Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp644835pxu; Thu, 26 Nov 2020 08:00:32 -0800 (PST) X-Google-Smtp-Source: ABdhPJzdaX5BpJ8It4ttKvJx2z/xOHj7jdmANQRcY6t8fl4Xp8k1EcKouTZJXncpSiPvgWG4tbBW X-Received: by 2002:a17:906:fcc2:: with SMTP id qx2mr3262696ejb.549.1606406430483; Thu, 26 Nov 2020 08:00:30 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1606406430; cv=none; d=google.com; s=arc-20160816; b=qVCcuuB254RbYSPeZgNt9mg6eQg6AXSAGh3n7tH/wpRw0AdwXu7MxNqKDc6GQomQ7k HpyFdDMUWvLotcHUq0+cFXt+zBso/5FDNIL6FuKBLmONHjZZrlydlUyUn7VoQ2WRJ7WH uiZgIhLMLar5j6H3ni0THVxj64P2yEYfT+ZX+iATr0qPq6y13GRnVYHP6UOUCw8dRTHM yCJCll9mwa+w5KunFneLFE4ZxgbVUMHp9LXLDOxPL5lTVEG0BVTj2Be7tPZATpe5y/6D LNXCPIabVPqrc5KvvMSe37kX4WFWTb/tGM6+cpUTla/fc4SKEwy3ud7rfCfxV12/nyqG u0sA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=aOLJOeUdUyn9Tp5EB3J9cYHwXErbIHpd/Aan89z6ZHs=; b=pv0+HvQRlVCUrn8buhpTIgn21aRT2F5dCQ16NxmXyV8aR/Nj7vL4TB2jdktwpqxmA9 Vr+ejV3RPBK9A0Brz27rmT1pudmjc9TwTIlW3Ah8sCyQDv7bXQIgC8RoWA0FkpiUnvOY AYjIramQPLhVQnsou8Xf/8zuV5AQVxymZMoUp77DesX/X8cuKjc3m9KAfguMo2T0B7sa 4P5qRPdpuCmszgTtI9ne2I5QSWn0HZkxZuxTKGEA6Czk0lECydVvtK37iGi+J/sjOBME EuHqtjeWamv9ihTzs4QbUv3/37aC541TZ7k+Wjl4A3KaKMZDy4bALBCeac7BplYISVrK a6Ug== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b="QM/rbtXw"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id u14si3365091eds.372.2020.11.26.08.00.07; Thu, 26 Nov 2020 08:00:30 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b="QM/rbtXw"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2403888AbgKZPzU (ORCPT + 99 others); Thu, 26 Nov 2020 10:55:20 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51292 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2403866AbgKZPzU (ORCPT ); Thu, 26 Nov 2020 10:55:20 -0500 Received: from mail-wm1-x343.google.com (mail-wm1-x343.google.com [IPv6:2a00:1450:4864:20::343]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B67B9C0613D4 for ; Thu, 26 Nov 2020 07:55:19 -0800 (PST) Received: by mail-wm1-x343.google.com with SMTP id a65so2874855wme.1 for ; Thu, 26 Nov 2020 07:55:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=aOLJOeUdUyn9Tp5EB3J9cYHwXErbIHpd/Aan89z6ZHs=; b=QM/rbtXwOgu6dblgPCWfx4ngm1/thgvoQ0YW4L2bPmt43izjfGp+feFlrQOkpQS9Om 6IyiMWQDM9+9UTy3hB+J5mL08+VjIOU0v7HHn2JQNnWZfWWWlGmxzXwQJ5YeUMP4URzL 1QtnGLr7B86YDgrOowd0eJ/ZlG7g90/JdTPeSBg4Np5jEsxeOF3riX5Aj+ZJnFB1nucH eGRGKeHAcqx9n6NEDtpKYSogxV+eRc23vpbWc9NRm5ShbBf3SY7zuFqqGKiDs+I9VeCG lbM65gvfMyzKPRVDcbtqP39F0X2J1baGFNxxaE1G/RusVZXby+KoCinFSOxt/dKolC8/ f6PQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=aOLJOeUdUyn9Tp5EB3J9cYHwXErbIHpd/Aan89z6ZHs=; b=ZS6wdQQNtB1gyMw3puKlOTEN8b5+j+Sxs2MGSP8MmQRoKraK0dTInwoicK+cFDKlxP sHHUI+waNDKrp4lGj4yFNfvhmdnkM5BeYo6otcE0gLAzALh1NKWJVnS19CSDTebslRSC Jvf0GmeXZXuM4QkXKrGT/mHExcxHGF39MMoHSYZm4IZedqBBz/JRhZdJ3Rvn/zxdHIIa toT27moySIK0+bCRlpDzWJPw7cpqg/7FkR7zPumWE6lmalHsW4g+aFw/1OZTKysor4rY yXdLgE/uOU7RHzjN5KECAD/e4c3GSWNj/ak+T+A3N8BJMv8yRLC87hz+QA264c8+Wgt0 pNWQ== X-Gm-Message-State: AOAM532Te2huyeuk5pEwQ8MDHwIJCeZIDC0401LLNJT/vapJ5UQ7QPTV SqxmZHfOnAfdxzo/dbInBSnaGQ== X-Received: by 2002:a1c:bd08:: with SMTP id n8mr4124459wmf.136.1606406116246; Thu, 26 Nov 2020 07:55:16 -0800 (PST) Received: from localhost ([2a01:4b00:8523:2d03:f008:704d:8d4b:9951]) by smtp.gmail.com with ESMTPSA id j4sm9290305wrn.83.2020.11.26.07.55.14 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 26 Nov 2020 07:55:15 -0800 (PST) From: David Brazdil To: kvmarm@lists.cs.columbia.edu Cc: Jonathan Corbet , Catalin Marinas , Will Deacon , Marc Zyngier , James Morse , Julien Thierry , Suzuki K Poulose , Dennis Zhou , Tejun Heo , Christoph Lameter , Mark Rutland , Lorenzo Pieralisi , Sudeep Holla , linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kernel-team@android.com, David Brazdil Subject: [PATCH v3 23/23] kvm: arm64: Fix EL2 mode availability checks Date: Thu, 26 Nov 2020 15:54:21 +0000 Message-Id: <20201126155421.14901-24-dbrazdil@google.com> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20201126155421.14901-1-dbrazdil@google.com> References: <20201126155421.14901-1-dbrazdil@google.