From: Marc Zyngier <maz@kernel.org>
To: eric.auger@redhat.com
Cc: kvmarm@lists.linux.dev, kvm@vger.kernel.org,
linux-arm-kernel@lists.infradead.org,
Catalin Marinas <catalin.marinas@arm.com>,
Mark Brown <broonie@kernel.org>,
Mark Rutland <mark.rutland@arm.com>,
Will Deacon <will@kernel.org>,
Alexandru Elisei <alexandru.elisei@arm.com>,
Andre Przywara <andre.przywara@arm.com>,
Chase Conklin <chase.conklin@arm.com>,
Ganapatrao Kulkarni <gankulkarni@os.amperecomputing.com>,
Darren Hart <darren@os.amperecomputing.com>,
Miguel Luis <miguel.luis@oracle.com>,
James Morse <james.morse@arm.com>,
Suzuki K Poulose <suzuki.poulose@arm.com>,
Oliver Upton <oliver.upton@linux.dev>,
Zenghui Yu <yuzenghui@huawei.com>
Subject: Re: [PATCH v3 23/27] KVM: arm64: nv: Add SVC trap forwarding
Date: Thu, 10 Aug 2023 11:42:19 +0100 [thread overview]
Message-ID: <87wmy3p4ac.wl-maz@kernel.org> (raw)
In-Reply-To: <2a751a64-559e-cb17-4359-7f368c1b42ca@redhat.com>
Hi Eric,
On Thu, 10 Aug 2023 09:35:41 +0100,
Eric Auger <eric.auger@redhat.com> wrote:
>
> Hi Marc,
>
> On 8/8/23 13:47, Marc Zyngier wrote:
> > HFGITR_EL2 allows the trap of SVC instructions to EL2. Allow these
> > traps to be forwarded. Take this opportunity to deny any 32bit activity
> > when NV is enabled.
>
> I can't figure out how HFGITR_EL2.{SVC_EL1, SVC_EL0 and ERET} are
> handled. Please could you explain.
- SVC: KVM itself never traps it, so any trap of SVC must be the
result of a guest trap -- we don't need to do any demultiplexing. We
thus directly inject the trap back. This is what the comment in
handle_svc() tries to capture, but obviously fails to convey the
point.
- ERET: This is already handled since 6898a55ce38c ("KVM: arm64: nv:
Handle trapped ERET from virtual EL2"). Similarly to SVC, KVM never
traps it unless we run NV.
Now, looking into it, I think I'm missing the additional case where
the L2 guest runs at vEL1. I'm about to add the following patchlet:
diff --git a/arch/arm64/kvm/handle_exit.c b/arch/arm64/kvm/handle_exit.c
index 3b86d534b995..617ae6dea5d5 100644
--- a/arch/arm64/kvm/handle_exit.c
+++ b/arch/arm64/kvm/handle_exit.c
@@ -222,7 +222,22 @@ static int kvm_handle_eret(struct kvm_vcpu *vcpu)
if (kvm_vcpu_get_esr(vcpu) & ESR_ELx_ERET_ISS_ERET)
return kvm_handle_ptrauth(vcpu);
- kvm_emulate_nested_eret(vcpu);
+ /*
+ * If we got here, two possibilities:
+ *
+ * - the guest is in EL2, and we need to fully emulate ERET
+ *
+ * - the guest is in EL1, and we need to reinject the
+ * exception into the L1 hypervisor.
+ *
+ * If KVM ever traps ERET for its own use, we'll have to
+ * revisit this.
+ */
+ if (is_hyp_ctxt(vcpu))
+ kvm_emulate_nested_eret(vcpu);
+ else
+ kvm_inject_nested_sync(vcpu, kvm_vcpu_get_esr(vcpu));
+
return 1;
}
Does the above help?
Thanks,
M.
--
Without deviation from the norm, progress is not possible.
