From patchwork Mon Jun 10 06:32:30 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Pierre-Cl=C3=A9ment_Tosi?= <ptosi@google.com>
X-Patchwork-Id: 13691549
Received: from mail-ed1-f74.google.com (mail-ed1-f74.google.com
 [209.85.208.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4B3F6628
	for <kvm@vger.kernel.org>; Mon, 10 Jun 2024 06:33:04 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.208.74
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1718001186; cv=none;
 b=cI88cP2FEaMS53pD4YmgBCLSYO2sRqXQ8HiDSI8OXPo0P22iaaFDanw3KDnnt0fU81OkEzI8UvrGH95g0TXeuj94QyZNFtcOJ3rYZ+IHa0yZrk/kjaMLioZp5DFGwGNJVstR0iGJ5o5yb9n1bSJd4Trs6TX2gvvbAHaxgqNwMmo=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1718001186; c=relaxed/simple;
	bh=fRjCyI9bRufIUMeN4x96BlXHMWr+J+M8VHu0nXbseqM=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=HVb6LkHb5Ujnm4Dsn2x0yzKlEGOrZCkYxXEOo7z53bix8oKpPlZdX7U2sIkNFRBQz9vQnMM9Wzgr6ebYKgHLD1pfVnvAnPSMpmQrjvadZzdI2oWliyZmxwTEwnpe7AFc+NzVhRJl+NyykKs8jOcJY5sdmQL9cUbp9doMMyRaSsY=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--ptosi.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=EY5l9LF6; arc=none smtp.client-ip=209.85.208.74
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--ptosi.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="EY5l9LF6"
Received: by mail-ed1-f74.google.com with SMTP id
 4fb4d7f45d1cf-57c8b34a26eso139819a12.2
        for <kvm@vger.kernel.org>; Sun, 09 Jun 2024 23:33:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1718001183; x=1718605983;
 darn=vger.kernel.org;
        h=content-transfer-encoding:cc:to:from:subject:message-id:references
         :mime-version:in-reply-to:date:from:to:cc:subject:date:message-id
         :reply-to;
        bh=8wJ+K/s8pldv3mPcUFi7Dy0d1N3gzIgovkmOrPee3kY=;
        b=EY5l9LF6mQkbNhN5OBfqFkZLb3HQb8plywNWRCPaXIim0Bh6aXP0iTr3GhNOy34bsX
         63vtxczgVW9KYRsqGgMJ3E1TEKS7Nw0wyee6PTlrPH+c/cJonJhHi+IsefnwWOR6MxPs
         +Ljgl4pfmALnM1C/D4xGH92yP3GS14YMTYSh4wgtM7l66t0R2IExorGKJbynYcuIEtaT
         B5PouHUvi6euFG3j9lgIUO7VViXS5Vy/A38EHXrxHbp9hrMP6Tu19++jCgZABtMx7+A3
         Vv2Fi7ixujrzALez+TvAQHyNUmBkzm8SMv+vHvayo+gg2KVmBYlWsefqqRsWDSKH7aZ/
         +ROQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1718001183; x=1718605983;
        h=content-transfer-encoding:cc:to:from:subject:message-id:references
         :mime-version:in-reply-to:date:x-gm-message-state:from:to:cc:subject
         :date:message-id:reply-to;
        bh=8wJ+K/s8pldv3mPcUFi7Dy0d1N3gzIgovkmOrPee3kY=;
        b=B12Dr6vocEL+rdA1ZaJbuUgw33BQYJuMeBKRU4Dcx7fYz0X1vf5lu9KXsff2OrlSMG
         EaPkP5fZ4lciBQLyzghIiJO45zv1rYLsBhDfjk+1TOLcTk8s4xLgm8yWShcV4sZetJU8
         ojQ0Z+ldZRmBhI0u3h/Q4+BFJswjqQuaeDDI3cVqXuIQQ5zwl7qZ/Ap6tJ4R0R/dHotn
         oeQQ2xPXng+ygbdz+72ge0h2p0HBFANZEHY2BsWZZhkHCJKtKay12/rcB+tgSASWNUt/
         MXErHmX5kuvMhdoeDNHEeNqDgz5P1aS66cy1aM4o21NjVMSRKpnRQQNVHYqMnbKZzTM1
         JEzQ==
X-Forwarded-Encrypted: i=1;
 AJvYcCVVCWMzA5SDa6OkSjE3kXC+wHSONV87mF1EJrtQ3zkirmcPHlvrM/TjmuCtUvsZ3IXzEMVO8jle6B6tPFDza2IcgTmo
X-Gm-Message-State: AOJu0YxghjoPaHPQdImLtokn5P/vG/suZw+VOFGrkLMevkK/XSsuq6Rz
	lv5RGi5DhvbSeD1Kv04atWPcu1gagmxKJBX1H7VhGZ9vtNFfu+RBlP2GhirRwm13s75JdxYIrQ=
	=
X-Google-Smtp-Source: 
 AGHT+IEt+XJnlwohw8pCOFCo0DTh/XkUfS0YwTVHFYUDIMIHKXdAj4Km447qJlXZ8VPvMtPu9o1Olk8caQ==
X-Received: from ptosi.c.googlers.com ([fda3:e722:ac3:cc00:31:98fb:c0a8:11ec])
 (user=ptosi job=sendgmr) by 2002:a05:6402:370b:b0:57c:7f32:3107 with SMTP id
 4fb4d7f45d1cf-57c7f32323amr3722a12.1.1718001183379; Sun, 09 Jun 2024 23:33:03
 -0700 (PDT)
Date: Mon, 10 Jun 2024 07:32:30 +0100
In-Reply-To: <20240610063244.2828978-1-ptosi@google.com>
Precedence: bulk
X-Mailing-List: kvm@vger.kernel.org
List-Id: <kvm.vger.kernel.org>
List-Subscribe: <mailto:kvm+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:kvm+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20240610063244.2828978-1-ptosi@google.com>
X-Mailer: git-send-email 2.45.2.505.gda0bf45e8d-goog
Message-ID: <20240610063244.2828978-2-ptosi@google.com>
Subject: [PATCH v5 1/8] KVM: arm64: Fix clobbered ELR in sync abort/SError
From: " =?utf-8?q?Pierre-Cl=C3=A9ment_Tosi?= " <ptosi@google.com>
To: kvmarm@lists.linux.dev, linux-arm-kernel@lists.infradead.org,
	kvm@vger.kernel.org
Cc: " =?utf-8?q?Pierre-Cl=C3=A9ment_Tosi?= " <ptosi@google.com>,
 Will Deacon <will@kernel.org>, Marc Zyngier <maz@kernel.org>,
  Oliver Upton <oliver.upton@linux.dev>,
 Suzuki K Poulose <suzuki.poulose@arm.com>,
  Vincent Donnefort <vdonnefort@google.com>

When the hypervisor receives a SError or synchronous exception (EL2h)
while running with the __kvm_hyp_vector and if ELR_EL2 doesn't point to
an extable entry, it panics indirectly by overwriting ELR with the
address of a panic handler in order for the asm routine it returns to to
ERET into the handler.

However, this clobbers ELR_EL2 for the handler itself. As a result,
hyp_panic(), when retrieving what it believes to be the PC where the
exception happened, actually ends up reading the address of the panic
handler that called it! This results in an erroneous and confusing panic
message where the source of any synchronous exception (e.g. BUG() or
kCFI) appears to be __guest_exit_panic, making it hard to locate the
actual BRK instruction.

Therefore, store the original ELR_EL2 in the per-CPU kvm_hyp_ctxt and
point the sysreg to a routine that first restores it to its previous
value before running __guest_exit_panic.

Fixes: 7db21530479f ("KVM: arm64: Restore hyp when panicking in guest context")
Signed-off-by: Pierre-Clément Tosi <ptosi@google.com>
Acked-by: Will Deacon <will@kernel.org>
---
 arch/arm64/kernel/asm-offsets.c         | 1 +
 arch/arm64/kvm/hyp/entry.S              | 8 ++++++++
 arch/arm64/kvm/hyp/include/hyp/switch.h | 5 +++--
 3 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/arch/arm64/kernel/asm-offsets.c b/arch/arm64/kernel/asm-offsets.c
index 81496083c041..27de1dddb0ab 100644
--- a/arch/arm64/kernel/asm-offsets.c
+++ b/arch/arm64/kernel/asm-offsets.c
@@ -128,6 +128,7 @@ int main(void)
   DEFINE(VCPU_FAULT_DISR,	offsetof(struct kvm_vcpu, arch.fault.disr_el1));
   DEFINE(VCPU_HCR_EL2,		offsetof(struct kvm_vcpu, arch.hcr_el2));
   DEFINE(CPU_USER_PT_REGS,	offsetof(struct kvm_cpu_context, regs));
+  DEFINE(CPU_ELR_EL2,		offsetof(struct kvm_cpu_context, sys_regs[ELR_EL2]));
   DEFINE(CPU_RGSR_EL1,		offsetof(struct kvm_cpu_context, sys_regs[RGSR_EL1]));
   DEFINE(CPU_GCR_EL1,		offsetof(struct kvm_cpu_context, sys_regs[GCR_EL1]));
   DEFINE(CPU_APIAKEYLO_EL1,	offsetof(struct kvm_cpu_context, sys_regs[APIAKEYLO_EL1]));
diff --git a/arch/arm64/kvm/hyp/entry.S b/arch/arm64/kvm/hyp/entry.S
index f3aa7738b477..4433a234aa9b 100644
--- a/arch/arm64/kvm/hyp/entry.S
+++ b/arch/arm64/kvm/hyp/entry.S
@@ -83,6 +83,14 @@ alternative_else_nop_endif
 	eret
 	sb
 
+SYM_INNER_LABEL(__guest_exit_restore_elr_and_panic, SYM_L_GLOBAL)
+	// x2-x29,lr: vcpu regs
+	// vcpu x0-x1 on the stack
+
+	adr_this_cpu x0, kvm_hyp_ctxt, x1
+	ldr	x0, [x0, #CPU_ELR_EL2]
+	msr	elr_el2, x0
+
 SYM_INNER_LABEL(__guest_exit_panic, SYM_L_GLOBAL)
 	// x2-x29,lr: vcpu regs
 	// vcpu x0-x1 on the stack
diff --git a/arch/arm64/kvm/hyp/include/hyp/switch.h b/arch/arm64/kvm/hyp/include/hyp/switch.h
index a92566f36022..ed9a63f1f7bf 100644
--- a/arch/arm64/kvm/hyp/include/hyp/switch.h
+++ b/arch/arm64/kvm/hyp/include/hyp/switch.h
@@ -689,7 +689,7 @@ static inline bool fixup_guest_exit(struct kvm_vcpu *vcpu, u64 *exit_code)
 
 static inline void __kvm_unexpected_el2_exception(void)
 {
-	extern char __guest_exit_panic[];
+	extern char __guest_exit_restore_elr_and_panic[];
 	unsigned long addr, fixup;
 	struct kvm_exception_table_entry *entry, *end;
 	unsigned long elr_el2 = read_sysreg(elr_el2);
@@ -711,7 +711,8 @@ static inline void __kvm_unexpected_el2_exception(void)
 	}
 
 	/* Trigger a panic after restoring the hyp context. */
-	write_sysreg(__guest_exit_panic, elr_el2);
+	this_cpu_ptr(&kvm_hyp_ctxt)->sys_regs[ELR_EL2] = elr_el2;
+	write_sysreg(__guest_exit_restore_elr_and_panic, elr_el2);
 }
 
 #endif /* __ARM64_KVM_HYP_SWITCH_H__ */

From patchwork Mon Jun 10 06:32:31 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Pierre-Cl=C3=A9ment_Tosi?= <ptosi@google.com>
X-Patchwork-Id: 13691550
Received: from mail-yw1-f201.google.com (mail-yw1-f201.google.com
 [209.85.128.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id DF2241C683
	for <kvm@vger.kernel.org>; Mon, 10 Jun 2024 06:33:06 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.128.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1718001188; cv=none;
 b=RLE3zhHcHozVT8sHuQremKTjVgXmgBoMLlB/XYrkcLOD20sPD4gyTOq1P83NYjatP0kZT9lrApojA1HRL6xiSFKFysGXpKWskMmUC61H++slOGKWA/qqFExEXjf5sGtbXw3p77U/IM6yH6b71O0hyOyRSialRbMFWsVW01jiZmE=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1718001188; c=relaxed/simple;
	bh=qt+pTMWO2R3fLlL4+WTmu4miWiSr41X+81Bu/pRbJ7Y=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=ZY/v1CfbsVWHAqIEQd25Z38BjexIGLu96ihxMYMqyPqZ4VNAxb2l3+U4ndmUo8zYnk7alGMr3KJK2l0jlmHEjk99HWQ/pjS7caupChdTO/ZikJlfWGGhteOrkGig1KDGR9kte1jN3sI+8/J7Oty+MK99rca1c945YV4STYvIE24=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--ptosi.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=AKisElPO; arc=none smtp.client-ip=209.85.128.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--ptosi.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="AKisElPO"
Received: by mail-yw1-f201.google.com with SMTP id
 00721157ae682-62ca03fc1ceso74833647b3.1
        for <kvm@vger.kernel.org>; Sun, 09 Jun 2024 23:33:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1718001186; x=1718605986;
 darn=vger.kernel.org;
        h=content-transfer-encoding:cc:to:from:subject:message-id:references
         :mime-version:in-reply-to:date:from:to:cc:subject:date:message-id
         :reply-to;
        bh=Ev2HO0qDfqZpObOP/EpmEGn4LzOsyqIcz+fCTzlf7nU=;
        b=AKisElPOCCBVpwgWK8uDURJrNOb3M0tShi1Vvie7W5Ee3pWrEuVktXCpEm3rMNSXOv
         sPu/TUvxvGPZkrtuUfnRhGhtAWeFkg873SX4NDOw3AXelaRlDACmAtyoVC+oBzTCHdvy
         CcqtHQ31f9mcoVmAM1CwWySdgjHhOMVG3vmZx+xJF9QoQuNiagMIJ3SIa9PA/BQIpijm
         1MN3h5+2HJOFiefzlVQlRf5ew5Tir2ixbr4SSTpRh41/DmaI0Qr3gP1HLI9iK9a8qyN7
         XEtVkWZ9l/v7rEYsywmr8Oqw2HvMzszZtqkWt/VnLb3m5jgXbBIofQdGJbxIIUHcHjRw
         uJew==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1718001186; x=1718605986;
        h=content-transfer-encoding:cc:to:from:subject:message-id:references
         :mime-version:in-reply-to:date:x-gm-message-state:from:to:cc:subject
         :date:message-id:reply-to;
        bh=Ev2HO0qDfqZpObOP/EpmEGn4LzOsyqIcz+fCTzlf7nU=;
        b=Ep44goX9oNv7Mvf4Q2nVodrL1Pn4SHeyeVg6BahoLnhB4XgstdDHPwXmXl5PztjRYu
         EmQ5Y9TSM0DnV81+pFMos+HljXTzCrfTS98CK4eXFKM8xjZgUoOFpskZBguZTYmtJTGX
         tiE307TAZ3beWMS1WWzWxKSepvTJG95g08ckqBow9dmn66alx7OaVDgdZZLdPRzaNSCi
         j6dfPOAQqpxMTaj+Sc9p2moQNUGY3IDYgjBYx0WPsTU17J3BO2zk4s0wW1JrmtKz+35N
         lbNZphTH7+V/dh6PIVjZfCcxQJswBtQ5BKGFnlgBvc0Q2LhNL6jZVgho+VEs3pH7dFNd
         d5/w==
X-Forwarded-Encrypted: i=1;
 AJvYcCX9TMrwlR4ECkoKvBxtv3G7DupihuWKvjNTfu0DpYbNmPIVe1+NEZnSbKtlkEeJ8yORrrFKvBS8Sg3WsBXhg7LCGf0H
X-Gm-Message-State: AOJu0Yyv1/s14y23Tofsmpqj9DgRa28QCCDIlTvVJPxaeyz77ptI7qBD
	XLamWvIR/j18XodIlq1MB59WMI0o75ZauV91wA2l/ZEAVhKDVEHb1b9H8+wK9uWbmnMW11smSQ=
	=
X-Google-Smtp-Source: 
 AGHT+IEwLr9O/yeoTB9Cb8xFfViewwFIQ4AayrMhr4eyJthDmUi3ELBBv/heAruNMSP2LyWXM5aKCg7P4Q==
X-Received: from ptosi.c.googlers.com ([fda3:e722:ac3:cc00:31:98fb:c0a8:11ec])
 (user=ptosi job=sendgmr) by 2002:a05:690c:640d:b0:62c:f7e2:fc4e with SMTP id
 00721157ae682-62cf7e3002dmr13313137b3.2.1718001185803; Sun, 09 Jun 2024
 23:33:05 -0700 (PDT)
Date: Mon, 10 Jun 2024 07:32:31 +0100
In-Reply-To: <20240610063244.2828978-1-ptosi@google.com>
Precedence: bulk
X-Mailing-List: kvm@vger.kernel.org
List-Id: <kvm.vger.kernel.org>
List-Subscribe: <mailto:kvm+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:kvm+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20240610063244.2828978-1-ptosi@google.com>
X-Mailer: git-send-email 2.45.2.505.gda0bf45e8d-goog
Message-ID: <20240610063244.2828978-3-ptosi@google.com>
Subject: [PATCH v5 2/8] KVM: arm64: Fix __pkvm_init_switch_pgd call ABI
From: " =?utf-8?q?Pierre-Cl=C3=A9ment_Tosi?= " <ptosi@google.com>
To: kvmarm@lists.linux.dev, linux-arm-kernel@lists.infradead.org,
	kvm@vger.kernel.org
Cc: " =?utf-8?q?Pierre-Cl=C3=A9ment_Tosi?= " <ptosi@google.com>,
 Will Deacon <will@kernel.org>, Marc Zyngier <maz@kernel.org>,
  Oliver Upton <oliver.upton@linux.dev>,
 Suzuki K Poulose <suzuki.poulose@arm.com>,
  Vincent Donnefort <vdonnefort@google.com>

Fix the mismatch between the (incorrect) C signature, C call site, and
asm implementation by aligning all three on an API passing the
parameters (pgd and SP) separately, instead of as a bundled struct.

Remove the now unnecessary memory accesses while the MMU is off from the
asm, which simplifies the C caller (as it does not need to convert a VA
struct pointer to PA) and makes the code slightly more robust by
offsetting the struct fields from C and properly expressing the call to
the C compiler (e.g. type checker and kCFI).

Fixes: f320bc742bc2 ("KVM: arm64: Prepare the creation of s1 mappings at EL2")
Signed-off-by: Pierre-Clément Tosi <ptosi@google.com>
Acked-by: Will Deacon <will@kernel.org>
---
 arch/arm64/include/asm/kvm_hyp.h   |  4 ++--
 arch/arm64/kvm/hyp/nvhe/hyp-init.S | 24 +++++++++++++-----------
 arch/arm64/kvm/hyp/nvhe/setup.c    |  4 ++--
 3 files changed, 17 insertions(+), 15 deletions(-)

diff --git a/arch/arm64/include/asm/kvm_hyp.h b/arch/arm64/include/asm/kvm_hyp.h
index 3e80464f8953..181e10e2575b 100644
--- a/arch/arm64/include/asm/kvm_hyp.h
+++ b/arch/arm64/include/asm/kvm_hyp.h
@@ -123,8 +123,8 @@ void __noreturn __hyp_do_panic(struct kvm_cpu_context *host_ctxt, u64 spsr,
 #endif
 
 #ifdef __KVM_NVHE_HYPERVISOR__
-void __pkvm_init_switch_pgd(phys_addr_t phys, unsigned long size,
-			    phys_addr_t pgd, void *sp, void *cont_fn);
+void __pkvm_init_switch_pgd(phys_addr_t pgd, unsigned long sp,
+		void (*fn)(void));
 int __pkvm_init(phys_addr_t phys, unsigned long size, unsigned long nr_cpus,
 		unsigned long *per_cpu_base, u32 hyp_va_bits);
 void __noreturn __host_enter(struct kvm_cpu_context *host_ctxt);
diff --git a/arch/arm64/kvm/hyp/nvhe/hyp-init.S b/arch/arm64/kvm/hyp/nvhe/hyp-init.S
index 2994878d68ea..3a2836a52e85 100644
--- a/arch/arm64/kvm/hyp/nvhe/hyp-init.S
+++ b/arch/arm64/kvm/hyp/nvhe/hyp-init.S
@@ -265,33 +265,35 @@ alternative_else_nop_endif
 
