From: Gavin Shan <gshan@redhat.com>
To: Steven Price <steven.price@arm.com>,
kvm@vger.kernel.org, kvmarm@lists.linux.dev
Cc: Catalin Marinas <catalin.marinas@arm.com>,
Marc Zyngier <maz@kernel.org>, Will Deacon <will@kernel.org>,
James Morse <james.morse@arm.com>,
Oliver Upton <oliver.upton@linux.dev>,
Suzuki K Poulose <suzuki.poulose@arm.com>,
Zenghui Yu <yuzenghui@huawei.com>,
linux-arm-kernel@lists.infradead.org,
linux-kernel@vger.kernel.org, Joey Gouly <joey.gouly@arm.com>,
Alexandru Elisei <alexandru.elisei@arm.com>,
Christoffer Dall <christoffer.dall@arm.com>,
Fuad Tabba <tabba@google.com>,
linux-coco@lists.linux.dev,
Ganapatrao Kulkarni <gankulkarni@os.amperecomputing.com>,
Shanker Donthineni <sdonthineni@nvidia.com>,
Alper Gun <alpergun@google.com>,
"Aneesh Kumar K . V" <aneesh.kumar@kernel.org>,
Emi Kisanuki <fj0570is@fujitsu.com>
Subject: Re: [PATCH v9 06/43] arm64: RME: Define the user ABI
Date: Tue, 1 Jul 2025 16:29:03 +1000 [thread overview]
Message-ID: <60e5f88e-c8f1-40d9-a69c-e7da4fc1c953@redhat.com> (raw)
In-Reply-To: <20250611104844.245235-7-steven.price@arm.com>
On 6/11/25 8:48 PM, Steven Price wrote:
> There is one (multiplexed) CAP which can be used to create, populate and
> then activate the realm.
>
> Co-developed-by: Suzuki K Poulose <suzuki.poulose@arm.com>
> Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
> Signed-off-by: Steven Price <steven.price@arm.com>
> ---
> Changes since v8:
> * Minor improvements to documentation following review.
> * Bump the magic numbers to avoid conflicts.
> Changes since v7:
> * Add documentation of new ioctls
> * Bump the magic numbers to avoid conflicts
> Changes since v6:
> * Rename some of the symbols to make their usage clearer and avoid
> repetition.
> Changes from v5:
> * Actually expose the new VCPU capability (KVM_ARM_VCPU_REC) by bumping
> KVM_VCPU_MAX_FEATURES - note this also exposes KVM_ARM_VCPU_HAS_EL2!
> ---
> Documentation/virt/kvm/api.rst | 73 ++++++++++++++++++++++++++++++-
> arch/arm64/include/uapi/asm/kvm.h | 49 +++++++++++++++++++++
> include/uapi/linux/kvm.h | 10 +++++
> 3 files changed, 131 insertions(+), 1 deletion(-)
>
With below nitpicks addressed:
Reviewed-by: Gavin Shan <gshan@redhat.com>
> diff --git a/Documentation/virt/kvm/api.rst b/Documentation/virt/kvm/api.rst
> index 1bd2d42e6424..65543289f75c 100644
> --- a/Documentation/virt/kvm/api.rst
> +++ b/Documentation/virt/kvm/api.rst
> @@ -3542,6 +3542,11 @@ Possible features:
> Depends on KVM_CAP_ARM_EL2_E2H0.
> KVM_ARM_VCPU_HAS_EL2 must also be set.
>
> + - KVM_ARM_VCPU_REC: Allocate a REC (Realm Execution Context) for this
> + VCPU. This must be specified on all VCPUs created in a Realm VM.
> + Depends on KVM_CAP_ARM_RME.
> + Requires KVM_ARM_VCPU_FINALIZE(KVM_ARM_VCPU_REC).
> +
> 4.83 KVM_ARM_PREFERRED_TARGET
> -----------------------------
>
> @@ -5115,6 +5120,7 @@ Recognised values for feature:
>
> ===== ===========================================
> arm64 KVM_ARM_VCPU_SVE (requires KVM_CAP_ARM_SVE)
> + arm64 KVM_ARM_VCPU_REC (requires KVM_CAP_ARM_RME)
> ===== ===========================================
>
> Finalizes the configuration of the specified vcpu feature.
> @@ -6469,6 +6475,30 @@ the capability to be present.
>
> `flags` must currently be zero.
