From patchwork Sat Nov 13 01:22:23 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Raghavendra Rao Ananta X-Patchwork-Id: 12692466 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 791F4C433F5 for ; Sat, 13 Nov 2021 01:24:33 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 436A460F55 for ; Sat, 13 Nov 2021 01:24:33 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 436A460F55 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Cc:To:From:Subject:Mime-Version: Message-Id:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Owner; bh=jF3OmNSOyToKGUhmbGGY2XOVBhPVOEqcZwL0Ff8blZY=; b=vNF 9LaOWJsTQ7+3nI5NZu+aFnO1h2p7yXR6ywjyOETw+0oEvMmU+3K3HNLfhkmSSGSHa0Oo0GiRa+n+d uAC1/s3p8GZ4cIQJpnWj+jVEP1veRwm48hR2Px277E4eLmtyZm6s7lvp9WJZV8qFybRADpwT46Mrz K8uGRjfu4zZq+H9/XRrvBN2/lekBMmczsOZLAKQqbv/qMkyZLcZ51z/ciZvAurRUEpIMO8NAk6q4l qdcBFYUGGSlx8FuwhXwN+iNjiLCBjkWvKw4pvTfd6qkyVAyLIa65gTjoYWAfIuLa+FqiddZJC1jtz MOO96dGFo0l7cDus4U/BzMX3sMixZ9w==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1mlhkn-00BxjU-6p; Sat, 13 Nov 2021 01:22:49 +0000 Received: from mail-pf1-x449.google.com ([2607:f8b0:4864:20::449]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1mlhki-00Bxig-Bk for linux-arm-kernel@lists.infradead.org; Sat, 13 Nov 2021 01:22:46 +0000 Received: by mail-pf1-x449.google.com with SMTP id u4-20020a056a00098400b004946fc3e863so6597536pfg.8 for ; Fri, 12 Nov 2021 17:22:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:message-id:mime-version:subject:from:to:cc; bh=2Fl+E7cG54UAD1z/Snstpjzha6PMILzmNdpT7gA3XpY=; b=kObfQ+3XAG09c7i5PoZKbrnoG/eHfjcW3oAmPgKbxnoWhQ1/kFp0530IM35uyyMV87 ZtPq8IdHd9jo79z0GPpm/nbTx7W3/AcKg7Ug4csla8MmTxjojlX2gokq5q5aW7aT2Vn5 oOUaiDuzm+BehTbdFhfndQhsd2yGlbSJQUapGYrNHhQHDAlr8KgWym2QlL2QG+qLnWyz KDNqmtyGqHnBz3SgmyripUOBlvxDv3gSnI1Ix25nclPuqdUP01N9hznuc5ikuwehke/j H3F7DcenpZNgmQiirp9gedpzrXuh6HVYdIljr9d8llkvlGsvyu+22b/R0fJ2WBCpoI9M inFA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:message-id:mime-version:subject:from:to:cc; bh=2Fl+E7cG54UAD1z/Snstpjzha6PMILzmNdpT7gA3XpY=; b=ovKbBRT0wesOl1a/4OTaaijDR3MV8ULaxHU4UmFX6mupH7u+3m2QtJa28lLCUhyh5H 7Rd5a9YSrk2F6ibbILa/vx/nJyxk0HALjo5HOP15hSXGL59mQmUsmUSs361rsfKALemQ FaUx1opZYrNBjSnjkCpgxgWNA62eBod9WlTBjpRgbFMrfeHojbPokED5NaB+5EUozII8 Ojk5hTESkLmIKn6B1vpnFAEPJCp+kGo0Ssekg8IeWdA6wT6gepmxF6VJmGAhM3jvI4Wd 1nyVV1bZTzY+xF2NmvJybnV/o0fSZDkv8pj3rbNUnmVOJecEaKcYBlxGulwsu7ng7Z61 35rg== X-Gm-Message-State: AOAM531qlEO/anOaBaBCrLo+Itiy3gbxbk/NxDMMLyhsNGm4PegSzUo3 qUlrf+/QC5Oga6Sd4lyupgU2ygsbZiZA X-Google-Smtp-Source: ABdhPJx/Kep9Vxyfgt6R4bTxREUyHFoIGgs6339f+KoFG+ERTel8M5+SwsteJA1j0NYJpHiZSWoYJmoEhV7V X-Received: from rananta-virt.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:1bcc]) (user=rananta job=sendgmr) by 2002:a17:902:b20b:b0:141:a92c:a958 with SMTP id t11-20020a170902b20b00b00141a92ca958mr13276516plr.24.1636766562577; Fri, 12 Nov 2021 17:22:42 -0800 (PST) Date: Sat, 13 Nov 2021 01:22:23 +0000 Message-Id: <20211113012234.1443009-1-rananta@google.com> Mime-Version: 1.0 X-Mailer: git-send-email 2.34.0.rc1.387.gb447b232ab-goog Subject: [RFC PATCH v2 00/11] KVM: arm64: Add support for hypercall services selection From: Raghavendra Rao Ananta To: Marc Zyngier , Andrew Jones , James Morse , Alexandru Elisei , Suzuki K Poulose Cc: Paolo Bonzini , Catalin Marinas , Will Deacon , Peter Shier , Ricardo Koller , Oliver Upton , Reiji Watanabe , Jing Zhang , Raghavendra Rao Anata , linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu, linux-kernel@vger.kernel.org, kvm@vger.kernel.org X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20211112_172244_461359_1B848C54 X-CRM114-Status: GOOD ( 25.28 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Hello, Continuing the discussion from [1], the series tries to add support for the user-space to elect the hypercall services that it wishes to expose to the guest, rather than the guest discovering them unconditionally. The idea employed by the series was taken from [1] as suggested by Marc Z. In a broad sense, the idea is similar to the current implementation of PSCI interface- create a 'firmware psuedo-register' to handle the firmware revisions. The series extends this idea to all the other hypercalls such as TRNG (True Random Number Generator), PV_TIME (Paravirtualized Time), and PTP (Precision Time protocol). For better categorization and future scaling, these firmware registers are categorized based on the service call owners, but unlike the existing firmware psuedo-registers, they hold the features supported in the form of a bitmap. During VM (vCPU) initialization, the registers shows an upper-limit of the features supported by the corresponding registers. The VMM can simply use GET_ONE_REG to discover the features. If it's unhappy with any of the features, it can simply write-back the desired feature bitmap using SET_ONE_REG. KVM allows these modification only until a VM has started. KVM also assumes that the VMM is unaware of a register if a register remains unaccessed (read/write), and would simply clear all the bits of the registers such that the guest accidently doesn't get exposed to the features. Finally, the set of bitmaps from all the registers are the services that are exposed to the guest. In order to provide backward compatibility with already existing VMMs, a new capability, KVM_CAP_ARM_HVC_FW_REG_BMAP, is introduced. To enable the bitmap firmware registers extension, the capability must be explicitly enabled. If not, the behavior is similar to the previous setup. The patches are based off of mainline kernel 5.15, with the selftest patches from [2] applied. Patch-1 factors out the non-PSCI related interface from psci.c to hypercalls.c, as the series would extend the list in the upcoming patches. Patches-2,3 introduces core KVM functions, kvm_vcpu_has_run_once() and kvm_vm_has_run_once() to be used in upcoming patches. Patch-4 sets up the framework for the bitmap firmware psuedo-registers. This includes introducing the capability, KVM_CAP_ARM_HVC_FW_REG_BMAP, read/write helpers for the registers, helper to sanitize the regsiters before VM start, and another helper to check if a particular hypercall service is supported for the guest. It also adds the register KVM_REG_ARM_STD_HYP_BMAP to support ARM's standard secure services. Patch-5 introduces the firmware register, KVM_REG_ARM_STD_HYP_BMAP, which holds the standard hypervisor services (such as PV_TIME). Patch-6 introduces the firmware register, KVM_REG_ARM_VENDOR_HYP_BMAP, which holds the vendor specific hypercall services. Patch-7,8 Add the necessary documentation for the newly added capability and firmware registers. Patch-9 imports the SMCCC definitions from linux/arm-smccc.h into tools/ for further use in selftests. Patch-10 adds the selftest to test the guest (using 'hvc') and VMM interfaces (SET/GET_ONE_REG). Patch-11 adds these firmware registers into the get-reg-list selftest. [1]: https://lore.kernel.org/kvmarm/874kbcpmlq.wl-maz@kernel.org/T/ [2]: https://lore.kernel.org/kvmarm/YUzgdbYk8BeCnHyW@google.com/ Regards, Raghavendra v1 -> v2 Addressed comments by Oliver (thanks!): - Introduced kvm_vcpu_has_run_once() and kvm_vm_has_run_once() in the core kvm code, rather than relying on ARM specific vcpu->arch.has_run_once. - Writing to KVM_REG_ARM_PSCI_VERSION is done in hypercalls.c itself, rather than separating out to psci.c. - Introduced KVM_CAP_ARM_HVC_FW_REG_BMAP to enable the extension. - Tracks the register accesses from VMM to decide whether to sanitize a register or not, as opposed to sanitizing upon the first 'write' in v1. - kvm_hvc_call_supported() is implemented using a direct switch-case statement, instead of looping over all the registers to pick the register for the function-id. - Replaced the register bit definitions with #defines, instead of enums. - Removed the patch v1-06/08 that imports the firmware register definitions as it's not needed. - Separated out the documentations in its own patch, and the renaming of hypercalls.rst to psci.rst into another patch. - Add the new firmware registers to get-reg-list KVM selftest. v1: https://lore.kernel.org/kvmarm/20211102002203.1046069-1-rananta@google.com/ Raghavendra Rao Ananta (11): KVM: arm64: Factor out firmware register handling from psci.c KVM: Introduce kvm_vcpu_has_run_once KVM: Introduce kvm_vm_has_run_once KVM: arm64: Setup a framework for hypercall bitmap firmware registers KVM: arm64: Add standard hypervisor firmware register KVM: arm64: Add vendor hypervisor firmware register Docs: KVM: Add doc for the bitmap firmware registers Docs: KVM: Rename psci.rst to hypercalls.rst tools: Import ARM SMCCC definitions selftests: KVM: aarch64: Introduce hypercall ABI test selftests: KVM: aarch64: Add the bitmap firmware registers to get-reg-list Documentation/virt/kvm/api.rst | 23 + Documentation/virt/kvm/arm/hypercalls.rst | 132 ++++++ Documentation/virt/kvm/arm/psci.rst | 77 --- arch/arm64/include/asm/kvm_host.h | 21 +- arch/arm64/include/uapi/asm/kvm.h | 12 + arch/arm64/kvm/arm.c | 31 +- arch/arm64/kvm/guest.c | 2 +- arch/arm64/kvm/hypercalls.c | 437 +++++++++++++++++- arch/arm64/kvm/psci.c | 166 ------- arch/arm64/kvm/pvtime.c | 3 + arch/arm64/kvm/trng.c | 9 +- arch/arm64/kvm/vgic/vgic-init.c | 2 +- arch/riscv/include/asm/kvm_host.h | 3 - arch/riscv/kvm/vcpu.c | 7 +- include/kvm/arm_hypercalls.h | 20 + include/kvm/arm_psci.h | 7 - include/linux/kvm_host.h | 9 + include/uapi/linux/kvm.h | 1 + tools/include/linux/arm-smccc.h | 188 ++++++++ tools/testing/selftests/kvm/.gitignore | 1 + tools/testing/selftests/kvm/Makefile | 1 + .../selftests/kvm/aarch64/get-reg-list.c | 35 ++ .../selftests/kvm/aarch64/hypercalls.c | 367 +++++++++++++++ virt/kvm/kvm_main.c | 18 + 24 files changed, 1291 insertions(+), 281 deletions(-) create mode 100644 Documentation/virt/kvm/arm/hypercalls.rst delete mode 100644 Documentation/virt/kvm/arm/psci.rst create mode 100644 tools/include/linux/arm-smccc.h create mode 100644 tools/testing/selftests/kvm/aarch64/hypercalls.c