From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mm01.cs.columbia.edu (mm01.cs.columbia.edu [128.59.11.253]) by smtp.lore.kernel.org (Postfix) with ESMTP id 13219ECAAD1 for ; Wed, 31 Aug 2022 14:42:18 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mm01.cs.columbia.edu (Postfix) with ESMTP id 6F1254BA13; Wed, 31 Aug 2022 10:42:18 -0400 (EDT) X-Virus-Scanned: at lists.cs.columbia.edu Authentication-Results: mm01.cs.columbia.edu (amavisd-new); dkim=softfail (fail, message has been altered) header.i=@linux.dev Received: from mm01.cs.columbia.edu ([127.0.0.1]) by localhost (mm01.cs.columbia.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5Imy4r1ItivZ; Wed, 31 Aug 2022 10:42:17 -0400 (EDT) Received: from mm01.cs.columbia.edu (localhost [127.0.0.1]) by mm01.cs.columbia.edu (Postfix) with ESMTP id 13A024B9CD; Wed, 31 Aug 2022 10:42:17 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mm01.cs.columbia.edu (Postfix) with ESMTP id C7E744B89C for ; Wed, 31 Aug 2022 10:42:15 -0400 (EDT) X-Virus-Scanned: at lists.cs.columbia.edu Received: from mm01.cs.columbia.edu ([127.0.0.1]) by localhost (mm01.cs.columbia.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xEV5tUBtjeVv for ; Wed, 31 Aug 2022 10:42:14 -0400 (EDT) Received: from out0.migadu.com (out0.migadu.com [94.23.1.103]) by mm01.cs.columbia.edu (Postfix) with ESMTPS id 964C34B85E for ; Wed, 31 Aug 2022 10:42:14 -0400 (EDT) Date: Wed, 31 Aug 2022 14:42:09 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1661956933; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=g3Lk2N97Zy8lF4iHLvNol66vmP95kccpVgysVRZVMDY=; b=DxmKFJZH3WcdiTOix4wPJ2jevhfZDpQLQRr0E8RzgtFAbrFUiWjnuCRIo4VdA7V9wVB0aY nWDczGJ5u3d9PShBrqVRrwBKRN7UnFn1ALppULQ+QijhEhPJQJBI8d/ZQnjpzcA8VAbo0Z aVVG2TWEZflbOHWlnKVif5jTQZzY8E4= X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. From: Oliver Upton To: Reiji Watanabe Subject: Re: [PATCH 4/6] KVM: arm64: Add a visibility bit to ignore user writes Message-ID: References: <20220817214818.3243383-1-oliver.upton@linux.dev> <20220817214818.3243383-5-oliver.upton@linux.dev> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: X-Migadu-Flow: FLOW_OUT X-Migadu-Auth-User: linux.dev Cc: Linux ARM , Marc Zyngier , Will Deacon , kvmarm@lists.cs.columbia.edu, kvm@vger.kernel.org X-BeenThere: kvmarm@lists.cs.columbia.edu X-Mailman-Version: 2.1.14 Precedence: list List-Id: Where KVM/ARM decisions are made List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: kvmarm-bounces@lists.cs.columbia.edu Sender: kvmarm-bounces@lists.cs.columbia.edu On Tue, Aug 30, 2022 at 08:29:37PM -0700, Reiji Watanabe wrote: > Hi Oliver, > > On Wed, Aug 17, 2022 at 2:48 PM Oliver Upton wrote: > > > > We're about to ignore writes to AArch32 ID registers on AArch64-only > > systems. Add a bit to indicate a register is handled as write ignore > > when accessed from userspace. > > > > Signed-off-by: Oliver Upton > > --- > > arch/arm64/kvm/sys_regs.c | 3 +++ > > arch/arm64/kvm/sys_regs.h | 7 +++++++ > > 2 files changed, 10 insertions(+) > > > > diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c > > index 26210f3a0b27..9f06c85f26b8 100644 > > --- a/arch/arm64/kvm/sys_regs.c > > +++ b/arch/arm64/kvm/sys_regs.c > > @@ -1232,6 +1232,9 @@ static int set_id_reg(struct kvm_vcpu *vcpu, const struct sys_reg_desc *rd, > > { > > bool raz = sysreg_visible_as_raz(vcpu, rd); > > > > + if (sysreg_user_write_ignore(vcpu, rd)) > > + return 0; > > Since the visibility flags are not ID register specific, > have you considered checking REG_USER_WI from kvm_sys_reg_set_user() > rather than the ID register specific function ? Yeah, that's definitely a better place to wire it in. > This patch made me reconsider my comment for the patch-2. > Perhaps it might be more appropriate to check RAZ visibility from > kvm_sys_reg_get_user() rather