From: Max Hsu <max.hsu@sifive.com>
To: Conor Dooley <conor@kernel.org>, Rob Herring <robh@kernel.org>,
Krzysztof Kozlowski <krzk+dt@kernel.org>,
Paul Walmsley <paul.walmsley@sifive.com>,
Palmer Dabbelt <palmer@dabbelt.com>,
Albert Ou <aou@eecs.berkeley.edu>,
Anup Patel <anup@brainfault.org>,
Atish Patra <atishp@atishpatra.org>
Cc: Palmer Dabbelt <palmer@sifive.com>,
linux-riscv@lists.infradead.org, devicetree@vger.kernel.org,
linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
kvm-riscv@lists.infradead.org, Max Hsu <max.hsu@sifive.com>,
Samuel Holland <samuel.holland@sifive.com>,
Deepak Gupta <debug@rivosinc.com>,
Alexandre Ghiti <alexghiti@rivosinc.com>
Subject: [PATCH RFC v3 0/3] riscv: add Svukte extension
Date: Wed, 20 Nov 2024 22:09:31 +0800 [thread overview]
Message-ID: <20241120-dev-maxh-svukte-v3-v3-0-1e533d41ae15@sifive.com> (raw)
RISC-V privileged spec will be added with Svukte extension [1]
Svukte introduce senvcfg.UKTE and hstatus.HUKTE bitfield.
which makes user-mode access to supervisor memory raise page faults
in constant time, mitigating attacks that attempt to discover the
supervisor software's address-space layout.
In the Linux kernel, since the hstatus.HU bit is not enabled,
the following patches only enable the use of senvcfg.UKTE.
For Guest environments, because a Guest OS (not limited to Linux)
may hold mappings from GVA to GPA, the Guest OS should decide
whether to enable the protection provided by the Svukte extension.
Therefore, the functions kvm_riscv_vcpu_isa_(enable|disable)_allowed
can use default case (which will return true) in the switch-case.
If the Guest environment wants to change senvcfg.UKTE, KVM already
provides the senvcfg CSR swap support via
kvm_riscv_vcpu_swap_in_(host|guest)_state.
Thus, there is no concern about the Guest OS affecting the Host OS.
The following patches add
- dt-binding of Svukte ISA string
- CSR bit definition, ISA detection, senvcfg.UKTE enablement in kernel
- KVM ISA support for Svukte extension
Changes in v3:
- rebase on riscv/for-next
- fixed typo in the dt-binding for the Svukte ISA string
- updated the commit message for KVM support for the Svukte extension
- Link to v2: https://lore.kernel.org/all/20240927-dev-maxh-svukte-rebase-2-v2-0-9afe57c33aee@sifive.com/
Changes in v2:
- rebase on riscv/for-next (riscv-for-linus-6.12-mw1)
- modify the description of dt-binding on Svukte ISA string
- Link to v1: https://lore.kernel.org/all/20240920-dev-maxh-svukte-rebase-v1-0-7864a88a62bd@sifive.com/
Link: https://github.com/riscv/riscv-isa-manual/pull/1564 [1]
Signed-off-by: Max Hsu <max.hsu@sifive.com>
---
Max Hsu (3):
dt-bindings: riscv: Add Svukte entry
riscv: Add Svukte extension support
riscv: KVM: Add Svukte extension support for Guest/VM
Documentation/devicetree/bindings/riscv/extensions.yaml | 9 +++++++++
arch/riscv/include/asm/csr.h | 2 ++
arch/riscv/include/asm/hwcap.h | 1 +
arch/riscv/include/uapi/asm/kvm.h | 1 +
arch/riscv/kernel/cpufeature.c | 5 +++++
arch/riscv/kvm/vcpu_onereg.c | 1 +
6 files changed, 19 insertions(+)
---
base-commit: 0eb512779d642b21ced83778287a0f7a3ca8f2a1
change-id: 20241115-dev-maxh-svukte-v3-af46d650ac0b
Best regards,
--
Max Hsu <max.hsu@sifive.com>
next reply other threads:[~2024-11-20 14:09 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-11-20 14:09 Max Hsu [this message]
2024-11-20 14:09 ` [PATCH RFC v3 1/3] dt-bindings: riscv: Add Svukte entry Max Hsu
2024-11-20 14:09 ` [PATCH RFC v3 2/3] riscv: Add Svukte extension support Max Hsu
2024-11-20 14:09 ` [PATCH RFC v3 3/3] riscv: KVM: Add Svukte extension support for Guest/VM Max Hsu
2024-11-25 12:08 ` Andrew Jones
2024-12-09 8:09 ` Max Hsu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241120-dev-maxh-svukte-v3-v3-0-1e533d41ae15@sifive.com \
--to=max.hsu@sifive.com \
--cc=alexghiti@rivosinc.com \
--cc=anup@brainfault.org \
--cc=aou@eecs.berkeley.edu \
--cc=atishp@atishpatra.org \
--cc=conor@kernel.org \
--cc=debug@rivosinc.com \
--cc=devicetree@vger.kernel.org \
--cc=krzk+dt@kernel.org \
--cc=kvm-riscv@lists.infradead.org \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-riscv@lists.infradead.org \
--cc=palmer@dabbelt.com \
--cc=palmer@sifive.com \
--cc=paul.walmsley@sifive.com \
--cc=robh@kernel.org \
--cc=samuel.holland@sifive.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox