From: Dave Martin <Dave.Martin@arm.com>
To: linux-arm-kernel@lists.infradead.org
Cc: linux-arch@vger.kernel.org,
Okamoto Takayuki <tokamoto@jp.fujitsu.com>,
libc-alpha@sourceware.org,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
Szabolcs Nagy <szabolcs.nagy@arm.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will.deacon@arm.com>,
Marc Zyngier <marc.zyngier@arm.com>,
Richard Sandiford <richard.sandiford@arm.com>,
kvmarm@lists.cs.columbia.edu
Subject: [PATCH v3 24/28] arm64/sve: KVM: Hide SVE from CPU features exposed to guests
Date: Tue, 10 Oct 2017 19:38:41 +0100 [thread overview]
Message-ID: <1507660725-7986-25-git-send-email-Dave.Martin@arm.com> (raw)
In-Reply-To: <1507660725-7986-1-git-send-email-Dave.Martin@arm.com>
KVM guests cannot currently use SVE, because SVE is always
configured to trap to EL2.
However, a guest that sees SVE reported as present in
ID_AA64PFR0_EL1 may legitimately expect that SVE works and try to
use it. Instead of working, the guest will receive an injected
undef exception, which may cause the guest to oops or go into a
spin.
To avoid misleading the guest into believing that SVE will work,
this patch masks out the SVE field from ID_AA64PFR0_EL1 when a
guest attempts to read this register. No support is explicitly
added for ID_AA64ZFR0_EL1 either, so that is still emulated as
reading as zero, which is consistent with SVE not being
implemented.
This is a temporary measure, and will be removed in a later series
when full KVM support for SVE is implemented.
Signed-off-by: Dave Martin <Dave.Martin@arm.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Cc: Marc Zyngier <marc.zyngier@arm.com>
---
arch/arm64/kvm/sys_regs.c | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c
index b1f7552..a0ee9b0 100644
--- a/arch/arm64/kvm/sys_regs.c
+++ b/arch/arm64/kvm/sys_regs.c
@@ -23,6 +23,7 @@
#include <linux/bsearch.h>
#include <linux/kvm_host.h>
#include <linux/mm.h>
+#include <linux/printk.h>
#include <linux/uaccess.h>
#include <asm/cacheflush.h>
@@ -897,8 +898,17 @@ static u64 read_id_reg(struct sys_reg_desc const *r, bool raz)
{
u32 id = sys_reg((u32)r->Op0, (u32)r->Op1,
(u32)r->CRn, (u32)r->CRm, (u32)r->Op2);
+ u64 val = raz ? 0 : read_sanitised_ftr_reg(id);
- return raz ? 0 : read_sanitised_ftr_reg(id);
+ if (id == SYS_ID_AA64PFR0_EL1) {
+ if (val & (0xfUL << ID_AA64PFR0_SVE_SHIFT))
+ pr_err_once("kvm [%i]: SVE unsupported for guests, suppressing\n",
+ task_pid_nr(current));
+
+ val &= ~(0xfUL << ID_AA64PFR0_SVE_SHIFT);
+ }
+
+ return val;
}
/* cpufeature ID register access trap handlers */
--
2.1.4
_______________________________________________
kvmarm mailing list
kvmarm@lists.cs.columbia.edu
https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
WARNING: multiple messages have this Message-ID (diff)
From: Dave Martin <Dave.Martin@arm.com>
To: linux-arm-kernel@lists.infradead.org
Cc: "Catalin Marinas" <catalin.marinas@arm.com>,
"Will Deacon" <will.deacon@arm.com>,
"Ard Biesheuvel" <ard.biesheuvel@linaro.org>,
"Alex Bennée" <alex.bennee@linaro.org>,
"Szabolcs Nagy" <szabolcs.nagy@arm.com>,
"Richard Sandiford" <richard.sandiford@arm.com>,
"Okamoto Takayuki" <tokamoto@jp.fujitsu.com>,
kvmarm@lists.cs.columbia.edu, libc-alpha@sourceware.org,
linux-arch@vger.kernel.org, "Marc Zyngier" <marc.zyngier@arm.com>
Subject: [PATCH v3 24/28] arm64/sve: KVM: Hide SVE from CPU features exposed to guests
Date: Tue, 10 Oct 2017 19:38:41 +0100 [thread overview]
Message-ID: <1507660725-7986-25-git-send-email-Dave.Martin@arm.com> (raw)
Message-ID: <20171010183841.Lw9PAExuJ4_WEAcub5Swc_gNFQkwBRXBKr7WeA1GFjM@z> (raw)
In-Reply-To: <1507660725-7986-1-git-send-email-Dave.Martin@arm.com>
KVM guests cannot currently use SVE, because SVE is always
configured to trap to EL2.
