Received: by 2002:ab2:6a05:0:b0:1f8:1780:a4ed with SMTP id w5csp3180210lqo; Wed, 15 May 2024 02:01:36 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCU3wvq3aHCXuXzkGycJ8b85baVZ7Wn2CGrBrHn+H+NDSzhs+HWpd6o3i6TBwnLHTg1wWD38Igu+rBs+Htan3ZqRNxdHDr+YOsDGCR0iiw== X-Google-Smtp-Source: AGHT+IGehs1LXAZJJLG9WGxg3GkTGBs4739Cv6uUIXywb2qhFudzwhiXa2s3+agCAU6RItn48e3O X-Received: by 2002:a05:6e02:2149:b0:369:ed5b:dd56 with SMTP id e9e14a558f8ab-36cc1458755mr231018545ab.17.1715763696464; Wed, 15 May 2024 02:01:36 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1715763696; cv=pass; d=google.com; s=arc-20160816; b=FYR8WB8Ld0keq7LSEIB1yl4sqLbOnhU/Ap4D/SM2JFwLia2n9r4fyZRmv/k5UthPZq /0DWAEE/60U64PCa13Dz/XHGGznkRgddZLDxwXwy37qUk0vrnNOC57DyWLdG1tQZc73V w8OCX1G7oE5+IhleeDbLU3WgIx5/53I30zeVwWVu36z23RUa7Bym9dfoM/HCL7Nxzp08 PtLHGR676E5iywTfhqK3AJo9A+CfXcvn/s/tWTb2kFX4gMKeQe0gaNoFhbGItY8TJF9M KGJ3DV3c71R6LtG2rvEt1xaqJbRqKB5g7vAgmXHlKNBOZ/m+MVnZoufBfHhW/za+cruy /Izg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date; bh=PgT7QFfiRn27BSekmGglmE4/dRvm01wxyuFQaUIQRL0=; fh=pKn/293/ZKXIMcQJl9ZzFjLMVevdBzTVVGTle239r1w=; b=Ow9L/+yIq2AzZ5Y0Md/5cjxItSbXCqBaePGPsWc78kSHWmfv4FvvJp3IAN/3UFpBRe jYX93Vui4x+YkGdot4yFOEyROr1NSLrkShw9OYptzQ2Cw3hvUL+dCuGqS5anD2AuFJNU 4PuZJT1jqQ6lvZMqfT4SeEcXuafcmz9/Mqw7UBUFYjoQMVS3t6r+t9rhjYc1opbk+Vpa 0NIbc5hHKhZ45j916YBiQHb8f5oUUZ8j4IqfFF+ZqI3P1uBTO0Kg/CtS++KKLyFj67Kp 6QorFw6a3ShNvzo2D3vUtwFi9HIHTUlrVR7H+b3yIF7j+zoM/V5SmqCjQBYU+5NReP5H tLTQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; arc=pass (i=1); spf=pass (google.com: domain of linux-kernel+bounces-179687-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-179687-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99]) by mx.google.com with ESMTPS id 41be03b00d2f7-63413d72925si12637502a12.835.2024.05.15.02.01.36 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 15 May 2024 02:01:36 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-179687-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99; Authentication-Results: mx.google.com; arc=pass (i=1); spf=pass (google.com: domain of linux-kernel+bounces-179687-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-179687-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 1484A2849CE for ; Wed, 15 May 2024 09:01:36 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 2858A57C94; Wed, 15 May 2024 09:01:26 +0000 (UTC) Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 98E7E2AF0E; Wed, 15 May 2024 09:01:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715763685; cv=none; b=byp15qARUjrw1GdOs9gnM1VVnJQCe4hZjvjeBXSIhn9PwCChJahuqC9wPBeJV7MVJ0GTIeCHQSc5JK6vDXM5jXVGpRnvu+dW/YQvzftnFrcUmx7PwSQ8OzEKfcw0i7Dffbs9XzC8ThYmpryQEWSBHxybzag/dQyTrR0D2d0m7f0= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715763685; c=relaxed/simple; bh=VYvg12eai6+57lr4OCKIvPizXBy8aVBEYV3yUW48rY8=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=pKWObDykzL13/nVJpq+RaTYU0IC+hz6cLsm6d1zOkE5+8BhgmJYHhFSCTzIFLFYjoqR6wsYRkfFa0KnitBtFC6k3UbDMZbQS2eIkUG/Sp3Ijpm3uwzWIt/pANecKVGOXpn92pGnavT0Am8aDT+w/KZ0G5qJuduNkJXXyZnP+Two= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 26F46C32781; Wed, 15 May 2024 09:01:21 +0000 (UTC) Date: Wed, 15 May 2024 10:01:19 +0100 From: Catalin Marinas To: Steven Price Cc: kvm@vger.kernel.org, kvmarm@lists.linux.dev, Suzuki K Poulose , Marc Zyngier , Will Deacon , James Morse , Oliver Upton , Zenghui Yu , linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, Joey Gouly , Alexandru Elisei , Christoffer Dall , Fuad Tabba , linux-coco@lists.linux.dev, Ganapatrao Kulkarni Subject: Re: [PATCH v2 10/14] arm64: Force device mappings to be non-secure shared Message-ID: References: <20240412084213.1733764-1-steven.price@arm.com> <20240412084213.1733764-11-steven.price@arm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240412084213.1733764-11-steven.price@arm.com> On Fri, Apr 12, 2024 at 09:42:09AM +0100, Steven Price wrote: > From: Suzuki K Poulose > > Device mappings (currently) need to be emulated by the VMM so must be > mapped shared with the host. You say "currently". What's the plan when the device is not emulated? How would the guest distinguish what's emulated and what's not to avoid setting the PROT_NS_SHARED bit? > Signed-off-by: Suzuki K Poulose > Signed-off-by: Steven Price > --- > arch/arm64/include/asm/pgtable.h | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/arch/arm64/include/asm/pgtable.h b/arch/arm64/include/asm/pgtable.h > index f5376bd567a1..db71c564ec21 100644 > --- a/arch/arm64/include/asm/pgtable.h > +++ b/arch/arm64/include/asm/pgtable.h > @@ -598,7 +598,7 @@ static inline void set_pud_at(struct mm_struct *mm, unsigned long addr, > #define pgprot_writecombine(prot) \ > __pgprot_modify(prot, PTE_ATTRINDX_MASK, PTE_ATTRINDX(MT_NORMAL_NC) | PTE_PXN | PTE_UXN) > #define pgprot_device(prot) \ > - __pgprot_modify(prot, PTE_ATTRINDX_MASK, PTE_ATTRINDX(MT_DEVICE_nGnRE) | PTE_PXN | PTE_UXN) > + __pgprot_modify(prot, PTE_ATTRINDX_MASK, PTE_ATTRINDX(MT_DEVICE_nGnRE) | PTE_PXN | PTE_UXN | PROT_NS_SHARED) This pgprot_device() is not the only one used to map device resources. pgprot_writecombine() is another commonly macro. It feels like a hack to plug one but not the other and without any way for the guest to figure out what's emulated. Can the DT actually place those emulated ranges in the higher IPA space so that we avoid randomly adding this attribute for devices? -- Catalin