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org With protected nVHE hyp code interception host's PSCI CPU_ON/SUSPEND SMCs, the host starts seeing new CPUs boot in EL1 instead of EL2. The kernel logic that keeps track of the boot mode needs to be adjusted. Add a static key enabled if KVM protected nVHE initialization is successful. When the key is enabled, is_hyp_mode_available continues to report `true` because its users either treat it as a check whether KVM will be / was initialized, or whether stub HVCs can be made (eg. hibernate). is_hyp_mode_mismatched is changed to report `false` when the key is enabled. That's because all cores' modes matched at the point of KVM init and KVM will not allow cores not present at init to boot. That said, the function is never used after KVM is initialized. Signed-off-by: David Brazdil --- arch/arm64/include/asm/virt.h | 18 ++++++++++++++++++ arch/arm64/kvm/arm.c | 10 +++++++--- 2 files changed, 25 insertions(+), 3 deletions(-) diff --git a/arch/arm64/include/asm/virt.h b/arch/arm64/include/asm/virt.h index 2fde1186b962..f7cf3f0e5297 100644 --- a/arch/arm64/include/asm/virt.h +++ b/arch/arm64/include/asm/virt.h @@ -65,9 +65,19 @@ extern u32 __boot_cpu_mode[2]; void __hyp_set_vectors(phys_addr_t phys_vector_base); void __hyp_reset_vectors(void); +DECLARE_STATIC_KEY_FALSE(kvm_protected_mode_initialized); + /* Reports the availability of HYP mode */ static inline bool is_hyp_mode_available(void) { + /* + * If KVM protected mode is initialized, all CPUs must have been booted + * in EL2. Avoid checking __boot_cpu_mode as CPUs now come up in EL1. + */ + if (IS_ENABLED(CONFIG_KVM) && + static_branch_likely(&kvm_protected_mode_initialized)) + return true; + return (__boot_cpu_mode[0] == BOOT_CPU_MODE_EL2 && __boot_cpu_mode[1] == BOOT_CPU_MODE_EL2); } @@ -75,6 +85,14 @@ static inline bool is_hyp_mode_available(void) /* Check if the bootloader has booted CPUs in different modes */ static inline bool is_hyp_mode_mismatched(void) { + /* + * If KVM protected mode is initialized, all CPUs must have been booted + * in EL2. Avoid checking __boot_cpu_mode as CPUs now come up in EL1. + */ + if (IS_ENABLED(CONFIG_KVM) && + static_branch_likely(&kvm_protected_mode_initialized)) + return false; + return __boot_cpu_mode[0] != __boot_cpu_mode[1]; } diff --git a/arch/arm64/kvm/arm.c b/arch/arm64/kvm/arm.c index 6ec8ddf74643..b153c08e50fa 100644 --- a/arch/arm64/kvm/arm.c +++ b/arch/arm64/kvm/arm.c @@ -46,6 +46,8 @@ __asm__(".arch_extension virt"); #endif +DEFINE_STATIC_KEY_FALSE(kvm_protected_mode_initialized); + DECLARE_KVM_HYP_PER_CPU(unsigned long, kvm_hyp_vector); static DEFINE_PER_CPU(unsigned long, kvm_arm_hyp_stack_page); @@ -1877,12 +1879,14 @@ int kvm_arch_init(void *opaque) if (err) goto out_hyp; - if (is_protected_kvm_enabled()) + if (is_protected_kvm_enabled()) { + static_branch_enable(&kvm_protected_mode_initialized); kvm_info("Protected nVHE mode initialized successfully\n"); - else if (in_hyp_mode) + } else if (in_hyp_mode) { kvm_info("VHE mode initialized successfully\n"); - else + } else { kvm_info("Hyp mode initialized successfully\n"); + } return 0; -- 2.29.2.454.gaff20da3a2-goog