>
> +4.144 KVM_ARM_VCPU_RMM_PSCI_COMPLETE
> +------------------------------------
> +
> +:Capability: KVM_CAP_ARM_RME
> +:Architectures: arm64
> +:Type: vcpu ioctl
> +:Parameters: struct kvm_arm_rmm_psci_complete (in)
> +:Returns: 0 if successful, < 0 on error
> +
> +::
> +
> + struct kvm_arm_rmm_psci_complete {
> + __u64 target_mpidr;
> + __u32 psci_status;
> + __u32 padding[3];
> + };
> +
> +Where PSCI functions are handled by user space, the RMM needs to be informed of
> +the target of the operation using `target_mpidr`, along with the status
> +(`psci_status`). The RMM v1.0 specification defines two functions that require
> +this call: PSCI_CPU_ON and PSCI_AFFINITY_INFO.
> +
> +If the kernel is handling PSCI then this is done automatically and the VMM
> +doesn't need to call this ioctl.
>
> .. _kvm_run:
>
> @@ -8528,7 +8558,7 @@ ENOSYS for the others.
> When enabled, KVM will exit to userspace with KVM_EXIT_SYSTEM_EVENT of
> type KVM_SYSTEM_EVENT_SUSPEND to process the guest suspend request.
>
> -7.37 KVM_CAP_ARM_WRITABLE_IMP_ID_REGS
> +7.42 KVM_CAP_ARM_WRITABLE_IMP_ID_REGS
> -------------------------------------
>
> :Architectures: arm64
> @@ -8557,6 +8587,47 @@ given VM.
> When this capability is enabled, KVM resets the VCPU when setting
> MP_STATE_INIT_RECEIVED through IOCTL. The original MP_STATE is preserved.
>
> +7.44 KVM_CAP_ARM_RME
> +--------------------
> +
> +:Architectures: arm64
> +:Target: VM
> +:Parameters: args[0] provides an action, args[1] points to a structure in
> + memory for some actions.
^^^
Alignment
s/for some actions/for the action
> +:Returns: 0 on success, negative value on error
> +
> +Used to configure and set up the memory for a Realm. The available actions are:
> +
> +================================= =============================================
> + KVM_CAP_ARM_RME_CONFIG_REALM Takes struct arm_rme_config as args[1] and
> + configures realm parameters prior to it being
> + created.
> +
> + Options are ARM_RME_CONFIG_RPV to set the
> + "Realm Personalization Value" and
> + ARM_RME_CONFIG_HASH_ALGO to set the hash
> + algorithm.
> +
> + KVM_CAP_ARM_RME_CREATE_REALM Request the RMM to create the realm. The
> + realm's configuration parameters must be set
> + first.
> +
> + KVM_CAP_ARM_RME_INIT_RIPAS_REALM Takes struct arm_rme_init_ripas as args[1]
> + and sets the RIPAS (Realm IPA State) to
> + RIPAS_RAM of a specified area of the realm's
> + IPA.
> +
> + KVM_CAP_ARM_RME_POPULATE_REALM Takes struct arm_rme_populate_realm as
> + args[1] and populates a region of protected
> + address space by copying the data from the
> + shared alias.
> +
> + KVM_CAP_ARM_RME_ACTIVATE_REALM Request the RMM to activate the realm. No
> + changes can be made to the Realm's memory,
> + IPA state or configuration parameters. No
> + new VCPUs should be created after this step.
> +================================= =============================================
> +
The description about KVM_CAP_ARM_RME_ACTIVATE_REALM looks a bit confusing, maybe
something as below is more clear:
KVM_CAP_ARM_RME_ACTIVATE_REALM Request the RMM to activate the realm. No changes
can be made to the Realm's populated memory, IPA state,
configuration parameters or vCPU addition after this
step.
> 8. Other capabilities.
