[PATCH 0/2] KVM: arm64: Simplify handling of GICv3 hardware with broken SEIS

[PATCH 0/2] KVM: arm64: Simplify handling of GICv3 hardware with broken SEIS

[Will Deacon]

Hi folks,

While looking at reducing the host memory mapped into pKVM at EL2, I
noticed that the GICv3 CPU interface emulation for hardware with broken
SEIS implementations can be simplified and the corresponding mapping of
'kvm_vgic_global_state' can be dropped.

Please have a look!

Cheers,

Will

Cc: Marc Zyngier <maz@kernel.org>
Cc: Oliver Upton <oliver.upton@linux.dev>
Cc: Joey Gouly <joey.gouly@arm.com>
Cc: Fuad Tabba <tabba@google.com>
Cc: kvmarm@lists.linux.dev

--->8

Will Deacon (2):
  KVM: arm64: Just advertise SEIS as 0 when emulating ICC_CTLR_EL1
  KVM: arm64: Don't map 'kvm_vgic_global_state' at EL2 with pKVM

 arch/arm64/kvm/hyp/nvhe/setup.c | 17 -----------------
 arch/arm64/kvm/hyp/vgic-v3-sr.c |  3 ---
 2 files changed, 20 deletions(-)

-- 
2.47.0.105.g07ac214952-goog

[PATCH 1/2] KVM: arm64: Just advertise SEIS as 0 when emulating ICC_CTLR_EL1

[Will Deacon]

ICC_CTLR_EL1 accesses from a guest are trapped and emulated on systems
with broken SEIS support and without FEAT_GICv3_TDIR. On such systems,
we mask SEIS support in 'kvm_vgic_global_state.ich_vtr_el2' and so the
value of ICC_CTLR_EL1.SEIS visible to the guest is always zero.

Simplify the ICC_CTLR_EL1 read emulation to return 0 for the SEIS field,
rather than reading an always-zero value from the global state.

Cc: Marc Zyngier <maz@kernel.org>
Cc: Oliver Upton <oliver.upton@linux.dev>
Signed-off-by: Will Deacon <will@kernel.org>
---
 arch/arm64/kvm/hyp/vgic-v3-sr.c | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/arch/arm64/kvm/hyp/vgic-v3-sr.c b/arch/arm64/kvm/hyp/vgic-v3-sr.c
index 18d4677002b1..3f9741e51d41 100644
--- a/arch/arm64/kvm/hyp/vgic-v3-sr.c
+++ b/arch/arm64/kvm/hyp/vgic-v3-sr.c
@@ -1012,9 +1012,6 @@ static void __vgic_v3_read_ctlr(struct kvm_vcpu *vcpu, u32 vmcr, int rt)
 	val = ((vtr >> 29) & 7) << ICC_CTLR_EL1_PRI_BITS_SHIFT;
 	/* IDbits */
 	val |= ((vtr >> 23) & 7) << ICC_CTLR_EL1_ID_BITS_SHIFT;
-	/* SEIS */
-	if (kvm_vgic_global_state.ich_vtr_el2 & ICH_VTR_SEIS_MASK)
-		val |= BIT(ICC_CTLR_EL1_SEIS_SHIFT);
 	/* A3V */
 	val |= ((vtr >> 21) & 1) << ICC_CTLR_EL1_A3V_SHIFT;
 	/* EOImode */
-- 
2.47.0.105.g07ac214952-goog

[PATCH 2/2] KVM: arm64: Don't map 'kvm_vgic_global_state' at EL2 with pKVM

[Will Deacon]

Now that 'kvm_vgic_global_state' is no longer needed for ICC_CTLR_EL1
emulation on machines with a broken SEIS implementation, drop the
pKVM hypervisor mapping of the page.

Cc: Marc Zyngier <maz@kernel.org>
Cc: Oliver Upton <oliver.upton@linux.dev>
Signed-off-by: Will Deacon <will@kernel.org>
---
 arch/arm64/kvm/hyp/nvhe/setup.c | 17 -----------------
 1 file changed, 17 deletions(-)

diff --git a/arch/arm64/kvm/hyp/nvhe/setup.c b/arch/arm64/kvm/hyp/nvhe/setup.c
index 174007f3fadd..8fec099c2775 100644
--- a/arch/arm64/kvm/hyp/nvhe/setup.c
+++ b/arch/arm64/kvm/hyp/nvhe/setup.c
@@ -95,7 +95,6 @@ static int recreate_hyp_mappings(phys_addr_t phys, unsigned long size,
 {
 	void *start, *end, *virt = hyp_phys_to_virt(phys);
 	unsigned long pgt_size = hyp_s1_pgtable_pages() << PAGE_SHIFT;
-	enum kvm_pgtable_prot prot;
 	int ret, i;
 
 	/* Recreate the hyp page-table using the early page allocator */
@@ -148,22 +147,6 @@ static int recreate_hyp_mappings(phys_addr_t phys, unsigned long size,
 	}
 
 	pkvm_create_host_sve_mappings();
-
-	/*
-	 * Map the host sections RO in the hypervisor, but transfer the
-	 * ownership from the host to the hypervisor itself to make sure they
-	 * can't be donated or shared with another entity.
-	 *
-	 * The ownership transition requires matching changes in the host
-	 * stage-2. This will be done later (see finalize_host_mappings()) once
-	 * the hyp_vmemmap is addressable.
-	 */
-	prot = pkvm_mkstate(PAGE_HYP_RO, PKVM_PAGE_SHARED_OWNED);
-	ret = pkvm_create_mappings(&kvm_vgic_global_state,
-				   &kvm_vgic_global_state + 1, prot);
-	if (ret)
-		return ret;
-
 	return 0;
 }
 
-- 
2.47.0.105.g07ac214952-goog

Re: [PATCH 1/2] KVM: arm64: Just advertise SEIS as 0 when emulating ICC_CTLR_EL1

[Marc Zyngier]

On Tue, 22 Oct 2024 15:40:15 +0100,
Will Deacon <will@kernel.org> wrote:
> 
> ICC_CTLR_EL1 accesses from a guest are trapped and emulated on systems
> with broken SEIS support and without FEAT_GICv3_TDIR. On such systems,
> we mask SEIS support in 'kvm_vgic_global_state.ich_vtr_el2' and so the
> value of ICC_CTLR_EL1.SEIS visible to the guest is always zero.
>
> Simplify the ICC_CTLR_EL1 read emulation to return 0 for the SEIS field,
> rather than reading an always-zero value from the global state.
> 
> Cc: Marc Zyngier <maz@kernel.org>
> Cc: Oliver Upton <oliver.upton@linux.dev>
> Signed-off-by: Will Deacon <will@kernel.org>
> ---
>  arch/arm64/kvm/hyp/vgic-v3-sr.c | 3 ---
>  1 file changed, 3 deletions(-)
> 
> diff --git a/arch/arm64/kvm/hyp/vgic-v3-sr.c b/arch/arm64/kvm/hyp/vgic-v3-sr.c
> index 18d4677002b1..3f9741e51d41 100644
> --- a/arch/arm64/kvm/hyp/vgic-v3-sr.c
> +++ b/arch/arm64/kvm/hyp/vgic-v3-sr.c
> @@ -1012,9 +1012,6 @@ static void __vgic_v3_read_ctlr(struct kvm_vcpu *vcpu, u32 vmcr, int rt)
>  	val = ((vtr >> 29) & 7) << ICC_CTLR_EL1_PRI_BITS_SHIFT;
>  	/* IDbits */
>  	val |= ((vtr >> 23) & 7) << ICC_CTLR_EL1_ID_BITS_SHIFT;
> -	/* SEIS */
> -	if (kvm_vgic_global_state.ich_vtr_el2 & ICH_VTR_SEIS_MASK)
> -		val |= BIT(ICC_CTLR_EL1_SEIS_SHIFT);
>  	/* A3V */
>  	val |= ((vtr >> 21) & 1) << ICC_CTLR_EL1_A3V_SHIFT;
>  	/* EOImode */

Reviewed-by: Marc Zyngier <maz@kernel.org>

	M.

-- 
Without deviation from the norm, progress is not possible.

Re: [PATCH 2/2] KVM: arm64: Don't map 'kvm_vgic_global_state' at EL2 with pKVM

[Marc Zyngier]

On Tue, 22 Oct 2024 15:40:16 +0100,
Will Deacon <will@kernel.org> wrote:
> 
> Now that 'kvm_vgic_global_state' is no longer needed for ICC_CTLR_EL1
> emulation on machines with a broken SEIS implementation, drop the
> pKVM hypervisor mapping of the page.
> 
> Cc: Marc Zyngier <maz@kernel.org>
> Cc: Oliver Upton <oliver.upton@linux.dev>
> Signed-off-by: Will Deacon <will@kernel.org>
> ---
>  arch/arm64/kvm/hyp/nvhe/setup.c | 17 -----------------
>  1 file changed, 17 deletions(-)
> 
> diff --git a/arch/arm64/kvm/hyp/nvhe/setup.c b/arch/arm64/kvm/hyp/nvhe/setup.c
> index 174007f3fadd..8fec099c2775 100644
> --- a/arch/arm64/kvm/hyp/nvhe/setup.c
> +++ b/arch/arm64/kvm/hyp/nvhe/setup.c
> @@ -95,7 +95,6 @@ static int recreate_hyp_mappings(phys_addr_t phys, unsigned long size,
>  {
>  	void *start, *end, *virt = hyp_phys_to_virt(phys);
>  	unsigned long pgt_size = hyp_s1_pgtable_pages() << PAGE_SHIFT;
> -	enum kvm_pgtable_prot prot;
>  	int ret, i;
>  
>  	/* Recreate the hyp page-table using the early page allocator */
> @@ -148,22 +147,6 @@ static int recreate_hyp_mappings(phys_addr_t phys, unsigned long size,
>  	}
>  
>  	pkvm_create_host_sve_mappings();
> -
> -	/*
> -	 * Map the host sections RO in the hypervisor, but transfer the
> -	 * ownership from the host to the hypervisor itself to make sure they
> -	 * can't be donated or shared with another entity.
> -	 *
> -	 * The ownership transition requires matching changes in the host
> -	 * stage-2. This will be done later (see finalize_host_mappings()) once
> -	 * the hyp_vmemmap is addressable.
> -	 */
> -	prot = pkvm_mkstate(PAGE_HYP_RO, PKVM_PAGE_SHARED_OWNED);
> -	ret = pkvm_create_mappings(&kvm_vgic_global_state,
> -				   &kvm_vgic_global_state + 1, prot);
> -	if (ret)
> -		return ret;
> -
>  	return 0;
>  }

Maybe add a note indicating that nVHE/hVHE still have that particular
mapping via the rodata section?

Reviewed-by: Marc Zyngier <maz@kernel.org>

	M.

-- 
Without deviation from the norm, progress is not possible.

Re: [PATCH 2/2] KVM: arm64: Don't map 'kvm_vgic_global_state' at EL2 with pKVM

[Will Deacon]

On Tue, Oct 22, 2024 at 06:01:17PM +0100, Marc Zyngier wrote:
> On Tue, 22 Oct 2024 15:40:16 +0100,
> Will Deacon <will@kernel.org> wrote:
> > 
> > Now that 'kvm_vgic_global_state' is no longer needed for ICC_CTLR_EL1
> > emulation on machines with a broken SEIS implementation, drop the
> > pKVM hypervisor mapping of the page.
> > 
> > Cc: Marc Zyngier <maz@kernel.org>
> > Cc: Oliver Upton <oliver.upton@linux.dev>
> > Signed-off-by: Will Deacon <will@kernel.org>
> > ---
> >  arch/arm64/kvm/hyp/nvhe/setup.c | 17 -----------------
> >  1 file changed, 17 deletions(-)
> > 
> > diff --git a/arch/arm64/kvm/hyp/nvhe/setup.c b/arch/arm64/kvm/hyp/nvhe/setup.c
> > index 174007f3fadd..8fec099c2775 100644
> > --- a/arch/arm64/kvm/hyp/nvhe/setup.c
> > +++ b/arch/arm64/kvm/hyp/nvhe/setup.c
> > @@ -95,7 +95,6 @@ static int recreate_hyp_mappings(phys_addr_t phys, unsigned long size,
> >  {
> >  	void *start, *end, *virt = hyp_phys_to_virt(phys);
> >  	unsigned long pgt_size = hyp_s1_pgtable_pages() << PAGE_SHIFT;
> > -	enum kvm_pgtable_prot prot;
> >  	int ret, i;
> >  
> >  	/* Recreate the hyp page-table using the early page allocator */
> > @@ -148,22 +147,6 @@ static int recreate_hyp_mappings(phys_addr_t phys, unsigned long size,
> >  	}
> >  
> >  	pkvm_create_host_sve_mappings();
> > -
> > -	/*
> > -	 * Map the host sections RO in the hypervisor, but transfer the
> > -	 * ownership from the host to the hypervisor itself to make sure they
> > -	 * can't be donated or shared with another entity.
> > -	 *
> > -	 * The ownership transition requires matching changes in the host
> > -	 * stage-2. This will be done later (see finalize_host_mappings()) once
> > -	 * the hyp_vmemmap is addressable.
> > -	 */
> > -	prot = pkvm_mkstate(PAGE_HYP_RO, PKVM_PAGE_SHARED_OWNED);
> > -	ret = pkvm_create_mappings(&kvm_vgic_global_state,
> > -				   &kvm_vgic_global_state + 1, prot);
> > -	if (ret)
> > -		return ret;
> > -
> >  	return 0;
> >  }
> 
> Maybe add a note indicating that nVHE/hVHE still have that particular
> mapping via the rodata section?