than the ID register specific function ? REG_RAZ hides the register value from the guest as well as userspace, so it might be better to leave it in place. REG_RAZ also has implications for writing a register from userspace, as we still apply the expectation of invariance to ID registers that set this flag. It all 'just works' right now with the check buried in the ID register accessors. Going the other way around would require sprinkling the check in several locations. -- Thanks, Oliver _______________________________________________ kvmarm mailing list kvmarm@lists.cs.columbia.edu https://lists.cs.columbia.edu/mailman/listinfo/kvmarm From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id ED3B6C0502C for ; Wed, 31 Aug 2022 14:43:34 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:References: Message-ID:Subject:Cc:To:From:Date:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=GUtaQzx1WQhiYZBzTCUkWW7hS6DS98cCYJCZh7vUCK8=; b=MrAl2nW1I0ql1G DHQE7lcNH8S+XIOfrm9XDp0mlisypMyO/p5sbnsTP02gnwbXjGowl4R5XK/Ge9OhO28z7+hPKtcdd CzI3GnkgOBeLS8rZKyRq2XhRyqXBFeqwSFLEPCenYxM8iwgIktNxd0OD8WPEU781zQ2ZaIrV7txww vK4YPoKkwLdZx+bx7xwBFBFvTePyJ9GW7aXYdX99uLaNamR/tA1H/eGkKYiq03WlSofhOBeGlghmm e6YKjPxE8vHKWYLP5KAS6RqcoiHWRu05NI16iXzq8dbc9PFl5uXgXH8F8oGr4+UGoW4nOrRln/1x+ iw5fPL5GSgc98Ye4nlzQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1oTOv9-006mbj-QW; Wed, 31 Aug 2022 14:42:24 +0000 Received: from out0.migadu.com ([2001:41d0:2:267::]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1oTOv4-006mYu-48 for linux-arm-kernel@lists.infradead.org; Wed, 31 Aug 2022 14:42:20 +0000 Date: Wed, 31 Aug 2022 14:42:09 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1661956933; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=g3Lk2N97Zy8lF4iHLvNol66vmP95kccpVgysVRZVMDY=; b=DxmKFJZH3WcdiTOix4wPJ2jevhfZDpQLQRr0E8RzgtFAbrFUiWjnuCRIo4VdA7V9wVB0aY nWDczGJ5u3d9PShBrqVRrwBKRN7UnFn1ALppULQ+QijhEhPJQJBI8d/ZQnjpzcA8VAbo0Z aVVG2TWEZflbOHWlnKVif5jTQZzY8E4= X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. From: Oliver Upton To: Reiji Watanabe Cc: kvmarm@lists.cs.columbia.edu, kvm@vger.kernel.org, Marc Zyngier , Will Deacon , Linux ARM Subject: Re: [PATCH 4/6] KVM: arm64: Add a visibility bit to ignore user writes Message-ID: References: <20220817214818.3243383-1-oliver.upton@linux.dev> <20220817214818.3243383-5-oliver.upton@linux.dev> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: X-Migadu-Flow: FLOW_OUT X-Migadu-Auth-User: linux.dev X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20220831_074219_108704_B4644008 X-CRM114-Status: GOOD ( 23.20 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On Tue, Aug 30, 2022 at 08:29:37PM -0700, Reiji Watanabe wrote: > Hi Oliver, > > On Wed, Aug 17, 2022 at 2:48 PM Oliver Upton wrote: > > > > We're about to ignore writes to AArch32 ID registers on AArch64-only > > systems. Add a bit to indicate a register is handled as write ignore > > when accessed from userspace. > > > > Signed-off-by: Oliver Upton > > --- > > arch/arm64/kvm/sys_regs.c | 3 +++ > > arch/arm64/kvm/sys_regs.h | 7 +++++++ > > 2 files changed, 10 insertions(+) > > > > diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c > > index 26210f3a0b27..9f06c85f26b8 100644 > > --- a/arch/arm64/kvm/sys_regs.c > > +++ b/arch/arm64/kvm/sys_regs.c > > @@ -1232,6 +1232,9 @@ static int set_id_reg(struct kvm_vcpu *vcpu, const struct sys_reg_desc *rd, > > { > > bool raz = sysreg_visible_as_raz(vcpu, rd); > > > > + if (sysreg_user_write_ignore(vcpu, rd)) > > + return 0; > > Since the visibility flags are not ID register specific, > have you considered checking REG_USER_WI from kvm_sys_reg_set_user() > rather than the ID register specific function ? Yeah, that's definitely a better place to wire it in. > This patch made me reconsider my comment for the patch-2. > Perhaps