From patchwork Tue Feb 20 07:29:23 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ankit Agrawal X-Patchwork-Id: 13563527 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id BCA74C48BC4 for ; Tue, 20 Feb 2024 07:30:14 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 48F656B0088; Tue, 20 Feb 2024 02:30:14 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 466426B008A; Tue, 20 Feb 2024 02:30:14 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 32EC06B008C; Tue, 20 Feb 2024 02:30:14 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 1F67C6B0088 for ; Tue, 20 Feb 2024 02:30:14 -0500 (EST) Received: from smtpin13.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id E5FDBA0719 for ; Tue, 20 Feb 2024 07:30:13 +0000 (UTC) X-FDA: 81811358706.13.D9C187D Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2073.outbound.protection.outlook.com [40.107.92.73]) by imf27.hostedemail.com (Postfix) with ESMTP id EBE9C40018 for ; Tue, 20 Feb 2024 07:30:10 +0000 (UTC) Authentication-Results: imf27.hostedemail.com; dkim=pass header.d=Nvidia.com header.s=selector2 header.b=Fb1zzZyZ; spf=pass (imf27.hostedemail.com: domain of ankita@nvidia.com designates 40.107.92.73 as permitted sender) smtp.mailfrom=ankita@nvidia.com; dmarc=pass (policy=reject) header.from=nvidia.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1708414211; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=IoPzkQBrSXGbR3QNuq0ibVfzLWAru2X7Q0eQS9NWgiA=; b=x8jD7z1yULDQTrl3tYVMRAajjlaLyiEO9aBQbxOfPLhq2VaLlglIN4MdMsbJzs1RNbM/eb yge8jfOGv/mLBcXNSY4PTqLxqhVymZh7dvI82TIJ1efu8f0nFyzPRvUtDnJsF6hPMzBF9j FLnC51HxZ9poVYiLJRYGEJjr5sZWSTw= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1708414211; a=rsa-sha256; cv=pass; b=x+n7iKzmXFVkRA5JDqobPFxu4Ul6i6qwnHWYmA1KSKNfFXX/7FYwaQtVl8BmN9soGugyZR tjjCfh+pDFmeoj9B+t5s9T0gaVnkh0CWzV4YIOtjWM2moyDbnDlRDxbWSOocj1hR44E4TS OwSFZFETiWlUVY7a2wVipYquxo4XQoo= ARC-Authentication-Results: i=2; imf27.hostedemail.com; dkim=pass header.d=Nvidia.com header.s=selector2 header.b=Fb1zzZyZ; spf=pass (imf27.hostedemail.com: domain of ankita@nvidia.com designates 40.107.92.73 as permitted sender) smtp.mailfrom=ankita@nvidia.com; dmarc=pass (policy=reject) header.from=nvidia.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=P3Nzmg+kKXSG0HqpGZLC1vvl5GkDooT1pWOIfrqfiux0QFjTPIdYyqw8iAj3KHOoCUz+EI1TiKq/x04lgPcglQj9mjryDJYAthmbvZM2/wbW22ldGqSOZpBYBcepIorwRcxtFYzPmmE5bkGPS8aR0dVPJmDlCJQjIF8TM1ErG+4XquRKpRX1eHOnBlXiAbNVJhll2NF0hogJ1hu8K3jupaTisffkSUwbDqrAtRuJropxa7AFKbgZe8y2nHJxe4PuGFFSzG5ME71DMm3UxaJ5mzNkx1578M60bw6YS863B8BqoEcNlT0xzmZFff9Z+bXmut5wvQbsaj5s9H+q6Npx9g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=IoPzkQBrSXGbR3QNuq0ibVfzLWAru2X7Q0eQS9NWgiA=; b=M+TS2XTN2hxWoVQ2RwLeumuhHyunZ/hwPmgJrzbctQINnU+i11EmrsHyYL4tHA0wUe7Vu3vFJ1dJyRbQK3h3XaJB9kx0V5ORmTMTNSQvhEzGDfBgEOraLolEvuiZS07S4oWPEi+LyNDbv4gjpoQtPfJc7UF+na9tDDdJdcL6gx0CEwK2JZMfz+PKpzm89vFCFv/FYkiy62PUlAPXrW0PEjZPtSZB96lA+SLdZbyxOvN1XVVpYzlTQmoI9JfzR+xPsxnl8eUfUj1HUWOL14V9wWnOE3g7o4y7fiX6s4kg6qMDsMEfsBPXRS79mb34l6n3+OJDMbqFrNdONG4X9LJq2Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.160) smtp.rcpttodomain=kernel.org smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=IoPzkQBrSXGbR3QNuq0ibVfzLWAru2X7Q0eQS9NWgiA=; b=Fb1zzZyZeZUK8dbUIo5m44qdm7uD/cgq0OyiMqcdewqjvrtPmecQHd/WahS1OEs2VdM9Ck0ErSUKD3CalC58fvNTuUoh9RPobWbsOecp0CZoNWuhZIaDFM9R9cbTRcrB10OoY/P2OzLX1NrGlB33JkR1Kelqw+/Gp6SHzjM4/CAxfSPjW0GE7j1BsBOho1J956x71AP5w19IRXT8tMZowSsyLAqPI82dfj9qofacYH7bHVozd4F3QGd+RPVREiMLEG/SB1N+s3SOUkxSeatlLwHfQSDD3nC1xR/158iwVLLEM19nqOsuPkjt4kMUrI5r/l2eHFpNxAnr3lLONCUAaw== Received: from DS7PR07CA0012.namprd07.prod.outlook.com (2603:10b6:5:3af::20) by DS7PR12MB6334.namprd12.prod.outlook.com (2603:10b6:8:95::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7292.25; Tue, 20 Feb 2024 07:30:07 +0000 Received: from DS1PEPF00017099.namprd05.prod.outlook.com (2603:10b6:5:3af:cafe::c8) by DS7PR07CA0012.outlook.office365.com (2603:10b6:5:3af::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7292.40 via Frontend Transport; Tue, 20 Feb 2024 07:30:07 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.160) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.160 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.160; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.160) by DS1PEPF00017099.mail.protection.outlook.com (10.167.18.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7292.25 via Frontend Transport; Tue, 20 Feb 2024 07:30:07 +0000 Received: from rnnvmail202.nvidia.com (10.129.68.7) by mail.nvidia.com (10.129.200.66) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.41; Mon, 19 Feb 2024 23:29:58 -0800 Received: from rnnvmail202.nvidia.com (10.129.68.7) by rnnvmail202.nvidia.com (10.129.68.7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.12; Mon, 19 Feb 2024 23:29:55 -0800 Received: from sgarnayak-dt.nvidia.com (10.127.8.9) by mail.nvidia.com (10.129.68.7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.12 via Frontend Transport; Mon, 19 Feb 2024 23:29:42 -0800 From: To: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , CC: , , , , , , , , , , , , , , Subject: [PATCH v8 1/4] kvm: arm64: introduce new flag for non-cacheable IO memory Date: Tue, 20 Feb 2024 12:59:23 +0530 Message-ID: <20240220072926.6466-2-ankita@nvidia.