[PATCH v3 00/15] KVM: arm64: Rework guest VM fixed feature handling and trapping in pKVM
James Clark
james.clark at linaro.org
Thu Nov 28 08:31:58 PST 2024
On 28/11/2024 12:35 pm, Fuad Tabba wrote:
> Changes from v2 (Marc):
> - Added three patches that remove the per-vcpu flags of PtrAuth
> and SVE being enabled for guests, in favor of them being per VM
> - Tidying up
>
> This patch series redoes how fixed features for protected guests
> are specified in pKVM, as well as how trapping is handled based
> on the features available for the VM. It also fixes a couple of
> existing bugs in the process.
>
> For protected VMs, some features should be trapped if the guest
> tries to use them because they are not supported (e.g., SME), or
> if they are not enabled for the particular VM (e.g., SVE).
>
> Initially, pKVM took the approach of specifying these features
> using macros and grouping their handling by feature id register.
> This proved to be difficult to maintain and bug prone. Moreover,
> since the nested virt work there is a framework in KVM for
> storing feature id register values per vm, as well as how to
> handle traps based on these values.
>
> This patch series uses the vm's feature id registers to track the
> supported features, a framework similar to nested virt to set the
> trap values, and removes the need to store cptr_el2 per vcpu in
> favor of setting its value when traps are activated, as VHE mode
> does.
>
> The changes should not affect the behavior of non-protected VMs
> nor the behavior of VMs outside of protected mode in general.
>
> This series is based on kvmarm/next (60ad25e14ab5), since it
> requires the patches from the series that fixes initialization of
> trap register values in pKVM [2].
>
> Cheers,
> /fuad
>
> [1] https://lore.kernel.org/all/20241122110622.3010118-1-tabba@google.com/
> [2] https://lore.kernel.org/all/20241018074833.2563674-1-tabba@google.com/
>
> Fuad Tabba (15):
> KVM: arm64: Consolidate allowed and restricted VM feature checks
> KVM: arm64: Group setting traps for protected VMs by control register
> KVM: arm64: Move checking protected vcpu features to a separate
> function
> KVM: arm64: Use KVM extension checks for allowed protected VM
> capabilities
> KVM: arm64: Initialize feature id registers for protected VMs
> KVM: arm64: Set protected VM traps based on its view of feature
> registers
> KVM: arm64: Rework specifying restricted features for protected VMs
> KVM: arm64: Remove fixed_config.h header
> KVM: arm64: Remove redundant setting of HCR_EL2 trap bit
> KVM: arm64: Calculate cptr_el2 traps on activating traps
> KVM: arm64: Refactor kvm_reset_cptr_el2()
> KVM: arm64: Fix the value of the CPTR_EL2 RES1 bitmask for nVHE
> KVM: arm64: Remove PtrAuth guest vcpu flag
> KVM: arm64: Convert the SVE guest vcpu flag to a vm flag
> KVM: arm64: Renumber remaining vcpu guest configuration flags
>
> arch/arm64/include/asm/kvm_arm.h | 2 +-
> arch/arm64/include/asm/kvm_emulate.h | 23 +-
> arch/arm64/include/asm/kvm_host.h | 21 +-
> arch/arm64/include/asm/kvm_pkvm.h | 25 ++
> arch/arm64/kvm/arm.c | 30 +-
> arch/arm64/kvm/hyp/include/hyp/switch.h | 2 +-
> .../arm64/kvm/hyp/include/nvhe/fixed_config.h | 223 ----------
> arch/arm64/kvm/hyp/include/nvhe/pkvm.h | 5 +
> arch/arm64/kvm/hyp/nvhe/hyp-main.c | 2 +-
> arch/arm64/kvm/hyp/nvhe/pkvm.c | 335 +++++----------
> arch/arm64/kvm/hyp/nvhe/setup.c | 1 -
> arch/arm64/kvm/hyp/nvhe/switch.c | 56 ++-
> arch/arm64/kvm/hyp/nvhe/sys_regs.c | 402 ++++++++++--------
> arch/arm64/kvm/hyp/vhe/switch.c | 2 +-
> arch/arm64/kvm/reset.c | 6 +-
> 15 files changed, 430 insertions(+), 705 deletions(-)
> delete mode 100644 arch/arm64/kvm/hyp/include/nvhe/fixed_config.h
>
>
> base-commit: 60ad25e14ab5a4e56c8bf7f7d6846eacb9cd53df
Tested-by: James Clark <james.clark at linaro.org>
More information about the linux-arm-kernel
mailing list