From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.0 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 45CEEC433E5 for ; Thu, 23 Jul 2020 08:19:00 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 11DEE2086A for ; Thu, 23 Jul 2020 08:18:59 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="Jqsvi9BK"; dkim=fail reason="signature verification failed" (1024-bit key) header.d=kernel.org header.i=@kernel.org header.b="ZTHqP7lL" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 11DEE2086A Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Type: Content-Transfer-Encoding:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:Message-ID:References:In-Reply-To:Subject:To:From: Date:MIME-Version:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=HKOY4teaAOnp/mmqryUCwF0yc5g8KTeAc40LCgmKpUU=; b=Jqsvi9BKPNZ3oBHy5UEdMAy0Y RzwUSqeVDQ/ZGc826FZqPyweRMKt4HNkbAvu9FT+X7SdjNU73PRwC+hSwQYy8BqGJYuQS8oXC22u0 gyDnKvixfcwHfXHBME1Ax1l83mo6/vDT9yb498psqJbLiwD4biU/VPsKoYVOWYtrC4bzCtWw9n2Up sv1fO7GjXmbAM8yxambWe4LijgPGesbCMzTrgMiSbDSx1Y0yk3ZpCrBVjQ79Fkee2kGzekVm4OC1U DPsQu7fmEc+E4U8RKkhYyymLpAloUbdt3TM8KGEbi3hTCcwyPNm6cUN71dQaWdUqiisy0IsQPlZDe MP7hUhnvA==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1jyWPo-0001gl-HF; Thu, 23 Jul 2020 08:17:20 +0000 Received: from mail.kernel.org ([198.145.29.99]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1jyWPl-0001g5-NO for linux-arm-kernel@lists.infradead.org; Thu, 23 Jul 2020 08:17:18 +0000 Received: from disco-boy.misterjones.org (disco-boy.misterjones.org [51.254.78.96]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 972BD2086A; Thu, 23 Jul 2020 08:17:16 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1595492236; bh=kgavO6LARHrOsiohXcR0b/r+PArNmIu2z3PsvONh/5U=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=ZTHqP7lLhUkaZNW51k7H1hutdSuROAs44/5hLigNvWjpSwYWTE6ML8boordmj+vkQ AJSKeJ3cQyH/DVOUcASFHosJgjVL/GsQj5r7yp/kFQvPctiu5NDFVQuYJdSs6Ui9Ex TJWafT0zGrsseMmYEC1yCTVc/bqu2xXgkACBFj6A= Received: from disco-boy.misterjones.org ([51.254.78.96] helo=www.loen.fr) by disco-boy.misterjones.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from ) id 1jyWPj-00ECtD-2X; Thu, 23 Jul 2020 09:17:15 +0100 MIME-Version: 1.0 Date: Thu, 23 Jul 2020 09:17:15 +0100 From: Marc Zyngier To: Nathan Chancellor Subject: Re: [PATCH] KVM: arm64: Prevent vcpu_has_ptrauth from generating OOL functions In-Reply-To: <20200723025142.GA361584@ubuntu-n2-xlarge-x86> References: <20200722162231.3689767-1-maz@kernel.org> <20200723025142.GA361584@ubuntu-n2-xlarge-x86> User-Agent: Roundcube Webmail/1.4.5 Message-ID: <0fab73670fa24d1c08711991133e4255@kernel.org> X-Sender: maz@kernel.org X-SA-Exim-Connect-IP: 51.254.78.96 X-SA-Exim-Rcpt-To: natechancellor@gmail.com, kvmarm@lists.cs.columbia.edu, linux-arm-kernel@lists.infradead.org, kvm@vger.kernel.org, james.morse@arm.com, julien.thierry.kdev@gmail.com, suzuki.poulose@arm.com, will@kernel.org, kernel-team@android.com, ndesaulniers@google.com X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on disco-boy.misterjones.org); SAEximRunCond expanded to false X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200723_041717_997557_A778327D X-CRM114-Status: GOOD ( 19.24 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kvm@vger.kernel.org, Suzuki K Poulose , kernel-team@android.com, Nick Desaulniers , James Morse , linux-arm-kernel@lists.infradead.org, Will Deacon , kvmarm@lists.cs.columbia.edu, Julien Thierry Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Hi Nathan, On 2020-07-23 03:51, Nathan Chancellor wrote: > On Wed, Jul 22, 2020 at 05:22:31PM +0100, Marc Zyngier wrote: >> So far, vcpu_has_ptrauth() is implemented in terms of >> system_supports_*_auth() >> calls, which are declared "inline". In some specific conditions (clang >> and SCS), the "inline" very much turns into an "out of line", which >> leads to a fireworks when this predicate is evaluated on a non-VHE >> system (right at the beginning of __hyp_handle_ptrauth). >> >> Instead, make sure vcpu_has_ptrauth gets expanded inline by directly >> using the cpus_have_final_cap() helpers, which are __always_inline, >> generate much better code, and are the only thing that make sense when >> running at EL2 on a nVHE system. >> >> Fixes: 29eb5a3c57f7 ("KVM: arm64: Handle PtrAuth traps early") >> Reported-by: Nathan Chancellor >> Reported-by: Nick Desaulniers >> Signed-off-by: Marc Zyngier > > Thank you for the quick fix! I have booted a mainline kernel with this > patch with Shadow Call Stack enabled and verified that using KVM no > longer causes a panic. Great! I'll try and ferry this to mainline as quickly as possible. > Reviewed-by: Nathan Chancellor > Tested-by: Nathan Chancellor > > For the future, is there an easy way to tell which type of system I am > using (nVHE or VHE)? I am new to the arm64 KVM world but it is > something > that I am going to continue to test with various clang technologies now > that I have actual hardware capable of it that can run a mainline > kernel. ARMv8.0 CPUs are only capable of running non-VHE. So if you have something based on older ARM CPUs (such as A57, A72, A53, A73, A35...), or licensee CPUs (ThunderX, XGene, EMag...), this will only run non-VHE (the host kernel runs at EL1, while the hypervisor runs at EL2. From ARMv8.1 onward, VHE is normally present, and the host kernel can run at EL2 directly. ARM CPUs include A55, A65, A75, A76, A77, N1, while licensee CPUs include TX2, Kunpeng 920, and probably some more. As pointed out by Zenghui in another email, KVM shows which mode it is using. Even without KVM, the kernel prints very early on: [ 0.000000] CPU features: detected: Virtualization Host Extensions Note that this is only a performance difference, and that most features that are supported by the CPU can be used by KVM in either mode. Thanks again, M. -- Jazz is not dead. It just smells funny... _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel