Re: [PATCH v5 07/19] arm64: rsi: Add support for checking whether an MMIO is protected

From: Gavin Shan
Date: Mon Sep 09 2024 - 23:51:41 EST

Next message: Edward Adam Davis: "Re: [syzbot] [mptcp?] KASAN: slab-use-after-free Read in __timer_delete_sync"
Previous message: Yan Zhen: "[PATCH v1] bcachefs: fix typo in the comment"
In reply to: Steven Price: "Re: [PATCH v5 07/19] arm64: rsi: Add support for checking whether an MMIO is protected"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 8/19/24 11:19 PM, Steven Price wrote:

From: Suzuki K Poulose <suzuki.poulose@xxxxxxx>

On Arm CCA, with RMM-v1.0, all MMIO regions are shared. However, in
the future, an Arm CCA-v1.0 compliant guest may be run in a lesser
privileged partition in the Realm World (with Arm CCA-v1.1 Planes
feature). In this case, some of the MMIO regions may be emulated
by a higher privileged component in the Realm world, i.e, protected.

Thus the guest must decide today, whether a given MMIO region is shared
vs Protected and create the stage1 mapping accordingly. On Arm CCA, this
detection is based on the "IPA State" (RIPAS == RIPAS_IO). Provide a
helper to run this check on a given range of MMIO.

Also, provide a arm64 helper which may be hooked in by other solutions.

Signed-off-by: Suzuki K Poulose <suzuki.poulose@xxxxxxx>
Signed-off-by: Steven Price <steven.price@xxxxxxx>
---
New patch for v5
---
arch/arm64/include/asm/io.h | 8 ++++++++
arch/arm64/include/asm/rsi.h | 3 +++
arch/arm64/include/asm/rsi_cmds.h | 21 +++++++++++++++++++++
arch/arm64/kernel/rsi.c | 26 ++++++++++++++++++++++++++
4 files changed, 58 insertions(+)

diff --git a/arch/arm64/include/asm/io.h b/arch/arm64/include/asm/io.h
index 1ada23a6ec19..a6c551c5e44e 100644
--- a/arch/arm64/include/asm/io.h
+++ b/arch/arm64/include/asm/io.h
@@ -17,6 +17,7 @@
#include <asm/early_ioremap.h>
#include <asm/alternative.h>
#include <asm/cpufeature.h>
+#include <asm/rsi.h>
/*
* Generic IO read/write. These perform native-endian accesses.
@@ -318,4 +319,11 @@ extern bool arch_memremap_can_ram_remap(resource_size_t offset, size_t size,
unsigned long flags);
#define arch_memremap_can_ram_remap arch_memremap_can_ram_remap
+static inline bool arm64_is_iomem_private(phys_addr_t phys_addr, size_t size)
+{
+ if (unlikely(is_realm_world()))
+ return arm64_rsi_is_protected_mmio(phys_addr, size);
+ return false;
+}
+

I guess it might be better to unify the function names here. The name of
arm64_is_iomem_private() indicates the IO region is private, while the
name of arm64_rsi_is_protected_mmio() indicates the IO region is protected.
I think it would be nice to rename arm64_is_iomem_private() arm64_is_protected_iomem(),
or rename arm64_rsi_is_protected_mmio() to arm64_rsi_is_private_iomem().

Thanks,
Gavin

Next message: Edward Adam Davis: "Re: [syzbot] [mptcp?] KASAN: slab-use-after-free Read in __timer_delete_sync"
Previous message: Yan Zhen: "[PATCH v1] bcachefs: fix typo in the comment"
In reply to: Steven Price: "Re: [PATCH v5 07/19] arm64: rsi: Add support for checking whether an MMIO is protected"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]