Commit cfa72993 authored by Marc Zyngier's avatar Marc Zyngier
Browse files

Merge branch kvm-arm64/pkvm-vcpu-state into kvmarm-master/next 



* kvm-arm64/pkvm-vcpu-state: (25 commits)
  : .
  : Large drop of pKVM patches from Will Deacon and co, adding
  : a private vm/vcpu state at EL2, managed independently from
  : the EL1 state. From the cover letter:
  :
  : "This is version six of the pKVM EL2 state series, extending the pKVM
  : hypervisor code so that it can dynamically instantiate and manage VM
  : data structures without the host being able to access them directly.
  : These structures consist of a hyp VM, a set of hyp vCPUs and the stage-2
  : page-table for the MMU. The pages used to hold the hypervisor structures
  : are returned to the host when the VM is destroyed."
  : .
  KVM: arm64: Use the pKVM hyp vCPU structure in handle___kvm_vcpu_run()
  KVM: arm64: Don't unnecessarily map host kernel sections at EL2
  KVM: arm64: Explicitly map 'kvm_vgic_global_state' at EL2
  KVM: arm64: Maintain a copy of 'kvm_arm_vmid_bits' at EL2
  KVM: arm64: Unmap 'kvm_arm_hyp_percpu_base' from the host
  KVM: arm64: Return guest memory from EL2 via dedicated teardown memcache
  KVM: arm64: Instantiate guest stage-2 page-tables at EL2
  KVM: arm64: Consolidate stage-2 initialisation into a single function
  KVM: arm64: Add generic hyp_memcache helpers
  KVM: arm64: Provide I-cache invalidation by virtual address at EL2
  KVM: arm64: Initialise hypervisor copies of host symbols unconditionally
  KVM: arm64: Add per-cpu fixmap infrastructure at EL2
  KVM: arm64: Instantiate pKVM hypervisor VM and vCPU structures from EL1
  KVM: arm64: Add infrastructure to create and track pKVM instances at EL2
  KVM: arm64: Rename 'host_kvm' to 'host_mmu'
  KVM: arm64: Add hyp_spinlock_t static initializer
  KVM: arm64: Include asm/kvm_mmu.h in nvhe/mem_protect.h
  KVM: arm64: Add helpers to pin memory shared with the hypervisor at EL2
  KVM: arm64: Prevent the donation of no-map pages
  KVM: arm64: Implement do_donate() helper for donating memory
  ...

Signed-off-by: default avatarMarc Zyngier <maz@kernel.org>
parents fe8e3f44 be66e67f

arch/arm64/include/asm/kvm_arm.h

+1 −1
Original line number Diff line number Diff line
@@ -135,7 +135,7 @@ 
 * 40 bits wide (T0SZ = 24).  Systems with a PARange smaller than 40 bits are

 * not known to exist and will break with this configuration.

 *

 * The VTCR_EL2 is configured per VM and is initialised in kvm_arm_setup_stage2().

 * The VTCR_EL2 is configured per VM and is initialised in kvm_init_stage2_mmu.

 *

 * Note that when using 4K pages, we concatenate two first level page tables

 * together. With 16K pages, we concatenate 16 first level page tables.

arch/arm64/include/asm/kvm_asm.h

+5 −2
Original line number Diff line number Diff line
@@ -76,6 +76,9 @@ enum __kvm_host_smccc_func { 
	__KVM_HOST_SMCCC_FUNC___vgic_v3_save_aprs,

	__KVM_HOST_SMCCC_FUNC___vgic_v3_restore_aprs,

	__KVM_HOST_SMCCC_FUNC___pkvm_vcpu_init_traps,

	__KVM_HOST_SMCCC_FUNC___pkvm_init_vm,

	__KVM_HOST_SMCCC_FUNC___pkvm_init_vcpu,

	__KVM_HOST_SMCCC_FUNC___pkvm_teardown_vm,

};



#define DECLARE_KVM_VHE_SYM(sym)	extern char sym[]
@@ -106,7 +109,7 @@ enum __kvm_host_smccc_func { 
#define per_cpu_ptr_nvhe_sym(sym, cpu)						\

	({									\

		unsigned long base, off;					\

		base = kvm_arm_hyp_percpu_base[cpu];				\

		base = kvm_nvhe_sym(kvm_arm_hyp_percpu_base)[cpu];		\

		off = (unsigned long)&CHOOSE_NVHE_SYM(sym) -			\

		      (unsigned long)&CHOOSE_NVHE_SYM(__per_cpu_start);		\

		base ? (typeof(CHOOSE_NVHE_SYM(sym))*)(base + off) : NULL;	\
@@ -211,7 +214,7 @@ DECLARE_KVM_HYP_SYM(__kvm_hyp_vector); 
#define __kvm_hyp_init		CHOOSE_NVHE_SYM(__kvm_hyp_init)

#define __kvm_hyp_vector	CHOOSE_HYP_SYM(__kvm_hyp_vector)



extern unsigned long kvm_arm_hyp_percpu_base[NR_CPUS];

extern unsigned long kvm_nvhe_sym(kvm_arm_hyp_percpu_base)[];

