From: Joey Gouly <joey.gouly@arm.com>
To: Steven Price <steven.price@arm.com>
Cc: kvm@vger.kernel.org, kvmarm@lists.linux.dev,
Catalin Marinas <catalin.marinas@arm.com>,
Marc Zyngier <maz@kernel.org>, Will Deacon <will@kernel.org>,
James Morse <james.morse@arm.com>,
Oliver Upton <oliver.upton@linux.dev>,
Suzuki K Poulose <suzuki.poulose@arm.com>,
Zenghui Yu <yuzenghui@huawei.com>,
linux-arm-kernel@lists.infradead.org,
linux-kernel@vger.kernel.org,
Alexandru Elisei <alexandru.elisei@arm.com>,
Christoffer Dall <christoffer.dall@arm.com>,
Fuad Tabba <tabba@google.com>,
linux-coco@lists.linux.dev,
Ganapatrao Kulkarni <gankulkarni@os.amperecomputing.com>,
Gavin Shan <gshan@redhat.com>,
Shanker Donthineni <sdonthineni@nvidia.com>,
Alper Gun <alpergun@google.com>,
"Aneesh Kumar K . V" <aneesh.kumar@kernel.org>,
Emi Kisanuki <fj0570is@fujitsu.com>,
Vishal Annapurve <vannapurve@google.com>
Subject: Re: [PATCH v13 37/48] arm64: RMI: Prevent Device mappings for Realms
Date: Thu, 19 Mar 2026 10:27:34 +0000 [thread overview]
Message-ID: <20260319102734.GC3942350@e124191.cambridge.arm.com> (raw)
In-Reply-To: <20260318155413.793430-38-steven.price@arm.com>
On Wed, Mar 18, 2026 at 03:54:01PM +0000, Steven Price wrote:
> Physical device assignment is not supported by RMM v1.0, so it
But we're targetting 2.0 now!
I guess just change it to something about device support being a later feature.
Thanks,
Joey
> doesn't make much sense to allow device mappings within the realm.
> Prevent them when the guest is a realm.
>
> Signed-off-by: Steven Price <steven.price@arm.com>
> ---
> Changes from v6:
> * Fix the check in user_mem_abort() to prevent all pages that are not
> guest_memfd() from being mapped into the protected half of the IPA.
> Changes from v5:
> * Also prevent accesses in user_mem_abort()
> ---
> arch/arm64/kvm/mmu.c | 13 +++++++++++++
> 1 file changed, 13 insertions(+)
>
> diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c
> index ad1300f366df..7d7caab8f573 100644
> --- a/arch/arm64/kvm/mmu.c
> +++ b/arch/arm64/kvm/mmu.c
> @@ -1222,6 +1222,10 @@ int kvm_phys_addr_ioremap(struct kvm *kvm, phys_addr_t guest_ipa,
> if (is_protected_kvm_enabled())
> return -EPERM;
>
> + /* We don't support mapping special pages into a Realm */
> + if (kvm_is_realm(kvm))
> + return -EPERM;
> +
> size += offset_in_page(guest_ipa);
> guest_ipa &= PAGE_MASK;
>
> @@ -1965,6 +1969,15 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa,
> return 1;
> }
>
> + /*
> + * For now we shouldn't be hitting protected addresses because they are
> + * handled in private_memslot_fault(). In the future this check may be
> + * relaxed to support e.g. protected devices.