However, a guest that sees SVE reported as present in
ID_AA64PFR0_EL1 may legitimately expect that SVE works and try to
use it. Instead of working, the guest will receive an injected
undef exception, which may cause the guest to oops or go into a
spin.
To avoid misleading the guest into believing that SVE will work,
this patch masks out the SVE field from ID_AA64PFR0_EL1 when a
guest attempts to read this register. No support is explicitly
added for ID_AA64ZFR0_EL1 either, so that is still emulated as
reading as zero, which is consistent with SVE not being
implemented.
This is a temporary measure, and will be removed in a later series
when full KVM support for SVE is implemented.
Signed-off-by: Dave Martin <Dave.Martin@arm.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Cc: Marc Zyngier <marc.zyngier@arm.com>
---
arch/arm64/kvm/sys_regs.c | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c
index b1f7552..a0ee9b0 100644
--- a/arch/arm64/kvm/sys_regs.c
+++ b/arch/arm64/kvm/sys_regs.c
@@ -23,6 +23,7 @@
#include <linux/bsearch.h>
#include <linux/kvm_host.h>
#include <linux/mm.h>
+#include <linux/printk.h>
#include <linux/uaccess.h>
#include <asm/cacheflush.h>
@@ -897,8 +898,17 @@ static u64 read_id_reg(struct sys_reg_desc const *r, bool raz)
{
u32 id = sys_reg((u32)r->Op0, (u32)r->Op1,
(u32)r->CRn, (u32)r->CRm, (u32)r->Op2);
+ u64 val = raz ? 0 : read_sanitised_ftr_reg(id);
- return raz ? 0 : read_sanitised_ftr_reg(id);
+ if (id == SYS_ID_AA64PFR0_EL1) {
+ if (val & (0xfUL << ID_AA64PFR0_SVE_SHIFT))
+ pr_err_once("kvm [%i]: SVE unsupported for guests, suppressing\n",
+ task_pid_nr(current));
+
+ val &= ~(0xfUL << ID_AA64PFR0_SVE_SHIFT);
+ }
+
+ return val;
}
/* cpufeature ID register access trap handlers */
--
2.1.4
next prev parent reply other threads:[~2017-10-10 18:38 UTC|newest]
Thread overview: 155+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-10 18:38 [PATCH v3 00/28] ARM Scalable Vector Extension (SVE) Dave Martin
2017-10-10 18:38 ` Dave Martin
2017-10-10 18:38 ` [PATCH v3 01/28] regset: Add support for dynamically sized regsets Dave Martin
2017-10-10 18:38 ` Dave Martin
2017-10-11 14:14 ` Catalin Marinas
2017-10-11 14:45 ` Dave Martin
2017-10-11 14:45 ` Dave Martin
2017-10-10 18:38 ` [PATCH v3 02/28] arm64: KVM: Hide unsupported AArch64 CPU features from guests Dave Martin
2017-10-11 14:14 ` Catalin Marinas
2017-10-11 16:21 ` Marc Zyngier
2017-10-11 16:21 ` Marc Zyngier
2017-10-17 13:51 ` Christoffer Dall
2017-10-17 14:08 ` Marc Zyngier
2017-10-18 13:20 ` Christoffer Dall
2017-10-18 13:20 ` Christoffer Dall
2017-10-18 14:45 ` Dave Martin
2017-10-18 19:19 ` Christoffer Dall
2017-10-10 18:38 ` [PATCH v3 03/28] arm64: efi: Add missing Kconfig dependency on KERNEL_MODE_NEON Dave Martin
2017-10-11 14:16 ` Catalin Marinas
2017-10-11 14:35 ` Dave Martin
2017-10-10 18:38 ` [PATCH v3 04/28] arm64: Port deprecated instruction emulation to new sysctl interface Dave Martin
2017-10-11 14:17 ` Catalin Marinas
2017-10-10 18:38 ` [PATCH v3 05/28] arm64: fpsimd: Simplify uses of {set, clear}_ti_thread_flag() Dave Martin
2017-10-10 18:38 ` [PATCH v3 05/28] arm64: fpsimd: Simplify uses of {set,clear}_ti_thread_flag() Dave Martin
2017-10-11 14:19 ` [PATCH v3 05/28] arm64: fpsimd: Simplify uses of {set, clear}_ti_thread_flag() Catalin Marinas
2017-10-10 18:38 ` [PATCH v3 06/28] arm64/sve: System register and exception syndrome definitions Dave Martin
