On Tue, 05 Oct 2021 12:37:21 +0100,
Will Deacon <will@xxxxxxxxxx> wrote:
>
> After pKVM has been 'finalised' using the __pkvm_prot_finalize hypercall,
> the calling CPU will have a Stage-2 translation enabled to prevent access
> to memory pages owned by EL2.
>
> Although this forms a significant part of the process to deprivilege the
> host kernel, we also need to ensure that the hypercall interface is
> reduced so that the EL2 code cannot, for example, be re-initialised using
> a new set of vectors.
>
> Re-order the hypercalls so that only a suffix remains available after
> finalisation of pKVM.
>
> Cc: Marc Zyngier <maz@xxxxxxxxxx>
> Cc: Quentin Perret <qperret@xxxxxxxxxx>
> Signed-off-by: Will Deacon <will@xxxxxxxxxx>
> ---
> arch/arm64/include/asm/kvm_asm.h | 43 ++++++++++++++++--------------
> arch/arm64/kvm/hyp/nvhe/hyp-main.c | 37 +++++++++++++++++--------
> 2 files changed, 49 insertions(+), 31 deletions(-)
>
> diff --git a/arch/arm64/include/asm/kvm_asm.h b/arch/arm64/include/asm/kvm_asm.h
> index e86045ac43ba..68630fd382c5 100644
> --- a/arch/arm64/include/asm/kvm_asm.h
> +++ b/arch/arm64/include/asm/kvm_asm.h
> @@ -43,27 +43,30 @@
>
> #define KVM_HOST_SMCCC_FUNC(name) KVM_HOST_SMCCC_ID(__KVM_HOST_SMCCC_FUNC_##name)
>
> +/* Hypercalls available only prior to pKVM finalisation */
> #define __KVM_HOST_SMCCC_FUNC___kvm_hyp_init 0
> -#define __KVM_HOST_SMCCC_FUNC___kvm_vcpu_run 1
> -#define __KVM_HOST_SMCCC_FUNC___kvm_flush_vm_context 2
> -#define __KVM_HOST_SMCCC_FUNC___kvm_tlb_flush_vmid_ipa 3
> -#define __KVM_HOST_SMCCC_FUNC___kvm_tlb_flush_vmid 4
> -#define __KVM_HOST_SMCCC_FUNC___kvm_flush_cpu_context 5
> -#define __KVM_HOST_SMCCC_FUNC___kvm_timer_set_cntvoff 6
> -#define __KVM_HOST_SMCCC_FUNC___kvm_enable_ssbs 7
> -#define __KVM_HOST_SMCCC_FUNC___vgic_v3_get_gic_config 8
> -#define __KVM_HOST_SMCCC_FUNC___vgic_v3_read_vmcr 9
> -#define __KVM_HOST_SMCCC_FUNC___vgic_v3_write_vmcr 10
> -#define __KVM_HOST_SMCCC_FUNC___vgic_v3_init_lrs 11
> -#define __KVM_HOST_SMCCC_FUNC___kvm_get_mdcr_el2 12
> -#define __KVM_HOST_SMCCC_FUNC___vgic_v3_save_aprs 13
> -#define __KVM_HOST_SMCCC_FUNC___vgic_v3_restore_aprs 14
> -#define __KVM_HOST_SMCCC_FUNC___pkvm_init 15
> -#define __KVM_HOST_SMCCC_FUNC___pkvm_host_share_hyp 16
> -#define __KVM_HOST_SMCCC_FUNC___pkvm_create_private_mapping 17
> -#define __KVM_HOST_SMCCC_FUNC___pkvm_cpu_set_vector 18
> -#define __KVM_HOST_SMCCC_FUNC___pkvm_prot_finalize 19
> -#define __KVM_HOST_SMCCC_FUNC___kvm_adjust_pc 20
