_HOST_SMCCC_FUNC_##x] = (hcall_t)handle_##x
@@ -1048,6 +1056,7 @@ static const hcall_t host_hcall[] = {
HANDLE_FUNC(__kvm_tlb_flush_vmid_ipa),
HANDLE_FUNC(__kvm_tlb_flush_vmid),
HANDLE_FUNC(__kvm_flush_cpu_context),
+ HANDLE_FUNC(__pkvm_disown_pages),
HANDLE_FUNC(__pkvm_prot_finalize),
HANDLE_FUNC(__pkvm_host_share_hyp),
diff --git a/arch/arm64/kvm/hyp/nvhe/mem_protect.c b/arch/arm64/kvm/hyp/nvhe/mem_protect.c
index d839bb573b49..b3a2ad8454cc 100644
--- a/arch/arm64/kvm/hyp/nvhe/mem_protect.c
+++ b/arch/arm64/kvm/hyp/nvhe/mem_protect.c
@@ -1756,3 +1756,14 @@ int __pkvm_host_reclaim_page(u64 pfn)
return ret;
}
+
+int __pkvm_disown_pages(phys_addr_t phys, size_t size)
+{
+ int ret;
+
+ host_lock_component();
+ ret = host_stage2_set_owner_locked(phys, size, PKVM_ID_NOBODY);
+ host_unlock_component();
+
+ return ret;
+}
--
2.37.0.144.g8ac04bfd2-goog
next prev parent reply other threads:[~2022-07-11 9:43 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-07-08 21:21 [PATCH v2 0/3] KVM: arm64: support MTE in protected VMs Peter Collingbourne
2022-07-08 21:21 ` Peter Collingbourne
2022-07-08 21:21 ` Peter Collingbourne
2022-07-08 21:21 ` Peter Collingbourne [this message]
2022-07-08 21:21 ` [PATCH v2 1/3] KVM: arm64: add a hypercall for disowning pages Peter Collingbourne
2022-07-08 21:21 ` Peter Collingbourne
2022-07-08 21:21 ` [PATCH v2 2/3] KVM: arm64: disown unused reserved-memory regions Peter Collingbourne
2022-07-08 21:21 ` Peter Collingbourne
2022-07-08 21:21 ` Peter Collingbourne
2022-07-08 21:21 ` [PATCH v2 3/3] KVM: arm64: allow MTE in protected VMs if the tag storage is known Peter Collingbourne
2022-07-08 21:21 ` Peter Collingbourne
2022-07-08 21:21 ` Peter Collingbourne
2022-07-09 1:50 ` [PATCH v2 0/3] KVM: arm64: support MTE in protected VMs Itaru Kitayama
2022-07-19 14:50 ` Cornelia Huck
2022-07-19 14:50 ` Cornelia Huck
2022-07-19 14:50 ` Cornelia Huck
2022-07-20 1:06 ` Peter Collingbourne
2022-07-20 1:06 ` Peter Collingbourne
2022-07-20 1:06 ` Peter Collingbourne
2022-07-20 16:21 ` Cornelia Huck
2022-07-20 16:21 ` Cornelia Huck
2022-07-20 16:21 ` Cornelia Huck
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220708212106.325260-2-pcc@google.com \
--to=pcc@google.com \
--cc=catalin.marinas@arm.com \
--cc=chao.p.peng@linux.intel.com \
--cc=eugenis@google.com \
--cc=kvm@vger.kernel.org \
--cc=kvmarm@lists.cs.columbia.edu \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=luto@amacapital.net \
--cc=maz@kernel.org \
--cc=michael.roth@amd.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.