[PATCH 04/13] KVM: arm64: nv: Configure HCR_EL2 for FEAT_NV2

Joey Gouly joey.gouly at arm.com
Tue Feb 20 07:16:00 PST 2024 

Hi,

On Mon, Feb 19, 2024 at 09:20:05AM +0000, Marc Zyngier wrote:
> Add the HCR_EL2 configuration for FEAT_NV2, adding the required
> bits for running a guest hypervisor, and overall merging the
> allowed bits provided by the guest.
> 
> This heavily replies on unavaliable features being sanitised
> when the HCR_EL2 shadow register is accessed, and only a couple
> of bits must be explicitly disabled.
> 
> Non-NV guests are completely unaffected by any of this.
> 
> Signed-off-by: Marc Zyngier <maz at kernel.org>
> ---
>  arch/arm64/include/asm/sysreg.h         |  1 +
>  arch/arm64/kvm/hyp/include/hyp/switch.h |  4 +--
>  arch/arm64/kvm/hyp/nvhe/switch.c        |  2 +-
>  arch/arm64/kvm/hyp/vhe/switch.c         | 34 ++++++++++++++++++++++++-
>  4 files changed, 36 insertions(+), 5 deletions(-)
> 
> diff --git a/arch/arm64/include/asm/sysreg.h b/arch/arm64/include/asm/sysreg.h
> index 9e8999592f3a..a5361d9032a4 100644
> --- a/arch/arm64/include/asm/sysreg.h
> +++ b/arch/arm64/include/asm/sysreg.h
> @@ -498,6 +498,7 @@
>  #define SYS_TCR_EL2			sys_reg(3, 4, 2, 0, 2)
>  #define SYS_VTTBR_EL2			sys_reg(3, 4, 2, 1, 0)
>  #define SYS_VTCR_EL2			sys_reg(3, 4, 2, 1, 2)
> +#define SYS_VNCR_EL2			sys_reg(3, 4, 2, 2, 0)
>  
>  #define SYS_TRFCR_EL2			sys_reg(3, 4, 1, 2, 1)
>  #define SYS_VNCR_EL2			sys_reg(3, 4, 2, 2, 0)

I'm seeing double! (SYS_VNCR_EL2 is already defined a few lines down)

> diff --git a/arch/arm64/kvm/hyp/include/hyp/switch.h b/arch/arm64/kvm/hyp/include/hyp/switch.h
> index e3fcf8c4d5b4..f5f701f309a9 100644
> --- a/arch/arm64/kvm/hyp/include/hyp/switch.h
> +++ b/arch/arm64/kvm/hyp/include/hyp/switch.h
> @@ -271,10 +271,8 @@ static inline void __deactivate_traps_common(struct kvm_vcpu *vcpu)
>  	__deactivate_traps_hfgxtr(vcpu);
>  }
>  
> -static inline void ___activate_traps(struct kvm_vcpu *vcpu)
> +static inline void ___activate_traps(struct kvm_vcpu *vcpu, u64 hcr)
>  {
> -	u64 hcr = vcpu->arch.hcr_el2;
> -
>  	if (cpus_have_final_cap(ARM64_WORKAROUND_CAVIUM_TX2_219_TVM))
>  		hcr |= HCR_TVM;
>  
> diff --git a/arch/arm64/kvm/hyp/nvhe/switch.c b/arch/arm64/kvm/hyp/nvhe/switch.c
> index c50f8459e4fc..4103625e46c5 100644
> --- a/arch/arm64/kvm/hyp/nvhe/switch.c
> +++ b/arch/arm64/kvm/hyp/nvhe/switch.c
> @@ -40,7 +40,7 @@ static void __activate_traps(struct kvm_vcpu *vcpu)
>  {
>  	u64 val;
>  
> -	___activate_traps(vcpu);
> +	___activate_traps(vcpu, vcpu->arch.hcr_el2);
>  	__activate_traps_common(vcpu);
>  
>  	val = vcpu->arch.cptr_el2;
> diff --git a/arch/arm64/kvm/hyp/vhe/switch.c b/arch/arm64/kvm/hyp/vhe/switch.c
> index 58415783fd53..29f59c374f7a 100644
> --- a/arch/arm64/kvm/hyp/vhe/switch.c
> +++ b/arch/arm64/kvm/hyp/vhe/switch.c
> @@ -33,11 +33,43 @@ DEFINE_PER_CPU(struct kvm_host_data, kvm_host_data);
>  DEFINE_PER_CPU(struct kvm_cpu_context, kvm_hyp_ctxt);
>  DEFINE_PER_CPU(unsigned long, kvm_hyp_vector);
>  
> +/*
> + * HCR_EL2 bits that the NV guest can freely change (no RES0/RES1
> + * semantics, irrespective of the configuration), but that cannot be
> + * applied to the actual HW as things would otherwise break badly.
> + *
> + * - TGE: we want to use EL1, which is incompatible with it being set

Can you make this a bit clearer:

	we want the guest to use EL1

Assuming I've understood correctly. I first read it as 'we' == kvm.

> + *
> + * - API/APK: for hysterical raisins, we enable PAuth lazily, which
> + *   means that the guest's bits cannot be directly applied (we really
> + *   want to see the traps). Revisit this at some point.
> + */
> +#define NV_HCR_GUEST_EXCLUDE	(HCR_TGE | HCR_API | HCR_APK)
> +
> +static u64 __compute_hcr(struct kvm_vcpu *vcpu)
> +{
> +	u64 hcr = vcpu->arch.hcr_el2;
> +
> +	if (!vcpu_has_nv(vcpu))
> +		return hcr;
> +
> +	if (is_hyp_ctxt(vcpu)) {
> +		hcr |= HCR_NV | HCR_NV2 | HCR_AT | HCR_TTLB;
> +
> +		if (!vcpu_el2_e2h_is_set(vcpu))
> +			hcr |= HCR_NV1;
> +
> +		write_sysreg_s(vcpu->arch.ctxt.vncr_array, SYS_VNCR_EL2);
> +	}
> +
> +	return hcr | (__vcpu_sys_reg(vcpu, HCR_EL2) & ~NV_HCR_GUEST_EXCLUDE);
> +}
> +
>  static void __activate_traps(struct kvm_vcpu *vcpu)
>  {
>  	u64 val;
>  
> -	___activate_traps(vcpu);
> +	___activate_traps(vcpu, __compute_hcr(vcpu));
>  
>  	if (has_cntpoff()) {
>  		struct timer_map map;

Otherwise,

Reviewed-by: Joey Gouly <joey.gouly at arm.com>

Thanks,
Joey

More information about the linux-arm-kernel mailing list