From patchwork Thu Feb 22 16:10:22 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 13567558 Received: from mail-yb1-f201.google.com (mail-yb1-f201.google.com [209.85.219.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5A3EC14F9FD for ; Thu, 22 Feb 2024 16:10:54 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618256; cv=none; b=SOHlF2EyDmRTTma0le/OTGwGHPBX3w4gWYzGhMYAFtoluII4kQ9X04es04YAhd2s/qc/Q+R7NwIIj03akDmqjzkhXgBY7PH4z9EyxIiTALnfwGkwCnWIK7PW6obRv0/xHEdlrJ1CPNOxWo7/+fa/xStcITmD3kfBws0/7kFQLVM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618256; c=relaxed/simple; bh=EzVThhpsjIFmZ6APONr+3YQMg6Kc3S6m7HggcVHh5j0=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=puRHtkDynX4e90U2mNgZvVPYuw2AxoT/XtIRwtnvWf9zHZXGS4IbawSo6zSIkvDdKjlQbzvmgYqoACCZvZr03qD4RUppHaeO4/L+xmCwH0PmtqJHeArkW5A79RXMLfjFoTs/VQApUHrXl0uNPcaAh1DlL7/hZIYbRiTpgLwQdwM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=3jsVxVa6; arc=none smtp.client-ip=209.85.219.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="3jsVxVa6" Received: by mail-yb1-f201.google.com with SMTP id 3f1490d57ef6-dce775fa8adso3966079276.1 for ; Thu, 22 Feb 2024 08:10:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708618253; x=1709223053; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=p2sRNr14w+/34TVEz20+9bKFlKpUm8pWMLvdxv53Wkw=; b=3jsVxVa6/k1QsRE/B8qD5CYphIDJuXLxlDuM7GhEw9XUCwUonJy7GLg0o1Oe2ReZLR 6pQ2wS45jkS7M4GuYoLDKM6ZPNTaRwAhIEaqYBxUlIc0vn3y06qviW0Vyer8RgjXWBka 30VVufAU9dpp63W98Izq7NnFcu13OOdWBfNZ6ac8slsVzHpJ2KippQHVCQYjRsRJKcgj XIdExzqXPsl7r0/PM03suiDSRoKh878+4M6ndcVDdmaKwD2+BIRm0dtv5AIwDEcnX/YH 7ZPCmJ2i6aBrcSx9ErbJiVwRBJ29d0/0tvc3FqEcxlyJArl+3HgiK8wbdVh2+sKH9UC/ Im1w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708618253; x=1709223053; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=p2sRNr14w+/34TVEz20+9bKFlKpUm8pWMLvdxv53Wkw=; b=g7NNHJm1Of106nmQtqMOqJ/dH+zsPOoFRNZIPuSOR+M2W4l4DP/bfXIYRUQzSyZkqd P7rZn6LmBxAvtHgRW5s6x5q96HG+Z2QXQpjVXabIwL8sajPfbYV20nfxykROHRJLlCE5 xhfHeon9ermecYu0HI2qZQm3cSOZNVA5f4MmV3hYOgIOhRcbGzmzgkB/QgT6fy5+Kds0 4VPk9GtSxZdqBMKg6lXr4fcIxWrtCz2TyfNXtGHLD7d6zIoKmvLSLrfQetzCLy1C8w1I 5f8sUYjWpepu0JcoMO9SIFNT4R52rWQ2E3tnjbgmOc6bxfd7MAnylCrI3nW6Ia7Ufczi XueQ== X-Gm-Message-State: AOJu0YwsG23PU2aRq9xMbXATjUs/5MzxjzNCS9zu5LvEutTBLSNNCpjR JUwjEgzX0f7pS4/4pHa87IGZe7bU0+UrOZAL2C16VsSO8yCL2dxAWBnsg6pYWN8dneEMHNXFCQZ /Yu6+UWyChy98B1SB/7kPPHPWXhc5sBpDVF0WGz26M5OtuO+hQE//OlOFwnPfIlvoDhofpoFEsM Pt3MvKUdRFVLvOpo0UynW66fM= X-Google-Smtp-Source: AGHT+IFYCuijTJVxj0GlLBJa9Pm0/DDmJE1649EzPWKeem3CrEc4NAZWsIRZhFfSZlUHJsQteNJxT4RkUg== X-Received: from fuad.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:1613]) (user=tabba job=sendgmr) by 2002:a25:abd0:0:b0:dc6:5396:c0d4 with SMTP id v74-20020a25abd0000000b00dc65396c0d4mr723248ybi.1.1708618252702; Thu, 22 Feb 2024 08:10:52 -0800 (PST) Date: Thu, 22 Feb 2024 16:10:22 +0000 In-Reply-To: <20240222161047.402609-1-tabba@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222161047.402609-1-tabba@google.com> X-Mailer: git-send-email 2.44.0.rc1.240.g4c46232300-goog Message-ID: <20240222161047.402609-2-tabba@google.com> Subject: [RFC PATCH v1 01/26] KVM: Split KVM memory attributes into user and kernel attributes From: Fuad Tabba To: kvm@vger.kernel.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, tabba@google.com Currently userspace can set all KVM memory attributes. Future patches will add new attributes that should only be set by the kernel. Split the attribute space into two parts, one that userspace can set, and one that can only be set by the kernel. This patch introduces two new functions, kvm_vm_set_mem_attributes_kernel() and kvm_vm_set_mem_attributes_user(), whereby each sets the attributes associated with the kernel or with userspace, without clobbering the other's attributes. Since these attributes are stored in an xarray, do the split at bit 16, so that this would still work on 32-bit architectures if needed. Signed-off-by: Fuad Tabba --- include/linux/kvm_host.h | 3 +++ include/uapi/linux/kvm.h | 3 +++ virt/kvm/kvm_main.c | 36 +++++++++++++++++++++++++++++++----- 3 files changed, 37 insertions(+), 5 deletions(-) diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h index 7df0779ceaba..4cacf2a9a5d5 100644 --- a/include/linux/kvm_host.h +++ b/include/linux/kvm_host.h @@ -1438,6 +1438,9 @@ vm_fault_t kvm_arch_vcpu_fault(struct kvm_vcpu *vcpu, struct vm_fault *vmf); int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext); +int kvm_vm_set_mem_attributes_kernel(struct kvm *kvm, gfn_t start, gfn_t end, + unsigned long attributes); + void kvm_arch_mmu_enable_log_dirty_pt_masked(struct kvm *kvm, struct kvm_memory_slot *slot, gfn_t gfn_offset, diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 59e7f5fd74e1..0862d6cc3e66 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -2225,6 +2225,9 @@ struct kvm_memory_attributes { #define KVM_MEMORY_ATTRIBUTE_PRIVATE (1ULL << 3) +#define KVM_MEMORY_ATTRIBUTES_KERNEL_SHIFT (16) +#define KVM_MEMORY_ATTRIBUTES_KERNEL_MASK GENMASK(63, KVM_MEMORY_ATTRIBUTES_KERNEL_SHIFT) + #define KVM_CREATE_GUEST_MEMFD _IOWR(KVMIO, 0xd4, struct kvm_create_guest_memfd) struct kvm_create_guest_memfd { diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index 8f0dec2fa0f1..fba4dc6e4107 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -2536,8 +2536,8 @@ static bool kvm_pre_set_memory_attributes(struct kvm *kvm, } /* Set @attributes for the gfn range [@start, @end). */ -static int kvm_vm_set_mem_attributes(struct kvm *kvm, gfn_t start, gfn_t end, - unsigned long attributes) +static int __kvm_vm_set_mem_attributes(struct kvm *kvm, gfn_t start, gfn_t end, + unsigned long attributes, bool userspace) { struct kvm_mmu_notifier_range pre_set_range = { .start = start, @@ -2559,8 +2559,6 @@ static int kvm_vm_set_mem_attributes(struct kvm *kvm, gfn_t start, gfn_t end, void *entry; int r = 0; - entry = attributes ? xa_mk_value(attributes) : NULL; - mutex_lock(&kvm->slots_lock); /* Nothing to do if the entire range as the desired attributes. */ @@ -2580,6 +2578,17 @@ static int kvm_vm_set_mem_attributes(struct kvm *kvm, gfn_t start, gfn_t end, kvm_handle_gfn_range(kvm, &pre_set_range); for (i = start; i < end; i++) { + /* Maintain kernel/userspace attributes separately. */ + unsigned long attr = xa_to_value(xa_load(&kvm->mem_attr_array, i)); + + if (userspace) + attr &= KVM_MEMORY_ATTRIBUTES_KERNEL_MASK; + else + attr &= ~KVM_MEMORY_ATTRIBUTES_KERNEL_MASK; + + attributes |= attr; + entry = attributes ? xa_mk_value(attributes) : NULL; + r = xa_err(xa_store(&kvm->mem_attr_array, i, entry, GFP_KERNEL_ACCOUNT)); KVM_BUG_ON(r, kvm); @@ -2592,6 +2601,23 @@ static int kvm_vm_set_mem_attributes(struct kvm *kvm, gfn_t start, gfn_t end, return r; } + +int kvm_vm_set_mem_attributes_kernel(struct kvm *kvm, gfn_t start, gfn_t end, + unsigned long attributes) +{ + attributes &= KVM_MEMORY_ATTRIBUTES_KERNEL_MASK; + + return __kvm_vm_set_mem_attributes(kvm, start, end, attributes, false); +} + +static int kvm_vm_set_mem_attributes_userspace(struct kvm *kvm, gfn_t start, gfn_t end, + unsigned long attributes) +{ + attributes &= ~KVM_MEMORY_ATTRIBUTES_KERNEL_MASK; + + return __kvm_vm_set_mem_attributes(kvm, start, end, attributes, true); +} + static int kvm_vm_ioctl_set_mem_attributes(struct kvm *kvm, struct kvm_memory_attributes *attrs) { @@ -2617,7 +2643,7 @@ static int kvm_vm_ioctl_set_mem_attributes(struct kvm *kvm, */ BUILD_BUG_ON(sizeof(attrs->attributes) != sizeof(unsigned long)); - return kvm_vm_set_mem_attributes(kvm, start, end, attrs->attributes); + return kvm_vm_set_mem_attributes_userspace(kvm, start, end, attrs->attributes); } #endif /* CONFIG_KVM_GENERIC_MEMORY_ATTRIBUTES */ From patchwork Thu Feb 22 16:10:23 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 13567559 Received: from mail-yb1-f201.google.com (mail-yb1-f201.google.com [209.85.219.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 78EF4151CC1 for ; Thu, 22 Feb 2024 16:10:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618258; cv=none; b=Yp3i6BTO9TPxn2EmdnQj4MDF8WtWmvn2GP98Nt40tjAZl56AoBhU6lsS4gAEt1dthFpAXSxhD7Yn7TVX95zWJ64fhdSx1Q+Nz+eu5+44V4Rv5ZRrSBk2Z6G6Zdtir6GRVP6cqmvcQGLONOjBxjbVrbzuNg4mdq4h32j+X+O0e1I= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618258; c=relaxed/simple; bh=L5WT52gMMJoNFswLSJnRNRF/xTYkLi12ITiLgSSDiDU=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=C6SZDfqJ6Y7Jtp5elWBi+5zFnI99vEZ73VYOIX+DwoeTVcv0VSbah+GbcnjS3CTNcIoX9h7gKfoh7MnFaSRpRTdpHrDbkjKHJL30XTVk6Ar+bYDB24CT1XiKcoIOcydyr0WUpnUXpd0fYFEc5f7CiykuZupOuhW3lk75O/1q4Mw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=p5qUwkNV; arc=none smtp.client-ip=209.85.219.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="p5qUwkNV" Received: by mail-yb1-f201.google.com with SMTP id 3f1490d57ef6-dc6b269686aso12494007276.1 for ; Thu, 22 Feb 2024 08:10:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708618255; x=1709223055; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=5YmtKJX2F3rSkV1iqMOa4w31T6JycNyoitnxkU4chz4=; b=p5qUwkNVHpIwDXMbO+n7i87Y1UqHXbHdNXUy/mwQaj2QLd4aJ4w3Fcl8o28YQzGtRN YOK9pELKyuDO9DL8M1L80OGwOHO6TNElDIA++/nTNvTGsiJ6SkcoxX51mvXi71Q7chpD V8k4kbQCq46b8fgANWjbmoeQFbqOPtIQK0rA06ByLXrypjS7QWEtA64SIKiq0NhCX0w8 VFLova57hdeijRfEt6FQJyuLSRWqrvKV9zJW64kLVZqszhDVUOj9VH5+kGbPnvesDMdk FrBaEHzTSe1xL3XWcUZYrxzJ6B8aHC/D6Nlt20fVtPUXWRrXtVUs2P9aMK/sL+t8k2v8 Df1w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708618255; x=1709223055; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=5YmtKJX2F3rSkV1iqMOa4w31T6JycNyoitnxkU4chz4=; b=XlHYcFhuqGdLdPb8l6RswVh2WN/1w8CUggWCUfZ9c9hNzQSminVvBvDHrRyM4lVVau goizE1jopJzXxdFSKqnXIXw6RB4xaDeNwT3xz+dCoK82wyLbSoMWoFm3/lG6xE9FiOjp iFehVJ9GGRHPgynVUhO2SdVS2OB5SaQw4EnfB410J8ndIYrS5sjHoIgYafiPDZpslw0q 0pKwiWRx4ixKmltZ0KAPf3VPIUd7xP1juvpT7oSOWUJ9d0q+By4iYu/YM9aiVr+TzSHO lqA1aDzoDa45NJOAuc/yMuKIBCsDG6GdRVWOi7iuc5NH3N5Gp7o3RWT+2iC9KuRnktDv 0kFQ== X-Gm-Message-State: AOJu0Yyd1qAPV60BH3DeH9ji4SaVCE5BpvaaF9FA4kbDoOBug3rGvTsc nX0TJL+W6xEkdAIfGx3z4P8iVimQ6I+8GNgdw09/3k/5jgkPWtCQzTo8xrE533OYEHo/gF/GT/H 63cOtNo7LyPVEOUuN5nWqjKd+EqWQtJaFA3EA7mjQ5nJjWLzsSSbC2tX8I/q8G9t2afZ0B8lzrs Ij+eNHXKlEP9SBzEvgMt7+sBI= X-Google-Smtp-Source: AGHT+IEJ5uDx0DBdRtl2OUTBaLLNNcO1acG4EdiHb1aZlJ2UWKKk0H2LLLVqC/b2Z95QlvaYQ480iTjpKQ== X-Received: from fuad.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:1613]) (user=tabba job=sendgmr) by 2002:a05:6902:1146:b0:dce:5218:c89b with SMTP id p6-20020a056902114600b00dce5218c89bmr123764ybu.5.1708618255038; Thu, 22 Feb 2024 08:10:55 -0800 (PST) Date: Thu, 22 Feb 2024 16:10:23 +0000 In-Reply-To: <20240222161047.402609-1-tabba@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222161047.402609-1-tabba@google.com> X-Mailer: git-send-email 2.44.0.rc1.240.g4c46232300-goog Message-ID: <20240222161047.402609-3-tabba@google.com> Subject: [RFC PATCH v1 02/26] KVM: Introduce kvm_gmem_get_pfn_locked(), which retains the folio lock From: Fuad Tabba To: kvm@vger.kernel.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, tabba@google.com Create a new variant of kvm_gmem_get_pfn(), which retains the folio lock if it returns successfully. Signed-off-by: Fuad Tabba --- include/linux/kvm_host.h | 11 +++++++++++ virt/kvm/guest_memfd.c | 21 ++++++++++++++++++--- 2 files changed, 29 insertions(+), 3 deletions(-) diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h index 4cacf2a9a5d5..b96abeeb2b65 100644 --- a/include/linux/kvm_host.h +++ b/include/linux/kvm_host.h @@ -2381,6 +2381,8 @@ static inline bool kvm_mem_is_private(struct kvm *kvm, gfn_t gfn) #ifdef CONFIG_KVM_PRIVATE_MEM int kvm_gmem_get_pfn(struct kvm *kvm, struct kvm_memory_slot *slot, gfn_t gfn, kvm_pfn_t *pfn, int *max_order); +int kvm_gmem_get_pfn_locked(struct kvm *kvm, struct kvm_memory_slot *slot, + gfn_t gfn, kvm_pfn_t *pfn, int *max_order); #else static inline int kvm_gmem_get_pfn(struct kvm *kvm, struct kvm_memory_slot *slot, gfn_t gfn, @@ -2389,6 +2391,15 @@ static inline int kvm_gmem_get_pfn(struct kvm *kvm, KVM_BUG_ON(1, kvm); return -EIO; } + +static inline int kvm_gmem_get_pfn_locked(struct kvm *kvm, + struct kvm_memory_slot *slot, + gfn_t gfn, kvm_pfn_t *pfn, + int *max_order) +{ + KVM_BUG_ON(1, kvm); + return -EIO; +} #endif /* CONFIG_KVM_PRIVATE_MEM */ #endif diff --git a/virt/kvm/guest_memfd.c b/virt/kvm/guest_memfd.c index 0f4e0cf4f158..7e3ea7a3f086 100644 --- a/virt/kvm/guest_memfd.c +++ b/virt/kvm/guest_memfd.c @@ -482,8 +482,8 @@ void kvm_gmem_unbind(struct kvm_memory_slot *slot) fput(file); } -int kvm_gmem_get_pfn(struct kvm *kvm, struct kvm_memory_slot *slot, - gfn_t gfn, kvm_pfn_t *pfn, int *max_order) +int kvm_gmem_get_pfn_locked(struct kvm *kvm, struct kvm_memory_slot *slot, + gfn_t gfn, kvm_pfn_t *pfn, int *max_order) { pgoff_t index = gfn - slot->base_gfn + slot->gmem.pgoff; struct kvm_gmem *gmem; @@ -523,10 +523,25 @@ int kvm_gmem_get_pfn(struct kvm *kvm, struct kvm_memory_slot *slot, r = 0; out_unlock: - folio_unlock(folio); + if (r) + folio_unlock(folio); out_fput: fput(file); return r; } +EXPORT_SYMBOL_GPL(kvm_gmem_get_pfn_locked); + +int kvm_gmem_get_pfn(struct kvm *kvm, struct kvm_memory_slot *slot, + gfn_t gfn, kvm_pfn_t *pfn, int *max_order) +{ + int r; + + r = kvm_gmem_get_pfn_locked(kvm, slot, gfn, pfn, max_order); + if (r) + return r; + + unlock_page(pfn_to_page(*pfn)); + return 0; +} EXPORT_SYMBOL_GPL(kvm_gmem_get_pfn); From patchwork Thu Feb 22 16:10:24 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 13567560 Received: from mail-yb1-f202.google.com (mail-yb1-f202.google.com [209.85.219.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 18AED1534E3 for ; Thu, 22 Feb 2024 16:10:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618260; cv=none; b=KX7sPk9D1oCJEScHxOdGHMTZChdM/zjwQZ5swDRH3gq56VbZkbRxHKtnUyR+F/hWpqwbd2K8LVHfDJVCEeMmbXl/0lsIbnE6BdOOpPnZviyuSvVtHxUUuMGs7M3j+NcWeq54CbD23JrW43T/QFTsa2XGGf6ylImZW9TrtWPSyD4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618260; c=relaxed/simple; bh=us7/QCjxe2pxBhm9N56dE2zxrpgAV3//d0wRLBscLX4=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=VvVuwiKjrUKs8vhAcFpLc9VbI10ho6iT9ywjubqNOF+EgCouAIDCrcC0tEK8nCFyxiF2FwLbENVFo0U8hwr4ouHMGHZIvdyM3tzdPF/JnGYnyUyu9T4FLXKOM+B00QleFfWR5Sukc5tacPOuFTHpfwYlkuyAJmpJMUtcL/d7ouM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=soxU7XzP; arc=none smtp.client-ip=209.85.219.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="soxU7XzP" Received: by mail-yb1-f202.google.com with SMTP id 3f1490d57ef6-dccc49ef73eso9747252276.2 for ; Thu, 22 Feb 2024 08:10:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708618258; x=1709223058; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=yE4jGMdyyWeWXwgLR+PwPglC0gS24rScRzYQNSe4bRs=; b=soxU7XzP+FYP2AmkWYNlcE5Tk3bugMU9GFUK3lOYh3X6AVQzkXu/J7s9gcr7c/Nzyh zgQjFM02/QfftF++wcTjMT3VUfdYp3ZZszktNf51QZQbWPc4j2wVnfUxRRzNR/jqSSq8 vs6ted1ExqIIaLbjHhPCRMdjwzAiJ6HTl56Ml4bokKRLKAHkgxniKijUNR1LyG8dzuI8 hH1SpkC4wcOdmNNuaLYyS7qdmWvmu9bZZnzmyMhHlNYo0vAnus9y6WuzuNU+1QFP1DwC +HMJHIJNaUFq+BwsaiktSGt2m95gEvO97hZwzRBjUTb3WBUHWU5flGF9RlpGry1vak1X TVSQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708618258; x=1709223058; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=yE4jGMdyyWeWXwgLR+PwPglC0gS24rScRzYQNSe4bRs=; b=Av/nwKTtHndO+2HsvGXE/1zuMzE19nZZkqPZN8hvrdvAIxL6Qm6/D7/GvbZHgDcbar wsso1nTLZUQ3fkdgc2jUpXLEVrAERwA1ttJwhl7HFm59kSXRXm34nXAd2ndTUxHmq2wF QSfRScrxrkazPiySjsN8xERR4V9XypojiB9UebE3/VkK8VV6hnsG/08wcko4Oh3JN/nm iU6pH8VcYoYOLczJ19iIfGUrhPe2Xi3s4KJ9p4d4qKWRaDNvENqRvw53QQZg0fM0n9hH 5yBLeiADtUW/FZyt7txJ9yQdpj0vscSUkDs3751b7hNKiq1CNQexZBErjGHj8OnoMTeL bpLg== X-Gm-Message-State: AOJu0YwXLZ3sEFb1B4PMZKes1yBiNBc7kw6zA6/eXxF0fkDwdtIyAvYA ONtWTSO+ZluX38TZpg1/IZuRqsDcy0v2bcZIQ8hiQ3PNBCZ+RR1AQdZRXxbHkR6Cwnbu4YmlJtr zFQEWCwpqF5fN/OagZKlKwQARIaVyRs3CGXm8PufRbEaEsobYQRExZ+/ZPSLydE8eoKtlbop9Qt 0s+AhZugHjuAqbBY8t6dpLtKo= X-Google-Smtp-Source: AGHT+IFQNtSID3YHaARgbjVSrCLasDYkP7ccSohNQiPNyCa1y1SXwVIunIxS8EvvGL64GrHD6XE4b9xaKA== X-Received: from fuad.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:1613]) (user=tabba job=sendgmr) by 2002:a05:6902:154f:b0:dc6:d890:1a97 with SMTP id r15-20020a056902154f00b00dc6d8901a97mr139007ybu.9.1708618257741; Thu, 22 Feb 2024 08:10:57 -0800 (PST) Date: Thu, 22 Feb 2024 16:10:24 +0000 In-Reply-To: <20240222161047.402609-1-tabba@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222161047.402609-1-tabba@google.com> X-Mailer: git-send-email 2.44.0.rc1.240.g4c46232300-goog Message-ID: <20240222161047.402609-4-tabba@google.com> Subject: [RFC PATCH v1 03/26] KVM: Add restricted support for mapping guestmem by the host From: Fuad Tabba To: kvm@vger.kernel.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, tabba@google.com Allow guestmem-backed memory to be mapped by the host if the configuration option is enabled, and the (newly added) KVM memory attribute KVM_MEMORY_ATTRIBUTE_NOT_MAPPABLE isn't set. This new attribute is a kernel attribute, which cannot be modified by userspace. This will be used in future patches so that KVM can decide whether to allow the host to map guest memory based on certain criteria, e.g., that the memory is shared with the host. This attribute has negative polarity (i.e., as opposed to being an ALLOW attribute), to simplify the code, since it will usually apply to memory marked as KVM_MEMORY_ATTRIBUTE_PRIVATE (i.e., already has an entry in the xarray). Its absence implies that there are no restrictions for mapping that memory by the host. An invariant that future patches will maintain is that memory that is private for the guest, regardless whether it's marked with the PRIVATE attribute, must always be NOT_MAPPABLE. Signed-off-by: Fuad Tabba --- include/linux/kvm_host.h | 13 ++++++++ include/uapi/linux/kvm.h | 1 + virt/kvm/Kconfig | 4 +++ virt/kvm/guest_memfd.c | 68 ++++++++++++++++++++++++++++++++++++++++ 4 files changed, 86 insertions(+) diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h index b96abeeb2b65..fad296baa84e 100644 --- a/include/linux/kvm_host.h +++ b/include/linux/kvm_host.h @@ -2402,4 +2402,17 @@ static inline int kvm_gmem_get_pfn_locked(struct kvm *kvm, } #endif /* CONFIG_KVM_PRIVATE_MEM */ +#ifdef CONFIG_KVM_GENERIC_PRIVATE_MEM_MAPPABLE +static inline bool kvm_gmem_is_mappable(struct kvm *kvm, gfn_t gfn) +{ + return !(kvm_get_memory_attributes(kvm, gfn) & + KVM_MEMORY_ATTRIBUTE_NOT_MAPPABLE); +} +#else +static inline bool kvm_gmem_is_mappable(struct kvm *kvm, gfn_t gfn) +{ + return false; +} +#endif /* CONFIG_KVM_GENERIC_PRIVATE_MEM_MAPPABLE */ + #endif diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 0862d6cc3e66..b8db8fb88bbe 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -2227,6 +2227,7 @@ struct kvm_memory_attributes { #define KVM_MEMORY_ATTRIBUTES_KERNEL_SHIFT (16) #define KVM_MEMORY_ATTRIBUTES_KERNEL_MASK GENMASK(63, KVM_MEMORY_ATTRIBUTES_KERNEL_SHIFT) +#define KVM_MEMORY_ATTRIBUTE_NOT_MAPPABLE (1ULL << KVM_MEMORY_ATTRIBUTES_KERNEL_SHIFT) #define KVM_CREATE_GUEST_MEMFD _IOWR(KVMIO, 0xd4, struct kvm_create_guest_memfd) diff --git a/virt/kvm/Kconfig b/virt/kvm/Kconfig index 184dab4ee871..457019de9e6d 100644 --- a/virt/kvm/Kconfig +++ b/virt/kvm/Kconfig @@ -108,3 +108,7 @@ config KVM_GENERIC_PRIVATE_MEM select KVM_GENERIC_MEMORY_ATTRIBUTES select KVM_PRIVATE_MEM bool + +config KVM_GENERIC_PRIVATE_MEM_MAPPABLE + bool + depends on KVM_GENERIC_PRIVATE_MEM diff --git a/virt/kvm/guest_memfd.c b/virt/kvm/guest_memfd.c index 7e3ea7a3f086..ca3a5d8b1fa7 100644 --- a/virt/kvm/guest_memfd.c +++ b/virt/kvm/guest_memfd.c @@ -248,7 +248,75 @@ static inline struct file *kvm_gmem_get_file(struct kvm_memory_slot *slot) return get_file_active(&slot->gmem.file); } +#ifdef CONFIG_KVM_GENERIC_PRIVATE_MEM_MAPPABLE +static bool kvm_gmem_isfaultable(struct vm_fault *vmf) +{ + struct vm_area_struct *vma = vmf->vma; + struct kvm_gmem *gmem = vma->vm_file->private_data; + pgoff_t pgoff = vmf->pgoff; + struct kvm_memory_slot *slot; + struct kvm *kvm = gmem->kvm; + unsigned long index; + + xa_for_each_range(&gmem->bindings, index, slot, pgoff, pgoff) { + pgoff_t base_gfn = slot->base_gfn; + pgoff_t gfn_pgoff = slot->gmem.pgoff; + pgoff_t gfn = base_gfn + max(gfn_pgoff, pgoff) - gfn_pgoff; + + if (!kvm_gmem_is_mappable(kvm, gfn)) + return false; + } + + return true; +} + +static vm_fault_t kvm_gmem_fault(struct vm_fault *vmf) +{ + struct folio *folio; + + folio = kvm_gmem_get_folio(file_inode(vmf->vma->vm_file), vmf->pgoff); + if (!folio) + return VM_FAULT_SIGBUS; + + /* + * Check if the page is allowed to be faulted to the host, with the + * folio lock held to ensure that the check and incrementing the page + * count are protected by the same folio lock. + */ + if (!kvm_gmem_isfaultable(vmf)) { + folio_unlock(folio); + return VM_FAULT_SIGBUS; + } + + vmf->page = folio_file_page(folio, vmf->pgoff); + + return VM_FAULT_LOCKED; +} + +static const struct vm_operations_struct kvm_gmem_vm_ops = { + .fault = kvm_gmem_fault, +}; + +static int kvm_gmem_mmap(struct file *file, struct vm_area_struct *vma) +{ + /* No support for private mappings to avoid COW. */ + if ((vma->vm_flags & (VM_SHARED | VM_MAYSHARE)) != + (VM_SHARED | VM_MAYSHARE)) { + return -EINVAL; + } + + file_accessed(file); + vm_flags_set(vma, VM_DONTDUMP); + vma->vm_ops = &kvm_gmem_vm_ops; + + return 0; +} +#else +#define kvm_gmem_mmap NULL +#endif /* CONFIG_KVM_GENERIC_PRIVATE_MEM_MAPPABLE */ + static struct file_operations kvm_gmem_fops = { + .mmap = kvm_gmem_mmap, .open = generic_file_open, .release = kvm_gmem_release, .fallocate = kvm_gmem_fallocate, From patchwork Thu Feb 22 16:10:25 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 13567561 Received: from mail-yw1-f201.google.com (mail-yw1-f201.google.com [209.85.128.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9C7C81534FD for ; Thu, 22 Feb 2024 16:11:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618263; cv=none; b=nUzOtJcCWeHGaSV6/Dpq6jBacIUkxxhDE4HQnbq6cSGHrnif4rgZebddVmvwI/8BOKd/uvG2AZTRjNGhpj+5qI8/QkQzRnTLNqz8abrHQgDWD1wEUc/11LZqiPHGgnf7v+P/3x6AODHDI2fb3mth0QH6Dos3qgGapTTOg3+Ji80= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618263; c=relaxed/simple; bh=X9b1S6yNSBLD+mqNBTikNYnbyUMFTya7TpTup5Rt/FI=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=bPg1Wwbiwub9fTxfI4FJmfliCcvI9ISsO6KJPpObLzfOjr1zESbBs3KB9IePaE/GRrvXWNQJ0ZSM7mvLh3FdYX39cpo+fAwTORYAmbiHYiTdJphiaSHDg+g3tXBxXKeDcUUNHSTnVnSwtveHqHaLOAjXM+rBgeDbgk8I6VGYM/w= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=cCW49TC8; arc=none smtp.client-ip=209.85.128.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="cCW49TC8" Received: by mail-yw1-f201.google.com with SMTP id 00721157ae682-608a1a2723cso8054237b3.0 for ; Thu, 22 Feb 2024 08:11:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708618260; x=1709223060; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=s0Rj06sprumtF573AfEP0GeSqajU1zMKKEjxpZroPas=; b=cCW49TC8GNpbq2ahSG0M0hGEATSf7iIb/OP5GbDxu5NGPmi1KDvCYMbzfqLfS13fQt DutT2dVdtzcSBFskR12qV6KWi68lyUPlyrPsjNCsmikSku/8Nhz7EEVKRgyZVMuK28d3 oF2eGKUhaCL/t+jr3UyDONa5pQrmPwJ1sBpeXs2b8bGNk+BO+rh1qZsF6zH+qVMexdZ7 V3un8BmErThl0wSFqgdzGzwa9bL3D4LBCL7Db+aHDrV6zCEnHR4+HNbW8q1MdcOFWhqr MTd38/CApa7KbTL52dekIJ528vTfumLdOOdhHHToF8ltT5NmTrGuk5XgMhgSW+3WQbba iJAA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708618260; x=1709223060; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=s0Rj06sprumtF573AfEP0GeSqajU1zMKKEjxpZroPas=; b=KHx0a1kqyulgOy5E/PsVcgD9cl27aGa7s31pvsIlRWLCWw4M4Oc1G+FV0IadSvbFs5 u1ejte1sj/Fe1Xb4VJNZyVyniCPiJA5igITp6SaayeRUWEYAe8myo0eUeQxlYdLN+WFB eGePU1vUErbxjXzO5SsXkhwMS7d/Ko0FEhbhgmkvPtMOKFjU/0niLrUkdM8QaiDh13AZ aSsdlkO/YtVzz/7o6UeO5j0h5XLVrpWYbdIYBgyDKumcPm+FAw1CGeqPDKDDi5BwcqFv IEzVdNa6vmUgzuat7i+tubceFVle5w9yMO2XOYwA2nDZ7LBCpBFXTGLUEzkCFZFesdKD 551Q== X-Gm-Message-State: AOJu0Yxd0spj4tpZ0VnzauMUHzFCAXHXL4XiEux75BKg+SjTdszTeyQp 9vWsFkkfdkucVehUfHJd6dDkh5tWtWjqYUG7fwzqttXMVdI13SHKr4CVMQ9R7qpfQsDPizeNCK+ Uxsy634hFbghEAsRbnZwVeiUko01NvSviP+eF/SqjphBhh5aQHOprXPFfSjfHh4oHY+tDGEUcCW 7MAMmRWcWnKHTzNVPUd/SaqHQ= X-Google-Smtp-Source: AGHT+IFWb1sqSDVpFuZ3W8sqoZxZFPSTBJOjR01PwIQfs5Me2aRJCpsMpzSOCXlcfJYvEs2Ca8Gd5XNO5w== X-Received: from fuad.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:1613]) (user=tabba job=sendgmr) by 2002:a81:a014:0:b0:608:a89e:be89 with SMTP id x20-20020a81a014000000b00608a89ebe89mr174469ywg.3.1708618260297; Thu, 22 Feb 2024 08:11:00 -0800 (PST) Date: Thu, 22 Feb 2024 16:10:25 +0000 In-Reply-To: <20240222161047.402609-1-tabba@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222161047.402609-1-tabba@google.com> X-Mailer: git-send-email 2.44.0.rc1.240.g4c46232300-goog Message-ID: <20240222161047.402609-5-tabba@google.com> Subject: [RFC PATCH v1 04/26] KVM: Don't allow private attribute to be set if mapped by host From: Fuad Tabba To: kvm@vger.kernel.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, tabba@google.com Guest private memory should never be mapped by the host. Therefore, do not allow setting the private attribute to guest memory if that memory is mapped by the host. Signed-off-by: Fuad Tabba --- include/linux/kvm_host.h | 7 ++++++ virt/kvm/kvm_main.c | 51 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 58 insertions(+) diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h index fad296baa84e..f52d5503ddef 100644 --- a/include/linux/kvm_host.h +++ b/include/linux/kvm_host.h @@ -2408,11 +2408,18 @@ static inline bool kvm_gmem_is_mappable(struct kvm *kvm, gfn_t gfn) return !(kvm_get_memory_attributes(kvm, gfn) & KVM_MEMORY_ATTRIBUTE_NOT_MAPPABLE); } + +bool kvm_is_gmem_mapped(struct kvm *kvm, gfn_t gfn_start, gfn_t gfn_end); #else static inline bool kvm_gmem_is_mappable(struct kvm *kvm, gfn_t gfn) { return false; } + +static inline bool kvm_is_gmem_mapped(struct kvm *kvm, gfn_t gfn_start, gfn_t gfn_end) +{ + return false; +} #endif /* CONFIG_KVM_GENERIC_PRIVATE_MEM_MAPPABLE */ #endif diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index fba4dc6e4107..9f6ff314bda3 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -2516,6 +2516,48 @@ static __always_inline void kvm_handle_gfn_range(struct kvm *kvm, KVM_MMU_UNLOCK(kvm); } +#ifdef CONFIG_KVM_GENERIC_PRIVATE_MEM_MAPPABLE +bool kvm_is_gmem_mapped(struct kvm *kvm, gfn_t gfn_start, gfn_t gfn_end) +{ + struct kvm_memslot_iter iter; + + kvm_for_each_memslot_in_gfn_range(&iter, kvm_memslots(kvm), gfn_start, gfn_end) { + struct kvm_memory_slot *memslot = iter.slot; + gfn_t start, end, i; + + start = max(gfn_start, memslot->base_gfn); + end = min(gfn_end, memslot->base_gfn + memslot->npages); + if (WARN_ON_ONCE(start >= end)) + continue; + + for (i = start; i < end; i++) { + struct page *page; + bool is_mapped; + kvm_pfn_t pfn; + int ret; + + /* + * Check the page_mapcount with the page lock held to + * avoid racing with kvm_gmem_fault(). + */ + ret = kvm_gmem_get_pfn_locked(kvm, memslot, i, &pfn, NULL); + if (WARN_ON_ONCE(ret)) + continue; + + page = pfn_to_page(pfn); + is_mapped = page_mapcount(page); + unlock_page(page); + put_page(page); + + if (is_mapped) + return true; + } + } + + return false; +} +#endif /* CONFIG_KVM_GENERIC_PRIVATE_MEM_MAPPABLE */ + static bool kvm_pre_set_memory_attributes(struct kvm *kvm, struct kvm_gfn_range *range) { @@ -2565,6 +2607,15 @@ static int __kvm_vm_set_mem_attributes(struct kvm *kvm, gfn_t start, gfn_t end, if (kvm_range_has_memory_attributes(kvm, start, end, attributes)) goto out_unlock; + if (IS_ENABLED(CONFIG_KVM_GENERIC_PRIVATE_MEM_MAPPABLE) && userspace) { + /* Host-mapped memory cannot be private. */ + if ((attributes & KVM_MEMORY_ATTRIBUTE_PRIVATE) && + kvm_is_gmem_mapped(kvm, start, end)) { + r = -EPERM; + goto out_unlock; + } + } + /* * Reserve memory ahead of time to avoid having to deal with failures * partway through setting the new attributes. From patchwork Thu Feb 22 16:10:26 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 13567562 Received: from mail-wm1-f74.google.com (mail-wm1-f74.google.com [209.85.128.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B615C152DF4 for ; Thu, 22 Feb 2024 16:11:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618267; cv=none; b=H2QAw/R8zCOMbn+MdpmVz+LceXfvR1BZ86LCnu+5t5sJZ4Gn2RUxp88NUQ37z/r8X2MkqvuP+/WdoWnwcR1AMYJyHZY5m0fvh59czzHF61YmhyAUoB3bVyeoHrgNmYCU49RMK3u2Q3yXRYA2+GXkBzNDbtttjrkT2kAB3MMmI/c= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618267; c=relaxed/simple; bh=34CFzZBAcfeTUUnSxZLLwRxztPMpGbF0RaaQznrO7WE=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=mThOhuCyargHXlrgKNT4E60MUZzkOIHmw3kDr6yY4XFUBi/Bn5AqdQgKTDEq7S9UldKSeWu6hL6YId7LyQy5YOsC9kGbSfFpBon/n7y3TjHJfdmGXd5/hbgM7PQk8AtVoR6ldgsoy1uAc+0AIFRUdDuGCNkrY3C9C6k1khE82Ns= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=iIl0y3FK; arc=none smtp.client-ip=209.85.128.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="iIl0y3FK" Received: by mail-wm1-f74.google.com with SMTP id 5b1f17b1804b1-40e53200380so9902245e9.3 for ; Thu, 22 Feb 2024 08:11:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708618263; x=1709223063; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=ps0B2uWSs1/RQhbKakYOYB3FB0WNj1ejEuJDeJil1+8=; b=iIl0y3FKiwiLinLVYb/yCh/PxbQM824NYC9VJUkjpra7dUHVPvjlkB1JkvIjOBLpny mCgcdfiVSRwi0Om80HiB9A58Uvt9Q0ZdHPGsrnXbNu0VfjBU2y7wEOZ0/6mwzTVQL9ON rmiYE0BJnrXTsUBycB+1BcsxmdQem2MEaH1UGpIBEGLsdGy/Ike8qnGUbulpHanMfEPa b/cO5N41HpeWDTd8DQF8AtnVvOoh+NRWOkBVEnENPJRZZOh2fyGEZR3x4uMWy49be9h7 PYyuQRS8lMlk+yPZQlvG7Vrhht39zrPDqlJxWI464+0fapGFx/okEDoVqHtpbHxkjREi F4mw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708618263; x=1709223063; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=ps0B2uWSs1/RQhbKakYOYB3FB0WNj1ejEuJDeJil1+8=; b=AkOXpOYPI3jNHeN/nIfVW2jrK7bkcNT98FZlQiea3tHCSj2y3hhNBKsqb68qyjx22d ZkT4dUMurL78s8P0PYY17l3L0UlCDCfWZKHQ4Jtl/V2jyMNtnc/nXVOG1ETTxkrcWXAH RxQaaY4qd4DOhZe1G/DTinLtZI47MHawuJcTDruCBRCIqi086GCh4GJK2trSo+lr9xYZ 1c/fF26KGjk8DAwPxIX71L17CFT7ifDzVtMXw74cvLUytKC/puql7WviWpqJts3aqXVt d2PpjJNbotq24pUm+ltkxtY4TeyHOWczIpe4asAKvF5x9SI/VrNYdJZfX8P/9A9L9Xik CUYA== X-Gm-Message-State: AOJu0YwaKtf9RQ+IIFLjB8aLgmizfrK29MrM+OlQlQ+adm6BvEc2gkMW 9pjRXbJpsFqHcZqR+fs/aTo1muPUK7Y2l9KXkcdIyJp5Wdv6uPU67DFdLwP+DYmmkuZ7OHIggm9 Wcb3kh83ACBzpyLyxXN35nx46yMIXVwJJsWySwjJxL7vs6dRckoQk3CDpxAUoiuAntppQ1bReFd Re7N6sba6Gk3n91+gVUKw4Jw0= X-Google-Smtp-Source: AGHT+IHx3V/mRqxPnXGsf4wttfDhhzBtQLJct5h8U32Pa1DCbngXj0qYKMXJICyFPSYG82DXJTE7ZZxBNg== X-Received: from fuad.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:1613]) (user=tabba job=sendgmr) by 2002:a05:600c:5187:b0:412:8887:2946 with SMTP id fa7-20020a05600c518700b0041288872946mr4674wmb.3.1708618262659; Thu, 22 Feb 2024 08:11:02 -0800 (PST) Date: Thu, 22 Feb 2024 16:10:26 +0000 In-Reply-To: <20240222161047.402609-1-tabba@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222161047.402609-1-tabba@google.com> X-Mailer: git-send-email 2.44.0.rc1.240.g4c46232300-goog Message-ID: <20240222161047.402609-6-tabba@google.com> Subject: [RFC PATCH v1 05/26] KVM: Don't allow private attribute to be removed for unmappable memory From: Fuad Tabba To: kvm@vger.kernel.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, tabba@google.com Unmappable memory cannot be shared with the host. Ensure that the private attribute cannot be removed from unmappable memory. Signed-off-by: Fuad Tabba --- virt/kvm/kvm_main.c | 43 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index 9f6ff314bda3..adfee6592f6c 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -52,6 +52,7 @@ #include #include #include +#include #include #include @@ -2464,6 +2465,40 @@ bool kvm_range_has_memory_attributes(struct kvm *kvm, gfn_t start, gfn_t end, return has_attrs; } +/* + * Returns true if _any_ gfn in the range [@start, @end) has _any_ attribute + * matching @attr. + */ +static bool kvm_any_range_has_memory_attribute(struct kvm *kvm, gfn_t start, + gfn_t end, unsigned long attr) +{ + XA_STATE(xas, &kvm->mem_attr_array, start); + bool has_attr = false; + void *entry; + + rcu_read_lock(); + xas_for_each(&xas, entry, end - 1) { + if (xas_retry(&xas, entry)) + continue; + + if (!xa_is_value(entry)) + continue; + + if ((xa_to_value(entry) & attr) == attr) { + has_attr = true; + break; + } + + if (need_resched()) { + xas_pause(&xas); + cond_resched_rcu(); + } + } + rcu_read_unlock(); + + return has_attr; +} + static u64 kvm_supported_mem_attributes(struct kvm *kvm) { if (!kvm || kvm_arch_has_private_mem(kvm)) @@ -2614,6 +2649,14 @@ static int __kvm_vm_set_mem_attributes(struct kvm *kvm, gfn_t start, gfn_t end, r = -EPERM; goto out_unlock; } + + /* Unmappable memory cannot be shared. */ + if (!(attributes & KVM_MEMORY_ATTRIBUTE_PRIVATE) && + kvm_any_range_has_memory_attribute(kvm, start, end, + KVM_MEMORY_ATTRIBUTE_NOT_MAPPABLE)) { + r = -EPERM; + goto out_unlock; + } } /* From patchwork Thu Feb 22 16:10:27 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 13567563 Received: from mail-wm1-f74.google.com (mail-wm1-f74.google.com [209.85.128.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E692C153514 for ; Thu, 22 Feb 2024 16:11:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618268; cv=none; b=mq6n8amTJyTmQR1fb71epG/2X+O1lQGkSwzbeueB2kr5w0VUn2Y+v5mdLsw/chrewEZLGd3nXP65ZewHnLZVj46dZDkYJ1OgC6WvVd7O/KOSfmrZUpk7tdZ5RmEIgAz0qMlIEp0ROCImRAyhz8qWj11FTEVmSHZyYmzctcdy+9A= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618268; c=relaxed/simple; bh=thrcBYxJpIov0ueUkK9xUJVnk7mGfhkTWP9cDj+zyXc=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=RNQd3XQ6s8LRmSWRRkRRCVotGyzvH+7VOJU1Gc2AasxIAq66OX5OPPdcSebnLh/ybZHO/7A4ZVh6z3eUHiAfrnJwLsgd1d+pfusTpOoOYPscbvpmmnmTv/DDoW2aFrjSnKaof7TbaQWRPOtZma4NASKzvYJntJDUwqpTMExf/a0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=a6lQTrEo; arc=none smtp.client-ip=209.85.128.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="a6lQTrEo" Received: by mail-wm1-f74.google.com with SMTP id 5b1f17b1804b1-40d62d3ae0cso10480875e9.2 for ; Thu, 22 Feb 2024 08:11:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708618265; x=1709223065; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=/cR/Yk//cCpUcqF45wtqjPoccwRQ5dc9zhX4CLbSuaM=; b=a6lQTrEoUZOBjENoZF+khYzYfNaoGfmae+1qbTolk/pcqCr4vcsRg/EJ8DJ6kpbm/Y H6Tzv0BNeu1yrZxN6WmZcCdEZ/BwrvL9yuw2cJHuD6FLmta0mLBIPyFowT1zajlKd2lj bvR3UZfIcmkJ3/I2icmbeCUYqkDVYE5Eojjmv+5FFr3zJ2LNMcAY/bFNmGN7Ptv6mlVU idNyJ5ZQoI+qqcghD/cqh9XQ8svjhTORmyzYrNYL+KwNuS7IwGymctRuv6ZyblWpK/mN nusPMowTWJag5pa+fOGmuMPAJWFD/i8L0EYLcNprea3xo/mtiYI78zNjFUY3CV3kj3EF lnUw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708618265; x=1709223065; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=/cR/Yk//cCpUcqF45wtqjPoccwRQ5dc9zhX4CLbSuaM=; b=frj8ijZ4+GycEnDKOVq+923k44yMxIQjJiXgsvgFj/shcIp+9CH/W1XK0k5WL8382K ccY8udIjJPA3pd0ZKqwNZ4gtUYDZHPBJmqsC/ypSibLfclBuW9qIi6j3oiTHdtmaKgmc D+NObuZ9MptX1+aBkhHrPNn3SYKRiSdBOK0+J+sNtC42Kd/gZou6iH1LQ4oWb+Z9Ga34 IDgYex3IZ4ilqkiW3BQ4Ktu8+uNkWKp0d+2miDptAXDfAmT0oXO6NRIj5fSkOHAidBO9 P02TTSCz7k81j4u+ZfzMNCCdR7k2OLdxiz9MVI7S2ETLMHOOCT/BMj+he/jHjF+1X4bL MGsQ== X-Gm-Message-State: AOJu0YymAzWD0Jwx9xdfnSNW9gOGlKXlhORWwy9Nx4HYZWP4Bf+8tWAL EttxxwNfDcdNZLvmBBA+dSIBj1U9ZYFkMqT2016LcSjcT8nN51R3+HPx1FPfFUVc82lz2IbH9I6 vvktTK8fqF/hjOzg0VssPQZYUkTmEHoGlVLA1mf5jFNTApeoItA+m1OL88Vprz4+ink9ImD1PhH bEylqAFbN8Tj21aif3vCUaI6E= X-Google-Smtp-Source: AGHT+IHR+pszL4yvDO1W7/HLWaCbjn0hGceaWyc7avnwPEt4h67Y/r8Z82fKYEdOS79KKYK3ME6EYmrMaw== X-Received: from fuad.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:1613]) (user=tabba job=sendgmr) by 2002:a7b:c2aa:0:b0:411:fa5a:151b with SMTP id c10-20020a7bc2aa000000b00411fa5a151bmr112085wmk.1.1708618264912; Thu, 22 Feb 2024 08:11:04 -0800 (PST) Date: Thu, 22 Feb 2024 16:10:27 +0000 In-Reply-To: <20240222161047.402609-1-tabba@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222161047.402609-1-tabba@google.com> X-Mailer: git-send-email 2.44.0.rc1.240.g4c46232300-goog Message-ID: <20240222161047.402609-7-tabba@google.com> Subject: [RFC PATCH v1 06/26] KVM: Implement kvm_(read|/write)_guest_page for private memory slots From: Fuad Tabba To: kvm@vger.kernel.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, tabba@google.com Make __kvm_read_guest_page/__kvm_write_guest_page capable of accessing guest memory if no userspace address is available. Moreover, check that the memory being accessed is shared with the host before attempting the access. KVM at the host might need to access shared memory that is not mapped in the host userspace but is in fact shared with the host, e.g., when accounting for stolen time. This allows the access without relying on the slot's userspace_addr being set. This does not circumvent protection, since the access is only attempted if the memory is shared with the host. Signed-off-by: Fuad Tabba --- virt/kvm/kvm_main.c | 130 ++++++++++++++++++++++++++++++++++++++------ 1 file changed, 114 insertions(+), 16 deletions(-) diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index adfee6592f6c..f5a0619cb520 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -3446,17 +3446,107 @@ static int next_segment(unsigned long len, int offset) return len; } -static int __kvm_read_guest_page(struct kvm_memory_slot *slot, gfn_t gfn, - void *data, int offset, int len) +#ifdef CONFIG_KVM_GENERIC_PRIVATE_MEM_MAPPABLE +static int __kvm_read_private_guest_page(struct kvm *kvm, + struct kvm_memory_slot *slot, + gfn_t gfn, void *data, int offset, + int len) +{ + u64 pfn; + struct page *page; + int r = 0; + + if (size_add(offset, len) > PAGE_SIZE) + return -E2BIG; + + mutex_lock(&kvm->slots_lock); + if (kvm_any_range_has_memory_attribute(kvm, gfn, gfn + 1, + KVM_MEMORY_ATTRIBUTE_NOT_MAPPABLE)) { + r = -EPERM; + goto out_unlock; + } + + r = kvm_gmem_get_pfn_locked(kvm, slot, gfn, &pfn, NULL); + if (r) + goto out_unlock; + + page = pfn_to_page(pfn); + memcpy(data, page_address(page) + offset, len); + unlock_page(page); + kvm_release_pfn_clean(pfn); +out_unlock: + mutex_unlock(&kvm->slots_lock); + + return r; +} + +static int __kvm_write_private_guest_page(struct kvm *kvm, + struct kvm_memory_slot *slot, + gfn_t gfn, const void *data, + int offset, int len) +{ + u64 pfn; + struct page *page; + int r = 0; + + if (size_add(offset, len) > PAGE_SIZE) + return -E2BIG; + + mutex_lock(&kvm->slots_lock); + if (kvm_any_range_has_memory_attribute(kvm, gfn, gfn + 1, + KVM_MEMORY_ATTRIBUTE_NOT_MAPPABLE)) { + r = -EPERM; + goto out_unlock; + } + + r = kvm_gmem_get_pfn_locked(kvm, slot, gfn, &pfn, NULL); + if (r) + goto out_unlock; + + page = pfn_to_page(pfn); + memcpy(page_address(page) + offset, data, len); + unlock_page(page); + kvm_release_pfn_dirty(pfn); +out_unlock: + mutex_unlock(&kvm->slots_lock); + + return r; +} +#else +static int __kvm_read_private_guest_page(struct kvm *kvm, + struct kvm_memory_slot *slot, + gfn_t gfn, void *data, int offset, + int len) +{ + BUG(); + return -EIO; +} + +static int __kvm_write_private_guest_page(struct kvm *kvm, + struct kvm_memory_slot *slot, + gfn_t gfn, const void *data, + int offset, int len) +{ + BUG(); + return -EIO; +} +#endif /* CONFIG_KVM_GENERIC_PRIVATE_MEM_MAPPABLE */ + +static int __kvm_read_guest_page(struct kvm *kvm, struct kvm_memory_slot *slot, + gfn_t gfn, void *data, int offset, int len) { - int r; unsigned long addr; + if (IS_ENABLED(CONFIG_KVM_GENERIC_PRIVATE_MEM_MAPPABLE) && + kvm_slot_can_be_private(slot)) { + return __kvm_read_private_guest_page(kvm, slot, gfn, data, + offset, len); + } + addr = gfn_to_hva_memslot_prot(slot, gfn, NULL); if (kvm_is_error_hva(addr)) return -EFAULT; - r = __copy_from_user(data, (void __user *)addr + offset, len); - if (r) + if (__copy_from_user(data, (void __user *)addr + offset, len)) return -EFAULT; return 0; } @@ -3466,7 +3556,7 @@ int kvm_read_guest_page(struct kvm *kvm, gfn_t gfn, void *data, int offset, { struct kvm_memory_slot *slot = gfn_to_memslot(kvm, gfn); - return __kvm_read_guest_page(slot, gfn, data, offset, len); + return __kvm_read_guest_page(kvm, slot, gfn, data, offset, len); } EXPORT_SYMBOL_GPL(kvm_read_guest_page); @@ -3475,7 +3565,7 @@ int kvm_vcpu_read_guest_page(struct kvm_vcpu *vcpu, gfn_t gfn, void *data, { struct kvm_memory_slot *slot = kvm_vcpu_gfn_to_memslot(vcpu, gfn); - return __kvm_read_guest_page(slot, gfn, data, offset, len); + return __kvm_read_guest_page(vcpu->kvm, slot, gfn, data, offset, len); } EXPORT_SYMBOL_GPL(kvm_vcpu_read_guest_page); @@ -3547,19 +3637,27 @@ int kvm_vcpu_read_guest_atomic(struct kvm_vcpu *vcpu, gpa_t gpa, } EXPORT_SYMBOL_GPL(kvm_vcpu_read_guest_atomic); + static int __kvm_write_guest_page(struct kvm *kvm, struct kvm_memory_slot *memslot, gfn_t gfn, - const void *data, int offset, int len) + const void *data, int offset, int len) { - int r; - unsigned long addr; + if (IS_ENABLED(CONFIG_KVM_GENERIC_PRIVATE_MEM_MAPPABLE) && + kvm_slot_can_be_private(memslot)) { + int r = __kvm_write_private_guest_page(kvm, memslot, gfn, data, + offset, len); + + if (r) + return r; + } else { + unsigned long addr = gfn_to_hva_memslot(memslot, gfn); + + if (kvm_is_error_hva(addr)) + return -EFAULT; + if (__copy_to_user((void __user *)addr + offset, data, len)) + return -EFAULT; + } - addr = gfn_to_hva_memslot(memslot, gfn); - if (kvm_is_error_hva(addr)) - return -EFAULT; - r = __copy_to_user((void __user *)addr + offset, data, len); - if (r) - return -EFAULT; mark_page_dirty_in_slot(kvm, memslot, gfn); return 0; } From patchwork Thu Feb 22 16:10:28 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 13567564 Received: from mail-wm1-f73.google.com (mail-wm1-f73.google.com [209.85.128.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 489DA153517 for ; Thu, 22 Feb 2024 16:11:09 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618271; cv=none; b=JDCivvvhFjH8RTY+zTATbT6nRyvk0L0Vs82AszC22zDqf3PIZFVSBqwhjZSz4x9jM635Dekl4AbxHbJ2F5/JO2kgWip4Kdc2j90UuganklA9KE8PSPzjVOlqLDbeI+fi6hUOQDrddpTsbQcAio2zeuQM7CmFhKpgQ9MxAilhavc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618271; c=relaxed/simple; bh=307wRd3a0Gu+2jPkCXpx//8T+nAN9ErEfklgaiaAxPo=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=cahQZpDI3/efpeAF07JqAgTSogNffVmShEvnCHl4rbCsc1gymlXnAazxk9YRVx3mLnLmaD4d84IoaWCt9CwC8qzify+bA3RQQIkz6CBimyvorJ1NbAhIA/lUZhbqd38vHHyCwZG2KP1BUzq6WG2ra7BYGln2qAPogNSfnJSHMe8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=NuTnCm0q; arc=none smtp.client-ip=209.85.128.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="NuTnCm0q" Received: by mail-wm1-f73.google.com with SMTP id 5b1f17b1804b1-41082621642so42462885e9.1 for ; Thu, 22 Feb 2024 08:11:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708618267; x=1709223067; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=FNzzZH63lKYNBuTHaseubTbAwMOeT2CF2+7V/cVEfrs=; b=NuTnCm0qCsxGHfLyug56dbIyHO9byCkpTYY3H7ypOcxmmfQUCsW3wQWZLo9YPmKFAr OQHT0IstmUg88X8HlmJjU+4CBy9xD6HWCvBdf3uaRZZ7uUBiJ+1EpbhFqXJxjaea70c3 od2YNcbSQ7QRZVjO35B8lZ7QTidw+vx+9qw35JhlnlqNj4aTf/SCCHpXuDg5TTk5LrI9 iUb0Ewf5XxOrn5kN9Osf2G6NVVQS5TP1bTi7o42nVJ+3hX1Ygtmq6uuG7PT9EkPa9oH+ Zk2qzLnFG3Ke8cLZUNC/hFdn49wFQMTq+VeX1KBL1WIjSBkLrFtIKlO69kgL+uOTZeHF RCOg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708618267; x=1709223067; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=FNzzZH63lKYNBuTHaseubTbAwMOeT2CF2+7V/cVEfrs=; b=uUKfnEwUEpayses2mmSqy9BTzkFQ8DS7QfMlp9KRmvI8+HGcwrSKX/iheb4V5lFswG Uetdn9iGKG/RRGXjVv6yUWwquv9HN0XdeVspKEDsrmRwnx3DHWhWAmycuKau1oJfaSdl K6GVU9E8pZ8dOsLsFDJKs8/nLdJzhYP7CqdGz7ftmvGmKH32KGE1BCpxoqxYA+XX8pU9 hT+gzpBbXVhcjStU+pozMqSziZhIDB74lG02u1DQ+7PlT+u+Lv+4Jqi+tmKHS7GnqUz2 4igPCf2xyNkPGeFZiDPkK7ipQ+HYz4vkuTsBRUTj1WMarutoT0CMBtkNHQni3hs3lWpp Ehxw== X-Gm-Message-State: AOJu0Yw4RAccsuaQMZBUiejQ8RzrfS2KCgZ+7Aa5zHvw/WDs34RgC/Cs icSC4Hn/8LKT1KNtx2btPo3QsLdGk3URBl1n9frmD0i7XHyXUF492kfPTC0ZH871O37Gm0kbis7 c28kwrRX4RVtajEQZRlSpNhB/npvUawyxsYRsDYEWtNhS89J278RaeHXqehHEZvdq7jjAhMSKp9 GZ4Sp/xUDHBgVRmCcltX5olG8= X-Google-Smtp-Source: AGHT+IF1jnkomd+1xe0eYCGjm0e0odW61OHzS3zTMn83kYMemPKodA3UWn5V1pKZgKWIx25dpZtQqBGvmw== X-Received: from fuad.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:1613]) (user=tabba job=sendgmr) by 2002:a05:6000:783:b0:33d:60c4:5f5f with SMTP id bu3-20020a056000078300b0033d60c45f5fmr29858wrb.7.1708618267415; Thu, 22 Feb 2024 08:11:07 -0800 (PST) Date: Thu, 22 Feb 2024 16:10:28 +0000 In-Reply-To: <20240222161047.402609-1-tabba@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222161047.402609-1-tabba@google.com> X-Mailer: git-send-email 2.44.0.rc1.240.g4c46232300-goog Message-ID: <20240222161047.402609-8-tabba@google.com> Subject: [RFC PATCH v1 07/26] KVM: arm64: Turn llist of pinned pages into an rb-tree From: Fuad Tabba To: kvm@vger.kernel.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, tabba@google.com From: Quentin Perret Indexed by IPA, so we can efficiently lookup. Signed-off-by: Quentin Perret Signed-off-by: Fuad Tabba --- arch/arm64/include/asm/kvm_host.h | 5 +++-- arch/arm64/kvm/mmu.c | 30 ++++++++++++++++++++++++++---- arch/arm64/kvm/pkvm.c | 12 +++++++----- 3 files changed, 36 insertions(+), 11 deletions(-) diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h index 2777b0fe1b12..55de71791233 100644 --- a/arch/arm64/include/asm/kvm_host.h +++ b/arch/arm64/include/asm/kvm_host.h @@ -207,8 +207,9 @@ struct kvm_smccc_features { }; struct kvm_pinned_page { - struct list_head link; + struct rb_node node; struct page *page; + u64 ipa; }; typedef unsigned int pkvm_handle_t; @@ -216,7 +217,7 @@ typedef unsigned int pkvm_handle_t; struct kvm_protected_vm { pkvm_handle_t handle; struct kvm_hyp_memcache teardown_mc; - struct list_head pinned_pages; + struct rb_root pinned_pages; bool enabled; }; diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c index ac088dc198e6..f796e092a921 100644 --- a/arch/arm64/kvm/mmu.c +++ b/arch/arm64/kvm/mmu.c @@ -337,6 +337,7 @@ static void unmap_stage2_range(struct kvm_s2_mmu *mmu, phys_addr_t start, u64 si static void pkvm_stage2_flush(struct kvm *kvm) { struct kvm_pinned_page *ppage; + struct rb_node *node; /* * Contrary to stage2_apply_range(), we don't need to check @@ -344,7 +345,8 @@ static void pkvm_stage2_flush(struct kvm *kvm) * from a vcpu thread, and the list is only ever freed on VM * destroy (which only occurs when all vcpu are gone). */ - list_for_each_entry(ppage, &kvm->arch.pkvm.pinned_pages, link) { + for (node = rb_first(&kvm->arch.pkvm.pinned_pages); node; node = rb_next(node)) { + ppage = rb_entry(node, struct kvm_pinned_page, node); __clean_dcache_guest_page(page_address(ppage->page), PAGE_SIZE); cond_resched_rwlock_write(&kvm->mmu_lock); } @@ -913,7 +915,7 @@ int kvm_init_stage2_mmu(struct kvm *kvm, struct kvm_s2_mmu *mmu, unsigned long t mmfr0 = read_sanitised_ftr_reg(SYS_ID_AA64MMFR0_EL1); mmfr1 = read_sanitised_ftr_reg(SYS_ID_AA64MMFR1_EL1); mmu->vtcr = kvm_get_vtcr(mmfr0, mmfr1, phys_shift); - INIT_LIST_HEAD(&kvm->arch.pkvm.pinned_pages); + kvm->arch.pkvm.pinned_pages = RB_ROOT; mmu->arch = &kvm->arch; if (is_protected_kvm_enabled()) @@ -1412,6 +1414,26 @@ static int pkvm_host_map_guest(u64 pfn, u64 gfn) return (ret == -EPERM) ? -EAGAIN : ret; } +static int cmp_ppages(struct rb_node *node, const struct rb_node *parent) +{ + struct kvm_pinned_page *a = container_of(node, struct kvm_pinned_page, node); + struct kvm_pinned_page *b = container_of(parent, struct kvm_pinned_page, node); + + if (a->ipa < b->ipa) + return -1; + if (a->ipa > b->ipa) + return 1; + return 0; +} + +static int insert_ppage(struct kvm *kvm, struct kvm_pinned_page *ppage) +{ + if (rb_find_add(&ppage->node, &kvm->arch.pkvm.pinned_pages, cmp_ppages)) + return -EEXIST; + + return 0; +} + static int pkvm_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, struct kvm_memory_slot *memslot) { @@ -1479,8 +1501,8 @@ static int pkvm_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, } ppage->page = page; - INIT_LIST_HEAD(&ppage->link); - list_add(&ppage->link, &kvm->arch.pkvm.pinned_pages); + ppage->ipa = fault_ipa; + WARN_ON(insert_ppage(kvm, ppage)); write_unlock(&kvm->mmu_lock); return 0; diff --git a/arch/arm64/kvm/pkvm.c b/arch/arm64/kvm/pkvm.c index 10a619b257c4..11355980e18d 100644 --- a/arch/arm64/kvm/pkvm.c +++ b/arch/arm64/kvm/pkvm.c @@ -246,9 +246,9 @@ static bool pkvm_teardown_vm(struct kvm *host_kvm) void pkvm_destroy_hyp_vm(struct kvm *host_kvm) { - struct kvm_pinned_page *ppage, *tmp; + struct kvm_pinned_page *ppage; struct mm_struct *mm = current->mm; - struct list_head *ppages; + struct rb_node *node; unsigned long pages = 0; if (!pkvm_teardown_vm(host_kvm)) @@ -256,14 +256,16 @@ void pkvm_destroy_hyp_vm(struct kvm *host_kvm) free_hyp_memcache(&host_kvm->arch.pkvm.teardown_mc); - ppages = &host_kvm->arch.pkvm.pinned_pages; - list_for_each_entry_safe(ppage, tmp, ppages, link) { + node = rb_first(&host_kvm->arch.pkvm.pinned_pages); + while (node) { + ppage = rb_entry(node, struct kvm_pinned_page, node); WARN_ON(kvm_call_hyp_nvhe(__pkvm_host_reclaim_page, page_to_pfn(ppage->page))); cond_resched(); unpin_user_pages_dirty_lock(&ppage->page, 1, true); - list_del(&ppage->link); + node = rb_next(node); + rb_erase(&ppage->node, &host_kvm->arch.pkvm.pinned_pages); kfree(ppage); pages++; } From patchwork Thu Feb 22 16:10:29 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 13567565 Received: from mail-yw1-f202.google.com (mail-yw1-f202.google.com [209.85.128.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3993E153BC8 for ; Thu, 22 Feb 2024 16:11:10 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618273; cv=none; b=XTRr/ouNqoG4rIEFmUZsGO4ftgdi9kXFipTqcBVNKIqH+IMl0O5+mhI1qOGIlsX/WRQ5Nt/gvagMooRcZeip+Kt2IcqLibu1rWTQGBSsNDyMCECJ3AznabpwRUGdBa7neOBdlT0yLR03RkPcpdo6JtcMt6WCuqGQfmglQnbGuJg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618273; c=relaxed/simple; bh=InUUDTACv6VX9/UAFGNNoTeO7aRvGZf8iSQOeGU6ZBI=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=W7f/xOlkz4N9TatkcOxXWyElQHqS9oJmUpEmorH+MNcBS3PXvUtmiHEMXuv0ZNIvjOqpOq2IaB0lsJr/sH9heeqDpJd3zxz3wfsxx0YJFlqMCVVQFNmywtHe+MXAD4mPC0ii6wycyEnsT+0sVV1026Q98dkB6C1csP3YLsA5IA8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=tp7npkon; arc=none smtp.client-ip=209.85.128.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="tp7npkon" Received: by mail-yw1-f202.google.com with SMTP id 00721157ae682-6089b90acddso14488387b3.3 for ; Thu, 22 Feb 2024 08:11:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708618270; x=1709223070; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=c52r9LFDD4vblm2kGafNlF4FoWtGpxH68baRwt3dKTw=; b=tp7npkon7oBKLXJIggvsKV2YanvvfIXEaab+gr1HB4NMqw236XL0HOTUxJkaICAxus EIYM1XVQGl2F6NjMLBU/cB0+xKaZtUErXYo7Ar7JmDBZ/fcNBf5k8hC+8DmN6S/M25W7 n/M5EPxTQy8y3U8JKAgGte8BkgnaRHx5ANDg52NZun/GaWWynjII5c2EjmjVJl7dH8Yk bYBrAlinJUgZOx+Oyn8Ph0ZOc//HgUwZ4fOKR7aCwURZ+D+Eiz15tRYiPJ4VAIXErZLW XmWkCO+z0N49V8c2FHp5TQi9xwxGhY2orGa/75M1e9WxA85nLbVkxAsPco25mYwS3QEE roYA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708618270; x=1709223070; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=c52r9LFDD4vblm2kGafNlF4FoWtGpxH68baRwt3dKTw=; b=d98AQ3m8zb77ZnuZeeEsNadIdTj64uGji2bl2hlH4gvnQ1PlI7jzY+9oerMBeDm7LS EQrXVt3ImziddvaOjClen4/0SFHGXinwLkpmknrC4m3qSNKR7nujWQekxNiWid6BSlku CAaWnY4W2i4L4qIswVS06Dml0exOAzcg484yIC3hOcs8WvX5EYWiNjJSAc1Cjjum+etz Wb6oOwxOBKgovsIeP/jxCF/NIwjGJaonU+iUuei7hiofx5f3IFEA/ROkwZxPaO6Sd4ag E7hDRL1nOLNaGBMbx1szgdk+W44MUV5DpVlFSpXqGVtc6Q98VVjfYgpPJG8kZFvW7656 cfIw== X-Gm-Message-State: AOJu0Yw219Uivg3G6PBGlmP3pPyv90XSfuikj69aGlYN7NCQ4i/1GnDk IAzXggsEHPMDj+Qycu5IIpGeboVS6BgqjxrUCljUPjV3WxDgnfofTXWN8xH8iP01iPmz3aQGZXw 2Gw8vCluJI17BK6JTUUVesVL/NTLBrruN71FG2RFyd0DnRSOxIGw0ah+X9EV3B8CknNasNu2gao +Q3zbp5ucG7CXCJm4F7oNvDiw= X-Google-Smtp-Source: AGHT+IEqqbSvb3HGyfr2MPY1kOQvtF2/nFLxJvaMG/qkPuOVmHOmLXolwq3JOzoj5YKs3LXmEsrebIjr0A== X-Received: from fuad.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:1613]) (user=tabba job=sendgmr) by 2002:a81:490d:0:b0:604:42a3:3adc with SMTP id w13-20020a81490d000000b0060442a33adcmr2006803ywa.10.1708618269856; Thu, 22 Feb 2024 08:11:09 -0800 (PST) Date: Thu, 22 Feb 2024 16:10:29 +0000 In-Reply-To: <20240222161047.402609-1-tabba@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222161047.402609-1-tabba@google.com> X-Mailer: git-send-email 2.44.0.rc1.240.g4c46232300-goog Message-ID: <20240222161047.402609-9-tabba@google.com> Subject: [RFC PATCH v1 08/26] KVM: arm64: Implement MEM_RELINQUISH SMCCC hypercall From: Fuad Tabba To: kvm@vger.kernel.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, tabba@google.com From: Keir Fraser This allows a VM running on PKVM to notify the hypervisor (and host) that it is returning pages to host ownership. Signed-off-by: Keir Fraser Signed-off-by: Fuad Tabba --- arch/arm64/include/asm/kvm_pkvm.h | 1 + arch/arm64/kvm/hyp/include/nvhe/mem_protect.h | 2 + arch/arm64/kvm/hyp/include/nvhe/pkvm.h | 1 + arch/arm64/kvm/hyp/nvhe/hyp-main.c | 4 + arch/arm64/kvm/hyp/nvhe/mem_protect.c | 30 +++++++ arch/arm64/kvm/hyp/nvhe/pkvm.c | 83 +++++++++++++++++-- arch/arm64/kvm/hyp/nvhe/switch.c | 1 + arch/arm64/kvm/hypercalls.c | 19 ++++- arch/arm64/kvm/pkvm.c | 35 ++++++++ include/linux/arm-smccc.h | 7 ++ 10 files changed, 173 insertions(+), 10 deletions(-) diff --git a/arch/arm64/include/asm/kvm_pkvm.h b/arch/arm64/include/asm/kvm_pkvm.h index 60b2d4965e4a..ea9d9529e412 100644 --- a/arch/arm64/include/asm/kvm_pkvm.h +++ b/arch/arm64/include/asm/kvm_pkvm.h @@ -22,6 +22,7 @@ int pkvm_init_host_vm(struct kvm *kvm, unsigned long type); int pkvm_create_hyp_vm(struct kvm *kvm); void pkvm_destroy_hyp_vm(struct kvm *kvm); bool pkvm_is_hyp_created(struct kvm *kvm); +void pkvm_host_reclaim_page(struct kvm *host_kvm, phys_addr_t ipa); /* * Definitions for features to be allowed or restricted for guest virtual diff --git a/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h b/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h index 973983d78f31..a20e5b9426ce 100644 --- a/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h +++ b/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h @@ -75,6 +75,8 @@ int __pkvm_host_share_guest(u64 pfn, u64 gfn, struct pkvm_hyp_vcpu *vcpu); int __pkvm_host_donate_guest(u64 pfn, u64 gfn, struct pkvm_hyp_vcpu *vcpu); int __pkvm_guest_share_host(struct pkvm_hyp_vcpu *hyp_vcpu, u64 ipa); int __pkvm_guest_unshare_host(struct pkvm_hyp_vcpu *hyp_vcpu, u64 ipa); +int __pkvm_guest_relinquish_to_host(struct pkvm_hyp_vcpu *vcpu, + u64 ipa, u64 *ppa); bool addr_is_memory(phys_addr_t phys); int host_stage2_idmap_locked(phys_addr_t addr, u64 size, enum kvm_pgtable_prot prot); diff --git a/arch/arm64/kvm/hyp/include/nvhe/pkvm.h b/arch/arm64/kvm/hyp/include/nvhe/pkvm.h index 7940a042289a..094599692187 100644 --- a/arch/arm64/kvm/hyp/include/nvhe/pkvm.h +++ b/arch/arm64/kvm/hyp/include/nvhe/pkvm.h @@ -113,6 +113,7 @@ int kvm_check_pvm_sysreg_table(void); void pkvm_reset_vcpu(struct pkvm_hyp_vcpu *hyp_vcpu); bool kvm_handle_pvm_hvc64(struct kvm_vcpu *vcpu, u64 *exit_code); +bool kvm_hyp_handle_hvc64(struct kvm_vcpu *vcpu, u64 *exit_code); struct pkvm_hyp_vcpu *pkvm_mpidr_to_hyp_vcpu(struct pkvm_hyp_vm *vm, u64 mpidr); diff --git a/arch/arm64/kvm/hyp/nvhe/hyp-main.c b/arch/arm64/kvm/hyp/nvhe/hyp-main.c index 1fd419cef3db..1c93c225915b 100644 --- a/arch/arm64/kvm/hyp/nvhe/hyp-main.c +++ b/arch/arm64/kvm/hyp/nvhe/hyp-main.c @@ -85,6 +85,8 @@ static void handle_pvm_entry_hvc64(struct pkvm_hyp_vcpu *hyp_vcpu) case ARM_SMCCC_VENDOR_HYP_KVM_MEM_SHARE_FUNC_ID: fallthrough; case ARM_SMCCC_VENDOR_HYP_KVM_MEM_UNSHARE_FUNC_ID: + fallthrough; + case ARM_SMCCC_VENDOR_HYP_KVM_MEM_RELINQUISH_FUNC_ID: vcpu_set_reg(&hyp_vcpu->vcpu, 0, SMCCC_RET_SUCCESS); break; default: @@ -253,6 +255,8 @@ static void handle_pvm_exit_hvc64(struct pkvm_hyp_vcpu *hyp_vcpu) case ARM_SMCCC_VENDOR_HYP_KVM_MEM_SHARE_FUNC_ID: fallthrough; case ARM_SMCCC_VENDOR_HYP_KVM_MEM_UNSHARE_FUNC_ID: + fallthrough; + case ARM_SMCCC_VENDOR_HYP_KVM_MEM_RELINQUISH_FUNC_ID: n = 4; break; diff --git a/arch/arm64/kvm/hyp/nvhe/mem_protect.c b/arch/arm64/kvm/hyp/nvhe/mem_protect.c index 899164515e0c..1dd8eee1ab28 100644 --- a/arch/arm64/kvm/hyp/nvhe/mem_protect.c +++ b/arch/arm64/kvm/hyp/nvhe/mem_protect.c @@ -321,6 +321,36 @@ void reclaim_guest_pages(struct pkvm_hyp_vm *vm, struct kvm_hyp_memcache *mc) } } +int __pkvm_guest_relinquish_to_host(struct pkvm_hyp_vcpu *vcpu, + u64 ipa, u64 *ppa) +{ + struct kvm_pgtable_walker walker = { + .cb = reclaim_walker, + .arg = ppa, + .flags = KVM_PGTABLE_WALK_LEAF + }; + struct pkvm_hyp_vm *vm = pkvm_hyp_vcpu_to_hyp_vm(vcpu); + int ret; + + host_lock_component(); + guest_lock_component(vm); + + /* Set default pa value to "not found". */ + *ppa = 0; + + /* If ipa is mapped: sets page flags, and gets the pa. */ + ret = kvm_pgtable_walk(&vm->pgt, ipa, PAGE_SIZE, &walker); + + /* Zap the guest stage2 pte. */ + if (!ret) + kvm_pgtable_stage2_unmap(&vm->pgt, ipa, PAGE_SIZE); + + guest_unlock_component(vm); + host_unlock_component(); + + return ret; +} + int __pkvm_prot_finalize(void) { struct kvm_s2_mmu *mmu = &host_mmu.arch.mmu; diff --git a/arch/arm64/kvm/hyp/nvhe/pkvm.c b/arch/arm64/kvm/hyp/nvhe/pkvm.c index 199ad51f1169..4209c75e7fba 100644 --- a/arch/arm64/kvm/hyp/nvhe/pkvm.c +++ b/arch/arm64/kvm/hyp/nvhe/pkvm.c @@ -1258,6 +1258,54 @@ static bool pkvm_memunshare_call(struct pkvm_hyp_vcpu *hyp_vcpu) return true; } +static bool pkvm_meminfo_call(struct pkvm_hyp_vcpu *hyp_vcpu) +{ + struct kvm_vcpu *vcpu = &hyp_vcpu->vcpu; + u64 arg1 = smccc_get_arg1(vcpu); + u64 arg2 = smccc_get_arg2(vcpu); + u64 arg3 = smccc_get_arg3(vcpu); + + if (arg1 || arg2 || arg3) + goto out_guest_err; + + smccc_set_retval(vcpu, PAGE_SIZE, 0, 0, 0); + return true; + +out_guest_err: + smccc_set_retval(vcpu, SMCCC_RET_INVALID_PARAMETER, 0, 0, 0); + return true; +} + +static bool pkvm_memrelinquish_call(struct pkvm_hyp_vcpu *hyp_vcpu) +{ + struct kvm_vcpu *vcpu = &hyp_vcpu->vcpu; + u64 ipa = smccc_get_arg1(vcpu); + u64 arg2 = smccc_get_arg2(vcpu); + u64 arg3 = smccc_get_arg3(vcpu); + u64 pa = 0; + int ret; + + if (arg2 || arg3) + goto out_guest_err; + + ret = __pkvm_guest_relinquish_to_host(hyp_vcpu, ipa, &pa); + if (ret) + goto out_guest_err; + + if (pa != 0) { + /* Now pass to host. */ + return false; + } + + /* This was a NOP as no page was actually mapped at the IPA. */ + smccc_set_retval(vcpu, 0, 0, 0, 0); + return true; + +out_guest_err: + smccc_set_retval(vcpu, SMCCC_RET_INVALID_PARAMETER, 0, 0, 0); + return true; +} + /* * Handler for protected VM HVC calls. * @@ -1288,20 +1336,16 @@ bool kvm_handle_pvm_hvc64(struct kvm_vcpu *vcpu, u64 *exit_code) val[0] |= BIT(ARM_SMCCC_KVM_FUNC_HYP_MEMINFO); val[0] |= BIT(ARM_SMCCC_KVM_FUNC_MEM_SHARE); val[0] |= BIT(ARM_SMCCC_KVM_FUNC_MEM_UNSHARE); + val[0] |= BIT(ARM_SMCCC_KVM_FUNC_MEM_RELINQUISH); break; case ARM_SMCCC_VENDOR_HYP_KVM_HYP_MEMINFO_FUNC_ID: - if (smccc_get_arg1(vcpu) || - smccc_get_arg2(vcpu) || - smccc_get_arg3(vcpu)) { - val[0] = SMCCC_RET_INVALID_PARAMETER; - } else { - val[0] = PAGE_SIZE; - } - break; + return pkvm_meminfo_call(hyp_vcpu); case ARM_SMCCC_VENDOR_HYP_KVM_MEM_SHARE_FUNC_ID: return pkvm_memshare_call(hyp_vcpu, exit_code); case ARM_SMCCC_VENDOR_HYP_KVM_MEM_UNSHARE_FUNC_ID: return pkvm_memunshare_call(hyp_vcpu); + case ARM_SMCCC_VENDOR_HYP_KVM_MEM_RELINQUISH_FUNC_ID: + return pkvm_memrelinquish_call(hyp_vcpu); default: return pkvm_handle_psci(hyp_vcpu); } @@ -1309,3 +1353,26 @@ bool kvm_handle_pvm_hvc64(struct kvm_vcpu *vcpu, u64 *exit_code) smccc_set_retval(vcpu, val[0], val[1], val[2], val[3]); return true; } + +/* + * Handler for non-protected VM HVC calls. + * + * Returns true if the hypervisor has handled the exit, and control should go + * back to the guest, or false if it hasn't. + */ +bool kvm_hyp_handle_hvc64(struct kvm_vcpu *vcpu, u64 *exit_code) +{ + u32 fn = smccc_get_function(vcpu); + struct pkvm_hyp_vcpu *hyp_vcpu; + + hyp_vcpu = container_of(vcpu, struct pkvm_hyp_vcpu, vcpu); + + switch (fn) { + case ARM_SMCCC_VENDOR_HYP_KVM_HYP_MEMINFO_FUNC_ID: + return pkvm_meminfo_call(hyp_vcpu); + case ARM_SMCCC_VENDOR_HYP_KVM_MEM_RELINQUISH_FUNC_ID: + return pkvm_memrelinquish_call(hyp_vcpu); + } + + return false; +} diff --git a/arch/arm64/kvm/hyp/nvhe/switch.c b/arch/arm64/kvm/hyp/nvhe/switch.c index 31c46491e65a..12b7d56d3842 100644 --- a/arch/arm64/kvm/hyp/nvhe/switch.c +++ b/arch/arm64/kvm/hyp/nvhe/switch.c @@ -185,6 +185,7 @@ static bool kvm_handle_pvm_sys64(struct kvm_vcpu *vcpu, u64 *exit_code) static const exit_handler_fn hyp_exit_handlers[] = { [0 ... ESR_ELx_EC_MAX] = NULL, [ESR_ELx_EC_CP15_32] = kvm_hyp_handle_cp15_32, + [ESR_ELx_EC_HVC64] = kvm_hyp_handle_hvc64, [ESR_ELx_EC_SYS64] = kvm_hyp_handle_sysreg, [ESR_ELx_EC_SVE] = kvm_hyp_handle_fpsimd, [ESR_ELx_EC_FP_ASIMD] = kvm_hyp_handle_fpsimd, diff --git a/arch/arm64/kvm/hypercalls.c b/arch/arm64/kvm/hypercalls.c index 5763d979d8ca..89b5b61bc9f7 100644 --- a/arch/arm64/kvm/hypercalls.c +++ b/arch/arm64/kvm/hypercalls.c @@ -5,6 +5,7 @@ #include #include +#include #include #include @@ -13,8 +14,15 @@ GENMASK(KVM_REG_ARM_STD_BMAP_BIT_COUNT - 1, 0) #define KVM_ARM_SMCCC_STD_HYP_FEATURES \ GENMASK(KVM_REG_ARM_STD_HYP_BMAP_BIT_COUNT - 1, 0) -#define KVM_ARM_SMCCC_VENDOR_HYP_FEATURES \ - GENMASK(KVM_REG_ARM_VENDOR_HYP_BMAP_BIT_COUNT - 1, 0) +#define KVM_ARM_SMCCC_VENDOR_HYP_FEATURES ({ \ + unsigned long f; \ + f = GENMASK(KVM_REG_ARM_VENDOR_HYP_BMAP_BIT_COUNT - 1, 0); \ + if (is_protected_kvm_enabled()) { \ + f |= BIT(ARM_SMCCC_KVM_FUNC_HYP_MEMINFO); \ + f |= BIT(ARM_SMCCC_KVM_FUNC_MEM_RELINQUISH); \ + } \ + f; \ +}) static void kvm_ptp_get_time(struct kvm_vcpu *vcpu, u64 *val) { @@ -116,6 +124,9 @@ static bool kvm_smccc_test_fw_bmap(struct kvm_vcpu *vcpu, u32 func_id) case ARM_SMCCC_VENDOR_HYP_KVM_PTP_FUNC_ID: return test_bit(KVM_REG_ARM_VENDOR_HYP_BIT_PTP, &smccc_feat->vendor_hyp_bmap); + case ARM_SMCCC_VENDOR_HYP_KVM_MEM_RELINQUISH_FUNC_ID: + return test_bit(ARM_SMCCC_KVM_FUNC_MEM_RELINQUISH, + &smccc_feat->vendor_hyp_bmap); default: return false; } @@ -364,6 +375,10 @@ int kvm_smccc_call_handler(struct kvm_vcpu *vcpu) case ARM_SMCCC_VENDOR_HYP_KVM_PTP_FUNC_ID: kvm_ptp_get_time(vcpu, val); break; + case ARM_SMCCC_VENDOR_HYP_KVM_MEM_RELINQUISH_FUNC_ID: + pkvm_host_reclaim_page(vcpu->kvm, smccc_get_arg1(vcpu)); + val[0] = SMCCC_RET_SUCCESS; + break; case ARM_SMCCC_TRNG_VERSION: case ARM_SMCCC_TRNG_FEATURES: case ARM_SMCCC_TRNG_GET_UUID: diff --git a/arch/arm64/kvm/pkvm.c b/arch/arm64/kvm/pkvm.c index 11355980e18d..713bbb023177 100644 --- a/arch/arm64/kvm/pkvm.c +++ b/arch/arm64/kvm/pkvm.c @@ -24,6 +24,14 @@ static unsigned int *hyp_memblock_nr_ptr = &kvm_nvhe_sym(hyp_memblock_nr); phys_addr_t hyp_mem_base; phys_addr_t hyp_mem_size; +static int rb_ppage_cmp(const void *key, const struct rb_node *node) +{ + struct kvm_pinned_page *p = container_of(node, struct kvm_pinned_page, node); + phys_addr_t ipa = (phys_addr_t)key; + + return (ipa < p->ipa) ? -1 : (ipa > p->ipa); +} + static int cmp_hyp_memblock(const void *p1, const void *p2) { const struct memblock_region *r1 = p1; @@ -330,3 +338,30 @@ static int __init finalize_pkvm(void) return ret; } device_initcall_sync(finalize_pkvm); + +void pkvm_host_reclaim_page(struct kvm *host_kvm, phys_addr_t ipa) +{ + struct kvm_pinned_page *ppage; + struct mm_struct *mm = current->mm; + struct rb_node *node; + + write_lock(&host_kvm->mmu_lock); + node = rb_find((void *)ipa, &host_kvm->arch.pkvm.pinned_pages, + rb_ppage_cmp); + if (node) + rb_erase(node, &host_kvm->arch.pkvm.pinned_pages); + write_unlock(&host_kvm->mmu_lock); + + WARN_ON(!node); + if (!node) + return; + + ppage = container_of(node, struct kvm_pinned_page, node); + + WARN_ON(kvm_call_hyp_nvhe(__pkvm_host_reclaim_page, + page_to_pfn(ppage->page))); + + account_locked_vm(mm, 1, false); + unpin_user_pages_dirty_lock(&ppage->page, 1, true); + kfree(ppage); +} diff --git a/include/linux/arm-smccc.h b/include/linux/arm-smccc.h index 9cb7c95920b0..ec85f1be2040 100644 --- a/include/linux/arm-smccc.h +++ b/include/linux/arm-smccc.h @@ -118,6 +118,7 @@ #define ARM_SMCCC_KVM_FUNC_HYP_MEMINFO 2 #define ARM_SMCCC_KVM_FUNC_MEM_SHARE 3 #define ARM_SMCCC_KVM_FUNC_MEM_UNSHARE 4 +#define ARM_SMCCC_KVM_FUNC_MEM_RELINQUISH 9 #define ARM_SMCCC_KVM_FUNC_FEATURES_2 127 #define ARM_SMCCC_KVM_NUM_FUNCS 128 @@ -158,6 +159,12 @@ ARM_SMCCC_OWNER_VENDOR_HYP, \ ARM_SMCCC_KVM_FUNC_MEM_UNSHARE) +#define ARM_SMCCC_VENDOR_HYP_KVM_MEM_RELINQUISH_FUNC_ID \ + ARM_SMCCC_CALL_VAL(ARM_SMCCC_FAST_CALL, \ + ARM_SMCCC_SMC_64, \ + ARM_SMCCC_OWNER_VENDOR_HYP, \ + ARM_SMCCC_KVM_FUNC_MEM_RELINQUISH) + /* ptp_kvm counter type ID */ #define KVM_PTP_VIRT_COUNTER 0 #define KVM_PTP_PHYS_COUNTER 1 From patchwork Thu Feb 22 16:10:30 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 13567566 Received: from mail-yw1-f202.google.com (mail-yw1-f202.google.com [209.85.128.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 90263153BE4 for ; Thu, 22 Feb 2024 16:11:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618275; cv=none; b=om4oYBePxg/nFusRRTqbblQbpTiKdiJaeyYz4J92auXKNjeRpqcLPMMO+ByS+F2njLO03oRgIcgIGPfprpZIZ50zLXDog3IWUJRSkE2z5ntFNJZZ6osVC6FcVBa++osVDHu2CGhe3aRR933T3HrSVQgTYFB7H3PKaki0Y+UQ9bU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618275; c=relaxed/simple; bh=T0s+s3WWpAHm6/Ds0XZMRP50GdBlMYG2JZS6OaYhozI=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=lu2xswYTNrYgyZ/80e39BYtjIzaXb5nAOkzxwH/BbmXLJ2XiB8Rx/1wwvJOJ2zdi6264vYib64cjVLkceS1Sgewr4SMzsRpcaeGKv653a15N1NtM5m3Yqt1xD+vhHiN4rsxJrSiW608Q+lZybA5Ku3ne8OnqiTyYTMmwGUGkWsI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=Btto3HIg; arc=none smtp.client-ip=209.85.128.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="Btto3HIg" Received: by mail-yw1-f202.google.com with SMTP id 00721157ae682-602dae507caso133017497b3.0 for ; Thu, 22 Feb 2024 08:11:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708618272; x=1709223072; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=B40b4r+ABegtiwQt7mlJqgO3WEbMRBCir96KVlqSF2s=; b=Btto3HIgjiyVjecLLXyzq5Ze1tVLd4th6BS5Gto0y82WlKdxld5wvpTNC5nqCCaTcx bfuYIbrYir7OMN0QunDqGViv7pMP1vqNLKa8Epsi/cutfZ4RYla6LrMKVaArPfs92IbO XCIQaJOHy+XRUBEVFT/4K7TxAvgL4xP1aOh3leFlYqVROaEZoLaWBKmjJJP01C3k/vdU DURuhJ75Dn3jwoqf2fPTDTJsMNcvlWgGD3SFoXfoO3By4gTiPXVNH4i0O2PklzXTnwx2 YEwO6n3Sotxo1NS00Jpb3Q2HnjJupXDAm0srWXLYzjJ7bbbGzhi2forWmsPX5e2OTTOC l1Yg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708618272; x=1709223072; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=B40b4r+ABegtiwQt7mlJqgO3WEbMRBCir96KVlqSF2s=; b=LD0AhV1tZ1t80eI7AoWqwSplClR1KYlMyKGfMhrv26uSsWP0IEbwWCq/OF47eZi3Ds 9Rz9+BxOIxEnSwr9yXKN+j4BdVWAtxcZWdBFOAJ0Jl/0uQQHZDC9nsYf/fybLG6fYSDJ WqDJcSkz3A5BA/HQWSs+Skh2s/V/ilrV1hpc2FZNGcv1a68wD/0WYa69r28ELgzgNBHu hxg6Z7eFMeYQMKdpEhZDx9pMuZ4X0KfquiEWqtPMjqI5F6wXKbBBFPJSHRH/LEK+GR7A kUU0o0Cq31U8Z+tTtbpqJ5FYXbE0dYWA4iaol/JrHU4D54F+Rf5K8VtAHNJlsEB4OEi/ k4Gg== X-Gm-Message-State: AOJu0YyZ+bW3G24YCcRZCq2A/QbzI7hI3GHvEy2Q1wyoxQEwN4PuBs8a uh0OeE3G/eNyLxulKWG9IN+YbocG4Gb9kJeaqZS7zoDE+BgWpYCrNsqEHCiCaBm2AVHhxZ+tY7m OG24a/rnF5FKtxhTCVWnVlF8l7SomsO5sJ45LCeJQDyUm0U09ww1XyI4sroryb6gmQaFzjuRczb rorv7V8n77ZAShHLKXodGM5xY= X-Google-Smtp-Source: AGHT+IEmrrpx8IE5wp+nINUhI83syufxA+Jp+kPhgAEVJtrrWmcQztCabNzm9qoyjLeXrGy74KFBRdDXgQ== X-Received: from fuad.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:1613]) (user=tabba job=sendgmr) by 2002:a81:f008:0:b0:607:f6f0:bdca with SMTP id p8-20020a81f008000000b00607f6f0bdcamr4659775ywm.7.1708618272146; Thu, 22 Feb 2024 08:11:12 -0800 (PST) Date: Thu, 22 Feb 2024 16:10:30 +0000 In-Reply-To: <20240222161047.402609-1-tabba@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222161047.402609-1-tabba@google.com> X-Mailer: git-send-email 2.44.0.rc1.240.g4c46232300-goog Message-ID: <20240222161047.402609-10-tabba@google.com> Subject: [RFC PATCH v1 09/26] KVM: arm64: Strictly check page type in MEM_RELINQUISH hypercall From: Fuad Tabba To: kvm@vger.kernel.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, tabba@google.com From: Keir Fraser The VM should only relinquish "normal" pages. For a protected VM, this means PAGE_OWNED; For a normal VM, this means PAGE_SHARED_BORROWED. All other page types are rejected and failure is reported to the caller. Signed-off-by: Keir Fraser Signed-off-by: Fuad Tabba --- arch/arm64/kvm/hyp/nvhe/mem_protect.c | 45 ++++++++++++++++++++++++--- 1 file changed, 41 insertions(+), 4 deletions(-) diff --git a/arch/arm64/kvm/hyp/nvhe/mem_protect.c b/arch/arm64/kvm/hyp/nvhe/mem_protect.c index 1dd8eee1ab28..405d6e3e17e0 100644 --- a/arch/arm64/kvm/hyp/nvhe/mem_protect.c +++ b/arch/arm64/kvm/hyp/nvhe/mem_protect.c @@ -321,13 +321,44 @@ void reclaim_guest_pages(struct pkvm_hyp_vm *vm, struct kvm_hyp_memcache *mc) } } +struct relinquish_data { + enum pkvm_page_state expected_state; + u64 pa; +}; + +static int relinquish_walker(const struct kvm_pgtable_visit_ctx *ctx, + enum kvm_pgtable_walk_flags visit) +{ + kvm_pte_t pte = *ctx->ptep; + struct hyp_page *page; + struct relinquish_data *data = ctx->arg; + enum pkvm_page_state state; + + if (!kvm_pte_valid(pte)) + return 0; + + state = pkvm_getstate(kvm_pgtable_stage2_pte_prot(pte)); + if (state != data->expected_state) + return -EPERM; + + page = hyp_phys_to_page(kvm_pte_to_phys(pte)); + if (state == PKVM_PAGE_OWNED) + page->flags |= HOST_PAGE_NEED_POISONING; + page->flags |= HOST_PAGE_PENDING_RECLAIM; + + data->pa = kvm_pte_to_phys(pte); + + return 0; +} + int __pkvm_guest_relinquish_to_host(struct pkvm_hyp_vcpu *vcpu, u64 ipa, u64 *ppa) { + struct relinquish_data data; struct kvm_pgtable_walker walker = { - .cb = reclaim_walker, - .arg = ppa, - .flags = KVM_PGTABLE_WALK_LEAF + .cb = relinquish_walker, + .flags = KVM_PGTABLE_WALK_LEAF, + .arg = &data, }; struct pkvm_hyp_vm *vm = pkvm_hyp_vcpu_to_hyp_vm(vcpu); int ret; @@ -335,8 +366,13 @@ int __pkvm_guest_relinquish_to_host(struct pkvm_hyp_vcpu *vcpu, host_lock_component(); guest_lock_component(vm); + /* Expected page state depends on VM type. */ + data.expected_state = pkvm_hyp_vcpu_is_protected(vcpu) ? + PKVM_PAGE_OWNED : + PKVM_PAGE_SHARED_BORROWED; + /* Set default pa value to "not found". */ - *ppa = 0; + data.pa = 0; /* If ipa is mapped: sets page flags, and gets the pa. */ ret = kvm_pgtable_walk(&vm->pgt, ipa, PAGE_SIZE, &walker); @@ -348,6 +384,7 @@ int __pkvm_guest_relinquish_to_host(struct pkvm_hyp_vcpu *vcpu, guest_unlock_component(vm); host_unlock_component(); + *ppa = data.pa; return ret; } From patchwork Thu Feb 22 16:10:31 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 13567567 Received: from mail-wm1-f73.google.com (mail-wm1-f73.google.com [209.85.128.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 934DC153BE4 for ; Thu, 22 Feb 2024 16:11:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618278; cv=none; b=OEthXvucwGz66RMbC9LHUIVIW4VBaD0jTiwysaiWdhF/eED380kJzFEF6bKOizzeGTY3a5Idx1Tz75HfKbqwJ6QPE0WOTmvdzp6XzAXCQ5q0gBdTSdcVeViziphgZTCiBQOltcm4SBM0rrYTzzLWFwzYikR5oLBhhstzHrwrYHw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618278; c=relaxed/simple; bh=87Gp+Jzp2QxMm4ODcUrxrx7UgutY2NvawjWw5n50K1E=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=tjbwo7bDv153i+yFkW2JnZJ90UJWpMXq8OmqYrb1HETrjxI5Madw8uFDlpyD5KWxSBfyR3jFoYyb7npgcC7cvLO7LL8w2YuMpOBVqvkr5ptgbMv6JC7RxPMlntGkYjXmxi/Jxsvq5Ef7NrOKrqDCxwJ8RaJxbtmqkRE6lb3tKcM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=FlNgJoj3; arc=none smtp.client-ip=209.85.128.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="FlNgJoj3" Received: by mail-wm1-f73.google.com with SMTP id 5b1f17b1804b1-4125670e7d1so4898035e9.1 for ; Thu, 22 Feb 2024 08:11:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708618275; x=1709223075; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=DTAPsCidsFQm2FQiq7NglRpJEY0jsUEiaTOsAjZvPK8=; b=FlNgJoj3axV6Hr4jDhSxkmKUfPT5tK+fl9gzmktxHxGH+gvtsPXOxoBtFEb4Q/g2rR KCydjCvfheIH7aSJEVJ3xXbOSIH667x1a1BClT03nVJe4VSBkn6RQ7K/50MJjuixk15g 0aN7nGv6JrGXJyZWLMpal5pjt4wkM+kYH7T0faciZOmbiTz/VsRxJnqdKteSHjX0FwFI 5KGNL4mDGztPtH/LDD3ucF8U1IYoOEds9TZJ5yMvbighwIMcWNwzWOi0n8njyroZw+lJ I0QXT/7qjhZ643Dsp382QgK8YtRHvBlyUprBFW2qjgE3M13+04u/RSn21eTjV/JLd3Nx 8oAA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708618275; x=1709223075; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=DTAPsCidsFQm2FQiq7NglRpJEY0jsUEiaTOsAjZvPK8=; b=mR0iyMnafXC9kUYSmQZvzlk25IYynRAp6eZ6VtauieaARqnFrSgxaz/i878Q59gV7s AQKCnztIvxOtxEQxmQX6ez3X3ukEHI6KUw+MI22wb1uG6ExD/Y5U+6a3xJwqYuTwVhFt JtSmPgtX/QmWyfqADMNr7MGlNkVRDljHFnGQNbEbkIRfSS1N40nd3xfZtNXnK5926p3g /tl9vzNhXJuHP9iNxZhOKMvOWUq3zc1uGUoiJfzWAfqbdNFt29bWHjjZ8iDvjDDPvCAD RroIhgVPuSO87f1X/ejMZkoegeC9E3lzppKqRYgzYdPlbQgjRsJhUkFxzTKqdJOFxh4J vt6g== X-Gm-Message-State: AOJu0YzM1eAxujqppjpSuh3B/hVNbdvsASbdY/xCVGh2HL9ATN6zn+Ha xyYywI830nP9Th8IEcbzqF6vNzzrXLgBhh+ifiMaX6s9hBO5fmzx1th34eV56oIW+EtB7Zgm+yN lYdFbs2MlqSoAlDDQTJByvBS0cH7sa3sH8WToKhj9uW9ezCm180NCQHN3N/0errzi2XUiIkOrQ6 ZPCmIyK2HvzU6Vc5clEIaZ05s= X-Google-Smtp-Source: AGHT+IHvNF8y7PWGRXSHAC22nIJTTDdyX/V+eUGWRSqzOZ4Mt5/e5XWmA6cYwSHs0FNnAIiCY0PdlGk9FQ== X-Received: from fuad.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:1613]) (user=tabba job=sendgmr) by 2002:a05:600c:4fd2:b0:412:6c73:a647 with SMTP id o18-20020a05600c4fd200b004126c73a647mr100415wmq.0.1708618274543; Thu, 22 Feb 2024 08:11:14 -0800 (PST) Date: Thu, 22 Feb 2024 16:10:31 +0000 In-Reply-To: <20240222161047.402609-1-tabba@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222161047.402609-1-tabba@google.com> X-Mailer: git-send-email 2.44.0.rc1.240.g4c46232300-goog Message-ID: <20240222161047.402609-11-tabba@google.com> Subject: [RFC PATCH v1 10/26] KVM: arm64: Avoid unnecessary unmap walk in MEM_RELINQUISH hypercall From: Fuad Tabba To: kvm@vger.kernel.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, tabba@google.com From: Keir Fraser If the mapping is determined to be not present in an earlier walk, attempting the unmap is pointless. Signed-off-by: Keir Fraser Signed-off-by: Fuad Tabba --- arch/arm64/kvm/hyp/nvhe/mem_protect.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm64/kvm/hyp/nvhe/mem_protect.c b/arch/arm64/kvm/hyp/nvhe/mem_protect.c index 405d6e3e17e0..4889f0510c7e 100644 --- a/arch/arm64/kvm/hyp/nvhe/mem_protect.c +++ b/arch/arm64/kvm/hyp/nvhe/mem_protect.c @@ -378,7 +378,7 @@ int __pkvm_guest_relinquish_to_host(struct pkvm_hyp_vcpu *vcpu, ret = kvm_pgtable_walk(&vm->pgt, ipa, PAGE_SIZE, &walker); /* Zap the guest stage2 pte. */ - if (!ret) + if (!ret && data.pa) kvm_pgtable_stage2_unmap(&vm->pgt, ipa, PAGE_SIZE); guest_unlock_component(vm); From patchwork Thu Feb 22 16:10:32 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 13567568 Received: from mail-yw1-f201.google.com (mail-yw1-f201.google.com [209.85.128.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 32B56153BDE for ; Thu, 22 Feb 2024 16:11:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618280; cv=none; b=C/vZAtd9is66rrGX0QhCb8TX9nu9EA6MlXnWxuAtLgXAZV1rbDyKYGSJQOvkcNCVvhqqR8H+mERM/E2/qmCOTbbJiYoYHoVBky9Bkx/wC/CUqbI3HBx3VJ/rQ0eRu2ooy8NI3hV6/nui5WTlQE1ThDIr6JMHKI6pzb54G6PLsWw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618280; c=relaxed/simple; bh=K2jUeoVXhrObEu5srpCVm7xwdKmVYTP7LlgnH3ByD1Q=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=quMBhmG7ERJi0eCFoI3J3Ynx3G+R0bl3A0Xqcj9YZUUdUp6Qnbt02gZqg7KWzmKTPjqYNkCVe4hgluFKao3Bo+xp6jxhuzzxSAtJnRJNlCeeshWhJ/caqYwVFjyBx9SOMvFMUJfgyY/WP3b8CkpoRQ8PGxFieE9YUqGB4zdIn4A= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=gG4VOgeh; arc=none smtp.client-ip=209.85.128.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="gG4VOgeh" Received: by mail-yw1-f201.google.com with SMTP id 00721157ae682-6047fed0132so122259067b3.1 for ; Thu, 22 Feb 2024 08:11:18 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708618277; x=1709223077; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=yBF7jJN1+Xu+ov0cdEcK8kK8shoa2Uezv3Eymqp79xw=; b=gG4VOgehqAT2SQoHxduG4Xbd0rx9P2yyeNC+D6yFquG5KmRCP9mHRblzcHzksY3BDC cP1lbpZeFxx9tzCWJEKJbW3WAsK0itpo3rpwjc96mMZ7FWLrUqGJ5mH0y6my80qP1Ij5 m7mklagy1hUCezPXTqS7mKbniATCW1An36NzP3eqZGkLhQtD7P+SILYSlashAIBjzSv/ 2ErUau9G88QTDUirIcfqWAUKyfEy2BeKS+UwacXQl8IWpRZYnW60rqq4I3Op1Rxsn6BG aWGjDwos9bVs2eky8ZeJNI4SdaPCBwEIjEnN9lT6DPpsAG4Fel2ZS0Yfx1vWOPVJXsK2 THpQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708618277; x=1709223077; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=yBF7jJN1+Xu+ov0cdEcK8kK8shoa2Uezv3Eymqp79xw=; b=XKbzNV7Imh2o/BqhMmZhQjf/d52t2vGRjESZXaw1HrkEkGHMscNXdJPeS2gaazSZF+ qn9ljYnJewUVNHXfAt3Ffv7V049e2rixRvPMdgk3xxt4iFwmtCaPjIvm7HHvm0exzMJc ViBgxdJpYShgYiS6oZ/fxImutC5dJnhSbi/Nk2zCfWceXcLFkopfj+hqmLO/DfIrtRvM aqVPHf0GJLbj1Fs+Aiyx3XrMIy2C3VJTdMyTpZOXdvjfwfpfz0a8MI3j6XvoaHcXYJj0 g5+Sys75fzUA7RJKRMJ/LZb/pz+0ou6gnp3UhAUmQQBpRpsxIo0Con/ifVhvej/LLLgO B8AQ== X-Gm-Message-State: AOJu0YyNYdnRFlg+JyMIL/Cjn0OvwqHbKdXLV8lBxQXie1HZMjlzaoX6 lQXrUDgU+4kGRmrh+oZqBMCLfPQPTU/HLrqZWOvNPG7dxCZNqiCmUekAO5ednbwx/CEL8W1UaQk 0TCGC20LqBe8MuiYBjSorx0sMWm7M7mPTEeHnpXPgv3upJ98cek4Jxll5/2/FJ/ShtG0F+FrRTk VF+vYsxl8dWNZilyuSUHwv3Jk= X-Google-Smtp-Source: AGHT+IGrCya8m8uAuRpFxFybFUAEU0iwPgGXeWFUDgySqY7is6FBp4ITlzxd28T47Jmynwc+rSuknB6rAQ== X-Received: from fuad.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:1613]) (user=tabba job=sendgmr) by 2002:a0d:d685:0:b0:607:7564:a830 with SMTP id y127-20020a0dd685000000b006077564a830mr3732341ywd.0.1708618277048; Thu, 22 Feb 2024 08:11:17 -0800 (PST) Date: Thu, 22 Feb 2024 16:10:32 +0000 In-Reply-To: <20240222161047.402609-1-tabba@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222161047.402609-1-tabba@google.com> X-Mailer: git-send-email 2.44.0.rc1.240.g4c46232300-goog Message-ID: <20240222161047.402609-12-tabba@google.com> Subject: [RFC PATCH v1 11/26] KVM: arm64: Add initial support for KVM_CAP_EXIT_HYPERCALL From: Fuad Tabba To: kvm@vger.kernel.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, tabba@google.com From: Will Deacon Allow the VMM to hook into and handle a subset of guest hypercalls advertised by the host. For now, no such hypercalls exist, and so the new capability returns 0 when queried. Signed-off-by: Will Deacon Signed-off-by: Fuad Tabba --- arch/arm64/include/asm/kvm_host.h | 2 ++ arch/arm64/kvm/arm.c | 25 +++++++++++++++++++++++++ arch/arm64/kvm/hypercalls.c | 19 +++++++++++++++++++ 3 files changed, 46 insertions(+) diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h index 55de71791233..f6187526685a 100644 --- a/arch/arm64/include/asm/kvm_host.h +++ b/arch/arm64/include/asm/kvm_host.h @@ -325,6 +325,8 @@ struct kvm_arch { * the associated pKVM instance in the hypervisor. */ struct kvm_protected_vm pkvm; + + u64 hypercall_exit_enabled; }; struct kvm_vcpu_fault_info { diff --git a/arch/arm64/kvm/arm.c b/arch/arm64/kvm/arm.c index c0e683bde111..cd6c4df27c7b 100644 --- a/arch/arm64/kvm/arm.c +++ b/arch/arm64/kvm/arm.c @@ -60,6 +60,9 @@ static bool vgic_present, kvm_arm_initialised; static DEFINE_PER_CPU(unsigned char, kvm_hyp_initialized); DEFINE_STATIC_KEY_FALSE(userspace_irqchip_in_use); +/* KVM "vendor" hypercalls which may be forwarded to userspace on request. */ +#define KVM_EXIT_HYPERCALL_VALID_MASK (0) + bool is_kvm_arm_initialised(void) { return kvm_arm_initialised; @@ -123,6 +126,19 @@ int kvm_vm_ioctl_enable_cap(struct kvm *kvm, } mutex_unlock(&kvm->slots_lock); break; + case KVM_CAP_EXIT_HYPERCALL: + if (cap->flags) + return -EINVAL; + + if (cap->args[0] & ~KVM_EXIT_HYPERCALL_VALID_MASK) + return -EINVAL; + + if (cap->args[1] || cap->args[2] || cap->args[3]) + return -EINVAL; + + WRITE_ONCE(kvm->arch.hypercall_exit_enabled, cap->args[0]); + r = 0; + break; default: r = -EINVAL; break; @@ -334,6 +350,9 @@ static int kvm_check_extension(struct kvm *kvm, long ext) case KVM_CAP_ARM_SUPPORTED_REG_MASK_RANGES: r = BIT(0); break; + case KVM_CAP_EXIT_HYPERCALL: + r = KVM_EXIT_HYPERCALL_VALID_MASK; + break; default: r = 0; } @@ -1071,6 +1090,12 @@ int kvm_arch_vcpu_ioctl_run(struct kvm_vcpu *vcpu) ret = kvm_handle_mmio_return(vcpu); if (ret <= 0) return ret; + } else if (run->exit_reason == KVM_EXIT_HYPERCALL) { + smccc_set_retval(vcpu, + vcpu->run->hypercall.ret, + vcpu->run->hypercall.args[0], + vcpu->run->hypercall.args[1], + vcpu->run->hypercall.args[2]); } vcpu_load(vcpu); diff --git a/arch/arm64/kvm/hypercalls.c b/arch/arm64/kvm/hypercalls.c index 89b5b61bc9f7..5e04be7c026a 100644 --- a/arch/arm64/kvm/hypercalls.c +++ b/arch/arm64/kvm/hypercalls.c @@ -132,6 +132,25 @@ static bool kvm_smccc_test_fw_bmap(struct kvm_vcpu *vcpu, u32 func_id) } } +static int __maybe_unused kvm_vcpu_exit_hcall(struct kvm_vcpu *vcpu, u32 nr, u32 nr_args) +{ + u64 mask = vcpu->kvm->arch.hypercall_exit_enabled; + u32 i; + + if (nr_args > 6 || !(mask & BIT(nr))) { + smccc_set_retval(vcpu, SMCCC_RET_INVALID_PARAMETER, 0, 0, 0); + return 1; + } + + vcpu->run->exit_reason = KVM_EXIT_HYPERCALL; + vcpu->run->hypercall.nr = nr; + + for (i = 0; i < nr_args; ++i) + vcpu->run->hypercall.args[i] = vcpu_get_reg(vcpu, i + 1); + + return 0; +} + #define SMC32_ARCH_RANGE_BEGIN ARM_SMCCC_VERSION_FUNC_ID #define SMC32_ARCH_RANGE_END ARM_SMCCC_CALL_VAL(ARM_SMCCC_FAST_CALL, \ ARM_SMCCC_SMC_32, \ From patchwork Thu Feb 22 16:10:33 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 13567569 Received: from mail-yb1-f202.google.com (mail-yb1-f202.google.com [209.85.219.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9C12A154445 for ; Thu, 22 Feb 2024 16:11:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618282; cv=none; b=NHYXU4CCinAoHjEzcUohWGHli6JJGpPpUADoMMNoO4inp/AlG8RS9CDWwLHfHD0onGoPzU3VytUQ08KyEp9n27jvHx3F5C+5bPVmDBNYbDIAPsDdG9aN4+A+00eP9TGiQZ7U3t+zTk0JU8OOawScWnZVuzxzWhjr1ZpsPUpxz6c= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618282; c=relaxed/simple; bh=z/Ih8ZYT5NkMixOWg+Uyve5J68nFw5E7iGVbbYcEx3E=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=BdjsuUG6oSYXc1vYyF41R7AxwnrBO84O8Oud1yuud9aH4H+HNI5+DfHLHezjWpUvJQGADFFe87qspvoMEUAm4PvCsdiiYOtOB+pqxnTztHWuv3TwzevYdp1TLePDePEY8Qyv9In5Cb+E2b47rEhHK4WPQgUyLG6g836Otpi9rRE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=SNWym13g; arc=none smtp.client-ip=209.85.219.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="SNWym13g" Received: by mail-yb1-f202.google.com with SMTP id 3f1490d57ef6-dcbee93a3e1so10570705276.3 for ; Thu, 22 Feb 2024 08:11:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708618280; x=1709223080; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=R9jqiln8R3A9VFnaGPClstGN9r3EmzNYJZRGHFrLYA8=; b=SNWym13gOGYjvg4dzYGqexNS+tYcWwBiw9R9Sa/odoIYK7EEpgsGMFQ+HkS/mSEyyU 8ul9VTDNSwJS5PYeI15ombcJ7OX0WYCnUCKhRTXGWn2ya0yEujP73EQajlzo9Qil2Klh yWycSeS2M3DilF+TJjTl3UOYCIZ39QCzaWDcZEAcg0s2t1ph8beuoanVRkDuT1aLgML5 ygT2YrzaOhT0LdzD8YDsJQeZ7WXw7Mf+83Z+5lS9XX8lk5K8ivTOywtQfVq5k3p639T8 Xjq1IhEuuyFXBfGYnwm86EBkaYAzkWgXyyc1PcaAHr1ECeFysxr2Drdgu05uwRZmrC1O Uslw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708618280; x=1709223080; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=R9jqiln8R3A9VFnaGPClstGN9r3EmzNYJZRGHFrLYA8=; b=LbkG+LPcnBaTWc8fHxHRkO7BzlCse8DwLYqAeZICGZVZ+kN9nG4G0lwqsOtaRz/hBj zSCh+YRrCuuiVFhgPMCSakyipKT679Vor//sIs6J3aQRLEN7FSqO7k183CXMzFBSc6HG IQh3gAZ4aBiZ56AbcbzJJ8w2CLEgZBb6M9R/7HbjZU04w467lHmUi5pEvGTSviLdkRZz UHsCYcIsnuklDppTe+jnsf4ewh/V0wcUVLLWEnLz8z0D8x/9ZuKzczrciLpC/p8eQQCv 7SF+4qIIgVksCGuQh4/MbuDfTpqMSb9ymc+TBJaIP/wtCXZvM+Z1MEbI7FY5lVdtud4a 1JRQ== X-Gm-Message-State: AOJu0Ywjkwee8WKl/cMDRvIZ8km45WbAHbvegKIRyxncIJLwNGv0eUoR q+4HEQ5RF+R3qRJP1QWzrCiYWFGXfdNZYaDXyn1m4HYx0nkkNIRPZt2dfNOIzaP0eHUciri2qC4 8fWci4HxAY1nBrMaX5FXW1JBylyle/hJyvg5Ju7UjBxdUKEliTLO2MSzsDvNZEjadwdo4vPBnaF hz80qDQkn3mUUpuSJK7uDWYr4= X-Google-Smtp-Source: AGHT+IGzluF9KV0uQ74p+P4M/V/9xG11z3AVlCw5UzMHVkr7rD/AoyFybmDhnZwJeOh0w7FWclLKEm9ISQ== X-Received: from fuad.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:1613]) (user=tabba job=sendgmr) by 2002:a05:6902:1081:b0:dc7:63e7:7a5c with SMTP id v1-20020a056902108100b00dc763e77a5cmr139205ybu.11.1708618279476; Thu, 22 Feb 2024 08:11:19 -0800 (PST) Date: Thu, 22 Feb 2024 16:10:33 +0000 In-Reply-To: <20240222161047.402609-1-tabba@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222161047.402609-1-tabba@google.com> X-Mailer: git-send-email 2.44.0.rc1.240.g4c46232300-goog Message-ID: <20240222161047.402609-13-tabba@google.com> Subject: [RFC PATCH v1 12/26] KVM: arm64: Allow userspace to receive SHARE and UNSHARE notifications From: Fuad Tabba To: kvm@vger.kernel.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, tabba@google.com From: Will Deacon Signed-off-by: Will Deacon Signed-off-by: Fuad Tabba --- arch/arm64/kvm/arm.c | 3 ++- arch/arm64/kvm/hypercalls.c | 8 +++++++- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/arch/arm64/kvm/arm.c b/arch/arm64/kvm/arm.c index cd6c4df27c7b..6bba6f1fee88 100644 --- a/arch/arm64/kvm/arm.c +++ b/arch/arm64/kvm/arm.c @@ -61,7 +61,8 @@ static DEFINE_PER_CPU(unsigned char, kvm_hyp_initialized); DEFINE_STATIC_KEY_FALSE(userspace_irqchip_in_use); /* KVM "vendor" hypercalls which may be forwarded to userspace on request. */ -#define KVM_EXIT_HYPERCALL_VALID_MASK (0) +#define KVM_EXIT_HYPERCALL_VALID_MASK (BIT(ARM_SMCCC_KVM_FUNC_MEM_SHARE) | \ + BIT(ARM_SMCCC_KVM_FUNC_MEM_UNSHARE)) bool is_kvm_arm_initialised(void) { diff --git a/arch/arm64/kvm/hypercalls.c b/arch/arm64/kvm/hypercalls.c index 5e04be7c026a..b93546dd222f 100644 --- a/arch/arm64/kvm/hypercalls.c +++ b/arch/arm64/kvm/hypercalls.c @@ -83,6 +83,8 @@ static bool kvm_smccc_default_allowed(u32 func_id) */ case ARM_SMCCC_VERSION_FUNC_ID: case ARM_SMCCC_ARCH_FEATURES_FUNC_ID: + case ARM_SMCCC_VENDOR_HYP_KVM_MEM_SHARE_FUNC_ID: + case ARM_SMCCC_VENDOR_HYP_KVM_MEM_UNSHARE_FUNC_ID: return true; default: /* PSCI 0.2 and up is in the 0:0x1f range */ @@ -132,7 +134,7 @@ static bool kvm_smccc_test_fw_bmap(struct kvm_vcpu *vcpu, u32 func_id) } } -static int __maybe_unused kvm_vcpu_exit_hcall(struct kvm_vcpu *vcpu, u32 nr, u32 nr_args) +static int kvm_vcpu_exit_hcall(struct kvm_vcpu *vcpu, u32 nr, u32 nr_args) { u64 mask = vcpu->kvm->arch.hypercall_exit_enabled; u32 i; @@ -398,6 +400,10 @@ int kvm_smccc_call_handler(struct kvm_vcpu *vcpu) pkvm_host_reclaim_page(vcpu->kvm, smccc_get_arg1(vcpu)); val[0] = SMCCC_RET_SUCCESS; break; + case ARM_SMCCC_VENDOR_HYP_KVM_MEM_SHARE_FUNC_ID: + return kvm_vcpu_exit_hcall(vcpu, ARM_SMCCC_KVM_FUNC_MEM_SHARE, 3); + case ARM_SMCCC_VENDOR_HYP_KVM_MEM_UNSHARE_FUNC_ID: + return kvm_vcpu_exit_hcall(vcpu, ARM_SMCCC_KVM_FUNC_MEM_UNSHARE, 3); case ARM_SMCCC_TRNG_VERSION: case ARM_SMCCC_TRNG_FEATURES: case ARM_SMCCC_TRNG_GET_UUID: From patchwork Thu Feb 22 16:10:34 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 13567570 Received: from mail-yb1-f201.google.com (mail-yb1-f201.google.com [209.85.219.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EF7C8151CFE for ; Thu, 22 Feb 2024 16:11:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618285; cv=none; b=bneFfYx3w7aikO7yL+kPiFZY8nGPfK8I/Ttry8Ar2Xm4mWsKhK2XT2oGN0LmMwza0BBopnyuUGIdr+CzgiDpnQI6meM4noQy8DvVsWtfvHs+JpNU6xRuLba3DwMl4OWwMbRzh4CVaeDZ29d53CuDXjhG792c1J1f7dhY5QEi3nk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618285; c=relaxed/simple; bh=xoA6/QoNnISiMa1SzXuzX77CZKmuI5864LBCKgX+2hY=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=V8IQL3yMMXMAGYYH8gMTAsDD5bRF2DmQlqVTuo+cUpr5gTZgW/TSVlZ+RxRzGyUXu0LSFltfV5Ofx4rHqxgsLUaX6QUIY/7sPkzQXLNRhIK6sEOGFu0hammmNgxnj7JVatgDh+h+m+za4s1WDPkrSAMcNmKcIink2MgsZjjrfq4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=MveOPm6P; arc=none smtp.client-ip=209.85.219.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="MveOPm6P" Received: by mail-yb1-f201.google.com with SMTP id 3f1490d57ef6-dc6b26783b4so8125929276.0 for ; Thu, 22 Feb 2024 08:11:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708618283; x=1709223083; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=CeE6bcXPJ6+XfnAesbZJh5X/3MioJE5wiGBVIwsoMXY=; b=MveOPm6Ps15ckSZnNay3zhkDd1Q5b12zgK9lHOdUks5D+OaFbD1/m+WcdmMD8izGz/ pRKLHQXwN3ccfiDaU3EOBXSfFt4yZ5sl/5tAobhXXmS/IC9XaOdssNyAao/wYaSQNpjG sUBwJjpQPcRW3zhYESnx1qfPRLJBMqTFBWW+qURmOynHP0UcqGRq4KN4CZVpZkDc9ac0 jA8N8KZnZmeFWdH8QKvBtNKXe8wIrLewUNhHtFRwBLq3INsJh71uQPOsIMh3pMu7dHzP lw41tX1LlyouIJ05wPz867C0lTIXcoq3uqEInSUHUZmkDaVlkS6gCjwOtO2vQ9fHNk/t F1FA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708618283; x=1709223083; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=CeE6bcXPJ6+XfnAesbZJh5X/3MioJE5wiGBVIwsoMXY=; b=FefbJBGt3FX0ySkipv7essK2HzidjUyedUcuof44M3Nj+RtUOyRFIdN3ajHS7z07ME IIfJLF1i3QVXQiSt2Vfd9fFoE8xKz6aUjTWo8qwkshZPTmzxD/aI8Au4QszdHuACwMl6 BWHw5QPpPu0phObpLD9v44HgQko5u1SoQSigMQ1sE/2+UwfKli+oy1iP6AnoCkIzW/X8 9GTh9TrzRYybcEsuMIclXNT9Twi+012gW426hx01qII6heZ3tnfU4k4kQrbvTKTdMHsP eNkeyTrqGvqBgJ9J0dyFjA9v8bqDfz1+kDqCyB9rY19FdSSq7YdGf8OdBxmRYGv/rRLg lOOw== X-Gm-Message-State: AOJu0YzVN+XQ0OY/EDdQ4zWehp68q5vTbLMW1HOOllqkAmBEG7lY5c0z Gwfz+OYJoS1bY7Ud+zKwQLfwekgyKD6iC/0gJVhtUjVSqupUlez/y2t8BteZGdz/fqeVQIeY5RK EVMUitAG/IvUvX7Dpapkj5soGVLh5LuQA2jzlZ/oJb66RaryVJCiPmDF0M92wuK4qgDJQBckJq3 eNUGcNwsJ51uxTh+w1sf8zgY8= X-Google-Smtp-Source: AGHT+IFstTNpKcDxQ2leE1X3c1ER9vVPby1ys0ufBrD4msybQfHDs42OffDOkXrhTSWHmYX9zR+v4HUSxA== X-Received: from fuad.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:1613]) (user=tabba job=sendgmr) by 2002:a05:6902:1008:b0:dbe:387d:a8ef with SMTP id w8-20020a056902100800b00dbe387da8efmr90717ybt.1.1708618282006; Thu, 22 Feb 2024 08:11:22 -0800 (PST) Date: Thu, 22 Feb 2024 16:10:34 +0000 In-Reply-To: <20240222161047.402609-1-tabba@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222161047.402609-1-tabba@google.com> X-Mailer: git-send-email 2.44.0.rc1.240.g4c46232300-goog Message-ID: <20240222161047.402609-14-tabba@google.com> Subject: [RFC PATCH v1 13/26] KVM: arm64: Create hypercall return handler From: Fuad Tabba To: kvm@vger.kernel.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, tabba@google.com Instead of handling the hypercall return to guest from host inline, create a handler function. More logic will be added to this handler in subsequent patches. No functional change intended. Signed-off-by: Fuad Tabba --- arch/arm64/include/asm/kvm_host.h | 1 + arch/arm64/kvm/arm.c | 8 +++----- arch/arm64/kvm/hypercalls.c | 10 ++++++++++ 3 files changed, 14 insertions(+), 5 deletions(-) diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h index f6187526685a..fb7aff14fd1a 100644 --- a/arch/arm64/include/asm/kvm_host.h +++ b/arch/arm64/include/asm/kvm_host.h @@ -1100,6 +1100,7 @@ void kvm_mmio_write_buf(void *buf, unsigned int len, unsigned long data); unsigned long kvm_mmio_read_buf(const void *buf, unsigned int len); int kvm_handle_mmio_return(struct kvm_vcpu *vcpu); +int kvm_handle_hypercall_return(struct kvm_vcpu *vcpu); int io_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa); /* diff --git a/arch/arm64/kvm/arm.c b/arch/arm64/kvm/arm.c index 6bba6f1fee88..ab7e02acb17d 100644 --- a/arch/arm64/kvm/arm.c +++ b/arch/arm64/kvm/arm.c @@ -1092,11 +1092,9 @@ int kvm_arch_vcpu_ioctl_run(struct kvm_vcpu *vcpu) if (ret <= 0) return ret; } else if (run->exit_reason == KVM_EXIT_HYPERCALL) { - smccc_set_retval(vcpu, - vcpu->run->hypercall.ret, - vcpu->run->hypercall.args[0], - vcpu->run->hypercall.args[1], - vcpu->run->hypercall.args[2]); + ret = kvm_handle_hypercall_return(vcpu); + if (ret <= 0) + return ret; } vcpu_load(vcpu); diff --git a/arch/arm64/kvm/hypercalls.c b/arch/arm64/kvm/hypercalls.c index b93546dd222f..b08e18128de4 100644 --- a/arch/arm64/kvm/hypercalls.c +++ b/arch/arm64/kvm/hypercalls.c @@ -24,6 +24,16 @@ f; \ }) +int kvm_handle_hypercall_return(struct kvm_vcpu *vcpu) +{ + smccc_set_retval(vcpu, vcpu->run->hypercall.ret, + vcpu->run->hypercall.args[0], + vcpu->run->hypercall.args[1], + vcpu->run->hypercall.args[2]); + + return 1; +} + static void kvm_ptp_get_time(struct kvm_vcpu *vcpu, u64 *val) { struct system_time_snapshot systime_snapshot; From patchwork Thu Feb 22 16:10:35 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 13567571 Received: from mail-wm1-f74.google.com (mail-wm1-f74.google.com [209.85.128.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 445251552E3 for ; Thu, 22 Feb 2024 16:11:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618287; cv=none; b=eO3mFGOnAv/mdNqP1qf4zjlV++YAu9CkVICClFlLbu4lLuJV8YG4hL2NueTYnKQepvS3qh9nJUVMHRy8R/w/9qVvC17PFKY6wk3+AkMcB97CJiokallxnQXLUOf5QmILN+WDhYrSofCmH+viEjGx+PZ8QyrYQtljnJZ31P/xJIA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618287; c=relaxed/simple; bh=1fhJh/ibEAt9iibbZOz9A9qGlg/9anxYzd7bD0l9kms=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=Ked0GzRoePiRSoSGZLOASp927i8hxAsdW0nJUqCQvzvz7Ljyt4ragKD6gLNmQsUXZ9psvGBOspzjoh+8VQ1A+FvcgVlbkf85TGnA3z2j2LfNWHFEzvcaXq54s7VJfk0mKuYhGRd/TgSITTyquEjqn2eRkV2AAkGXB46K87eyaV4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=sH37pWqd; arc=none smtp.client-ip=209.85.128.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="sH37pWqd" Received: by mail-wm1-f74.google.com with SMTP id 5b1f17b1804b1-4128db855f3so1734895e9.0 for ; Thu, 22 Feb 2024 08:11:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708618284; x=1709223084; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=JeXGqmOcCD6OWH01LjQYoqIdkS33u4slmuUVqoK/zr0=; b=sH37pWqdFEi4XHn1W7YLO0yXfEBfkEa+wtUAhxvPa78BHWHfF+Sf8vxRYQw5H3Df9F RW2GxBHtdjrwgMfzbv7IabvIrTTMXVN/n2zgE8DeA+osTpqbmAv1acPsgzGZDKUo3Yf3 yHDUtFDlwM1iuev7Z46vmN7o7GHxdlu4DXZHZZJX8+gD2xgqNZ8NPscV/fIdEg32yM81 hT+Ezc5KXHTMtQZ3ERPULyxsrwloKZUxvWeCtyYuGvzMm+42E3W1TztdBlEmFysA4+BW k+OpveFlOEaNoTa9AZBZIO03lvea8Qq2AdKGvBTUCf4lEtCNM8+skWooM8i9YB65bNT6 2wVg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708618284; x=1709223084; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=JeXGqmOcCD6OWH01LjQYoqIdkS33u4slmuUVqoK/zr0=; b=i6QliUY8tLxLbRrHEjlJs9eH0fzz6iUv6EjjA+cpyjs/pDTz2g5zRDBOcehCQ6cOXk c4yGiGvqy6Oxwe5vVAQgwNmdXu9SKw9Tq74KWeEq2OJz193bbJljGlP5HJeVNVQn4XCh 7OwMMqZcAyOUsUJ5JGqicIPxbJBNJjLZI7mTeQE8/3YL2JvrRll2iNIjt7D70bJsrfQG NTe68xGUwYMvNSm+bv6+siZd3NLq8Ejpkf+iK0qd7ApkILk91ERBvA6gQRJGvBL0A9uk aU6geWojiy3h4OHw7lFbaluFv1/LFlpe+UL/pSd4xUTQtrFmwzfQ+OB8CLqsMJJO1cdO Qi6g== X-Gm-Message-State: AOJu0YzEAy3Ezyf0St7e+iU3CXO322bh6W5ruzyFl+hwwDpG6JYCrqmL eZsreWnOocNLPZKLVGx2QKrQ0wXGA8y5rCaybWnHW2NleEBDPkdS9GCmDQXR2aN1WzsepK+kGWE 33/La56wyIJNUcyRt8tWZeDyk/ePlSHyHkej9UsxM+3CVUaenQDIBq027AQsTeDENhMBf2yaPUK SuyzzjpsuKh7qwv4tCpmyoi+8= X-Google-Smtp-Source: AGHT+IHKd6JqGW6Vstnw5Qq8fNH5c73bty2H414xCAYg3AGlYLFMhVl1S0JC1GCtT88jjKDZLnmCrPVUzw== X-Received: from fuad.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:1613]) (user=tabba job=sendgmr) by 2002:a05:600c:1f17:b0:412:72d3:cfdb with SMTP id bd23-20020a05600c1f1700b0041272d3cfdbmr24338wmb.2.1708618284296; Thu, 22 Feb 2024 08:11:24 -0800 (PST) Date: Thu, 22 Feb 2024 16:10:35 +0000 In-Reply-To: <20240222161047.402609-1-tabba@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222161047.402609-1-tabba@google.com> X-Mailer: git-send-email 2.44.0.rc1.240.g4c46232300-goog Message-ID: <20240222161047.402609-15-tabba@google.com> Subject: [RFC PATCH v1 14/26] KVM: arm64: Refactor code around handling return from host to guest From: Fuad Tabba To: kvm@vger.kernel.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, tabba@google.com Make the code more consistent and easier to read. No functional change intended. Signed-off-by: Fuad Tabba --- arch/arm64/kvm/arm.c | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/arch/arm64/kvm/arm.c b/arch/arm64/kvm/arm.c index ab7e02acb17d..0a6991ee9615 100644 --- a/arch/arm64/kvm/arm.c +++ b/arch/arm64/kvm/arm.c @@ -1085,17 +1085,14 @@ static int noinstr kvm_arm_vcpu_enter_exit(struct kvm_vcpu *vcpu) int kvm_arch_vcpu_ioctl_run(struct kvm_vcpu *vcpu) { struct kvm_run *run = vcpu->run; - int ret; + int ret = 1; - if (run->exit_reason == KVM_EXIT_MMIO) { + if (run->exit_reason == KVM_EXIT_MMIO) ret = kvm_handle_mmio_return(vcpu); - if (ret <= 0) - return ret; - } else if (run->exit_reason == KVM_EXIT_HYPERCALL) { + else if (run->exit_reason == KVM_EXIT_HYPERCALL) ret = kvm_handle_hypercall_return(vcpu); - if (ret <= 0) - return ret; - } + if (ret <= 0) + return ret; vcpu_load(vcpu); @@ -1106,7 +1103,6 @@ int kvm_arch_vcpu_ioctl_run(struct kvm_vcpu *vcpu) kvm_sigset_activate(vcpu); - ret = 1; run->exit_reason = KVM_EXIT_UNKNOWN; run->flags = 0; while (ret > 0) { From patchwork Thu Feb 22 16:10:36 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 13567572 Received: from mail-wr1-f74.google.com (mail-wr1-f74.google.com [209.85.221.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 89DE61552EE for ; Thu, 22 Feb 2024 16:11:28 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.221.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618290; cv=none; b=eAnTtdTFU5CUTZwCEhJ2TnH06RJAvAujXL7gsnj8s7cKow3A/EHeQNNCN6r5Gm9Nw+Xij4x2RiSdJKhN7wekEMLX5USmt+rPmuKrzbl2HvX00g1X/HoLxozH6Vl0/4GPg87kkhxIaGc3fBpfP1aytxzAqYwoPc/ykNZumtoMEZA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618290; c=relaxed/simple; bh=P+1my6e2EG6HqBtPBiSnqhQm5OOKzgoow6fE2thqWbo=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=MVX31NMYdzcDPhu+/nCfTzzrg3S4kAC/73r1/DLo2g/PF5AXjwKkOxN11Ro/Ib3COoOiRBupwG3b2CgC8RHc5n4c9g2oO3WHB7RoIRpz4j+YA4e57+F4RorwFERzCHteXKnQcM2vMSKbp/kSPPtl/6ogxUto3fkIF5yhyGCYL8I= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=KR3sA1gk; arc=none smtp.client-ip=209.85.221.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="KR3sA1gk" Received: by mail-wr1-f74.google.com with SMTP id ffacd0b85a97d-33d9fe87c4aso6705f8f.1 for ; Thu, 22 Feb 2024 08:11:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708618287; x=1709223087; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=96SE5IhMsTsl22EMELmM2IDBXvJyu3bsEOUXPZdKK5k=; b=KR3sA1gkqufhXj+eHY3Ou3bo6gE7tLeFKZq4e7AD5xhlsMr+aRhguvwjx4Lx/xhUjJ CzTv65V2sRO0w3ADIgiQMoUA4GoDZumaZGe21jsgN8UYYvUZw1+6kgLvbiE+rolpwedE KkJtbJ423d8sr82SY2nK3vCmt1xr5ogpVn7szE7TtyiZkQLuhDv1q+Yc5Oi7kGw/DQ42 vm+183qAGrzVZRKibk53VqJu0dzaXV+Eo6AfxkA4Vleidlzi/zUSm/qPbp8u1lHIoAPw SkOICnQ0NxOcLLvRBD6odeJ5oBxvrTnIAEd50qFxeUqXHOQQPDNYgmncjnlyYFsdVvtR 8uIQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708618287; x=1709223087; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=96SE5IhMsTsl22EMELmM2IDBXvJyu3bsEOUXPZdKK5k=; b=XFA8uje4rw+vjYLICWOzFJ/vuv2GIcyDpHZfuS1T3olhCg3eUkPOgmICCuMUs8IOEe vjiGXdvzTNb4+RsZTJwP1Rl10M3UR/rKW+w8li/6cK7J2tCSoeDGh/bvECB3W60GD3RR Bq7nBSLM85iCee3oSontDVJr1OvtKoZ9s5+5oCQuIxuJqcMFirOJxEsxscArhgJBFsmT Vo3DMXFr7A+R3rVZZsQuCKzxyFnvhFLbGmaOlNGmg756PpLNgV96kHGyJVDZ0tiqv5fZ OlRCy+r5LcfEpSbEFkRWKTkiog7rmSSyQD1Y+o5VlmucT3GvrL0pxKPEQYk5n8po9p9O xFVw== X-Gm-Message-State: AOJu0Yw3nI/jIuAHKC2rsJzI9LYz1FW0JL4mddpMtU7JKtyyDdNRNKBx fbDofcjoltHURb+StS+9QndckLlO7PnJhtGmYQt+yo+RNhqJDET9q3/DatVJpmYL5cbcHzUScV3 Y7CL944ezngLrTz+XVWQGanQn4+JTutYrjoaUT771OX0hPkObDAFg48iyKEiUOscHUZG3K9Bgls XIzgx/jPaye12HSLQTGozEu8c= X-Google-Smtp-Source: AGHT+IFO+MZ28lvn87oBvUTv577Hp/Qx1nvk/NnBuEl1cGPhPZ7VvvhD7dqbRVhIzgyH4/gvei3q/b0ENA== X-Received: from fuad.