it might be more appropriate to check RAZ visibility from > kvm_sys_reg_get_user() rather than the ID register specific function ? REG_RAZ hides the register value from the guest as well as userspace, so it might be better to leave it in place. REG_RAZ also has implications for writing a register from userspace, as we still apply the expectation of invariance to ID registers that set this flag. It all 'just works' right now with the check buried in the ID register accessors. Going the other way around would require sprinkling the check in several locations. -- Thanks, Oliver _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 23625C0502A for ; Wed, 31 Aug 2022 14:42:19 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230425AbiHaOmR (ORCPT ); Wed, 31 Aug 2022 10:42:17 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57232 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231802AbiHaOmP (ORCPT ); Wed, 31 Aug 2022 10:42:15 -0400 Received: from out0.migadu.com (out0.migadu.com [94.23.1.103]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A184FAE226 for ; Wed, 31 Aug 2022 07:42:14 -0700 (PDT) Date: Wed, 31 Aug 2022 14:42:09 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1661956933; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=g3Lk2N97Zy8lF4iHLvNol66vmP95kccpVgysVRZVMDY=; b=DxmKFJZH3WcdiTOix4wPJ2jevhfZDpQLQRr0E8RzgtFAbrFUiWjnuCRIo4VdA7V9wVB0aY nWDczGJ5u3d9PShBrqVRrwBKRN7UnFn1ALppULQ+QijhEhPJQJBI8d/ZQnjpzcA8VAbo0Z aVVG2TWEZflbOHWlnKVif5jTQZzY8E4= X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. From: Oliver Upton To: Reiji Watanabe Cc: kvmarm@lists.cs.columbia.edu, kvm@vger.kernel.org, Marc Zyngier , Will Deacon , Linux ARM Subject: Re: [PATCH 4/6] KVM: arm64: Add a visibility bit to ignore user writes Message-ID: References: <20220817214818.3243383-1-oliver.upton@linux.dev> <20220817214818.3243383-5-oliver.upton@linux.dev> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Migadu-Flow: FLOW_OUT X-Migadu-Auth-User: linux.dev Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org On Tue, Aug 30, 2022 at 08:29:37PM -0700, Reiji Watanabe wrote: > Hi Oliver, > > On Wed, Aug 17, 2022 at 2:48 PM Oliver Upton wrote: > > > > We're about to ignore writes to AArch32 ID registers on AArch64-only > > systems. Add a bit to indicate a register is handled as write ignore > > when accessed from userspace. > > > > Signed-off-by: Oliver Upton > > --- > > arch/arm64/kvm/sys_regs.c | 3 +++ > > arch/arm64/kvm/sys_regs.h | 7 +++++++ > > 2 files changed, 10 insertions(+) > > > > diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c > > index 26210f3a0b27..9f06c85f26b8 100644 > > --- a/arch/arm64/kvm/sys_regs.c > > +++ b/arch/arm64/kvm/sys_regs.c > > @@ -1232,6 +1232,9 @@ static int set_id_reg(struct kvm_vcpu *vcpu, const struct sys_reg_desc *rd, > > { > > bool raz = sysreg_visible_as_raz(vcpu, rd); > > > > + if (sysreg_user_write_ignore(vcpu, rd)) > > + return 0; > > Since the visibility flags are not ID register specific, > have you considered checking REG_USER_WI from kvm_sys_reg_set_user() > rather than the ID register specific function ? Yeah, that's definitely a better place to wire it in. > This patch made me reconsider my comment for the patch-2. > Perhaps it might be more appropriate to check RAZ visibility from > kvm_sys_reg_get_user() rather than the ID register specific function ? REG_RAZ hides the register value from the guest as well as userspace, so it might be better to leave it in place. REG_RAZ also has implications for writing a register from userspace, as we still apply the expectation of invariance to ID registers that set this flag. It all 'just works' right now with the check buried in the ID register accessors. Going the other way around would require sprinkling the check in several locations. -- Thanks, Oliver