[PATCH 5/5] arm64: KVM: vgic-v2: Enable GICV access from HYP if access from guest is unsafe

Christoffer Dall christoffer.dall at linaro.org
Thu Sep 1 06:30:55 PDT 2016 

On Fri, Aug 19, 2016 at 01:38:15PM +0100, Marc Zyngier wrote:
> So far, we've been disabling KVM on systems where the GICV region couldn't
> be safely given to a guest. Now that we're able to handle this access
> safely by emulating it in HYP, we can enable this feature when we detect
> an unsafe configuration.
> 
> Signed-off-by: Marc Zyngier <marc.zyngier at arm.com>
> ---
>  virt/kvm/arm/vgic/vgic-v2.c | 69 +++++++++++++++++++++++++++------------------
>  1 file changed, 42 insertions(+), 27 deletions(-)
> 
> diff --git a/virt/kvm/arm/vgic/vgic-v2.c b/virt/kvm/arm/vgic/vgic-v2.c
> index b8da901..d1dcfc76 100644
> --- a/virt/kvm/arm/vgic/vgic-v2.c
> +++ b/virt/kvm/arm/vgic/vgic-v2.c
> @@ -278,12 +278,14 @@ int vgic_v2_map_resources(struct kvm *kvm)
>  		goto out;
>  	}
>  
> -	ret = kvm_phys_addr_ioremap(kvm, dist->vgic_cpu_base,
> -				    kvm_vgic_global_state.vcpu_base,
> -				    KVM_VGIC_V2_CPU_SIZE, true);
> -	if (ret) {
> -		kvm_err("Unable to remap VGIC CPU to VCPU\n");
> -		goto out;
> +	if (!static_branch_unlikely(&vgic_v2_cpuif_trap)) {
> +		ret = kvm_phys_addr_ioremap(kvm, dist->vgic_cpu_base,
> +					    kvm_vgic_global_state.vcpu_base,
> +					    KVM_VGIC_V2_CPU_SIZE, true);
> +		if (ret) {
> +			kvm_err("Unable to remap VGIC CPU to VCPU\n");
> +			goto out;
> +		}
>  	}
>  
>  	dist->ready = true;
> @@ -312,45 +314,51 @@ int vgic_v2_probe(const struct gic_kvm_info *info)
>  		return -ENXIO;
>  	}
>  
> -	if (!PAGE_ALIGNED(info->vcpu.start)) {
> -		kvm_err("GICV physical address 0x%llx not page aligned\n",
> -			(unsigned long long)info->vcpu.start);
> -		return -ENXIO;
> -	}
> +	if (!PAGE_ALIGNED(info->vcpu.start) ||
> +	    !PAGE_ALIGNED(resource_size(&info->vcpu))) {
> +		kvm_info("GICV region size/alignement is unsafe, using trapping\n");
> +		kvm_vgic_global_state.vcpu_base_va = ioremap(info->vcpu.start,
> +							     resource_size(&info->vcpu));
> +		if (!kvm_vgic_global_state.vcpu_base_va) {
> +			kvm_err("Cannot ioremap GICV\n");
> +			return -ENOMEM;
> +		}
>  
> -	if (!PAGE_ALIGNED(resource_size(&info->vcpu))) {
> -		kvm_err("GICV size 0x%llx not a multiple of page size 0x%lx\n",
> -			(unsigned long long)resource_size(&info->vcpu),
> -			PAGE_SIZE);
> -		return -ENXIO;
> +		ret = create_hyp_io_mappings(kvm_vgic_global_state.vcpu_base_va,
> +					     kvm_vgic_global_state.vcpu_base_va + resource_size(&info->vcpu),
> +					     info->vcpu.start);
> +		if (ret) {
> +			kvm_err("Cannot map GICV into hyp\n");
> +			goto out;
> +		}
> +
> +		static_branch_enable(&vgic_v2_cpuif_trap);
>  	}
>  
>  	kvm_vgic_global_state.vctrl_base = ioremap(info->vctrl.start,
>  						   resource_size(&info->vctrl));
>  	if (!kvm_vgic_global_state.vctrl_base) {
>  		kvm_err("Cannot ioremap GICH\n");
> -		return -ENOMEM;
> +		ret = -ENOMEM;
> +		goto out;
>  	}
>  
>  	vtr = readl_relaxed(kvm_vgic_global_state.vctrl_base + GICH_VTR);
>  	kvm_vgic_global_state.nr_lr = (vtr & 0x3f) + 1;
>  
> -	ret = kvm_register_vgic_device(KVM_DEV_TYPE_ARM_VGIC_V2);
> -	if (ret) {
> -		kvm_err("Cannot register GICv2 KVM device\n");
> -		iounmap(kvm_vgic_global_state.vctrl_base);
> -		return ret;
> -	}
> -
>  	ret = create_hyp_io_mappings(kvm_vgic_global_state.vctrl_base,
>  				     kvm_vgic_global_state.vctrl_base +
>  					 resource_size(&info->vctrl),
>  				     info->vctrl.start);
>  	if (ret) {
>  		kvm_err("Cannot map VCTRL into hyp\n");
> -		kvm_unregister_device_ops(KVM_DEV_TYPE_ARM_VGIC_V2);
> -		iounmap(kvm_vgic_global_state.vctrl_base);
> -		return ret;
> +		goto out;
> +	}
> +
> +	ret = kvm_register_vgic_device(KVM_DEV_TYPE_ARM_VGIC_V2);
> +	if (ret) {
> +		kvm_err("Cannot register GICv2 KVM device\n");
> +		goto out;
>  	}
>  
>  	kvm_vgic_global_state.can_emulate_gicv2 = true;
> @@ -361,4 +369,11 @@ int vgic_v2_probe(const struct gic_kvm_info *info)
>  	kvm_info("vgic-v2@%llx\n", info->vctrl.start);
>  
>  	return 0;
> +out:
> +	if (kvm_vgic_global_state.vctrl_base)
> +		iounmap(kvm_vgic_global_state.vctrl_base);
> +	if (kvm_vgic_global_state.vcpu_base_va)
> +		iounmap(kvm_vgic_global_state.vcpu_base_va);
> +
> +	return ret;
>  }
> -- 
> 2.1.4

With the spelling fix from Peter, and the slightly more alarming message
(shouldn't this be a kvm_warn("...using trapping") as well?) then:

Reviewed-by: Christoffer Dall <christoffer.dall at linaro.org>

More information about the linux-arm-kernel mailing list