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:1613]) (user=tabba job=sendgmr) by 2002:a05:6000:1f8b:b0:33d:9e15:126b with SMTP id bw11-20020a0560001f8b00b0033d9e15126bmr960wrb.3.1708618286668; Thu, 22 Feb 2024 08:11:26 -0800 (PST) Date: Thu, 22 Feb 2024 16:10:36 +0000 In-Reply-To: <20240222161047.402609-1-tabba@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222161047.402609-1-tabba@google.com> X-Mailer: git-send-email 2.44.0.rc1.240.g4c46232300-goog Message-ID: <20240222161047.402609-16-tabba@google.com> Subject: [RFC PATCH v1 15/26] KVM: arm64: Rename kvm_pinned_page to kvm_guest_page From: Fuad Tabba To: kvm@vger.kernel.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, tabba@google.com With guestmem, pages won't be pinned. Change the name of the structure to reflect that. No functional change intended. Signed-off-by: Fuad Tabba --- arch/arm64/include/asm/kvm_host.h | 2 +- arch/arm64/kvm/mmu.c | 12 ++++++------ arch/arm64/kvm/pkvm.c | 10 +++++----- 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h index fb7aff14fd1a..99bf2b534ff8 100644 --- a/arch/arm64/include/asm/kvm_host.h +++ b/arch/arm64/include/asm/kvm_host.h @@ -206,7 +206,7 @@ struct kvm_smccc_features { unsigned long vendor_hyp_bmap; }; -struct kvm_pinned_page { +struct kvm_guest_page { struct rb_node node; struct page *page; u64 ipa; diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c index f796e092a921..ae6f65717178 100644 --- a/arch/arm64/kvm/mmu.c +++ b/arch/arm64/kvm/mmu.c @@ -336,7 +336,7 @@ static void unmap_stage2_range(struct kvm_s2_mmu *mmu, phys_addr_t start, u64 si static void pkvm_stage2_flush(struct kvm *kvm) { - struct kvm_pinned_page *ppage; + struct kvm_guest_page *ppage; struct rb_node *node; /* @@ -346,7 +346,7 @@ static void pkvm_stage2_flush(struct kvm *kvm) * destroy (which only occurs when all vcpu are gone). */ for (node = rb_first(&kvm->arch.pkvm.pinned_pages); node; node = rb_next(node)) { - ppage = rb_entry(node, struct kvm_pinned_page, node); + ppage = rb_entry(node, struct kvm_guest_page, node); __clean_dcache_guest_page(page_address(ppage->page), PAGE_SIZE); cond_resched_rwlock_write(&kvm->mmu_lock); } @@ -1416,8 +1416,8 @@ static int pkvm_host_map_guest(u64 pfn, u64 gfn) static int cmp_ppages(struct rb_node *node, const struct rb_node *parent) { - struct kvm_pinned_page *a = container_of(node, struct kvm_pinned_page, node); - struct kvm_pinned_page *b = container_of(parent, struct kvm_pinned_page, node); + struct kvm_guest_page *a = container_of(node, struct kvm_guest_page, node); + struct kvm_guest_page *b = container_of(parent, struct kvm_guest_page, node); if (a->ipa < b->ipa) return -1; @@ -1426,7 +1426,7 @@ static int cmp_ppages(struct rb_node *node, const struct rb_node *parent) return 0; } -static int insert_ppage(struct kvm *kvm, struct kvm_pinned_page *ppage) +static int insert_ppage(struct kvm *kvm, struct kvm_guest_page *ppage) { if (rb_find_add(&ppage->node, &kvm->arch.pkvm.pinned_pages, cmp_ppages)) return -EEXIST; @@ -1440,7 +1440,7 @@ static int pkvm_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, struct kvm_hyp_memcache *hyp_memcache = &vcpu->arch.pkvm_memcache; struct mm_struct *mm = current->mm; unsigned int flags = FOLL_HWPOISON | FOLL_LONGTERM | FOLL_WRITE; - struct kvm_pinned_page *ppage; + struct kvm_guest_page *ppage; struct kvm *kvm = vcpu->kvm; struct kvm_s2_mmu *mmu = &kvm->arch.mmu; struct page *page; diff --git a/arch/arm64/kvm/pkvm.c b/arch/arm64/kvm/pkvm.c index 713bbb023177..0dbde37d21d0 100644 --- a/arch/arm64/kvm/pkvm.c +++ b/arch/arm64/kvm/pkvm.c @@ -26,7 +26,7 @@ phys_addr_t hyp_mem_size; static int rb_ppage_cmp(const void *key, const struct rb_node *node) { - struct kvm_pinned_page *p = container_of(node, struct kvm_pinned_page, node); + struct kvm_guest_page *p = container_of(node, struct kvm_guest_page, node); phys_addr_t ipa = (phys_addr_t)key; return (ipa < p->ipa) ? -1 : (ipa > p->ipa); @@ -254,7 +254,7 @@ static bool pkvm_teardown_vm(struct kvm *host_kvm) void pkvm_destroy_hyp_vm(struct kvm *host_kvm) { - struct kvm_pinned_page *ppage; + struct kvm_guest_page *ppage; struct mm_struct *mm = current->mm; struct rb_node *node; unsigned long pages = 0; @@ -266,7 +266,7 @@ void pkvm_destroy_hyp_vm(struct kvm *host_kvm) node = rb_first(&host_kvm->arch.pkvm.pinned_pages); while (node) { - ppage = rb_entry(node, struct kvm_pinned_page, node); + ppage = rb_entry(node, struct kvm_guest_page, node); WARN_ON(kvm_call_hyp_nvhe(__pkvm_host_reclaim_page, page_to_pfn(ppage->page))); cond_resched(); @@ -341,7 +341,7 @@ device_initcall_sync(finalize_pkvm); void pkvm_host_reclaim_page(struct kvm *host_kvm, phys_addr_t ipa) { - struct kvm_pinned_page *ppage; + struct kvm_guest_page *ppage; struct mm_struct *mm = current->mm; struct rb_node *node; @@ -356,7 +356,7 @@ void pkvm_host_reclaim_page(struct kvm *host_kvm, phys_addr_t ipa) if (!node) return; - ppage = container_of(node, struct kvm_pinned_page, node); + ppage = container_of(node, struct kvm_guest_page, node); WARN_ON(kvm_call_hyp_nvhe(__pkvm_host_reclaim_page, page_to_pfn(ppage->page))); From patchwork Thu Feb 22 16:10:37 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 13567573 Received: from mail-wr1-f73.google.com (mail-wr1-f73.google.com [209.85.221.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CCCCA1552FF for ; Thu, 22 Feb 2024 16:11:30 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.221.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618292; cv=none; b=I9+AsC+I22mdg2C1bgyk9MjH5jb4f5XOefdLQaxB9fphLbvVf7Zi+j97xnWDwUmudK1EZzP4nVIS3o4jMCnryyQoxt/uIkH0o9e36T0yU4YS44uIB+/WRWM5gF2v66W57OxAAQwF9RCfv8ZVF8pf9cnyY0zD6B4/AjN1siMdbqM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618292; c=relaxed/simple; bh=P3DcGgFx1Esbt3sQL+P8sgYw965ej+0hqQQdppF2RNk=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=fSVb9w+6/mSiukk/RVAoVFf8NKLVoybkLl/MjXG8hqEa7XCLOZrWeAUGwibsGBjGrNe45qcfCoQkTjBCQSsZ48nSPIUkSBzOGNKU1RonKfReQwF63pCXoWKbOfY/iszA+7T53cgVe+NSML10cMFS3nPQX7fCgbiOXtdeTf59n6E= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=s5QAh8H2; arc=none smtp.client-ip=209.85.221.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="s5QAh8H2" Received: by mail-wr1-f73.google.com with SMTP id ffacd0b85a97d-33d4cf786a2so2046077f8f.1 for ; Thu, 22 Feb 2024 08:11:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708618289; x=1709223089; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=cv9AuM4saXbATXwsstWXJV9w/3pxWYR1H2v53ay0HfU=; b=s5QAh8H2Vn/+U7kXL8BaDY4Q6v7tS8WD7wPFj7wQ04TJodkZfNGoaA4ao06lnoI4j4 3qrQSh8sTB0fKQOShRvTENBH7oyL9MLSJAg71A98CA2XgJ6QJ2zpRalLdfpqpPyj0QWf 5C5GQZt9jIgCLox94fuFXKWoJdduNv1Ribck2fqFhDntweeCPmHz3xkRFgtLyA9d50gg +uoVktjJqf9MbfH/i4U9oBEvAqOgvC8xiGWzqGfbhv00LV4dtOzDP0TrdPdixRn1yjHY DWS9KGPfTmzltPDMg6Z7F2EY6nugB+Iad2EIJXec7aj6XE0uckoaOzxQsnOTkLdfiJah IHrQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708618289; x=1709223089; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=cv9AuM4saXbATXwsstWXJV9w/3pxWYR1H2v53ay0HfU=; b=O41pxI8XsaC09J+fOKRt4JhT7dM8A//0ozU213U+87wT1VbpmbfKcns6Hct472wacL naFwc7yP3kaaAYqXMCNoKfZomvJu0eGctLzr1Ns8ErOqhVmhgbup/ZWMVCN+vfYuvXl8 tyGpIWQUZtUsZtrtAmtJ+SfcGc0qVZYetkjX9WUjc3Jb7xUZ6Wb9BT7wQwidPhSowXBN yrHzu1RkApR/ZBzpmXwyTK31zVyYJ3pJ3gLO8D9xSI6+PZZz3Z2jI1acemJ833YqSTze cb2Wh5RqOEtCCJZ+rz9EjeHOHtdUnJGWFUuSXwJkWACyn2Ww/xqCtImBfqsEQN1ytV20 nOXA== X-Gm-Message-State: AOJu0YwMiSTkVfOiu5R6n0vfNsMoKBJY8NIUgiFF60FwK5lQBoO8q9+F MEQJE8nfrd6BwAdnRowLOGjkMy5Rr9jY17s7gWo0h0SxpltZjDdkBQOFjcaHd+BGVwNW8uX4K6X jJYEFvq/FkOJWjr5yfKyXs681iV3tONlGI99/oSUusCOx5gpmhRcbDScIAa2BLQ52TsulnJJuI1 +HHue+uDMQevut6hBpz5L8f9o= X-Google-Smtp-Source: AGHT+IHZJHrajzF3EdpiiEZnjfvNIhoCy7C/iyvPxzB5DChrxwU0aVBoojhrAAAyoesSkpogr4EI2GCUFg== X-Received: from fuad.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:1613]) (user=tabba job=sendgmr) by 2002:adf:b613:0:b0:33d:19b6:30b0 with SMTP id f19-20020adfb613000000b0033d19b630b0mr34674wre.8.1708618288892; Thu, 22 Feb 2024 08:11:28 -0800 (PST) Date: Thu, 22 Feb 2024 16:10:37 +0000 In-Reply-To: <20240222161047.402609-1-tabba@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222161047.402609-1-tabba@google.com> X-Mailer: git-send-email 2.44.0.rc1.240.g4c46232300-goog Message-ID: <20240222161047.402609-17-tabba@google.com> Subject: [RFC PATCH v1 16/26] KVM: arm64: Add a field to indicate whether the guest page was pinned From: Fuad Tabba To: kvm@vger.kernel.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, tabba@google.com This is needed only during the transition phase from pinning to using guestmem. Once pKVM moves to guestmem, this field will be removed. Signed-off-by: Fuad Tabba --- arch/arm64/include/asm/kvm_host.h | 1 + arch/arm64/kvm/mmu.c | 1 + arch/arm64/kvm/pkvm.c | 6 ++++-- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h index 99bf2b534ff8..ab61c3ecba0c 100644 --- a/arch/arm64/include/asm/kvm_host.h +++ b/arch/arm64/include/asm/kvm_host.h @@ -210,6 +210,7 @@ struct kvm_guest_page { struct rb_node node; struct page *page; u64 ipa; + bool is_pinned; }; typedef unsigned int pkvm_handle_t; diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c index ae6f65717178..391d168e95d0 100644 --- a/arch/arm64/kvm/mmu.c +++ b/arch/arm64/kvm/mmu.c @@ -1502,6 +1502,7 @@ static int pkvm_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, ppage->page = page; ppage->ipa = fault_ipa; + ppage->is_pinned = true; WARN_ON(insert_ppage(kvm, ppage)); write_unlock(&kvm->mmu_lock); diff --git a/arch/arm64/kvm/pkvm.c b/arch/arm64/kvm/pkvm.c index 0dbde37d21d0..bfd4858a7bd1 100644 --- a/arch/arm64/kvm/pkvm.c +++ b/arch/arm64/kvm/pkvm.c @@ -271,7 +271,8 @@ void pkvm_destroy_hyp_vm(struct kvm *host_kvm) page_to_pfn(ppage->page))); cond_resched(); - unpin_user_pages_dirty_lock(&ppage->page, 1, true); + if (ppage->is_pinned) + unpin_user_pages_dirty_lock(&ppage->page, 1, true); node = rb_next(node); rb_erase(&ppage->node, &host_kvm->arch.pkvm.pinned_pages); kfree(ppage); @@ -362,6 +363,7 @@ void pkvm_host_reclaim_page(struct kvm *host_kvm, phys_addr_t ipa) page_to_pfn(ppage->page))); account_locked_vm(mm, 1, false); - unpin_user_pages_dirty_lock(&ppage->page, 1, true); + if (ppage->is_pinned) + unpin_user_pages_dirty_lock(&ppage->page, 1, true); kfree(ppage); } From patchwork Thu Feb 22 16:10:38 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 13567574 Received: from mail-wr1-f74.google.com (mail-wr1-f74.google.com [209.85.221.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B7240155306 for ; Thu, 22 Feb 2024 16:11:32 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.221.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618294; cv=none; b=kgJRH1j+Bp0tGNZu9Zzi2h/NaimFS13RD+DMboW9K57vK5iLZq7cW4RUUTwNTN6uhFCyuC3anhijzG76VYwHGV+7JZm56j0hJWKcBrPp8d7G6FCRMnAz4vtXOlWYsP6kV590nD9iCgFg4NJUqe/Pbte8n7RZjr887FMpGFF0M2U= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618294; c=relaxed/simple; bh=6iVb08zKfzH5hJWQLjCXBzmY+3QGd9wO5l8hFYC0rUg=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=cJATuQv+fXSlNUlXkYIU7XyUkxZe8sNjNaK4xLJb8XT2lIeHnreR/k1x7/WJqWkSwUIEb3yw8BYigieY0LOJ/sp3cxeSgJP66BvZsfeKc7O3jfRRj+pnY5yPC+4r47FvMskmBYm98HZ3aDuAUboXP/cBhrEyyTUClwd8c5V1fOE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=Pra2o31n; arc=none smtp.client-ip=209.85.221.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="Pra2o31n" Received: by mail-wr1-f74.google.com with SMTP id ffacd0b85a97d-33d30a3d6f8so745892f8f.3 for ; Thu, 22 Feb 2024 08:11:32 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708618291; x=1709223091; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=Rlwq3mGjsbZmc2k1s/E60FvUuielQ8IuRYRmKjrhRfg=; b=Pra2o31nKDs5pTi+NbHICuQEeHEJpLNYYK7+XQvN9cGrUBWkKKYtDu8XbILqYsbPCf ciX/2j4ytxMP+8xriN6DNUNLWe7c0IzEjfy7UKAFRUFtE17+UFRzdetbt6bNgUdB6EoD wsrjDLHypEqLeYbNq0gblxGqWZ3FTEkM/0UULg4KbJhAe+rvACXyzN6sKvAgCzoMewPz PumFJiBN9ZTHppq8sepYHfncuQL4X18SbT88S/H4KA3tNAQ9meME8CJEHe3qcpHjF7+d o8sSMJbuj88cN+U6QU588goYMGtHF8YDbHrd/V0XfLXMZqdVHYJdxSMyxbIXDgEG/v6S BmwQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708618291; x=1709223091; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=Rlwq3mGjsbZmc2k1s/E60FvUuielQ8IuRYRmKjrhRfg=; b=LzLCXlZgSpjj3pz2YDU1RSonEKHKqheJ9kTHB57JV788n6TgT9T/yVyZd+pwVqK5o3 1oWiHYb+dSdJxJx7I5tGVNxP763U8XVi8WxeokpvtjsWmgY3SBlViXdRRvruK7nxS0wN w3WulkWYsZjuwgFiNTTm/w/xz7ad/gae4mdGEt1xKYkFdytourozmgAiUIn6+wdYVxa0 u2tkxWPXW5GGLszPpgfab9yJNbJB5aIi35Lak+1p1mcSeRRI5rlQxZ5RcZDhgIRiUIxD S3/vsWUBpRqYYHhqJrHLnVJqS6tqoqgTjajgxLw8vlvf1x6pc60OARwYrlcSZAq+kZED YigQ== X-Gm-Message-State: AOJu0YxrxQ2oEaIDd6aRntRlWGs2n9hOKUp5djkPignKa+OttQQHO0BK xm5N85h54noJ/DfAfXGBfq/LeQP5uQRZ7I33qLLqluqoVP6DJ4BrzEcKas7oTOpRjbOWcMl2nz4 pEKhlovLG26seRkrcKYkVUlSePIqzif/9DJ4WUnYwcAvHSZZVJlRaFH/uz8dI8t+WvtoMpEOTY1 zrQrqgo50LJKG2UsTRZYYen/E= X-Google-Smtp-Source: AGHT+IGPBlBEWHSVTXybSf5AXKW9r7iJYYYJVo0ATzUwHor8Yu6mnFaOUn7raP8SctTXcV/NU58hv2UYQg== X-Received: from fuad.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:1613]) (user=tabba job=sendgmr) by 2002:a5d:6f18:0:b0:33d:9fc2:5e26 with SMTP id ay24-20020a5d6f18000000b0033d9fc25e26mr109wrb.9.1708618291025; Thu, 22 Feb 2024 08:11:31 -0800 (PST) Date: Thu, 22 Feb 2024 16:10:38 +0000 In-Reply-To: <20240222161047.402609-1-tabba@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222161047.402609-1-tabba@google.com> X-Mailer: git-send-email 2.44.0.rc1.240.g4c46232300-goog Message-ID: <20240222161047.402609-18-tabba@google.com> Subject: [RFC PATCH v1 17/26] KVM: arm64: Do not allow changes to private memory slots From: Fuad Tabba To: kvm@vger.kernel.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, tabba@google.com Handling changes to private memory slots can be difficult, since it would probably require some cooperation from the hypervisor and/or the guest. Do not allow such changes for now. Signed-off-by: Fuad Tabba --- arch/arm64/kvm/mmu.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c index 391d168e95d0..4d2881648b58 100644 --- a/arch/arm64/kvm/mmu.c +++ b/arch/arm64/kvm/mmu.c @@ -2158,6 +2158,10 @@ int kvm_arch_prepare_memory_region(struct kvm *kvm, } } + if ((change == KVM_MR_MOVE || change == KVM_MR_FLAGS_ONLY) && + ((kvm_slot_can_be_private(old)) || (kvm_slot_can_be_private(new)))) + return -EPERM; + if (change != KVM_MR_CREATE && change != KVM_MR_MOVE && change != KVM_MR_FLAGS_ONLY) return 0; From patchwork Thu Feb 22 16:10:39 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 13567575 Received: from mail-wr1-f74.google.com (mail-wr1-f74.google.com [209.85.221.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7529415531F for ; Thu, 22 Feb 2024 16:11:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.221.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618297; cv=none; b=JCy9XlUDU2mV5v8TbiDh5zNk1DpKQ3IZvRwqI5QQu6M3yVxTK5g9x1H8JhAyR3EiKS1WnQ0folRrvj0tB5qhDVOVmumkKPlgORchcsOfpgtnCpgO0fiaswqdjV/z7KLTm+QsROW5A63e4bN46h2zvPPY56QLWerohUWU+ebzTaU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618297; c=relaxed/simple; bh=JOV+TEixxBnW38RYNc8zuei4nTFOo/1GSbfRHcogFxk=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=WtSn0FuH7Uyyr0Q7FwTQnnWT27GNOUhD5QuvwWUpxJpm7tkDMyJigCtIT+07PfwIijkll4QzvY5TiZhcmxO1GEqcPqSufoKcRGus2gnx8bektcR1BTb4y9tK85IHJE3nRtJxEhuAfba3qDl1hjsGZ8FE6M/94fNyDu3LpxxXCo0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=2K5gDuy0; arc=none smtp.client-ip=209.85.221.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="2K5gDuy0" Received: by mail-wr1-f74.google.com with SMTP id ffacd0b85a97d-33d36736772so2117030f8f.0 for ; Thu, 22 Feb 2024 08:11:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708618294; x=1709223094; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=vD9o5ECbAgPC1ivE6LlVq7cfQ2iwgRwXzAnUeOE4gIQ=; b=2K5gDuy09vbFhveL2s4zV70DIqWiUC77SoTFtwKmtkxi8mqagpdA5Hmar4w9GG0+VR ftc7QDO4Cu7v44zBUBcXFL9GwNhRf3hypTvyw772oUOuEsbqjZvC5wV4aWGz9Jrz225p 2Cg+fsoQpNDtdIRTgG57Y6C+GX7GQ1I7wx9ri9i9VGNeJUBd7jSiRnxWG2/AHMF4ugvB tDsUmagZsnLcYlfnELeVKHuoKYGfH/VW3YkNxVPnzQ1n3w7havqRyTasjZYGKx4vQz6S TQQMncni+eih6LPL6U5PiUlQRIJzaeo4CSz0mowQigrZ/d/W8HF2XNZLSEG2gl74RN9v G+RQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708618294; x=1709223094; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=vD9o5ECbAgPC1ivE6LlVq7cfQ2iwgRwXzAnUeOE4gIQ=; b=C1lvAwqaB2C7E1f542c0Kx3g3DH0u4KQlsWLn17PTlRhzN8Z+NiZioEMuqNmC2oRaB O0JjpVrSBOvYNcz+BbzO8JNjSkqhz1p/v10VwrFuEVPGyGSIdeQU3SiJfOV/YD3kZmhO z7BdJO3l+RlYhDx+qrL51xFnEkWM0rjPsA7tQYb/ftU2AGgs264oAclf8LOKJ4Eq0X+0 S1ymUzR4uSHrGCG/EgMyShQ0XkOP0JmTkAFlvQVZOauAOD80P515bjtlAIfntqlr2u42 doCrJ8LjgAJAA6VUyLuPqpEouT7Ty21efIAvPkaVVrBSozjoAPUvko/GyXzjZgCTlMV3 zMhw== X-Gm-Message-State: AOJu0YwU+lRJys67zlMbOr6Y4SxUaJdcxZ8hrS3r43MzS5m3FhF2KzoS A/uxcROK9nUE2zYz3ZDcSfkqcVgQlAKAuq3ArezawFRtmcsGjpfoHD2y8BuTtNBoIPsJvUYYJFj SYy5al2lJ63SiMeAHoOJW6geJa7KwcXpetIGNEd1T/ICkgi5KrWLCp23a+mpVJcqwzE+QRXvpcS /R9YowjI2W1t5tL33yoats0Rw= X-Google-Smtp-Source: AGHT+IFjuzbek5MC2iMiGgTGZbnIVe892XN4fprFxq4qMMBT6/xXDjSro1ZNWROfqjD/CCRCrpUqesTMRw== X-Received: from fuad.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:1613]) (user=tabba job=sendgmr) by 2002:a05:6000:a0f:b0:33d:3ad2:67b1 with SMTP id co15-20020a0560000a0f00b0033d3ad267b1mr32305wrb.4.1708618293417; Thu, 22 Feb 2024 08:11:33 -0800 (PST) Date: Thu, 22 Feb 2024 16:10:39 +0000 In-Reply-To: <20240222161047.402609-1-tabba@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222161047.402609-1-tabba@google.com> X-Mailer: git-send-email 2.44.0.rc1.240.g4c46232300-goog Message-ID: <20240222161047.402609-19-tabba@google.com> Subject: [RFC PATCH v1 18/26] KVM: arm64: Skip VMA checks for slots without userspace address From: Fuad Tabba To: kvm@vger.kernel.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, tabba@google.com Memory slots backed by guest memory might be created with no intention of being mapped by the host. These are recognized by not having a userspace address in the memory slot. VMA checks are neither possible nor necessary for this kind of slot, so skip them. Signed-off-by: Fuad Tabba --- arch/arm64/kvm/mmu.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c index 4d2881648b58..6ad79390b15c 100644 --- a/arch/arm64/kvm/mmu.c +++ b/arch/arm64/kvm/mmu.c @@ -973,6 +973,10 @@ static void stage2_unmap_memslot(struct kvm *kvm, phys_addr_t size = PAGE_SIZE * memslot->npages; hva_t reg_end = hva + size; + /* Host will not map this private memory without a userspace address. */ + if (kvm_slot_can_be_private(memslot) && !hva) + return; + /* * A memory region could potentially cover multiple VMAs, and any holes * between them, so iterate over all of them to find out if we should @@ -2176,6 +2180,10 @@ int kvm_arch_prepare_memory_region(struct kvm *kvm, hva = new->userspace_addr; reg_end = hva + (new->npages << PAGE_SHIFT); + /* Host will not map this private memory without a userspace address. */ + if ((kvm_slot_can_be_private(new)) && !hva) + return 0; + mmap_read_lock(current->mm); /* * A memory region could potentially cover multiple VMAs, and any holes From patchwork Thu Feb 22 16:10:40 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 13567576 Received: from mail-yw1-f202.google.com (mail-yw1-f202.google.com [209.85.128.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2616715531C for ; Thu, 22 Feb 2024 16:11:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618298; cv=none; b=nfCemZQZGsCeBJAjB2dAIW8jnagMiXYHRaFBKhO1BLL09xJv7xltGqfFR3aKz9o48XLfJLaH4if5oknwV0o01huydOS9EESYo70/Q09PRmd2d7MufVLG2EHpoB84/8egkUROP3y7cMaDyCyOo+w2JvKZUt9ygx7pHy3dqbRvcaI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618298; c=relaxed/simple; bh=nTT451MK9nqQ4YWzBZVTCbpcJQT1VtoD4cFMq+pB9Fo=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=QXF1IN+sbwVP+r7FdQK16fYXZ3e08Qz62j5LsyHmtVU8wZcLgodF0wbEsmo2j8zOPsTFatphHqQe6lY3izlA6pU/AX8hKv9GnrLNRHxPc70sbPNJmY8ikyLQtreYBquUbm3On71RR+riD7G6Ax+Yy7mHnCxHSjbOZBcyPOuqIkk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=kClSd9JD; arc=none smtp.client-ip=209.85.128.