DECLARE_KVM_NVHE_SYM(__per_cpu_start);

DECLARE_KVM_NVHE_SYM(__per_cpu_end);

arch/arm64/include/asm/kvm_host.h

+70 −2
Original line number Diff line number Diff line
@@ -73,6 +73,63 @@ u32 __attribute_const__ kvm_target_cpu(void); 
int kvm_reset_vcpu(struct kvm_vcpu *vcpu);

void kvm_arm_vcpu_destroy(struct kvm_vcpu *vcpu);



struct kvm_hyp_memcache {

	phys_addr_t head;

	unsigned long nr_pages;

};



static inline void push_hyp_memcache(struct kvm_hyp_memcache *mc,

				     phys_addr_t *p,

				     phys_addr_t (*to_pa)(void *virt))

{

	*p = mc->head;

	mc->head = to_pa(p);

	mc->nr_pages++;

}



static inline void *pop_hyp_memcache(struct kvm_hyp_memcache *mc,

				     void *(*to_va)(phys_addr_t phys))

{

	phys_addr_t *p = to_va(mc->head);



	if (!mc->nr_pages)

		return NULL;



	mc->head = *p;

	mc->nr_pages--;



	return p;

}



static inline int __topup_hyp_memcache(struct kvm_hyp_memcache *mc,

				       unsigned long min_pages,

				       void *(*alloc_fn)(void *arg),

				       phys_addr_t (*to_pa)(void *virt),

				       void *arg)

{

	while (mc->nr_pages < min_pages) {

		phys_addr_t *p = alloc_fn(arg);



		if (!p)

			return -ENOMEM;

		push_hyp_memcache(mc, p, to_pa);

	}



	return 0;

}



static inline void __free_hyp_memcache(struct kvm_hyp_memcache *mc,

				       void (*free_fn)(void *virt, void *arg),

				       void *(*to_va)(phys_addr_t phys),

				       void *arg)

{

	while (mc->nr_pages)

		free_fn(pop_hyp_memcache(mc, to_va), arg);

}



void free_hyp_memcache(struct kvm_hyp_memcache *mc);

int topup_hyp_memcache(struct kvm_hyp_memcache *mc, unsigned long min_pages);



struct kvm_vmid {

	atomic64_t id;

};
@@ -115,6 +172,13 @@ struct kvm_smccc_features { 
	unsigned long vendor_hyp_bmap;

};



typedef unsigned int pkvm_handle_t;



struct kvm_protected_vm {

	pkvm_handle_t handle;

	struct kvm_hyp_memcache teardown_mc;

};



struct kvm_arch {

	struct kvm_s2_mmu mmu;
@@ -166,6 +230,12 @@ struct kvm_arch { 


	/* Hypercall features firmware registers' descriptor */

	struct kvm_smccc_features smccc_feat;



	/*

	 * For an untrusted host VM, 'pkvm.handle' is used to lookup

	 * the associated pKVM instance in the hypervisor.

	 */

	struct kvm_protected_vm pkvm;

};



struct kvm_vcpu_fault_info {
@@ -915,8 +985,6 @@ int kvm_set_ipa_limit(void); 
#define __KVM_HAVE_ARCH_VM_ALLOC

struct kvm *kvm_arch_alloc_vm(void);



int kvm_arm_setup_stage2(struct kvm *kvm, unsigned long type);



static inline bool kvm_vm_is_protected(struct kvm *kvm)

{

	return false;

arch/arm64/include/asm/kvm_hyp.h

+3 −0
Original line number Diff line number Diff line
@@ -123,4 +123,7 @@ extern u64 kvm_nvhe_sym(id_aa64mmfr0_el1_sys_val); 
extern u64 kvm_nvhe_sym(id_aa64mmfr1_el1_sys_val);

extern u64 kvm_nvhe_sym(id_aa64mmfr2_el1_sys_val);



extern unsigned long kvm_nvhe_sym(__icache_flags);

extern unsigned int kvm_nvhe_sym(kvm_arm_vmid_bits);



#endif /* __ARM64_KVM_HYP_H__ */

arch/arm64/include/asm/kvm_mmu.h

+1 −1
Original line number Diff line number Diff line
@@ -166,7 +166,7 @@ int create_hyp_exec_mappings(phys_addr_t phys_addr, size_t size, 
void free_hyp_pgds(void);



void stage2_unmap_vm(struct kvm *kvm);

int kvm_init_stage2_mmu(struct kvm *kvm, struct kvm_s2_mmu *mmu);

int kvm_init_stage2_mmu(struct kvm *kvm, struct kvm_s2_mmu *mmu, unsigned long type);

void kvm_free_stage2_pgd(struct kvm_s2_mmu *mmu);

int kvm_phys_addr_ioremap(struct kvm *kvm, phys_addr_t guest_ipa,

			  phys_addr_t pa, unsigned long size, bool writable);