From: Marc Zyngier <maz@kernel.org>
To: Joey Gouly <joey.gouly@arm.com>
Cc: kvmarm@lists.linux.dev, linux-arm-kernel@lists.infradead.org,
kvm@vger.kernel.org, Suzuki K Poulose <suzuki.poulose@arm.com>,
Oliver Upton <oliver.upton@linux.dev>,
Zenghui Yu <yuzenghui@huawei.com>,
Alexandru Elisei <alexandru.elisei@arm.com>,
Mark Brown <broonie@kernel.org>
Subject: Re: [PATCH v5 21/37] KVM: arm64: Implement AT S1PIE support
Date: Thu, 24 Oct 2024 15:21:49 +0100 [thread overview]
Message-ID: <86sesl37k2.wl-maz@kernel.org> (raw)
In-Reply-To: <20241024135925.GB1403933@e124191.cambridge.arm.com>
On Thu, 24 Oct 2024 14:59:25 +0100,
Joey Gouly <joey.gouly@arm.com> wrote:
>
> On Wed, Oct 23, 2024 at 03:53:29PM +0100, Marc Zyngier wrote:
> > It doesn't take much effort to implement S1PIE support in AT.
> >
> > It is only a matter of using the AArch64.S1IndirectBasePermissions()
> > encodings for the permission, ignoring GCS which has no impact on AT,
> > and enforce FEAT_PAN3 being enabled as this is a requirement of
> > FEAT_S1PIE.
> >
> > Signed-off-by: Marc Zyngier <maz@kernel.org>
> > ---
> > arch/arm64/kvm/at.c | 117 +++++++++++++++++++++++++++++++++++++++++++-
> > 1 file changed, 116 insertions(+), 1 deletion(-)
> >
> > diff --git a/arch/arm64/kvm/at.c b/arch/arm64/kvm/at.c
> > index f5bd750288ff5..3d93ed1795603 100644
> > --- a/arch/arm64/kvm/at.c
> > +++ b/arch/arm64/kvm/at.c
> > @@ -781,6 +781,9 @@ static bool pan3_enabled(struct kvm_vcpu *vcpu, enum trans_regime regime)
> > if (!kvm_has_feat(vcpu->kvm, ID_AA64MMFR1_EL1, PAN, PAN3))
> > return false;
> >
> > + if (s1pie_enabled(vcpu, regime))
> > + return true;
> > +
> > if (regime == TR_EL10)
> > sctlr = vcpu_read_sys_reg(vcpu, SCTLR_EL1);
> > else
> > @@ -862,11 +865,123 @@ static void compute_s1_hierarchical_permissions(struct kvm_vcpu *vcpu,
> > }
> > }
> >
> > +#define perm_idx(v, r, i) ((vcpu_read_sys_reg((v), (r)) >> ((i) * 4)) & 0xf)
> > +
> > +#define set_priv_perms(wr, r, w, x) \
> > + do { \
> > + (wr)->pr = (r); \
> > + (wr)->pw = (w); \
> > + (wr)->px = (x); \
> > + } while (0)
> > +
> > +#define set_unpriv_perms(wr, r, w, x) \
> > + do { \
> > + (wr)->ur = (r); \
> > + (wr)->uw = (w); \
> > + (wr)->ux = (x); \
> > + } while (0)
> > +
> > +/* Similar to AArch64.S1IndirectBasePermissions(), without GCS */
> > +#define set_perms(w, wr, ip) \
> > + do { \
> > + /* R_LLZDZ */ \
> > + switch ((ip)) { \
> > + case 0b0000: \
> > + set_ ## w ## _perms((wr), false, false, false); \
> > + break; \
> > + case 0b0001: \
> > + set_ ## w ## _perms((wr), true , false, false); \
> > + break; \
> > + case 0b0010: \
> > + set_ ## w ## _perms((wr), false, false, true ); \
> > + break; \
> > + case 0b0011: \
> > + set_ ## w ## _perms((wr), true , false, true ); \
> > + break; \
> > + case 0b0100: \
> > + set_ ## w ## _perms((wr), false, false, false); \
> > + break; \
> > + case 0b0101: \
> > + set_ ## w ## _perms((wr), true , true , false); \
> > + break; \
> > + case 0b0110: \
> > + set_ ## w ## _perms((wr), true , true , true ); \
> > + break; \
> > + case 0b0111: \
> > + set_ ## w ## _perms((wr), true , true , true ); \
> > + break; \
> > + case 0b1000: \
> > + set_ ## w ## _perms((wr), true , false, false); \
> > + break; \
> > + case 0b1001: \
> > + set_ ## w ## _perms((wr), true , false, false); \
> > + break; \
> > + case 0b1010: \
> > + set_ ## w ## _perms((wr), true , false, true ); \