> + */
> + if (vcpu_is_rec(vcpu) &&
> + kvm_gpa_from_fault(kvm, fault_ipa) == fault_ipa)
> + return -EINVAL;
> +
> if (nested)
> adjust_nested_fault_perms(nested, &prot, &writable);
>
> --
> 2.43.0
>
>
next prev parent reply other threads:[~2026-03-19 10:27 UTC|newest]
Thread overview: 133+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-18 15:53 [PATCH v13 00/48] arm64: Support for Arm CCA in KVM Steven Price
2026-03-18 15:53 ` [PATCH v13 01/48] kvm: arm64: Include kvm_emulate.h in kvm/arm_psci.h Steven Price
2026-03-18 15:53 ` [PATCH v13 02/48] kvm: arm64: Avoid including linux/kvm_host.h in kvm_pgtable.h Steven Price
2026-03-18 15:53 ` [PATCH v13 03/48] arm64: RME: Handle Granule Protection Faults (GPFs) Steven Price
2026-03-18 15:53 ` [PATCH v13 04/48] arm64: RMI: Add SMC definitions for calling the RMM Steven Price
2026-03-18 16:07 ` Joey Gouly
2026-03-18 17:07 ` Steven Price
2026-03-18 15:53 ` [PATCH v13 05/48] arm64: RMI: Temporarily add SMCs from RMM v1.0 spec Steven Price
2026-03-21 13:21 ` Marc Zyngier
2026-03-23 10:30 ` Suzuki K Poulose
2026-03-18 15:53 ` [PATCH v13 06/48] arm64: RMI: Add wrappers for RMI calls Steven Price
2026-03-18 15:53 ` [PATCH v13 07/48] arm64: RMI: Check for RMI support at KVM init Steven Price
2026-03-19 10:38 ` Suzuki K Poulose
2026-03-19 12:47 ` Steven Price
2026-03-19 16:17 ` Wei-Lin Chang
2026-03-19 16:42 ` Steven Price
2026-03-19 18:05 ` Wei-Lin Chang
2026-03-20 16:01 ` Steven Price
2026-03-18 15:53 ` [PATCH v13 08/48] arm64: RMI: Configure the RMM with the host's page size Steven Price
2026-03-18 15:53 ` [PATCH v13 09/48] arm64: RMI: Check for LPA2 support Steven Price
2026-03-18 15:53 ` [PATCH v13 10/48] arm64: RMI: Ensure that the RMM has GPT entries for memory Steven Price
2026-03-19 10:31 ` Suzuki K Poulose
2026-03-19 15:20 ` Steven Price
2026-03-19 10:41 ` Suzuki K Poulose
2026-03-30 20:58 ` Mathieu Poirier
2026-03-31 11:05 ` Suzuki K Poulose
2026-03-31 17:43 ` Mathieu Poirier
2026-03-18 15:53 ` [PATCH v13 11/48] arm64: RMI: Define the user ABI Steven Price
2026-03-18 15:53 ` [PATCH v13 12/48] arm64: RMI: Basic infrastructure for creating a realm Steven Price
2026-03-19 16:11 ` Wei-Lin Chang
2026-03-19 16:24 ` Steven Price
2026-03-19 17:17 ` Wei-Lin Chang
2026-03-20 16:07 ` Steven Price
2026-03-21 16:34 ` Wei-Lin Chang
2026-04-01 10:54 ` Steven Price
2026-03-18 15:53 ` [PATCH v13 13/48] kvm: arm64: Don't expose unsupported capabilities for realm guests Steven Price
2026-03-19 14:09 ` Suzuki K Poulose
2026-03-19 15:25 ` Steven Price
2026-03-18 15:53 ` [PATCH v13 14/48] KVM: arm64: Allow passing machine type in KVM creation Steven Price
2026-03-18 15:53 ` [PATCH v13 15/48] arm64: RMI: RTT tear down Steven Price
2026-03-19 17:35 ` Wei-Lin Chang
2026-03-20 16:12 ` Steven Price
2026-03-21 13:04 ` Wei-Lin Chang
2026-04-10 15:11 ` Steven Price
2026-03-20 10:37 ` Suzuki K Poulose
2026-03-20 16:14 ` Steven Price
2026-03-18 15:53 ` [PATCH v13 16/48] arm64: RMI: Activate realm on first VCPU run Steven Price