WARNING: multiple messages have this Message-ID (diff)
From: Marc Zyngier <maz@kernel.org>
To: eric.auger@redhat.com
Cc: kvmarm@lists.linux.dev, kvm@vger.kernel.org,
linux-arm-kernel@lists.infradead.org,
Catalin Marinas <catalin.marinas@arm.com>,
Mark Brown <broonie@kernel.org>,
Mark Rutland <mark.rutland@arm.com>,
Will Deacon <will@kernel.org>,
Alexandru Elisei <alexandru.elisei@arm.com>,
Andre Przywara <andre.przywara@arm.com>,
Chase Conklin <chase.conklin@arm.com>,
Ganapatrao Kulkarni <gankulkarni@os.amperecomputing.com>,
Darren Hart <darren@os.amperecomputing.com>,
Miguel Luis <miguel.luis@oracle.com>,
James Morse <james.morse@arm.com>,
Suzuki K Poulose <suzuki.poulose@arm.com>,
Oliver Upton <oliver.upton@linux.dev>,
Zenghui Yu <yuzenghui@huawei.com>
Subject: Re: [PATCH v3 23/27] KVM: arm64: nv: Add SVC trap forwarding
Date: Thu, 10 Aug 2023 11:42:19 +0100 [thread overview]
Message-ID: <87wmy3p4ac.wl-maz@kernel.org> (raw)
In-Reply-To: <2a751a64-559e-cb17-4359-7f368c1b42ca@redhat.com>
Hi Eric,
On Thu, 10 Aug 2023 09:35:41 +0100,
Eric Auger <eric.auger@redhat.com> wrote:
>
> Hi Marc,
>
> On 8/8/23 13:47, Marc Zyngier wrote:
> > HFGITR_EL2 allows the trap of SVC instructions to EL2. Allow these
> > traps to be forwarded. Take this opportunity to deny any 32bit activity
> > when NV is enabled.
>
> I can't figure out how HFGITR_EL2.{SVC_EL1, SVC_EL0 and ERET} are
> handled. Please could you explain.
- SVC: KVM itself never traps it, so any trap of SVC must be the
result of a guest trap -- we don't need to do any demultiplexing. We
thus directly inject the trap back. This is what the comment in
handle_svc() tries to capture, but obviously fails to convey the
point.
- ERET: This is already handled since 6898a55ce38c ("KVM: arm64: nv:
Handle trapped ERET from virtual EL2"). Similarly to SVC, KVM never
traps it unless we run NV.
Now, looking into it, I think I'm missing the additional case where
the L2 guest runs at vEL1. I'm about to add the following patchlet:
diff --git a/arch/arm64/kvm/handle_exit.c b/arch/arm64/kvm/handle_exit.c
index 3b86d534b995..617ae6dea5d5 100644
--- a/arch/arm64/kvm/handle_exit.c
+++ b/arch/arm64/kvm/handle_exit.c
@@ -222,7 +222,22 @@ static int kvm_handle_eret(struct kvm_vcpu *vcpu)
if (kvm_vcpu_get_esr(vcpu) & ESR_ELx_ERET_ISS_ERET)
return kvm_handle_ptrauth(vcpu);
- kvm_emulate_nested_eret(vcpu);
+ /*
+ * If we got here, two possibilities:
+ *
+ * - the guest is in EL2, and we need to fully emulate ERET
+ *
+ * - the guest is in EL1, and we need to reinject the
+ * exception into the L1 hypervisor.
+ *
+ * If KVM ever traps ERET for its own use, we'll have to
+ * revisit this.
+ */
+ if (is_hyp_ctxt(vcpu))
+ kvm_emulate_nested_eret(vcpu);
+ else
+ kvm_inject_nested_sync(vcpu, kvm_vcpu_get_esr(vcpu));
+
return 1;
}
Does the above help?
Thanks,
M.
--
Without deviation from the norm, progress is not possible.
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2023-08-10 10:42 UTC|newest]
Thread overview: 140+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-08 11:46 [PATCH v3 00/27] KVM: arm64: NV trap forwarding infrastructure Marc Zyngier
2023-08-08 11:46 ` Marc Zyngier
2023-08-08 11:46 ` [PATCH v3 01/27] arm64: Add missing VA CMO encodings Marc Zyngier
2023-08-08 11:46 ` Marc Zyngier
