From patchwork Thu Mar 9 14:52:28 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Joey Gouly X-Patchwork-Id: 13167695 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id C7856C64EC4 for ; Thu, 9 Mar 2023 15:02:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:Message-ID:Date:Subject:CC :To:From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References: List-Owner; bh=9aLQrQQ6+ydaRPBi8BsIULvxPKh+Pt3thYOWlGsla98=; b=NZWF2oEZilBGn7 bYqm/C6zSYhLswibcdWDJOKJOsqjHttXYCQuLIaLUFHAoFtSILwz4tVQ8ZZ15Vp+muqPrGSVtxyBU 81G3I6VpowqaoCRDQ7XWoVOFxjpjd1hijwhA8O885aTN8h9EFPKTcZ9pzOZ/A/NC/RiFtm3DSt9DJ KTpEgGKony4BiBdipHCytt+iVKJCVIrPobYHWe97URF4SUjsCoc4YEfH739sBCil3ARfKkNm7X6xW PDX5M/j6z585xsqYxO/x5r7f//rWxG9axIBNTf6PTD5gsJiXMwCZmLUne5ZUMjo1eeI0CbHmR/TMR H5f98QEe+Ktu6JDMrvbQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1paHkt-00AkJ8-6O; Thu, 09 Mar 2023 15:00:32 +0000 Received: from mail-db3eur04on0631.outbound.protection.outlook.com ([2a01:111:f400:fe0c::631] helo=EUR04-DB3-obe.outbound.protection.outlook.com) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1paHdx-00AhMb-LA for linux-arm-kernel@lists.infradead.org; Thu, 09 Mar 2023 14:53:26 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ympCtcOxLnjSE7hM1cx95fHBSiLOV0r4aErotiVM/YQ=; b=JlLyzLKHOys2eo32kUBmjW0EJtchP/ETYt9sse1AF+eTGwGLPb2ULgsdyf3gCP9wmTIdEi/t6XqtMRpN19OQJeUzfke/D+HoV5QcICdOKqmTHagu6Qkm3epDAy3eOh1fPBN8aOhqnU6Mx9dtfF3j3EBbpV3jaxG6gb5RceaUReI= Received: from DU2PR04CA0276.eurprd04.prod.outlook.com (2603:10a6:10:28c::11) by DB3PR08MB8940.eurprd08.prod.outlook.com (2603:10a6:10:431::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6178.18; Thu, 9 Mar 2023 14:53:13 +0000 Received: from DBAEUR03FT015.eop-EUR03.prod.protection.outlook.com (2603:10a6:10:28c:cafe::dd) by DU2PR04CA0276.outlook.office365.com (2603:10a6:10:28c::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6178.18 via Frontend Transport; Thu, 9 Mar 2023 14:53:13 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;dmarc=pass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com; pr=C Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by DBAEUR03FT015.mail.protection.outlook.com (100.127.142.112) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6156.28 via Frontend Transport; Thu, 9 Mar 2023 14:53:13 +0000 Received: ("Tessian outbound 2ba0ed2ebb9f:v135"); Thu, 09 Mar 2023 14:53:13 +0000 X-CheckRecipientChecked: true X-CR-MTA-CID: da4adc19935d73e9 X-CR-MTA-TID: 64aa7808 Received: from b69b47491910.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id CCF392D8-BD5A-4270-91E4-641275D17969.1; Thu, 09 Mar 2023 14:53:05 +0000 Received: from EUR05-VI1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id b69b47491910.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Thu, 09 Mar 2023 14:53:05 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=P1ppd4q6MBP0LDTjQUwPfLFGBzwlkVFr0DT2jKJdmD07eWIgO6dGoR41/K57EYzIfUjvN1hrul/7XLJSjZt0TgkAEzhgtPu3YtHUn02T1uBhV+WJAnjk4ni4Vq8whX6cGmtr93ZQh5OqD/ESNT8yZt9HKCbZP7ORSyPLfackRwdMa4g4giQKvYKyZeBaAviuN54jX9NjuWLrtftmSiba7EIR1IG36YNudRMhJzkLVqZV/wDU7n3MI/19J+M34lsGL+ttl8qAqd1imUza9hTgvQmycfOdMJ3caDW2gAF20q2yj0W2SErE52zLa7eocsHauphLhgBom19NzBDdDoe5DQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ympCtcOxLnjSE7hM1cx95fHBSiLOV0r4aErotiVM/YQ=; b=kkMbL1auDNRZMWAx2cy18NnUl2t1qbrYYn0eaGP5eQTmYNYarGR0QbKjw60JvCanMdHThwSgIvRwgRoYzWYc4S9qLbo6e/wQ5pPmXSy85YFb6E1OAoe8CRcnjqyCaqeaSlAvqXYuP9m/eMtSF3nviZqfvCis/fn03jkapcKi1/pCpnZ+rnIKuhgOUPp+l+qdITSq6QRYL5EKV+ueCOtwTdiMRj37e//nmnB+hzqpOE747bsUjSH6qbNpK0BzG4BTBeR4kZOBJXrgc4mxOuA6h5MouMZBKzgTkdGt91gl0IHUtBwTF8qGPDPk1aGl7kgugdJQD49o+dJ5kvHa86CoPA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 40.67.248.234) smtp.rcpttodomain=lists.infradead.org smtp.mailfrom=arm.