From patchwork Mon Aug 9 15:24:27 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Quentin Perret X-Patchwork-Id: 12426799 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.5 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_ADSP_CUSTOM_MED,DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 41C56C4338F for ; Mon, 9 Aug 2021 15:28:12 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id EF9CA60EDF for ; Mon, 9 Aug 2021 15:28:11 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org EF9CA60EDF Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Cc:To:From:Subject:Mime-Version: Message-Id:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Owner; bh=92DEKU4aNi4VN35Rkdf1eP6PLTV1sSkrtpEIuQPb0Vs=; b=H5m TJ87XTvWOHzGJ02Apmwl3DNjlw0FpYXUwQbVUH1dKdfORFPc5xyRt3gyj2f5/D2LtKKIhXKPsbVM+ Qjzwo6+ek8lwqIGm4Gwbk8qfnPoryZJl7MmSARAnjKBbP9ndClk5lag9LRYd6QFmKGgFs/xO1StWu 8Rw2GRdva2mLeAT0y4SzB0GaL/KBov6WE2Sc8JDknZxw4arZe+xBr1bespYG2gDBFAcK27kyPkUZJ RcsbxotUcgsscYvDxv9yozbjn+WrYLBIUc+uakU2ov9UP4D2PO9NEQxwLFSZw2iTbzjS0kg2p9z6R 0bHPzWcDoz6Sbh1+q/AMZGcmH+JgZmw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1mD797-0017qP-18; Mon, 09 Aug 2021 15:24:57 +0000 Received: from mail-qk1-x74a.google.com ([2607:f8b0:4864:20::74a]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1mD793-0017pA-6l for linux-arm-kernel@lists.infradead.org; Mon, 09 Aug 2021 15:24:54 +0000 Received: by mail-qk1-x74a.google.com with SMTP id b9-20020a05620a1269b02903b8bd5c7d95so12788838qkl.12 for ; Mon, 09 Aug 2021 08:24:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:message-id:mime-version:subject:from:to:cc; bh=sfgr1+pjxwO+6iSgebnByF44WjX6kRSHecCaxtQePZ0=; b=Xh2kqkwkFE567i2M7PGURzIq6o67p8a8DB6yI8XjMIyueExrM+HKhm+ixlYuCiVWS/ EumxnwJJ+g6k52kHwJSRi+VRe6hnJ51TCPU7OQLFo+5aXOPS/h1+UCPmuSAJc1DcChA0 hnQ+ceBk6rBjPvn0djNQajEUDYdAOJhL/4Xirk9E1Zr8Vg9l8k/pStrff+kUD0j9v8RV L9VTtxPPs+LjlDVNV+Ekprs4s0YgyKPI9LoUFNWX8OyDWFOuchS1Ej6/W8jQb5nRLyb3 TdyUD9f77ySFL74U9yk+ZiE7V3wkNqY9pf9OmTyXLY4EYH2biilgza9uDl/nXIhhz8W4 CpxQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:message-id:mime-version:subject:from:to:cc; bh=sfgr1+pjxwO+6iSgebnByF44WjX6kRSHecCaxtQePZ0=; b=OV/3yoS5QDga5ZQ8E8UFaZDtCvjwpIKEsD09+4Ug8QPOR+2kuhrmERq5Thv2KSvW8f bIQkCs1mahOh4kv/SebNbHO56cpTDw1AjJw+ihHGhRAs3HlPRoTDcNVormtIoQnvx7Qc zqpFXA12adEZl2MujEXDkhGEukpnhnlh+bSWvYyZDDrRxmO4ZRLm8Uqfy8W9MKFDeR1c YpxSrM1KRRXwooAJqHUpxskYdAsCdYetqUsURRU/sgEU9uN9vH3pK99m5MYnECSjandQ vhXAnvzIDM0wls4wskSOel+D3lyNehZ+QJpBV22pil9SpUhnswdlG8+00k7oAlvIPfPC exXw== X-Gm-Message-State: AOAM533Ztbbu53Hj1xfpq/rLLXVysDtzeT8lrY23pdzb+0NEy4/u6fO7 ICz9xovWUzlIAfnXHqgVXb4pox/0HeV+ X-Google-Smtp-Source: ABdhPJzBn9yhlAu07QtSGQuwxOrZ5MMWw+8/mQ+Vs8NMKruwuhNqXHXVSdp7rqXkm+45IeSKyxkhlT+s0C/r X-Received: from luke.lon.corp.google.com ([2a00:79e0:d:210:b0e8:d460:758b:a0ae]) (user=qperret job=sendgmr) by 2002:a05:6214:f0a:: with SMTP id gw10mr23729394qvb.27.1628522690786; Mon, 09 Aug 2021 08:24:50 -0700 (PDT) Date: Mon, 9 Aug 2021 16:24:27 +0100 Message-Id: <20210809152448.1810400-1-qperret@google.com> Mime-Version: 1.0 X-Mailer: git-send-email 2.32.0.605.g8dce9f2422-goog Subject: [PATCH v4 00/21] Track shared pages at EL2 in protected mode From: Quentin Perret To: maz@kernel.org, james.morse@arm.com, alexandru.elisei@arm.com, suzuki.poulose@arm.com, catalin.marinas@arm.com, will@kernel.org Cc: linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu, linux-kernel@vger.kernel.org, ardb@kernel.org, qwandor@google.com, tabba@google.com, dbrazdil@google.com, kernel-team@android.com, qperret@google.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210809_082453_294250_94E8B374 X-CRM114-Status: GOOD ( 16.57 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Hi all, This is v4 of the patch series previously posted here: https://lore.kernel.org/lkml/20210729132818.4091769-1-qperret@google.com/ This series aims to improve how the nVHE hypervisor tracks ownership of memory pages when running in protected mode ("kvm-arm.mode=protected" on the kernel command line). The main issue with the existing ownership tracking code is that it is completely binary: a page is either owned by an entity (e.g. the host) or not. However, we'll need something smarter to track shared pages, as is needed for virtio, or even just host/hypervisor communications. This series introduces a few changes to the kvm page-table library to allow annotating shared pages in ignored bits (a.k.a. software bits) of leaf entries, and makes use of that infrastructure to track all pages that are shared between the host and the hypervisor. We will obviously want to apply the same treatment to guest stage-2 page-tables, but that is not really possible to do until EL2 manages them directly, so I'll keep that for another series. The series is based on the 5.14-rc5, and has been tested on AML-S905X-CC (Le Potato) and using various Qemu configurations. Changes since v3 - Fixed typos in comments / commit messages; - Various small cleanups and refactoring; - Rebased on 5.14-rc5. Marc Zyngier (1): KVM: arm64: Introduce helper to retrieve a PTE and its level Quentin Perret (19): KVM: arm64: Introduce hyp_assert_lock_held() KVM: arm64: Provide the host_stage2_try() helper macro KVM: arm64: Expose page-table helpers KVM: arm64: Optimize host memory aborts KVM: arm64: Rename KVM_PTE_LEAF_ATTR_S2_IGNORED KVM: arm64: Don't overwrite software bits with owner id KVM: arm64: Tolerate re-creating hyp mappings to set software bits KVM: arm64: Enable forcing page-level stage-2 mappings KVM: arm64: Allow populating software bits KVM: arm64: Add helpers to tag shared pages in SW bits KVM: arm64: Expose host stage-2 manipulation helpers KVM: arm64: Expose pkvm_hyp_id KVM: arm64: Introduce addr_is_memory() KVM: arm64: Enable retrieving protections attributes of PTEs KVM: arm64: Mark host bss and rodata section as shared KVM: arm64: Remove __pkvm_mark_hyp KVM: arm64: Refactor protected nVHE stage-1 locking KVM: arm64: Restrict EL2 stage-1 changes in protected mode KVM: arm64: Make __pkvm_create_mappings static Will Deacon (1): KVM: arm64: Add hyp_spin_is_locked() for basic locking assertions at EL2 arch/arm64/include/asm/kvm_asm.h | 5 +- arch/arm64/include/asm/kvm_pgtable.h | 167 ++++++++---- arch/arm64/kvm/Kconfig | 9 + arch/arm64/kvm/arm.c | 46 ---- arch/arm64/kvm/hyp/include/nvhe/mem_protect.h | 33 ++- arch/arm64/kvm/hyp/include/nvhe/mm.h | 3 +- arch/arm64/kvm/hyp/include/nvhe/spinlock.h | 25 ++ arch/arm64/kvm/hyp/nvhe/hyp-main.c | 20 +- arch/arm64/kvm/hyp/nvhe/mem_protect.c | 225 +++++++++++++--- arch/arm64/kvm/hyp/nvhe/mm.c | 22 +- arch/arm64/kvm/hyp/nvhe/setup.c | 82 +++++- arch/arm64/kvm/hyp/pgtable.c | 247 +++++++++--------- arch/arm64/kvm/mmu.c | 28 +- 13 files changed, 628 insertions(+), 284 deletions(-)