From: Marc Zyngier <maz@kernel.org>
To: Joey Gouly <joey.gouly@arm.com>
Cc: kvmarm@lists.linux.dev, kvm@vger.kernel.org,
linux-arm-kernel@lists.infradead.org,
James Morse <james.morse@arm.com>,
Suzuki K Poulose <suzuki.poulose@arm.com>,
Oliver Upton <oliver.upton@linux.dev>,
Zenghui Yu <yuzenghui@huawei.com>, Will Deacon <will@kernel.org>,
Catalin Marinas <catalin.marinas@arm.com>
Subject: Re: [PATCH v2 11/13] KVM: arm64: nv: Add emulation for ERETAx instructions
Date: Fri, 08 Mar 2024 17:54:20 +0000 [thread overview]
Message-ID: <86h6hg1uer.wl-maz@kernel.org> (raw)
In-Reply-To: <20240308172059.GA1052268@e124191.cambridge.arm.com>
On Fri, 08 Mar 2024 17:20:59 +0000,
Joey Gouly <joey.gouly@arm.com> wrote:
>
> Phew..
[...]
> Each function in this file is quite small, but there's certainly a lot of
> complexity and background knowledge required to understand them!
>
> I spent quite some time on each part to see if it matches what I understood
> from the Arm ARM.
>
> Reviewed-by: Joey Gouly <joey.gouly@arm.com>
Thanks a lot for putting up with it, much appreciated.
> A side note / thing I considered. KVM doesn't currently handle ERET exceptions
> from EL1.
EL1 is ambiguous here. Is that EL1 from the PoV of the guest?
>
> 1. If an ERETA{A,B} were executed from a nested EL1 guest, that would be
> trapped up to Host KVM at EL2.
There are two possibilities for that (assuming EL1 from the PoV of a
L1 guest):
(1) this EL1 guest is itself a guest hypervisor (i.e. we are running
an L1 guest which itself is using NV and running an L2 which
itself is a hypervisor). In that case, ERET* would have to be
trapped to EL2 and re-injected. Note that we do not support NV
under NV. Yet...
(2) the L2 guest is not a hypervisor (no recursive NV), but the L1
hypervisor has set HFGITR_EL2.ERET==1. We'd have to re-inject the
exception into L1, just like in the precedent case.
If neither HCR_EL2.NV nor HFGITR_EL2.ERET are set, then no ERET* gets
trapped at all. Crucially, when running an L2 guest that doesn't isn't
itself a hypervisor (no nested NV), we do not trap ERET* at all.
In a way, the NV overhead is mostly when running L1. Once you run L2,
the overhead "vanishes", to some extent (as long as you don't exit,
because that's where the cost is).
> 2. kvm_hyp_handle_eret() returns false since it's not from vEL2. Inside
> kvm_handle_eret(), is_hyp_ctxt() is false so the exception is injected into
> vEL2 (via kvm_inject_nested_sync()).
>
> 3. vEL2 gets the exception, kvm_hyp_handle_eret() returns false as before.
> Inside kvm_handle_eret(), is_hyp_ctxt() is also false, so
> kvm_inject_nested_sync() is called but now errors out since vcpu_has_nv() is
> false.
>
> Is that flow right? Am I missing something?
I'm not sure. The cases where ERET gets trapped are really limited to
the above two cases.
Thanks,
M.
--
Without deviation from the norm, progress is not possible.
