Received: by 2002:ab2:6a05:0:b0:1f8:1780:a4ed with SMTP id w5csp3180210lqo;
        Wed, 15 May 2024 02:01:36 -0700 (PDT)
X-Forwarded-Encrypted: i=3; AJvYcCU3wvq3aHCXuXzkGycJ8b85baVZ7Wn2CGrBrHn+H+NDSzhs+HWpd6o3i6TBwnLHTg1wWD38Igu+rBs+Htan3ZqRNxdHDr+YOsDGCR0iiw==
X-Google-Smtp-Source: AGHT+IGehs1LXAZJJLG9WGxg3GkTGBs4739Cv6uUIXywb2qhFudzwhiXa2s3+agCAU6RItn48e3O
X-Received: by 2002:a05:6e02:2149:b0:369:ed5b:dd56 with SMTP id e9e14a558f8ab-36cc1458755mr231018545ab.17.1715763696464;
        Wed, 15 May 2024 02:01:36 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1715763696; cv=pass;
        d=google.com; s=arc-20160816;
        b=FYR8WB8Ld0keq7LSEIB1yl4sqLbOnhU/Ap4D/SM2JFwLia2n9r4fyZRmv/k5UthPZq
         /0DWAEE/60U64PCa13Dz/XHGGznkRgddZLDxwXwy37qUk0vrnNOC57DyWLdG1tQZc73V
         w8OCX1G7oE5+IhleeDbLU3WgIx5/53I30zeVwWVu36z23RUa7Bym9dfoM/HCL7Nxzp08
         PtLHGR676E5iywTfhqK3AJo9A+CfXcvn/s/tWTb2kFX4gMKeQe0gaNoFhbGItY8TJF9M
         KGJ3DV3c71R6LtG2rvEt1xaqJbRqKB5g7vAgmXHlKNBOZ/m+MVnZoufBfHhW/za+cruy
         /Izg==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=in-reply-to:content-disposition:mime-version:list-unsubscribe
         :list-subscribe:list-id:precedence:references:message-id:subject:cc
         :to:from:date;
        bh=PgT7QFfiRn27BSekmGglmE4/dRvm01wxyuFQaUIQRL0=;
        fh=pKn/293/ZKXIMcQJl9ZzFjLMVevdBzTVVGTle239r1w=;
        b=Ow9L/+yIq2AzZ5Y0Md/5cjxItSbXCqBaePGPsWc78kSHWmfv4FvvJp3IAN/3UFpBRe
         jYX93Vui4x+YkGdot4yFOEyROr1NSLrkShw9OYptzQ2Cw3hvUL+dCuGqS5anD2AuFJNU
         4PuZJT1jqQ6lvZMqfT4SeEcXuafcmz9/Mqw7UBUFYjoQMVS3t6r+t9rhjYc1opbk+Vpa
         0NIbc5hHKhZ45j916YBiQHb8f5oUUZ8j4IqfFF+ZqI3P1uBTO0Kg/CtS++KKLyFj67Kp
         6QorFw6a3ShNvzo2D3vUtwFi9HIHTUlrVR7H+b3yIF7j+zoM/V5SmqCjQBYU+5NReP5H
         tLTQ==;
        dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
       arc=pass (i=1);
       spf=pass (google.com: domain of linux-kernel+bounces-179687-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-179687-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com
Return-Path: <linux-kernel+bounces-179687-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99])
        by mx.google.com with ESMTPS id 41be03b00d2f7-63413d72925si12637502a12.835.2024.05.15.02.01.36
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 15 May 2024 02:01:36 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel+bounces-179687-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99;
Authentication-Results: mx.google.com;
       arc=pass (i=1);
       spf=pass (google.com: domain of linux-kernel+bounces-179687-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-179687-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by sv.mirrors.kernel.org (Postfix) with ESMTPS id 1484A2849CE
	for <linux.lists.archive@gmail.com>; Wed, 15 May 2024 09:01:36 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id 2858A57C94;
	Wed, 15 May 2024 09:01:26 +0000 (UTC)
Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 98E7E2AF0E;
	Wed, 15 May 2024 09:01:25 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1715763685; cv=none; b=byp15qARUjrw1GdOs9gnM1VVnJQCe4hZjvjeBXSIhn9PwCChJahuqC9wPBeJV7MVJ0GTIeCHQSc5JK6vDXM5jXVGpRnvu+dW/YQvzftnFrcUmx7PwSQ8OzEKfcw0i7Dffbs9XzC8ThYmpryQEWSBHxybzag/dQyTrR0D2d0m7f0=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1715763685; c=relaxed/simple;
	bh=VYvg12eai6+57lr4OCKIvPizXBy8aVBEYV3yUW48rY8=;
	h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version:
	 Content-Type:Content-Disposition:In-Reply-To; b=pKWObDykzL13/nVJpq+RaTYU0IC+hz6cLsm6d1zOkE5+8BhgmJYHhFSCTzIFLFYjoqR6wsYRkfFa0KnitBtFC6k3UbDMZbQS2eIkUG/Sp3Ijpm3uwzWIt/pANecKVGOXpn92pGnavT0Am8aDT+w/KZ0G5qJuduNkJXXyZnP+Two=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 26F46C32781;
	Wed, 15 May 2024 09:01:21 +0000 (UTC)
Date: Wed, 15 May 2024 10:01:19 +0100
From: Catalin Marinas <catalin.marinas@arm.com>
To: Steven Price <steven.price@arm.com>
Cc: kvm@vger.kernel.org, kvmarm@lists.linux.dev,
	Suzuki K Poulose <suzuki.poulose@arm.com>,
	Marc Zyngier <maz@kernel.org>, Will Deacon <will@kernel.org>,
	James Morse <james.morse@arm.com>,
	Oliver Upton <oliver.upton@linux.dev>,
	Zenghui Yu <yuzenghui@huawei.com>,
	linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org,
	Joey Gouly <joey.gouly@arm.com>,
	Alexandru Elisei <alexandru.elisei@arm.com>,
	Christoffer Dall <christoffer.dall@arm.com>,
	Fuad Tabba <tabba@google.com>, linux-coco@lists.linux.dev,
	Ganapatrao Kulkarni <gankulkarni@os.amperecomputing.com>
Subject: Re: [PATCH v2 10/14] arm64: Force device mappings to be non-secure
 shared
Message-ID: <ZkR535Hmh3WkMYai@arm.com>
References: <20240412084213.1733764-1-steven.price@arm.com>
 <20240412084213.1733764-11-steven.price@arm.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20240412084213.1733764-11-steven.price@arm.com>

On Fri, Apr 12, 2024 at 09:42:09AM +0100, Steven Price wrote:
> From: Suzuki K Poulose <suzuki.poulose@arm.com>
> 
> Device mappings (currently) need to be emulated by the VMM so must be
> mapped shared with the host.

You say "currently". What's the plan when the device is not emulated?
How would the guest distinguish what's emulated and what's not to avoid
setting the PROT_NS_SHARED bit?

> Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
> Signed-off-by: Steven Price <steven.price@arm.com>
> ---
>  arch/arm64/include/asm/pgtable.h | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/arch/arm64/include/asm/pgtable.h b/arch/arm64/include/asm/pgtable.h
> index f5376bd567a1..db71c564ec21 100644
> --- a/arch/arm64/include/asm/pgtable.h
> +++ b/arch/arm64/include/asm/pgtable.h
> @@ -598,7 +598,7 @@ static inline void set_pud_at(struct mm_struct *mm, unsigned long addr,
>  #define pgprot_writecombine(prot) \
>  	__pgprot_modify(prot, PTE_ATTRINDX_MASK, PTE_ATTRINDX(MT_NORMAL_NC) | PTE_PXN | PTE_UXN)
>  #define pgprot_device(prot) \
> -	__pgprot_modify(prot, PTE_ATTRINDX_MASK, PTE_ATTRINDX(MT_DEVICE_nGnRE) | PTE_PXN | PTE_UXN)
> +	__pgprot_modify(prot, PTE_ATTRINDX_MASK, PTE_ATTRINDX(MT_DEVICE_nGnRE) | PTE_PXN | PTE_UXN | PROT_NS_SHARED)

This pgprot_device() is not the only one used to map device resources.
pgprot_writecombine() is another commonly macro. It feels like a hack to
plug one but not the other and without any way for the guest to figure
out what's emulated.

Can the DT actually place those emulated ranges in the higher IPA space
so that we avoid randomly adding this attribute for devices?

-- 
Catalin