KVM: arm64: Wrap the host with a stage 2 (1025c8c0) · Commits · EulixOS / Software / Kernel

arch/arm64/include/asm/kvm_asm.h

+1 −0

Original line number	Diff line number	Diff line
		@@ -61,6 +61,7 @@
		#define __KVM_HOST_SMCCC_FUNC___pkvm_create_mappings 16
		#define __KVM_HOST_SMCCC_FUNC___pkvm_create_private_mapping 17
		#define __KVM_HOST_SMCCC_FUNC___pkvm_cpu_set_vector 18
		#define __KVM_HOST_SMCCC_FUNC___pkvm_prot_finalize 19

		#ifndef __ASSEMBLY__

+3 −0

Original line number	Diff line number	Diff line
		@@ -131,6 +131,9 @@ KVM_NVHE_ALIAS(__hyp_bss_end);
		KVM_NVHE_ALIAS(__hyp_rodata_start);
		KVM_NVHE_ALIAS(__hyp_rodata_end);

		/* pKVM static key */
		KVM_NVHE_ALIAS(kvm_protected_mode_initialized);

		#endif /* CONFIG_KVM */

		#endif /* __ARM64_KERNEL_IMAGE_VARS_H */

+10 −0

Original line number	Diff line number	Diff line
		@@ -1894,12 +1894,22 @@ static int init_hyp_mode(void)
		return err;
		}

		void _kvm_host_prot_finalize(void *discard)
		{
		WARN_ON(kvm_call_hyp_nvhe(__pkvm_prot_finalize));
		}

		static int finalize_hyp_mode(void)
		{
		if (!is_protected_kvm_enabled())
		return 0;

		/*
		* Flip the static key upfront as that may no longer be possible
		* once the host stage 2 is installed.
		*/
		static_branch_enable(&kvm_protected_mode_initialized);
		on_each_cpu(_kvm_host_prot_finalize, NULL, 1);

		return 0;
		}

0 → 100644

+34 −0

Original line number	Diff line number	Diff line
		/* SPDX-License-Identifier: GPL-2.0-only */
		/*
		* Copyright (C) 2020 Google LLC
		* Author: Quentin Perret <qperret@google.com>
		*/

		#ifndef __KVM_NVHE_MEM_PROTECT__
		#define __KVM_NVHE_MEM_PROTECT__
		#include <linux/kvm_host.h>
		#include <asm/kvm_hyp.h>
		#include <asm/kvm_pgtable.h>
		#include <asm/virt.h>
		#include <nvhe/spinlock.h>

		struct host_kvm {
		struct kvm_arch arch;
		struct kvm_pgtable pgt;
		struct kvm_pgtable_mm_ops mm_ops;
		hyp_spinlock_t lock;
		};
		extern struct host_kvm host_kvm;

		int __pkvm_prot_finalize(void);
		int kvm_host_prepare_stage2(void mem_pgt_pool, void dev_pgt_pool);
		void handle_host_mem_abort(struct kvm_cpu_context *host_ctxt);

		static __always_inline void __load_host_stage2(void)
		{
		if (static_branch_likely(&kvm_protected_mode_initialized))
		__load_stage2(&host_kvm.arch.mmu, host_kvm.arch.vtcr);
		else
		write_sysreg(0, vttbr_el2);
		}
		#endif /* __KVM_NVHE_MEM_PROTECT__ */

+1 −1

Original line number	Diff line number	Diff line
		@@ -14,7 +14,7 @@ lib-objs := $(addprefix ../../../lib/, $(lib-objs))

		obj-y := timer-sr.o sysreg-sr.o debug-sr.o switch.o tlb.o hyp-init.o host.o \
		hyp-main.o hyp-smp.o psci-relay.o early_alloc.o stub.o page_alloc.o \
		cache.o setup.o mm.o
		cache.o setup.o mm.o mem_protect.o
		obj-y += ../vgic-v3-sr.o ../aarch32.o ../vgic-v2-cpuif-proxy.o ../entry.o \
		../fpsimd.o ../hyp-entry.o ../exception.o ../pgtable.o
		obj-y += $(lib-objs)