1. 24 4月, 2019 5 次提交
    • A
      arm64: KVM: Encapsulate kvm_cpu_context in kvm_host_data · 630a1685
      Andrew Murray 提交于
      The virt/arm core allocates a kvm_cpu_context_t percpu, at present this is
      a typedef to kvm_cpu_context and is used to store host cpu context. The
      kvm_cpu_context structure is also used elsewhere to hold vcpu context.
      In order to use the percpu to hold additional future host information we
      encapsulate kvm_cpu_context in a new structure and rename the typedef and
      percpu to match.
      Signed-off-by: NAndrew Murray <andrew.murray@arm.com>
      Reviewed-by: NSuzuki K Poulose <suzuki.poulose@arm.com>
      Signed-off-by: NMarc Zyngier <marc.zyngier@arm.com>
      630a1685
    • A
      arm64: arm_pmu: Remove unnecessary isb instruction · 21bb0ebf
      Andrew Murray 提交于
      The armv8pmu_enable_event_counter function issues an isb instruction
      after enabling a pair of counters - this doesn't provide any value
      and is inconsistent with the armv8pmu_disable_event_counter.
      
      In any case armv8pmu_enable_event_counter is always called with the
      PMU stopped. Starting the PMU with armv8pmu_start results in an isb
      instruction being issued prior to writing to PMCR_EL0.
      
      Let's remove the unnecessary isb instruction.
      Signed-off-by: NAndrew Murray <andrew.murray@arm.com>
      Reviewed-by: NSuzuki K Poulose <suzuki.poulose@arm.com>
      Acked-by: NMark Rutland <mark.rutland@arm.com>
      Signed-off-by: NMarc Zyngier <marc.zyngier@arm.com>
      21bb0ebf
    • A
      KVM: arm64: Add capability to advertise ptrauth for guest · a243c16d
      Amit Daniel Kachhap 提交于
      This patch advertises the capability of two cpu feature called address
      pointer authentication and generic pointer authentication. These
      capabilities depend upon system support for pointer authentication and
      VHE mode.
      
      The current arm64 KVM partially implements pointer authentication and
      support of address/generic authentication are tied together. However,
      separate ABI requirements for both of them is added so that any future
      isolated implementation will not require any ABI changes.
      Signed-off-by: NAmit Daniel Kachhap <amit.kachhap@arm.com>
      Cc: Mark Rutland <mark.rutland@arm.com>
      Cc: Marc Zyngier <marc.zyngier@arm.com>
      Cc: Christoffer Dall <christoffer.dall@arm.com>
      Cc: kvmarm@lists.cs.columbia.edu
      Signed-off-by: NMarc Zyngier <marc.zyngier@arm.com>
      a243c16d
    • A
      KVM: arm64: Add userspace flag to enable pointer authentication · a22fa321
      Amit Daniel Kachhap 提交于
      Now that the building blocks of pointer authentication are present, lets
      add userspace flags KVM_ARM_VCPU_PTRAUTH_ADDRESS and
      KVM_ARM_VCPU_PTRAUTH_GENERIC. These flags will enable pointer
      authentication for the KVM guest on a per-vcpu basis through the ioctl
      KVM_ARM_VCPU_INIT.
      
      This features will allow the KVM guest to allow the handling of
      pointer authentication instructions or to treat them as undefined
      if not set.
      
      Necessary documentations are added to reflect the changes done.
      Reviewed-by: NDave Martin <Dave.Martin@arm.com>
      Signed-off-by: NAmit Daniel Kachhap <amit.kachhap@arm.com>
      Cc: Mark Rutland <mark.rutland@arm.com>
      Cc: Marc Zyngier <marc.zyngier@arm.com>
      Cc: Christoffer Dall <christoffer.dall@arm.com>
      Cc: kvmarm@lists.cs.columbia.edu
      Signed-off-by: NMarc Zyngier <marc.zyngier@arm.com>
      a22fa321
    • M
      KVM: arm/arm64: Context-switch ptrauth registers · 384b40ca
      Mark Rutland 提交于
      When pointer authentication is supported, a guest may wish to use it.
      This patch adds the necessary KVM infrastructure for this to work, with
      a semi-lazy context switch of the pointer auth state.
      
      Pointer authentication feature is only enabled when VHE is built
      in the kernel and present in the CPU implementation so only VHE code
      paths are modified.
      
      When we schedule a vcpu, we disable guest usage of pointer
      authentication instructions and accesses to the keys. While these are
      disabled, we avoid context-switching the keys. When we trap the guest
      trying to use pointer authentication functionality, we change to eagerly
      context-switching the keys, and enable the feature. The next time the
      vcpu is scheduled out/in, we start again. However the host key save is
      optimized and implemented inside ptrauth instruction/register access
      trap.
      
      Pointer authentication consists of address authentication and generic
      authentication, and CPUs in a system might have varied support for
      either. Where support for either feature is not uniform, it is hidden
      from guests via ID register emulation, as a result of the cpufeature
      framework in the host.
      
      Unfortunately, address authentication and generic authentication cannot
      be trapped separately, as the architecture provides a single EL2 trap
      covering both. If we wish to expose one without the other, we cannot
      prevent a (badly-written) guest from intermittently using a feature
      which is not uniformly supported (when scheduled on a physical CPU which
      supports the relevant feature). Hence, this patch expects both type of
      authentication to be present in a cpu.
      
      This switch of key is done from guest enter/exit assembly as preparation
      for the upcoming in-kernel pointer authentication support. Hence, these
      key switching routines are not implemented in C code as they may cause
      pointer authentication key signing error in some situations.
      Signed-off-by: NMark Rutland <mark.rutland@arm.com>
      [Only VHE, key switch in full assembly, vcpu_has_ptrauth checks
      , save host key in ptrauth exception trap]
      Signed-off-by: NAmit Daniel Kachhap <amit.kachhap@arm.com>
      Reviewed-by: NJulien Thierry <julien.thierry@arm.com>
      Cc: Christoffer Dall <christoffer.dall@arm.com>
      Cc: kvmarm@lists.cs.columbia.edu
      [maz: various fixups]
      Signed-off-by: NMarc Zyngier <marc.zyngier@arm.com>
      384b40ca
  2. 23 4月, 2019 1 次提交
  3. 19 4月, 2019 10 次提交
    • D
      KVM: arm/arm64: Clean up vcpu finalization function parameter naming · 92e68b2b
      Dave Martin 提交于
      Currently, the internal vcpu finalization functions use a different
      name ("what") for the feature parameter than the name ("feature")
      used in the documentation.
      
      To avoid future confusion, this patch converts everything to use
      the name "feature" consistently.
      
      No functional change.
      Suggested-by: NAndrew Jones <drjones@redhat.com>
      Signed-off-by: NDave Martin <Dave.Martin@arm.com>
      Reviewed-by: NAndrew Jones <drjones@redhat.com>
      Signed-off-by: NMarc Zyngier <marc.zyngier@arm.com>
      92e68b2b
    • D
      KVM: arm64/sve: Explain validity checks in set_sve_vls() · ecfb6ed4
      Dave Martin 提交于
      Correct virtualization of SVE relies for correctness on code in
      set_sve_vls() that verifies consistency between the set of vector
      lengths requested by userspace and the set of vector lengths
      available on the host.
      
      However, the purpose of this code is not obvious, and not likely to
      be apparent at all to people who do not have detailed knowledge of
      the SVE system-level architecture.
      
      This patch adds a suitable comment to explain what these checks are
      for.
      
      No functional change.
      Suggested-by: NAndrew Jones <drjones@redhat.com>
      Signed-off-by: NDave Martin <Dave.Martin@arm.com>
      Reviewed-by: NAndrew Jones <drjones@redhat.com>
      Signed-off-by: NMarc Zyngier <marc.zyngier@arm.com>
      ecfb6ed4
    • D
      KVM: arm64/sve: Simplify KVM_REG_ARM64_SVE_VLS array sizing · 4bd774e5
      Dave Martin 提交于
      A complicated DIV_ROUND_UP() expression is currently written out
      explicitly in multiple places in order to specify the size of the
      bitmap exchanged with userspace to represent the value of the
      KVM_REG_ARM64_SVE_VLS pseudo-register.
      
      Userspace currently has no direct way to work this out either: for
      documentation purposes, the size is just quoted as 8 u64s.
      
      To make this more intuitive, this patch replaces these with a
      single define, which is also exported to userspace as
      KVM_ARM64_SVE_VLS_WORDS.
      
      Since the number of words in a bitmap is just the index of the last
      word used + 1, this patch expresses the bound that way instead.
      This should make it clearer what is being expressed.
      
      For userspace convenience, the minimum and maximum possible vector
      lengths relevant to the KVM ABI are exposed to UAPI as
      KVM_ARM64_SVE_VQ_MIN, KVM_ARM64_SVE_VQ_MAX.  Since the only direct
      use for these at present is manipulation of KVM_REG_ARM64_SVE_VLS,
      no corresponding _VL_ macros are defined.  They could be added
      later if a need arises.
      
      Since use of DIV_ROUND_UP() was the only reason for including
      <linux/kernel.h> in guest.c, this patch also removes that #include.
      Suggested-by: NAndrew Jones <drjones@redhat.com>
      Signed-off-by: NDave Martin <Dave.Martin@arm.com>
      Reviewed-by: NAndrew Jones <drjones@redhat.com>
      Signed-off-by: NMarc Zyngier <marc.zyngier@arm.com>
      4bd774e5
    • D
      KVM: arm64/sve: WARN when avoiding divide-by-zero in sve_reg_to_region() · 55ffad3b
      Dave Martin 提交于
      sve_reg_to_region() currently passes the result of
      vcpu_sve_state_size() to array_index_nospec(), effectively
      leading to a divide / modulo operation.
      
      Currently the code bails out and returns -EINVAL if
      vcpu_sve_state_size() turns out to be zero, in order to avoid going
      ahead and attempting to divide by zero.  This is reasonable, but it
      should only happen if the kernel contains some other bug that
      allowed this code to be reached without the vcpu having been
      properly initialised.
      
      To make it clear that this is a defence against bugs rather than
      something that the user should be able to trigger, this patch marks
      the check with WARN_ON().
      Suggested-by: NAndrew Jones <drjones@redhat.com>
      Signed-off-by: NDave Martin <Dave.Martin@arm.com>
      Reviewed-by: NAndrew Jones <drjones@redhat.com>
      Signed-off-by: NMarc Zyngier <marc.zyngier@arm.com>
      55ffad3b
    • D
      KVM: arm64/sve: Make register ioctl access errors more consistent · 52110aa9
      Dave Martin 提交于
      Currently, the way error codes are generated when processing the
      SVE register access ioctls in a bit haphazard.
      
      This patch refactors the code so that the behaviour is more
      consistent: now, -EINVAL should be returned only for unrecognised
      register IDs or when some other runtime error occurs.  -ENOENT is
      returned for register IDs that are recognised, but whose
      corresponding register (or slice) does not exist for the vcpu.
      
      To this end, in {get,set}_sve_reg() we now delegate the
      vcpu_has_sve() check down into {get,set}_sve_vls() and
      sve_reg_to_region().  The KVM_REG_ARM64_SVE_VLS special case is
      picked off first, then sve_reg_to_region() plays the role of
      exhaustively validating or rejecting the register ID and (where
      accepted) computing the applicable register region as before.
      
      sve_reg_to_region() is rearranged so that -ENOENT or -EPERM is not
      returned prematurely, before checking whether reg->id is in a
      recognised range.
      
      -EPERM is now only returned when an attempt is made to access an
      actually existing register slice on an unfinalized vcpu.
      
      Fixes: e1c9c983 ("KVM: arm64/sve: Add SVE support to register access ioctl interface")
      Fixes: 9033bba4 ("KVM: arm64/sve: Add pseudo-register for the guest's vector lengths")
      Suggested-by: NAndrew Jones <drjones@redhat.com>
      Signed-off-by: NDave Martin <Dave.Martin@arm.com>
      Reviewed-by: NAndrew Jones <drjones@redhat.com>
      Signed-off-by: NMarc Zyngier <marc.zyngier@arm.com>
      52110aa9
    • D
      KVM: arm64/sve: Miscellaneous tidyups in guest.c · f8d4635a
      Dave Martin 提交于
       * Remove a few redundant blank lines that are stylistically
         inconsistent with code already in guest.c and are just taking up
         space.
      
       * Delete a couple of pointless empty default cases from switch
         statements whose behaviour is otherwise obvious anyway.
      
       * Fix some typos and consolidate some redundantly duplicated
         comments.
      
       * Respell the slice index check in sve_reg_to_region() as "> 0"
         to be more consistent with what is logically being checked here
         (i.e., "is the slice index too large"), even though we don't try
         to cope with multiple slices yet.
      
      No functional change.
      Suggested-by: NAndrew Jones <drjones@redhat.com>
      Signed-off-by: NDave Martin <Dave.Martin@arm.com>
      Reviewed-by: NAndrew Jones <drjones@redhat.com>
      Signed-off-by: NMarc Zyngier <marc.zyngier@arm.com>
      f8d4635a
    • D
      KVM: arm64/sve: Clean up UAPI register ID definitions · 8ae6efdd
      Dave Martin 提交于
      Currently, the SVE register ID macros are not all defined in the
      same way, and advertise the fact that FFR maps onto the nonexistent
      predicate register P16.  This is really just for kernel
      convenience, and may lead userspace into bad habits.
      
      Instead, this patch masks the ID macro arguments so that
      architecturally invalid register numbers will not be passed through
      any more, and uses a literal KVM_REG_ARM64_SVE_FFR_BASE macro to
      define KVM_REG_ARM64_SVE_FFR(), similarly to the way the _ZREG()
      and _PREG() macros are defined.
      
      Rather than plugging in magic numbers for the number of Z- and P-
      registers and the maximum possible number of register slices, this
      patch provides definitions for those too.  Userspace is going to
      need them in any case, and it makes sense for them to come from
      <uapi/asm/kvm.h>.
      
      sve_reg_to_region() uses convenience constants that are defined in
      a different way, and also makes use of the fact that the FFR IDs
      are really contiguous with the P15 IDs, so this patch retains the
      existing convenience constants in guest.c, supplemented with a
      couple of sanity checks to check for consistency with the UAPI
      header.
      
      Fixes: e1c9c983 ("KVM: arm64/sve: Add SVE support to register access ioctl interface")
      Suggested-by: NAndrew Jones <drjones@redhat.com>
      Signed-off-by: NDave Martin <Dave.Martin@arm.com>
      Reviewed-by: NAndrew Jones <drjones@redhat.com>
      Signed-off-by: NMarc Zyngier <marc.zyngier@arm.com>
      8ae6efdd
    • D
      KVM: arm64/sve: sys_regs: Demote redundant vcpu_has_sve() checks to WARNs · 700698a8
      Dave Martin 提交于
      Because of the logic in kvm_arm_sys_reg_{get,set}_reg() and
      sve_id_visibility(), we should never call
      {get,set}_id_aa64zfr0_el1() for a vcpu where !vcpu_has_sve(vcpu).
      
      To avoid the code giving the impression that it is valid for these
      functions to be called in this situation, and to help the compiler
      make the right optimisation decisions, this patch adds WARN_ON()
      for these cases.
      
      Given the way the logic is spread out, this seems preferable to
      dropping the checks altogether.
      Suggested-by: NAndrew Jones <drjones@redhat.com>
      Signed-off-by: NDave Martin <Dave.Martin@arm.com>
      Reviewed-by: NAndrew Jones <drjones@redhat.com>
      Signed-off-by: NMarc Zyngier <marc.zyngier@arm.com>
      700698a8
    • D
      KVM: arm/arm64: Demote kvm_arm_init_arch_resources() to just set up SVE · a3be836d
      Dave Martin 提交于
      The introduction of kvm_arm_init_arch_resources() looks like
      premature factoring, since nothing else uses this hook yet and it
      is not clear what will use it in the future.
      
      For now, let's not pretend that this is a general thing:
      
      This patch simply renames the function to kvm_arm_init_sve(),
      retaining the arm stub version under the new name.
      Suggested-by: NAndrew Jones <drjones@redhat.com>
      Signed-off-by: NDave Martin <Dave.Martin@arm.com>
      Reviewed-by: NAndrew Jones <drjones@redhat.com>
      Signed-off-by: NMarc Zyngier <marc.zyngier@arm.com>
      a3be836d
    • D
      arm64/sve: Clarify vq map semantics · 624835ab
      Dave Martin 提交于
      Currently the meanings of sve_vq_map and the ancillary helpers
      __bit_to_vq() and __vq_to_bit() are not clearly explained.
      
      This patch makes the explanatory comment clearer, and removes the
      duplicate comment from fpsimd.h.
      
      The WARN_ON() currently present in __bit_to_vq() confuses the
      intended use of this helper.  Since these are low-level helpers not
      intended for general-purpose use anyway, it is better not to make
      guesses about how these functions will be used: rather, this patch
      removes the WARN_ON() and relies on callers to use the helpers
      sensibly.
      Suggested-by: NAndrew Jones <drjones@redhat.com>
      Signed-off-by: NDave Martin <Dave.Martin@arm.com>
      Reviewed-by: NAndrew Jones <drjones@redhat.com>
      Signed-off-by: NMarc Zyngier <marc.zyngier@arm.com>
      624835ab
  4. 02 4月, 2019 1 次提交
    • M
      arm64: KVM: Fix system register enumeration · 5d8d4af2
      Marc Zyngier 提交于
      The introduction of the SVE registers to userspace started with a
      refactoring of the way we expose any register via the ONE_REG
      interface.
      
      Unfortunately, this change doesn't exactly behave as expected
      if the number of registers is non-zero and consider everything
      to be an error. The visible result is that QEMU barfs very early
      when creating vcpus.
      
      Make sure we only exit early in case there is an actual error, rather
      than a positive number of registers...
      
      Fixes: be25bbb3 ("KVM: arm64: Factor out core register ID enumeration")
      Signed-off-by: NMarc Zyngier <marc.zyngier@arm.com>
      5d8d4af2
  5. 29 3月, 2019 23 次提交