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20240220072926.6466-1-ankita@nvidia.com> References: <20240220072926.6466-1-ankita@nvidia.com> MIME-Version: 1.0 X-NV-OnPremToCloud: ExternallySecured X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS1PEPF00017099:EE_|DS7PR12MB6334:EE_ X-MS-Office365-Filtering-Correlation-Id: 1ff7f7bc-aa9a-4c6c-a487-08dc31e5c386 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: ei9+qziGduQK+rK9wp9oU/XVY1BD6wFjPgbhkZxhgo0tlkn+jcw6DTssjjlCWGSaxKVAjFZvhhcsnilxz2sZLMmY3Qv7h0PpCtrso0vII8oywF8hI44DH022uM5xGu5QkLLWYjgmsZKoWXwIlQNDT2Gk+O1wXRSuWI2A9xrVNQyY1Ip13Wo8ZIe4ySZCYcY42AikSmooArRIZteEc7598Ho1T44If4xcEUKCMZtoUigz8bisCFBiefewQYcUdvKGbfaQF+bGDDP/bhld9Gn/YRL83ICUNV1A0kVn+DWNy9upbPxBTXamBw0pJ0Z5vQp7Ax08ynHISJH8fLVmc/2VgNVbXE8lSn3QmgEBKKkfri0rGn/Gznqc+kP0lPlKG9z1sQUqDHBeI4bvP6Z5JunrBq2OtS1b/bcklhGDic4o+cANhqW5Njh15GMp4w/ruySYw75KVmaCFOkgpNKrMXbUIBuIvbbp2V+/q4/oMnn53EoUXaQhvPpNT3wex2fagJmOZJcL51YpIbriJRH0sjk6rhYoxBraIsjPdwBjx87lZSxD5pmVROdCgiFiDrqCKT5ezc+ofexJxIo8rVrHIGONcGQk0FIxORtxpZPUBXSN/D0kV0Any7WFIVhouLkR5fl5nP3+4kFRU9t2g8KCFA++jtIs8LDcCFuWcH/wt6UB+xc= X-Forefront-Antispam-Report: CIP:216.228.117.160;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge1.nvidia.com;CAT:NONE;SFS:(13230031)(36860700004)(46966006)(40470700004)(921011);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2024 07:30:07.6171 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 1ff7f7bc-aa9a-4c6c-a487-08dc31e5c386 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.160];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: DS1PEPF00017099.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS7PR12MB6334 X-Rspamd-Queue-Id: EBE9C40018 X-Rspam-User: X-Rspamd-Server: rspam11 X-Stat-Signature: roqq75i9t4xcbys88qqr8c5pbjk9j7jr X-HE-Tag: 1708414210-215732 X-HE-Meta: U2FsdGVkX1+5BHdjClbtJsTBmLmG0LAn7MoJGI3eIA/G1iA9polOgumJDCRMQNwHV9jnUwx+0hamfYHNUieu2mSK8OMRGn49GjQGTIiLjm6IrLXB0jvZVdsV95mT7nC4FOSZtIpsd54vuJGe8F+YI6XIsX5XK+Y2gzbxcHwUo/Msr8p05Z1659VfA2QCfR+Vmp1W62AJepdwkMPCMHEahswlKeV+h06bJYy/jHqVDcij65wNFFZCJR+81ZPQiqIIN4uumQOMqwh6KoIEgJD+TN6sGJa74Ebah0CSepfH0tLVxRZ3VJmrQUYCjTDURFTLiTqn9Fg9extKPP/y5Gc7OfVo16u+a+vhJWnQVCTySw/txvRP7fEpq/SIEsHrAkYtfe+PA3p0jCaZPLmDNTY3UGpgVb0i36iEJxnnTtpGZU6InAXyE1Di5cboBzMGTrIaUJoCsonIQ9HeB0PJb5mLAkP/+R0UQym67EZUUEiq1Jlpik4EyDvz5xZuC3QRuTCa39t5hbeYY2qHZifi2pnJ25iUE1mt1tydEfWBxd849FEFhWF6abovLcH+ZbNkZGGhfiSj+4uFK3niRxyP1ROGWj7JZIfkoQ/CUeEZc1KI4amKJf9DEKcYdF+WYJRbDADnphVpWbjcN2oNGj/2WjOwOEdqBhluoyKXAPfLLu8qVAgZ5WmD64qOWz47bBIu6EM+WTBNHI7fkCwSEWnxzIr5NlmsLDtcUhz2fVijgxGjn0zQxweNnJf+wgYpm5RYGMqS/mOcY8YG1WtuUUo5VgOmUSov7sK57KXwKr3WlRTcMyy4+nABJQPJqV4BGy5zBtl2q6BwiO75hyI2f5BWmyuE6fGUzPwW6fQqk4hzfcpZRZhEAvPwD/rySPmXGWMz0LX1GeTk2w8sBNwmgNwuK7PF1U/2pzGPENh7mJX91IcUXGhddjQhxbNxUrusDPglZxCIs0Z+2VKDAgUnp5hOE/K kN7yHRvw BddH1Y9/Vg86xCAtek0nTb0NX6PH1AUmeRU+/AFFJFXHFMe1LYfmRT54QoWAk0qWH1426/YGEr8c4aKY7bmYWLWZgPTx8w/35akjQ8jrl/tMfe/gXzUBQJI7B/yGdfCasAj6yCXWdKf8/cLu4rvMoV1bzfutTysrbAl0BZqlezx4dkKw2JJlpV0ByOpdljmMQsdDJ7MFy5/S2ByLKt1J/nfZkTgxanew7YNC4cgqzd6I++kOOtHCsUUikpqLZG009k5VEQpKzMX89RcZDWksNCGS+Xn7FZxWOvReZ X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Ankit Agrawal Currently, KVM for ARM64 maps at stage 2 memory that is considered device (i.e. it is not RAM) with DEVICE_nGnRE memory attributes; this setting overrides (as per the ARM architecture [1]) any device MMIO mapping present at stage 1, resulting in a set-up whereby a guest operating system cannot determine device MMIO mapping memory attributes on its own but it is always overridden by the KVM stage 2 default. This set-up does not allow guest operating systems to select device memory attributes independently from KVM stage-2 mappings (refer to [1], "Combining stage 1 and stage 2 memory type attributes"), which turns out to be an issue in that guest operating systems (e.g. Linux) may request to map devices MMIO regions with memory attributes that guarantee better performance (e.g. gathering attribute - that for some devices can generate larger PCIe memory writes TLPs) and specific operations (e.g. unaligned transactions) such as the NormalNC memory type. The default device stage 2 mapping was chosen in KVM for ARM64 since it was considered safer (i.e. it would not allow guests to trigger uncontained failures ultimately crashing the machine) but this turned out to be asynchronous (SError) defeating the purpose. Failures containability is a property of the platform and is independent from the memory type used for MMIO device memory mappings. Actually, DEVICE_nGnRE memory type is even more problematic than Normal-NC memory type in terms of faults containability in that e.g. aborts triggered on DEVICE_nGnRE loads cannot be made, architecturally, synchronous (i.e. that would imply that the processor should issue at most 1 load transaction at a time - it cannot pipeline them - otherwise the synchronous abort semantics would break the no-speculation attribute attached to DEVICE_XXX memory). This means that regardless of the combined stage1+stage2 mappings a platform is safe if and only if device transactions cannot trigger uncontained failures and that in turn relies on platform capabilities and the device type being assigned (i.e. PCIe AER/DPC error containment and RAS architecture[3]); therefore the default KVM device stage 2 memory attributes play no role in making device assignment safer for a given platform (if the platform design adheres to design guidelines outlined in [3]) and therefore can be relaxed. For all these reasons, relax the KVM stage 2 device memory attributes from DEVICE_nGnRE to Normal-NC. The NormalNC was chosen over a different Normal memory type default at stage-2 (e.g. Normal Write-through) to avoid cache allocation/snooping. Relaxing S2 KVM device MMIO mappings to Normal-NC is not expected to trigger any issue on guest device reclaim use cases either (i.e. device MMIO unmap followed by a device reset) at least for PCIe devices, in that in PCIe a device reset is architected and carried out through PCI config space transactions that are naturally ordered with respect to MMIO transactions according to the PCI ordering rules. Having Normal-NC S2 default puts guests in control (thanks to stage1+stage2 combined memory attributes rules [1]) of device MMIO regions memory mappings, according to the rules described in [1] and summarized here ([(S1) - stage1], [(S2) - stage 2]): S1 | S2 | Result NORMAL-WB | NORMAL-NC | NORMAL-NC NORMAL-WT | NORMAL-NC | NORMAL-NC NORMAL-NC | NORMAL-NC | NORMAL-NC DEVICE | NORMAL-NC | DEVICE It is worth noting that currently, to map devices MMIO space to user space in a device pass-through use case the VFIO framework applies memory attributes derived from pgprot_noncached() settings applied to VMAs, which result in device-nGnRnE memory attributes for the stage-1 VMM mappings. This means that a userspace mapping for device MMIO space carried out with the current VFIO framework and a guest OS mapping for the same MMIO space may result in a mismatched alias as described in [2]. Defaulting KVM device stage-2 mappings to Normal-NC attributes does not change anything in this respect, in that the mismatched aliases would only affect (refer to [2] for a detailed explanation) ordering between the userspace and GuestOS mappings resulting stream of transactions (i.e. it does not cause loss of property for either stream of transactions on its own), which is harmless given that the userspace and GuestOS access to the device is carried out through independent transactions streams. A Normal-NC flag is not present today. So add a new kvm_pgtable_prot (KVM_PGTABLE_PROT_NORMAL_NC) flag for it, along with its corresponding PTE value 0x5 (0b101) determined from [1]. Lastly, adapt the stage2 PTE property setter function (stage2_set_prot_attr) to handle the NormalNC attribute. [1] section D8.5.5 - DDI0487J_a_a-profile_architecture_reference_manual.pdf [2] section B2.8 - DDI0487J_a_a-profile_architecture_reference_manual.pdf [3] sections 1.7.7.3/1.8.5.2/appendix C - DEN0029H_SBSA_7.1.pdf Suggested-by: Jason Gunthorpe Acked-by: Catalin Marinas Signed-off-by: Ankit Agrawal Acked-by: Will Deacon --- arch/arm64/include/asm/kvm_pgtable.h | 2 ++ arch/arm64/include/asm/memory.h | 2 ++ arch/arm64/kvm/hyp/pgtable.c | 24 +++++++++++++++++++----- 3 files changed, 23 insertions(+), 5 deletions(-) diff --git a/arch/arm64/include/asm/kvm_pgtable.h b/arch/arm64/include/asm/kvm_pgtable.h index cfdf40f734b1..19278dfe7978 100644 --- a/arch/arm64/include/asm/kvm_pgtable.h +++ b/arch/arm64/include/asm/kvm_pgtable.h @@ -197,6 +197,7 @@ enum kvm_pgtable_stage2_flags { * @KVM_PGTABLE_PROT_W: Write permission. * @KVM_PGTABLE_PROT_R: Read permission. * @KVM_PGTABLE_PROT_DEVICE: Device attributes. + * @KVM_PGTABLE_PROT_NORMAL_NC: Normal noncacheable attributes. * @KVM_PGTABLE_PROT_SW0: Software bit 0. * @KVM_PGTABLE_PROT_SW1: Software bit 1. * @KVM_PGTABLE_PROT_SW2: Software bit 2. @@ -208,6 +209,7 @@ enum kvm_pgtable_prot { KVM_PGTABLE_PROT_R = BIT(2), KVM_PGTABLE_PROT_DEVICE = BIT(3), + KVM_PGTABLE_PROT_NORMAL_NC = BIT(4), KVM_PGTABLE_PROT_SW0 = BIT(55), KVM_PGTABLE_PROT_SW1 = BIT(56), diff --git a/arch/arm64/include/asm/memory.h b/arch/arm64/include/asm/memory.h index d82305ab420f..449ca2ff1df6 100644 --- a/arch/arm64/include/asm/memory.h +++ b/arch/arm64/include/asm/memory.h @@ -173,6 +173,7 @@ * Memory types for Stage-2 translation */ #define MT_S2_NORMAL 0xf +#define MT_S2_NORMAL_NC 0x5 #define MT_S2_DEVICE_nGnRE 0x1 /* @@ -180,6 +181,7 @@ * Stage-2 enforces Normal-WB and Device-nGnRE */ #define MT_S2_FWB_NORMAL 6 +#define MT_S2_FWB_NORMAL_NC 5 #define MT_S2_FWB_DEVICE_nGnRE 1 #ifdef CONFIG_ARM64_4K_PAGES diff --git a/arch/arm64/kvm/hyp/pgtable.c b/arch/arm64/kvm/hyp/pgtable.c index ab9d05fcf98b..3fae5830f8d2 100644 --- a/arch/arm64/kvm/hyp/pgtable.c +++ b/arch/arm64/kvm/hyp/pgtable.c @@ -717,15 +717,29 @@ void kvm_tlb_flush_vmid_range(struct kvm_s2_mmu *mmu, static int stage2_set_prot_attr(struct kvm_pgtable *pgt, enum kvm_pgtable_prot prot, kvm_pte_t *ptep) { - bool device = prot & KVM_PGTABLE_PROT_DEVICE; - kvm_pte_t attr = device ? KVM_S2_MEMATTR(pgt, DEVICE_nGnRE) : - KVM_S2_MEMATTR(pgt, NORMAL); + kvm_pte_t attr; u32 sh = KVM_PTE_LEAF_ATTR_LO_S2_SH_IS; + switch (prot & (KVM_PGTABLE_PROT_DEVICE | + KVM_PGTABLE_PROT_NORMAL_NC)) { + case KVM_PGTABLE_PROT_DEVICE | KVM_PGTABLE_PROT_NORMAL_NC: + return -EINVAL; + case KVM_PGTABLE_PROT_DEVICE: + if (prot & KVM_PGTABLE_PROT_X) + return -EINVAL; + attr = KVM_S2_MEMATTR(pgt, DEVICE_nGnRE); + break; + case KVM_PGTABLE_PROT_NORMAL_NC: + if (prot & KVM_PGTABLE_PROT_X) + return -EINVAL; + attr = KVM_S2_MEMATTR(pgt, NORMAL_NC); + break; + default: + attr = KVM_S2_MEMATTR(pgt, NORMAL); + } + if (!(prot & KVM_PGTABLE_PROT_X)) attr |= KVM_PTE_LEAF_ATTR_HI_S2_XN; - else if (device) - return -EINVAL; if (prot & KVM_PGTABLE_PROT_R) attr |= KVM_PTE_LEAF_ATTR_LO_S2_S2AP_R; From patchwork Tue Feb 20 07:29:24 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ankit Agrawal X-Patchwork-Id: 13563528 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 767F1C48BC3 for ; Tue, 20 Feb 2024 07:30:31 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 0E59C6B008C; Tue, 20 Feb 2024 02:30:31 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 096CD6B0092; Tue, 20 Feb 2024 02:30:31 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id E79826B0093; Tue, 20 Feb 2024 02:30:30 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id D8BFC6B008C for ; Tue, 20 Feb 2024 02:30:30 -0500 (EST) Received: from smtpin22.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id AD88AC05B7 for ; Tue, 20 Feb 2024 07:30:30 +0000 (UTC) X-FDA: 81811359420.22.3B1191A Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2060.outbound.protection.outlook.com [40.107.94.60]) by imf22.hostedemail.com (Postfix) with ESMTP id AED5AC0007 for ; Tue, 20 Feb 2024 07:30:27 +0000 (UTC) Authentication-Results: imf22.hostedemail.com; dkim=pass header.d=Nvidia.com header.s=selector2 header.b=K2r6bmJ6; dmarc=pass (policy=reject) header.from=nvidia.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf22.hostedemail.com: domain of ankita@nvidia.com designates 40.107.94.60 as permitted sender) smtp.mailfrom=ankita@nvidia.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1708414227; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=5HNtKkDPIq2Wa2PmpJenFBQzXvyzTh38KvX3ICNw+5U=; b=0xoyvrI89GbZgiAxgu88PdgXfd0siKB8YP8/BL2++atw9FnBrMdEkiSP7Z1H0EsGpfLeLK ILqCsnKm8tZHREIA/bu00p4UMvIn1QMfLMCjomLTCUPdfzYI01TXW+ob8lh+Dp2Ho53Zyx GnAX1yRmYZxD2LeWwC2rsdNQ7/j4sKs= ARC-Authentication-Results: i=2; imf22.hostedemail.com; dkim=pass header.d=Nvidia.com header.s=selector2 header.b=K2r6bmJ6; dmarc=pass (policy=reject) header.from=nvidia.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf22.hostedemail.com: domain of ankita@nvidia.com designates 40.107.94.60 as permitted sender) smtp.mailfrom=ankita@nvidia.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1708414227; a=rsa-sha256; cv=pass; b=PyEcucqtEF9WhbxQo7qV7e1h1wBrMAkjWL1uLZmyvGDXuhuxgKvJd22eWu3g30tYiG6cUO 40UZRctsSKoHjHA3QbLaN9H2vMondM4kk47a4B2P0KVIi4icsp2oWR4PCk2eNDZbOe0K38 2O3UJdBC1GiyLmRElWL6lyqRhGndIHE= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=DdwWsruWQUaRyntM3PSubqCMNkV2OHywqxa/hgPBZDF5E1AyerPvJyevXzUIPb9nmeNQI0GwBaDsanwl3AYuz4OTbFS8B5i+j0NngtVmkK6NnD3awUPsx8SR5Z3If3H6DtTrtviW0aTps2hhB7+eIUm6cpH7CfGLvJaYanrDG1KHi2KfiYUBc65ciPzKSU0trutMTXnnnpwUYl1s6bWsMX7AIZbtVcfuXTJZshy95ihDw6BIaiaE9sVf/e/qL7pHoooNb7bX0mHXGS8b/5ijPbfKacCkuHs03SKqlkJGGitfm0okHPM+POc6+l+XR0hxmD/kX0QKKj7QBQ65XTtaKQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=5HNtKkDPIq2Wa2PmpJenFBQzXvyzTh38KvX3ICNw+5U=; b=Ud91zoghkI6PfPQDILa95GjRRf386rPb6+xamcElDPq7Vo/oYfbFJNpVf/zBv9Jb0ccD8ulzvKLfDbrmlccraX/MbMZ8ceS6vAAPT/YJ0XiPTDwauIqYQtKSdjKIOlmRQqt/PGfWjZUGPIP2eEsqb4E3iTsN2xst7Giur0gxUhDSZoM7Vw4MjsSscw+PtuR7THvzSaIUSOZDLpAsd5XJFUNLI3wIy1sVweiBHZWGab+MMVdTWsjdLG6P4oIF7f2IhrveA+fwGLn3+7SIZJOL7mwsSEcZy1rlPnIzSfe+2oUqoKnC+WsJ1GEyJjNX/FKQzJG9K2F8bxdZe+28KPJScQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.160) smtp.rcpttodomain=kernel.org smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=5HNtKkDPIq2Wa2PmpJenFBQzXvyzTh38KvX3ICNw+5U=; b=K2r6bmJ6LloCVaYjqstLQFO2hLH7vK+PqWVlIvVUbEzbV664RUWA6ysiCptxa8go8mD25MN82hrU+0E7JjuWA1zAuAjhyRzeaoy69j3LMSMIqwzLjgjXFbkbF3AbIMbIAJRmHX2BkUPhPD++TfzWGE5JhqovQW16Cef/Cuj1c/GOlCtvy6+E46rqC2ItxbfyWASO8M8OwqlwL7tqKlHLfKZdcfByYmgR/lrlkg8SL2Xk/mK70792Fcxbx0544Kd3orNJO0Ha8VdeHtDkNL5Y4OK/as0NPjapZNUbb9OiRS1Lgy82r0Gavsugw1U+4kdoPINZ60vI3PT1lSwywvUZKg== Received: from DM6PR04CA0017.namprd04.prod.outlook.com (2603:10b6:5:334::22) by DM4PR12MB7501.namprd12.prod.outlook.com (2603:10b6:8:113::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7316.19; Tue, 20 Feb 2024 07:30:22 +0000 Received: from DS1PEPF00017096.namprd05.prod.outlook.com (2603:10b6:5:334:cafe::a4) by DM6PR04CA0017.outlook.office365.com (2603:10b6:5:334::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7292.39 via Frontend Transport; Tue, 20 Feb 2024 07:30:22 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.160) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.160 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.160; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.160) by DS1PEPF00017096.mail.protection.outlook.com (10.167.18.100) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7292.25 via Frontend Transport; Tue, 20 Feb 2024 07:30:22 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.66) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.41; Mon, 19 Feb 2024 23:30:10 -0800 Received: from rnnvmail202.nvidia.com (10.129.68.7) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.12; Mon, 19 Feb 2024 23:30:09 -0800 Received: from sgarnayak-dt.nvidia.com (10.127.8.9) by mail.nvidia.com (10.129.68.7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.12 via Frontend Transport; Mon, 19 Feb 2024 23:29:56 -0800 From: To: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , CC: , , , , , , , , , , , , , , Subject: [PATCH v8 2/4] mm: introduce new flag to indicate wc safe Date: Tue, 20 Feb 2024 12:59:24 +0530 Message-ID: <20240220072926.6466-3-ankita@nvidia.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20240220072926.6466-1-ankita@nvidia.com> References: <20240220072926.6466-1-ankita@nvidia.com> MIME-Version: 1.0 X-NV-OnPremToCloud: ExternallySecured X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS1PEPF00017096:EE_|DM4PR12MB7501:EE_ X-MS-Office365-Filtering-Correlation-Id: 9baeac31-ee65-4a6f-3e6f-08dc31e5cc6d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: OjL1k5WQRcdh4vjhjQUUxo5cuWa1ZDmV55Tq5D+dou1QEShSv6LFhmfkPBvlzWv4/AHbwbRyH+JN/A4B/2nGMTsZBaHFlmaN5+/82PIawBYcSOLHBb2w7Z/5MStxWEi6MquQuTrUtUClyWEK/TNnMSYMI3poKqh8FJSbeBT5MMYF8/UmtSJxQsUxUngPXfiAlp5rrkdtvcFbaLUAQmKKgWvbKK0RpPQhK5iPQrVBrZoYtZRTza868S7ZuJsofxJmPfzc0mhQaW8ncc251pG362D7oS5tG/uJch1QSO7Mz0lsUNgyzm6xWwlUr6qKgLWVwLZ3rS37fSDiF220i6RRWOwHijFku3B3Az/PshJa2OmCld41T8yD1fxVG2j6MNRxUtKoJhXCGLwwE2r0B7HteMQI1xaf37K9clRYRHnJTSC9cj4S87tE4+XAJgOypzp8XkzrE7UafR1m8U9wf6gNVzOo5MecFksP9hP7CfJ6KVVXWiIaxbiKDabCmIeVkeSm+DvYZ6wVVBYbFAIpoWoPMshVOcZKFitAfEtC7lEE/xUfxvORxwrmQF23rZkfiBjvcJriskPO19Ed6vtn4SB0r5Ab0xZUxWWzVQXaReJgqC3nLcRudF6wk1wm5TYYVzJmgyflfA6h6xUHl7SR5M/J9l3wy1lx+cqjYIpVfhQbAL8= X-Forefront-Antispam-Report: CIP:216.228.117.160;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge1.nvidia.com;CAT:NONE;SFS:(13230031)(36860700004)(46966006)(40470700004)(921011);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2024 07:30:22.4876 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 9baeac31-ee65-4a6f-3e6f-08dc31e5cc6d X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.160];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: DS1PEPF00017096.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB7501 X-Rspamd-Server: rspam09 X-Rspamd-Queue-Id: AED5AC0007 X-Stat-Signature: ggh1rmj7a49w3tihey45a6gfabwn896m X-Rspam-User: X-HE-Tag: 1708414227-672451 X-HE-Meta: U2FsdGVkX1+5MrwKk8unpbBn9U9L7FyvJt6rgyhcgzJjIJBaAc5WSjVjH3EZOcwT6ToJHxRn19sCURV5bnJudch4ixA8waI/W8YewbDW/OCEzZUyRFH5lmwFyg2z12cjaswQxNwtDr5fFRouioZYKMzI+3KlmCuOXSSlbBLx0anELE+tOyUrNBoxPxabajPMHT1bzyHG0y3oKbU8iMCF3xJcXiyPDYqlhZmyJV9VmM/65FTPJge1Vhg9kDZfJj6NY9Tq5QTv3/0qJHSfHx9u/IQbbfXM3A9zA+17C5QYMzzwmC+dmOrrf2r1qX8pftUMlBVE/Um0OrlGXUthgWebHml1tVjLDCFLHHyTJ4yd/jC8Bq2oDn3ECAPU3VQHz0QSXYHGe56gU3NDA1isXLggQ2Yv4is2KR+FrZ8+6pqBsVjywB2Bq1uWVZcOd2ZmGl5jynAlrmQpQjCU9Ip+icAhSmSpCo3FcYQcaOf13zrRGTvdGemZ+i8MzKG7BuZbrN3P09wgboqR5JNCFeDyUcc/ylnaVBXvsoMdx54JUTzQEUlZM1nvZOWnFitMUlQzvPPgWVWRJk9+KfsPpha209tM03gvYBUOSgQshBtYsnz1XBC01QFnACBkjoWrq8GGfL0Hs+qKviGlCNFXFy1ZxDSI110IXv0PDVhIeszOFZNyr2HhM2b1uVxgrEi1Y1P7rKFHTwPCo5p4YuUWXJkQhyuKns9nlJ0QtxHMVxogY6U6IPgbr1pYyek3aHIA3iDntf3GqpEaT3ixINba70V/nY0y9exY1HWWGtKRJ3BjMY6JaFqkgmfBjxKTv//fePBbWJGQ7MtNwSwxbKLXqd9Hvc36Ed9F1uEfnZowCjxyzqUvaSCVRVOjO4KMrxa55ayQIlNGBTArJQbk0MivXsVcOj17tAxom9QsMp6IRJR2K6s/mF+PADdFRF8NIPqYcuxHyUgIslIAKh+iaf89/an31ca lTk0AGiV JLjt/mEHqov9MQOOhDgmH7xhB2RA8DhQNKJbZMKHnbXmr6AqEnYnqxohe7KlrX5Zh6LVOROiz8ZlDxT9Htl+B9dTPIjJPMF4+FjO67VqDADgxUbIFMrsWr8JTI9kGgkm2fcxdIhbcAGFQdON2U125fDu/KCd5ITOIG03QYBWzVkM1zL38pco3jDlhe17PnYAzpFD/PLh/tv9qDbSbbDKBOLfVR14RoR53+kIjVsEIrzQsSCDa3MFCrYEytjvI4P64cedDHkeA4WmsXbLgPVfvJ9iNvfrKkMWp683IP9Zx3Do4DKuIMPGy92XmUg== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Ankit Agrawal The VM_ALLOW_ANY_UNCACHED flag is implemented for ARM64, allowing KVM stage 2 device mapping attributes to use NormalNC rather than DEVICE_nGnRE, which allows guest mappings supporting combining attributes (WC). ARM does not architecturally guarantee this is safe, and indeed some MMIO regions like the GICv2 VCPU interface can trigger uncontained faults if NormalNC is used. Even worse we expect there are platforms where even DEVICE_nGnRE can allow uncontained faults in corner cases. Unfortunately existing ARM IP requires platform integration to take responsibility to prevent this. To safely use VFIO in KVM the platform must guarantee full safety in the guest where no action taken against a MMIO mapping can trigger an uncontained failure. We belive that most VFIO PCI platforms support this for both mapping types, at least in common flows, based on some expectations of how PCI IP is integrated. This can be enabled more broadly, for instance into vfio-platform drivers, but only after the platform vendor completes auditing for safety. The VMA flag VM_ALLOW_ANY_UNCACHED was found to be the simplest and cleanest way to communicate the information from VFIO to KVM that mapping the region in S2 as NormalNC is safe. KVM consumes it to activate the code that does the S2 mapping as NormalNC. Suggested-by: Catalin Marinas Reviewed-by: Jason Gunthorpe Acked-by: David Hildenbrand Signed-off-by: Ankit Agrawal --- include/linux/mm.h | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/include/linux/mm.h b/include/linux/mm.h index f5a97dec5169..59576e56c58b 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -391,6 +391,20 @@ extern unsigned int kobjsize(const void *objp); # define VM_UFFD_MINOR VM_NONE #endif /* CONFIG_HAVE_ARCH_USERFAULTFD_MINOR */ +/* + * This flag is used to connect VFIO to arch specific KVM code. It + * indicates that the memory under this VMA is safe for use with any + * non-cachable memory type inside KVM. Some VFIO devices, on some + * platforms, are thought to be unsafe and can cause machine crashes + * if KVM does not lock down the memory type. + */ +#ifdef CONFIG_64BIT +#define VM_ALLOW_ANY_UNCACHED_BIT 39 +#define VM_ALLOW_ANY_UNCACHED BIT(VM_ALLOW_ANY_UNCACHED_BIT) +#else +#define VM_ALLOW_ANY_UNCACHED VM_NONE +#endif + /* Bits set in the VMA until the stack is in its final location */ #define VM_STACK_INCOMPLETE_SETUP (VM_RAND_READ | VM_SEQ_READ | VM_STACK_EARLY) From patchwork Tue Feb 20 07:29:25 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ankit Agrawal X-Patchwork-Id: 13563529 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0ADFCC48BC3 for ; Tue, 20 Feb 2024 07:30:47 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 9C0286B0093; Tue, 20 Feb 2024 02:30:46 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 970196B0095; Tue, 20 Feb 2024 02:30:46 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 811026B0096; Tue, 20 Feb 2024 02:30:46 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 708476B0093 for ; Tue, 20 Feb 2024 02:30:46 -0500 (EST) Received: from smtpin29.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 1345D8045E for ; Tue, 20 Feb 2024 07:30:46 +0000 (UTC) X-FDA: 81811360092.29.270559F Received: from NAM02-DM3-obe.outbound.protection.outlook.com (mail-dm3nam02on2046.outbound.protection.outlook.com [40.107.95.46]) by imf17.hostedemail.com (Postfix) with ESMTP id 211FD40018 for ; Tue, 20 Feb 2024 07:30:42 +0000 (UTC) Authentication-Results: imf17.hostedemail.com; dkim=pass header.d=Nvidia.com header.s=selector2 header.b=P8dxjSOJ; dmarc=pass (policy=reject) header.from=nvidia.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf17.hostedemail.com: domain of ankita@nvidia.com designates 40.107.95.46 as permitted sender) smtp.mailfrom=ankita@nvidia.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1708414243; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=GEUPBUp/mRSrwoBY6hHPxBFvFm1Cd4dE+qw16gP2bsw=; b=6n41FwFNXPGSi4GzpvJJilCP4/03mezfIUtAa2pymqJ1XccClhaEdM1oQDYLMwVuF/lH1k SEXxKvdrbF0DXUeVSLw0H8G7qglHpPFp1WfBEPr/hWrMAyDZH62SBcJrcs+Uo/pgdVNkDU odv5SjHFQKK+keVcCWTjuuOWlIzsbow= ARC-Authentication-Results: i=2; imf17.hostedemail.com; dkim=pass header.d=Nvidia.com header.s=selector2 header.b=P8dxjSOJ; dmarc=pass (policy=reject) header.from=nvidia.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf17.hostedemail.com: domain of ankita@nvidia.com designates 40.107.95.46 as permitted sender) smtp.mailfrom=ankita@nvidia.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1708414243; a=rsa-sha256; cv=pass; b=VVwdIX06z7jzLR4MF1Oa2AdVepBQqkYc0w3UqxFWBQRi3A25f2H3l3vGWm2lQdr9liqEzm 6VL3wQgQHmEybkiIOJP1ePgRNrH7cEvLyERPRg2Y+BfzafxU+TCyIdRwzBQoyIHCNWwJ7j jvKnF+eXnEOUG7abuONI214km8CEahQ= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=inHGrvtncYNmQA0SSNYxz2O9Zv4pzyhYuqjV5gRztnEyTs4s8y9LUq/iNezPzPBe646uD6A6taJRvUBWZ4uN4uQk6hfVe5830VO2iS15aDSHFoi9TM0jfC+l8WYZ+NxrhZJ46dfxlq3jHCH8m/aiPoESaK5TPuD2Fb3ueF2mqdr5FQHtFxn1Rw+eIgqp+WohIeM8dtQAx7AfwaSAw2WnS8LEhwu/Ncfbcdc68UJOm2sEhWS7cICnuCmIHLzAD10DKsdUixiK0lID+i4NTKspMsHftZhtzMTAwCmVkEv+1IhmXQhEQVRxmc6DU1QxSrL3k+ewsRtzooPI0xF5SY70+Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=GEUPBUp/mRSrwoBY6hHPxBFvFm1Cd4dE+qw16gP2bsw=; b=hnWmGRlpLQnaapNYoqzg0r1UGJHhLD41vPBwj3HOT9GVfyiVs7uYWggCPy51WHE2Mp1laWHi7SebDiviTdMs6lCs2sbhWV9PVDqSEEyBAPqhKLnU7uzq2bovCwAd0NwdhrhxJ1vF+1Q70/zM40T/3wwOXKgVu5C8rm+wwqzsW8I17S609Qk9yogE7CW8IcbLaRxCTcAnbYvYhnSSuNMPXiUIBNK+JiB6n9UquhdgchvxBUV9gvA3fS9JBuZdbIqxjyeEvXzgKOYH5V/37BopYTaKN0NwLqzcHqpEl7E7plfbdAsVLLPzz+bymtbyt2vpv1S4Rak8TONLbHckJQRPfQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.160) smtp.rcpttodomain=kernel.org smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GEUPBUp/mRSrwoBY6hHPxBFvFm1Cd4dE+qw16gP2bsw=; b=P8dxjSOJyVuRH67AcNtP8cxTAJ3hb/a574V4QUpha6qAi0g3+Rfa7ox+fOckXoDBSc3tAZdvA6bdLdStehJXj2WpNIu1W9rM1N8KK/juHRssHlS+yqzrtC8yN6T6Yd2kJItC3uiZJJ79FCUbbcqMse/kNwLwJ0UFOj7JYJddZIwkglA6xXkTcxgolnIh9BRjzNNcAVrDojl+SGm/UnD/Fv+H1lzBJ1OxY3ToP+mwh9zt4Qq837b8hG9dBfY1oJOhOplTk7epkEdPOhwb10k8NIUdps1M3ILFmCtDNOLEIBgDRvuqGt5K2dCNnci2Br5UpU+5f2HUgU2WeoN2vWsO0Q== Received: from CY8PR22CA0015.namprd22.prod.outlook.com (2603:10b6:930:45::14) by CY8PR12MB8242.namprd12.prod.outlook.com (2603:10b6:930:77::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7316.19; Tue, 20 Feb 2024 07:30:40 +0000 Received: from CY4PEPF0000FCBE.namprd03.prod.outlook.com (2603:10b6:930:45:cafe::93) by CY8PR22CA0015.outlook.office365.com (2603:10b6:930:45::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7292.39 via Frontend Transport; Tue, 20 Feb 2024 07:30:40 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.160) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.160 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.160; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.160) by CY4PEPF0000FCBE.mail.protection.outlook.com (10.167.242.100) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7292.25 via Frontend Transport; Tue, 20 Feb 2024 07:30:40 +0000 Received: from rnnvmail204.nvidia.com (10.129.68.6) by mail.nvidia.com (10.129.200.66) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.41; Mon, 19 Feb 2024 23:30:23 -0800 Received: from rnnvmail202.nvidia.com (10.129.68.7) by rnnvmail204.nvidia.com (10.129.68.6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.12; Mon, 19 Feb 2024 23:30:23 -0800 Received: from sgarnayak-dt.nvidia.com (10.127.8.9) by mail.nvidia.com (10.129.68.7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.12 via Frontend Transport; Mon, 19 Feb 2024 23:30:09 -0800 From: To: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , CC: , , , , , , , , , , , , , , Subject: [PATCH v8 3/4] kvm: arm64: set io memory s2 pte as normalnc for vfio pci device Date: Tue, 20 Feb 2024 12:59:25 +0530 Message-ID: <20240220072926.6466-4-ankita@nvidia.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20240220072926.6466-1-ankita@nvidia.com> References: <20240220072926.6466-1-ankita@nvidia.com> MIME-Version: 1.0 X-NV-OnPremToCloud: ExternallySecured X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000FCBE:EE_|CY8PR12MB8242:EE_ X-MS-Office365-Filtering-Correlation-Id: 1e7e5fe0-ac1e-4e0f-2755-08dc31e5d6ee X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: qpLJyNWq3sY6o8aGbW1uTCBZ8xMGTbned0cGf7WeEH649MhkBsfFNv0F7bD3Id2MbGCRcYtBt/O+OCgSQvpxiGkEqMNiLFOFC1knnfjSOgo62mubXO0I9QrInBippSz1B+VxQfaAsjeigvx3uIFKUVNhgZTiJjaHFYeoFUfygNbL4nFd/9bmeguhtB7rqwgO10TLXsU1YJOIVXN3uWb0aaovquG3OoyohEkonZdQMe9zYdjwaXRww21Yu+JYCcAiyYHZVVGl5JV+iqfD6F8nZ9pLFpFn4BkSDohG5Omp9ctgFNjTtPRMhm7A0wj0UDpCYHAVO9BECoQQv+IeTfZ/lNUZfvkhxmAzW0p4gIfwuBqlyjnTcX08Jz3aQLh3/fpI9SLO6gltqtUTyonPNq0BqKGi+BVwhPO1Y3gtyk2J06ArR/XtpWt8rjAswBQAOemh4F97qts01urpAXc7VKIm3xckVITWFu8fyjQOUcD3XCXeiCi1RGREAb11otFuINznz48sE7eCvLIqzmfNu60mBWX8mjNtnfyTEHfXIJ1zIcWiSSZ48qW88NgdWSxQl3Ba+K+DAq2Fy5/tm0Q6CE04dCdqlUMcmra8D6QbMakX3QNnso2xWvvB0vdmzGCo+z3jhWezXmRKFRHYfBLUBdYgcHzIYkdqpoQK4QeSK5Hpjek= X-Forefront-Antispam-Report: CIP:216.228.117.160;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge1.nvidia.com;CAT:NONE;SFS:(13230031)(36860700004)(40470700004)(46966006)(921011);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2024 07:30:40.1721 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 1e7e5fe0-ac1e-4e0f-2755-08dc31e5d6ee X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.160];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000FCBE.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY8PR12MB8242 X-Rspam-User: X-Rspamd-Server: rspam12 X-Rspamd-Queue-Id: 211FD40018 X-Stat-Signature: rimrmnncc7ynhdijuhutyo916eztheg4 X-HE-Tag: 1708414242-151140 X-HE-Meta: U2FsdGVkX1/X6GOOs2OhtTOtYakjRWf1gasPwVSvsXmIJpeJ4uDpYEn1wcwfFNM4u+tTfx1BiLTeGKj3SWGNDPOTWwszGpWwSk5gTjTOQnACTFlDEm3qrBhEObHaxSa7EyDlcMFEIgAbB6pUg1xKYioqvi1OgDtwFLCAsJ/4wUC5rW/vTdrIneLsPQaBiwwUlNlPihbf7QIdQjaaa/d9dJAoSNJXqVcKpR3Wo5CgM4ya7X6Lh2/jrHxUarARMEXBhaHO11qZHC6n9F5jDyVUZ+/NmVDYcSfA8K3OlEAwyKxdONYq5EChySux2jlf9QzYcYBDVADvW6awZH/5MHKPZVGwy6hBKVc1vhnUrTZBNj6ANXgWieIxQsWbKJQte411pEt+xYmtK2i2zdJAhjpg+Z7pJUOVDo+aMAR3QTdfwTm1w1BSoRB6I6g3TZrWSrc36C48nfPPWH0qCh0R+81bn+3ehdRu4tLft1V7F5pH9OLDBZl6DERzAJs7oiNLlIAa4s9d4p9l0LS/q35GEVa9Ce7jJMUPhfnZBHI1Z5oHDGJwrRWiyCbGUqfHD+H4OrR0YOZkZ3zRglUi2LpMc0zCD4K/weAY2+CCUbXrqjULMghhlS1m/kpCwOjNXfab4NvdXLnB/WtH/8VayadmI6f5GHYXpnhXE0BPDkc1XpGDBD93P3XKsi+q2LbM1agV6TTyJgEumdR8KZox5kuiNFticjCwi3VYOwBCLmu91MYNOD/fSlQ6hS40TWJVCeRFaaCTkfRFBdfi+VeOUVlzpoQi5AH321V+4MR4qKBHgfwBv9CuUASB5/xExe3eSsJ8aVOWFK4+5Amld6QoNG7Y5uOUuOlU93n2s7ReGj3bluveBUo7Xs3sVvySgBOrPA7GmGOP1NTnhR4UZn+QLsK10QkNsgWeruPMP2yWCtLJtyGea1MyHYYFoLmN9O8Y4ZHQ20CU2Iq8998rdVAHQHI90RR 4phAerjw LkhaogzngsUc4NMSsEe5xamovOh6gS7Srr/cxKDe08HAzGnBp7Nw1h7E4IPHSuKEUekN6SFh4lxzhuHY2+nnlzZEaz2S8/04ENTee14gOFvdzsrr9nLsz1KZ/Bg6SgtfLKs+Elu+Vumi1JvDPkg11AJzmN80TD5vAULE4d2CYucLS8+5oFDcr8/6q75hq0CcjRgEqiPJvnM9ZR/IZ+pxLo6ELVAmFGLf7yaOJa2xiR1pyyMMFofY43TkGdxLumITPXnYdaneLwtZOEv6mwbcYqN6Z6Q== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Ankit Agrawal To provide VM with the ability to get device IO memory with NormalNC property, map device MMIO in KVM for ARM64 at stage2 as NormalNC. Having NormalNC S2 default puts guests in control (based on [1], "Combining stage 1 and stage 2 memory type attributes") of device MMIO regions memory mappings. The rules are summarized below: ([(S1) - stage1], [(S2) - stage 2]) S1 | S2 | Result NORMAL-WB | NORMAL-NC | NORMAL-NC NORMAL-WT | NORMAL-NC | NORMAL-NC NORMAL-NC | NORMAL-NC | NORMAL-NC DEVICE | NORMAL-NC | DEVICE Still this cannot be generalized to non PCI devices such as GICv2. There is insufficient information and uncertainity in the behavior of non PCI driver. A driver must indicate support using the new flag VM_ALLOW_ANY_UNCACHED. Adapt KVM to make use of the flag VM_ALLOW_ANY_UNCACHED as indicator to activate the S2 setting to NormalNc. [1] section D8.5.5 of DDI0487J_a_a-profile_architecture_reference_manual.pdf Suggested-by: Catalin Marinas Acked-by: Jason Gunthorpe Reviewed-by: Catalin Marinas Signed-off-by: Ankit Agrawal --- arch/arm64/kvm/mmu.c | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c index d14504821b79..1742fdccb432 100644 --- a/arch/arm64/kvm/mmu.c +++ b/arch/arm64/kvm/mmu.c @@ -1381,7 +1381,7 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, int ret = 0; bool write_fault, writable, force_pte = false; bool exec_fault, mte_allowed; - bool device = false; + bool device = false, vfio_allow_any_uc = false; unsigned long mmu_seq; struct kvm *kvm = vcpu->kvm; struct kvm_mmu_memory_cache *memcache = &vcpu->arch.mmu_page_cache; @@ -1472,6 +1472,8 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, gfn = fault_ipa >> PAGE_SHIFT; mte_allowed = kvm_vma_mte_allowed(vma); + vfio_allow_any_uc = vma->vm_flags & VM_ALLOW_ANY_UNCACHED; + /* Don't use the VMA after the unlock -- it may have vanished */ vma = NULL; @@ -1557,10 +1559,14 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, if (exec_fault) prot |= KVM_PGTABLE_PROT_X; - if (device) - prot |= KVM_PGTABLE_PROT_DEVICE; - else if (cpus_have_final_cap(ARM64_HAS_CACHE_DIC)) + if (device) { + if (vfio_allow_any_uc) + prot |= KVM_PGTABLE_PROT_NORMAL_NC; + else + prot |= KVM_PGTABLE_PROT_DEVICE; + } else if (cpus_have_final_cap(ARM64_HAS_CACHE_DIC)) { prot |= KVM_PGTABLE_PROT_X; + } /* * Under the premise of getting a FSC_PERM fault, we just need to relax From patchwork Tue Feb 20 07:29:26 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ankit Agrawal X-Patchwork-Id: 13563530 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 02A80C48BC4 for ; Tue, 20 Feb 2024 07:31:12 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 8D61B8D0003; Tue, 20 Feb 2024 02:31:12 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 8860F8D0001; Tue, 20 Feb 2024 02:31:12 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 727638D0003; Tue, 20 Feb 2024 02:31:12 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 63B278D0001 for ; Tue, 20 Feb 2024 02:31:12 -0500 (EST) Received: from smtpin17.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 3530D8058B for ; Tue, 20 Feb 2024 07:31:12 +0000 (UTC) X-FDA: 81811361184.17.3C928B7 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2059.outbound.protection.outlook.com [40.107.94.59]) by imf26.hostedemail.com (Postfix) with ESMTP id 6B996140003 for ; Tue, 20 Feb 2024 07:31:09 +0000 (UTC) Authentication-Results: imf26.hostedemail.com; dkim=pass header.d=Nvidia.com header.s=selector2 header.b="iQ1Ht/1l"; dmarc=pass (policy=reject) header.from=nvidia.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf26.hostedemail.com: domain of ankita@nvidia.com designates 40.107.94.59 as permitted sender) smtp.mailfrom=ankita@nvidia.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1708414269; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=xnAqZkcNokEttrDLhF6HxAeD/JKRA/iQvz7b26LJdsc=; b=0iIovpsuZ6EdzDKzDI5Or7hJ3/VxW1hRXygud0XaZTy05sM3jOdzfGm1JLXkPCXEB5kVOA pqmB5bEzIHaMBscV4adiaam08UplRcbR1c27ZQ0NWqM+AXBcc0J41oCqw5Ds/+m8fo2yIx 2pyC0tE3zVX8xZDTEU66VocGpek/+Jc= ARC-Authentication-Results: i=2; imf26.hostedemail.com; dkim=pass header.d=Nvidia.com header.s=selector2 header.b="iQ1Ht/1l"; dmarc=pass (policy=reject) header.from=nvidia.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf26.hostedemail.com: domain of ankita@nvidia.com designates 40.107.94.59 as permitted sender) smtp.mailfrom=ankita@nvidia.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1708414269; a=rsa-sha256; cv=pass; b=ezClkiH9UUUideanQxydUEYfRiFT+SvbuTsHbzg75SXLjPIUahaLFwPN424e2UOW3qvCJu S1DB9ghGM4BPxp3iBSiYNEYMDahpYjjWKiCcx3btEVeHTuHXk5xQnNgP4dbjLJ36+h2iuQ izSr4FaqTU8/N1vvk5+uoWmK6r0Onq4= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Hl3lYAmmFABsVsUk1SDzYUkVtZLoj1GgpwcxQOjAPyzsHV0uurKn4hYPQvhSuY7tV4HvE7yIrdx2qerPizygWuTuvj1lXZOkyv3qaThSUE0aNuEsfTz07SEfjLKZ3rTmXkuawA3+aneKswTEdDZKmZ3XqrGRZyoq2PSoQMiQSrbYxctBd2IvlGIbkzqQ2HzxT6iDIpTFLYRqa/zcPbVZc+ba67tgvuIhadXALYMim+QgTxv65+DGUR/JG7sBcy6ulPeBVeaAWJcyJz7LfnKRGGaUGJe05lMk/2qghuDKSdFcmDDY9dzmR4V8BSAuJ5oLBDqAVFLNuB0TOXFhpOFs9g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=xnAqZkcNokEttrDLhF6HxAeD/JKRA/iQvz7b26LJdsc=; b=M39CV30MF/HSpEwVRamVqWQFdwS20GHXoJSaAM2p0Zdcr/uPgZDQ/E8+9RHFZnM2TBz7Xrs/lJXKzwR79AZYNeHS/dqnwvN+ivOjtnetM0Kgf9D0IoxxB08b7+BMCwGKeCwnibu3RyIBgb5RJgLbZ3hRDwAMUaycfeBLJEUXQveMm9tzePqRVc6Uy24/OO0AFL7Qz6+c78nZaKgspSXG05nOLl8ljWy9+vvnC+1j1/fIfHORzD8tzHXRU/y4csk9yBTwN20A1P3pkSpGMgUsY7wBXdFmLfpi+lFHbjJfLr0a1Exg11/D0pnQo70lgSUYZxOgrf1W0AaH3s/RM9KbOA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.160) smtp.rcpttodomain=kernel.org smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xnAqZkcNokEttrDLhF6HxAeD/JKRA/iQvz7b26LJdsc=; b=iQ1Ht/1lVZO8OZto6mOfBzOWGopZqaI5KTESNGP3TecPcSBOFNfBokJW6Xkd3SI0XMOOhAd3FBWMazX72IRXe4edWZOT1bdVk2Pa17LhNB3b/VZyA0RLtFNIRANprPwdfvXYETSskBEqfkFoeitg2AkE+lR48cwDldLA9uGE65wwYDuT9ALIDEjkCIcOG38Y2D4EVnfijMrecyxd09yS58Ck+JSaYIAza9GruN1+sWXZloMTFMuFT6HLRCXhlMOGqtKj2MeyVQGvgG1OhxcrXJfncTDVrmMvyqUG3hjntrNile3EGnjM+l0zj5WamvrDwKEINHYePAW54si3+OYHHQ== Received: from CYXPR02CA0078.namprd02.prod.outlook.com (2603:10b6:930:ce::16) by CO6PR12MB5490.namprd12.prod.outlook.com (2603:10b6:303:13d::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7316.20; Tue, 20 Feb 2024 07:31:06 +0000 Received: from CY4PEPF0000FCC2.namprd03.prod.outlook.com (2603:10b6:930:ce:cafe::c4) by CYXPR02CA0078.outlook.office365.com (2603:10b6:930:ce::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7292.39 via Frontend Transport; Tue, 20 Feb 2024 07:31:06 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.160) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.160 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.160; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.160) by CY4PEPF0000FCC2.mail.protection.outlook.com (10.167.242.104) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7292.25 via Frontend Transport; Tue, 20 Feb 2024 07:31:05 +0000 Received: from rnnvmail205.nvidia.com (10.129.68.10) by mail.nvidia.com (10.129.200.66) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.41; Mon, 19 Feb 2024 23:30:37 -0800 Received: from rnnvmail202.nvidia.com (10.129.68.7) by rnnvmail205.nvidia.com (10.129.68.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.12; Mon, 19 Feb 2024 23:30:37 -0800 Received: from sgarnayak-dt.nvidia.com (10.127.8.9) by mail.nvidia.com (10.129.68.7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.12 via Frontend Transport; Mon, 19 Feb 2024 23:30:24 -0800 From: To: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , CC: , , , , , , , , , , , , , , Subject: [PATCH v8 4/4] vfio: convey kvm that the vfio-pci device is wc safe Date: Tue, 20 Feb 2024 12:59:26 +0530 Message-ID: <20240220072926.6466-5-ankita@nvidia.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20240220072926.6466-1-ankita@nvidia.com> References: <20240220072926.6466-1-ankita@nvidia.com> MIME-Version: 1.0 X-NV-OnPremToCloud: ExternallySecured X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000FCC2:EE_|CO6PR12MB5490:EE_ X-MS-Office365-Filtering-Correlation-Id: ca6f1e37-2f67-42b9-2cc3-08dc31e5e61d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: ZPxQ8GbEkSvLOBerMzuGU69zQzy7PyYzNBC7d6g2WxpR9tao6hI77HbWfD2eEuu2k3TWrJ4HWzvHb9S4OLYHTJBUq2N/+FhdP7+bAnGZ5V0prD65XoFnqDMO1fCa5DmV2qZWBhDhU1aEY9z++Cu5+8J0hbE4J9+tjzzN6ghurQP/NMqCDU/ed9QR+vFckQAhnAfH5VAM+tTy464XkWX+UCKLlotcT+dZpMpeRh8oLe29A83EpMjj82LEPPiQ6dtJIWonyofQ48pcls5BR7Pomap/yf+ZsLSS3h2BPknECLU0iCG17AVE5rCNRUQmVwoDL9b71TN23kVdXE2Jq/YhCylFK7ztV8M+t3dadu7+unyYP2c5ORQ/r9jHoKA7rEM59LzCTSQAFytXelNOrFvpFOR6piyBmYyasXCWL74Z17o/7AIWXj0Pv/L7Ul1Hj7ZySgup/eulIMJ2tiNqVngTu0jS1bRTe7SVDTPCB8I7rHIP36i3hpUTZEUmsExgVfwaENjx+QHqLgBVL9Zz7Jn4GSi6RyMNKadKoFZNDHtKCp69oRvsrJEBrS8DWlVXoc87uux9Pb0Uu/SaACnnhS1yjF48g5m2rMjFQjYWONvmoQ327VGzZwqxMsyoozH6qKMdY1kbA4qrKSOYKag6blLUvGIYNoTLjn4k1TpCFXfy7tg= X-Forefront-Antispam-Report: CIP:216.228.117.160;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge1.nvidia.com;CAT:NONE;SFS:(13230031)(36860700004)(46966006)(40470700004)(921011);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2024 07:31:05.5367 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: ca6f1e37-2f67-42b9-2cc3-08dc31e5e61d X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.160];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000FCC2.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO6PR12MB5490 X-Rspamd-Queue-Id: 6B996140003 X-Rspam-User: X-Rspamd-Server: rspam05 X-Stat-Signature: 67mfcjoa9pgx4f7t6ej1gtakxmmgwk1m X-HE-Tag: 1708414269-356529 X-HE-Meta: U2FsdGVkX1/rMP07HWV07AMwwhSoFgoUCZpQyyeKBJVxBMD1UjxG+sh2qZgGDE4lE+zy4yiqt86I9UShpABRuFvB5Mj5L6sBUsec1k3d4Yp0qNTtn2XuxrZjX7gsSDjSOE4QY+WeDQZw2MGWc4HKs03HPiRSs2mnEtao12cgn7ZcTgR5iNuUJWLoNw/rK6YHOOmUCv7R/11Y/f98SADwQmL3hFAngZYflX5Ll17wX6CRHnlj/Or5BELKVPPy+4MvavK10Qw8SaUseJXCShBWaYnQ89EKfEMQ0n6CZuOjV2ovnprEqxfT6bTd5t8TXdJJ+xBFcRhrNtY5Ti3JVyzFWsu9IPwRYN/9lItaYVZJyHP0lqm2k58oLo3wdDGdTvbK+xIxC8RG9jG10/9oZMp2FoxaObo1J1yev4leoZ1p4HNpRSI7pOaezmYm+EdXE6HP2raMZYtj4xGVnkGaq2On1QEeH/mbvOC5X4su1CXW4oC1OO0imVAX6a87+DF40Ia+XYqc3AaxHGZJa1MAJIIIaILNh0wfVWW1mQ0n/pkE2G+bk3uvy4ix3kg2j5orR5ln5mg7hdiwqCKyoHmy7mp1bo5/pNxhiM1sW0P2P0OfeT5Xb6g2EbTdWEmK9GM01EokMh4A5B5NZyEO2I4JotODgRriw3xMreGOgInYrkTztLrAAkZ4nI/vMVnORISklm3yLhbCvpo9rFHex4map8a9HpBHEcmJXoIQkdCrKg8DsDTu8tWazo1SsFGq1sDJmnkHiuHF6fBbMEe2KIlG/kx5v7BjIKN3p/fGzE7n/8+mmjozu34WdgXFi0R6W9a0zVeBvcIZD8nTvdyBdHY0fRKwj+CYgaaGrOPRxk+gmmmcePB5M6dyctmzmkLp8edsV9LVZomwZ/LKGDQTHP5GeMtULw== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Ankit Agrawal The VM_ALLOW_ANY_UNCACHED flag is implemented for ARM64, allowing KVM stage 2 device mapping attributes to use Normal-NC rather than DEVICE_nGnRE, which allows guest mappings supporting combining attributes (WC). ARM does not architecturally guarantee this is safe, and indeed some MMIO regions like the GICv2 VCPU interface can trigger uncontained faults if Normal-NC is used. To safely use VFIO in KVM the platform must guarantee full safety in the guest where no action taken against a MMIO mapping can trigger an uncontained failure. We belive that most VFIO PCI platforms support this for both mapping types, at least in common flows, based on some expectations of how PCI IP is integrated. So make vfio-pci set the VM_ALLOW_ANY_UNCACHED flag. Suggested-by: Catalin Marinas Acked-by: Jason Gunthorpe Acked-by: Catalin Marinas Reviewed-by: David Hildenbrand Signed-off-by: Ankit Agrawal Acked-by: Alex Williamson --- drivers/vfio/pci/vfio_pci_core.c | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/drivers/vfio/pci/vfio_pci_core.c b/drivers/vfio/pci/vfio_pci_core.c index 1cbc990d42e0..c93bea18fc4b 100644 --- a/drivers/vfio/pci/vfio_pci_core.c +++ b/drivers/vfio/pci/vfio_pci_core.c @@ -1862,8 +1862,24 @@ int vfio_pci_core_mmap(struct vfio_device *core_vdev, struct vm_area_struct *vma /* * See remap_pfn_range(), called from vfio_pci_fault() but we can't * change vm_flags within the fault handler. Set them now. + * + * VM_ALLOW_ANY_UNCACHED: The VMA flag is implemented for ARM64, + * allowing KVM stage 2 device mapping attributes to use Normal-NC + * rather than DEVICE_nGnRE, which allows guest mappings + * supporting combining attributes (WC). ARM does not + * architecturally guarantee this is safe, and indeed some MMIO + * regions like the GICv2 VCPU interface can trigger uncontained + * faults if Normal-NC is used. + * + * To safely use VFIO in KVM the platform must guarantee full + * safety in the guest where no action taken against a MMIO + * mapping can trigger an uncontained failure. We belive that + * most VFIO PCI platforms support this for both mapping types, + * at least in common flows, based on some expectations of how + * PCI IP is integrated. So set VM_ALLOW_ANY_UNCACHED in VMA flags. */ - vm_flags_set(vma, VM_IO | VM_PFNMAP | VM_DONTEXPAND | VM_DONTDUMP); + vm_flags_set(vma, VM_ALLOW_ANY_UNCACHED | VM_IO | VM_PFNMAP | + VM_DONTEXPAND | VM_DONTDUMP); vma->vm_ops = &vfio_pci_mmap_ops; return 0;