2026-03-18 15:53 ` [PATCH v13 17/48] arm64: RMI: Allocate/free RECs to match vCPUs Steven Price
2026-03-19 18:10 ` Wei-Lin Chang
2026-03-20 16:26 ` Steven Price
2026-03-23 11:56 ` Suzuki K Poulose
2026-03-18 15:53 ` [PATCH v13 18/48] arm64: RMI: Support for the VGIC in realms Steven Price
2026-03-18 15:53 ` [PATCH v13 19/48] KVM: arm64: Support timers in realm RECs Steven Price
2026-03-18 15:53 ` [PATCH v13 20/48] arm64: RMI: Handle realm enter/exit Steven Price
2026-03-20 14:08 ` Suzuki K Poulose
2026-03-20 16:32 ` Steven Price
2026-03-23 10:03 ` Suzuki K Poulose
2026-04-10 15:11 ` Steven Price
2026-03-18 15:53 ` [PATCH v13 21/48] arm64: RMI: Handle RMI_EXIT_RIPAS_CHANGE Steven Price
2026-03-20 11:15 ` Suzuki K Poulose
2026-04-10 15:12 ` Steven Price
2026-03-18 15:53 ` [PATCH v13 22/48] KVM: arm64: Handle realm MMIO emulation Steven Price
2026-03-18 15:53 ` [PATCH v13 23/48] KVM: arm64: Expose support for private memory Steven Price
2026-03-19 19:01 ` Wei-Lin Chang
2026-03-20 16:39 ` Steven Price
2026-03-18 15:53 ` [PATCH v13 24/48] arm64: RMI: Allow populating initial contents Steven Price
2026-03-23 11:32 ` Suzuki K Poulose
2026-04-10 15:12 ` Steven Price
2026-03-18 15:53 ` [PATCH v13 25/48] arm64: RMI: Set RIPAS of initial memslots Steven Price
2026-03-18 15:53 ` [PATCH v13 26/48] arm64: RMI: Create the realm descriptor Steven Price
2026-03-19 18:25 ` Wei-Lin Chang
2026-03-20 16:41 ` Steven Price
2026-03-21 16:20 ` Wei-Lin Chang
2026-03-18 15:53 ` [PATCH v13 27/48] arm64: RMI: Runtime faulting of memory Steven Price
2026-03-19 18:41 ` Wei-Lin Chang
2026-03-20 16:44 ` Steven Price
2026-03-18 15:53 ` [PATCH v13 28/48] KVM: arm64: Handle realm VCPU load Steven Price
2026-03-18 15:53 ` [PATCH v13 29/48] KVM: arm64: Validate register access for a Realm VM Steven Price
2026-03-18 15:53 ` [PATCH v13 30/48] KVM: arm64: Handle Realm PSCI requests Steven Price
2026-03-30 10:36 ` Suzuki K Poulose
2026-03-18 15:53 ` [PATCH v13 31/48] KVM: arm64: WARN on injected undef exceptions Steven Price
2026-03-30 10:50 ` Suzuki K Poulose
2026-03-18 15:53 ` [PATCH v13 32/48] arm64: Don't expose stolen time for realm guests Steven Price
2026-03-30 10:52 ` Suzuki K Poulose
2026-04-10 15:12 ` Steven Price
2026-03-18 15:53 ` [PATCH v13 33/48] arm64: RMI: allow userspace to inject aborts Steven Price
2026-03-18 15:53 ` [PATCH v13 34/48] arm64: RMI: support RSI_HOST_CALL Steven Price
2026-03-30 10:58 ` Suzuki K Poulose
2026-03-18 15:53 ` [PATCH v13 35/48] arm64: RMI: Allow checking SVE on VM instance Steven Price
2026-03-18 15:54 ` [PATCH v13 36/48] arm64: RMI: Always use 4k pages for realms Steven Price
2026-03-19 10:24 ` Joey Gouly
2026-03-19 16:02 ` Steven Price
2026-03-18 15:54 ` [PATCH v13 37/48] arm64: RMI: Prevent Device mappings for Realms Steven Price
2026-03-19 10:27 ` Joey Gouly [this message]
2026-04-10 15:12 ` Steven Price
2026-03-19 18:46 ` Wei-Lin Chang
