From patchwork Mon Nov 16 20:43:17 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: David Brazdil <dbrazdil@google.com>
X-Patchwork-Id: 11910829
Return-Path: 
 <SRS0=N9fY=EW=lists.infradead.org=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-12.7 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH,
	DKIM_ADSP_CUSTOM_MED,DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,
	INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS,
	URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no
	version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id C2A2BC2D0A3
	for <linux-arm-kernel@archiver.kernel.org>;
 Mon, 16 Nov 2020 20:50:32 +0000 (UTC)
Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 4925422240
	for <linux-arm-kernel@archiver.kernel.org>;
 Mon, 16 Nov 2020 20:50:32 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=lists.infradead.org
 header.i=@lists.infradead.org header.b="jsVetQa3";
	dkim=fail reason="signature verification failed" (2048-bit key)
 header.d=google.com header.i=@google.com header.b="DYutyy1H"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 4925422240
Authentication-Results: mail.kernel.org;
 dmarc=fail (p=reject dis=none) header.from=google.com
Authentication-Results: mail.kernel.org;
 spf=none
 smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding:
	Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive:
	List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To:Message-Id:Date:
	Subject:To:From:Reply-To:Content-ID:Content-Description:Resent-Date:
	Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner;
	 bh=lpwG2sy4F0pY2TdFbODUl59PP2RkNpCFpDkvKu8LirM=; b=jsVetQa3hlI4oBId04LaUNO2K
	YPE889ovsCkT5mODaLd+aT3bvEVU+8YFM1HiaVkCthXVdub8gyGnbv3Jzee+DjOJ/W2vQqpvjnRMm
	jQJSXhlSVSjAShuvag1/HOD3gN5Ov9Vuh8M68Q3sxyTZt9t8n1IJ+XKAeBExYFMB2FgN3d+xmKiW3
	M2gSxJbx/uaCzowuUql8+Egen2Lxlo2rGykX1dkGdnHrN1esseGL66y1SKN8JhL+eH3NiBVZKsIft
	F/rPdcmeXB0FAClIL3CMkv7lctHpdGU6V6YW+2yPygQzduUQKIlxMqGtjXdEN1Aiur8R3Lq2Db3JC
	USGmILsJw==;
Received: from localhost ([::1] helo=merlin.infradead.org)
	by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux))
	id 1kelRA-0001q1-9i; Mon, 16 Nov 2020 20:49:20 +0000
Received: from mail-wr1-x442.google.com ([2a00:1450:4864:20::442])
 by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux))
 id 1kelMD-0007tf-Ae
 for linux-arm-kernel@lists.infradead.org; Mon, 16 Nov 2020 20:44:14 +0000
Received: by mail-wr1-x442.google.com with SMTP id l1so20263857wrb.9
 for <linux-arm-kernel@lists.infradead.org>;
 Mon, 16 Nov 2020 12:44:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=20161025;
 h=from:to:cc:subject:date:message-id:in-reply-to:references
 :mime-version:content-transfer-encoding;
 bh=KtB5sPKsaVMjkTlNdBqDpEGo098qw09j+i3Z5Xs2hSw=;
 b=DYutyy1HqPCDja8Fp8dsSh0JlC9LbqEgiEbQIhWzqPcsDwg/xKHGrSfW3MbBbyB+k6
