From patchwork Fri Nov 4 01:10:39 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Collingbourne X-Patchwork-Id: 13031161 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id B3F23C433FE for ; Fri, 4 Nov 2022 01:13:15 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Cc:To:From:Subject:References: Mime-Version:Message-Id:In-Reply-To:Date:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=e8fLa+qRsvRsz5Gy0HWNyFjehOmAKHWam9Tl4J45MvU=; b=LVwBccZlL6lGo7Lk1wzwAnp2Vv RrO2y955v58Ysb27sj423IqpsMJQT8PHujRd0GAJierK6K7eHQYe5hkVJ528NXaEtyiGkXJoo6R21 RRs/Zfeu6baRbmHTcJXZCM7iYkhfowiIWzwhhkMqPTiePBCHvCGav2kX2LEPMNVvES6CS8KLKogBU S+s3LoRkJCN28IX8WkEDcWvbzn5yjD3dB5dwh4YVCg+JbidGm7bxJxwxyE5f4tIBQ7ZD9QCCSnO4U T1Izqf52j61SGXLT45ZidfguWneTZv9zRCWQckBXaX1UQG1+hxMGo88NpF/OMJRZpvKf/JyVG9yFv tqycf2jg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1oqlFg-0024rQ-49; Fri, 04 Nov 2022 01:12:08 +0000 Received: from mail-yw1-x114a.google.com ([2607:f8b0:4864:20::114a]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1oqlEp-0024aN-SL for linux-arm-kernel@lists.infradead.org; Fri, 04 Nov 2022 01:11:17 +0000 Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-36fc0644f51so33296237b3.17 for ; Thu, 03 Nov 2022 18:11:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=rRZNXnAdmysY3G3Cnao0EYe4NJ/aofq02IxKvLoVlH8=; b=TAcPtBFW9pu2h04dOJP3ktSg/vWQP253G1X1Mp4rOUqMYppLxgwjzRSAU2BEPxrBuk D79mj3W8lxGP+YQF0QWhctr5CRqqVY/jWBFNL8M8Q2F0S5joY/Upr0pYFRzgCp5c0fCq 6zS9kPogeqSemrBgnSVyGQ/LvDNYHqaqXUC6w/hFbcgo1GgqT6J/ItAKbEN0OV8T5AG6 kD6Pijo34xCrWzCSI55GvKl7V03XxC4j8dDpqFXv8Doc81ApggRPbcolAirWEmENC1KF rwI5TdfslMbJDhiRERIa3DbqamzXk1McZwEGIi6poQKuJXyL46MtWR88xgYeEhD6ryAf WwrQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=rRZNXnAdmysY3G3Cnao0EYe4NJ/aofq02IxKvLoVlH8=; b=ZXslzggxEZQBVcl0nVbkimqQTMYLOl4aWIDjTqf0Z6OmIowasz7JKe9ekYHbJoIjAP UncTpdY0EWcALxvw268G/mTj1JZyDq4HnB3fgmxnpbxZG38GW8+nrmgtlctTfJEzUuOx 14YBaworFshdRkeMyz5LQO6mawb+h2Y/BWpWSpR74nd+73sp3GSUUcnCEVqoALh+HbmB XRDmZocDyZRMzXnzOutms7Y26YBHYPmwNvZ+KAx0iNLBn+KGDgZt2dgeeaEsGnwGrLmK LsnanWphT4hLVM597pUKRHvFPWN1jlprZZzvI3HZl1LXgiEKeArrCMiDZVWM9emtYiRm mIRA== X-Gm-Message-State: ACrzQf1WPCJOz8F2NSrld8ENzOhAgH2MoWua7aEjIe5lrmXzx5/6fvf3 UnOK8GBowep8+92ZkRsatDSh0slZ+SeYweG4m+HXv0VMZwxWXMW5Houz4ouR26yKnwanrN2hA97 8u42n/SgD4QzznaFs379FwriZ3HbkMIflCCRKZ9Aljw6BHXKeBMVvbv34n7YBVRk790nFDJWj X-Google-Smtp-Source: AMsMyM7AEG/PHRE/PAJfIvirZi/8MBo+6gmKUXgAfN1z2bLvV4rA8HnctJ86FJNToEWiHsMK90jh8VM= X-Received: from pcc-desktop.svl.corp.google.com ([2620:15c:2ce:200:2844:b0ec:e556:30d8]) (user=pcc job=sendgmr) by 2002:a05:6902:202:b0:6b5:2297:58f2 with SMTP id j2-20020a056902020200b006b5229758f2mr32536668ybs.205.1667524274233; Thu, 03 Nov 2022 18:11:14 -0700 (PDT) Date: Thu, 3 Nov 2022 18:10:39 -0700 In-Reply-To: <20221104011041.290951-1-pcc@google.com> Message-Id: <20221104011041.290951-7-pcc@google.com> Mime-Version: 1.0 References: <20221104011041.290951-1-pcc@google.com> X-Mailer: git-send-email 2.38.1.431.g37b22c650d-goog Subject: [PATCH v5 6/8] KVM: arm64: unify the tests for VMAs in memslots when MTE is enabled From: Peter Collingbourne To: linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu Cc: Peter Collingbourne , Cornelia Huck , Catalin Marinas , Will Deacon , Marc Zyngier , Evgenii Stepanov , kvm@vger.kernel.org, Steven Price , Vincenzo Frascino X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20221103_181115_932063_3ADC0EE7 X-CRM114-Status: GOOD ( 15.74 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Previously we allowed creating a memslot containing a private mapping that was not VM_MTE_ALLOWED, but would later reject KVM_RUN with -EFAULT. Now we reject the memory region at memslot creation time. Since this is a minor tweak to the ABI (a VMM that created one of these memslots would fail later anyway), no VMM to my knowledge has MTE support yet, and the hardware with the necessary features is not generally available, we can probably make this ABI change at this point. Signed-off-by: Peter Collingbourne Reviewed-by: Catalin Marinas Reviewed-by: Steven Price Reviewed-by: Cornelia Huck --- arch/arm64/kvm/mmu.c | 25 ++++++++++++++++--------- 1 file changed, 16 insertions(+), 9 deletions(-) diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c index fa2c85b93149..9ff9a271cf01 100644 --- a/arch/arm64/kvm/mmu.c +++ b/arch/arm64/kvm/mmu.c @@ -1108,6 +1108,19 @@ static void sanitise_mte_tags(struct kvm *kvm, kvm_pfn_t pfn, } } +static bool kvm_vma_mte_allowed(struct vm_area_struct *vma) +{ + /* + * VM_SHARED mappings are not allowed with MTE to avoid races + * when updating the PG_mte_tagged page flag, see + * sanitise_mte_tags for more details. + */ + if (vma->vm_flags & VM_SHARED) + return false; + + return vma->vm_flags & VM_MTE_ALLOWED; +} + static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, struct kvm_memory_slot *memslot, unsigned long hva, unsigned long fault_status) @@ -1284,9 +1297,8 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, } if (fault_status != FSC_PERM && !device && kvm_has_mte(kvm)) { - /* Check the VMM hasn't introduced a new VM_SHARED VMA */ - if ((vma->vm_flags & VM_MTE_ALLOWED) && - !(vma->vm_flags & VM_SHARED)) { + /* Check the VMM hasn't introduced a new disallowed VMA */ + if (kvm_vma_mte_allowed(vma)) { sanitise_mte_tags(kvm, pfn, vma_pagesize); } else { ret = -EFAULT; @@ -1730,12 +1742,7 @@ int kvm_arch_prepare_memory_region(struct kvm *kvm, if (!vma) break; - /* - * VM_SHARED mappings are not allowed with MTE to avoid races - * when updating the PG_mte_tagged page flag, see - * sanitise_mte_tags for more details. - */ - if (kvm_has_mte(kvm) && vma->vm_flags & VM_SHARED) { + if (kvm_has_mte(kvm) && !kvm_vma_mte_allowed(vma)) { ret = -EINVAL; break; }