From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EA5A331AAB8 for ; Mon, 5 Jan 2026 15:50:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1767628225; cv=none; b=AuyBn4jOIe5jo3IU2KIgz4W18238BoL2MerfszjZtytfncO+1Njo1P+L/1VzUoEmrqFKfn7PyC13F6BPdcJCEKoJeafDlf+phHQmTTcX2y5D/7oX9jyu86yKlmHqqVT971u0TsfWm5qW8fCc2mKQdhen0CmLnKYADZWuWIWdSs8= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1767628225; c=relaxed/simple; bh=IlabmGloohWpJGb1upkk1BmM+dYLZQuYWdpA7b8aka0=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=G4V5sVia9JosKlk5CYX9K0Z2VC4ufvHn/E0dAVNliyXZu5Ql7iwv4LlVIxvyG8q627dTxNUPL5sMBXh1j1twajbAo0WTSnW7N8l+OiHRyfV3wCiaq6XDJa6JLunr8ONV1aJ5tWNo1iU1Jf8ZiAlyfowsv6k08qBp4ZZRCpoDNxE= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=XR3XMOdJ; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="XR3XMOdJ" Received: by smtp.kernel.org (Postfix) with ESMTPSA id B16E1C19421; Mon, 5 Jan 2026 15:50:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1767628224; bh=IlabmGloohWpJGb1upkk1BmM+dYLZQuYWdpA7b8aka0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=XR3XMOdJt8e15CZ5MRa2lOQtYs4bl8IyIIZxvbduuCP2HXUQypuJhSN6V8zauXTJJ 6dt9xAJUe2K/kaJRauHBebajqiHkdA+W2sLJCOjvYfq4VsPTO2xtESLmgdR68nYJyK ftT5ZxxrEBUe42kHAjuyl+hvM+Te0S3zr2mkizMulKwOEMY2Dp+qZMd6TfmwnvqFPo O9E2lI8b69qOiCSvTOOkhjZw7NOVLw07hz6mgkIp7GY2Qxj9jF2bBGyEEFOSTAofxk oZA3OHbSnT15aWPGiI/8bws292ASUgJHfZdG1U3j4fdpeR1+YXuzpbUaOOko7E8uxq lSZDPzQbd8a6A== From: Will Deacon To: kvmarm@lists.linux.dev Cc: linux-arm-kernel@lists.infradead.org, Will Deacon , Marc Zyngier , Oliver Upton , Joey Gouly , Suzuki K Poulose , Zenghui Yu , Catalin Marinas , Quentin Perret , Fuad Tabba , Vincent Donnefort , Mostafa Saleh Subject: [PATCH 11/30] KVM: arm64: Hook up donation hypercall to pkvm_pgtable_stage2_map() Date: Mon, 5 Jan 2026 15:49:19 +0000 Message-ID: <20260105154939.11041-12-will@kernel.org> X-Mailer: git-send-email 2.47.3 In-Reply-To: <20260105154939.11041-1-will@kernel.org> References: <20260105154939.11041-1-will@kernel.org> Precedence: bulk X-Mailing-List: kvmarm@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Mapping pages into a protected guest requires the donation of memory from the host. Extend pkvm_pgtable_stage2_map() to issue a donate hypercall when the target VM is protected. Since the hypercall only handles a single page, the splitting logic used for the share path is not required. Signed-off-by: Will Deacon --- arch/arm64/kvm/pkvm.c | 58 ++++++++++++++++++++++++++++++------------- 1 file changed, 41 insertions(+), 17 deletions(-) diff --git a/arch/arm64/kvm/pkvm.c b/arch/arm64/kvm/pkvm.c index a39dacd1d617..1814e17d600e 100644 --- a/arch/arm64/kvm/pkvm.c +++ b/arch/arm64/kvm/pkvm.c @@ -373,31 +373,55 @@ int pkvm_pgtable_stage2_map(struct kvm_pgtable *pgt, u64 addr, u64 size, struct kvm_hyp_memcache *cache = mc; u64 gfn = addr >> PAGE_SHIFT; u64 pfn = phys >> PAGE_SHIFT; + u64 end = addr + size; int ret; - if (size != PAGE_SIZE && size != PMD_SIZE) - return -EINVAL; - lockdep_assert_held_write(&kvm->mmu_lock); + mapping = pkvm_mapping_iter_first(&pgt->pkvm_mappings, addr, end - 1); - /* - * Calling stage2_map() on top of existing mappings is either happening because of a race - * with another vCPU, or because we're changing between page and block mappings. As per - * user_mem_abort(), same-size permission faults are handled in the relax_perms() path. - */ - mapping = pkvm_mapping_iter_first(&pgt->pkvm_mappings, addr, addr + size - 1); - if (mapping) { - if (size == (mapping->nr_pages * PAGE_SIZE)) + if (kvm_vm_is_protected(kvm)) { + /* Protected VMs are mapped using RWX page-granular mappings */ + if (WARN_ON_ONCE(size != PAGE_SIZE)) + return -EINVAL; + + if (WARN_ON_ONCE(prot != KVM_PGTABLE_PROT_RWX)) + return -EINVAL; + + /* + * We raced with another vCPU. + */ + if (mapping) return -EAGAIN; - /* Remove _any_ pkvm_mapping overlapping with the range, bigger or smaller. */ - ret = __pkvm_pgtable_stage2_unshare(pgt, addr, addr + size); - if (ret) - return ret; - mapping = NULL; + ret = kvm_call_hyp_nvhe(__pkvm_host_donate_guest, pfn, gfn); + } else { + if (WARN_ON_ONCE(size != PAGE_SIZE && size != PMD_SIZE)) + return -EINVAL; + + /* + * We either raced with another vCPU or we're changing between + * page and block mappings. As per user_mem_abort(), same-size + * permission faults are handled in the relax_perms() path. + */ + if (mapping) { + if (size == (mapping->nr_pages * PAGE_SIZE)) + return -EAGAIN; + + /* + * Remove _any_ pkvm_mapping overlapping with the range, + * bigger or smaller. + */ + ret = __pkvm_pgtable_stage2_unshare(pgt, addr, end); + if (ret) + return ret; + + mapping = NULL; + } + + ret = kvm_call_hyp_nvhe(__pkvm_host_share_guest, pfn, gfn, + size / PAGE_SIZE, prot); } - ret = kvm_call_hyp_nvhe(__pkvm_host_share_guest, pfn, gfn, size / PAGE_SIZE, prot); if (WARN_ON(ret)) return ret; -- 2.52.0.351.gbe84eed79e-goog