 SYM_CODE_END(__kvm_handle_stub_hvc)
 
+/*
+ * void __pkvm_init_switch_pgd(phys_addr_t pgd, unsigned long sp,
+ *                             void (*fn)(void));
+ */
 SYM_FUNC_START(__pkvm_init_switch_pgd)
 	/* Turn the MMU off */
 	pre_disable_mmu_workaround
-	mrs	x2, sctlr_el2
-	bic	x3, x2, #SCTLR_ELx_M
-	msr	sctlr_el2, x3
+	mrs	x3, sctlr_el2
+	bic	x4, x3, #SCTLR_ELx_M
+	msr	sctlr_el2, x4
 	isb
 
 	tlbi	alle2
 
 	/* Install the new pgtables */
-	ldr	x3, [x0, #NVHE_INIT_PGD_PA]
-	phys_to_ttbr x4, x3
+	phys_to_ttbr x5, x0
 alternative_if ARM64_HAS_CNP
-	orr	x4, x4, #TTBR_CNP_BIT
+	orr	x5, x5, #TTBR_CNP_BIT
 alternative_else_nop_endif
-	msr	ttbr0_el2, x4
+	msr	ttbr0_el2, x5
 
 	/* Set the new stack pointer */
-	ldr	x0, [x0, #NVHE_INIT_STACK_HYP_VA]
-	mov	sp, x0
+	mov	sp, x1
 
 	/* And turn the MMU back on! */
 	dsb	nsh
 	isb
-	set_sctlr_el2	x2
-	ret	x1
+	set_sctlr_el2	x3
+	ret	x2
 SYM_FUNC_END(__pkvm_init_switch_pgd)
 
 	.popsection
diff --git a/arch/arm64/kvm/hyp/nvhe/setup.c b/arch/arm64/kvm/hyp/nvhe/setup.c
index 859f22f754d3..598f688b678f 100644
--- a/arch/arm64/kvm/hyp/nvhe/setup.c
+++ b/arch/arm64/kvm/hyp/nvhe/setup.c
@@ -316,7 +316,7 @@ int __pkvm_init(phys_addr_t phys, unsigned long size, unsigned long nr_cpus,
 {
 	struct kvm_nvhe_init_params *params;
 	void *virt = hyp_phys_to_virt(phys);
-	void (*fn)(phys_addr_t params_pa, void *finalize_fn_va);
+	typeof(__pkvm_init_switch_pgd) *fn;
 	int ret;
 
 	BUG_ON(kvm_check_pvm_sysreg_table());
@@ -340,7 +340,7 @@ int __pkvm_init(phys_addr_t phys, unsigned long size, unsigned long nr_cpus,
 	/* Jump in the idmap page to switch to the new page-tables */
 	params = this_cpu_ptr(&kvm_init_params);
 	fn = (typeof(fn))__hyp_pa(__pkvm_init_switch_pgd);
-	fn(__hyp_pa(params), __pkvm_init_finalise);
+	fn(params->pgd_pa, params->stack_hyp_va, __pkvm_init_finalise);
 
 	unreachable();
 }

From patchwork Mon Jun 10 06:32:32 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Pierre-Cl=C3=A9ment_Tosi?= <ptosi@google.com>
X-Patchwork-Id: 13691551
Received: from mail-yb1-f201.google.com (mail-yb1-f201.google.com
 [209.85.219.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0CA54200C7
	for <kvm@vger.kernel.org>; Mon, 10 Jun 2024 06:33:08 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.219.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1718001190; cv=none;
 b=CJKurXGem8NREKDSrLXbuGhRsj2o8DrRLvL0HIoIC3uMlr6w89DH9OjuCfnCKX4JWfvi3P0omsFANcIMsYwWGpAdnNf2bBmd3TsxSv62c5Mq8NOHoTRBcPSGWumztP7Ilm1ekOSbWH8cdx8p2r1yi59X1xL0/PVr+WDN2bo9XzQ=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1718001190; c=relaxed/simple;
	bh=4sBy4q9o+2XAwUMDPYKyMJ3gbWzk4GYah5sqC1TOQ/c=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=k7lRfBd2R4sGzc+eexyJHJROtmkMnbVu2rU3UmU2ugDI0qLU7d7yH85fZ7vvv1REKPP3iQr/K4anTn/6uS4+gRoir9cJ4L+EipjDS538iKc+vNLjnslri2j6bMc7YHUSmd55anPZOrzqGvSBPzdscSy16XRvZamzq1GzzFmXod8=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--ptosi.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=4P5KDlEO; arc=none smtp.client-ip=209.85.219.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--ptosi.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="4P5KDlEO"
Received: by mail-yb1-f201.google.com with SMTP id
 3f1490d57ef6-dfb0acdf0c6so3815494276.3
        for <kvm@vger.kernel.org>; Sun, 09 Jun 2024 23:33:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1718001188; x=1718605988;
 darn=vger.kernel.org;
        h=content-transfer-encoding:cc:to:from:subject:message-id:references
         :mime-version:in-reply-to:date:from:to:cc:subject:date:message-id
         :reply-to;
        bh=FAg4zwCV0ETMYk7uJAuzLLD4Wj6HS+UWIuwSFsyOCeM=;
        b=4P5KDlEOtBhnk0MWsHkv64l6GlsgWsGxGk9Kf92a68Ze2O33lFG7CVe1LcAKOqYJFI
         5K7CI0lp/IVPhPyzLvdraHEJ4BwRGME3KecvDdDE0nSTJSZdH4YPg2ZF4rrL9jcmyez8
         +SDtzQpIpiJ+sorhVZzGD+PUnfVXJmtQhlOW4buqdojGj8Z8qrGYxbbZgFHZF8nmOHBv
         D8GmuJDxLn/6GYtHTq81Z0RaLMI455hHl8OBdRt3nWAmCZzZrZSlm0dYBkzcgIWqn+bq
         zGCyY4cyEa1lgvKWLdpaitBGQamg1XZkKwOkac40JATfXXAkgi+3scxRG+IKrQfVtF3k
         aZWw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1718001188; x=1718605988;
        h=content-transfer-encoding:cc:to:from:subject:message-id:references
         :mime-version:in-reply-to:date:x-gm-message-state:from:to:cc:subject
         :date:message-id:reply-to;
        bh=FAg4zwCV0ETMYk7uJAuzLLD4Wj6HS+UWIuwSFsyOCeM=;
        b=UWJXMeNuDNWHbMAwRsZhgMiXPDQmadva1J27kHvnFQLcbrRzMDVpkXT2loKgAH3xer
         dfEXjGfCwgpCalG+XNUfWXYAnwkgfj0am7CqQtkCOttaLnVaATdOWfTRyISW8b2k4xVZ
         O/eBrCGarSsjfttGk4LyfEppEyqZRa1NEpubXPgD5WSGQwXHdX86HS5P8c0hIy4fypmY
         fw2NHFwuWBQsU0dsPlrNcIjnXZNtA3FCiDdklyuEWed4YUpc/+yG9JtxprTMmSR5l9EP
         wRjshKeQ9qfUoL3get5d2PNDvdGsDIpYuBnSc/RQuvz5Qmtocor6F6MWSbtoOUmEXUIf
         3Tsg==
X-Forwarded-Encrypted: i=1;
 AJvYcCV5cGD3CG4uFbAP//XX3PUJXeqLu1iVvl65O699X4hhFiVPTVAAajPGSpFbFUnS2AN0BZSH+4ufm0W3qm1J3MZeem+l
X-Gm-Message-State: AOJu0YxrymxuQPAiMR+QiOzK34UYl4Erca2BkYib0Ms4nnON/nfRNNB+
	K7Jqly+hVP/dXgVMYLW0q6ko3Lus/YgrWWaMLTaHegG7x5cqfNeNlAnUwTRz3soSVUiqP327bg=
	=
X-Google-Smtp-Source: 
 AGHT+IFreq9wyxrRYtilc13+BKJ6v9CVdYWcuPyBidJggSdMr5wZPl1j8+ICTd1AZf0bVymxH29Mv4wpGg==
X-Received: from ptosi.c.googlers.com ([fda3:e722:ac3:cc00:31:98fb:c0a8:11ec])
 (user=ptosi job=sendgmr) by 2002:a05:6902:20c5:b0:df7:b717:10c2 with SMTP id
 3f1490d57ef6-dfaf6524ed6mr2518522276.2.1718001188121; Sun, 09 Jun 2024
 23:33:08 -0700 (PDT)
Date: Mon, 10 Jun 2024 07:32:32 +0100
In-Reply-To: <20240610063244.2828978-1-ptosi@google.com>
Precedence: bulk
X-Mailing-List: kvm@vger.kernel.org
List-Id: <kvm.vger.kernel.org>
List-Subscribe: <mailto:kvm+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:kvm+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20240610063244.2828978-1-ptosi@google.com>
X-Mailer: git-send-email 2.45.2.505.gda0bf45e8d-goog
Message-ID: <20240610063244.2828978-4-ptosi@google.com>
Subject: [PATCH v5 3/8] KVM: arm64: nVHE: Simplify invalid_host_el2_vect
From: " =?utf-8?q?Pierre-Cl=C3=A9ment_Tosi?= " <ptosi@google.com>
To: kvmarm@lists.linux.dev, linux-arm-kernel@lists.infradead.org,
	kvm@vger.kernel.org
Cc: " =?utf-8?q?Pierre-Cl=C3=A9ment_Tosi?= " <ptosi@google.com>,
 Will Deacon <will@kernel.org>, Marc Zyngier <maz@kernel.org>,
  Oliver Upton <oliver.upton@linux.dev>,
 Suzuki K Poulose <suzuki.poulose@arm.com>,
  Vincent Donnefort <vdonnefort@google.com>

The invalid_host_el2_vect macro is used by EL2{t,h} handlers in nVHE
*host* context, which should never run with a guest context loaded.
Therefore, remove the superfluous vCPU context check and branch
unconditionally to hyp_panic.