2023-08-10 3:14 ` Jing Zhang
2023-08-10 3:14 ` Jing Zhang
2023-08-15 10:39 ` Marc Zyngier
2023-08-15 10:39 ` Marc Zyngier
2023-08-08 11:46 ` [PATCH v3 02/27] arm64: Add missing ERX*_EL1 encodings Marc Zyngier
2023-08-08 11:46 ` Marc Zyngier
2023-08-10 4:25 ` Jing Zhang
2023-08-10 4:25 ` Jing Zhang
2023-08-08 11:46 ` [PATCH v3 03/27] arm64: Add missing DC ZVA/GVA/GZVA encodings Marc Zyngier
2023-08-08 11:46 ` Marc Zyngier
2023-08-10 4:29 ` Jing Zhang
2023-08-10 4:29 ` Jing Zhang
2023-08-08 11:46 ` [PATCH v3 04/27] arm64: Add TLBI operation encodings Marc Zyngier
2023-08-08 11:46 ` Marc Zyngier
2023-08-10 5:22 ` Jing Zhang
2023-08-10 5:22 ` Jing Zhang
2023-08-08 11:46 ` [PATCH v3 05/27] arm64: Add AT " Marc Zyngier
2023-08-08 11:46 ` Marc Zyngier
2023-08-11 2:20 ` Jing Zhang
2023-08-11 2:20 ` Jing Zhang
2023-08-08 11:46 ` [PATCH v3 06/27] arm64: Add debug registers affected by HDFGxTR_EL2 Marc Zyngier
2023-08-08 11:46 ` Marc Zyngier
2023-08-11 3:00 ` Jing Zhang
2023-08-11 3:00 ` Jing Zhang
2023-08-08 11:46 ` [PATCH v3 07/27] arm64: Add missing BRB/CFP/DVP/CPP instructions Marc Zyngier
2023-08-08 11:46 ` Marc Zyngier
2023-08-11 3:07 ` Jing Zhang
2023-08-11 3:07 ` Jing Zhang
2023-08-08 11:46 ` [PATCH v3 08/27] arm64: Add HDFGRTR_EL2 and HDFGWTR_EL2 layouts Marc Zyngier
2023-08-08 11:46 ` Marc Zyngier
2023-08-11 3:19 ` Jing Zhang
2023-08-11 3:19 ` Jing Zhang
2023-08-14 12:32 ` Eric Auger
2023-08-14 12:32 ` Eric Auger
2023-08-08 11:46 ` [PATCH v3 09/27] arm64: Add feature detection for fine grained traps Marc Zyngier
2023-08-08 11:46 ` Marc Zyngier
2023-08-11 15:26 ` Jing Zhang
2023-08-11 15:26 ` Jing Zhang
2023-08-08 11:46 ` [PATCH v3 10/27] KVM: arm64: Correctly handle ACCDATA_EL1 traps Marc Zyngier
2023-08-08 11:46 ` Marc Zyngier
2023-08-11 15:31 ` Jing Zhang
2023-08-11 15:31 ` Jing Zhang
2023-08-08 11:46 ` [PATCH v3 11/27] KVM: arm64: Add missing HCR_EL2 trap bits Marc Zyngier
2023-08-08 11:46 ` Marc Zyngier
2023-08-11 16:21 ` Jing Zhang
2023-08-11 16:21 ` Jing Zhang
2023-08-08 11:46 ` [PATCH v3 12/27] KVM: arm64: nv: Add FGT registers Marc Zyngier
2023-08-08 11:46 ` Marc Zyngier
2023-08-11 16:36 ` Jing Zhang
2023-08-11 16:36 ` Jing Zhang
2023-08-08 11:46 ` [PATCH v3 13/27] KVM: arm64: Restructure FGT register switching Marc Zyngier
2023-08-08 11:46 ` Marc Zyngier
2023-08-11 17:40 ` Jing Zhang
2023-08-11 17:40 ` Jing Zhang
2023-08-08 11:46 ` [PATCH v3 14/27] KVM: arm64: nv: Add trap forwarding infrastructure Marc Zyngier
2023-08-08 11:46 ` Marc Zyngier
2023-08-09 13:27 ` Eric Auger
2023-08-09 13:27 ` Eric Auger
2023-08-10 14:44 ` Marc Zyngier
2023-08-10 14:44 ` Marc Zyngier
2023-08-10 17:34 ` Eric Auger
2023-08-10 17:34 ` Eric Auger
2023-08-09 18:28 ` Miguel Luis
2023-08-09 18:28 ` Miguel Luis
2023-08-10 14:43 ` Marc Zyngier
2023-08-10 14:43 ` Marc Zyngier
2023-08-13 2:24 ` Jing Zhang
2023-08-13 2:24 ` Jing Zhang
2023-08-15 10:38 ` Marc Zyngier
2023-08-15 10:38 ` Marc Zyngier
2023-08-08 11:46 ` [PATCH v3 15/27] KVM: arm64: nv: Add trap forwarding for HCR_EL2 Marc Zyngier
2023-08-08 11:46 ` Marc Zyngier
2023-08-12 3:08 ` Miguel Luis
2023-08-12 3:08 ` Miguel Luis
2023-08-15 10:39 ` Marc Zyngier
2023-08-15 10:39 ` Marc Zyngier
2023-08-15 15:35 ` Miguel Luis
2023-08-15 15:35 ` Miguel Luis
2023-08-15 16:07 ` Marc Zyngier
2023-08-15 16:07 ` Marc Zyngier