 +OLah190dkiiAJu0Ef8W2W0ncK8uuz7wQCbWDr40UvqdBdpPm8TTe57No5c0axWRpmg6
 zvY/wffF+zmvcUPavFr0fD8dOxI40jtmBrL8pvhyy3KuetgOHyhlxPziQ60F4pRT9P/B
 YcEMubFsjRxvzkb29QXsoci4MnnDb4NTyHMwXKxaQhx6wgk2I2IHE84BrzCzq6zsqy/M
 nU3G247PKNZ7iZrg2o+vobTHlozFBFClRqO0GEQ8ANhWyvw9asJT7lclqWe0qdouOPDP
 KrLg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
 :references:mime-version:content-transfer-encoding;
 bh=KtB5sPKsaVMjkTlNdBqDpEGo098qw09j+i3Z5Xs2hSw=;
 b=KHJ5kPcQSz14pFEpvYFxbbTV44KdqMdW+azEImyRZqq4YdzdFzn9+ot0uOkUXpeuyN
 AYkJQfPjLRx2AYwFXJBI6fSANKToExnLMxK5+7/shp49yV0jYFKRBRR97D9DvfU2HpZo
 rXq61i20E0nzrPKZUwPcp5q5DrVD2FaCPJTLf8h1iU+5Y3Nu1mJNlz4CMUZYXkgWuyQR
 vvD7cND/H5NQTiZpGTrJqLGC6UpeyIdqKeg52JtrVkCj2Jq04DEwVSrVawfS1xn8QlcI
 g1ifwzX0Iktn9x4gjJhkF7lXxVuezEXyBMbs780zWY6DDlfD3HiX1AwSzSpcQ9LBkevU
 C/WQ==
X-Gm-Message-State: AOAM531MWUtDIfLmibEr+CysBf9T5lomlzGbR8A18w26E32TGtTSQfzJ
 IppZviaEoEx7SXjUefw+2YxzTA==
X-Google-Smtp-Source: 
 ABdhPJx1HgnqKn++tPc87uOPV5b9fELqudb5dvsj8gYthPb6holMli/dlgYsKvNk0U5DwzPGjnYS1Q==
X-Received: by 2002:adf:dc47:: with SMTP id m7mr21295036wrj.21.1605559451624;
 Mon, 16 Nov 2020 12:44:11 -0800 (PST)
Received: from localhost ([2a01:4b00:8523:2d03:bc40:bd71:373a:1b33])
 by smtp.gmail.com with ESMTPSA id z3sm23265729wrw.87.2020.11.16.12.44.10
 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
 Mon, 16 Nov 2020 12:44:10 -0800 (PST)
From: David Brazdil <dbrazdil@google.com>
To: kvmarm@lists.cs.columbia.edu
Subject: [PATCH v2 23/24] kvm: arm64: Trap host SMCs in protected mode.
Date: Mon, 16 Nov 2020 20:43:17 +0000
Message-Id: <20201116204318.63987-24-dbrazdil@google.com>
X-Mailer: git-send-email 2.29.2
In-Reply-To: <20201116204318.63987-1-dbrazdil@google.com>
References: <20201116204318.63987-1-dbrazdil@google.com>
MIME-Version: 1.0
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20201116_154413_516866_F929A6D4 
X-CRM114-Status: GOOD (  16.49  )
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: 
 <http://lists.infradead.org/mailman/options/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: 
 <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Cc: Mark Rutland <mark.rutland@arm.com>, kernel-team@android.com,
 Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>,
 Andrew Walbran <qwandor@google.com>,
 Suzuki K Poulose <suzuki.poulose@arm.com>,
 Marc Zyngier <maz@kernel.org>, Quentin Perret <qperret@google.com>,
 linux-kernel@vger.kernel.org, James Morse <james.morse@arm.com>,
 linux-arm-kernel@lists.infradead.org,
 Catalin Marinas <catalin.marinas@arm.com>, Tejun Heo <tj@kernel.org>,
 Dennis Zhou <dennis@kernel.org>, Christoph Lameter <cl@linux.com>,
 David Brazdil <dbrazdil@google.com>, Will Deacon <will@kernel.org>,
 Julien Thierry <julien.thierry.kdev@gmail.com>,
 Andrew Scull <ascull@google.com>
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org

While protected nVHE KVM is installed, start trapping all host SMCs.
By default, these are simply forwarded to EL3, but PSCI SMCs are
validated first.

Create new constant HCR_HOST_NVHE_PROTECTED_FLAGS with the new set of HCR
flags to use while the nVHE vector is installed when the kernel was
booted with the protected flag enabled. Switch back to the default HCR
flags when switching back to the stub vector.

Signed-off-by: David Brazdil <dbrazdil@google.com>
---
 arch/arm64/include/asm/kvm_arm.h   |  1 +
 arch/arm64/kvm/hyp/nvhe/hyp-init.S | 12 ++++++++++++
 arch/arm64/kvm/hyp/nvhe/switch.c   |  5 ++++-
 3 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/arch/arm64/include/asm/kvm_arm.h b/arch/arm64/include/asm/kvm_arm.h
index 64ce29378467..4e90c2debf70 100644
--- a/arch/arm64/include/asm/kvm_arm.h
+++ b/arch/arm64/include/asm/kvm_arm.h
@@ -80,6 +80,7 @@
 			 HCR_FMO | HCR_IMO | HCR_PTW )
 #define HCR_VIRT_EXCP_MASK (HCR_VSE | HCR_VI | HCR_VF)
 #define HCR_HOST_NVHE_FLAGS (HCR_RW | HCR_API | HCR_APK | HCR_ATA)
+#define HCR_HOST_NVHE_PROTECTED_FLAGS (HCR_HOST_NVHE_FLAGS | HCR_TSC)
 #define HCR_HOST_VHE_FLAGS (HCR_RW | HCR_TGE | HCR_E2H)
 
 /* TCR_EL2 Registers bits */
diff --git a/arch/arm64/kvm/hyp/nvhe/hyp-init.S b/arch/arm64/kvm/hyp/nvhe/hyp-init.S
index 6d8202d2bdfb..8f3602f320ac 100644
--- a/arch/arm64/kvm/hyp/nvhe/hyp-init.S
+++ b/arch/arm64/kvm/hyp/nvhe/hyp-init.S
@@ -88,6 +88,12 @@ SYM_CODE_END(__kvm_hyp_init)
  * x0: struct kvm_nvhe_init_params PA
  */
 SYM_CODE_START(___kvm_hyp_init)
+alternative_if ARM64_PROTECTED_KVM
+	mov_q	x1, HCR_HOST_NVHE_PROTECTED_FLAGS
+	msr	hcr_el2, x1
+	isb
+alternative_else_nop_endif
+
 	ldr	x1, [x0, #NVHE_INIT_TPIDR_EL2]
 	msr	tpidr_el2, x1
 
@@ -224,6 +230,12 @@ reset:
 	msr	sctlr_el2, x5
 	isb
 
+alternative_if ARM64_PROTECTED_KVM
+	mov_q	x5, HCR_HOST_NVHE_FLAGS
+	msr	hcr_el2, x5
+	isb
+alternative_else_nop_endif
+
 	/* Install stub vectors */
 	adr_l	x5, __hyp_stub_vectors
 	msr	vbar_el2, x5
diff --git a/arch/arm64/kvm/hyp/nvhe/switch.c b/arch/arm64/kvm/hyp/nvhe/switch.c
index 8ae8160bc93a..e1f8e0797144 100644
--- a/arch/arm64/kvm/hyp/nvhe/switch.c
+++ b/arch/arm64/kvm/hyp/nvhe/switch.c
@@ -96,7 +96,10 @@ static void __deactivate_traps(struct kvm_vcpu *vcpu)
 	mdcr_el2 |= MDCR_EL2_E2PB_MASK << MDCR_EL2_E2PB_SHIFT;
 
 	write_sysreg(mdcr_el2, mdcr_el2);
-	write_sysreg(HCR_HOST_NVHE_FLAGS, hcr_el2);
+	if (is_protected_kvm_enabled())
+		write_sysreg(HCR_HOST_NVHE_PROTECTED_FLAGS, hcr_el2);
+	else
+		write_sysreg(HCR_HOST_NVHE_FLAGS, hcr_el2);
 	write_sysreg(CPTR_EL2_DEFAULT, cptr_el2);
 	write_sysreg(__kvm_hyp_host_vector, vbar_el2);
 }