Re: [PATCH v3 00/17] KVM: arm64: Allow using VHE in the nVHE hypervisor

From: Marc Zyngier <maz@kernel.org>
To: kvmarm@lists.linux.dev, kvm@vger.kernel.org,
	linux-arm-kernel@lists.infradead.org
Cc: James Morse <james.morse@arm.com>,
	Suzuki K Poulose <suzuki.poulose@arm.com>,
	Oliver Upton <oliver.upton@linux.dev>,
	Zenghui Yu <yuzenghui@huawei.com>,
	Quentin Perret <qperret@google.com>,
	Will Deacon <will@kernel.org>, Fuad Tabba <tabba@google.com>,
	Catalin Marinas <catalin.marinas@arm.com>
Subject: Re: [PATCH v3 00/17] KVM: arm64: Allow using VHE in the nVHE hypervisor
Date: Fri, 09 Jun 2023 17:54:23 +0100	[thread overview]
Message-ID: <87zg58mv9c.wl-maz@kernel.org> (raw)
In-Reply-To: <20230609162200.2024064-1-maz@kernel.org>

+ Catalin, as this changes a bunch of arch stuff (nothing major, but
still...)

On Fri, 09 Jun 2023 17:21:43 +0100,
Marc Zyngier <maz@kernel.org> wrote:
> 
> KVM (on ARMv8.0) and pKVM (on all revisions of the architecture) use
> the split hypervisor model that makes the EL2 code more or less
> standalone. In the later case, we totally ignore the VHE mode and
> stick with the good old v8.0 EL2 setup.
> 
> This is all good, but means that the EL2 code is limited in what it
> can do with its own address space. This series proposes to remove this
> limitation and to allow VHE to be used even with the split hypervisor
> model. This has some potential isolation benefits[1], and eventually
> allow systems that do not support HCR_EL2.E2H==0 to run pKVM.
> 
> We introduce a new "mode" for KVM called hVHE, in reference to the
> nVHE mode, and indicating that only the hypervisor is using VHE. Note
> that this is all this series does. No effort is made to improve the VA
> space management, which will be the subject of another series if this
> one ever makes it.
> 
> This has been tested on a M1 box (bare metal) as well as as a nested
> guest on M2, both with the standard nVHE and protected modes, with no
> measurable change in performance.
> 
> Note: the last patch of this series is not a merge candidate.
> 
> Thanks,
> 
>         M.
> 
> [1] https://www.youtube.com/watch?v=1F_Mf2j9eIo&list=PLbzoR-pLrL6qWL3v2KOcvwZ54-w0z5uXV&index=11
> 
> * From v2:
>   - Use BUILD_BUG_ON() to prevent the use of is_kernel_in_hyp_mode()
>     form hypervisor context
>   - Validate that all CPUs are VHE-capable before flipping the
>     capability
> 
> * From v1:
>   - Fixed CNTHCTL_EL2 setup when switching from E2H=0 to E2H=1
>     Amusingly, this was found on NV...
>   - Rebased on 6.4-rc2
> 
> Marc Zyngier (17):
>   KVM: arm64: Drop is_kernel_in_hyp_mode() from
>     __invalidate_icache_guest_page()
>   arm64: Prevent the use of is_kernel_in_hyp_mode() in hypervisor code
>   arm64: Turn kaslr_feature_override into a generic SW feature override
>   arm64: Add KVM_HVHE capability and has_hvhe() predicate
>   arm64: Don't enable VHE for the kernel if OVERRIDE_HVHE is set
>   arm64: Allow EL1 physical timer access when running VHE
>   arm64: Use CPACR_EL1 format to set CPTR_EL2 when E2H is set
>   KVM: arm64: Remove alternatives from sysreg accessors in VHE
>     hypervisor context
>   KVM: arm64: Key use of VHE instructions in nVHE code off
>     ARM64_KVM_HVHE
>   KVM: arm64: Force HCR_EL2.E2H when ARM64_KVM_HVHE is set
>   KVM: arm64: Disable TTBR1_EL2 when using ARM64_KVM_HVHE
>   KVM: arm64: Adjust EL2 stage-1 leaf AP bits when ARM64_KVM_HVHE is set
>   KVM: arm64: Rework CPTR_EL2 programming for HVHE configuration
>   KVM: arm64: Program the timer traps with VHE layout in hVHE mode
>   KVM: arm64: Force HCR_E2H in guest context when ARM64_KVM_HVHE is set
>   arm64: Allow arm64_sw.hvhe on command line
>   KVM: arm64: Terrible timer hack for M1 with hVHE
> 
>  arch/arm64/include/asm/arch_timer.h     |  8 ++++
>  arch/arm64/include/asm/cpufeature.h     |  5 +++
>  arch/arm64/include/asm/el2_setup.h      | 26 ++++++++++++-
>  arch/arm64/include/asm/kvm_arm.h        |  4 +-
>  arch/arm64/include/asm/kvm_asm.h        |  1 +
>  arch/arm64/include/asm/kvm_emulate.h    | 33 +++++++++++++++-
>  arch/arm64/include/asm/kvm_hyp.h        | 37 +++++++++++++-----
>  arch/arm64/include/asm/kvm_mmu.h        |  3 +-
>  arch/arm64/include/asm/virt.h           | 12 +++++-
>  arch/arm64/kernel/cpufeature.c          | 21 +++++++++++
>  arch/arm64/kernel/hyp-stub.S            | 10 ++++-
>  arch/arm64/kernel/idreg-override.c      | 25 ++++++++-----
>  arch/arm64/kernel/image-vars.h          |  3 ++
>  arch/arm64/kernel/kaslr.c               |  6 +--
>  arch/arm64/kvm/arch_timer.c             |  5 +++
>  arch/arm64/kvm/arm.c                    | 12 +++++-
>  arch/arm64/kvm/fpsimd.c                 |  4 +-
>  arch/arm64/kvm/hyp/include/hyp/switch.h |  2 +-
>  arch/arm64/kvm/hyp/nvhe/hyp-init.S      |  9 +++++
>  arch/arm64/kvm/hyp/nvhe/hyp-main.c      | 17 ++++++++-
>  arch/arm64/kvm/hyp/nvhe/pkvm.c          | 27 ++++++++++---
>  arch/arm64/kvm/hyp/nvhe/switch.c        | 28 ++++++++------
>  arch/arm64/kvm/hyp/nvhe/timer-sr.c      | 25 +++++++++++--
>  arch/arm64/kvm/hyp/pgtable.c            |  6 ++-
>  arch/arm64/kvm/hyp/vhe/switch.c         |  2 +-
>  arch/arm64/kvm/sys_regs.c               |  2 +-
>  arch/arm64/tools/cpucaps                |  1 +
>  drivers/irqchip/irq-apple-aic.c         | 50 ++++++++++++++++++++++++-
>  28 files changed, 320 insertions(+), 64 deletions(-)
> 
> -- 
> 2.34.1
> 
> 
> 

-- 
Without deviation from the norm, progress is not possible.

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel