Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp1503618pxu; Fri, 27 Nov 2020 08:38:44 -0800 (PST) X-Google-Smtp-Source: ABdhPJxBUy+ML0kXE6RBMU7wizLi/RKJkkTD9ZlFhMFQxl3XHLlFXPW7XTADs7nUhoD+F8ayS4BG X-Received: by 2002:a50:f0dc:: with SMTP id a28mr8875976edm.291.1606495124188; Fri, 27 Nov 2020 08:38:44 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1606495124; cv=none; d=google.com; s=arc-20160816; b=rYGJ8uj1Qqc4fHf4Qr8XwMuhGmsINGBiwFWhwp0SCeofs/HBveWV0lSHmepq2l3Dni t2VonbEkz/z0nMOKo+AoqMXDI9vXs1FNVnsVuW152l2O6Xul101keHuK2nwaFR2yl3wU TDHWrjcVn0VLPOxQa5kA/Hf5EsUHjngjBAf8dLP2vQoUEvgPiVK/+vgYWJJrfba0LIrx y2z56HdO5aSLJPq28NTOvcWYATgsGSm7X65iAgt9ojrnxEmvL3VBNPpYzMTDOVXF1Mq4 Iom+LGDq4Dtzpvhp8pdBQ/Njw6902bEh0KtvOaKr/OX/4bQhSDHu+B4VB89kI6OUo0PG bThw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=8UkLTqyQ4fUXJzPWUtipH7Ce8IN/FChV4m8Ebi+HUBQ=; b=i+/fZcJKObxmDW4FhYw5KqesRlfQlhFwSjKa6XBpPMc28DbZ6bTA5PgJqIBRHDrfaU Gy/6sB8ifNqcMVc5wVJaS2zvimUVxlLB449YiHDvupnipWc8obmXhZq4ZyP60zTheI1E mRjCgtf1h5PMn5EnhDxc81VxPNFDgX3GXOTJCrXvJld8YiTcw9GOuuHxTtp4YLRPpE/u n7ufFjdQAjREzd2Ino7wO9yUZa1CFIlL3ykO5atMq62j3DkdwhHh0zUk+8uHCKa3K7jl AmzTBRvI5W8zmOo1GFH6WwXk89zPVzhQTycMT/IsKXzZOCVzD7vBCQYsq0srAo7/2PBg 0I4A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id f8si5577962edc.529.2020.11.27.08.38.20; Fri, 27 Nov 2020 08:38:44 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731484AbgK0QdF (ORCPT + 99 others); Fri, 27 Nov 2020 11:33:05 -0500 Received: from foss.arm.com ([217.140.110.172]:45924 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730603AbgK0QdE (ORCPT ); Fri, 27 Nov 2020 11:33:04 -0500 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id DB72C1516; Fri, 27 Nov 2020 08:33:03 -0800 (PST) Received: from bogus (unknown [10.57.59.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 373573F71F; Fri, 27 Nov 2020 08:33:00 -0800 (PST) Date: Fri, 27 Nov 2020 16:32:54 +0000 From: Sudeep Holla To: David Brazdil Cc: kvmarm@lists.cs.columbia.edu, Jonathan Corbet , Catalin Marinas , Will Deacon , Marc Zyngier , James Morse , Julien Thierry , Suzuki K Poulose , Dennis Zhou , Tejun Heo , Christoph Lameter , Mark Rutland , Lorenzo Pieralisi , linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kernel-team@android.com Subject: Re: [PATCH v3 06/23] kvm: arm64: Add kvm-arm.protected early kernel parameter Message-ID: <20201127163254.zxdrszlveaxhluwn@bogus> References: <20201126155421.14901-1-dbrazdil@google.com> <20201126155421.14901-7-dbrazdil@google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20201126155421.14901-7-dbrazdil@google.com> User-Agent: NeoMutt/20171215 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Nov 26, 2020 at 03:54:04PM +0000, David Brazdil wrote: > Add an early parameter that allows users to opt into protected KVM mode > when using the nVHE hypervisor. In this mode, guest state will be kept > private from the host. This will primarily involve enabling stage-2 > address translation for the host, restricting DMA to host memory, and > filtering host SMCs. > > Capability ARM64_PROTECTED_KVM is set if the param is passed, CONFIG_KVM > is enabled and the kernel was not booted with VHE. > > Signed-off-by: David Brazdil > --- > .../admin-guide/kernel-parameters.txt | 5 ++++ > arch/arm64/include/asm/cpucaps.h | 3 +- > arch/arm64/include/asm/virt.h | 8 +++++ > arch/arm64/kernel/cpufeature.c | 29 +++++++++++++++++++ > arch/arm64/kvm/arm.c | 4 ++- > 5 files changed, 47 insertions(+), 2 deletions(-) > > diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt > index 526d65d8573a..06c89975c29c 100644 > --- a/Documentation/admin-guide/kernel-parameters.txt > +++ b/Documentation/admin-guide/kernel-parameters.txt > @@ -2259,6 +2259,11 @@ > for all guests. > Default is 1 (enabled) if in 64-bit or 32-bit PAE mode. > > + kvm-arm.protected= > + [KVM,ARM] Allow spawning protected guests whose state > + is kept private from the host. Only valid for non-VHE. > + Default is 0 (disabled). > + Sorry for being pedantic. Can we reword this to say valid for !CONFIG_ARM64_VHE ? I read this as valid only for non-VHE hardware, it may be just me, but if you agree please update so that it doesn't give remote idea that it is not valid on VHE enabled hardware. I was trying to run this on the hardware and was trying to understand the details on how to do that. -- Regards, Sudeep