From patchwork Fri Oct 4 14:42:55 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steven Price X-Patchwork-Id: 13822504 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 6860FCF8842 for ; Fri, 4 Oct 2024 14:46:25 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Owner; bh=ICUcss33dJaD5lFifbvyMymFQWeVHlSYs6HFoY0GuQ4=; b=uovNAyZVhN6drRWfTc6fZSz22n /D0MSmAs1ekmsN5Z8wqlnHH3tBD66e5tSInEsDBtnMrhb6W6n/jTYr0pjuVTrMaxqnlpiAZ8PfqBT TYjTCMf2tavGV1BYQNlEvDlhXjYUARLfFOXUV4g2f2XN6KDwzIjXt2rjxxrxqnos3rpBgHSxAyXIW mYlY8XHd/0KnaeXQRKaRIkwqRXqSUon1xc2S7LdehH5b9fx4QOVEi32tuDrX5lMDJBcUyZeDb7Zwi ePpM8THmj3K1k83Zi5F3A7fTMkGaC0ZaAmstBFNcJkBViof7LT3aEuLD1g0Q4+UF6/3UIseDKSqP+ VRWmt6Rw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1swjZN-0000000Cq3H-15WN; Fri, 04 Oct 2024 14:46:13 +0000 Received: from foss.arm.com ([217.140.110.172]) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1swjWn-0000000CpE1-2zj2 for linux-arm-kernel@lists.infradead.org; Fri, 04 Oct 2024 14:43:36 +0000 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 1388A339; Fri, 4 Oct 2024 07:43:56 -0700 (PDT) Received: from e122027.cambridge.arm.com (unknown [10.1.25.25]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 2305E3F58B; Fri, 4 Oct 2024 07:43:21 -0700 (PDT) From: Steven Price To: kvm@vger.kernel.org, kvmarm@lists.linux.dev Cc: Steven Price , Catalin Marinas , Marc Zyngier , Will Deacon , James Morse , Oliver Upton , Suzuki K Poulose , Zenghui Yu , linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, Joey Gouly , Alexandru Elisei , Christoffer Dall , Fuad Tabba , linux-coco@lists.linux.dev, Ganapatrao Kulkarni , Gavin Shan , Shanker Donthineni , Alper Gun , Dan Williams , "Aneesh Kumar K . V" Subject: [PATCH v6 00/11] arm64: Support for running as a guest in Arm CCA Date: Fri, 4 Oct 2024 15:42:55 +0100 Message-Id: <20241004144307.66199-1-steven.price@arm.com> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241004_074333_864082_46574A05 X-CRM114-Status: GOOD ( 25.36 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org This series adds support for running Linux in a protected VM under the Arm Confidential Compute Architecture (CCA). This is a trimmed down series following the feedback from the v5 posting[1]. Thanks for the feedback! Individual patches have a change log. But things to highlight: * Some patches have been merged already. The first two patches from v4 were borrowed from pKVM were merged as part of that series. The GIC ITS patches[2][3] have been merged via the tip tree. * Final RMM v1.0 spec[4] - only minor changes over the previous spec, but we've now got a proper release. * Probing/initialisation of the RMM is now done later. This means there's no need for finding the PSCI conduit and can drop the patch for that. * The patches for set_fixmap_io() is also gone - we the RMM is detected later it's now too late for earlycon. See below for instructions on how to use earlycon. * Mainline no longer uses PHYS_MASK_SHIFT for manipulating PTEs, so we can drop the patch for making that dynamic. * There's now some documentation! In particular this clarifies a change in the boot requirements - memory must now be RIPAS RAM for a realm guest. This series is based on v6.12-rc1. Testing ======= Since a couple of the patches have been merged separately, and there was also a bug[5] in -rc1 which impacts 9p filesystems, I've provided the below git tree with everything you need for a CCA guest: https://gitlab.arm.com/linux-arm/linux-cca cca-guest/v6 Back by popular demand is also a tree with both host and guest changes: https://gitlab.arm.com/linux-arm/linux-cca cca-full/v5+v6 (I'll post the v5 series of the host changes shortly) You will also need an up-to-date RMM - the necessary changes have been merged into the 'main' branch of upstream: https://git.trustedfirmware.org/TF-RMM/tf-rmm.git main And you also need an updated kvmtool, there's a branch with the necessary changes here: https://git.gitlab.arm.com/linux-arm/kvmtool-cca.git cca/v3 earlycon -------- If using 'earlycon' on the kernel command line it is now necessary to pass the address of the serial port *in the unprotected IPA*. This is because the fixmap changes were dropped (due to the late probing of the RMM). E.g. for kvmtool you will need: earlycon=uart,mmio,0x101000000 This is the main drawback to late probing. One potential improvement would be an option like "earlycon=realm" to identify that the earlycon uart is in the unprotected space without having to know the actual IPA. I've left this out for now as I'm not sure whether there is any actual interest in this. [1] https://lore.kernel.org/r/20240819131924.372366-1-steven.price%40arm.com [2] e36d4165f079 ("irqchip/gic-v3-its: Rely on genpool alignment") [3] b08e2f42e86b ("irqchip/gic-v3-its: Share ITS tables with a non-trusted hypervisor") [4] https://developer.arm.com/documentation/den0137/1-0rel0/ [5] https://lore.kernel.org/all/cbaf141ba6c0e2e209717d02746584072844841a.1727722269.git.osandov@fb.com/ Sami Mujawar (1): virt: arm-cca-guest: TSM_REPORT support for realms Steven Price (4): arm64: realm: Query IPA size from the RMM arm64: Enforce bounce buffers for realm DMA arm64: mm: Avoid TLBI when marking pages as valid arm64: Document Arm Confidential Compute Suzuki K Poulose (6): arm64: rsi: Add RSI definitions arm64: Detect if in a realm and set RIPAS RAM arm64: rsi: Add support for checking whether an MMIO is protected arm64: rsi: Map unprotected MMIO as decrypted efi: arm64: Map Device with Prot Shared arm64: Enable memory encrypt for Realms Documentation/arch/arm64/arm-cca.rst | 67 ++++++ Documentation/arch/arm64/booting.rst | 3 + Documentation/arch/arm64/index.rst | 1 + arch/arm64/Kconfig | 3 + arch/arm64/include/asm/io.h | 8 + arch/arm64/include/asm/mem_encrypt.h | 9 + arch/arm64/include/asm/pgtable-prot.h | 4 + arch/arm64/include/asm/pgtable.h | 5 + arch/arm64/include/asm/rsi.h | 68 ++++++ arch/arm64/include/asm/rsi_cmds.h | 160 +++++++++++++ arch/arm64/include/asm/rsi_smc.h | 193 ++++++++++++++++ arch/arm64/include/asm/set_memory.h | 3 + arch/arm64/kernel/Makefile | 3 +- arch/arm64/kernel/efi.c | 12 +- arch/arm64/kernel/rsi.c | 141 ++++++++++++ arch/arm64/kernel/setup.c | 3 + arch/arm64/mm/init.c | 10 +- arch/arm64/mm/pageattr.c | 98 +++++++- drivers/virt/coco/Kconfig | 2 + drivers/virt/coco/Makefile | 1 + drivers/virt/coco/arm-cca-guest/Kconfig | 11 + drivers/virt/coco/arm-cca-guest/Makefile | 2 + .../virt/coco/arm-cca-guest/arm-cca-guest.c | 211 ++++++++++++++++++ 23 files changed, 1010 insertions(+), 8 deletions(-) create mode 100644 Documentation/arch/arm64/arm-cca.rst create mode 100644 arch/arm64/include/asm/rsi.h create mode 100644 arch/arm64/include/asm/rsi_cmds.h create mode 100644 arch/arm64/include/asm/rsi_smc.h create mode 100644 arch/arm64/kernel/rsi.c create mode 100644 drivers/virt/coco/arm-cca-guest/Kconfig create mode 100644 drivers/virt/coco/arm-cca-guest/Makefile create mode 100644 drivers/virt/coco/arm-cca-guest/arm-cca-guest.c