2017-10-11 14:20 ` Catalin Marinas
2017-10-10 18:38 ` [PATCH v3 07/28] arm64/sve: Low-level SVE architectural state manipulation functions Dave Martin
2017-10-11 14:28 ` Catalin Marinas
2017-10-11 14:28 ` Catalin Marinas
2017-10-11 14:39 ` Dave Martin
2017-10-10 18:38 ` [PATCH v3 08/28] arm64/sve: Kconfig update and conditional compilation support Dave Martin
2017-10-10 18:38 ` Dave Martin
2017-10-11 14:29 ` Catalin Marinas
2017-10-11 14:29 ` Catalin Marinas
2017-10-10 18:38 ` [PATCH v3 09/28] arm64/sve: Signal frame and context structure definition Dave Martin
2017-10-10 18:38 ` Dave Martin
2017-10-11 14:29 ` Catalin Marinas
2017-10-11 14:29 ` Catalin Marinas
2017-10-10 18:38 ` [PATCH v3 10/28] arm64/sve: Low-level CPU setup Dave Martin
2017-10-11 14:30 ` Catalin Marinas
2017-10-10 18:38 ` [PATCH v3 11/28] arm64/sve: Core task context handling Dave Martin
2017-10-11 16:15 ` Catalin Marinas
2017-10-12 16:05 ` Dave Martin
2017-10-13 13:57 ` Catalin Marinas
2017-10-13 17:53 ` Dave Martin
2017-10-10 18:38 ` [PATCH v3 12/28] arm64/sve: Support vector length resetting for new processes Dave Martin
2017-10-10 18:38 ` Dave Martin
2017-10-11 16:16 ` Catalin Marinas
2017-10-11 16:16 ` Catalin Marinas
2017-10-10 18:38 ` [PATCH v3 13/28] arm64/sve: Signal handling support Dave Martin
2017-10-11 16:40 ` Catalin Marinas
2017-10-12 16:11 ` Dave Martin
2017-10-13 11:17 ` Catalin Marinas
2017-10-13 11:17 ` Catalin Marinas
2017-10-13 14:26 ` Dave Martin
2017-10-10 18:38 ` [PATCH v3 14/28] arm64/sve: Backend logic for setting the vector length Dave Martin
2017-10-10 18:38 ` Dave Martin
2017-10-11 16:43 ` Catalin Marinas
2017-10-10 18:38 ` [PATCH v3 15/28] arm64: cpufeature: Move sys_caps_initialised declarations Dave Martin
2017-10-10 18:38 ` Dave Martin
2017-10-11 16:50 ` Catalin Marinas
2017-10-10 18:38 ` [PATCH v3 16/28] arm64/sve: Probe SVE capabilities and usable vector lengths Dave Martin
2017-10-10 18:38 ` Dave Martin
2017-10-11 16:55 ` Catalin Marinas
2017-10-12 12:56 ` Suzuki K Poulose
2017-10-16 15:46 ` Dave Martin
2017-10-16 15:46 ` Dave Martin
2017-10-16 16:27 ` Suzuki K Poulose
2017-10-16 16:27 ` Suzuki K Poulose
2017-10-16 16:44 ` Dave Martin
2017-10-16 16:44 ` Dave Martin
2017-10-16 16:47 ` Suzuki K Poulose
2017-10-16 16:47 ` Suzuki K Poulose
2017-10-16 16:55 ` Dave Martin
2017-10-16 16:58 ` Suzuki K Poulose
2017-10-10 18:38 ` [PATCH v3 17/28] arm64/sve: Preserve SVE registers around kernel-mode NEON use Dave Martin
2017-10-10 18:38 ` Dave Martin
2017-10-12 10:15 ` Catalin Marinas
2017-10-12 10:15 ` Catalin Marinas
2017-10-10 18:38 ` [PATCH v3 18/28] arm64/sve: Preserve SVE registers around EFI runtime service calls Dave Martin
2017-10-12 10:57 ` Catalin Marinas
2017-10-12 10:57 ` Catalin Marinas
2017-10-10 18:38 ` [PATCH v3 19/28] arm64/sve: ptrace and ELF coredump support Dave Martin
2017-10-10 18:38 ` Dave Martin
2017-10-12 17:06 ` Catalin Marinas
2017-10-13 16:16 ` Dave Martin
2017-10-13 16:16 ` Dave Martin
2017-10-18 10:32 ` Catalin Marinas
2017-10-18 16:02 ` Dave Martin
2017-10-10 18:38 ` [PATCH v3 20/28] arm64/sve: Add prctl controls for userspace vector length management Dave Martin
2017-10-10 18:38 ` Dave Martin
2017-10-12 17:11 ` Catalin Marinas
2017-10-12 17:11 ` Catalin Marinas
2017-10-10 18:38 ` [PATCH v3 21/28] arm64/sve: Add sysctl to set the default vector length for new processes Dave Martin
