Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp55757pxb; Fri, 15 Jan 2021 07:31:10 -0800 (PST) X-Google-Smtp-Source: ABdhPJxGxRMacxmB94bXraZisSnjeBEuuXv0w/7FRiwYXEgU5QVx5a6gJ1dfx6dLaeGGaomxqR63 X-Received: by 2002:a50:c209:: with SMTP id n9mr10096396edf.123.1610724670155; Fri, 15 Jan 2021 07:31:10 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1610724670; cv=none; d=google.com; s=arc-20160816; b=0mo4ixbGYpf7WQc5ep/9H41RBCL2MdYUyGuLrGAp9qsda5buWJuDMYkArePEmzPfbE OvEvGR7lBDzG7aJbXQRNOE9oKHO+lrI+U4bksvvJ4DdhWNasfVukd8pzGQLVWhpYNXJ8 m2CFUW1ay1AStIihL+97ldOVslcr3AQfaqAOejoLoi4lGU5FWA+CAD3mcuXNAED1TqFB L4HtTj232mPRz72u1HDGyAfVOjbH0GIIgAa6WdTR2EJk+8Gj8KVMv8m0BAP2GlFJ1jXD 5lP0s6KkRlbW8Cb1gobhshHBOGoMVu2J1SRuj63vBlPrHSi9Lir+tDp3nSDjEG3qXRT7 MikQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=r4mopuIYdgY29/mJOiyglh2LMl/cgdw0glhjiP5Lulk=; b=q1Bs6OAkHd+A08zm7KYpBdgSybcSsajO21sK4nkRssTHIJJLnMK3zJeVfeem53kt2A J9cEcJo2bBw0aq0+15zljV3e46RbJUIG+ObmeqOwgtqPdO4UETJQAW7uDYQCFMjVT9JK wqBGuGBJh9rSXl86tWLEotoMp5vzO2l6dZZeKQCNL9rqg/VLizeruNUgXzxC3X8lBYvn j6LluEH1oEsHO9/VIxwPxwuAqLrPjybR0Foc4AfuaNti85yjKVlAI90ZFLzp5ApT240W 4YPYvVzCzGLlPdlV99hq0kYaUR7lvCZo8cCGgnoIqzU+CubCD3K0ynlhprD0gV2X8ZlA 5cAQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id rk15si3946046ejb.170.2021.01.15.07.30.45; Fri, 15 Jan 2021 07:31:10 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732362AbhAOP3Q (ORCPT + 99 others); Fri, 15 Jan 2021 10:29:16 -0500 Received: from foss.arm.com ([217.140.110.172]:42882 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726370AbhAOP3P (ORCPT ); Fri, 15 Jan 2021 10:29:15 -0500 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id CC61412FC; Fri, 15 Jan 2021 07:28:29 -0800 (PST) Received: from e112269-lin.arm.com (unknown [172.31.20.19]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 1D39C3F70D; Fri, 15 Jan 2021 07:28:26 -0800 (PST) From: Steven Price To: Catalin Marinas , Marc Zyngier , Will Deacon Cc: Steven Price , James Morse , Julien Thierry , Suzuki K Poulose , kvmarm@lists.cs.columbia.edu, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, Dave Martin , Mark Rutland , Thomas Gleixner , qemu-devel@nongnu.org, Juan Quintela , "Dr. David Alan Gilbert" , Richard Henderson , Peter Maydell , Haibo Xu , Andrew Jones Subject: [RFC PATCH v7 3/3] KVM: arm64: ioctl to fetch/store tags in a guest Date: Fri, 15 Jan 2021 15:28:11 +0000 Message-Id: <20210115152811.8398-4-steven.price@arm.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20210115152811.8398-1-steven.price@arm.com> References: <20210115152811.8398-1-steven.price@arm.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The VMM may not wish to have it's own mapping of guest memory mapped with PROT_MTE because this causes problems if the VMM has tag checking enabled (the guest controls the tags in physical RAM and it's unlikely the tags are correct for the VMM). Instead add a new ioctl which allows the VMM to easily read/write the tags from guest memory, allowing the VMM's mapping to be non-PROT_MTE while the VMM can still read/write the tags for the purpose of migration. Signed-off-by: Steven Price --- arch/arm64/include/uapi/asm/kvm.h | 13 +++++++ arch/arm64/kvm/arm.c | 59 +++++++++++++++++++++++++++++++ include/uapi/linux/kvm.h | 1 + 3 files changed, 73 insertions(+) diff --git a/arch/arm64/include/uapi/asm/kvm.h b/arch/arm64/include/uapi/asm/kvm.h index 24223adae150..5fc2534ac5df 100644 --- a/arch/arm64/include/uapi/asm/kvm.h +++ b/arch/arm64/include/uapi/asm/kvm.h @@ -184,6 +184,19 @@ struct kvm_vcpu_events { __u32 reserved[12]; }; +struct kvm_arm_copy_mte_tags { + __u64 guest_ipa; + __u64 length; + union { + void __user *addr; + __u64 padding; + }; + __u64 flags; +}; + +#define KVM_ARM_TAGS_TO_GUEST 0 +#define KVM_ARM_TAGS_FROM_GUEST 1 + /* If you need to interpret the index values, here is the key: */ #define KVM_REG_ARM_COPROC_MASK 0x000000000FFF0000 #define KVM_REG_ARM_COPROC_SHIFT 16 diff --git a/arch/arm64/kvm/arm.c b/arch/arm64/kvm/arm.c index f4c2fd2e7c49..d6dd6b79bb77 100644 --- a/arch/arm64/kvm/arm.c +++ b/arch/arm64/kvm/arm.c @@ -1303,6 +1303,55 @@ static int kvm_vm_ioctl_set_device_addr(struct kvm *kvm, } } +static int kvm_vm_ioctl_mte_copy_tags(struct kvm *kvm, + struct kvm_arm_copy_mte_tags *copy_tags) +{ + gpa_t guest_ipa = copy_tags->guest_ipa; + size_t length = copy_tags->length; + void __user *tags = copy_tags->addr; + gpa_t gfn; + size_t pages; + bool write = !(copy_tags->flags & KVM_ARM_TAGS_FROM_GUEST); + + if (copy_tags->flags & ~KVM_ARM_TAGS_FROM_GUEST) + return -EINVAL; + + if (length & ~PAGE_MASK || guest_ipa & ~PAGE_MASK) + return -EINVAL; + + gfn = gpa_to_gfn(guest_ipa); + pages = length >> PAGE_SHIFT; + + while (length > 0) { + kvm_pfn_t pfn = gfn_to_pfn_prot(kvm, gfn, write, NULL); + void *maddr; + unsigned long num_tags = PAGE_SIZE / MTE_GRANULE_SIZE; + + if (is_error_noslot_pfn(pfn)) + return -ENOENT; + + maddr = page_address(pfn_to_page(pfn)); + + if (!write) { + num_tags = mte_copy_tags_to_user(tags, maddr, num_tags); + kvm_release_pfn_clean(pfn); + } else { + num_tags = mte_copy_tags_from_user(maddr, tags, + num_tags); + kvm_release_pfn_dirty(pfn); + } + + if (num_tags != PAGE_SIZE / MTE_GRANULE_SIZE) + return -EFAULT; + + gfn++; + tags += num_tags; + length -= PAGE_SIZE; + } + + return 0; +} + long kvm_arch_vm_ioctl(struct file *filp, unsigned int ioctl, unsigned long arg) { @@ -1339,6 +1388,16 @@ long kvm_arch_vm_ioctl(struct file *filp, return 0; } + case KVM_ARM_MTE_COPY_TAGS: { + struct kvm_arm_copy_mte_tags copy_tags; + + if (!kvm_has_mte(kvm)) + return -EINVAL; + + if (copy_from_user(©_tags, argp, sizeof(copy_tags))) + return -EFAULT; + return kvm_vm_ioctl_mte_copy_tags(kvm, ©_tags); + } default: return -EINVAL; } diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index de737d5102ca..76fccb33d025 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -1397,6 +1397,7 @@ struct kvm_s390_ucas_mapping { /* Available with KVM_CAP_PMU_EVENT_FILTER */ #define KVM_SET_PMU_EVENT_FILTER _IOW(KVMIO, 0xb2, struct kvm_pmu_event_filter) #define KVM_PPC_SVM_OFF _IO(KVMIO, 0xb3) +#define KVM_ARM_MTE_COPY_TAGS _IOR(KVMIO, 0xb4, struct kvm_arm_copy_mte_tags) /* ioctl for vm fd */ #define KVM_CREATE_DEVICE _IOWR(KVMIO, 0xe0, struct kvm_create_device) -- 2.20.1