[PATCH v2 00/24] KVM: arm64: Introduce pKVM shadow state at EL2

Will Deacon will at kernel.org
Thu Jun 30 06:57:23 PDT 2022 

Hi everyone,

This series has been extracted from the pKVM base support series (aka
"pKVM mega-patch") previously posted here:

  https://lore.kernel.org/kvmarm/20220519134204.5379-1-will@kernel.org/

Unlike that more comprehensive series, this one is fairly fundamental
and does not introduce any new ABI commitments, leaving questions
involving the management of guest private memory and the creation of
protected VMs for future work. Instead, this series extends the pKVM EL2
code so that it can dynamically instantiate and manage VM shadow
structures without the host being able to access them directly. These
shadow structures consist of a shadow VM, a set of shadow vCPUs and the
stage-2 page-table and the pages used to hold them are returned to the
host when the VM is destroyed.

The last patch is marked as RFC because, although it plumbs in the
shadow state, it is woefully inefficient and copies to/from the host
state on every vCPU run. Without the last patch, the new structures are
unused but we move considerably closer to isolating guests from the
host.

The series is based on Marc's rework of the flags
(kvm-arm64/burn-the-flags).

Feedback welcome.

Cheers,

Will, Quentin, Fuad and Marc

Cc: Ard Biesheuvel <ardb at kernel.org>
Cc: Sean Christopherson <seanjc at google.com>
Cc: Will Deacon <will at kernel.org>
Cc: Alexandru Elisei <alexandru.elisei at arm.com>
Cc: Andy Lutomirski <luto at amacapital.net>
Cc: Catalin Marinas <catalin.marinas at arm.com>
Cc: James Morse <james.morse at arm.com>
Cc: Chao Peng <chao.p.peng at linux.intel.com>
Cc: Quentin Perret <qperret at google.com>
Cc: Suzuki K Poulose <suzuki.poulose at arm.com>
Cc: Michael Roth <michael.roth at amd.com>
Cc: Mark Rutland <mark.rutland at arm.com>
Cc: Fuad Tabba <tabba at google.com>
Cc: Oliver Upton <oliver.upton at linux.dev>
Cc: Marc Zyngier <maz at kernel.org>

Cc: kernel-team at android.com
Cc: kvm at vger.kernel.org
Cc: kvmarm at lists.cs.columbia.edu
Cc: linux-arm-kernel at lists.infradead.org

--->8

Fuad Tabba (3):
  KVM: arm64: Add hyp_spinlock_t static initializer
  KVM: arm64: Introduce shadow VM state at EL2
  KVM: arm64: Instantiate VM shadow data from EL1

Quentin Perret (15):
  KVM: arm64: Move hyp refcount manipulation helpers
  KVM: arm64: Allow non-coalescable pages in a hyp_pool
  KVM: arm64: Add flags to struct hyp_page
  KVM: arm64: Back hyp_vmemmap for all of memory
  KVM: arm64: Make hyp stage-1 refcnt correct on the whole range
  KVM: arm64: Implement do_donate() helper for donating memory
  KVM: arm64: Prevent the donation of no-map pages
  KVM: arm64: Add helpers to pin memory shared with hyp
  KVM: arm64: Add pcpu fixmap infrastructure at EL2
  KVM: arm64: Add generic hyp_memcache helpers
  KVM: arm64: Instantiate guest stage-2 page-tables at EL2
  KVM: arm64: Return guest memory from EL2 via dedicated teardown
    memcache
  KVM: arm64: Unmap kvm_arm_hyp_percpu_base from the host
  KVM: arm64: Explicitly map kvm_vgic_global_state at EL2
  KVM: arm64: Don't map host sections in pkvm

Will Deacon (6):
  KVM: arm64: Unify identifiers used to distinguish host and hypervisor
  KVM: arm64: Include asm/kvm_mmu.h in nvhe/mem_protect.h
  KVM: arm64: Initialise hyp symbols regardless of pKVM
  KVM: arm64: Provide I-cache invalidation by VA at EL2
  KVM: arm64: Maintain a copy of 'kvm_arm_vmid_bits' at EL2
  KVM: arm64: Use the shadow vCPU structure in handle___kvm_vcpu_run()

 arch/arm64/include/asm/kvm_asm.h              |   6 +-
 arch/arm64/include/asm/kvm_host.h             |  65 +++
 arch/arm64/include/asm/kvm_hyp.h              |   3 +
 arch/arm64/include/asm/kvm_pgtable.h          |   8 +
 arch/arm64/include/asm/kvm_pkvm.h             |  38 ++
 arch/arm64/kernel/image-vars.h                |  15 -
 arch/arm64/kvm/arm.c                          |  40 +-
 arch/arm64/kvm/hyp/hyp-constants.c            |   3 +
 arch/arm64/kvm/hyp/include/nvhe/gfp.h         |   6 +-
 arch/arm64/kvm/hyp/include/nvhe/mem_protect.h |  19 +-
 arch/arm64/kvm/hyp/include/nvhe/memory.h      |  26 +-
 arch/arm64/kvm/hyp/include/nvhe/mm.h          |  18 +-
 arch/arm64/kvm/hyp/include/nvhe/pkvm.h        |  70 +++
 arch/arm64/kvm/hyp/include/nvhe/spinlock.h    |  10 +-
 arch/arm64/kvm/hyp/nvhe/cache.S               |  11 +
 arch/arm64/kvm/hyp/nvhe/hyp-main.c            | 105 +++-
 arch/arm64/kvm/hyp/nvhe/hyp-smp.c             |   2 +
 arch/arm64/kvm/hyp/nvhe/mem_protect.c         | 456 +++++++++++++++++-
 arch/arm64/kvm/hyp/nvhe/mm.c                  | 136 +++++-
 arch/arm64/kvm/hyp/nvhe/page_alloc.c          |  42 +-
 arch/arm64/kvm/hyp/nvhe/pkvm.c                | 438 +++++++++++++++++
 arch/arm64/kvm/hyp/nvhe/setup.c               |  96 ++--
 arch/arm64/kvm/hyp/pgtable.c                  |   9 +
 arch/arm64/kvm/mmu.c                          |  26 +
 arch/arm64/kvm/pkvm.c                         | 121 ++++-
 25 files changed, 1625 insertions(+), 144 deletions(-)
 create mode 100644 arch/arm64/kvm/hyp/include/nvhe/pkvm.h

-- 
2.37.0.rc0.161.g10f37bed90-goog

More information about the linux-arm-kernel mailing list