2026-03-20 16:45 ` Steven Price
2026-03-21 16:23 ` Wei-Lin Chang
2026-03-18 15:54 ` [PATCH v13 38/48] arm64: RMI: Enable PMU support with a realm guest Steven Price
2026-03-18 15:54 ` [PATCH v13 39/48] arm64: RMI: Propagate number of breakpoints and watchpoints to userspace Steven Price
2026-03-19 18:50 ` Wei-Lin Chang
2026-03-20 16:45 ` Steven Price
2026-03-18 15:54 ` [PATCH v13 40/48] arm64: RMI: Set breakpoint parameters through SET_ONE_REG Steven Price
2026-03-18 15:54 ` [PATCH v13 41/48] arm64: RMI: Initialize PMCR.N with number counter supported by RMM Steven Price
2026-03-18 15:54 ` [PATCH v13 42/48] arm64: RMI: Propagate max SVE vector length from RMM Steven Price
2026-03-18 15:54 ` [PATCH v13 43/48] arm64: RMI: Configure max SVE vector length for a Realm Steven Price
2026-03-18 15:54 ` [PATCH v13 44/48] arm64: RMI: Provide register list for unfinalized RMI RECs Steven Price
2026-03-18 15:54 ` [PATCH v13 45/48] arm64: RMI: Provide accurate register list Steven Price
2026-03-19 18:53 ` Wei-Lin Chang
2026-03-20 16:45 ` Steven Price
2026-03-18 15:54 ` [PATCH v13 46/48] KVM: arm64: Expose KVM_ARM_VCPU_REC to user space Steven Price
2026-03-19 17:36 ` Suzuki K Poulose
2026-04-10 15:12 ` Steven Price
2026-03-18 15:54 ` [PATCH v13 47/48] arm64: RMI: Enable realms to be created Steven Price
2026-03-18 15:54 ` [PATCH v13 48/48] [WIP] arm64: RMI: Add support for SRO Steven Price
2026-03-18 16:53 ` [PATCH v13 00/48] arm64: Support for Arm CCA in KVM Steven Price
2026-03-19 23:02 ` Mathieu Poirier
2026-03-20 16:45 ` Steven Price
2026-03-20 19:15 ` Mathieu Poirier
2026-03-25 6:37 ` Gavin Shan
2026-03-25 10:16 ` Suzuki K Poulose
2026-03-25 11:32 ` Suzuki K Poulose
2026-03-26 0:48 ` Gavin Shan
2026-03-26 11:22 ` Suzuki K Poulose
2026-03-25 4:07 ` Gavin Shan
2026-03-25 10:19 ` Suzuki K Poulose
2026-04-14 21:40 ` Alper Gun
2026-04-15 11:01 ` Steven Price
2026-04-15 23:27 ` Alper Gun
2026-04-16 11:04 ` Suzuki K Poulose
2026-04-16 17:44 ` Alper Gun
2026-04-21 13:51 ` Jiahao zheng
[not found] ` <20260421135145.14789-1-jahao.zheng@gmail.com_quarantine>
2026-04-22 15:38 ` Steven Price
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260319102734.GC3942350@e124191.cambridge.arm.com \
--to=joey.gouly@arm.com \
--cc=alexandru.elisei@arm.com \
--cc=alpergun@google.com \
--cc=aneesh.kumar@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=christoffer.dall@arm.com \
--cc=fj0570is@fujitsu.com \
--cc=gankulkarni@os.amperecomputing.com \
--cc=gshan@redhat.com \
--cc=james.morse@arm.com \
--cc=kvm@vger.kernel.org \
--cc=kvmarm@lists.linux.dev \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-coco@lists.linux.dev \
--cc=linux-kernel@vger.kernel.org \
--cc=maz@kernel.org \
--cc=oliver.upton@linux.dev \
--cc=sdonthineni@nvidia.com \
--cc=steven.price@arm.com \
--cc=suzuki.poulose@arm.com \
--cc=tabba@google.com \
--cc=vannapurve@google.com \
--cc=will@kernel.org \
--cc=yuzenghui@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.