From: Marc Zyngier <maz@kernel.org>
To: Fuad Tabba <tabba@google.com>
Cc: kvmarm@lists.linux.dev, kvm@vger.kernel.org,
linux-arm-kernel@lists.infradead.org,
Joey Gouly <joey.gouly@arm.com>,
Suzuki K Poulose <suzuki.poulose@arm.com>,
Oliver Upton <oliver.upton@linux.dev>,
Zenghui Yu <yuzenghui@huawei.com>,
Mark Rutland <mark.rutland@arm.com>
Subject: Re: [PATCH 03/18] KVM: arm64: Handle trapping of FEAT_LS64* instructions
Date: Tue, 04 Mar 2025 15:25:28 +0000 [thread overview]
Message-ID: <86frjsq0lz.wl-maz@kernel.org> (raw)
In-Reply-To: <CA+EHjTwkX+sy1wuS8LvGM+=m_S-h-=xUUXOyMapnoLiHt0XpOw@mail.gmail.com>
Hi Fuad,
On Tue, 04 Mar 2025 14:36:19 +0000,
Fuad Tabba <tabba@google.com> wrote:
>
> Hi Marc,
>
> On Mon, 10 Feb 2025 at 18:42, Marc Zyngier <maz@kernel.org> wrote:
> >
> > We generally don't expect FEAT_LS64* instructions to trap, unless
> > they are trapped by a guest hypervisor.
> >
> > Otherwise, this is just the guest playing tricks on us by using
> > an instruction that isn't advertised, which we handle with a well
> > deserved UNDEF.
> >
> > Signed-off-by: Marc Zyngier <maz@kernel.org>
> > ---
> > arch/arm64/kvm/handle_exit.c | 64 ++++++++++++++++++++++++++++++++++++
> > 1 file changed, 64 insertions(+)
> >
> > diff --git a/arch/arm64/kvm/handle_exit.c b/arch/arm64/kvm/handle_exit.c
> > index 512d152233ff2..4f8354bf7dc5f 100644
> > --- a/arch/arm64/kvm/handle_exit.c
> > +++ b/arch/arm64/kvm/handle_exit.c
> > @@ -294,6 +294,69 @@ static int handle_svc(struct kvm_vcpu *vcpu)
> > return 1;
> > }
> >
> > +static int handle_ls64b(struct kvm_vcpu *vcpu)
> > +{
> > + struct kvm *kvm = vcpu->kvm;
> > + u64 esr = kvm_vcpu_get_esr(vcpu);
> > + u64 iss = ESR_ELx_ISS(esr);
> > + bool allowed;
> > +
> > + switch (iss) {
> > + case ESR_ELx_ISS_ST64BV:
> > + allowed = kvm_has_feat(kvm, ID_AA64ISAR1_EL1, LS64, LS64_V);
> > + break;
> > + case ESR_ELx_ISS_ST64BV0:
> > + allowed = kvm_has_feat(kvm, ID_AA64ISAR1_EL1, LS64, LS64_ACCDATA);
> > + break;
> > + case ESR_ELx_ISS_LDST64B:
> > + allowed = kvm_has_feat(kvm, ID_AA64ISAR1_EL1, LS64, LS64);
> > + break;
> > + default:
> > + /* Clearly, we're missing something. */
> > + goto unknown_trap;
> > + }
> > +
> > + if (!allowed)
> > + goto undef;
> > +
> > + if (vcpu_has_nv(vcpu) && !is_hyp_ctxt(vcpu)) {
> > + u64 hcrx = __vcpu_sys_reg(vcpu, HCRX_EL2);
> > + bool fwd;
> > +
> > + switch (iss) {
> > + case ESR_ELx_ISS_ST64BV:
> > + fwd = !(hcrx & HCRX_EL2_EnASR);
> > + break;
> > + case ESR_ELx_ISS_ST64BV0:
> > + fwd = !(hcrx & HCRX_EL2_EnAS0);
> > + break;
> > + case ESR_ELx_ISS_LDST64B:
> > + fwd = !(hcrx & HCRX_EL2_EnALS);
> > + break;
> > + default:
> > + /* We don't expect to be here */
> > + fwd = false;
> > + }
> > +
> > + if (fwd) {
> > + kvm_inject_nested_sync(vcpu, esr);
> > + return 1;
> > + }
> > + }
> > +
> > +unknown_trap:
> > + /*
> > + * If we land here, something must be very wrong, because we
> > + * have no idea why we trapped at all. Warn and undef as a
> > + * fallback.
> > + */
> > + WARN_ON(1);
>
> nit: should this be WARN_ONCE() instead?
>
> > +
> > +undef:
> > + kvm_inject_undefined(vcpu);
> > + return 1;
> > +}
>
> I'm wondering if this can be simplified by having one switch()
> statement that toggles both allowed and fwd (or maybe even only fwd),
> and then inject depending on that, e.g.,
>
> +static int handle_ls64b(struct kvm_vcpu *vcpu)
> +{
> + struct kvm *kvm = vcpu->kvm;
> + bool is_nv = vcpu_has_nv(vcpu) && !is_hyp_ctxt(vcpu);
> + u64 hcrx = __vcpu_sys_reg(vcpu, HCRX_EL2);
> + u64 esr = kvm_vcpu_get_esr(vcpu);
> + u64 iss = ESR_ELx_ISS(esr);
> + bool fwd = false;
> +
> + switch (iss) {
> + case ESR_ELx_ISS_ST64BV:
> + fwd = kvm_has_feat(kvm, ID_AA64ISAR1_EL1, LS64, LS64_V) &&
> + !(hcrx & HCRX_EL2_EnASR)
> + break;
> ...
