[PATCH RFC v4 0/3] riscv: add Svukte extension

Anup Patel anup at brainfault.org
Wed Dec 18 23:03:39 PST 2024 

On Fri, Dec 13, 2024 at 5:03 PM Max Hsu <max.hsu at sifive.com> wrote:
>
> RISC-V privileged spec will be added with Svukte extension [1]
>
> Svukte introduce senvcfg.UKTE and hstatus.HUKTE bitfield.
> which makes user-mode access to supervisor memory raise page faults
> in constant time, mitigating attacks that attempt to discover the
> supervisor software's address-space layout.
>
> In the Linux kernel, since the hstatus.HU bit is not enabled,
> the following patches only enable the use of senvcfg.UKTE.
>
> For Guest environments, because a Guest OS (not limited to Linux)
> may hold mappings from GVA to GPA, the Guest OS should decide
> whether to enable the protection provided by the Svukte extension.
>
> Since the Guest OS may utilize the Svukte extension simply by setting
> the senvcfg.UKTE without any trap to host. In the view of VMM, the
> Svukte extension should be always presented. Therefore adding an
> extra entry in kvm_riscv_vcpu_isa_disable_allowed().
>
> If the Guest environment wants to change senvcfg.UKTE, KVM already
> provides the senvcfg CSR swap support via
> kvm_riscv_vcpu_swap_in_(host|guest)_state.
> Thus, there is no concern about the Guest OS affecting the Host OS.
>
> The following patches add
> - dt-binding of Svukte ISA string
> - CSR bit definition, ISA detection, senvcfg.UKTE enablement in kernel
> - KVM ISA support for Svukte extension
>
> Changes in v4:
> - rebase on riscv/for-next
> - add kvm_riscv_vcpu_isa_disable_allowed() entry addressed by Anup
>   and Andrew from v2/v3 patches.
>   - update the cover letter for the detailed reason
> - update the commit message on dt-binding for the Svukte ISA string
> - Link to v3: https://lore.kernel.org/all/20241120-dev-maxh-svukte-v3-v3-0-1e533d41ae15@sifive.com/
>
> Changes in v3:
> - rebase on riscv/for-next
> - fixed typo in the dt-binding for the Svukte ISA string
> - updated the commit message for KVM support for the Svukte extension
> - Link to v2: https://lore.kernel.org/all/20240927-dev-maxh-svukte-rebase-2-v2-0-9afe57c33aee@sifive.com/
>
> Changes in v2:
> - rebase on riscv/for-next (riscv-for-linus-6.12-mw1)
> - modify the description of dt-binding on Svukte ISA string
> - Link to v1: https://lore.kernel.org/all/20240920-dev-maxh-svukte-rebase-v1-0-7864a88a62bd@sifive.com/
>
> Link: https://github.com/riscv/riscv-isa-manual/pull/1564 [1]
>
> Signed-off-by: Max Hsu <max.hsu at sifive.com>
>
> ---
> Max Hsu (3):
>       dt-bindings: riscv: Add Svukte entry
>       riscv: Add Svukte extension support
>       riscv: KVM: Add Svukte extension support for Guest/VM

Overall, this series looks good to me.

Reviewed-by: Anup Patel <anup at brainfault.org>

As-per Linux RISC-V patch acceptance policy, we will have to
wait until the spec is frozen.

Regards,
Anup

>
>  Documentation/devicetree/bindings/riscv/extensions.yaml | 9 +++++++++
>  arch/riscv/include/asm/csr.h                            | 2 ++
>  arch/riscv/include/asm/hwcap.h                          | 1 +
>  arch/riscv/include/uapi/asm/kvm.h                       | 1 +
>  arch/riscv/kernel/cpufeature.c                          | 5 +++++
>  arch/riscv/kvm/vcpu_onereg.c                            | 2 ++
>  6 files changed, 20 insertions(+)
> ---
> base-commit: fac04efc5c793dccbd07e2d59af9f90b7fc0dca4
> change-id: 20241213-dev-maxh-svukte-v4-34101ec945e9
>
> Best regards,
> --
> Max Hsu <max.hsu at sifive.com>
>

More information about the kvm-riscv mailing list