> +#define __KVM_HOST_SMCCC_FUNC___kvm_get_mdcr_el2 1
> +#define __KVM_HOST_SMCCC_FUNC___pkvm_init 2
> +#define __KVM_HOST_SMCCC_FUNC___pkvm_create_private_mapping 3
> +#define __KVM_HOST_SMCCC_FUNC___pkvm_cpu_set_vector 4
> +#define __KVM_HOST_SMCCC_FUNC___kvm_enable_ssbs 5
> +#define __KVM_HOST_SMCCC_FUNC___vgic_v3_init_lrs 6
> +#define __KVM_HOST_SMCCC_FUNC___vgic_v3_get_gic_config 7
> +#define __KVM_HOST_SMCCC_FUNC___pkvm_prot_finalize 8
> +
> +/* Hypercalls available after pKVM finalisation */
> +#define __KVM_HOST_SMCCC_FUNC___pkvm_host_share_hyp 9
> +#define __KVM_HOST_SMCCC_FUNC___kvm_adjust_pc 10
> +#define __KVM_HOST_SMCCC_FUNC___kvm_vcpu_run 11
> +#define __KVM_HOST_SMCCC_FUNC___kvm_flush_vm_context 12
> +#define __KVM_HOST_SMCCC_FUNC___kvm_tlb_flush_vmid_ipa 13
> +#define __KVM_HOST_SMCCC_FUNC___kvm_tlb_flush_vmid 14
> +#define __KVM_HOST_SMCCC_FUNC___kvm_flush_cpu_context 15
> +#define __KVM_HOST_SMCCC_FUNC___kvm_timer_set_cntvoff 16
> +#define __KVM_HOST_SMCCC_FUNC___vgic_v3_read_vmcr 17
> +#define __KVM_HOST_SMCCC_FUNC___vgic_v3_write_vmcr 18
> +#define __KVM_HOST_SMCCC_FUNC___vgic_v3_save_aprs 19
> +#define __KVM_HOST_SMCCC_FUNC___vgic_v3_restore_aprs 20
This is no helping with the above, but can we *please* try to get rid
of this #define insanity before moving things around? I came up with
the following, which seems to build.
Thoughts?
M.
>From 8a50c98489220d2ebaf02d4ffdbef3cf0d6634ee Mon Sep 17 00:00:00 2001
From: Marc Zyngier <maz@xxxxxxxxxx>
Date: Thu, 7 Oct 2021 13:18:29 +0100
Subject: [PATCH] KVM: arm64: Turn __KVM_HOST_SMCCC_FUNC_* into an enum
(mostly)
__KVM_HOST_SMCCC_FUNC_* is a royal pain, as there is a fair amount
of churn around these #defines, and we avoid making it an enum
only for the sake of the early init, low level code that requires
__KVM_HOST_SMCCC_FUNC___kvm_hyp_init to be usable from assembly.
Let's be brave and turn everything but this symbol into an enum,
using a bit of arithmetic to avoid any overlap.
Signed-off-by: Marc Zyngier <maz@xxxxxxxxxx>
---
arch/arm64/include/asm/kvm_asm.h | 44 +++++++++++++++++---------------
1 file changed, 24 insertions(+), 20 deletions(-)
diff --git a/arch/arm64/include/asm/kvm_asm.h b/arch/arm64/include/asm/kvm_asm.h
index e86045ac43ba..43b5e213ae43 100644
--- a/arch/arm64/include/asm/kvm_asm.h
+++ b/arch/arm64/include/asm/kvm_asm.h
@@ -44,31 +44,35 @@
#define KVM_HOST_SMCCC_FUNC(name) KVM_HOST_SMCCC_ID(__KVM_HOST_SMCCC_FUNC_##name)
#define __KVM_HOST_SMCCC_FUNC___kvm_hyp_init 0