2023-08-15 15:46 ` Miguel Luis
2023-08-15 15:46 ` Miguel Luis
2023-08-15 16:09 ` Marc Zyngier
2023-08-15 16:09 ` Marc Zyngier
2023-08-08 11:47 ` [PATCH v3 16/27] KVM: arm64: nv: Expose FEAT_EVT to nested guests Marc Zyngier
2023-08-08 11:47 ` Marc Zyngier
2023-08-14 21:08 ` Jing Zhang
2023-08-14 21:08 ` Jing Zhang
2023-08-08 11:47 ` [PATCH v3 17/27] KVM: arm64: nv: Add trap forwarding for MDCR_EL2 Marc Zyngier
2023-08-08 11:47 ` Marc Zyngier
2023-08-08 11:47 ` [PATCH v3 18/27] KVM: arm64: nv: Add trap forwarding for CNTHCTL_EL2 Marc Zyngier
2023-08-08 11:47 ` Marc Zyngier
2023-08-08 11:47 ` [PATCH v3 19/27] KVM: arm64: nv: Add fine grained trap forwarding infrastructure Marc Zyngier
2023-08-08 11:47 ` Marc Zyngier
2023-08-14 17:18 ` Jing Zhang
2023-08-14 17:18 ` Jing Zhang
2023-08-15 10:39 ` Marc Zyngier
2023-08-15 10:39 ` Marc Zyngier
2023-08-08 11:47 ` [PATCH v3 20/27] KVM: arm64: nv: Add trap forwarding for HFGxTR_EL2 Marc Zyngier
2023-08-08 11:47 ` Marc Zyngier
2023-08-08 11:47 ` [PATCH v3 21/27] KVM: arm64: nv: Add trap forwarding for HFGITR_EL2 Marc Zyngier
2023-08-08 11:47 ` Marc Zyngier
2023-08-08 11:47 ` [PATCH v3 22/27] KVM: arm64: nv: Add trap forwarding for HDFGxTR_EL2 Marc Zyngier
2023-08-08 11:47 ` Marc Zyngier
2023-08-08 12:30 ` Eric Auger
2023-08-08 12:30 ` Eric Auger
2023-08-08 11:47 ` [PATCH v3 23/27] KVM: arm64: nv: Add SVC trap forwarding Marc Zyngier
2023-08-08 11:47 ` Marc Zyngier
2023-08-10 8:35 ` Eric Auger
2023-08-10 8:35 ` Eric Auger
2023-08-10 10:42 ` Marc Zyngier [this message]
2023-08-10 10:42 ` Marc Zyngier
2023-08-10 17:30 ` Eric Auger
2023-08-10 17:30 ` Eric Auger
2023-08-11 7:36 ` Marc Zyngier
2023-08-11 7:36 ` Marc Zyngier
2023-08-14 9:37 ` Eric Auger
2023-08-14 9:37 ` Eric Auger
2023-08-14 9:37 ` Eric Auger
2023-08-14 9:37 ` Eric Auger
2023-08-08 11:47 ` [PATCH v3 24/27] KVM: arm64: nv: Add switching support for HFGxTR/HDFGxTR Marc Zyngier
2023-08-08 11:47 ` Marc Zyngier
2023-08-10 8:59 ` Eric Auger
2023-08-10 8:59 ` Eric Auger
2023-08-08 11:47 ` [PATCH v3 25/27] KVM: arm64: nv: Expose FGT to nested guests Marc Zyngier
2023-08-08 11:47 ` Marc Zyngier
2023-08-10 9:44 ` Eric Auger
2023-08-10 9:44 ` Eric Auger
2023-08-08 11:47 ` [PATCH v3 26/27] KVM: arm64: Move HCRX_EL2 switch to load/put on VHE systems Marc Zyngier
2023-08-08 11:47 ` Marc Zyngier
2023-08-10 12:38 ` Eric Auger
2023-08-10 12:38 ` Eric Auger
2023-08-08 11:47 ` [PATCH v3 27/27] KVM: arm64: nv: Add support for HCRX_EL2 Marc Zyngier
2023-08-08 11:47 ` Marc Zyngier
2023-08-14 12:17 ` Eric Auger
2023-08-14 12:17 ` Eric Auger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87wmy3p4ac.wl-maz@kernel.org \
--to=maz@kernel.org \
--cc=alexandru.elisei@arm.com \
--cc=andre.przywara@arm.com \
--cc=broonie@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=chase.conklin@arm.com \
--cc=darren@os.amperecomputing.com \
--cc=eric.auger@redhat.com \
--cc=gankulkarni@os.amperecomputing.com \
--cc=james.morse@arm.com \
--cc=kvm@vger.kernel.org \
--cc=kvmarm@lists.linux.dev \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=mark.rutland@arm.com \
--cc=miguel.luis@oracle.com \
--cc=oliver.upton@linux.dev \
--cc=suzuki.poulose@arm.com \
--cc=will@kernel.org \
--cc=yuzenghui@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.