Received: by 2002:a05:6a10:9afc:0:0:0:0 with SMTP id t28csp398769pxm; Tue, 22 Feb 2022 13:17:42 -0800 (PST) X-Google-Smtp-Source: ABdhPJwGhLVNDfkCGWw9p+RBXx4mQ/AuHsi0F6ca9SiKXt4IsBHyB1f7tGG91UnFKWZMcJBbmmds X-Received: by 2002:a17:906:af79:b0:6ce:61d3:7e9b with SMTP id os25-20020a170906af7900b006ce61d37e9bmr20994501ejb.191.1645564662005; Tue, 22 Feb 2022 13:17:42 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1645564661; cv=none; d=google.com; s=arc-20160816; b=RoXfa22L2hkjgKjGQBRKVowPrf0App+YC3mX89fy/G3NROkqrxFEdYvxAkyxZ027Qg 5crw7WuiTVNXwbFqpwXSuekwVarOci1GexvJtsGgFwd4+CZOVfTy9dvZDiSY/zJwnpXy wwGezf0Co6OrBmdN9hGw8DNrQzEhQSGRosJVmuv86VabIBnG227663mafukW0iSNdQBx VS7bRuNLMTToOYbVyL97YLEHKDnsjhsX8BZhvBbHl2SlMlVGrARpsihs/yhNt/WBnLe9 Q5oJFCNkjxK3mB5xPQA9Y4AO//zwmlYYdeJCyyjvY33X5ggW58o0b1RJrLNR52ilUjof LPEQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:to:cc:from:subject:references:mime-version :message-id:in-reply-to:date:dkim-signature; bh=ZlyAAqqDhAE4WxbyZ31+jkqH/YpnLCKmJnh7POCxqTo=; b=uy4AuFLY+cb8IQACRWEx9xP3tBVX2hMxAeHdNc/34mNDKxsyuuhSo5TImuvhFDzNmY TfecoYnJK3Mv8otl/VGmbb1+Or2lTC0xc59k5ryvwcHJUa9cJW8hEw7Ad9S2B62MG+Bq G0x0jcSM7wm65EK9Zx7Gs0c0q7jGvD866m+C8rY8PY20ZQVerv/ofWdPgjL8Gyq6Ts+k 0TRnf6PuGKWTkKsLbHuluHKoOo/Ndu/gMonFI2FG1X/UJQWsd7WVLjiIHJ+3j9ZkMuS0 aVfGrHdeAQWgsoX8E2ahiAj6o4B+azjbYgTjatmVXxCA2NsGOVY12Hmh/iaoxCEA+0UF tr7A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=TIooTTyH; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id w22si8634068ejz.448.2022.02.22.13.17.12; Tue, 22 Feb 2022 13:17:41 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=TIooTTyH; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233979AbiBVQzY (ORCPT + 99 others); Tue, 22 Feb 2022 11:55:24 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38548 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233461AbiBVQzX (ORCPT ); Tue, 22 Feb 2022 11:55:23 -0500 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9037D16BCF5 for ; Tue, 22 Feb 2022 08:54:57 -0800 (PST) Received: by mail-yb1-xb4a.google.com with SMTP id k10-20020a056902070a00b0062469b00335so8994297ybt.14 for ; Tue, 22 Feb 2022 08:54:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:in-reply-to:message-id:mime-version:references:subject:from:cc; bh=ZlyAAqqDhAE4WxbyZ31+jkqH/YpnLCKmJnh7POCxqTo=; b=TIooTTyH5x1F5nebrNIhkxrh2HuWrtPHN3fTIyBzs1a6KH6OGiKUp1PWOlO6NXsbQT k7h9zWn15cvo5sZhfXstOZ7RpAD+Gat9qLxoStKOCv0K160fImoXF6iu00kBuJnVyT6n YeThCRS0IPdnxIFck9JWsb0bj7sYMYA9LYn4MWVPyD2giNP+0cLZ8uSvz0IwXqXOXaOu G/dlwHj4gGGF4Y6nSgBvhRU/4Yq7YkrEaClamVuzK+tUFIXdOsSYoS/NWO0g8LCGrMsX It+EBn3ntQqg8tQNu7EC0xgAKjXEbbsSJs8P+w445Q4D6gLEB+GMhwcdWzAmnJsKbA4J Pgrw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:cc; bh=ZlyAAqqDhAE4WxbyZ31+jkqH/YpnLCKmJnh7POCxqTo=; b=FEq/NQkzuc0UgMysaEDwxjybb2bBdaIwEmZLnR1lNaAbRIZjcsarYXt7tbxbrA8Z0t uzMHmo1Jj/EfCHhUYwC8GPZhctgk6ojIBiJufpNN+ROJgyumkipBA2ERAm6jWg0Fk5j/ Jzw2AHwh/4fGmzt7A+ynqS9RhYCCDfEFEZVuo/A5zGfAmOW4a2SPlUsJRZLrhJ03UxtZ r2mH3vWzyCyU6P03J9OSGSEJTraUZCei2zFwGcwZ9GrotiQ1cKdxzLHKi5PZ3Zs/88IS 8i8VJN8OjUedrg01f7heV+oCuxyzk7JKHgjbccDNhouVoBMDl8oLjedy5QT3sIw9q7Rr jtWw== X-Gm-Message-State: AOAM531yM8UeMgEK79bprCwCy+FTXydRI+ruik0gMEBCm/q5lAEI4cJU Gcj4jdNARtqlGzSgGOrOINttCQAAh9apF+To5g== X-Received: from kaleshsingh.mtv.corp.google.com ([2620:15c:211:200:5db7:1235:b3dd:cfcb]) (user=kaleshsingh job=sendgmr) by 2002:a81:911:0:b0:2d2:c5c6:b4a1 with SMTP id 17-20020a810911000000b002d2c5c6b4a1mr24349571ywj.48.1645548896812; Tue, 22 Feb 2022 08:54:56 -0800 (PST) Date: Tue, 22 Feb 2022 08:51:03 -0800 In-Reply-To: <20220222165212.2005066-1-kaleshsingh@google.com> Message-Id: <20220222165212.2005066-3-kaleshsingh@google.com> Mime-Version: 1.0 References: <20220222165212.2005066-1-kaleshsingh@google.com> X-Mailer: git-send-email 2.35.1.473.g83b2b277ed-goog Subject: [PATCH v2 2/9] KVM: arm64: Introduce pkvm_alloc_private_va_range() From: Kalesh Singh Cc: will@kernel.org, maz@kernel.org, qperret@google.com, tabba@google.com, surenb@google.com, kernel-team@android.com, Kalesh Singh , Catalin Marinas , James Morse , Alexandru Elisei , Suzuki K Poulose , Ard Biesheuvel , Mark Rutland , Pasha Tatashin , Joey Gouly , Peter Collingbourne , Andrew Scull , Zenghui Yu , linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, kvmarm@lists.cs.columbia.edu Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-8.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MISSING_HEADERS, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net To: unlisted-recipients:; (no To-header on input) Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org pkvm_hyp_alloc_private_va_range() can be used to reserve private VA ranges in the pKVM nVHE hypervisor (). Also update __pkvm_create_private_mapping() to allow specifying an alignment for the private VA mapping. These will be used to implement stack guard pages for pKVM nVHE hypervisor (in a subsequent patch in the series). Credits to Quentin Perret for the idea of moving private VA allocation out of __pkvm_create_private_mapping() Signed-off-by: Kalesh Singh --- Changes in v2: - Allow specifying an alignment for the private VA allocations, per Marc arch/arm64/kvm/hyp/include/nvhe/mm.h | 3 +- arch/arm64/kvm/hyp/nvhe/hyp-main.c | 5 +-- arch/arm64/kvm/hyp/nvhe/mm.c | 49 +++++++++++++++++++--------- arch/arm64/kvm/mmu.c | 2 +- 4 files changed, 39 insertions(+), 20 deletions(-) diff --git a/arch/arm64/kvm/hyp/include/nvhe/mm.h b/arch/arm64/kvm/hyp/include/nvhe/mm.h index 2d08510c6cc1..05d06ad00347 100644 --- a/arch/arm64/kvm/hyp/include/nvhe/mm.h +++ b/arch/arm64/kvm/hyp/include/nvhe/mm.h @@ -20,7 +20,8 @@ int pkvm_cpu_set_vector(enum arm64_hyp_spectre_vector slot); int pkvm_create_mappings(void *from, void *to, enum kvm_pgtable_prot prot); int pkvm_create_mappings_locked(void *from, void *to, enum kvm_pgtable_prot prot); unsigned long __pkvm_create_private_mapping(phys_addr_t phys, size_t size, - enum kvm_pgtable_prot prot); + size_t align, enum kvm_pgtable_prot prot); +unsigned long pkvm_alloc_private_va_range(size_t size, size_t align); static inline void hyp_vmemmap_range(phys_addr_t phys, unsigned long size, unsigned long *start, unsigned long *end) diff --git a/arch/arm64/kvm/hyp/nvhe/hyp-main.c b/arch/arm64/kvm/hyp/nvhe/hyp-main.c index 5e2197db0d32..96b2312a0f1d 100644 --- a/arch/arm64/kvm/hyp/nvhe/hyp-main.c +++ b/arch/arm64/kvm/hyp/nvhe/hyp-main.c @@ -158,9 +158,10 @@ static void handle___pkvm_create_private_mapping(struct kvm_cpu_context *host_ct { DECLARE_REG(phys_addr_t, phys, host_ctxt, 1); DECLARE_REG(size_t, size, host_ctxt, 2); - DECLARE_REG(enum kvm_pgtable_prot, prot, host_ctxt, 3); + DECLARE_REG(size_t, align, host_ctxt, 3); + DECLARE_REG(enum kvm_pgtable_prot, prot, host_ctxt, 4); - cpu_reg(host_ctxt, 1) = __pkvm_create_private_mapping(phys, size, prot); + cpu_reg(host_ctxt, 1) = __pkvm_create_private_mapping(phys, size, align, prot); } static void handle___pkvm_prot_finalize(struct kvm_cpu_context *host_ctxt) diff --git a/arch/arm64/kvm/hyp/nvhe/mm.c b/arch/arm64/kvm/hyp/nvhe/mm.c index 526a7d6fa86f..298fbbe4651d 100644 --- a/arch/arm64/kvm/hyp/nvhe/mm.c +++ b/arch/arm64/kvm/hyp/nvhe/mm.c @@ -37,26 +37,46 @@ static int __pkvm_create_mappings(unsigned long start, unsigned long size, return err; } -unsigned long __pkvm_create_private_mapping(phys_addr_t phys, size_t size, - enum kvm_pgtable_prot prot) +/* + * Allocates a private VA range above __io_map_base. + * + * @size: The size of the VA range to reserve. + * @align: The required alignment for the allocation. + */ +unsigned long pkvm_alloc_private_va_range(size_t size, size_t align) { - unsigned long addr; - int err; + unsigned long base, addr; hyp_spin_lock(&pkvm_pgd_lock); - size = PAGE_ALIGN(size + offset_in_page(phys)); - addr = __io_map_base; - __io_map_base += size; + addr = ALIGN(__io_map_base, align); + + /* The allocated size is always a multiple of PAGE_SIZE */ + base = addr + PAGE_ALIGN(size); /* Are we overflowing on the vmemmap ? */ - if (__io_map_base > __hyp_vmemmap) { - __io_map_base -= size; + if (base > __hyp_vmemmap) addr = (unsigned long)ERR_PTR(-ENOMEM); + else + __io_map_base = base; + + hyp_spin_unlock(&pkvm_pgd_lock); + + return addr; +} + +unsigned long __pkvm_create_private_mapping(phys_addr_t phys, size_t size, + size_t align, enum kvm_pgtable_prot prot) +{ + unsigned long addr; + int err; + + size += offset_in_page(phys); + addr = pkvm_alloc_private_va_range(size, align); + if (IS_ERR((void *)addr)) goto out; - } - err = kvm_pgtable_hyp_map(&pkvm_pgtable, addr, size, phys, prot); + err = __pkvm_create_mappings(addr, size, phys, prot); if (err) { addr = (unsigned long)ERR_PTR(err); goto out; @@ -64,8 +84,6 @@ unsigned long __pkvm_create_private_mapping(phys_addr_t phys, size_t size, addr = addr + offset_in_page(phys); out: - hyp_spin_unlock(&pkvm_pgd_lock); - return addr; } @@ -152,9 +170,8 @@ int hyp_map_vectors(void) return 0; phys = __hyp_pa(__bp_harden_hyp_vecs); - bp_base = (void *)__pkvm_create_private_mapping(phys, - __BP_HARDEN_HYP_VECS_SZ, - PAGE_HYP_EXEC); + bp_base = (void *)__pkvm_create_private_mapping(phys, __BP_HARDEN_HYP_VECS_SZ, + PAGE_SIZE, PAGE_HYP_EXEC); if (IS_ERR_OR_NULL(bp_base)) return PTR_ERR(bp_base); diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c index e5abcce44ad0..18a711d6a52f 100644 --- a/arch/arm64/kvm/mmu.c +++ b/arch/arm64/kvm/mmu.c @@ -505,7 +505,7 @@ int __create_hyp_private_mapping(phys_addr_t phys_addr, size_t size, if (!kvm_host_owns_hyp_mappings()) { addr = kvm_call_hyp_nvhe(__pkvm_create_private_mapping, - phys_addr, size, prot); + phys_addr, size, align, prot); if (IS_ERR_OR_NULL((void *)addr)) return PTR_ERR((void *)addr); *haddr = addr; -- 2.35.1.473.g83b2b277ed-goog