I can add something to the commit message, is that what you had in mind?

> Reviewed-by: Marc Zyngier <maz@kernel.org>

Thanks!

Will

Re: [PATCH 2/2] KVM: arm64: Don't map 'kvm_vgic_global_state' at EL2 with pKVM

[Marc Zyngier]

On Wed, 23 Oct 2024 17:39:08 +0100,
Will Deacon <will@kernel.org> wrote:
> 
> On Tue, Oct 22, 2024 at 06:01:17PM +0100, Marc Zyngier wrote:
> > On Tue, 22 Oct 2024 15:40:16 +0100,
> > Will Deacon <will@kernel.org> wrote:
> > > 
> > > Now that 'kvm_vgic_global_state' is no longer needed for ICC_CTLR_EL1
> > > emulation on machines with a broken SEIS implementation, drop the
> > > pKVM hypervisor mapping of the page.
> > > 
> > > Cc: Marc Zyngier <maz@kernel.org>
> > > Cc: Oliver Upton <oliver.upton@linux.dev>
> > > Signed-off-by: Will Deacon <will@kernel.org>
> > > ---
> > >  arch/arm64/kvm/hyp/nvhe/setup.c | 17 -----------------
> > >  1 file changed, 17 deletions(-)
> > > 
> > > diff --git a/arch/arm64/kvm/hyp/nvhe/setup.c b/arch/arm64/kvm/hyp/nvhe/setup.c
> > > index 174007f3fadd..8fec099c2775 100644
> > > --- a/arch/arm64/kvm/hyp/nvhe/setup.c
> > > +++ b/arch/arm64/kvm/hyp/nvhe/setup.c
> > > @@ -95,7 +95,6 @@ static int recreate_hyp_mappings(phys_addr_t phys, unsigned long size,
> > >  {
> > >  	void *start, *end, *virt = hyp_phys_to_virt(phys);
> > >  	unsigned long pgt_size = hyp_s1_pgtable_pages() << PAGE_SHIFT;
> > > -	enum kvm_pgtable_prot prot;
> > >  	int ret, i;
> > >  
> > >  	/* Recreate the hyp page-table using the early page allocator */
> > > @@ -148,22 +147,6 @@ static int recreate_hyp_mappings(phys_addr_t phys, unsigned long size,
> > >  	}
> > >  
> > >  	pkvm_create_host_sve_mappings();
> > > -
> > > -	/*
> > > -	 * Map the host sections RO in the hypervisor, but transfer the
> > > -	 * ownership from the host to the hypervisor itself to make sure they
> > > -	 * can't be donated or shared with another entity.
> > > -	 *
> > > -	 * The ownership transition requires matching changes in the host
> > > -	 * stage-2. This will be done later (see finalize_host_mappings()) once
> > > -	 * the hyp_vmemmap is addressable.
> > > -	 */
> > > -	prot = pkvm_mkstate(PAGE_HYP_RO, PKVM_PAGE_SHARED_OWNED);
> > > -	ret = pkvm_create_mappings(&kvm_vgic_global_state,
> > > -				   &kvm_vgic_global_state + 1, prot);
> > > -	if (ret)
> > > -		return ret;
> > > -
> > >  	return 0;
> > >  }
> > 
> > Maybe add a note indicating that nVHE/hVHE still have that particular
> > mapping via the rodata section?
> 
> I can add something to the commit message, is that what you had in mind?

Yes. But maybe Oliver can add that when applying the series?

Thanks,

	M.

-- 
Without deviation from the norm, progress is not possible.

Re: [PATCH 0/2] KVM: arm64: Simplify handling of GICv3 hardware with broken SEIS

[Oliver Upton]

On Tue, 22 Oct 2024 15:40:14 +0100, Will Deacon wrote:
> While looking at reducing the host memory mapped into pKVM at EL2, I
> noticed that the GICv3 CPU interface emulation for hardware with broken
> SEIS implementations can be simplified and the corresponding mapping of
> 'kvm_vgic_global_state' can be dropped.
> 
> Please have a look!
> 
> [...]

Included Marc's recommended changelog addition.

Applied to kvmarm/next, thanks!

[1/2] KVM: arm64: Just advertise SEIS as 0 when emulating ICC_CTLR_EL1
      https://git.kernel.org/kvmarm/kvmarm/c/ad361ed4771d
[2/2] KVM: arm64: Don't map 'kvm_vgic_global_state' at EL2 with pKVM
      https://git.kernel.org/kvmarm/kvmarm/c/8aaf3f7dce74

--
Best,
Oliver