From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E3176C433F5 for ; Sun, 17 Oct 2021 10:41:28 +0000 (UTC) Received: from mm01.cs.columbia.edu (mm01.cs.columbia.edu [128.59.11.253]) by mail.kernel.org (Postfix) with ESMTP id 61BD9611C1 for ; Sun, 17 Oct 2021 10:41:28 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 61BD9611C1 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=lists.cs.columbia.edu Received: from localhost (localhost [127.0.0.1]) by mm01.cs.columbia.edu (Postfix) with ESMTP id E0D0A4B0AC; Sun, 17 Oct 2021 06:41:27 -0400 (EDT) X-Virus-Scanned: at lists.cs.columbia.edu Received: from mm01.cs.columbia.edu ([127.0.0.1]) by localhost (mm01.cs.columbia.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xbX71nDMVucj; Sun, 17 Oct 2021 06:41:26 -0400 (EDT) Received: from mm01.cs.columbia.edu (localhost [127.0.0.1]) by mm01.cs.columbia.edu (Postfix) with ESMTP id A730C4B102; Sun, 17 Oct 2021 06:41:26 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mm01.cs.columbia.edu (Postfix) with ESMTP id 2C1A84B0AC for ; Sun, 17 Oct 2021 06:41:26 -0400 (EDT) X-Virus-Scanned: at lists.cs.columbia.edu Received: from mm01.cs.columbia.edu ([127.0.0.1]) by localhost (mm01.cs.columbia.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id E6fAYGoSAVLw for ; Sun, 17 Oct 2021 06:41:25 -0400 (EDT) Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by mm01.cs.columbia.edu (Postfix) with ESMTPS id E45834B092 for ; Sun, 17 Oct 2021 06:41:24 -0400 (EDT) Received: from disco-boy.misterjones.org (disco-boy.misterjones.org [51.254.78.96]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id E5640611C1; Sun, 17 Oct 2021 10:41:23 +0000 (UTC) Received: from sofa.misterjones.org ([185.219.108.64] helo=why.misterjones.org) by disco-boy.misterjones.org with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1mc3bV-00HJPt-MP; Sun, 17 Oct 2021 11:41:21 +0100 Date: Sun, 17 Oct 2021 11:41:21 +0100 Message-ID: <875ytworvy.wl-maz@kernel.org> From: Marc Zyngier To: Quentin Perret Subject: Re: [PATCH 04/16] KVM: arm64: Introduce kvm_share_hyp() In-Reply-To: <20211013155831.943476-5-qperret@google.com> References: <20211013155831.943476-1-qperret@google.com> <20211013155831.943476-5-qperret@google.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM-LB/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL-LB/10.8 EasyPG/1.0.0 Emacs/27.1 (x86_64-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO) MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") X-SA-Exim-Connect-IP: 185.219.108.64 X-SA-Exim-Rcpt-To: qperret@google.com, james.morse@arm.com, alexandru.elisei@arm.com, suzuki.poulose@arm.com, catalin.marinas@arm.com, will@kernel.org, tabba@google.com, dbrazdil@google.com, linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu, linux-kernel@vger.kernel.org, kernel-team@android.com X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on disco-boy.misterjones.org); SAEximRunCond expanded to false Cc: kernel-team@android.com, Will Deacon , Catalin Marinas , linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu X-BeenThere: kvmarm@lists.cs.columbia.edu X-Mailman-Version: 2.1.14 Precedence: list List-Id: Where KVM/ARM decisions are made List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: kvmarm-bounces@lists.cs.columbia.edu Sender: kvmarm-bounces@lists.cs.columbia.edu On Wed, 13 Oct 2021 16:58:19 +0100, Quentin Perret wrote: > > The create_hyp_mappings() function can currently be called at any point > in time. However, its behaviour in protected mode changes widely > depending on when it is being called. Prior to KVM init, it is used to > create the temporary page-table used to bring-up the hypervisor, and > later on it is transparently turned into a 'share' hypercall when the > kernel has lost control over the hypervisor stage-1. In order to prepare > the ground for also unsharing pages with the hypervisor during guest > teardown, introduce a kvm_share_hyp() function to make it clear in which > places a share hypercall should be expected, as we will soon need a > matching unshare hypercall in all those places. > > Signed-off-by: Quentin Perret > --- > arch/arm64/include/asm/kvm_mmu.h | 1 + > arch/arm64/kvm/arm.c | 7 +++---- > arch/arm64/kvm/fpsimd.c | 4 ++-- > arch/arm64/kvm/mmu.c | 19 +++++++++++++------ > 4 files changed, 19 insertions(+), 12 deletions(-) > > diff --git a/arch/arm64/include/asm/kvm_mmu.h b/arch/arm64/include/asm/kvm_mmu.h > index 02d378887743..185d0f62b724 100644 > --- a/arch/arm64/include/asm/kvm_mmu.h > +++ b/arch/arm64/include/asm/kvm_mmu.h > @@ -150,6 +150,7 @@ static __always_inline unsigned long __kern_hyp_va(unsigned long v) > #include > #include > > +int kvm_share_hyp(void *from, void *to); > int create_hyp_mappings(void *from, void *to, enum kvm_pgtable_prot prot); > int create_hyp_io_mappings(phys_addr_t phys_addr, size_t size, > void __iomem **kaddr, > diff --git a/arch/arm64/kvm/arm.c b/arch/arm64/kvm/arm.c > index c33d8c073820..f2e74635332b 100644 > --- a/arch/arm64/kvm/arm.c > +++ b/arch/arm64/kvm/arm.c > @@ -146,7 +146,7 @@ int kvm_arch_init_vm(struct kvm *kvm, unsigned long type) > if (ret) > return ret; > > - ret = create_hyp_mappings(kvm, kvm + 1, PAGE_HYP); > + ret = kvm_share_hyp(kvm, kvm + 1); > if (ret) > goto out_free_stage2_pgd; > > @@ -341,7 +341,7 @@ int kvm_arch_vcpu_create(struct kvm_vcpu *vcpu) > if (err) > return err; > > - return create_hyp_mappings(vcpu, vcpu + 1, PAGE_HYP); > + return kvm_share_hyp(vcpu, vcpu + 1); > } > > void kvm_arch_vcpu_postcreate(struct kvm_vcpu *vcpu) > @@ -623,8 +623,7 @@ static int kvm_vcpu_first_run_init(struct kvm_vcpu *vcpu) > > sve_end = vcpu->arch.sve_state + vcpu_sve_state_size(vcpu); > > - ret = create_hyp_mappings(vcpu->arch.sve_state, sve_end, > - PAGE_HYP); > + ret = kvm_share_hyp(vcpu->arch.sve_state, sve_end); > if (ret) > return ret; > } > diff --git a/arch/arm64/kvm/fpsimd.c b/arch/arm64/kvm/fpsimd.c > index 62c0d78da7be..2fe1128d9f3d 100644 > --- a/arch/arm64/kvm/fpsimd.c > +++ b/arch/arm64/kvm/fpsimd.c > @@ -35,11 +35,11 @@ int kvm_arch_vcpu_run_map_fp(struct kvm_vcpu *vcpu) > * Make sure the host task thread flags and fpsimd state are > * visible to hyp: > */ > - ret = create_hyp_mappings(ti, ti + 1, PAGE_HYP); > + ret = kvm_share_hyp(ti, ti + 1); > if (ret) > goto error; > > - ret = create_hyp_mappings(fpsimd, fpsimd + 1, PAGE_HYP); > + ret = kvm_share_hyp(fpsimd, fpsimd + 1); > if (ret) > goto error; > > diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c > index 1a94a7ca48f2..f80673e863ac 100644 > --- a/arch/arm64/kvm/mmu.c > +++ b/arch/arm64/kvm/mmu.c > @@ -296,6 +296,17 @@ static int pkvm_share_hyp(phys_addr_t start, phys_addr_t end) > return 0; > } > > +int kvm_share_hyp(void *from, void *to) > +{ > + if (is_kernel_in_hyp_mode()) > + return 0; > + > + if (kvm_host_owns_hyp_mappings()) > + return create_hyp_mappings(from, to, PAGE_HYP); Not directly related to this code, but it looks to me that kvm_host_owns_hyp_mappings() really ought to check for is_kernel_in_hyp_mode() on its own. VHE really deals with its own mappings, and create_hyp_mappings() already has a check to do nothing on VHE. > + > + return pkvm_share_hyp(kvm_kaddr_to_phys(from), kvm_kaddr_to_phys(to)); > +} > + > /** > * create_hyp_mappings - duplicate a kernel virtual address range in Hyp mode > * @from: The virtual kernel start address of the range > @@ -316,12 +327,8 @@ int create_hyp_mappings(void *from, void *to, enum kvm_pgtable_prot prot) > if (is_kernel_in_hyp_mode()) > return 0; > > - if (!kvm_host_owns_hyp_mappings()) { > - if (WARN_ON(prot != PAGE_HYP)) > - return -EPERM; > - return pkvm_share_hyp(kvm_kaddr_to_phys(from), > - kvm_kaddr_to_phys(to)); > - } > + if (WARN_ON(!kvm_host_owns_hyp_mappings())) > + return -EPERM; Do we really need this? Can't we just verify that all the code paths to create_hyp_mappings() check for kvm_host_owns_hyp_mappings()? At the very least, make this a VM_BUG_ON() so that this is limited to debug. Yes, I'm quickly developing a WARN_ON()-phobia. M. -- Without deviation from the norm, progress is not possible. _______________________________________________ kvmarm mailing list kvmarm@lists.cs.columbia.edu https://lists.cs.columbia.edu/mailman/listinfo/kvmarm