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=arm.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ympCtcOxLnjSE7hM1cx95fHBSiLOV0r4aErotiVM/YQ=; b=JlLyzLKHOys2eo32kUBmjW0EJtchP/ETYt9sse1AF+eTGwGLPb2ULgsdyf3gCP9wmTIdEi/t6XqtMRpN19OQJeUzfke/D+HoV5QcICdOKqmTHagu6Qkm3epDAy3eOh1fPBN8aOhqnU6Mx9dtfF3j3EBbpV3jaxG6gb5RceaUReI= Received: from AM6P191CA0067.EURP191.PROD.OUTLOOK.COM (2603:10a6:209:7f::44) by GV2PR08MB9256.eurprd08.prod.outlook.com (2603:10a6:150:e3::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6178.17; Thu, 9 Mar 2023 14:52:52 +0000 Received: from VI1EUR03FT044.eop-EUR03.prod.protection.outlook.com (2603:10a6:209:7f:cafe::24) by AM6P191CA0067.outlook.office365.com (2603:10a6:209:7f::44) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6178.19 via Frontend Transport; Thu, 9 Mar 2023 14:52:52 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 40.67.248.234) smtp.mailfrom=arm.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 40.67.248.234 as permitted sender) receiver=protection.outlook.com; client-ip=40.67.248.234; helo=nebula.arm.com; pr=C Received: from nebula.arm.com (40.67.248.234) by VI1EUR03FT044.mail.protection.outlook.com (100.127.144.96) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6178.19 via Frontend Transport; Thu, 9 Mar 2023 14:52:52 +0000 Received: from AZ-NEU-EX03.Arm.com (10.251.24.31) by AZ-NEU-EX03.Arm.com (10.251.24.31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.17; Thu, 9 Mar 2023 14:52:50 +0000 Received: from e124191.cambridge.arm.com (10.1.197.45) by mail.arm.com (10.251.24.31) with Microsoft SMTP Server id 15.1.2507.17 via Frontend Transport; Thu, 9 Mar 2023 14:52:50 +0000 From: Joey Gouly To: CC: , , , , , , , , , , Subject: [PATCH v1 00/18] Permission Indirection Extension Date: Thu, 9 Mar 2023 14:52:28 +0000 Message-ID: <20230309145246.22787-1-joey.gouly@arm.com> X-Mailer: git-send-email 2.17.1 MIME-Version: 1.0 X-EOPAttributedMessage: 1 X-MS-TrafficTypeDiagnostic: VI1EUR03FT044:EE_|GV2PR08MB9256:EE_|DBAEUR03FT015:EE_|DB3PR08MB8940:EE_ X-MS-Office365-Filtering-Correlation-Id: 6370dcb7-7395-4ea1-3d41-08db20ae01e4 x-checkrecipientrouted: true NoDisclaimer: true X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Untrusted: BCL:0; X-Microsoft-Antispam-Message-Info-Original: /5x2421/jZ0nVFJTiVCCho3qbj/bRVsRIvhGVhrlCH+fG1wbGqZUj7xG0apdimsvuhvTUidHHvqHnQvJAoFRJbxnmSjnymxBa0RoLe7ldrtsTcTlZQfwNmYdmBNy6Oam/5oCRwr2SZyUVRQn47wM5i3sI1vthC7h1wt6NPEV4F0ju/b5ALjP9KuA6U/58vt2dxipybNDKStQdunqtyHt7itci2uv74bZZIL4huYze25TNuAG4+9QhqdnCqlWbQCZt2Yx6YqH267b0z0h4gRtS4BNm0QllRKinfAICRvpcut2//ImDT4XxkSgCsdNMP3bwqw8YLiWVrl8n6eiNE/igJCVaulnK6lxyMxLjxf8wtKnIYvl3OLIL18ieH9cPyfOXMnkafUnt/N967iKkF0q46LnjX39aZSCf9MxWnexQy/BCLuLMGuUKlcG5RfKg7/ZbGtm0xl6u/jbA7oNrofY7c2h5pEpUrffMb7MqqOUes8Z+z4Btl6AblG21B3nudXFSxYXtJR9F8TcKR3AJj+QNl9a09ErtNSkY/VGHvm7K5HVYpEkFxvk6IlUCVNr1CeMSuVS/K2b222seZlxX26cFwBrAM6KPBzpQMmRihzjbTqSjV6xrPeYmFYVjFitZcuMhZ7EwCX4SVzgAFW8cfJg9f+18bIUitp+cHgQS8PG4bpBRe6z8HGcJVo87QRXEvWGMw9awkWqfmAoxd0MP8P1GrP1mC2gII3COLZ6/n5Eg4s= X-Forefront-Antispam-Report-Untrusted: CIP:40.67.248.234;CTRY:IE;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:nebula.arm.