From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id ACE8B2AEE9 for ; Wed, 2 Apr 2025 11:15:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1743592553; cv=none; b=EznZIFV8YVN4wSbYYnv0s31e1exqn1l8FqDVJq5Qw3ENBFFbPndiPzgpnjMBfpideyCwg6fJiEgiwohTICB2RvbMkfn/7o4VfSNCED0hY3LB2Sdflxp80eioVKqteqDginMjHCYlTh2TlG/YAhVsiGQgT4jJnocUPaG2HKYBguE= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1743592553; c=relaxed/simple; bh=UJUndRaaCBg74qV7skzgDyGIBak5GPQkYUVdvEfAXEw=; h=Date:Message-ID:From:To:Cc:Subject:In-Reply-To:References: MIME-Version:Content-Type; b=FOn2hA6CT1iO/5P6oLOT5HK81Negv2RaWVdqE007X5pVVdlpol6AbctlYS5uQBmn9l4wAgjMTfqO+p4oO7zsEaOUCswYB8RvMl0NZRe6atdDm4N2QIYB24w3B1DZJRynRzH+rADGtXHm8sicwHJ/PrUXwpWiLJgmsVgT//9I1Vc= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=QM/MfYbZ; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="QM/MfYbZ" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 34374C4CEDD; Wed, 2 Apr 2025 11:15:53 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1743592553; bh=UJUndRaaCBg74qV7skzgDyGIBak5GPQkYUVdvEfAXEw=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=QM/MfYbZRd6X02rMfRO4S7gIU1i3gHFRNJjkvezjyN3jaVm0d+WsbVIlBQoL6y1B+ X83GBOIRtWsF4lgezQ+Ks7Snyejf0WWv7mIONXn5JqzSmJi0F4Uedwkm/vmHt72cnH mTOOeDvPIyPo6TS+VBM9ZuDYaPeQ1VrOYme4wvlLi30t4izwk1Jpy+dCyLv285Sy7q Sxa3xZM9xx0o1vSeZ9dGCHf3LcFmuakjhJ9M8LezTZjhhCjwj+xH04CnF/S3XFnOsh plJlv/UJfj1UGSVG4evFTeH7xXO/S5dQD9T25ZEzyvge9rDv8c52Pp4+JcMA4nna0B 3tdX9phXdM4VQ== Received: from sofa.misterjones.org ([185.219.108.64] helo=lobster-girl.misterjones.org) by disco-boy.misterjones.org with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1tzw4U-001dGq-Qt; Wed, 02 Apr 2025 12:15:51 +0100 Date: Wed, 02 Apr 2025 12:15:52 +0100 Message-ID: <87iknmzudz.wl-maz@kernel.org> From: Marc Zyngier To: Oliver Upton Cc: kvmarm@lists.linux.dev, Joey Gouly , Suzuki K Poulose , Jiaqi Yan Subject: Re: [PATCH 1/3] KVM: arm64: Only read HPFAR_EL2 when value is architecturally valid In-Reply-To: <20250401224234.2906739-2-oliver.upton@linux.dev> References: <20250401224234.2906739-1-oliver.upton@linux.dev> <20250401224234.2906739-2-oliver.upton@linux.dev> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM-LB/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL-LB/10.8 EasyPG/1.0.0 Emacs/30.1 (aarch64-unknown-linux-gnu) MULE/6.0 (HANACHIRUSATO) Precedence: bulk X-Mailing-List: kvmarm@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-SA-Exim-Connect-IP: 185.219.108.64 X-SA-Exim-Rcpt-To: oliver.upton@linux.dev, kvmarm@lists.linux.dev, joey.gouly@arm.com, suzuki.poulose@arm.com, jiaqiyan@google.com X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on disco-boy.misterjones.org); SAEximRunCond expanded to false On Tue, 01 Apr 2025 23:42:32 +0100, Oliver Upton wrote: > > KVM's logic for deciding when HPFAR_EL2 is UNKNOWN doesn't align with > the architecture. Most notably, KVM assumes HPFAR_EL2 contains the > faulting IPA even in the case of an SEA. > > Align the logic with the architecture rather than attempting to > paraphrase it. Additionally, take the opportunity to improve the > language around ARM erratum #834220 such that it actually describes the > bug. > > Signed-off-by: Oliver Upton > --- > arch/arm64/include/asm/esr.h | 1 + > arch/arm64/kvm/hyp/include/hyp/fault.h | 46 ++++++++++++++++---------- > 2 files changed, 29 insertions(+), 18 deletions(-) > > diff --git a/arch/arm64/include/asm/esr.h b/arch/arm64/include/asm/esr.h > index d1b1a33f9a8b..7b096ed87360 100644 > --- a/arch/arm64/include/asm/esr.h > +++ b/arch/arm64/include/asm/esr.h > @@ -121,6 +121,7 @@ > #define ESR_ELx_FSC_SEA_TTW(n) (0x14 + (n)) > #define ESR_ELx_FSC_SECC (0x18) > #define ESR_ELx_FSC_SECC_TTW(n) (0x1c + (n)) > +#define ESR_ELx_FSC_ADDRESS (0x00) I think this should probably read "ADDRESS_SIZE", rather than just "ADDRESS". > > /* Status codes for individual page table levels */ > #define ESR_ELx_FSC_ACCESS_L(n) (ESR_ELx_FSC_ACCESS + (n)) > diff --git a/arch/arm64/kvm/hyp/include/hyp/fault.h b/arch/arm64/kvm/hyp/include/hyp/fault.h > index 17df94570f03..84d165e17bd0 100644 > --- a/arch/arm64/kvm/hyp/include/hyp/fault.h > +++ b/arch/arm64/kvm/hyp/include/hyp/fault.h > @@ -44,31 +44,41 @@ static inline bool __translate_far_to_hpfar(u64 far, u64 *hpfar) > return true; > } > > +/* > + * Checks for the conditions when HPFAR_EL2 is written, per DDI0487L.a D24.2.70. > + */ You could also quote R_FKLWR, which was clarified in C23700 (Known Issues L.a-03) by making the text clearer *and* adding a couple of embarrassing typos (PFAR_EL2 instead of HPFAR_EL2). If anything, the rule is more or less guaranteed to keep its reference, while the numbering above will definitely move around. > +static inline bool __hpfar_valid(u64 esr) > +{ > + /* > + * CPUs affected by ARM erratum #834220 may incorrectly report a > + * stage-2 translation fault when a stage-1 permission fault occurs. > + * > + * Re-walk the page tables to determine if a stage-1 fault actually > + * occurred. > + */ > + if (cpus_have_final_cap(ARM64_WORKAROUND_834220) && > + esr_fsc_is_translation_fault(esr)) > + return false; > + > + if (esr_fsc_is_translation_fault(esr) || esr_fsc_is_access_flag_fault(esr)) > + return true; > + > + if ((esr & ESR_ELx_S1PTW) && esr_fsc_is_permission_fault(esr)) > + return true; > + > + return (esr & ESR_ELx_FSC) == ESR_ELx_FSC_ADDRESS; Maybe add a esr_fsc_is_addr_sz_fault()? > +} > + > static inline bool __get_fault_info(u64 esr, struct kvm_vcpu_fault_info *fault) > { > u64 hpfar, far; > > far = read_sysreg_el2(SYS_FAR); > > - /* > - * The HPFAR can be invalid if the stage 2 fault did not > - * happen during a stage 1 page table walk (the ESR_EL2.S1PTW > - * bit is clear) and one of the two following cases are true: > - * 1. The fault was due to a permission fault > - * 2. The processor carries errata 834220 > - * > - * Therefore, for all non S1PTW faults where we either have a > - * permission fault or the errata workaround is enabled, we > - * resolve the IPA using the AT instruction. > - */ > - if (!(esr & ESR_ELx_S1PTW) && > - (cpus_have_final_cap(ARM64_WORKAROUND_834220) || > - esr_fsc_is_permission_fault(esr))) { > - if (!__translate_far_to_hpfar(far, &hpfar)) > - return false; > - } else { > + if (__hpfar_valid(esr)) > hpfar = read_sysreg(hpfar_el2); > - } > + else if (!__translate_far_to_hpfar(far, &hpfar)) > + return false; > > fault->far_el2 = far; > fault->hpfar_el2 = hpfar; Otherwise looks OK to me. M. -- Jazz isn't dead. It just smells funny.