[PATCH v4 33/36] KVM: arm64: Disable hierarchical permissions when POE is enabled

Marc Zyngier maz at kernel.org
Sun Oct 13 07:27:22 PDT 2024 

On Thu, 10 Oct 2024 09:08:13 +0100,
Oliver Upton <oliver.upton at linux.dev> wrote:
> 
> On Wed, Oct 09, 2024 at 08:00:16PM +0100, Marc Zyngier wrote:
> > The hierarchical permissions must be disabled when POE is enabled
> > in the translation regime used for a given table walk.
> > 
> > We store the two enable bits in the s1_walk_info structure so that
> > they can be retrieved down the line, as they will be useful.
> > 
> > Signed-off-by: Marc Zyngier <maz at kernel.org>
> > ---
> >  arch/arm64/kvm/at.c | 36 ++++++++++++++++++++++++++++++++++++
> >  1 file changed, 36 insertions(+)
> > 
> > diff --git a/arch/arm64/kvm/at.c b/arch/arm64/kvm/at.c
> > index 4921284eeedff..301399f17983f 100644
> > --- a/arch/arm64/kvm/at.c
> > +++ b/arch/arm64/kvm/at.c
> > @@ -24,6 +24,8 @@ struct s1_walk_info {
> >  	unsigned int		txsz;
> >  	int 	     		sl;
> >  	bool	     		hpd;
> > +	bool			e0poe;
> > +	bool			poe;
> >  	bool	     		be;
> >  	bool	     		s2;
> >  };
> > @@ -110,6 +112,34 @@ static bool s1pie_enabled(struct kvm_vcpu *vcpu, enum trans_regime regime)
> >  	}
> >  }
> >  
> > +static void compute_s1poe(struct kvm_vcpu *vcpu, struct s1_walk_info *wi)
> > +{
> > +	u64 val;
> > +
> > +	if (!kvm_has_feat(vcpu->kvm, ID_AA64MMFR3_EL1, S1PIE, IMP)) {
> 
> nit: kvm_has_s1pie()

Nah, that's a gold plated bug, and really should check for S1POE. I
guess I'll add a helper (kvm_has_s1poe), and use that throughout.

> 
> > +		wi->poe = wi->e0poe = false;
> > +		return;
> > +	}
> > +
> > +	switch (wi->regime) {
> > +	case TR_EL2:
> > +	case TR_EL20:
> > +		val = vcpu_read_sys_reg(vcpu, TCR2_EL2);
> > +		wi->poe = val & TCR2_EL2_POE;
> > +		wi->e0poe = val & TCR2_EL2_E0POE;
> 
> Hmm... E0POE is always false in the EL2 translation regime. The RES0
> mask does the heavy lifting here, but that only works if we force
> userspace to select an nVHE-only or VHE-only vCPU.

Which is the plan of record, but yeah, you can't work that out from
this snippet.

> It might make sense to have TR_EL2 force this to false to make it a bit
> more self-documenting, albeit not a functional issue.

Sure, I'll add a mask if that helps making sense of the whole thing.

Thanks,

	M.

-- 
Without deviation from the norm, progress is not possible.

More information about the linux-arm-kernel mailing list