Re: [PATCH v5 33/36] KVM: arm64: Wrap the host with a stage 2

From: Quentin Perret
Date: Tue Mar 16 2021 - 13:47:53 EST

Next message: Luis Chamberlain: "blktests: block/009 next-20210304 failure rate average of 1/448"
Previous message: Mathieu Poirier: "Re: [PATCH v4 07/19] arm64: Add TRBE definitions"
In reply to: Mate Toth-Pal: "Re: [PATCH v5 33/36] KVM: arm64: Wrap the host with a stage 2"
Next in thread: Mate Toth-Pal: "Re: [PATCH v5 33/36] KVM: arm64: Wrap the host with a stage 2"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tuesday 16 Mar 2021 at 16:16:18 (+0100), Mate Toth-Pal wrote:
> On 2021-03-16 15:29, Quentin Perret wrote:
> > On Tuesday 16 Mar 2021 at 12:53:53 (+0000), Quentin Perret wrote:
> > > On Tuesday 16 Mar 2021 at 13:28:42 (+0100), Mate Toth-Pal wrote:
> > > > Changing the value of MT_S2_FWB_NORMAL to 7 would change this behavior, and
> > > > the resulting memory type would be device.
> > >
> > > Sounds like the correct fix here -- see below.
> >
> > Just to clarify this, I meant this should be the configuration for the
> > host stage-2. We'll want to keep the existing behaviour for guests I
> > believe.
>
> I Agree.

OK, so the below seems to boot on my non-FWB-capable hardware and should
fix the issue. Could you by any chance give it a spin?

diff --git a/arch/arm64/include/asm/kvm_pgtable.h b/arch/arm64/include/asm/kvm_pgtable.h
index b93a2a3526ab..b2066bd03ca2 100644
--- a/arch/arm64/include/asm/kvm_pgtable.h
+++ b/arch/arm64/include/asm/kvm_pgtable.h
@@ -76,10 +76,11 @@ struct kvm_pgtable {

/**
* enum kvm_pgtable_prot - Page-table permissions and attributes.
- * @KVM_PGTABLE_PROT_X: Execute permission.
- * @KVM_PGTABLE_PROT_W: Write permission.
- * @KVM_PGTABLE_PROT_R: Read permission.
- * @KVM_PGTABLE_PROT_DEVICE: Device attributes.
+ * @KVM_PGTABLE_PROT_X: Execute permission.
+ * @KVM_PGTABLE_PROT_W: Write permission.
+ * @KVM_PGTABLE_PROT_R: Read permission.
+ * @KVM_PGTABLE_PROT_DEVICE: Device attributes.
+ * @KVM_PGTABLE_PROT_S2_NOFWB: Don't enforce Normal-WB with FWB.
*/
enum kvm_pgtable_prot {
KVM_PGTABLE_PROT_X = BIT(0),
@@ -87,6 +88,8 @@ enum kvm_pgtable_prot {
KVM_PGTABLE_PROT_R = BIT(2),

KVM_PGTABLE_PROT_DEVICE = BIT(3),
+
+ KVM_PGTABLE_PROT_S2_NOFWB = BIT(4),
};

#define PAGE_HYP (KVM_PGTABLE_PROT_R | KVM_PGTABLE_PROT_W)
diff --git a/arch/arm64/include/asm/memory.h b/arch/arm64/include/asm/memory.h
index c759faf7a1ff..e695d2e1839d 100644
--- a/arch/arm64/include/asm/memory.h
+++ b/arch/arm64/include/asm/memory.h
@@ -144,13 +144,16 @@
* Memory types for Stage-2 translation
*/
#define MT_S2_NORMAL 0xf
+#define MT_S2_WEAK MT_S2_NORMAL
#define MT_S2_DEVICE_nGnRE 0x1

/*
* Memory types for Stage-2 translation when ID_AA64MMFR2_EL1.FWB is 0001
- * Stage-2 enforces Normal-WB and Device-nGnRE
+ * Stage-2 enforces Normal-WB and Device-nGnRE by default. The 'weak' mode
+ * honors Stage-1 attributes.
*/
#define MT_S2_FWB_NORMAL 6
+#define MT_S2_FWB_WEAK 7
#define MT_S2_FWB_DEVICE_nGnRE 1

#ifdef CONFIG_ARM64_4K_PAGES
diff --git a/arch/arm64/kvm/hyp/nvhe/mem_protect.c b/arch/arm64/kvm/hyp/nvhe/mem_protect.c
index dd03252b9574..1ff72babe565 100644
--- a/arch/arm64/kvm/hyp/nvhe/mem_protect.c
+++ b/arch/arm64/kvm/hyp/nvhe/mem_protect.c
@@ -214,6 +214,8 @@ static int host_stage2_idmap(u64 addr)

if (is_memory)
prot |= KVM_PGTABLE_PROT_X;
+ else
+ prot |= KVM_PGTABLE_PROT_S2_NOFWB;

hyp_spin_lock(&host_kvm.lock);
ret = kvm_pgtable_stage2_find_range(&host_kvm.pgt, addr, prot, &range);
diff --git a/arch/arm64/kvm/hyp/pgtable.c b/arch/arm64/kvm/hyp/pgtable.c
index 3a971df278bd..bd1b8464a537 100644
--- a/arch/arm64/kvm/hyp/pgtable.c
+++ b/arch/arm64/kvm/hyp/pgtable.c
@@ -343,6 +343,9 @@ static int hyp_set_prot_attr(enum kvm_pgtable_prot prot, kvm_pte_t *ptep)
if (!(prot & KVM_PGTABLE_PROT_R))
return -EINVAL;

+ if (prot & KVM_PGTABLE_PROT_S2_NOFWB)
+ return -EINVAL;
+
if (prot & KVM_PGTABLE_PROT_X) {
if (prot & KVM_PGTABLE_PROT_W)
return -EINVAL;
@@ -510,9 +513,18 @@ u64 kvm_get_vtcr(u64 mmfr0, u64 mmfr1, u32 phys_shift)
static int stage2_set_prot_attr(enum kvm_pgtable_prot prot, kvm_pte_t *ptep)
{
bool device = prot & KVM_PGTABLE_PROT_DEVICE;
- kvm_pte_t attr = device ? PAGE_S2_MEMATTR(DEVICE_nGnRE) :
- PAGE_S2_MEMATTR(NORMAL);
+ bool nofwb = prot & KVM_PGTABLE_PROT_S2_NOFWB;
u32 sh = KVM_PTE_LEAF_ATTR_LO_S2_SH_IS;
+ kvm_pte_t attr;
+
+ WARN_ON(nofwb && device);
+
+ if (device)
+ attr = PAGE_S2_MEMATTR(DEVICE_nGnRE);
+ else if (nofwb)
+ attr = PAGE_S2_MEMATTR(WEAK);
+ else
+ attr = PAGE_S2_MEMATTR(NORMAL);

if (!(prot & KVM_PGTABLE_PROT_X))
attr |= KVM_PTE_LEAF_ATTR_HI_S2_XN;

Next message: Luis Chamberlain: "blktests: block/009 next-20210304 failure rate average of 1/448"
Previous message: Mathieu Poirier: "Re: [PATCH v4 07/19] arm64: Add TRBE definitions"
In reply to: Mate Toth-Pal: "Re: [PATCH v5 33/36] KVM: arm64: Wrap the host with a stage 2"
Next in thread: Mate Toth-Pal: "Re: [PATCH v5 33/36] KVM: arm64: Wrap the host with a stage 2"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]