From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 74B8ACD4851 for ; Wed, 13 May 2026 13:23:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=4KJpbQO89OG8fg4Ki2D1gGncDbDLKvq4vJRr47sfe1s=; b=k0GZhwQ/uJIPTpVwfOgBCOvyGO JHRxIE6fnF1hDP3IhV/8V8+v0LnMC4e+q3vS/KlgXy3OFwyPLDeZfqGlQt3JMi/jDeJcyhueGkV1s Y8ps6ZxT+lMjIKB7edowDsD6vaL9Xo0N4lFHai/6xz1W4qV+H14BM23iZ/OXJQTEUXyo0q6TXqRU0 LzicshOMy5OzE9VHRY9gMfQRZt0Qk10Zyyr/oaDb7t+TYE1cZFDm4MbbNbna0LE2za2Op7Tgtkdpf S2UfXxU6Nwgc5HLpVTWkWuSVDVC80FSIzgdAH9vqFDUhAfzapQ/W6GQ0Z1peTWJ6gzNzSjjid2sM9 QAFTPCLw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.99.1 #2 (Red Hat Linux)) id 1wN9VN-00000002fsk-0i6Y; Wed, 13 May 2026 13:20:05 +0000 Received: from foss.arm.com ([217.140.110.172]) by bombadil.infradead.org with esmtp (Exim 4.99.1 #2 (Red Hat Linux)) id 1wN9V8-00000002faW-1XZG for linux-arm-kernel@lists.infradead.org; Wed, 13 May 2026 13:20:01 +0000 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 162DC1E2F; Wed, 13 May 2026 06:19:44 -0700 (PDT) Received: from e122027.arm.com (unknown [10.57.68.187]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 5F5113F836; Wed, 13 May 2026 06:19:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=arm.com; s=foss; t=1778678389; bh=EWERet6uLNcdGg0W0YTgjqj68Z8tt8LBZd5vRJlm2ys=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=N4ZjRmHu7GIroIYf9ifkSa80z0/Mz663WFHoDq8UTuYbb8eMaBHcVQnwaHX77Jccz a+RmdBudC2PBA7L70kIXN669fjwzMu4cg/zig5O9D/rT3Xt8pDvhqNODQFj2KPEdn/ 36WzSb9Y85znZ1HgWK6PV+92aR4uLyglyqrEQP/w= From: Steven Price To: kvm@vger.kernel.org, kvmarm@lists.linux.dev Cc: Steven Price , Catalin Marinas , Marc Zyngier , Will Deacon , James Morse , Oliver Upton , Suzuki K Poulose , Zenghui Yu , linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, Joey Gouly , Alexandru Elisei , Christoffer Dall , Fuad Tabba , linux-coco@lists.linux.dev, Ganapatrao Kulkarni , Gavin Shan , Shanker Donthineni , Alper Gun , "Aneesh Kumar K . V" , Emi Kisanuki , Vishal Annapurve , WeiLin.Chang@arm.com, Lorenzo.Pieralisi2@arm.com Subject: [PATCH v14 16/44] KVM: arm64: Allow passing machine type in KVM creation Date: Wed, 13 May 2026 14:17:24 +0100 Message-ID: <20260513131757.116630-17-steven.price@arm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260513131757.116630-1-steven.price@arm.com> References: <20260513131757.116630-1-steven.price@arm.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.9.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20260513_061950_520067_4F847A1D X-CRM114-Status: GOOD ( 19.21 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Previously machine type was used purely for specifying the physical address size of the guest. Reserve the higher bits to specify an ARM specific machine type and declare a new type 'KVM_VM_TYPE_ARM_REALM' used to create a realm guest. Signed-off-by: Steven Price --- Changes since v13: * Rework to use the two top bits for the machine type now that pKVM has merged and used the top bit for KVM_VM_TYPE_ARM_PROTECTED. * Update the documentation to include KVM_VM_TYPE_ARM_PROTECTED as well. Changes since v9: * Explictly set realm.state to REALM_STATE_NONE rather than rely on the zeroing of the structure. Changes since v7: * Add some documentation explaining the new machine type. Changes since v6: * Make the check for kvm_rme_is_available more visible and report an error code of -EPERM (instead of -EINVAL) to make it explicit that the kernel supports RME, but the platform doesn't. --- Documentation/virt/kvm/api.rst | 18 ++++++++++++++++-- arch/arm64/kvm/arm.c | 11 +++++++++++ include/uapi/linux/kvm.h | 7 ++++++- 3 files changed, 33 insertions(+), 3 deletions(-) diff --git a/Documentation/virt/kvm/api.rst b/Documentation/virt/kvm/api.rst index ca68aae7faa2..31a5919d8d5f 100644 --- a/Documentation/virt/kvm/api.rst +++ b/Documentation/virt/kvm/api.rst @@ -181,8 +181,22 @@ flag KVM_VM_MIPS_VZ. ARM64: ^^^^^^ -On arm64, the physical address size for a VM (IPA Size limit) is limited -to 40bits by default. The limit can be configured if the host supports the +On arm64, the machine type identifier is used to encode a type and the +physical address size for the VM. The lower byte (bits[7-0]) encode the +address size and the upper bits[30-31] encode a machine type. The machine +types that might be available are: + + ========================= ============================================ + KVM_VM_TYPE_ARM_NORMAL A standard VM + KVM_VM_TYPE_ARM_REALM A "Realm" VM using the Arm Confidential + Compute extensions, the VM's memory is + protected from the host. + KVM_VM_TYPE_ARM_PROTECTED A "protected" VM using pKVM to isolate the + VM from the host. + ========================= ============================================ + +The physical address size for a VM (IPA Size limit) is limited to 40bits +by default. The limit can be configured if the host supports the extension KVM_CAP_ARM_VM_IPA_SIZE. When supported, use KVM_VM_TYPE_ARM_IPA_SIZE(IPA_Bits) to set the size in the machine type identifier, where IPA_Bits is the maximum width of any physical diff --git a/arch/arm64/kvm/arm.c b/arch/arm64/kvm/arm.c index c6ebc5913e40..41d35b2d1dee 100644 --- a/arch/arm64/kvm/arm.c +++ b/arch/arm64/kvm/arm.c @@ -246,6 +246,17 @@ int kvm_arch_init_vm(struct kvm *kvm, unsigned long type) mutex_unlock(&kvm->lock); #endif + if ((type & KVM_VM_TYPE_ARM_PROTECTED) && + (type & KVM_VM_TYPE_ARM_REALM)) + return -EINVAL; + + if (type & KVM_VM_TYPE_ARM_REALM) { + if (!static_branch_unlikely(&kvm_rmi_is_available)) + return -EINVAL; + kvm_set_realm_state(kvm, REALM_STATE_NONE); + kvm->arch.is_realm = true; + } + kvm_init_nested(kvm); ret = kvm_share_hyp(kvm, kvm + 1); diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index b8cff0938041..7b2507a3865e 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -700,14 +700,19 @@ struct kvm_enable_cap { * address size for the VM. Bits[7-0] are reserved for the guest * PA size shift (i.e, log2(PA_Size)). For backward compatibility, * value 0 implies the default IPA size, 40bits. + * + * Bits[30-31] are reserved for the VM type */ #define KVM_VM_TYPE_ARM_IPA_SIZE_MASK 0xffULL #define KVM_VM_TYPE_ARM_IPA_SIZE(x) \ ((x) & KVM_VM_TYPE_ARM_IPA_SIZE_MASK) +#define KVM_VM_TYPE_ARM_NORMAL 0 +#define KVM_VM_TYPE_ARM_REALM (1UL << 30) #define KVM_VM_TYPE_ARM_PROTECTED (1UL << 31) #define KVM_VM_TYPE_ARM_MASK (KVM_VM_TYPE_ARM_IPA_SIZE_MASK | \ - KVM_VM_TYPE_ARM_PROTECTED) + KVM_VM_TYPE_ARM_PROTECTED | \ + KVM_VM_TYPE_ARM_REALM) /* * ioctls for /dev/kvm fds: -- 2.43.0