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="kClSd9JD" Received: by mail-yw1-f202.google.com with SMTP id 00721157ae682-608ad239f8fso4518107b3.0 for ; Thu, 22 Feb 2024 08:11:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708618296; x=1709223096; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=44YDOyWwKyAbTtZNyJPOfML3d7OrKnTF2BVZ5qdD/Y4=; b=kClSd9JDzmonxACR1k5S9PZ9b11+/+GgkGB89/XeqwyqLZ8RqVbNOLDetxlyWknk+m fhKU4VPzufRFKOUe5B2OCXCssoWbEuTziBzhoya+5P4Xh7SBktWxMcPwMqc6Fvq9uiSo sbswJIJ/V9j3gNuNYYYUTLtRmW6W0jx0MvrQqaZE0A1ymZqmHi8f/Eptgm7SNhfdUqfU XPRZ/U66nSdGmc4LYXOhd6FIdeF7pTVGIZtJqjpVx1rn/ilt+NpAB07ZtnQ5FEUk7QOM zyrl1e0HiJyb0Aq7igNh/LkmA2PvP40ALzmWeshXttENDwRnWUiZw4Yq6ek58pQxC/aI /i0g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708618296; x=1709223096; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=44YDOyWwKyAbTtZNyJPOfML3d7OrKnTF2BVZ5qdD/Y4=; b=AYUa4DMemfzCmqU3lybaGT55Buw6688TRfJfPt5ZUkFW6/91kRepJq+RUnCCCa1FLW QXV0LUrlX59JwwpPOqwUdyIc+InX/oWwFqLj9wTNO6eHkttPavcgSeeryrTmxmhfj+J8 b2P0eXQk6sDSYUSJd/pN70W0Wg018EHFdiYPq7bv+PsA07bCKPJb/mVLal7DK6HMWdYG OXZyy4sVJESDuxQhGO7FKZw7TdMpUnH+wIIPgd67wsCjm6KqMs6+BZhQTqHiRGyMl7nR cATG+zDGICJKrUVSb0am017bobV4gV9KiHgabiD8gjm+o3gJFZNJyEokcpYqDZt/BRNn v4Kw== X-Gm-Message-State: AOJu0YwK7OX1x8irEiS34UVx8Fy3Nrlyxuc32xCQe8MidCDkCMYhxqZL yHZyi0N8AlZcuXXfq4RnGJeocryzFPDDw+LECpYmwQ62yggNOAQpGmKcVaOJuN28kaGyn88ePwG VuRmkjuAPdrvhvZHYaVZg1WGdYXm48cz2T8wc+Nr9CIqFOBROuRbiM2oRNKibfuM8uJDowchnUU gQC5PM4v6bJ6zOPedUAPDvWAM= X-Google-Smtp-Source: AGHT+IGSVaKOipuo5nEuK2BFQGFWFHzZjQM3r5na2j2eYUT9prmtDvr4Dcs0caaHYzVHBv7VuCNQ4diSag== X-Received: from fuad.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:1613]) (user=tabba job=sendgmr) by 2002:a81:f101:0:b0:608:9758:e8b with SMTP id h1-20020a81f101000000b0060897580e8bmr613308ywm.8.1708618295659; Thu, 22 Feb 2024 08:11:35 -0800 (PST) Date: Thu, 22 Feb 2024 16:10:40 +0000 In-Reply-To: <20240222161047.402609-1-tabba@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222161047.402609-1-tabba@google.com> X-Mailer: git-send-email 2.44.0.rc1.240.g4c46232300-goog Message-ID: <20240222161047.402609-20-tabba@google.com> Subject: [RFC PATCH v1 19/26] KVM: arm64: Handle guest_memfd()-backed guest page faults From: Fuad Tabba To: kvm@vger.kernel.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, tabba@google.com Introduce a new fault handler which responds to guest faults for guestmem pages. Signed-off-by: Fuad Tabba --- arch/arm64/kvm/mmu.c | 75 ++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 72 insertions(+), 3 deletions(-) diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c index 6ad79390b15c..570b14da16b1 100644 --- a/arch/arm64/kvm/mmu.c +++ b/arch/arm64/kvm/mmu.c @@ -1438,6 +1438,70 @@ static int insert_ppage(struct kvm *kvm, struct kvm_guest_page *ppage) return 0; } +static int guestmem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, + struct kvm_memory_slot *memslot) +{ + struct kvm_hyp_memcache *hyp_memcache = &vcpu->arch.pkvm_memcache; + struct kvm_guest_page *guest_page; + struct mm_struct *mm = current->mm; + gfn_t gfn = gpa_to_gfn(fault_ipa); + struct kvm *kvm = vcpu->kvm; + struct kvm_s2_mmu *mmu = &kvm->arch.mmu; + struct page *page = NULL; + kvm_pfn_t pfn; + int ret; + + ret = topup_hyp_memcache(hyp_memcache, kvm_mmu_cache_min_pages(mmu)); + if (ret) + return ret; + + /* + * Acquire the page lock to avoid racing with kvm_gmem_fault() when + * checking the page_mapcount later on. + */ + ret = kvm_gmem_get_pfn_locked(kvm, memslot, gfn, &pfn, NULL); + if (ret) + return ret; + + page = pfn_to_page(pfn); + + if (!kvm_gmem_is_mappable(kvm, gfn) && page_mapcount(page)) { + ret = -EPERM; + goto rel_page; + } + + guest_page = kmalloc(sizeof(*guest_page), GFP_KERNEL_ACCOUNT); + if (!guest_page) { + ret = -ENOMEM; + goto rel_page; + } + + guest_page->page = page; + guest_page->ipa = fault_ipa; + guest_page->is_pinned = false; + + ret = account_locked_vm(mm, 1, true); + if (ret) + goto free_gp; + + write_lock(&kvm->mmu_lock); + ret = pkvm_host_map_guest(pfn, gfn); + if (!ret) + WARN_ON(insert_ppage(kvm, guest_page)); + write_unlock(&kvm->mmu_lock); + + if (ret) + account_locked_vm(mm, 1, false); +free_gp: + if (ret) + kfree(guest_page); +rel_page: + unlock_page(page); + put_page(page); + + return ret != -EAGAIN ? ret : 0; +} + static int pkvm_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, struct kvm_memory_slot *memslot) { @@ -1887,11 +1951,16 @@ int kvm_handle_guest_abort(struct kvm_vcpu *vcpu) goto out_unlock; } - if (is_protected_kvm_enabled()) - ret = pkvm_mem_abort(vcpu, fault_ipa, memslot); - else + if (is_protected_kvm_enabled()) { + if ((kvm_slot_can_be_private(memslot))) + ret = guestmem_abort(vcpu, fault_ipa, memslot); + else + ret = pkvm_mem_abort(vcpu, fault_ipa, memslot); + } else { ret = user_mem_abort(vcpu, fault_ipa, memslot, esr_fsc_is_permission_fault(esr)); + } + if (ret == 0) ret = 1; From patchwork Thu Feb 22 16:10:41 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 13567577 Received: from mail-wm1-f73.google.com (mail-wm1-f73.google.com [209.85.128.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 844DE153506 for ; Thu, 22 Feb 2024 16:11:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618302; cv=none; b=bqwskrucnJn4HJ6DABp7EA6/f6lV/yAII5EXYvodX/uGr4awA15t5ItTXq0l4tk7L7T4OuyBDZc2NIO5XHh301dYo8OUtU1Xfi9yrJjOoMsm4RhF0/GUTEKKcHU73fVhnWcv4pyprSz/7+oLFgZ8z9Z2Rqd2X5qPO5yZTwjo5jA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618302; c=relaxed/simple; bh=MBXw36BeBpgzLpaJ6DDMj7mANbp5a67/tbxZ56a4zsI=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=DgXZiV/fpiziWap1nVc4SZg+8IoIVGp+eUfLxzY3j5l+hjbguqMxISncnMivUQt3/azBBoQjfvBUxnDMWtxZyC8B3sT88m0YTJkA2kEVsskHmL9DCFZr/QBdv6CNu1ZSaTXx/g1XyBEeva2l9PGjPVtmRuBtjVT7HtGjv9OXzW0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=m3PIALxO; arc=none smtp.client-ip=209.85.128.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="m3PIALxO" Received: by mail-wm1-f73.google.com with SMTP id 5b1f17b1804b1-41256717763so31666315e9.0 for ; Thu, 22 Feb 2024 08:11:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708618299; x=1709223099; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=G3PquBHsQ9j3O8VxfhBiNpCD7E3dPFUw+j7QK93cQQM=; b=m3PIALxOp2oDnlFZjlwA+hEhyC0SfgRogqJGpenb1V4CNksVVYP/XDwl2X03T8q6HD cUaKKeupSL3tRWUNbuEZRUX9gSN9ru7NDdW5ayoZ2Dfy5tTsH1F0kClUtZfjgLmz0BG1 HtKNEWpAT7BaniqowB3nmMY5TVD7o1yWSFcbCDECpS5BmqPd80JTjwtuW9/W/T5LUz6h w1Peg4SzReMvNvV55s7lsAb7QycKui2bXQN1XpGEjHs2YB2TOolGgrN9ze5DZbqyLkvc QkxgwEwq5KY1RYePl7XSWfT1Cpef7W2pxJSsqJg6TxvDkHoNS+UCXoEOVlZW5ywgZ+Tc Iv/A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708618299; x=1709223099; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=G3PquBHsQ9j3O8VxfhBiNpCD7E3dPFUw+j7QK93cQQM=; b=EtEhkrxtr5lh4FwSADhYcZVddRXkoX2U1AVoHDWGuv60QPydvexwkXxhwBW1sZWCo0 3q8o9KwuJdVKjKj06Xw1TOJUdNtUUUmo3D/8IbWki7QKtv1DHVGK5/udnlCnVKORLIjO /ji3y4zCzpbtaxBchyP6q52281iobJ3iJXRw/thgSQlqIKdrtqYlcEXMzHQONYkyYB/5 zBH8HbXEV0ZQosLYiyfiC7rO1VMCzwIOtvBckIhMNOWQFsSFlIPpTdG2e8USea1YmBsH zHBgcutn2uvLBDwk49PKtGKb63gAML0Z8KvWE66K7wwSi1jTYRv5Xa7Mqps8YBnERA8V eMOQ== X-Gm-Message-State: AOJu0Yxdn3ywtCLuns0kKzFw99fZyX2V7OBPH64kOnqVrHVz0eFWvDK5 S5GWtRGpbqw77bCjN5lBUYRBCBDamhqG3kCG5HlZcQ4s6SwtBFE3Hcb0+NT6p4MyQWv4zSk8fS9 gzpDFqCSU3tsLufxfPo2ZlciM95yZEhB1wrx4pHaTeSl7vtfhnW1Z1W8eV3980A+Q7VJMhVoTFM uktDLPrHzdj/1rADYtP80xZLE= X-Google-Smtp-Source: AGHT+IFHt8ljAgUFsumQUx43edqLPoztEr5s7k3xHUmGMWApCiCTFox1L/DuSqvEX2oWzicoQqDqguGfpg== X-Received: from fuad.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:1613]) (user=tabba job=sendgmr) by 2002:a7b:c2aa:0:b0:411:ea5e:615a with SMTP id c10-20020a7bc2aa000000b00411ea5e615amr248951wmk.1.1708618298281; Thu, 22 Feb 2024 08:11:38 -0800 (PST) Date: Thu, 22 Feb 2024 16:10:41 +0000 In-Reply-To: <20240222161047.402609-1-tabba@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222161047.402609-1-tabba@google.com> X-Mailer: git-send-email 2.44.0.rc1.240.g4c46232300-goog Message-ID: <20240222161047.402609-21-tabba@google.com> Subject: [RFC PATCH v1 20/26] KVM: arm64: Track sharing of memory from protected guest to host From: Fuad Tabba To: kvm@vger.kernel.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, tabba@google.com Track memory being explicitly shared by the guest to the host, and update the NOT_MAPPABLE attribute accordingly. This would allow shared memory to be mapped by the host, and enable us to ensure that unshared memory is not mappable by the host. Signed-off-by: Fuad Tabba --- arch/arm64/kvm/hypercalls.c | 30 ++++++++++++++++++++++++++++-- 1 file changed, 28 insertions(+), 2 deletions(-) diff --git a/arch/arm64/kvm/hypercalls.c b/arch/arm64/kvm/hypercalls.c index b08e18128de4..56fb4fa70eec 100644 --- a/arch/arm64/kvm/hypercalls.c +++ b/arch/arm64/kvm/hypercalls.c @@ -163,6 +163,32 @@ static int kvm_vcpu_exit_hcall(struct kvm_vcpu *vcpu, u32 nr, u32 nr_args) return 0; } +static int kvm_vcpu_handle_xshare(struct kvm_vcpu *vcpu, u32 nr) +{ + if (IS_ENABLED(CONFIG_KVM_GENERIC_PRIVATE_MEM_MAPPABLE)) { + u64 mask = vcpu->kvm->arch.hypercall_exit_enabled; + gfn_t gfn = vcpu_get_reg(vcpu, 1) >> PAGE_SHIFT; + unsigned long attributes = 0; + int ret; + + if (!(mask & BIT(nr))) + goto err; + + if (nr == ARM_SMCCC_KVM_FUNC_MEM_UNSHARE) + attributes = KVM_MEMORY_ATTRIBUTE_NOT_MAPPABLE; + + ret = kvm_vm_set_mem_attributes_kernel(vcpu->kvm, gfn, gfn + 1, attributes); + if (ret) + goto err; + } + + return kvm_vcpu_exit_hcall(vcpu, nr, 3); + +err: + smccc_set_retval(vcpu, SMCCC_RET_INVALID_PARAMETER, 0, 0, 0); + return 1; +} + #define SMC32_ARCH_RANGE_BEGIN ARM_SMCCC_VERSION_FUNC_ID #define SMC32_ARCH_RANGE_END ARM_SMCCC_CALL_VAL(ARM_SMCCC_FAST_CALL, \ ARM_SMCCC_SMC_32, \ @@ -411,9 +437,9 @@ int kvm_smccc_call_handler(struct kvm_vcpu *vcpu) val[0] = SMCCC_RET_SUCCESS; break; case ARM_SMCCC_VENDOR_HYP_KVM_MEM_SHARE_FUNC_ID: - return kvm_vcpu_exit_hcall(vcpu, ARM_SMCCC_KVM_FUNC_MEM_SHARE, 3); + return kvm_vcpu_handle_xshare(vcpu, ARM_SMCCC_KVM_FUNC_MEM_SHARE); case ARM_SMCCC_VENDOR_HYP_KVM_MEM_UNSHARE_FUNC_ID: - return kvm_vcpu_exit_hcall(vcpu, ARM_SMCCC_KVM_FUNC_MEM_UNSHARE, 3); + return kvm_vcpu_handle_xshare(vcpu, ARM_SMCCC_KVM_FUNC_MEM_UNSHARE); case ARM_SMCCC_TRNG_VERSION: case ARM_SMCCC_TRNG_FEATURES: case ARM_SMCCC_TRNG_GET_UUID: From patchwork Thu Feb 22 16:10:42 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 13567578 Received: from mail-wm1-f74.google.com (mail-wm1-f74.google.com [209.85.128.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4EADC15531C for ; Thu, 22 Feb 2024 16:11:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618303; cv=none; b=Ujaee9G2C2AT6ZEHgd1QJMqoNqAA1/n9H7Hv3Sg6iiBGK3gDsm7laIVLNgIhggsilPVXXy17dgFO59OIqIp98kRO4azIG4ZP4wazU5//b+DpLBHiBQqrPIK3fyoJkiLWQfqS2WChcWjPR1f9ALOJAsBYzANoVnCjh5Gk90lzmhs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618303; c=relaxed/simple; bh=npvYxmnOW8D70NS3ig9HnMx9N7r0Z+HXJuDOX7EAoRc=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=HS68a1nr0BRXsOooiDxVjFhMzF86SklZvUssDuzC1zTEYJnK6qVWIpRNJQcEKJIMO6wNpKTwB6ia40YXWyw0g4GomnYNCrr46zmgkAHOvVngOpA3UvfzNkaKUaX+2Ogc0jX4+Tnbz2axISFkpaLqBbaHy74wSDR8fI50h7OSMrw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=seCL5QQ2; arc=none smtp.client-ip=209.85.128.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="seCL5QQ2" Received: by mail-wm1-f74.google.com with SMTP id 5b1f17b1804b1-40e4478a3afso5312845e9.1 for ; Thu, 22 Feb 2024 08:11:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708618301; x=1709223101; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=rSm6/qgBZCczn9Ke4uZTyz+5iwS2nAcQPMledMHWGz8=; b=seCL5QQ2tYGGoFPLQxzu6TbhMU2DjHxfqV++HwJDh6gOj+mD3hSysXZ6PJkkG8g+75 zO5CQCehh2JdwCIYjozYshFJG4OiWCnElmc+MSh8NTnWAZ9JMygKcWCTgEHGzihDhlVz 3opZwsA8++fjLmWgRLw6sNcfu4RXiCP5Yw6RBbOvFoSx4X/AxJBhBLEltl3TpxZYcCZL ju50YUpXW3H5Uh2vXkq8W+Fo45r9ppier/CAs1E3TYOR5Ap1/FzXZvg71c2JGFFm0GsU ay75I4nyxpLQwWrXboO2yOOdIHrgBJHc+JxxzZOLMk5m4kecC1yL7RmHjCtZlM89oggW ZeDg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708618301; x=1709223101; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=rSm6/qgBZCczn9Ke4uZTyz+5iwS2nAcQPMledMHWGz8=; b=tLOxDf9XCba/LZ2GfeC9KvoPDRm07B9uKtTGYcBQIsIf7jIbDfRbUMBAsskY4gEnMM /3oW+7K7usb4i3VdCmHIa971zhT7+KK1Rx4858RYdv3AaB8Bdb6QXZpOCBRPdayG3i6+ L/Kk0i1Iit8MkZFT1l+kAZEXmw2PrlSJsILPvJ6ekROgtOw/EEBvHQdC9x5pxw2d6JHu Auq53VfAG7fpPv6oJY39z+P+u8AHpVywujow6qYw8hcy7J8L+3LvPSKKDB1taF1W190Q mjIDf1PpU4EtbpcZqqVBuMLyej1yAtC0nmp4NtkYNt8OgT4fFQ2/cHEC1z+VqC6uHQFL ZMAQ== X-Gm-Message-State: AOJu0YzIxIeCrWtkIJvRIi0/umAWyGaHJ7Oli4PQO+pNFFSyX7O+Y0g0 or9SkQq6mssBrYdVO+8DwLPAQsGhLLKNrl47wPiPj/No9inteJ0JdYfNsMI0HR6kVUI+XgnQSst 8akhFf/zPSPjfBP21VMuPvtbB8lrud2DF6BhAIg6b8bnuoOofJ77KYGQIJ29fbP8EoBpe723GAh ql73rdyfHoJW6wa0hfzobYCWI= X-Google-Smtp-Source: AGHT+IG/y8W3lb3JZO83cjx58GKuU0Lq2tsDnMqCffsClUcUdbIHBL/G3lXuTAChtYt/zyPvFkyCvnNNLw== X-Received: from fuad.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:1613]) (user=tabba job=sendgmr) by 2002:a05:600c:1e8c:b0:412:8816:3723 with SMTP id be12-20020a05600c1e8c00b0041288163723mr76370wmb.3.1708618300751; Thu, 22 Feb 2024 08:11:40 -0800 (PST) Date: Thu, 22 Feb 2024 16:10:42 +0000 In-Reply-To: <20240222161047.402609-1-tabba@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222161047.402609-1-tabba@google.com> X-Mailer: git-send-email 2.44.0.rc1.240.g4c46232300-goog Message-ID: <20240222161047.402609-22-tabba@google.com> Subject: [RFC PATCH v1 21/26] KVM: arm64: Mark a protected VM's memory as unmappable at initialization From: Fuad Tabba To: kvm@vger.kernel.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, tabba@google.com A protected VM's memory is private by default and not mappable by the host until explicitly shared by the guest. Therefore, start off with all the memory of a protected guest as NOT_MAPPABLE. Signed-off-by: Fuad Tabba --- arch/arm64/kvm/pkvm.c | 32 ++++++++++++++++++++++++++++++-- 1 file changed, 30 insertions(+), 2 deletions(-) diff --git a/arch/arm64/kvm/pkvm.c b/arch/arm64/kvm/pkvm.c index bfd4858a7bd1..75247a3ced3d 100644 --- a/arch/arm64/kvm/pkvm.c +++ b/arch/arm64/kvm/pkvm.c @@ -220,13 +220,41 @@ bool pkvm_is_hyp_created(struct kvm *host_kvm) return READ_ONCE(host_kvm->arch.pkvm.handle); } +static int pkvm_mark_protected_mem_not_mappable(struct kvm *kvm) +{ + struct kvm_memory_slot *memslot; + struct kvm_memslots *slots; + int bkt, r; + + if (!IS_ENABLED(CONFIG_KVM_GENERIC_PRIVATE_MEM_MAPPABLE)) + return 0; + + slots = kvm_memslots(kvm); + kvm_for_each_memslot(memslot, bkt, slots) { + if (!kvm_slot_can_be_private(memslot)) + continue; + + r = kvm_vm_set_mem_attributes_kernel(kvm, + memslot->base_gfn, memslot->base_gfn + memslot->npages, + KVM_MEMORY_ATTRIBUTE_NOT_MAPPABLE); + if (r) + return r; + } + + return 0; +} + int pkvm_create_hyp_vm(struct kvm *host_kvm) { int ret = 0; mutex_lock(&host_kvm->lock); - if (!pkvm_is_hyp_created(host_kvm)) - ret = __pkvm_create_hyp_vm(host_kvm); + if (!pkvm_is_hyp_created(host_kvm)) { + if (kvm_vm_is_protected(host_kvm)) + ret = pkvm_mark_protected_mem_not_mappable(host_kvm); + if (!ret) + ret = __pkvm_create_hyp_vm(host_kvm); + } mutex_unlock(&host_kvm->lock); return ret; From patchwork Thu Feb 22 16:10:43 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 13567579 Received: from mail-yb1-f202.google.com (mail-yb1-f202.google.com [209.85.219.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 488D3156964 for ; Thu, 22 Feb 2024 16:11:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618305; cv=none; b=Cd4BZiqga/BIFIAqmyLZzTAInuqsgnW9qfCHKwhX9H2IbVGV++s0ad69E8w5WDnIJCFxTbZKF+RfeBdRo3XYYkk936/6ZQ6zHSr4Qy41VeiaBqgiWSrIkLjoTo3clLHSolxQQd1kfKsJIII1yNfVOvEDjSZxo/L5k97VATHAOYM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618305; c=relaxed/simple; bh=c7Tct6JEztEi1hIJsezP9trwKsf7ghqb+Z/TRUVlQe8=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=f3He1zLQZrsZllkzunSCrYBK3T+cXAHvF0sVqGTDxGN7NVrqQ/CijefLStRFv3BTHp/Ia5AI0acpFoUcdOy8ZcUriIhYVtnUy9LvkO3Uf/zPPg3RNzuTnXWI5uMJ7iRY2gvdMiWNU80y3TW9J3QXxXQWMlTMNPHFjgwvhFHwRgw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=lLlNbH0s; arc=none smtp.client-ip=209.85.219.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="lLlNbH0s" Received: by mail-yb1-f202.google.com with SMTP id 3f1490d57ef6-dc657e9bdc4so10641717276.0 for ; Thu, 22 Feb 2024 08:11:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708618303; x=1709223103; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=XojbdHrJujzsZqAAPdXW/Ko7J3fwpP4NgmuzfEiqbUI=; b=lLlNbH0s0AUwCzDq8qv5flVZ4m91ZNAuSETy1xjPhARKs4B23p64xK3EI+3yy72DdK mDh2RfNC4z2B2ZbC9Nds5RmkZx7UAXg0yUo8pfvZBG9RPf+ku7l1FAD0dFxz+X3aTsmS UwgXN98l+e/auMIiRm0/d8JYWxTrS8DV6nN/yXuuKEnSBVQqhhJGljCy+eY7AtJdU+ua j57nwOp7Ttx+X0fwkFL3SriDlSCHGWjmirZb6BfeifA8Q+/7vikPQQ/ZHzOYMd/g3WWC axCMn71iS4rDZb9GgEocnf6v3fRM/Urj8RB23sYZAo7XrY2PeZUdVmx/hqD/Um8cmkJ6 VECA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708618303; x=1709223103; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=XojbdHrJujzsZqAAPdXW/Ko7J3fwpP4NgmuzfEiqbUI=; b=JdrOGh1qeFlgffxu9Nc9RWFw8N7vWqzwjLoBPcqSQe7Is4hI5bxD/MLhVRBBieEAhs KIrmGAWi6K/+7ipVyR34aZVYVt5StywWWRPy44jbDtRJiif+mPzCuasnCdTzp4K13LB/ +uty8gjP/3PH0B89XCTvpCZfb7IPcERyp998+OsJI2lmMVlsIYyVT5DauR4srmSLDIab n3DOwV/X6NbJHnHX01VSqVIZ3ztDOo2TZg92HlW9dA/O7HLAE31qH+zyBQm0CtAP62wV Yn0LfcRpr1mCs6G6/G6km25Dks9NMTQh0F5Kuhfae0ChnFlZ3C21zj5n3XZUJ9/my0Lx MKQQ== X-Gm-Message-State: AOJu0YznncF2PKoRzVKsea8os99aPzCnGC9Lif4I5lI9Z+H9haoghAnn iO/uss6gYedGhAuVEMIa9pNeyj9W+IHoXAsSwv1WG2b/1hhdLnp/2/toBYltA8twl4K/UpiOfeS 003UP3QlMtL4/ykiaqu8cg7hsw4aATLY7QKowa8GMG8oXBcr0Ktk8/ASxwRvXGpE/aS9Dyany+6 OOsRIDU7Fsp00Tru2CkEOgwKQ= X-Google-Smtp-Source: AGHT+IESoqL0M6mjy/MJ8LmmLb1XdvlAFvZ0ur8xoV3cDuHAn304J5q5vh8m433MSg+rVYhI4cB/urFKYg== X-Received: from fuad.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:1613]) (user=tabba job=sendgmr) by 2002:a5b:b05:0:b0:dbd:73bd:e55a with SMTP id z5-20020a5b0b05000000b00dbd73bde55amr139111ybp.4.1708618303039; Thu, 22 Feb 2024 08:11:43 -0800 (PST) Date: Thu, 22 Feb 2024 16:10:43 +0000 In-Reply-To: <20240222161047.402609-1-tabba@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222161047.402609-1-tabba@google.com> X-Mailer: git-send-email 2.44.0.rc1.240.g4c46232300-goog Message-ID: <20240222161047.402609-23-tabba@google.com> Subject: [RFC PATCH v1 22/26] KVM: arm64: Handle unshare on way back to guest entry rather than exit From: Fuad Tabba To: kvm@vger.kernel.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, tabba@google.com Host might not be able to unmap memory that's unshared with it. If that happens, the host will deny the unshare, and the guest will be notified of its failure when returning from its unshare call. Signed-off-by: Fuad Tabba --- arch/arm64/kvm/hyp/nvhe/hyp-main.c | 24 ++++++++++++++++++++---- arch/arm64/kvm/hyp/nvhe/pkvm.c | 22 ++++++++-------------- 2 files changed, 28 insertions(+), 18 deletions(-) diff --git a/arch/arm64/kvm/hyp/nvhe/hyp-main.c b/arch/arm64/kvm/hyp/nvhe/hyp-main.c index 1c93c225915b..2198a146e773 100644 --- a/arch/arm64/kvm/hyp/nvhe/hyp-main.c +++ b/arch/arm64/kvm/hyp/nvhe/hyp-main.c @@ -79,16 +79,32 @@ static void handle_pvm_entry_psci(struct pkvm_hyp_vcpu *hyp_vcpu) static void handle_pvm_entry_hvc64(struct pkvm_hyp_vcpu *hyp_vcpu) { - u32 fn = smccc_get_function(&hyp_vcpu->vcpu); + struct kvm_vcpu *vcpu = &hyp_vcpu->vcpu; + u32 fn = smccc_get_function(vcpu); switch (fn) { case ARM_SMCCC_VENDOR_HYP_KVM_MEM_SHARE_FUNC_ID: fallthrough; - case ARM_SMCCC_VENDOR_HYP_KVM_MEM_UNSHARE_FUNC_ID: - fallthrough; case ARM_SMCCC_VENDOR_HYP_KVM_MEM_RELINQUISH_FUNC_ID: - vcpu_set_reg(&hyp_vcpu->vcpu, 0, SMCCC_RET_SUCCESS); + vcpu_set_reg(vcpu, 0, SMCCC_RET_SUCCESS); + break; + case ARM_SMCCC_VENDOR_HYP_KVM_MEM_UNSHARE_FUNC_ID: + { + /* + * Get the host vcpu view of whether the unshare is successful. + * If the host wasn't able to unmap it first, hyp cannot unshare + * it as the host would have a mapping to a private guest page. + */ + int smccc_ret = vcpu_get_reg(hyp_vcpu->host_vcpu, 0); + u64 ipa = smccc_get_arg1(vcpu); + + if (smccc_ret != SMCCC_RET_SUCCESS || + __pkvm_guest_unshare_host(hyp_vcpu, ipa)) + smccc_set_retval(vcpu, SMCCC_RET_INVALID_PARAMETER, 0, 0, 0); + else + smccc_set_retval(vcpu, SMCCC_RET_SUCCESS, 0, 0, 0); break; + } default: handle_pvm_entry_psci(hyp_vcpu); break; diff --git a/arch/arm64/kvm/hyp/nvhe/pkvm.c b/arch/arm64/kvm/hyp/nvhe/pkvm.c index 4209c75e7fba..fa94b88fe9a8 100644 --- a/arch/arm64/kvm/hyp/nvhe/pkvm.c +++ b/arch/arm64/kvm/hyp/nvhe/pkvm.c @@ -1236,26 +1236,19 @@ static bool pkvm_memshare_call(struct pkvm_hyp_vcpu *hyp_vcpu, u64 *exit_code) return false; } -static bool pkvm_memunshare_call(struct pkvm_hyp_vcpu *hyp_vcpu) +static bool pkvm_memunshare_check(struct pkvm_hyp_vcpu *hyp_vcpu) { struct kvm_vcpu *vcpu = &hyp_vcpu->vcpu; - u64 ipa = smccc_get_arg1(vcpu); + u64 arg1 = smccc_get_arg1(vcpu); u64 arg2 = smccc_get_arg2(vcpu); u64 arg3 = smccc_get_arg3(vcpu); - int err; - - if (arg2 || arg3) - goto out_guest_err; - err = __pkvm_guest_unshare_host(hyp_vcpu, ipa); - if (err) - goto out_guest_err; + if (!arg1 || arg2 || arg3) { + smccc_set_retval(vcpu, SMCCC_RET_INVALID_PARAMETER, 0, 0, 0); + return true; + } return false; - -out_guest_err: - smccc_set_retval(vcpu, SMCCC_RET_INVALID_PARAMETER, 0, 0, 0); - return true; } static bool pkvm_meminfo_call(struct pkvm_hyp_vcpu *hyp_vcpu) @@ -1343,7 +1336,8 @@ bool kvm_handle_pvm_hvc64(struct kvm_vcpu *vcpu, u64 *exit_code) case ARM_SMCCC_VENDOR_HYP_KVM_MEM_SHARE_FUNC_ID: return pkvm_memshare_call(hyp_vcpu, exit_code); case ARM_SMCCC_VENDOR_HYP_KVM_MEM_UNSHARE_FUNC_ID: - return pkvm_memunshare_call(hyp_vcpu); + /* Handle unshare on guest return because it could be denied by the host. */ + return pkvm_memunshare_check(hyp_vcpu); case ARM_SMCCC_VENDOR_HYP_KVM_MEM_RELINQUISH_FUNC_ID: return pkvm_memrelinquish_call(hyp_vcpu); default: From patchwork Thu Feb 22 16:10:44 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 13567580 Received: from mail-wm1-f73.google.com (mail-wm1-f73.google.com [209.85.128.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 397A1156964 for ; Thu, 22 Feb 2024 16:11:47 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618308; cv=none; b=G4LLLeGSjmkhl9JHtR2W/lXVvTTToWyCvTLop+prEQgGUFi8fzBJssIR1T3H64L2k/kdVgQ2UQ/6WQW8UwTjhIMo9HMWVbFtVSAeXo+bxDGYYwdOhA57BcwaTF0hj5z1vZMmfCjff2ubl4zYCH1kekaQH/r/eeSP6kq70LQme7Q= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618308; c=relaxed/simple; bh=d3ZeocOs4Kyg8UrCOOCwBKEbac3l0L4Q+zVvMeYcmug=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=jgryDb0o9bmU+666/muPAqhS0t1o15KT6o4HVGv+IU+LJuM46w2rf6fdAqOQ3Brqb3IDHIsGvbfmZEhJ1mvKQo1dhOtNeCVNrCGOLpusio5r4JVSpBfR3xoBE1E6TW+xlojp612sD4mvlW/tE+V339ID3dAKZEXFVegaUa8XTRc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=pq3Uu1bz; arc=none smtp.client-ip=209.85.128.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="pq3Uu1bz" Received: by mail-wm1-f73.google.com with SMTP id 5b1f17b1804b1-412792ced95so8207805e9.0 for ; Thu, 22 Feb 2024 08:11:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708618306; x=1709223106; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=7Wm13XLqZtqI/huCH/OwOakJm6WxWY3N6/pLv1GzC4s=; b=pq3Uu1bzuJNgJi7wlIDxjqqlKf2mJVJlhztETTN2Ykp0ZZ2oYB/d9/5hUFg3SMLKsM P2m8iuDnt38kV8Z+ADqpyPMUMBKdA3LVNEm7Q/GAjdWPxpQinVu24T5YIxUVBk9KNavm I8FGf8wo7PWbT5VjBVqKE8GEDRzx4R98wM+GSgpBv9TUz8HQ6gO+fRVxXvgjC6rbyDGd jkxEatECBwFEC3QqTxQ7Hy1PU2xHazkt7cyeQ88emLeOKndmuV25pT/0UMd/dxD6GJsv DoMyB2zBlkZ6JtNeNLBcQFp/0fkSJAbnq64MwSWLkFSxL8/eLy6N0t9GUFO+1u/WR/B2 jHaw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708618306; x=1709223106; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=7Wm13XLqZtqI/huCH/OwOakJm6WxWY3N6/pLv1GzC4s=; b=APto1wtR+0pPrWSciuxm6LFSbr4RJbdEbGTwQ+OKGUZsbwGNykydoAZDnzALPJrjDo xZsFW7F4SEC7S1zq/YRCytVEgyd3+rQz0Wtn55Gea2R7xHdXzAqz5IKcwFQNKQlURUYi etcOVyzf3dTePO5TF4PxT7Wvlw4ytbZImSA48N0Qt/I33/etBAuZlo1ztCIsKnqIDifB czDa9FaN+Phy3s4/fRMhGxjXVm497jPYwJWcao/9WOSLuFChYe90vykEYS7Est1tlwr2 xAlUsggwDwBmLDINS7CsSWFniw1C31W+LLbda+MtguXxl46cRJuWo5FjNn1a7qtsNLKx p77A== X-Gm-Message-State: AOJu0Yx+E2cH3PKX/IE2oo/65+NwxkHxz+5mKy3yxv2U0/PjCb142e1C x0bKXI+dXujC47kvO+N4Adh70Juqyn5crXJ+sqs1QlA4VGa39QPzuUWHU4Tgu+mjkVPLieSlbxI GIW2ExUjEyzEuUVm1AJj2PnSCbhoZ/5pakP4/hKE39ojxZcll6oeYcOrK7wTFYCFcxxmImsScik wtRGxnu0Ox8QdaEZ4RxS6xkT4= X-Google-Smtp-Source: AGHT+IFd02cd4+mhEBrGL9G06htVBY7nFke1Fhf+G5eKfge3JmeTjKERsofCDEYCArQ/kzkItDMwf2BY4Q== X-Received: from fuad.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:1613]) (user=tabba job=sendgmr) by 2002:a05:600c:3490:b0:412:8d52:573c with SMTP id a16-20020a05600c349000b004128d52573cmr6427wmq.5.1708618305241; Thu, 22 Feb 2024 08:11:45 -0800 (PST) Date: Thu, 22 Feb 2024 16:10:44 +0000 In-Reply-To: <20240222161047.402609-1-tabba@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222161047.402609-1-tabba@google.com> X-Mailer: git-send-email 2.44.0.rc1.240.g4c46232300-goog Message-ID: <20240222161047.402609-24-tabba@google.com> Subject: [RFC PATCH v1 23/26] KVM: arm64: Check that host unmaps memory unshared by guest From: Fuad Tabba To: kvm@vger.kernel.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, tabba@google.com After an unshare call from the guest, check that the memory isn't mapped by the host before returning to the guest. If the host has acknowledged the unsharing, by marking the memory as private, but hasn't unmapped it, return an error to the host. On the other hand if the host has not acknowledged the unsharing, then return to the guest with an error, indicating that the unsharing has failed. Signed-off-by: Fuad Tabba --- arch/arm64/kvm/hypercalls.c | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/arch/arm64/kvm/hypercalls.c b/arch/arm64/kvm/hypercalls.c index 56fb4fa70eec..23237ca400ec 100644 --- a/arch/arm64/kvm/hypercalls.c +++ b/arch/arm64/kvm/hypercalls.c @@ -24,8 +24,45 @@ f; \ }) +static int kvm_handle_unshare_return(struct kvm_vcpu *vcpu) +{ + gpa_t gpa = vcpu->run->hypercall.args[0]; + gfn_t gfn = gpa_to_gfn(gpa); + struct kvm *kvm = vcpu->kvm; + + if (!IS_ENABLED(CONFIG_KVM_PRIVATE_MEM)) + return 1; + + if (!kvm_mem_is_private(kvm, gfn)) { + /* Inform the guest that host refused to unshare the memory. */ + vcpu->run->hypercall.ret = SMCCC_RET_INVALID_PARAMETER; + WARN_ON(kvm_vm_set_mem_attributes_kernel(vcpu->kvm, gfn, gfn + 1, 0)); + + return 1; + } + + /* + * Host has acknowledged that the memory has been unshared by marking it + * as private, so check if it still has mapping. If it does, exit back + * to the host to fix it. + * The exit reason should still be preserved. + */ + if (kvm_is_gmem_mapped(kvm, gfn, gfn + 1)) + return -EPERM; + + return 1; +} + int kvm_handle_hypercall_return(struct kvm_vcpu *vcpu) { + if (vcpu->run->hypercall.ret == SMCCC_RET_SUCCESS && + vcpu->run->hypercall.nr == ARM_SMCCC_KVM_FUNC_MEM_UNSHARE) { + int ret = kvm_handle_unshare_return(vcpu); + + if (ret <= 0) + return ret; + } + smccc_set_retval(vcpu, vcpu->run->hypercall.ret, vcpu->run->hypercall.args[0], vcpu->run->hypercall.args[1], From patchwork Thu Feb 22 16:10:45 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 13567581 Received: from mail-wm1-f74.google.com (mail-wm1-f74.google.com [209.85.128.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CCC53157E64 for ; Thu, 22 Feb 2024 16:11:49 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618311; cv=none; b=CGFZsuac3SfyFSZsiWhm11pZ5AA01xRzyRoSCxuC0ZdSAvEz2o477MCbvrT3oxgHTusVHdcVUYITjTQirvGiRzaSAUwjFcgqv3ioUY2idLvRLNSmfIUJN6BtYjvAbN8a8RZbjV2tPZ2e9+PktptweJINbFyPk9GGtY4zp9wQqr0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618311; c=relaxed/simple; bh=YBrnDawp6bZyspGI2hQIDfJydD0jLTVmORqgm+VO2Dc=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=BHN9Lz5NiuatszXEfkJ0Zir1pxNyBViHr0gK9Damw56nI9dvDf72STD0/B90jp4H/C+Yge7JCoHzy4RJSxEFY7DaFCn8c0XalCqmfdd0q2OCH3RrOtUwn1kdv5z0SG6H3L9uobft9BgQDkexLoX8sr6vyizryFPgZRPnpWRkMWE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=MV/lUdyO; arc=none smtp.client-ip=209.85.128.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="MV/lUdyO" Received: by mail-wm1-f74.google.com with SMTP id 5b1f17b1804b1-412565214c3so34802025e9.2 for ; Thu, 22 Feb 2024 08:11:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708618308; x=1709223108; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=5VlGMXUi+EcDrZF93FlIfCnuiGyO6s7T7F5mtKL+TKk=; b=MV/lUdyOTjLV/nFpyDq1M9APodDFXZCdkJBtk+kgSm735gWgPg4UzWXgfa4f5cKzjp EkSrzJU7VbiGP/k+8lUch2H3LAizmYxtmb33tgNhQNjOLzb0F6oNnCJk1mJVKsMklYeW KA6lQWaVjBYN8L5WzRUh02KqDeAO/hE2Knf61K6cJ0idy97jbKDkKVRowvi8llfMbeWI Ipdv+4E2WK78fSKYPBA/bNNx5oay3HT2lOtXhPP2Roo3c3tbT7q5RQPkpn3STyUNctHl PSpeoZ9x3PCkMjXqkAjBC48nAMabkPACBBcbsjSDRfL25PAUZJ/4PEjZSFEIE+McV9tW F9MA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708618308; x=1709223108; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=5VlGMXUi+EcDrZF93FlIfCnuiGyO6s7T7F5mtKL+TKk=; b=OPaEKVFiAeS9RF/sNZ2Flu7T+9QgdwLc4naA1KB0V16MudajzxtMsZMkuIBU/FNXnE nm+OvqFxWeJEa/ELZXp0v1QU1YQmf4NFCefmpiQQwaAlxJ7Yxkh92BqMlo3TGFOjqJwu fYBEavlrA64gZbSF1evwimtVzIFN2YXhv1Nn1QTjKUOnGmU2R9HMQQ8wqs9hYWBJQ2rt zRqVHfgxasRNkgH+al2hTehmxwuQiCuGJ0Sl40jScLiHJj7sNXtOXMFCFLiVXycstYGS aJt8VA6eJ29RDCBew4kgDP6qxkUNTFJAJR7xPv8vbXdF7eOdsvqw73RQBXmfcKeR5bHW jrTA== X-Gm-Message-State: AOJu0YwgOpCNEeSBnO7XEuKsPjKRxlh7IyQUFPqaCkUci436PGjgGgiH JHicI8l9T8U4HW89jQRpElbCi/BUjeNYe+h9CLAP6Ot/JyR8WT+tjUFD6X6fWUk8rPbKoSreiY+ ob94ULL1PQim1kjiDUm7Bxg41QTS7gghqqSu6B5lyxmaK2NZRpZ4vST5cp032NaoodAi3HpdQpj mKlPGA4GFNOOQH8+RJxwukvnY= X-Google-Smtp-Source: AGHT+IEZh2i3xVzr5RH5C6aQFHYNaDDdKkTq/43Sh9IabnzDwlWzdxlyZWTjikkcJwda9jyKXlIPkxXZ7w== X-Received: from fuad.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:1613]) (user=tabba job=sendgmr) by 2002:a05:600c:11:b0:412:5cf8:4d81 with SMTP id g17-20020a05600c001100b004125cf84d81mr157882wmc.1.1708618307680; Thu, 22 Feb 2024 08:11:47 -0800 (PST) Date: Thu, 22 Feb 2024 16:10:45 +0000 In-Reply-To: <20240222161047.402609-1-tabba@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222161047.402609-1-tabba@google.com> X-Mailer: git-send-email 2.44.0.rc1.240.g4c46232300-goog Message-ID: <20240222161047.402609-25-tabba@google.com> Subject: [RFC PATCH v1 24/26] KVM: arm64: Add handlers for kvm_arch_*_set_memory_attributes() From: Fuad Tabba To: kvm@vger.kernel.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, tabba@google.com pKVM doesn't need to do anything specific, but the functions need to be implemented since guestmem expects them. Signed-off-by: Fuad Tabba --- arch/arm64/kvm/mmu.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c index 570b14da16b1..36de5748fb0a 100644 --- a/arch/arm64/kvm/mmu.c +++ b/arch/arm64/kvm/mmu.c @@ -2386,3 +2386,19 @@ void kvm_toggle_cache(struct kvm_vcpu *vcpu, bool was_enabled) trace_kvm_toggle_cache(*vcpu_pc(vcpu), was_enabled, now_enabled); } + +#ifdef CONFIG_KVM_GENERIC_MEMORY_ATTRIBUTES + +bool kvm_arch_pre_set_memory_attributes(struct kvm *kvm, + struct kvm_gfn_range *range) +{ + return false; +} + +bool kvm_arch_post_set_memory_attributes(struct kvm *kvm, + struct kvm_gfn_range *range) +{ + return false; +} + +#endif /* CONFIG_KVM_GENERIC_MEMORY_ATTRIBUTES */ From patchwork Thu Feb 22 16:10:46 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 13567582 Received: from mail-wm1-f73.google.com (mail-wm1-f73.google.com [209.85.128.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 231F0157E72 for ; Thu, 22 Feb 2024 16:11:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618313; cv=none; b=iBzc4dUKH0Y6P5ZqbI+glXGhibhNRHmtZE7tx+3hUZUrr7I0RE4lTk98RxTi3VNYLbCnvR0yR3asb7/IW/PZldlKon3zLUmXbf1J+jS5YxHYeSsCzNI0c4b8bGNjH4n+C4P4QyvdYOq4OuGQFl9qJaYg/NBA3CQFVCyBhL8V6Zw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618313; c=relaxed/simple; bh=TUyoIAvN6Obzks9YjN2BA6l8SNXm7pOIcGDdO7heG78=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=dITprpLUZoxlO6B+7L4gqumLU1QqD9FrXRmxrpx9TgNvrvaebjOFTRDd81OrKXSNGL5Q8pcGyN9iU68rjxRKa+foQL6x9zlp9qO3N6kxpONdizCZ72pXluXZcrewbg+I+jLVmvMEQLSOcLCxriGR5vdUYQ/FCL91Oa/vbbwndvU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=3zpILMvg; arc=none smtp.client-ip=209.85.128.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="3zpILMvg" Received: by mail-wm1-f73.google.com with SMTP id 5b1f17b1804b1-4125670e7d1so4900995e9.1 for ; Thu, 22 Feb 2024 08:11:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708618310; x=1709223110; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=2/q45XBasvpokurDmrqajFJwCgekoEBMYCvgW9GhGQo=; b=3zpILMvgSgMMYiXB5eVXXqnjNoRBS6ECEdN6LnoJ20MYT5+QtvOlQpBW/tjwGUryW3 jfTLs3acLAueDqcyxHqLQ791x62azqHJZC0PzWk3LACdP6bNFkN7oSSLUga8GXaHY2T+ 9AfmfARTW3Oecn/FH5lkUnt5QSX1leSUjNQbAV1PEmDMz+0f8JrLMQ9py19CNxvJnHsO l8+XiMBjyRx9LVR1spuzhs8pXW7k/jAnojHsPKWapYirvpb1HOR3/yJwrg1/qI8NnK0l /45cUDSaZaCAFi+z9n0Qdp0bdLtJSl9Y+CDMGiaU2fl0Ua3xhxske4hXqpdjVUl6cB5Z 73jA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708618310; x=1709223110; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=2/q45XBasvpokurDmrqajFJwCgekoEBMYCvgW9GhGQo=; b=YNKjbpEqih6OBNHAo7FqL5zSCX4fIHHBrSu8C9gn6JGJjgfFyLK7JTbulvjrAca/wI j1Vl4c/b2pz0DhSuTMidQO9711PQtN/7+bINcK19Gb4qSCr6rF2IdHwE7Reg9X6U1vXn hujjFE+07Sn9Bd+BEuH8lmrF+8QJehlv9Jmf0xcroflfRxjeE17A0x3Hc38hW+dZi+Wh XWO712nwE+1hHxYt15vaBzMFfX8gdK/5iE/RJKpDmxj+q0E0Q1Ak7Wu8B0mrZGTMzNEl r0u4BS77WOsfbrQAF/KOqbitFLm+S5grbsG46xQJ68hdskKYiWTbwAYd3Vx+NKFNjRVM UGPQ== X-Gm-Message-State: AOJu0Yzx44bqIovMKYRYa/R8tvxvW2rRGvutmEe2dlx4OAndm/jbuUFQ 8MV80UWYBdYvRRBWtjDYHaCqbu4acfZlKd7KuxVN0zfxQilk/O5HwDgFLK4arGv6XFDlQfoiYML YSM++KPF5/MqB4qgAjO0G8HoxZEkEN4qjRSc7aAFzU9+C1mrWS3gEaRfLj8GOxqgdB6HEOMmEXS GYrEGr0dUmObO7YmhLSsGudUE= X-Google-Smtp-Source: AGHT+IH2AJdryfzgBjtwoYEiaqYJq05TPCfxK/pLtpWJryi75TzpSiXs2AMbdpb+STC1Oqvl/vDFO15AKg== X-Received: from fuad.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:1613]) (user=tabba job=sendgmr) by 2002:a05:600c:a399:b0:412:7677:3e4f with SMTP id hn25-20020a05600ca39900b0041276773e4fmr136786wmb.4.1708618310147; Thu, 22 Feb 2024 08:11:50 -0800 (PST) Date: Thu, 22 Feb 2024 16:10:46 +0000 In-Reply-To: <20240222161047.402609-1-tabba@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222161047.402609-1-tabba@google.com> X-Mailer: git-send-email 2.44.0.rc1.240.g4c46232300-goog Message-ID: <20240222161047.402609-26-tabba@google.com> Subject: [RFC PATCH v1 25/26] KVM: arm64: Enable private memory support when pKVM is enabled From: Fuad Tabba To: kvm@vger.kernel.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, tabba@google.com Mark the support for private memory in arm64 as being dependent on pKVM for now. Signed-off-by: Fuad Tabba --- arch/arm64/include/asm/kvm_host.h | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h index ab61c3ecba0c..437509b5d881 100644 --- a/arch/arm64/include/asm/kvm_host.h +++ b/arch/arm64/include/asm/kvm_host.h @@ -1263,4 +1263,10 @@ static inline void kvm_hyp_reserve(void) { } void kvm_arm_vcpu_power_off(struct kvm_vcpu *vcpu); bool kvm_arm_vcpu_stopped(struct kvm_vcpu *vcpu); +#ifdef CONFIG_KVM_PRIVATE_MEM +#define kvm_arch_has_private_mem(kvm) is_protected_kvm_enabled() +#else +#define kvm_arch_has_private_mem(kvm) false +#endif + #endif /* __ARM64_KVM_HOST_H__ */ From patchwork Thu Feb 22 16:10:47 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 13567583 Received: from mail-yw1-f202.google.com (mail-yw1-f202.google.com [209.85.128.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 446EC157E80 for ; Thu, 22 Feb 2024 16:11:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618314; cv=none; b=p0UTpDaQZBScaZ+o/nZ42psNqnJtkS88HJskwhyLvratqleEs91J+hJUvZY1Aieg8TvhXtadoUOJstJLOH7KHiNl7bvYpI5D4VcNFDTXHQtIDWk/+1mBnNLehpi1ewCXzRQqxipVfaqdklCwqcptoLaOLfSXNb8trVswJ6ABWpI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708618314; c=relaxed/simple; bh=X5CTKYo58HHafOhpr0rnGZtDOO9drroKYxobKreBkos=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=XCOgTsgDzlxuWHijVxxtpxO5O6Cbk5zJZNMiw6in3jQ6JyQ3iZcWetXuLtr9LGEeLZJCi3M2gyExDAWP9q7u7TqgolNen0ceIMbiFNFuPabgXIDKLH+F/V6/ZfosVvgZrGW9Q2tp3HLqjTcmykwFdNkNLToSDRvKiuCH2v8szf4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=4MvuR8OH; arc=none smtp.client-ip=209.85.128.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="4MvuR8OH" Received: by mail-yw1-f202.google.com with SMTP id 00721157ae682-6083fbe9923so37382447b3.1 for ; Thu, 22 Feb 2024 08:11:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708618312; x=1709223112; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=x7q06n6+Cfi5piogEKrJk5NdgWbh3+ffeAar7OiRx3s=; b=4MvuR8OHiYTMZi3QT11Oax3MwbvSrF1xCp73+IYs0Enoa0bJFD7/IaMwiyYVhI8c0Q NdWzM7Rm4IineEkwZfFqLgtakNfK0gGdnDb9yXOBJpyfYxUrzdEyBGNkmDm6GGnv9kzN Oxc9s4UKzQppILIitpGp8H8muider93DD6TGU35co5qAb6hsZ8rUQ7Reaj9NWlFRrfVH 6PPXnCudNUOuH2qMcIpCLO4RLIK1qhfqiKMJQ65u5YDhxxRiaTeHb+TjjucpAfkOieK7 Pjh2F7zPZzvjaL9fNJPATldOvcdGUTo0rL5ns8nAKnbsFQGdQuMFrr2HNruosXeh1PQ/ gGRQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708618312; x=1709223112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=x7q06n6+Cfi5piogEKrJk5NdgWbh3+ffeAar7OiRx3s=; b=r8Z0iFu0QTqpBZlfvRi8diTm0JT35KHOc2Wr1iaMg1jijEqqxXmQYS6ONHa3N4Iooz svT+1JjDCSJvilOjmjyj91aMF6TUrkeC4tbgyHtZz6ExzT2yJ4gBOlu1nWrkhBmNcInv bRyA3aTK027A+P/um4OQHitJmY6MY566049qVMNpOUBTr60U+XMcHcXe4uY+Gfx/E3Qg stXsYQfKCnILexSbKjlbMj63II2qBaZpIv1/1c5cuXSkZSi2xF4kYFDZ64TNiNwT1fdK 5GRWtdTTuvtGERIKEFsfgAy5v7uf+SqfbvfUjtzWOjzYqfz5Sgb8tv0Al1FD2+7ssH2p eg6g== X-Gm-Message-State: AOJu0YztBe6VzQhQWjW3PUR99anbJlD7nAy9N6Nar/RLIYzThW1fDXay 0QInopM0OLlT1UCEbAEYgqo159FNhYanJBlFTZRJLQ1hk2D9XN5fW4zvtZtzxdpvYRbt2q/xliY 0fi49wHB5a+qKAgUVdpJJndltOXjHx/RXz7qeT4j4P4Ro5ZWX8FeW0Q2EbeAS4f8j9jSLpKktg4 KKKmdmS3SQhq2Y/TLyJTzEJkw= X-Google-Smtp-Source: AGHT+IHMwP7mtHKT127TxYqntr8FVuJ7TVNM66KxywWU4Ngx0R+m7wXDu6r4saiVjzNmhTgu/W91QxWrOg== X-Received: from fuad.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:1613]) (user=tabba job=sendgmr) by 2002:a81:f101:0:b0:608:9758:e8b with SMTP id h1-20020a81f101000000b0060897580e8bmr613552ywm.8.1708618312398; Thu, 22 Feb 2024 08:11:52 -0800 (PST) Date: Thu, 22 Feb 2024 16:10:47 +0000 In-Reply-To: <20240222161047.402609-1-tabba@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222161047.402609-1-tabba@google.com> X-Mailer: git-send-email 2.44.0.rc1.240.g4c46232300-goog Message-ID: <20240222161047.402609-27-tabba@google.com> Subject: [RFC PATCH v1 26/26] KVM: arm64: Enable private memory kconfig for arm64 From: Fuad Tabba To: kvm@vger.kernel.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, tabba@google.com Now that the infrastructure is in place for arm64 to support guest private memory, enable it in the arm64 kernel configuration. Signed-off-by: Fuad Tabba --- arch/arm64/kvm/Kconfig | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arch/arm64/kvm/Kconfig b/arch/arm64/kvm/Kconfig index 6c3c8ca73e7f..559eb9d34447 100644 --- a/arch/arm64/kvm/Kconfig +++ b/arch/arm64/kvm/Kconfig @@ -40,6 +40,8 @@ menuconfig KVM select SCHED_INFO select GUEST_PERF_EVENTS if PERF_EVENTS select XARRAY_MULTI + select KVM_GENERIC_PRIVATE_MEM + select KVM_GENERIC_PRIVATE_MEM_MAPPABLE help Support hosting virtualized guest machines.