WARNING: multiple messages have this Message-ID (diff)
From: Marc Zyngier <maz@kernel.org>
To: Joey Gouly <joey.gouly@arm.com>
Cc: kvmarm@lists.linux.dev, kvm@vger.kernel.org,
linux-arm-kernel@lists.infradead.org,
James Morse <james.morse@arm.com>,
Suzuki K Poulose <suzuki.poulose@arm.com>,
Oliver Upton <oliver.upton@linux.dev>,
Zenghui Yu <yuzenghui@huawei.com>, Will Deacon <will@kernel.org>,
Catalin Marinas <catalin.marinas@arm.com>
Subject: Re: [PATCH v2 11/13] KVM: arm64: nv: Add emulation for ERETAx instructions
Date: Fri, 08 Mar 2024 17:54:20 +0000 [thread overview]
Message-ID: <86h6hg1uer.wl-maz@kernel.org> (raw)
In-Reply-To: <20240308172059.GA1052268@e124191.cambridge.arm.com>
On Fri, 08 Mar 2024 17:20:59 +0000,
Joey Gouly <joey.gouly@arm.com> wrote:
>
> Phew..
[...]
> Each function in this file is quite small, but there's certainly a lot of
> complexity and background knowledge required to understand them!
>
> I spent quite some time on each part to see if it matches what I understood
> from the Arm ARM.
>
> Reviewed-by: Joey Gouly <joey.gouly@arm.com>
Thanks a lot for putting up with it, much appreciated.
> A side note / thing I considered. KVM doesn't currently handle ERET exceptions
> from EL1.
EL1 is ambiguous here. Is that EL1 from the PoV of the guest?
>
> 1. If an ERETA{A,B} were executed from a nested EL1 guest, that would be
> trapped up to Host KVM at EL2.
There are two possibilities for that (assuming EL1 from the PoV of a
L1 guest):
(1) this EL1 guest is itself a guest hypervisor (i.e. we are running
an L1 guest which itself is using NV and running an L2 which
itself is a hypervisor). In that case, ERET* would have to be
trapped to EL2 and re-injected. Note that we do not support NV
under NV. Yet...
(2) the L2 guest is not a hypervisor (no recursive NV), but the L1
hypervisor has set HFGITR_EL2.ERET==1. We'd have to re-inject the
exception into L1, just like in the precedent case.
If neither HCR_EL2.NV nor HFGITR_EL2.ERET are set, then no ERET* gets
trapped at all. Crucially, when running an L2 guest that doesn't isn't
itself a hypervisor (no nested NV), we do not trap ERET* at all.
In a way, the NV overhead is mostly when running L1. Once you run L2,
the overhead "vanishes", to some extent (as long as you don't exit,
because that's where the cost is).
> 2. kvm_hyp_handle_eret() returns false since it's not from vEL2. Inside
> kvm_handle_eret(), is_hyp_ctxt() is false so the exception is injected into
> vEL2 (via kvm_inject_nested_sync()).
>
> 3. vEL2 gets the exception, kvm_hyp_handle_eret() returns false as before.
> Inside kvm_handle_eret(), is_hyp_ctxt() is also false, so
> kvm_inject_nested_sync() is called but now errors out since vcpu_has_nv() is
> false.
>
> Is that flow right? Am I missing something?
I'm not sure. The cases where ERET gets trapped are really limited to
the above two cases.
Thanks,
M.
--
Without deviation from the norm, progress is not possible.
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2024-03-08 17:54 UTC|newest]
Thread overview: 56+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-26 10:05 [PATCH v2 00/13] KVM/arm64: Add NV support for ERET and PAuth Marc Zyngier
2024-02-26 10:05 ` Marc Zyngier
2024-02-26 10:05 ` [PATCH v2 01/13] KVM: arm64: Harden __ctxt_sys_reg() against out-of-range values Marc Zyngier
2024-02-26 10:05 ` Marc Zyngier
2024-02-26 10:05 ` [PATCH v2 02/13] KVM: arm64: Add helpers for ESR_ELx_ERET_ISS_ERET* Marc Zyngier
2024-02-26 10:05 ` Marc Zyngier
2024-02-26 10:05 ` [PATCH v2 03/13] KVM: arm64: nv: Drop VCPU_HYP_CONTEXT flag Marc Zyngier
2024-02-26 10:05 ` Marc Zyngier
2024-02-26 10:05 ` [PATCH v2 04/13] KVM: arm64: nv: Configure HCR_EL2 for FEAT_NV2 Marc Zyngier
2024-02-26 10:05 ` Marc Zyngier
2024-02-26 10:05 ` [PATCH v2 05/13] KVM: arm64: nv: Add trap forwarding for ERET and SMC Marc Zyngier
2024-02-26 10:05 ` Marc Zyngier
2024-02-26 10:05 ` [PATCH v2 06/13] KVM: arm64: nv: Fast-track 'InHost' exception returns Marc Zyngier
2024-02-26 10:05 ` Marc Zyngier
2024-02-28 16:08 ` Joey Gouly
2024-02-28 16:08 ` Joey Gouly
2024-02-29 13:44 ` Marc Zyngier
2024-02-29 13:44 ` Marc Zyngier
2024-02-26 10:05 ` [PATCH v2 07/13] KVM: arm64: nv: Honor HFGITR_EL2.ERET being set Marc Zyngier
2024-02-26 10:05 ` Marc Zyngier
2024-03-01 18:07 ` Joey Gouly
2024-03-01 18:07 ` Joey Gouly
2024-03-01 19:14 ` Marc Zyngier
2024-03-01 19:14 ` Marc Zyngier
2024-03-01 20:15 ` Joey Gouly
2024-03-01 20:15 ` Joey Gouly
2024-02-26 10:05 ` [PATCH v2 08/13] KVM: arm64: nv: Handle HCR_EL2.{API,APK} independently Marc Zyngier
2024-02-26 10:05 ` Marc Zyngier
2024-03-07 15:14 ` Joey Gouly
2024-03-07 15:14 ` Joey Gouly
2024-03-07 15:58 ` Marc Zyngier
2024-03-07 15:58 ` Marc Zyngier
2024-02-26 10:05 ` [PATCH v2 09/13] KVM: arm64: nv: Reinject PAC exceptions caused by HCR_EL2.API==0 Marc Zyngier
2024-02-26 10:05 ` Marc Zyngier
2024-02-26 10:05 ` [PATCH v2 10/13] KVM: arm64: nv: Add kvm_has_pauth() helper Marc Zyngier
2024-02-26 10:05 ` Marc Zyngier
2024-02-26 10:05 ` [PATCH v2 11/13] KVM: arm64: nv: Add emulation for ERETAx instructions Marc Zyngier
2024-02-26 10:05 ` Marc Zyngier
2024-03-07 13:39 ` Joey Gouly
2024-03-07 13:39 ` Joey Gouly
2024-03-07 14:24 ` Marc Zyngier
2024-03-07 14:24 ` Marc Zyngier
2024-03-08 17:20 ` Joey Gouly
2024-03-08 17:20 ` Joey Gouly
2024-03-08 17:54 ` Marc Zyngier [this message]
2024-03-08 17:54 ` Marc Zyngier
2024-03-12 10:46 ` Joey Gouly
2024-03-12 10:46 ` Joey Gouly
2024-02-26 10:06 ` [PATCH v2 12/13] KVM: arm64: nv: Handle ERETA[AB] instructions Marc Zyngier
2024-02-26 10:06 ` Marc Zyngier
2024-03-12 11:17 ` Joey Gouly
2024-03-12 11:17 ` Joey Gouly
2024-02-26 10:06 ` [PATCH v2 13/13] KVM: arm64: nv: Advertise support for PAuth Marc Zyngier
2024-02-26 10:06 ` Marc Zyngier
2024-03-12 11:21 ` Joey Gouly
2024-03-12 11:21 ` Joey Gouly
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=86h6hg1uer.wl-maz@kernel.org \
--to=maz@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=james.morse@arm.com \
--cc=joey.gouly@arm.com \
--cc=kvm@vger.kernel.org \
--cc=kvmarm@lists.linux.dev \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=oliver.upton@linux.dev \
--cc=suzuki.poulose@arm.com \
--cc=will@kernel.org \
--cc=yuzenghui@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.