[PATCH v3 0/7] arm64: hyperv: Support Virtual Trust Level Boot
From: Roman Kisel
Date: Fri Jul 26 2024 - 18:59:51 EST
This patch set enables the Hyper-V code to boot on ARM64 inside a Virtual Trust
Level. These levels are a part of the Virtual Secure Mode documented in the
Top-Level Functional Specification available at
https://learn.microsoft.com/en-us/virtualization/hyper-v-on-windows/tlfs/vsm
[V3]
- Employed the SMC recently implemented in the Microsoft Hyper-V hypervisor
to detect running on Hyper-V/arm64. No dependence on ACPI/DT is needed
anymore although the source code still falls back to ACPI as the new
hypervisor might be available only in the Windows Insiders channel just
yet.
- As a part of the above, refactored detecting the hypervisor via ACPI FADT.
- There was a suggestion to explore whether it is feasible or not to express
that ACPI must be absent for the VTL mode and present for the regular guests
in the Hyper-V Kconfig file.
My current conclusion is that this will require refactoring in many places.
That becomes especially convoluted on x86_64 due to the MSI and APIC
dependencies. I'd ask to let us tackle that in another patch series (or chalk
up to nice-have's rather than fires to put out) to separate concerns and
decrease chances of breakage.
- While refactoring `get_vtl(void)` and the related code, fixed the hypercall
output address not to overlap with the input as the Hyper-V TLFS mandates:
"The input and output parameter lists cannot overlap or cross page boundaries."
See https://learn.microsoft.com/en-us/virtualization/hyper-v-on-windows/tlfs/hypercall-interface
for more.
Some might argue that should've been a topic for a separate patch series;
I'd counter that the change is well-contained (one line), has no dependencies,
and makes the code legal.
- Made the VTL boot code (c)leaner as was suggested.
- Set DMA cache coherency for the VMBus.
- Updated DT bindings in the VMBus documentation (separated out into a new patch).
- Fixed `vmbus_set_irq` to use the API that works both for the ACPI and OF.
- Reworked setting up the vPCI MSI IRQ domain in the non-ACPI case. The logic
looks a bit fiddly/ad-hoc as I couldn't find the API that would fit the bill.
Added comments to explain myself.
[V2]
https://lore.kernel.org/all/20240514224508.212318-1-romank@xxxxxxxxxxxxxxxxxxx/
- Decreased number of #ifdef's
- Updated the wording in the commit messages to adhere to the guidlines
- Sending to the correct set of maintainers and mail lists
[V1]
https://lore.kernel.org/all/20240510160602.1311352-1-romank@xxxxxxxxxxxxxxxxxxx/
For validation, I built kernels for the arch'es in question with the small initrd
embedded into the kernel and booted the Hyper-V VMs off of that.
Roman Kisel (7):
arm64: hyperv: Use SMC to detect hypervisor presence
Drivers: hv: Enable VTL mode for arm64
Drivers: hv: Provide arch-neutral implementation of get_vtl()
arm64: hyperv: Boot in a Virtual Trust Level
dt-bindings: bus: Add Hyper-V VMBus cache coherency and IRQs
Drivers: hv: vmbus: Get the IRQ number from DT
PCI: hv: Get vPCI MSI IRQ domain from DT
.../bindings/bus/microsoft,vmbus.yaml | 11 +++
arch/arm64/hyperv/Makefile | 1 +
arch/arm64/hyperv/hv_vtl.c | 13 ++++
arch/arm64/hyperv/mshyperv.c | 40 +++++++++--
arch/arm64/include/asm/mshyperv.h | 12 ++++
arch/x86/hyperv/hv_init.c | 34 ---------
arch/x86/include/asm/hyperv-tlfs.h | 7 --
drivers/hv/Kconfig | 6 +-
drivers/hv/hv_common.c | 47 +++++++++++-
drivers/hv/vmbus_drv.c | 72 ++++++++++++++++---
drivers/pci/controller/pci-hyperv.c | 55 +++++++++++++-
include/asm-generic/hyperv-tlfs.h | 7 ++
include/asm-generic/mshyperv.h | 6 ++
include/linux/hyperv.h | 2 +
14 files changed, 251 insertions(+), 62 deletions(-)
create mode 100644 arch/arm64/hyperv/hv_vtl.c
base-commit: 831bcbcead6668ebf20b64fdb27518f1362ace3a
--
2.34.1