Received: by 2002:ac0:a679:0:0:0:0:0 with SMTP id p54csp617785imp; Thu, 21 Feb 2019 07:54:51 -0800 (PST) X-Google-Smtp-Source: AHgI3IZSdafWRu1zXVe8ymVFvkosP73pVGihZ9EylGz0yCTE8dvMT1pXp7TIquM15YTlZvGSRw4z X-Received: by 2002:a17:902:9683:: with SMTP id n3mr43965367plp.333.1550764491714; Thu, 21 Feb 2019 07:54:51 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1550764491; cv=none; d=google.com; s=arc-20160816; b=xGFmP+o6Or4My1Fp59/xdGLM6pQl/B4iAaFT68NYEeY4AmZlLXh1fhnc4bFFTu+kAy 3cLeFBPibX4ZESyStv8NvmziBekn2VK8xGhUeIy8XHYQCzrDH6V6RYYrOicMCZUbHvPO IRXq+lBCggrLg2UxAD0aKbWuM8lPTjL0TJtDlpW5LdN7+NEWngWgZCi7FmLpWU+rB3It qSZw9kg+6X+We4fSVzs0piwZ/d9E7P8FXertU5oeQLrOiQcT5TQeWjL3hkMOZXWCPUL3 MOf4DQPtrz1uJzXdfLe7Bd4Ugx+SEal8lvbByFVBNYROYRBzDDOQX7jjCYtLy9/ib4Mg 8upw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=UBX6LQoJUwaYRMB7KBM78/K17OYANGwWF9CDYV+6wZA=; b=qFCjJRQzGtU3qPVggEO0DD5rBVFVpuBLUthGIhYmvdxsCM8FZF4MZG19Jpx5qitUWQ 7Hi+n79fM+hUadHSF+oS1FV4qJ7iI+QPKj0966u8Mdo8H6fVPQqX5j4VtTcumZTPRk9n Wi3YtsklJ/RvXQe1x+ZWQJXQiYOt1OiHU7Nz1HB67byv6y2aEqv8C0Z6nxKd+GOcsVDX UaWqJzAg6PgJHlhK2jBdOaco4ab1JGc3RFnQ4UqDkYZXhd66z42aTPkWZ213udfhnpUn nc4xRTP4H342b2pktz+/20rnovyFTdyfqe/3Hsl1WpoQrgd109FjwRcqWcSkpNRuHzTF ry7w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k62si21312476pfc.208.2019.02.21.07.54.36; Thu, 21 Feb 2019 07:54:51 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728614AbfBUPyO (ORCPT + 99 others); Thu, 21 Feb 2019 10:54:14 -0500 Received: from usa-sjc-mx-foss1.foss.arm.com ([217.140.101.70]:46896 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728224AbfBUPyO (ORCPT ); Thu, 21 Feb 2019 10:54:14 -0500 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id B33D1A78; Thu, 21 Feb 2019 07:54:13 -0800 (PST) Received: from e103592.cambridge.arm.com (usa-sjc-imap-foss1.foss.arm.com [10.72.51.249]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id C4ED53F5C1; Thu, 21 Feb 2019 07:54:11 -0800 (PST) Date: Thu, 21 Feb 2019 15:54:09 +0000 From: Dave Martin To: Amit Daniel Kachhap Cc: linux-arm-kernel@lists.infradead.org, Marc Zyngier , Catalin Marinas , Will Deacon , Kristina Martsenko , kvmarm@lists.cs.columbia.edu, Ramana Radhakrishnan , linux-kernel@vger.kernel.org Subject: Re: [kvmtool PATCH v6 6/6] arm/kvm: arm64: Add a vcpu feature for pointer authentication Message-ID: <20190221155409.GA3567@e103592.cambridge.arm.com> References: <1550568271-5319-1-git-send-email-amit.kachhap@arm.com> <1550568271-5319-7-git-send-email-amit.kachhap@arm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1550568271-5319-7-git-send-email-amit.kachhap@arm.com> User-Agent: Mutt/1.5.23 (2014-03-12) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Feb 19, 2019 at 02:54:31PM +0530, Amit Daniel Kachhap wrote: > This is a runtime capabality for KVM tool to enable Armv8.3 Pointer > Authentication in guest kernel. A command line option --ptrauth is > required for this. > > Signed-off-by: Amit Daniel Kachhap > --- > arm/aarch32/include/kvm/kvm-cpu-arch.h | 1 + > arm/aarch64/include/asm/kvm.h | 1 + > arm/aarch64/include/kvm/kvm-config-arch.h | 4 +++- > arm/aarch64/include/kvm/kvm-cpu-arch.h | 1 + > arm/include/arm-common/kvm-config-arch.h | 1 + > arm/kvm-cpu.c | 6 ++++++ > include/linux/kvm.h | 1 + > 7 files changed, 14 insertions(+), 1 deletion(-) > > diff --git a/arm/aarch32/include/kvm/kvm-cpu-arch.h b/arm/aarch32/include/kvm/kvm-cpu-arch.h > index d28ea67..520ea76 100644 > --- a/arm/aarch32/include/kvm/kvm-cpu-arch.h > +++ b/arm/aarch32/include/kvm/kvm-cpu-arch.h > @@ -13,4 +13,5 @@ > #define ARM_CPU_ID 0, 0, 0 > #define ARM_CPU_ID_MPIDR 5 > > +#define ARM_VCPU_PTRAUTH_FEATURE 0 > #endif /* KVM__KVM_CPU_ARCH_H */ > diff --git a/arm/aarch64/include/asm/kvm.h b/arm/aarch64/include/asm/kvm.h > index 97c3478..1068fd1 100644 > --- a/arm/aarch64/include/asm/kvm.h > +++ b/arm/aarch64/include/asm/kvm.h > @@ -102,6 +102,7 @@ struct kvm_regs { > #define KVM_ARM_VCPU_EL1_32BIT 1 /* CPU running a 32bit VM */ > #define KVM_ARM_VCPU_PSCI_0_2 2 /* CPU uses PSCI v0.2 */ > #define KVM_ARM_VCPU_PMU_V3 3 /* Support guest PMUv3 */ > +#define KVM_ARM_VCPU_PTRAUTH 4 /* CPU uses pointer authentication */ > > struct kvm_vcpu_init { > __u32 target; > diff --git a/arm/aarch64/include/kvm/kvm-config-arch.h b/arm/aarch64/include/kvm/kvm-config-arch.h > index 04be43d..2074684 100644 > --- a/arm/aarch64/include/kvm/kvm-config-arch.h > +++ b/arm/aarch64/include/kvm/kvm-config-arch.h > @@ -8,7 +8,9 @@ > "Create PMUv3 device"), \ > OPT_U64('\0', "kaslr-seed", &(cfg)->kaslr_seed, \ > "Specify random seed for Kernel Address Space " \ > - "Layout Randomization (KASLR)"), > + "Layout Randomization (KASLR)"), \ > + OPT_BOOLEAN('\0', "ptrauth", &(cfg)->has_ptrauth, \ > + "Enable address authentication"), Nit: doesn't this enable address *and* generic authentication? The discussion on what capababilities and enables the ABI exposes probably needs to conclude before we can finalise this here. However, I would recommend that we provide a single option here that turns both address authentication and generic authentication on, even if the ABI treats them independently. This is expected to be the common case by far. We can always add more fine-grained options later if it turns out to be necessary. > #include "arm-common/kvm-config-arch.h" > > diff --git a/arm/aarch64/include/kvm/kvm-cpu-arch.h b/arm/aarch64/include/kvm/kvm-cpu-arch.h > index a9d8563..496ece8 100644 > --- a/arm/aarch64/include/kvm/kvm-cpu-arch.h > +++ b/arm/aarch64/include/kvm/kvm-cpu-arch.h > @@ -17,4 +17,5 @@ > #define ARM_CPU_CTRL 3, 0, 1, 0 > #define ARM_CPU_CTRL_SCTLR_EL1 0 > > +#define ARM_VCPU_PTRAUTH_FEATURE (1UL << KVM_ARM_VCPU_PTRAUTH) > #endif /* KVM__KVM_CPU_ARCH_H */ > diff --git a/arm/include/arm-common/kvm-config-arch.h b/arm/include/arm-common/kvm-config-arch.h > index 5734c46..5badcbd 100644 > --- a/arm/include/arm-common/kvm-config-arch.h > +++ b/arm/include/arm-common/kvm-config-arch.h > @@ -10,6 +10,7 @@ struct kvm_config_arch { > bool aarch32_guest; > bool has_pmuv3; > u64 kaslr_seed; > + bool has_ptrauth; > enum irqchip_type irqchip; > u64 fw_addr; > }; > diff --git a/arm/kvm-cpu.c b/arm/kvm-cpu.c > index 7780251..4ac80f8 100644 > --- a/arm/kvm-cpu.c > +++ b/arm/kvm-cpu.c > @@ -68,6 +68,12 @@ struct kvm_cpu *kvm_cpu__arch_init(struct kvm *kvm, unsigned long cpu_id) > vcpu_init.features[0] |= (1UL << KVM_ARM_VCPU_PSCI_0_2); > } > > + /* Set KVM_ARM_VCPU_PTRAUTH if available */ > + if (kvm__supports_extension(kvm, KVM_CAP_ARM_PTRAUTH)) { > + if (kvm->cfg.arch.has_ptrauth) > + vcpu_init.features[0] |= ARM_VCPU_PTRAUTH_FEATURE; > + } > + I'm not too keen on requiring a dummy #define for AArch32 here. How do we handle other subarch-specific feature flags? Is there something we can reuse? (For SVE I didn''t have a proper solution for this yet: my kvmtool patches are still a dirty hack...) [...] Cheers ---Dave