Signed-off-by: Pierre-Clément Tosi <ptosi@google.com>
Acked-by: Will Deacon <will@kernel.org>
---
 arch/arm64/kvm/hyp/nvhe/host.S | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/arch/arm64/kvm/hyp/nvhe/host.S b/arch/arm64/kvm/hyp/nvhe/host.S
index 135cfb294ee5..3d610fc51f4d 100644
--- a/arch/arm64/kvm/hyp/nvhe/host.S
+++ b/arch/arm64/kvm/hyp/nvhe/host.S
@@ -197,12 +197,6 @@ SYM_FUNC_END(__host_hvc)
 	sub	x0, sp, x0			// x0'' = sp' - x0' = (sp + x0) - sp = x0
 	sub	sp, sp, x0			// sp'' = sp' - x0 = (sp + x0) - x0 = sp
 
-	/* If a guest is loaded, panic out of it. */
-	stp	x0, x1, [sp, #-16]!
-	get_loaded_vcpu x0, x1
-	cbnz	x0, __guest_exit_panic
-	add	sp, sp, #16
-
 	/*
 	 * The panic may not be clean if the exception is taken before the host
 	 * context has been saved by __host_exit or after the hyp context has

From patchwork Mon Jun 10 06:32:33 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Pierre-Cl=C3=A9ment_Tosi?= <ptosi@google.com>
X-Patchwork-Id: 13691552
Received: from mail-ej1-f74.google.com (mail-ej1-f74.google.com
 [209.85.218.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8F57A10A22
	for <kvm@vger.kernel.org>; Mon, 10 Jun 2024 06:33:12 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.218.74
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1718001194; cv=none;
 b=FOCxCFa04EPTE/MKSn3Gn6IH4U7q1qxlpFk5ZWtrap6thTm6w7crAS5w95YgIJKNBxs9QPA3VzjaKkGeal452xeBA/A64T9u6STpqeyfLiq2UoxyZqBg2HY558uORVaOxA+N4pCU7GhluUjY9ztvvw5Eh/pVQ3Lipxvqih32US0=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1718001194; c=relaxed/simple;
	bh=gHt8zqUvDCjK16BTv1X5Tnkv3fxtChncwef6D10cFcA=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=NHeTm0mlHnoj4hujLH1AnmROcuykKygXNaY96P5y+WN8mRu8i3HwofmsHmmoUU7bgzHFR3Q5UPnfEcSYJeuC2NIinBuPu6V7DiLcPdJOY/hTdX24XTtMh2kFQPAglkX9BEYAxhypol4XSybD9bSrAgbzXGGDKJHdGw9vxtL2Rng=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--ptosi.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=bfJ1hRhg; arc=none smtp.client-ip=209.85.218.74
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--ptosi.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="bfJ1hRhg"
Received: by mail-ej1-f74.google.com with SMTP id
 a640c23a62f3a-a6f1e2404ecso35752766b.3
        for <kvm@vger.kernel.org>; Sun, 09 Jun 2024 23:33:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1718001191; x=1718605991;
 darn=vger.kernel.org;
        h=content-transfer-encoding:cc:to:from:subject:message-id:references
         :mime-version:in-reply-to:date:from:to:cc:subject:date:message-id
         :reply-to;
        bh=z0udD/PdRvQwx4wKxPuf11kZ4dOxHkqKwOOLvcn5nZA=;
        b=bfJ1hRhgiESgLCusZ8JBJC3ces8P9x+3B1VJ7e/IJt+KM5iPimW7rsyrD8UGDC4un7
         lslZPuzuG8BeUhuyOsO1PsAiNV0lnSFqKbtXdTV9HRJfOaxPjEvWKWombhRzyh9m0DZo
         ytbo7+YAGmTDxbZ6BKUvJVFSMFf0Ak1YqY8TT6HUlN0tlY7qsVUCSMt6AkCGDQDl/0Rb
         RZf/IRAIfO6p1eRl+KwgVAcyAqPjQXPRbJadb1n2gM6Y8ByJkhpFH1EQ/2MHYlUp64ZG
         li9BI+qVM4DvEt6LfzpPG1p/GfjLcmAsnJE7fwZgejDTZbQ0/NjdDng2hugfZOtaXpkJ
         Vq1Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1718001191; x=1718605991;
        h=content-transfer-encoding:cc:to:from:subject:message-id:references
         :mime-version:in-reply-to:date:x-gm-message-state:from:to:cc:subject
         :date:message-id:reply-to;
        bh=z0udD/PdRvQwx4wKxPuf11kZ4dOxHkqKwOOLvcn5nZA=;
        b=QqsLO7gnvwmTMIZTAPHAb4dUAN/Y7+5W5LAXvh3sfnr2rQjObdPecxi2cRESz9fnh4
         F1Ja70u/l+VJE0Lln2hMf1nLJKldw035VdeemVZ3zQw1AnSX1NVICUIEddC04POjzCQ9
         hZUN1TLoyo/h0WIDRaUXA9rpVuBL+F9yndUbQ+q6G+p8fFQVSyK/S23Ne3InG49g9aKo
         yWOJRyjsS6ZnKHfsiH3ejeGzdGDe7ARJVZp7lB9wMEcW6u/g9Kfprl88lrJxy/RRKh1X
         82GQoo2iqetEocZqNenrlV1+Ij5kH4OEIHr3CvHpmOBGbyQTmvX64ndTLfafAr7OeQBF
         uhTw==
X-Forwarded-Encrypted: i=1;
 AJvYcCX6TCDvfPzD8CfKLBpgPHE6FWtbBPoyiCM8zhdtwgroIKIX0aMRdXfz1mmmcAxNHiGOKYUIDfOPjOah/gNvp0XQd76r
X-Gm-Message-State: AOJu0Ywg9mhewpaYKgSKnsliUMKxYXf6sb9J/kfp9Ro3zLR9KZIyW1bo
	5Vwl6OwXFlAtWLOhrlhUa5C6rNvt9DGLbspSdtm4Mt7DOXjFKoxy7BM6HtxV/LKC0bmtSwS/hg=
	=
X-Google-Smtp-Source: 
 AGHT+IGv+s66RkOnG2No4QDLJnAjBEudC4CdDJBYCyTNdZf9o4rJX0PEOZM4CVBe0sIJilA7BZCLdN9lgQ==
X-Received: from ptosi.c.googlers.com ([fda3:e722:ac3:cc00:31:98fb:c0a8:11ec])
 (user=ptosi job=sendgmr) by 2002:a17:906:1cc5:b0:a6e:f44d:3c65 with SMTP id
 a640c23a62f3a-a6ef44d6407mr655866b.0.1718001190442; Sun, 09 Jun 2024 23:33:10
 -0700 (PDT)
Date: Mon, 10 Jun 2024 07:32:33 +0100
In-Reply-To: <20240610063244.2828978-1-ptosi@google.com>
Precedence: bulk
X-Mailing-List: kvm@vger.kernel.org
List-Id: <kvm.vger.kernel.org>
List-Subscribe: <mailto:kvm+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:kvm+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20240610063244.2828978-1-ptosi@google.com>
X-Mailer: git-send-email 2.45.2.505.gda0bf45e8d-goog
Message-ID: <20240610063244.2828978-5-ptosi@google.com>
Subject: [PATCH v5 4/8] KVM: arm64: nVHE: gen-hyprel: Skip R_AARCH64_ABS32
From: " =?utf-8?q?Pierre-Cl=C3=A9ment_Tosi?= " <ptosi@google.com>
To: kvmarm@lists.linux.dev, linux-arm-kernel@lists.infradead.org,
	kvm@vger.kernel.org
Cc: " =?utf-8?q?Pierre-Cl=C3=A9ment_Tosi?= " <ptosi@google.com>,
 Will Deacon <will@kernel.org>, Marc Zyngier <maz@kernel.org>,
  Oliver Upton <oliver.upton@linux.dev>,
 Suzuki K Poulose <suzuki.poulose@arm.com>,
  Vincent Donnefort <vdonnefort@google.com>

Ignore R_AARCH64_ABS32 relocations, instead of panicking, when emitting
the relocation table of the hypervisor. The toolchain might produce them
when generating function calls with kCFI to represent the 32-bit type ID
which can then be resolved across compilation units at link time.  These
are NOT actual 32-bit addresses and are therefore not needed in the
final (runtime) relocation table (which is unlikely to use 32-bit
absolute addresses for arm64 anyway).

Signed-off-by: Pierre-Clément Tosi <ptosi@google.com>
Acked-by: Will Deacon <will@kernel.org>
---
 arch/arm64/kvm/hyp/nvhe/gen-hyprel.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/arch/arm64/kvm/hyp/nvhe/gen-hyprel.c b/arch/arm64/kvm/hyp/nvhe/gen-hyprel.c
index 6bc88a756cb7..b63f4e1c1033 100644
--- a/arch/arm64/kvm/hyp/nvhe/gen-hyprel.c
+++ b/arch/arm64/kvm/hyp/nvhe/gen-hyprel.c
@@ -50,6 +50,9 @@
 #ifndef R_AARCH64_ABS64
 #define R_AARCH64_ABS64			257
 #endif
+#ifndef R_AARCH64_ABS32
+#define R_AARCH64_ABS32			258
+#endif
 #ifndef R_AARCH64_PREL64
 #define R_AARCH64_PREL64		260
 #endif
@@ -383,6 +386,9 @@ static void emit_rela_section(Elf64_Shdr *sh_rela)
 		case R_AARCH64_ABS64:
 			emit_rela_abs64(rela, sh_orig_name);
 			break;
+		/* Allow 32-bit absolute relocation, for kCFI type hashes. */
+		case R_AARCH64_ABS32:
+			break;
 		/* Allow position-relative data relocations. */
 		case R_AARCH64_PREL64:
 		case R_AARCH64_PREL32:

From patchwork Mon Jun 10 06:32:34 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Pierre-Cl=C3=A9ment_Tosi?= <ptosi@google.com>
X-Patchwork-Id: 13691553
Received: from mail-yw1-f201.google.com (mail-yw1-f201.google.com
 [209.85.128.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0176C1A716
	for <kvm@vger.kernel.org>; Mon, 10 Jun 2024 06:33:13 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.128.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1718001195; cv=none;
 b=Ww09fVkMcloKshbTrTQvnZiOMrhyxt93Gfaco2PhPOQGuRzSU5wtHqJ4zT6fhnG0L0z0dGrI4zi9z/+TGimMo9EvhYlTYr0HXlcEwdLRWs+dBKEWgRfHD+6Z/nvkXKsj0/A+rlVCXb8FWJf73wOwm+J8Z8EpTNfDg1WxHqUizsY=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1718001195; c=relaxed/simple;
	bh=EI4/EM811Evgaxt17ukV0tKGIs7v8E3XxqrfQ4eYqoY=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=Tx8cQSG1iA5pGpOCnph4Lrj/zri9Aw/CoSrh7DeG0XGEEZ0zoQTzbIKWGUiaYJ8zTDxR9+m5r6RUV9dQkx2l6kGbuBAtVvZx4KnEzzFBBK6Oi+2Sr+O0silgIE7KVlWf87JBtv2DL7V7J1he64MdtFu0uOLhQ9Fcq+xsYfCfE7c=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--ptosi.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=zBpxHVlR; arc=none smtp.client-ip=209.85.128.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--ptosi.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="zBpxHVlR"
Received: by mail-yw1-f201.google.com with SMTP id
 00721157ae682-62a080977a5so75954987b3.0
        for <kvm@vger.kernel.org>; Sun, 09 Jun 2024 23:33:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1718001193; x=1718605993;
 darn=vger.kernel.org;
        h=content-transfer-encoding:cc:to:from:subject:message-id:references
         :mime-version:in-reply-to:date:from:to:cc:subject:date:message-id
         :reply-to;
        bh=erSEe/z/lyxgtHPTmqJJzIqKibPHcDLT3stY+lpOvXc=;
        b=zBpxHVlRTpSgVrH8z0mGR2DGmrPt7uC4z6v8NkwGL+B61CpnPlxDcLFvnu42q+JfFI
         r3EbHZRTgFM0HIuwLubyz7Lq53OBUs1SyB85Qb0AVEFmy7nddAKtlzbW0QRfRn1cqfoZ
         C2qn5zgrj6nLVLr6r+J7hfNQ+oDp4hgeUQQz6a4VRerHNs82R/iH6HjRDOK9Li+kUYOe
         s2bOtwaAseSGu70qSFNnsMntot4kJZm2MiZLwEGjGqJ8f1egkYvPyDP3JPc4Wo5zkKKD
         PfL54Qj9yGkl6nfnYPKoj+8cidlwl0/BJgmP5Gu2s0PKmjHO+F7zJEgYmUu3QUaPy4XZ
         E04Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1718001193; x=1718605993;
        h=content-transfer-encoding:cc:to:from:subject:message-id:references
         :mime-version:in-reply-to:date:x-gm-message-state:from:to:cc:subject
         :date:message-id:reply-to;
        bh=erSEe/z/lyxgtHPTmqJJzIqKibPHcDLT3stY+lpOvXc=;
        b=mT8SpaZ/oeGSxR4KusGbSjiIq35wj2jnmvzzXDFh9HgqEW9+LmktBVt4oPwWGUdGi7
         fJxngJTr+OFk3R/sVV1y2DHtz24/xuBigvtuy4q2fK7mk4qy/7CjUMjlPWMVC6aEPT8g
         DnC8aQVAs/fDVrn49iHSmc1lP08093egQlTERevE2ETx8UVpfGhabmusj5Z/xzadWVMD
         sQTowAtSLch4cqlE65C5csjBjD5Sfi78e9JBhXvH4ZYCQhXyA+G8iukBgkMwi+7/CjHV
         SeSFcrsqgz1D+hKQkjgBXT6zmRocYWhBrU3raEghXR2g6jKA9HhykgHqBdtabZwZfHdG
         BU5Q==
X-Forwarded-Encrypted: i=1;
 AJvYcCX89VyNt9lTEm/j5Llea44GG1vHtdnObuvRBhcf8tcGj/v8j8elOpBaWhlogH/oSnp20f00Rh++qGw3Dcn7mQNfNwNe
X-Gm-Message-State: AOJu0Yx200MOPWsqTik8IWP2G9kZyLTDgaVTJSa2Z0rZiYxgYo+3CjZ/
	sQJtfLQKnpcbAfXcATVABwfEmghraBPW6D+5vM6emPrVRIVIP5guL6okNJvVxz3WPF5BYvcVrQ=
	=
X-Google-Smtp-Source: 
 AGHT+IHneFcZIljJu58TGDzZRXW2Dq5HHh3VsxwTxsRfeFhyr4nvcrpdZeErzPsMk+6Ni5nqm5R0Pmo18g==
X-Received: from ptosi.c.googlers.com ([fda3:e722:ac3:cc00:31:98fb:c0a8:11ec])
 (user=ptosi job=sendgmr) by 2002:a05:690c:640d:b0:62c:f7e2:fc4e with SMTP id
 00721157ae682-62cf7e3002dmr13313527b3.2.1718001193144; Sun, 09 Jun 2024
 23:33:13 -0700 (PDT)
Date: Mon, 10 Jun 2024 07:32:34 +0100
In-Reply-To: <20240610063244.2828978-1-ptosi@google.com>
Precedence: bulk
X-Mailing-List: kvm@vger.kernel.org
List-Id: <kvm.vger.kernel.org>
List-Subscribe: <mailto:kvm+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:kvm+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20240610063244.2828978-1-ptosi@google.com>
X-Mailer: git-send-email 2.45.2.505.gda0bf45e8d-goog
Message-ID: <20240610063244.2828978-6-ptosi@google.com>
Subject: [PATCH v5 5/8] KVM: arm64: VHE: Mark __hyp_call_panic __noreturn
From: " =?utf-8?q?Pierre-Cl=C3=A9ment_Tosi?= " <ptosi@google.com>
To: kvmarm@lists.linux.dev, linux-arm-kernel@lists.infradead.org,
	kvm@vger.kernel.org
Cc: " =?utf-8?q?Pierre-Cl=C3=A9ment_Tosi?= " <ptosi@google.com>,
 Will Deacon <will@kernel.org>, Marc Zyngier <maz@kernel.org>,
  Oliver Upton <oliver.upton@linux.dev>,
 Suzuki K Poulose <suzuki.poulose@arm.com>,
  Vincent Donnefort <vdonnefort@google.com>

Given that the sole purpose of __hyp_call_panic() is to call panic(), a
__noreturn function, give it the __noreturn attribute, removing the need
for its caller to use unreachable().

Signed-off-by: Pierre-Clément Tosi <ptosi@google.com>
Acked-by: Will Deacon <will@kernel.org>
---
 arch/arm64/kvm/hyp/vhe/switch.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/arch/arm64/kvm/hyp/vhe/switch.c b/arch/arm64/kvm/hyp/vhe/switch.c
index d7af5f46f22a..0550b9f6317f 100644
--- a/arch/arm64/kvm/hyp/vhe/switch.c
+++ b/arch/arm64/kvm/hyp/vhe/switch.c
@@ -384,7 +384,7 @@ int __kvm_vcpu_run(struct kvm_vcpu *vcpu)
 	return ret;
 }
 
-static void __hyp_call_panic(u64 spsr, u64 elr, u64 par)
+static void __noreturn __hyp_call_panic(u64 spsr, u64 elr, u64 par)
 {
 	struct kvm_cpu_context *host_ctxt;
 	struct kvm_vcpu *vcpu;
@@ -409,7 +409,6 @@ void __noreturn hyp_panic(void)
 	u64 par = read_sysreg_par();
 
 	__hyp_call_panic(spsr, elr, par);
-	unreachable();
 }
 
 asmlinkage void kvm_unexpected_el2_exception(void)

From patchwork Mon Jun 10 06:32:35 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Pierre-Cl=C3=A9ment_Tosi?= <ptosi@google.com>
X-Patchwork-Id: 13691554
Received: from mail-ed1-f73.google.com (mail-ed1-f73.google.com
 [209.85.208.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id C92421A716
	for <kvm@vger.kernel.org>; Mon, 10 Jun 2024 06:33:16 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.208.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1718001198; cv=none;
 b=mxeXSICxeToZIjVrV/fn5mztLXYMZO0X+E2/dE2OE76m1WUpS1KuS1Bu1RHGSzeFDdbIv0SjpU5UBD3povax3KmavMhFoFlqQ6INeViTERYyytv3R62jXOpPSET7a5tcZVHCxksOppRsrZGmsay90ae/UkvX5PVv7G31KMZ3Rcg=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1718001198; c=relaxed/simple;
	bh=gutDst1iGuxauvOLWt6qjbv2PXcJmlMUw+iw8PL4uSI=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=iwSGNVnsayp/697CaPav3eU2tpinO0/DpZkoy6dQpVUfR4+OsMPr+UzYTQlb3xz9cHhABIC/FafM9Q1MtZaD8M3H3qGCarQ6Kd2VyunZ0e9wiFOm/mAPQJATnlL9gCoryQ4QNJJ9RUIIZ6kRCrLzALjC2IBYdp8OfDxrLvxBprI=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--ptosi.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=tz/t3Z5R; arc=none smtp.client-ip=209.85.208.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--ptosi.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="tz/t3Z5R"
Received: by mail-ed1-f73.google.com with SMTP id
 4fb4d7f45d1cf-57c697aea06so821084a12.2
        for <kvm@vger.kernel.org>; Sun, 09 Jun 2024 23:33:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1718001195; x=1718605995;
 darn=vger.kernel.org;
        h=content-transfer-encoding:cc:to:from:subject:message-id:references
         :mime-version:in-reply-to:date:from:to:cc:subject:date:message-id
         :reply-to;
        bh=2DG6vYupY7WAr9zwo8BTUXtx1v0A9oK0vgYWOEtX0E4=;
        b=tz/t3Z5RQjZKgdpSWAFuNL3UQ9mnRqpq3d0l8gpy5HM8IXK/Qr9kveVkf1OuW9eKdz
         rNd8z5uGQtBEoEW8Aux+G7SvAUgN/dFsvo73D3ABDN6XY6e2V0g9RwEua/71r9BftBnN
         YLQaV0Xc8WC9e8VpkMmEYZmJjKa8D5mWaOp2b70bw4DjYVatQK07mY3gGvLGPwRg2sYW
         6OOk44CjSCloG8+qYtae8gqpeVMmH3l++kR86neX2BVQmCTZIMx+8uDoYzPFdHwgWOEd
         GcPgOtqXJTm1VddidONILSWYBW5rNr+pd2O2KKYZIoKPNSkO3zxe1eXxflFyJURNy+f7
         vjag==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1718001195; x=1718605995;
        h=content-transfer-encoding:cc:to:from:subject:message-id:references
         :mime-version:in-reply-to:date:x-gm-message-state:from:to:cc:subject
         :date:message-id:reply-to;
        bh=2DG6vYupY7WAr9zwo8BTUXtx1v0A9oK0vgYWOEtX0E4=;
        b=nVfRSLF3yt0N0PxLrJO9vd1zXJOuvDq6FVIktIsw4hUiNzt9mCaKv2NhvFVNX1DoQX
         UABW3dKuyh5eTTVUBw+SLL+pa0cFrYgZb5opH3aVNapd7B6i2CK2Vg/TXwvSs6tXzUj3
         osQfNDHR2f5BQhkHw6COCGbGsyhE2zXnEn+qHMc9gjVyfz4+SmU+DEJtB8Hk6WXhQGyW
         ItWr7TJvk3blJ2HCVD/fYlksLcaa9lxlD+fhQ3D4DccMq+WMCoLCP819E+Rw28eAgY+4
         1Po+fRrVDpy8W69ljhSJCghVqPqZb0Ul6rgFKQ6qer+sMlz3b1T6jtGcHwqgXSo3wGM/
         ZBew==
X-Forwarded-Encrypted: i=1;
 AJvYcCXNphyPL5XEdsOBMkT3U/9RGf11qm48XHhO/6IF9zbWKdEBLkGkR2ZH16GWIgTPc7NHFZ7FMfmexdMiFwLQxVJ1zrlD
X-Gm-Message-State: AOJu0YwQ+XN8JuFklYMzxOgDVsI2LBY3233/z5QShMoUA5Qp8kNg1YUm
	m3VC5zJXXBXpaesa9Lqyw1BU9sIBcVyker2pdd/jwLf7resC0gnTq3yxBvOiw4JoazQisXKjVA=
	=
X-Google-Smtp-Source: 
 AGHT+IHt0FJ6sbCckrZkKJOfJcRcRL2EfcoqbTKxzqlq4WyO2vf8tBUdRX1+5ixxV1gmd31Ov951xdBvBA==
X-Received: from ptosi.c.googlers.com ([fda3:e722:ac3:cc00:31:98fb:c0a8:11ec])
 (user=ptosi job=sendgmr) by 2002:a05:6402:434a:b0:57c:7fc5:b3eb with SMTP id
 4fb4d7f45d1cf-57c7fc5b583mr3212a12.8.1718001195339; Sun, 09 Jun 2024 23:33:15
 -0700 (PDT)
Date: Mon, 10 Jun 2024 07:32:35 +0100
In-Reply-To: <20240610063244.2828978-1-ptosi@google.com>
Precedence: bulk
X-Mailing-List: kvm@vger.kernel.org
List-Id: <kvm.vger.kernel.org>
List-Subscribe: <mailto:kvm+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:kvm+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20240610063244.2828978-1-ptosi@google.com>
X-Mailer: git-send-email 2.45.2.505.gda0bf45e8d-goog
Message-ID: <20240610063244.2828978-7-ptosi@google.com>
Subject: [PATCH v5 6/8] arm64: Introduce esr_brk_comment, esr_is_cfi_brk
From: " =?utf-8?q?Pierre-Cl=C3=A9ment_Tosi?= " <ptosi@google.com>
To: kvmarm@lists.linux.dev, linux-arm-kernel@lists.infradead.org,
	kvm@vger.kernel.org
Cc: " =?utf-8?q?Pierre-Cl=C3=A9ment_Tosi?= " <ptosi@google.com>,
 Will Deacon <will@kernel.org>, Marc Zyngier <maz@kernel.org>,
  Oliver Upton <oliver.upton@linux.dev>,
 Suzuki K Poulose <suzuki.poulose@arm.com>,
  Vincent Donnefort <vdonnefort@google.com>

As it is already used in two places, move esr_comment() to a header for
re-use, with a clearer name.

Introduce esr_is_cfi_brk() to detect kCFI BRK syndromes, currently used
by early_brk64() but soon to also be used by hypervisor code.

Signed-off-by: Pierre-Clément Tosi <ptosi@google.com>
Acked-by: Will Deacon <will@kernel.org>
---
 arch/arm64/include/asm/esr.h       | 11 +++++++++++
 arch/arm64/kernel/debug-monitors.c |  4 +---
 arch/arm64/kernel/traps.c          |  8 +++-----
 arch/arm64/kvm/handle_exit.c       |  2 +-
 4 files changed, 16 insertions(+), 9 deletions(-)

diff --git a/arch/arm64/include/asm/esr.h b/arch/arm64/include/asm/esr.h
index 7abf09df7033..77569d207ecf 100644
--- a/arch/arm64/include/asm/esr.h
+++ b/arch/arm64/include/asm/esr.h
@@ -379,6 +379,11 @@
 #ifndef __ASSEMBLY__
 #include <asm/types.h>
 
+static inline unsigned long esr_brk_comment(unsigned long esr)
+{
+	return esr & ESR_ELx_BRK64_ISS_COMMENT_MASK;
+}
+
 static inline bool esr_is_data_abort(unsigned long esr)
 {
 	const unsigned long ec = ESR_ELx_EC(esr);
@@ -386,6 +391,12 @@ static inline bool esr_is_data_abort(unsigned long esr)
 	return ec == ESR_ELx_EC_DABT_LOW || ec == ESR_ELx_EC_DABT_CUR;
 }
 
+static inline bool esr_is_cfi_brk(unsigned long esr)
+{
+	return ESR_ELx_EC(esr) == ESR_ELx_EC_BRK64 &&
+	       (esr_brk_comment(esr) & ~CFI_BRK_IMM_MASK) == CFI_BRK_IMM_BASE;
+}
+
 static inline bool esr_fsc_is_translation_fault(unsigned long esr)
 {
 	/* Translation fault, level -1 */
diff --git a/arch/arm64/kernel/debug-monitors.c b/arch/arm64/kernel/debug-monitors.c
index 64f2ecbdfe5c..024a7b245056 100644
--- a/arch/arm64/kernel/debug-monitors.c
+++ b/arch/arm64/kernel/debug-monitors.c
@@ -312,9 +312,7 @@ static int call_break_hook(struct pt_regs *regs, unsigned long esr)
 	 * entirely not preemptible, and we can use rcu list safely here.
 	 */
 	list_for_each_entry_rcu(hook, list, node) {
-		unsigned long comment = esr & ESR_ELx_BRK64_ISS_COMMENT_MASK;
-
-		if ((comment & ~hook->mask) == hook->imm)
+		if ((esr_brk_comment(esr) & ~hook->mask) == hook->imm)
 			fn = hook->fn;
 	}
 
diff --git a/arch/arm64/kernel/traps.c b/arch/arm64/kernel/traps.c
index 215e6d7f2df8..9e22683aa921 100644
--- a/arch/arm64/kernel/traps.c
+++ b/arch/arm64/kernel/traps.c
@@ -1105,8 +1105,6 @@ static struct break_hook ubsan_break_hook = {
 };
 #endif
 
-#define esr_comment(esr) ((esr) & ESR_ELx_BRK64_ISS_COMMENT_MASK)
-
 /*
  * Initial handler for AArch64 BRK exceptions
  * This handler only used until debug_traps_init().
@@ -1115,15 +1113,15 @@ int __init early_brk64(unsigned long addr, unsigned long esr,
 		struct pt_regs *regs)
 {
 #ifdef CONFIG_CFI_CLANG
-	if ((esr_comment(esr) & ~CFI_BRK_IMM_MASK) == CFI_BRK_IMM_BASE)
+	if (esr_is_cfi_brk(esr))
 		return cfi_handler(regs, esr) != DBG_HOOK_HANDLED;
 #endif
 #ifdef CONFIG_KASAN_SW_TAGS
-	if ((esr_comment(esr) & ~KASAN_BRK_MASK) == KASAN_BRK_IMM)
+	if ((esr_brk_comment(esr) & ~KASAN_BRK_MASK) == KASAN_BRK_IMM)
 		return kasan_handler(regs, esr) != DBG_HOOK_HANDLED;
 #endif
 #ifdef CONFIG_UBSAN_TRAP
-	if ((esr_comment(esr) & ~UBSAN_BRK_MASK) == UBSAN_BRK_IMM)
+	if ((esr_brk_comment(esr) & ~UBSAN_BRK_MASK) == UBSAN_BRK_IMM)
 		return ubsan_handler(regs, esr) != DBG_HOOK_HANDLED;
 #endif
 	return bug_handler(regs, esr) != DBG_HOOK_HANDLED;
diff --git a/arch/arm64/kvm/handle_exit.c b/arch/arm64/kvm/handle_exit.c
index b037f0a0e27e..d41447193e13 100644
--- a/arch/arm64/kvm/handle_exit.c
+++ b/arch/arm64/kvm/handle_exit.c
@@ -423,7 +423,7 @@ void __noreturn __cold nvhe_hyp_panic_handler(u64 esr, u64 spsr,
 	if (mode != PSR_MODE_EL2t && mode != PSR_MODE_EL2h) {
 		kvm_err("Invalid host exception to nVHE hyp!\n");
 	} else if (ESR_ELx_EC(esr) == ESR_ELx_EC_BRK64 &&
-		   (esr & ESR_ELx_BRK64_ISS_COMMENT_MASK) == BUG_BRK_IMM) {
+		   esr_brk_comment(esr) == BUG_BRK_IMM) {
 		const char *file = NULL;
 		unsigned int line = 0;
 

From patchwork Mon Jun 10 06:32:36 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Pierre-Cl=C3=A9ment_Tosi?= <ptosi@google.com>
X-Patchwork-Id: 13691555
Received: from mail-yb1-f202.google.com (mail-yb1-f202.google.com
 [209.85.219.202])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 82EE41CD11
	for <kvm@vger.kernel.org>; Mon, 10 Jun 2024 06:33:18 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.219.202
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1718001199; cv=none;
 b=BUdHie5lhh2mBFO6cxU9b7rM+c7UW6XDomSzWwL/TuIqjOLr4yNLEDbHz3GACt187HR+USRlGBdWtdEuJWr2JlAoqKa+CfkH31YVuEg/nC9PvTKG7FOmuIhrfMyMysPqemwef8zdLRVg85NQ70cAL12oTSDtErD8bZuBokQN7R4=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1718001199; c=relaxed/simple;
	bh=AqvaU44Y4+L1JXO5CklIeg/gsPsV6LRGHS7zAcof/1w=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=gYxQhieOKxvQOqgVTxI83wDov04c06EU89IF+PhEintLejn6VHHR1/r/cVOWH0Y63+iOecXrtnsqzl1jHmR8F5/KeDZMtFrf8J1GNkrMOnzBGc3WCScfpXBf9fz1/Rsb4kpA+HzlAaLCtIj6lsMTcqt8+7n1MC0xsF3DO7Ol2i4=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--ptosi.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=QUMlwyYT; arc=none smtp.client-ip=209.85.219.202
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--ptosi.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="QUMlwyYT"
Received: by mail-yb1-f202.google.com with SMTP id
 3f1490d57ef6-df4d62ff39fso7008780276.2
        for <kvm@vger.kernel.org>; Sun, 09 Jun 2024 23:33:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1718001197; x=1718605997;
 darn=vger.kernel.org;
        h=content-transfer-encoding:cc:to:from:subject:message-id:references
         :mime-version:in-reply-to:date:from:to:cc:subject:date:message-id
         :reply-to;
        bh=dqyohViu5INtDvXVZa+s1VQcpgMXQ3O7S1A4651HaGs=;
        b=QUMlwyYTW3sLZRtYs3s+6r3MFiaWqX9j9ouWaEUDipI2l73fHgSimRAAKCMh3IY4Gr
         gyNLa4zY+Ds+r1AkbxBhPx/LItrZBaDMlnq52I0VOx6VIsUIlyCj7ciVFa9EMuvIHs4c
         0JeYoLGYYt3GUiC3/jzuMVWNgPG2Hj/T22yP1M8vBZaPituOKGbWPJEnsuEDebWmNAXw
         TV7VPN4Hi561HZ8Ri04yUmXtFy18eXV2UOXv3E6UqQ6y8otHeRBQOUAp/gcQXsIXIHfw
         GxOIVgOOgSHvy/EIIMmQMhjVvClXRnyNKF5OaaA7l65bg0kUQWkfaLfhyIDPk7peuvrB
         322Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1718001197; x=1718605997;
        h=content-transfer-encoding:cc:to:from:subject:message-id:references
         :mime-version:in-reply-to:date:x-gm-message-state:from:to:cc:subject
         :date:message-id:reply-to;
        bh=dqyohViu5INtDvXVZa+s1VQcpgMXQ3O7S1A4651HaGs=;
        b=FSpOXvcL2vqi08IjiUsMus2GMHyREYr1Ef75g5Oq52HwHKds79iEcmQRuV/kcs+kcp
         kjeN790EDd8OPTY0WcuERGwEpYcTSk57Xn0YlGLEAZWf63+ezobjpzt2jWN1b2zXbsoQ
         1iAJYhGDu8APOmDWeFrPApcfejbk7ppr2fhDUqAVwZ2IZMA5zPMBCLUQ4wuMsNWDU1fI
         c9LBpqaq368BbgYAmnHsi7pOcYZT/LsBVGjyadsPj5bkAOCslgvAD7syHqdlx5XotDYl
         UjIEtoz01fKZz1gd0iQOaoUo1s9MSnsIyZLkiu9FsvLuENw8BpLghR1kyOr85dk/Pdfy
         CVVg==
X-Forwarded-Encrypted: i=1;
 AJvYcCWVtDFGAo5RyCxWBbv27+9oz9fYJN6BdZS1zF+2SIuhrSiBRrdZ9BpAYPfrqM28LQuUUEJ4almuyMEsO166thpU0zcW
X-Gm-Message-State: AOJu0Yyr4YYB9u08TP9Wt+PgidgblDIg5C3ZWalZje0FhL97TSTQXodQ
	1YpumJdR1wYZU5S7uPKRsQaocpCvoeo4VwVdDD0O6b921UF36FxG6ev515LN+crmy94aUSd+Gg=
	=
X-Google-Smtp-Source: 
 AGHT+IGf6WRV7HKSJskgV/e4LobW32lt+CvHAqHY8Xw+IryjRsITtuaQvaI/3e5A/41rY75n+5kl2ImpRQ==
X-Received: from ptosi.c.googlers.com ([fda3:e722:ac3:cc00:31:98fb:c0a8:11ec])
 (user=ptosi job=sendgmr) by 2002:a05:6902:1024:b0:dfa:56fa:bb4e with SMTP id
 3f1490d57ef6-dfaf64ea21fmr2585123276.1.1718001197573; Sun, 09 Jun 2024
 23:33:17 -0700 (PDT)
Date: Mon, 10 Jun 2024 07:32:36 +0100
In-Reply-To: <20240610063244.2828978-1-ptosi@google.com>
Precedence: bulk
X-Mailing-List: kvm@vger.kernel.org
List-Id: <kvm.vger.kernel.org>
List-Subscribe: <mailto:kvm+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:kvm+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20240610063244.2828978-1-ptosi@google.com>
X-Mailer: git-send-email 2.45.2.505.gda0bf45e8d-goog
Message-ID: <20240610063244.2828978-8-ptosi@google.com>
Subject: [PATCH v5 7/8] KVM: arm64: Introduce print_nvhe_hyp_panic helper
From: " =?utf-8?q?Pierre-Cl=C3=A9ment_Tosi?= " <ptosi@google.com>
To: kvmarm@lists.linux.dev, linux-arm-kernel@lists.infradead.org,
	kvm@vger.kernel.org
Cc: " =?utf-8?q?Pierre-Cl=C3=A9ment_Tosi?= " <ptosi@google.com>,
 Will Deacon <will@kernel.org>, Marc Zyngier <maz@kernel.org>,
  Oliver Upton <oliver.upton@linux.dev>,
 Suzuki K Poulose <suzuki.poulose@arm.com>,
  Vincent Donnefort <vdonnefort@google.com>

Add a helper to display a panic banner soon to also be used for kCFI
failures, to ensure that we remain consistent.

Signed-off-by: Pierre-Clément Tosi <ptosi@google.com>
Acked-by: Will Deacon <will@kernel.org>
---
 arch/arm64/kvm/handle_exit.c | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/arch/arm64/kvm/handle_exit.c b/arch/arm64/kvm/handle_exit.c
index d41447193e13..b3d6657a259d 100644
--- a/arch/arm64/kvm/handle_exit.c
+++ b/arch/arm64/kvm/handle_exit.c
@@ -411,6 +411,12 @@ void handle_exit_early(struct kvm_vcpu *vcpu, int exception_index)
 		kvm_handle_guest_serror(vcpu, kvm_vcpu_get_esr(vcpu));
 }
 
+static void print_nvhe_hyp_panic(const char *name, u64 panic_addr)
+{
+	kvm_err("nVHE hyp %s at: [<%016llx>] %pB!\n", name, panic_addr,
+		(void *)(panic_addr + kaslr_offset()));
+}
+
 void __noreturn __cold nvhe_hyp_panic_handler(u64 esr, u64 spsr,
 					      u64 elr_virt, u64 elr_phys,
 					      u64 par, uintptr_t vcpu,
@@ -439,11 +445,9 @@ void __noreturn __cold nvhe_hyp_panic_handler(u64 esr, u64 spsr,
 		if (file)
 			kvm_err("nVHE hyp BUG at: %s:%u!\n", file, line);
 		else
-			kvm_err("nVHE hyp BUG at: [<%016llx>] %pB!\n", panic_addr,
-					(void *)(panic_addr + kaslr_offset()));
+			print_nvhe_hyp_panic("BUG", panic_addr);
 	} else {
-		kvm_err("nVHE hyp panic at: [<%016llx>] %pB!\n", panic_addr,
-				(void *)(panic_addr + kaslr_offset()));
+		print_nvhe_hyp_panic("panic", panic_addr);
 	}
 
 	/* Dump the nVHE hypervisor backtrace */

From patchwork Mon Jun 10 06:32:37 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Pierre-Cl=C3=A9ment_Tosi?= <ptosi@google.com>
X-Patchwork-Id: 13691556
Received: from mail-ed1-f74.google.com (mail-ed1-f74.google.com
 [209.85.208.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 828E31CD11
	for <kvm@vger.kernel.org>; Mon, 10 Jun 2024 06:33:21 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.208.74
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1718001203; cv=none;
 b=QRNcVh0G3hF06j47QclAbFqwFxFADFAnNFAnemFNlGxV4Tm1/iDjmWe0cflg3shqpMJlJ8lF/rh50t0npgBw69oOBLW762eZVGIvqBOQGPgYQq2ny/dEVyUsFzGttGP6K6cXf4p29BObZbxDHFW85jZyJDIWr4Mp3Amqes1YqUY=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1718001203; c=relaxed/simple;
	bh=qfv6I1jjnDAU1Imno9iVu5bVjsuWAXtM6J7EWpc+Pus=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=HB0hYTehiEBg3FBfa7AKWE/XJqkCVrteuDYlPH7a+BGSoYcBExKY01rih1+pPDruKXlVN7iCi+CYk6zpgGiMyZvKMmVEge2HsjlxtI2XDfBCzyC3i1Zmo8tvRyibJFwv0B1IpFL0sAoqiYYaOvSMtDXQXxbxCJaPCsQyxESdqNM=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--ptosi.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=eBrBISl5; arc=none smtp.client-ip=209.85.208.74
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--ptosi.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="eBrBISl5"
Received: by mail-ed1-f74.google.com with SMTP id
 4fb4d7f45d1cf-57c738349baso784759a12.1
        for <kvm@vger.kernel.org>; Sun, 09 Jun 2024 23:33:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1718001200; x=1718606000;
 darn=vger.kernel.org;
        h=content-transfer-encoding:cc:to:from:subject:message-id:references
         :mime-version:in-reply-to:date:from:to:cc:subject:date:message-id
         :reply-to;
        bh=/3Fqo6uZ6WACSXr1SiKgfaQUsW+tD2BveY2g61YybgU=;
        b=eBrBISl56c8QxPl8HpNOhiBcID0A3GaCDaiCj2rETVOow+cn8TrhTu7YIDcN8gWJH9
         jwFzQMNZM3YDV7h0sQkfxZh3R15DJaRSSlRdi9suPdm6vTFVnFl3ljUYo2k4tDxM9H+t
         4oadOEpN5KPOQ/HR2v8SGp/WUVd1YQFEC89zjBGDnV0Stxc7kcUH5yA1cb9GnqVBW+Xn
         UzsDc7/Ajv1q5Z+mQoII2V9LPLJNBCk9S3LjavDCvm0v1s5R76Ll8WLYUPmyt4EMoqjg
         I3Gr/aDmXNKkALQ73eu8POC2BnaqBepKXubn9RSxCfJopoVaKUmlUv8vparvOgrOX9On
         ENhg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1718001200; x=1718606000;
        h=content-transfer-encoding:cc:to:from:subject:message-id:references
         :mime-version:in-reply-to:date:x-gm-message-state:from:to:cc:subject
         :date:message-id:reply-to;
        bh=/3Fqo6uZ6WACSXr1SiKgfaQUsW+tD2BveY2g61YybgU=;
        b=jYYnqQIvcsngJnoXLjFuH4w5yG3FqM1Shym8WMVdCT4ULKpuX1sk+LJzLA8MGkEtKb
         WkNp3qV0yYFsL5eJfvZ0k1Lilo3yjZntxojdqJckV4k0x/BSH3A2Sv4YdWvKe+6n59CT
         JL78YucomEwJRb6zi9AfqCbEiGXqYudBEqZDQmkkpDUy7s/plZHCybj5tP7dmwApJB8p
         2aLAvz+cpgw0cs7iwF0nzYywjkOQYiMF2t07Tmws9+LC0SqOHO96cSVYFl6ozxqfdsjm
         cF0U9D1WIV/74UQrPOVqNWkloI3y7xrGYTDHnxR5ZKZ85YOQ8ssfLE2ACeJ8E1nZQPrt
         GB/Q==
X-Forwarded-Encrypted: i=1;
 AJvYcCWe8xfa0zW3QLnWappb7rzUjxXGKSOxD602VCuTuSZnE19RpeG372bm30/RVpe6i4iFdGBxoj8dSj3yi6JRwoMunto/
X-Gm-Message-State: AOJu0YxOENoRACAde+n3UTwMEZQ6vTCu6S1Cd3msoPB6PXzLlOakHAUt
	S7Ct4I9iGmThz2iBYs8cs7Oc6nhWhcDTQluy8CMpTFa233Z5BbGvKd6tHhStIr8zIHUmKdCDPA=
	=
X-Google-Smtp-Source: 
 AGHT+IGl14UbfzJFzP5FVcOdHdoo6VR8VgccIp2YuEQvM8uJdIjgJCFM5cwo5OdJoioDTQ1NLN2OfjF80w==
X-Received: from ptosi.c.googlers.com ([fda3:e722:ac3:cc00:31:98fb:c0a8:11ec])
 (user=ptosi job=sendgmr) by 2002:a05:6402:381b:b0:57c:803e:3a57 with SMTP id
 4fb4d7f45d1cf-57c803e3c99mr3092a12.2.1718001200147; Sun, 09 Jun 2024 23:33:20
 -0700 (PDT)
Date: Mon, 10 Jun 2024 07:32:37 +0100
In-Reply-To: <20240610063244.2828978-1-ptosi@google.com>
Precedence: bulk
X-Mailing-List: kvm@vger.kernel.org
List-Id: <kvm.vger.kernel.org>
List-Subscribe: <mailto:kvm+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:kvm+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20240610063244.2828978-1-ptosi@google.com>
X-Mailer: git-send-email 2.45.2.505.gda0bf45e8d-goog
Message-ID: <20240610063244.2828978-9-ptosi@google.com>
Subject: [PATCH v5 8/8] KVM: arm64: nVHE: Support CONFIG_CFI_CLANG at EL2
From: " =?utf-8?q?Pierre-Cl=C3=A9ment_Tosi?= " <ptosi@google.com>
To: kvmarm@lists.linux.dev, linux-arm-kernel@lists.infradead.org,
	kvm@vger.kernel.org
Cc: " =?utf-8?q?Pierre-Cl=C3=A9ment_Tosi?= " <ptosi@google.com>,
 Will Deacon <will@kernel.org>, Marc Zyngier <maz@kernel.org>,
  Oliver Upton <oliver.upton@linux.dev>,
 Suzuki K Poulose <suzuki.poulose@arm.com>,
  Vincent Donnefort <vdonnefort@google.com>

The compiler implements kCFI by adding type information (u32) above
every function that might be indirectly called and, whenever a function
pointer is called, injects a read-and-compare of that u32 against the
value corresponding to the expected type. In case of a mismatch, a BRK
instruction gets executed. When the hypervisor triggers such an
exception in nVHE, it panics and triggers and exception return to EL1.

Therefore, teach nvhe_hyp_panic_handler() to detect kCFI errors from the
ESR and report them. If necessary, remind the user that EL2 kCFI is not
affected by CONFIG_CFI_PERMISSIVE.

Pass $(CC_FLAGS_CFI) to the compiler when building the nVHE hyp code.

Use SYM_TYPED_FUNC_START() for __pkvm_init_switch_pgd, as nVHE can't
call it directly and must use a PA function pointer from C (because it
is part of the idmap page), which would trigger a kCFI failure if the
type ID wasn't present.

Signed-off-by: Pierre-Clément Tosi <ptosi@google.com>
Acked-by: Will Deacon <will@kernel.org>
---
 arch/arm64/kvm/handle_exit.c       | 10 ++++++++++
 arch/arm64/kvm/hyp/nvhe/Makefile   |  6 +++---
 arch/arm64/kvm/hyp/nvhe/hyp-init.S |  6 +++++-
 3 files changed, 18 insertions(+), 4 deletions(-)

diff --git a/arch/arm64/kvm/handle_exit.c b/arch/arm64/kvm/handle_exit.c
index b3d6657a259d..69b08ac7322d 100644
--- a/arch/arm64/kvm/handle_exit.c
+++ b/arch/arm64/kvm/handle_exit.c
@@ -417,6 +417,14 @@ static void print_nvhe_hyp_panic(const char *name, u64 panic_addr)
 		(void *)(panic_addr + kaslr_offset()));
 }
 
+static void kvm_nvhe_report_cfi_failure(u64 panic_addr)
+{
+	print_nvhe_hyp_panic("CFI failure", panic_addr);
+
+	if (IS_ENABLED(CONFIG_CFI_PERMISSIVE))
+		kvm_err(" (CONFIG_CFI_PERMISSIVE ignored for hyp failures)\n");
+}
+
 void __noreturn __cold nvhe_hyp_panic_handler(u64 esr, u64 spsr,
 					      u64 elr_virt, u64 elr_phys,
 					      u64 par, uintptr_t vcpu,
@@ -446,6 +454,8 @@ void __noreturn __cold nvhe_hyp_panic_handler(u64 esr, u64 spsr,
 			kvm_err("nVHE hyp BUG at: %s:%u!\n", file, line);
 		else
 			print_nvhe_hyp_panic("BUG", panic_addr);
+	} else if (IS_ENABLED(CONFIG_CFI_CLANG) && esr_is_cfi_brk(esr)) {
+		kvm_nvhe_report_cfi_failure(panic_addr);
 	} else {
 		print_nvhe_hyp_panic("panic", panic_addr);
 	}
diff --git a/arch/arm64/kvm/hyp/nvhe/Makefile b/arch/arm64/kvm/hyp/nvhe/Makefile
index 50fa0ffb6b7e..782b34b004be 100644
--- a/arch/arm64/kvm/hyp/nvhe/Makefile
+++ b/arch/arm64/kvm/hyp/nvhe/Makefile
@@ -89,9 +89,9 @@ quiet_cmd_hyprel = HYPREL  $@
 quiet_cmd_hypcopy = HYPCOPY $@
       cmd_hypcopy = $(OBJCOPY) --prefix-symbols=__kvm_nvhe_ $< $@
 
-# Remove ftrace, Shadow Call Stack, and CFI CFLAGS.
-# This is equivalent to the 'notrace', '__noscs', and '__nocfi' annotations.
-KBUILD_CFLAGS := $(filter-out $(CC_FLAGS_FTRACE) $(CC_FLAGS_SCS) $(CC_FLAGS_CFI), $(KBUILD_CFLAGS))
+# Remove ftrace and Shadow Call Stack CFLAGS.
+# This is equivalent to the 'notrace' and '__noscs' annotations.
+KBUILD_CFLAGS := $(filter-out $(CC_FLAGS_FTRACE) $(CC_FLAGS_SCS), $(KBUILD_CFLAGS))
 # Starting from 13.0.0 llvm emits SHT_REL section '.llvm.call-graph-profile'
 # when profile optimization is applied. gen-hyprel does not support SHT_REL and
 # causes a build failure. Remove profile optimization flags.
diff --git a/arch/arm64/kvm/hyp/nvhe/hyp-init.S b/arch/arm64/kvm/hyp/nvhe/hyp-init.S
index 3a2836a52e85..07120b37da35 100644
--- a/arch/arm64/kvm/hyp/nvhe/hyp-init.S
+++ b/arch/arm64/kvm/hyp/nvhe/hyp-init.S
@@ -5,6 +5,7 @@
  */
 
 #include <linux/arm-smccc.h>
+#include <linux/cfi_types.h>
 #include <linux/linkage.h>
 
 #include <asm/alternative.h>
@@ -268,8 +269,11 @@ SYM_CODE_END(__kvm_handle_stub_hvc)
 /*
  * void __pkvm_init_switch_pgd(phys_addr_t pgd, unsigned long sp,
  *                             void (*fn)(void));
+ *
+ * SYM_TYPED_FUNC_START() allows C to call this ID-mapped function indirectly
+ * using a physical pointer without triggering a kCFI failure.
  */
-SYM_FUNC_START(__pkvm_init_switch_pgd)
+SYM_TYPED_FUNC_START(__pkvm_init_switch_pgd)
 	/* Turn the MMU off */
 	pre_disable_mmu_workaround
 	mrs	x3, sctlr_el2