From: Mark Brown <broonie@kernel.org>
To: Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will@kernel.org>, Marc Zyngier <maz@kernel.org>,
Shuah Khan <skhan@linuxfoundation.org>,
Shuah Khan <shuah@kernel.org>
Cc: Alan Hayward <alan.hayward@arm.com>,
Luis Machado <luis.machado@arm.com>,
Salil Akerkar <Salil.Akerkar@arm.com>,
Basant Kumar Dwivedi <Basant.KumarDwivedi@arm.com>,
Szabolcs Nagy <szabolcs.nagy@arm.com>,
James Morse <james.morse@arm.com>,
Alexandru Elisei <alexandru.elisei@arm.com>,
Suzuki K Poulose <suzuki.poulose@arm.com>,
linux-arm-kernel@lists.infradead.org,
linux-kselftest@vger.kernel.org, kvmarm@lists.cs.columbia.edu,
Mark Brown <broonie@kernel.org>
Subject: [PATCH v8 25/38] KVM: arm64: Trap SME usage in guest
Date: Tue, 25 Jan 2022 00:11:01 +0000 [thread overview]
Message-ID: <20220125001114.193425-26-broonie@kernel.org> (raw)
In-Reply-To: <20220125001114.193425-1-broonie@kernel.org>
SME defines two new traps which need to be enabled for guests to ensure
that they can't use SME, one for the main SME operations which mirrors the
traps for SVE and another for access to TPIDR2 in SCTLR_EL2.
For VHE manage SMEN along with ZEN in activate_traps() and the FP state
management callbacks.
For nVHE the value to be used for CPTR_EL2 in the guest is stored in
vcpu->arch.cptr_el2, set TSM there during initialisation. It will be
cleared in __deactivate_traps_common() by virtue of not being set in
CPTR_EL2_DEFAULT.
For both VHE and nVHE cases handle SCTLR_EL2.EnTPIDR2 in the shared
__active_traps_common() and __deactivate_traps_common(), there is no
existing dynamic management of SCTLR_EL2.
Signed-off-by: Mark Brown <broonie@kernel.org>
---
arch/arm64/kvm/hyp/nvhe/switch.c | 30 ++++++++++++++++++++++++++++++
arch/arm64/kvm/hyp/vhe/switch.c | 10 +++++++++-
2 files changed, 39 insertions(+), 1 deletion(-)
diff --git a/arch/arm64/kvm/hyp/nvhe/switch.c b/arch/arm64/kvm/hyp/nvhe/switch.c
index 6410d21d8695..184bf6bd79b9 100644
--- a/arch/arm64/kvm/hyp/nvhe/switch.c
+++ b/arch/arm64/kvm/hyp/nvhe/switch.c
@@ -47,10 +47,25 @@ static void __activate_traps(struct kvm_vcpu *vcpu)
val |= CPTR_EL2_TFP | CPTR_EL2_TZ;
__activate_traps_fpsimd32(vcpu);
}
+ if (IS_ENABLED(CONFIG_ARM64_SME) && cpus_have_final_cap(ARM64_SME))
+ val |= CPTR_EL2_TSM;
write_sysreg(val, cptr_el2);
write_sysreg(__this_cpu_read(kvm_hyp_vector), vbar_el2);
+ if (IS_ENABLED(CONFIG_ARM64_SME) && cpus_have_final_cap(ARM64_SME) &&
+ cpus_have_final_cap(ARM64_HAS_FGT)) {
+ val = read_sysreg_s(SYS_HFGRTR_EL2);
+ val &= ~(HFGxTR_EL2_nTPIDR_EL0_MASK |
+ HFGxTR_EL2_nSMPRI_EL1_MASK);
+ write_sysreg_s(val, SYS_HFGRTR_EL2);
+
+ val = read_sysreg_s(SYS_HFGWTR_EL2);
+ val &= ~(HFGxTR_EL2_nTPIDR_EL0_MASK |
+ HFGxTR_EL2_nSMPRI_EL1_MASK);
+ write_sysreg_s(val, SYS_HFGWTR_EL2);
+ }
+
if (cpus_have_final_cap(ARM64_WORKAROUND_SPECULATIVE_AT)) {
struct kvm_cpu_context *ctxt = &vcpu->arch.ctxt;
@@ -94,9 +109,24 @@ static void __deactivate_traps(struct kvm_vcpu *vcpu)
write_sysreg(this_cpu_ptr(&kvm_init_params)->hcr_el2, hcr_el2);
+ if (IS_ENABLED(CONFIG_ARM64_SME) && cpus_have_final_cap(ARM64_SME) &&
+ cpus_have_final_cap(ARM64_HAS_FGT)) {
+ u64 val;
+
+ val = read_sysreg_s(SYS_HFGRTR_EL2);
+ val |= HFGxTR_EL2_nTPIDR_EL0_MASK | HFGxTR_EL2_nSMPRI_EL1_MASK;
+ write_sysreg_s(val, SYS_HFGRTR_EL2);
+
+ val = read_sysreg_s(SYS_HFGWTR_EL2);
+ val |= HFGxTR_EL2_nTPIDR_EL0_MASK | HFGxTR_EL2_nSMPRI_EL1_MASK;
+ write_sysreg_s(val, SYS_HFGWTR_EL2);
+ }
+
cptr = CPTR_EL2_DEFAULT;
if (vcpu_has_sve(vcpu) && (vcpu->arch.flags & KVM_ARM64_FP_ENABLED))
cptr |= CPTR_EL2_TZ;
+ if (IS_ENABLED(CONFIG_ARM64_SME) && cpus_have_final_cap(ARM64_SME))
+ cptr &= ~CPTR_EL2_TSM;
write_sysreg(cptr, cptr_el2);
write_sysreg(__kvm_hyp_host_vector, vbar_el2);
diff --git a/arch/arm64/kvm/hyp/vhe/switch.c b/arch/arm64/kvm/hyp/vhe/switch.c
index 11d053fdd604..f5630579f577 100644
--- a/arch/arm64/kvm/hyp/vhe/switch.c
+++ b/arch/arm64/kvm/hyp/vhe/switch.c
@@ -38,7 +38,7 @@ static void __activate_traps(struct kvm_vcpu *vcpu)
val = read_sysreg(cpacr_el1);
val |= CPACR_EL1_TTA;
- val &= ~CPACR_EL1_ZEN;
+ val &= ~(CPACR_EL1_ZEN | CPACR_EL1_SMEN);
/*
* With VHE (HCR.E2H == 1), accesses to CPACR_EL1 are routed to
@@ -59,6 +59,10 @@ static void __activate_traps(struct kvm_vcpu *vcpu)
__activate_traps_fpsimd32(vcpu);
}
+ if (IS_ENABLED(CONFIG_ARM64_SME) && cpus_have_final_cap(ARM64_SME))
+ write_sysreg(read_sysreg(sctlr_el2) & ~SCTLR_ELx_ENTP2,
+ sctlr_el2);
+
write_sysreg(val, cpacr_el1);
write_sysreg(__this_cpu_read(kvm_hyp_vector), vbar_el1);
@@ -80,6 +84,10 @@ static void __deactivate_traps(struct kvm_vcpu *vcpu)
*/
asm(ALTERNATIVE("nop", "isb", ARM64_WORKAROUND_SPECULATIVE_AT));
+ if (IS_ENABLED(CONFIG_ARM64_SME) && cpus_have_final_cap(ARM64_SME))
+ write_sysreg(read_sysreg(sctlr_el2) | SCTLR_ELx_ENTP2,
+ sctlr_el2);
+
write_sysreg(CPACR_EL1_DEFAULT, cpacr_el1);
write_sysreg(vectors, vbar_el1);
}
--
2.30.2
next prev parent reply other threads:[~2022-01-25 0:30 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-25 0:10 [PATCH v8 00/38] arm64/sme: Initial support for the Scalable Matrix Extension Mark Brown
2022-01-25 0:10 ` [PATCH v8 01/38] arm64: cpufeature: Always specify and use a field width for capabilities Mark Brown
2022-01-25 10:57 ` Suzuki K Poulose
2022-01-25 12:10 ` Mark Brown
2022-01-25 0:10 ` [PATCH v8 02/38] arm64: Add feature detection for fine grained traps Mark Brown
2022-01-25 0:10 ` [PATCH v8 03/38] kselftest/arm64: Remove local ARRAY_SIZE() definitions Mark Brown
2022-01-25 0:10 ` [PATCH v8 04/38] arm64/sme: Provide ABI documentation for SME Mark Brown
2022-01-25 0:10 ` [PATCH v8 05/38] arm64/sme: System register and exception syndrome definitions Mark Brown
2022-01-25 11:25 ` Marc Zyngier
2022-01-25 12:15 ` Mark Brown
2022-01-25 0:10 ` [PATCH v8 06/38] arm64/sme: Manually encode SME instructions Mark Brown
2022-01-25 0:10 ` [PATCH v8 07/38] arm64/sme: Early CPU setup for SME Mark Brown
2022-01-25 0:10 ` [PATCH v8 08/38] arm64/sme: Basic enumeration support Mark Brown
2022-01-25 0:10 ` [PATCH v8 09/38] arm64/sme: Identify supported SME vector lengths at boot Mark Brown
2022-01-25 0:10 ` [PATCH v8 10/38] arm64/sme: Implement sysctl to set the default vector length Mark Brown
2022-01-25 0:10 ` [PATCH v8 11/38] arm64/sme: Implement vector length configuration prctl()s Mark Brown
2022-01-25 0:10 ` [PATCH v8 12/38] arm64/sme: Implement support for TPIDR2 Mark Brown
2022-01-25 0:10 ` [PATCH v8 13/38] arm64/sme: Implement SVCR context switching Mark Brown
2022-01-25 0:10 ` [PATCH v8 14/38] arm64/sme: Implement streaming SVE " Mark Brown
2022-01-25 0:10 ` [PATCH v8 15/38] arm64/sme: Implement ZA " Mark Brown
2022-01-25 0:10 ` [PATCH v8 16/38] arm64/sme: Implement traps and syscall handling for SME Mark Brown
2022-01-25 0:10 ` [PATCH v8 17/38] arm64/sme: Disable ZA and streaming mode when handling signals Mark Brown
2022-01-25 0:10 ` [PATCH v8 18/38] arm64/sme: Implement streaming SVE signal handling Mark Brown
2022-01-25 0:10 ` [PATCH v8 19/38] arm64/sme: Implement ZA " Mark Brown
2022-01-25 0:10 ` [PATCH v8 20/38] arm64/sme: Implement ptrace support for streaming mode SVE registers Mark Brown
2022-01-25 0:10 ` [PATCH v8 21/38] arm64/sme: Add ptrace support for ZA Mark Brown
2022-01-25 0:10 ` [PATCH v8 22/38] arm64/sme: Disable streaming mode and ZA when flushing CPU state Mark Brown
2022-01-25 0:10 ` [PATCH v8 23/38] arm64/sme: Save and restore streaming mode over EFI runtime calls Mark Brown
2022-01-25 0:11 ` [PATCH v8 24/38] KVM: arm64: Hide SME system registers from guests Mark Brown
2022-01-25 0:11 ` Mark Brown [this message]
2022-01-25 11:27 ` [PATCH v8 25/38] KVM: arm64: Trap SME usage in guest Marc Zyngier
2022-01-25 12:25 ` Mark Brown
2022-01-25 13:21 ` Marc Zyngier
2022-01-25 14:25 ` Mark Brown
2022-01-25 0:11 ` [PATCH v8 26/38] KVM: arm64: Handle SME host state when running guests Mark Brown
2022-01-25 11:59 ` Marc Zyngier
2022-01-25 12:52 ` Mark Brown
2022-01-25 13:22 ` Marc Zyngier
2022-01-25 13:34 ` Mark Brown
2022-01-25 0:11 ` [PATCH v8 27/38] arm64/sme: Provide Kconfig for SME Mark Brown
2022-01-25 0:11 ` [PATCH v8 28/38] kselftest/arm64: sme: Add streaming SME support to vlset Mark Brown
2022-01-25 0:11 ` [PATCH v8 29/38] kselftest/arm64: Add tests for TPIDR2 Mark Brown
2022-01-25 0:11 ` [PATCH v8 30/38] kselftest/arm64: Extend vector configuration API tests to cover SME Mark Brown
2022-01-25 0:11 ` [PATCH v8 31/38] kselftest/arm64: sme: Provide streaming mode SVE stress test Mark Brown
2022-01-25 0:11 ` [PATCH v8 32/38] kselftest/arm64: signal: Allow tests to be incompatible with features Mark Brown
2022-01-25 0:11 ` [PATCH v8 33/38] kselftest/arm64: signal: Handle ZA signal context in core code Mark Brown
2022-01-25 0:11 ` [PATCH v8 34/38] kselftest/arm64: Add stress test for SME ZA context switching Mark Brown
2022-01-25 0:11 ` [PATCH v8 35/38] kselftest/arm64: signal: Add SME signal handling tests Mark Brown
2022-01-25 0:11 ` [PATCH v8 36/38] kselftest/arm64: Add streaming SVE to SVE ptrace tests Mark Brown
2022-01-25 0:11 ` [PATCH v8 37/38] kselftest/arm64: Add coverage for the ZA ptrace interface Mark Brown
2022-01-25 0:11 ` [PATCH v8 38/38] kselftest/arm64: Add SME support to syscall ABI test Mark Brown
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220125001114.193425-26-broonie@kernel.org \
--to=broonie@kernel.org \
--cc=Basant.KumarDwivedi@arm.com \
--cc=Salil.Akerkar@arm.com \
--cc=alan.hayward@arm.com \
--cc=alexandru.elisei@arm.com \
--cc=catalin.marinas@arm.com \
--cc=james.morse@arm.com \
--cc=kvmarm@lists.cs.columbia.edu \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=luis.machado@arm.com \
--cc=maz@kernel.org \
--cc=shuah@kernel.org \
--cc=skhan@linuxfoundation.org \
--cc=suzuki.poulose@arm.com \
--cc=szabolcs.nagy@arm.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox