Commit 0e3bcb49 authored by Will Deacon's avatar Will Deacon Committed by Oliver Upton
Browse files

KVM: arm64: Handle FFA_MEM_RECLAIM calls from the host 



Intecept FFA_MEM_RECLAIM calls from the host and transition the host
stage-2 page-table entries from the SHARED_OWNED state back to the OWNED
state once EL3 has confirmed that the secure mapping has been reclaimed.

Signed-off-by: default avatarWill Deacon <will@kernel.org>
Link: https://lore.kernel.org/r/20230523101828.7328-8-will@kernel.org


Signed-off-by: default avatarOliver Upton <oliver.upton@linux.dev>
parent 43609000

arch/arm64/kvm/hyp/nvhe/ffa.c

+79 −0
Original line number Diff line number Diff line
@@ -124,6 +124,23 @@ static void ffa_mem_share(struct arm_smccc_res *res, u32 len, u32 fraglen) 
			  res);

}



static void ffa_mem_reclaim(struct arm_smccc_res *res, u32 handle_lo,

			     u32 handle_hi, u32 flags)

{

	arm_smccc_1_1_smc(FFA_MEM_RECLAIM,

			  handle_lo, handle_hi, flags,

			  0, 0, 0, 0,

			  res);

}



static void ffa_retrieve_req(struct arm_smccc_res *res, u32 len)

{

	arm_smccc_1_1_smc(FFA_FN64_MEM_RETRIEVE_REQ,

			  len, len,

			  0, 0, 0, 0, 0,

			  res);

}



static void do_ffa_rxtx_map(struct arm_smccc_res *res,

			    struct kvm_cpu_context *ctxt)

{
@@ -379,6 +396,65 @@ static void do_ffa_mem_share(struct arm_smccc_res *res, 
	return;

}



static void do_ffa_mem_reclaim(struct arm_smccc_res *res,

			       struct kvm_cpu_context *ctxt)

{

	DECLARE_REG(u32, handle_lo, ctxt, 1);

	DECLARE_REG(u32, handle_hi, ctxt, 2);

	DECLARE_REG(u32, flags, ctxt, 3);

	struct ffa_composite_mem_region *reg;

	struct ffa_mem_region *buf;

	int ret = 0;

	u32 offset;

	u64 handle;



	handle = PACK_HANDLE(handle_lo, handle_hi);



	hyp_spin_lock(&host_buffers.lock);



	buf = hyp_buffers.tx;

	*buf = (struct ffa_mem_region) {

		.sender_id	= HOST_FFA_ID,

		.handle		= handle,

	};



	ffa_retrieve_req(res, sizeof(*buf));

	buf = hyp_buffers.rx;

	if (res->a0 != FFA_MEM_RETRIEVE_RESP)

		goto out_unlock;



	/* Check for fragmentation */

	if (res->a1 != res->a2) {

		ret = FFA_RET_ABORTED;

		goto out_unlock;

	}



	offset = buf->ep_mem_access[0].composite_off;

	/*

	 * We can trust the SPMD to get this right, but let's at least

	 * check that we end up with something that doesn't look _completely_

	 * bogus.

	 */

	if (WARN_ON(offset > KVM_FFA_MBOX_NR_PAGES * PAGE_SIZE)) {

		ret = FFA_RET_ABORTED;

		goto out_unlock;

	}



	reg = (void *)buf + offset;

	ffa_mem_reclaim(res, handle_lo, handle_hi, flags);

	if (res->a0 != FFA_SUCCESS)

		goto out_unlock;



	/* If the SPMD was happy, then we should be too. */

	WARN_ON(ffa_host_unshare_ranges(reg->constituents,

					reg->addr_range_cnt));

out_unlock:

	hyp_spin_unlock(&host_buffers.lock);



	if (ret)

		ffa_to_smccc_res(res, ret);

}



/*

 * Is a given FFA function supported, either by forwarding on directly

 * or by handling at EL2?
@@ -445,6 +521,9 @@ bool kvm_host_ffa_handler(struct kvm_cpu_context *host_ctxt) 
	case FFA_FN64_MEM_SHARE:

		do_ffa_mem_share(&res, host_ctxt);

		goto out_handled;

	case FFA_MEM_RECLAIM:

		do_ffa_mem_reclaim(&res, host_ctxt);

		goto out_handled;

	}



	if (ffa_call_supported(func_id))