> ======================
>
> diff --git a/arch/arm64/include/uapi/asm/kvm.h b/arch/arm64/include/uapi/asm/kvm.h
> index ed5f3892674c..9b5d67ecbc5e 100644
> --- a/arch/arm64/include/uapi/asm/kvm.h
> +++ b/arch/arm64/include/uapi/asm/kvm.h
> @@ -106,6 +106,7 @@ struct kvm_regs {
> #define KVM_ARM_VCPU_PTRAUTH_GENERIC 6 /* VCPU uses generic authentication */
> #define KVM_ARM_VCPU_HAS_EL2 7 /* Support nested virtualization */
> #define KVM_ARM_VCPU_HAS_EL2_E2H0 8 /* Limit NV support to E2H RES0 */
> +#define KVM_ARM_VCPU_REC 9 /* VCPU REC state as part of Realm */
>
> struct kvm_vcpu_init {
> __u32 target;
> @@ -429,6 +430,54 @@ enum {
> #define KVM_DEV_ARM_VGIC_SAVE_PENDING_TABLES 3
> #define KVM_DEV_ARM_ITS_CTRL_RESET 4
>
> +/* KVM_CAP_ARM_RME on VM fd */
> +#define KVM_CAP_ARM_RME_CONFIG_REALM 0
> +#define KVM_CAP_ARM_RME_CREATE_REALM 1
> +#define KVM_CAP_ARM_RME_INIT_RIPAS_REALM 2
> +#define KVM_CAP_ARM_RME_POPULATE_REALM 3
> +#define KVM_CAP_ARM_RME_ACTIVATE_REALM 4
> +
> +/* List of configuration items accepted for KVM_CAP_ARM_RME_CONFIG_REALM */
> +#define ARM_RME_CONFIG_RPV 0
> +#define ARM_RME_CONFIG_HASH_ALGO 1
> +
> +#define ARM_RME_CONFIG_HASH_ALGO_SHA256 0
> +#define ARM_RME_CONFIG_HASH_ALGO_SHA512 1
> +
> +#define ARM_RME_CONFIG_RPV_SIZE 64
> +
> +struct arm_rme_config {
> + __u32 cfg;
> + union {
> + /* cfg == ARM_RME_CONFIG_RPV */
> + struct {
> + __u8 rpv[ARM_RME_CONFIG_RPV_SIZE];
> + };
> +
> + /* cfg == ARM_RME_CONFIG_HASH_ALGO */
> + struct {
> + __u32 hash_algo;
> + };
> +
> + /* Fix the size of the union */
> + __u8 reserved[256];
> + };
> +};
> +
> +#define KVM_ARM_RME_POPULATE_FLAGS_MEASURE (1 << 0)
> +struct arm_rme_populate_realm {
> + __u64 base;
> + __u64 size;
> + __u32 flags;
> + __u32 reserved[3];
> +};
> +
> +struct arm_rme_init_ripas {
> + __u64 base;
> + __u64 size;
> + __u64 reserved[2];
> +};
> +
> /* Device Control API on vcpu fd */
> #define KVM_ARM_VCPU_PMU_V3_CTRL 0
> #define KVM_ARM_VCPU_PMU_V3_IRQ 0
> diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h
> index d00b85cb168c..3690664e272c 100644
> --- a/include/uapi/linux/kvm.h
> +++ b/include/uapi/linux/kvm.h
> @@ -934,6 +934,7 @@ struct kvm_enable_cap {
> #define KVM_CAP_ARM_EL2 240
> #define KVM_CAP_ARM_EL2_E2H0 241
> #define KVM_CAP_RISCV_MP_STATE_RESET 242
> +#define KVM_CAP_ARM_RME 243
>
> struct kvm_irq_routing_irqchip {
> __u32 irqchip;
> @@ -1586,4 +1587,13 @@ struct kvm_pre_fault_memory {
> __u64 padding[5];
> };
>
> +/* Available with KVM_CAP_ARM_RME, only for VMs with KVM_VM_TYPE_ARM_REALM */
> +struct kvm_arm_rmm_psci_complete {
> + __u64 target_mpidr;
> + __u32 psci_status;
> + __u32 padding[3];
> +};
> +
> +#define KVM_ARM_VCPU_RMM_PSCI_COMPLETE _IOW(KVMIO, 0xd6, struct kvm_arm_rmm_psci_complete)
> +
> #endif /* __LINUX_KVM_H */
Thanks,
Gavin
next prev parent reply other threads:[~2025-07-01 7:17 UTC|newest]
Thread overview: 90+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-06-11 10:47 [PATCH v9 00/43] arm64: Support for Arm CCA in KVM Steven Price
2025-06-11 10:47 ` [PATCH v9 01/43] kvm: arm64: Include kvm_emulate.h in kvm/arm_psci.h Steven Price
2025-06-11 10:47 ` [PATCH v9 02/43] arm64: RME: Handle Granule Protection Faults (GPFs) Steven Price
2025-06-11 10:48 ` [PATCH v9 03/43] arm64: RME: Add SMC definitions for calling the RMM Steven Price
2025-06-11 10:48 ` [PATCH v9 04/43] arm64: RME: Add wrappers for RMI calls Steven Price
2025-06-11 10:48 ` [PATCH v9 05/43] arm64: RME: Check for RME support at KVM init Steven Price
2025-06-11 10:48 ` [PATCH v9 06/43] arm64: RME: Define the user ABI Steven Price
2025-07-01 6:29 ` Gavin Shan [this message]
2025-06-11 10:48 ` [PATCH v9 07/43] arm64: RME: ioctls to create and configure realms Steven Price
2025-06-16 10:47 ` Suzuki K Poulose
2025-06-23 13:17 ` zhuangyiwei
2025-06-23 14:45 ` Steven Price
2025-06-11 10:48 ` [PATCH v9 08/43] kvm: arm64: Don't expose debug capabilities for realm guests Steven Price
2025-06-11 10:48 ` [PATCH v9 09/43] KVM: arm64: Allow passing machine type in KVM creation Steven Price
2025-07-01 6:38 ` Gavin Shan
2025-06-11 10:48 ` [PATCH v9 10/43] arm64: RME: RTT tear down Steven Price
2025-06-16 10:41 ` Suzuki K Poulose
2025-06-23 14:45 ` Steven Price
2025-06-11 10:48 ` [PATCH v9 11/43] arm64: RME: Allocate/free RECs to match vCPUs Steven Price
2025-06-25 9:00 ` Joey Gouly
2025-06-27 10:37 ` Steven Price
2025-06-11 10:48 ` [PATCH v9 12/43] KVM: arm64: vgic: Provide helper for number of list registers Steven Price
2025-07-01 10:16 ` Suzuki K Poulose
2025-06-11 10:48 ` [PATCH v9 13/43] arm64: RME: Support for the VGIC in realms Steven Price
2025-07-01 6:41 ` Gavin Shan
2025-07-01 10:20 ` Suzuki K Poulose
2025-07-03 13:22 ` Suzuki K Poulose
2025-07-09 14:42 ` Steven Price
2025-06-11 10:48 ` [PATCH v9 14/43] KVM: arm64: Support timers in realm RECs Steven Price
2025-07-01 6:42 ` Gavin Shan
2025-07-09 14:49 ` Joey Gouly
2025-07-09 15:29 ` Steven Price
2025-06-11 10:48 ` [PATCH v9 15/43] arm64: RME: Allow VMM to set RIPAS Steven Price
2025-06-17 12:16 ` zhuangyiwei
2025-06-17 12:56 ` zhuangyiwei
2025-06-23 14:45 ` Steven Price
2025-06-18 12:33 ` Andre Przywara
2025-06-23 14:45 ` Steven Price
2025-07-02 0:37 ` Gavin Shan
2025-07-09 14:42 ` Steven Price
2025-07-10 5:24 ` Gavin Shan
2025-06-11 10:48 ` [PATCH v9 16/43] arm64: RME: Handle realm enter/exit Steven Price
2025-06-25 1:45 ` Emi Kisanuki (Fujitsu)
2025-07-02 0:41 ` Gavin Shan
2025-06-11 10:48 ` [PATCH v9 17/43] arm64: RME: Handle RMI_EXIT_RIPAS_CHANGE Steven Price
2025-07-02 0:44 ` Gavin Shan
2025-06-11 10:48 ` [PATCH v9 18/43] KVM: arm64: Handle realm MMIO emulation Steven Price
2025-06-11 10:48 ` [PATCH v9 19/43] arm64: RME: Allow populating initial contents Steven Price
2025-08-01 1:56 ` Vishal Annapurve
2025-08-13 9:30 ` Steven Price
2025-08-14 16:26 ` Vishal Annapurve
2025-08-15 15:48 ` Steven Price
2025-08-15 18:18 ` Vishal Annapurve
2025-08-16 1:56 ` Vishal Annapurve
2025-06-11 10:48 ` [PATCH v9 20/43] arm64: RME: Runtime faulting of memory Steven Price
2025-06-16 11:55 ` Gavin Shan
2025-06-23 16:04 ` Steven Price
2025-07-02 1:04 ` Gavin Shan
2025-06-11 10:48 ` [PATCH v9 21/43] KVM: arm64: Handle realm VCPU load Steven Price
2025-06-11 10:48 ` [PATCH v9 22/43] KVM: arm64: Validate register access for a Realm VM Steven Price
2025-06-24 15:10 ` Joey Gouly
2025-06-11 10:48 ` [PATCH v9 23/43] KVM: arm64: Handle Realm PSCI requests Steven Price
2025-06-11 10:48 ` [PATCH v9 24/43] KVM: arm64: WARN on injected undef exceptions Steven Price
2025-06-11 10:48 ` [PATCH v9 25/43] arm64: Don't expose stolen time for realm guests Steven Price
2025-06-11 10:48 ` [PATCH v9 26/43] arm64: RME: allow userspace to inject aborts Steven Price
2025-06-11 10:48 ` [PATCH v9 27/43] arm64: RME: support RSI_HOST_CALL Steven Price
2025-06-11 10:48 ` [PATCH v9 28/43] arm64: RME: Allow checking SVE on VM instance Steven Price
2025-06-24 12:50 ` Joey Gouly
2025-06-11 10:48 ` [PATCH v9 29/43] arm64: RME: Always use 4k pages for realms Steven Price
2025-06-11 10:48 ` [PATCH v9 30/43] arm64: RME: Prevent Device mappings for Realms Steven Price
2025-06-11 10:48 ` [PATCH v9 31/43] arm_pmu: Provide a mechanism for disabling the physical IRQ Steven Price
2025-06-11 10:48 ` [PATCH v9 32/43] arm64: RME: Enable PMU support with a realm guest Steven Price
2025-06-11 10:48 ` [PATCH v9 33/43] arm64: RME: Hide KVM_CAP_READONLY_MEM for realm guests Steven Price
2025-06-11 10:48 ` [PATCH v9 34/43] arm64: RME: Propagate number of breakpoints and watchpoints to userspace Steven Price
2025-07-24 10:20 ` Joey Gouly
2025-06-11 10:48 ` [PATCH v9 35/43] arm64: RME: Set breakpoint parameters through SET_ONE_REG Steven Price
2025-06-11 10:48 ` [PATCH v9 36/43] arm64: RME: Initialize PMCR.N with number counter supported by RMM Steven Price
2025-07-24 10:47 ` Joey Gouly
2025-06-11 10:48 ` [PATCH v9 37/43] arm64: RME: Propagate max SVE vector length from RMM Steven Price
2025-06-11 10:48 ` [PATCH v9 38/43] arm64: RME: Configure max SVE vector length for a Realm Steven Price
2025-06-11 10:48 ` [PATCH v9 39/43] arm64: RME: Provide register list for unfinalized RME RECs Steven Price
2025-06-11 10:48 ` [PATCH v9 40/43] arm64: RME: Provide accurate register list Steven Price
2025-06-11 10:48 ` [PATCH v9 41/43] KVM: arm64: Expose support for private memory Steven Price
2025-06-12 15:14 ` Joey Gouly
2025-06-12 15:32 ` Steven Price
2025-06-11 10:48 ` [PATCH v9 42/43] KVM: arm64: Expose KVM_ARM_VCPU_REC to user space Steven Price
2025-06-11 10:48 ` [PATCH v9 43/43] KVM: arm64: Allow activating realms Steven Price
2025-06-25 1:51 ` [PATCH v9 00/43] arm64: Support for Arm CCA in KVM Emi Kisanuki (Fujitsu)
2025-06-27 10:37 ` Steven Price
2025-07-04 4:58 ` Gavin Shan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=60e5f88e-c8f1-40d9-a69c-e7da4fc1c953@redhat.com \
--to=gshan@redhat.com \
--cc=alexandru.elisei@arm.com \
--cc=alpergun@google.com \
--cc=aneesh.kumar@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=christoffer.dall@arm.com \
--cc=fj0570is@fujitsu.com \
--cc=gankulkarni@os.amperecomputing.com \
--cc=james.morse@arm.com \
--cc=joey.gouly@arm.com \
--cc=kvm@vger.kernel.org \
--cc=kvmarm@lists.linux.dev \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-coco@lists.linux.dev \
--cc=linux-kernel@vger.kernel.org \
--cc=maz@kernel.org \
--cc=oliver.upton@linux.dev \
--cc=sdonthineni@nvidia.com \
--cc=steven.price@arm.com \
--cc=suzuki.poulose@arm.com \
--cc=tabba@google.com \
--cc=will@kernel.org \
--cc=yuzenghui@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).