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(39860400002)(376002)(396003)(346002)(136003)(451199018)(46966006)(36840700001)(26005)(36756003)(8936002)(5660300002)(82740400003)(36860700001)(6666004)(426003)(82310400005)(83380400001)(47076005)(81166007)(336012)(2616005)(186003)(8676002)(316002)(54906003)(86362001)(40480700001)(4326008)(70206006)(41300700001)(1076003)(6916009)(70586007)(356005)(966005)(478600001)(7696005)(2906002)(44832011)(36900700001);DIR:OUT;SFP:1101; X-MS-Exchange-Transport-CrossTenantHeadersStamped: GV2PR08MB9256 X-MS-Exchange-Transport-CrossTenantHeadersStripped: DBAEUR03FT015.eop-EUR03.prod.protection.outlook.com X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id-Prvs: fb6cc750-be3c-4c43-8490-08db20adf589 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: QA2ChpWDxa4i0pBkcn/hKb6lmJnoyDLk55Fid4OgXe8ofw7lSvrLTLvqjNWwTgbJDUQf0ReIj/MDcVef6KA5NfD/yOGiP6g89y5gvkLNBK9AEXJ08pqlAYdOLIFRIoFzFjClaU/g4UBml3WMJ+xTO9psU3FQDm+036SO1CF/C4QTaCXuaXF3ivvsRh5QRIF8mVDmjxSK1kDsw7aFiHRR/8h8WSNroEcv54hZN+Q5lEfuiTt9eb6TrxhbPMuQh04M7x2/TDdtTTQMT6ugcF4+YIPY0fZyUu4WJoA/oanMtZzQwBsQDeuIm5i+EyUg3yhtU0QnH9GiTknReiUOZ50f6PhCMQlx4saJEstQm3Nf3h45qgoT7cEdYLgP/+dVt+JmlG4o8J/c5x3NLRdzutcBzlUFP9eEOQUrHSXEQFf7GFMYW/fq6iT61Vlf6bq1hGqUzy6LSMx0pvnhQFcHWDQspgtdIqdHDzHu1SMO6QfD2L0H0MrKykXGNZTxNM3zgd97VVwxsKyAMzFfBI+IH0m8CRBgkHFd3PVvQ6X2kLR6oEvmjdDkGfZDFyDAu0ixF0lNm+EZ94thWiye0b4QkHJnbqEhsEMX0Il2He55oeLvp7yX5AllUxj+mNCxD91CqUQHlI5YRaNJoSt3VgAUnjyxa85Vu9VI9gP0L9Z+83lZ2rEjrno2zCEI5tPSI9dPKh8Y8ZdW4S8Bw8wWHjU/j13JC9N0e7J10thnPc5rkvYBWIE= X-Forefront-Antispam-Report: CIP:63.35.35.123;CTRY:IE;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:64aa7808-outbound-1.mta.getcheckrecipient.com;PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com;CAT:NONE;SFS:(13230025)(4636009)(346002)(136003)(39860400002)(396003)(376002)(451199018)(46966006)(40470700004)(36840700001)(44832011)(2906002)(5660300002)(1076003)(70586007)(8936002)(36756003)(26005)(4326008)(54906003)(41300700001)(70206006)(316002)(6916009)(40460700003)(40480700001)(8676002)(86362001)(7696005)(478600001)(966005)(82740400003)(107886003)(6666004)(81166007)(36860700001)(186003)(2616005)(47076005)(336012)(82310400005)(426003)(83380400001);DIR:OUT;SFP:1101; X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Mar 2023 14:53:13.1034 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 6370dcb7-7395-4ea1-3d41-08db20ae01e4 X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d;Ip=[63.35.35.123];Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com] X-MS-Exchange-CrossTenant-AuthSource: DBAEUR03FT015.eop-EUR03.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB3PR08MB8940 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230309_065321_775606_EAE97A3A X-CRM114-Status: GOOD ( 16.12 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Hi all, This series implements the Permission Indirection Extension introduced in 2022 VMSA enhancements [1]. The Permission Indirection Extension is a new way to set memory permissions. Instead of directly encoding the permission in the Page Table Entry (PTE), fields in the PTEs are used to index into an array of permissions specified in a register. This indirection provides greater flexibility, greater encoding density and enables the representation of new permissions. The PTEs bit that are repurposed for use with permission indirection are: 54 PTE_UXN 53 PTE_PXN 51 PTE_DBM 6 PTE_USER The way that PIE is implemented in this patchset is that the encodings are picked such that they match how Linux currently sets the bits in the PTEs, so none of the page table handling has changed. This means this patchset keeps the same functionality as currently implemented, but allows for future expansion. Enabling PIE is also a prerequisite for implementing the Guarded Control Stack Extension (GCS). Another related extension is the Permission Overlay Extension, which is not covered by this patch set, but is mentioned in patch 5 as half of PIE encoding values apply an overlay. However, since overlays are not currently enabled, they act as all the other permissions do. This first few patches are adding the new system registers, and cpufeature capabilities. Then KVM support for save/restore of the new registers is added. Finally the new Permission Indirection registers are set and the new feature is enabled. There's two series on the ML that conflict-ish, but I don't think either will tough to rework against: Kristina's series which changes how HCRX_EL2 works [2] Mark's commit to switch HFGxTR to automatic generation [3] Thanks, Joey [1] https://community.arm.com/arm-community-blogs/b/architectures-and-processors-blog/posts/arm-a-profile-architecture-2022 [2] https://lore.kernel.org/linux-arm-kernel/20230216160012.272345-1-kristina.martsenko@arm.com/ [3] https://lore.kernel.org/linux-arm-kernel/20230306-arm64-fgt-reg-gen-v1-1-95bc0c97cfed@kernel.org/ Joey Gouly (18): arm64/sysreg: Add ID register ID_AA64MMFR3 arm64/sysreg: add system registers TCR2_ELx arm64/sysreg: add TCR2En to HCRX_EL2 arm64/sysreg: add HFGxTR_EL2 bits for Permission Indirection Extension arm64/sysreg: add PIR*_ELx registers arm64: cpufeature: add system register ID_AA64MMFR3 arm64: cpufeature: add TCR2 cpucap arm64: cpufeature: add Permission Indirection Extension cpucap KVM: arm64: Save/restore TCR2_EL1 KVM: arm64: Save/restore PIE registers KVM: arm64: expose ID_AA64MMFR3_EL1 to guests arm64: add PTE_UXN/PTE_WRITE to SWAPPER_*_FLAGS arm64: add PTE_WRITE to PROT_SECT_NORMAL arm64: reorganise PAGE_/PROT_ macros arm64: disable EL2 traps for PIE arm64: add encodings of PIRx_ELx registers arm64: enable Permission Indirection Extension (PIE) arm64: transfer permission indirection settings to EL2 arch/arm64/include/asm/cpu.h | 1 + arch/arm64/include/asm/el2_setup.h | 27 ++++- arch/arm64/include/asm/kernel-pgtable.h | 4 +- arch/arm64/include/asm/kvm_host.h | 5 + arch/arm64/include/asm/pgtable-hwdef.h | 8 ++ arch/arm64/include/asm/pgtable-prot.h | 90 ++++++++++----- arch/arm64/include/asm/pgtable.h | 6 + arch/arm64/include/asm/sysreg.h | 23 ++++ arch/arm64/kernel/cpufeature.c | 32 ++++++ arch/arm64/kernel/cpuinfo.c | 1 + arch/arm64/kernel/head.S | 8 +- arch/arm64/kernel/hyp-stub.S | 18 +++ arch/arm64/kvm/hyp/include/hyp/sysreg-sr.h | 12 ++ arch/arm64/kvm/sys_regs.c | 2 +- arch/arm64/mm/proc.S | 17 ++- arch/arm64/tools/cpucaps | 2 + arch/arm64/tools/sysreg | 127 ++++++++++++++++++++- 17 files changed, 345 insertions(+), 38 deletions(-)