> + default:
> + WARN_ONCE(1);
> + }
> +
> + if (is_nv && fwd) {
> + kvm_inject_nested_sync(vcpu, esr);
> + else
> + kvm_inject_undefined(vcpu);
> +
> + return 1;
> +}
>
> I think this has the same effect as the code above.
Yeah, I think something like that could work. I initially was trying
to handle all 4 states (allowed, fwd), but obviously some states do
not exist (you don't forward something that isn't allowed).
My only concern here is that we don't have clear rules on the init of
EL2 guest registers such as HCRX_EL2 when !NV, but that's something
that can be easily done (or even worked around locally).
Maybe we should introduce the dreaded notion of "effective value" for
EL2 registers when NV is not enabled...
Thanks,
M.
--
Without deviation from the norm, progress is not possible.
next prev parent reply other threads:[~2025-03-04 17:29 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-02-10 18:41 [PATCH 00/18] KVM: arm64: Revamp Fine Grained Trap handling Marc Zyngier
2025-02-10 18:41 ` [PATCH 01/18] arm64: Add ID_AA64ISAR1_EL1.LS64 encoding for FEAT_LS64WB Marc Zyngier
2025-02-10 18:41 ` [PATCH 02/18] arm64: Add syndrome information for trapped LD64B/ST64B{,V,V0} Marc Zyngier
2025-02-11 12:23 ` Mark Rutland
2025-02-10 18:41 ` [PATCH 03/18] KVM: arm64: Handle trapping of FEAT_LS64* instructions Marc Zyngier
2025-02-11 12:28 ` Mark Rutland
2025-03-04 14:36 ` Fuad Tabba
2025-03-04 15:25 ` Marc Zyngier [this message]
2025-03-04 15:47 ` Marc Zyngier
2025-02-10 18:41 ` [PATCH 04/18] KVM: arm64: Restrict ACCDATA_EL1 undef to FEAT_ST64_ACCDATA being disabled Marc Zyngier
2025-02-10 18:41 ` [PATCH 05/18] KVM: arm64: Don't treat HCRX_EL2 as a FGT register Marc Zyngier
2025-02-10 18:41 ` [PATCH 06/18] KVM: arm64: Plug FEAT_GCS handling Marc Zyngier
2025-02-11 12:36 ` Mark Rutland
2025-02-11 13:35 ` Marc Zyngier
2025-02-11 13:47 ` Mark Rutland
2025-02-10 18:41 ` [PATCH 07/18] KVM: arm64: Compute FGT masks from KVM's own FGT tables Marc Zyngier
2025-03-04 16:55 ` Fuad Tabba
2025-03-10 11:42 ` Marc Zyngier
2025-03-11 19:10 ` Marc Zyngier
2025-02-10 18:41 ` [PATCH 08/18] KVM: arm64: Add description of FGT bits leading to EC!=0x18 Marc Zyngier
2025-02-10 18:41 ` [PATCH 09/18] KVM: arm64: Use computed masks as sanitisers for FGT registers Marc Zyngier
2025-02-10 18:41 ` [PATCH 10/18] KVM: arm64: Unconditionally configure fine-grain traps Marc Zyngier
2025-02-10 18:41 ` [PATCH 11/18] KVM: arm64: Propagate FGT masks to the nVHE hypervisor Marc Zyngier
2025-02-10 18:41 ` [PATCH 12/18] KVM: arm64: Use computed FGT masks to setup FGT registers Marc Zyngier
2025-02-10 18:41 ` [PATCH 13/18] KVM: arm64: Remove most hand-crafted masks for " Marc Zyngier
2025-02-10 18:41 ` [PATCH 14/18] KVM: arm64: Use KVM-specific HCRX_EL2 RES0 mask Marc Zyngier
2025-02-10 18:41 ` [PATCH 15/18] KVM: arm64: Handle PSB CSYNC traps Marc Zyngier
2025-02-10 18:41 ` [PATCH 16/18] KVM: arm64: Switch to table-driven FGU configuration Marc Zyngier
2025-02-10 18:41 ` [PATCH 17/18] KVM: arm64: Validate FGT register descriptions against RES0 masks Marc Zyngier
2025-02-10 18:41 ` [PATCH 18/18] KVM: arm64: Use FGT feature maps to drive RES0 bits Marc Zyngier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=86frjsq0lz.wl-maz@kernel.org \
--to=maz@kernel.org \
--cc=joey.gouly@arm.com \
--cc=kvm@vger.kernel.org \
--cc=kvmarm@lists.linux.dev \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=mark.rutland@arm.com \
--cc=oliver.upton@linux.dev \
--cc=suzuki.poulose@arm.com \
--cc=tabba@google.com \
--cc=yuzenghui@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).