From: Catalin Marinas <catalin.marinas@arm.com>
To: "Aneesh Kumar K.V" <aneesh.kumar@kernel.org>
Cc: Will Deacon <will@kernel.org>,
linux-arm-kernel@lists.infradead.org,
Sudeep Holla <sudeep.holla@arm.com>,
Lorenzo Pieralisi <lpieralisi@kernel.org>,
Suzuki Poulose <suzuki.poulose@arm.com>,
Steven Price <steven.price@arm.com>,
Oliver Upton <oliver.upton@linux.dev>,
Marc Zyngier <maz@kernel.org>,
linux-coco@lists.linux.dev
Subject: Re: [PATCH 1/6] firmware/smccc: Call arch-specific hook on discovering KVM services
Date: Fri, 2 Aug 2024 16:44:16 +0100 [thread overview]
Message-ID: <Zqz-0IosZbF76d0E@arm.com> (raw)
In-Reply-To: <yq5ale1htv0w.fsf@kernel.org>
On Wed, Jul 31, 2024 at 09:26:31PM +0530, Aneesh Kumar K.V wrote:
> Aneesh Kumar K.V <aneesh.kumar@kernel.org> writes:
> > Will Deacon <will@kernel.org> writes:
> >> On Wed, Jul 31, 2024 at 08:11:16PM +0530, Aneesh Kumar K.V wrote:
> >>> Will Deacon <will@kernel.org> writes:
> >>> > diff --git a/drivers/firmware/smccc/kvm_guest.c b/drivers/firmware/smccc/kvm_guest.c
> >>> > index 89a68e7eeaa6..f3319be20b36 100644
> >>> > --- a/drivers/firmware/smccc/kvm_guest.c
> >>> > +++ b/drivers/firmware/smccc/kvm_guest.c
> >>> > @@ -39,6 +39,8 @@ void __init kvm_init_hyp_services(void)
> >>> >
> >>> > pr_info("hypervisor services detected (0x%08lx 0x%08lx 0x%08lx 0x%08lx)\n",
> >>> > res.a3, res.a2, res.a1, res.a0);
> >>> > +
> >>> > + kvm_arch_init_hyp_services();
> >>> > }
> >>> >
> >>>
> >>> That is a bit late to detect RMM? One of the requirements is to
> >>> figure out the pgprot_t flags for early_ioremap so that "earlycon" will
> >>> work (by mapping the address as shared alias). To do that we need to
> >>> make an RSI call to detect PROT_NS_SHARED mask as below.
> >>>
> >>> if (rsi_get_realm_config(&config))
> >>> return;
> >>> prot_ns_shared = BIT(config.ipa_bits - 1);
> >>
> >> Why can't the earlycon MMIO address just have that high bit set?
> >>
> >> I think it's horribly fragile to try detecting all of this stuff before
> >> we're allowed to touch the console. We don't even bother with pKVM --
> >> it's the guest firmware's responsibility to MMIO_GUARD the UART if it
> >> detects a debuggable payload.
> >
> > To mark something shared, we need to know the mask value which is
> > returned via rsi_get_realm_config() call.
>
> I guess you are suggesting to leave it to firmware to set up the device
> tree "reg-offset" with shared bit set?
As you know, we've been through these options internally and we
concluded not to encode this information in the DT for various reasons.
Personally I don't like this IPA split but that's too late to change it
now in the RMM spec.
--
Catalin
next prev parent reply other threads:[~2024-08-02 15:44 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-07-30 15:11 [PATCH 0/6] Support for running as a pKVM protected guest Will Deacon
2024-07-30 15:11 ` [PATCH 1/6] firmware/smccc: Call arch-specific hook on discovering KVM services Will Deacon
2024-07-31 14:41 ` Aneesh Kumar K.V
2024-07-31 15:50 ` Will Deacon
2024-07-31 15:53 ` Aneesh Kumar K.V
2024-07-31 15:56 ` Aneesh Kumar K.V
2024-08-02 15:44 ` Catalin Marinas [this message]
2024-08-02 16:16 ` Aneesh Kumar K.V
2024-08-02 15:30 ` Suzuki K Poulose
2024-08-07 12:43 ` Suzuki K Poulose
2024-08-23 13:13 ` Will Deacon
2024-08-02 15:13 ` Catalin Marinas
2024-07-30 15:11 ` [PATCH 2/6] drivers/virt: pkvm: Add initial support for running as a protected guest Will Deacon
2024-07-30 15:11 ` [PATCH 3/6] arm64: mm: Add top-level dispatcher for internal mem_encrypt API Will Deacon
2024-07-30 15:11 ` [PATCH 4/6] drivers/virt: pkvm: Hook up mem_encrypt API using pKVM hypercalls Will Deacon
2024-08-21 16:49 ` Marc Zyngier
2024-08-23 15:41 ` Will Deacon
2024-08-23 16:53 ` Marc Zyngier
2024-07-30 15:11 ` [PATCH 5/6] arm64: mm: Add confidential computing hook to ioremap_prot() Will Deacon
2024-07-30 15:11 ` [PATCH 6/6] drivers/virt: pkvm: Intercept ioremap using pKVM MMIO_GUARD hypercall Will Deacon
2024-07-31 13:24 ` Aneesh Kumar K.V
2024-07-31 13:55 ` [PATCH 0/6] Support for running as a pKVM protected guest Suzuki K Poulose
2024-07-31 15:52 ` Will Deacon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Zqz-0IosZbF76d0E@arm.com \
--to=catalin.marinas@arm.com \
--cc=aneesh.kumar@kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-coco@lists.linux.dev \
--cc=lpieralisi@kernel.org \
--cc=maz@kernel.org \
--cc=oliver.upton@linux.dev \
--cc=steven.price@arm.com \
--cc=sudeep.holla@arm.com \
--cc=suzuki.poulose@arm.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.