From: Marc Zyngier <maz@kernel.org>
To: Mark Brown <broonie@kernel.org>
Cc: Oliver Upton <oliver.upton@linux.dev>,
James Morse <james.morse@arm.com>,
Suzuki K Poulose <suzuki.poulose@arm.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will@kernel.org>, Joey Gouly <joey.gouly@arm.com>,
linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev,
linux-kernel@vger.kernel.org,
20240813144738.2048302-1-maz@kernel.org
Subject: Re: [PATCH v2 2/3] KVM: arm64: Hide TCR2_EL1 from userspace when disabled for guests
Date: Mon, 02 Sep 2024 20:12:51 +0100 [thread overview]
Message-ID: <86ttexvpho.wl-maz@kernel.org> (raw)
In-Reply-To: <20240822-kvm-arm64-hide-pie-regs-v2-2-376624fa829c@kernel.org>
On Thu, 22 Aug 2024 00:35:37 +0100,
Mark Brown <broonie@kernel.org> wrote:
>
> When the guest does not support FEAT_TCR2 we should not allow any access
> to it in order to ensure that we do not create spurious issues with guest
> migration. Add a visibility operation for it.
>
> Fixes: fbff56068232 ("KVM: arm64: Save/restore TCR2_EL1")
> Signed-off-by: Mark Brown <broonie@kernel.org>
> ---
> arch/arm64/include/asm/kvm_host.h | 3 +++
> arch/arm64/kvm/sys_regs.c | 29 ++++++++++++++++++++++++++---
> 2 files changed, 29 insertions(+), 3 deletions(-)
>
> diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h
> index ab4c675b491d..7889e5f4009f 100644
> --- a/arch/arm64/include/asm/kvm_host.h
> +++ b/arch/arm64/include/asm/kvm_host.h
> @@ -1476,4 +1476,7 @@ void kvm_set_vm_id_reg(struct kvm *kvm, u32 reg, u64 val);
> (pa + pi + pa3) == 1; \
> })
>
> +#define kvm_has_tcr2(k) \
> + (kvm_has_feat((k), ID_AA64MMFR3_EL1, TCRX, IMP))
> +
> #endif /* __ARM64_KVM_HOST_H__ */
> diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c
> index 1af15140e067..6d5f43781042 100644
> --- a/arch/arm64/kvm/sys_regs.c
> +++ b/arch/arm64/kvm/sys_regs.c
> @@ -2319,6 +2319,27 @@ static bool access_zcr_el2(struct kvm_vcpu *vcpu,
> return true;
> }
>
> +static unsigned int tcr2_visibility(const struct kvm_vcpu *vcpu,
> + const struct sys_reg_desc *rd)
> +{
> + if (kvm_has_tcr2(vcpu->kvm))
> + return 0;
> +
> + return REG_HIDDEN;
> +}
> +
> +static unsigned int tcr2_el2_visibility(const struct kvm_vcpu *vcpu,
> + const struct sys_reg_desc *rd)
> +{
> + unsigned int r;
> +
> + r = el2_visibility(vcpu, rd);
> + if (r)
> + return r;
> +
> + return tcr2_visibility(vcpu, rd);
> +}
> +
> /*
> * Architected system registers.
> * Important: Must be sorted ascending by Op0, Op1, CRn, CRm, Op2
> @@ -2503,7 +2524,8 @@ static const struct sys_reg_desc sys_reg_descs[] = {
> { SYS_DESC(SYS_TTBR0_EL1), access_vm_reg, reset_unknown, TTBR0_EL1 },
> { SYS_DESC(SYS_TTBR1_EL1), access_vm_reg, reset_unknown, TTBR1_EL1 },
> { SYS_DESC(SYS_TCR_EL1), access_vm_reg, reset_val, TCR_EL1, 0 },
> - { SYS_DESC(SYS_TCR2_EL1), access_vm_reg, reset_val, TCR2_EL1, 0 },
> + { SYS_DESC(SYS_TCR2_EL1), access_vm_reg, reset_val, TCR2_EL1, 0,
> + .visibility = tcr2_visibility },
With this, we should be able to simplify the accessor, shouldn't we?
>
> PTRAUTH_KEY(APIA),
> PTRAUTH_KEY(APIB),
> @@ -2820,7 +2842,8 @@ static const struct sys_reg_desc sys_reg_descs[] = {
> EL2_REG(TTBR0_EL2, access_rw, reset_val, 0),
> EL2_REG(TTBR1_EL2, access_rw, reset_val, 0),
> EL2_REG(TCR_EL2, access_rw, reset_val, TCR_EL2_RES1),
> - EL2_REG(TCR2_EL2, access_tcr2_el2, reset_val, TCR2_EL2_RES1),
> + EL2_REG_FILTERED(TCR2_EL2, access_tcr2_el2, reset_val, TCR2_EL2_RES1,
> + tcr2_el2_visibility),
Same thing here.
Thanks,
M.
--
Without deviation from the norm, progress is not possible.
next prev parent reply other threads:[~2024-09-02 19:12 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-08-21 23:35 [PATCH v2 0/3] KVM: arm64: Control visibility of S1PIE related sysregs to userspace Mark Brown
2024-08-21 23:35 ` [PATCH v2 1/3] KVM: arm64: Define helper for EL2 registers with custom visibility Mark Brown
2024-08-21 23:35 ` [PATCH v2 2/3] KVM: arm64: Hide TCR2_EL1 from userspace when disabled for guests Mark Brown
2024-09-02 19:12 ` Marc Zyngier [this message]
2024-08-21 23:35 ` [PATCH v2 3/3] KVM: arm64: Hide S1PIE registers " Mark Brown
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=86ttexvpho.wl-maz@kernel.org \
--to=maz@kernel.org \
--cc=20240813144738.2048302-1-maz@kernel.org \
--cc=broonie@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=james.morse@arm.com \
--cc=joey.gouly@arm.com \
--cc=kvmarm@lists.linux.dev \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=oliver.upton@linux.dev \
--cc=suzuki.poulose@arm.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.