> > + break; \
> > + case 0b1011: \
> > + set_ ## w ## _perms((wr), false, false, false); \
> > + break; \
> > + case 0b1100: \
> > + set_ ## w ## _perms((wr), true , true , false); \
> > + break; \
> > + case 0b1101: \
> > + set_ ## w ## _perms((wr), false, false, false); \
> > + break; \
> > + case 0b1110: \
> > + set_ ## w ## _perms((wr), true , true , true ); \
> > + break; \
> > + case 0b1111: \
> > + set_ ## w ## _perms((wr), false, false, false); \
> > + break; \
> > + } \
> > + } while (0)
> > +
> > +static void compute_s1_indirect_permissions(struct kvm_vcpu *vcpu,
> > + struct s1_walk_info *wi,
> > + struct s1_walk_result *wr)
> > +{
> > + u8 up, pp, idx;
> > +
> > + idx = pte_pi_index(wr->desc);
> > +
> > + switch (wi->regime) {
> > + case TR_EL10:
> > + pp = perm_idx(vcpu, PIR_EL1, idx);
> > + up = perm_idx(vcpu, PIRE0_EL1, idx);
> > + break;
> > + case TR_EL20:
> > + pp = perm_idx(vcpu, PIR_EL2, idx);
> > + up = perm_idx(vcpu, PIRE0_EL2, idx);
> > + break;
> > + case TR_EL2:
> > + pp = perm_idx(vcpu, PIR_EL2, idx);
> > + up = 0;
> > + break;
> > + }
>
> There seems to be inconsistent use of
>
> default:
> BUG();
>
> when switching on wi->regime.
True. Maybe I should drop them all apart from the one in
setup_s1_walk().
>
> > +
> > + set_perms(priv, wr, pp);
> > +
> > + if (wi->regime != TR_EL2)
> > + set_perms(unpriv, wr, up);
> > + else
> > + set_unpriv_perms(wr, false, false, false);
>
> When regime == TR_EL2, up == 0, so the if/else should do the same thing? Maybe
> you've done that intentionally to be more explicit.
The reason for doing so was not to give the impression that we were
actively using the unprivileged indirect permissions for TR_EL2.
But maybe that's be just as clear with a comment.
>
> Either way:
>
> Reviewed-by: Joey Gouly <joey.gouly@arm.com>
Thanks!
M.
--
Without deviation from the norm, progress is not possible.
next prev parent reply other threads:[~2024-10-24 14:21 UTC|newest]
Thread overview: 55+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-23 14:53 [PATCH v5 00/37] KVM: arm64: Add EL2 support to FEAT_S1PIE/S1POE Marc Zyngier
2024-10-23 14:53 ` [PATCH v5 01/37] arm64: Drop SKL0/SKL1 from TCR2_EL2 Marc Zyngier
2024-10-23 14:53 ` [PATCH v5 02/37] arm64: Remove VNCR definition for PIRE0_EL2 Marc Zyngier
2024-10-23 14:53 ` [PATCH v5 03/37] arm64: Add encoding " Marc Zyngier
2024-10-23 16:11 ` Mark Brown
2024-10-23 14:53 ` [PATCH v5 04/37] KVM: arm64: Drop useless struct s2_mmu in __kvm_at_s1e2() Marc Zyngier
2024-10-23 14:53 ` [PATCH v5 05/37] KVM: arm64: nv: Add missing EL2->EL1 mappings in get_el2_to_el1_mapping() Marc Zyngier
2024-10-23 14:53 ` [PATCH v5 06/37] KVM: arm64: nv: Handle CNTHCTL_EL2 specially Marc Zyngier
2024-10-23 14:53 ` [PATCH v5 07/37] KVM: arm64: nv: Save/Restore vEL2 sysregs Marc Zyngier
2024-10-23 14:53 ` [PATCH v5 08/37] KVM: arm64: Correctly access TCR2_EL1, PIR_EL1, PIRE0_EL1 with VHE Marc Zyngier
2024-10-24 10:03 ` Joey Gouly
2024-10-23 14:53 ` [PATCH v5 09/37] KVM: arm64: Extend masking facility to arbitrary registers Marc Zyngier
2024-10-24 10:38 ` Joey Gouly
2024-10-23 14:53 ` [PATCH v5 10/37] arm64: Define ID_AA64MMFR1_EL1.HAFDBS advertising FEAT_HAFT Marc Zyngier
2024-10-23 16:09 ` Mark Brown
2024-10-23 14:53 ` [PATCH v5 11/37] KVM: arm64: Add TCR2_EL2 to the sysreg arrays Marc Zyngier
2024-10-23 14:53 ` [PATCH v5 12/37] KVM: arm64: Sanitise TCR2_EL2 Marc Zyngier
