From patchwork Thu Feb 24 05:13:39 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Kalesh Singh <kaleshsingh@google.com>
X-Patchwork-Id: 12757844
Return-Path: 
 <linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from bombadil.infradead.org (bombadil.infradead.org
 [198.137.202.133])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.lore.kernel.org (Postfix) with ESMTPS id 2CC55C433EF
	for <linux-arm-kernel@archiver.kernel.org>;
 Thu, 24 Feb 2022 05:20:39 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20210309; h=Sender:
	Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post:
	List-Archive:List-Unsubscribe:List-Id:Cc:From:Subject:References:Mime-Version
	:Message-Id:In-Reply-To:Date:Reply-To:To:Content-ID:Content-Description:
	Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
	List-Owner; bh=6Z4ssShO2IP+BnwKABCQUI4tJWFg2je2s7F1CKK9xyY=; b=4oG+JYBaNSMiju
	HOPQcyxixnqTBP1m1klWl37I6u3XF2lyhjUvnIuH2uZFtVXTFbsLPjXq4beA1v84FVmmBhKKN14tj
	pKOWNAldRvcz0TTK6GbJaZzsEOX9BNSUPugymqSOTYD+EUku4jwIdTpqEaTdokusnHmEfG9B2a7fR
	YNH8GOy93Mo8l03r52GAhjoxz8VC+KCK6+aG+JP4OdYGplBBJ5YZlcEbmlZf+V/G/GbCyaJ2JB59o
	bY+zulSmBD6GtcgoFJwSsy3a8Oo2lwNz6+IZT1ESnl5/uWupxYXtbMHJtBtoUojqPREohoFZS3dtF
	W2ib6zl1vIxh1OSrT95w==;
Received: from localhost ([::1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux))
	id 1nN6XD-00GqUE-2z; Thu, 24 Feb 2022 05:19:23 +0000
Received: from mail-yw1-x114a.google.com ([2607:f8b0:4864:20::114a])
 by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux))
 id 1nN6X9-00GqSo-4s
 for linux-arm-kernel@lists.infradead.org; Thu, 24 Feb 2022 05:19:20 +0000
Received: by mail-yw1-x114a.google.com with SMTP id
 00721157ae682-2d6b6cf0cafso11163187b3.21
 for <linux-arm-kernel@lists.infradead.org>;
 Wed, 23 Feb 2022 21:19:18 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=20210112;
 h=date:in-reply-to:message-id:mime-version:references:subject:from:cc;
 bh=Sc96glvxYslSfkQXo+KXiEGMpwz7KGQFqK1SBX4eD7A=;
 b=B8lXlAgDd0kVzKodKmL9JcM1dcJSITQumRTkFniujZawZDAhk4wZn+DpIQLhUYO/ch
 /iD4fAJgbvRXUaHirgctgj7pLUQblkrrsAEJMibl5VJvqZTLUgl49dAk/yK8WdVz6O83
 u40dS8aCwVHlq3RLEMzMPcZbJLQzQK8GbGi9dh9cBMwbfhbfitEzE3/zjkDAaPEfZ/kf
 tG4sTtq9tpZQfTqmU+TA7/OqoQH7nrxa151lCTPVRM1WDtWmB9kRigE239E2/Tc9/Jqz
 41uBcTKbyjiUJdTcleBYvwYHxaKNIGvnY6iTRF8DBO069ux3kEvruXCti9dxa2D7yM4V
 im7A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:date:in-reply-to:message-id:mime-version
 :references:subject:from:cc;
 bh=Sc96glvxYslSfkQXo+KXiEGMpwz7KGQFqK1SBX4eD7A=;
 b=QQAyNxJUnQ/zK7KkUue7q/VW5LUQyUGtwZWtiJV/807CYr7bZlCEg5oy6AbtnKvOlB
 /qaCcM3V9rVizy7R5a41Cbs0XBvKiI/RS4BEXopHYQlg1w26ihkmKUQzojFHTKxJGvnG
 UhfVduXMMwUM9Z6dIplJ0yNYpVPrgQkfdTYSE0tCdnh0tTl4cHep2GMMrtzq/63vjIk1
 tuPJAI4kXSqtmSaY7pW8d8pnx3yM0IM+Wx6rM+1hyhW4jRlrBJBO7JqlF4/25oCO+G30
 +H+Y4yACEoMaP8iB++Bwaxv/fQ9eaXyhXmDFPB46CHiKf1SSdBdEIiys+CPU4kjO0i5K
 sGGg==
X-Gm-Message-State: AOAM532EddIhEqWA+eZzak2iZhMr+qSaANZwDfCUAO/jRfE31Q0nzocV
 g+5vnYWWGljNMGzaPhDQEakcjeqRjQa3m+ElpQ==
X-Google-Smtp-Source: 
 ABdhPJzBUzrWz/IzDAYDQ8eab8JhoYZDYi700gxVQBn86Vj1XDP4YQZMrJTSKaYcX0VoNCNeGZXoRp+1Cxz/wmOKKw==
X-Received: from kaleshsingh.mtv.corp.google.com
 ([2620:15c:211:200:415c:9be0:c461:440a])
 (user=kaleshsingh job=sendgmr) by 2002:a25:d449:0:b0:619:c1f1:928b with SMTP
 id m70-20020a25d449000000b00619c1f1928bmr968656ybf.19.1645679957716; Wed, 23
 Feb 2022 21:19:17 -0800 (PST)
Date: Wed, 23 Feb 2022 21:13:39 -0800
In-Reply-To: <20220224051439.640768-1-kaleshsingh@google.com>
Message-Id: <20220224051439.640768-5-kaleshsingh@google.com>
Mime-Version: 1.0
References: <20220224051439.640768-1-kaleshsingh@google.com>
X-Mailer: git-send-email 2.35.1.473.g83b2b277ed-goog
Subject: [PATCH v3 4/8] KVM: arm64: Add guard pages for pKVM (protected nVHE)
 hypervisor stack
From: Kalesh Singh <kaleshsingh@google.com>
Cc: will@kernel.org, maz@kernel.org, qperret@google.com, tabba@google.com,
 surenb@google.com, kernel-team@android.com,
 Kalesh Singh <kaleshsingh@google.com>, James Morse <james.morse@arm.com>,
 Alexandru Elisei <alexandru.elisei@arm.com>,
 Suzuki K Poulose <suzuki.poulose@arm.com>,
 Catalin Marinas <catalin.marinas@arm.com>,
 Mark Rutland <mark.rutland@arm.com>,
 Mark Brown <broonie@kernel.org>, Masami Hiramatsu <mhiramat@kernel.org>,
 Peter Collingbourne <pcc@google.com>,
 "Madhavan T. Venkataraman" <madvenka@linux.microsoft.com>,
 Andrew Scull <ascull@google.com>, linux-arm-kernel@lists.infradead.org,
 kvmarm@lists.cs.columbia.edu, linux-kernel@vger.kernel.org
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20220223_211919_229309_0C1D965E 
X-CRM114-Status: GOOD (  13.96  )
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: 
 <http://lists.infradead.org/mailman/options/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: 
 <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org

Maps the stack pages in the flexible private VA range and allocates
guard pages below the stack as unbacked VA space. The stack is aligned
to twice its size to aid overflow detection (implemented in a subsequent
patch in the series).

Signed-off-by: Kalesh Singh <kaleshsingh@google.com>
---

Changes in v3:
  - Handle null ptr in IS_ERR_OR_NULL checks, per Mark

 arch/arm64/kvm/hyp/nvhe/setup.c | 25 +++++++++++++++++++++----
 1 file changed, 21 insertions(+), 4 deletions(-)

diff --git a/arch/arm64/kvm/hyp/nvhe/setup.c b/arch/arm64/kvm/hyp/nvhe/setup.c
index 27af337f9fea..5f3a4002f9c5 100644
--- a/arch/arm64/kvm/hyp/nvhe/setup.c
+++ b/arch/arm64/kvm/hyp/nvhe/setup.c
@@ -105,11 +105,28 @@ static int recreate_hyp_mappings(phys_addr_t phys, unsigned long size,
 		if (ret)
 			return ret;
 
-		end = (void *)per_cpu_ptr(&kvm_init_params, i)->stack_hyp_va;
+		/*
+		 * Private mappings are allocated upwards from __io_map_base
+		 * so allocate the guard page first then the stack.
+		 */
+		start = (void *)pkvm_alloc_private_va_range(PAGE_SIZE, PAGE_SIZE);
+		if (IS_ERR_OR_NULL(start))
+			return start ? PTR_ERR(start) : -ENOMEM;
+
+		/*
+		 * The stack is aligned to twice its size to facilitate overflow
+		 * detection.
+		 */
+		end = (void *)per_cpu_ptr(&kvm_init_params, i)->stack_pa;
 		start = end - PAGE_SIZE;
-		ret = pkvm_create_mappings(start, end, PAGE_HYP);
-		if (ret)
-			return ret;
+		start = (void *)__pkvm_create_private_mapping((phys_addr_t)start,
+					PAGE_SIZE, PAGE_SIZE * 2, PAGE_HYP);
+		if (IS_ERR_OR_NULL(start))
+			return start ? PTR_ERR(start) : -ENOMEM;
+		end = start + PAGE_SIZE;
+
+		/* Update stack_hyp_va to end of the stack's private VA range */
+		per_cpu_ptr(&kvm_init_params, i)->stack_hyp_va = (unsigned long) end;
 	}
 
 	/*