2017-10-10 18:38 ` Dave Martin
2017-10-12 17:11 ` Catalin Marinas
2017-10-10 18:38 ` [PATCH v3 22/28] arm64/sve: KVM: Prevent guests from using SVE Dave Martin
2017-10-11 16:28 ` Marc Zyngier
2017-10-12 11:04 ` Dave Martin
2017-10-12 11:28 ` Marc Zyngier
2017-10-13 14:15 ` Dave Martin
2017-10-13 14:21 ` Marc Zyngier
2017-10-13 16:47 ` Dave Martin
2017-10-12 17:13 ` Catalin Marinas
2017-10-17 11:50 ` Christoffer Dall
2017-10-17 11:50 ` Christoffer Dall
2017-10-17 14:31 ` Dave Martin
2017-10-17 14:31 ` Dave Martin
2017-10-18 13:23 ` Christoffer Dall
2017-10-18 13:23 ` Christoffer Dall
2017-10-18 15:00 ` Dave Martin
2017-10-18 15:00 ` Dave Martin
2017-10-18 19:22 ` Christoffer Dall
2017-10-18 19:22 ` Christoffer Dall
2017-10-10 18:38 ` [PATCH v3 23/28] arm64/sve: KVM: Treat guest SVE use as undefined instruction execution Dave Martin
2017-10-12 17:13 ` Catalin Marinas
2017-10-17 13:58 ` Christoffer Dall
2017-10-10 18:38 ` Dave Martin [this message]
2017-10-10 18:38 ` [PATCH v3 24/28] arm64/sve: KVM: Hide SVE from CPU features exposed to guests Dave Martin
2017-10-11 16:31 ` Marc Zyngier
2017-10-12 17:13 ` Catalin Marinas
2017-10-17 13:58 ` Christoffer Dall
2017-10-17 13:58 ` Christoffer Dall
2017-10-17 14:07 ` Dave Martin
2017-10-17 14:29 ` Marc Zyngier
2017-10-17 14:29 ` Marc Zyngier
2017-10-17 15:47 ` Dave Martin
2017-10-18 13:21 ` Christoffer Dall
2017-10-18 13:21 ` Christoffer Dall
2017-10-18 15:01 ` Dave Martin
2017-10-18 15:01 ` Dave Martin
2017-10-18 16:49 ` Christoffer Dall
2017-10-18 16:49 ` Christoffer Dall
2017-10-10 18:38 ` [PATCH v3 25/28] arm64/sve: Detect SVE and activate runtime support Dave Martin
2017-10-11 17:11 ` Suzuki K Poulose
2017-10-12 17:14 ` Catalin Marinas
2017-10-12 17:14 ` Catalin Marinas
2017-10-10 18:38 ` [PATCH v3 26/28] arm64/sve: Add documentation Dave Martin
2017-10-10 18:38 ` Dave Martin
2017-10-11 9:50 ` Szabolcs Nagy
[not found] ` <59DDE958.4080605-5wv7dgnIgG8@public.gmane.org>
2017-10-11 11:08 ` Dave Martin
2017-10-11 11:08 ` Dave Martin
[not found] ` <20171011110811.GB19485-M5GwZQ6tE7x5pKCnmE3YQBJ8xKzm50AiAL8bYrjMMd8@public.gmane.org>
2017-10-11 11:30 ` Szabolcs Nagy
2017-10-11 11:30 ` Szabolcs Nagy
2017-10-13 14:24 ` Catalin Marinas
2017-10-13 17:17 ` Dave Martin
[not found] ` <20171013171758.GO19485-M5GwZQ6tE7x5pKCnmE3YQBJ8xKzm50AiAL8bYrjMMd8@public.gmane.org>
2017-10-18 9:32 ` Catalin Marinas
2017-10-18 9:32 ` Catalin Marinas
[not found] ` <20171013142421.j32jzisukewxtosx-+1aNUgJU5qkijLcmloz0ER/iLCjYCKR+VpNB7YpNyf8@public.gmane.org>
2017-10-13 17:35 ` Dave Martin
2017-10-13 17:35 ` Dave Martin
2017-10-10 18:38 ` [RFC PATCH v3 27/28] arm64: signal: Report signal frame size to userspace via auxv Dave Martin
2017-10-11 10:19 ` Szabolcs Nagy
2017-10-11 13:14 ` Dave P Martin
2017-10-10 18:38 ` [RFC PATCH v3 28/28] arm64/sve: signal: Include SVE when computing AT_MINSIGSTKSZ Dave Martin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1507660725-7986-25-git-send-email-Dave.Martin@arm.com \
--to=dave.martin@arm.com \
--cc=ard.biesheuvel@linaro.org \
--cc=catalin.marinas@arm.com \
--cc=kvmarm@lists.cs.columbia.edu \
--cc=libc-alpha@sourceware.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=marc.zyngier@arm.com \
--cc=richard.sandiford@arm.com \
--cc=szabolcs.nagy@arm.com \
--cc=tokamoto@jp.fujitsu.com \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).