From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-16.2 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_SANE_1 autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id AC518C4338F for ; Thu, 12 Aug 2021 09:56:26 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 451C960FC4 for ; Thu, 12 Aug 2021 09:56:26 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 451C960FC4 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:References: Message-ID:Subject:Cc:To:From:Date:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=B7ILOLL7J2WhGEeqmWUW6FUXZP5s3BWtGRs6xtmi1OE=; b=4hGzm26a47qqo+ KnzkEw7ScG8C401qkGOhlkCIGhlVw814Ii3fBhIrbP6qlOzJoBtAqP994RfFOtKvNAhTnTxlT/pB5 QiPsYObp/UliHhRZ848vTvVaHmtYrGK6q72TCeyXeDyekLyiPYppIawI48m1P7fwG2FAXNiuaIYxP KnkNT4rJgolN+DjLzYu7wndZHqfYbf9STIn0oF4T8XBFslsPuEa8z1iN2ummoqLw4IVpR2GsHMc08 sfW10SB9T8Yw1BFpHsTos+TKDtJqhetuWb2JaLp9uIbBux9NoraaojTGZLc5tBglPeAUf1E2m779o NHd6wPw8idGhJFP6huhQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1mE7PL-009ZCU-Li; Thu, 12 Aug 2021 09:53:51 +0000 Received: from mail.kernel.org ([198.145.29.99]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1mE7PF-009ZBA-D9 for linux-arm-kernel@lists.infradead.org; Thu, 12 Aug 2021 09:53:46 +0000 Received: by mail.kernel.org (Postfix) with ESMTPSA id 7F3D160EB9; Thu, 12 Aug 2021 09:53:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1628762024; bh=8XFM14K7kKN0l/+uki0YeLpUShrJFjJTlweUW//YX9Q=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=k9TYlALwCXVzH3+KaEt2QnWfDx4lBTVGzLXbtIhA9S+5ZdGElwQ5jOltSn7jpFSb6 hYUsaGUJqWi1fuCHorBIET+c+9zW/5BzQyTBERYgeLuLdPlHzMFvq/lRukJcjudWih 4MStLVfi4KVHLkpaUpYDrBrYIVh9odqyFPDMhqK/DOLEkezOj8FF3Ijh/8COy4vkEu ipfEwesSN+Cq5avEt1xO1p+wf8Nl9ommH1u9J7Y3/UwWSed6x6FpeKoUJNksKf+O1p f8o1Ax0tEAbj2K3fyUqK5DTW739ptxn9uTnaFn7KGVd4hi1JMAxnFyUUBwDBw0nk7A Xcn4KTfWoyI2w== Date: Thu, 12 Aug 2021 10:53:39 +0100 From: Will Deacon To: Fuad Tabba Cc: kvmarm@lists.cs.columbia.edu, maz@kernel.org, james.morse@arm.com, alexandru.elisei@arm.com, suzuki.poulose@arm.com, mark.rutland@arm.com, christoffer.dall@arm.com, pbonzini@redhat.com, drjones@redhat.com, qperret@google.com, kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kernel-team@android.com Subject: Re: [PATCH v3 13/15] KVM: arm64: Trap access to pVM restricted features Message-ID: <20210812095338.GK5912@willie-the-truck> References: <20210719160346.609914-1-tabba@google.com> <20210719160346.609914-14-tabba@google.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20210719160346.609914-14-tabba@google.com> User-Agent: Mutt/1.10.1 (2018-07-13) X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210812_025345_501837_03610C73 X-CRM114-Status: GOOD ( 19.45 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On Mon, Jul 19, 2021 at 05:03:44PM +0100, Fuad Tabba wrote: > Trap accesses to restricted features for VMs running in protected > mode. > > Access to feature registers are emulated, and only supported > features are exposed to protected VMs. > > Accesses to restricted registers as well as restricted > instructions are trapped, and an undefined exception is injected > into the protected guests, i.e., with EC = 0x0 (unknown reason). > This EC is the one used, according to the Arm Architecture > Reference Manual, for unallocated or undefined system registers > or instructions. > > Only affects the functionality of protected VMs. Otherwise, > should not affect non-protected VMs when KVM is running in > protected mode. > > Signed-off-by: Fuad Tabba > --- > arch/arm64/kvm/hyp/include/hyp/switch.h | 3 ++ > arch/arm64/kvm/hyp/nvhe/switch.c | 52 ++++++++++++++++++------- > 2 files changed, 41 insertions(+), 14 deletions(-) > > diff --git a/arch/arm64/kvm/hyp/include/hyp/switch.h b/arch/arm64/kvm/hyp/include/hyp/switch.h > index 5a2b89b96c67..8431f1514280 100644 > --- a/arch/arm64/kvm/hyp/include/hyp/switch.h > +++ b/arch/arm64/kvm/hyp/include/hyp/switch.h > @@ -33,6 +33,9 @@ > extern struct exception_table_entry __start___kvm_ex_table; > extern struct exception_table_entry __stop___kvm_ex_table; > > +int kvm_handle_pvm_sys64(struct kvm_vcpu *vcpu); > +int kvm_handle_pvm_restricted(struct kvm_vcpu *vcpu); > + > /* Check whether the FP regs were dirtied while in the host-side run loop: */ > static inline bool update_fp_enabled(struct kvm_vcpu *vcpu) > { > diff --git a/arch/arm64/kvm/hyp/nvhe/switch.c b/arch/arm64/kvm/hyp/nvhe/switch.c > index 36da423006bd..99bbbba90094 100644 > --- a/arch/arm64/kvm/hyp/nvhe/switch.c > +++ b/arch/arm64/kvm/hyp/nvhe/switch.c > @@ -158,30 +158,54 @@ static void __pmu_switch_to_host(struct kvm_cpu_context *host_ctxt) > write_sysreg(pmu->events_host, pmcntenset_el0); > } > > +/** > + * Handle system register accesses for protected VMs. > + * > + * Return 1 if handled, or 0 if not. > + */ > +static int handle_pvm_sys64(struct kvm_vcpu *vcpu) > +{ > + return kvm_vm_is_protected(kern_hyp_va(vcpu->kvm)) ? > + kvm_handle_pvm_sys64(vcpu) : > + 0; > +} Why don't we move the kvm_vm_is_protected() check into kvm_get_hyp_exit_handler() so we can avoid adding it to each handler instead? Either way: Acked-by: Will Deacon Will _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel