| Message ID | 20210729132818.4091769-14-qperret@google.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | Track shared pages at EL2 in protected mode | expand |
Hi Quentin, On Thu, Jul 29, 2021 at 3:28 PM Quentin Perret <qperret@google.com> wrote: > > We will need to manipulate the host stage-2 page-table from outside > mem_protect.c soon. Introduce two functions allowing this, and make > them usable to users of mem_protect.h. > > Signed-off-by: Quentin Perret <qperret@google.com> > --- > arch/arm64/kvm/hyp/include/nvhe/mem_protect.h | 2 ++ > arch/arm64/kvm/hyp/nvhe/mem_protect.c | 17 ++++++++++++++++- > 2 files changed, 18 insertions(+), 1 deletion(-) > > diff --git a/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h b/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h > index ae355bfd8c01..47c2a0c51612 100644 > --- a/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h > +++ b/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h > @@ -49,6 +49,8 @@ extern struct host_kvm host_kvm; > int __pkvm_prot_finalize(void); > int __pkvm_mark_hyp(phys_addr_t start, phys_addr_t end); > > +int host_stage2_idmap_locked(u64 start, u64 end, enum kvm_pgtable_prot prot); > +int host_stage2_set_owner_locked(u64 start, u64 end, u8 owner_id); > int kvm_host_prepare_stage2(void *pgt_pool_base); > void handle_host_mem_abort(struct kvm_cpu_context *host_ctxt); > > diff --git a/arch/arm64/kvm/hyp/nvhe/mem_protect.c b/arch/arm64/kvm/hyp/nvhe/mem_protect.c > index 70c57d2c3024..a7f6134789e0 100644 > --- a/arch/arm64/kvm/hyp/nvhe/mem_protect.c > +++ b/arch/arm64/kvm/hyp/nvhe/mem_protect.c > @@ -272,6 +272,21 @@ static int host_stage2_adjust_range(u64 addr, struct kvm_mem_range *range) > return 0; > } > > +int host_stage2_idmap_locked(u64 start, u64 end, enum kvm_pgtable_prot prot) > +{ > + hyp_assert_lock_held(&host_kvm.lock); > + > + return host_stage2_try(__host_stage2_idmap, start, end, prot); > +} > + > +int host_stage2_set_owner_locked(u64 start, u64 end, u8 owner_id) > +{ > + hyp_assert_lock_held(&host_kvm.lock); > + > + return host_stage2_try(kvm_pgtable_stage2_set_owner, &host_kvm.pgt, > + start, end - start, &host_s2_pool, owner_id); > +} This is a potential issue elsewhere as well, but all functions in kvm_pgtable.h, including kvm_pgtable_stage2_set_owner, specify an address range via address and size. The two you have introduced here take a start and an end. I'm not sure if making these two consistent with the ones in kvm_pgtable.h would be good, or would just complicate things in other places. Thanks, /fuad > static bool host_stage2_force_pte_cb(u64 addr, u64 end, enum kvm_pgtable_prot prot) > { > /* > @@ -309,7 +324,7 @@ static int host_stage2_idmap(u64 addr) > if (ret) > goto unlock; > > - ret = host_stage2_try(__host_stage2_idmap, range.start, range.end, prot); > + ret = host_stage2_idmap_locked(range.start, range.end, prot); > unlock: > hyp_spin_unlock(&host_kvm.lock); > > -- > 2.32.0.432.gabb21c7263-goog >
On Monday 02 Aug 2021 at 13:13:20 (+0200), Fuad Tabba wrote: > Hi Quentin, > > On Thu, Jul 29, 2021 at 3:28 PM Quentin Perret <qperret@google.com> wrote: > > > > We will need to manipulate the host stage-2 page-table from outside > > mem_protect.c soon. Introduce two functions allowing this, and make > > them usable to users of mem_protect.h. > > > > Signed-off-by: Quentin Perret <qperret@google.com> > > --- > > arch/arm64/kvm/hyp/include/nvhe/mem_protect.h | 2 ++ > > arch/arm64/kvm/hyp/nvhe/mem_protect.c | 17 ++++++++++++++++- > > 2 files changed, 18 insertions(+), 1 deletion(-) > > > > diff --git a/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h b/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h > > index ae355bfd8c01..47c2a0c51612 100644 > > --- a/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h > > +++ b/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h > > @@ -49,6 +49,8 @@ extern struct host_kvm host_kvm; > > int __pkvm_prot_finalize(void); > > int __pkvm_mark_hyp(phys_addr_t start, phys_addr_t end); > > > > +int host_stage2_idmap_locked(u64 start, u64 end, enum kvm_pgtable_prot prot); > > +int host_stage2_set_owner_locked(u64 start, u64 end, u8 owner_id); > > int kvm_host_prepare_stage2(void *pgt_pool_base); > > void handle_host_mem_abort(struct kvm_cpu_context *host_ctxt); > > > > diff --git a/arch/arm64/kvm/hyp/nvhe/mem_protect.c b/arch/arm64/kvm/hyp/nvhe/mem_protect.c > > index 70c57d2c3024..a7f6134789e0 100644 > > --- a/arch/arm64/kvm/hyp/nvhe/mem_protect.c > > +++ b/arch/arm64/kvm/hyp/nvhe/mem_protect.c > > @@ -272,6 +272,21 @@ static int host_stage2_adjust_range(u64 addr, struct kvm_mem_range *range) > > return 0; > > } > > > > +int host_stage2_idmap_locked(u64 start, u64 end, enum kvm_pgtable_prot prot) > > +{ > > + hyp_assert_lock_held(&host_kvm.lock); > > + > > + return host_stage2_try(__host_stage2_idmap, start, end, prot); > > +} > > + > > +int host_stage2_set_owner_locked(u64 start, u64 end, u8 owner_id) > > +{ > > + hyp_assert_lock_held(&host_kvm.lock); > > + > > + return host_stage2_try(kvm_pgtable_stage2_set_owner, &host_kvm.pgt, > > + start, end - start, &host_s2_pool, owner_id); > > +} > > This is a potential issue elsewhere as well, but all functions in > kvm_pgtable.h, including kvm_pgtable_stage2_set_owner, specify an > address range via address and size. The two you have introduced here > take a start and an end. I'm not sure if making these two consistent > with the ones in kvm_pgtable.h would be good, or would just complicate > things in other places. Good point, and it looks like specifying these two with start-size parameters would simplify the callers a tiny bit as well, so I'll fold that in v4. Thanks, Quentin
diff --git a/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h b/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h index ae355bfd8c01..47c2a0c51612 100644 --- a/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h +++ b/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h @@ -49,6 +49,8 @@ extern struct host_kvm host_kvm; int __pkvm_prot_finalize(void); int __pkvm_mark_hyp(phys_addr_t start, phys_addr_t end); +int host_stage2_idmap_locked(u64 start, u64 end, enum kvm_pgtable_prot prot); +int host_stage2_set_owner_locked(u64 start, u64 end, u8 owner_id); int kvm_host_prepare_stage2(void *pgt_pool_base); void handle_host_mem_abort(struct kvm_cpu_context *host_ctxt); diff --git a/arch/arm64/kvm/hyp/nvhe/mem_protect.c b/arch/arm64/kvm/hyp/nvhe/mem_protect.c index 70c57d2c3024..a7f6134789e0 100644 --- a/arch/arm64/kvm/hyp/nvhe/mem_protect.c +++ b/arch/arm64/kvm/hyp/nvhe/mem_protect.c @@ -272,6 +272,21 @@ static int host_stage2_adjust_range(u64 addr, struct kvm_mem_range *range) return 0; } +int host_stage2_idmap_locked(u64 start, u64 end, enum kvm_pgtable_prot prot) +{ + hyp_assert_lock_held(&host_kvm.lock); + + return host_stage2_try(__host_stage2_idmap, start, end, prot); +} + +int host_stage2_set_owner_locked(u64 start, u64 end, u8 owner_id) +{ + hyp_assert_lock_held(&host_kvm.lock); + + return host_stage2_try(kvm_pgtable_stage2_set_owner, &host_kvm.pgt, + start, end - start, &host_s2_pool, owner_id); +} + static bool host_stage2_force_pte_cb(u64 addr, u64 end, enum kvm_pgtable_prot prot) { /* @@ -309,7 +324,7 @@ static int host_stage2_idmap(u64 addr) if (ret) goto unlock; - ret = host_stage2_try(__host_stage2_idmap, range.start, range.end, prot); + ret = host_stage2_idmap_locked(range.start, range.end, prot); unlock: hyp_spin_unlock(&host_kvm.lock);
We will need to manipulate the host stage-2 page-table from outside mem_protect.c soon. Introduce two functions allowing this, and make them usable to users of mem_protect.h. Signed-off-by: Quentin Perret <qperret@google.com> --- arch/arm64/kvm/hyp/include/nvhe/mem_protect.h | 2 ++ arch/arm64/kvm/hyp/nvhe/mem_protect.c | 17 ++++++++++++++++- 2 files changed, 18 insertions(+), 1 deletion(-)