2024-10-24 10:21 ` Joey Gouly
2024-10-23 14:53 ` [PATCH v5 13/37] KVM: arm64: Add save/restore for TCR2_EL2 Marc Zyngier
2024-10-23 14:53 ` [PATCH v5 14/37] KVM: arm64: Add PIR{,E0}_EL2 to the sysreg arrays Marc Zyngier
2024-10-23 14:53 ` [PATCH v5 15/37] KVM: arm64: Add save/restore for PIR{,E0}_EL2 Marc Zyngier
2024-10-23 14:53 ` [PATCH v5 16/37] KVM: arm64: Handle PIR{,E0}_EL2 traps Marc Zyngier
2024-10-23 14:53 ` [PATCH v5 17/37] KVM: arm64: Sanitise ID_AA64MMFR3_EL1 Marc Zyngier
2024-10-24 12:32 ` Mark Brown
2024-10-24 12:45 ` Joey Gouly
2024-10-24 12:55 ` Mark Brown
2024-10-23 14:53 ` [PATCH v5 18/37] KVM: arm64: Add AT fast-path support for S1PIE Marc Zyngier
2024-10-24 14:49 ` Joey Gouly
2024-10-23 14:53 ` [PATCH v5 19/37] KVM: arm64: Split S1 permission evaluation into direct and hierarchical parts Marc Zyngier
2024-10-23 14:53 ` [PATCH v5 20/37] KVM: arm64: Disable hierarchical permissions when S1PIE is enabled Marc Zyngier
2024-10-24 14:02 ` Joey Gouly
2024-10-23 14:53 ` [PATCH v5 21/37] KVM: arm64: Implement AT S1PIE support Marc Zyngier
2024-10-24 13:59 ` Joey Gouly
2024-10-24 14:21 ` Marc Zyngier [this message]
2024-10-23 14:53 ` [PATCH v5 22/37] KVM: arm64: Add a composite EL2 visibility helper Marc Zyngier
2024-10-23 14:53 ` [PATCH v5 23/37] KVM: arm64: Define helper for EL2 registers with custom visibility Marc Zyngier
2024-10-23 14:53 ` [PATCH v5 24/37] KVM: arm64: Hide TCR2_EL1 from userspace when disabled for guests Marc Zyngier
2024-10-23 14:53 ` [PATCH v5 25/37] KVM: arm64: Hide S1PIE registers " Marc Zyngier
2024-10-23 14:53 ` [PATCH v5 26/37] KVM: arm64: Rely on visibility to let PIR*_ELx/TCR2_ELx UNDEF Marc Zyngier
2024-10-23 14:53 ` [PATCH v5 27/37] arm64: Add encoding for POR_EL2 Marc Zyngier
2024-10-23 16:13 ` Mark Brown
2024-10-23 16:28 ` Marc Zyngier
2024-10-23 14:53 ` [PATCH v5 28/37] KVM: arm64: Drop bogus CPTR_EL2.E0POE trap routing Marc Zyngier
2024-10-23 14:53 ` [PATCH v5 29/37] KVM: arm64: Subject S1PIE/S1POE registers to HCR_EL2.{TVM,TRVM} Marc Zyngier
2024-10-23 14:53 ` [PATCH v5 30/37] KVM: arm64: Add kvm_has_s1poe() helper Marc Zyngier
2024-10-23 14:53 ` [PATCH v5 31/37] KVM: arm64: Add basic support for POR_EL2 Marc Zyngier
2024-10-23 14:53 ` [PATCH v5 32/37] KVM: arm64: Add save/restore " Marc Zyngier
2024-10-23 14:53 ` [PATCH v5 33/37] KVM: arm64: Add POE save/restore for AT emulation fast-path Marc Zyngier
2024-10-24 15:26 ` Joey Gouly
2024-10-23 14:53 ` [PATCH v5 34/37] KVM: arm64: Disable hierarchical permissions when POE is enabled Marc Zyngier
2024-10-24 15:36 ` Joey Gouly
2024-10-23 14:53 ` [PATCH v5 35/37] KVM: arm64: Make PAN conditions part of the S1 walk context Marc Zyngier
2024-10-23 14:53 ` [PATCH v5 36/37] KVM: arm64: Handle stage-1 permission overlays Marc Zyngier
2024-10-23 14:53 ` [PATCH v5 37/37] KVM: arm64: Handle WXN attribute Marc Zyngier
2024-10-31 3:04 ` [PATCH v5 00/37] KVM: arm64: Add EL2 support to FEAT_S1PIE/S1POE Oliver Upton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=86sesl37k2.wl-maz@kernel.org \
--to=maz@kernel.org \
--cc=alexandru.elisei@arm.com \
--cc=broonie@kernel.org \
--cc=joey.gouly@arm.com \
--cc=kvm@vger.kernel.org \
--cc=kvmarm@lists.linux.dev \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=oliver.upton@linux.dev \
--cc=suzuki.poulose@arm.com \
--cc=yuzenghui@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.