-#define __KVM_HOST_SMCCC_FUNC___kvm_vcpu_run 1
-#define __KVM_HOST_SMCCC_FUNC___kvm_flush_vm_context 2
-#define __KVM_HOST_SMCCC_FUNC___kvm_tlb_flush_vmid_ipa 3
-#define __KVM_HOST_SMCCC_FUNC___kvm_tlb_flush_vmid 4
-#define __KVM_HOST_SMCCC_FUNC___kvm_flush_cpu_context 5
-#define __KVM_HOST_SMCCC_FUNC___kvm_timer_set_cntvoff 6
-#define __KVM_HOST_SMCCC_FUNC___kvm_enable_ssbs 7
-#define __KVM_HOST_SMCCC_FUNC___vgic_v3_get_gic_config 8
-#define __KVM_HOST_SMCCC_FUNC___vgic_v3_read_vmcr 9
-#define __KVM_HOST_SMCCC_FUNC___vgic_v3_write_vmcr 10
-#define __KVM_HOST_SMCCC_FUNC___vgic_v3_init_lrs 11
-#define __KVM_HOST_SMCCC_FUNC___kvm_get_mdcr_el2 12
-#define __KVM_HOST_SMCCC_FUNC___vgic_v3_save_aprs 13
-#define __KVM_HOST_SMCCC_FUNC___vgic_v3_restore_aprs 14
-#define __KVM_HOST_SMCCC_FUNC___pkvm_init 15
-#define __KVM_HOST_SMCCC_FUNC___pkvm_host_share_hyp 16
-#define __KVM_HOST_SMCCC_FUNC___pkvm_create_private_mapping 17
-#define __KVM_HOST_SMCCC_FUNC___pkvm_cpu_set_vector 18
-#define __KVM_HOST_SMCCC_FUNC___pkvm_prot_finalize 19
-#define __KVM_HOST_SMCCC_FUNC___kvm_adjust_pc 20
#ifndef __ASSEMBLY__
#include <linux/mm.h>
+enum __kvm_host_smccc_func {
+ /* __KVM_HOST_SMCCC_FUNC___kvm_hyp_init */
+ __KVM_HOST_SMCCC_FUNC___kvm_vcpu_run = __KVM_HOST_SMCCC_FUNC___kvm_hyp_init + 1,
+ __KVM_HOST_SMCCC_FUNC___kvm_flush_vm_context,
+ __KVM_HOST_SMCCC_FUNC___kvm_tlb_flush_vmid_ipa,
+ __KVM_HOST_SMCCC_FUNC___kvm_tlb_flush_vmid,
+ __KVM_HOST_SMCCC_FUNC___kvm_flush_cpu_context,
+ __KVM_HOST_SMCCC_FUNC___kvm_timer_set_cntvoff,
+ __KVM_HOST_SMCCC_FUNC___kvm_enable_ssbs,
+ __KVM_HOST_SMCCC_FUNC___vgic_v3_get_gic_config,
+ __KVM_HOST_SMCCC_FUNC___vgic_v3_read_vmcr,
+ __KVM_HOST_SMCCC_FUNC___vgic_v3_write_vmcr,
+ __KVM_HOST_SMCCC_FUNC___vgic_v3_init_lrs,
+ __KVM_HOST_SMCCC_FUNC___kvm_get_mdcr_el2,
+ __KVM_HOST_SMCCC_FUNC___vgic_v3_save_aprs,
+ __KVM_HOST_SMCCC_FUNC___vgic_v3_restore_aprs,
+ __KVM_HOST_SMCCC_FUNC___pkvm_init,
+ __KVM_HOST_SMCCC_FUNC___pkvm_host_share_hyp,
+ __KVM_HOST_SMCCC_FUNC___pkvm_create_private_mapping,
+ __KVM_HOST_SMCCC_FUNC___pkvm_cpu_set_vector,
+ __KVM_HOST_SMCCC_FUNC___pkvm_prot_finalize,
+ __KVM_HOST_SMCCC_FUNC___kvm_adjust_pc,
+};
+
#define DECLARE_KVM_VHE_SYM(sym) extern char sym[]
#define DECLARE_KVM_NVHE_SYM(sym) extern char kvm_nvhe_sym(sym)[]
--
2.30.2
--
Without deviation from the norm, progress is not possible.
_______________________________________________
kvmarm mailing list
kvmarm@xxxxxxxxxxxxxxxxxxxxx
https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
